dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Misc Classes: Database class integration.

This commit is contained in:
Nate 2019-09-02 15:57:18 -06:00
parent 601198e01a
commit 836fb87136
11 changed files with 2002 additions and 2172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1018
app/dialplans/resources/classes/dialplan.php
View File

File diff suppressed because it is too large Load Diff

580
app/extensions/resources/classes/extension.php
View File

@ -27,7 +27,6 @@
//define the directory class
if (!class_exists('extension')) {
class extension {
public $db;
public $domain_uuid;
public $domain_name;
private $app_uuid;
@ -72,14 +71,6 @@ if (!class_exists('extension')) {
public $description;
public function __construct() {
//connect to the database if not connected
if (!$this->db) {
require_once "resources/classes/database.php";
$database = new database;
$database->connect();
$this->db = $database->db;
}
//set the application id
$this->app_uuid = 'e68d9689-2769-e013-28fa-6214bf47fca3';
}
@ -91,21 +82,18 @@ if (!class_exists('extension')) {
}
public function exists($domain_uuid, $extension) {
$sql = "select extension_uuid from v_extensions ";
$sql = "select count(*) from v_extensions ";
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and (extension = :extension or number_alias = :extension) ";
$sql .= "and ( ";
$sql .= "extension = :extension ";
$sql .= "or number_alias = :extension ";
$sql .= ") ";
$sql .= "and enabled = 'true' ";
$prep_statement = $this->db->prepare($sql);
$prep_statement->bindParam(':domain_uuid', $domain_uuid);
$prep_statement->bindParam(':extension', $extension);
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
if ($result && count($result) > 0) {
return true;
}
else {
return false;
}
$parameters['domain_uuid'] = $domain_uuid;
$parameters['extension'] = $extension;
$database = new database;
return $database->select($sql, $parameters, 'column') != 0 ? true : false;
unset($sql, $parameters);
}
public function get_domain_uuid() {
@ -117,7 +105,6 @@ if (!class_exists('extension')) {
}
public function voicemail() {
//determine the voicemail_id
if (is_numeric($this->number_alias)) {
$this->voicemail_id = $this->number_alias;
@ -126,66 +113,58 @@ if (!class_exists('extension')) {
$this->voicemail_id = $this->extension;
}
//update the voicemail settings
$sql = "select * from v_voicemails ";
$sql .= "where domain_uuid = '".$this->domain_uuid."' ";
$sql .= "and voicemail_id = '".$this->voicemail_id."' ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
if (count($result) == 0) {
//add the voicemail box
$sql = "insert into v_voicemails ";
$sql .= "(";
$sql .= "domain_uuid, ";
$sql .= "voicemail_uuid, ";
$sql .= "voicemail_id, ";
$sql .= "voicemail_password, ";
if (strlen($this->greeting_id) > 0) {
$sql .= "greeting_id, ";
}
$sql .= "voicemail_mail_to, ";
$sql .= "voicemail_file, ";
$sql .= "voicemail_local_after_email, ";
$sql .= "voicemail_enabled, ";
$sql .= "voicemail_description ";
$sql .= ") ";
$sql .= "values ";
$sql .= "(";
$sql .= "'".$this->domain_uuid."', ";
$sql .= "'".uuid()."', ";
$sql .= "'".$this->voicemail_id."', ";
$sql .= "'".$this->voicemail_password."', ";
$sql .= "'".$this->voicemail_mail_to."', ";
$sql .= "'".$this->voicemail_file."', ";
$sql .= "'".$this->voicemail_local_after_email."', ";
$sql .= "'".$this->voicemail_enabled."', ";
$sql .= "'".$this->description."' ";
$sql .= ")";
$this->db->exec(check_sql($sql));
unset($sql);
//insert or update the voicemail settings
$sql = "select voicemail_uuid from v_voicemails ";
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and voicemail_id = :voicemail_id ";
$parameters['domain_uuid'] = $this->domain_uuid;
$parameters['voicemail_id'] = $this->voicemail_id;
$database = new database;
$voicemail_uuid = $database->select($sql, $parameters, 'column');
unset($sql, $parameters);
if (is_uuid($voicemail_uuid)) {
//build update array
$array['voicemails'][0]['voicemail_uuid'] = $voicemail_uuid;
//grant temporary permissions
$p = new permissions;
$p->add('voicemail_edit', 'temp');
}
else {
//update the voicemail box
$sql = "update v_voicemails set ";
$sql .= "voicemail_password = '".$this->voicemail_password."', ";
$sql .= "voicemail_mail_to = '".$this->voicemail_mail_to."', ";
$sql .= "voicemail_file = '".$this->voicemail_file."', ";
$sql .= "voicemail_local_after_email = '".$this->voicemail_local_after_email."', ";
$sql .= "voicemail_enabled = '".$this->voicemail_enabled."', ";
$sql .= "voicemail_description = '".$this->description."' ";
$sql .= "where domain_uuid = '".$this->domain_uuid."' ";
$sql .= "and voicemail_id = '".$this->voicemail_id."' ";
$this->db->exec(check_sql($sql));
unset($sql);
//build insert array
$array['voicemails'][0]['voicemail_uuid'] = uuid();
$array['voicemails'][0]['domain_uuid'] = $this->domain_uuid;
//grant temporary permissions
$p = new permissions;
$p->add('voicemail_add', 'temp');
}
unset ($prep_statement);
if (is_array($array) && @sizeof($array) != 0) {
//include common array fields
$array['voicemails'][0]['voicemail_id'] = $this->voicemail_id;
$array['voicemails'][0]['voicemail_password'] = $this->voicemail_password;
$array['voicemails'][0]['voicemail_mail_to'] = $this->voicemail_mail_to;
$array['voicemails'][0]['voicemail_file'] = $this->voicemail_file;
$array['voicemails'][0]['voicemail_local_after_email'] = $this->voicemail_local_after_email;
$array['voicemails'][0]['voicemail_enabled'] = $this->voicemail_enabled;
$array['voicemails'][0]['voicemail_description'] = $this->description;
//execute insert/update
$database = new database;
$database->app_name = 'extensions';
$database->app_uuid = 'e68d9689-2769-e013-28fa-6214bf47fca3';
$database->save($array);
unset($array);
//revoke temporary permissions
$p->delete('voicemail_edit', 'temp');
$p->delete('voicemail_add', 'temp');
}
unset($voicemail_uuid);
}
public function xml() {
if (isset($_SESSION['switch']['extensions']['dir'])) {
//declare global variables
global $config, $db, $domain_uuid;
global $config, $domain_uuid;
//get the domain_name
$domain_name = $_SESSION['domains'][$domain_uuid]['domain_name'];
@ -198,243 +177,246 @@ if (!class_exists('extension')) {
}
//write the xml files
$sql = "SELECT * FROM v_extensions AS e, v_voicemails AS v ";
$sql .= "WHERE e.domain_uuid = '$domain_uuid' ";
$sql .= "AND COALESCE(NULLIF(e.number_alias,''),e.extension) = CAST(v.voicemail_id as VARCHAR) ";
$sql .= "ORDER BY e.call_group ASC ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$i = 0;
$sql = "select * from v_extensions as e, v_voicemails as v ";
$sql .= "where e.domain_uuid = :domain_uuid ";
$sql .= "and coalesce(nullif(e.number_alias,''),e.extension) = cast(v.voicemail_id as varchar) ";
$sql .= "order by e.call_group asc ";
$parameters['domain_uuid'] = $domain_uuid;
$database = new database;
$rows = $database->select($sql, $parameters, 'all');
unset($sql, $parameters);
$extension_xml_condensed = false;
while($row = $prep_statement->fetch(PDO::FETCH_ASSOC)) {
$call_group = $row['call_group'];
$call_group = str_replace(";", ",", $call_group);
$tmp_array = explode(",", $call_group);
foreach ($tmp_array as &$tmp_call_group) {
$tmp_call_group = trim($tmp_call_group);
if (strlen($tmp_call_group) > 0) {
if (strlen($call_group_array[$tmp_call_group]) == 0) {
$call_group_array[$tmp_call_group] = $row['extension'];
if (is_array($rows) && @sizeof($rows) != 0) {
foreach ($rows as $row) {
$call_group = $row['call_group'];
$call_group = str_replace(";", ",", $call_group);
$tmp_array = explode(",", $call_group);
foreach ($tmp_array as &$tmp_call_group) {
$tmp_call_group = trim($tmp_call_group);
if (strlen($tmp_call_group) > 0) {
if (strlen($call_group_array[$tmp_call_group]) == 0) {
$call_group_array[$tmp_call_group] = $row['extension'];
}
else {
$call_group_array[$tmp_call_group] = $call_group_array[$tmp_call_group].','.$row['extension'];
}
}
}
$call_timeout = $row['call_timeout'];
$user_context = $row['user_context'];
$password = $row['password'];
$voicemail_password = $row['voicemail_password'];
//$voicemail_password = str_replace("#", "", $voicemail_password); //preserves leading zeros
//echo "enabled: ".$row['enabled'];
if ($row['enabled'] != "false") {
$extension_uuid = $row['extension_uuid'];
//remove invalid characters from the file names
$extension = $row['extension'];
$extension = str_replace(" ", "_", $extension);
$extension = preg_replace("/[\*\:\\/\<\>\|\'\"\?]/", "", $extension);
$dial_string = $row['dial_string'];
if (strlen($dial_string) == 0) {
if (strlen($_SESSION['domain']['dial_string']['text']) > 0) {
$dial_string = $_SESSION['domain']['dial_string']['text'];
}
else {
$dial_string = "{sip_invite_domain=\${domain_name},leg_timeout=".$call_timeout.",presence_id=\${dialed_user}@\${dialed_domain}}\${sofia_contact(\${dialed_user}@\${dialed_domain})}";
}
}
//set the password hashes
$a1_hash = md5($extension.":".$domain_name.":".$password);
$vm_a1_hash = md5($extension.":".$domain_name.":".$voicemail_password);
$xml .= "<include>\n";
$cidr = '';
if (strlen($row['cidr']) > 0) {
$cidr = " cidr=\"" . $row['cidr'] . "\"";
}
$number_alias = '';
if (strlen($row['number_alias']) > 0) {
$number_alias = " number-alias=\"".$row['number_alias']."\"";
}
$xml .= " <user id=\"".$row['extension']."\"".$cidr."".$number_alias.">\n";
$xml .= " <params>\n";
//$xml .= " <param name=\"a1-hash\" value=\"" . $a1_hash . "\"/>\n";
$xml .= " <param name=\"password\" value=\"" . $row['password'] . "\"/>\n";
$xml .= " <param name=\"reverse-auth-user\" value=\"" . $row['extension'] . "\"/>\n";
$xml .= " <param name=\"reverse-auth-pass\" value=\"" . $row['password'] . "\"/>\n";
//voicemail settings
//$xml .= " <param name=\"vm-a1-hash\" value=\"" . $vm_a1_hash. "\"/>\n";
$xml .= " <param name=\"vm-password\" value=\"" . $voicemail_password . "\"/>\n";
switch ($row['voicemail_enabled']) {
case "true":
$xml .= " <param name=\"vm-enabled\" value=\"true\"/>\n";
break;
case "false":
$xml .= " <param name=\"vm-enabled\" value=\"false\"/>\n";
break;
default:
$xml .= " <param name=\"vm-enabled\" value=\"true\"/>\n";
}
if (strlen($row['voicemail_mail_to']) > 0) {
$xml .= " <param name=\"vm-email-all-messages\" value=\"true\"/>\n";
switch ($row['voicemail_file']) {
case "attach":
$xml .= " <param name=\"vm-attach-file\" value=\"true\"/>\n";
break;
default:
$xml .= " <param name=\"vm-attach-file\" value=\"false\"/>\n";
}
switch ($row['voicemail_local_after_email']) {
case "true":
$xml .= " <param name=\"vm-keep-local-after-email\" value=\"true\"/>\n";
break;
case "false":
$xml .= " <param name=\"vm-keep-local-after-email\" value=\"false\"/>\n";
break;
default:
$xml .= " <param name=\"vm-keep-local-after-email\" value=\"true\"/>\n";
}
$xml .= " <param name=\"vm-mailto\" value=\"" . $row['voicemail_mail_to'] . "\"/>\n";
}
if (strlen($row['mwi_account']) > 0) {
$xml .= " <param name=\"MWI-Account\" value=\"" . $row['mwi_account'] . "\"/>\n";
}
if (strlen($row['auth_acl']) > 0) {
$xml .= " <param name=\"auth-acl\" value=\"" . $row['auth_acl'] . "\"/>\n";
}
if (strlen($row['directory_exten_visible']) > 0) {
$xml .= " <param name=\"directory-exten-visible\" value=\"" . $row['directory_exten_visible'] . "\"/>\n";
}
$xml .= " <param name=\"dial-string\" value=\"" . $dial_string . "\"/>\n";
$xml .= " </params>\n";
$xml .= " <variables>\n";
$xml .= " <variable name=\"domain_name\" value=\"" . $_SESSION['domain_name'] . "\"/>\n";
$xml .= " <variable name=\"domain_uuid\" value=\"" . $_SESSION['domain_uuid'] . "\"/>\n";
$xml .= " <variable name=\"extension_uuid\" value=\"" . $extension_uuid . "\"/>\n";
if (strlen($row['call_group']) > 0) {
$xml .= " <variable name=\"call_group\" value=\"" . $row['call_group'] . "\"/>\n";
}
if (strlen($row['user_record']) > 0) {
$xml .= " <variable name=\"user_record\" value=\"" . $row['user_record'] . "\"/>\n";
}
if (strlen($row['hold_music']) > 0) {
$xml .= " <variable name=\"hold_music\" value=\"" . $row['hold_music'] . "\"/>\n";
}
$xml .= " <variable name=\"toll_allow\" value=\"" . $row['toll_allow'] . "\"/>\n";
if (strlen($row['call_timeout']) > 0) {
$xml .= " <variable name=\"call_timeout\" value=\"" . $row['call_timeout'] . "\"/>\n";
}
if (strlen($switch_account_code) > 0) {
$xml .= " <variable name=\"accountcode\" value=\"" . $switch_account_code . "\"/>\n";
}
else {
$call_group_array[$tmp_call_group] = $call_group_array[$tmp_call_group].','.$row['extension'];
$xml .= " <variable name=\"accountcode\" value=\"" . $row['accountcode'] . "\"/>\n";
}
}
$i++;
}
$call_timeout = $row['call_timeout'];
$user_context = $row['user_context'];
$password = $row['password'];
$voicemail_password = $row['voicemail_password'];
//$voicemail_password = str_replace("#", "", $voicemail_password); //preserves leading zeros
//echo "enabled: ".$row['enabled'];
if ($row['enabled'] != "false") {
$extension_uuid = $row['extension_uuid'];
//remove invalid characters from the file names
$extension = $row['extension'];
$extension = str_replace(" ", "_", $extension);
$extension = preg_replace("/[\*\:\\/\<\>\|\'\"\?]/", "", $extension);
$dial_string = $row['dial_string'];
if (strlen($dial_string) == 0) {
if (strlen($_SESSION['domain']['dial_string']['text']) > 0) {
$dial_string = $_SESSION['domain']['dial_string']['text'];
$xml .= " <variable name=\"user_context\" value=\"" . $row['user_context'] . "\"/>\n";
if (strlen($row['effective_caller_id_name']) > 0) {
$xml .= " <variable name=\"effective_caller_id_name\" value=\"" . $row['effective_caller_id_name'] . "\"/>\n";
}
if (strlen($row['effective_caller_id_number']) > 0) {
$xml .= " <variable name=\"effective_caller_id_number\" value=\"" . $row['effective_caller_id_number'] . "\"/>\n";
}
if (strlen($row['outbound_caller_id_name']) > 0) {
$xml .= " <variable name=\"outbound_caller_id_name\" value=\"" . $row['outbound_caller_id_name'] . "\"/>\n";
}
if (strlen($row['outbound_caller_id_number']) > 0) {
$xml .= " <variable name=\"outbound_caller_id_number\" value=\"" . $row['outbound_caller_id_number'] . "\"/>\n";
}
if (strlen($row['emergency_caller_id_name']) > 0) {
$xml .= " <variable name=\"emergency_caller_id_name\" value=\"" . $row['emergency_caller_id_name'] . "\"/>\n";
}
if (strlen($row['emergency_caller_id_number']) > 0) {
$xml .= " <variable name=\"emergency_caller_id_number\" value=\"" . $row['emergency_caller_id_number'] . "\"/>\n";
}
if (strlen($row['directory_full_name']) > 0) {
$xml .= " <variable name=\"directory_full_name\" value=\"" . $row['directory_full_name'] . "\"/>\n";
}
if (strlen($row['directory_visible']) > 0) {
$xml .= " <variable name=\"directory-visible\" value=\"" . $row['directory_visible'] . "\"/>\n";
}
if (strlen($row['limit_max']) > 0) {
$xml .= " <variable name=\"limit_max\" value=\"" . $row['limit_max'] . "\"/>\n";
}
else {
$dial_string = "{sip_invite_domain=\${domain_name},leg_timeout=".$call_timeout.",presence_id=\${dialed_user}@\${dialed_domain}}\${sofia_contact(\${dialed_user}@\${dialed_domain})}";
$xml .= " <variable name=\"limit_max\" value=\"5\"/>\n";
}
}
//set the password hashes
$a1_hash = md5($extension.":".$domain_name.":".$password);
$vm_a1_hash = md5($extension.":".$domain_name.":".$voicemail_password);
$xml .= "<include>\n";
$cidr = '';
if (strlen($row['cidr']) > 0) {
$cidr = " cidr=\"" . $row['cidr'] . "\"";
}
$number_alias = '';
if (strlen($row['number_alias']) > 0) {
$number_alias = " number-alias=\"".$row['number_alias']."\"";
}
$xml .= " <user id=\"".$row['extension']."\"".$cidr."".$number_alias.">\n";
$xml .= " <params>\n";
//$xml .= " <param name=\"a1-hash\" value=\"" . $a1_hash . "\"/>\n";
$xml .= " <param name=\"password\" value=\"" . $row['password'] . "\"/>\n";
$xml .= " <param name=\"reverse-auth-user\" value=\"" . $row['extension'] . "\"/>\n";
$xml .= " <param name=\"reverse-auth-pass\" value=\"" . $row['password'] . "\"/>\n";
//voicemail settings
//$xml .= " <param name=\"vm-a1-hash\" value=\"" . $vm_a1_hash. "\"/>\n";
$xml .= " <param name=\"vm-password\" value=\"" . $voicemail_password . "\"/>\n";
switch ($row['voicemail_enabled']) {
case "true":
$xml .= " <param name=\"vm-enabled\" value=\"true\"/>\n";
break;
case "false":
$xml .= " <param name=\"vm-enabled\" value=\"false\"/>\n";
break;
default:
$xml .= " <param name=\"vm-enabled\" value=\"true\"/>\n";
}
if (strlen($row['voicemail_mail_to']) > 0) {
$xml .= " <param name=\"vm-email-all-messages\" value=\"true\"/>\n";
switch ($row['voicemail_file']) {
case "attach":
$xml .= " <param name=\"vm-attach-file\" value=\"true\"/>\n";
break;
default:
$xml .= " <param name=\"vm-attach-file\" value=\"false\"/>\n";
if (strlen($row['limit_destination']) > 0) {
$xml .= " <variable name=\"limit_destination\" value=\"" . $row['limit_destination'] . "\"/>\n";
}
switch ($row['voicemail_local_after_email']) {
case "true":
$xml .= " <param name=\"vm-keep-local-after-email\" value=\"true\"/>\n";
break;
case "false":
$xml .= " <param name=\"vm-keep-local-after-email\" value=\"false\"/>\n";
break;
default:
$xml .= " <param name=\"vm-keep-local-after-email\" value=\"true\"/>\n";
if (strlen($row['sip_force_contact']) > 0) {
$xml .= " <variable name=\"sip-force-contact\" value=\"" . $row['sip_force_contact'] . "\"/>\n";
}
if (strlen($row['sip_force_expires']) > 0) {
$xml .= " <variable name=\"sip-force-expires\" value=\"" . $row['sip_force_expires'] . "\"/>\n";
}
if (strlen($row['nibble_account']) > 0) {
$xml .= " <variable name=\"nibble_account\" value=\"" . $row['nibble_account'] . "\"/>\n";
}
switch ($row['sip_bypass_media']) {
case "bypass-media":
$xml .= " <variable name=\"bypass_media\" value=\"true\"/>\n";
break;
case "bypass-media-after-bridge":
$xml .= " <variable name=\"bypass_media_after_bridge\" value=\"true\"/>\n";
break;
case "proxy-media":
$xml .= " <variable name=\"proxy_media\" value=\"true\"/>\n";
break;
}
if (strlen($row['absolute_codec_string']) > 0) {
$xml .= " <variable name=\"absolute_codec_string\" value=\"" . $row['absolute_codec_string'] . "\"/>\n";
}
if (strlen($row['forward_all_enabled']) > 0) {
$xml .= " <variable name=\"forward_all_enabled\" value=\"" . $row['forward_all_enabled'] . "\"/>\n";
}
if (strlen($row['forward_all_destination']) > 0) {
$xml .= " <variable name=\"forward_all_destination\" value=\"" . $row['forward_all_destination'] . "\"/>\n";
}
if (strlen($row['forward_busy_enabled']) > 0) {
$xml .= " <variable name=\"forward_busy_enabled\" value=\"" . $row['forward_busy_enabled'] . "\"/>\n";
}
if (strlen($row['forward_busy_destination']) > 0) {
$xml .= " <variable name=\"forward_busy_destination\" value=\"" . $row['forward_busy_destination'] . "\"/>\n";
}
if (strlen($row['forward_no_answer_enabled']) > 0) {
$xml .= " <variable name=\"forward_no_answer_enabled\" value=\"" . $row['forward_no_answer_enabled'] . "\"/>\n";
}
if (strlen($row['forward_no_answer_destination']) > 0) {
$xml .= " <variable name=\"forward_no_answer_destination\" value=\"" . $row['forward_no_answer_destination'] . "\"/>\n";
}
if (strlen($row['forward_user_not_registered_enabled']) > 0) {
$xml .= " <variable name=\"forward_user_not_registered_enabled\" value=\"" . $row['forward_user_not_registered_enabled'] . "\"/>\n";
}
if (strlen($row['forward_user_not_registered_destination']) > 0) {
$xml .= " <variable name=\"forward_user_not_registered_destination\" value=\"" . $row['forward_user_not_registered_destination'] . "\"/>\n";
}
$xml .= " <param name=\"vm-mailto\" value=\"" . $row['voicemail_mail_to'] . "\"/>\n";
}
if (strlen($row['mwi_account']) > 0) {
$xml .= " <param name=\"MWI-Account\" value=\"" . $row['mwi_account'] . "\"/>\n";
}
if (strlen($row['auth_acl']) > 0) {
$xml .= " <param name=\"auth-acl\" value=\"" . $row['auth_acl'] . "\"/>\n";
}
if (strlen($row['directory_exten_visible']) > 0) {
$xml .= " <param name=\"directory-exten-visible\" value=\"" . $row['directory_exten_visible'] . "\"/>\n";
}
$xml .= " <param name=\"dial-string\" value=\"" . $dial_string . "\"/>\n";
$xml .= " </params>\n";
$xml .= " <variables>\n";
$xml .= " <variable name=\"domain_name\" value=\"" . $_SESSION['domain_name'] . "\"/>\n";
$xml .= " <variable name=\"domain_uuid\" value=\"" . $_SESSION['domain_uuid'] . "\"/>\n";
$xml .= " <variable name=\"extension_uuid\" value=\"" . $extension_uuid . "\"/>\n";
if (strlen($row['call_group']) > 0) {
$xml .= " <variable name=\"call_group\" value=\"" . $row['call_group'] . "\"/>\n";
}
if (strlen($row['user_record']) > 0) {
$xml .= " <variable name=\"user_record\" value=\"" . $row['user_record'] . "\"/>\n";
}
if (strlen($row['hold_music']) > 0) {
$xml .= " <variable name=\"hold_music\" value=\"" . $row['hold_music'] . "\"/>\n";
}
$xml .= " <variable name=\"toll_allow\" value=\"" . $row['toll_allow'] . "\"/>\n";
if (strlen($row['call_timeout']) > 0) {
$xml .= " <variable name=\"call_timeout\" value=\"" . $row['call_timeout'] . "\"/>\n";
}
if (strlen($switch_account_code) > 0) {
$xml .= " <variable name=\"accountcode\" value=\"" . $switch_account_code . "\"/>\n";
}
else {
$xml .= " <variable name=\"accountcode\" value=\"" . $row['accountcode'] . "\"/>\n";
}
$xml .= " <variable name=\"user_context\" value=\"" . $row['user_context'] . "\"/>\n";
if (strlen($row['effective_caller_id_name']) > 0) {
$xml .= " <variable name=\"effective_caller_id_name\" value=\"" . $row['effective_caller_id_name'] . "\"/>\n";
}
if (strlen($row['effective_caller_id_number']) > 0) {
$xml .= " <variable name=\"effective_caller_id_number\" value=\"" . $row['effective_caller_id_number'] . "\"/>\n";
}
if (strlen($row['outbound_caller_id_name']) > 0) {
$xml .= " <variable name=\"outbound_caller_id_name\" value=\"" . $row['outbound_caller_id_name'] . "\"/>\n";
}
if (strlen($row['outbound_caller_id_number']) > 0) {
$xml .= " <variable name=\"outbound_caller_id_number\" value=\"" . $row['outbound_caller_id_number'] . "\"/>\n";
}
if (strlen($row['emergency_caller_id_name']) > 0) {
$xml .= " <variable name=\"emergency_caller_id_name\" value=\"" . $row['emergency_caller_id_name'] . "\"/>\n";
}
if (strlen($row['emergency_caller_id_number']) > 0) {
$xml .= " <variable name=\"emergency_caller_id_number\" value=\"" . $row['emergency_caller_id_number'] . "\"/>\n";
}
if (strlen($row['directory_full_name']) > 0) {
$xml .= " <variable name=\"directory_full_name\" value=\"" . $row['directory_full_name'] . "\"/>\n";
}
if (strlen($row['directory_visible']) > 0) {
$xml .= " <variable name=\"directory-visible\" value=\"" . $row['directory_visible'] . "\"/>\n";
}
if (strlen($row['limit_max']) > 0) {
$xml .= " <variable name=\"limit_max\" value=\"" . $row['limit_max'] . "\"/>\n";
}
else {
$xml .= " <variable name=\"limit_max\" value=\"5\"/>\n";
}
if (strlen($row['limit_destination']) > 0) {
$xml .= " <variable name=\"limit_destination\" value=\"" . $row['limit_destination'] . "\"/>\n";
}
if (strlen($row['sip_force_contact']) > 0) {
$xml .= " <variable name=\"sip-force-contact\" value=\"" . $row['sip_force_contact'] . "\"/>\n";
}
if (strlen($row['sip_force_expires']) > 0) {
$xml .= " <variable name=\"sip-force-expires\" value=\"" . $row['sip_force_expires'] . "\"/>\n";
}
if (strlen($row['nibble_account']) > 0) {
$xml .= " <variable name=\"nibble_account\" value=\"" . $row['nibble_account'] . "\"/>\n";
}
switch ($row['sip_bypass_media']) {
case "bypass-media":
$xml .= " <variable name=\"bypass_media\" value=\"true\"/>\n";
break;
case "bypass-media-after-bridge":
$xml .= " <variable name=\"bypass_media_after_bridge\" value=\"true\"/>\n";
break;
case "proxy-media":
$xml .= " <variable name=\"proxy_media\" value=\"true\"/>\n";
break;
}
if (strlen($row['absolute_codec_string']) > 0) {
$xml .= " <variable name=\"absolute_codec_string\" value=\"" . $row['absolute_codec_string'] . "\"/>\n";
}
if (strlen($row['forward_all_enabled']) > 0) {
$xml .= " <variable name=\"forward_all_enabled\" value=\"" . $row['forward_all_enabled'] . "\"/>\n";
}
if (strlen($row['forward_all_destination']) > 0) {
$xml .= " <variable name=\"forward_all_destination\" value=\"" . $row['forward_all_destination'] . "\"/>\n";
}
if (strlen($row['forward_busy_enabled']) > 0) {
$xml .= " <variable name=\"forward_busy_enabled\" value=\"" . $row['forward_busy_enabled'] . "\"/>\n";
}
if (strlen($row['forward_busy_destination']) > 0) {
$xml .= " <variable name=\"forward_busy_destination\" value=\"" . $row['forward_busy_destination'] . "\"/>\n";
}
if (strlen($row['forward_no_answer_enabled']) > 0) {
$xml .= " <variable name=\"forward_no_answer_enabled\" value=\"" . $row['forward_no_answer_enabled'] . "\"/>\n";
}
if (strlen($row['forward_no_answer_destination']) > 0) {
$xml .= " <variable name=\"forward_no_answer_destination\" value=\"" . $row['forward_no_answer_destination'] . "\"/>\n";
}
if (strlen($row['forward_user_not_registered_enabled']) > 0) {
$xml .= " <variable name=\"forward_user_not_registered_enabled\" value=\"" . $row['forward_user_not_registered_enabled'] . "\"/>\n";
}
if (strlen($row['forward_user_not_registered_destination']) > 0) {
$xml .= " <variable name=\"forward_user_not_registered_destination\" value=\"" . $row['forward_user_not_registered_destination'] . "\"/>\n";
}
if (strlen($row['do_not_disturb']) > 0) {
$xml .= " <variable name=\"do_not_disturb\" value=\"" . $row['do_not_disturb'] . "\"/>\n";
}
$xml .= " </variables>\n";
$xml .= " </user>\n";
if (strlen($row['do_not_disturb']) > 0) {
$xml .= " <variable name=\"do_not_disturb\" value=\"" . $row['do_not_disturb'] . "\"/>\n";
if (!is_readable($_SESSION['switch']['extensions']['dir']."/".$row['user_context'])) {
event_socket_mkdir($_SESSION['switch']['extensions']['dir']."/".$row['user_context']);
}
if (strlen($extension) > 0) {
$fout = fopen($_SESSION['switch']['extensions']['dir']."/".$row['user_context']."/v_".$extension.".xml","w");
}
$xml .= "</include>\n";
fwrite($fout, $xml);
unset($xml);
fclose($fout);
}
$xml .= " </variables>\n";
$xml .= " </user>\n";
if (!is_readable($_SESSION['switch']['extensions']['dir']."/".$row['user_context'])) {
event_socket_mkdir($_SESSION['switch']['extensions']['dir']."/".$row['user_context']);
}
if (strlen($extension) > 0) {
$fout = fopen($_SESSION['switch']['extensions']['dir']."/".$row['user_context']."/v_".$extension.".xml","w");
}
$xml .= "</include>\n";
fwrite($fout, $xml);
unset($xml);
fclose($fout);
}
}
unset ($prep_statement);
unset($rows, $row);
//prepare extension
$extension_dir = realpath($_SESSION['switch']['extensions']['dir']);
@ -533,4 +515,4 @@ if (!class_exists('extension')) {
}
}
?>
?>

1458
app/modules/resources/classes/modules.php
View File

File diff suppressed because it is too large Load Diff

205
app/registrations/resources/classes/registrations.php
View File

@ -8,19 +8,11 @@
if (!class_exists('registrations')) {
class registrations {
public $db;
/**
* Called when the object is created
*/
public function __construct() {
//connect to the database if not connected
if (!$this->db) {
require_once "resources/classes/database.php";
$database = new database;
$database->connect();
$this->db = $database->db;
}
}
/**
@ -47,105 +39,105 @@ if (!class_exists('registrations')) {
//get the default settings
$sql = "select sip_profile_name from v_sip_profiles ";
$sql .= "where sip_profile_enabled = 'true' ";
if ($profile == 'all' || $profile == '') {
$prep_statement = $this->db->prepare($sql);
if ($profile != 'all' && $profile != '') {
$sql .= "and sip_profile_name = :sip_profile_name ";
$parameters['sip_profile_name'] = $profile;
}
else {
$sql .= "and sip_profile_name=:sip_profile_name ";
$prep_statement = $this->db->prepare($sql);
$prep_statement->bindParam(':sip_profile_name', $profile);
}
$prep_statement->execute();
$sip_profiles = $prep_statement->fetchAll(PDO::FETCH_NAMED);
foreach ($sip_profiles as $field) {
$database = new database;
$sip_profiles = $database->select($sql, $parameters, 'all');
if (is_array($sip_profiles) && @sizeof($sip_profiles) != 0) {
foreach ($sip_profiles as $field) {
//get sofia status profile information including registrations
$cmd = "api sofia xmlstatus profile ".$field['sip_profile_name']." reg";
$xml_response = trim(event_socket_request($fp, $cmd));
if ($xml_response == "Invalid Profile!") { $xml_response = "<error_msg>".$text['label-message']."</error_msg>"; }
$xml_response = str_replace("<profile-info>", "<profile_info>", $xml_response);
$xml_response = str_replace("</profile-info>", "</profile_info>", $xml_response);
if (strlen($xml_response) > 101) {
try {
$xml = new SimpleXMLElement($xml_response);
//get sofia status profile information including registrations
$cmd = "api sofia xmlstatus profile ".$field['sip_profile_name']." reg";
$xml_response = trim(event_socket_request($fp, $cmd));
if ($xml_response == "Invalid Profile!") { $xml_response = "<error_msg>".$text['label-message']."</error_msg>"; }
$xml_response = str_replace("<profile-info>", "<profile_info>", $xml_response);
$xml_response = str_replace("</profile-info>", "</profile_info>", $xml_response);
if (strlen($xml_response) > 101) {
try {
$xml = new SimpleXMLElement($xml_response);
}
catch(Exception $e) {
echo $e->getMessage();
exit;
}
$array = json_decode(json_encode($xml), true);
}
catch(Exception $e) {
echo $e->getMessage();
exit;
//normalize the array
if (is_array($array) && !is_array($array['registrations']['registration'][0])) {
$row = $array['registrations']['registration'];
unset($array['registrations']['registration']);
$array['registrations']['registration'][0] = $row;
}
$array = json_decode(json_encode($xml) , true);
}
//normalize the array
if (is_array($array) && !is_array($array['registrations']['registration'][0])) {
$row = $array['registrations']['registration'];
unset($array['registrations']['registration']);
$array['registrations']['registration'][0] = $row;
}
//set the registrations array
if (is_array($array)) {
foreach ($array['registrations']['registration'] as $row) {
//set the registrations array
if (is_array($array)) {
foreach ($array['registrations']['registration'] as $row) {
//build the registrations array
//$registrations[0] = $row;
$user_array = explode('@', $row['user']);
$registrations[$id]['user'] = $row['user'] ?: '';
$registrations[$id]['call-id'] = $row['call-id'] ?: '';
$registrations[$id]['contact'] = $row['contact'] ?: '';
$registrations[$id]['sip-auth-user'] = $row['sip-auth-user'] ?: '';
$registrations[$id]['agent'] = $row['agent'] ?: '';
$registrations[$id]['host'] = $row['host'] ?: '';
$registrations[$id]['network-port'] = $row['network-port'] ?: '';
$registrations[$id]['sip-auth-realm'] = $row['sip-auth-realm'] ?: '';
$registrations[$id]['mwi-account'] = $row['mwi-account'] ?: '';
$registrations[$id]['status'] = $row['status'] ?: '';
$registrations[$id]['ping-time'] = $row['ping-time'] ?: '';
$registrations[$id]['sip_profile_name'] = $field['sip_profile_name'];
//build the registrations array
//$registrations[0] = $row;
$user_array = explode('@', $row['user']);
$registrations[$id]['user'] = $row['user'] ?: '';
$registrations[$id]['call-id'] = $row['call-id'] ?: '';
$registrations[$id]['contact'] = $row['contact'] ?: '';
$registrations[$id]['sip-auth-user'] = $row['sip-auth-user'] ?: '';
$registrations[$id]['agent'] = $row['agent'] ?: '';
$registrations[$id]['host'] = $row['host'] ?: '';
$registrations[$id]['network-port'] = $row['network-port'] ?: '';
$registrations[$id]['sip-auth-realm'] = $row['sip-auth-realm'] ?: '';
$registrations[$id]['mwi-account'] = $row['mwi-account'] ?: '';
$registrations[$id]['status'] = $row['status'] ?: '';
$registrations[$id]['ping-time'] = $row['ping-time'] ?: '';
$registrations[$id]['sip_profile_name'] = $field['sip_profile_name'];
//get network-ip to url or blank
if(isset($row['network-ip'])) {
$registrations[$id]['network-ip'] = $row['network-ip'];
} else {
$registrations[$id]['network-ip'] = '';
}
//get the LAN IP address if it exists replace the external ip
$call_id_array = explode('@', $row['call-id']);
if (isset($call_id_array[1])) {
$agent = $row['agent'];
$lan_ip = $call_id_array[1];
if (false !== stripos($agent, 'grandstream')) {
$lan_ip = str_ireplace(
array('A','B','C','D','E','F','G','H','I','J'),
array('0','1','2','3','4','5','6','7','8','9'),
$lan_ip);
//get network-ip to url or blank
if (isset($row['network-ip'])) {
$registrations[$id]['network-ip'] = $row['network-ip'];
}
else {
$registrations[$id]['network-ip'] = '';
}
elseif(1 === preg_match('/\ACL750A/', $agent)) {
//required for GIGASET Sculpture CL750A puts _ in it's lan ip account
$lan_ip = preg_replace('/_/', '.', $lan_ip);
}
$registrations[$id]['lan-ip'] = $lan_ip;
} else {
$registrations[$id]['lan-ip'] = '';
}
//remove unrelated domains
if (count($_SESSION["domains"]) > 1) {
if (!(permission_exists('registration_all') && $profile == "all")) {
if ($registrations[$id]['sip-auth-realm'] == $_SESSION['domain_name']) {}
elseif ($user_array[1] == $_SESSION['domain_name']){}
else {
unset($registrations[$id]);
//get the LAN IP address if it exists replace the external ip
$call_id_array = explode('@', $row['call-id']);
if (isset($call_id_array[1])) {
$agent = $row['agent'];
$lan_ip = $call_id_array[1];
if (false !== stripos($agent, 'grandstream')) {
$lan_ip = str_ireplace(
array('A','B','C','D','E','F','G','H','I','J'),
array('0','1','2','3','4','5','6','7','8','9'),
$lan_ip);
}
elseif(1 === preg_match('/\ACL750A/', $agent)) {
//required for GIGASET Sculpture CL750A puts _ in it's lan ip account
$lan_ip = preg_replace('/_/', '.', $lan_ip);
}
$registrations[$id]['lan-ip'] = $lan_ip;
}
else {
$registrations[$id]['lan-ip'] = '';
}
//remove unrelated domains
if (count($_SESSION["domains"]) > 1) {
if (!(permission_exists('registration_all') && $profile == "all")) {
if ($registrations[$id]['sip-auth-realm'] == $_SESSION['domain_name']) {}
else if ($user_array[1] == $_SESSION['domain_name']) {}
else {
unset($registrations[$id]);
}
}
}
}
//increment the array id
$id++;
//increment the array id
$id++;
}
unset($array);
}
unset($array);
}
}
}
//return the registrations array
@ -166,17 +158,14 @@ if (!class_exists('registrations')) {
//get the default settings
$sql = "select sip_profile_name from v_sip_profiles ";
$sql .= "where sip_profile_enabled = 'true' ";
if ($profile == 'all' || $profile == '') {
$prep_statement = $this->db->prepare($sql);
if ($profile != 'all' && $profile != '') {
$sql .= "and sip_profile_name = :sip_profile_name ";
$parameters['sip_profile_name'] = $profile;
}
else {
$sql .= "and sip_profile_name=:sip_profile_name ";
$prep_statement = $this->db->prepare($sql);
$prep_statement->bindParam(':sip_profile_name', $profile);
}
$prep_statement->execute();
$sip_profiles = $prep_statement->fetchAll(PDO::FETCH_NAMED);
foreach ($sip_profiles as $field) {
$database = new database;
$sip_profiles = $database->select($sql, $parameters, 'all');
if (is_array($sip_profiles) && @sizeof($sip_profiles) != 0) {
foreach ($sip_profiles as $field) {
//get sofia status profile information including registrations
$cmd = "api sofia xmlstatus profile ".$field['sip_profile_name']." reg";
@ -193,10 +182,11 @@ if (!class_exists('registrations')) {
echo $e->getMessage();
exit;
}
$array = json_decode(json_encode($xml) , true);
$array = json_decode(json_encode($xml), true);
$count = $count + count($array['registrations']['registration']);
}
}
}
//return the registrations count
@ -205,10 +195,11 @@ if (!class_exists('registrations')) {
}
}
/*
$obj = new registrations;
$registrations = $obj->get('all');
print($registrations);
*/
?>
?>

50
app/scripts/resources/classes/scripts.php
View File

@ -53,8 +53,7 @@ if (!class_exists('scripts')) {
* Called when the object is created
*/
public function __construct() {
//connect to the database if not connected
require_once "resources/classes/database.php";
//get database properties
$database = new database;
$database->connect();
$this->db = $database->db;
@ -137,35 +136,16 @@ if (!class_exists('scripts')) {
$this->db_path = str_replace("\\", "/", $this->db_path);
//get the odbc information
$sql = "select count(*) as num_rows from v_databases ";
$sql = "select * from v_databases ";
$sql .= "where database_driver = 'odbc' ";
$prep_statement = $this->db->prepare($sql);
if ($prep_statement) {
$prep_statement->execute();
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
unset($prep_statement);
if ($row['num_rows'] > 0) {
$odbc_num_rows = $row['num_rows'];
$sql = "select * from v_databases ";
$sql .= "where database_driver = 'odbc' ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
if (is_array($result)) {
foreach ($result as &$row) {
$this->dsn_name = $row["database_name"];
$this->dsn_username = $row["database_username"];
$this->dsn_password = $row["database_password"];
break; //limit to 1 row
}
unset ($prep_statement);
}
}
else {
$odbc_num_rows = '0';
}
$database = new database;
$row = $database->select($sql, null, 'row');
if (is_array($row) && @sizeof($row) != 0) {
$this->dsn_name = $row["database_name"];
$this->dsn_username = $row["database_username"];
$this->dsn_password = $row["database_password"];
}
unset($sql, $row);
//get the recordings directory
if (is_array($_SESSION['switch']['recordings'])) {
@ -183,7 +163,8 @@ if (!class_exists('scripts')) {
//find the location to write the config.lua
if (is_dir("/etc/fusionpbx")){
$config = "/etc/fusionpbx/config.lua";
} elseif (is_dir("/usr/local/etc/fusionpbx")){
}
else if (is_dir("/usr/local/etc/fusionpbx")){
$config = "/usr/local/etc/fusionpbx/config.lua";
}
else {
@ -346,9 +327,11 @@ if (!class_exists('scripts')) {
unset($tmp);
fclose($fout);
}
} //end config_lua
} //end scripts class
}
}
}
/*
//example use
@ -356,4 +339,5 @@ if (!class_exists('scripts')) {
$obj = new scripts;
$obj->write_config();
*/
?>
?>

448
app/voicemails/resources/classes/voicemail.php
View File

@ -26,7 +26,6 @@
//define the voicemail class
class voicemail {
public $db;
public $domain_uuid;
public $domain_name;
public $voicemail_uuid;
@ -37,14 +36,6 @@
public $app_uuid;
public function __construct() {
//connect to the database if not connected
if (!$this->db) {
require_once "resources/classes/database.php";
$database = new database;
$database->connect();
$this->db = $database->db;
}
//set the application specific uuid
$this->app_uuid = 'b523c2d2-64cd-46f1-9520-ca4b4098e044';
@ -63,60 +54,55 @@
public function get_voicemail_id() {
//check if for valid input
if (is_uuid($this->voicemail_uuid) && is_uuid($this->domain_uuid) ) {
//input is valid
}
else {
if (!is_uuid($this->voicemail_uuid) || !is_uuid($this->domain_uuid)) {
return false;
}
//get the voicemail id if it isn't set already
if (!isset($this->voicemail_id)) {
$sql = "select voicemail_id from v_voicemails ";
$sql .= "where domain_uuid = '".$this->domain_uuid."' ";
$sql .= "and voicemail_uuid = '".$this->voicemail_uuid."' ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
if (is_array($result)) foreach ($result as &$row) {
$this->voicemail_id = $row["voicemail_id"];
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and voicemail_uuid = :voicemail_uuid ";
$parameters['domain_uuid'] = $this->domain_uuid;
$parameters['voicemail_uuid'] = $this->voicemail_uuid;
$database = new database;
$voicemail_id = $database->select($sql, $parameters, 'column');
if (is_numeric($voicemail_id)) {
$this->voicemail_id = $voicemail_id;
}
unset ($prep_statement);
unset($sql, $parameters, $voicemail_id);
}
}
public function voicemails() {
//check if for valid input
if (is_uuid($this->domain_uuid)) {
//input is valid
}
else {
if (!is_uuid($this->domain_uuid)) {
return false;
}
//set the voicemail id and voicemail uuid arrays
if (isset($_SESSION['user']['extension'])) foreach ($_SESSION['user']['extension'] as $index => $row) {
if (strlen($row['number_alias']) > 0) {
$voicemail_ids[$index]['voicemail_id'] = $row['number_alias'];
}
else {
$voicemail_ids[$index]['voicemail_id'] = $row['user'];
if (isset($_SESSION['user']['extension'])) {
foreach ($_SESSION['user']['extension'] as $index => $row) {
$voicemail_ids[$index]['voicemail_id'] = strlen($row['number_alias']) > 0 ? $row['number_alias'] : $row['user'];
}
}
if (isset($_SESSION['user']['voicemail'])) foreach ($_SESSION['user']['voicemail'] as $row) {
if (strlen($row['voicemail_uuid']) > 0) {
$voicemail_uuids[]['voicemail_uuid'] = $row['voicemail_uuid'];
if (isset($_SESSION['user']['voicemail'])) {
foreach ($_SESSION['user']['voicemail'] as $row) {
if (strlen($row['voicemail_uuid']) > 0) {
$voicemail_uuids[]['voicemail_uuid'] = $row['voicemail_uuid'];
}
}
}
//get the uuid and voicemail_id
$sql = "select * from v_voicemails ";
$sql .= "where domain_uuid = '".$this->domain_uuid."' ";
if (strlen($this->voicemail_uuid) > 0) {
$sql .= "where domain_uuid = :domain_uuid ";
if (is_uuid($this->voicemail_uuid)) {
if (permission_exists('voicemail_delete')) {
//view specific voicemail box usually reserved for an admin or superadmin
$sql .= "and voicemail_uuid = '".$this->voicemail_uuid."' ";
$sql .= "and voicemail_uuid = :voicemail_uuid ";
$parameters['voicemail_uuid'] = $this->voicemail_uuid;
}
else {
//ensure that the requested voicemail box is assigned to this user
@ -124,10 +110,10 @@
if (is_array($voicemail_uuids)) {
foreach($voicemail_uuids as $row) {
if ($voicemail_uuid == $row['voicemail_uuid']) {
$sql .= "and voicemail_uuid = '".$row['voicemail_uuid']."' ";
$sql .= "and voicemail_uuid = :voicemail_uuid ";
$parameters['voicemail_uuid'] = $row['voicemail_uuid'];
$found = true;
}
$x++;
}
}
//id requested is not owned by the user return no results
@ -137,20 +123,18 @@
}
}
else {
$x = 0;
if (count($voicemail_ids) > 0) {
if (is_array($voicemail_ids) && @sizeof($voicemail_ids) != 0) {
//show only the assigned voicemail ids
$sql .= "and (";
if (is_array($voicemail_ids)) foreach($voicemail_ids as $row) {
if ($x == 0) {
$sql .= "voicemail_id = '".$row['voicemail_id']."' ";
}
else {
$sql .= " or voicemail_id = '".$row['voicemail_id']."'";
}
$x = 0;
$sql .= "and ( ";
foreach($voicemail_ids as $row) {
$sql_where_or[] = "voicemail_id = :voicemail_id_".$x;
$parameters['voicemail_id_'.$x] = $row['voicemail_id'];
$x++;
}
$sql .= ")";
$sql .= implode(' or ', $sql_where_or);
$sql .= ") ";
unset($sql_where_or);
}
else {
//no assigned voicemail ids so return no results
@ -158,10 +142,10 @@
}
}
$sql .= "order by voicemail_id asc ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
unset ($prep_statement);
$parameters['domain_uuid'] = $this->domain_uuid;
$database = new database;
$result = $database->select($sql, $parameters, 'all');
unset($sql, $parameters);
return $result;
}
@ -170,13 +154,15 @@
$voicemails = $this->voicemails();
//add the voicemail messages to the array
if (is_array($voicemails)) foreach ($voicemails as &$row) {
//get the voicemail messages
$this->voicemail_uuid = $row['voicemail_uuid'];
$this->voicemail_id = $row['voicemail_id'];
$result = $this->voicemail_messages();
$voicemail_count = count($result);
$row['messages'] = $result;
if (is_array($voicemails)) {
foreach ($voicemails as &$row) {
//get the voicemail messages
$this->voicemail_uuid = $row['voicemail_uuid'];
$this->voicemail_id = $row['voicemail_id'];
$result = $this->voicemail_messages();
$voicemail_count = count($result);
$row['messages'] = $result;
}
}
//return the array
@ -186,43 +172,40 @@
public function voicemail_messages() {
//check if for valid input
if (is_numeric($this->voicemail_id) && is_uuid($this->domain_uuid)) {
//input is valid
}
else {
if (!is_numeric($this->voicemail_id) || !is_uuid($this->domain_uuid)) {
return false;
}
//get the message from the database
$sql = "select * from v_voicemail_messages as m, v_voicemails as v ";
$sql .= "where m.domain_uuid = '$this->domain_uuid' ";
$sql .= "where m.domain_uuid = :domain_uuid ";
$sql .= "and m.voicemail_uuid = v.voicemail_uuid ";
if (is_array($this->voicemail_id)) {
$sql .= "and (";
if (is_array($this->voicemail_id) && @sizeof($this->voicemail_id) != 0) {
$x = 0;
if (is_array($this->voicemail_id)) foreach($this->voicemail_id as $row) {
if ($x > 0) {
$sql .= "or ";
}
$sql .= "v.voicemail_id = '".$row['voicemail_id']."' ";
$sql .= "and ( ";
foreach ($this->voicemail_id as $row) {
$sql_where_or[] = "v.voicemail_id = :voicemail_id_".$x;
$parameters['voicemail_id_'.$x] = $row['voicemail_id'];
$x++;
}
$sql .= implode(' or ', $sql_where_or);
$sql .= ") ";
unset($sql_where_or);
}
else {
$sql .= "and v.voicemail_id = '$this->voicemail_id' ";
$sql .= "and v.voicemail_id = :voicemail_id ";
$parameters['voicemail_id'] = $this->voicemail_id;
}
if (strlen($this->order_by) == 0) {
$sql .= "order by v.voicemail_id, m.created_epoch desc ";
}
else {
$sql .= "order by v.voicemail_id, m.$this->order_by $this->order ";
$sql .= "order by v.voicemail_id, m.".$this->order_by." ".$this->order." ";
}
//$sql .= "limit $this->rows_per_page offset $this->offset ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
unset ($prep_statement, $sql);
$parameters['domain_uuid'] = $this->domain_uuid;
$database = new database;
$result = $database->select($sql, $parameters, 'all');
unset($sql, $parameters);
//update the array with additional information
if (is_array($result)) {
@ -259,11 +242,7 @@
$this->get_voicemail_id();
//check if for valid input
if (is_uuid($this->voicemail_uuid)
&& is_uuid($this->domain_uuid)) {
//input is valid
}
else {
if (!is_uuid($this->voicemail_uuid) || !is_uuid($this->domain_uuid)) {
return false;
}
@ -279,69 +258,67 @@
@rmdir($file_path);
}
//delete voicemail destinations
$sql = "delete from v_voicemail_destinations ";
$sql .= "where domain_uuid = '".$this->domain_uuid."' ";
$sql .= "and voicemail_uuid = '".$this->voicemail_uuid."' ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
unset($sql, $prep_statement);
//build voicemail destinations delete array
$array['voicemail_destinations'][0]['domain_uuid'] = $this->domain_uuid;
$array['voicemail_destinations'][0]['voicemail_uuid'] = $this->voicemail_uuid;
//delete voicemail greetings
//build voicemail greetings delete array
if (is_numeric($this->voicemail_id)) {
$sql = "delete from v_voicemail_greetings ";
$sql .= "where domain_uuid = '".$this->domain_uuid."' ";
$sql .= "and voicemail_id = '".$this->voicemail_id."' ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
unset($sql, $prep_statement);
$array['voicemail_greetings'][0]['domain_uuid'] = $this->domain_uuid;
$array['voicemail_greetings'][0]['voicemail_id'] = $this->voicemail_id;
}
//delete voicemail options
$sql = "delete from v_voicemail_options ";
$sql .= "where domain_uuid = '".$this->domain_uuid."' ";
$sql .= "and voicemail_uuid = '".$this->voicemail_uuid."' ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
unset($sql, $prep_statement);
//build voicemail options delete array
$array['voicemail_options'][0]['domain_uuid'] = $this->domain_uuid;
$array['voicemail_options'][0]['voicemail_uuid'] = $this->voicemail_uuid;
//build voicemail delete array
$array['voicemails'][0]['domain_uuid'] = $this->domain_uuid;
$array['voicemails'][0]['voicemail_uuid'] = $this->voicemail_uuid;
//grant temporary permissions
$p = new permissions;
$p->add('voicemail_destination_delete', 'temp');
if (is_numeric($this->voicemail_id)) {
$p->add('voicemail_greeting_delete', 'temp');
}
$p->add('voicemail_option_delete', 'temp');
$p->add('voicemail_delete', 'temp');
//execute delete
$database = new database;
$database->app_name = 'voicemails';
$database->app_uuid = 'b523c2d2-64cd-46f1-9520-ca4b4098e044';
$database->delete($array);
unset($array);
//revoke temporary permissions
$p->delete('voicemail_destination_delete', 'temp');
if (is_numeric($this->voicemail_id)) {
$p->delete('voicemail_greeting_delete', 'temp');
}
$p->delete('voicemail_option_delete', 'temp');
$p->delete('voicemail_delete', 'temp');
//delete voicemail
$sql = "delete from v_voicemails ";
$sql .= "where domain_uuid = '".$this->domain_uuid."' ";
$sql .= "and voicemail_uuid = '".$this->voicemail_uuid."' ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
unset($sql, $prep_statement);
}
public function message_count() {
//check if for valid input
if (is_uuid($this->voicemail_uuid) && is_uuid($this->domain_uuid)) {
//input is valid
}
else {
if (!is_uuid($this->voicemail_uuid) || !is_uuid($this->domain_uuid)) {
return false;
}
//get the message count
$sql = "select count(*) as num_rows from v_voicemail_messages ";
$sql .= "where domain_uuid = '".$this->domain_uuid."' ";
$sql .= "and voicemail_uuid = '".$this->voicemail_uuid."' ";
$prep_statement = $this->db->prepare($sql);
if ($prep_statement) {
$prep_statement->execute();
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
if ($row['num_rows'] > 0) {
$num_rows = $row['num_rows'];
}
else {
$num_rows = '0';
}
}
//return the message count
return $num_rows;
$sql = "select count(*) from v_voicemail_messages ";
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and voicemail_uuid = :voicemail_uuid ";
$parameters['domain_uuid'] = $this->domain_uuid;
$parameters['voicemail_uuid'] = $this->voicemail_uuid;
$database = new database;
return $database->select($sql, $parameters, 'column');
unset($sql, $parameters);
}
public function message_waiting() {
@ -362,19 +339,17 @@
$this->get_voicemail_id();
//check if for valid input
if (is_numeric($this->voicemail_id)
&& is_uuid($this->voicemail_uuid)
&& is_uuid($this->domain_uuid)
&& is_uuid($this->voicemail_message_uuid)) {
//input is valid
}
else {
if (!is_numeric($this->voicemail_id)
|| !is_uuid($this->voicemail_uuid)
|| !is_uuid($this->domain_uuid)
|| !is_uuid($this->voicemail_message_uuid)
) {
return false;
}
//delete the recording
$file_path = $_SESSION['switch']['voicemail']['dir']."/default/".$_SESSION['domain_name']."/".$this->voicemail_id;
if ($this->voicemail_message_uuid != '') {
if (is_uuid($this->voicemail_message_uuid)) {
foreach (glob($file_path."/intro_".$this->voicemail_message_uuid.".*") as $file_name) {
unlink($file_name);
}
@ -388,16 +363,26 @@
}
}
//delete voicemail message(s)
$sql = "delete from v_voicemail_messages ";
$sql .= "where domain_uuid = '".$this->domain_uuid."' ";
$sql .= "and voicemail_uuid = '".$this->voicemail_uuid."' ";
if ($this->voicemail_message_uuid != '') {
$sql .= "and voicemail_message_uuid = '".$this->voicemail_message_uuid."' ";
//build delete array
$array['voicemail_messages'][0]['domain_uuid'] = $this->domain_uuid;
$array['voicemail_messages'][0]['voicemail_uuid'] = $this->voicemail_uuid;
if (is_uuid($this->voicemail_message_uuid)) {
$array['voicemail_messages'][0]['voicemail_message_uuid'] = $this->voicemail_message_uuid;
}
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
unset($sql);
//grant temporary permissions
$p = new permissions;
$p->add('voicemail_message_delete', 'temp');
//execute delete
$database = new database;
$database->app_name = 'voicemails';
$database->app_uuid = 'b523c2d2-64cd-46f1-9520-ca4b4098e044';
$database->delete($array);
unset($array);
//revoke temporary permissions
$p->delete('voicemail_message_delete', 'temp');
//check the message waiting status
$this->message_waiting();
@ -406,35 +391,38 @@
public function message_toggle() {
//check if for valid input
if (is_uuid($this->voicemail_uuid)
&& is_uuid($this->domain_uuid)
&& is_uuid($this->voicemail_message_uuid)) {
//input is valid
}
else {
if (!is_uuid($this->voicemail_uuid)
|| !is_uuid($this->domain_uuid)
|| !is_uuid($this->voicemail_message_uuid)
) {
return false;
}
//get message status
$sql = "select message_status from v_voicemail_messages ";
$sql .= "where domain_uuid = '".$this->domain_uuid."' ";
$sql .= "and voicemail_uuid = '".$this->voicemail_uuid."' ";
$sql .= "and voicemail_message_uuid = '".$this->voicemail_message_uuid."' ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
$row = $prep_statement->fetch(PDO::FETCH_NAMED);
$new_status = ($row['message_status'] == 'saved') ? 'null' : "'saved'";
unset($sql, $prep_statement, $row);
$sql .= "where voicemail_message_uuid = :voicemail_message_uuid ";
$parameters['voicemail_message_uuid'] = $this->voicemail_message_uuid;
$database = new database;
$new_status = $database->select($sql, $parameters, 'column') != 'saved' ? 'saved' : null;
unset($sql, $parameters);
//set message status
$sql = "update v_voicemail_messages set ";
$sql .= "message_status = ".$new_status." ";
$sql .= "where domain_uuid = '".$this->domain_uuid."' ";
$sql .= "and voicemail_uuid = '".$this->voicemail_uuid."' ";
$sql .= "and voicemail_message_uuid = '".$this->voicemail_message_uuid."' ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
unset($sql, $prep_statement);
//build message status update array
$array['voicemail_messages'][0]['voicemail_message_uuid'] = $this->voicemail_message_uuid;
$array['voicemail_messages'][0]['message_status'] = $new_status;
//grant temporary permissions
$p = new permissions;
$p->add('voicemail_message_edit', 'temp');
//execute update
$database = new database;
$database->app_name = 'voicemails';
$database->app_uuid = 'b523c2d2-64cd-46f1-9520-ca4b4098e044';
$database->save($array);
unset($array);
//revoke temporary permissions
$p->delete('voicemail_message_edit', 'temp');
//check the message waiting status
$this->message_waiting();
@ -443,24 +431,30 @@
public function message_saved() {
//check if for valid input
if (is_uuid($this->voicemail_uuid)
&& is_uuid($this->domain_uuid)
&& is_uuid($this->voicemail_message_uuid)) {
//input is valid
}
else {
if (!is_uuid($this->voicemail_uuid)
|| !is_uuid($this->domain_uuid)
|| !is_uuid($this->voicemail_message_uuid)
) {
return false;
}
//set the voicemail status to saved
$sql = "update v_voicemail_messages set ";
$sql .= "message_status = 'saved' ";
$sql .= "where domain_uuid = '".$this->domain_uuid."' ";
$sql .= "and voicemail_uuid = '".$this->voicemail_uuid."' ";
$sql .= "and voicemail_message_uuid = '".$this->voicemail_message_uuid."' ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
unset($sql, $prep_statement);
//build message status update array
$array['voicemail_messages'][0]['voicemail_message_uuid'] = $this->voicemail_message_uuid;
$array['voicemail_messages'][0]['message_status'] = 'saved';
//grant temporary permissions
$p = new permissions;
$p->add('voicemail_message_edit', 'temp');
//execute update
$database = new database;
$database->app_name = 'voicemails';
$database->app_uuid = 'b523c2d2-64cd-46f1-9520-ca4b4098e044';
$database->save($array);
unset($array);
//revoke temporary permissions
$p->delete('voicemail_message_edit', 'temp');
//check the message waiting status
$this->message_waiting();
@ -469,13 +463,11 @@
public function message_download() {
//check if for valid input
if (is_numeric($this->voicemail_id)
&& is_uuid($this->voicemail_uuid)
&& is_uuid($this->domain_uuid)
&& is_uuid($this->voicemail_message_uuid)) {
//input is valid
}
else {
if (!is_numeric($this->voicemail_id)
|| !is_uuid($this->voicemail_uuid)
|| !is_uuid($this->domain_uuid)
|| !is_uuid($this->voicemail_message_uuid)
) {
return false;
}
@ -490,42 +482,41 @@
//prepare base64 content from db, if enabled
if ($_SESSION['voicemail']['storage_type']['text'] == 'base64') {
$sql = "select message_base64 from ";
$sql = "select message_base64 ";
$sql .= "from ";
$sql .= "v_voicemail_messages as m, ";
$sql .= "v_voicemails as v ";
$sql .= "where ";
$sql .= "m.voicemail_uuid = v.voicemail_uuid ";
$sql .= "and v.voicemail_id = '".$this->voicemail_id."' ";
$sql .= "and m.voicemail_uuid = '".$this->voicemail_uuid."' ";
$sql .= "and m.domain_uuid = '".$this->domain_uuid."' ";
$sql .= "and m.voicemail_message_uuid = '".$this->voicemail_message_uuid."' ";
$prep_statement = $this->db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
if (is_array($result)) {
foreach($result as &$row) {
if ($row['message_base64'] != '') {
$message_decoded = base64_decode($row['message_base64']);
file_put_contents($path.'/msg_'.$this->voicemail_message_uuid.'.ext', $message_decoded);
$finfo = finfo_open(FILEINFO_MIME_TYPE); //determine mime type (requires PHP >= 5.3.0, must be manually enabled on Windows)
$file_mime = finfo_file($finfo, $path.'/msg_'.$this->voicemail_message_uuid.'.ext');
finfo_close($finfo);
switch ($file_mime) {
case 'audio/x-wav':
case 'audio/wav':
$file_ext = 'wav';
break;
case 'audio/mpeg':
case 'audio/mp3':
$file_ext = 'mp3';
break;
}
rename($path.'/msg_'.$this->voicemail_message_uuid.'.ext', $path.'/msg_'.$this->voicemail_message_uuid.'.'.$file_ext);
}
break;
$sql .= "and v.voicemail_id = :voicemail_id ";
$sql .= "and m.voicemail_uuid = :voicemail_uuid ";
$sql .= "and m.domain_uuid = :domain_uuid ";
$sql .= "and m.voicemail_message_uuid = :voicemail_message_uuid ";
$parameters['voicemail_id'] = $this->voicemail_id;
$parameters['voicemail_uuid'] = $this->voicemail_uuid;
$parameters['domain_uuid'] = $this->domain_uuid;
$parameters['voicemail_message_uuid'] = $this->voicemail_message_uuid;
$database = new database;
$message_base64 = $database->select($sql, $parameters, 'column');
if ($message_base64 != '') {
$message_decoded = base64_decode($message_base64);
file_put_contents($path.'/msg_'.$this->voicemail_message_uuid.'.ext', $message_decoded);
$finfo = finfo_open(FILEINFO_MIME_TYPE); //determine mime type (requires PHP >= 5.3.0, must be manually enabled on Windows)
$file_mime = finfo_file($finfo, $path.'/msg_'.$this->voicemail_message_uuid.'.ext');
finfo_close($finfo);
switch ($file_mime) {
case 'audio/x-wav':
case 'audio/wav':
$file_ext = 'wav';
break;
case 'audio/mpeg':
case 'audio/mp3':
$file_ext = 'mp3';
break;
}
rename($path.'/msg_'.$this->voicemail_message_uuid.'.ext', $path.'/msg_'.$this->voicemail_message_uuid.'.'.$file_ext);
}
unset ($sql, $prep_statement, $result, $message_decoded);
unset($sql, $parameters, $message_base64, $message_decoded);
}
//prepare and stream the file
@ -571,7 +562,8 @@
@unlink($path.'/msg_'.$this->voicemail_message_uuid.'.'.$file_ext);
}
} // download
}
}
//example voicemail messages
@ -607,4 +599,4 @@ foreach ($_SESSION['user']['extension'] as $value) {
}
*/
?>
?>

2
app/voicemails/voicemail_messages.php
View File

@ -59,7 +59,6 @@
$voicemail_uuid = $_REQUEST["voicemail_uuid"];
if (is_uuid($voicemail_message_uuid) && $voicemail_id != '' && is_uuid($voicemail_uuid)) {
$voicemail = new voicemail;
$voicemail->db = $db;
$voicemail->domain_uuid = $_SESSION['domain_uuid'];
$voicemail->voicemail_id = $voicemail_id;
$voicemail->voicemail_uuid = $voicemail_uuid;
@ -76,7 +75,6 @@
//get the voicemail
$vm = new voicemail;
$vm->db = $db;
$vm->domain_uuid = $_SESSION['domain_uuid'];
$vm->voicemail_uuid = $voicemail_uuid;
$vm->order_by = $order_by;

113
core/authentication/resources/classes/plugins/database.php
View File

@ -26,85 +26,62 @@ class plugin_database {
*/
function database() {
//save the database connection to a local variable
include "root.php";
require_once "resources/classes/database.php";
$database = new database;
$database->connect();
$db = $database->db;
//set the default status
$user_authorized = false;
//check the username and password if they don't match then redirect to the login
$sql = "select * from v_users ";
$sql = "select * from v_users where ";
if (strlen($this->key) > 30) {
$sql .= "where api_key = :key ";
//$sql .= "where api_key = '".$this->key."' ";
$sql .= "api_key = :key ";
$parameters['api_key'] = $this->key;
}
else {
$sql .= "where lower(username) = lower(:username) ";
//$sql .= "where username = '".$this->username."' ";
$sql .= "lower(username) = lower(:username) ";
$parameters['username'] = $this->username;
}
if ($_SESSION["users"]["unique"]["text"] == "global") {
//unique username - global (example: email address)
}
else {
//unique username - per domain
if ($_SESSION["users"]["unique"]["text"] != "global") {
//unique username per domain (not globally unique across system - example: email address)
$sql .= "and domain_uuid = :domain_uuid ";
//$sql .= "and domain_uuid = '".$this->domain_uuid."' ";
$parameters['domain_uuid'] = $this->domain_uuid;
}
$sql .= "and (user_enabled = 'true' or user_enabled is null) ";
$prep_statement = $db->prepare($sql);
if ($_SESSION["users"]["unique"]["text"] != "global") {
$prep_statement->bindParam(':domain_uuid', $this->domain_uuid);
}
if (strlen($this->key) > 30) {
$prep_statement->bindParam(':key', $this->key);
}
if (strlen($this->username) > 0) {
$prep_statement->bindParam(':username', $this->username);
}
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
$user_authorized = false;
if (is_array($result)) {
foreach ($result as &$row) {
$database = new database;
$row = $database->select($sql, $parameters, 'row');
if (is_array($row) && @sizeof($row) != 0) {
//get the domain uuid when users are unique globally
if ($_SESSION["users"]["unique"]["text"] == "global" && $row["domain_uuid"] != $this->domain_uuid) {
//set the domain_uuid
$this->domain_uuid = $row["domain_uuid"];
$this->domain_name = $_SESSION['domains'][$this->domain_uuid]['domain_name'];
//get the domain uuid when users are unique globally
if ($_SESSION["users"]["unique"]["text"] == "global" && $row["domain_uuid"] != $this->domain_uuid) {
//set the domain_uuid
$this->domain_uuid = $row["domain_uuid"];
$this->domain_name = $_SESSION['domains'][$this->domain_uuid]['domain_name'];
//set the domain session variables
$_SESSION["domain_uuid"] = $this->domain_uuid;
$_SESSION["domain_name"] = $this->domain_name;
//set the domain session variables
$_SESSION["domain_uuid"] = $this->domain_uuid;
$_SESSION["domain_name"] = $this->domain_name;
//set the setting arrays
$domain = new domains();
$domain->db = $db;
$domain->set();
}
//set the setting arrays
$domain = new domains();
$domain->db = $db;
$domain->set();
}
//set the user_uuid
$this->user_uuid = $row['user_uuid'];
$this->contact_uuid = $row['contact_uuid'];
//set the user_uuid
$this->user_uuid = $row['user_uuid'];
$this->contact_uuid = $row['contact_uuid'];
//if salt is not defined then use the default salt for backwards compatibility
if (strlen($row["salt"]) == 0) {
$row["salt"] = 'e3.7d.12';
}
//if salt is not defined then use the default salt for backwards compatibility
if (strlen($row["salt"]) == 0) {
$row["salt"] = 'e3.7d.12';
}
//compare the password provided by the user with the one in the database
if (md5($row["salt"].$this->password) == $row["password"]) {
$user_authorized = true;
} elseif (strlen($this->key) > 30 && $this->key == $row["api_key"]) {
$user_authorized = true;
} else {
$user_authorized = false;
}
//compare the password provided by the user with the one in the database
if (md5($row["salt"].$this->password) == $row["password"]) {
$user_authorized = true;
}
else if (strlen($this->key) > 30 && $this->key == $row["api_key"]) {
$user_authorized = true;
}
//end the loop
break;
}
}
unset($result);
@ -119,14 +96,10 @@ class plugin_database {
$result["domain_uuid"] = $this->domain_uuid;
$result["contact_uuid"] = $this->contact_uuid;
$result["sql"] = $sql;
if ($user_authorized) {
$result["authorized"] = "true";
}
else {
$result["authorized"] = "false";
}
$result["authorized"] = $user_authorized ? 'true' : 'false';
return $result;
}
}
?>
?>

154
core/authentication/resources/classes/plugins/ldap.php
View File

@ -23,13 +23,6 @@ class plugin_ldap {
*/
function ldap() {
//save the database connection to a local variable
include "root.php";
require_once "resources/classes/database.php";
$database = new database;
$database->connect();
$db = $database->db;
//use ldap to validate the user credentials
if (isset($_SESSION["ldap"]["certpath"])) {
$s = "LDAPTLS_CERT=" . $_SESSION["ldap"]["certpath"]["text"];
@ -41,13 +34,13 @@ class plugin_ldap {
}
$host = $_SESSION["ldap"]["server_host"]["text"];
$port = $_SESSION["ldap"]["server_port"]["numeric"];
$connect = ldap_connect($host,$port)
$connect = ldap_connect($host, $port)
or die("Could not connect to the LDAP server.");
//ldap_set_option($connect, LDAP_OPT_NETWORK_TIMEOUT, 10);
ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
//ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
//set the default for $user_authorized to false
//set the default status
$user_authorized = false;
//provide backwards compatability
@ -69,54 +62,37 @@ class plugin_ldap {
$user_authorized = true;
break;
}
else {
//connection failed
$user_authorized = false;
}
}
else {
//password not provided
$user_authorized = false;
}
}
//check to see if the user exists
if ($user_authorized) {
$sql = "select * from v_users ";
$sql .= "where username=:username ";
if ($_SESSION["users"]["unique"]["text"] == "global") {
//unique username - global (example: email address)
}
else {
//unique username - per domain
$sql .= "and domain_uuid=:domain_uuid ";
}
$prep_statement = $db->prepare($sql);
$sql .= "where username = :username ";
if ($_SESSION["users"]["unique"]["text"] != "global") {
$prep_statement->bindParam(':domain_uuid', $this->domain_uuid);
//unique username per domain (not globally unique across system - example: email address)
$sql .= "and domain_uuid = :domain_uuid ";
$parameters['domain_uuid'] = $this->domain_uuid;
}
$prep_statement->bindParam(':username', $this->username);
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
if (count($result) > 0) {
foreach ($result as &$row) {
if ($_SESSION["users"]["unique"]["text"] == "global" && $row["domain_uuid"] != $this->domain_uuid) {
//get the domain uuid
$this->domain_uuid = $row["domain_uuid"];
$this->domain_name = $_SESSION['domains'][$this->domain_uuid]['domain_name'];
$parameters['username'] = $this->username;
$database = new database;
$row = $database->select($sql, $parameters, 'row');
if (is_array($row) && @sizeof($row) != 0) {
if ($_SESSION["users"]["unique"]["text"] == "global" && $row["domain_uuid"] != $this->domain_uuid) {
//get the domain uuid
$this->domain_uuid = $row["domain_uuid"];
$this->domain_name = $_SESSION['domains'][$this->domain_uuid]['domain_name'];
//set the domain session variables
$_SESSION["domain_uuid"] = $this->domain_uuid;
$_SESSION["domain_name"] = $this->domain_name;
//set the domain session variables
$_SESSION["domain_uuid"] = $this->domain_uuid;
$_SESSION["domain_name"] = $this->domain_name;
//set the setting arrays
$domain = new domains();
$domain->db = $db;
$domain->set();
}
$this->user_uuid = $row["user_uuid"];
$this->contact_uuid = $row["contact_uuid"];
//set the setting arrays
$domain = new domains();
$domain->set();
}
$this->user_uuid = $row["user_uuid"];
$this->contact_uuid = $row["contact_uuid"];
}
else {
//salt used with the password to create a one way hash
@ -127,53 +103,40 @@ class plugin_ldap {
$this->user_uuid = uuid();
$this->contact_uuid = uuid();
//add the user
$sql = "insert into v_users ";
$sql .= "(";
$sql .= "domain_uuid, ";
$sql .= "user_uuid, ";
$sql .= "contact_uuid, ";
$sql .= "username, ";
$sql .= "password, ";
$sql .= "salt, ";
$sql .= "add_date, ";
$sql .= "add_user, ";
$sql .= "user_enabled ";
$sql .= ") ";
$sql .= "values ";
$sql .= "(";
$sql .= "'".$this->domain_uuid."', ";
$sql .= "'".$this->user_uuid."', ";
$sql .= "'".$this->contact_uuid."', ";
$sql .= "'".strtolower($this->username)."', ";
$sql .= "'".md5($salt.$password)."', ";
$sql .= "'".$salt."', ";
$sql .= "now(), ";
$sql .= "'".strtolower($this->username)."', ";
$sql .= "'true' ";
$sql .= ")";
$db->exec(check_sql($sql));
unset($sql);
//build user insert array
$array['users'][0]['user_uuid'] = $this->user_uuid;
$array['users'][0]['domain_uuid'] = $this->domain_uuid;
$array['users'][0]['contact_uuid'] = $this->contact_uuid;
$array['users'][0]['username'] = strtolower($this->username);
$array['users'][0]['password'] = md5($salt.$password);
$array['users'][0]['salt'] = $salt;
$array['users'][0]['add_date'] = now();
$array['users'][0]['add_user'] = strtolower($this->username);
$array['users'][0]['user_enabled'] = 'true';
//add the user to group user
$group_name = 'user';
$sql = "insert into v_user_groups ";
$sql .= "(";
$sql .= "user_group_uuid, ";
$sql .= "domain_uuid, ";
$sql .= "group_name, ";
$sql .= "user_uuid ";
$sql .= ")";
$sql .= "values ";
$sql .= "(";
$sql .= "'".uuid()."', ";
$sql .= "'".$this->domain_uuid."', ";
$sql .= "'".$group_name."', ";
$sql .= "'".$this->user_uuid."' ";
$sql .= ")";
$db->exec(check_sql($sql));
unset($sql);
//build user group insert array
$array['user_groups'][0]['user_group_uuid'] = uuid();
$array['user_groups'][0]['domain_uuid'] = $this->domain_uuid;
$array['user_groups'][0]['group_name'] = 'user';
$array['user_groups'][0]['user_uuid'] = $this->user_uuid;
//grant temporary permissions
$p = new permissions;
$p->add('user_add', 'temp');
$p->add('user_group_add', 'temp');
//execute insert
$database = new database;
$database->app_name = 'authentication';
$database->app_uuid = 'a8a12918-69a4-4ece-a1ae-3932be0e41f1';
$database->save($array);
unset($array);
//revoke temporary permissions
$p->delete('user_add', 'temp');
$p->delete('user_group_add', 'temp');
}
unset($sql, $parameters, $row);
}
//result array
@ -185,14 +148,9 @@ class plugin_ldap {
}
$result["user_uuid"] = $this->user_uuid;
$result["domain_uuid"] = $this->domain_uuid;
if ($user_authorized) {
$result["authorized"] = "true";
}
else {
$result["authorized"] = "false";
}
$result["authorized"] = $user_authorized ? 'true' : 'false';
return $result;
}
}
?>
?>

144
core/groups/resources/classes/permission.php
View File

@ -29,105 +29,113 @@
//delete the permissions
function delete() {
//set the variables
$db = $this->db;
//get unprotected groups and their domain uuids (if any)
$sql = "select group_name, domain_uuid from v_groups where group_protected <> 'true' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
$result_count = count($result);
if ($result_count > 0) {
$sql = "select group_name, domain_uuid ";
$sql .= "from v_groups ";
$sql .= "where group_protected <> 'true' ";
$database = new database;
$result = $database->select($sql, null, 'all');
if (is_array($result) && @sizeof($result) != 0) {
foreach($result as $row) {
$unprotected_groups[$row['group_name']] = $row['domain_uuid'];
}
}
unset ($prep_statement, $sql, $result, $result_count);
unset($sql, $result, $row);
//delete unprotected group permissions
if (is_array($unprotected_groups) && sizeof($unprotected_groups) > 0) {
$x = 0;
foreach ($unprotected_groups as $unprotected_group_name => $unprotected_domain_uuid) {
$sql = "delete from v_group_permissions where ";
$sql .= "group_name = '".$unprotected_group_name."' ";
$sql .= "and domain_uuid ".(($unprotected_domain_uuid != '') ? " = '".$unprotected_domain_uuid."' " : " is null ");
if (false === $db->exec($sql)) {
//echo $db->errorCode() . "<br>";
$info = $db->errorInfo();
print_r($info);
// $info[0] == $db->errorCode() unified error code
// $info[1] is the driver specific error code
// $info[2] is the driver specific error string
}
//build delete array
$array['group_permissions'][$x]['group_name'] = $unprotected_group_name;
$array['group_permissions'][$x]['domain_uuid'] = $unprotected_domain_uuid != '' ? $unprotected_domain_uuid : null;
$x++;
}
if (is_array($array) && @sizeof($array) != 0) {
//grant temporary permissions
$p = new permissions;
$p->add('group_permission_delete', 'temp');
//execute delete
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->delete($array);
unset($array);
//revoke temporary permissions
$p->delete('group_permission_delete', 'temp');
}
}
}
//restore the permissions
function restore() {
//set the variables
$db = $this->db;
//delete the group permisisons
$this->delete();
//get the $apps array from the installed apps from the core and mod directories
$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
$x=0;
$x = 0;
foreach ($config_list as &$config_path) {
include($config_path);
$x++;
}
//restore default permissions
foreach($apps as $row) {
$x = 0;
foreach ($apps as $row) {
foreach ($row['permissions'] as $permission) {
//set the variables
if ($permission['groups']) {
foreach ($permission['groups'] as $group) {
//check group protection
$sql = "select * from v_groups ";
$sql .= "where group_name = '".$group."' ";
$sql = "select count(*) from v_groups ";
$sql .= "where group_name = :group_name ";
$sql .= "and group_protected = 'true'";
$prep_statement = $db->prepare(check_sql($sql));
if ($prep_statement) {
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
unset ($prep_statement);
if (count($result) == 0) {
//if the item uuid is not currently in the db then add it
$sql = "select * from v_group_permissions ";
$sql .= "where permission_name = '".$permission['name']."' ";
$sql .= "and group_name = '$group' ";
$prep_statement = $db->prepare(check_sql($sql));
if ($prep_statement) {
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_ASSOC);
unset ($prep_statement);
if (count($result) == 0) {
//insert the default permissions into the database
$sql = "insert into v_group_permissions ";
$sql .= "(";
$sql .= "group_permission_uuid, ";
$sql .= "permission_name, ";
$sql .= "group_name ";
$sql .= ") ";
$sql .= "values ";
$sql .= "(";
$sql .= "'".uuid()."', ";
$sql .= "'".$permission['name']."', ";
$sql .= "'".$group."' ";
$sql .= ");";
$db->exec(check_sql($sql));
unset($sql);
} // if count
} // if prepared statement
} // if count
} // if prepared statement
} // foreach group permission
} // if permission
} // foreach permission
} // foreach app
$parameters['group_name'] = $group;
$database = new database;
$num_rows = $database->select($sql, $parameters, 'column');
unset($sql, $parameters);
} // function
} // class
if ($num_rows == 0) {
//if the item uuid is not currently in the db then add it
$sql = "select count(*) from v_group_permissions ";
$sql .= "where permission_name = :permission_name ";
$sql .= "and group_name = :group_name ";
$parameters['permission_name'] = $permission['name'];
$parameters['group_name'] = $group;
$database = new database;
$num_rows = $database->select($sql, $parameters, 'column');
unset($sql, $parameters);
if ($num_rows == 0) {
//build default permissions insert array
$array['group_permissions'][$x]['group_permission_uuid'] = uuid();
$array['group_permissions'][$x]['permission_name'] = $permission['name'];
$array['group_permissions'][$x]['group_name'] = $group;
$x++;
}
}
}
}
}
}
if (is_array($array) && @sizeof($array)) {
//grant temporary permissions
$p = new permissions;
$p->add('group_permission_add', 'temp');
//execute insert
$database = new database;
$database->app_name = 'groups';
$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
$database->save($array);
unset($array);
//revoke temporary permissions
$p->delete('group_permission_add', 'temp');
}
}
}
?>

2
resources/classes/captcha.php
View File

@ -34,8 +34,6 @@ class captcha {
/**
* Called when the object is created
*/
//public $db;
//public $domain_uuid;
public $code;
/**