dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Voicemail: Token integration.

This commit is contained in:
Nate 2019-09-19 07:45:34 -06:00
parent 038842f0b1
commit 8567a7a676
3 changed files with 44 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
app/voicemails/voicemail_edit.php
View File

@ -17,7 +17,7 @@
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Portions created by the Initial Developer are Copyright (C) 2008-2018
Portions created by the Initial Developer are Copyright (C) 2008-2019
the Initial Developer. All Rights Reserved.
Contributor(s):
@ -129,6 +129,14 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
$voicemail_uuid = $_POST["voicemail_uuid"];
}
//validate the token
$token = new token;
if (!$token->validate($_SERVER['PHP_SELF'])) {
message::add($text['message-invalid_token'],'negative');
header('Location: voicemails.php');
exit;
}
//check for all required data
if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) {
require_once "resources/header.php";
@ -296,6 +304,10 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
$greetings = $database->select($sql, $parameters, 'all');
unset($sql, $parameters);
//create token
$object = new token;
$token = $object->create($_SERVER['PHP_SELF']);
//show the header
require_once "resources/header.php";
$document['title'] = $text['title-voicemail'];
@ -719,10 +731,12 @@ if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
$http_referer = parse_url($_SERVER["HTTP_REFERER"]);
echo " <input type='hidden' name='referer_path' value='".escape($http_referer['path'])."'>\n";
echo " <input type='hidden' name='referer_query' value='".escape($http_referer['query'])."'>\n";
echo " <input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
echo " <br>";
if ($password_complexity == "true") {
echo " <input type='button' class='btn' value='".$text['button-save']."' onclick=\"if (check_password_strength(document.getElementById('password').value)) { submit_form(); }\">";
} else {
}
else {
echo " <input type='button' class='btn' value='".$text['button-save']."' onclick='submit_form();'>\n";
}
echo " </td>\n";

15
app/voicemails/voicemail_message_edit.php
View File

@ -17,7 +17,7 @@
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Portions created by the Initial Developer are Copyright (C) 2008-2012
Portions created by the Initial Developer are Copyright (C) 2008-2019
the Initial Developer. All Rights Reserved.
Contributor(s):
@ -71,6 +71,14 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
$voicemail_message_uuid = $_POST["voicemail_message_uuid"];
}
//validate the token
$token = new token;
if (!$token->validate($_SERVER['PHP_SELF'])) {
message::add($text['message-invalid_token'],'negative');
header('Location: voicemails.php');
exit;
}
//check for all required data
//if (strlen($voicemail_uuid) == 0) { $msg .= "Please provide: Voicemail UUID<br>\n"; }
//if (strlen($created_epoch) == 0) { $msg .= "Please provide: Created Epoch<br>\n"; }
@ -157,6 +165,10 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
unset($sql, $parameters, $row);
}
//create token
$object = new token;
$token = $object->create($_SERVER['PHP_SELF']);
//show the header
require_once "resources/header.php";
@ -250,6 +262,7 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
if ($action == "update") {
echo " <input type='hidden' name='voicemail_message_uuid' value='".escape($voicemail_message_uuid)."'>\n";
}
echo " <input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
echo " <br>";
echo " <input type='submit' name='submit' class='btn' value='Save'>\n";
echo " </td>\n";

15
app/voicemails/voicemail_option_edit.php
View File

@ -17,7 +17,7 @@
The Initial Developer of the Original Code is
Mark J Crane <markjcrane@fusionpbx.com>
Portions created by the Initial Developer are Copyright (C) 2008-2012
Portions created by the Initial Developer are Copyright (C) 2008-2019
the Initial Developer. All Rights Reserved.
Contributor(s):
@ -74,6 +74,14 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
$msg = '';
$voicemail_option_uuid = $_POST["voicemail_option_uuid"];
//validate the token
$token = new token;
if (!$token->validate($_SERVER['PHP_SELF'])) {
message::add($text['message-invalid_token'],'negative');
header('Location: voicemails.php');
exit;
}
//check for all required data
if (strlen($voicemail_option_digits) == 0) { $msg .= $text['message-required'].$text['label-option']."<br>\n"; }
if (strlen($voicemail_option_order) == 0) { $msg .= $text['message-required'].$text['label-order']."<br>\n"; }
@ -152,6 +160,10 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
unset($sql, $parameters, $row);
}
//create token
$object = new token;
$token = $object->create($_SERVER['PHP_SELF']);
//send the content to the browser
require_once "resources/header.php";
$document['title'] = $text['title-voicemail_option'];
@ -239,6 +251,7 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
echo " <td colspan='2' align='right'>\n";
echo " <input type='hidden' name='voicemail_uuid' value='".escape($voicemail_uuid)."'>\n";
echo " <input type='hidden' name='voicemail_option_uuid' value='".escape($voicemail_option_uuid)."'>\n";
echo " <input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
echo " <br>";
echo " <input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
echo " </td>\n";