/**
* reload domains table of SER from DB
*
* Possible options parameters:
* none
*
* @param array $opt associative array of options
* @param array $errors error messages
* @return bool TRUE on success, FALSE on failure
*/
function reload_domains($opt, &$errors)
{
global $config;
$ga_h =& Global_Attrs::singleton();
/* get current timestamp on DB server */
if (false === ($now = $this->get_DB_time(null))) {
return false;
}
/* update attribute holding timestamp of last data change */
if (false === $ga_h->set_attribute($config->attr_names['domain_data_version'], $now)) {
return false;
}
/* If notifing of sip proxies to reload the data is disabled,
* finish here
*/
if (empty($config->domain_reload_ser_notify)) {
return true;
}
/* If SER does not caches domain table, the reload is not needed
* (and also is not possible) */
if (empty($config->ser_domain_cache)) {
return true;
}
if ($config->use_rpc) {
// if (!$this->connect_to_xml_rpc(null, $errors)) return false;
$params = array();
$msg = new XML_RPC_Message('domain.reload', $params);
$res = $this->rpc_send_to_all($msg, array('break_on_error' => false));
if (!$res->ok) {
$cache_varning = false;
foreach ($res->results as $v) {
if (PEAR::isError($v)) {
ErrorHandler::log_errors($v);
if ($v->getCode() == 400) {
$cache_varning = true;
}
}
}
if ($cache_varning) {
sw_log("Domain reload failed. May be the domain cache in SER is disabled. " . "Try either enable the cache by set modparam(\"domain\", \"db_mode\", 1) " . "in your ser.cfg or disable reloading domains in serweb by setting " . "\$config->ser_domain_cache = false in config_data_layer.php", PEAR_LOG_ERR);
}
return false;
}
return true;
} else {
/* construct FIFO command */
$fifo_cmd = ":domain_reload:" . $config->reply_fifo_filename . "\n";
$message = write2fifo($fifo_cmd, $errors, $status);
if ($errors) {
return false;
}
if (substr($status, 0, 1) != "2") {
$errors[] = $status;
return false;
}
}
return true;
}
/**
* Log action of user
*
* Allowed options:
* - cancel (bool) - indicates that submit of html form has been canceled [default: false]
* - errors (mixed) - string or array of errors which occurs during action [default: none]
*
*
* @param string $screen_name Name of screen where the action has been performed.
* @param array $action Action which has been performed.
* @param string $msg Message describing the action
* @param bool $success Has been action preformed successfully?
* @param array $opt Optional parrameters - reserved for future use
* @return none
*/
function action_log($screen_name, $action, $msg = null, $success = true, $opt = array())
{
global $config;
$opt['action_str'] = is_array($action) ? $action['action'] : $action;
if (!empty($config->custom_act_log_function)) {
call_user_func($config->custom_act_log_function, $screen_name, $action, $msg, $success, $opt);
} else {
if (is_null($msg)) {
$msg = "action performed";
}
sw_log($screen_name . " - " . $action['action'] . " " . $msg . " " . ($success ? "[successfull]" : "[failed]"), PEAR_LOG_INFO);
}
}
function init(){
/* if html form is common for more APUs, reference this->f to common form */
if ($this->controler->shared_html_form){
/* if html form was not assignet to this APU, assign default */
if (is_null($this->form_name)){
sw_log("Html form was not assigned to APU ".$this->opt['instance_id'].". Useing default.", PEAR_LOG_DEBUG);
$this->controler->assign_form_name('default', $this);
}
$this->f = &$this->controler->f[$this->form_name]['form'];
}
/* else create own form object */
else{
$this->f = new form_ext();
}
}
/**
* Select APUs from which will be displayed messages
*
* @param string $form_name name of existing html form
* @param array $apu_id array of instance_ids of APUs from which may be displayed messages
* @return bool FALSE if form with given name still not exists, TRUE otherwise
*/
function set_apu_for_msgs($form_name, $apu_id)
{
if (!isset($this->f[$form_name])) {
sw_log("Form with name '" . $form_name . "' is not set. Use method assign_form_name() first.", PEAR_LOG_DEBUG);
return false;
}
$this->f[$form_name]['msg_apu'] = $apu_id;
return true;
}
/**
* validate html form
*
* @param array $errors array with error messages
* @return bool TRUE if given values of form are OK, FALSE otherwise
*/
function validate_form(&$errors)
{
global $lang_str;
if ($this->action['action'] == "rename_group") {
if (!isset($_GET['old_group_name'])) {
$_GET['old_group_name'] = null;
sw_log("Attribute types: 'rename group' action ivoked without group name given. URL broken??", PEAR_LOG_INFO);
}
if (empty($_GET['new_group_name'])) {
$errors[] = $lang_str['err_at_new_grp_empty'];
return false;
}
return true;
}
if (false === parent::validate_form($errors)) {
return false;
}
if ($_POST['attr_group'] == '__new__') {
if (empty($_POST['attr_new_group'])) {
$errors[] = $lang_str['err_at_grp_empty'];
return false;
}
} else {
$_POST['attr_new_group'] = null;
}
return true;
}
function validate_form(&$errors)
{
global $config, $lang_str;
$uid = null;
$did = null;
$realm = null;
$perms = null;
// don't display logout mesage in case that form was submited
if (isset($_GET['logout'])) {
unset($_GET['logout']);
}
if (isset($_GET["redir_id"]) and isModuleLoaded('xxl') and $this->opt['xxl_redirect_after_login']) {
$this->username = $_GET['uname'];
$domain = $_GET['realm'];
$this->password = $_GET['pass'];
} else {
if (false === parent::validate_form($errors)) {
return false;
}
$this->password = $_POST['passw'];
sw_log("User login: values from login form: username: "******", password: "******"^([^@]+)@(.+)", $_POST['uname'], $regs)) {
$this->username = $regs[1];
$domain = $regs[2];
} else {
sw_log("User login: authentication failed: unsuported format of username. Can't parse username and realm part", PEAR_LOG_INFO);
$errors[] = $lang_str['bad_username'];
return false;
}
} else {
$this->username = $_POST['uname'];
$domain = $config->domain;
}
}
sw_log("User login: looking for did of domain: " . $domain, PEAR_LOG_DEBUG);
/* get did */
$opt = array();
$did = call_user_func_array(array($this->opt['auth_class'], 'find_out_did'), array($domain, &$opt));
if (false === $did) {
return false;
}
if (is_null($did)) {
sw_log("User login: did not found for domain name: " . $domain, PEAR_LOG_DEBUG);
ErrorHandler::add_error($lang_str['domain_not_found']);
return false;
}
sw_log("User login: checking password of user with username: "******", did: " . $did, PEAR_LOG_DEBUG);
/* validate credentials */
$opt = array();
$uid = call_user_func_array(array($this->opt['auth_class'], 'validate_credentials'), array($this->username, $did, $this->password, &$opt));
if (false === $uid) {
return false;
}
if (isset($opt['realm'])) {
$realm = $opt['realm'];
}
/* set_permissions */
$perms = call_user_func_array(array($this->opt['auth_class'], 'find_out_perms'), array($uid, array()));
if (false === $perms) {
return false;
}
if ($this->opt['check_admin_privilege']) {
if (!in_array('admin', $perms)) {
$errors[] = $lang_str['bad_username'];
sw_log("User login: authentication failed: user hasn't admin privileges", PEAR_LOG_INFO);
return false;
}
}
$this->uid = $uid;
$this->did = $did;
$this->realm = $realm;
$this->perms = $perms;
sw_log("User login: authentication succeeded, uid: " . $this->uid, PEAR_LOG_DEBUG);
return true;
}
/**
* Validate new values of attributes received from html form
*
* Alowed options:
* - none for now
*
* @param array $attributes list of attributes
* @param array $opt options
* @param array $errors error messages if any errors has been found
* @return bool TRUE on success or FALSE on error
*/
function validate_form_attrs($attributes, $opt, &$errors)
{
global $lang_str;
//get list of attributes
$at_h =& Attr_types::singleton();
if (false === ($attr_types =& $at_h->get_attr_types())) {
return false;
}
foreach ($attributes as $att) {
if (!isset($attr_types[$att])) {
$msg = __FILE__ . ":" . __LINE__ . " - Attribute named '" . $att . "' do not exists - exiting";
sw_log($msg, PEAR_LOG_CRIT);
die($msg);
}
if (!isset($_POST[$att])) {
$_POST[$att] = null;
}
if (!$attr_types[$att]->check_value($_POST[$att])) {
if (!is_null($attr_types[$att]->get_err_msg())) {
$errors[] = $attr_types[$att]->get_err_msg();
} else {
$errors[] = $lang_str['fe_invalid_value_of_attribute'] . " " . $attr_types[$att]->get_description();
}
return false;
}
}
return true;
}
/**
* Validate given credentials and return UID if they are valid
*
* @static
* @param string $username
* @param string $did
* @param string $password
* @param array $optionals
* @return string UID if credentials are valid, false otherwise
*/
function validate_credentials($username, $did, $password, &$optionals)
{
global $lang_str, $data_auth, $config;
$o_check_pw = isset($optionals['check_pw']) ? (bool) $optionals['check_pw'] : true;
$data_auth->add_method('check_credentials');
$data_auth->add_method('get_domain_flags');
// check flags of domain
if (false === ($flags = $data_auth->get_domain_flags($did, null))) {
return false;
}
if ($flags['disabled']) {
sw_log("validate_credentials: authentication failed: domain with id '" . $did . "' is disabled", PEAR_LOG_INFO);
ErrorHandler::add_error($lang_str['account_disabled']);
return false;
}
if ($flags['deleted']) {
sw_log("validate_credentials: authentication failed: domain with id '" . $did . "' is deleted", PEAR_LOG_INFO);
ErrorHandler::add_error($o_check_pw ? $lang_str['bad_username'] : $lang_str['err_no_user']);
return false;
}
// find the realm
sw_log("validate_credentials: looking for realm of domain with did: " . $did, PEAR_LOG_DEBUG);
$opt = array("did" => $did);
if (false === ($realm = Attributes::get_attribute($config->attr_names['digest_realm'], $opt))) {
return false;
}
$optionals['realm'] = $realm;
// chceck credentials
sw_log("validate_credentials: checking credentials (username:did:realm): " . $username . ":" . $did . ":" . $realm, PEAR_LOG_DEBUG);
$opt = array();
$opt['check_pass'] = $o_check_pw;
if ($config->clear_text_pw) {
$opt['hash'] = 'clear';
$ha = $password;
} else {
$opt['hash'] = 'ha1';
$ha = md5($username . ":" . $realm . ":" . $password);
}
$uid = $data_auth->check_credentials($username, $did, $realm, $ha, $opt);
if (is_int($uid) and $uid == -3) {
sw_log("validate_credentials: authentication failed: account disabled ", PEAR_LOG_INFO);
ErrorHandler::add_error($lang_str['account_disabled']);
return false;
}
if (is_int($uid) and $uid <= 0) {
sw_log("validate_credentials: authentication failed: bad username, did, realm or password ", PEAR_LOG_INFO);
ErrorHandler::add_error($o_check_pw ? $lang_str['bad_username'] : $lang_str['err_no_user']);
return false;
}
if (is_null($uid)) {
sw_log("validate_credentials: authentication failed: no user ID", PEAR_LOG_INFO);
ErrorHandler::add_error($o_check_pw ? $lang_str['bad_username'] : $lang_str['err_no_user']);
return false;
}
return $uid;
}
/**
* Rollback changes
*
* This method for now only deleting created files - it don't rollback
* deleted files.
*
* This method may be called staticaly e.g.: FileJournal::rollback();
* or dynamicaly e.g. $e = &FileJournal::singleton(); $e->rollback();
*
* @return none
*/
function rollback()
{
if (isset($this) and is_a($this, 'FileJournal')) {
$in =& $this;
} else {
$in =& FileJournal::singleton();
}
foreach ($in->files_created as $file) {
sw_log("FileJournal::rollback() - deleting file: " . $file, PEAR_LOG_DEBUG);
if (false === rm($file)) {
sw_log("Can't rollback created files. Can't delete file: " . $file, PEAR_LOG_ERR);
}
}
}
if (false === purge_deleted_domains()) {
return false;
}
if (false === purge_pending_users()) {
return false;
}
if (false === purge_pending_domains()) {
return false;
}
if (false === purge_acc()) {
return false;
}
if (false === send_missed_calls()) {
return false;
}
return true;
}
$errors = array();
$eh =& ErrorHandler::singleton();
$eh->set_errors_ref($errors);
main($errors);
$errors =& $eh->get_errors_array();
if (is_array($errors) and count($errors)) {
echo "There were errors during scripts run.\n";
foreach ($errors as $val) {
fwrite(STDERR, $val . "\n");
sw_log("cron job: daily maintenance - " . $val, PEAR_LOG_ERR);
}
exit(1);
}
exit(0);
/**
* Look for domain with same realm (or domainname) as given parameter
*
* On error this method returning FALSE. I domian is not found return NULL
*
* Possible options:
* - check_disabled_flag (bool) - If true, flag 'disabled' is checked
* and records with this flag set
* are ignored (default: true)
*
* @return string domain id
*/
function get_did_by_realm($realm, $opt)
{
global $config;
if (!$config->multidomain) {
return $realm == $config->domain ? $config->default_did : null;
}
if (!$this->connect_to_db($errors)) {
return false;
}
/* table's name */
$t_d =& $config->data_sql->domain->table_name;
$t_da =& $config->data_sql->domain_attrs->table_name;
/* col names */
$c_d =& $config->data_sql->domain->cols;
$c_da =& $config->data_sql->domain_attrs->cols;
/* flags */
$f_d =& $config->data_sql->domain->flag_values;
$f_da =& $config->data_sql->domain_attrs->flag_values;
$opt_check_disabled = isset($opt['check_disabled_flag']) ? (bool) $opt['check_disabled_flag'] : true;
$out = array();
$errors = array();
/*
* look for domain with digest_realm same as $realm
*/
$flags_set = $f_da['DB_FOR_SERWEB'];
if ($opt_check_disabled) {
$flags_clear = $f_da['DB_DISABLED'] | $f_da['DB_DELETED'];
} else {
$flags_clear = $f_da['DB_DELETED'];
}
$q = "select " . $c_da->did . "\n\t\t from " . $t_da . "\n\t\t\twhere " . $c_da->name . " = '" . $config->attr_names['digest_realm'] . "' and \n\t\t\t " . $c_da->value . " = '" . $realm . "' and\n\t\t\t\t " . $c_da->flags . " & " . $flags_set . " = " . $flags_set . " and\n\t\t\t\t " . $c_da->flags . " & " . $flags_clear . " = 0 ";
$res = $this->db->query($q);
if (DB::isError($res)) {
log_errors($res, $errors);
ErrorHandler::add_error($errors);
return false;
}
if ($row = $res->fetchRow(DB_FETCHMODE_ASSOC)) {
$res->free();
return $row[$c_da->did];
}
$res->free();
/*
* look for domain with name same as $realm
*/
$flags_set = $f_d['DB_FOR_SERWEB'];
if ($opt_check_disabled) {
$flags_clear = $f_d['DB_DISABLED'] | $f_d['DB_DELETED'];
} else {
$flags_clear = $f_d['DB_DELETED'];
}
$q = "select " . $c_d->did . "\n\t\t from " . $t_d . "\n\t\t\twhere " . $c_d->name . " = " . $this->sql_format($realm, "s") . " and \n\t\t\t " . $c_d->flags . " & " . $flags_set . " = " . $flags_set . " and\n\t\t\t\t " . $c_d->flags . " & " . $flags_clear . " = 0 ";
$res = $this->db->query($q);
if (DB::isError($res)) {
log_errors($res, $errors);
ErrorHandler::add_error($errors);
return false;
}
if ($row = $res->fetchRow(DB_FETCHMODE_ASSOC)) {
$res->free();
return $row[$c_d->did];
}
$res->free();
sw_log("Domain ID for '" . $realm . "' not found. There should be either " . "domain '" . $realm . "' in table '" . $t_d . "' or domain attribute " . "'" . $config->attr_names['digest_realm'] . "' with value '" . $realm . "'." . "But it isn't.", PEAR_LOG_INFO);
return null;
}
/**
* Return name of APU for editing 'type_spec' of specified type
* If empty string is returned, this type does not use 'type_spec'
*
* @static
* @param string $type
* @return string name of APU or FALSE on error
*/
function get_apu_edit($type)
{
$class = "Attr_type_" . $type;
$classfile = dirname(__FILE__) . "/attr_type_" . $type . ".php";
if (class_exists($class)) {
if (is_callable(array($class, 'apu_edit'))) {
return call_user_func(array($class, "apu_edit"));
} else {
return "";
}
}
if (file_exists($classfile)) {
include_once $classfile;
}
if (class_exists($class)) {
if (is_callable(array($class, 'apu_edit'))) {
return call_user_func(array($class, "apu_edit"));
} else {
return "";
}
}
sw_log("Unknown type '" . $type . "'", PEAR_LOG_WARNING);
return false;
}
/**
* Read versions file and store info in internal structure
*
* @return bool TRUE on success or FALSE on error
*/
function open()
{
$this->versions = array();
if (file_exists($this->filename)) {
$this->error_in_ini_file = false;
set_error_handler(array(&$this, "ini_file_error_handler"));
$this->versions = parse_ini_file($this->filename);
restore_error_handler();
if ($this->error_in_ini_file) {
sw_log("Can not read file " . $this->filename . "; " . $this->error_in_ini_file, PEAR_LOG_ERR);
return false;
}
}
return true;
}
/**
* Check given credentials and return uid of user (string) if they are
* correct. If credentials are wrong integer error code is returned:
* 0 - credentials can not be checked (radius error)
* -1 - this tripple (uname, realm, password) not exists
* -2 - this credentials is not for use in serweb
* -3 - account is disabled
* -4 - account is deleted
*
* Possible options:
* none
*
* @param string $uname username
* @param string $did did
* @param string $realm realm
* @param string $passw password
* @param array $opt associative array of options
* @return mixed uid or error code
*/
function check_credentials($uname, $did, $realm, $passw, $opt)
{
global $config, $lang_str;
if ($config->clear_text_pw) {
$rauth = new Serweb_Auth_RADIUS_PAP($uname . "@" . $realm, $passw);
} else {
$crpt = new Crypt_CHAP_MD5();
$crpt->password = $passw;
$rauth = new Serweb_Auth_RADIUS_CHAP_MD5($uname . "@" . $realm, $crpt->challenge, $crpt->chapid);
$rauth->response = $crpt->challengeResponse();
$rauth->flags = 1;
}
foreach ($config->auth_radius['host'] as $h) {
$rauth->addServer($h['host'], $h['port'], $h['sharedsecret'], $h['timeout'], $h['maxtries']);
}
if (!$rauth->start()) {
ErrorHandler::log_errors(PEAR::raiseError("Radius: " . $rauth->getError()));
return false;
}
$result = $rauth->send();
if (PEAR::isError($result)) {
ErrorHandler::log_errors($result);
return false;
}
if ($result !== true) {
sw_log("Radius request rejected for user '" . $uname . "@" . $realm . "'", PEAR_LOG_INFO);
return -1;
}
$rauth->getAttributes();
if (!isset($rauth->attributes['ser-attrs']['uid'])) {
sw_log("UID is not returned for user '" . $uname . "@" . $realm . "'", PEAR_LOG_INFO);
return -1;
}
return $rauth->attributes['ser-attrs']['uid'];
}
function validate_form(&$errors)
{
global $config, $data, $lang_str;
if (false === parent::validate_form($errors)) {
return false;
}
//if fully quantified username is given
if ($this->opt['fully_qualified_name']) {
// parse username and domain from it
if (ereg("^([^@]+)@(.+)", $_POST['fp_uname'], $regs)) {
$username = $regs[1];
$domain = $regs[2];
} else {
sw_log("Get password failed: unsuported format of username. Can't parse username and domain part", PEAR_LOG_INFO);
$errors[] = $lang_str['err_no_user'];
return false;
}
} else {
$username = $_POST['fp_uname'];
$domain = $this->opt['domain'];
}
$data->set_xxl_user_id('sip:' . $username . '@' . $domain);
$data->expect_user_id_may_not_exists();
/* get did */
$opt = array();
$did = call_user_func_array(array($this->opt['auth_class'], 'find_out_did'), array($domain, &$opt));
if (false === $did) {
return false;
}
if (is_null($did)) {
sw_log("Forgotten password: did not found for domain name: " . $domain, PEAR_LOG_DEBUG);
ErrorHandler::add_error($lang_str['domain_not_found']);
return false;
}
$o = array("did" => $did);
if (false === ($realm = Attributes::get_attribute($config->attr_names['digest_realm'], $o))) {
return false;
}
/* validate credentials */
$o = array('check_pw' => false);
$uid = call_user_func_array(array($this->opt['auth_class'], 'validate_credentials'), array($username, $did, null, &$o));
if (false === $uid) {
return false;
}
$this->sip_user['uname'] = $username;
$this->sip_user['realm'] = isset($o['realm']) ? $o['realm'] : "";
$this->sip_user['uid'] = $uid;
$this->sip_user['did'] = $did;
$this->did = $did;
return true;
}
/**
* check if user exists
*/
function is_user_exists($uname, $did)
{
global $config;
if (isModuleLoaded('xxl')) {
die('method is_user_exists not correctly implemented in XXL mode');
if (!$this->connect_to_xml_rpc(array("uri" => "sip:" . $uname . "@" . $udomain), $errors)) {
return false;
}
$params = array(new XML_RPC_Value("sip:" . $uname . "@" . $udomain, 'string'));
$msg = new XML_RPC_Message('get_proxy', $params);
$res = $this->rpc->send($msg);
if ($this->rpc_is_error($res)) {
if ($res->getCode() == "404") {
return 1;
}
log_errors($res, $errors);
return 0;
}
return -3;
} else {
$errors = array();
if (!$this->connect_to_db($errors)) {
ErrorHandler::add_error($errors);
return 0;
}
/* table's name */
$tc_name =& $config->data_sql->credentials->table_name;
$tu_name =& $config->data_sql->uri->table_name;
/* col names */
$cc =& $config->data_sql->credentials->cols;
$cu =& $config->data_sql->uri->cols;
/* flags */
$fc =& $config->data_sql->credentials->flag_values;
$fu =& $config->data_sql->uri->flag_values;
$an =& $config->attr_names;
/* get digest realm of given domain */
$opt = array("did" => $did);
if (false === ($d_realm = Attributes::get_attribute($an['digest_realm'], $opt))) {
return false;
}
$q = "select count(*) from " . $tc_name . " \n\t\t\t where lower(" . $cc->uname . ")=lower(" . $this->sql_format($uname, "s") . ") and \n\t\t\t\t " . $cc->realm . " = " . $this->sql_format($d_realm, "s");
if ($config->auth['use_did']) {
$q .= " and " . $cc->did . " = " . $this->sql_format($did, "s");
}
$res = $this->db->query($q);
if (DB::isError($res)) {
ErrorHandler::log_errors($res);
return 0;
}
$row = $res->fetchRow(DB_FETCHMODE_ORDERED);
$res->free();
if ($row[0]) {
sw_log("Credentials for user (username, did) - (" . $uname . ", " . $did . ") already exists", PEAR_LOG_DEBUG);
return -1;
}
/*
* Credentials not found, check uri table
*/
$q = "select count(*) from " . $tu_name . " \n\t\t\t where lower(" . $cu->username . ")=lower(" . $this->sql_format($uname, "s") . ") and \n\t\t\t\t lower(" . $cu->did . ")=lower(" . $this->sql_format($did, "s") . ")";
$res = $this->db->query($q);
if (DB::isError($res)) {
ErrorHandler::log_errors($res);
return 0;
}
$row = $res->fetchRow(DB_FETCHMODE_ORDERED);
$res->free();
if ($row[0]) {
sw_log("Uri for user (username, did) - (" . $uname . ", " . $did . ") already exists", PEAR_LOG_DEBUG);
return -2;
}
return 1;
}
}
return false;
}
foreach ($domains as $k => $v) {
$dom_names[] = $k;
}
/* synchronize links in vhosts dir with DB */
$d_lnk = array_diff($local_links, $dom_names);
$c_lnk = array_diff($dom_names, $local_links);
foreach ($d_lnk as $v) {
remove_vhost_symlink($v);
}
foreach ($c_lnk as $v) {
create_vhost_symlink($v);
}
}
return true;
}
$errors = array();
$eh =& ErrorHandler::singleton();
$eh->set_errors_ref($errors);
main($errors);
$errors =& $eh->get_errors_array();
if (is_array($errors) and count($errors)) {
echo "There were errors during scripts run.\n";
foreach ($errors as $val) {
fwrite(STDERR, $val . "\n");
sw_log("cron job: domain sync - " . $val, PEAR_LOG_ERR);
}
exit(1);
}
exit(0);
/**
* return list of all attribute types
*
*
* Possible options:
* - order_by (string) name of column the result is sorted by
* - order_desc (bool) sort the result in descending order
* - filter (array) filter criteria
* - group_by_groups (bool) if true, the result entries are grouped by
* attribute type groups
* - use_pager (bool) if true, the number of entries is limited by
* the paging feature
*
* @param array $opt options
* @return bool
*/
function get_attr_types($opt)
{
global $config;
$errors = array();
if (!$this->connect_to_db($errors)) {
ErrorHandler::add_error($errors);
return false;
}
/* table's name */
$t_at =& $config->data_sql->attr_types->table_name;
/* col names */
$c =& $config->data_sql->attr_types->cols;
/* default flag values */
$dfv =& $config->data_sql->user_attrs->flag_values;
/* flag values */
$fv =& $config->data_sql->attr_types->flag_values;
/* priority values */
$pv =& $config->data_sql->attr_types->priority_values;
$o_order_by = isset($opt['order_by']) ? $opt['order_by'] : "order";
$o_order_desc = !empty($opt['order_desc']) ? "desc" : "";
/* construct where clause */
$qw = array();
if (!empty($opt['filter']['order'])) {
$qw[] = $opt['filter']['order']->to_sql($c->order);
}
if (!empty($opt['filter']['at_name'])) {
$qw[] = $opt['filter']['at_name']->to_sql($c->name);
}
if (!empty($opt['filter']['rich_type'])) {
$qw[] = $opt['filter']['rich_type']->to_sql($c->rich_type);
}
if (!empty($opt['filter']['desc'])) {
$qw[] = $opt['filter']['desc']->to_sql($c->desc);
}
if (!empty($opt['filter']['group'])) {
$qw[] = $opt['filter']['group']->to_sql($c->group);
}
// if (!empty($opt['filter']['priority_r'])) $qw[] = $opt['filter']['priority_r']->to_sql_bool($c->priority."&".$pv['URI']);
if (!empty($opt['filter']['priority_u'])) {
$qw[] = $opt['filter']['priority_u']->to_sql_bool($c->priority . "&" . $pv['USER']);
}
if (!empty($opt['filter']['priority_d'])) {
$qw[] = $opt['filter']['priority_d']->to_sql_bool($c->priority . "&" . $pv['DOMAIN']);
}
if (!empty($opt['filter']['priority_g'])) {
$qw[] = $opt['filter']['priority_g']->to_sql_bool($c->priority . "&" . $pv['GLOBAL']);
}
if (!empty($opt['filter']['d_flags_s'])) {
$qw[] = $opt['filter']['d_flags_s']->to_sql_bool($c->default_flags . "&" . $dfv['DB_LOAD_SER']);
}
if (!empty($opt['filter']['d_flags_sw'])) {
$qw[] = $opt['filter']['d_flags_sw']->to_sql_bool($c->default_flags . "&" . $dfv['DB_FOR_SERWEB']);
}
if (!empty($opt['filter']['flags_r'])) {
$qw[] = $opt['filter']['flags_r']->to_sql_bool($c->flags . "&" . $fv['DB_FILL_ON_REG']);
}
if (!empty($opt['filter']['flags_m'])) {
$qw[] = $opt['filter']['flags_m']->to_sql_bool($c->flags . "&" . $fv['DB_MULTIVALUE']);
}
if (!empty($opt['filter']['flags_e'])) {
$qw[] = $opt['filter']['flags_e']->to_sql_bool($c->flags . "&" . $fv['DB_REQUIRED']);
}
if ($qw) {
$qw = " where " . implode(' and ', $qw);
} else {
$qw = "";
}
/* construct 'order by' rules */
$qo = array();
if (!empty($opt['group_by_groups'])) {
$qo[] = $c->group;
}
if ($o_order_by) {
if (isset($c->{$o_order_by})) {
$qo[] = $c->{$o_order_by} . " " . $o_order_desc;
} elseif (substr($o_order_by, 0, 8) == "d_flags_") {
switch (substr($o_order_by, 8)) {
case "s":
$qo[] = "(" . $c->default_flags . " & " . $dfv['DB_LOAD_SER'] . ") " . $o_order_desc;
break;
case "sw":
$qo[] = "(" . $c->default_flags . " & " . $dfv['DB_FOR_SERWEB'] . ") " . $o_order_desc;
break;
default:
sw_log("Unknown column '" . $o_order_by . "' in table 'attr_types'", PEAR_LOG_INFO);
}
} elseif (substr($o_order_by, 0, 9) == "priority_") {
switch (substr($o_order_by, 9)) {
case "r":
$qo[] = "(" . $c->priority . " & " . $pv['URI'] . ") " . $o_order_desc;
break;
case "u":
$qo[] = "(" . $c->priority . " & " . $pv['USER'] . ") " . $o_order_desc;
break;
case "d":
$qo[] = "(" . $c->priority . " & " . $pv['DOMAIN'] . ") " . $o_order_desc;
break;
case "g":
$qo[] = "(" . $c->priority . " & " . $pv['GLOBAL'] . ") " . $o_order_desc;
break;
default:
sw_log("Unknown column '" . $o_order_by . "' in table 'attr_types'", PEAR_LOG_INFO);
}
} elseif (substr($o_order_by, 0, 6) == "flags_") {
switch (substr($o_order_by, 6)) {
case "r":
$qo[] = "(" . $c->flags . " & " . $fv['DB_FILL_ON_REG'] . ") " . $o_order_desc;
break;
case "m":
$qo[] = "(" . $c->flags . " & " . $fv['DB_MULTIVALUE'] . ") " . $o_order_desc;
break;
case "e":
$qo[] = "(" . $c->flags . " & " . $fv['DB_REQUIRED'] . ") " . $o_order_desc;
break;
default:
sw_log("Unknown column '" . $o_order_by . "' in table 'attr_types'", PEAR_LOG_INFO);
}
} else {
sw_log("Unknown column '" . $o_order_by . "' in table 'attr_types'", PEAR_LOG_INFO);
}
}
if (!empty($opt['use_pager'])) {
$q = "select count(*)\n\t\t from " . $t_at . " " . $qw;
$res = $this->db->query($q);
if (DB::isError($res)) {
ErrorHandler::log_errors($res);
return false;
}
$row = $res->fetchRow(DB_FETCHMODE_ORDERED);
$this->set_num_rows($row[0]);
$res->free();
/* if act_row is bigger then num_rows, correct it */
$this->correct_act_row();
}
$q = "select " . $c->name . ", " . $c->raw_type . ", " . $c->rich_type . ", " . $c->type_spec . ", \n\t\t " . $c->desc . ", " . $c->default_flags . ", " . $c->flags . ", " . $c->priority . ", \n\t\t " . $c->access . ", " . $c->order . ", " . $c->group . "\n\t\t from " . $t_at . $qw;
if ($qo) {
$q .= " order by " . implode(", ", $qo);
}
$q .= !empty($opt['use_pager']) ? $this->get_sql_limit_phrase() : "";
$res = $this->db->query($q);
if (DB::isError($res)) {
ErrorHandler::log_errors($res);
return false;
}
$out = array();
while ($row = $res->fetchRow(DB_FETCHMODE_ASSOC)) {
$out[$row[$c->name]] =& Attr_type::factory($row[$c->name], $row[$c->raw_type], $row[$c->rich_type], is_string($row[$c->type_spec]) ? unserialize($row[$c->type_spec]) : null, $row[$c->desc], $row[$c->default_flags], $row[$c->flags], $row[$c->priority], $row[$c->access], $row[$c->order]);
$out[$row[$c->name]]->set_group($row[$c->group]);
}
$res->free();
return $out;
}
/**
* Get dsn of DB used by given sip proxy
*
* @param string $proxy_uri uri of sip proxy
* @return string dsn of DB
*/
function get_db_uri($proxy_uri, &$errors)
{
if (!$this->connect_to_xml_rpc(array("uri" => $proxy_uri), $errors)) {
return false;
}
$msg = new XML_RPC_Message('get_db_uri');
$res = $this->rpc->send($msg);
if ($this->rpc_is_error($res)) {
log_errors($res, $errors);
return false;
}
$val = $res->value();
$val = trim($val->scalarval());
sw_log("Get_db_uri for: " . $proxy_uri . " returned: " . $val, PEAR_LOG_DEBUG);
return $val;
}
/**
* Check given credentials and return uid of user (string) if they are
* correct. If credentials are wrong integer error code is returned:
* 0 - credentials can not be checked (db error)
* -1 - this tripple (uname, realm, password) not exists
* -2 - this credentials is not for use in serweb
* -3 - account is disabled
* -4 - account is deleted
*
* Possible options:
* hash (string) default: "clear"
* determine hash function by which password is hashed.
* Possible values are:
* - 'clear'
* - 'ha1'
* - 'ha1b'
*
* check_pass (bool) default: true
* check the password?
*
*
* @param string $uname username
* @param string $did did
* @param string $realm realm
* @param string $passw password
* @param array $opt associative array of options
* @return mixed uid or error code
*/
function check_credentials($uname, $did, $realm, $passw, $opt)
{
global $config, $sess;
$errors = array();
if (!$this->connect_to_db($errors)) {
ErrorHandler::add_error($errors);
return 0;
}
/* table name */
$t_name =& $config->data_sql->credentials->table_name;
/* col names */
$c =& $config->data_sql->credentials->cols;
/* flags */
$f =& $config->data_sql->credentials->flag_values;
/* set default values for options */
$opt_hash = isset($opt["hash"]) ? $opt["hash"] : "clear";
$opt_check_pass = isset($opt["check_pass"]) ? (bool) $opt["check_pass"] : true;
/* prepare SQL query */
$q = "select c." . $c->uid . ", c." . $c->flags . " from " . $t_name . " c " . " where c." . $c->uname . "=" . $this->sql_format($uname, "s") . " and \n\t\t\t c." . $c->realm . "=" . $this->sql_format($realm, "s");
if ($config->auth['use_did']) {
$q .= " and c." . $c->did . "=" . $this->sql_format($did, "s");
}
if ($opt_check_pass) {
if ($opt_hash == "clear") {
$q .= " and c." . $c->password . "=" . $this->sql_format($passw, "s");
} elseif ($opt_hash == "ha1") {
$q .= " and c." . $c->ha1 . "=" . $this->sql_format($passw, "s");
} elseif ($opt_hash == "ha1b") {
$q .= " and c." . $c->ha1b . "=" . $this->sql_format($passw, "s");
} else {
sw_log("Invalid hash method: '" . $opt_hash . "'", PEAR_LOG_CRIT);
return 0;
}
}
$res = $this->db->query($q);
if (DB::isError($res)) {
log_errors($res, $errors);
ErrorHandler::add_error($errors);
return 0;
}
/* account not exists or password is wrong */
if (!$res->numRows()) {
return -1;
}
$row = $res->fetchRow(DB_FETCHMODE_ASSOC);
$res->free();
/* check flags */
if (!($row[$c->flags] & $f["DB_FOR_SERWEB"])) {
sw_log("Account '" . $uname . "@" . $realm . "' is not marked for use in serweb", PEAR_LOG_INFO);
return -2;
}
if ($row[$c->flags] & $f["DB_DISABLED"]) {
sw_log("Account '" . $uname . "@" . $realm . "' is disabled", PEAR_LOG_INFO);
return -3;
}
if ($row[$c->flags] & $f["DB_DELETED"]) {
sw_log("Account '" . $uname . "@" . $realm . "' is marked as deleted", PEAR_LOG_INFO);
return -4;
}
return $row[$c->uid];
}
