function _get_sipuser($user_id)
{
global $db;
$user = $db->executeGetOne('SELECT `name` FROM `ast_sipfriends` WHERE `_user_id`=\'' . $db->escape($user_id) . '\'');
if (!$user) {
_err('Unknown sip user.');
}
return $user;
}
function _get_userid()
{
global $_SERVER, $db;
$remote_addr = @$_SERVER['REMOTE_ADDR'];
$user_id = (int)$db->executeGetOne( 'SELECT `id` FROM `users` WHERE `current_ip`=\''. $db->escape($remote_addr) .'\'' );
if ($user_id < 1) _err( 'Unknown user.' );
return $user_id;
}
function _get_user_ext($user_id)
{
$db = gs_db_slave_connect();
$user_ext = $db->executeGetOne('SELECT `name` FROM `ast_sipfriends` WHERE `_user_id`=\'' . $db->escape($user_id) . '\'');
if (!$user_ext) {
_err('Unknown user.');
return false;
}
return $user_ext;
}
function getUserID($ext)
{
global $db;
if (!preg_match('/^\\d+$/', $ext)) {
_err('Invalid username');
}
$user_id = (int) $db->executeGetOne('SELECT `_user_id` FROM `ast_sipfriends` WHERE `name`=\'' . $db->escape($ext) . '\'');
if ($user_id < 1) {
_err('Unknown user');
}
return $user_id;
}
function getUserID($ext)
{
global $db;
if (!preg_match("/^\\d+\$/", $ext)) {
_err("Invalid username");
}
$user_id = (int) $db->executeGetOne("SELECT `_user_id` FROM `ast_sipfriends` WHERE `name`='" . $db->escape($ext) . "'");
if ($user_id < 1) {
_err("Unknown user");
}
return $user_id;
}
private function connect()
{
$host = $this->args['host'];
$port = $this->args['port'];
$pass = $this->args['pass'];
@($this->__sock = fsockopen($host, $port, $errno, $errstr));
if ($this->__sock === false) {
_err(__CLASS__, 'CONNECTION FAILED - ' . trim($errstr));
}
if ($pass) {
$this->AUTH($pass);
}
}
$error_msg = array();
//inizializzo l'array di errori
if (@$_GET['login'] == 1) {
$username = clear($_POST['username']);
$password = $_POST['password'];
if (empty($username) && empty($password)) {
$error_msg[] = "<font color=red><p><i>Inserire i dati per il Login!</i><p></font>";
} elseif (login($username, md5($password)) == FALSE) {
$error_msg[] = "<font color=red><p><i>Dati inseriti Errati!</i><p></font>";
} elseif (check_maintenance(2) == 1 && level($username) == 'user') {
$error_msg[] = "<font color=red><p><i>Login Impossibile (Forum in Modalità Manutenzione)</i><p></font>";
} elseif (login($username, md5($password)) == TRUE && empty($error_msg)) {
setcookie("0xBB_user", $username);
setcookie("0xBB_pass", md5($password));
//aggiorno l'IP dell'utente nel ban_ip
mysql_query("UPDATE " . __PREFIX__ . "ban_ip \n\t\t\t\t\t\tSET ip = '" . $_SERVER['REMOTE_ADDR'] . "' \n\t\t\t\t\t WHERE user_id = '" . nick2uid($username) . "'") or _err(mysql_error());
header("Location: index.php");
exit;
} else {
$error_msg[] = "<font color=red><p><i>Errore di Login! Riprova</i><p></font>";
}
}
if ($error_msg) {
print '<div class="error_msg">
<h3 align="center">ERRORI nella fase di LOGIN!</h2><br />
<br />';
foreach ($error_msg as $error_message) {
print $error_message . "<br />\n";
}
print "<br />\n<center><a href='javascript:history.back()'>Torna Indietro</a>\n</center>\n</div>\n";
} else {
$url_polycom_dnd = GS_PROV_SCHEME . "://" . GS_PROV_HOST . (GS_PROV_PORT ? ":" . GS_PROV_PORT : "") . GS_PROV_PATH . "polycom/dnd.php";
$newdndstate = trim(@$_REQUEST["setdnd"]);
if ($newdndstate == "on" || $newdndstate == "off") {
$masterdb = gs_db_master_connect();
if (!$masterdb) {
_err("Could not connect to database.");
}
if ($newdndstate == "on") {
$dndvalue = 'yes';
}
if ($newdndstate == "off") {
$dndvalue = 'no';
}
$check = $masterdb->execute("INSERT INTO `dnd` (`_user_id`, `active`) VALUES (" . $user_id . ", '" . $db->escape($dndvalue) . "') ON DUPLICATE KEY UPDATE `active` = '" . $db->escape($dndvalue) . "'");
if (!$check) {
_err("Failed to set new DND state.");
}
if (GS_BUTTONDAEMON_USE == true) {
gs_dnd_changed_ui($user, $newdndstate);
}
}
#################################### MAIN MENU {
$current_dndstate = $db->executeGetOne("SELECT `active` FROM `dnd` WHERE `_user_id`=" . $user_id);
echo $mainmenu_doctype . "\n";
echo "<html>\n";
echo "<head><title>" . __("Ruhe/DND") . "</title></head>\n";
echo "<body><br />\n";
echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"1\" width=\"100%\">\n";
echo "<tr>";
echo "<th width=\"100%\" align=\"center\">" . __("Ruhe/DND-Status setzen") . ":</th></tr>\n";
echo "<tr><td width=\"100%\" align=\"center\"><a href=\"" . $url_polycom_dnd . "?m=" . $mac . "&u=" . $user . "&setdnd=on\">" . ($current_dndstate == 'yes' ? "*" : "") . __("Ein") . "</a></td></tr>\n";
function karma($user_id)
{
global $karma;
$query = "SELECT vote FROM " . __PREFIX__ . "karma WHERE vote_user_id = '{$user_id}'";
$res = mysql_query($query) or _err(mysql_error());
while ($row = mysql_fetch_row($res)) {
$karma += $row[0];
}
if ($karma == NULL) {
$karma = 0;
}
if ($karma > 0) {
$karma = "<b><font color = 'green'>+{$karma}</font></b>";
} elseif ($karma < 0) {
$karma = "<b><font color = 'red'>{$karma}</font></b>";
} else {
$karma = "<b><font color = 'grey'>{$karma}</font></b>";
}
return $karma;
}
gs_loadtextdomain('gemeinschaft-gui');
gs_settextdomain('gemeinschaft-gui');
//--- get user_id
$user_id = (int) $db->executeGetOne('SELECT `_user_id` FROM `ast_sipfriends` WHERE `name`=\'' . $db->escape($user) . '\'');
if ($user_id < 1) {
_err('Unknown user.');
}
//--- check user/ip/mac
$user_id_check = $db->executeGetOne("SELECT `user_id` FROM `phones` WHERE `mac_addr`='" . $db->escape($mac) . "'");
if ($user_id != $user_id_check) {
_err("Not authorized");
}
$remote_addr = @$_SERVER["REMOTE_ADDR"];
$remote_addr_check = $db->executeGetOne("SELECT `current_ip` FROM `users` WHERE `id`=" . $user_id);
if ($remote_addr != $remote_addr_check) {
_err("Not authorized");
}
unset($remote_addr_check);
unset($remote_addr);
unset($user_id_check);
$typeToTitle = array("out" => __("Gewählt"), "missed" => __("Verpasst"), "in" => __("Angenommen"));
ob_start();
$url_polycom_dl = GS_PROV_SCHEME . '://' . GS_PROV_HOST . (GS_PROV_PORT ? ':' . GS_PROV_PORT : '') . GS_PROV_PATH . 'polycom/diallog.php';
if (isset($delete) && $type) {
//--- clear list (
$db->execute('DELETE FROM `dial_log` ' . 'WHERE ' . ' `user_id`=' . $user_id . ' AND ' . ' `type`=\'' . $type . '\'');
//--- ) clear list
}
#################################### INITIAL SCREEN {
if (!$type) {
//--- delete outdated entries
function kona3plugins_comment_action_write($page)
{
global $output_format;
$bbs_id = isset($_POST['bbs_id']) ? $_POST['bbs_id'] : '';
$name = isset($_POST['name']) ? $_POST['name'] : '';
$body = isset($_POST['body']) ? $_POST['body'] : '';
$pw = isset($_POST['pw']) ? $_POST['pw'] : '';
//
$bbs_id = intval($bbs_id);
if ($body == '' || $bbs_id <= 0) {
_err($page, 'Invalid data');
exit;
}
if ($name == '') {
$name = 'no name';
}
$pdo = kona3getDB();
$stmt = $pdo->prepare("INSERT INTO comment_list(bbs_id, name, body, delkey, ctime, mtime)" . "VALUES(?, ?, ?, ?, ?, ?)" . "");
$a = array($bbs_id, $name, $body, $pw, time(), time());
$r = $stmt->execute($a);
$_SESSION['name'] = $name;
$_SESSION['password'] = $pw;
// show result
if ($output_format == "json") {
_ok($page, "inserted");
}
// jump
header("location: index.php?" . urlencode($page));
}
/**
* custom query
* @todo Select from database
* @param string $sql An SQL string
* @param array $array Paramters to bind
* @param constant $fetchMode A PDO Fetch mode
* @return mixed
*/
public function CustomQuery($sql, $array = array(), $fetchMode = PDO::FETCH_ASSOC)
{
//remove type
if (isset($array['type'])) {
unset($array['type']);
}
//send sql
$stmt = $this->prepare($sql);
// send params
foreach ($array as $key => $value) {
$stmt->bindValue("{$key}", $value);
}
// run sql
$success = $stmt->execute();
// dubug unsuccess
if (_DBG_ && !$success) {
_err(array_merge($stmt->errorInfo(), array($sql)));
}
return $stmt->fetchAll($fetchMode);
}
case '15':
@($position = (int) $_GET['position']);
@($real_position = (int) $_GET['real_position']);
@($f_id = (int) $_GET['f_id']);
if ($position && $f_id && $real_position) {
// nuova posizione
$new_position = $real_position + $position;
$query = "UPDATE " . __PREFIX__ . "forum SET position = " . $real_position . " WHERE position = " . $new_position;
$res = mysql_query($query) or _err(mysql_error());
$query = "UPDATE " . __PREFIX__ . "forum SET position = " . $new_position . " WHERE id = " . $f_id;
$res = mysql_query($query) or _err(mysql_error());
header("Location: admin.php?mode=15");
} else {
print "\n<h2 align=\"center\">Posizionamento dei Forum</h2><br /><br />" . "\n<table align=\"center\">" . "\n<tr>" . "\n\t<td class=\"users\"> Titolo</td>" . "\n\t<td class=\"users\">Descrizione</td>" . "\n\t<td class=\"users\">Sposta</td>" . "\n</tr>";
$query = "SELECT * FROM " . __PREFIX__ . "forum ORDER BY position";
$res = mysql_query($query) or _err(mysql_error());
while ($row = mysql_fetch_array($res)) {
print "\n<tr>" . "\n\t<td class=\"users\">" . $row['title'] . "</td>" . "\n\t<td class=\"users\">" . $row['description'] . "</td>" . "\n\t<td class=\"users\"><a href=\"admin.php?mode=15&position=-1&f_id=" . $row['id'] . "&real_position=" . $row['position'] . "\">[SU]</a> -" . "\n\t<a href=\"admin.php?mode=15&position=1&f_id=" . $row['id'] . "&real_position=" . $row['position'] . "\">[GIU]</a></td>" . "\n</tr>";
}
print "\n</table>";
}
break;
default:
?>
<p><b>Pannello di Controllo Amministratore:</b></p>
-> <a href = 'admin.php?mode=1'>Gestione Forums</a><br />
-> <a href = 'admin.php?mode=15'>Gestione Posizione Forums</a><br />
-> <a href = 'admin.php?mode=2'>Aggiungi/Rimuovi Amministratori</a><br />
-> <a href = 'admin.php?mode=5'>Aggiungi/Rimuovi Moderatori</a><br />
-> <a href = 'admin.php?mode=14'>Aggiungi/Rimuovi Utenti VIP</a><br />
-> <a href = 'admin.php?mode=3'>Cancella Utente</a><br />
<br />
<input type = 'submit' value = 'Invia'>
</form>
<?php
}
break;
case 4:
$id = (int) $_GET['id'];
$query = "SELECT to_usr FROM " . __PREFIX__ . "pm WHERE id = '" . $id . "'";
$row = mysql_fetch_row(mysql_query($query));
if ($row[0] == $username) {
$query = "DELETE FROM " . __PREFIX__ . "pm WHERE id = '" . $id . "'";
mysql_query($query) or die("SQL Error:" . mysql_error());
header("Location: pm.php");
} else {
_err("<b>Errore!</b>Non sei autorizzato a leggere questo PM!");
}
break;
default:
header("Location: pm.php?mode=1");
break;
}
?>
</div>
</div>
<?php
footer();
?>
</body>
</html>
_err("Not enabled.");
}
$mac = preg_replace("/[^\\dA-Z]/", "", strtoupper(trim(@$_REQUEST["mac"])));
$user = trim(@$_REQUEST["user"]);
if (!preg_match("/^\\d+\$/", $user)) {
_err("Not a valid SIP user.");
}
$db = gs_db_slave_connect();
// setup i18n stuff
gs_setlang(gs_get_lang_user($db, $user, GS_LANG_FORMAT_GS));
gs_loadtextdomain('gemeinschaft-gui');
gs_settextdomain('gemeinschaft-gui');
//--- get user_id
$user_id = (int) $db->executeGetOne("SELECT `_user_id` FROM `ast_sipfriends` WHERE `name`='" . $db->escape($user) . "'");
if ($user_id < 1) {
_err("Unknown user.");
}
$menuitems = array(array("file" => "diallog.php?user="******"&mac=" . $mac, "title" => __("Ruflisten")), array("file" => "pb.php?u=" . $user . "&m=" . $mac, "title" => __("Telefonbuch")), array("file" => "configmenu.php?u=" . $user . "&m=" . $mac, "title" => __("Konfiguration")));
ob_start();
$url_polycom_base = GS_PROV_SCHEME . "://" . GS_PROV_HOST . (GS_PROV_PORT ? ":" . GS_PROV_PORT : "") . GS_PROV_PATH . "polycom/";
#################################### MAIN MENU {
echo $mainmenu_doctype . "\n";
echo "<html>\n";
echo "<head><title>" . __("Telefonmenü") . "</title></head>\n";
echo "<body><br />\n";
foreach ($menuitems as $thismenuitem) {
echo "- <a href=\"" . $url_polycom_base . $thismenuitem["file"] . "\">" . $thismenuitem["title"] . "</a><br />\n";
}
echo "</body>\n";
echo "</html>\n";
#################################### MAIN MENU }
# connect to db
$db = gs_db_slave_connect();
if (!$db) {
gs_log(GS_LOG_WARNING, "Phone with MAC \"{$mac}\" (Grandstream) ask for phonebook - Could not connect to DB");
_err('No! See log for details.');
}
# get user_id
$user_id = (int) $db->executeGetOne('SELECT `u`.`id`
FROM
`users` `u` JOIN
`phones` `p` ON (`p`.`user_id`=`u`.`id`)
WHERE
`u`.`current_ip`=\'' . $db->escape($requester['phone_ip']) . '\' AND
`p`.`mac_addr`=\'' . $db->escape($mac) . '\'');
if ($user_id < 1) {
_err('Unknown user');
}
$user_groups = gs_group_members_groups_get(array($user_id), 'user');
$permission_groups = gs_group_permissions_get($user_groups, 'phonebook_user');
$group_members = gs_group_members_get($permission_groups);
$pb = array();
# INTERNAL phonebook
$pb[15] = array('type' => 'gs', 'title' => gs_get_conf('GS_PB_INTERNAL_TITLE', __("Intern")), 'query' => 'SELECT `u`.`lastname` `ln`, `u`.`firstname` `fn`, `s`.`name` `ext`
FROM
`users` `u` JOIN
`ast_sipfriends` `s` ON (`s`.`_user_id`=`u`.`id`)
WHERE
`u`.`id` IN (' . implode(',', $group_members) . ') AND
`u`.`id`!=' . $user_id . '
ORDER BY `u`.`lastname`, `u`.`firstname`
LIMIT 100');
* viewtopic.php
***************************************************************************/
include "kernel.php";
show_header();
show_menu();
list($username, $password) = get_data();
$id = (int) $_GET['id'];
if (!check_topic_id($id)) {
_err('ID Inesistente!');
}
// controllo se il topic è protetto
if (check_access_topic($id) != NULL && check_access_topic($id) != 'user') {
if (login($username, $password) == TRUE) {
if (level($username) != 'admin' && level($username) != 'mod') {
if (level($username) != check_access_topic($id)) {
_err('Non hai i permessi per visualizzare questo topic!');
}
}
} else {
if (check_access_topic($id) != NULL && check_access_topic($id) != 'user') {
header('Location: index.php');
}
}
}
?>
<div class = 'path' id = 'path'>
<ul>
<li><b><a href = 'index.php'>Indice Forum</a></b></li>
<li><?php
patch_forum($id, 1);
?>
# the stupid Snom!
}
defineBackKey();
echo '</SnomIPPhoneMenu>', "\n";
_ob_send();
}
#################################### INITIAL SCREEN }
function defineBackKey()
{
global $user, $type, $mac, $url_snom_menu;
$args = array();
$args[] = 'm=' . $mac;
$args[] = 'u=' . $user;
echo '<SoftKeyItem>', '<Name>#</Name>', '<URL>', $url_snom_menu, '?', implode('&', $args), '</URL>', '</SoftKeyItem>', "\n";
echo '<SoftKeyItem>', '<Name>F4</Name>', '<Label>', snom_xml_esc(__('Menü')), '</Label>', '<URL>', $url_snom_menu, '?', implode('&', $args), '</URL>', '</SoftKeyItem>', "\n";
}
#################################### FORWARD SCREEN {
if ($type == 'forward') {
if (!$show_forward) {
_err("forbidden");
}
$mac = preg_replace('/[^\\dA-Z]/', '', strToUpper(trim(@$_REQUEST['m'])));
ob_start();
echo '<?', 'xml version="1.0" encoding="utf-8"?', '>', "\n", '<SnomIPPhoneMenu>', "\n", '<Title>' . __("Rufumleitung") . '</Title>', "\n\n";
echo '<MenuItem>', "\n", '<Name>', snom_xml_esc(__('Rufumleitung')), '</Name>', "\n", '<URL>', $url_snom_provdir, 'callforward.php?m=', $mac, '&u=', $user, '</URL>', "\n", '</MenuItem>', "\n\n";
echo '<MenuItem>', "\n", '<Name>', snom_xml_esc(__('externe Nummern')), '</Name>', "\n", '<URL>', $url_snom_provdir, 'extnumbers.php?m=', $mac, '&u=', $user, '</URL>', "\n", '</MenuItem>', "\n\n";
defineBackKey();
echo '</SnomIPPhoneMenu>', "\n";
_ob_send();
}
#################################### FORWARD SCREEN }
}
return $user_id;
}
if (!gs_get_conf('GS_SNOM_PROV_ENABLED')) {
gs_log(GS_LOG_DEBUG, "Snom provisioning not enabled");
snom_textscreen(__('Fehler'), __('Nicht aktiviert'));
}
$db = gs_db_slave_connect();
$user = trim(@$_REQUEST['u']);
$user_id = getUserID($user);
## Check permissions
#
$user_groups = gs_group_members_groups_get(array($user_id), 'user');
$members = gs_group_permissions_get($user_groups, 'forward');
if (count($members) <= 0) {
_err('Forbidden');
}
// setup i18n stuff
gs_setlang(gs_get_lang_user($db, $user, GS_LANG_FORMAT_GS));
gs_loadtextdomain("gemeinschaft-gui");
gs_settextdomain("gemeinschaft-gui");
$type = trim(@$_REQUEST['t']);
if (!in_array($type, array('internal', 'external', 'std', 'var', 'timeout'), true)) {
$type = false;
}
$tmp = array(15 => array('k' => 'internal', 'v' => gs_get_conf('GS_CLIR_INTERNAL', __("von intern"))), 25 => array('k' => 'external', 'v' => gs_get_conf('GS_CLIR_EXTERNAL', __("von extern"))));
kSort($tmp);
foreach ($tmp as $arr) {
$typeToTitle[$arr['k']] = $arr['v'];
}
$url_snom_callforward = GS_PROV_SCHEME . '://' . GS_PROV_HOST . (GS_PROV_PORT ? ':' . GS_PROV_PORT : '') . GS_PROV_PATH . 'snom/callforward.php';
if (check_url($web_site) == FALSE) {
$error_msg[] = 'Il Sito Web inserito non è valido';
}
}
if (strlen($username) > 20) {
$error_msg[] = 'L\'username è troppo lungo ( Max. 20 caratteri )';
}
if (!$error_msg) {
$pass = md5($pass);
$query = "INSERT INTO " . __PREFIX__ . "users (\n\t\t\t\t\t\tusername, password, level, email, web_site, msn, theme\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t'" . $username . "', '{$pass}', 'user', '{$email}', '{$web_site}', '{$msn}', 'default.css')";
mysql_query($query) or _err(mysql_error());
$sql = "INSERT INTO " . __PREFIX__ . "karma (\n\t\t\t\t\t\tvote_user_id, vote\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t'" . nick2uid($username) . "', '0')";
mysql_query($sql) or _err(mysql_error());
//ban ip inserimenti IP
$ban_ip = "INSERT INTO " . __PREFIX__ . "ban_ip (\n\t\t\t\t\t\tuser_id, ip, banned\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t'" . nick2uid($username) . "', '" . $_SERVER['REMOTE_ADDR'] . "', '0')";
mysql_query($ban_ip) or _err(mysql_error());
$oggetto = "Benvenuto in " . SITE_NAME . ".";
$messaggio = "Ciao " . $username . "\n" . "Siamo lieti di darti il benvenuto in " . SITE_NAME . "\n" . "I tuoi dati di accesso sono:\n\n" . "Username: "******"\n" . "Password: "******"\n\n" . "Ti auguriamo una buona permanenza,\n" . "Lo Staff ~ " . SITE_NAME . ".";
$check_send_mail = @mail($email, $oggetto, $messaggio, "From: " . $email);
if ($check_send_email == TRUE) {
die("<div class=\"success_msg\" align=\"center\">\nRegistrazione Avvenuta con Successo!\n<br /><p>E-Mail di Benvenuto Inviata!</p><br />\n<a href=\"login.php\">Vai al Login</a></div>");
} else {
die("<div class=\"success_msg\" align=\"center\">\nRegistrazione Avvenuta con Successo!\n<br /><p>E-Mail di Benvenuto non Inviata!</p><br />\n<a href=\"login.php\">Vai al Login</a></div>");
}
} else {
print "\n<div class=\"error_msg\">" . "\n<h3 align=\"center\">Errori nella form!</h2><br />" . "\n<br /><center>";
foreach ($error_msg as $error_message) {
print $error_message . " <br />\n";
}
print "<br />\n<a href='javascript:history.back()'>Torna Indietro</a>\n</center>\n</div>\n";
}
$url_polycom_dnd = GS_PROV_SCHEME . "://" . GS_PROV_HOST . (GS_PROV_PORT ? ":" . GS_PROV_PORT : "") . GS_PROV_PATH . "polycom/dnd.php";
$newdndstate = trim(@$_REQUEST['setdnd']);
if ($newdndstate == 'on' || $newdndstate == 'off') {
$masterdb = gs_db_master_connect();
if (!$masterdb) {
_err('Could not connect to database.');
}
if ($newdndstate == 'on') {
$dndvalue = 1;
}
if ($newdndstate == 'off') {
$dndvalue = 0;
}
$check = $db->execute("INSERT INTO `dnd`\n\t\t(`user_id`, `active`) VALUES\n\t\t(" . $user_id . ", " . (int) $dndvalue . ") \n\t\tON DUPLICATE KEY UPDATE `active` = " . (int) $dndvalue);
if (!$check) {
_err('Failed to set new DND state.');
}
}
#################################### MAIN MENU {
$current_dndstate = $db->executeGetOne("SELECT `active` FROM `dnd` WHERE `user_id`=" . $user_id);
echo "<html>\n";
echo "<head><title>" . __("Ruhe/DND") . "</title></head>\n";
echo "<body><br />\n";
echo "<table border=\"0\" cellspacing=\"0\" cellpadding=\"1\" width=\"100%\">\n";
echo "<tr>";
echo "<th width=\"100%\" align=\"center\">Ruhe/DND-Status setzen:</th></tr>\n";
echo "<tr><td width=\"100%\" align=\"center\"><a href=\"" . $url_polycom_dnd . "?m=" . $mac . "&u=" . $user . "&setdnd=on\">" . ($current_dndstate == 1 ? "*" : "") . "Ein</a></td></tr>\n";
echo "<tr><td width=\"100%\" align=\"center\"><a href=\"" . $url_polycom_dnd . "?m=" . $mac . "&u=" . $user . "&setdnd=off\">" . ($current_dndstate == 0 ? "*" : "") . "Aus</a></td></tr>\n";
echo "</table>\n";
echo "</body>\n";
echo "</html>\n";
function _parseTrack($binStr, $tn)
{
//$trackLen2 = ((( (( (ord($binStr[0]) << 8) | ord($binStr[1]))<<8) | ord($binStr[2]) ) << 8 ) | ord($binStr[3]) );
//$trackLen2 += 4;
$trackLen = strlen($binStr);
// MM: ToDo: Warn if trackLen and trackLen2 are different!!!
// if ($trackLen != $trackLen2) { echo "Warning: TrackLength is corrupt ($trackLen != $trackLen2)! \n"; }
$p = 4;
$time = 0;
$track = array();
while ($p < $trackLen) {
// timedelta
$dt = _readVarLen($binStr, $p);
$time += $dt;
$byte = ord($binStr[$p]);
$high = $byte >> 4;
$low = $byte - $high * 16;
switch ($high) {
case 0xc:
//PrCh = ProgramChange
$chan = $low + 1;
$prog = ord($binStr[$p + 1]);
$last = 'PrCh';
$track[] = "{$time} PrCh ch={$chan} p={$prog}";
$p += 2;
break;
case 0x9:
//On
$chan = $low + 1;
$note = ord($binStr[$p + 1]);
$vel = ord($binStr[$p + 2]);
$last = 'On';
$track[] = "{$time} On ch={$chan} n={$note} v={$vel}";
$p += 3;
break;
case 0x8:
//Off
$chan = $low + 1;
$note = ord($binStr[$p + 1]);
$vel = ord($binStr[$p + 2]);
$last = 'Off';
$track[] = "{$time} Off ch={$chan} n={$note} v={$vel}";
$p += 3;
break;
case 0xa:
//PoPr = PolyPressure
$chan = $low + 1;
$note = ord($binStr[$p + 1]);
$val = ord($binStr[$p + 2]);
$last = 'PoPr';
$track[] = "{$time} PoPr ch={$chan} n={$note} v={$val}";
$p += 3;
break;
case 0xb:
//Par = ControllerChange
$chan = $low + 1;
$c = ord($binStr[$p + 1]);
$val = ord($binStr[$p + 2]);
$last = 'Par';
$track[] = "{$time} Par ch={$chan} c={$c} v={$val}";
$p += 3;
break;
case 0xd:
//ChPr = ChannelPressure
$chan = $low + 1;
$val = ord($binStr[$p + 1]);
$last = 'ChPr';
$track[] = "{$time} ChPr ch={$chan} v={$val}";
$p += 2;
break;
case 0xe:
//Pb = PitchBend
$chan = $low + 1;
$val = ord($binStr[$p + 1]) & 0x7f | (ord($binStr[$p + 2]) & 0x7f) << 7;
$last = 'Pb';
$track[] = "{$time} Pb ch={$chan} v={$val}";
$p += 3;
break;
default:
switch ($byte) {
case 0xff:
// Meta
$meta = ord($binStr[$p + 1]);
switch ($meta) {
case 0x0:
// sequence_number
$tmp = ord($binStr[$p + 2]);
if ($tmp == 0x0) {
$num = $tn;
$p += 3;
} else {
$num = 1;
$p += 5;
}
$track[] = "{$time} Seqnr {$num}";
break;
case 0x1:
// Meta Text
// Meta Text
case 0x2:
// Meta Copyright
// Meta Copyright
case 0x3:
// Meta TrackName ???sequence_name???
// Meta TrackName ???sequence_name???
case 0x4:
// Meta InstrumentName
// Meta InstrumentName
case 0x5:
// Meta Lyrics
// Meta Lyrics
case 0x6:
// Meta Marker
// Meta Marker
case 0x7:
// Meta Cue
$texttypes = array('Text', 'Copyright', 'TrkName', 'InstrName', 'Lyric', 'Marker', 'Cue');
$type = $texttypes[$meta - 1];
$p += 2;
$len = _readVarLen($binStr, $p);
if ($len + $p > $trackLen) {
_err("Meta {$type} has corrupt variable length field ({$len}) [track: {$tn} dt: {$dt}]");
}
$txt = substr($binStr, $p, $len);
$track[] = "{$time} Meta {$type} \"{$txt}\"";
$p += $len;
break;
case 0x20:
// ChannelPrefix
$chan = ord($binStr[$p + 3]);
if ($chan < 10) {
$chan = '0' . $chan;
}
//???
$track[] = "{$time} Meta 0x20 {$chan}";
$p += 4;
break;
case 0x21:
// ChannelPrefixOrPort
$chan = ord($binStr[$p + 3]);
if ($chan < 10) {
$chan = '0' . $chan;
}
//???
$track[] = "{$time} Meta 0x21 {$chan}";
$p += 4;
break;
case 0x2f:
// Meta TrkEnd
$track[] = "{$time} Meta TrkEnd";
return $track;
//ignore rest
break;
case 0x51:
// Tempo
$tempo = ord($binStr[$p + 3]) * 256 * 256 + ord($binStr[$p + 4]) * 256 + ord($binStr[$p + 5]);
$track[] = "{$time} Tempo {$tempo}";
if ($tn == 0 && $time == 0) {
$this->tempo = $tempo;
// ???
$this->tempoMsgNum = count($track) - 1;
}
$p += 6;
break;
case 0x54:
// SMPTE offset
$h = ord($binStr[$p + 3]);
$m = ord($binStr[$p + 4]);
$s = ord($binStr[$p + 5]);
$f = ord($binStr[$p + 6]);
$fh = ord($binStr[$p + 7]);
$track[] = "{$time} SMPTE {$h} {$m} {$s} {$f} {$fh}";
$p += 8;
break;
case 0x58:
// TimeSig
$z = ord($binStr[$p + 3]);
$t = pow(2, ord($binStr[$p + 4]));
$mc = ord($binStr[$p + 5]);
$c = ord($binStr[$p + 6]);
$track[] = "{$time} TimeSig {$z}/{$t} {$mc} {$c}";
$p += 7;
break;
case 0x59:
// KeySig
$vz = ord($binStr[$p + 3]);
$g = ord($binStr[$p + 4]) == 0 ? 'major' : 'minor';
$track[] = "{$time} KeySig {$vz} {$g}";
$p += 5;
break;
case 0x7f:
// Sequencer specific data (string or hexString???)
$p += 2;
$len = _readVarLen($binStr, $p);
if ($len + $p > $trackLen) {
_err("SeqSpec has corrupt variable length field ({$len}) [track: {$tn} dt: {$dt}]");
}
$p -= 3;
$data = '';
for ($i = 0; $i < $len; $i++) {
$data .= ' ' . sprintf("%02x", ord($binStr[$p + 3 + $i]));
}
$track[] = "{$time} SeqSpec{$data}";
$p += $len + 3;
break;
default:
// MM added: accept "unknown" Meta-Events
$metacode = sprintf("%02x", ord($binStr[$p + 1]));
$p += 2;
$len = _readVarLen($binStr, $p);
if ($len + $p > $trackLen) {
_err("Meta {$metacode} has corrupt variable length field ({$len}) [track: {$tn} dt: {$dt}]");
}
$p -= 3;
$data = '';
for ($i = 0; $i < $len; $i++) {
$data .= ' ' . sprintf("%02x", ord($binStr[$p + 3 + $i]));
}
$track[] = "{$time} Meta 0x{$metacode} {$data}";
$p += $len + 3;
break;
}
// switch ($meta)
break;
// Ende Meta
// Ende Meta
case 0xf0:
// SysEx
$p += 1;
$len = _readVarLen($binStr, $p);
if ($len + $p > $trackLen) {
_err("SysEx has corrupt variable length field ({$len}) [track: {$tn} dt: {$dt} p: {$p}]");
}
$str = 'f0';
for ($i = 0; $i < $len; $i++) {
$str .= ' ' . sprintf("%02x", ord($binStr[$p + $i]));
}
# FIXED
$track[] = "{$time} SysEx {$str}";
$p += $len;
break;
default:
// Repetition of last event?
switch ($last) {
case 'On':
case 'Off':
$note = ord($binStr[$p]);
$vel = ord($binStr[$p + 1]);
$track[] = "{$time} {$last} ch={$chan} n={$note} v={$vel}";
$p += 2;
break;
case 'PrCh':
$prog = ord($binStr[$p]);
$track[] = "{$time} PrCh ch={$chan} p={$prog}";
$p += 1;
break;
case 'PoPr':
$note = ord($binStr[$p + 1]);
$val = ord($binStr[$p + 2]);
$track[] = "{$time} PoPr ch={$chan} n={$note} v={$val}";
$p += 2;
break;
case 'ChPr':
$val = ord($binStr[$p]);
$track[] = "{$time} ChPr ch={$chan} v={$val}";
$p += 1;
break;
case 'Par':
$c = ord($binStr[$p]);
$val = ord($binStr[$p + 1]);
$track[] = "{$time} Par ch={$chan} c={$c} v={$val}";
$p += 2;
break;
case 'Pb':
$val = ord($binStr[$p]) & 0x7f | (ord($binStr[$p + 1]) & 0x7f) << 7;
$track[] = "{$time} Pb ch={$chan} v={$val}";
$p += 2;
break;
default:
// MM: ToDo: Repetition of SysEx and META-events? with <last>?? \n";
_err("unknown repetition: {$last}");
}
// switch ($last)
}
// switch ($byte)
}
// switch ($high)
}
// while
return $track;
}
$pos = (int) gs_get_conf('GS_PB_IMPORTED_ORDER', 9) * 10;
$tmp[$pos] = array('k' => 'imported', 'v' => gs_get_conf('GS_PB_IMPORTED_TITLE', __("Importiert")));
}
kSort($tmp);
foreach ($tmp as $arr) {
$typeToTitle[$arr['k']] = $arr['v'];
}
$url_snom_extnumbers = GS_PROV_SCHEME . '://' . GS_PROV_HOST . (GS_PROV_PORT == 80 ? '' : ':' . GS_PROV_PORT) . GS_PROV_PATH . 'snom/extnumbers.php';
$url_snom_menu = GS_PROV_SCHEME . '://' . GS_PROV_HOST . (GS_PROV_PORT ? ':' . GS_PROV_PORT : '') . GS_PROV_PATH . 'snom/menu.php';
#################################### INITIAL SCREEN {
if (!$type) {
$mac = preg_replace('/[^\\dA-Z]/', '', strToUpper(trim(@$_REQUEST['m'])));
$user_name = $db->executeGetOne('SELECT `user` FROM `users` WHERE `id`=\'' . $db->escape($user_id) . '\'');
$enumbers = gs_user_external_numbers_get($user_name);
if (isGsError($enumbers)) {
_err('Fehler beim Abfragen.');
}
ob_start();
echo '<?', 'xml version="1.0" encoding="utf-8"?', '>', "\n", '<SnomIPPhoneMenu>', "\n", '<Title>' . __("externe Nummern") . '</Title>', "\n\n";
foreach ($enumbers as $extnumber) {
echo '<MenuItem>', "\n", '<Name>', snom_xml_esc($extnumber), '</Name>', "\n", '<URL>', $url_snom_menu, '?t=forward&m=', $mac, '&u=', $user, '</URL>', "\n", '</MenuItem>', "\n\n";
# in XML the & must normally be encoded as & but not for
# the stupid Snom!
}
defineBackMenu();
echo '</SnomIPPhoneMenu>', "\n";
_ob_send();
}
#################################### INITIAL SCREEN }
function defineBackMenu()
{
$user = trim(@$_REQUEST['user']);
if (!preg_match('/^\\d+$/', $user)) {
_err('Not a valid SIP user.');
}
$type = trim(@$_REQUEST['type']);
if (!in_array($type, array('in', 'out', 'missed', 'queue'), true)) {
$type = false;
}
if (isset($_REQUEST['delete'])) {
$delete = (int) $_REQUEST['delete'];
}
$db = gs_db_slave_connect();
//--- get user_id
$user_id = (int) $db->executeGetOne('SELECT `_user_id` FROM `ast_sipfriends` WHERE `name`=\'' . $db->escape($user) . '\'');
if ($user_id < 1) {
_err('Unknown user.');
}
$typeToTitle = array('out' => __("Gewählt"), 'missed' => __('Verpasst'), 'in' => __('Angenommen'), 'queue' => __('Warteschlangen'));
ob_start();
$url_polycom_dl = GS_PROV_SCHEME . '://' . GS_PROV_HOST . (GS_PROV_PORT ? ':' . GS_PROV_PORT : '') . GS_PROV_PATH . 'polycom/diallog.php';
if (isset($delete) && $type) {
//--- clear list (
$db->execute('DELETE FROM `dial_log` ' . 'WHERE ' . ' `user_id`=' . $user_id . ' AND ' . ' `type`=\'' . $type . '\'');
//--- ) clear list
}
#################################### INITIAL SCREEN {
if (!$type) {
//--- delete outdated entries
$db->execute('DELETE FROM `dial_log` WHERE `user_id`=' . $user_id . ' AND `timestamp`<' . (time() - (int) GS_PROV_DIAL_LOG_LIFE));
echo $diallog_doctype . "\n";
echo '<html>', "\n";
/**
* Create objects and fill objects tables from a OSM xml document (string).
*
* @param string $xmlStr
*/
public function createObjectsfromXml($xmlStr)
{
OSM_ZLog::debug(__METHOD__, $xmlStr);
if (empty($xmlStr)) {
throw new OSM_Exception('Xml string could not be empty');
}
$xmlObj = simplexml_load_string($xmlStr);
if ($xmlObj == null) {
_err('Failed to parse xml: [' . print_r($xmlStr, true) . ']');
throw new OSM_Exception('Failed to parse xml');
}
$this->_loadedXml[] = $xmlStr;
// Take all others object
$objects = $xmlObj->xpath('/osm/*');
foreach ($objects as $obj) {
OSM_ZLog::debug(__METHOD__, 'subobjects type=', $obj->getName());
switch ($obj->getName()) {
case self::OBJTYPE_RELATION:
$r = OSM_Objects_Relation::fromXmlObj($obj);
$this->_relations[$r->getId()] = $r;
break;
case self::OBJTYPE_WAY:
$w = OSM_Objects_Way::fromXmlObj($obj);
$this->_ways[$w->getId()] = $w;
break;
case self::OBJTYPE_NODE:
$n = OSM_Objects_Node::fromXmlObj($obj);
$this->_nodes[$n->getId()] = $n;
break;
case 'note':
case 'meta':
case 'remark':
break;
default:
throw new OSM_Exception('Object "' . $obj->getName() . '" is not supported');
}
}
}
print nick2uid($row[3]) . "'>" . $row[3];
?>
</a></td>
<td class="forums"><?php
print $replies;
?>
</td>
</tr>
<tr>
<td colspan="3"><hr style="margin:1px;height:1px;border:none;background-color:white;"></td>
</tr>
<?php
}
// end while write topics announcement and important
$query_2 = "SELECT * \n\t\t\t FROM " . __PREFIX__ . "topic \n\t\t\t WHERE f_id = '" . $id . "' \n\t\t\t AND replyof < 0\n\t\t\t AND ((important = 0 OR important = NULL) \n\t\t\t AND (announcement = 0 OR announcement = NULL)) \n\t\t\t ORDER by last DESC \n\t\t\t LIMIT " . $limit . " \n\t\t\tOFFSET " . $offset;
$result = mysql_query($query_2) or _err(mysql_error());
while ($row = mysql_fetch_row($result)) {
$query = "SELECT id FROM " . __PREFIX__ . "topic WHERE replyof = '" . $row[0] . "'";
$res2 = mysql_query($query);
$replies = 0;
while (mysql_fetch_row($res2)) {
$replies++;
}
?>
<tr>
<td class="forums"><a href = 'viewtopic.php?id=<?php
print $row[0] . "'>" . $row[4] . "</a> " . check_graphic_block_topic($row[0]);
?>
</td>
<td class="forums"><a href = 'profile.php?id=<?php
print nick2uid($row[3]) . "'>" . $row[3];
function zayav_info()
{
if (!($zayav_id = _num(@$_GET['id']))) {
return _err('Страницы не существует');
}
$sql = "SELECT *\n\t\t\tFROM `zayav`\n\t\t\tWHERE `ws_id`=" . WS_ID . "\n\t\t\t AND !`deleted`\n\t\t\t AND `id`=" . $zayav_id;
if (!($z = query_assoc($sql))) {
return _err('Заявки не существует.');
}
$z['pre_cost'] = _cena($z['pre_cost']);
$status = _zayavStatus();
unset($status[0]);
$history = _history(array('zayav_id' => $zayav_id));
return '<script type="text/javascript">' . 'var ZAYAV={' . 'id:' . $zayav_id . ',' . 'nomer:' . $z['nomer'] . ',' . 'head:"№<b>' . $z['nomer'] . '</b>",' . 'client_id:' . $z['client_id'] . ',' . 'client_link:"' . addslashes(_clientVal($z['client_id'], 'link')) . '",' . 'status:' . $z['status'] . ',' . 'status_sel:' . _selJson($status) . ',' . 'name:"' . addslashes($z['name']) . '",' . 'about:"' . addslashes($z['about']) . '",' . 'count:' . $z['count'] . ',' . 'adres:"' . addslashes($z['adres']) . '",' . 'pre_cost:' . $z['pre_cost'] . '};' . '</script>' . '<div id="zayav-info">' . '<div id="dopLinks">' . '<a class="link a-page sel">Информация</a>' . '<a class="link" id="edit">Редактирование</a>' . '<a class="link _accrual-add">Начислить</a>' . '<a class="link _income-add">Принять платёж</a>' . '<a class="link a-page">История</a>' . '</div>' . '<div class="page">' . '<div class="headName">' . 'Заявка №' . $z['nomer'] . '<input type="hidden" id="zayav-action" />' . '</div>' . '<table id="tab">' . '<tr><td class="label">Клиент:<td>' . _clientVal($z['client_id'], 'go') . '<tr><td class="label">Название:<td><b>' . $z['name'] . '</b>' . '<tr><td class="label">Описание:<td>' . $z['about'] . '<tr><td class="label">Количество:<td><b>' . $z['count'] . '</b> шт.' . ($z['adres'] ? '<tr><td class="label">Адрес:<td>' . $z['adres'] : '') . ($z['pre_cost'] ? '<tr><td class="label">Стоимость:<td><b>' . $z['pre_cost'] . '</b> руб.' : '') . '<tr><td class="label">Дата приёма:' . '<td class="dtime_add' . _tooltip('Заявку ' . _viewerAdded($z['viewer_id_add']), -70) . FullDataTime($z['dtime_add']) . '<tr><td class="label">Статус:<td>' . _zayavStatusButton($z) . '</table>' . _zayavInfoAccrual($zayav_id) . _zayav_expense($zayav_id) . _remind_zayav($zayav_id) . _zayavInfoMoney($zayav_id) . _vkComment('zayav', $zayav_id) . '</div>' . '<div class="page dn">' . '<div class="headName">Заявка №' . $z['nomer'] . ' - история действий</div>' . $history['spisok'] . '</div>' . '</div>';
}
* =========================================================================*
* Software: 0xBB
* Software version: 2.0
* Author: KinG-InFeT
* Copyleft: GNU General Public License
* =========================================================================*
* dump.php
***************************************************************************/
set_time_limit(0);
include "kernel.php";
list($username, $password) = get_data();
if (!login($username, $password)) {
_err("ACCESS DENIED");
}
if (!(level($username) == 'admin')) {
_err("ACCESS DENIED");
}
if (isset($_REQUEST['esegui_backup'])) {
$mysql_host = $db_host;
$mysql_database = $db_name;
$mysql_username = $db_user;
$mysql_password = $db_pass;
header('Content-type: text/plain');
header('Content-Disposition: attachment; filename="' . $mysql_host . "_" . $mysql_database . "_" . date('YmdHis') . '.sql"');
_mysqldump($mysql_database);
}
function _mysqldump($mysql_database)
{
$sql = "show tables;";
$result = mysql_query($sql);
if ($result) {
# don't explain this to the users
_err( 'No! See log for details.' );
}
# only gxv3000
if (! in_array($phone_model, array('gxv3000'), true) ) {
gs_log( GS_LOG_WARNING, 'only gxp3000' );
_err( 'No! See log for details.' );
}
*/
# DB connect
require_once GS_DIR . 'inc/db_connect.php';
$db = gs_db_slave_connect();
if (!$db) {
gs_log(GS_LOG_WARNING, "Grandstream phone asks for idle screen - Could not connect to DB");
_err('Could not connect to DB.');
}
# get user_id
$user_id = (int) $db->executeGetOne('SELECT `id` FROM `users` WHERE `current_ip`=\'' . $db->escape($remote_ip) . '\'');
function checksum($str)
{
$sum = 0;
for ($i = 0; $i <= (strLen($str) - 1) / 2; $i++) {
$sum += ord(subStr($str, 2 * $i, 1)) << 8;
$sum += ord(subStr($str, 2 * $i + 1, 1));
$sum &= 0xffff;
}
$sum = 0x10000 - $sum;
return array($sum >> 8 & 0xff, $sum & 0xff);
}
#####################################################################
`ast_sipfriends` `s` ON (`s`.`_user_id`=`u`.`id`)
WHERE
`u`.`id` IN (' . implode(',', $group_members) . ') AND
`u`.`id`!=' . $user_id . '
ORDER BY `u`.`lastname`, `u`.`firstname`');
} elseif ($type === 'prv') {
# PRIVATE phonebook
$pb = array('type' => 'prv', 'title' => gs_get_conf('GS_PB_PRIVATE_TITLE', __("Persönlich")), 'query' => 'SELECT `pb`.`lastname` `ln`, `pb`.`firstname` `fn`, `pb`.`number` `ext`
FROM
`pb_prv` `pb`
WHERE `pb`.`user_id`=' . $user_id . '
ORDER BY `pb`.`lastname`, `pb`.`firstname`');
} elseif (type === 'imported') {
# IMPORTED phonebook
if (!gs_get_conf('GS_PB_IMPORTED_ENABLED')) {
_err('Not allowed');
}
$pb = array('type' => 'imported', 'title' => gs_get_conf('GS_PB_IMPORTED_TITLE', __("Extern")), 'query' => 'SELECT `lastname` `ln`, `firstname` `fn`, `number` `ext`
FROM `pb_ldap`
ORDER BY `lastname`, `firstname`');
}
ob_start();
echo '<?', 'xml version="1.0" encoding="utf-8"?', '>', "\n";
echo '<TiptelIPPhoneDirectory>', "\n";
echo '<Title>' . $pb['title'] . '</Title>', "\n";
$rs = $db->execute($pb['query']);
if ($rs && $rs->numRows() !== 0) {
while ($r = $rs->fetchRow()) {
$lastname = $r['ln'];
$firstname = $r['fn'];
$number = $r['ext'];
