/**
  * Creates data provider instance with search query applied
  *
  * @param array $params
  *
  * @return ActiveDataProvider
  */
 public function search($params)
 {
     $query = config::find();
     if (!isset($params['sort'])) {
         $query->orderBy(['id_config' => SORT_DESC]);
     }
     $dataProvider = new ActiveDataProvider(['query' => $query]);
     $this->load($params);
     if (!$this->validate()) {
         // uncomment the following line if you do not want to return any records when validation fails
         // $query->where('0=1');
         return $dataProvider;
     }
     $query->andFilterWhere(['id_config' => $this->id_config, 'config_name' => $this->config_name, 'config_value' => $this->config_value]);
     $query->andFilterWhere(['like', 'config_name', $this->config_name])->andFilterWhere(['like', 'config_value', $this->config_value]);
     return $dataProvider;
 }
Exemple #2
0
 public function upgrade()
 {
     //get the db variables
     $config = new config();
     $config_exists = $config->exists();
     $config_path = $config->find();
     $config->get();
     $db_type = $config->db_type;
     $db_name = $config->db_name;
     $db_username = $config->db_username;
     $db_password = $config->db_password;
     $db_host = $config->db_host;
     $db_path = $config->db_path;
     $db_port = $config->db_port;
     //get the PROJECT PATH
     include "root.php";
     //get the list of installed apps from the core and app directories (note: GLOB_BRACE doesn't work on some systems)
     $config_list_1 = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
     $config_list_2 = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_menu.php");
     $config_list = array_merge((array) $config_list_1, (array) $config_list_2);
     unset($config_list_1, $config_list_2);
     $db = $this->db;
     $x = 0;
     foreach ($config_list as &$config_path) {
         include $config_path;
         $x++;
     }
     //get the domains
     $sql = "select * from v_domains ";
     $prep_statement = $this->db->prepare($sql);
     $prep_statement->execute();
     $domains = $prep_statement->fetchAll(PDO::FETCH_NAMED);
     unset($prep_statement);
     //get the domain_settings
     $sql = "select * from v_domain_settings ";
     $sql .= "where domain_setting_enabled = 'true' ";
     $prep_statement = $this->db->prepare($sql);
     $prep_statement->execute();
     $domain_settings = $prep_statement->fetchAll(PDO::FETCH_NAMED);
     unset($prep_statement);
     //get the default settings
     $sql = "select * from v_default_settings ";
     $sql .= "where default_setting_enabled = 'true' ";
     $prep_statement = $this->db->prepare($sql);
     $prep_statement->execute();
     $database_default_settings = $prep_statement->fetchAll(PDO::FETCH_NAMED);
     unset($prep_statement);
     //get the domain_uuid
     foreach ($domains as $row) {
         if (count($domains) == 1) {
             $_SESSION["domain_uuid"] = $row["domain_uuid"];
             $_SESSION["domain_name"] = $row['domain_name'];
         } else {
             if (lower_case($row['domain_name']) == lower_case($domain_array[0]) || lower_case($row['domain_name']) == lower_case('www.' . $domain_array[0])) {
                 $_SESSION["domain_uuid"] = $row["domain_uuid"];
                 $_SESSION["domain_name"] = $row['domain_name'];
             }
             $_SESSION['domains'][$row['domain_uuid']]['domain_uuid'] = $row['domain_uuid'];
             $_SESSION['domains'][$row['domain_uuid']]['domain_name'] = $row['domain_name'];
         }
     }
     //loop through all domains
     $domain_count = count($domains);
     $domains_processed = 1;
     foreach ($domains as &$row) {
         //get the values from database and set them as php variables
         $domain_uuid = $row["domain_uuid"];
         $domain_name = $row["domain_name"];
         //get the context
         $context = $domain_name;
         //show the domain when display_type is set to text
         if ($display_type == "text") {
             echo "\n";
             echo $domain_name;
             echo "\n";
         }
         //get the default settings - this needs to be done to reset the session values back to the defaults for each domain in the loop
         foreach ($database_default_settings as $row) {
             $name = $row['default_setting_name'];
             $category = $row['default_setting_category'];
             $subcategory = $row['default_setting_subcategory'];
             if (strlen($subcategory) == 0) {
                 if ($name == "array") {
                     $_SESSION[$category][] = $row['default_setting_value'];
                 } else {
                     $_SESSION[$category][$name] = $row['default_setting_value'];
                 }
             } else {
                 if ($name == "array") {
                     $_SESSION[$category][$subcategory][] = $row['default_setting_value'];
                 } else {
                     $_SESSION[$category][$subcategory]['uuid'] = $row['default_setting_uuid'];
                     $_SESSION[$category][$subcategory][$name] = $row['default_setting_value'];
                 }
             }
         }
         //get the domains settings for the current domain
         foreach ($domain_settings as $row) {
             if ($row['domain_uuid'] == $domain_uuid) {
                 $name = $row['domain_setting_name'];
                 $category = $row['domain_setting_category'];
                 $subcategory = $row['domain_setting_subcategory'];
                 if (strlen($subcategory) == 0) {
                     //$$category[$name] = $row['domain_setting_value'];
                     $_SESSION[$category][$name] = $row['domain_setting_value'];
                 } else {
                     //$$category[$subcategory][$name] = $row['domain_setting_value'];
                     $_SESSION[$category][$subcategory][$name] = $row['domain_setting_value'];
                 }
             }
         }
         //get the list of installed apps from the core and mod directories and execute the php code in app_defaults.php
         $default_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_defaults.php");
         foreach ($default_list as &$default_path) {
             include $default_path;
         }
         //track of the number of domains processed
         $domains_processed++;
     }
     //synchronize the dialplan
     if (function_exists('save_dialplan_xml')) {
         save_dialplan_xml();
     }
     //update config.lua
     if (file_exists($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . '/app/scripts/resources/classes/scripts.php')) {
         $obj = new scripts();
         $obj->write_config();
     }
     //clear the session variables
     unset($_SESSION['domain']);
     unset($_SESSION['switch']);
 }
Exemple #3
0
 /**
  * @depends testInitSessionCredentials
  */
 public function testProtectedConfigSettings($session_token)
 {
     $sensitiveSettings = array('proxy_passwd', 'smtp_passwd');
     // set a non empty value to the sessionts to check
     foreach ($sensitiveSettings as $name) {
         Config::setConfigurationValues('core', array($name => 'not_empty_password'));
         $value = Config::getConfigurationValues('core', array($name));
         $this->assertArrayHasKey($name, $value);
         $this->assertNotEmpty($value[$name]);
     }
     $where = "'" . implode("', '", $sensitiveSettings) . "'";
     $config = new config();
     $rows = $config->find("`context`='core' AND `name` IN ({$where})");
     $this->assertEquals(count($sensitiveSettings), count($rows));
     // Check the value is not retrieved for sensitive settings
     foreach ($rows as $row) {
         $res = $this->doHttpRequest('GET', "Config/" . $row['id'], ['headers' => ['Session-Token' => $session_token]]);
         $this->assertEquals(200, $res->getStatusCode());
         $body = $res->getBody();
         $data = json_decode($body, true);
         $this->assertEquals('', $data['value']);
     }
     // Check an other setting is disclosed (when not empty)
     $config = new Config();
     $config->getFromDBByQuery("WHERE `context`='core' AND `name`='admin_email'");
     $res = $this->doHttpRequest('GET', "Config/" . $config->getID(), ['headers' => ['Session-Token' => $session_token]]);
     $this->assertEquals(200, $res->getStatusCode());
     $body = $res->getBody();
     $data = json_decode($body, true);
     $this->assertNotEquals('', $data['value']);
     // Check a search does not disclose sensitive values
     $criteria = array();
     $queryString = "";
     foreach ($rows as $row) {
         $queryString = "&criteria[][link]=or&criteria[][field]=1&criteria[][searchtype]=equals&criteria[][value]=" . $row['name'];
     }
     $res = $this->doHttpRequest('GET', "search/Config" . "?{$queryString}", ['headers' => ['Session-Token' => $session_token], 'query' => array()]);
     $this->assertEquals(200, $res->getStatusCode());
     $body = $res->getBody();
     $data = json_decode($body, true);
     foreach ($data['data'] as $row) {
         foreach ($row as $col) {
             $this->assertNotEquals($col, 'not_empty_password');
         }
     }
 }
Exemple #4
0
<?php

require_once 'config.inc';
$ob = new config();
$ob->set_file("./config.conf");
print $ob->find("test4") . "\n";
$ret = $ob->find_array("test");
foreach ($ret as $wk) {
    print "{$wk}, ";
}
print "\n";
Exemple #5
0
 public function schema($format = '')
 {
     //set the global variable
     global $db, $upgrade_data_types, $text, $output_format;
     if ($format == '') {
         $format = $output_format;
     }
     //get the db variables
     $config = new config();
     $config_exists = $config->exists();
     $config_path = $config->find();
     $config->get();
     $db_type = $config->db_type;
     $db_name = $config->db_name;
     $db_username = $config->db_username;
     $db_password = $config->db_password;
     $db_host = $config->db_host;
     $db_path = $config->db_path;
     $db_port = $config->db_port;
     //get the PROJECT PATH
     include "root.php";
     //add multi-lingual support
     if (!isset($text)) {
         $language = new text();
         $text = $language->get(null, 'core/upgrade');
     }
     //PHP PDO check if table or column exists
     //check if table exists
     // SELECT * FROM sqlite_master WHERE type='table' AND name='v_cdr'
     //check if column exists
     // SELECT * FROM sqlite_master WHERE type='table' AND name='v_cdr' AND sql LIKE '%caller_id_name TEXT,%'
     //aditional information
     // http://www.sqlite.org/faq.html#q9
     //postgresql
     //list all tables in the database
     // SELECT table_name FROM pg_tables WHERE schemaname='public';
     //check if table exists
     // SELECT * FROM pg_tables WHERE schemaname='public' AND table_name = 'v_groups'
     //check if column exists
     // SELECT attname FROM pg_attribute WHERE attrelid = (SELECT oid FROM pg_class WHERE relname = 'v_cdr') AND attname = 'caller_id_name';
     //mysql
     //list all tables in the database
     // SELECT TABLE_NAME FROM information_schema.tables WHERE table_schema = 'fusionpbx'
     //check if table exists
     // SELECT TABLE_NAME FROM information_schema.tables WHERE table_schema = 'fusionpbx' AND TABLE_NAME = 'v_groups'
     //check if column exists
     // SELECT * FROM information_schema.COLUMNS where TABLE_SCHEMA = 'fusionpbx' AND TABLE_NAME = 'v_cdr' AND COLUMN_NAME = 'context'
     //oracle
     //check if table exists
     // SELECT TABLE_NAME FROM ALL_TABLES
     //get the $apps array from the installed apps from the core and mod directories
     $config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
     $x = 0;
     foreach ($config_list as &$config_path) {
         include $config_path;
         $x++;
     }
     //update the app db array add exists true or false
     $sql = '';
     foreach ($apps as $x => &$app) {
         if (isset($app['db'])) {
             foreach ($app['db'] as $y => &$row) {
                 if (is_array($row['table'])) {
                     $table_name = $row['table']['text'];
                 } else {
                     $table_name = $row['table'];
                 }
                 if (strlen($table_name) > 0) {
                     //check if the table exists
                     if ($this->db_table_exists($db_type, $db_name, $table_name)) {
                         $apps[$x]['db'][$y]['exists'] = 'true';
                     } else {
                         $apps[$x]['db'][$y]['exists'] = 'false';
                     }
                     //check if the column exists
                     foreach ($row['fields'] as $z => $field) {
                         if ($field['deprecated'] == "true") {
                             //skip this field
                         } else {
                             if (is_array($field['name'])) {
                                 $field_name = $field['name']['text'];
                             } else {
                                 $field_name = $field['name'];
                             }
                             if (strlen(field_name) > 0) {
                                 if ($this->db_column_exists($db_type, $db_name, $table_name, $field_name)) {
                                     //found
                                     $apps[$x]['db'][$y]['fields'][$z]['exists'] = 'true';
                                 } else {
                                     //not found
                                     $apps[$x]['db'][$y]['fields'][$z]['exists'] = 'false';
                                 }
                             }
                             unset($field_name);
                         }
                     }
                     unset($table_name);
                 }
             }
         }
     }
     //prepare the variables
     $sql_update = '';
     $var_uuid = $_GET["id"];
     //add missing tables and fields
     foreach ($apps as $x => &$app) {
         if (isset($app['db'])) {
             foreach ($app['db'] as $y => &$row) {
                 if (is_array($row['table'])) {
                     $table_name = $row['table']['text'];
                     if (!$this->db_table_exists($db_type, $db_name, $row['table']['text'])) {
                         $row['exists'] = "true";
                         //testing
                         //if (db_table_exists($db_type, $db_name, $row['table']['deprecated'])) {
                         if ($db_type == "pgsql") {
                             $sql_update .= "ALTER TABLE " . $row['table']['deprecated'] . " RENAME TO " . $row['table']['text'] . ";\n";
                         }
                         if ($db_type == "mysql") {
                             $sql_update .= "RENAME TABLE " . $row['table']['deprecated'] . " TO " . $row['table']['text'] . ";\n";
                         }
                         if ($db_type == "sqlite") {
                             $sql_update .= "ALTER TABLE " . $row['table']['deprecated'] . " RENAME TO " . $row['table']['text'] . ";\n";
                         }
                         //}
                     }
                 } else {
                     $table_name = $row['table'];
                 }
                 //check if the table exists
                 if ($row['exists'] == "true") {
                     if (count($row['fields']) > 0) {
                         foreach ($row['fields'] as $z => $field) {
                             if ($field['deprecated'] == "true") {
                                 //skip this field
                             } else {
                                 //get the data type
                                 if (is_array($field['type'])) {
                                     $field_type = $field['type'][$db_type];
                                 } else {
                                     $field_type = $field['type'];
                                 }
                                 //get the field name
                                 if (is_array($field['name'])) {
                                     $field_name = $field['name']['text'];
                                 } else {
                                     $field_name = $field['name'];
                                 }
                                 //find missing fields and add them
                                 if ($field['deprecated'] == "true") {
                                     //skip this row
                                 } else {
                                     if (!is_array($field['name'])) {
                                         if ($field['exists'] == "false") {
                                             $sql_update .= "ALTER TABLE " . $table_name . " ADD " . $field['name'] . " " . $field_type . ";\n";
                                         }
                                     }
                                 }
                                 //rename fields where the name has changed
                                 if (is_array($field['name'])) {
                                     if ($this->db_column_exists($db_type, $db_name, $table_name, $field['name']['deprecated'])) {
                                         if ($db_type == "pgsql") {
                                             $sql_update .= "ALTER TABLE " . $table_name . " RENAME COLUMN " . $field['name']['deprecated'] . " to " . $field['name']['text'] . ";\n";
                                         }
                                         if ($db_type == "mysql") {
                                             $field_type = str_replace("AUTO_INCREMENT PRIMARY KEY", "", $field_type);
                                             $sql_update .= "ALTER TABLE " . $table_name . " CHANGE " . $field['name']['deprecated'] . " " . $field['name']['text'] . " " . $field_type . ";\n";
                                         }
                                         if ($db_type == "sqlite") {
                                             //a change has been made to the field name
                                             $apps[$x]['db'][$y]['rebuild'] = 'true';
                                         }
                                     }
                                 }
                                 //change the data type if it has been changed
                                 //if the data type in the app db array is different than the type in the database then change the data type
                                 if ($upgrade_data_types) {
                                     $db_field_type = $this->db_column_data_type($db_type, $db_name, $table_name, $field_name);
                                     $field_type_array = explode("(", $field_type);
                                     $field_type = $field_type_array[0];
                                     if (trim($db_field_type) != trim($field_type) && strlen($db_field_type) > 0) {
                                         if ($db_type == "pgsql") {
                                             if (strtolower($field_type) == "uuid") {
                                                 $sql_update .= "ALTER TABLE " . $table_name . " ALTER COLUMN " . $field_name . " TYPE uuid USING\n";
                                                 $sql_update .= "CAST(regexp_replace(" . $field_name . ", '([A-Z0-9]{4})([A-Z0-9]{12})', E'\\1-\\2')\n";
                                                 $sql_update .= "AS uuid);\n";
                                             } else {
                                                 if ($db_field_type = "integer" && strtolower($field_type) == "serial") {
                                                     //field type has not changed
                                                 } elseif ($db_field_type = "timestamp without time zone" && strtolower($field_type) == "timestamp") {
                                                     //field type has not changed
                                                 } elseif ($db_field_type = "timestamp without time zone" && strtolower($field_type) == "datetime") {
                                                     //field type has not changed
                                                 } elseif ($db_field_type = "integer" && strtolower($field_type) == "numeric") {
                                                     //field type has not changed
                                                 } elseif ($db_field_type = "character" && strtolower($field_type) == "char") {
                                                     //field type has not changed
                                                 } else {
                                                     //$sql_update .= "-- $db_type, $db_name, $table_name, $field_name ".db_column_data_type ($db_type, $db_name, $table_name, $field_name)."<br>";
                                                     $sql_update .= "ALTER TABLE " . $table_name . " ALTER COLUMN " . $field_name . " TYPE " . $field_type . ";\n";
                                                 }
                                             }
                                         }
                                         if ($db_type == "mysql") {
                                             $type = explode("(", $db_field_type);
                                             if ($type[0] == $field_type) {
                                                 //do nothing
                                             } elseif ($field_type == "numeric" && $type[0] == "decimal") {
                                                 //do nothing
                                             } else {
                                                 $sql_update .= "ALTER TABLE " . $table_name . " modify " . $field_name . " " . $field_type . ";\n";
                                             }
                                             unset($type);
                                         }
                                         if ($db_type == "sqlite") {
                                             //a change has been made to the field type
                                             $apps[$x]['db'][$y]['rebuild'] = 'true';
                                         }
                                     }
                                 }
                             }
                         }
                         unset($column_array);
                     }
                 } else {
                     //create table
                     if (!is_array($row['table'])) {
                         $sql_update .= $this->db_create_table($apps, $db_type, $row['table']);
                     }
                 }
             }
         }
     }
     //rebuild and populate the table
     foreach ($apps as $x => &$app) {
         if (isset($app['db'])) {
             foreach ($app['db'] as $y => &$row) {
                 if (is_array($row['table'])) {
                     $table_name = $row['table']['text'];
                 } else {
                     $table_name = $row['table'];
                 }
                 if ($row['rebuild'] == "true") {
                     if ($db_type == "sqlite") {
                         //start the transaction
                         //$sql_update .= "BEGIN TRANSACTION;\n";
                         //rename the table
                         $sql_update .= "ALTER TABLE " . $table_name . " RENAME TO tmp_" . $table_name . ";\n";
                         //create the table
                         $sql_update .= $this->db_create_table($apps, $db_type, $table_name);
                         //insert the data into the new table
                         $sql_update .= $this->db_insert_into($apps, $db_type, $table_name);
                         //drop the old table
                         $sql_update .= "DROP TABLE tmp_" . $table_name . ";\n";
                         //commit the transaction
                         //$sql_update .= "COMMIT;\n";
                     }
                 }
             }
         }
     }
     // initialize response variable
     $response = '';
     //display results as html
     if ($format == "html") {
         //show the database type
         $response .= "<strong>" . $text['header-database_type'] . ": " . $db_type . "</strong><br /><br />";
         //start the table
         $response .= "<table width='100%' border='0' cellpadding='20' cellspacing='0'>\n";
         //show the changes
         if (strlen($sql_update) > 0) {
             $response .= "<tr>\n";
             $response .= "<td class='row_style1' colspan='3'>\n";
             $response .= "<br />\n";
             $response .= "<strong>" . $text['label-sql_changes'] . ":</strong><br />\n";
             $response .= "<pre>\n";
             $response .= $sql_update;
             $response .= "</pre>\n";
             $response .= "<br />\n";
             $response .= "</td>\n";
             $response .= "</tr>\n";
         }
         //list all tables
         $response .= "<tr>\n";
         $response .= "<th>" . $text['label-table'] . "</th>\n";
         $response .= "<th>" . $text['label-exists'] . "</th>\n";
         $response .= "<th>" . $text['label-details'] . "</th>\n";
         $response .= "<tr>\n";
         //build the html while looping through the app db array
         $sql = '';
         foreach ($apps as &$app) {
             if (isset($app['db'])) {
                 foreach ($app['db'] as $row) {
                     if (is_array($row['table'])) {
                         $table_name = $row['table']['text'];
                     } else {
                         $table_name = $row['table'];
                     }
                     $response .= "<tr>\n";
                     //check if the table exists
                     if ($row['exists'] == "true") {
                         $response .= "<td valign='top' class='row_style1'>" . $table_name . "</td>\n";
                         $response .= "<td valign='top' class='vncell' style='padding-top: 3px;'>" . $text['option-true'] . "</td>\n";
                         if (count($row['fields']) > 0) {
                             $response .= "<td class='row_style1'>\n";
                             //show the list of columns
                             $response .= "<table border='0' cellpadding='10' cellspacing='0'>\n";
                             $response .= "<tr>\n";
                             $response .= "<th>" . $text['label-name'] . "</th>\n";
                             $response .= "<th>" . $text['label-type'] . "</th>\n";
                             $response .= "<th>" . $text['label-exists'] . "</th>\n";
                             $response .= "</tr>\n";
                             foreach ($row['fields'] as $field) {
                                 if ($field['deprecated'] == "true") {
                                     //skip this field
                                 } else {
                                     if (is_array($field['name'])) {
                                         $field_name = $field['name']['text'];
                                     } else {
                                         $field_name = $field['name'];
                                     }
                                     if (is_array($field['type'])) {
                                         $field_type = $field['type'][$db_type];
                                     } else {
                                         $field_type = $field['type'];
                                     }
                                     $response .= "<tr>\n";
                                     $response .= "<td class='row_style1' width='200'>" . $field_name . "</td>\n";
                                     $response .= "<td class='row_style1'>" . $field_type . "</td>\n";
                                     if ($field['exists'] == "true") {
                                         $response .= "<td class='row_style0' style=''>" . $text['option-true'] . "</td>\n";
                                         $response .= "<td>&nbsp;</td>\n";
                                     } else {
                                         $response .= "<td class='row_style1' style='background-color:#444444;color:#CCCCCC;'>" . $text['option-false'] . "</td>\n";
                                         $response .= "<td>&nbsp;</td>\n";
                                     }
                                     $response .= "</tr>\n";
                                 }
                             }
                             unset($column_array);
                             $response .= "\t</table>\n";
                             $response .= "</td>\n";
                         }
                     } else {
                         $response .= "<td valign='top' class='row_style1'>{$table_name}</td>\n";
                         $response .= "<td valign='top' class='row_style1' style='background-color:#444444;color:#CCCCCC;'><strong>" . $text['label-exists'] . "</strong><br />" . $text['option-false'] . "</td>\n";
                         $response .= "<td valign='top' class='row_style1'>&nbsp;</td>\n";
                     }
                     $response .= "</tr>\n";
                 }
             }
         }
         unset($prep_statement);
         //end the list of tables
         $response .= "</table>\n";
         $response .= "<br />\n";
     }
     //loop line by line through all the lines of sql code
     $x = 0;
     if (strlen($sql_update) == 0 && $format == "text") {
         $response .= "\t" . $text['label-schema'] . ":\t\t\t" . $text['label-no_change'] . "\n";
     } else {
         if ($format == "text") {
             $response .= "\t" . $text['label-schema'] . "\n";
         }
         //$this->db->beginTransaction();
         $update_array = explode(";", $sql_update);
         foreach ($update_array as $sql) {
             if (strlen(trim($sql))) {
                 try {
                     $this->db->query(trim($sql));
                     if ($format == "text") {
                         $response .= "\t{$sql}\n";
                     }
                 } catch (PDOException $error) {
                     $response .= "\terror: " . $error->getMessage() . "\tsql: {$sql}<br/>";
                 }
             }
         }
         //$this->db->commit();
         $response .= "\n";
         unset($file_contents, $sql_update, $sql);
     }
     //handle response
     //if ($output == "echo") {
     //	echo $response;
     //}
     //else if ($output == "return") {
     return $response;
     //}
 }