$PHP_AUTH_USER = preg_replace("/'|\"|\\\\|;/", "", $PHP_AUTH_USER);
}
$stmt = "SELECT selected_language from vicidial_users where user='******';";
if ($DB) {
echo "|{$stmt}|\n";
}
$rslt = mysql_to_mysqli($stmt, $link);
$sl_ct = mysqli_num_rows($rslt);
if ($sl_ct > 0) {
$row = mysqli_fetch_row($rslt);
$VUselected_language = $row[0];
}
$auth = 0;
$reports_auth = 0;
$admin_auth = 0;
$auth_message = user_authorization($PHP_AUTH_USER, $PHP_AUTH_PW, 'REPORTS', 0);
if ($auth_message == 'GOOD') {
$auth = 1;
}
if ($auth > 0) {
$stmt = "SELECT count(*) from vicidial_users where user='******' and user_level > 7 and view_reports='1';";
if ($DB) {
echo "|{$stmt}|\n";
}
$rslt = mysql_to_mysqli($stmt, $link);
$row = mysqli_fetch_row($rslt);
$admin_auth = $row[0];
$stmt = "SELECT count(*) from vicidial_users where user='******' and user_level > 6 and view_reports='1';";
if ($DB) {
echo "|{$stmt}|\n";
}
$SSagent_debug_logging = $row[3];
}
##### END SETTINGS LOOKUP #####
###########################################
if ($non_latin < 1) {
$user = preg_replace("/[^-_0-9a-zA-Z]/", "", $user);
}
if (strlen($SSagent_debug_logging) > 1) {
if ($SSagent_debug_logging == "{$user}") {
$SSagent_debug_logging = 1;
} else {
$SSagent_debug_logging = 0;
}
}
$auth = 0;
$auth_message = user_authorization($user, $pass, '', 0, 1, 0);
if ($auth_message == 'GOOD') {
$auth = 1;
}
if (strlen($user) < 2 or strlen($pass) < 2 or $auth == 0) {
echo _QXZ("Invalid Username/Password") . ": |{$user}|{$pass}|{$auth_message}|\n";
exit;
} else {
if (strlen($server_ip) < 6 or !isset($server_ip) or (strlen($session_name) < 12 or !isset($session_name))) {
echo _QXZ("Invalid server_ip") . ": |{$server_ip}| or Invalid session_name: |{$session_name}|\n";
#underscore
exit;
} else {
$stmt = "SELECT count(*) from web_client_sessions where session_name='{$session_name}' and server_ip='{$server_ip}';";
if ($DB) {
echo "|{$stmt}|\n";
echo "|{$stmt}|\n";
}
$rslt = mysql_to_mysqli($stmt, $link);
$sl_ct = mysqli_num_rows($rslt);
if ($sl_ct > 0) {
$row = mysqli_fetch_row($rslt);
$VUselected_language = $row[0];
}
if ($callcard_enabled < 1) {
echo _QXZ("ERROR: CallCard is not active on this system") . "\n";
exit;
}
$auth = 0;
$reports_auth = 0;
$admin_auth = 0;
$auth_message = user_authorization($USER, $PASS, '', 1);
if ($auth_message == 'GOOD') {
$auth = 1;
}
if ($auth > 0) {
$stmt = "SELECT count(*) from vicidial_users where user='******' and user_level > 7 and view_reports='1';";
if ($DB) {
echo "|{$stmt}|\n";
}
$rslt = mysql_to_mysqli($stmt, $link);
$row = mysqli_fetch_row($rslt);
$admin_auth = $row[0];
$stmt = "SELECT count(*) from vicidial_users where user='******' and user_level > 6 and view_reports='1';";
if ($DB) {
echo "|{$stmt}|\n";
}
################################################################################
### version - show version, date, time and time zone information for the API
################################################################################
if ($function == 'version') {
$data = "VERSION: {$version}|BUILD: {$build}|DATE: {$NOW_TIME}|EPOCH: {$StarTtime}|DST: {$isdst}|TZ: {$DBSERVER_GMT}|TZNOW: {$SERVER_GMT}|";
$result = 'SUCCESS';
echo "{$data}\n";
api_log($link, $api_logging, $api_script, $user, $agent_user, $function, $value, $result, $result_reason, $source, $data);
exit;
}
################################################################################
### END version
################################################################################
##### BEGIN user authentication for all functions below #####
$auth = 0;
$auth_message = user_authorization($user, $pass, 'REPORTS', 1);
if ($auth_message == 'GOOD') {
$auth = 1;
}
if ($auth < 1) {
$VDdisplayMESSAGE = "ERROR: Login incorrect, please try again";
if ($auth_message == 'LOCK') {
$VDdisplayMESSAGE = "ERROR: Too many login attempts, try again in 15 minutes";
Header("Content-type: text/html; charset=utf-8");
echo "{$VDdisplayMESSAGE}: |{$user}|{$auth_message}|\n";
exit;
}
Header("Content-type: text/html; charset=utf-8");
echo "{$VDdisplayMESSAGE}: |{$user}|{$pass}|{$auth_message}|\n";
exit;
}
$NOW_TIME = date("Y-m-d H:i:s");
$REC_TIME = date("Ymd-His");
$FILE_datetime = $STARTtime;
$ext_context = 'demo';
$stmt = "SELECT selected_language from vicidial_users where user='******';";
if ($DB) {
echo "|{$stmt}|\n";
}
$rslt = mysql_to_mysqli($stmt, $link);
$sl_ct = mysqli_num_rows($rslt);
if ($sl_ct > 0) {
$row = mysqli_fetch_row($rslt);
$VUselected_language = $row[0];
}
$auth = 0;
$auth_message = user_authorization($PHP_AUTH_USER, $PHP_AUTH_PW, 'QC', 1);
if ($auth_message == 'GOOD') {
$auth = 1;
}
if ($auth < 1) {
$VDdisplayMESSAGE = _QXZ("Login incorrect, please try again");
if ($auth_message == 'LOCK') {
$VDdisplayMESSAGE = _QXZ("Too many login attempts, try again in 15 minutes");
Header("Content-type: text/html; charset=utf-8");
echo "{$VDdisplayMESSAGE}: |{$PHP_AUTH_USER}|{$auth_message}|\n";
exit;
}
Header("WWW-Authenticate: Basic realm=\"CONTACT-CENTER-ADMIN\"");
Header("HTTP/1.0 401 Unauthorized");
echo "{$VDdisplayMESSAGE}: |{$PHP_AUTH_USER}|{$PHP_AUTH_PW}|{$auth_message}|\n";
exit;
}
# default optional vars if not set
if (!isset($format)) {
$format = "text";
}
if ($format == 'debug') {
$DB = 1;
}
if (!isset($ACTION)) {
$ACTION = "refresh";
}
if (!isset($query_date)) {
$query_date = $NOW_DATE;
}
$auth = 0;
$auth_message = user_authorization($user, $pass, '', 0, $bcrypt, 0);
if ($auth_message == 'GOOD') {
$auth = 1;
}
$stmt = "SELECT count(*) from vicidial_users where user='******' and ( (modify_leads='1') or (qc_enabled='1') );";
if ($DB) {
echo "|{$stmt}|\n";
}
$rslt = mysql_to_mysqli($stmt, $link);
$row = mysqli_fetch_row($rslt);
$VUmodify = $row[0];
$stmt = "SELECT count(*) from vicidial_live_agents where user='******';";
if ($DB) {
echo "|{$stmt}|\n";
}
$rslt = mysql_to_mysqli($stmt, $link);
echo "<tr><td align=\"left\" colspan=\"2\"><font size=\"1\"><br />" . _QXZ("VERSION:") . " {$version} " . _QXZ("BUILD:") . " {$build}</font></td></tr>\n";
echo "</table></center>\n";
echo "</form>\n\n";
echo "</body>\n\n";
echo "</html>\n\n";
exit;
} else {
if ($WeBRooTWritablE > 0) {
$fp = fopen("./vicidial_auth_entries.txt", "a");
}
$VDloginDISPLAY = 0;
if (strlen($VD_login) < 2 or strlen($VD_pass) < 2) {
$VDloginDISPLAY = 1;
} else {
$auth = 0;
$auth_message = user_authorization($VD_login, $VD_pass, '', 1, 0, 0);
if ($auth_message == 'GOOD') {
$auth = 1;
}
if ($auth > 0) {
##### grab the full name of the agent
$stmt = "SELECT full_name,user_level,hotkeys_active,agent_choose_ingroups,scheduled_callbacks,agentonly_callbacks,agentcall_manual,vicidial_recording,vicidial_transfers,closer_default_blended,user_group,vicidial_recording_override,alter_custphone_override,alert_enabled,agent_shift_enforcement_override,shift_override_flag,allow_alerts,closer_campaigns,agent_choose_territories,custom_one,custom_two,custom_three,custom_four,custom_five,agent_call_log_view_override,agent_choose_blended,agent_lead_search_override from vicidial_users where user='******';";
$rslt = mysql_to_mysqli($stmt, $link);
if ($mel > 0) {
mysql_error_logging($NOW_TIME, $link, $mel, $stmt, '09004', $VD_login, $server_ip, $session_name, $one_mysql_log);
}
$row = mysqli_fetch_row($rslt);
$LOGfullname = $row[0];
$user_level = $row[1];
$VU_user_group = $row[10];
### Gather timeclock and shift enforcement restriction settings
