defined('_SECURE_') or die('Forbidden'); if (!auth_isvalid()) { auth_block(); } $view = $_REQUEST['view']; $uname = $_REQUEST['uname']; if (!$uname || $uname && $uname == $user_config['username']) { $user_edited = $user_config; $c_username = $user_config['username']; } else { if (auth_isadmin()) { $user_edited = user_getdatabyusername($uname); $c_username = $uname; $url_uname = '&uname=' . $uname; } else { $user_edited = user_getdatabyusername($uname); $c_username = $uname; $url_uname = '&uname=' . $uname; if ($user_edited['parent_uid'] == $user_config['uid']) { $is_parent = TRUE; } else { auth_block(); } } } $c_uid = user_username2uid($c_username); switch (_OP_) { case "user_config": if ($c_user = dba_search(_DB_PREF_ . '_tblUser', '*', array('flag_deleted' => 0, 'uid' => $c_uid))) { $token = $c_user[0]['token']; $webservices_ip = $c_user[0]['webservices_ip'];
function recvsms_inbox_add($sms_datetime, $sms_sender, $target_user, $message, $sms_receiver = "", $reference_id = '') { global $core_config; // sms to inbox will be handled by plugins first $ret_intercept = recvsms_inbox_add_intercept($sms_datetime, $sms_sender, $target_user, $message, $sms_receiver, $reference_id); if ($ret_intercept['param_modified']) { $sms_datetime = $ret_intercept['param']['sms_datetime'] ? $ret_intercept['param']['sms_datetime'] : $sms_datetime; $sms_sender = $ret_intercept['param']['sms_sender'] ? $ret_intercept['param']['sms_sender'] : $sms_sender; $target_user = $ret_intercept['param']['target_user'] ? $ret_intercept['param']['target_user'] : $target_user; $message = $ret_intercept['param']['message'] ? $ret_intercept['param']['message'] : $message; $sms_receiver = $ret_intercept['param']['sms_receiver'] ? $ret_intercept['param']['sms_receiver'] : $sms_receiver; $reference_id = $ret_intercept['param']['reference_id'] ? $ret_intercept['param']['reference_id'] : $reference_id; } $ok = FALSE; if ($sms_sender && $target_user && $message) { $user = user_getdatabyusername($target_user); if ($uid = $user['uid']) { // discard if banned if (user_banned_get($uid)) { logger_print("user banned, message ignored uid:" . $uid, 2, "recvsms_inbox_add"); return FALSE; } // get name from target_user's phonebook $c_name = ''; if (substr($sms_sender, 0, 1) == '@') { $c_username = str_replace('@', '', $sms_sender); $c_name = user_getfieldbyusername($c_username, 'name'); } else { $c_name = phonebook_number2name($uid, $sms_sender); } $sender = $c_name ? $c_name . ' (' . $sms_sender . ')' : $sms_sender; // forward to Inbox if ($fwd_to_inbox = $user['fwd_to_inbox']) { $db_query = "\n\t\t\t\t\tINSERT INTO " . _DB_PREF_ . "_tblSMSInbox\n\t\t\t\t\t(in_sender,in_receiver,in_uid,in_msg,in_datetime,reference_id)\n\t\t\t\t\tVALUES ('{$sms_sender}','{$sms_receiver}','{$uid}','{$message}','" . core_adjust_datetime($sms_datetime) . "','{$reference_id}')\n\t\t\t\t"; logger_print("saving sender:" . $sms_sender . " receiver:" . $sms_receiver . " target:" . $target_user . " reference_id:" . $reference_id, 2, "recvsms_inbox_add"); if ($inbox_id = @dba_insert_id($db_query)) { logger_print("saved id:" . $inbox_id . " sender:" . $sms_sender . " receiver:" . $sms_receiver . " target:" . $target_user, 2, "recvsms_inbox_add"); $ok = TRUE; } } // forward to email, consider site config too if ($parent_uid = user_getparentbyuid($uid)) { $site_config = site_config_get($parent_uid); } $web_title = $site_config['web_title'] ? $site_config['web_title'] : $core_config['main']['web_title']; $email_service = $site_config['email_service'] ? $site_config['email_service'] : $core_config['main']['email_service']; $email_footer = $site_config['email_footer'] ? $site_config['email_footer'] : $core_config['main']['email_footer']; $sms_receiver = $sms_receiver ? $sms_receiver : '-'; if ($fwd_to_email = $user['fwd_to_email']) { if ($email = $user['email']) { $subject = _('Message from') . " " . $sender; $body = $web_title . "\n\n"; $body .= _('Message received at') . " " . $sms_receiver . " " . _('on') . " " . $sms_datetime . "\n\n"; $body .= _('From') . " " . $sender . "\n\n"; $body .= $message . "\n\n--\n"; $body .= $email_footer . "\n\n"; $body = stripslashes($body); logger_print("send email from:" . $email_service . " to:" . $email . " message:[" . $message . "]", 3, "recvsms_inbox_add"); $data = array('mail_from_name' => $web_title, 'mail_from' => $email_service, 'mail_to' => $email, 'mail_subject' => $subject, 'mail_body' => $body); sendmail($data); logger_print("sent email from:" . $email_service . " to:" . $email, 3, "recvsms_inbox_add"); } } // forward to mobile if ($fwd_to_mobile = $user['fwd_to_mobile']) { if ($mobile = $user['mobile']) { // fixme anton $c_message = $message . ' ' . $sender; if ($sender_uid = user_mobile2uid($sms_sender)) { if ($sender_username = user_uid2username($sender_uid)) { $c_message = $message . ' ' . '@' . $sender_username; } } $message = $c_message; $unicode = core_detect_unicode($message); $nofooter = TRUE; logger_print("send to mobile:" . $mobile . " from:" . $sms_sender . " user:"******" message:" . $message, 3, "recvsms_inbox_add"); list($ok, $to, $smslog_id, $queue) = sendsms($target_user, $mobile, $message, 'text', $unicode, '', $nofooter); if ($ok[0] == 1) { logger_print("sent to mobile:" . $mobile . " from:" . $sms_sender . " user:"******"recvsms_inbox_add"); } } } } } return $ok; }
$nav = q_sanitize($_REQUEST['nav']); $username = $_COOKIE['vc2']; $uid = username2uid($username); $sender = username2sender($username); $footer = username2footer($username); $mobile = username2mobile($username); $email = username2email($username); $name = username2name($username); $status = username2status($username); $userstatus = isadmin() ? 'Administrator' : ' Normal User'; // reserved important keywords $reserved_keywords = array("PV", "BC"); $core_config['reserved_keywords'] = $reserved_keywords; // load user's data from user's DB table if (valid()) { $core_config['user'] = user_getdatabyusername($username); } // action icon $icon_edit = "<img src=\"" . $http_path['themes'] . "/" . $themes_module . "/images/edit_action.gif\" alt=\"" . _('Edit') . "\" title=\"" . _('Edit') . "\" border=0>"; $icon_delete = "<img src=\"" . $http_path['themes'] . "/" . $themes_module . "/images/delete_action.gif\" alt=\"" . _('Delete') . "\" title=\"" . _('Delete') . "\" border=0>"; $icon_reply = "<img src=\"" . $http_path['themes'] . "/" . $themes_module . "/images/reply_action.gif\" alt=\"" . _('Reply') . "\" title=\"" . _('Reply') . "\" border=0>"; $icon_manage = "<img src=\"" . $http_path['themes'] . "/" . $themes_module . "/images/manage_action.gif\" alt=\"" . _('Manage') . "\" title=\"" . _('Manage') . "\" border=0>"; $icon_view = "<img src=\"" . $http_path['themes'] . "/" . $themes_module . "/images/view_action.gif\" alt=\"" . _('View') . "\" title=\"" . _('View') . "\" border=0>"; $icon_calendar = "<img src=\"" . $http_path['themes'] . "/" . $themes_module . "/images/cal.gif\" alt=\"" . _('Pick Date & Time') . "\" title=\"" . _('Pick Date & Time') . "\" border=0>"; $icon_sendsms = "<img src=\"" . $http_path['themes'] . "/" . $themes_module . "/images/sendsms.gif\" alt=\"" . _('Send SMS') . "\" title=\"" . _('Send SMS') . "\" border=0>"; $icon_phonebook = "<img src=\"" . $http_path['themes'] . "/" . $themes_module . "/images/phonebook_action.gif\" alt=\"" . _('Phonebook') . "\" title=\"" . _('Phonebook') . "\" border=0>"; // menus $core_config['menu']['main_tab']['home'] = _('Home'); $core_config['menu']['main_tab']['my_account'] = _('My Account'); $core_config['menu']['main_tab']['administration'] = _('Administration'); $core_config['menu']['main_tab']['feature'] = _('Feature');
/** * Send SMS to phonebook group * * @global array $core_config * @param string $username * @param integer $gpid * @param string $message * @param string $sms_type * @param integer $unicode * @param string $smsc * @param boolean $nofooter * @param string $sms_footer * @param string $sms_sender * @param string $sms_schedule * @return array array($status, $sms_to, $smslog_id, $queue) */ function sendsms_bc($username, $gpid, $message, $sms_type = 'text', $unicode = 0, $smsc = '', $nofooter = false, $sms_footer = '', $sms_sender = '', $sms_schedule = '') { global $core_config, $user_config; $user = $user_config; if ($username && $user['username'] != $username) { $user = user_getdatabyusername($username); } $uid = $user['uid']; // discard if banned if (user_banned_get($uid)) { logger_print("user banned, exit immediately uid:" . $uid, 2, "sendsms_bc"); return array(FALSE, '', '', '', ''); } // SMS sender ID $sms_sender = core_sanitize_sender($sms_sender); $sms_sender = $sms_sender && sender_id_isvalid($username, $sms_sender) ? $sms_sender : sendsms_get_sender($username); // SMS footer $sms_footer = core_sanitize_footer($sms_footer); $sms_footer = $sms_footer ? $sms_footer : $user['footer']; if ($nofooter) { $sms_footer = ''; } // a hack to remove \r from \r\n // the issue begins with ENTER being \r\n and detected as 2 chars // and since the javascript message counter can't detect it as 2 chars // thus the message length counts is inaccurate $message = str_replace("\r\n", "\n", $message); // just to make sure its length, we need to stripslashes message before enter other procedures $sms_sender = stripslashes($sms_sender); $message = stripslashes($message); $sms_footer = stripslashes($sms_footer); // fixme anton - fix #71 but not sure whats the correct solution for this // $max_length = ( $unicode ? $user['opt']['max_sms_length_unicode'] : $user['opt']['max_sms_length'] ); $max_length = $user['opt']['max_sms_length']; if (strlen($message) > $max_length) { $message = substr($message, 0, $max_length); } $sms_msg = $message; logger_print("start uid:" . $uid . " sender:" . $sms_sender, 2, "sendsms_bc"); // add a space infront of footer if exists $c_sms_footer = trim($sms_footer) ? ' ' . trim($sms_footer) : ''; logger_print("maxlen:" . $max_length . " footerlen:" . strlen($c_sms_footer) . " footer:[" . $c_sms_footer . "] msglen:" . strlen($sms_msg) . " message:[" . $sms_msg . "]", 3, "sendsms_bc"); // destination group should be an array, if single then make it array of 1 member if (is_array($gpid)) { $array_gpid = $gpid; } else { $array_gpid = explode(',', $gpid); } $j = 0; for ($i = 0; $i < count($array_gpid); $i++) { if ($c_gpid = trim($array_gpid[$i])) { logger_print("start gpid:" . $c_gpid . " uid:" . $uid . " sender:" . $sms_sender, 2, "sendsms_bc"); // create a queue $queue_code = sendsms_queue_create($sms_sender, $sms_footer, $sms_msg, $uid, $c_gpid, $sms_type, $unicode, $sms_schedule, $smsc); if (!$queue_code) { // when unable to create a queue then immediately returns FALSE, no point to continue logger_print("fail to finalize queue creation, exit immediately", 2, "sendsms_bc"); return array(FALSE, '', '', '', ''); } $queue_count = 0; $sms_count = 0; $failed_queue_count = 0; $failed_sms_count = 0; $rows = phonebook_getdatabyid($c_gpid); if (is_array($rows)) { foreach ($rows as $key => $db_row) { $p_num = trim($db_row['p_num']); if ($sms_to = sendsms_getvalidnumber($p_num)) { $sms_to = sendsms_manipulate_prefix($sms_to, $user); if ($smslog_id[$j] = sendsms_queue_push($queue_code, $sms_to)) { $ok[$j] = true; $queue_count++; $sms_count += $count; } else { $ok[$j] = FALSE; $failed_queue_count++; $failed_sms_count++; } $to[$j] = $sms_to; $queue[$j] = $queue_code; $counts[$j] = $count; $j++; } } } if (sendsms_queue_update($queue_code, array('flag' => '0', 'sms_count' => $sms_count))) { logger_print("end queue_code:" . $queue_code . " queue_count:" . $queue_count . " sms_count:" . $sms_count . " failed_queue:" . $failed_queue_count . " failed_sms:" . $failed_sms_count, 2, "sendsms_bc"); } else { logger_print("fail to prepare queue, exit immediately queue_code:" . $queue_code, 2, "sendsms_bc"); return array(FALSE, '', '', $queue_code, ''); } } } if (!$core_config['issendsmsd']) { unset($ok); unset($to); unset($queue); unset($counts); logger_print("sendsmsd off immediately process queue_code:" . $queue_code, 2, "sendsms_bc"); list($ok, $to, $smslog_id, $queue, $counts) = sendsmsd($queue_code); } return array($ok, $to, $smslog_id, $queue, $counts); }
function webservices_query($username) { $user = user_getdatabyusername($username); // get user's data $status = $user['status']; $uid = $user['uid']; $name = $user['name']; $email = $user['email']; $mobile = $user['mobile']; // get credit $credit = rate_getusercredit($username); $credit = $credit ? $credit : '0'; // get last id on user's inbox table $fields = 'in_id'; $conditions = array('in_uid' => $uid, 'flag_deleted' => 0); $extras = array('ORDER BY' => 'in_id DESC', 'LIMIT' => 1); $list = dba_search(_DB_PREF_ . '_tblSMSInbox', $fields, $conditions, '', $extras); $last_inbox_id = $list[0]['in_id']; // get last id on incoming table $fields = 'in_id'; $conditions = array('in_uid' => $uid, 'flag_deleted' => 0, 'in_status' => 1); $extras = array('ORDER BY' => 'in_id DESC', 'LIMIT' => 1); $list = dba_search(_DB_PREF_ . '_tblSMSIncoming', $fields, $conditions, '', $extras); $last_incoming_id = $list[0]['in_id']; // get last id on outgoing table $fields = 'smslog_id'; $conditions = array('uid' => $uid, 'flag_deleted' => 0); $extras = array('ORDER BY' => 'smslog_id DESC', 'LIMIT' => 1); $list = dba_search(_DB_PREF_ . '_tblSMSOutgoing', $fields, $conditions, '', $extras); $last_outgoing_id = $list[0]['smslog_id']; // compile data $data = array('user' => array('username' => $username, 'uid' => (int) $uid, 'status' => (int) $status, 'name' => $name, 'email' => $email, 'mobile' => $mobile, 'credit' => $credit), 'last_id' => array('user_inbox' => (int) $last_inbox_id, 'user_incoming' => (int) $last_incoming_id, 'user_outgoing' => (int) $last_outgoing_id)); $json['status'] = 'OK'; $json['error'] = '0'; $json['data'] = $data; return $json; }
function insertsmstoinbox($sms_datetime, $sms_sender, $target_user, $message, $sms_receiver = "") { global $core_config, $web_title, $email_service, $email_footer; // sms to inbox will be handled by plugin/tools/* first $ret_intercept = interceptsmstoinbox($sms_datetime, $sms_sender, $target_user, $message, $sms_receiver); if ($ret_intercept['param_modified']) { $sms_datetime = $ret_intercept['param']['sms_datetime'] ? $ret_intercept['param']['sms_datetime'] : $sms_datetime; $sms_sender = $ret_intercept['param']['sms_sender'] ? $ret_intercept['param']['sms_sender'] : $sms_sender; $target_user = $ret_intercept['param']['target_user'] ? $ret_intercept['param']['target_user'] : $target_user; $message = $ret_intercept['param']['message'] ? $ret_intercept['param']['message'] : $message; $sms_receiver = $ret_intercept['param']['sms_receiver'] ? $ret_intercept['param']['sms_receiver'] : $sms_receiver; } $ok = false; if ($sms_sender && $target_user && $message) { $user = user_getdatabyusername($target_user); if ($uid = $user['uid']) { // forward to Inbox if ($fwd_to_inbox = $user['fwd_to_inbox']) { $db_query = "\n\t\t INSERT INTO " . _DB_PREF_ . "_tblUserInbox\n\t\t (in_sender,in_receiver,in_uid,in_msg,in_datetime) \n\t\t VALUES ('{$sms_sender}','{$sms_receiver}','{$uid}','{$message}','{$sms_datetime}')\n\t\t"; logger_print("saving sender:" . $sms_sender . " receiver:" . $sms_receiver . " target:" . $target_user, 3, "insertsmstoinbox"); if ($cek_ok = @dba_insert_id($db_query)) { logger_print("saved sender:" . $sms_sender . " receiver:" . $sms_receiver . " target:" . $target_user, 3, "insertsmstoinbox"); } } // forward to email if ($fwd_to_email = $user['fwd_to_email']) { if ($email = $user['email']) { // make sure sms_datetime is in supported format and in user's timezone $sms_datetime = core_display_datetime($sms_datetime); // get name from target_user's phonebook $c_name = phonebook_number2name($sms_sender, $target_user); $sender = $c_name ? $c_name . ' <' . $sms_sender . '>' : $sms_sender; // fixme anton - slash maddess $message = stripslashes($message); $subject = "[SMSGW-PV] " . _('from') . " {$sms_sender}"; $body = _('Forward Private WebSMS') . " ({$web_title})\n\n"; $body .= _('Date time') . ": {$sms_datetime}\n"; $body .= _('Sender') . ": {$sender}\n"; $body .= _('Receiver') . ": {$sms_receiver}\n\n"; $body .= _('Message') . ":\n{$message}\n\n"; $body .= $email_footer . "\n\n"; logger_print("send email from:" . $email_service . " to:" . $email, 3, "insertsmstoinbox"); sendmail($email_service, $email, $subject, $body); logger_print("sent email from:" . $email_service . " to:" . $email, 3, "insertsmstoinbox"); } $ok = true; } // forward to mobile if ($fwd_to_mobile = $user['fwd_to_mobile']) { if ($mobile = $user['mobile']) { $unicode = 0; if (function_exists('mb_detect_encoding')) { $encoding = mb_detect_encoding($message, 'auto'); if ($encoding != 'ASCII') { $unicode = 1; } } $message = $sender . ' ' . $message; logger_print("send to mobile:" . $mobile . " from:" . $sender . " user:"******"insertsmstoinbox"); list($ok, $to, $smslog_id) = sendsms_pv($target_user, $mobile, $message, 'text', $unicode); if ($ok[0]) { logger_print("sent to mobile:" . $mobile . " from:" . $sender . " user:"******"insertsmstoinbox"); } } } } } return $ok; }
function mailsms_hook_playsmsd_once($param) { if ($param != 'mailsms_fetch') { return; } // get username $username = user_uid2username($uid); // _log('fetch uid:' . $uid . ' username:'******'mailsms_hook_playsmsd_once'); $items_global = registry_search(0, 'features', 'mailsms'); $enable_fetch = $items_global['features']['mailsms']['enable_fetch']; if (!$enable_fetch) { return; } $ssl = $items_global['features']['mailsms']['ssl'] == 1 ? "/ssl" : ""; $novalidate_cert = $items_global['features']['mailsms']['novalidate_cert'] == 1 ? "/novalidate-cert" : ""; $email_hostname = '{' . $items_global['features']['mailsms']['server'] . ':' . $items_global['features']['mailsms']['port'] . '/' . $items_global['features']['mailsms']['protocol'] . $ssl . $novalidate_cert . '}INBOX'; $email_username = $items_global['features']['mailsms']['username']; $email_password = $items_global['features']['mailsms']['password']; // _log('fetch ' . $email_username . ' at ' . $email_hostname, 3, 'mailsms_hook_playsmsd_once'); // open mailbox $inbox = imap_open($email_hostname, $email_username, $email_password); if (!$inbox) { $errors = imap_errors(); foreach ($errors as $error) { // _log('error:' . $error, 3, 'mailsms_hook_playsmsd_once'); } return; } $emails = imap_search($inbox, 'UNSEEN'); if (count($emails)) { rsort($emails); foreach ($emails as $email_number) { $overview = imap_fetch_overview($inbox, $email_number, 0); $email_subject = trim($overview[0]->subject); $email_sender = trim($overview[0]->from); $email_body = trim(imap_fetchbody($inbox, $email_number, 1)); _log('email from:[' . $email_sender . '] subject:[' . $email_subject . '] body:[' . $email_body . ']', 3, 'mailsms_hook_playsmsd'); $e = preg_replace('/\\s+/', ' ', trim($email_subject)); $f = preg_split('/ +/', $e); $sender_username = str_replace('@', '', $f[0]); // in case user use @username $sender_pin = $f[1]; //$message = str_replace($sender_username . ' ' . $sender_pin . ' ', '', $email_subject); $c_message = preg_split("/[\\s]+/", $email_subject, 3); $message = $c_message[2]; $sender = user_getdatabyusername($sender_username); if ($sender['uid']) { $items = registry_search($sender['uid'], 'features', 'mailsms_user'); $pin = $items['features']['mailsms_user']['pin']; if ($sender_pin && $pin && $sender_pin == $pin) { if ($items_global['features']['mailsms']['check_sender']) { preg_match('#\\<(.*?)\\>#', $email_sender, $match); $sender_email = $match[1]; if ($sender['email'] != $sender_email) { _log('check_sender:1 unknown sender from:' . $sender_email . ' uid:' . $sender['uid'] . ' e:' . $sender['email'], 3, 'mailsms_hook_playsmsd_once'); continue; } } } else { _log('invalid pin uid:' . $sender['uid'] . ' sender_pin:[' . $sender_pin . ']', 3, 'mailsms_hook_playsmsd_once'); continue; } } else { _log('invalid username sender_username:[' . $sender_username . ']', 3, 'mailsms_hook_playsmsd_once'); continue; } // destination numbers is in array and retrieved from email body // remove email footer/signiture $sms_to = preg_replace('/--[\\r\\n]+.*/s', '', $email_body); $sms_to = explode(',', $sms_to); // sendsms if ($sender_username && count($sms_to) && $message) { _log('mailsms uid:' . $sender['uid'] . ' from:[' . $sender_email . '] username:[' . $sender_username . ']', 3, 'mailsms_hook_playsmsd_once'); list($ok, $to, $smslog_id, $queue, $counts, $sms_count, $sms_failed) = sendsms_helper($sender_username, $sms_to, $message, '', '', '', '', '', '', $reference_id); } } } // close mailbox imap_close($inbox); }
} else { $json['status'] = 'ERR'; $json['error'] = '100'; } } else { $json['status'] = 'ERR'; $json['error'] = '100'; } } else { $json['status'] = 'ERR'; $json['error'] = '100'; } $log_this = TRUE; break; case "WS_LOGIN": $user = user_getdatabyusername($u); if ($c_uid = $user['uid']) { // supplied login key $login_key = trim($_REQUEST['login_key']); // saved login key $reg = registry_search($c_uid, 'core', 'webservices', 'login_key'); $c_login_key = trim($reg['core']['webservices']['login_key']); // immediately remove saved login key, only proceed upon successful removal if (registry_remove($c_uid, 'core', 'webservices', 'login_key')) { // auth by comparing login keys if ($login_key && $c_login_key && $login_key == $c_login_key) { // setup login session auth_session_setup($c_uid); _log("webservices logged in u:" . $u . " ip:" . $_SERVER['REMOTE_ADDR'] . " op:" . _OP_, 3, "webservices"); } else { _log("webservices invalid login u:" . $u . " ip:" . $_SERVER['REMOTE_ADDR'] . " op:" . _OP_, 3, "webservices");
/** * Send SMS * * @global array $core_config, $user_config * @param string $username * @param mixed $sms_to * @param string $message * @param string $sms_type * @param integer $unicode * @param string $smsc * @param boolean $nofooter * @param string $sms_footer * @param string $sms_sender * @param string $sms_schedule * @return array array($status, $sms_to, $smslog_id, $queue, $counts, $error_strings) */ function sendsms($username, $sms_to, $message, $sms_type = 'text', $unicode = 0, $smsc = '', $nofooter = false, $sms_footer = '', $sms_sender = '', $sms_schedule = '') { global $core_config, $user_config; // htmlspecialchars_decode to message and footer $message = htmlspecialchars_decode($message); $sms_footer = htmlspecialchars_decode($sms_footer); // get user data $user = $user_config; if ($username && $user['username'] != $username) { $user = user_getdatabyusername($username); } if (!is_array($sms_to)) { $sms_to = explode(',', $sms_to); } $uid = $user['uid']; // discard if banned if (user_banned_get($uid)) { _log("user banned, exit immediately uid:" . $uid . ' username:'******'username'], 2, "sendsms"); return array(FALSE, '', '', '', '', sprintf(_('Account %s is currently banned to use services'), $username)); } // SMS sender ID $sms_sender = core_sanitize_sender($sms_sender); $sms_sender = $sms_sender && sender_id_isvalid($username, $sms_sender) ? $sms_sender : sendsms_get_sender($username); // SMS footer $sms_footer = core_sanitize_footer($sms_footer); $sms_footer = $sms_footer ? $sms_footer : $user['footer']; if ($nofooter) { $sms_footer = ''; } // a hack to remove \r from \r\n // the issue begins with ENTER being \r\n and detected as 2 chars // and since the javascript message counter can't detect it as 2 chars // thus the message length counts is inaccurate $message = str_replace("\r\n", "\n", $message); // just to make sure its length, we need to stripslashes message before enter other procedures $sms_sender = stripslashes($sms_sender); $message = stripslashes($message); $sms_footer = stripslashes($sms_footer); // fixme anton - fix #71 but not sure whats the correct solution for this // $max_length = ( $unicode ? $user['opt']['max_sms_length_unicode'] : $user['opt']['max_sms_length'] ); $max_length = $user['opt']['max_sms_length']; if (strlen($message) > $max_length) { $message = substr($message, 0, $max_length); } $sms_msg = $message; _log("start uid:" . $uid . " sender_id:[" . $sms_sender . "] smsc:[" . $smsc . "]", 2, "sendsms"); // add a space infront of footer if exists $c_sms_footer = trim($sms_footer) ? ' ' . trim($sms_footer) : ''; _log("maxlen:" . $max_length . " footerlen:" . strlen($c_sms_footer) . " footer:[" . $c_sms_footer . "] msglen:" . strlen($sms_msg) . " message:[" . $sms_msg . "]", 3, "sendsms"); // create a queue $queue_code = sendsms_queue_create($sms_sender, $sms_footer, $sms_msg, $uid, 0, $sms_type, $unicode, $sms_schedule, $smsc); if (!$queue_code) { // when unable to create a queue then immediately returns FALSE, no point to continue _log("fail to finalize queue creation, exit immediately", 2, "sendsms"); return array(FALSE, '', '', '', '', _('Send message failed due to unable to create queue')); } if (is_array($sms_to)) { $array_sms_to = $sms_to; } else { $array_sms_to = explode(',', $sms_to); } // get manipulated and valid destination numbers $all_sms_to = array(); for ($i = 0; $i < count($array_sms_to); $i++) { if ($c_sms_to = sendsms_getvalidnumber(trim($array_sms_to[$i]))) { $c_sms_to = sendsms_manipulate_prefix(trim($c_sms_to), $user); $all_sms_to[] = $c_sms_to; } } // remove double entries $all_sms_to = array_unique($all_sms_to, SORT_STRING); // calculate total sms and charges $total_count = 0; $total_charges = 0; foreach ($all_sms_to as $c_sms_to) { list($count, $rate, $charge) = rate_getcharges($uid, strlen($message . $c_sms_footer), $unicode, $c_sms_to); $total_count += $count; $total_charges += $charge; } _log('dst:' . count($all_sms_to) . ' sms_count:' . $total_count . ' total_charges:' . $total_charges, 2, 'sendsms'); // sender's $credit = rate_getusercredit($user['username']); $balance = $credit - $total_charges; // parent's when sender is a subuser $parent_uid = user_getparentbyuid($user['uid']); if ($parent_uid) { $username_parent = user_uid2username($parent_uid); $credit_parent = rate_getusercredit($username_parent); $balance_parent = $credit_parent - $total_charges; } if ($parent_uid) { if (!($balance_parent >= 0)) { _log('failed parent do not have enough credit. credit:' . $credit_parent . ' dst:' . count($all_sms_to) . ' sms_count:' . $total_count . ' total_charges:' . $total_charges, 2, 'sendsms'); return array(FALSE, '', '', '', '', _('Internal error please contact service provider')); } } else { if (!($balance >= 0)) { _log('failed user do not have enough credit. credit:' . $credit_parent . ' dst:' . count($all_sms_to) . ' sms_count:' . $total_count . ' total_charges:' . $total_charges, 2, 'sendsms'); return array(FALSE, '', '', '', '', _('Send message failed due to insufficient funds')); } } // default returns for ($i = 0; $i < count($all_sms_to); $i++) { $ok[$i] = FALSE; $to[$i] = $all_sms_to[$i]; $smslog_id[$i] = 0; $queue[$i] = $queue_code; $counts[$i] = $count; } $queue_count = 0; $sms_count = 0; $failed_queue_count = 0; $failed_sms_count = 0; for ($i = 0; $i < count($all_sms_to); $i++) { $c_sms_to = $all_sms_to[$i]; $continue = TRUE; if (blacklist_mobile_isexists(0, $c_sms_to)) { $continue = FALSE; _log("fail to send. mobile is in the blacklist mobile:" . $c_sms_to, 2, "sendsms"); } if ($continue && ($smslog_id[$i] = sendsms_queue_push($queue_code, $c_sms_to))) { $ok[$i] = TRUE; $queue_count++; $sms_count += $count; $error_strings[$i] = sprintf(_('Message %s has been delivered to queue'), $smslog_id[$i]); } else { $ok[$i] = FALSE; $failed_queue_count++; $failed_sms_count++; $error_strings[$i] = sprintf(_('Send message to %s in queue %s has failed'), $c_sms_to, $queue_code); } $to[$i] = $c_sms_to; $queue[$i] = $queue_code; $counts[$i] = $count; } if (sendsms_queue_update($queue_code, array('flag' => '0', 'queue_count' => $queue_count, 'sms_count' => $sms_count))) { _log("end queue_code:" . $queue_code . " queue_count:" . $queue_count . " sms_count:" . $sms_count . " failed_queue:" . $failed_queue_count . " failed_sms:" . $failed_sms_count, 2, "sendsms"); } else { _log("fail to prepare queue, exit immediately queue_code:" . $queue_code, 2, "sendsms"); return array(FALSE, '', '', $queue_code, '', sprintf(_('Send message failed due to unable to prepare queue %s'), $queue_code)); } if (!$core_config['issendsmsd']) { unset($ok); unset($to); unset($queue); unset($counts); _log("sendsmsd off immediately process queue_code:" . $queue_code, 2, "sendsms"); list($ok, $to, $smslog_id, $queue, $counts) = sendsmsd($queue_code); } return array($ok, $to, $smslog_id, $queue, $counts, $error_strings); }
function webservices_sx($c_username, $src = '', $dst = '', $datetime = '', $c = 100, $last = false) { $json['status'] = 'ERR'; $json['error'] = '501'; $u = user_getdatabyusername($c_username); if ($u['status'] != 2) { return $json; } $uid = $u['uid']; $conditions = array('flag_deleted' => 0, 'in_status' => 0); if ($src) { if ($src[0] == '0') { $c_src = substr($src, 1); } else { $c_src = substr($src, 3); } $keywords['in_sender'] = '%' . $c_src; } if ($dst) { $conditions['in_receiver'] = $dst; } if ($datetime) { $keywords['in_datetime'] = '%' . $datetime . '%'; } if ($last) { $extras['AND in_id'] = '>' . $last; } $extras['ORDER BY'] = 'in_datetime DESC'; if ($c) { $extras['LIMIT'] = $c; } else { $extras['LIMIT'] = 100; } if ($uid) { $j = 0; $list = dba_search(_DB_PREF_ . '_tblSMSIncoming', '*', $conditions, $keywords, $extras); foreach ($list as $db_row) { $id = $db_row['in_id']; $src = $db_row['in_sender']; $dst = $db_row['in_receiver']; $message = str_replace('"', "'", $db_row['in_message']); $datetime = $db_row['in_datetime']; $status = $db_row['in_status']; $json['data'][$j]['id'] = $id; $json['data'][$j]['src'] = $src; $json['data'][$j]['dst'] = $dst; $json['data'][$j]['msg'] = $message; $json['data'][$j]['dt'] = $datetime; $j++; } if ($j > 0) { unset($json['status']); unset($json['error']); } } return $json; }
/** * Validate data for user registration * * @param array $data * User data * @param boolean $flag_edit * TRUE when edit action (currently not inuse) * @return array $ret('error_string', 'status') */ function user_add_validate($data = array(), $flag_edit = FALSE) { global $core_config; $ret['status'] = true; if (is_array($data)) { foreach ($data as $key => $val) { $data[$key] = trim($val); } // password should be at least 4 characters if ($data['password'] && strlen($data['password']) < 4) { $ret['error_string'] = _('Password should be at least 4 characters'); $ret['status'] = false; } // username should be at least 3 characters and maximum $username_length $username_length = $core_config['main']['username_length'] ? $core_config['main']['username_length'] : 30; if ($ret['status'] && $data['username'] && (strlen($data['username']) < 3 || strlen($data['username']) > $username_length)) { $ret['error_string'] = sprintf(_('Username must be at least 3 characters and maximum %d characters'), $username_length) . " (" . $data['username'] . ")"; $ret['status'] = false; } // username only can contain alphanumeric, dot and dash if ($ret['status'] && $data['username'] && !preg_match('/([A-Za-z0-9\\.\\-])/', $data['username'])) { $ret['error_string'] = _('Valid characters for username are alphabets, numbers, dot or dash') . " (" . $data['username'] . ")"; $ret['status'] = false; } // name must be exists if ($ret['status'] && !$data['name']) { $ret['error_string'] = _('Account name is mandatory'); $ret['status'] = false; } // email must be in valid format if ($ret['status'] && !preg_match('/^(.+)@(.+)\\.(.+)$/', $data['email']) && !$core_config['main']['enhance_privacy_subuser']) { if ($data['email']) { $ret['error_string'] = _('Your email format is invalid') . " (" . $data['email'] . ")"; } else { $ret['error_string'] = _('Email address is mandatory'); } $ret['status'] = false; } // mobile must be in valid format, but check this only when filled if ($ret['status'] && $data['mobile'] && !preg_match('/([0-9\\+\\- ])/', $data['mobile'])) { $ret['error_string'] = _('Your mobile format is invalid') . " (" . $data['mobile'] . ")"; $ret['status'] = false; } // check if username is exists if ($ret['status'] && $data['username'] && dba_isexists(_DB_PREF_ . '_tblUser', array('flag_deleted' => 0, 'username' => $data['username']), 'AND')) { if (!$flag_edit) { $ret['error_string'] = _('Account already exists') . " (" . _('username') . ": " . $data['username'] . ")"; $ret['status'] = false; } } $existing = user_getdatabyusername($data['username']); // check if email is exists if ($ret['status'] && $data['email'] && dba_isexists(_DB_PREF_ . '_tblUser', array('flag_deleted' => 0, 'email' => $data['email']), 'AND')) { if ($data['email'] != $existing['email']) { $ret['error_string'] = _('Account with this email already exists') . " (" . _('email') . ": " . $data['email'] . ")"; $ret['status'] = false; } } // check mobile, must check for duplication only when filled if ($ret['status'] && $data['mobile']) { if (dba_isexists(_DB_PREF_ . '_tblUser', array('flag_deleted' => 0, 'mobile' => $data['mobile']), 'AND')) { if ($data['mobile'] != $existing['mobile']) { $ret['error_string'] = _('Account with this mobile already exists') . " (" . _('mobile') . ": " . $data['mobile'] . ")"; $ret['status'] = false; } } } } return $ret; }
// plugins category $plugins_category = array('feature', 'gateway', 'themes', 'language'); $core_config['plugins_category'] = $plugins_category; // max sms text length // single text sms can be 160 char instead of 1*153 $sms_max_count = (int) $sms_max_count < 1 ? 1 : (int) $sms_max_count; $core_config['main']['sms_max_count'] = $sms_max_count; $core_config['main']['per_sms_length'] = $core_config['main']['sms_max_count'] > 1 ? 153 : 160; $core_config['main']['per_sms_length_unicode'] = $core_config['main']['sms_max_count'] > 1 ? 67 : 70; $core_config['main']['max_sms_length'] = $core_config['main']['sms_max_count'] * $core_config['main']['per_sms_length']; $core_config['main']['max_sms_length_unicode'] = $core_config['main']['sms_max_count'] * $core_config['main']['per_sms_length_unicode']; // reserved important keywords $core_config['reserved_keywords'] = array('BC'); if (auth_isvalid()) { // load user's data from user's DB table $user_config = user_getdatabyusername($_SESSION['username']); $user_config['opt']['sms_footer_length'] = strlen($footer) > 0 ? strlen($footer) + 1 : 0; $user_config['opt']['per_sms_length'] = $core_config['main']['per_sms_length'] - $user_config['opt']['sms_footer_length']; $user_config['opt']['per_sms_length_unicode'] = $core_config['main']['per_sms_length_unicode'] - $user_config['opt']['sms_footer_length']; $user_config['opt']['max_sms_length'] = $core_config['main']['max_sms_length'] - $user_config['opt']['sms_footer_length']; $user_config['opt']['max_sms_length_unicode'] = $core_config['main']['max_sms_length_unicode'] - $user_config['opt']['sms_footer_length']; $user_config['opt']['gravatar'] = 'https://www.gravatar.com/avatar/' . md5(strtolower(trim($user_config['email']))); if (!$core_config['daemon_process']) { // save login session information user_session_set(); } // special setting to credit unicode SMS the same as normal SMS length // for example: 2 unicode SMS (140 chars length) will be deducted as 1 credit just like a normal SMS (160 chars length) $result = registry_search($user_config['uid'], 'core', 'user_config', 'enable_credit_unicode'); $user_config['opt']['enable_credit_unicode'] = (int) $result['core']['user_config']['enable_credit_unicode']; if (!$user_config['opt']['enable_credit_unicode']) {
* playSMS is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with playSMS. If not, see <http://www.gnu.org/licenses/>. */ defined('_SECURE_') or die('Forbidden'); if (!auth_isuser()) { if (!auth_isadmin()) { auth_block(); } } if ($_REQUEST['uname']) { $subuser_edited = user_getdatabyusername($_REQUEST['uname']); if ($subuser_edited['status'] != 4 || $subuser_edited['parent_uid'] != $user_config['uid']) { auth_block(); } } switch (_OP_) { case "subuser_list": $search_var = array(_('Registered') => 'register_datetime', _('Username') => 'username', _('Name') => 'name', _('Mobile') => 'mobile'); $search = themes_search($search_var); $conditions = array('status' => 4, 'parent_uid' => $user_config['uid']); $keywords = $search['dba_keywords']; $count = dba_count(_DB_PREF_ . '_tblUser', $conditions, $keywords); $nav = themes_nav($count, "index.php?app=main&inc=core_user&route=subuser_mgmnt&op=subuser_list"); $extras = array('ORDER BY' => 'register_datetime DESC, username', 'LIMIT' => $nav['limit'], 'OFFSET' => $nav['offset']); $list = dba_search(_DB_PREF_ . '_tblUser', '*', $conditions, $keywords, $extras); if ($err = $_SESSION['error_string']) {