Esempio n. 1
0
<?php

/*
 * api.php
 */
include "includes/db.php";
include "includes/site.class.php";
$csms = new SmppiSite();
if (isset($_REQUEST['login']) && isset($_REQUEST['skey']) && isset($_REQUEST['action'])) {
    $ip = $_SERVER['REMOTE_ADDR'];
    $login = $_REQUEST['login'];
    $md5key = md5($_REQUEST['skey']);
    if ($user_id = $csms->api_auth($login, $md5key, $ip)) {
        if ($_REQUEST['action'] == "sendsms") {
            $user_rights = $csms->user_rights($user_id);
            if (in_array("SMS_APISEND", $user_rights)) {
                $phone = $_REQUEST['phone'];
                $msg = $_REQUEST['msg'];
                $method = isset($_REQUEST['method']) ? $_REQUEST['method'] : "gsm";
                if ($sms_id = $csms->sendsms($phone, $msg, 1, $method)) {
                    $csms->users_log($user_id, "sendsms:{$sms_id}", $_SERVER['REMOTE_ADDR']);
                    $return = array("result" => "success", "sms_id" => $sms_id);
                } else {
                    $return = array("result" => "error", "reason" => "sendsms");
                }
            } else {
                $return = array("result" => "error", "reason" => "access denied");
            }
        } else {
            $return = array("result" => "error", "reason" => "wrong request 2");
        }
Esempio n. 2
0
<?php

/*
 * ajax/get_user_fields.php
 */
include_once "../includes/session.inc.php";
include_once "../includes/db.php";
include_once "../includes/site.class.php";
include_once "../lang/lang.{$site_lang}.php";
$csms = new SmppiSite();
include "../includes/auth.inc.php";
if (in_array("SMS_ADMIN", $user_rights)) {
    if (isset($_REQUEST["id"]) && $_REQUEST["id"] > 0) {
        $id = $_REQUEST["id"];
        $modal_header = "Редактировать пользователя";
        $current_user = $csms->get_users($id);
        $current_rights = $csms->get_rights($id);
        $login = $current_user[0]['login'];
        $ip = $current_user[0]['ip'];
        $interface = $current_user[0]['interface'];
        $rights = array();
        foreach ($current_rights as $right) {
            $rights[] = array("right" => $right['right'], "descr" => $right['descr'], "checked" => $right['checked']);
        }
        $interfaces = array($interface, "web", "api");
    } else {
        $id = 0;
        $modal_header = "Создать пользователя";
        $current_rights = $csms->get_rights();
        $login = "";
        $ip = "";
Esempio n. 3
0
<?php

/*
 * user.act.php
 */
include_once "includes/session.inc.php";
include_once "includes/db.php";
include_once "includes/site.class.php";
include_once "lang/lang.{$site_lang}.php";
$csms = new SmppiSite();
include "includes/auth.inc.php";
if (in_array("SMS_ADMIN", $user_rights)) {
    if (isset($_REQUEST['user_id']) && $_REQUEST['user_id'] == 0 && isset($_REQUEST['user_login']) && $_REQUEST['user_login'] != "" && isset($_REQUEST['user_password']) && $_REQUEST['user_password'] != "" && isset($_REQUEST['user_ip']) && $_REQUEST['user_ip'] != "" && isset($_REQUEST['user_interface']) && $_REQUEST['user_interface'] != "") {
        $params = array("login" => $_REQUEST['user_login'], "password" => md5(trim($_REQUEST['user_password'])), "ip" => $_REQUEST['user_ip'], "interface" => $_REQUEST['user_interface']);
        if ($new_user_id = $csms->create_user($params)) {
            $csms->users_log($user_id, "create user:{$new_user_id}", $_SERVER['REMOTE_ADDR']);
            if (isset($_REQUEST['user_rights'])) {
                foreach ($_REQUEST['user_rights'] as $right) {
                    $csms->insert_right($new_user_id, $right);
                }
            }
            header("location: " . BASE_PATH . "adm/");
        }
    } elseif (isset($_REQUEST['user_id']) && $_REQUEST['user_id'] > 0 && isset($_REQUEST['user_login']) && $_REQUEST['user_login'] != "" && isset($_REQUEST['user_password']) && isset($_REQUEST['user_ip']) && $_REQUEST['user_ip'] != "" && isset($_REQUEST['user_interface']) && $_REQUEST['user_interface'] != "") {
        $user_password = $_REQUEST['user_password'] == "" ? "" : md5($_REQUEST['user_password']);
        $params = array("id" => $_REQUEST['user_id'], "login" => $_REQUEST['user_login'], "password" => $user_password, "ip" => $_REQUEST['user_ip'], "interface" => $_REQUEST['user_interface']);
        if ($csms->update_user($params)) {
            $new_user_id = $params['id'];
            $csms->users_log($user_id, "update user:{$new_user_id}", $_SERVER['REMOTE_ADDR']);
            $csms->delete_rights($new_user_id);
            if (isset($_REQUEST['user_rights'])) {
Esempio n. 4
0
<?php

include_once "includes/session.inc.php";
include_once "includes/db.php";
include_once "includes/site.class.php";
include_once "lang/lang.{$site_lang}.php";
$csms = new SmppiSite();
include "includes/auth.inc.php";
if (in_array("SMS_WEBSEND", $user_rights)) {
    if (isset($_REQUEST['phone']) && isset($_REQUEST['msg'])) {
        $phone = $csms->check_phone($_REQUEST['phone']);
        $msg = $db->real_escape_string($_REQUEST['msg']);
        $translit = isset($_REQUEST['translit']) && $_REQUEST['translit'] == 1 ? 1 : 0;
        $method = isset($_REQUEST['method']) ? $_REQUEST['method'] : "gsm";
        try {
            $sms_id = $csms->sendsms($phone, $msg, $translit, $method);
            $csms->users_log($user_id, "sendsms:{$sms_id}", $_SERVER['REMOTE_ADDR']);
            header("location: " . BASE_PATH . "outgoing/");
        } catch (Exception $e) {
            $_SESSION['send_error'] = SEND_ERROR;
            header("location: " . BASE_PATH . "send/");
        }
    } else {
        $_SESSION['send_error'] = FIELDS_ERROR;
        header("location: " . BASE_PATH . "send/");
    }
} else {
    header("location: " . BASE_PATH . "");
}
Esempio n. 5
0
<?php

/*
 * index.php
 */
include_once "includes/session.inc.php";
include_once "includes/db.php";
include_once "includes/site.class.php";
include_once "lang/lang.{$site_lang}.php";
$csms = new SmppiSite();
include "includes/auth.inc.php";
$webuser = "";
$part = isset($_REQUEST['part']) ? $_REQUEST['part'] : "incoming";
// navigation classes
$incoming_active = $part == "incoming" ? "active" : "";
$outgoing_active = $part == "outgoing" ? "active" : "";
$send_active = $part == "send" ? "active" : "";
$adm_active = $part == "adm" ? "active" : "";
// menu access
$incoming_menu = "<li class=\"{$incoming_active}\"><a href=\"" . BASE_PATH . "incoming/\">" . INCOMING . "</a></li>";
$outgoing_menu = "<li class=\"{$outgoing_active}\"><a href=\"" . BASE_PATH . "outgoing/\">" . OUTGOING . "</a></li>";
$send_menu = in_array("SMS_WEBSEND", $user_rights) ? "<li class=\"{$send_active}\"><a href=\"" . BASE_PATH . "send/\">" . MENU_SEND_SMS . "</a></li>" : "";
$adm_menu = in_array("SMS_ADMIN", $user_rights) ? "<li class=\"{$adm_active}\"><a href=\"" . BASE_PATH . "adm/\">" . MENU_MANAGE . "</a></li>" : "";
// make web content
$content_page = "";
if ($part == "incoming") {
    $direction = "0";
    // pagination
    $page = isset($_REQUEST['page']) ? $_REQUEST['page'] : 1;
    $count = $csms->getsms_count($direction);
    $page_count = ceil($count / $csms->limit);