/**
* Creates data provider instance with search query applied
*
* @param array $params
*
* @return ActiveDataProvider
*/
public function search($params)
{
$query = config::find();
if (!isset($params['sort'])) {
$query->orderBy(['id_config' => SORT_DESC]);
}
$dataProvider = new ActiveDataProvider(['query' => $query]);
$this->load($params);
if (!$this->validate()) {
// uncomment the following line if you do not want to return any records when validation fails
// $query->where('0=1');
return $dataProvider;
}
$query->andFilterWhere(['id_config' => $this->id_config, 'config_name' => $this->config_name, 'config_value' => $this->config_value]);
$query->andFilterWhere(['like', 'config_name', $this->config_name])->andFilterWhere(['like', 'config_value', $this->config_value]);
return $dataProvider;
}
public function upgrade()
{
//get the db variables
$config = new config();
$config_exists = $config->exists();
$config_path = $config->find();
$config->get();
$db_type = $config->db_type;
$db_name = $config->db_name;
$db_username = $config->db_username;
$db_password = $config->db_password;
$db_host = $config->db_host;
$db_path = $config->db_path;
$db_port = $config->db_port;
//get the PROJECT PATH
include "root.php";
//get the list of installed apps from the core and app directories (note: GLOB_BRACE doesn't work on some systems)
$config_list_1 = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
$config_list_2 = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_menu.php");
$config_list = array_merge((array) $config_list_1, (array) $config_list_2);
unset($config_list_1, $config_list_2);
$db = $this->db;
$x = 0;
foreach ($config_list as &$config_path) {
include $config_path;
$x++;
}
//get the domains
$sql = "select * from v_domains ";
$prep_statement = $this->db->prepare($sql);
$prep_statement->execute();
$domains = $prep_statement->fetchAll(PDO::FETCH_NAMED);
unset($prep_statement);
//get the domain_settings
$sql = "select * from v_domain_settings ";
$sql .= "where domain_setting_enabled = 'true' ";
$prep_statement = $this->db->prepare($sql);
$prep_statement->execute();
$domain_settings = $prep_statement->fetchAll(PDO::FETCH_NAMED);
unset($prep_statement);
//get the default settings
$sql = "select * from v_default_settings ";
$sql .= "where default_setting_enabled = 'true' ";
$prep_statement = $this->db->prepare($sql);
$prep_statement->execute();
$database_default_settings = $prep_statement->fetchAll(PDO::FETCH_NAMED);
unset($prep_statement);
//get the domain_uuid
foreach ($domains as $row) {
if (count($domains) == 1) {
$_SESSION["domain_uuid"] = $row["domain_uuid"];
$_SESSION["domain_name"] = $row['domain_name'];
} else {
if (lower_case($row['domain_name']) == lower_case($domain_array[0]) || lower_case($row['domain_name']) == lower_case('www.' . $domain_array[0])) {
$_SESSION["domain_uuid"] = $row["domain_uuid"];
$_SESSION["domain_name"] = $row['domain_name'];
}
$_SESSION['domains'][$row['domain_uuid']]['domain_uuid'] = $row['domain_uuid'];
$_SESSION['domains'][$row['domain_uuid']]['domain_name'] = $row['domain_name'];
}
}
//loop through all domains
$domain_count = count($domains);
$domains_processed = 1;
foreach ($domains as &$row) {
//get the values from database and set them as php variables
$domain_uuid = $row["domain_uuid"];
$domain_name = $row["domain_name"];
//get the context
$context = $domain_name;
//show the domain when display_type is set to text
if ($display_type == "text") {
echo "\n";
echo $domain_name;
echo "\n";
}
//get the default settings - this needs to be done to reset the session values back to the defaults for each domain in the loop
foreach ($database_default_settings as $row) {
$name = $row['default_setting_name'];
$category = $row['default_setting_category'];
$subcategory = $row['default_setting_subcategory'];
if (strlen($subcategory) == 0) {
if ($name == "array") {
$_SESSION[$category][] = $row['default_setting_value'];
} else {
$_SESSION[$category][$name] = $row['default_setting_value'];
}
} else {
if ($name == "array") {
$_SESSION[$category][$subcategory][] = $row['default_setting_value'];
} else {
$_SESSION[$category][$subcategory]['uuid'] = $row['default_setting_uuid'];
$_SESSION[$category][$subcategory][$name] = $row['default_setting_value'];
}
}
}
//get the domains settings for the current domain
foreach ($domain_settings as $row) {
if ($row['domain_uuid'] == $domain_uuid) {
$name = $row['domain_setting_name'];
$category = $row['domain_setting_category'];
$subcategory = $row['domain_setting_subcategory'];
if (strlen($subcategory) == 0) {
//$$category[$name] = $row['domain_setting_value'];
$_SESSION[$category][$name] = $row['domain_setting_value'];
} else {
//$$category[$subcategory][$name] = $row['domain_setting_value'];
$_SESSION[$category][$subcategory][$name] = $row['domain_setting_value'];
}
}
}
//get the list of installed apps from the core and mod directories and execute the php code in app_defaults.php
$default_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_defaults.php");
foreach ($default_list as &$default_path) {
include $default_path;
}
//track of the number of domains processed
$domains_processed++;
}
//synchronize the dialplan
if (function_exists('save_dialplan_xml')) {
save_dialplan_xml();
}
//update config.lua
if (file_exists($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . '/app/scripts/resources/classes/scripts.php')) {
$obj = new scripts();
$obj->write_config();
}
//clear the session variables
unset($_SESSION['domain']);
unset($_SESSION['switch']);
}
/**
* @depends testInitSessionCredentials
*/
public function testProtectedConfigSettings($session_token)
{
$sensitiveSettings = array('proxy_passwd', 'smtp_passwd');
// set a non empty value to the sessionts to check
foreach ($sensitiveSettings as $name) {
Config::setConfigurationValues('core', array($name => 'not_empty_password'));
$value = Config::getConfigurationValues('core', array($name));
$this->assertArrayHasKey($name, $value);
$this->assertNotEmpty($value[$name]);
}
$where = "'" . implode("', '", $sensitiveSettings) . "'";
$config = new config();
$rows = $config->find("`context`='core' AND `name` IN ({$where})");
$this->assertEquals(count($sensitiveSettings), count($rows));
// Check the value is not retrieved for sensitive settings
foreach ($rows as $row) {
$res = $this->doHttpRequest('GET', "Config/" . $row['id'], ['headers' => ['Session-Token' => $session_token]]);
$this->assertEquals(200, $res->getStatusCode());
$body = $res->getBody();
$data = json_decode($body, true);
$this->assertEquals('', $data['value']);
}
// Check an other setting is disclosed (when not empty)
$config = new Config();
$config->getFromDBByQuery("WHERE `context`='core' AND `name`='admin_email'");
$res = $this->doHttpRequest('GET', "Config/" . $config->getID(), ['headers' => ['Session-Token' => $session_token]]);
$this->assertEquals(200, $res->getStatusCode());
$body = $res->getBody();
$data = json_decode($body, true);
$this->assertNotEquals('', $data['value']);
// Check a search does not disclose sensitive values
$criteria = array();
$queryString = "";
foreach ($rows as $row) {
$queryString = "&criteria[][link]=or&criteria[][field]=1&criteria[][searchtype]=equals&criteria[][value]=" . $row['name'];
}
$res = $this->doHttpRequest('GET', "search/Config" . "?{$queryString}", ['headers' => ['Session-Token' => $session_token], 'query' => array()]);
$this->assertEquals(200, $res->getStatusCode());
$body = $res->getBody();
$data = json_decode($body, true);
foreach ($data['data'] as $row) {
foreach ($row as $col) {
$this->assertNotEquals($col, 'not_empty_password');
}
}
}
<?php
require_once 'config.inc';
$ob = new config();
$ob->set_file("./config.conf");
print $ob->find("test4") . "\n";
$ret = $ob->find_array("test");
foreach ($ret as $wk) {
print "{$wk}, ";
}
print "\n";
public function schema($format = '')
{
//set the global variable
global $db, $upgrade_data_types, $text, $output_format;
if ($format == '') {
$format = $output_format;
}
//get the db variables
$config = new config();
$config_exists = $config->exists();
$config_path = $config->find();
$config->get();
$db_type = $config->db_type;
$db_name = $config->db_name;
$db_username = $config->db_username;
$db_password = $config->db_password;
$db_host = $config->db_host;
$db_path = $config->db_path;
$db_port = $config->db_port;
//get the PROJECT PATH
include "root.php";
//add multi-lingual support
if (!isset($text)) {
$language = new text();
$text = $language->get(null, 'core/upgrade');
}
//PHP PDO check if table or column exists
//check if table exists
// SELECT * FROM sqlite_master WHERE type='table' AND name='v_cdr'
//check if column exists
// SELECT * FROM sqlite_master WHERE type='table' AND name='v_cdr' AND sql LIKE '%caller_id_name TEXT,%'
//aditional information
// http://www.sqlite.org/faq.html#q9
//postgresql
//list all tables in the database
// SELECT table_name FROM pg_tables WHERE schemaname='public';
//check if table exists
// SELECT * FROM pg_tables WHERE schemaname='public' AND table_name = 'v_groups'
//check if column exists
// SELECT attname FROM pg_attribute WHERE attrelid = (SELECT oid FROM pg_class WHERE relname = 'v_cdr') AND attname = 'caller_id_name';
//mysql
//list all tables in the database
// SELECT TABLE_NAME FROM information_schema.tables WHERE table_schema = 'fusionpbx'
//check if table exists
// SELECT TABLE_NAME FROM information_schema.tables WHERE table_schema = 'fusionpbx' AND TABLE_NAME = 'v_groups'
//check if column exists
// SELECT * FROM information_schema.COLUMNS where TABLE_SCHEMA = 'fusionpbx' AND TABLE_NAME = 'v_cdr' AND COLUMN_NAME = 'context'
//oracle
//check if table exists
// SELECT TABLE_NAME FROM ALL_TABLES
//get the $apps array from the installed apps from the core and mod directories
$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
$x = 0;
foreach ($config_list as &$config_path) {
include $config_path;
$x++;
}
//update the app db array add exists true or false
$sql = '';
foreach ($apps as $x => &$app) {
if (isset($app['db'])) {
foreach ($app['db'] as $y => &$row) {
if (is_array($row['table'])) {
$table_name = $row['table']['text'];
} else {
$table_name = $row['table'];
}
if (strlen($table_name) > 0) {
//check if the table exists
if ($this->db_table_exists($db_type, $db_name, $table_name)) {
$apps[$x]['db'][$y]['exists'] = 'true';
} else {
$apps[$x]['db'][$y]['exists'] = 'false';
}
//check if the column exists
foreach ($row['fields'] as $z => $field) {
if ($field['deprecated'] == "true") {
//skip this field
} else {
if (is_array($field['name'])) {
$field_name = $field['name']['text'];
} else {
$field_name = $field['name'];
}
if (strlen(field_name) > 0) {
if ($this->db_column_exists($db_type, $db_name, $table_name, $field_name)) {
//found
$apps[$x]['db'][$y]['fields'][$z]['exists'] = 'true';
} else {
//not found
$apps[$x]['db'][$y]['fields'][$z]['exists'] = 'false';
}
}
unset($field_name);
}
}
unset($table_name);
}
}
}
}
//prepare the variables
$sql_update = '';
$var_uuid = $_GET["id"];
//add missing tables and fields
foreach ($apps as $x => &$app) {
if (isset($app['db'])) {
foreach ($app['db'] as $y => &$row) {
if (is_array($row['table'])) {
$table_name = $row['table']['text'];
if (!$this->db_table_exists($db_type, $db_name, $row['table']['text'])) {
$row['exists'] = "true";
//testing
//if (db_table_exists($db_type, $db_name, $row['table']['deprecated'])) {
if ($db_type == "pgsql") {
$sql_update .= "ALTER TABLE " . $row['table']['deprecated'] . " RENAME TO " . $row['table']['text'] . ";\n";
}
if ($db_type == "mysql") {
$sql_update .= "RENAME TABLE " . $row['table']['deprecated'] . " TO " . $row['table']['text'] . ";\n";
}
if ($db_type == "sqlite") {
$sql_update .= "ALTER TABLE " . $row['table']['deprecated'] . " RENAME TO " . $row['table']['text'] . ";\n";
}
//}
}
} else {
$table_name = $row['table'];
}
//check if the table exists
if ($row['exists'] == "true") {
if (count($row['fields']) > 0) {
foreach ($row['fields'] as $z => $field) {
if ($field['deprecated'] == "true") {
//skip this field
} else {
//get the data type
if (is_array($field['type'])) {
$field_type = $field['type'][$db_type];
} else {
$field_type = $field['type'];
}
//get the field name
if (is_array($field['name'])) {
$field_name = $field['name']['text'];
} else {
$field_name = $field['name'];
}
//find missing fields and add them
if ($field['deprecated'] == "true") {
//skip this row
} else {
if (!is_array($field['name'])) {
if ($field['exists'] == "false") {
$sql_update .= "ALTER TABLE " . $table_name . " ADD " . $field['name'] . " " . $field_type . ";\n";
}
}
}
//rename fields where the name has changed
if (is_array($field['name'])) {
if ($this->db_column_exists($db_type, $db_name, $table_name, $field['name']['deprecated'])) {
if ($db_type == "pgsql") {
$sql_update .= "ALTER TABLE " . $table_name . " RENAME COLUMN " . $field['name']['deprecated'] . " to " . $field['name']['text'] . ";\n";
}
if ($db_type == "mysql") {
$field_type = str_replace("AUTO_INCREMENT PRIMARY KEY", "", $field_type);
$sql_update .= "ALTER TABLE " . $table_name . " CHANGE " . $field['name']['deprecated'] . " " . $field['name']['text'] . " " . $field_type . ";\n";
}
if ($db_type == "sqlite") {
//a change has been made to the field name
$apps[$x]['db'][$y]['rebuild'] = 'true';
}
}
}
//change the data type if it has been changed
//if the data type in the app db array is different than the type in the database then change the data type
if ($upgrade_data_types) {
$db_field_type = $this->db_column_data_type($db_type, $db_name, $table_name, $field_name);
$field_type_array = explode("(", $field_type);
$field_type = $field_type_array[0];
if (trim($db_field_type) != trim($field_type) && strlen($db_field_type) > 0) {
if ($db_type == "pgsql") {
if (strtolower($field_type) == "uuid") {
$sql_update .= "ALTER TABLE " . $table_name . " ALTER COLUMN " . $field_name . " TYPE uuid USING\n";
$sql_update .= "CAST(regexp_replace(" . $field_name . ", '([A-Z0-9]{4})([A-Z0-9]{12})', E'\\1-\\2')\n";
$sql_update .= "AS uuid);\n";
} else {
if ($db_field_type = "integer" && strtolower($field_type) == "serial") {
//field type has not changed
} elseif ($db_field_type = "timestamp without time zone" && strtolower($field_type) == "timestamp") {
//field type has not changed
} elseif ($db_field_type = "timestamp without time zone" && strtolower($field_type) == "datetime") {
//field type has not changed
} elseif ($db_field_type = "integer" && strtolower($field_type) == "numeric") {
//field type has not changed
} elseif ($db_field_type = "character" && strtolower($field_type) == "char") {
//field type has not changed
} else {
//$sql_update .= "-- $db_type, $db_name, $table_name, $field_name ".db_column_data_type ($db_type, $db_name, $table_name, $field_name)."<br>";
$sql_update .= "ALTER TABLE " . $table_name . " ALTER COLUMN " . $field_name . " TYPE " . $field_type . ";\n";
}
}
}
if ($db_type == "mysql") {
$type = explode("(", $db_field_type);
if ($type[0] == $field_type) {
//do nothing
} elseif ($field_type == "numeric" && $type[0] == "decimal") {
//do nothing
} else {
$sql_update .= "ALTER TABLE " . $table_name . " modify " . $field_name . " " . $field_type . ";\n";
}
unset($type);
}
if ($db_type == "sqlite") {
//a change has been made to the field type
$apps[$x]['db'][$y]['rebuild'] = 'true';
}
}
}
}
}
unset($column_array);
}
} else {
//create table
if (!is_array($row['table'])) {
$sql_update .= $this->db_create_table($apps, $db_type, $row['table']);
}
}
}
}
}
//rebuild and populate the table
foreach ($apps as $x => &$app) {
if (isset($app['db'])) {
foreach ($app['db'] as $y => &$row) {
if (is_array($row['table'])) {
$table_name = $row['table']['text'];
} else {
$table_name = $row['table'];
}
if ($row['rebuild'] == "true") {
if ($db_type == "sqlite") {
//start the transaction
//$sql_update .= "BEGIN TRANSACTION;\n";
//rename the table
$sql_update .= "ALTER TABLE " . $table_name . " RENAME TO tmp_" . $table_name . ";\n";
//create the table
$sql_update .= $this->db_create_table($apps, $db_type, $table_name);
//insert the data into the new table
$sql_update .= $this->db_insert_into($apps, $db_type, $table_name);
//drop the old table
$sql_update .= "DROP TABLE tmp_" . $table_name . ";\n";
//commit the transaction
//$sql_update .= "COMMIT;\n";
}
}
}
}
}
// initialize response variable
$response = '';
//display results as html
if ($format == "html") {
//show the database type
$response .= "<strong>" . $text['header-database_type'] . ": " . $db_type . "</strong><br /><br />";
//start the table
$response .= "<table width='100%' border='0' cellpadding='20' cellspacing='0'>\n";
//show the changes
if (strlen($sql_update) > 0) {
$response .= "<tr>\n";
$response .= "<td class='row_style1' colspan='3'>\n";
$response .= "<br />\n";
$response .= "<strong>" . $text['label-sql_changes'] . ":</strong><br />\n";
$response .= "<pre>\n";
$response .= $sql_update;
$response .= "</pre>\n";
$response .= "<br />\n";
$response .= "</td>\n";
$response .= "</tr>\n";
}
//list all tables
$response .= "<tr>\n";
$response .= "<th>" . $text['label-table'] . "</th>\n";
$response .= "<th>" . $text['label-exists'] . "</th>\n";
$response .= "<th>" . $text['label-details'] . "</th>\n";
$response .= "<tr>\n";
//build the html while looping through the app db array
$sql = '';
foreach ($apps as &$app) {
if (isset($app['db'])) {
foreach ($app['db'] as $row) {
if (is_array($row['table'])) {
$table_name = $row['table']['text'];
} else {
$table_name = $row['table'];
}
$response .= "<tr>\n";
//check if the table exists
if ($row['exists'] == "true") {
$response .= "<td valign='top' class='row_style1'>" . $table_name . "</td>\n";
$response .= "<td valign='top' class='vncell' style='padding-top: 3px;'>" . $text['option-true'] . "</td>\n";
if (count($row['fields']) > 0) {
$response .= "<td class='row_style1'>\n";
//show the list of columns
$response .= "<table border='0' cellpadding='10' cellspacing='0'>\n";
$response .= "<tr>\n";
$response .= "<th>" . $text['label-name'] . "</th>\n";
$response .= "<th>" . $text['label-type'] . "</th>\n";
$response .= "<th>" . $text['label-exists'] . "</th>\n";
$response .= "</tr>\n";
foreach ($row['fields'] as $field) {
if ($field['deprecated'] == "true") {
//skip this field
} else {
if (is_array($field['name'])) {
$field_name = $field['name']['text'];
} else {
$field_name = $field['name'];
}
if (is_array($field['type'])) {
$field_type = $field['type'][$db_type];
} else {
$field_type = $field['type'];
}
$response .= "<tr>\n";
$response .= "<td class='row_style1' width='200'>" . $field_name . "</td>\n";
$response .= "<td class='row_style1'>" . $field_type . "</td>\n";
if ($field['exists'] == "true") {
$response .= "<td class='row_style0' style=''>" . $text['option-true'] . "</td>\n";
$response .= "<td> </td>\n";
} else {
$response .= "<td class='row_style1' style='background-color:#444444;color:#CCCCCC;'>" . $text['option-false'] . "</td>\n";
$response .= "<td> </td>\n";
}
$response .= "</tr>\n";
}
}
unset($column_array);
$response .= "\t</table>\n";
$response .= "</td>\n";
}
} else {
$response .= "<td valign='top' class='row_style1'>{$table_name}</td>\n";
$response .= "<td valign='top' class='row_style1' style='background-color:#444444;color:#CCCCCC;'><strong>" . $text['label-exists'] . "</strong><br />" . $text['option-false'] . "</td>\n";
$response .= "<td valign='top' class='row_style1'> </td>\n";
}
$response .= "</tr>\n";
}
}
}
unset($prep_statement);
//end the list of tables
$response .= "</table>\n";
$response .= "<br />\n";
}
//loop line by line through all the lines of sql code
$x = 0;
if (strlen($sql_update) == 0 && $format == "text") {
$response .= "\t" . $text['label-schema'] . ":\t\t\t" . $text['label-no_change'] . "\n";
} else {
if ($format == "text") {
$response .= "\t" . $text['label-schema'] . "\n";
}
//$this->db->beginTransaction();
$update_array = explode(";", $sql_update);
foreach ($update_array as $sql) {
if (strlen(trim($sql))) {
try {
$this->db->query(trim($sql));
if ($format == "text") {
$response .= "\t{$sql}\n";
}
} catch (PDOException $error) {
$response .= "\terror: " . $error->getMessage() . "\tsql: {$sql}<br/>";
}
}
}
//$this->db->commit();
$response .= "\n";
unset($file_contents, $sql_update, $sql);
}
//handle response
//if ($output == "echo") {
// echo $response;
//}
//else if ($output == "return") {
return $response;
//}
}