$db->exec(check_sql($sql)); unset($sql); } } } unset($prep_statement); //add recordings to the database if (is_dir($_SESSION['switch']['recordings']['dir'] . '/' . $_SESSION['domain_name'] . '/')) { if ($dh = opendir($_SESSION['switch']['recordings']['dir'] . '/' . $_SESSION['domain_name'] . '/')) { while (($recording_filename = readdir($dh)) !== false) { if (filetype($_SESSION['switch']['recordings']['dir'] . "/" . $_SESSION['domain_name'] . "/" . $recording_filename) == "file") { if (!in_array($recording_filename, $array_recordings)) { //file not found in db, add it $recording_uuid = uuid(); $recording_name = ucwords(str_replace('_', ' ', pathinfo($recording_filename, PATHINFO_FILENAME))); $recording_description = check_str(base64_decode($_GET['rd'])); $sql = "insert into v_recordings "; $sql .= "("; $sql .= "domain_uuid, "; $sql .= "recording_uuid, "; $sql .= "recording_filename, "; $sql .= "recording_name, "; $sql .= "recording_description "; if ($_SESSION['recordings']['storage_type']['text'] == 'base64') { $sql .= ", recording_base64 "; } $sql .= ")"; $sql .= "values "; $sql .= "("; $sql .= "'" . $domain_uuid . "', "; $sql .= "'" . $recording_uuid . "', ";
$sql .= "and invoice_uuid = '{$invoice_uuid}' "; $db->exec(check_sql($sql)); unset($sql); //set redirect $_SESSION['message'] = $text['message-update']; header("Location: " . ($back != '' ? $back : "invoices.php")); exit; } //if ($action == "update") } //if ($_POST["persistformvar"] != "true") } //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) //pre-populate the form if (count($_GET) > 0 && $_POST["persistformvar"] != "true") { $invoice_uuid = check_str($_GET["id"]); $sql = "select * from v_invoices "; $sql .= "where domain_uuid = '{$domain_uuid}' "; $sql .= "and invoice_uuid = '{$invoice_uuid}' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); foreach ($result as &$row) { $invoice_number = $row["invoice_number"]; $invoice_type = $row["invoice_type"]; $invoice_date = $row["invoice_date"]; $invoice_paid = $row["invoice_paid"]; $invoice_paid_date = $row["invoice_paid_date"]; $invoice_paid_method = $row["invoice_paid_method"]; $invoice_paid_method_ref = $row["invoice_paid_method_ref"]; $contact_uuid_from = $row["contact_uuid_from"];
usleep(rand(1000000, 3000000)); //1-3 seconds. $content = 'Authorization Required'; header("Content-Length: " . strval(strlen($content))); echo $content; exit; } } } //if password was defined in the system -> variables page then require the password. if (strlen($provision['password']) > 0) { //deny access if the password doesn't match if ($provision['password'] != check_str($_REQUEST['password'])) { //log the failed auth attempt to the system, to be available for fail2ban. openlog('FusionPBX', LOG_NDELAY, LOG_AUTH); syslog(LOG_WARNING, '[' . $_SERVER['REMOTE_ADDR'] . "] provision attempt bad password for " . check_str($_REQUEST['mac'])); closelog(); usleep(rand(1000000, 3000000)); //1-3 seconds. echo "access denied 4"; return; } } //output template to string for header processing $prov = new provision(); $prov->domain_uuid = $domain_uuid; $prov->mac = $mac; $prov->file = $file; $file_contents = $prov->render(); //deliver the customized config over HTTP/HTTPS //need to make sure content-type is correct
require_once "resources/check_auth.php"; if (permission_exists('fax_log_view')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support require_once "app_languages.php"; foreach ($text as $key => $value) { $text[$key] = $value[$_SESSION['domain']['language']['code']]; } //pre-populate the form if (isset($_REQUEST["id"]) && isset($_REQUEST["fax_uuid"])) { $fax_log_uuid = check_str($_REQUEST["id"]); $fax_uuid = check_str($_REQUEST["fax_uuid"]); $sql = "select * from v_fax_logs "; $sql .= "where domain_uuid = '" . $domain_uuid . "' "; $sql .= "and fax_log_uuid = '" . $fax_log_uuid . "' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); foreach ($result as &$row) { $fax_log_uuid = $row["fax_log_uuid"]; $fax_success = $row["fax_success"]; $fax_result_code = $row["fax_result_code"]; $fax_result_text = $row["fax_result_text"]; $fax_file = $row["fax_file"]; $fax_ecm_used = $row["fax_ecm_used"]; $fax_local_station_id = $row["fax_local_station_id"]; $fax_document_transferred_pages = $row["fax_document_transferred_pages"];
Portions created by the Initial Developer are Copyright (C) 2008-2012 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane <*****@*****.**> James Rose <*****@*****.**> */ include "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; if (permission_exists('script_editor_save')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text(); $text = $language->get(); //get the uuid from http values $clip_uuid = check_str($_GET["id"]); //delete the clip if (strlen($_GET["id"]) > 0) { $sql = "delete from v_clips "; $sql .= "where clip_uuid = '" . $clip_uuid . "' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); unset($sql, $db); } //redirect the browser header("Location: clipoptions.php");
function process_xml_cdr($db, $leg, $xml_string) { //set global variable global $debug; //fix the xml by escaping the contents of <sip_full_XXX> $xml_string = preg_replace_callback("/<([^><]+)>(.*?[><].*?)<\\/\\g1>/", function ($matches) { var_dump($matches); return '<' . $matches[1] . '>' . str_replace(">", ">", str_replace("<", "<", $matches[2])) . '</' . $matches[1] . '>'; }, $xml_string); //parse the xml to get the call detail record info try { xml_cdr_log($xml_string); $xml = simplexml_load_string($xml_string); xml_cdr_log("\nxml load done\n"); } catch (Exception $e) { echo $e->getMessage(); xml_cdr_log("\nfail loadxml: " . $e->getMessage() . "\n"); } //prepare the database object require_once "resources/classes/database.php"; $database = new database(); $database->table = "v_xml_cdr"; //misc $uuid = check_str(urldecode($xml->variables->uuid)); $database->fields['uuid'] = $uuid; $database->fields['accountcode'] = check_str(urldecode($xml->variables->accountcode)); $database->fields['default_language'] = check_str(urldecode($xml->variables->default_language)); $database->fields['bridge_uuid'] = check_str(urldecode($xml->variables->bridge_uuid)); //$database->fields['digits_dialed'] = check_str(urldecode($xml->variables->digits_dialed)); $database->fields['sip_hangup_disposition'] = check_str(urldecode($xml->variables->sip_hangup_disposition)); $database->fields['pin_number'] = check_str(urldecode($xml->variables->pin_number)); //time $database->fields['start_epoch'] = check_str(urldecode($xml->variables->start_epoch)); $start_stamp = check_str(urldecode($xml->variables->start_stamp)); $database->fields['start_stamp'] = $start_stamp; $database->fields['answer_stamp'] = check_str(urldecode($xml->variables->answer_stamp)); $database->fields['answer_epoch'] = check_str(urldecode($xml->variables->answer_epoch)); $database->fields['end_epoch'] = check_str(urldecode($xml->variables->end_epoch)); $database->fields['end_stamp'] = check_str(urldecode($xml->variables->end_stamp)); $database->fields['duration'] = check_str(urldecode($xml->variables->duration)); $database->fields['mduration'] = check_str(urldecode($xml->variables->mduration)); $database->fields['billsec'] = check_str(urldecode($xml->variables->billsec)); $database->fields['billmsec'] = check_str(urldecode($xml->variables->billmsec)); //codecs $database->fields['read_codec'] = check_str(urldecode($xml->variables->read_codec)); $database->fields['read_rate'] = check_str(urldecode($xml->variables->read_rate)); $database->fields['write_codec'] = check_str(urldecode($xml->variables->write_codec)); $database->fields['write_rate'] = check_str(urldecode($xml->variables->write_rate)); $database->fields['remote_media_ip'] = check_str(urldecode($xml->variables->remote_media_ip)); $database->fields['hangup_cause'] = check_str(urldecode($xml->variables->hangup_cause)); $database->fields['hangup_cause_q850'] = check_str(urldecode($xml->variables->hangup_cause_q850)); //call center $database->fields['cc_side'] = check_str(urldecode($xml->variables->cc_side)); $database->fields['cc_member_uuid'] = check_str(urldecode($xml->variables->cc_member_uuid)); $database->fields['cc_queue_joined_epoch'] = check_str(urldecode($xml->variables->cc_queue_joined_epoch)); $database->fields['cc_queue'] = check_str(urldecode($xml->variables->cc_queue)); $database->fields['cc_member_session_uuid'] = check_str(urldecode($xml->variables->cc_member_session_uuid)); $database->fields['cc_agent'] = check_str(urldecode($xml->variables->cc_agent)); $database->fields['cc_agent_type'] = check_str(urldecode($xml->variables->cc_agent_type)); $database->fields['waitsec'] = check_str(urldecode($xml->variables->waitsec)); //app info $database->fields['last_app'] = check_str(urldecode($xml->variables->last_app)); $database->fields['last_arg'] = check_str(urldecode($xml->variables->last_arg)); //conference $database->fields['conference_name'] = check_str(urldecode($xml->variables->conference_name)); $database->fields['conference_uuid'] = check_str(urldecode($xml->variables->conference_uuid)); $database->fields['conference_member_id'] = check_str(urldecode($xml->variables->conference_member_id)); //call quality $rtp_audio_in_mos = check_str(urldecode($xml->variables->rtp_audio_in_mos)); if (strlen($rtp_audio_in_mos) > 0) { $database->fields['rtp_audio_in_mos'] = $rtp_audio_in_mos; } //get the values from the callflow. $x = 0; foreach ($xml->callflow as $row) { if ($x == 0) { $context = check_str(urldecode($row->caller_profile->context)); $database->fields['destination_number'] = check_str(urldecode($row->caller_profile->destination_number)); $database->fields['context'] = $context; $database->fields['network_addr'] = check_str(urldecode($row->caller_profile->network_addr)); } $database->fields['caller_id_name'] = check_str(urldecode($row->caller_profile->caller_id_name)); $database->fields['caller_id_number'] = check_str(urldecode($row->caller_profile->caller_id_number)); $x++; } unset($x); //store the call leg $database->fields['leg'] = $leg; //store the call direction $database->fields['direction'] = check_str(urldecode($xml->variables->call_direction)); //store post dial delay, in milliseconds $database->fields['pdd_ms'] = check_str(urldecode($xml->variables->progress_mediamsec) + urldecode($xml->variables->progressmsec)); //get break down the date to year, month and day $tmp_time = strtotime($start_stamp); $tmp_year = date("Y", $tmp_time); $tmp_month = date("M", $tmp_time); $tmp_day = date("d", $tmp_time); //get the domain values from the xml $domain_name = check_str(urldecode($xml->variables->domain_name)); $domain_uuid = check_str(urldecode($xml->variables->domain_uuid)); xml_cdr_log("\ndomain_name is `{$domain_name}`; domain_uuid is '{$domain_uuid}'\n"); //get the domain_uuid with the domain_name if (strlen($domain_uuid) == 0) { $sql = "select domain_uuid from v_domains "; if (strlen($domain_name) == 0 && $context != 'public' && $context != 'default') { $sql .= "where domain_name = '" . $context . "' "; } else { $sql .= "where domain_name = '" . $domain_name . "' "; } $row = $db->query($sql)->fetch(); $domain_uuid = $row['domain_uuid']; if (strlen($domain_uuid) == 0) { $sql = "select domain_name, domain_uuid from v_domains "; $row = $db->query($sql)->fetch(); $domain_uuid = $row['domain_uuid']; if (strlen($domain_name) == 0) { $domain_name = $row['domain_name']; } } } //set values in the database $database->domain_uuid = $domain_uuid; $database->fields['domain_uuid'] = $domain_uuid; $database->fields['domain_name'] = $domain_name; //check whether a recording exists $recording_relative_path = '/archive/' . $tmp_year . '/' . $tmp_month . '/' . $tmp_day; if (file_exists($_SESSION['switch']['recordings']['dir'] . $recording_relative_path . '/' . $uuid . '.wav')) { $recording_file = $recording_relative_path . '/' . $uuid . '.wav'; } elseif (file_exists($_SESSION['switch']['recordings']['dir'] . $recording_relative_path . '/' . $uuid . '.mp3')) { $recording_file = $recording_relative_path . '/' . $uuid . '.mp3'; } if (isset($recording_file) && !empty($recording_file)) { $database->fields['recording_file'] = $recording_file; } //save to the database in xml format if ($_SESSION['cdr']['format']['text'] == "xml" && $_SESSION['cdr']['storage']['text'] == "db") { $database->fields['xml'] = check_str($xml_string); } //save to the database in json format if ($_SESSION['cdr']['format']['text'] == "json" && $_SESSION['cdr']['storage']['text'] == "db") { $database->fields['json'] = check_str(json_encode($xml)); } //insert the check_str($extension_uuid) if (strlen($xml->variables->extension_uuid) > 0) { $database->fields['extension_uuid'] = check_str(urldecode($xml->variables->extension_uuid)); } //billing information if (file_exists($_SERVER['DOCUMENT_ROOT'] . PROJECT_PATH . "/app/billing/app_config.php")) { $db2 = new database(); $lcr_currency = strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'; $accountcode = strlen(urldecode($xml->variables->accountcode)) ? check_str(urldecode($xml->variables->accountcode)) : $domain_name; switch (check_str(urldecode($xml->variables->call_direction))) { case "outbound": $destination_number = check_str(urldecode($xml->variables->lcr_query_digits)); $destination_number_serie = number_series($destination_number); $database->fields['carrier_name'] = check_str(urldecode($xml->variables->lcr_carrier)); $sql_rate = "SELECT v_lcr.connect_increment, v_lcr.talk_increment, v_lcr.currency FROM v_lcr, v_carriers WHERE v_carriers.carrier_name = '" . $xml->variables->lcr_carrier . "' AND v_lcr.rate=" . $xml->variables->lcr_rate . " AND v_lcr.lcr_direction = '" . check_str(urldecode($xml->variables->call_direction)) . "' AND digits IN ({$destination_number_serie}) AND v_lcr.carrier_uuid = v_carriers.carrier_uuid ORDER BY digits DESC, rate ASC limit 1"; $sql_user_rate = "SELECT v_lcr.currency, connect_increment, talk_increment FROM v_lcr JOIN v_billings ON v_billings.type_value='{$accountcode}' WHERE v_lcr.carrier_uuid IS NULL AND v_lcr.lcr_direction = '" . check_str(urldecode($xml->variables->call_direction)) . "' AND v_lcr.lcr_profile=v_billings.lcr_profile AND NOW() >= v_lcr.date_start AND NOW() < v_lcr.date_end AND digits IN ({$destination_number_serie}) ORDER BY digits DESC, rate ASC, date_start DESC LIMIT 1"; if ($debug) { echo "sql_rate: {$sql_rate}\n"; echo "sql_user_rate: {$sql_user_rate}\n"; } $db2->sql = $sql_rate; $db2->result = $db2->execute(); // print_r($db2->result); $lcr_currency = strlen($db2->result[0]['currency']) ? check_str($db2->result[0]['currency']) : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); $lcr_rate = strlen($xml->variables->lcr_rate) ? $xml->variables->lcr_rate : 0; $lcr_first_increment = strlen($db2->result[0]['connect_increment']) ? check_str($db2->result[0]['connect_increment']) : 60; $lcr_second_increment = strlen($db2->result[0]['talk_increment']) ? check_str($db2->result[0]['talk_increment']) : 60; unset($db2->sql); unset($db2->result); $db2->sql = $sql_user_rate; $db2->result = $db2->execute(); $lcr_user_rate = strlen($xml->variables->lcr_user_rate) ? $xml->variables->lcr_user_rate : 0.01; $lcr_user_first_increment = strlen($db2->result[0]['connect_increment']) ? check_str($db2->result[0]['connect_increment']) : 60; $lcr_user_second_increment = strlen($db2->result[0]['talk_increment']) ? check_str($db2->result[0]['talk_increment']) : 60; $lcr_user_currency = strlen($db2->result[0]['currency']) ? check_str($db2->result[0]['currency']) : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); unset($db2->sql); unset($db2->result); break; case "inbound": $callee_number = check_str(urldecode($row->caller_profile->destination_number)); $callee_number_serie = number_series($callee_number); $sql_user_rate = "SELECT v_lcr.currency, v_lcr.rate, v_lcr.connect_increment, v_lcr.talk_increment FROM v_lcr JOIN v_billings ON v_billings.type_value='{$accountcode}' WHERE v_lcr.carrier_uuid IS NULL AND v_lcr.lcr_direction = '" . check_str(urldecode($xml->variables->call_direction)) . "' AND v_lcr.lcr_profile=v_billings.lcr_profile AND NOW() >= v_lcr.date_start AND NOW() < v_lcr.date_end AND digits IN ({$destination_number_serie}) ORDER BY digits DESC, rate ASC, date_start DESC LIMIT 1"; if ($debug) { echo "sql_user_rate: {$sql_user_rate}\n"; } $db2->sql = $sql_user_rate; $db2->result = $db2->execute(); // If selling rate is found, then we fill with data, otherwise rate will be 0 $lcr_currency = strlen($db2->result[0]['currency']) ? check_str($db2->result[0]['currency']) : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); $lcr_user_rate = strlen($db2->result[0]['rate']) ? $db2->result[0]['rate'] : 0; $lcr_user_first_increment = strlen($db2->result[0]['connect_increment']) ? $db2->result[0]['connect_increment'] : 60; $lcr_user_second_increment = strlen($db2->result[0]['talk_increment']) ? $db2->result[0]['talk_increment'] : 60; $lcr_user_currency = strlen($db2->result[0]['currency']) ? check_str($db2->result[0]['currency']) : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); // Actually, there is no way to detect what carrier is the calling comming from using current information $lcr_rate = 0; $lcr_first_increment = 0; $lcr_second_increment = 0; unset($db2->sql); unset($db2->result); break; case "local": $destination_number = check_str(urldecode($xml->variables->lcr_query_digits)); $destination_number_serie = number_series($destination_number); $sql_user_rate = "SELECT v_lcr.currency, connect_increment, talk_increment FROM v_lcr JOIN v_billings ON v_billings.type_value='{$accountcode}' WHERE v_lcr.carrier_uuid IS NULL AND v_lcr.lcr_direction = '" . check_str(urldecode($xml->variables->call_direction)) . "' AND v_lcr.lcr_profile=v_billings.lcr_profile AND NOW() >= v_lcr.date_start AND NOW() < v_lcr.date_end AND digits IN ({$destination_number_serie}) ORDER BY digits DESC, rate ASC, date_start DESC LIMIT 1"; if ($debug) { echo "sql_user_rate: {$sql_user_rate}\n"; } $db2->sql = $sql_user_rate; $db2->result = $db2->execute(); // If selling rate is found, then we fill with data, otherwise rate will be 0 $lcr_currency = strlen($db2->result[0]['currency']) ? check_str($db2->result[0]['currency']) : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); $lcr_user_rate = strlen($db2->result[0]['rate']) ? ${$db2}->result[0]['rate'] : 0; $lcr_user_first_increment = strlen($db2->result[0]['connect_increment']) ? $db2->result[0]['connect_increment'] : 60; $lcr_user_second_increment = strlen($db2->result[0]['talk_increment']) ? $db2->result[0]['talk_increment'] : 60; $lcr_user_currency = strlen($db2->result[0]['currency']) ? check_str($db2->result[0]['currency']) : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); // Actually, internal calls have 0 cost $lcr_rate = 0; $lcr_first_increment = 0; $lcr_second_increment = 0; unset($db2->sql); unset($db2->result); break; } // Please note that we save values using LCR currency, but we discount balance in billing currency $time = check_str(urldecode($xml->variables->billsec)); $call_buy = call_cost($lcr_rate, $lcr_first_increment, $lcr_second_increment, $time); $call_sell = call_cost($lcr_user_rate, $lcr_user_first_increment, $lcr_user_second_increment, $time); // Costs/Sell call are in original LCR currency, they need to be converted $database->fields['call_buy'] = check_str($call_buy); $database->fields['call_sell'] = check_str($call_sell); $db2->table = "v_xml_cdr"; $db2->sql = "SELECT currency FROM v_billings WHERE type_value='{$accountcode}' LIMIT 1"; $db2->result = $db2->execute(); $actual_currency = strlen($lcr_currency) ? $lcr_currency : (strlen($_SESSION['billing']['currency']['text']) ? $_SESSION['billing']['currency']['text'] : 'USD'); $billing_currency = strlen($db2->result[0]['currency']) ? $db2->result[0]['currency'] : $default_currency; if ($debug) { echo "sql: " . $db2->sql . "\n"; echo "c " . $database->fields['carrier_name'] . "\n"; echo "t {$time}\n"; echo "b r:{$lcr_rate} - {$lcr_first_increment} - {$lcr_first_increment} = {$call_buy}\n"; echo "s r:{$lcr_user_rate} - {$lcr_user_first_increment} - {$lcr_user_second_increment} = {$call_sell}\n"; echo "lcr currency {$lcr_currency}\n"; echo "actual currency {$actual_currency}\n"; echo "user currency {$lcr_user_currency}\n"; echo "billing currency {$billing_currency}\n"; } unset($database->sql); unset($database->result); $sql_balance = "SELECT balance, old_balance FROM v_billings WHERE type_value='" . check_str(urldecode($xml->variables->accountcode)) . "'"; $db2->sql = $sql_balance; $db2->result = $db2->execute(); $balance = $db2->result[0]['balance']; $old_balance = $db2->result[0]['old_balance']; if ($debug) { echo "sql_balance: {$sql_balance}\n"; echo "bal: {$balance}\n"; echo "old bal: {$old_balance}\n"; } // Lets convert rate from lcr_currency to billing_currency $billing_call_sell = currency_convert($call_sell, $billing_currency, $lcr_user_currency); if ($debug) { echo "bcs: {$billing_call_sell} {$billing_currency}\n"; } // Remember that old_balance is using billing_currency $updated_balance = (double) $old_balance - (double) $billing_call_sell; unset($db2->sql); unset($db2->result); $sql_update_balance = "UPDATE v_billings SET balance={$updated_balance}, old_balance={$updated_balance} WHERE type_value='" . check_str(urldecode($xml->variables->accountcode)) . "'"; if ($debug) { echo "sql_update_balance: {$sql_update_balance}\n"; } $db2->sql = $sql_update_balance; $db2->result = $db2->execute(); unset($db2->sql); unset($db2->result); } //insert xml_cdr into the db if (strlen($start_stamp) > 0) { $database->add(); if ($debug) { echo $database->sql . "\n"; } } //insert the values if (strlen($uuid) > 0) { if ($debug) { $time5_insert = microtime(true); //echo $sql."<br />\n"; } try { $error = "false"; //$db->exec(check_sql($sql)); } catch (PDOException $e) { $tmp_dir = $_SESSION['switch']['log']['dir'] . '/xml_cdr/failed/'; if (!file_exists($tmp_dir)) { mkdir($tmp_dir, 0777, true); } if ($_SESSION['cdr']['format']['text'] == "xml") { $tmp_file = $uuid . '.xml'; $fh = fopen($tmp_dir . '/' . $tmp_file, 'w'); fwrite($fh, $xml_string); } else { $tmp_file = $uuid . '.json'; $fh = fopen($tmp_dir . '/' . $tmp_file, 'w'); fwrite($fh, json_encode($xml)); } fclose($fh); if ($debug) { echo $e->getMessage(); } $error = "true"; } if ($_SESSION['cdr']['storage']['text'] == "dir" && $error != "true") { if (strlen($uuid) > 0) { $tmp_time = strtotime($start_stamp); $tmp_year = date("Y", $tmp_time); $tmp_month = date("M", $tmp_time); $tmp_day = date("d", $tmp_time); $tmp_dir = $_SESSION['switch']['log']['dir'] . '/xml_cdr/archive/' . $tmp_year . '/' . $tmp_month . '/' . $tmp_day; if (!file_exists($tmp_dir)) { mkdir($tmp_dir, 0777, true); } if ($_SESSION['cdr']['format']['text'] == "xml") { $tmp_file = $uuid . '.xml'; $fh = fopen($tmp_dir . '/' . $tmp_file, 'w'); fwrite($fh, $xml_string); } else { $tmp_file = $uuid . '.json'; $fh = fopen($tmp_dir . '/' . $tmp_file, 'w'); fwrite($fh, json_encode($xml)); } fclose($fh); } } unset($error); if ($debug) { global $insert_time, $insert_count; $insert_time += microtime(true) - $time5_insert; //add this current query. $insert_count++; } } unset($sql); }
require_once "resources/check_auth.php"; require_once "config.php"; if (permission_exists('content_edit')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text(); $text = $language->get(); //move down more than one level at a time //update v_rss set rss_order = (rss_order+1) where rss_order > 2 or rss_order = 2 if (count($_GET) > 0) { $rss_uuid = check_str($_GET["rss_uuid"]); $rss_order = check_str($_GET["rss_order"]); $sql = "SELECT rss_order FROM v_rss "; $sql .= "where domain_uuid = '{$domain_uuid}' "; $sql .= "and rss_category = '{$rss_category}' "; $sql .= "order by rss_order desc "; $sql .= "limit 1 "; //echo $sql."<br><br>"; //return; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); foreach ($result as &$row) { //print_r( $row ); $highestrss_order = $row[rss_order]; } unset($prep_statement);
//send the fax $continue = false; if (!$included) { if ($_POST['action'] == "send") { $fax_numbers = $_POST['fax_numbers']; $fax_uuid = check_str($_POST["id"]); $fax_caller_id_name = check_str($_POST['fax_caller_id_name']); $fax_caller_id_number = check_str($_POST['fax_caller_id_number']); $fax_header = check_str($_POST['fax_header']); $fax_sender = check_str($_POST['fax_sender']); $fax_recipient = check_str($_POST['fax_recipient']); $fax_subject = check_str($_POST['fax_subject']); $fax_message = check_str($_POST['fax_message']); $fax_resolution = check_str($_POST['fax_resolution']); $fax_page_size = check_str($_POST['fax_page_size']); $fax_footer = check_str($_POST['fax_footer']); $continue = true; } } else { //all necessary local and session variables should //be already set by now by file including this one $continue = true; } // cleanup numbers if (isset($fax_numbers)) { foreach ($fax_numbers as $index => $fax_number) { fax_split_dtmf($fax_number, $fax_dtmf); $fax_number = preg_replace("~[^0-9]~", "", $fax_number); $fax_dtmf = preg_replace("~[^0-9Pp*#]~", "", $fax_dtmf); if ($fax_number != '') { if ($fax_dtmf != '') {
*/ require_once "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; if (permission_exists('voicemail_view')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text(); $text = $language->get(); //retrieve order by $order_by = check_str($_GET["order_by"]); $order = check_str($_GET["order"]); //set the voicemail id and voicemail uuid arrays if (isset($_SESSION['user']['extension'])) { foreach ($_SESSION['user']['extension'] as $index => $row) { if (strlen($row['number_alias']) > 0) { $voicemail_ids[$index]['voicemail_id'] = $row['number_alias']; } else { $voicemail_ids[$index]['voicemail_id'] = $row['user']; } } } if (isset($_SESSION['user']['voicemail'])) { foreach ($_SESSION['user']['voicemail'] as $row) { if (strlen($row['voicemail_uuid']) > 0) { $voicemail_uuids[]['voicemail_uuid'] = $row['voicemail_uuid']; }
$prep_statement_accountcode->execute(); $row_accountcode = $prep_statement_accountcode->fetch(PDO::FETCH_ASSOC); if ($row_accountcode['count'] > 0) { $broadcast_accountcode = check_str($_POST["broadcast_accountcode"]); } else { $broadcast_accountcode = $_SESSION['domain_name']; } unset($sql_accountcode, $prep_statement_accountcode, $row_accountcode); } else { $broadcast_accountcode = $_SESSION['domain_name']; } } if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { $msg = ''; if ($action == "update") { $call_broadcast_uuid = check_str($_POST["call_broadcast_uuid"]); } //check for all required data if (strlen($broadcast_name) == 0) { $msg .= "" . $text['confirm-name'] . "<br>\n"; } //if (strlen($broadcast_description) == 0) { $msg .= "Please provide: Description<br>\n"; } //if (strlen($broadcast_timeout) == 0) { $msg .= "Please provide: Timeout<br>\n"; } //if (strlen($broadcast_concurrent_limit) == 0) { $msg .= "Please provide: Concurrent Limit<br>\n"; } //if (strlen($recording_uuid) == 0) { $msg .= "Please provide: Recording<br>\n"; } //if (strlen($broadcast_caller_id_name) == 0) { $msg .= "Please provide: Caller ID Name<br>\n"; } //if (strlen($broadcast_caller_id_number) == 0) { $msg .= "Please provide: Caller ID Number<br>\n"; } //if (strlen($broadcast_destination_type) == 0) { $msg .= "Please provide: Type<br>\n"; } //if (strlen($broadcast_phone_numbers) == 0) { $msg .= "Please provide: Phone Number List<br>\n"; } //if (strlen($broadcast_avmd) == 0) { $msg .= "Please provide: Voicemail Detection<br>\n"; } //if (strlen($broadcast_destination_data) == 0) { $msg .= "Please provide: Destination<br>\n"; }
include "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; if (permission_exists('device_add')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text(); $text = $language->get(); //set the http get/post variable(s) to a php variable if (isset($_REQUEST["id"]) && isset($_REQUEST["mac"])) { $device_uuid = check_str($_REQUEST["id"]); $mac_address_new = check_str($_REQUEST["mac"]); $mac_address_new = preg_replace('#[^a-fA-F0-9./]#', '', $mac_address_new); } //set the default $save = true; //check to see if the mac address exists if ($mac_address_new == "" || $mac_address_new == "000000000000") { //allow duplicates to be used as templaes } else { $sql = "SELECT count(*) AS num_rows FROM v_devices "; $sql .= "WHERE device_mac_address = '" . $mac_address_new . "' "; $prep_statement = $db->prepare($sql); if ($prep_statement) { $prep_statement->execute(); $row = $prep_statement->fetch(PDO::FETCH_ASSOC); if ($row['num_rows'] == "0") {
if ($action == "add") { //save the message to a session variable $_SESSION['message'] = $text['message-add']; //redirect the browser header("Location: ring_group_edit.php?id={$ring_group_uuid}"); exit; } if ($action == "update") { //save the message to a session variable $_SESSION['message'] = $text['message-update']; } } //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) //pre-populate the form if (strlen($ring_group_uuid) == 0) { $ring_group_uuid = check_str($_GET["id"]); } if (strlen($ring_group_uuid) > 0) { $sql = "select * from v_ring_groups "; $sql .= "where domain_uuid = '" . $_SESSION['domain_uuid'] . "' "; $sql .= "and ring_group_uuid = '{$ring_group_uuid}' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(); foreach ($result as &$row) { $ring_group_name = $row["ring_group_name"]; $ring_group_extension = $row["ring_group_extension"]; $ring_group_context = $row["ring_group_context"]; $ring_group_strategy = $row["ring_group_strategy"]; $ring_group_timeout_app = $row["ring_group_timeout_app"]; $ring_group_timeout_data = $row["ring_group_timeout_data"];
require_once "resources/check_auth.php"; if (permission_exists('menu_delete')) { //access granted } else { echo "access denied"; return; } //add multi-lingual support $language = new text(); $text = $language->get(); if (count($_GET) > 0) { //clear the menu session so it will rebuild with the update $_SESSION["menu"] = ""; //get the menu uuid $menu_uuid = check_str($_GET["id"]); $menu_item_uuid = check_str($_GET["menu_item_uuid"]); //delete the item in the menu $sql = "delete from v_menu_items "; $sql .= "where menu_item_uuid = '{$menu_item_uuid}' "; $sql .= "and menu_uuid = '{$menu_uuid}' "; $db->exec(check_sql($sql)); unset($sql); //delete the menu item groups $sql = "delete from v_menu_item_groups "; $sql .= "where menu_item_uuid = '{$menu_item_uuid}' "; $sql .= "and menu_uuid = '{$menu_uuid}' "; $db->exec(check_sql($sql)); unset($sql); //delete the menu item language $sql = "delete from v_menu_languages "; $sql .= "where menu_uuid = '{$menu_uuid}' ";
//includes require_once "root.php"; require_once "resources/require.php"; //check permissions require_once "resources/check_auth.php"; if (permission_exists('device_vendor_function_delete')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text(); $text = $language->get(); //get the id if (count($_GET) > 0) { $id = check_str($_GET["id"]); $device_vendor_uuid = check_str($_GET["device_vendor_uuid"]); } //delete the data if (strlen($id) > 0) { //delete device_vendor_function $sql = "delete from v_device_vendor_functions "; $sql .= "where device_vendor_function_uuid = '{$id}' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); unset($sql); } //redirect the user $_SESSION['message'] = $text['message-delete']; header('Location: device_vendor_function_edit.php?id=' . $device_vendor_uuid);
break; case 'greaterorequal': $mos_comparison = ">="; break; case 'equal': $mos_comparison = "<"; break; case 'notequal': $mos_comparison = "<>"; break; } } else { $mos_comparison = ''; } //$mos_comparison = check_str($_REQUEST["mos_comparison"]); $mos_score = check_str($_REQUEST["mos_score"]); } //build the sql where string if ($missed == true) { $sql_where_ands[] = "billsec = '0'"; } if (strlen($start_epoch) > 0 && strlen($stop_epoch) > 0) { $sql_where_ands[] = "start_epoch BETWEEN " . $start_epoch . " AND " . $stop_epoch . " "; } if (strlen($cdr_id) > 0) { $sql_where_ands[] = "cdr_id like '%" . $cdr_id . "%'"; } if (strlen($direction) > 0) { $sql_where_ands[] = "direction = '" . $direction . "'"; } if (strlen($caller_id_name) > 0) {
$is_del = intval($_POST['is_del']); $is_disable = intval($_POST['is_disable']); $submit = $_POST['submit']; if (!isset($id) || empty($id)) { msg('<span style="color:red">参数传递错误,请重新操作</span>', 'admin_channel.php'); } if (!isset($submit)) { msg('<span style="color:red">请从表单提交</span>'); } if (empty($use_name)) { msg('<span style="color:red">字段提示文字不能为空</span>'); } if (strlen($use_name) > 60) { msg('<span style="color:red">字段提示文字太长,请缩短</span>'); } if (!check_str($field_name, '/^\\w+$/')) { msg('<span style="color:red">字段名必须是字母、数字或_组合</span>'); } if (strlen($field_name) > 60) { msg('<span style="color:red">字段名太长,请缩短</span>'); } if (strlen($field_value) > 200) { msg('<span style="color:red">字段默认值太长,请缩短</span>'); } if (strlen($field_info) > 200) { msg('<span style="color:red">字段说明太长,请缩短</span>'); } $field_length = $field_length; if (empty($field_length)) { $field_length = 255; }
*/ require_once "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; if (permission_exists('conference_delete')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text(); $text = $language->get(); //get the id if (count($_GET) > 0) { $id = check_str($_GET["id"]); } //require the id if (strlen($id) > 0) { //get the dialplan uuid $sql = "select * from v_conferences "; $sql .= "where domain_uuid = '{$domain_uuid}' "; $sql .= "and conference_uuid = '{$id}' "; $prep_statement = $db->prepare($sql); $prep_statement->execute(); while ($row = $prep_statement->fetch(PDO::FETCH_ASSOC)) { $dialplan_uuid = $row['dialplan_uuid']; } //delete conference $sql = "delete from v_conferences "; $sql .= "where domain_uuid = '{$domain_uuid}' ";
require_once "resources/require.php"; require_once "resources/check_auth.php"; if (permission_exists('device_key_delete')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text(); $text = $language->get(); //get the id if (isset($_GET["id"])) { $id = $_GET["id"]; $device_uuid = check_str($_GET["device_uuid"]); $device_profile_uuid = check_str($_GET["device_profile_uuid"]); } //delete device keys if (is_uuid($id)) { $sql = "delete from v_device_keys "; $sql .= "where (domain_uuid = '" . $_SESSION["domain_uuid"] . "' or domain_uuid is null) "; $sql .= "and device_key_uuid = '" . $id . "' "; $db->exec($sql); unset($sql); } //send a redirect $_SESSION["message"] = $text['message-delete']; if ($device_uuid != '') { header("Location: device_edit.php?id=" . $device_uuid); } else { if ($device_profile_uuid != '') {
$field_label = check_str($_POST["field_label"]); $field_name = check_str($_POST["field_name"]); $field_type = check_str($_POST["field_type"]); $field_value = check_str($_POST["field_value"]); $field_list_hidden = check_str($_POST["field_list_hidden"]); $field_search_by = check_str($_POST["field_search_by"]); $field_column = check_str($_POST["field_column"]); $field_required = check_str($_POST["field_required"]); $field_order = check_str($_POST["field_order"]); $field_order_tab = check_str($_POST["field_order_tab"]); $field_description = check_str($_POST["field_description"]); } if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { $msg = ''; if ($action == "update") { $schema_field_uuid = check_str($_POST["schema_field_uuid"]); } //check for all required data if (strlen($domain_uuid) == 0) { $msg .= $text['message-required'] . "domain_uuid<br>\n"; } if (strlen($field_name) == 0 && $field_type != "label") { $msg .= $text['message-required'] . $text['label-field_name'] . "<br>\n"; } if (strlen($field_type) == 0) { $msg .= $text['message-required'] . $text['label-field_type'] . "<br>\n"; } if (strlen($field_list_hidden) == 0) { $msg .= $text['message-required'] . $text['label-field_visibility'] . "<br>\n"; } if (strlen($field_column) == 0) {
require_once "resources/require.php"; require_once "resources/check_auth.php"; require_once "resources/paging.php"; if (permission_exists('dialplan_add') || permission_exists('inbound_route_add') || permission_exists('outbound_route_add') || permission_exists('time_condition_add')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text(); $text = $language->get(); //set the http get/post variable(s) to a php variable if (isset($_REQUEST["id"])) { $sip_profile_uuid = check_str($_REQUEST["id"]); $sip_profile_name = check_str($_REQUEST["name"]); } //get the sip profile data if (count($_GET) > 0 && $_POST["persistformvar"] != "true") { $sql = "select * from v_sip_profiles "; $sql .= "where sip_profile_uuid = '{$sip_profile_uuid}' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(); foreach ($result as &$row) { $sip_profile_description = $row["sip_profile_description"]; } unset($prep_statement); } //copy the v_sip_profiles $sip_profile_uuid_new = uuid();
/** * process method converts the xml cdr and adds it to the database */ public function xml_array($row, $leg, $xml_string) { //fix the xml by escaping the contents of <sip_full_XXX> if (defined('STDIN')) { $xml_string = preg_replace_callback("/<([^><]+)>(.*?[><].*?)<\\/\\g1>/", function ($matches) { return '<' . $matches[1] . '>' . str_replace(">", ">", str_replace("<", "<", $matches[2])) . '</' . $matches[1] . '>'; }, $xml_string); } //parse the xml to get the call detail record info try { //$this->log($xml_string); $xml = simplexml_load_string($xml_string); //$this->log("\nxml load done\n"); } catch (Exception $e) { echo $e->getMessage(); //$this->log("\nfail loadxml: " . $e->getMessage() . "\n"); } //get the destination number if ($xml->variables->current_application == "bridge") { $current_application_data = urldecode($xml->variables->current_application_data); $bridge_array = explode("/", $current_application_data); $destination_number = end($bridge_array); if (strpos($destination_number, '@') !== FALSE) { $destination_array = explode("@", $destination_number); $destination_number = $destination_array[0]; } } else { $destination_number = urldecode($xml->variables->sip_to_user); } //get the caller id $caller_id_name = urldecode($xml->variables->effective_caller_id_name); $caller_id_number = urldecode($xml->variables->effective_caller_id_number); if (strlen($caller_id_number) == 0) { foreach ($xml->callflow as $row) { $caller_id_name = urldecode($row->caller_profile->caller_id_name); $caller_id_number = urldecode($row->caller_profile->caller_id_number); } } //misc $uuid = check_str(urldecode($xml->variables->uuid)); $this->array[$row]['uuid'] = $uuid; $this->array[$row]['destination_number'] = check_str($destination_number); $this->array[$row]['source_number'] = check_str(urldecode($xml->variables->effective_caller_id_number)); $this->array[$row]['user_context'] = check_str(urldecode($xml->variables->user_context)); $this->array[$row]['network_addr'] = check_str(urldecode($xml->variables->sip_network_ip)); $this->array[$row]['caller_id_name'] = check_str($caller_id_name); $this->array[$row]['caller_id_number'] = check_str($caller_id_number); $this->array[$row]['accountcode'] = check_str(urldecode($xml->variables->accountcode)); $this->array[$row]['default_language'] = check_str(urldecode($xml->variables->default_language)); $this->array[$row]['bridge_uuid'] = check_str(urldecode($xml->variables->bridge_uuid)); //$this->array[$row]['digits_dialed'] = check_str(urldecode($xml->variables->digits_dialed)); $this->array[$row]['sip_hangup_disposition'] = check_str(urldecode($xml->variables->sip_hangup_disposition)); $this->array[$row]['pin_number'] = check_str(urldecode($xml->variables->pin_number)); //time $this->array[$row]['start_epoch'] = check_str(urldecode($xml->variables->start_epoch)); $start_stamp = check_str(urldecode($xml->variables->start_stamp)); $this->array[$row]['start_stamp'] = $start_stamp; $this->array[$row]['answer_stamp'] = check_str(urldecode($xml->variables->answer_stamp)); $this->array[$row]['answer_epoch'] = check_str(urldecode($xml->variables->answer_epoch)); $this->array[$row]['end_epoch'] = check_str(urldecode($xml->variables->end_epoch)); $this->array[$row]['end_stamp'] = check_str(urldecode($xml->variables->end_stamp)); $this->array[$row]['duration'] = check_str(urldecode($xml->variables->duration)); $this->array[$row]['mduration'] = check_str(urldecode($xml->variables->mduration)); $this->array[$row]['billsec'] = check_str(urldecode($xml->variables->billsec)); $this->array[$row]['billmsec'] = check_str(urldecode($xml->variables->billmsec)); //codecs $this->array[$row]['read_codec'] = check_str(urldecode($xml->variables->read_codec)); $this->array[$row]['read_rate'] = check_str(urldecode($xml->variables->read_rate)); $this->array[$row]['write_codec'] = check_str(urldecode($xml->variables->write_codec)); $this->array[$row]['write_rate'] = check_str(urldecode($xml->variables->write_rate)); $this->array[$row]['remote_media_ip'] = check_str(urldecode($xml->variables->remote_media_ip)); $this->array[$row]['hangup_cause'] = check_str(urldecode($xml->variables->hangup_cause)); $this->array[$row]['hangup_cause_q850'] = check_str(urldecode($xml->variables->hangup_cause_q850)); //call center $this->array[$row]['cc_side'] = check_str(urldecode($xml->variables->cc_side)); $this->array[$row]['cc_member_uuid'] = check_str(urldecode($xml->variables->cc_member_uuid)); $this->array[$row]['cc_queue_joined_epoch'] = check_str(urldecode($xml->variables->cc_queue_joined_epoch)); $this->array[$row]['cc_queue'] = check_str(urldecode($xml->variables->cc_queue)); $this->array[$row]['cc_member_session_uuid'] = check_str(urldecode($xml->variables->cc_member_session_uuid)); $this->array[$row]['cc_agent'] = check_str(urldecode($xml->variables->cc_agent)); $this->array[$row]['cc_agent_type'] = check_str(urldecode($xml->variables->cc_agent_type)); $this->array[$row]['waitsec'] = check_str(urldecode($xml->variables->waitsec)); //app info $this->array[$row]['last_app'] = check_str(urldecode($xml->variables->last_app)); $this->array[$row]['last_arg'] = check_str(urldecode($xml->variables->last_arg)); //conference $this->array[$row]['conference_name'] = check_str(urldecode($xml->variables->conference_name)); $this->array[$row]['conference_uuid'] = check_str(urldecode($xml->variables->conference_uuid)); $this->array[$row]['conference_member_id'] = check_str(urldecode($xml->variables->conference_member_id)); //call quality $rtp_audio_in_mos = check_str(urldecode($xml->variables->rtp_audio_in_mos)); if (strlen($rtp_audio_in_mos) > 0) { $this->array[$row]['rtp_audio_in_mos'] = $rtp_audio_in_mos; } //store the call leg $this->array[$row]['leg'] = $leg; //store the call direction $this->array[$row]['direction'] = check_str(urldecode($xml->variables->call_direction)); //store post dial delay, in milliseconds $this->array[$row]['pdd_ms'] = check_str(urldecode($xml->variables->progress_mediamsec) + urldecode($xml->variables->progressmsec)); //get break down the date to year, month and day $tmp_time = strtotime($start_stamp); $tmp_year = date("Y", $tmp_time); $tmp_month = date("M", $tmp_time); $tmp_day = date("d", $tmp_time); //get the domain values from the xml $domain_name = check_str(urldecode($xml->variables->domain_name)); $domain_uuid = check_str(urldecode($xml->variables->domain_uuid)); //get the domain name from sip_req_host if (strlen($domain_name) == 0) { $domain_name = check_str(urldecode($xml->variables->sip_req_host)); } //send the domain name to the cdr log //$this->log("\ndomain_name is `$domain_name`; domain_uuid is '$domain_uuid'\n"); //get the domain_uuid with the domain_name if (strlen($domain_uuid) == 0) { $sql = "select domain_uuid from v_domains "; if (strlen($domain_name) == 0 && $context != 'public' && $context != 'default') { $sql .= "where domain_name = '" . $context . "' "; } else { $sql .= "where domain_name = '" . $domain_name . "' "; } $row = $this->db->query($sql)->fetch(); $domain_uuid = $row['domain_uuid']; } //set values in the database if (strlen($domain_uuid) > 0) { $this->array[$row]['domain_uuid'] = $domain_uuid; } if (strlen($domain_name) > 0) { $this->array[$row]['domain_name'] = $domain_name; } //check whether a recording exists $recording_relative_path = '/' . $_SESSION['domain_name'] . '/archive/' . $tmp_year . '/' . $tmp_month . '/' . $tmp_day; if (file_exists($_SESSION['switch']['recordings']['dir'] . $recording_relative_path . '/' . $uuid . '.wav')) { $recording_file = $recording_relative_path . '/' . $uuid . '.wav'; } elseif (file_exists($_SESSION['switch']['recordings']['dir'] . $recording_relative_path . '/' . $uuid . '.mp3')) { $recording_file = $recording_relative_path . '/' . $uuid . '.mp3'; } if (isset($recording_file) && !empty($recording_file)) { $this->array[$row]['recording_file'] = $recording_file; } //save to the database in xml format if ($_SESSION['cdr']['format']['text'] == "xml" && $_SESSION['cdr']['storage']['text'] == "db") { $this->array[$row]['xml'] = check_str($xml_string); } //save to the database in json format if ($_SESSION['cdr']['format']['text'] == "json" && $_SESSION['cdr']['storage']['text'] == "db") { $this->array[$row]['json'] = check_str(json_encode($xml)); } //insert the check_str($extension_uuid) if (strlen($xml->variables->extension_uuid) > 0) { $this->array[$row]['extension_uuid'] = check_str(urldecode($xml->variables->extension_uuid)); } //insert the values if (strlen($uuid) > 0) { if ($this->debug) { //$time5_insert = microtime(true); //echo $sql."<br />\n"; } try { $error = "false"; //$this->db->exec(check_sql($sql)); } catch (PDOException $e) { $tmp_dir = $_SESSION['switch']['log']['dir'] . '/xml_cdr/failed/'; if (!file_exists($tmp_dir)) { mkdir($tmp_dir, 0777, true); } if ($_SESSION['cdr']['format']['text'] == "xml") { $tmp_file = $uuid . '.xml'; $fh = fopen($tmp_dir . '/' . $tmp_file, 'w'); fwrite($fh, $xml_string); } else { $tmp_file = $uuid . '.json'; $fh = fopen($tmp_dir . '/' . $tmp_file, 'w'); fwrite($fh, json_encode($xml)); } fclose($fh); if ($this->debug) { echo $e->getMessage(); } $error = "true"; } if ($_SESSION['cdr']['storage']['text'] == "dir" && $error != "true") { if (strlen($uuid) > 0) { $tmp_time = strtotime($start_stamp); $tmp_year = date("Y", $tmp_time); $tmp_month = date("M", $tmp_time); $tmp_day = date("d", $tmp_time); $tmp_dir = $_SESSION['switch']['log']['dir'] . '/xml_cdr/archive/' . $tmp_year . '/' . $tmp_month . '/' . $tmp_day; if (!file_exists($tmp_dir)) { mkdir($tmp_dir, 0777, true); } if ($_SESSION['cdr']['format']['text'] == "xml") { $tmp_file = $uuid . '.xml'; $fh = fopen($tmp_dir . '/' . $tmp_file, 'w'); fwrite($fh, $xml_string); } else { $tmp_file = $uuid . '.json'; $fh = fopen($tmp_dir . '/' . $tmp_file, 'w'); fwrite($fh, json_encode($xml)); } fclose($fh); } } unset($error); //if ($this->debug) { //GLOBAL $insert_time,$insert_count; //$insert_time+=microtime(true)-$time5_insert; //add this current query. //$insert_count++; //} } unset($sql); }
Contributor(s): Mark J Crane <*****@*****.**> */ include "root.php"; require_once "includes/config.php"; require_once "includes/checkauth.php"; if (ifgroup("admin") || ifgroup("superadmin")) { //access granted } else { echo "access denied"; exit; } if (count($_GET) > 0) { $id = $_GET["id"]; $public_include_id = check_str($_REQUEST["id2"]); } if (strlen($id) > 0) { $sql = ""; $sql .= "delete from v_public_includes_details "; $sql .= "where v_id = '{$v_id}' "; $sql .= "and public_includes_detail_id = '{$id}' "; $sql .= "and public_include_id = '{$public_include_id}' "; $prepstatement = $db->prepare(check_sql($sql)); $prepstatement->execute(); unset($sql); } require_once "includes/header.php"; echo "<meta http-equiv=\"refresh\" content=\"2;url=v_public_includes_edit.php?id=" . $public_include_id . "\">\n"; echo "<div align='center'>\n"; echo "Delete Complete\n";
require_once "resources/check_auth.php"; if (permission_exists('menu_edit')) { //access granted } else { echo "access denied"; return; } //add multi-lingual support $language = new text(); $text = $language->get(); //move down more than one level at a time //update v_menu_items set menu_item_order = (menu_item_order+1) where menu_item_order > 2 or menu_item_order = 2 if (count($_GET) > 0) { $menu_item_id = check_str($_GET["menu_item_id"]); $menu_item_order = check_str($_GET["menu_item_order"]); $menu_parent_guid = check_str($_GET["menu_parent_guid"]); $sql = "SELECT menu_item_order FROM v_menu_items "; $sql .= "where domain_uuid = '" . $domain_uuid . "' "; $sql .= "order by menu_item_order desc "; $sql .= "limit 1 "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); foreach ($result as &$row) { $highestmenu_item_order = $row[menu_item_order]; } unset($prep_statement); if ($menu_item_order != $highestmenu_item_order) { //clear the menu session so it will rebuild with the update $_SESSION["menu"] = ""; //move the current item's order number up
} $tag = check_str($_POST["tag"]); $fieldtype = check_str($_POST["fieldtype"]); $fielddata = check_str($_POST["fielddata"]); $fieldorder = check_str($_POST["fieldorder"]); } //echo "public_include_id $public_include_id<br />\n"; if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { $msg = ''; ////recommend moving this to the config.php file $uploadtempdir = $_ENV["TEMP"] . "\\"; ini_set('upload_tmp_dir', $uploadtempdir); ////$imagedir = $_ENV["TEMP"]."\\"; ////$filedir = $_ENV["TEMP"]."\\"; if ($action == "update") { $public_includes_detail_id = check_str($_POST["public_includes_detail_id"]); } //check for all required data if (strlen($v_id) == 0) { $msg .= "Please provide: v_id<br>\n"; } if (strlen($public_include_id) == 0) { $msg .= "Please provide: public_include_id<br>\n"; } if (strlen($tag) == 0) { $msg .= "Please provide: Tag<br>\n"; } if (strlen($fieldtype) == 0) { $msg .= "Please provide: Type<br>\n"; } //if (strlen($fielddata) == 0) { $msg .= "Please provide: Data<br>\n"; }
//redirect the browser if ($action == "update" && permission_exists('fax_extension_edit')) { $_SESSION["message"] = $text['confirm-update']; } if ($action == "add" && permission_exists('fax_extension_add')) { $_SESSION["message"] = $text['confirm-add']; } header("Location: fax.php"); return; } //if ($_POST["persistformvar"] != "true") } //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) //pre-populate the form if (strlen($_GET['id']) > 0 && $_POST["persistformvar"] != "true") { $fax_uuid = check_str($_GET["id"]); $sql = "select * from v_fax "; $sql .= "where domain_uuid = '" . $_SESSION['domain_uuid'] . "' "; $sql .= "and fax_uuid = '{$fax_uuid}' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); if (count($result) == 0) { echo "access denied"; exit; } foreach ($result as &$row) { $dialplan_uuid = $row["dialplan_uuid"]; $fax_extension = $row["fax_extension"]; $fax_accountcode = $row["accountcode"]; $fax_destination_number = $row["fax_destination_number"];
if ($_GET['type'] == "fax_sent") { if (file_exists($fax_dir . '/' . check_str($_GET['ext']) . '/sent/' . check_str($_GET['filename']))) { $tmp_faxdownload_file = $fax_dir . '/' . check_str($_GET['ext']) . '/sent/' . check_str($_GET['filename']); } } } //let's see if we found it. if (strlen($tmp_faxdownload_file) > 0) { $fd = fopen($tmp_faxdownload_file, "rb"); if ($_GET['t'] == "bin") { header("Content-Type: application/force-download"); header("Content-Type: application/octet-stream"); header("Content-Description: File Transfer"); header('Content-Disposition: attachment; filename="' . check_str($_GET['filename']) . '"'); } else { $file_ext = substr(check_str($_GET['filename']), -3); if ($file_ext == "tif") { header("Content-Type: image/tiff"); } else { if ($file_ext == "png") { header("Content-Type: image/png"); } else { if ($file_ext == "jpg") { header('Content-Type: image/jpeg'); } else { if ($file_ext == "pdf") { header("Content-Type: application/pdf"); } } } }
} else { $action = "add"; } if (strlen($_GET["contact_uuid"]) > 0) { $contact_uuid = check_str($_GET["contact_uuid"]); } //get http post variables and set them to php variables if (count($_POST) > 0) { $contact_note = check_str($_POST["contact_note"]); $last_mod_date = check_str($_POST["last_mod_date"]); $last_mod_user = check_str($_POST["last_mod_user"]); } if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { $msg = ''; if ($action == "update") { $contact_note_uuid = check_str($_POST["contact_note_uuid"]); } //check for all required data if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) { require_once "resources/header.php"; require_once "resources/persist_form_var.php"; echo "<div align='center'>\n"; echo "<table><tr><td>\n"; echo $msg . "<br />"; echo "</td></tr></table>\n"; persistformvar($_POST); echo "</div>\n"; require_once "resources/footer.php"; return; } //add or update the database
$address_locality = check_str($_POST["address_locality"]); $address_region = check_str($_POST["address_region"]); $address_postal_code = check_str($_POST["address_postal_code"]); $address_country = check_str($_POST["address_country"]); $address_latitude = check_str($_POST["address_latitude"]); $address_longitude = check_str($_POST["address_longitude"]); $address_primary = check_str($_POST["address_primary"]); $address_description = check_str($_POST["address_description"]); //use custom label if set $address_label = $address_label_custom != '' ? $address_label_custom : $address_label; } //process the form data if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { //set the uuid if ($action == "update") { $contact_address_uuid = check_str($_POST["contact_address_uuid"]); } //check for all required data $msg = ''; if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) { require_once "resources/header.php"; require_once "resources/persist_form_var.php"; echo "<div align='center'>\n"; echo "<table><tr><td>\n"; echo $msg . "<br />"; echo "</td></tr></table>\n"; persistformvar($_POST); echo "</div>\n"; require_once "resources/footer.php"; return; }
} if (count($_POST) > 0 && $_POST["persistform"] != "1") { //get the HTTP values and set as variables $user_uuid = $_REQUEST["id"]; $domain_uuid = check_str($_POST["domain_uuid"]); $username_old = check_str($_POST["username_old"]); $username = check_str($_POST["username"]); $password = check_str($_POST["password"]); $password_confirm = check_str($_POST["password_confirm"]); $user_status = check_str($_POST["user_status"]); $user_language = check_str($_POST["user_language"]); $user_time_zone = check_str($_POST["user_time_zone"]); $contact_uuid = check_str($_POST["contact_uuid"]); $group_member = check_str($_POST["group_member"]); $user_enabled = check_str($_POST["user_enabled"]); $api_key = check_str($_POST["api_key"]); //check required values if ($username != $username_old) { $sql = "select count(*) as num_rows from v_users where domain_uuid = '" . $domain_uuid . "' and username = '******'"; $prep_statement = $db->prepare(check_sql($sql)); if ($prep_statement) { $prep_statement->execute(); $row = $prep_statement->fetch(PDO::FETCH_ASSOC); if (0 < $row['num_rows']) { $msg_error = $text['message-username_exists']; } } unset($sql); } if ($password != $password_confirm) { $msg_error = $text['message-password_mismatch'];
$group_conditions_exist[$group_id] = true; } //if } //for each //continue adding to query only if conditions exist in current group if ($group_conditions_exist[$group_id]) { //determine group action app and data $dialplan_action = check_str($_REQUEST["dialplan_action"][$group_id]); if ($dialplan_action == '') { if ($is_preset) { if (check_str($_REQUEST['default_preset_action']) != '') { $dialplan_action = check_str($_REQUEST['default_preset_action']); } else { if (check_str($_REQUEST['dialplan_anti_action']) != '') { $dialplan_action = check_str($_REQUEST['dialplan_anti_action']); } } } } if ($dialplan_action != '') { //if preset, set log variable if ($is_preset) { foreach ($_REQUEST['preset'] as $preset_number => $preset_group_id) { if ($group_id == $preset_group_id) { foreach ($available_presets[$preset_number] as $available_preset_name => $meh) { $dialplan_detail_order += 10; $sql .= ", ( "; $sql .= "'" . $domain_uuid . "', "; $sql .= "'" . $dialplan_uuid . "', "; $sql .= "'" . uuid() . "', ";