<?php require 'freeside.class.php'; $freeside = new FreesideSelfService(); $domain = 'example.com'; $response = $freeside->login(array('username' => strtolower($_POST['username']), 'domain' => $domain, 'password' => strtolower($_POST['password']))); error_log("[login] received response from freeside: {$response}"); $error = $response['error']; if (!$error) { // sucessful login $session_id = $response['session_id']; error_log("[login] logged into freeside with session_id={$session_id}"); // store session id in your session store, to be used for other calls } else { // unsucessful login error_log("[login] error logging into freeside: {$error}"); // display error message to user }
/** * Authenticate user and register user information into a session */ function Auth() { global $ARI_ADMIN_USERNAME; global $ARI_ADMIN_PASSWORD; global $ARI_ADMIN_EXTENSIONS; global $ARI_CRYPT_PASSWORD; global $ASTERISK_VOICEMAIL_CONF; global $ASTERISK_VOICEMAIL_CONTEXT; global $ASTERISK_VOICEMAIL_PATH; global $ASTERISK_PROTOCOLS; global $CALLMONITOR_ADMIN_EXTENSIONS; global $ARI_NO_LOGIN; global $ARI_DEFAULT_ADMIN_PAGE; global $ARI_DEFAULT_USER_PAGE; $crypt = new Crypt(); // init variables $extension = ''; $displayname = ''; $vm_password = ''; $category = ''; $context = ''; $voicemail_enabled = ''; $voicemail_email_address = ''; $voicemail_pager_address = ''; $voicemail_email_enable = ''; $admin = ''; $admin_callmonitor = ''; $default_page = ''; $username = ''; $password = ''; // get the ari authentication cookie $data = ''; $chksum = ''; if (isset($_COOKIE['ari_auth'])) { $buf = unserialize($_COOKIE['ari_auth']); list($data, $chksum) = $buf; } if (md5($data) == $chksum) { $data = unserialize($crypt->decrypt($data, $ARI_CRYPT_PASSWORD)); $username = $data['username']; $password = $data['password']; } if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; } // init email options array $voicemail_email = array(); // when login, make a new session if ($username && !$ARI_NO_LOGIN) { $auth = false; // check admin if (!$auth) { if ($username == $ARI_ADMIN_USERNAME && $password == $ARI_ADMIN_PASSWORD) { // authenticated $auth = true; $extension = 'admin'; $name = 'Administrator'; $admin = 1; $admin_callmonitor = 1; $default_page = $ARI_DEFAULT_ADMIN_PAGE; } } // check voicemail login if (!$auth) { if (is_readable($ASTERISK_VOICEMAIL_CONF)) { $lines = file($ASTERISK_VOICEMAIL_CONF); // look for include files and tack their lines to end of array foreach ($lines as $key => $line) { if (preg_match("/include/i", $line)) { $include_filename = ''; $parts = split(' ', $line); if (isset($parts[1])) { $include_filename = trim($parts[1]); } if ($include_filename) { $path_parts = pathinfo($ASTERISK_VOICEMAIL_CONF); $include_path = fixPathSlash($path_parts['dirname']) . $include_filename; foreach (glob($include_path) as $include_file) { $include_lines = file($include_file); $lines = array_merge($include_lines, $lines); } } } } // process foreach ($lines as $key => $line) { // check for current context and process if (preg_match("/\\[.*\\]/i", $line)) { $currentContext = trim(preg_replace('/\\[|\\]/', '', $line)); } if ($ASTERISK_VOICEMAIL_CONTEXT && $currentContext != $ASTERISK_VOICEMAIL_CONTEXT) { continue; } // check for user and process unset($value); $parts = split('=>', $line); if (isset($parts[0])) { $var = $parts[0]; } if (isset($parts[1])) { $value = $parts[1]; } $var = trim($var); if ($var == $username && $value) { $buf = split(',', $value); if ($buf[0] == $password) { // authenticated $auth = true; $extension = $username; $displayname = $buf[1]; $vm_password = $buf[0]; $default_page = $ARI_DEFAULT_USER_PAGE; $context = $currentContext; $voicemail_enabled = 1; $voicemail_email_address = $buf[2]; $voicemail_pager_address = $buf[3]; if ($voicemail_email_address || $voicemail_pager_address) { $voicemail_email_enable = 1; } $options = split('\\|', $buf[4]); foreach ($options as $option) { $opt_buf = split('=', $option); $voicemail_email[$opt_buf[0]] = trim($opt_buf[1]); } $admin = 0; if ($ARI_ADMIN_EXTENSIONS) { $extensions = split(',', $ARI_ADMIN_EXTENSIONS); foreach ($extensions as $key => $value) { if ($extension == $value) { $admin = 1; break 2; } } } $admin_callmonitor = 0; if ($CALLMONITOR_ADMIN_EXTENSIONS) { $extensions = split(',', $CALLMONITOR_ADMIN_EXTENSIONS); foreach ($extensions as $key => $value) { if ($value == 'all' || $extension == $value) { $admin_callmonitor = 1; break 2; } } } } else { $_SESSION['ari_error'] = "Incorrect Password"; return; } } } } else { $_SESSION['ari_error'] = "File not readable: " . $ASTERISK_VOICEMAIL_CONF; return; } } // check sip login if (!$auth) { foreach ($ASTERISK_PROTOCOLS as $protocol => $value) { $config_files = split(';', $value['config_files']); foreach ($config_files as $config_file) { if (is_readable($config_file)) { $lines = file($config_file); foreach ($lines as $key => $line) { unset($value); $parts = split('=', $line); if (isset($parts[0])) { $var = trim($parts[0]); } if (isset($parts[1])) { $value = trim($parts[1]); } if ($var == "username") { $protocol_username = $value; } if ($var == "secret") { $protocol_password = $value; if ($protocol_username == $username && $protocol_password == $password) { // authenticated $auth = true; $extension = $username; $displayname = $username; $default_page = $ARI_DEFAULT_ADMIN_PAGE; $admin = 0; if ($ARI_ADMIN_EXTENSIONS) { $extensions = split(',', $ARI_ADMIN_EXTENSIONS); foreach ($extensions as $key => $value) { if ($extension == $value) { $admin = 1; break 2; } } } $admin_callmonitor = 0; if ($CALLMONITOR_ADMIN_EXTENSIONS) { $extensions = split(',', $CALLMONITOR_ADMIN_EXTENSIONS); foreach ($extensions as $key => $value) { if ($value == 'all' || $extension == $value) { $admin_callmonitor = 1; break 2; } } } } else { if ($protocol_username == $username && $protocol_password != $password) { $_SESSION['ari_error'] = _("Incorrect Password"); return; } } } } } } } } // let user know bad login if (!$auth) { $_SESSION['ari_error'] = _("Incorrect Username or Password"); } // freeside login $freeside = new FreesideSelfService(); $domain = 'svc_phone'; $response = $freeside->login(array('username' => strtolower($username), 'domain' => $domain, 'password' => strtolower($password))); error_log("[login] received response from freeside: {$response}"); $error = $response['error']; if (!$error && $response['session_id']) { // sucessful freeside login error_log("[login] logged into freeside with session_id={$session_id}"); // store session id in your session store, to be used for other calls //$fs_session_id = $response['session_id']; $_SESSION['freeside_session_id'] = $response['session_id']; $customer_info = $freeside->customer_info(array('session_id' => $_SESSION['freeside_session_id'])); //XXX error checking here too $displayname = $customer_info['name']; } else { // unsucessful login error_log("[login] error logging into freeside: {$error}"); $auth = false; $extension = ''; // display error message to user $_SESSION['ari_error'] = _("Incorrect Username or Password"); } // if authenticated and user wants to be remembered, set cookie $remember = ''; if (isset($_POST['remember'])) { $remember = $_POST['remember']; } if ($auth && $remember) { $data = array('username' => $username, 'password' => $password); $data = $crypt->encrypt(serialize($data), $ARI_CRYPT_PASSWORD); $chksum = md5($data); $buf = serialize(array($data, $chksum)); setcookie('ari_auth', $buf, time() + 365 * 24 * 60 * 60, '/'); } // set category if (!$category) { $category = "general"; } // set context if (!$context) { $context = "default"; } // no login user if ($ARI_NO_LOGIN) { $extension = 'admin'; $name = 'Administrator'; $admin_callmonitor = 1; $default_page = $ARI_DEFAULT_ADMIN_PAGE; } // get outboundCID if it exists $outboundCID = $this->getOutboundCID($extension); // set if ($extension) { $_SESSION['ari_user']['extension'] = $extension; $_SESSION['ari_user']['outboundCID'] = $outboundCID; $_SESSION['ari_user']['displayname'] = $displayname; $_SESSION['ari_user']['voicemail_password'] = $vm_password; $_SESSION['ari_user']['category'] = $category; $_SESSION['ari_user']['context'] = $context; $_SESSION['ari_user']['voicemail_enabled'] = $voicemail_enabled; $_SESSION['ari_user']['voicemail_email_address'] = $voicemail_email_address; $_SESSION['ari_user']['voicemail_pager_address'] = $voicemail_pager_address; $_SESSION['ari_user']['voicemail_email_enable'] = $voicemail_email_enable; foreach ($voicemail_email as $key => $value) { $_SESSION['ari_user']['voicemail_email'][$key] = $value; } $_SESSION['ari_user']['admin'] = $admin; $_SESSION['ari_user']['admin_callmonitor'] = $admin_callmonitor; $_SESSION['ari_user']['default_page'] = $default_page; // force the session data saved session_write_close(); } } }