diff --git a/app/xml_cdr/v_xml_cdr_import.php b/app/xml_cdr/v_xml_cdr_import.php
index bbc8287d41..a0b318ed7a 100644
--- a/app/xml_cdr/v_xml_cdr_import.php
+++ b/app/xml_cdr/v_xml_cdr_import.php
@@ -279,7 +279,7 @@ function process_xml_cdr($db, $leg, $xml_string) {
if (strlen($_POST["cdr"]) > 0) {
//authentication for xml cdr http post
- if (strlen($_SESSION["xml_cdr_username"]) == 0) {
+ if (strlen($_SESSION["xml_cdr"]["http_enabled"]) == 0) {
//get the contents of xml_cdr.conf.xml
$conf_xml_string = file_get_contents($_SESSION['switch']['conf']['dir'].'/autoload_configs/xml_cdr.conf.xml');
@@ -290,19 +290,29 @@ function process_xml_cdr($db, $leg, $xml_string) {
catch(Exception $e) {
echo $e->getMessage();
}
+ $_SESSION["xml_cdr"]["http_enabled"] = false;
foreach ($conf_xml->settings->param as $row) {
if ($row->attributes()->name == "cred") {
$auth_array = explode(":", $row->attributes()->value);
- $_SESSION["xml_cdr_username"] = $auth_array[0];
- $_SESSION["xml_cdr_password"] = $auth_array[1];
- //echo "username: ".$_SESSION["xml_cdr_username"]."
\n";
- //echo "password: ".$_SESSION["xml_cdr_password"]."
\n";
+ $_SESSION["xml_cdr"]["username"] = $auth_array[0];
+ $_SESSION["xml_cdr"]["password"] = $auth_array[1];
+ //echo "username: ".$_SESSION["xml_cdr"]["username"]."
\n";
+ //echo "password: ".$_SESSION["xml_cdr"]["password"]."
\n";
+ }
+ if ($row->attributes()->name == "url") {
+ $_SESSION["xml_cdr"]["http_enabled"] = true;
}
}
}
+ //if http enabled is set to false then deny access
+ if (!$_SESSION["xml_cdr"]["http_enabled"]) {
+ echo "access denied
\n";
+ return;
+ }
+
//check for the correct username and password
- if ($_SESSION["xml_cdr_username"] == $_SERVER["PHP_AUTH_USER"] && $_SESSION["xml_cdr_password"] == $_SERVER["PHP_AUTH_PW"]) {
+ if ($_SESSION["xml_cdr"]["username"] == $_SERVER["PHP_AUTH_USER"] && $_SESSION["xml_cdr"]["password"] == $_SERVER["PHP_AUTH_PW"]) {
//echo "access granted
\n";
}
else {