nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2026-01-04 10:43:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Messages: Database class integration.

Browse Source
This commit is contained in:
Nate
2019-08-09 09:57:13 -06:00
parent 5a46d98da6
commit 9df6a8a2bf
10 changed files with 290 additions and 301 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/messages/app_defaults.php
View File

@@ -33,7 +33,8 @@ if ($domains_processed == 1) {
$sql .= "where default_setting_category = 'message' ";
$sql .= "and default_setting_subcategory = 'http_auth_password' ";
$sql .= "and default_setting_name = 'array' ";
$db->exec($sql);
$database = new database;
$database->execute($sql);
unset($sql);
//update domain settings
@@ -42,7 +43,8 @@ if ($domains_processed == 1) {
$sql .= "where domain_setting_category = 'message' ";
$sql .= "and domain_setting_subcategory = 'http_auth_password' ";
$sql .= "and domain_setting_name = 'array' ";
$db->exec($sql);
$database = new database;
$database->execute($sql);
unset($sql);
}

96
app/messages/index.php
View File

@@ -29,43 +29,40 @@
require_once "resources/require.php";
//default authorized to false
$authorized = 'false';
$authorized = false;
//get the user settings
$sql = "select user_uuid, domain_uuid from v_user_settings ";
$sql .= "where user_setting_category = 'message' ";
$sql .= "and user_setting_subcategory = 'key' ";
$sql .= "and user_setting_value = :key ";
$sql .= "and user_setting_value = :user_setting_value ";
$sql .= "and user_setting_enabled = 'true' ";
$prep_statement = $db->prepare($sql);
$prep_statement->bindParam(':key', $_GET['key']);
if ($prep_statement) {
$prep_statement->execute();
$row = $prep_statement->fetch(PDO::FETCH_NAMED);
if (is_uuid($row['user_uuid'])) {
$domain_uuid = $row['domain_uuid'];
$user_uuid = $row['user_uuid'];
$authorized = 'true';
}
$parameters['user_setting_value'] = $_GET['key'];
$database = new database;
$row = $database->select($sql, $parameters, 'row');
if (is_array($row) && @sizeof($row) != 0 && is_uuid($row['user_uuid'])) {
$domain_uuid = $row['domain_uuid'];
$user_uuid = $row['user_uuid'];
$authorized = true;
}
//authorization failed
if ($authorized == 'false') {
if (!$authorized) {
//log the failed auth attempt to the system, to be available for fail2ban.
openlog('FusionPBX', LOG_NDELAY, LOG_AUTH);
syslog(LOG_WARNING, '['.$_SERVER['REMOTE_ADDR']."] authentication failed for ".$_GET['key']);
closelog();
openlog('FusionPBX', LOG_NDELAY, LOG_AUTH);
syslog(LOG_WARNING, '['.$_SERVER['REMOTE_ADDR']."] authentication failed for ".$_GET['key']);
closelog();
//send http 404
header("HTTP/1.0 404 Not Found");
echo "<html>\n";
echo "<head><title>404 Not Found</title></head>\n";
echo "<body bgcolor=\"white\">\n";
echo "<center><h1>404 Not Found</h1></center>\n";
echo "<hr><center>nginx/1.12.1</center>\n";
echo "</body>\n";
echo "</html>\n";
exit();
header("HTTP/1.0 404 Not Found");
echo "<html>\n";
echo "<head><title>404 Not Found</title></head>\n";
echo "<body bgcolor=\"white\">\n";
echo "<center><h1>404 Not Found</h1></center>\n";
echo "<hr><center>nginx/1.12.1</center>\n";
echo "</body>\n";
echo "</html>\n";
exit();
}
//get the raw input data
@@ -81,18 +78,13 @@
$sql = "select c.contact_uuid ";
$sql .= "from v_contacts as c, v_contact_phones as p ";
$sql .= "where p.contact_uuid = c.contact_uuid ";
//$sql .= "and p.phone_number = :phone_number ";
$sql .= "and p.phone_number = '".$phone_number."' ";
$sql .= "and c.domain_uuid = '".$domain_uuid."' ";
$prep_statement = $db->prepare($sql);
//$prep_statement->bindParam(':phone_number', $phone_number);
$prep_statement->execute();
$row = $prep_statement->fetch(PDO::FETCH_NAMED);
$contact_uuid = $row['contact_uuid'];
//$contact_name_given = $row['contact_name_given'];
//$contact_name_family = $row['contact_name_family'];
//$contact_organization = $row['contact_organization'];
$sql .= "and p.phone_number = :phone_number ";
$sql .= "and c.domain_uuid = :domain_uuid ";
$parameters['phone_number'] = $phone_number;
$parameters['domain_uuid'] = $domain_uuid;
$database = new database;
$contact_uuid = $database->select($sql, $parameters, 'column');
unset($sql, $parameters);
//build message array
$message_uuid = uuid();
@@ -109,6 +101,10 @@
$array['messages'][0]['message_text'] = $message['text'];
$array['messages'][0]['message_json'] = $json;
//add the required permission
$p = new permissions;
$p->add("message_add", "temp");
//build message media array (if necessary)
if (is_array($message['media'])) {
foreach($message['media'] as $index => $media_url) {
@@ -123,18 +119,14 @@
$array['message_media'][$index]['message_media_content'] = base64_encode(file_get_contents($media_url));
}
}
}
//add the required permission
$p = new permissions;
$p->add("message_add", "temp");
$p->add("message_media_add", "temp");
$p->add("message_media_add", "temp");
}
//save message to the database
$database = new database;
$database->app_name = 'messages';
$database->app_uuid = '4a20815d-042c-47c8-85df-085333e79b87';
$database->uuid($message_uuid);
$database->save($array);
$result = $database->message;
@@ -147,14 +139,17 @@
//get the list of extensions using the user_uuid
$sql = "select * from v_domains as d, v_extensions as e ";
$sql .= "where extension_uuid in (select extension_uuid from v_extension_users where user_uuid = '".$user_uuid."') ";
$sql .= "where extension_uuid in ( ";
$sql .= " select extension_uuid ";
$sql .= " from v_extension_users ";
$sql .= " where user_uuid = :user_uuid ";
$sql .= ") ";
$sql .= "and e.domain_uuid = d.domain_uuid ";
$sql .= "and e.enabled = 'true' ";
$prep_statement = $db->prepare($sql);
if ($prep_statement) {
$prep_statement->execute();
$extensions = $prep_statement->fetchall(PDO::FETCH_NAMED);
}
$parameters['user_uuid'] = $user_uuid;
$database = new database;
$extensions = $database->select($sql, $parameters, 'all');
unset($sql, $parameters);
//create the event socket connection
if (is_array($extensions)) {
@@ -162,7 +157,7 @@
}
//send the sip message
if (is_array($extensions)) {
if (is_array($extensions) && @sizeof($extensions) != 0) {
foreach ($extensions as $row) {
$domain_name = $row['domain_name'];
$extension = $row['extension'];
@@ -176,6 +171,7 @@
$response = event_socket_request($fp, "api log notice ".$command);
}
}
unset($extensions, $row);
//set the file
//$file = '/tmp/sms.txt';

42
app/messages/message_delete.php
View File

@@ -27,31 +27,43 @@
//includes
require_once "root.php";
require_once "resources/require.php";
require_once "resources/check_auth.php";
//check permissions
if (!permission_exists('message_delete')) {
echo "access denied";
exit;
}
//add multi-lingual support
$language = new text;
$text = $language->get();
//get the id
$message_uuids = $_REQUEST['messages'];
//delete the message
message::add($text['message-delete']);
//delete the data
if (isset($_GET["id"]) && is_uuid($_GET["id"]) && permission_exists('message_delete')) {
//get the id
$id = check_str($_GET["id"]);
if (is_array($message_uuids) && @sizeof($message_uuids) != 0) {
//delete message
$sql = "delete from v_messages ";
$sql .= "where message_uuid = '$id' ";
$sql .= "and domain_uuid = '$domain_uuid' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
unset($sql);
foreach ($message_uuids as $index => $message_uuid) {
$array['messages'][$index]['message_uuid'] = $message_uuid;
$array['messages'][$index]['domain_uuid'] = $domain_uuid;
}
$database = new database;
$database->app_name = 'messages';
$database->app_uuid = '4a20815d-042c-47c8-85df-085333e79b87';
$database->delete($array);
unset($array);
//set message
message::add($text['message-delete']);
//redirect the user
header('Location: messages_log.php');
}
//redirect the user
header('Location: messages_log.php');
exit;
?>

87
app/messages/message_edit.php
View File

@@ -43,10 +43,9 @@
$text = $language->get();
//action add or update
if (isset($_REQUEST["id"])) {
if (is_uuid($_REQUEST["id"])) {
$action = "update";
$message_uuid = check_str($_REQUEST["id"]);
$id = check_str($_REQUEST["id"]);
$message_uuid = $_REQUEST["id"];
}
else {
$action = "add";
@@ -54,18 +53,18 @@
//get http post variables and set them to php variables
if (is_array($_POST)) {
$message_uuid = check_str($_POST["message_uuid"]);
//$user_uuid = check_str($_POST["user_uuid"]);
$message_type = check_str($_POST["message_type"]);
$message_direction = check_str($_POST["message_direction"]);
$message_date = check_str($_POST["message_date"]);
$message_from = check_str($_POST["message_from"]);
$message_to = check_str($_POST["message_to"]);
$message_text = check_str($_POST["message_text"]);
$message_media_type = check_str($_POST["message_media_type"]);
$message_media_url = check_str($_POST["message_media_url"]);
$message_media_content = check_str($_POST["message_media_content"]);
$message_json = check_str($_POST["message_json"]);
$message_uuid = $_POST["message_uuid"];
//$user_uuid = $_POST["user_uuid"];
$message_type = $_POST["message_type"];
$message_direction = $_POST["message_direction"];
$message_date = $_POST["message_date"];
$message_from = $_POST["message_from"];
$message_to = $_POST["message_to"];
$message_text = $_POST["message_text"];
$message_media_type = $_POST["message_media_type"];
$message_media_url = $_POST["message_media_url"];
$message_media_content = $_POST["message_media_content"];
$message_json = $_POST["message_json"];
}
//process the user data and save it to the database
@@ -73,7 +72,7 @@
//get the uuid from the POST
if ($action == "update") {
$message_uuid = check_str($_POST["message_uuid"]);
$message_uuid = $_POST["message_uuid"];
}
//check for all required data
@@ -106,7 +105,7 @@
$_POST["domain_uuid"] = $_SESSION["domain_uuid"];
//add the message_uuid
if (strlen($_POST["message_uuid"]) == 0) {
if (!is_uuid($_POST["message_uuid"])) {
$message_uuid = uuid();
$_POST["message_uuid"] = $message_uuid;
}
@@ -117,18 +116,8 @@
//save to the data
$database = new database;
$database->app_name = 'messages';
$database->app_uuid = null;
if (strlen($message_uuid) > 0) {
$database->uuid($message_uuid);
}
$database->app_uuid = '4a20815d-042c-47c8-85df-085333e79b87';
$database->save($array);
$message = $database->message;
//debug info
//echo "<pre>";
//print_r($message);
//echo "</pre>";
//exit;
//redirect the user
if (isset($action)) {
@@ -139,20 +128,19 @@
message::add($text['message-update']);
}
header('Location: message_edit.php?id='.$message_uuid);
return;
exit;
}
} //(is_array($_POST) && strlen($_POST["persistformvar"]) == 0)
}
//pre-populate the form
if (is_array($_GET) && $_POST["persistformvar"] != "true") {
$message_uuid = check_str($_GET["id"]);
$message_uuid = $_GET["id"];
$sql = "select * from v_messages ";
$sql .= "where message_uuid = '$message_uuid' ";
//$sql .= "and domain_uuid = '$domain_uuid' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
foreach ($result as &$row) {
$sql .= "where message_uuid = :message_uuid ";
$parameters['message_uuid'] = $message_uuid;
$database = new database;
$row = $database->select($sql, $parameters, 'row');
if (is_array($row) && @sizeof($row) != 0) {
$user_uuid = $row["user_uuid"];
$message_type = $row["message_type"];
$message_direction = $row["message_direction"];
@@ -165,28 +153,21 @@
$message_media_content = $row["message_media_content"];
$message_json = $row["message_json"];
}
unset ($prep_statement);
unset($sql, $parameters);
}
//show the header
require_once "resources/header.php";
//get the extensions
$sql = "select * from v_users ";
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
$sql .= "and user_enabled = 'true' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$users = $prep_statement->fetchAll(PDO::FETCH_NAMED);
unset ($prep_statement, $sql);
//get the users
$sql = "SELECT user_uuid, username FROM v_users ";
$sql .= "WHERE domain_uuid = '".$_SESSION['domain_uuid']."' ";
$sql .= "ORDER by username asc ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$users = $prep_statement->fetchAll(PDO::FETCH_NAMED);
$sql = "select user_uuid, username from v_users ";
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and user_enabled = 'true' ";
$sql .= "order by username asc ";
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$database = new database;
$users = $database->select($sql, $parameters, 'all');
unset($sql, $parameters);
//show the content
echo "<form name='frm' id='frm' method='post' action=''>\n";

19
app/messages/message_media.php
View File

@@ -40,16 +40,19 @@
//get media
if (is_uuid($message_media_uuid)) {
$sql = "select message_media_type, message_media_url, message_media_content from v_message_media ";
$sql .= "where message_media_uuid = '".$message_media_uuid."' ";
$sql = "select message_media_type, message_media_url, message_media_content ";
$sql .= "from v_message_media ";
$sql .= "where message_media_uuid = :message_media_uuid ";
if (is_uuid($_SESSION['user_uuid'])) {
$sql .= "and user_uuid = '".$_SESSION['user_uuid']."' ";
$sql .= "and user_uuid = :user_uuid ";
$parameters['user_uuid'] = $_SESSION['user_uuid'];
}
$sql .= "and (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$media = $prep_statement->fetch(PDO::FETCH_NAMED);
unset ($prep_statement, $sql);
$sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) ";
$parameters['message_media_uuid'] = $message_media_uuid;
$parameters['domain_uuid'] = $domain_uuid;
$database = new database;
$media = $database->select($sql, $parameters, 'row');
unset($sql, $parameters);
switch (strtolower($media['message_media_type'])) {
case 'jpg':

57
app/messages/message_send.php
View File

@@ -57,9 +57,9 @@
//get http post variables and set them to php variables
if (is_array($_POST)) {
$message_from = check_str($_POST["message_from"]);
$message_to = check_str($_POST["message_to"]);
$message_text = check_str($_POST["message_text"]);
$message_from = $_POST["message_from"];
$message_to = $_POST["message_to"];
$message_text = $_POST["message_text"];
$message_media = $_FILES["message_media"];
}
@@ -77,10 +77,8 @@
exit;
}
// handle media (if any)
if (is_array($message_media) && sizeof($message_media) != 0) {
if (is_array($message_media) && @sizeof($message_media) != 0) {
// reorganize media array, ignore errored files
$f = 0;
foreach ($message_media['error'] as $index => $error) {
@@ -96,22 +94,19 @@
$message_media = $tmp_media;
unset($tmp_media, $f);
}
$message_type = is_array($message_media) && sizeof($message_media) != 0 ? 'mms' : 'sms';
$message_type = is_array($message_media) && @sizeof($message_media) != 0 ? 'mms' : 'sms';
//get the contact uuid
//$sql = "SELECT trim(c.contact_name_given || ' ' || c.contact_name_family || ' (' || c.contact_organization || ')') AS name, p.phone_number AS number ";
$sql = "SELECT c.contact_uuid ";
$sql .= "FROM v_contacts as c, v_contact_phones as p ";
$sql .= "WHERE p.contact_uuid = c.contact_uuid ";
//$sql .= "and p.phone_number = :phone_number ";
$sql .= "and p.phone_number like '%".$phone_number."%' ";
$sql .= "and c.domain_uuid = '".$domain_uuid."' ";
$prep_statement = $db->prepare($sql);
//$prep_statement->bindParam(':phone_number', $phone_number);
$prep_statement->execute();
$row = $prep_statement->fetch(PDO::FETCH_NAMED);
$contact_uuid = $row['contact_uuid'];
$sql = "select c.contact_uuid ";
$sql .= "from v_contacts as c, v_contact_phones as p ";
$sql .= "where p.contact_uuid = c.contact_uuid ";
$sql .= "and p.phone_number like :phone_number ";
$sql .= "and c.domain_uuid = :domain_uuid ";
$parameters['phone_number'] = '%'.$phone_number.'%';
$parameters['domain_uuid'] = $domain_uuid;
$database = new database;
$contact_uuid = $database->select($sql, $parameters, 'column');
unset($sql, $parameters);
//build the message array
$message_uuid = uuid();
@@ -127,7 +122,8 @@
$array['messages'][0]['message_text'] = $message_text;
//build message media array (if necessary)
if (is_array($message_media)) {
$p = new permissions;
if (is_array($message_media) && @sizeof($message_media) != 0) {
foreach($message_media as $index => $media) {
$array['message_media'][$index]['message_media_uuid'] = $media['uuid'];
$array['message_media'][$index]['message_uuid'] = $message_uuid;
@@ -137,19 +133,19 @@
$array['message_media'][$index]['message_media_url'] = $media['name'];
$array['message_media'][$index]['message_media_content'] = base64_encode(file_get_contents($media['tmp_name']));
}
$p->add('message_media_add', 'temp');
}
//save to the data
$database = new database;
$database->app_name = 'messages';
$database->app_uuid = null;
$database->uuid($message_uuid);
$database->app_uuid = '4a20815d-042c-47c8-85df-085333e79b87';
$database->save($array);
$message = $database->message;
unset($array, $message);
unset($array);
//debug info
//echo "<pre>".print_r($message, true)."</pre>"; exit;
//remove any temporary permissions
$p->delete('message_media_add', 'temp');
//santize the from
$message_from = preg_replace('{[\D]}', '', $message_from);
@@ -157,12 +153,11 @@
//prepare message to send
$message['to'] = $message_to;
$message['text'] = $message_text;
if (is_array($message_media) && sizeof($message_media) != 0) {
if (is_array($message_media) && @sizeof($message_media) != 0) {
$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? 'https://' : 'http://';
foreach ($message_media as $index => $media) {
$path = $protocol.$_SERVER['HTTP_HOST'].'/app/messages/message_media.php?id='.$media['uuid'].'&action=download&.'.strtolower(pathinfo($media['name'], PATHINFO_EXTENSION));
$message['media'][] = $path;
//echo $path."<br><br>";
}
}
$http_content = json_encode($message);
@@ -185,11 +180,9 @@
$headers[] = "Authorization: Basic ".base64_encode($http_auth_user.':'.$http_auth_password);
}
$response = http_request($http_destination, $http_method, $headers, $http_content);
//echo $http_content."<br><br>".$response;
//redirect the user
//$_SESSION["message"] = $text['message-sent'];
return true;
} //(is_array($_POST) && strlen($_POST["persistformvar"]) == 0)
}
?>

30
app/messages/messages.php
View File

@@ -41,31 +41,33 @@
//get (from) destinations
$sql = "select destination_number from v_destinations ";
$sql .= "where domain_uuid = '".$domain_uuid."' ";
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and destination_type_text = 1 ";
$sql .= "and destination_enabled = 'true' ";
$sql .= "order by destination_number asc ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$rows = $prep_statement->fetchAll(PDO::FETCH_NAMED);
//view_array($rows);
if (is_array($rows) && sizeof($rows)) {
$parameters['domain_uuid'] = $domain_uuid;
$database = new database;
$rows = $database->select($sql, $parameters, 'all');
if (is_array($rows) && @sizeof($rows)) {
foreach ($rows as $row) {
$destinations[] = $row['destination_number'];
}
}
unset ($prep_statement, $sql, $row, $record);
unset($sql, $parameters, $rows, $row);
//get self (primary contact attachment) image
if (!is_array($_SESSION['tmp']['messages']['contact_me'])) {
$sql = "select attachment_filename as filename, attachment_content as image from v_contact_attachments ";
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
$sql .= "and contact_uuid = '".$_SESSION['user']['contact_uuid']."' ";
$sql = "select attachment_filename as filename, attachment_content as image ";
$sql .= "from v_contact_attachments ";
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and contact_uuid = :contact_uuid ";
$sql .= "and attachment_primary = 1 ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$_SESSION['tmp']['messages']['contact_me'] = $prep_statement->fetch(PDO::FETCH_NAMED);
unset ($sql, $bind, $prep_statement);
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$parameters['contact_uuid'] = $_SESSION['user']['contact_uuid'];
$database = new database;
$row = $database->select($sql, $parameters, 'row');
$_SESSION['tmp']['messages']['contact_me'] = $row;
unset($sql, $parameters, $row);
}
//additional includes

86
app/messages/messages_contacts.php
View File

@@ -47,27 +47,30 @@
$array = explode(' ',$_SESSION['message']['display_last']['text']);
if (is_array($array) && is_numeric($array[0]) && $array[0] > 0) {
if ($array[1] == 'messages') {
$limit = "limit ".$array[0]." offset 0 ";
$limit = limit_offset($array[0], 0);
}
else {
$since = "and message_date >= '".date("Y-m-d H:i:s", strtotime('-'.$_SESSION['message']['display_last']['text']))."' ";
$since = "and message_date >= :message_date ";
$parameters['message_date'] = date("Y-m-d H:i:s", strtotime('-'.$_SESSION['message']['display_last']['text']));
}
}
}
if ($limit == '' && $since == '') { $limit = "limit 25 offset 0"; } //default (message count)
$sql = "select message_direction, message_from, message_to, contact_uuid from v_messages ";
$sql .= "where user_uuid = '".$_SESSION['user_uuid']."' ";
$sql .= "and (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
if ($limit == '' && $since == '') { $limit = limit_offset(25, 0); } //default (message count)
$sql = "select message_direction, message_from, message_to, contact_uuid ";
$sql .= "from v_messages ";
$sql .= "where user_uuid = :user_uuid ";
$sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) ";
$sql .= $since;
$sql .= "order by message_date desc ";
$sql .= $limit;
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$messages = $prep_statement->fetchAll(PDO::FETCH_NAMED);
unset ($prep_statement, $sql);
$parameters['user_uuid'] = $_SESSION['user_uuid'];
$parameters['domain_uuid'] = $domain_uuid;
$database = new database;
$messages = $database->select($sql, $parameters, 'all');
unset($sql, $parameters);
//parse out numbers
if (is_array($messages) && sizeof($messages) != 0) {
if (is_array($messages) && @sizeof($messages) != 0) {
$numbers = [];
foreach($messages as $message) {
$number_from = preg_replace('{[\D]}', '', $message['message_from']);
@@ -85,6 +88,7 @@
unset($number_from, $number_to);
}
}
unset($messages, $message);
//get contact details, if uuid available
if (is_array($contact) && sizeof($contact) != 0) {
@@ -93,18 +97,19 @@
$sql = "select c.contact_name_given, c.contact_name_family, ";
$sql .= "(select ce.email_address from v_contact_emails as ce where ce.contact_uuid = c.contact_uuid and ce.email_primary = 1) as contact_email ";
$sql .= "from v_contacts as c ";
$sql .= "where c.contact_uuid = '".$field['contact_uuid']."' ";
$sql .= "and (c.domain_uuid = '".$domain_uuid."' or c.domain_uuid is null) ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$row = $prep_statement->fetch(PDO::FETCH_NAMED);
if (is_array($row) && sizeof($row) != 0) {
$sql .= "where c.contact_uuid = :contact_uuid ";
$sql .= "and (c.domain_uuid = :domain_uuid or c.domain_uuid is null) ";
$parameters['contact_uuid'] = $field['contact_uuid'];
$parameters['domain_uuid'] = $domain_uuid;
$database = new database;
$row = $database->select($sql, $parameters, 'row');
if (is_array($row) && @sizeof($row) != 0) {
$contact[$number]['contact_uuid'] = $field['contact_uuid'];
$contact[$number]['contact_name_given'] = $row['contact_name_given'];
$contact[$number]['contact_name_family'] = $row['contact_name_family'];
$contact[$number]['contact_email'] = $row['contact_email'];
}
unset($prep_statement, $sql);
unset($sql, $parameters, $row);
}
else {
unset($contact[$number]);
@@ -114,51 +119,52 @@
//get destinations and remove from numbers array
$sql = "select destination_number from v_destinations ";
$sql .= "where domain_uuid = '".$domain_uuid."' ";
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and destination_enabled = 'true' ";
$sql .= "order by destination_number asc ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$rows = $prep_statement->fetchAll(PDO::FETCH_NAMED);
if (is_array($rows) && sizeof($rows)) {
$parameters['domain_uuid'] = $domain_uuid;
$database = new database;
$rows = $database->select($sql, $parameters, 'all');
if (is_array($rows) && @sizeof($rows)) {
foreach ($rows as $row) {
$destinations[] = $row['destination_number'];
}
}
unset ($prep_statement, $sql, $row, $record);
unset($sql, $parameters, $rows, $row);
$numbers = array_diff($numbers, $destinations);
//get contact (primary attachment) images and cache them
if (is_array($numbers) && sizeof($numbers) != 0) {
if (is_array($numbers) && @sizeof($numbers) != 0) {
foreach ($numbers as $number) {
$contact_uuids[] = $contact[$number]['contact_uuid'];
}
if (is_array($contact_uuids) && sizeof($contact_uuids) != 0) {
$sql = "select contact_uuid as uuid, attachment_filename as filename, attachment_content as image from v_contact_attachments ";
$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
$sql .= "and ( 0 = 1 ";
foreach ($contact_uuids as $contact_uuid) {
$sql .= "or contact_uuid = '".$contact_uuid."' ";
if (is_array($contact_uuids) && @sizeof($contact_uuids) != 0) {
$sql = "select contact_uuid as uuid, attachment_filename as filename, attachment_content as image ";
$sql .= "from v_contact_attachments ";
$sql .= "where domain_uuid = :domain_uuid ";
$sql .= "and (";
foreach ($contact_uuids as $index => $contact_uuid) {
$sql_where[] = "contact_uuid = :contact_uuid_".$index;
$parameters['contact_uuid_'.$index] = $contact_uuid;
}
$sql .= implode(' or ', $sql_where);
$sql .= ") ";
$sql .= "and attachment_primary = 1 ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$contact_ems = $prep_statement->fetchAll(PDO::FETCH_NAMED);
if (is_array($contact_ems) && sizeof($contact_ems) != 0) {
$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
$database = new database;
$contact_ems = $database->select($sql, $parameters, 'all');
if (is_array($contact_ems) && @sizeof($contact_ems) != 0) {
foreach ($contact_ems as $contact_em) {
$_SESSION['tmp']['messages']['contact_em'][$contact_em['uuid']]['filename'] = $contact_em['filename'];
$_SESSION['tmp']['messages']['contact_em'][$contact_em['uuid']]['image'] = $contact_em['image'];
}
}
}
unset($sql, $prep_statement, $contact_uuids, $contact_ems, $contact_em);
unset($sql, $sql_where, $parameters, $contact_uuids, $contact_ems, $contact_em);
}
//contacts list
if (is_array($numbers) && sizeof($numbers) != 0) {
if (is_array($numbers) && @sizeof($numbers) != 0) {
echo "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
foreach($numbers as $number) {
if ($current_contact != '' && $number == $current_contact) {
@@ -206,7 +212,7 @@
echo "<script>\n";
foreach ($numbers as $number) {
if (is_array($_SESSION['tmp']['messages']['contact_em'][$contact[$number]['contact_uuid']]) && sizeof($_SESSION['tmp']['messages']['contact_em'][$contact[$number]['contact_uuid']]) != 0) {
if (is_array($_SESSION['tmp']['messages']['contact_em'][$contact[$number]['contact_uuid']]) && @sizeof($_SESSION['tmp']['messages']['contact_em'][$contact[$number]['contact_uuid']]) != 0) {
echo "$('img#contact_image_".$contact[$number]['contact_uuid']."').css('backgroundImage', 'url(' + $('img#src_message-bubble-image-em_".$contact[$number]['contact_uuid']."').attr('src') + ')');\n";
}
}

93
app/messages/messages_log.php
View File

@@ -65,21 +65,22 @@
}
//get variables used to control the order
$order_by = check_str($_GET["order_by"]);
$order = check_str($_GET["order"]);
$order_by = $_GET["order_by"];
$order = $_GET["order"];
//add the search term
$search = strtolower(check_str($_GET["search"]));
$search = strtolower($_GET["search"]);
if (strlen($search) > 0) {
$sql_search = " (";
$sql_search .= "lower(message_type) like '%".$search."%' ";
$sql_search .= "or lower(message_direction) like '%".$search."%' ";
$sql_search .= "or lower(message_date) like '%".$search."%' ";
$sql_search .= "or lower(message_from) like '%".$search."%' ";
$sql_search .= "or lower(message_to) like '%".$search."%' ";
$sql_search .= "or lower(message_text) like '%".$search."%' ";
$sql_search .= "or lower(message_media_type) like '%".$search."%' ";
$sql_search .= "lower(message_type) like :search ";
$sql_search .= "or lower(message_direction) like :search ";
$sql_search .= "or lower(message_date) like :search ";
$sql_search .= "or lower(message_from) like :search ";
$sql_search .= "or lower(message_to) like :search ";
$sql_search .= "or lower(message_text) like :search ";
$sql_search .= "or lower(message_media_type) like :search ";
$sql_search .= ") ";
$parameters['search'] = '%'.$search.'%';
}
//additional includes
@@ -87,29 +88,23 @@
require_once "resources/paging.php";
//prepare to page the results
$sql = "select count(message_uuid) as num_rows from v_messages ";
$sql = "select count(*) from v_messages ";
if ($_GET['show'] == "all" && permission_exists('message_all')) {
if (isset($sql_search)) {
$sql .= "where ".$sql_search;
}
} else {
$sql .= "where user_uuid = '".$_SESSION['user_uuid']."' ";
$sql .= "and (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
}
else {
$sql .= "where user_uuid = :user_uuid ";
$sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) ";
if (isset($sql_search)) {
$sql .= "and ".$sql_search;
}
$parameters['user_uuid'] = $_SESSION['user_uuid'];
$parameters['domain_uuid'] = $domain_uuid;
}
$prep_statement = $db->prepare($sql);
if ($prep_statement) {
$prep_statement->execute();
$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
if ($row['num_rows'] > 0) {
$num_rows = $row['num_rows'];
}
else {
$num_rows = '0';
}
}
$database = new database;
$num_rows = $database->select($sql, $parameters, 'column');
//prepare to page the results
$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
@@ -123,24 +118,12 @@
$offset = $rows_per_page * $page;
//get the list
$sql = "select * from v_messages ";
if ($_GET['show'] == "all" && permission_exists('message_all')) {
if (isset($sql_search)) {
$sql .= "where ".$sql_search;
}
} else {
$sql .= "where user_uuid = '".$_SESSION['user_uuid']."' ";
$sql .= "and (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
if (isset($sql_search)) {
$sql .= "and ".$sql_search;
}
}
$sql = str_replace('count(*)', '*', $sql);
$sql .= "order by message_date desc ";
$sql .= "limit $rows_per_page offset $offset ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$messages = $prep_statement->fetchAll(PDO::FETCH_NAMED);
unset ($prep_statement, $sql);
$sql .= limit_offset($rows_per_page, $offset);
$database = new database;
$messages = $database->select($sql, $parameters, 'all');
unset($sql, $parameters);
//alternate the row style
$c = 0;
@@ -174,12 +157,15 @@
if (permission_exists('message_all')) {
if ($_GET['show'] == 'all') {
echo " <input type='hidden' name='show' value='all'>";
echo " <input type='hidden' name='show' value='all'>";
}
else {
echo " <input type='button' class='btn' value='".$text['button-show_all']."' onclick=\"window.location='messages_log.php?show=all';\">\n";
echo " <input type='button' class='btn' value='".$text['button-show_all']."' onclick=\"window.location='messages_log.php?show=all';\">\n";
}
}
if (permission_exists('message_delete')) {
echo " <input type='button' class='btn' value='".$text['button-delete']."' onclick=\"if (confirm('".$text['confirm-delete']."')) { document.getElementById('form_message_log').action = 'message_delete.php'; document.getElementById('form_message_log').submit(); }\">\n";
}
echo " <input type='text' class='txt' style='width: 150px; margin-left: 15px;' name='search' id='search' value='".escape($search)."'>\n";
echo " <input type='submit' class='btn' name='submit' value='".$text['button-search']."'>\n";
@@ -188,9 +174,9 @@
echo " </tr>\n";
echo "</table>\n";
echo "<form method='post' action=''>\n";
echo "<form id='form_message_log' method='post' action=''>\n";
echo "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
if (is_array($messages)) {
if (is_array($messages) && @sizeof($messages) != 0) {
$x = 0;
foreach($messages as $row) {
@@ -215,9 +201,8 @@
}
echo "<tr ".$tr_link.">\n";
//echo " <td valign='top' class=''>".escape($row['user_uuid'])."&nbsp;</td>\n";
echo " <td valign='top' class='".$row_style[$c]." tr_link_void' style='align: center; padding: 3px 3px 0px 8px;'>\n";
echo " <input type='checkbox' name=\"messages[$x][checked]\" id='checkbox_".$x."' value='true' onclick=\"if (!this.checked) { document.getElementById('chk_all_".$x."').checked = false; }\">\n";
echo " <input type='hidden' name=\"messages[$x][message_uuid]\" value='".escape($row['message_uuid'])."' />\n";
echo " <td valign='top' class='".$row_style[$c]." tr_link_void' style='align: center; padding: 3px 3px 0px 7px;'>\n";
echo " <input type='checkbox' name=\"messages[]\" id='checkbox_".$x."' value='".escape($row['message_uuid'])."' onclick=\"if (!this.checked) { document.getElementById('chk_all_".$x."').checked = false; }\">\n";
echo " </td>\n";
echo " <td valign='top' class='".$row_style[$c]."'>";
switch ($row['message_type']) {
@@ -241,15 +226,15 @@
echo "<a href='message_edit.php?id=".escape($row['message_uuid'])."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
}
if (permission_exists('message_delete')) {
echo "<a href='message_delete.php?id=".escape($row['message_uuid'])."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
echo "<a href='message_delete.php?messages[]=".escape($row['message_uuid'])."' alt='".$text['button-delete']."' onclick=\"if (confirm('".$text['confirm-delete']."')) { document.getElementById('form_message_log').submit(); } else { return false; }\">$v_link_label_delete</a>";
}
echo " </td>\n";
echo "</tr>\n";
$x++;
if ($c==0) { $c=1; } else { $c=0; }
} //end foreach
unset($sql, $messages);
} //end if results
$c = $c ? 0 : 1;
}
}
unset($messages, $row);
echo "<tr>\n";
echo "<td colspan='8' align='left'>\n";

75
app/messages/messages_thread.php
View File

@@ -51,14 +51,15 @@
$array = explode(' ',$_SESSION['message']['display_last']['text']);
if (is_array($array) && is_numeric($array[0]) && $array[0] > 0) {
if ($array[1] == 'messages') {
$limit = "limit ".$array[0]." offset 0 ";
$limit = limit_offset($array[0], 0);
}
else {
$since = "and message_date >= '".date("Y-m-d H:i:s", strtotime('-'.$_SESSION['message']['display_last']['text']))."' ";
$since = "and message_date >= :message_date ";
$parameters['message_date'] = date("Y-m-d H:i:s", strtotime('-'.$_SESSION['message']['display_last']['text']));
}
}
}
if ($limit == '' && $since == '') { $limit = "limit 25 offset 0"; } //default (message count)
if ($limit == '' && $since == '') { $limit = limit_offset(25, 0); } //default (message count)
$sql = "select ";
$sql .= "message_uuid, ";
$sql .= "domain_uuid, ";
@@ -66,47 +67,55 @@
$sql .= "contact_uuid, ";
$sql .= "message_type, ";
$sql .= "message_direction, ";
$sql .= "message_date at time zone '".$_SESSION['domain']['time_zone']['name']."' as message_date, ";
$sql .= "message_date at time zone :time_zone as message_date, ";
$sql .= "message_from, ";
$sql .= "message_to, ";
$sql .= "message_text ";
$sql .= "from v_messages ";
$sql .= "where user_uuid = '".$_SESSION['user_uuid']."' ";
$sql .= "and (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
$sql .= "where user_uuid = :user_uuid ";
$sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) ";
$sql .= $since;
$sql .= "and (message_from like '%".$number."' or message_to like '%".$number."') ";
$sql .= "and (message_from like :message_number or message_to like :message_number) ";
$sql .= "order by message_date desc ";
$sql .= $limit;
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$messages = $prep_statement->fetchAll(PDO::FETCH_NAMED);
$parameters['time_zone'] = $_SESSION['domain']['time_zone']['name'];
$parameters['user_uuid'] = $_SESSION['user_uuid'];
$parameters['domain_uuid'] = $domain_uuid;
$parameters['message_number'] = '%'.$number;
$database = new database;
$messages = $database->select($sql, $parameters, 'all');
$messages = array_reverse($messages);
unset ($prep_statement, $sql);
unset($sql, $parameters);
//get media (if any)
$sql = "select message_uuid, message_media_uuid, message_media_type, length(decode(message_media_content,'base64')) as message_media_size from v_message_media ";
$sql .= "where user_uuid = '".$_SESSION['user_uuid']."' ";
$sql .= "and (domain_uuid = '".$domain_uuid."' or domain_uuid is null) ";
$sql .= "and message_uuid in ( ";
foreach ($messages as $message) {
$message_uuids[] = "'".$message['message_uuid']."'";
$sql = "select ";
$sql .= "message_uuid, ";
$sql .= "message_media_uuid, ";
$sql .= "message_media_type, ";
$sql .= "length(decode(message_media_content,'base64')) as message_media_size ";
$sql .= "from v_message_media ";
$sql .= "where user_uuid = :user_uuid ";
$sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) ";
$sql .= "and ( ";
foreach ($messages as $index => $message) {
$message_uuids[] = "message_uuid = :message_uuid_".$index;
$parameters['message_uuid_'.$index] = $message['message_uuid'];
}
$sql .= implode(',', $message_uuids);
$sql .= implode(' or ', $message_uuids);
$sql .= ") ";
$sql .= "and message_media_type <> 'txt' ";
$prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute();
$rows = $prep_statement->fetchAll(PDO::FETCH_NAMED);
unset ($prep_statement, $sql);
$parameters['user_uuid'] = $_SESSION['user_uuid'];
$parameters['domain_uuid'] = $domain_uuid;
$database = new database;
$rows = $database->select($sql, $parameters, 'all');
unset($sql, $parameters, $index);
//prep media array
if (is_array($rows) && sizeof($rows) != 0) {
$x = 0;
foreach ($rows as $row) {
$message_media[$row['message_uuid']][$x]['uuid'] = $row['message_media_uuid'];
$message_media[$row['message_uuid']][$x]['type'] = $row['message_media_type'];
$message_media[$row['message_uuid']][$x]['size'] = $row['message_media_size'];
$x++;
if (is_array($rows) && @sizeof($rows) != 0) {
foreach ($rows as $index => $row) {
$message_media[$row['message_uuid']][$index]['uuid'] = $row['message_media_uuid'];
$message_media[$row['message_uuid']][$index]['type'] = $row['message_media_type'];
$message_media[$row['message_uuid']][$index]['size'] = $row['message_media_size'];
}
}
@@ -197,7 +206,7 @@
}
//output messages
if (is_array($messages) && sizeof($messages) != 0) {
if (is_array($messages) && @sizeof($messages) != 0) {
foreach ($messages as $message) {
//parse from message
if ($message['message_direction'] == 'inbound') {
@@ -214,7 +223,7 @@
if (
$message['message_direction'] == 'inbound' &&
is_array($_SESSION['tmp']['messages']['contact_em'][$contact_uuid]) &&
sizeof($_SESSION['tmp']['messages']['contact_em'][$contact_uuid]) != 0
@sizeof($_SESSION['tmp']['messages']['contact_em'][$contact_uuid]) != 0
) {
echo "<div class='message-bubble-image-em'>\n";
echo " <img class='message-bubble-image-em'><br />\n";
@@ -223,7 +232,7 @@
//contact image me
else if (
is_array($_SESSION['tmp']['messages']['contact_me']) &&
sizeof($_SESSION['tmp']['messages']['contact_me']) != 0
@sizeof($_SESSION['tmp']['messages']['contact_me']) != 0
) {
echo "<div class='message-bubble-image-me'>\n";
echo " <img class='message-bubble-image-me'><br />\n";
@@ -235,7 +244,7 @@
echo "<div class='message-text'>".str_replace("\n",'<br />',escape($message['message_text']))."</div>\n";
}
//attachments
if (is_array($message_media[$message['message_uuid']]) && sizeof($message_media[$message['message_uuid']]) != 0) {
if (is_array($message_media[$message['message_uuid']]) && @sizeof($message_media[$message['message_uuid']]) != 0) {
foreach ($message_media[$message['message_uuid']] as $media) {
if ($media['type'] != 'txt') {