mirror of
https://github.com/fusionpbx/fusionpbx.git
synced 2025-12-30 00:53:50 +00:00
7f9064fadb
* Change the data type to boolean
* Use boolean values in SQL and Conditional Statements
* Schema Data Types: Drop views so that alter tables statements complete
* Update settings.php
* Add extension for call_screen_enabled
* Gateway handle boolean
Add the boolean toggle
- distinct_to
- caller_id_in_from
- supress_cng
- extension_in_contact
- contact_in_ping
* Update gateways.php
* Update voicemail_edit.php
* Replace the ${caller_id_name} with the extensions caller id name
* Phrase - Edit: Update slide toggle with new select beneath.
* Update the input toggle style
* Set the input_toggle_style_switch as boolean
* Update the input toggle style
* Theme: Adjust CSS to wrap description text on form fields.
* Add domain_uuid and domain_name to the SQL SELECT
* Unset the parameters to fix the next query
* Gateway: Integrate new slide toggle switch.
* Dashboard: Update the input toggle style (#7499)
* Dashboard: Update the input toggle style
* Update dashboard_widget_edit.php
* Update dashboard_edit.php
* Inbound Route - Add: Integrate new slide toggle switch and boolean.
* User Settings: Integrate new slide toggle switch.
* Call Block Edit: Update the input toggle style (#7500)
* Bridge Edit: Update the input toggle style (#7501)
* Update phrases.php
* Update domain_edit.php
* Domain Settings Edit: Update the input toggle style
* User Edit: Update the input toggle style
* Update install.php
* Remove fields marked as deprecated
* Use boolean in the select statement
* Streams: New slide toggle and boolean.
* Streams: Remove unnecessary default.
* Queues (FIFO): New slide toggle.
* Call Detail Records: Update the input toggle style (#7503)
* Call Detail Records: Update the input toggle style
* Update xml_cdr_extension_summary.php
* Update xml_cdr_extension_summary.php
* Update xml_cdr_extension_summary.php
* Call Centers: Update the input toggle style (#7502)
* Call Centers: Update the input toggle style
* Update call_center_agent_edit.php
* Conference Centers: Update the input toggle style (#7506)
* Conference Centers: Update the input toggle style
* Update app_config.php
* Update conference_center_edit.php
* Use boolean data type (#7505)
* Call Flow Edit: Update the input toggle style (#7504)
* Devices: Update the input toggle style
* IVR Menus: New slide toggle.
* IVR Menu: Remove deprected file.
* SIP Profile - Edit: New slide toggle.
* Device Profiles: Update the input toggle style
* Ring Groups - List: Fix syntax.
* Theme: Fire onchange event when switching slide toggle control.
* Device Vendors: Update the input toggle style
* Update enabled boolean
* Update device_edit.php
* Ring Groups: New slide toggle.
* Update domain_edit.php
* Email Templates: Update the input toggle style
* Header: Correct default value on input toggle style.
* Default/Domain/User Settings: Adjust Select option label for better clarity.
* Use true boolean types for switch theme toggle or drop-down box (#7507)
* Groups: Update the input toggle style
* Conference Controls: Update the input toggle style (#7509)
* Conference Controls: Update the input toggle style
* Update conference_control_edit.php
* Update conference_control_details.php
* Update conference_control_detail_edit.php
* Conferences: Update the input toggle style (#7511)
* Use true boolean types for switch theme toggle or drop-down box (#7513)
* Dialplans: Update the input toggle style
Also updated outbound route add
* Ring Group: Only adjust ring group forward destination top margin when slide toggle enabled.
* Default/Domain/User Settings - List: Adjust for new 'Select Box' label on input_toggle_style value.
* Use true boolean types for switch theme toggle or drop-down box (#7514)
* Call Forward / Follow Me: Minor javascript adjustments to mirror previous behavior.
* Ring Groups [Dashboard]: New slide toggle.
* Get the contacts details with a seperate SQL Query
* Remove debug info
* Destinations: Update the input toggle style
* Conference Profiles: Update the input toggle style (#7515)
* Conference Profiles: Update the input toggle style
* Update conference_profiles.php
* Update conference_profile_params.php
* Update conference_profile_param_edit.php
* Update conference_profile_edit.php
* Extensions: Update the input toggle style
* Contacts: Update the input toggle style (#7517)
* Contacts: Update the input toggle style
* Update contact_address_edit.php
* Update contact_attachment_edit.php
* Update contact_edit.php
* Update contact_email_edit.php
* Update contact_phone_edit.php
* Update contact_relation_edit.php
* Update contact_setting_edit.php
* Update contact_url_edit.php
* Update contacts.php
* Voicemails: New slide toggle.
* Voicemail Greeting: New slide toggle.
* Modules: New slide toggle.
* Recordings: New slide toggle
* Variables: New slide toggle.
* Time Conditions: New slide toggle.
* Extensions - List: Remove invalid column name.
* Extension Settings: New slide toggle.
* Number Translations: New slide toggle and boolean.
* Sofia global settings: Update the input toggle style
* Update alter table convert to boolean
* Fix contact relation search (#7518)
* Sip Profile Edit: Fix setting enabled labels (#7519)
* Sip Profile Edit: Fix setting enabled labels
* Update sip_profile_edit.php
* Update dialplan_edit.php (#7520)
* Update SQL queries to use true/false for contact primary settings (#7521)
* Update SQL queries to use true/false for contact primary settings
* Update contacts_vcard.php
* Update email.php
* Update totp.php
* Update contact_url_edit.php
* Update contact_email_edit.php
* Update contact_address_edit.php
* Update contact_attachment_edit.php
* Update contact_phone_edit.php
* Add a database views method
* Add database view groups
* Add database users view
* Add database call_recordings view
* Update users.php
* Add database view call block
* Update schema to use the database views method
* Update conference.conf.lua boolean
* Update directory.lua boolean
* Update callcenter.conf.lua agent_status boolean
* Update sofia.conf.lua boolean
* Update number translations lua boolean
* Update directory.lua boolean
* Update group_call.lua fix the cache
* Update reverse-auth-lookup.lua boolean
* Update directory.lua boolean
* Use concat instead of ||
* Update index.lua
---------
Co-authored-by: fusionate <nate@fusionpbx.com>
Co-authored-by: Alex <alex@fusionpbx.com>
Co-authored-by: frytimo <tim@fusionpbx.com>
395 lines
14 KiB
PHP
395 lines
14 KiB
PHP
<?php
|
|
/*
|
|
FusionPBX
|
|
Version: MPL 1.1
|
|
|
|
The contents of this file are subject to the Mozilla Public License Version
|
|
1.1 (the "License"); you may not use this file except in compliance with
|
|
the License. You may obtain a copy of the License at
|
|
http://www.mozilla.org/MPL/
|
|
|
|
Software distributed under the License is distributed on an "AS IS" basis,
|
|
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
for the specific language governing rights and limitations under the
|
|
License.
|
|
|
|
The Original Code is FusionPBX
|
|
|
|
The Initial Developer of the Original Code is
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
|
Portions created by the Initial Developer are Copyright (C) 2008-2024
|
|
the Initial Developer. All Rights Reserved.
|
|
|
|
Contributor(s):
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
|
*/
|
|
|
|
/**
|
|
* plugin_database
|
|
*
|
|
* @method plugin_database validates the authentication using information from the database
|
|
*/
|
|
class plugin_database {
|
|
|
|
/**
|
|
* Define variables and their scope
|
|
*/
|
|
public $domain_name;
|
|
public $domain_uuid;
|
|
public $user_uuid;
|
|
public $contact_uuid;
|
|
public $contact_organization;
|
|
public $contact_name_given;
|
|
public $contact_name_family;
|
|
public $contact_image;
|
|
public $username;
|
|
public $password;
|
|
public $key;
|
|
public $debug;
|
|
public $user_email;
|
|
|
|
/**
|
|
* database checks the local database to authenticate the user or key
|
|
* @return array [authorized] => true or false
|
|
*/
|
|
function database(authentication $auth, settings $settings) {
|
|
|
|
//pre-process some settings
|
|
$theme_favicon = $settings->get('theme', 'favicon', PROJECT_PATH.'/themes/default/favicon.ico');
|
|
$theme_logo = $settings->get('theme', 'logo', PROJECT_PATH.'/themes/default/images/logo_login.png');
|
|
$theme_login_logo_width = $settings->get('theme', 'login_logo_width', 'auto; max-width: 300px');
|
|
$theme_login_logo_height = $settings->get('theme', 'login_logo_height', 'auto; max-height: 300px');
|
|
$theme_message_delay = 1000 * (float)$settings->get('theme', 'message_delay', 3000);
|
|
$background_videos = $settings->get('theme', 'background_video', null);
|
|
$theme_background_video = (isset($background_videos) && is_array($background_videos)) ? $background_videos[0] : null;
|
|
$login_domain_name_visible = $settings->get('login', 'domain_name_visible');
|
|
$login_domain_name = $settings->get('login', 'domain_name');
|
|
$login_destination = $settings->get('login', 'destination');
|
|
$users_unique = $settings->get('users', 'unique', '');
|
|
|
|
//determine whether to show the forgot password for resetting the password
|
|
$login_password_reset_enabled = false;
|
|
if (!empty($settings->get('login', 'password_reset_key'))) {
|
|
$login_password_reset_enabled = true;
|
|
}
|
|
|
|
//check if already authorized
|
|
if (isset($_SESSION['authentication']['plugin']['database']) && $_SESSION['authentication']['plugin']['database']["authorized"]) {
|
|
return;
|
|
}
|
|
|
|
//show the authentication code view
|
|
if (empty($_REQUEST["username"]) && empty($_REQUEST["key"])) {
|
|
|
|
//get the domain
|
|
$domain_array = explode(":", $_SERVER["HTTP_HOST"]);
|
|
$domain_name = $domain_array[0];
|
|
|
|
//create token
|
|
//$object = new token;
|
|
//$token = $object->create('login');
|
|
|
|
//add multi-lingual support
|
|
$language = new text;
|
|
$text = $language->get(null, '/core/authentication');
|
|
|
|
//initialize a template object
|
|
$view = new template();
|
|
$view->engine = 'smarty';
|
|
$view->template_dir = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/core/authentication/resources/views/';
|
|
$view->cache_dir = sys_get_temp_dir();
|
|
$view->init();
|
|
|
|
//add translations
|
|
$view->assign("login_title", $text['button-login']);
|
|
$view->assign("label_username", $text['label-username']);
|
|
$view->assign("label_password", $text['label-password']);
|
|
$view->assign("label_domain", $text['label-domain']);
|
|
$view->assign("button_login", $text['button-login']);
|
|
|
|
//assign default values to the template
|
|
$view->assign("project_path", PROJECT_PATH);
|
|
$view->assign("login_destination_url", $login_destination);
|
|
$view->assign("login_domain_name_visible", $login_domain_name_visible);
|
|
$view->assign("login_domain_names", $login_domain_name);
|
|
$view->assign("login_password_reset_enabled", $login_password_reset_enabled);
|
|
$view->assign("favicon", $theme_favicon);
|
|
$view->assign("login_logo_width", $theme_login_logo_width);
|
|
$view->assign("login_logo_height", $theme_login_logo_height);
|
|
$view->assign("login_logo_source", $theme_logo);
|
|
$view->assign("message_delay", $theme_message_delay);
|
|
$view->assign("background_video", $theme_background_video);
|
|
$view->assign("login_password_description", $text['label-password_description']);
|
|
$view->assign("button_cancel", $text['button-cancel']);
|
|
$view->assign("button_forgot_password", $text['button-forgot_password']);
|
|
|
|
//assign openid values to the template
|
|
if ($settings->get('open_id', 'enabled', false)) {
|
|
$classes = $settings->get('open_id', 'methods', []);
|
|
$banners = [];
|
|
foreach ($classes as $open_id_class) {
|
|
if (class_exists($open_id_class)) {
|
|
$banners[] = [
|
|
'name' => $open_id_class,
|
|
'image' => $open_id_class::get_banner_image(),
|
|
'url' => '/app/open_id/open_id.php?action=' . $open_id_class,
|
|
];
|
|
}
|
|
}
|
|
if (count($banners) > 0) {
|
|
$view->assign('banners', $banners);
|
|
}
|
|
}
|
|
|
|
//assign user to the template
|
|
if (!empty($_SESSION['username'])) {
|
|
$view->assign("username", $_SESSION['username']);
|
|
}
|
|
|
|
//messages
|
|
$view->assign('messages', message::html(true, ' '));
|
|
|
|
//add the token name and hash to the view
|
|
//$view->assign("token_name", $token['name']);
|
|
//$view->assign("token_hash", $token['hash']);
|
|
|
|
//show the views
|
|
$content = $view->render('login.htm');
|
|
echo $content;
|
|
exit;
|
|
}
|
|
|
|
//validate the token
|
|
//$token = new token;
|
|
//if (!$token->validate($_SERVER['PHP_SELF'])) {
|
|
// message::add($text['message-invalid_token'],'negative');
|
|
// header('Location: domains.php');
|
|
// exit;
|
|
//}
|
|
|
|
//add the authentication details
|
|
if (isset($_REQUEST["username"])) {
|
|
$this->username = $_REQUEST["username"];
|
|
$_SESSION['username'] = $this->username;
|
|
}
|
|
if (isset($_REQUEST["password"])) {
|
|
$this->password = $_REQUEST["password"];
|
|
}
|
|
if (isset($_REQUEST["key"])) {
|
|
$this->key = $_REQUEST["key"];
|
|
}
|
|
if (isset($_REQUEST["domain_name"])) {
|
|
$domain_name = $_REQUEST["domain_name"];
|
|
$this->domain_name = $_REQUEST["domain_name"];
|
|
}
|
|
|
|
//get the domain name
|
|
$auth->get_domain();
|
|
$this->username = $_SESSION['username'] ?? null;
|
|
//$this->domain_uuid = $_SESSION['domain_uuid'] ?? null;
|
|
//$this->domain_name = $_SESSION['domain_name'] ?? null;
|
|
|
|
//debug information
|
|
//echo "domain_uuid: ".$this->domain_uuid."<br />\n";
|
|
//view_array($this->domain_uuid, false);
|
|
//echo "domain_name: ".$this->domain_name."<br />\n";
|
|
//echo "username: ".$this->username."<br />\n";
|
|
|
|
//set the default status
|
|
$user_authorized = false;
|
|
|
|
//check if contacts app exists
|
|
$contacts_exists = file_exists($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/core/contacts/') ? true : false;
|
|
|
|
//check the username and password if they don't match then redirect to the login
|
|
$sql = "select ";
|
|
$sql .= " d.domain_name, ";
|
|
$sql .= " u.user_uuid, ";
|
|
$sql .= " u.contact_uuid, ";
|
|
$sql .= " u.username, ";
|
|
$sql .= " u.password, ";
|
|
$sql .= " u.user_email, ";
|
|
$sql .= " u.salt, ";
|
|
$sql .= " u.api_key, ";
|
|
$sql .= " u.domain_uuid ";
|
|
$sql .= "from ";
|
|
$sql .= " v_domains as d, ";
|
|
$sql .= " v_users as u ";
|
|
$sql .= "where ";
|
|
$sql .= " u.domain_uuid = d.domain_uuid ";
|
|
$sql .= " and (";
|
|
$sql .= " user_type = 'default' ";
|
|
$sql .= " or user_type is null";
|
|
$sql .= " ) ";
|
|
if (isset($this->key) && strlen($this->key) > 30) {
|
|
$sql .= "and u.api_key = :api_key ";
|
|
$parameters['api_key'] = $this->key;
|
|
}
|
|
else {
|
|
$sql .= "and (\n";
|
|
$sql .= " lower(u.username) = lower(:username)\n";
|
|
$sql .= " or lower(u.user_email) = lower(:username)\n";
|
|
$sql .= ")\n";
|
|
$parameters['username'] = $this->username;
|
|
}
|
|
if ($users_unique === "global") {
|
|
//unique username - global (example: email address)
|
|
}
|
|
else {
|
|
//unique username - per domain
|
|
$sql .= "and u.domain_uuid = :domain_uuid ";
|
|
$parameters['domain_uuid'] = $this->domain_uuid;
|
|
}
|
|
$sql .= "and (user_enabled = true or user_enabled is null) ";
|
|
$row = $settings->database()->select($sql, $parameters, 'row');
|
|
if (!empty($row) && is_array($row) && @sizeof($row) != 0) {
|
|
|
|
//validate the password
|
|
$valid_password = false;
|
|
if (isset($this->key) && strlen($this->key) > 30 && $this->key === $row["api_key"]) {
|
|
$valid_password = true;
|
|
}
|
|
else if (substr($row["password"], 0, 1) === '$') {
|
|
if (isset($this->password) && !empty($this->password)) {
|
|
if (password_verify($this->password, $row["password"])) {
|
|
$valid_password = true;
|
|
}
|
|
}
|
|
}
|
|
else {
|
|
//deprecated - compare the password provided by the user with the one in the database
|
|
if (md5($row["salt"].$this->password) === $row["password"]) {
|
|
$row["password"] = crypt($this->password, '$1$'.$password_salt.'$');
|
|
$valid_password = true;
|
|
}
|
|
}
|
|
|
|
//set the domain and user settings
|
|
if ($valid_password) {
|
|
//set the domain_uuid
|
|
$this->domain_uuid = $row["domain_uuid"];
|
|
$this->domain_name = $row["domain_name"];
|
|
|
|
//set the domain session variables
|
|
$_SESSION["domain_uuid"] = $this->domain_uuid;
|
|
$_SESSION["domain_name"] = $this->domain_name;
|
|
|
|
//set the domain setting
|
|
if ($users_unique === "global" && $row["domain_uuid"] !== $this->domain_uuid) {
|
|
$domain = new domains();
|
|
$domain->set();
|
|
}
|
|
|
|
//set the variables
|
|
$this->user_uuid = $row['user_uuid'];
|
|
$this->username = $row['username'];
|
|
$this->user_email = $row['user_email'];
|
|
$this->contact_uuid = $row['contact_uuid'];
|
|
|
|
//get the user contact details
|
|
if ($contacts_exists) {
|
|
$sql = "select ";
|
|
$sql .= " c.contact_organization, ";
|
|
$sql .= " c.contact_name_given, ";
|
|
$sql .= " c.contact_name_family, ";
|
|
$sql .= " a.contact_attachment_uuid, ";
|
|
$sql .= "from v_contacts as c ";
|
|
$sql .= "where contact_uuid = :contact_uuid ";
|
|
$sql .= "left join v_contact_attachments as a ";
|
|
$sql .= " on c.contact_uuid = a.contact_uuid ";
|
|
$sql .= "and a.attachment_primary = true ";
|
|
$sql .= "and a.attachment_filename is not null ";
|
|
$sql .= "and a.attachment_content is not null ";
|
|
$sql .= "and c.domain_uuid = :domain_uuid ";
|
|
$parameters['domain_uuid'] = $this->domain_uuid;
|
|
$parameters['contact_uuid'] = $this->contact_uuid;
|
|
$contact = $settings->database()->select($sql, $parameters, 'row');
|
|
$this->contact_organization = $contact['contact_organization'];
|
|
$this->contact_name_given = $contact['contact_name_given'];
|
|
$this->contact_name_family = $contact['contact_name_family'];
|
|
$this->contact_image = $contact['contact_attachment_uuid'];
|
|
}
|
|
|
|
//debug info
|
|
//echo "user_uuid ".$this->user_uuid."<br />\n";
|
|
//echo "username ".$this->username."<br />\n";
|
|
//echo "contact_uuid ".$this->contact_uuid."<br />\n";
|
|
|
|
//set a few session variables
|
|
$_SESSION["user_uuid"] = $row['user_uuid'];
|
|
$_SESSION["username"] = $row['username'];
|
|
$_SESSION["user_email"] = $row['user_email'];
|
|
$_SESSION["contact_uuid"] = $row["contact_uuid"];
|
|
}
|
|
|
|
//check to to see if the the password hash needs to be updated
|
|
if ($valid_password) {
|
|
//set the password hash cost
|
|
$options = array('cost' => 10);
|
|
|
|
//check if a newer hashing algorithm is available or the cost has changed
|
|
if (password_needs_rehash($row["password"], PASSWORD_DEFAULT, $options)) {
|
|
|
|
//build user insert array
|
|
$array = [];
|
|
$array['users'][0]['user_uuid'] = $this->user_uuid;
|
|
$array['users'][0]['domain_uuid'] = $this->domain_uuid;
|
|
$array['users'][0]['user_email'] = $this->user_email;
|
|
$array['users'][0]['password'] = password_hash($this->password, PASSWORD_DEFAULT, $options);
|
|
$array['users'][0]['salt'] = null;
|
|
|
|
//build user group insert array
|
|
$array['user_groups'][0]['user_group_uuid'] = uuid();
|
|
$array['user_groups'][0]['domain_uuid'] = $this->domain_uuid;
|
|
$array['user_groups'][0]['group_name'] = 'user';
|
|
$array['user_groups'][0]['user_uuid'] = $this->user_uuid;
|
|
|
|
//grant temporary permissions
|
|
$p = permissions::new();
|
|
$p->add('user_edit', 'temp');
|
|
|
|
//execute insert
|
|
$settings->database()->app_name = 'authentication';
|
|
$settings->database()->app_uuid = 'a8a12918-69a4-4ece-a1ae-3932be0e41f1';
|
|
$settings->database()->save($array);
|
|
unset($array);
|
|
|
|
//revoke temporary permissions
|
|
$p->delete('user_edit', 'temp');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
//result array
|
|
if ($valid_password) {
|
|
$result["plugin"] = "database";
|
|
$result["domain_name"] = $this->domain_name;
|
|
$result["username"] = $this->username;
|
|
$result["user_uuid"] = $this->user_uuid;
|
|
$result["domain_uuid"] = $_SESSION['domain_uuid'];
|
|
$result["contact_uuid"] = $this->contact_uuid;
|
|
if ($contacts_exists) {
|
|
$result["contact_organization"] = $this->contact_organization;
|
|
$result["contact_name_given"] = $this->contact_name_given;
|
|
$result["contact_name_family"] = $this->contact_name_family;
|
|
$result["contact_image"] = $this->contact_image;
|
|
}
|
|
$result["user_email"] = $this->user_email;
|
|
$result["sql"] = $sql;
|
|
$result["authorized"] = $valid_password;
|
|
}
|
|
|
|
//return the results
|
|
return $result ?? false;
|
|
|
|
}
|
|
|
|
|
|
return;
|
|
|
|
}
|
|
}
|
|
|
|
?>
|