mirror of
https://github.com/fusionpbx/fusionpbx.git
synced 2025-12-30 09:03:49 +00:00
dda18481ec
* Use settings-get method - get default, domain and user settings - Replace _SESSION * Simplify get domain paging * Change isset using empty * Fix token name and hash * Add new default settings category: contact, name: default_sort_column, and default_sort_order * Update app_config.php * Update footer.php * Fix require.php and core/dashboard/index.php (#7563) * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Fix require.php and core/dashboard/index.php * Update destinations.php * Update permission.php * Update require.php --------- Co-authored-by: FusionPBX <markjcrane@gmail.com> Co-authored-by: FusionPBX <mark@fusionpbx.com> * Update header.php * Use settings get classes (#7567) * access_control * azure * azure * basic_operator_panel * bridges * call_block * call_broadcast * call_center * call_flows * call_forward * call_recordings * do_not_disturb * feature_event_notify * follow_me * remove unused object properties * fix esl command * fix esl command * conference_centers * conference_centers - remove whitespace * conference_controls * conference_profiles * conference_profiles * Delete core/websockets/resources/classes/socket_exception.php.original~ * Delete core/websockets/resources/classes/websocket_server.php.original~ * conferences * destinations * device * dialplan * email_queue * event_guard * extension_settings * extension * fax * fax_queue * fifo * gateways * ivr_menu * modules * switch_music_on_hold * number_translations * phrases * pin_numbers * provision * switch_recordings * registrations * ring_groups * sip_profiles * sofia_global_settings * streams * presence * switch_files * time_conditions * vars * voicemail_greetings * voicemail * ringbacks * contacts * xml_cdr * authentication * dashboard * default_settings * domain_settings * email_templates * permission * user_logs * user_settings * users * button * cache * captcha * remove cli_option * remove directory.php for switch_directory class * email * file * groups * event_socket use config object * Use intval to give an integer port * switch_settings * tones * fix object used before initialization * menu * fix copy paste error for switch_files.php * always include require.php for framework files * Fix missing properties * set the action * Use the $database object * Add missing class properties * Fix the domain_name * Use public scope for domain_uuid and domain_name * Add missing parameters * Correct the user_uuid parameter * Add json_validate and use it in the dashboard update indentation on functions.php * Intialize the active_registrations variable * Define the $parameters * Set a default value for user_setting_enabled * Add condition domain_uuid not empty * Add not empty condition for domain_uuid * Declare the global variables * Update how the defaults are set use ?? * Use ?? to set the default values * Update call_center_queue_edit.php * Prevent an error * Add domain_name property * Fix the null coalescing operator * Removed domain_uuid from the URL * Change condition to check sip_profile_domain_name * Refactor domain_uuid declaration and comments Removed redundant domain_uuid declaration and updated comments. * Account for an empty value * Refactor constructor to use settings array Updated constructor to accept settings array for domain UUID and database initialization. * Refactor xml_cdr.php to improve variable organization Removed duplicate domain_uuid declaration and reorganized private variables for better structure. * Enhance transcription button logic and icon display Updated transcription button visibility conditions and improved application icon handling in the call flow summary. * Refactor settings initialization in domains.php Updated settings initialization to include domain_uuid and user_uuid. * Modify domain change condition in require.php Updated condition to check if 'domain_change' is not empty before proceeding. * Set default_setting_enabled to true by default * Enhance domain UUID check in access controls * Enhance domain UUID check in settings list * Refactor category display logic in vars.php * Simplify list row URL generation Removed domain UUID check from list row URL construction. * Refactor module category display logic * Fix SQL query by removing parameters variable * Initialize result_count variable for call recordings * Refactor leg variable usage in xml_cdr_details.php * Update conference_room_edit.php * Change GET to REQUEST for order and search variables * Set timezone and SQL time format in recordings.php Added timezone and SQL time format settings. * Set default for ring group greeting * Improve domain UUID check in stream listing * Handle null voicemail_option_param safely * Add file existence check for greeting files Check if greeting file exists before getting size and date. * Improve domain UUID check in email templates * Update FIFO strategy dropdown and description text * Add multilingual agent descriptions Added multilingual descriptions for agents in the app_languages.php file. * Add music on hold descriptions * Add the chime list description Updated copyright year from 2024 to 2025. * Fix domain UUID check and handle email subject decoding * Add null coalescing for $value in email_test.php Ensure $value is not null by providing a default empty string. * Handle undefined dialplan_uuid in input field * Add translations for 'Status' label in multiple languages * Fix typo in config instance check --------- Co-authored-by: frytimo <tim@fusionpbx.com>
301 lines
11 KiB
PHP
301 lines
11 KiB
PHP
<?php
|
|
/*
|
|
FusionPBX
|
|
Version: MPL 1.1
|
|
|
|
The contents of this file are subject to the Mozilla Public License Version
|
|
1.1 (the "License"); you may not use this file except in compliance with
|
|
the License. You may obtain a copy of the License at
|
|
http://www.mozilla.org/MPL/
|
|
|
|
Software distributed under the License is distributed on an "AS IS" basis,
|
|
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
for the specific language governing rights and limitations under the
|
|
License.
|
|
|
|
The Original Code is FusionPBX
|
|
|
|
The Initial Developer of the Original Code is
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
|
Portions created by the Initial Developer are Copyright (C) 2008-2025
|
|
the Initial Developer. All Rights Reserved.
|
|
|
|
Contributor(s):
|
|
Mark J Crane <markjcrane@fusionpbx.com>
|
|
Luis Daniel Lucio Quiroz <dlucio@okay.com.mx>
|
|
*/
|
|
|
|
//includes files
|
|
require_once dirname(__DIR__, 2) . "/resources/require.php";
|
|
require_once "resources/check_auth.php";
|
|
|
|
//check permissions
|
|
if (!permission_exists('contact_attachment_edit') && !permission_exists('contact_attachment_add')) {
|
|
echo "access denied"; exit;
|
|
}
|
|
|
|
//add multi-lingual support
|
|
$language = new text;
|
|
$text = $language->get();
|
|
|
|
//action add or update
|
|
$contact_attachment_uuid = $_REQUEST['id'] ?? '';
|
|
$contact_uuid = $_REQUEST['contact_uuid'] ?? '';
|
|
|
|
if (!empty($contact_attachment_uuid) && !empty($contact_uuid) && is_uuid($contact_attachment_uuid) && is_uuid($contact_uuid)) {
|
|
$action = 'update';
|
|
}
|
|
else if (!empty($contact_uuid) && is_uuid($contact_uuid)) {
|
|
$action = 'add';
|
|
}
|
|
else {
|
|
exit;
|
|
}
|
|
|
|
//get http post variables and set them to php variables
|
|
if (!empty($_POST)) {
|
|
|
|
//set the variables
|
|
$attachment = $_FILES['attachment'];
|
|
$attachment_primary = $_POST['attachment_primary'];
|
|
$attachment_description = $_POST['attachment_description'];
|
|
|
|
//validate the token
|
|
$token = new token;
|
|
if (!$token->validate($_SERVER['PHP_SELF'])) {
|
|
message::add($text['message-invalid_token'],'negative');
|
|
header('Location: contacts.php');
|
|
exit;
|
|
}
|
|
|
|
//get the attachment type
|
|
if (empty($attachment) || sizeof($attachment) == 0) {
|
|
$attachment_extension = strtolower(pathinfo($_POST['attachment_filename'], PATHINFO_EXTENSION));
|
|
}
|
|
else {
|
|
$attachment_extension = strtolower(pathinfo($attachment['name'], PATHINFO_EXTENSION));
|
|
}
|
|
|
|
//unflag others as primary
|
|
$allowed_primary_attachment = false;
|
|
if ($attachment_primary && ($attachment_extension == 'jpg' || $attachment_extension == 'jpeg' || $attachment_extension == 'gif' || $attachment_extension == 'png')) {
|
|
$sql = "update v_contact_attachments set attachment_primary = false ";
|
|
$sql .= "where domain_uuid = :domain_uuid ";
|
|
$sql .= "and contact_uuid = :contact_uuid ";
|
|
$parameters['domain_uuid'] = $domain_uuid;
|
|
$parameters['contact_uuid'] = $contact_uuid;
|
|
$database->execute($sql, $parameters ?? null);
|
|
unset($sql, $parameters);
|
|
|
|
$allowed_primary_attachment = true;
|
|
}
|
|
|
|
//get the allowed extensions
|
|
$allowed_extensions = array_keys(json_decode($settings->get('contact', 'allowed_attachment_types'), true));
|
|
|
|
//check the allowed extensions
|
|
if ($attachment['error'] == '0' && in_array($attachment_extension, $allowed_extensions)) {
|
|
//get the attachment content
|
|
$attachment_content = file_get_contents($attachment['tmp_name']);
|
|
|
|
//read the image from the string then output the image without meta data
|
|
if (in_array($attachment_extension, ['png','jpg','jpeg','gif','bmp', 'webp'])) {
|
|
//create the image object from the content string
|
|
$image = imagecreatefromstring($attachment_content);
|
|
|
|
//start output buffering to capture the image data
|
|
ob_start();
|
|
|
|
//output the image without the EXIF data
|
|
switch ($attachment_extension) {
|
|
case 'png':
|
|
imagealphablending($image, FALSE);
|
|
imagesavealpha($image, TRUE);
|
|
imagepng($image);
|
|
break;
|
|
case 'jpg':
|
|
case 'jpeg':
|
|
imagejpeg($image);
|
|
break;
|
|
case 'gif':
|
|
imagesavealpha($image, TRUE);
|
|
imagegif($image);
|
|
break;
|
|
case 'bmp':
|
|
imagebmp($image);
|
|
break;
|
|
case 'webp':
|
|
imagewebp($image);
|
|
break;
|
|
}
|
|
|
|
//get the image from the buffer
|
|
$attachment_content = ob_get_contents();
|
|
|
|
//end the buffering
|
|
ob_end_clean();
|
|
|
|
//free up the memory
|
|
imagedestroy($image);
|
|
}
|
|
}
|
|
|
|
//prepare the array
|
|
$array['contact_attachments'][0]['contact_attachment_uuid'] = $action == 'update' ? $contact_attachment_uuid : uuid();
|
|
$array['contact_attachments'][0]['domain_uuid'] = $_SESSION['domain_uuid'] ?? '';
|
|
$array['contact_attachments'][0]['contact_uuid'] = $contact_uuid;
|
|
$array['contact_attachments'][0]['attachment_primary'] = $allowed_primary_attachment ? 1 : 0;
|
|
if ($attachment['error'] == '0' && in_array(strtolower(pathinfo($attachment['name'], PATHINFO_EXTENSION)), $allowed_extensions)) {
|
|
$array['contact_attachments'][0]['attachment_filename'] = $attachment['name'];
|
|
$array['contact_attachments'][0]['attachment_content'] = base64_encode($attachment_content);
|
|
}
|
|
$array['contact_attachments'][0]['attachment_description'] = $attachment_description;
|
|
if ($action == 'add') {
|
|
$array['contact_attachments'][0]['attachment_uploaded_date'] = 'now()';
|
|
$array['contact_attachments'][0]['attachment_uploaded_user_uuid'] = $_SESSION['user_uuid'];
|
|
}
|
|
|
|
//save data
|
|
$database->save($array);
|
|
unset($array);
|
|
|
|
//redirect
|
|
message::add($text['message-'.($action == 'update' ? 'update' : 'uploaded')]);
|
|
header('Location: contact_edit.php?id='.$contact_uuid);
|
|
exit;
|
|
}
|
|
|
|
//get form data
|
|
if (!empty($_GET)) {
|
|
$sql = "select * from v_contact_attachments ";
|
|
$sql .= "where domain_uuid = :domain_uuid ";
|
|
$sql .= "and contact_attachment_uuid = :contact_attachment_uuid ";
|
|
$parameters['domain_uuid'] = $domain_uuid;
|
|
$parameters['contact_attachment_uuid'] = $contact_attachment_uuid;
|
|
$row = $database->select($sql, $parameters, 'row');
|
|
if (!empty($row)) {
|
|
$attachment_primary = $row["attachment_primary"];
|
|
$attachment_filename = $row["attachment_filename"];
|
|
$attachment_content = $row["attachment_content"];
|
|
$attachment_description = $row["attachment_description"];
|
|
}
|
|
unset($sql, $parameters, $row);
|
|
}
|
|
|
|
//set the defaults
|
|
$attachment_primary = $attachment_primary ?? false;
|
|
|
|
//create token
|
|
$object = new token;
|
|
$token = $object->create($_SERVER['PHP_SELF']);
|
|
|
|
//show the header
|
|
if ($action == "update") {
|
|
$document['title'] = $text['title-contact_attachment-edit'];
|
|
}
|
|
else if ($action == "add") {
|
|
$document['title'] = $text['title-contact_attachment-add'];
|
|
}
|
|
require_once "resources/header.php";
|
|
|
|
//show the content
|
|
echo "<form method='post' name='frm' id='frm' enctype='multipart/form-data'>\n";
|
|
|
|
echo "<div class='action_bar' id='action_bar'>\n";
|
|
echo " <div class='heading'>";
|
|
if ($action == "update") {
|
|
echo "<b>".$text['header-contact_attachment-edit']."</b>";
|
|
}
|
|
else if ($action == "add") {
|
|
echo "<b>".$text['header-contact_attachment-add']."</b>";
|
|
}
|
|
echo " </div>\n";
|
|
echo " <div class='actions'>\n";
|
|
echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$settings->get('theme', 'button_icon_back'),'id'=>'btn_back','style'=>'margin-right: 15px;','link'=>'contact_edit.php?id='.urlencode($contact_uuid)]);
|
|
echo button::create(['type'=>'submit','label'=>$text['button-save'],'icon'=>$settings->get('theme', 'button_icon_save'),'id'=>'btn_save']);
|
|
echo " </div>\n";
|
|
echo " <div style='clear: both;'></div>\n";
|
|
echo "</div>\n";
|
|
|
|
echo "<div class='card'>\n";
|
|
echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
|
|
|
|
echo "<tr>\n";
|
|
echo "<td width='30%' class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
|
|
echo " ".$text['label-attachment']."\n";
|
|
echo "</td>\n";
|
|
echo "<td width='70%' class='vtable' align='left'>\n";
|
|
$attachment_extension = strtolower(pathinfo($attachment_filename ?? '', PATHINFO_EXTENSION));
|
|
if ($action == 'update') {
|
|
echo "<input type='hidden' name='attachment_filename' value=\"".escape($attachment_filename)."\">\n";
|
|
if ($attachment_extension == 'jpg' || $attachment_extension == 'jpeg' || $attachment_extension == 'gif' || $attachment_extension == 'png') {
|
|
echo "<img src='data:image/".$attachment_extension.";base64,".$attachment_content."' style='border: none; width: auto; max-height: 400px;' oncontextmenu=\"window.open('contact_attachment.php?id=".$contact_attachment_uuid."&action=download'); return false;\">";
|
|
}
|
|
else {
|
|
echo "<a href='contact_attachment.php?id=".$contact_attachment_uuid."&action=download' style='font-size: 120%;'>".$attachment_filename."</a>";
|
|
}
|
|
}
|
|
else {
|
|
$allowed_attachment_types = json_decode($settings->get('contact', 'allowed_attachment_types'), true);
|
|
echo " <input type='file' class='formfld' name='attachment' id='attachment' accept='.".implode(',.',array_keys($allowed_attachment_types))."'>\n";
|
|
echo " <span style='display: inline-block; margin-top: 5px; font-size: 80%;'>".strtoupper(implode(', ', array_keys($allowed_attachment_types)))."</span>";
|
|
}
|
|
echo "</td>\n";
|
|
echo "</tr>\n";
|
|
|
|
if ($action == 'update' && ($attachment_extension == 'jpg' || $attachment_extension == 'jpeg' || $attachment_extension == 'gif' || $attachment_extension == 'png')) {
|
|
echo "<tr>\n";
|
|
echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
|
|
echo " ".$text['label-attachment_filename']."\n";
|
|
echo "</td>\n";
|
|
echo "<td class='vtable' align='left'>\n";
|
|
echo " <a href='contact_attachment.php?id=".$contact_attachment_uuid."&action=download' style='font-size: 120%;'>".$attachment_filename."</a>";
|
|
echo "</td>\n";
|
|
echo "</tr>\n";
|
|
}
|
|
|
|
echo "<tr>\n";
|
|
echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
|
|
echo " ".$text['label-primary']."\n";
|
|
echo "</td>\n";
|
|
echo "<td class='vtable' align='left'>\n";
|
|
if ($input_toggle_style_switch) {
|
|
echo " <span class='switch'>\n";
|
|
}
|
|
echo " <select class='formfld' id='attachment_primary' name='attachment_primary'>\n";
|
|
echo " <option value='true' ".($attachment_primary === true ? "selected='selected'" : null).">".$text['option-true']."</option>\n";
|
|
echo " <option value='false' ".($attachment_primary === false ? "selected='selected'" : null).">".$text['option-false']."</option>\n";
|
|
echo " </select>\n";
|
|
if ($input_toggle_style_switch) {
|
|
echo " <span class='slider'></span>\n";
|
|
echo " </span>\n";
|
|
}
|
|
echo "</td>\n";
|
|
echo "</tr>\n";
|
|
|
|
echo "<tr>\n";
|
|
echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
|
|
echo " ".$text['label-attachment_description']."\n";
|
|
echo "</td>\n";
|
|
echo "<td class='vtable' align='left'>\n";
|
|
echo " <input class='formfld' type='text' name='attachment_description' maxlength='255' value=\"".escape($attachment_description ?? '')."\">\n";
|
|
echo "</td>\n";
|
|
echo "</tr>\n";
|
|
|
|
echo "</table>";
|
|
echo "</div>\n";
|
|
echo "<br><br>";
|
|
|
|
echo "<input type='hidden' name='contact_uuid' value='".escape($contact_uuid)."'>\n";
|
|
if ($action == "update") {
|
|
echo "<input type='hidden' name='contact_attachment_uuid' value='".escape($contact_attachment_uuid)."'>\n";
|
|
}
|
|
echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
|
|
|
|
echo "</form>";
|
|
|
|
//include the footer
|
|
require_once "resources/footer.php";
|
|
|
|
?>
|