]>
git.defcon.no Git - hermes/blob - api/lib/user_functions.php
3 # Copyright (c) 2012, Gjøvik University College
6 # Redistribution and use in source and binary forms, with or without
7 # modification, are permitted provided that the following conditions are met:
8 # * Redistributions of source code must retain the above copyright
9 # notice, this list of conditions and the following disclaimer.
10 # * Redistributions in binary form must reproduce the above copyright
11 # notice, this list of conditions and the following disclaimer in the
12 # documentation and/or other materials provided with the distribution.
13 # * Neither the name of the Gjøvik University College nor the
14 # names of its contributors may be used to endorse or promote products
15 # derived from this software without specific prior written permission.
17 # THIS SOFTWARE IS PROVIDED BY Gjøvik University College ''AS IS'' AND ANY
18 # EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
19 # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
20 # DISCLAIMED. IN NO EVENT SHALL Gjøvik University College BE LIABLE FOR ANY
21 # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
22 # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
23 # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
24 # ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26 # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 require_once ( 'config.php' );
29 require_once ( 'lib/common_functions.php' );
30 require_once ( 'lib/db_functions.php' );
32 $config = get_config ();
34 function generate_password ( $length = null )
37 if ( ! $length ) $length = $config [ 'standard_password_length' ];
40 while ( strlen ( $string ) < $length )
42 $string .= crypt ( substr ( md5 ( rand (). rand ()), 0 , $length +
1 ));
43 $string = preg_replace ( '/\W/' , '' , $string );
45 return substr ( $string , 1 , $length );
50 function is_kamailio_subscriber ( $user , $domain )
53 $query = sprintf ( "SELECT username FROM %s WHERE username = ' %s ' AND domain = ' %s '" ,
54 $config [ 'kamailio_subscriber_table' ],
58 return sql_dbtest_numrows ( $config [ 'kamailio_db' ], $query , 1 );
61 function is_provision_user ( $user , $domain )
64 $query = sprintf ( "SELECT username FROM %s WHERE username = ' %s ' AND domain = ' %s '" ,
65 $config [ 'hermes_users_table' ],
69 return sql_dbtest_numrows ( $config [ 'hermes_db' ], $query , 1 );
72 function add_kamailio_subscriber ( $username , $domain , $password , $email )
77 $ha1 = md5 ( $username . ":" . $domain . ":" . $password );
78 $ha1b = md5 ( $username . "@" . $domain . ":" . $domain . ":" . $password );
80 $query = sprintf ( "INSERT INTO %s (username, domain, password, email_address, ha1, ha1b) VALUES (' %s ',' %s ',' %s ', ' %s ', ' %s ', ' %s ')" ,
81 $config [ 'kamailio_subscriber_table' ],
89 if ( ! sql_dbexec ( $config [ 'kamailio_db' ], $query ) ) return false ;
93 function delete_kamailio_subscriber ( $username , $domain )
98 $query = sprintf ( "SELECT id FROM %s WHERE username = ' %s ' AND domain = ' %s '" ,
99 $config [ 'kamailio_subscriber_table' ],
100 sql_clean ( $username ),
103 $row = sql_dbquery_single ( $config [ 'kamailio_db' ], $query );
104 if (! $row ) return false ;
105 $user_rowid = $row [ 'id' ];
106 if ( ! $user_rowid ) return false ;
108 $query = sprintf ( "DELETE FROM %s WHERE id = %d AND username = ' %s ' AND domain = ' %s '" ,
109 $config [ 'kamailio_subscriber_table' ],
111 sql_clean ( $username ),
114 if ( sql_dbexec_rows ( $config [ 'kamailio_db' ], $query ) != 1 ) return false ;
119 function update_kamailio_pw ( $username , $domain , $password )
123 if ( ! ( $username && $domain && $password ))
126 $query = sprintf ( "UPDATE %s SET password = ' %s ' WHERE username = ' %s ' AND domain = ' %s '" ,
127 $config [ 'kamailio_subscriber_table' ],
128 sql_clean ( $password ),
129 sql_clean ( $username ),
133 if ( sql_dbexec_rows ( $config [ 'kamailio_db' ], $query ) != 1 ) return false ;
137 function update_kamailio_email ( $username , $domain , $email )
141 if ( ! ( $username && $domain && $email ))
144 $query = sprintf ( "UPDATE %s SET email_address = ' %s ' WHERE username = ' %s ' AND domain = ' %s '" ,
145 $config [ 'kamailio_subscriber_table' ],
147 sql_clean ( $username ),
151 if ( sql_dbexec_rows ( $config [ 'kamailio_db' ], $query ) != 1 ) return false ;
156 function add_provision_user ( $username , $password , $domain , $authid , $registrar , $r_port , $proxy , $p_port , $displayname , $dialplan , $linetext )
159 if ( is_provision_user ( $username , $password ) ) return false ;
160 $query = sprintf ( "INSERT INTO %s ( username, password, displayname, domain, registrar, r_port, proxy, p_port, dialplan, authid, linetext )
161 VALUES (' %s ', ' %s ', ' %s ', ' %s ', ' %s ', %d , ' %s ', %d , ' %s ', ' %s ', ' %s ')" ,
162 $config [ 'hermes_users_table' ],
163 sql_clean ( $username ),
164 sql_clean ( $password ),
165 sql_clean ( $displayname ),
167 sql_clean ( $registrar ),
171 sql_clean ( $dialplan ),
175 if ( ! sql_dbexec ( $config [ 'hermes_db' ], $query ) ) return false ;
178 function get_provision_userid ( $username , $domain )
182 $query = sprintf ( "SELECT id FROM %s WHERE username = ' %s ' AND domain = ' %s '" ,
183 $config [ 'hermes_users_table' ],
184 sql_clean ( $username ),
188 $row = sql_dbquery_single ( $config [ 'hermes_db' ], $query );
189 if (! $row ) return false ;
190 $user_rowid = $row [ 'id' ];
194 function delete_provision_user ( $username , $domain )
198 $user_rowid = get_provision_userid ( $username , $domain );
199 if ( ! $user_rowid ) return false ;
201 $query = sprintf ( "DELETE FROM %s WHERE id = %d AND username = ' %s ' AND domain = ' %s '" ,
202 $config [ 'hermes_users_table' ],
204 sql_clean ( $username ),
207 if ( sql_dbexec_rows ( $config [ 'hermes_db' ], $query ) != 1 ) return false ;
211 function update_provision_data ( $param , $username , $domain , $data )
216 $param == "displayname" ||
217 $param == "dialplan" ||
218 $param == "linetext" ||
219 $param == "registrar" ||
220 $param == "r_port" ||
226 if ( ! ( $username && $domain ))
229 if ( ! is_provision_user ( $username , $domain ) )
232 $query = sprintf ( "UPDATE %s SET %s = ' %s ' WHERE username = ' %s ' AND domain = ' %s '" ,
233 $config [ 'hermes_users_table' ],
236 sql_clean ( $username ),
240 $res = sql_dbexec_rows ( $config [ 'hermes_db' ], $query );
242 if ( $res < 0 ) return - 2 ;
243 if ( $res > 1 ) return - 2 ;
247 function update_provision_pw ( $username , $domain , $password )
251 if ( ! ( $username && $domain && $password ))
254 $query = sprintf ( "UPDATE %s SET password = ' %s ' WHERE username = ' %s ' AND domain = ' %s '" ,
255 $config [ 'hermes_users_table' ],
256 sql_clean ( $password ),
257 sql_clean ( $username ),
261 if ( sql_dbexec_rows ( $config [ 'hermes_db' ], $query ) != 1 ) return false ;
265 function list_users ( $search = null )
268 $query = sprintf ( "SELECT CONCAT(username, '@', domain), displayname FROM %s ORDER BY username,domain" , $config [ 'hermes_users_table' ] );
270 if ( array_key_exists ( 'search' , $_POST ) )
272 $search = $_POST [ 'search' ]; // TODO: Add some sanitation and input validation!
273 $query = sprintf ( "SELECT CONCAT(username, '@', domain) FROM %s WHERE CONCAT(username, '@', domain) LIKE '%% %s %%' ORDER BY username,domain" , $config [ 'hermes_users_table' ], sql_clean ( $search ) );
276 $result = sql_dbquery ( $config [ 'hermes_db' ], $query );
277 if ( ! $result ) return null ;
279 while ( $row = @mysql_fetch_row
( $result ) )
281 array_push ( $list , array ( "user" => $row [ 0 ], "displayname" => $row [ 1 ] ) );
284 print json_encode ( array ( 'response' => 'ok' , 'list' => $list ));
288 function get_userdata ( $username , $domain )
291 if ( is_kamailio_subscriber ( $username , $domain ) // User must be present in both!
292 && is_provision_user ( $username , $domain ) ) $type = 'local' ;
293 else if ( is_provision_user ( $username , $domain ) ) $type = 'remote' ;
296 $provision_data = null ;
297 $kamailio_data = null ;
299 $query_provision = sprintf ( "SELECT id, username, password, displayname, domain, registrar, r_port, proxy, p_port, dialplan, authid, linetext FROM %s WHERE username = ' %s ' AND domain = ' %s '" ,
300 $config [ 'hermes_users_table' ],
301 sql_clean ( $username ),
304 $provision_data = sql_dbquery_single ( $config [ 'hermes_db' ] , $query_provision );
305 if ( ! $provision_data ) return false ;
307 if ( $type == 'local' )
309 // WARNING: Note the typo in the name of the 'permittedcalls' column!
310 $query_kamailio = sprintf ( "SELECT id, username, domain, password, email_address, ha1, ha1b, rpid, permittedcalls FROM %s WHERE username = ' %s ' AND domain = ' %s '" ,
311 $config [ 'kamailio_subscriber_table' ],
312 sql_clean ( $username ),
314 $kamailio_data = sql_dbquery_single ( $config [ 'kamailio_db' ] , $query_kamailio );
315 if ( ! $kamailio_data ) return false ;
317 $user [ 'type' ] = $type ;
318 $user [ 'username' ] = $provision_data [ 'username' ];
319 $user [ 'password' ] = $provision_data [ 'password' ];
320 $user [ 'domain' ] = $provision_data [ 'domain' ];
321 $user [ 'authid' ] = $provision_data [ 'authid' ];
322 $user [ 'registrar' ] = $provision_data [ 'registrar' ];
323 $user [ 'r_port' ] = $provision_data [ 'r_port' ];
324 $user [ 'proxy' ] = $provision_data [ 'proxy' ];
325 $user [ 'p_port' ] = $provision_data [ 'p_port' ];
326 $user [ 'dialplan' ] = $provision_data [ 'dialplan' ];
327 $user [ 'displayname' ] = $provision_data [ 'displayname' ];
328 $user [ 'linetext' ] = $provision_data [ 'linetext' ];
329 if ( $type == 'local' )
331 $user [ 'email' ] = $kamailio_data [ 'email_address' ];
332 $user [ 'ha1' ] = $kamailio_data [ 'ha1' ];
333 $user [ 'ha1b' ] = $kamailio_data [ 'ha1b' ];
334 $user [ 'rpid' ] = $kamailio_data [ 'rpid' ];
335 $user [ 'permittedcalls' ] = $kamailio_data [ 'permitedcalls' ];