]>
git.defcon.no Git - hermes/blob - api/lib/user_functions.php
2 require_once ( 'config.php' );
3 require_once ( 'lib/common_functions.php' );
4 require_once ( 'lib/db_functions.php' );
6 $config = get_config ();
8 // Default length 24 characters to provide a long password
9 // that still is short enough that Cisco SPA phones can use it
10 function generate_password ( $length = 24 )
13 while ( strlen ( $string ) < $length )
15 $string .= crypt ( substr ( md5 ( rand (). rand ()), 0 , $length +
1 ));
16 $string = preg_replace ( '/\W/' , '' , $string );
18 return substr ( $string , 1 , $length );
23 function is_kamailio_subscriber ( $user , $domain )
26 $query = sprintf ( "SELECT username FROM %s WHERE username = ' %s ' AND domain = ' %s '" ,
27 $config [ 'kamailio_subscriber_table' ],
31 return sql_dbtest_numrows ( $config [ 'kamailio_db' ], $query , 1 );
34 function is_provision_user ( $user , $domain )
37 $query = sprintf ( "SELECT username FROM %s WHERE username = ' %s ' AND domain = ' %s '" ,
38 $config [ 'provision_users_table' ],
42 return sql_dbtest_numrows ( $config [ 'provision_db' ], $query , 1 );
45 function add_kamailio_subscriber ( $username , $domain , $password , $email )
50 $ha1 = md5 ( $username . ":" . $domain . ":" . $password );
51 $ha1b = md5 ( $username . "@" . $domain . ":" . $domain . ":" . $password );
53 $query = sprintf ( "INSERT INTO %s (username, domain, password, email_address, ha1, ha1b) VALUES (' %s ',' %s ',' %s ', ' %s ', ' %s ', ' %s ')" ,
54 $config [ 'kamailio_subscriber_table' ],
62 if ( ! sql_dbexec ( $config [ 'kamailio_db' ], $query ) ) return false ;
66 function delete_kamailio_subscriber ( $username , $domain )
71 $query = sprintf ( "SELECT id FROM %s WHERE username = ' %s ' AND domain = ' %s '" ,
72 $config [ 'kamailio_subscriber_table' ],
76 $row = sql_dbquery_single ( $config [ 'kamailio_db' ], $query );
77 if (! $row ) return false ;
78 $user_rowid = $row [ 'id' ];
79 if ( ! $user_rowid ) return false ;
81 $query = sprintf ( "DELETE FROM %s WHERE id = %d AND username = ' %s ' AND domain = ' %s '" ,
82 $config [ 'kamailio_subscriber_table' ],
87 if ( sql_dbexec_rows ( $config [ 'kamailio_db' ], $query ) != 1 ) return false ;
92 function update_kamailio_pw ( $username , $domain , $password )
96 if ( ! ( $username && $domain && $password ))
99 $query = sprintf ( "UPDATE %s SET password = ' %s ' WHERE username = ' %s ' AND domain = ' %s '" ,
100 $config [ 'kamailio_subscriber_table' ],
101 sql_clean ( $password ),
102 sql_clean ( $username ),
106 if ( sql_dbexec_rows ( $config [ 'kamailio_db' ], $query ) != 1 ) return false ;
110 function update_kamailio_email ( $username , $domain , $email )
114 if ( ! ( $username && $domain && $email ))
117 $query = sprintf ( "UPDATE %s SET email_address = ' %s ' WHERE username = ' %s ' AND domain = ' %s '" ,
118 $config [ 'kamailio_subscriber_table' ],
120 sql_clean ( $username ),
124 if ( sql_dbexec_rows ( $config [ 'kamailio_db' ], $query ) != 1 ) return false ;
129 function add_provision_user ( $username , $password , $domain , $authid , $registrar , $r_port , $proxy , $p_port , $displayname , $dialplan , $linetext )
132 if ( is_provision_user ( $username , $password ) ) return false ;
133 $query = sprintf ( "INSERT INTO %s ( username, password, displayname, domain, registrar, r_port, proxy, p_port, dialplan, authid, linetext )
134 VALUES (' %s ', ' %s ', ' %s ', ' %s ', ' %s ', %d , ' %s ', %d , ' %s ', ' %s ', ' %s ')" ,
135 $config [ 'provision_users_table' ],
136 sql_clean ( $username ),
137 sql_clean ( $password ),
138 sql_clean ( $displayname ),
140 sql_clean ( $registrar ),
144 sql_clean ( $dialplan ),
148 if ( ! sql_dbexec ( $config [ 'provision_db' ], $query ) ) return false ;
151 function get_provision_userid ( $username , $domain )
155 $query = sprintf ( "SELECT id FROM %s WHERE username = ' %s ' AND domain = ' %s '" ,
156 $config [ 'provision_users_table' ],
157 sql_clean ( $username ),
161 $row = sql_dbquery_single ( $config [ 'provision_db' ], $query );
162 if (! $row ) return false ;
163 $user_rowid = $row [ 'id' ];
167 function delete_provision_user ( $username , $domain )
171 $user_rowid = get_provision_userid ( $username , $domain );
172 if ( ! $user_rowid ) return false ;
174 $query = sprintf ( "DELETE FROM %s WHERE id = %d AND username = ' %s ' AND domain = ' %s '" ,
175 $config [ 'provision_users_table' ],
177 sql_clean ( $username ),
180 if ( sql_dbexec_rows ( $config [ 'provision_db' ], $query ) != 1 ) return false ;
184 function update_provision_data ( $param , $username , $domain , $data )
189 $param == "displayname" ||
190 $param == "dialplan" ||
191 $param == "linetext" ||
192 $param == "registrar" ||
193 $param == "r_port" ||
199 if ( ! ( $username && $domain ))
202 if ( ! is_provision_user ( $username , $domain ) )
205 $query = sprintf ( "UPDATE %s SET %s = ' %s ' WHERE username = ' %s ' AND domain = ' %s '" ,
206 $config [ 'provision_users_table' ],
209 sql_clean ( $username ),
213 $res = sql_dbexec_rows ( $config [ 'provision_db' ], $query );
215 if ( $res < 0 ) return - 2 ;
216 if ( $res > 1 ) return - 2 ;
220 function update_provision_pw ( $username , $domain , $password )
224 if ( ! ( $username && $domain && $password ))
227 $query = sprintf ( "UPDATE %s SET password = ' %s ' WHERE username = ' %s ' AND domain = ' %s '" ,
228 $config [ 'provision_users_table' ],
229 sql_clean ( $password ),
230 sql_clean ( $username ),
234 if ( sql_dbexec_rows ( $config [ 'provision_db' ], $query ) != 1 ) return false ;
238 function list_users ( $search = null )
241 $query = sprintf ( "SELECT CONCAT(username, '@', domain), displayname FROM %s ORDER BY username,domain" , $config [ 'provision_users_table' ] );
243 if ( array_key_exists ( 'search' , $_POST ) )
245 $search = $_POST [ 'search' ]; // TODO: Add some sanitation and input validation!
246 $query = sprintf ( "SELECT CONCAT(username, '@', domain) FROM %s WHERE CONCAT(username, '@', domain) LIKE '%% %s %%' ORDER BY username,domain" , $config [ 'provision_users_table' ], sql_clean ( $search ) );
249 $result = sql_dbquery ( $config [ 'provision_db' ], $query );
250 if ( ! $result ) return null ;
252 while ( $row = @mysql_fetch_row
( $result ) )
254 array_push ( $list , array ( "user" => $row [ 0 ], "displayname" => $row [ 1 ] ) );
257 print json_encode ( array ( 'response' => 'ok' , 'list' => $list ));
261 function get_userdata ( $username , $domain )
264 if ( is_kamailio_subscriber ( $username , $domain ) // User must be present in both!
265 && is_provision_user ( $username , $domain ) ) $type = 'local' ;
266 else if ( is_provision_user ( $username , $domain ) ) $type = 'remote' ;
269 $provision_data = null ;
270 $kamailio_data = null ;
272 $query_provision = sprintf ( "SELECT id, username, password, displayname, domain, registrar, r_port, proxy, p_port, dialplan, authid, linetext FROM %s WHERE username = ' %s ' AND domain = ' %s '" ,
273 $config [ 'provision_users_table' ],
274 sql_clean ( $username ),
277 $provision_data = sql_dbquery_single ( $config [ 'provision_db' ] , $query_provision );
278 if ( ! $provision_data ) return false ;
280 if ( $type == 'local' )
282 // WARNING: Note the typo in the name of the 'permittedcalls' column!
283 $query_kamailio = sprintf ( "SELECT id, username, domain, password, email_address, ha1, ha1b, rpid, permitedcalls FROM %s WHERE username = ' %s ' AND domain = ' %s '" ,
284 $config [ 'kamailio_subscriber_table' ],
285 sql_clean ( $username ),
287 $kamailio_data = sql_dbquery_single ( $config [ 'kamailio_db' ] , $query_kamailio );
288 if ( ! $kamailio_data ) return false ;
290 $user [ 'type' ] = $type ;
291 $user [ 'username' ] = $provision_data [ 'username' ];
292 $user [ 'password' ] = $provision_data [ 'password' ];
293 $user [ 'domain' ] = $provision_data [ 'domain' ];
294 $user [ 'authid' ] = $provision_data [ 'authid' ];
295 $user [ 'registrar' ] = $provision_data [ 'registrar' ];
296 $user [ 'r_port' ] = $provision_data [ 'r_port' ];
297 $user [ 'proxy' ] = $provision_data [ 'proxy' ];
298 $user [ 'p_port' ] = $provision_data [ 'p_port' ];
299 $user [ 'dialplan' ] = $provision_data [ 'dialplan' ];
300 $user [ 'displayname' ] = $provision_data [ 'displayname' ];
301 $user [ 'linetext' ] = $provision_data [ 'linetext' ];
302 if ( $type == 'local' )
304 $user [ 'email' ] = $kamailio_data [ 'email_address' ];
305 $user [ 'ha1' ] = $kamailio_data [ 'ha1' ];
306 $user [ 'ha1b' ] = $kamailio_data [ 'ha1b' ];
307 $user [ 'rpid' ] = $kamailio_data [ 'rpid' ];
308 $user [ 'permittedcalls' ] = $kamailio_data [ 'permitedcalls' ];