From 665e8f51f50d2f09069e870a71826d3b8295ae34 Mon Sep 17 00:00:00 2001
From: jonl <jonl@sippbx.hig.no>
Date: Thu, 12 Jan 2012 15:51:58 +0100
Subject: [PATCH] Hermes is a framework for managing SIP-accounts, aliases and
 automatic phone-provisioning, based on Kamailio. This is the initial import.

---
 alias.php                | 133 ++++++++++++++++
 api-nodes.txt            | 168 +++++++++++++++++++++
 config.php.sample        |  24 +++
 lib/alias_functions.php  |  98 ++++++++++++
 lib/auth.php             |  13 ++
 lib/check_email.php      |  38 +++++
 lib/common_functions.php |  54 +++++++
 lib/db_functions.php     |  42 ++++++
 lib/number_functions.php | 155 +++++++++++++++++++
 lib/phone_functions.php  | 120 +++++++++++++++
 lib/user_functions.php   | 217 ++++++++++++++++++++++++++
 numbers.php              | 141 +++++++++++++++++
 phone.php                | 205 +++++++++++++++++++++++++
 user.php                 | 319 +++++++++++++++++++++++++++++++++++++++
 14 files changed, 1727 insertions(+)
 create mode 100644 alias.php
 create mode 100644 api-nodes.txt
 create mode 100644 config.php.sample
 create mode 100644 lib/alias_functions.php
 create mode 100644 lib/auth.php
 create mode 100644 lib/check_email.php
 create mode 100644 lib/common_functions.php
 create mode 100644 lib/db_functions.php
 create mode 100644 lib/number_functions.php
 create mode 100644 lib/phone_functions.php
 create mode 100644 lib/user_functions.php
 create mode 100644 numbers.php
 create mode 100644 phone.php
 create mode 100644 user.php

diff --git a/alias.php b/alias.php
new file mode 100644
index 0000000..398c12a
--- /dev/null
+++ b/alias.php
@@ -0,0 +1,133 @@
+<?php
+require_once('config.php');
+require_once('lib/user_functions.php');
+require_once('lib/number_functions.php');
+require_once('lib/common_functions.php');
+require_once('lib/db_functions.php');
+require_once('lib/alias_functions.php');
+
+$config = get_config();
+
+$config['sql_link'] = @mysql_connect( 
+	$config['sql_server'],
+	$config['sql_username'],
+	$config['sql_password']
+);
+if ( !$config['sql_link'] )
+{
+	print json_encode( array( 'response' => 'failed', 'cause' => 'error', 'detail' => 'Database connection failed.'));
+	exit;
+}
+
+//*************************************************************************************	
+	switch ( $_SERVER['PATH_INFO'] )
+	{
+		case "/list":
+			break;
+		case "/add":
+			if ( array_key_exists( 'destination', $_GET) 
+				//&& array_key_exists( 'domain', $_GET ) 
+				&& array_key_exists( 'alias_username', $_GET ) 
+				&& array_key_exists( 'alias_domain', $_GET ) )
+			{
+				$alias_username = $_GET['alias_username'];
+				$alias_domain   = $_GET['alias_domain'];
+
+				if ( !verify_sipadress($_GET['destination']) ) 
+				{
+					// TODO: Provide a better response..
+					print json_encode ( array( 'response' => 'invalid', 'cause' => 'destination' ) );
+					break;
+				}
+				if ( !verify_sipadress( $alias_username . "@" . $alias_domain) )
+				{
+					// TODO: Provide a better response..
+					print json_encode ( array( 'response' => 'invalid', 'cause' => 'alias' ) );
+					break;
+				}
+
+				list ( $dest_username, $dest_domain ) = split_sipaddress( $_GET['destination']);
+
+				if ( (!$dest_username)||(!$dest_domain))
+				{
+					// TODO: Provide a better response..
+					print json_encode ( array( 'response' => 'invalid', 'cause' => 'alias' ) );
+					break;
+				}
+				if ( !is_kamailio_domain( $alias_domain ) )
+				{
+					print json_encode ( array( 'response' => 'invalid', 'cause' => 'nxdomain' ) );
+					break;
+				}
+				if ( is_kamailio_domain( $dest_domain) && ( !is_kamailio_subscriber($dest_username, $dest_domain) ) )
+				{
+					print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'Requesting a local alias, but there is no such user'));
+					break;
+				}
+				if ( verify_e164( $alias_username ) && is_kamailio_subscriber($dest_username, $dest_domain) )
+				{
+					$t = get_e164_alias( $dest_username, $dest_domain );
+					if ( $t )
+					{
+						print json_encode ( array( 
+							'response' => 'failed', 
+							'cause' => 'exists', 
+							'detail' => 'User already has E164 number alias', 
+							'alias' => $t ));
+						break;
+					}
+				}
+				if ( alias_exists ( $alias_username, $alias_domain ) )
+				{
+					print json_encode( array ( 'response' => 'failed', 'cause' => 'exists', 'detail' => 'The requested alias is already present.'));
+					break;
+				}
+				if ( add_alias( $alias_username, $alias_domain, $dest_username, $dest_domain ) )
+				{
+					print json_encode( array ('response' => 'ok',
+						'alias' => $alias_username . "@" . $alias_domain,
+						'destination' => $dest_username . "@" . $dest_domain ));
+					break;
+				}
+				print json_encode ( array ( 'response' => 'error' ));
+				break;
+			}
+			else
+			{
+				print json_encode ( array( 'response' => 'invalid') );
+			}	
+			break;
+		case "/remove":
+			if ( array_key_exists( 'alias_username', $_GET ) 
+				&& array_key_exists( 'alias_domain', $_GET ) )
+			{
+				$alias_username = $_GET['alias_username'];
+				$alias_domain   = $_GET['alias_domain'];
+
+				if ( !verify_sipadress( $alias_username . "@" . $alias_domain) )
+				{
+					// TODO: Provide a better response..
+					print json_encode ( array( 'response' => 'invalid', 'cause' => 'address', 'detail' => 'Not a valid SIP address' ) );
+					break;
+				}
+				if ( ! alias_exists ( $alias_username, $alias_domain ) )
+				{
+					print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'The requested alias does not exist.'));
+					break;
+				}
+				if ( remove_alias( $alias_username, $alias_domain ) )
+				{
+					print json_encode( array ('response' => 'ok',
+						'alias' => $alias_username . "@" . $alias_domain));
+					break;
+				}
+				print json_encode ( array ( 'response' => 'error' ));
+				break;
+			}
+			print json_encode ( array( 'response' => 'invalid') );
+			break;
+		default:
+			print json_encode ( array( 'response' => 'invalid') );
+	}
+mysql_close( $config['sql_link'] );
+?>
diff --git a/api-nodes.txt b/api-nodes.txt
new file mode 100644
index 0000000..376beb1
--- /dev/null
+++ b/api-nodes.txt
@@ -0,0 +1,168 @@
+All API nodes currently use GET requests for all parameters.
+All API nodes return JSON data, and all results will contain 
+a 'response' element. The 'response' may be set to:
+  * 'ok' on success. Further contents depend on the node requested.
+  * 'invalid' on invalid requests. A 'cause' element should give a
+	keyword denoting what was invalid about the request...
+  * 'failed' on simple failure. A 'cause' element is supplied, with a
+	failure-keyword (e.g. 'nonexistant', 'inuse', 'dbfail').
+	A final 'detail' is commonly included, with a verbose desctiption.
+  * 'error' on critical failure. Regard this as a soft form of "500 server error"...
+	
+List of API nodes:
+---------------------
+
+user/get?username=foo&domain=bar
+	Return User information, not including hardphone association.
+	Possible extension: allow user/get?address=foo@bar
+
+user/list
+user/list?search=foo@bar
+	Return a list of users in user@domain format.
+	If the search parameter is included, a globbing search is performed,
+	and only matches are listed.
+
+user/add_local?username=foo&domain=bar&displayname=baz&email=qux@zef.tld
+	Adds a user account to both Kamailio and provisioning, 
+	if the username@domain is nonexistant, and the domain is local (handled by Kamailio).
+	The password for the user is auto-generated.
+	Returns a full user object, the same form as user/get
+
+user/add_remote?username=foo&domain=bar&password=S3cr3t&displayname=baz&registrar=sip.example.com
+  optionals: &r_port=5060&proxy=sipproxy.example.com&p_port=5060&authid=realfoo&dialplan=(.*)&linetext=lalala
+	Adds a provisioning user for a remote SIP account. This allows locally provisioned hardphones
+	to be associated with non-local SIP accounts.
+	Returns a full user object, the same form as user/get
+
+user/remove?username=foo&domain=bar
+	Removes user account from Kamailio, if present, and removes user from provisioning.
+	Will fail if user has associated hardphones, remove phones before removing user.
+	Returns 'ok' on success.
+
+user/gen_pw
+	Test-node, generates a random password on the same form as that used
+	by user/add_local. May be used with the to-be-implemented change_pw node.
+
+user/change_pw?username=foo&domain=bar&password=baz
+	Not implemented!
+
+user/update?username=foo&domain=bar
+  optionals: &displayname=baz&dialplan=(.*)&linetext=lalala
+	Not implemented! Will only be implemented for Local users.
+	Remote users will have to be removed, and re-added.
+
+phone/get?mac=f00ba2ba5c00
+phone/get?user=foo@bar.baz
+	Returns a list of associated elements. If MAC address is given as parameter,
+	a list of associated user@domain addresses is retruned. If user@domain is 
+	given as parameter, a list of associated mac addresses is returned.
+
+phone/list?search=f00ba2
+	Returns the list of registered MAC addresses. If the (optional) search
+	parameter is included, the list is the result of a globbing search,
+	a subset matching on the MAC addresses.
+
+phone/add?mac=f00ba2ba5c00&username=foo&domain=bar.bz
+phone/add?mac=f00ba2ba5c00&user=foo@bar.bz
+	Adds a phone-to-user association to Provisioning. The user may
+	be provided as 'username' and 'domain' in separate parameters,
+	or as 'user' in sip-address form. The MAC address must be valid,
+	in plain-hex or colon-separated form, and the user must
+	match a valid user registration.
+	Returns the mac+user combinations on success.
+
+phone/remove?mac=f00ba2ba5c00&username=foo&domain=bar.bz
+phone/remove?mac=f00ba2ba5c00&user=foo@bar.bz
+	Deletes a phone-to-user association. Required parameters
+	and formats are identical to the phone/add node.
+	Returns 'ok' on success.
+
+
+numbers/list
+numbers/list?search=1234
+numbers/list?random=true
+  optional: limit=n
+	Gives a list of entries in the phone number pool.
+	With no parameters, the entire (ordered) list of available numbers is returned.
+	With 'search', the result of a pre-post globbing search is returned
+	With 'random', a list of entries is returned unordered (random order)
+	For all nodes, 'limit' may be a numeric limit of desired results.
+
+numbers/add_range?start=%2B471234&end=%2B47123456
+	The start and end must have identical lead-in, and start must be less than end.
+	Both numbers must be given in E164 format, remember to urlencode the plus (+ -> %2B)
+	The numeric component of both will be extracted, and all numbers in the range
+	will be iteratively added to the pool, including the ending number.
+	Returns 'ok' on success.
+
+numbers/add?number=%2B4761123456
+	Adds the given number to the pool, after verifying that the number is in
+	valid E164 format, and that the number does not already exist in the pool.
+	Returns 'response' 'ok' and "Added <number>" in 'detail' on success.
+
+numbers/remove?number=%2B4761123456
+	Removes/pulls a number from the pool.
+	The number must be a valid e164 number, and must be present in the pool.
+	Returns 'response' as 'ok' with 'number' set to the number that was pulled from the pool.
+
+numbers/inpool?number=%2B4761123456
+	A debug-node, may disappear at any time ^_^
+	Tests if the given E164 number is in the pool.
+	Returns 'response' = 'ok' with 'number' = '<number>' If the number is in the pool
+	Returns response = 'failed' with 'cause' = 'nonexistant' if not.
+
+
+alias/list
+	Currently not implemented.
+
+alias/user?destination=foo@bar.bz
+alias/user?destination=foo@bar.bz&e164=true
+	Currently not implemented
+
+alias/add?alias_username=foo&alias_domain=bar.bz&destination=bar@qux.zx
+	Add an alias specified by alias_username and alias_domain that
+	points to the destination SIP-adress. 
+
+	On success, 'ok' is returned, with 'alias' and 'destination' set
+	to the resulting alias and destination adresses.
+
+	Returns 'invalid' with 'cause' = 'destination' or 'alias' if the
+	resulting alias-adress or destination are invalid SIP-adresses.
+	Returns 'failed' with 'cause' = 'nxdomain' if the given alias domain
+	is not a Kamailio domain.
+	Returns 'failed' with 'cause' = 'exists' if the alias is an E164 number
+	and the user already has an E164 alias registered.
+	Returns 'failed' with 'cause' = 'nonexistant' when an alias for a local
+	domain is requested, but the local subscriber does not exist.
+	Returns 'failed' with 'cause' = 'exists' for aliases that already exists, 
+	(and aliases that overlaps SIP-accounts - not implemented).
+
+
+alias/remove?alias_username=foo&alias_domain=bar.bz
+	Removes the alias given by alias_username and alias_domain.
+
+	Returns 'ok' with the removed alias adress as 'alias' on success
+	Returns 'failed' with 'cause' = 'nonexistant' it the alias does not exists.
+	Returns 'invalid' with 'cause' = 'address' if the given alias is not a valid SIP adress.
+
+TODO list:
+---------------------
+Planned, but not implemented nodes/functions:
+	user/change_pw?username=foo&domain=bar&password=baz
+	user/update?username=foo&domain=bar
+	alias/list
+	alias/user?destination=foo@bar.bz
+
+Parameter updates:
+	Update nodes where username=foo&domain=bar.bz is used, to also support user=foo@bar.bz
+		user/get
+		user/add_local
+		user/add_remote
+		user/remove
+		user/change_pw
+		user/update
+		phone/get (reverse, needs username & domain param)
+		alias/add
+		alias/remove
+
+authentication-mechanism :)
diff --git a/config.php.sample b/config.php.sample
new file mode 100644
index 0000000..5b0a82b
--- /dev/null
+++ b/config.php.sample
@@ -0,0 +1,24 @@
+<?php
+
+require_once('lib/auth.php');
+function get_config()
+{
+	return array(
+		'sql_server' => 'localhost',
+		'sql_username' => 'dbusername',
+		'sql_password' => 'dbuserpass',
+		'kamailio_db' => 'kamailio',
+		'kamailio_domain_table' => 'domain',
+		'kamailio_subscriber_table' => 'subscriber',
+		'kamailio_alias_table' => 'dbaliases',
+		'provision_db' => 'provision',
+		'provision_users_table' => 'users',
+		'provision_phones_table' => 'phones',
+		'provision_servers_table' => 'servers',
+		'numbers_table' => 'number_pool',
+		'standard_dialplan' => '(*xx*.|xxx.)',
+		'default_domain' => 'hig.no',
+		'permit_multiple_e164alias' => false,
+	);
+}
+?>
diff --git a/lib/alias_functions.php b/lib/alias_functions.php
new file mode 100644
index 0000000..4a6b3aa
--- /dev/null
+++ b/lib/alias_functions.php
@@ -0,0 +1,98 @@
+<?php
+require_once('config.php');
+require_once('lib/common_functions.php');
+require_once('lib/db_functions.php');
+
+
+function get_destination ( $alias_username, $alias_domain )
+{
+	global $config;
+}
+function get_aliases ( $dest_username, $dest_domain )
+{
+	global $config;
+
+	$aliases = array();
+	$query = sprintf("SELECT CONCAT( alias_username, '@', alias_domain) AS alias FROM %s" 
+		. " WHERE username = '%s' AND domain = '%s'",
+		$config['kamailio_alias_table'], $dest_username, $dest_domain);
+	$result = sql_dbquery( $config['kamailio_db'], $query);
+	// If result is empty, there was either an SQL error, or simply no results.
+	// At this point, no error checking is performed, instead the empty array is returned.
+	if ( ! $result ) return $aliases; 
+
+	while ( $row = mysql_fetch_assoc( $result ) )
+	{
+		array_push( $aliases, $row['alias'] );
+	}
+	return $aliases;
+}
+
+function get_e164_alias( $dest_username, $dest_domain )
+{
+	global $config;
+	$cur_aliases = get_aliases( $dest_username, $dest_domain );
+	foreach ( $cur_aliases as $testalias )
+	{
+		list( $tau, $foo ) = split_sipaddress( $testalias );
+		if ( verify_e164 ( $tau ) ) return $testalias;
+	}
+	return false;
+
+}
+function alias_exists( $alias_username, $alias_domain )
+{
+	global $config;
+	$query = sprintf("SELECT COUNT(*) AS num FROM %s  WHERE alias_username = '%s' AND alias_domain = '%s'",
+		$config['kamailio_alias_table'],
+		sql_clean($alias_username), sql_clean($alias_domain));
+	$result = sql_dbquery($config['kamailio_db'], $query);
+
+	if ( !$result ) return true; // This is an error. Better to fail claiming alias exists...
+	$row = mysql_fetch_row($result);
+	if ( !$row ) return true; // This is an error. Better to fail claiming alias exists...
+	$num_r = $row[0];
+	if ( $num_r == 1 ) 
+	{
+		$query = sprintf("SELECT CONCAT(username, '@', domain ) AS destination FROM %s  WHERE alias_username = '%s' AND alias_domain = '%s'",
+			$config['kamailio_alias_table'],
+			sql_clean($alias_username), sql_clean($alias_domain));
+		$result = sql_dbquery($config['kamailio_db'], $query);
+		$row = mysql_fetch_row($result);
+		if ( is_string( $row[0] ) ) return $row[0];
+		return true; // Failure mode..
+	}
+
+	return false;
+}
+
+function add_alias( $alias_username, $alias_domain, $dest_username, $dest_domain )
+{
+	global $config;
+	// The following will, in normal cases, lead to a double-test, and double the number of queries...
+	// Defensive comment: better safe than sorry :P
+	if ( alias_exists( $alias_username, $alias_domain ) )
+		return false;
+
+	$query = sprintf("INSERT INTO %s ( alias_username, alias_domain, username, domain) VALUES ('%s','%s','%s','%s')",
+		$config['kamailio_alias_table'],
+		sql_clean($alias_username), sql_clean($alias_domain),
+		sql_clean($dest_username), sql_clean($dest_domain));
+
+	return sql_dbexec( $config['kamailio_db'], $query);
+	
+}
+
+function remove_alias ( $alias_username, $alias_domain )
+{
+	global $config;
+	if (! alias_exists ( $alias_username, $alias_domain ) ) return false;
+	$query = sprintf ("DELETE FROM %s WHERE alias_username = '%s' AND alias_domain = '%s'",	
+		$config['kamailio_alias_table'],
+		sql_clean( $alias_username ),
+		sql_clean( $alias_domain ));
+	return sql_dbexec( $config['kamailio_db'], $query);
+
+}
+
+?>
diff --git a/lib/auth.php b/lib/auth.php
new file mode 100644
index 0000000..2f8f9cf
--- /dev/null
+++ b/lib/auth.php
@@ -0,0 +1,13 @@
+<?php
+
+function token_auth( )
+{
+	return true;
+}
+
+if (! token_auth() )
+{
+	print json_encode( array( 'response' => 'failed', 'cause' => 'unauthorized', 'description' => 'Not authorized') );
+	exit;
+}
+?>
diff --git a/lib/check_email.php b/lib/check_email.php
new file mode 100644
index 0000000..800f52d
--- /dev/null
+++ b/lib/check_email.php
@@ -0,0 +1,38 @@
+<?php 
+
+function check_email_address($email) {
+	// First, we check that there's one @ symbol, 
+	// and that the lengths are right.
+	if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $email)) {
+		// Email invalid because wrong number of characters 
+		// in one section or wrong number of @ symbols.
+		return false;
+	}
+	// Split it into sections to make life easier
+	$email_array = explode("@", $email);
+	$local_array = explode(".", $email_array[0]);
+	for ($i = 0; $i < sizeof($local_array); $i++) {
+		if
+			(!ereg("^(([A-Za-z0-9!#$%&'*+/=?^_`{|}~-][A-Za-z0-9!#$%&'*+/=?^_`{|}~\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))$",
+			       $local_array[$i])) {
+				return false;
+			}
+	}
+	// Check if domain is IP. If not, 
+	// it should be valid domain name
+	if (!ereg("^\[?[0-9\.]+\]?$", $email_array[1])) {
+		$domain_array = explode(".", $email_array[1]);
+		if (sizeof($domain_array) < 2) {
+			return false; // Not enough parts to domain
+		}
+		for ($i = 0; $i < sizeof($domain_array); $i++) {
+			if
+				(!ereg("^(([A-Za-z0-9][A-Za-z0-9-]{0,61}[A-Za-z0-9])|([A-Za-z0-9]+))$",
+				       $domain_array[$i])) {
+					return false;
+				}
+		}
+	}
+	return true;
+}
+?>
diff --git a/lib/common_functions.php b/lib/common_functions.php
new file mode 100644
index 0000000..52d99e8
--- /dev/null
+++ b/lib/common_functions.php
@@ -0,0 +1,54 @@
+<?php
+require_once('config.php');
+require_once('lib/common_functions.php');
+require_once('lib/db_functions.php');
+require_once('lib/check_email.php');
+
+$config = get_config();
+
+function is_kamailio_domain ( $domain )
+{
+	global $config;
+	$query = sprintf("SELECT id FROM %s WHERE domain = '%s'",
+		$config['kamailio_domain_table'],
+		sql_clean( $domain )
+	);
+	$domain = sql_dbquery_single( $config['kamailio_db'], $query );
+	if ( !$domain ) return false;
+	return $domain['id'];
+
+}
+
+function get_servers( $domain )
+{
+	global $config;
+	$query = sprintf("SELECT registrar, r_port, proxy, p_port FROM %s WHERE domain = '%s'",
+		$config['provision_servers_table'],
+		sql_clean( $domain ));
+	$servers = sql_dbquery_single( $config['provision_db'], $query );
+	return $servers;
+}
+
+function verify_sipadress( $address ) //TODO: Improve/expand on the test!
+{
+	return check_email_address($address); // A SIP address follows the requirements for email addresses...
+	// Except that it permits the use of :portnumber notation!
+	// TODO: Fix this so it allows :NNNN syntax for portnumbers...
+}
+
+function split_sipaddress ( $address )
+{
+	if ( !verify_sipadress( $address ) ) return null;
+	$data = split('@', $address);
+	if ( count( $data ) != 2 ) return null;
+	return $data;
+}
+
+function clean_mac ( $input )
+{
+	$mac = strtolower(  preg_replace('/:/', '', $input) );
+	if ( ! preg_match( '/^[a-f0-9]{1,}$/', $mac ) ) return null;
+	if (strlen( $mac ) != 12 ) return null;
+	return $mac;
+}
+?>
diff --git a/lib/db_functions.php b/lib/db_functions.php
new file mode 100644
index 0000000..6122257
--- /dev/null
+++ b/lib/db_functions.php
@@ -0,0 +1,42 @@
+<?php
+require_once('config.php');
+require_once('lib/common_functions.php');
+
+function sql_dbquery( $db, $query )
+{
+	if ( ! mysql_select_db( $db ) ) return false;
+	$result = mysql_query( $query );
+	if ( !$result ) return false;
+	if (mysql_num_rows($result) == 0) return false;
+	return $result;
+}
+function sql_dbexec ( $db, $query )
+{
+	if ( ! mysql_select_db( $db ) ) return false;
+	$result = mysql_query( $query );
+	if ( !$result ) return false;
+	return $result;
+}
+function sql_dbquery_single( $db, $query )
+{
+	$result = sql_dbquery( $db, $query );
+	if ( ! $result ) return false;
+	if ( mysql_num_rows($result) != 1) return false;
+	$data = mysql_fetch_assoc( $result );
+	return $data;
+}
+function sql_dbtest_numrows ( $db, $query, $numrows )
+{
+	$result = sql_dbquery( $db, $query );
+
+	if ( ! $result ) return false;
+	if ( mysql_num_rows($result) == $numrows ) return true;
+	return false;
+}
+function sql_clean( $string )
+{
+	return addslashes( $string );
+}
+
+
+?>
diff --git a/lib/number_functions.php b/lib/number_functions.php
new file mode 100644
index 0000000..d814a99
--- /dev/null
+++ b/lib/number_functions.php
@@ -0,0 +1,155 @@
+<?php
+require_once('config.php');
+require_once('lib/common_functions.php');
+require_once('lib/db_functions.php');
+
+function verify_e164 ( $input )
+{
+	// A really paranoid E164 test. Starts out with a regexp,
+	// where $arr[1] will be set to the numeric part of the
+	// e164 content, if valid. The rest is paranoid behaviour,
+	// if the regexp matches, the other tests can not fail...
+
+	// e164 format is: A plus (+) followed by at least four
+	// digits, and no more than 15 digits total.
+	if  (! preg_match ( '/^\+(\d{4,15})$/', $input, $arr ) )
+		return 0;
+	$number = $arr[1];
+	if ( ! $number )
+		return 0;
+	
+	if ( preg_match( '/\+/', $number ))
+		return 0;
+	
+	if ( !is_numeric( $number ) )
+		return 0;
+	
+	return $number;
+	
+}
+
+function number_inpool( $number )
+{
+	global $config;
+	if (! verify_e164( $number ) )
+	{
+		return false;
+	}
+
+	$test = "SELECT COUNT(*) FROM " . $config['numbers_table'] . " WHERE number = '" . $number . "'";
+	$result = sql_dbquery($config['provision_db'], $test);
+	if ( !$result ) return false;
+	$row = mysql_fetch_row($result);
+	if ( !$row ) return false;
+	$num_r = $row[0];
+	if ( $num_r == 1 ) return true;
+
+	return false;
+}
+
+function get_random_numbers ( $limit = 0 )
+{
+	global $config;
+	$query = "SELECT number FROM " . $config['numbers_table'] . " ORDER BY RAND()";
+	if ( $limit && is_numeric( $limit ) )
+		$query .= " LIMIT " . $limit;
+	$result = sql_dbquery( $config['provision_db'], $query );
+	print mysql_error();
+	if ( !$result ) return null;
+	if (mysql_num_rows($result) < 1 ) return null;
+	$rows = array();
+	while ( $row = mysql_fetch_assoc( $result ) )
+	{
+		array_push( $rows, $row['number'] );
+	}
+	return $rows;
+
+}
+
+function get_numbers ( $search=null, $limit = 0 )
+{
+	global $config;
+	$query = "SELECT number FROM " . $config['numbers_table'];
+
+	if ( $search )
+		$query .= sprintf(" WHERE number LIKE '%%%s%%'", sql_clean($search));
+
+	$query .= " ORDER BY number ASC";
+
+	if ( $limit && is_numeric( $limit ) )
+		$query .= " LIMIT " . $limit;
+
+
+	$result = sql_dbquery( $config['provision_db'], $query );
+	print mysql_error();
+	if ( !$result ) return null;
+	if (mysql_num_rows($result) < 1 ) return null;
+	$rows = array();
+	while ( $row = mysql_fetch_assoc( $result ) )
+	{
+		array_push( $rows, $row['number'] );
+	}
+	return $rows;
+}
+
+function add_range( $start, $end )
+{
+	global $config;
+	$start_numeric = null;
+	$end_numeric = null;
+
+	// The start and end must be in the same e164 range. Because
+	// of this, they must hav identical length
+	if ( strlen( $start ) != strlen( $end ))
+		return "Start and end have different lengths.";
+
+	// The parameters MUST be in e164 format.
+	$start_numeric = verify_e164( $start );
+	$end_numeric = verify_e164( $end );
+	if  (! $start_numeric )
+		return "Start of range is not a valid e164 number";
+	if  (! $end_numeric )
+		return "End of range is not a valid e164 number";
+
+	// Significant, a simple sanity check.
+	if ( ! ($start < $end) )
+		return "Start of range is after end of range";
+
+	// Hard-coded paranoia: We expect ranges to be less than 10k numbers..
+	if ( ($end - $start ) > 9999 )
+		return "Range is larger than hard limit permits";
+
+	for ( $num = $start_numeric; $num <= $end_numeric; $num++ )
+	{
+		add_number( '+' . $num );
+	}
+	return 'ok';
+}
+
+function add_number( $number )
+{
+	global $config;
+	if (! verify_e164( $number ) )
+	{
+		return false;
+	}
+
+	if (number_inpool( $number ) ) return false;
+
+	$insert = "INSERT INTO " . $config['numbers_table'] . "	(number) VALUES ('" . $number . "')";
+	return sql_dbexec( $config['provision_db'], $insert);
+}
+
+function remove_number ( $number )
+{
+	global $config;
+	if (! verify_e164( $number ) )
+	{
+		return false;
+	}
+	if ( !number_inpool( $number ) ) return false;
+	$query = "DELETE FROM " . $config['numbers_table'] . " WHERE number = '" . $number . "'";
+	return sql_dbexec( $config['provision_db'], $query);
+
+}
+?>
diff --git a/lib/phone_functions.php b/lib/phone_functions.php
new file mode 100644
index 0000000..17fbe10
--- /dev/null
+++ b/lib/phone_functions.php
@@ -0,0 +1,120 @@
+<?php
+require_once('config.php');
+require_once('lib/common_functions.php');
+require_once('lib/db_functions.php');
+
+function get_user_phones ( $username, $domain ) 
+{
+	global $config;
+	$query = sprintf("SELECT id FROM %s WHERE username = '%s' AND domain = '%s'",
+		$config['provision_users_table'],
+		sql_clean( $username ),
+		sql_clean( $domain )
+	);
+
+	$user = sql_dbquery_single( $config['provision_db'], $query );
+	if ( ! $user ) return null;
+	$user_id = $user['id'];
+
+	$query = sprintf("SELECT mac FROM %s WHERE user_rel = %d",
+		$config['provision_phones_table'],
+		$user_id
+	);
+
+	$result = sql_dbquery( $config['provision_db'], $query );
+	if ( !$result ) return null;
+	if (mysql_num_rows($result) < 1 ) return null;
+	$rows = array();
+	while ( $row = mysql_fetch_assoc( $result ) )
+		array_push( $rows, $row['mac'] );
+	return $rows;
+}
+
+function get_phone_users ( $macaddress ) 
+{
+	global $config;
+	$ptbl = $config['provision_phones_table'];
+	$utbl = $config['provision_users_table'];
+	$query = "SELECT ".$ptbl.".mac as mac, CONCAT( ".$utbl.".username, '@', ".$utbl.".domain ) as user
+		FROM ".$ptbl."
+		INNER JOIN ".$utbl." ON ".$ptbl.".user_rel = ".$utbl.".id
+		WHERE ".$ptbl.".mac = '".sql_clean($macaddress ). "'";
+
+	$result = sql_dbquery( $config['provision_db'], $query );
+	if ( !$result ) return null;
+	if (mysql_num_rows($result) < 1 ) return null;
+	$rows = array();
+	while ( $row = mysql_fetch_assoc( $result ) )
+	{
+		array_push( $rows, $row['user'] );
+	}
+	return $rows;
+}
+
+function add_phone_user( $mac, $username, $domain )
+{
+	global $config;
+	// Get ID of user, for use with user_rel field..
+	$user_id = get_provision_userid( $username, $domain );
+	if ( !$user_id ) return false;
+
+	// Doublecheck :)
+	$mac = clean_mac($mac);
+	if (!$mac) return false;
+
+	// Triplecheck :)
+	$phones = get_user_phones ( $username, $domain);
+	if ( $phones && in_array( $mac, $phones ) )
+		return false;
+
+	// OK, so we have the User ID, a valid MAC, and no previous registration
+	// of that combination. Going to add.
+	$query = sprintf("INSERT INTO %s ( mac, user_rel ) VALUES ( '%s', %d )",
+		$config['provision_phones_table'], $mac, $user_id);
+	return sql_dbexec( $config['provision_db'], $query );
+}
+
+function delete_phone_user( $mac, $username, $domain )
+{
+	global $config;
+	// Get ID of user, for use with user_rel field..
+	$user_id = get_provision_userid( $username, $domain );
+	if ( !$user_id ) return false;
+
+	// Doublecheck :)
+	$mac = clean_mac($mac);
+	if (!$mac) return false;
+
+	// Triplecheck :)
+	$phones = get_user_phones ( $username, $domain);
+	if ( !$phones ) return false;
+	if ( ! in_array( $mac, $phones ) ) return false;
+
+	// OK, so we have the User ID, a valid MAC, and no previous registration
+	// of that combination. Going to remove.
+	$query = sprintf("DELETE FROM %s WHERE mac = '%s' AND user_rel = %d",
+		$config['provision_phones_table'], $mac, $user_id);
+	return sql_dbexec( $config['provision_db'], $query );
+}
+
+
+
+function list_phones ( $search = null )
+{
+	global $config;
+	$query = sprintf("SELECT mac FROM %s", $config['provision_phones_table']);
+	if ( $search )
+		$query .= sprintf(" WHERE mac LIKE '%s%%'", sql_clean($search));
+
+	$result = sql_dbquery( $config['provision_db'], $query );
+	if ( !$result ) return null;
+	if (mysql_num_rows($result) < 1 ) return null;
+	$rows = array();
+	while ( $row = mysql_fetch_assoc( $result ) )
+	{
+		array_push( $rows, $row['mac'] );
+	}
+	return $rows;
+}
+
+?>
diff --git a/lib/user_functions.php b/lib/user_functions.php
new file mode 100644
index 0000000..7944551
--- /dev/null
+++ b/lib/user_functions.php
@@ -0,0 +1,217 @@
+<?php
+require_once('config.php');
+require_once('lib/common_functions.php');
+require_once('lib/db_functions.php');
+
+$config = get_config();
+
+function generate_password( $length = 32 )
+{
+	$string = "";
+	 while ( strlen( $string ) < $length )
+		$string .= substr(md5(rand().rand()), 0, $length);
+	return substr( $string, 0, $length );
+
+}
+
+
+function is_kamailio_subscriber ( $user, $domain )
+{
+	global $config;
+	$query = sprintf("SELECT username FROM %s WHERE username = '%s' AND domain = '%s'",
+		$config['kamailio_subscriber_table'],
+		sql_clean( $user ),
+		sql_clean( $domain )
+	);
+	return sql_dbtest_numrows( $config['kamailio_db'], $query, 1);
+}
+
+function is_provision_user ( $user, $domain )
+{
+	global $config;
+	$query = sprintf("SELECT username FROM %s WHERE username = '%s' AND domain = '%s'",
+		$config['provision_users_table'],
+		sql_clean( $user ),
+		sql_clean( $domain )
+	);
+	return sql_dbtest_numrows( $config['provision_db'], $query, 1);
+}
+
+function add_kamailio_subscriber( $username, $domain, $password, $email )
+{
+
+	global $config;
+
+	$ha1  = md5( $username . ":" . $domain . ":" . $password );
+	$ha1b = md5( $username . "@" . $domain . ":" . $domain . ":" . $password );
+
+	$query = sprintf( "INSERT INTO %s (username, domain, password, email_address, ha1, ha1b) VALUES ('%s','%s','%s', '%s', '%s', '%s')",
+		$config['kamailio_subscriber_table'],
+		sql_clean($username),
+		sql_clean($domain),
+		sql_clean($password),
+		sql_clean($email),
+		$ha1,
+		$ha1b
+	);
+	if ( ! sql_dbexec( $config['kamailio_db'], $query ) ) return false;
+	return true;
+}
+
+function delete_kamailio_subscriber( $username, $domain )
+{
+	global $config;
+
+
+	$query = sprintf("SELECT id FROM %s WHERE username = '%s' AND domain = '%s'",
+		$config['kamailio_subscriber_table'],
+		sql_clean($username),
+		sql_clean($domain)
+	);
+	$row = sql_dbquery_single( $config['kamailio_db'], $query );
+	if  (!$row) return false;
+	$user_rowid = $row['id'];
+	if ( !$user_rowid ) return false;
+
+	$query = sprintf( "DELETE FROM  %s WHERE id = %d AND username = '%s' AND domain = '%s'",
+		$config['kamailio_subscriber_table'],
+		$user_rowid,
+		sql_clean($username),
+		sql_clean($domain)
+	);
+	if ( ! sql_dbexec( $config['kamailio_db'], $query ) ) return false;
+	return true;
+}
+
+function add_provision_user( $username, $password, $domain, $authid, $registrar, $r_port, $proxy, $p_port, $displayname, $dialplan, $linetext )
+{	global $config;
+
+	if ( is_provision_user( $username, $password ) ) return false;
+	$query = sprintf ("INSERT INTO %s ( username, password, displayname, domain, registrar, r_port, proxy, p_port, dialplan, authid, linetext )
+		VALUES ('%s', '%s', '%s', '%s', '%s', %d, '%s', %d, '%s', '%s', '%s')",
+		$config['provision_users_table'],
+		sql_clean($username), 
+		sql_clean($password), 
+		sql_clean($displayname), 
+		sql_clean($domain), 
+		sql_clean($registrar), 
+		$r_port, 
+		sql_clean($proxy), 
+		$p_port, 
+		sql_clean($dialplan), 
+		sql_clean($authid), 
+		sql_clean($linetext)
+	);
+	if ( ! sql_dbexec( $config['provision_db'], $query ) ) return false;
+	return true;
+}
+function get_provision_userid ( $username, $domain )
+{
+	global $config;
+
+	$query = sprintf("SELECT id FROM %s WHERE username = '%s' AND domain = '%s'",
+		$config['provision_users_table'],
+		sql_clean($username),
+		sql_clean($domain)
+	);
+
+	$row = sql_dbquery_single( $config['provision_db'], $query );
+	if  (!$row) return false;
+	$user_rowid = $row['id'];
+	return $user_rowid;
+}
+
+function delete_provision_user( $username, $domain )
+{
+	global $config;
+
+	$user_rowid = get_provision_userid( $username, $domain );
+	if ( !$user_rowid ) return false;
+
+	$query = sprintf( "DELETE FROM  %s WHERE id = %d AND username = '%s' AND domain = '%s'",
+		$config['provision_users_table'],
+		$user_rowid,
+		sql_clean($username),
+		sql_clean($domain)
+	);
+	if ( ! sql_dbexec( $config['provision_db'], $query ) ) return false;
+	return true;
+}
+
+function list_users ( $search = null )
+{
+	global $config;
+	$query = sprintf("SELECT CONCAT(username, '@', domain) FROM %s ORDER BY username,domain", $config['provision_users_table'] );
+
+	if ( array_key_exists ( 'search', $_GET ) )
+	{
+		$search = $_GET['search']; // TODO: Add some sanitation and input validation!
+		$query = sprintf("SELECT CONCAT(username, '@', domain) FROM %s WHERE CONCAT(username, '@', domain) LIKE '%%%s%%' ORDER BY username,domain", $config['provision_users_table'], sql_clean( $search ) );
+	}
+
+	$result = sql_dbquery( $config['provision_db'], $query );
+	if ( !$result ) return null;
+	$list = array();
+	while ( $row = mysql_fetch_row( $result ) )
+	{
+		array_push( $list, $row[0] );
+	}
+	return $list;
+	print json_encode( array( 'response' => 'ok', 'list' => $list ));
+
+
+}
+function get_userdata( $username, $domain )
+{
+	global $config;
+	if ( is_kamailio_subscriber( $username, $domain ) // User must be present in both!
+		&& is_provision_user( $username, $domain ) ) $type = 'local';
+	else if ( is_provision_user( $username, $domain ) ) $type = 'remote';
+	else return null;
+
+	$provision_data = null;
+	$kamailio_data = null;
+
+	$query_provision = sprintf ("SELECT id, username, password, displayname, domain, registrar, r_port, proxy, p_port, dialplan, authid, linetext FROM %s WHERE username = '%s' AND domain = '%s'",
+		$config['provision_users_table'],
+		sql_clean($username),
+		sql_clean($domain));
+
+	$provision_data = sql_dbquery_single( $config['provision_db'] , $query_provision );
+	if ( ! $provision_data ) return false;
+
+	if ( $type == 'local' )
+	{
+		// WARNING: Note the typo in the name of the 'permittedcalls' column!
+		$query_kamailio = sprintf ("SELECT id, username, domain, password, email_address, ha1, ha1b, rpid, permitedcalls FROM %s WHERE username = '%s' AND domain = '%s'",
+			$config['kamailio_subscriber_table'],
+			sql_clean($username),
+			sql_clean($domain));
+		$kamailio_data = sql_dbquery_single( $config['kamailio_db'] , $query_kamailio );
+		if ( ! $kamailio_data ) return false;
+	}
+	$user['type'] = $type;
+	$user['username']    = $provision_data['username'];
+	$user['password']    = $provision_data['password'];
+	$user['domain']      = $provision_data['domain'];
+	$user['authid']      = $provision_data['authid'];
+	$user['registrar']   = $provision_data['registrar'];
+	$user['r_port']      = $provision_data['r_port'];
+	$user['proxy']       = $provision_data['proxy'];
+	$user['p_port']      = $provision_data['p_port'];
+	$user['dialplan']    = $provision_data['dialplan'];
+	$user['displayname'] = $provision_data['displayname'];
+	$user['linetext']    = $provision_data['linetext'];
+	if ( $type == 'local' )
+	{
+		$user['email'] = $kamailio_data['email'];
+		$user['ha1']   = $kamailio_data['ha1'];
+		$user['ha1b']  = $kamailio_data['ha1b'];
+		$user['rpid']  = $kamailio_data['rpid'];
+		$user['permittedcalls'] = $kamailio_data['permitedcalls'];
+	}
+
+	return $user;
+}
+	
+?>
diff --git a/numbers.php b/numbers.php
new file mode 100644
index 0000000..e9fc796
--- /dev/null
+++ b/numbers.php
@@ -0,0 +1,141 @@
+<?php
+require_once('config.php');
+//require_once('lib/user_functions.php');
+require_once('lib/common_functions.php');
+require_once('lib/db_functions.php');
+require_once('lib/number_functions.php');
+
+$config = get_config();
+
+$config['sql_link'] = @mysql_connect( 
+	$config['sql_server'],
+	$config['sql_username'],
+	$config['sql_password']
+);
+if ( !$config['sql_link'] )
+{
+	print json_encode( array( 'response' => 'failed', 'cause' => 'error', 'detail' => 'Database connection failed.'));
+	exit;
+}
+
+//*************************************************************************************	
+	switch ( $_SERVER['PATH_INFO'] )
+	{
+		case "/list":
+			// List all (distinct) phone MAC-adresses registered...
+			$limit = 0;
+			$random = false;
+			$search = null;
+			if ( array_key_exists('limit', $_GET ) && is_numeric( $_GET['limit']))
+				$limit = $_GET['limit'];
+
+			if ( array_key_exists('search', $_GET ) )
+				$search = $_GET['search'];
+			else if ( array_key_exists('random', $_GET ) && (strtolower( $_GET['random'] ) === 'true'))
+				$random = true;
+
+			$numbers = null;
+
+			if ( $random )
+			{
+				$numbers = get_random_numbers( $limit );
+			} 
+			else
+			{
+				$numbers = get_numbers ( $search, $limit );
+			}
+			if ( $numbers )
+			{
+				print json_encode( array( 'response' => 'ok', 'list' => $numbers ));
+				break;
+			}
+
+			print json_encode( array( 'response' => 'failed', 'cause' => 'empty', 'detail' => 'Empty result.' ));
+			break;
+		case "/add_range":
+			if ( array_key_exists('start', $_GET) && array_key_exists('end', $_GET) )
+			{
+				$start = $_GET['start'];
+				$end = sql_clean( $_GET['end'] );
+				$result = add_range( $start, $end );
+				if ( $result === 'ok' )
+				{
+					print  json_encode ( array( 'response' => 'ok') );
+				}
+				else
+				{
+					print  json_encode ( array( 'response' => 'failed', 'cause' => 'rejected', 'detail' => $result ) );
+				}
+			}
+			break;
+		case "/add":
+			// TODO: This should return better responses!
+			//  Currently, it will fail with "invalid"
+			if ( array_key_exists('number', $_GET))
+			{
+				$number = $_GET['number'];
+
+				if (! verify_e164( $number ) )
+				{
+					print  json_encode ( array( 'response' => 'failed', 'cause' => 'rejected', 'detail' => "Not a valid e164 number" ));
+					break;
+				}
+				if ( number_inpool( $number ) )
+				{
+					print  json_encode ( array( 'response' => 'failed', 'cause' => 'exists', 'detail' => "Number is already in the pool" ));
+					break;
+				}
+
+				$result = add_number( $number );
+				if ( $result )
+				{
+					print  json_encode ( array( 'response' => 'ok', 'detail' => 'Added ' . $number, 'number' => $number ) );
+					break;
+				}
+				else
+				{
+					print  json_encode ( array( 'response' => 'failed', 'cause' => 'rejected' ));
+				}
+			}
+			print json_encode ( array( 'response' => 'invalid') );
+			break;
+		case "/remove":
+			if ( array_key_exists('number', $_GET))
+			{
+				$number = $_GET['number'];
+
+				if (! verify_e164( $number ) )
+				{
+					print  json_encode ( array( 'response' => 'failed', 'cause' => 'rejected', 'detail' => "Not a valid e164 number" ));
+					break;
+				}
+				if ( !number_inpool( $number ) )
+				{
+					print  json_encode ( array( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => "Number not in pool" ));
+					break;
+				}
+				if ( !remove_number ( $number ) )
+				{
+					print  json_encode ( array( 'response' => 'failed', 'cause' => 'dbfail', 'detail' => "Failed to remove number" ));
+					break;
+				}
+				print  json_encode ( array( 'response' => 'ok', 'detail' => 'Removed ' . $number, 'number' => $number ) );
+				break;
+			}
+			print json_encode ( array( 'response' => 'invalid') );
+			break;
+		case "/inpool":
+			if ( array_key_exists('number', $_GET))
+			{
+				$number = $_GET['number'];
+				if ( number_inpool( $number ) )
+					print  json_encode ( array( 'response' => 'ok', 'number' => $number ) );
+				else
+					print  json_encode ( array( 'response' => 'failed', 'cause' => 'nonexistant') );
+				break;
+			}
+		default:
+			print json_encode ( array( 'response' => 'invalid') );
+	}
+mysql_close( $config['sql_link'] );
+?>
diff --git a/phone.php b/phone.php
new file mode 100644
index 0000000..11dd6db
--- /dev/null
+++ b/phone.php
@@ -0,0 +1,205 @@
+<?php
+require_once('config.php');
+require_once('lib/user_functions.php');
+require_once('lib/common_functions.php');
+require_once('lib/db_functions.php');
+require_once('lib/phone_functions.php');
+
+$config = get_config();
+
+$config['sql_link'] = @mysql_connect( 
+	$config['sql_server'],
+	$config['sql_username'],
+	$config['sql_password']
+);
+if ( !$config['sql_link'] )
+{
+	print json_encode( array( 'response' => 'failed', 'cause' => 'error', 'detail' => 'Database connection failed.'));
+	exit;
+}
+
+//*************************************************************************************	
+	switch ( $_SERVER['PATH_INFO'] )
+	{
+		case "/get":
+			// Required GET parameters:
+			// user: authentication username, SIP-username without domain component
+			// domain: Domain/realm of the user. username + '@' + domain == SIP address.
+			if ( array_key_exists( 'mac', $_GET) )
+			{
+				$mac = $_GET['mac'];
+				$relations = get_phone_users ( $mac );
+				if ( $relations )
+				{
+					print json_encode( array( 'response' => 'ok', 'list' => $relations ));
+				}
+				else print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'No results.'));
+			}
+			else if ( array_key_exists( 'user', $_GET ) )
+			{
+				$user = split_sipaddress($_GET['user']);
+				if (! $user )
+				{
+					print json_encode ( array( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'Invalid SIP address') );
+					break;
+				}
+				list ( $username, $domain ) = $user;
+				$userdata = get_user_phones( $username, $domain );
+				if ( $userdata )
+				{
+					print json_encode( array( 'response' => 'ok', 'list' => $userdata ));
+				}
+				else print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'No results.'));
+
+			}
+			else
+				print json_encode ( array( 'response' => 'invalid') );
+			break;
+		case "/list":
+			// List all (distinct) phone MAC-adresses registered...
+			$search = null;
+			if ( array_key_exists('search', $_GET ) )
+				$search = $_GET['search'];
+
+			$phones = list_phones( $search );
+			print json_encode( array( 'response' => 'ok', 'list' => $phones ));
+			break;
+		case "/add":
+			// Add a MAC+user...
+			/*
+			Parameters:
+				mac	  The MAC-address of the phone to add an entry for
+				Either:
+				user	  A registered username on user@domain form (SIP address)
+				Or:
+				username  A registered username, combines with:
+				domain    A valid domain .. to form a registered user@domain combo :)
+
+			*/
+			if ( array_key_exists('mac', $_GET ) &&
+				( array_key_exists('user', $_GET) ||
+					( array_key_exists('username', $_GET) && array_key_exists('domain', $_GET ))))
+			{
+				$username = "";
+				$domain = "";
+				if ( array_key_exists('username', $_GET) )
+				{
+					$username = $_GET['username'];
+					$domain = $_GET['domain'];
+				}
+				else
+				{
+					$user = split_sipaddress($_GET['user']);
+					if ( !$user )
+					{
+						print json_encode ( array( 'response' => 'failed', 'cause' => 'invalid', 'detail' => 'Invalid SIP address') );
+						break;
+					}
+					list ( $username, $domain ) = $user;
+				}
+				$mac = clean_mac($_GET['mac']);
+				if ( !$mac )
+				{
+					print json_encode ( array( 'response' => 'failed', 'cause' => 'invalid', 'detail' => 'No valid MAC address given.') );
+					break;
+				}
+				
+				if ( !is_provision_user ( $username, $domain ) )
+				{
+					print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'User not registered.'));
+					break;
+				}
+				$phones = get_user_phones ( $username, $domain);
+				if ( $phones && in_array( $mac, $phones ) )
+				{
+					print json_encode( array ( 'response' => 'failed', 'cause' => 'exists', 'detail' => 'This phone and user combination is already configured..'));
+					break;
+				}
+				$res = add_phone_user ( $mac, $username, $domain );
+				if ( !$res )
+				{
+					print json_encode( array ( 'response' => 'failed', 'cause' =>'dbfail', 'detail' => 'Failed to add phone to database.'));
+					break;
+				}
+				else
+				{
+					print json_encode( array ( 'response' => 'ok', 'data' => array (
+						'mac' => $mac, 'username' => $username, 'domain' => $domain) ));
+					break;
+				}
+				break;
+			}
+			else
+				print json_encode ( array( 'response' => 'invalid') );
+			break;
+
+
+		case "/remove":
+			// Del a MAC+user...
+			/*
+			Parameters:
+				mac	  The MAC-address of the phone to add an entry for
+				Either:
+				user	  A registered username on user@domain form (SIP address)
+				Or:
+				username  A registered username, combines with:
+				domain    A valid domain .. to form a registered user@domain combo :)
+
+			*/
+			if ( array_key_exists('mac', $_GET ) &&
+				( array_key_exists('user', $_GET) ||
+					( array_key_exists('username', $_GET) && array_key_exists('domain', $_GET ))))
+			{
+				$username = "";
+				$domain = "";
+				if ( array_key_exists('username', $_GET) )
+				{
+					$username = $_GET['username'];
+					$domain = $_GET['domain'];
+				}
+				else
+				{
+					$user = split_sipaddress($_GET['user']);
+					if ( !$user )
+					{
+						print json_encode ( array( 'response' => 'failed', 'cause' => 'invalid', 'detail' => 'Invalid SIP address') );
+						break;
+					}
+					list ( $username, $domain ) = $user;
+				}
+				$mac = clean_mac($_GET['mac']);
+				if ( !$mac )
+				{
+					print json_encode ( array( 'response' => 'failed', 'cause' => 'invalid', 'detail' => 'No valid MAC address given.') );
+					break;
+				}
+				
+				$phones = get_user_phones ( $username, $domain);
+				if ( ! $phones || !in_array( $mac, $phones ) )
+				{
+					print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'Unable to locate requested combination'));
+					break;
+				}
+				$res = delete_phone_user ( $mac, $username, $domain );
+				if ( !$res )
+				{
+					print json_encode( array ( 'response' => 'failed', 'cause' =>'dbfail', 'detail' => 'Failed to remove phone from database.'));
+					break;
+				}
+				else
+				{
+					print json_encode( array ( 'response' => 'ok' ));
+					break;
+				}
+				break;
+			}
+			else
+				print json_encode ( array( 'response' => 'invalid') );
+			break;
+
+
+		default:
+			print json_encode ( array( 'response' => 'invalid') );
+	}
+mysql_close( $config['sql_link'] );
+?>
diff --git a/user.php b/user.php
new file mode 100644
index 0000000..ca15955
--- /dev/null
+++ b/user.php
@@ -0,0 +1,319 @@
+<?php
+require_once('config.php');
+require_once('lib/user_functions.php');
+require_once('lib/common_functions.php');
+require_once('lib/db_functions.php');
+require_once('lib/phone_functions.php');
+
+$config = get_config();
+
+$config['sql_link'] = @mysql_connect( 
+	$config['sql_server'],
+	$config['sql_username'],
+	$config['sql_password']
+);
+if ( !$config['sql_link'] )
+{
+	print json_encode( array( 'response' => 'failed', 'cause' => 'error', 'detail' => 'Database connection failed.'));
+	exit;
+}
+
+//*************************************************************************************	
+	switch ( $_SERVER['PATH_INFO'] )
+	{
+		case "/get":
+			// Required GET parameters:
+			// user: authentication username, SIP-username without domain component
+			// domain: Domain/realm of the user. username + '@' + domain == SIP address.
+			if ( array_key_exists( 'username', $_GET) && array_key_exists( 'domain', $_GET ) )
+			{
+				$username = $_GET['username'];
+				$domain = $_GET['domain'];
+				// Now, do funky stuff.
+				/*
+				Test if user exists in both 'kamailio.subscribers' and 'provision.users'
+					* Return 'response' => 'ok', 'type' => 'local', 'user' => complete user object.
+				Test if user exists in 'provision.user' only
+					* Return 'response' => 'ok', 'type' => 'remote', 'user' => complete user object.
+				If user does is neither local nor remote
+					* Return 'response' => 'failed' with 'cause' => 'nonexistant'
+				On failure, return 'response' => 'failed' with 'cause' => 'error' (may set 'detail' => 'message')
+				 
+				*/	
+				// Dummy-response:
+				$userdata = get_userdata( $username, $domain );
+				if ( $userdata )
+				{
+					print json_encode( array( 'response' => 'ok', 'user' => $userdata ));
+				}
+				else
+				{
+					print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'Request for user ' . $username . '@' . $domain . ' failed.'));
+				}
+			}
+			else
+				print json_encode ( array( 'response' => 'invalid') );
+			break;
+		case "/list":
+			/* 
+			Simply list all users in user@domain format 
+			Perform a search operation if 'search' exists as a GET-parameter
+			 * The search should try to do a "smart search" on SIP-usernames:
+			   * Try to search with names in in username@domain format
+			   * Do the search with wildcards before and after input text.
+			   * The search must be done in the provisioning tables, to be able
+			     to match non-local users.
+			   * SQL SELECT CONCAT() WHERE CONCAT() must be used *shrug*
+			   */
+			$search = null;
+			if ( array_key_exists ( 'search', $_GET ) ) 
+				$search = $_GET['search']; // TODO: Add some sanitation and input validation!
+			$list = list_users( $search );
+			print json_encode( array( 'response' => 'ok', 'list' => $list ));
+			break;
+		case "/add_local":
+			/*
+			What to do??
+			Required parameters should be...
+				username
+				domain
+				displayname
+				email
+
+			Verify that domain is local (lookup in the 'kamailio.domain' table.
+			Verify that the username is available (nonexistant for domain in kamilio.subscribers (and provision.users?))
+				* Autocreate password
+				* Add username, domain, email and created password to the 'kamailio.subscriber' table
+				* Get the registrar+port, proxy+port from the 'provision.servers' table.
+				* standard dialplan from configuration.
+				* Add to the 'provision.users' table:
+					username -> username
+					password -> generated password
+					displayname -> displayname
+					domain -> domain
+					registrar -> provision.servers.registrar
+					r_port -> provision.servers.r_port
+					proxy -> provision.servers.proxy
+					p_port -> provision.servers.p_port
+					authid -> username
+					dialplan -> standard dialplan
+					linetext -> username
+				* Return 'response' => 'ok' with a full user object in JSON format.
+			If any of the tests fail, return 'response' => 'failed' with 'cause' => "description" on JSON format.
+
+			*/
+			// Test required parameters:
+			if ( array_key_exists( 'username', $_GET) 
+				&& array_key_exists( 'domain', $_GET ) 
+				&& array_key_exists( 'displayname', $_GET ) 
+				&& array_key_exists( 'email', $_GET ) )
+			{
+				$username = $_GET['username'];
+				$domain = $_GET['domain'];
+				$password = generate_password();
+				$displayname = $_GET['displayname'];
+				$email = $_GET['email'];
+
+				if (  !is_kamailio_domain( $domain ) )
+				{
+					print json_encode ( array( 'response' => 'failed', 'cause' => 'nxdomain', 'detail' => 'The selected domain is not local' ));
+					break;
+				}
+
+				$servers = get_servers( $domain );
+				if ( !$servers )
+				{
+					print json_encode( array( 'response' => 'failed', 'cause' => 'servfail', 'detail' => 'Servers lookup failed for domain '. $domain ) );
+					break;
+				}
+				$registrar = $servers['registrar'];
+				$r_port = $servers['r_port'];
+				$proxy = $servers['proxy'];
+				$p_port = $servers['p_port'];
+				$authid = $username;
+				$linetext = $username;
+				$dialplan = $config['standard_dialplan'];
+
+				if ( is_provision_user ( $username, $domain ) )
+				{
+					print json_encode ( array( 'response' => 'failed', 'cause' => 'exists', 'detail' => 'User already exists in provisioning configuration' ));
+					break;
+				}
+				if ( is_kamailio_subscriber ( $username, $domain ) )
+				{
+					print json_encode ( array( 'response' => 'failed', 'cause' => 'exists', 'detail' => 'User already exists as a Kamailio subscriber' ));
+					break;
+				}
+				$kam_res = add_kamailio_subscriber( $username, $domain, $password, $email );
+				if ( !$kam_res )
+				{
+					print json_encode( array( 'response' => 'failed', 'cause' => 'dbfail', 'detail' => 'Failed to add kamailio subscriber.' ) );
+					break;
+				}
+				$pro_res = add_provision_user( $username, $password, $domain, $authid, $registrar, $r_port, $proxy, $p_port, $displayname, $dialplan, $linetext );
+				if ( !$pro_res )
+				{
+					// Rollback data added to Kamailio! Try to simulate atomicity, or atleast maintain integrity...
+					delete_kamailio_subscriber( $username, $domain );
+					// Give errormessage, and quit.
+					print json_encode( array( 'response' => 'failed', 'cause' => 'dbfail', 'detail' => 'Failed to add user for provisioning. Rolled back kamailio subscriber' ) );
+					break;
+				}
+				$userdata = get_userdata( $username, $domain );
+				if ( !$userdata )
+				{
+					// Rollback data added to Kamailio! Try to simulate atomicity, or atleast maintain integrity...
+					delete_kamailio_subscriber( $username, $domain );
+					delete_provision_user( $username, $domain );
+					// Give errormessage, and quit.
+					print json_encode( array( 'response' => 'failed', 'cause' => 'dbfail', 'detail' => 'Failed to read recently added data. Operations rolled back' ) );
+	
+				}
+				print json_encode( array( 'response' => 'ok', 'user' => $userdata ));
+			}
+			else 
+				print json_encode( array( 'response' => 'invalid', 'cause' => 'parameters' ) );
+			break;
+		case "/add_remote":
+			/*
+			Required parameters should be...
+				username
+				password
+				domain
+				displayname
+				registrar
+			Optional parameters
+				r_port
+				proxy
+				p_port
+				authid
+				dialplan
+				linetext
+			
+			Verify that the username+domain is not already registered in 'provision.users'.
+				* If r_port is empty, set to 5060
+				* If proxy/port is empty, set to registrar/port
+				* If authid is empty, set to username
+				* If dialplan is empty, set to standard dialplan
+				* If linetext is empty, set to username@domain
+				* Add to the 'provision.users' table:
+					username -> username
+					password -> supplied password
+					displayname -> displayname
+					domain -> domain
+					registrar -> registrar
+					r_port -> r_port
+					proxy -> proxy
+					p_port -> p_port
+					authid -> authid
+					dialplan -> dialplan
+					linetext -> linetext
+				* Return 'response' => 'ok' with a full user object in JSON format.
+			If any of the tests fail, return 'response' => 'failed' with 'cause' => "description" in JSON format.
+			*/
+
+
+			// Test required parameters:
+			if ( array_key_exists( 'username', $_GET) 
+				&& array_key_exists( 'password', $_GET )
+				&& array_key_exists( 'displayname', $_GET )
+				&& array_key_exists( 'domain', $_GET )
+				&& array_key_exists( 'registrar', $_GET ) )
+			{
+				$username = $_GET['username'];
+				$password = $_GET['password'];
+				$domain = $_GET['domain'];
+				$displayname = $_GET['displayname'];
+				$registrar = $_GET['registrar'];
+				$r_port = ( array_key_exists('r_port', $_GET) ) ? $_GET['r_port'] : 5060;
+
+				$proxy = ( array_key_exists('proxy', $_GET) ) ? $_GET['proxy'] : $registrar;
+				$p_port = ( array_key_exists('p_port', $_GET) ) ? $_GET['p_port'] : $r_port;
+				$authid = ( array_key_exists('authid', $_GET) ) ? $_GET['authid'] : $username;
+				$dialplan = ( array_key_exists('dialplan', $_GET) ) ? $_GET['dialplan'] : $config['standard_dialplan'];
+				$linetext = ( array_key_exists('linetext', $_GET) ) ? $_GET['linetext'] : $username . '@' . $domain;
+
+				if ( is_provision_user ( $username, $domain ) )
+				{
+					print json_encode ( array( 'response' => 'failed', 'cause' => 'exists', 'detail' => 'User already exists in provisioning configuration' ));
+					break;
+				}
+				if ( is_kamailio_subscriber ( $username, $domain ) )
+				{
+					print json_encode ( array( 'response' => 'failed', 'cause' => 'exists', 'detail' => 'User already exists as a Kamailio subscriber' ));
+					break;
+				}
+
+				$pro_res = add_provision_user( $username, $password, $domain, $authid, $registrar, $r_port, $proxy, $p_port, $displayname, $dialplan, $linetext );
+				if ( !$pro_res )
+				{
+					// Give errormessage, and quit.
+					print json_encode( array( 'response' => 'failed', 'cause' => 'dbfail', 'detail' => 'Failed to add user for provisioning.' ) );
+					break;
+				}
+				$userdata = get_userdata( $username, $domain );
+				if ( !$userdata )
+				{
+					// Rollback data added!
+					delete_provision_user( $username, $domain );
+					// Give errormessage, and quit.
+					print json_encode( array( 'response' => 'failed', 'cause' => 'dbfail', 'detail' => 'Failed to read recently added data. Operations rolled back' ) );
+	
+				}
+				print json_encode( array( 'response' => 'ok', 'user' => $userdata ));
+			}
+			else 
+				print json_encode( array( 'response' => 'invalid', 'cause' => 'parameters' ) );
+			break;
+		case "/remove":
+			/*
+			Required parameters should be...
+				username
+				domain
+			
+			* Verify that no associations/relations exist in 'provision.phones'
+			* Verify that the user exists in 'provision.users'
+				* Remove from 'provision.users'
+				* Test to see of user exists in 'kamailio.subscriber'.
+					* Remove from 'kamailio.subscribers'
+					* Return response' => 'ok', 'type' => 'local'
+				* If not in 'kamailio.subscribers'
+					* Return response' => 'ok', 'type' => 'remote'
+			* If associations exist, return 'response' => 'failed', 'cause' => 'inuse'
+			* If no such user exists, return 'response' => 'failed' with 'cause' => 'nonexistant'
+			* On other failures, return 'response' => 'failed' with 'cause' => 'error' (may set 'detail' => 'message')
+			*/
+			if ( array_key_exists( 'username', $_GET) && array_key_exists( 'domain', $_GET ) )
+			{
+				$username = $_GET['username'];
+				$domain = $_GET['domain'];
+				if ( get_user_phones ( $username, $domain ) )
+				{
+					print json_encode( array( 'response' => 'failed', 'cause' => 'inuse', 'detail' => 'User has associated provisioning. Remove and retry.' ) );
+					break;
+				}
+				if ( is_provision_user( $username, $domain ) || is_kamailio_subscriber( $username, $domain ) )
+				{
+					delete_provision_user( $username, $domain );
+					delete_kamailio_subscriber( $username, $domain );
+					print json_encode( array ( 'response' => 'ok', 'detail' => 'User ' . $username . '@' . $domain . ' deleted.'));
+					break;
+				}
+				else
+				{
+					print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'Unable to remove nonexistant user.'));
+					break;
+				}
+
+				break;
+
+			}
+			break;
+		case "/gen_pw":
+			print generate_password();
+			break;
+		default:
+			print json_encode ( array( 'response' => 'invalid') );
+	}
+mysql_close( $config['sql_link'] );
+?>
-- 
2.39.2