summaryrefslogtreecommitdiff
path: root/fs_selfservice/fri/includes/login.php
diff options
context:
space:
mode:
Diffstat (limited to 'fs_selfservice/fri/includes/login.php')
-rw-r--r--fs_selfservice/fri/includes/login.php515
1 files changed, 515 insertions, 0 deletions
diff --git a/fs_selfservice/fri/includes/login.php b/fs_selfservice/fri/includes/login.php
new file mode 100644
index 0000000..41bb7a6
--- /dev/null
+++ b/fs_selfservice/fri/includes/login.php
@@ -0,0 +1,515 @@
+<?php
+
+/**
+ * @file
+ * login functions
+ */
+
+/**
+ * Class for login
+ */
+class Login {
+
+ var $error;
+
+ /**
+ * Authenticate user and register user information into a session
+ */
+ function Auth() {
+
+ global $ARI_ADMIN_USERNAME;
+ global $ARI_ADMIN_PASSWORD;
+ global $ARI_ADMIN_EXTENSIONS;
+ global $ARI_CRYPT_PASSWORD;
+ global $ASTERISK_VOICEMAIL_CONF;
+ global $ASTERISK_VOICEMAIL_CONTEXT;
+ global $ASTERISK_VOICEMAIL_PATH;
+ global $ASTERISK_PROTOCOLS;
+ global $CALLMONITOR_ADMIN_EXTENSIONS;
+ global $ARI_NO_LOGIN;
+ global $ARI_DEFAULT_ADMIN_PAGE;
+ global $ARI_DEFAULT_USER_PAGE;
+
+ $crypt = new Crypt();
+
+ // init variables
+ $extension = '';
+ $displayname = '';
+ $vm_password = '';
+ $category = '';
+ $context = '';
+ $voicemail_enabled = '';
+ $voicemail_email_address = '';
+ $voicemail_pager_address = '';
+ $voicemail_email_enable = '';
+ $admin = '';
+ $admin_callmonitor = '';
+ $default_page = '';
+
+ $username = '';
+ $password = '';
+
+ // get the ari authentication cookie
+ $data = '';
+ $chksum = '';
+ if (isset($_COOKIE['ari_auth'])) {
+ $buf = unserialize($_COOKIE['ari_auth']);
+ list($data,$chksum) = $buf;
+ }
+ if (md5($data) == $chksum) {
+ $data = unserialize($crypt->decrypt($data,$ARI_CRYPT_PASSWORD));
+ $username = $data['username'];
+ $password = $data['password'];
+ }
+
+ if (isset($_POST['username']) &&
+ isset($_POST['password'])) {
+ $username = $_POST['username'];
+ $password = $_POST['password'];
+ }
+
+ // init email options array
+ $voicemail_email = array();
+
+ // when login, make a new session
+ if ($username && !$ARI_NO_LOGIN) {
+
+ $auth = false;
+
+ // check admin
+ if (!$auth) {
+ if ($username==$ARI_ADMIN_USERNAME &&
+ $password==$ARI_ADMIN_PASSWORD) {
+
+ // authenticated
+ $auth = true;
+
+ $extension = 'admin';
+ $name = 'Administrator';
+ $admin = 1;
+ $admin_callmonitor = 1;
+
+ $default_page = $ARI_DEFAULT_ADMIN_PAGE;
+ }
+ }
+
+ // check voicemail login
+ if (!$auth) {
+
+ if (is_readable($ASTERISK_VOICEMAIL_CONF)) {
+
+ $lines = file($ASTERISK_VOICEMAIL_CONF);
+
+ // look for include files and tack their lines to end of array
+ foreach ($lines as $key => $line) {
+
+ if (preg_match("/include/i",$line)) {
+
+ $include_filename = '';
+ $parts = split(' ',$line);
+ if (isset($parts[1])) {
+ $include_filename = trim($parts[1]);
+ }
+
+ if ($include_filename) {
+ $path_parts = pathinfo($ASTERISK_VOICEMAIL_CONF);
+ $include_path = fixPathSlash($path_parts['dirname']) . $include_filename;
+ foreach (glob($include_path) as $include_file) {
+ $include_lines = file($include_file);
+ $lines = array_merge($include_lines,$lines);
+ }
+ }
+ }
+ }
+
+ // process
+ foreach ($lines as $key => $line) {
+
+ // check for current context and process
+ if (preg_match("/\[.*\]/i",$line)) {
+ $currentContext = trim(preg_replace('/\[|\]/', '', $line));
+ }
+ if ($ASTERISK_VOICEMAIL_CONTEXT &&
+ $currentContext!=$ASTERISK_VOICEMAIL_CONTEXT) {
+ continue;
+ }
+
+ // check for user and process
+ unset($value);
+ $parts = split('=>',$line);
+ if (isset($parts[0])) {
+ $var = $parts[0];
+ }
+ if (isset($parts[1])) {
+ $value = $parts[1];
+ }
+ $var = trim($var);
+ if ($var==$username && $value) {
+ $buf = split(',',$value);
+ if ($buf[0]==$password) {
+
+ // authenticated
+ $auth = true;
+ $extension = $username;
+ $displayname = $buf[1];
+ $vm_password = $buf[0];
+ $default_page = $ARI_DEFAULT_USER_PAGE;
+ $context = $currentContext;
+ $voicemail_enabled = 1;
+ $voicemail_email_address = $buf[2];
+ $voicemail_pager_address = $buf[3];
+
+ if ($voicemail_email_address || $voicemail_pager_address) {
+ $voicemail_email_enable = 1;
+ }
+
+ $options = split('\|',$buf[4]);
+ foreach ($options as $option) {
+ $opt_buf = split('=',$option);
+ $voicemail_email[$opt_buf[0]] = trim($opt_buf[1]);
+ }
+
+ $admin = 0;
+ if ($ARI_ADMIN_EXTENSIONS) {
+ $extensions = split(',',$ARI_ADMIN_EXTENSIONS);
+ foreach ($extensions as $key => $value) {
+ if ($extension==$value) {
+ $admin = 1;
+ break 2;
+ }
+ }
+ }
+
+ $admin_callmonitor = 0;
+ if ($CALLMONITOR_ADMIN_EXTENSIONS) {
+ $extensions = split(',',$CALLMONITOR_ADMIN_EXTENSIONS);
+ foreach ($extensions as $key => $value) {
+ if ($value=='all' || $extension==$value) {
+ $admin_callmonitor = 1;
+ break 2;
+ }
+ }
+ }
+ }
+ else {
+ $_SESSION['ari_error'] = "Incorrect Password";
+ return;
+ }
+ }
+ }
+ }
+ else {
+ $_SESSION['ari_error'] = "File not readable: " . $ASTERISK_VOICEMAIL_CONF;
+ return;
+ }
+ }
+
+ // check sip login
+ if (!$auth) {
+
+ foreach($ASTERISK_PROTOCOLS as $protocol => $value) {
+
+ $config_files = split(';',$value['config_files']);
+ foreach ($config_files as $config_file) {
+
+ if (is_readable($config_file)) {
+
+ $lines = file($config_file);
+ foreach ($lines as $key => $line) {
+
+ unset($value);
+ $parts = split('=',$line);
+ if (isset($parts[0])) {
+ $var = trim($parts[0]);
+ }
+ if (isset($parts[1])) {
+ $value = trim($parts[1]);
+ }
+ if ($var=="username") {
+ $protocol_username = $value;
+ }
+ if ($var=="secret") {
+
+ $protocol_password = $value;
+ if ($protocol_username==$username &&
+ $protocol_password==$password) {
+
+ // authenticated
+ $auth = true;
+ $extension = $username ;
+ $displayname = $username;
+ $default_page = $ARI_DEFAULT_ADMIN_PAGE;
+
+ $admin = 0;
+ if ($ARI_ADMIN_EXTENSIONS) {
+ $extensions = split(',',$ARI_ADMIN_EXTENSIONS);
+ foreach ($extensions as $key => $value) {
+ if ($extension==$value) {
+ $admin = 1;
+ break 2;
+ }
+ }
+ }
+
+ $admin_callmonitor = 0;
+ if ($CALLMONITOR_ADMIN_EXTENSIONS) {
+ $extensions = split(',',$CALLMONITOR_ADMIN_EXTENSIONS);
+ foreach ($extensions as $key => $value) {
+ if ($value=='all' || $extension==$value) {
+ $admin_callmonitor = 1;
+ break 2;
+ }
+ }
+ }
+ }
+ else if ($protocol_username==$username &&
+ $protocol_password!=$password) {
+ $_SESSION['ari_error'] = _("Incorrect Password");
+ return;
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+
+ // let user know bad login
+ if (!$auth) {
+ $_SESSION['ari_error'] = _("Incorrect Username or Password");
+ }
+
+ // freeside login
+ $freeside = new FreesideSelfService();
+ $domain = 'svc_phone';
+ $response = $freeside->login( array(
+ 'username' => strtolower($username),
+ 'domain' => $domain,
+ 'password' => strtolower($password),
+ ) );
+ error_log("[login] received response from freeside: $response");
+ $error = $response['error'];
+
+ if ( ! $error && $response['session_id'] ) {
+
+ // sucessful freeside login
+ error_log("[login] logged into freeside with session_id=$session_id");
+
+ // store session id in your session store, to be used for other calls
+ //$fs_session_id = $response['session_id'];
+ $_SESSION['freeside_session_id'] = $response['session_id'];
+
+ $customer_info = $freeside->customer_info( array(
+ 'session_id' => $_SESSION['freeside_session_id'] ,
+ ) );
+ //XXX error checking here too
+ $displayname = $customer_info['name'];
+
+ } else {
+
+ // unsucessful login
+ error_log("[login] error logging into freeside: $error");
+ $auth = false;
+ $extension = '';
+
+ // display error message to user
+ $_SESSION['ari_error'] = _("Incorrect Username or Password");
+
+ }
+
+ // if authenticated and user wants to be remembered, set cookie
+ $remember = '';
+ if (isset($_POST['remember'])) {
+ $remember = $_POST['remember'];
+ }
+ if ($auth && $remember) {
+
+ $data = array('username' => $username, 'password' => $password);
+ $data = $crypt->encrypt(serialize($data),$ARI_CRYPT_PASSWORD);
+
+ $chksum = md5($data);
+
+ $buf = serialize(array($data,$chksum));
+ setcookie('ari_auth',$buf,time()+365*24*60*60,'/');
+ }
+
+ // set category
+ if (!$category) {
+ $category = "general";
+ }
+
+ // set context
+ if (!$context) {
+ $context = "default";
+ }
+
+ // no login user
+ if ($ARI_NO_LOGIN) {
+ $extension = 'admin';
+ $name = 'Administrator';
+ $admin_callmonitor = 1;
+ $default_page = $ARI_DEFAULT_ADMIN_PAGE;
+ }
+
+ // get outboundCID if it exists
+ $outboundCID = $this->getOutboundCID($extension);
+
+ // set
+ if ($extension) {
+ $_SESSION['ari_user']['extension'] = $extension;
+ $_SESSION['ari_user']['outboundCID'] = $outboundCID;
+ $_SESSION['ari_user']['displayname'] = $displayname;
+ $_SESSION['ari_user']['voicemail_password'] = $vm_password;
+ $_SESSION['ari_user']['category'] = $category;
+ $_SESSION['ari_user']['context'] = $context;
+ $_SESSION['ari_user']['voicemail_enabled'] = $voicemail_enabled;
+ $_SESSION['ari_user']['voicemail_email_address'] = $voicemail_email_address;
+ $_SESSION['ari_user']['voicemail_pager_address'] = $voicemail_pager_address;
+ $_SESSION['ari_user']['voicemail_email_enable'] = $voicemail_email_enable;
+ foreach ($voicemail_email as $key => $value) {
+ $_SESSION['ari_user']['voicemail_email'][$key] = $value;
+ }
+ $_SESSION['ari_user']['admin'] = $admin;
+ $_SESSION['ari_user']['admin_callmonitor'] = $admin_callmonitor;
+ $_SESSION['ari_user']['default_page'] = $default_page;
+
+ // force the session data saved
+ session_write_close();
+ }
+ }
+ }
+
+ /*
+ * Gets user outbound caller id
+ *
+ * @param $exten
+ * Extension to get information about
+ * @return $ret
+ * outbound caller id
+ */
+ function getOutboundCID($extension) {
+
+ global $asterisk_manager_interface;
+
+ $ret = '';
+ $response = $asterisk_manager_interface->Command2("Action: Command\r\nCommand: database get AMPUSER $extension/outboundcid\r\n\r\n");
+ if ($response) {
+
+ $posLeft = strpos( $response, "<")+strlen("<");
+ $posRight = strpos( $response, ">", $posLeft);
+ $ret = substr( $response,$posLeft,$posRight-$posLeft);
+ }
+ return $ret;
+ }
+
+ /**
+ * logout
+ */
+ function Unauth() {
+ unset($_COOKIE["ari_auth"]);
+ setcookie('ari_auth',"",time(),'/');
+ unset($_SESSION['ari_user']);
+ }
+
+ /**
+ * Provide a login form for user
+ *
+ * @param $request
+ * Variable to hold data entered into form
+ */
+ function GetForm() {
+
+ global $ARI_NO_LOGIN;
+
+ if ($ARI_NO_LOGIN) {
+ $ret = '';
+ return;
+ }
+
+ if (isset($_GET['login'])) {
+ $login = $_GET['login'];
+ }
+
+ // if user name and password were given, but there was a problem report the error
+ if ($this->error!='') {
+ $ret = $this->error;
+ }
+
+ $language = new Language();
+ $display = new Display(NULL);
+
+ // new header
+ $ret .= $display->DisplayHeaderText(_("Login"));
+ $ret .= $display->DisplayLine();
+ $ret .= checkErrorMessage();
+
+ $ret .= "
+ <table id='login'>
+ <form id='login' name='login' action=" . $_SESSION['ARI_ROOT'] . " method='POST'>
+ <tr>
+ <td class='right'>
+ <small><small>" . _("Login") . ":&nbsp;&nbsp;</small></small>
+ </td>
+ <td>
+ <input type='text' name='username' value='" . $login . "' maxlength=20 tabindex=1>
+ </td>
+ </tr>
+ <tr>
+ <td class='right'>
+ <small><small>" . _("Password") . ":&nbsp;&nbsp;</small></small>
+ </td>
+ <td colspan=1>
+ <input type='password' name='password' maxlength=20 tabindex=2>
+ </td>
+ </tr>
+ <tr>
+ <td></td>
+ <td>
+ <input type='submit' name='btnSubmit' value='" . _("Submit") . "' tabindex=3></small></small></p>
+ </td>
+ </tr>
+ <tr>
+ <td class='right'>
+ <input type='checkbox' name='remember'>
+ </td>
+ <td class='left'>
+ <p class='small'>" . _("Remember Password") . "</p>
+ </td>
+ </tr>
+ </form>
+ <tr>
+ <td></td>
+ <td>
+ " . $language->getForm() . "
+ </td>
+ </tr>
+ <tr><td>&nbsp;</td></tr>
+ </table>
+ <table id='login_text'>
+ <tr>
+ <td>" .
+ _("Use your <b>Voicemail Mailbox and Password</b>") . "<br>" .
+ _("This is the same password used for the phone") . "<br>" .
+ "<br>" .
+ _("For password maintenance or assistance, contact your Phone System Administrator.") . "<br>" . "
+ </td>
+ </tr>
+ </table>";
+
+ $ret .= "
+ <script type='text/javascript'>
+ <!--
+ if (document.login) {
+ document.login.username.focus();
+ }
+ // -->
+ </script>";
+
+ return $ret;
+ }
+
+
+}
+
+
+?>
generated by cgit v1.1 at 2024-06-09 18:07:12 +0000