diff --git a/accounts.phtml b/accounts.phtml index 73a0a58..04c56c2 100644 --- a/accounts.phtml +++ b/accounts.phtml @@ -1,473 +1,473 @@ "CDRTool_Session", "auth" => "CDRTool_Auth", "perm" => "CDRTool_Perm" ) ); $title = "Login accounts"; -require("login_accounts.php"); +require 'login_accounts.php'; if (is_readable("/etc/cdrtool/local/header.phtml")) { - include("/etc/cdrtool/local/header.phtml"); + include '/etc/cdrtool/local/header.phtml'; } else { - include("header.phtml"); + include 'header.phtml'; } function log_accounts_action($action) { global $auth; $location = "Unknown"; $_loc = geoip_record_by_name($_SERVER['REMOTE_ADDR']); if ($_loc['country_name']) { $location = $_loc['country_name']; } $log = sprintf( "CDRTool login username=%s, IP=%s, location=%s, action=%s, script=%s", $auth->auth["uname"], $_SERVER['REMOTE_ADDR'], $location, $action, $_SERVER['PHP_SELF'] ); syslog(LOG_NOTICE, $log); } $loginname = $auth->auth["uname"]; $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : ''; $next = isset($_REQUEST['next']) ? $_REQUEST['next'] : ''; $search_text = isset($_REQUEST['search_text']) ? $_REQUEST['search_text'] : ''; $username = isset($_REQUEST['username']) ? $_REQUEST['username'] : ''; $password = isset($_REQUEST['password']) ? $_REQUEST['password'] : ''; $name = isset($_REQUEST['name']) ? $_REQUEST['name'] : ''; $organization = isset($_REQUEST['organization']) ? $_REQUEST['organization'] : ''; $tel = isset($_REQUEST['tel']) ? $_REQUEST['tel'] : ''; $email = isset($_REQUEST['email']) ? $_REQUEST['email'] : ''; $expire = isset($_REQUEST['expire']) ? $_REQUEST['expire'] : ''; $gatewayFilter = isset($_REQUEST['gatewayFilter']) ? $_REQUEST['gatewayFilter'] : ''; $domainFilter = isset($_REQUEST['domainFilter']) ? $_REQUEST['domainFilter'] : ''; $serviceFilter = isset($_REQUEST['serviceFilter']) ? $_REQUEST['serviceFilter'] : ''; $compidFilter = isset($_REQUEST['compidFilter']) ? $_REQUEST['compidFilter'] : ''; $aNumberFilter = isset($_REQUEST['aNumberFilter']) ? $_REQUEST['aNumberFilter'] : ''; $cscodeFilter = isset($_REQUEST['cscodeFilter']) ? $_REQUEST['cscodeFilter'] : ''; $afterDateFilter = isset($_REQUEST['afterDateFilter']) ? $_REQUEST['afterDateFilter'] : ''; $aclFilter = isset($_REQUEST['aclFilter']) ? $_REQUEST['aclFilter'] : ''; $impersonate = isset($_REQUEST['impersonate']) ? $_REQUEST['impersonate'] : ''; $perms = isset($_REQUEST['perms']) ? $_REQUEST['perms'] : ''; $sources = isset($_REQUEST['sources']) ? $_REQUEST['sources'] : ''; $delete = isset($_REQUEST['delete']) ? $_REQUEST['delete'] : ''; $id = isset($_REQUEST['id']) ? $_REQUEST['id'] : ''; $uid = isset($_REQUEST['uid']) ? $_REQUEST['uid'] : ''; $check = isset($_REQUEST['check']) ? $_REQUEST['check'] : ''; $mailsettings = isset($_REQUEST['mailsettings']) ? $_REQUEST['mailsettings'] : ''; $otp_yubikey = isset($_REQUEST["yubikey"]) ? $_REQUEST["yubikey"] : ''; $auth_method = isset($_REQUEST["auth_method"]) ? $_REQUEST["auth_method"] : ''; $PHP_SELF = htmlentities($_SERVER['PHP_SELF']); $db = new DB_CDRTool; $layout = new pageLayoutLocal(); $layout->showTopMenu($title); if ($action == "edit" && $id) { print " "; $uid = $auth->auth["uid"]; if (!$perm->have_perm("admin")) { $id = $uid; } if ($check || $delete) { if ($err = $f->validate()) { print "
$err
"; $perms = implode($perms, ","); $sources = implode($sources, ","); showForm($id); } else { $perms_text = implode($perms, ","); $sources_text = implode($sources, ","); if ($delete && $perm->have_perm("admin")) { $query = "delete from auth_user"; } else { //print "

Updating user"; $query = sprintf( "update auth_user set username = '%s', name = '%s', organization = '%s', tel = '%s', email = '%s', yubikey = '%s', auth_method = '%s' ", addslashes($username), addslashes($name), addslashes($organization), addslashes($tel), addslashes($email), addslashes($otp_yubikey), addslashes($auth_method) ); if (strlen($password)) { if ($CDRTool['provider']['clear_text_passwords'] != 1) { $query .= sprintf( ", password = '', password_hashed = '%s'", addslashes(md5($password)) ); } else { $query .= sprintf( ", password = '%s', password_hashed = ''", addslashes($password) ); } } if ($perm->have_perm("admin")) { if (strlen($impersonate)) { if (!preg_match("/^[0-9]*\.[0-9]*$/", $impersonate)) { printf("

Warning! Impersonate must be formated as CustomerId.ResellerId
"); unset($impersonate); } } $query.= sprintf( ", perms = '%s', sources = '%s', expire = '%s', gatewayFilter = '%s', domainFilter = '%s', serviceFilter = '%s', compidFilter = '%s', aNumberFilter = '%s', cscodeFilter = '%s', afterDateFilter = '%s', aclFilter = '%s', impersonate = '%s' ", addslashes($perms_text), addslashes($sources_text), addslashes($expire), addslashes($gatewayFilter), addslashes($domainFilter), addslashes($serviceFilter), addslashes($compidFilter), addslashes($aNumberFilter), addslashes($cscodeFilter), addslashes($afterDateFilter), addslashes($aclFilter), addslashes($impersonate) ); } } $query .= sprintf(" where user_id = '%s'", addslashes($id)); // print $query; if (!$db->query($query)) { print "

Failed to update user $id"; print "The error is $db->Error"; } else { if ($delete) { log_accounts_action(sprintf("account %s deleted", $username)); print "

User $name deleted"; } else { log_accounts_action(sprintf("account %s updated", $username)); print "

User $name updated"; if ($mailsettings) { if ($_SERVER['HTTPS']=="on") { $protocolURL="https://"; } else { $protocolURL="http://"; } $body .= sprintf("The following login account for CDRTool has been created for you:\n\n"); $body .= sprintf("Username: %s\n", $username); $body .= sprintf("Password: %s\n", $password); $body .= sprintf("URL: %s%s%s\n\n", $protocolURL, $_SERVER['HTTP_HOST'], $CDRTool['tld']); $body .= sprintf("You may use your CDRTool account to access call detail records and \n"); $body .= sprintf("traces from OpenSIPs, MediaProxy and Asterisk servers.\n"); $from = sprintf("From: %s", $CDRTool['provider']['fromEmail']); mail($email, "CDRTool login account", $body, $from); } } accountList(); } } } else { $query = "select * from auth_user"; if (!$perm->have_perm("admin")) { $query .= sprintf(" where user_id = '%s'", addslashes($uid)); $id=$uid; } else { $query .= sprintf(" where user_id = '%s'", addslashes($id)); } dprint($query); $db->query($query); $db->next_record(); $username = $db->f('username'); $name = $db->f('name'); $email = $db->f('email'); $tel = $db->f('tel'); $password = $db->f('password'); $organization = $db->f('organization'); $perms = $db->f('perms'); $sources = $db->f('sources'); $expire = $db->f('expire'); $aNumberFilter = $db->f('aNumberFilter'); $gatewayFilter = $db->f('gatewayFilter'); $domainFilter = $db->f('domainFilter'); $serviceFilter = $db->f('serviceFilter'); $compidFilter = $db->f('compidFilter'); $cscodeFilter = $db->f('cscodeFilter'); $afterDateFilter = $db->f('afterDateFilter'); $aclFilter = $db->f('aclFilter'); $impersonate = $db->f('impersonate'); $yubikey = $db->f('yubikey'); $auth_method = $db->f('auth_method'); showForm($id); } } elseif ($action=="insert" && $perm->have_perm("admin")) { print "

"; $uid = $auth->auth["uid"]; if (!$password) $password = random_passwd_gen(); if ($check) { if ($perms) $perms = implode($perms,","); if ($sources) $sources = implode($sources,","); if (strlen($impersonate)) { if (!preg_match("/^[0-9]*\.[0-9]*$/", $impersonate)) { printf("

Warning: Impersonate must be formated as CustomerId.ResellerId"); unset($impersonate); } } if ($err = $f->validate()) { print "

$err

"; showForm(); } else { //print "

Adding user"; $hash_secret = "ffdsdsd__ky..."; $user_id = md5(uniqid($hash_secret)); if ($CDRTool['provider']['clear_text_passwords']!=1) { $query = sprintf( "insert into auth_user ( user_id, username, password, password_hashed, name, organization, tel, email, perms, sources, expire, domainFilter, aNumberFilter, serviceFilter, compidFilter, cscodeFilter, gatewayFilter, afterDateFilter, aclFilter, impersonate, yubikey, auth_method ) values ( '%s', '%s', '', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )", addslashes($user_id), addslashes($username), addslashes(md5($password)), addslashes($name), addslashes($organization), addslashes($tel), addslashes($email), addslashes($perms), addslashes($sources), addslashes($expire), addslashes($domainFilter), addslashes($aNumberFilter), addslashes($serviceFilter), addslashes($compidFilter), addslashes($cscodeFilter), addslashes($gatewayFilter), addslashes($afterDateFilter), addslashes($aclFilter), addslashes($impersonate), addslashes($yubikey), addslashes($auth_method) ); } else { $query = sprintf( "insert into auth_user ( user_id, username, password, name, organization, tel, email, perms, sources, expire, domainFilter, aNumberFilter, serviceFilter, compidFilter, cscodeFilter, gatewayFilter, afterDateFilter, aclFilter, impersonate, yubikey, auth_method ) values ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )", addslashes($user_id), addslashes($username), addslashes($password), addslashes($name), addslashes($organization), addslashes($tel), addslashes($email), addslashes($perms), addslashes($sources), addslashes($expire), addslashes($domainFilter), addslashes($aNumberFilter), addslashes($serviceFilter), addslashes($compidFilter), addslashes($cscodeFilter), addslashes($gatewayFilter), addslashes($afterDateFilter), addslashes($aclFilter), addslashes($impersonate), addslashes($yubikey), addslashes($auth_method) ); } dprint($query); if (!$db->query($query)) { printf("

Failed to add user: %s(%s) %s", $db->Error, $db->Errno, $query); } else { log_accounts_action(sprintf("account %s added", $username)); print "

User $name created"; if ($mailsettings) { if ($_SERVER['HTTPS']=="on") { $protocolURL="https://"; } else { $protocolURL="http://"; } $body .= sprintf("The following login account for CDRTool has been created for you:\n\n"); $body .= sprintf("Username: %s\n", $username); $body .= sprintf("Password: %s\n", $password); $body .= sprintf("URL: %s%s%s\n\n", $protocolURL, $_SERVER['HTTP_HOST'], $CDRTool['tld']); $body .= sprintf("You may use your CDRTool account to access call detail records and \n"); $body .= sprintf("traces from OpenSIPs, MediaProxy and Asterisk servers.\n"); $from = sprintf("From: %s", $CDRTool['provider']['fromEmail']); mail($email, "CDRTool login account", $body, $from); } } } } else { showForm(); } print ""; } else { print "

Account list

"; if ($perm->have_perm("admin")) { print "
Add account
"; } accountList(); } $layout->showFooter(); page_close(); ?> diff --git a/callsearch.phtml b/callsearch.phtml index 0c097b6..b6677c5 100644 --- a/callsearch.phtml +++ b/callsearch.phtml @@ -1,103 +1,103 @@ "CDRTool_Session", "auth" => "CDRTool_Auth", "perm" => "CDRTool_Perm" ) ); $loginname=$auth->auth["uname"]; $perm->check('callsearch'); $export = isset($_REQUEST['export']) ? $_REQUEST['export'] : ''; $cdr_source = isset($_REQUEST["cdr_source"]) ? $_REQUEST['cdr_source'] : ''; $trace = isset($_REQUEST["trace"])? $_REQUEST['trace'] : ''; $action = isset($_REQUEST["action"])? $_REQUEST['action'] : ''; $previous_page = isset($_REQUEST['previous_page']) ? $_REQUEST['previous_page'] : ''; -require("cdr_generic.php"); -require("rating.php"); +require 'cdr_generic.php'; +require 'rating.php'; set_time_limit(1800); if (!$export) { $title="CDRTool call search "; if (is_readable("/etc/cdrtool/local/header.phtml")) { - include("/etc/cdrtool/local/header.phtml"); + include '/etc/cdrtool/local/header.phtml'; } else { - include("header.phtml"); + include 'header.phtml'; } if ($previous_page == 'license_page') { $db = new DB_CDRTool(); $query = sprintf( "insert into settings (billing_party, var_module,var_name,var_value) values ('%s','login','I_agree_with_license','True')", $auth->auth["uname"] ); $db->query($query); } } else { Header("Content-type: text/plain"); Header("Content-Disposition: inline; filename=cdr.txt"); } if (isset($CDRTool['dataSourcesAllowed'])) { while (list($k,$v)=each($CDRTool['dataSourcesAllowed'])) { $cdr_source_els[]=array("label"=>$DATASOURCES[$v]['name'],"value"=>$v); } if (!$cdr_source) { $cdr_source = $cdr_source_els[0]['value']; } } $CDR_class=$DATASOURCES[$cdr_source]["class"]; if (!$export && !$trace) { $layout = new pageLayoutLocal(); if ($CDRTool['filter']['aNumber']) { $layout->showHeader(); $layout->showTopMenuSubscriber(); } else { $layout->showTopMenu(); } } if (is_array($DATASOURCES[$cdr_source])) { if (class_exists($CDR_class)) { $CDRS = new $CDR_class($cdr_source); if ($action=='edit' || !$action) { if ($CDRTool['filter']['aNumber']) { $CDRS->searchFormSubscriber(); } else { $CDRS->searchForm(); } } elseif ($action==search) { $CDRS->show(); } if (!$export && !$trace) { $layout->showFooter(); } } else { $log = sprintf("Error initializing datasource '%s', class '%s' is not defined", $cdr_source, $CDR_class); print "

$log

"; } } else { $log = sprintf("Error: datasource '%s' is not defined", $cdr_source); print "

$log

"; } if (!$export && !$trace) { print " "; } page_close(); ?> diff --git a/index.phtml b/index.phtml index e94ea08..d28ee95 100644 --- a/index.phtml +++ b/index.phtml @@ -1,87 +1,87 @@ "CDRTool_Session", "auth" => "CDRTool_Auth", "perm" => "CDRTool_Perm") ); $loginname=$auth->auth["uname"]; $title="Legal notice"; $db = new DB_CDRTool(); $query=sprintf("select * from settings where billing_party = '%s' and var_module= 'login' and var_name = 'I_agree_with_license'",addslashes($loginname)); if ($db->query($query)) { if ($db->num_rows()) { $refreshURL='callsearch.phtml'; $refreshTime=0; } } - if (is_readable("/etc/cdrtool/local/header.phtml")) { - include_once("/etc/cdrtool/local/header.phtml"); - } else { - include_once("header.phtml"); - } + if (is_readable("/etc/cdrtool/local/header.phtml")) { + include_once '/etc/cdrtool/local/header.phtml'; + } else { + include_once 'header.phtml'; + } $layout = new pageLayoutLocal(); $layout->showHeader(); $layout->showLegalNotice(); $layout->showFooter(); page_close(); } else { $Setup = new SETUP (); $Setup->showIntro(); } class SETUP { function showIntro() { print " CDRTool setup

CDRTool setup

CDRTool has not been setup on this machine yet.

You must first setup php, apache and to create the cdrtool database. Detailed installation instructions are available in doc/INSTALL.txt

Once the database is available, create the cdrtool configuration file by copying the sample configuration file:

cp setup/global.inc.simple.sample /etc/cdrtool/global.inc

Then edit the configuration file global.inc to reflect your platform setup. This is the content of the current sample configuration file: "; print "

";
         $fp=fopen("setup/global.inc.simple.sample",r);
         while ($buffer = fgets($fp,1024)) {
             if (!preg_match("/(<\?)|(\?>)/",$buffer)) {
                 print "$buffer";
             }
         }
         print "
"; } } print " "; ?> diff --git a/log.phtml b/log.phtml index 794531e..2eb268e 100644 --- a/log.phtml +++ b/log.phtml @@ -1,357 +1,357 @@ "CDRTool_Session", "auth" => "CDRTool_Auth", "perm" => "CDRTool_Perm" ) ); $loginname = $auth->auth["uname"]; $title = "Logs"; $search_text = isset($_REQUEST['search_text']) ? $_REQUEST['search_text'] : ''; $task = isset($_REQUEST['task']) ? $_REQUEST['task'] : ''; $current_log = isset($_REQUEST['current_log']) ? $_REQUEST['current_log'] : ''; $log_description = isset($_REQUEST['log_description']) ? $_REQUEST['log_description'] : ''; $next = isset($_REQUEST['next']) ? intval($_REQUEST['next']) : 0; $maxrowsperpage = 20; $PHP_SELF = htmlentities($_SERVER['PHP_SELF']); $thisMonth = isset($_REQUEST['thisMonth']) ? $_REQUEST['thisMonth'] : ''; $recipient = isset($_REQUEST['recipient']) ? $_REQUEST['recipient'] : ''; $db = new DB_CDRTool; if (is_readable("/etc/cdrtool/local/header.phtml")) { - include("/etc/cdrtool/local/header.phtml"); + include '/etc/cdrtool/local/header.phtml'; } else { - include("header.phtml"); + include 'header.phtml'; } if ($search_text) { $search_text = preg_replace("/[^\d|\w| -\.@_]/s", "", $search_text); } $layout = new pageLayoutLocal(); $layout->showTopMenu($title); if ($thisMonth) { $checked_thisMonth = 'checked'; } else { $checked_thisMonth = ''; } $where = " (1=1) "; if ($CDRTool['filter']['reseller']) { $where .= sprintf(' and reseller_id = %s', addslashes($CDRTool['filter']['reseller'])); } else if (!$perm->have_perm("admin")) { $where .= sprintf(" and login = '%s'", addslashes($auth->auth["uname"])); } if ($perm->have_perm('admin')) { $query = "select * from auth_user where perms like '%admin%'"; $db->query($query); while ($db->next_record()) { $Collegues[$db->f('email')] = $db->f('name'); if ($loginname == $db->f('username')) { $myEmailAddress = $db->f('email'); $myName = $db->f('name'); } } } else { $Collegues[$CDRTool['provider']['toEmail']] = $CDRTool['provider']['name']; $myName = $CDRTool["loginName"]; $myEmailAddress = $CDRTool["loginEmail"]; } if ($current_log) { if ($task == "edit") { $query = sprintf( "update log set description = '%s' where %s and id = %d", addslashes($log_description), $where, intval($current_log) ); $db->query($query); } else if ($task == "mailLog" && $recipient) { $query = sprintf( "select * from log where %s and id = %d", $where, intval($current_log) ); $db->query($query); $db->next_record(); $rerun = $db->f('rerun'); $description = $db->f('description'); if ($_SERVER['HTTPS']=="on") { $protocolURL="https://"; } else { $protocolURL="http://"; } $subject = "CDRTool"; $fullURL = $protocolURL.$_SERVER['HTTP_HOST'].$CDRTool['tld']."/".$rerun; $body = "CDRTool query to analyse:\n\n$fullURL\n\n"; if ($description) { $body = $body."The query id $current_log is saved with name \"$description\"\n\n"; $subject = $subject.": ".$description; } $body = $body."This notification has been sent to you from CDRTool log interface by $myName"; mail($recipient, $subject, $body, "From: $myEmailAddress"); print "

Notified $recipient."; } } $url_log = array(); if ($search_text) { $where.= sprintf( " and (description like '%s%s%s' or url like '%s' or id = '%s')", "%", addslashes($search_text), "%", addslashes($search_text), addslashes($search_text) ); $url_log["search_text"] = $search_text; } if ($thisMonth) { $where .= sprintf(" and date like '%s'", date('Y-m').'%'); $url_log["thisMonth"] = 1; } $query = sprintf("select count(*) as records from log where %s ", $where); if ($db->query($query)) { $db->next_record(); $rows = $db->f('records'); } else { $rows = 0; } if (!$next) { $i = 0; $next = 0; } else { $i = intval($next); } $j = 0; $z = 0; print "

Found $rows records.
Only this month?
"; if ($rows > 0) { if ($rows > $maxrowsperpage) { $maxrows=$maxrowsperpage + $next; if ($maxrows > $rows) { $maxrows = $rows; $prev_rows = $maxrows; } } else { $maxrows=$rows; } $_max_rows= intval($maxrowsperpage); if (!$_max_rows) { $_max_rows = 10; } $query = sprintf("select * from log where %s order by id desc limit %d, %d", $where, intval($i), $_max_rows); $db->query($query); print "
"; while ($i < $maxrows) { $found = $i+1; $db->next_record(); $current_log = $db->f('id'); $reseller_id = $db->f('reseller_id'); $log_date = $db->f('date'); $login = $db->f('login'); $ip = $db->f('ip'); $url = $db->f('url'); $reedit = $db->f('reedit'); $rerun = $db->f('rerun'); $results = $db->f('results'); $description = $db->f('description'); $datasource = $db->f('datasource'); if ($rerun && $DATASOURCES[$datasource]['name']) { $datasource_print=$DATASOURCES[$datasource]['name']; } else { $datasource_print=$datasource; } if (!$reedit || !$rerun) { if (preg_match("/do_search/", $url)) { $url_run = "Run"; $url_edit = preg_replace("/do_/", "", $url); $url_edit = "Edit"; $display_form = 1; } elseif (preg_match("/do_statistics/", $url)) { $url_run = "Run"; $url_edit = preg_replace("/do_/", "", $url); $url_edit = "Edit stat"; $display_form = 1; } else { $url_edit = ""; $url_run = ""; $display_form = 0; } } else { $display_form=1; $url_run="Run"; $url_edit="Edit"; } $rr = floor($found / 2); $mod = $found - $rr * 2; if ($mod == 0) { //$bgcolor="lightgrey"; } else { //$bgcolor="white"; } print " "; $i++; } print "
Log id Reseller Date and time Account IP address Data source Rows Description Actions
$found. $current_log $reseller_id $log_date $login $ip $datasource_print $results
"; if ($display_form == 1) { print "
"; } else { print "$description"; } print "
$url_run $url_edit "; if (strlen($description) && $rerun) { print " "; } print "
"; } print "