Updating user"; $query=sprintf("update auth_user set username = '%s', name = '%s', organization = '%s', tel = '%s', email = '%s', yubikey = '%s', auth_method = '%s' ", addslashes($username), addslashes($name), addslashes($organization), addslashes($tel), addslashes($email), addslashes($otp_yubikey), addslashes($auth_method) ); if (strlen($password)) { if ($CDRTool['provider']['clear_text_passwords'] != 1 ) { $query.=sprintf(", password = '', password_hashed = '%s'", addslashes(md5($password)) ); } else { $query.=sprintf(", password = '%s', password_hashed = ''", addslashes($password) ); } } if ($perm->have_perm("admin")) { if (strlen($impersonate)) { if (!preg_match("/^[0-9]*\.[0-9]*$/",$impersonate)) { printf ("
Failed to update user $id"; print "The error is $db->Error"; } else { if ($delete) { log_accounts_action(sprintf("account %s deleted", $username)); print "
User $name deleted"; } else { log_accounts_action(sprintf("account %s updated", $username)); print "
User $name updated"; if ($mailsettings) { if ($_SERVER['HTTPS']=="on") { $protocolURL="https://"; } else { $protocolURL="http://"; } $body.=sprintf("The following login account for CDRTool has been created for you:\n\n"); $body.=sprintf("Username: %s\n",$username); $body.=sprintf("Password: %s\n",$password); $body.=sprintf("URL: %s%s%s\n\n",$protocolURL,$_SERVER['HTTP_HOST'],$CDRTool['tld']); $body.=sprintf("You may use your CDRTool account to access call detail records and \n"); $body.=sprintf("traces from OpenSIPs, MediaProxy and Asterisk servers.\n"); $from=sprintf("From: %s",$CDRTool['provider']['fromEmail']); mail($email,"CDRTool login account", $body, $from); } } accountList(); } } } else { $query="select * from auth_user"; if (!$perm->have_perm("admin")) { $query.=sprintf(" where user_id = '%s'",addslashes($uid)); $id=$uid; } else { $query.=sprintf(" where user_id = '%s'",addslashes($id)); } dprint($query); $db->query($query); $db->next_record(); $username = $db->f('username'); $name = $db->f('name'); $email = $db->f('email'); $tel = $db->f('tel'); $password = $db->f('password'); $organization = $db->f('organization'); $perms = $db->f('perms'); $sources = $db->f('sources'); $expire = $db->f('expire'); $aNumberFilter = $db->f('aNumberFilter'); $gatewayFilter = $db->f('gatewayFilter'); $domainFilter = $db->f('domainFilter'); $serviceFilter = $db->f('serviceFilter'); $compidFilter = $db->f('compidFilter'); $cscodeFilter = $db->f('cscodeFilter'); $afterDateFilter = $db->f('afterDateFilter'); $aclFilter = $db->f('aclFilter'); $impersonate = $db->f('impersonate'); $yubikey = $db->f('yubikey'); $auth_method = $db->f('auth_method'); showForm($id); } } elseif ($action=="insert" && $perm->have_perm("admin")) { print "
"; $uid=$auth->auth["uid"]; if (!$password) $password=random_passwd_gen(); if ($check) { if ($perms) $perms = implode($perms,","); if ($sources) $sources = implode($sources,","); if (strlen($impersonate)) { if (!preg_match("/^[0-9]*\.[0-9]*$/",$impersonate)) { printf ("Warning: Impersonate must be formated as CustomerId.ResellerId"); unset($impersonate); } } if ($err = $f->validate()) { print "
$err
"; showForm(); } else { //print "
Adding user"; $hash_secret = "ffdsdsd__ky..."; $user_id=md5(uniqid($hash_secret)); if ($CDRTool['provider']['clear_text_passwords']!=1) { $query=sprintf("insert into auth_user (user_id, username, password, password_hashed, name, organization, tel, email, perms, sources, expire, domainFilter, aNumberFilter, serviceFilter, compidFilter, cscodeFilter, gatewayFilter, afterDateFilter, aclFilter, impersonate, yubikey, auth_method ) values ( '%s', '%s', '', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )", addslashes($user_id), addslashes($username), addslashes(md5($password)), addslashes($name), addslashes($organization), addslashes($tel), addslashes($email), addslashes($perms), addslashes($sources), addslashes($expire), addslashes($domainFilter), addslashes($aNumberFilter), addslashes($serviceFilter), addslashes($compidFilter), addslashes($cscodeFilter), addslashes($gatewayFilter), addslashes($afterDateFilter), addslashes($aclFilter), addslashes($impersonate), addslashes($yubikey), addslashes($auth_method) ); } else { $query=sprintf("insert into auth_user (user_id, username, password, name, organization, tel, email, perms, sources, expire, domainFilter, aNumberFilter, serviceFilter, compidFilter, cscodeFilter, gatewayFilter, afterDateFilter, aclFilter, impersonate, yubikey, auth_method ) values ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )", addslashes($user_id), addslashes($username), addslashes($password), addslashes($name), addslashes($organization), addslashes($tel), addslashes($email), addslashes($perms), addslashes($sources), addslashes($expire), addslashes($domainFilter), addslashes($aNumberFilter), addslashes($serviceFilter), addslashes($compidFilter), addslashes($cscodeFilter), addslashes($gatewayFilter), addslashes($afterDateFilter), addslashes($aclFilter), addslashes($impersonate), addslashes($yubikey), addslashes($auth_method) ); } dprint($query); if (!$db->query($query)) { printf("
Failed to add user: %s(%s) %s",$db->Error,$db->Errno,$query); } else { log_accounts_action(sprintf("account %s added", $username)); print "
User $name created"; if ($mailsettings) { if ($_SERVER['HTTPS']=="on") { $protocolURL="https://"; } else { $protocolURL="http://"; } $body.=sprintf("The following login account for CDRTool has been created for you:\n\n"); $body.=sprintf("Username: %s\n",$username); $body.=sprintf("Password: %s\n",$password); $body.=sprintf("URL: %s%s%s\n\n",$protocolURL,$_SERVER['HTTP_HOST'],$CDRTool['tld']); $body.=sprintf("You may use your CDRTool account to access call detail records and \n"); $body.=sprintf("traces from OpenSIPs, MediaProxy and Asterisk servers.\n"); $from=sprintf("From: %s",$CDRTool['provider']['fromEmail']); mail($email,"CDRTool login account", $body, $from); } } } } else { showForm(); } print ""; } else { print "