06fbd764 |
<?php
/**
* Copyright (C) 2021 Double Bastion LLC
*
* This file is part of Roundpin, which is licensed under the
* GNU Affero General Public License Version 3.0. The license terms
* are detailed in the "LICENSE.txt" file located in the root directory.
*/
session_start();
if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {
define('ACCESSCONST', TRUE);
require('db-connect.php');
$username = $_POST['username'];
// Get the SIP password for the current user from the 'app_users' table
$querysel = $mysqli->query("SELECT username, sip_password, enabled FROM app_users WHERE BINARY username = '$username' AND enabled = 1");
$confdatafromdb = $querysel->fetch_assoc();
// Decrypt the SIP password fetched from the database
if ($confdatafromdb['sip_password'] != '' && $confdatafromdb['sip_password'] != null && $confdatafromdb['sip_password'] != 'undefined') {
$psswdaddedkey = file_get_contents('restr/'.$username.'/pwdkey');
$componentsippsswd = explode(':', $confdatafromdb['sip_password']);
$encpwdin = $componentsippsswd[0];
$ivkey = $componentsippsswd[1];
$sippassworddec = openssl_decrypt($encpwdin, 'AES-256-CBC', $psswdaddedkey, false, $ivkey);
$sipdatafromdb = $sippassworddec;
} else { $sipdatafromdb = ''; }
echo json_encode($sipdatafromdb);
} else {
header("Location: roundpin-login.php");
}
?>
|