Browse code

Changed majority of files.

DoubleBastionAdmin authored on 30/11/2024 06:56:40
Showing 1 changed files
src/get-contacts-and-users.php
History View file @ e8a619c
1 1 
new file mode 100644
... ... 
@@ -0,0 +1,125 @@
1 
+<?php
2 
+/**
3 
+ *  Copyright (C) 2021  Double Bastion LLC
4 
+ *
5 
+ *  This file is part of Roundpin, which is licensed under the
6 
+ *  GNU Affero General Public License Version 3.0. The license terms
7 
+ *  are detailed in the "LICENSE.txt" file located in the root directory.
8 
+ */
9 
+
10 
+session_start();
11 
+
12 
+// // header('Set-Cookie: PHPSESSID= ' . session_id() . '; SameSite=strict; Secure=true; HttpOnly=true;');
13 
+
14 
+if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {
15 
+
16 
+    define('ACCESSCONST', TRUE);
17 
+
18 
+    require('db-connect.php');
19 
+
20 
+    $username = $_POST['username'];
21 
+    $specificGroups = $_POST["specifygroups"];
22 
+
23 
+    // Get the id, user role and groups to load of the current user, from the 'app_users' table
24 
+    $queryid = $mysqli->prepare("SELECT id, userrole, username, load_groups FROM app_users WHERE BINARY username = ?");
25 
+    $queryid->bind_param("s", $username);
26 
+    $queryid->execute();
27 
+    $queryres = $queryid->get_result()->fetch_assoc();
28 
+    $userID = $queryres['id'];
29 
+    $userRole = $queryres['userrole'];
30 
+    $loadGroups = $queryres['load_groups'];
31 
+    $loadGroupsArr = explode("|", $loadGroups);
32 
+    array_shift($loadGroupsArr);
33 
+    array_pop($loadGroupsArr);
34 
+
35 
+    // Get the contacts for the current user
36 
+    $querycont = $mysqli->prepare("SELECT id, user_id, contact_name, contact_desc, contact_long_desc, address_street, address_zip, address_town, address_country, address_state,
37 
+                                   extension_number, contact_mobile, contact_num1, contact_num2, contact_fax, contact_email, profile_picture_c, groups, date_added, date_modified
38 
+                                   FROM contacts WHERE user_id = ?");
39 
+    $querycont->bind_param("i", $userID);
40 
+    $querycont->execute();
41 
+    $queryres = $querycont->get_result();
42 
+
43 
+    $contactsarr = [];
44 
+    while ($querycontres = $queryres->fetch_assoc()) {
45 
+
46 
+       if ($loadGroups == '' || $loadGroups == null || $specificGroups == 'all') {
47 
+           $contactsarr[] = ['contact_name' => $querycontres['contact_name'], 'contact_desc' => $querycontres['contact_desc'], 'contact_long_desc' => $querycontres['contact_long_desc'],
48 
+                             'address_street' => $querycontres['address_street'], 'address_zip' => $querycontres['address_zip'], 'address_town' => $querycontres['address_town'],
49 
+                             'address_country' => $querycontres['address_country'], 'address_state' => $querycontres['address_state'],
50 
+                             'extension_number' => $querycontres['extension_number'], 'contact_mobile' => $querycontres['contact_mobile'],
51 
+                             'contact_num1' => $querycontres['contact_num1'], 'contact_num2' => $querycontres['contact_num2'], 'contact_fax' => $querycontres['contact_fax'],
52 
+                             'contact_email' => $querycontres['contact_email'], 'profile_picture_c' => $querycontres['profile_picture_c'], 'groups' => $querycontres['groups'],
53 
+                             'date_added' => $querycontres['date_added'], 'date_modified' => $querycontres['date_modified']];
54 
+
55 
+       } else {
56 
+
57 
+           $contactGroupsArr = explode("|", $querycontres['groups']);
58 
+           array_shift($contactGroupsArr);
59 
+           array_pop($contactGroupsArr);
60 
+
61 
+           $ck = 0;
62 
+           foreach ($contactGroupsArr as $key => $arrval) {
63 
+                 if (in_array($arrval, $loadGroupsArr)) { $ck++; }
64 
+           }
65 
+
66 
+           if ($ck > 0) {
67 
+
68 
+               $contactsarr[] = ['contact_name' => $querycontres['contact_name'], 'contact_desc' => $querycontres['contact_desc'],
69 
+                                 'contact_long_desc' => $querycontres['contact_long_desc'], 'address_street' => $querycontres['address_street'],
70 
+                                 'address_zip' => $querycontres['address_zip'], 'address_town' => $querycontres['address_town'],
71 
+                                 'address_country' => $querycontres['address_country'], 'address_state' => $querycontres['address_state'],
72 
+                                 'extension_number' => $querycontres['extension_number'], 'contact_mobile' => $querycontres['contact_mobile'],
73 
+                                 'contact_num1' => $querycontres['contact_num1'], 'contact_num2' => $querycontres['contact_num2'], 'contact_fax' => $querycontres['contact_fax'],
74 
+                                 'contact_email' => $querycontres['contact_email'], 'profile_picture_c' => $querycontres['profile_picture_c'], 'groups' => $querycontres['groups'],
75 
+                                 'date_added' => $querycontres['date_added'], 'date_modified' => $querycontres['date_modified']];
76 
+           }
77 
+       }
78 
+    }
79 
+
80 
+    // Get the list of groups
81 
+    $querygr = $mysqli->prepare("SELECT id, userid, group_name FROM groups");
82 
+    $querygr->execute();
83 
+    $querygrres = $querygr->get_result();
84 
+
85 
+    $groupsList = [];
86 
+    while ($querygroupres = $querygrres->fetch_assoc()) {
87 
+           $groupsList[] = [$querygroupres['group_name'] => $querygroupres['userid']];
88 
+    }
89 
+
90 
+    // Get the list of Roundpin users
91 
+    $enabled = 1;
92 
+    $queryusr = $mysqli->prepare("SELECT id, userrole, profile_name, sip_username, user_groups, enabled FROM app_users WHERE enabled = ?");
93 
+    $queryusr->bind_param("i", $enabled);
94 
+    $queryusr->execute();
95 
+    $queryusrres = $queryusr->get_result();
96 
+
97 
+    $roundpinUsers = [];
98 
+    while ($queryusers = $queryusrres->fetch_assoc()) {
99 
+           $roundpinUsers[] = ['profile_name' => $queryusers['profile_name'], 'sip_username' => $queryusers['sip_username'], 'userrole' => $queryusers['userrole'],
100 
+                               'user_groups' => $queryusers['user_groups']];
101 
+    }
102 
+
103 
+    // Get the list of users banned from video conferences
104 
+    $bannedVconfUsers = [];
105 
+    if ($userRole == 'admin' || $userRole == 'superadmin') {
106 
+        $querybndusr = $mysqli->prepare("SELECT banned_profilename, banned_sipusername, conf_extension, conf_label, banned_until FROM banned_users");
107 
+        $querybndusr->execute();
108 
+        $querybndusrres = $querybndusr->get_result();
109 
+
110 
+        while ($querybndusers = $querybndusrres->fetch_assoc()) {
111 
+               $bannedVconfUsers[] = ['banned_profilename' => $querybndusers['banned_profilename'], 'banned_sipusername' => $querybndusers['banned_sipusername'],
112 
+                                      'conf_extension' => $querybndusers['conf_extension'], 'conf_label' => $querybndusers['conf_label'],
113 
+                                      'banned_until' => $querybndusers['banned_until']];
114 
+        }
115 
+    }
116 
+
117 
+    $contactsfromdb = ['contactsinfo' => $contactsarr, 'groups' => $groupsList, 'users' => $roundpinUsers, 'bannedusers' => $bannedVconfUsers];
118 
+
119 
+    echo json_encode($contactsfromdb);
120 
+
121 
+} else {
122 
+    header("Location: ../login.php");
123 
+}
124 
+
125 
+?>