new file mode 100644

@@ -0,0 +1,191 @@

+<?php

+/**

+ *  Copyright (C) 2021  Double Bastion LLC

+ *

+ *  This file is part of Roundpin, which is licensed under the

+ *  GNU Affero General Public License Version 3.0. The license terms

+ *  are detailed in the "LICENSE.txt" file located in the root directory.

+ */

+

+session_start();

+

+// // header('Set-Cookie: PHPSESSID= ' . session_id() . '; SameSite=strict; Secure=true; HttpOnly=true;');

+

+if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {

+

+    define('ACCESSCONST', TRUE);

+

+    require('db-connect.php');

+

+    $username = $_POST['username'];

+

+    // Get the configuration data for the current user from the 'app_users' table

+    $querysel = $mysqli->prepare("SELECT id, userrole, username, wss_server, web_socket_port, server_path, profile_name, sip_username, sip_password, stun_server, audio_output_id, 

+                                  video_src_id, video_height, frame_rate, aspect_ratio, video_orientation, ringtone, audio_src_id, auto_gain_control, echo_cancellation, 

+                                  noise_suppression, ring_output_id, video_conf_window_width, profile_picture, language, notifications, show_vconf_usernames, display_vconf_user,

+                                  use_email, load_groups, date_added, date_modified, enabled FROM app_users WHERE BINARY username = ?");

+    $querysel->bind_param("s", $username);

+    $querysel->execute();

+    $confdatafromdb = $querysel->get_result()->fetch_assoc();

+    $cruserid = $confdatafromdb['id'];

+

+

+    // Get the fax settings for the current user from the 'fax_settings' table

+    $queryselfax = $mysqli->prepare("SELECT userid, tel_secret_key, tel_fax_app_id, tel_recwh_url, phax_api_key, phax_api_secret, phax_webhook_token, phax_receive_url, get_notification,

+                                     notification_email FROM fax_settings WHERE userid = ?");

+    $queryselfax->bind_param("i", $cruserid);

+    $queryselfax->execute();

+    $queryselfaxdata = $queryselfax->get_result()->fetch_assoc();

+

+    if ($queryselfaxdata) {

+

+	$confdatafromdb['tel_secret_key'] = $queryselfaxdata['tel_secret_key'];

+	$confdatafromdb['tel_fax_app_id'] = $queryselfaxdata['tel_fax_app_id'];

+	$confdatafromdb['tel_recwh_url'] = $queryselfaxdata['tel_recwh_url'];

+	$confdatafromdb['phax_api_key'] = $queryselfaxdata['phax_api_key'];

+	$confdatafromdb['phax_api_secret'] = $queryselfaxdata['phax_api_secret'];

+	$confdatafromdb['phax_webhook_token'] = $queryselfaxdata['phax_webhook_token'];

+	$confdatafromdb['phax_receive_url'] = $queryselfaxdata['phax_receive_url'];

+	$confdatafromdb['get_notification'] = $queryselfaxdata['get_notification'];

+	$confdatafromdb['notification_email'] = $queryselfaxdata['notification_email'];

+

+    } else {

+

+	$confdatafromdb['tel_secret_key'] = '';

+	$confdatafromdb['tel_fax_app_id'] = '';

+	$confdatafromdb['tel_recwh_url'] = '';

+	$confdatafromdb['phax_api_key'] = '';

+	$confdatafromdb['phax_api_secret'] = '';

+	$confdatafromdb['phax_webhook_token'] = '';

+	$confdatafromdb['phax_receive_url'] = '';

+	$confdatafromdb['get_notification'] = '';

+	$confdatafromdb['notification_email'] = '';

+    }

+

+    // Get the phone numbers for the current user from the 'phone_numbers' table

+    $queryselphnb = $mysqli->prepare("SELECT userid, voice_numbers, default_voice_number, sms_numbers, default_sms_number, fax_numbers, default_fax_number FROM phone_numbers 

+                                      WHERE userid = ?");

+    $queryselphnb->bind_param("i", $cruserid);

+    $queryselphnb->execute();

+    $queryselphnbdata = $queryselphnb->get_result()->fetch_assoc();

+

+    if ($queryselphnbdata) {

+        $confdatafromdb['voice_numbers'] = $queryselphnbdata['voice_numbers'];

+        $confdatafromdb['default_voice_number'] = $queryselphnbdata['default_voice_number'];

+        $confdatafromdb['sms_numbers'] = $queryselphnbdata['sms_numbers'];

+        $confdatafromdb['default_sms_number'] = $queryselphnbdata['default_sms_number'];

+        $confdatafromdb['fax_numbers'] = $queryselphnbdata['fax_numbers'];

+        $confdatafromdb['default_fax_number'] = $queryselphnbdata['default_fax_number'];

+    } else {

+        $confdatafromdb['voice_numbers'] = '';

+        $confdatafromdb['default_voice_number'] = '';

+        $confdatafromdb['sms_numbers'] = '';

+        $confdatafromdb['default_sms_number'] = '';

+        $confdatafromdb['fax_numbers'] = '';

+        $confdatafromdb['default_fax_number'] = '';

+    }

+

+    // Get the email configuration data for the current user from the 'email_conf' table

+    $queryselrcnf = $mysqli->prepare("SELECT userid, rcdomain, rcuser, rcpassword, rcbasicauthuser, rcbasicauthpass FROM email_conf WHERE userid = ?");

+    $queryselrcnf->bind_param("i", $cruserid);

+    $queryselrcnf->execute();

+    $queryselrcnfdata = $queryselrcnf->get_result()->fetch_assoc();

+

+    if ($queryselrcnfdata) {

+        $confdatafromdb['rcdomain'] = $queryselrcnfdata['rcdomain'];

+        $confdatafromdb['rcuser'] = $queryselrcnfdata['rcuser'];

+        $confdatafromdb['rcpassword'] = $queryselrcnfdata['rcpassword'];

+        $confdatafromdb['rcbasicauthuser'] = $queryselrcnfdata['rcbasicauthuser'];

+        $confdatafromdb['rcbasicauthpass'] = $queryselrcnfdata['rcbasicauthpass'];

+    } else {

+        $confdatafromdb['rcdomain'] = '';

+        $confdatafromdb['rcuser'] = '';

+        $confdatafromdb['rcpassword'] = '';

+        $confdatafromdb['rcbasicauthuser'] = '';

+        $confdatafromdb['rcbasicauthpass'] = '';

+    }

+

+    // Replace the SIP password, fax keys (if any), Roundcube password (if any) and Roundcube basic auth password (if any) with placeholders

+    if ($confdatafromdb['sip_password']) {

+            $confdatafromdb['sip_password'] = "%20%20%20%20%20%20%20";

+    } else { $confdatafromdb['sip_password'] = ''; }

+

+    if ($confdatafromdb['tel_secret_key']) {

+        $confdatafromdb['tel_secret_key'] = "%20%20%20%20%20%20%20";

+    } else { $confdatafromdb['tel_secret_key'] = ''; }

+

+    if ($confdatafromdb['tel_fax_app_id']) {

+        $confdatafromdb['tel_fax_app_id'] = "%20%20%20%20%20%20%20";

+    } else { $confdatafromdb['tel_fax_app_id'] = ''; }

+/*

+    if ($confdatafromdb['tel_recwh_url']) {

+        $confdatafromdb['tel_recwh_url'] = "%20%20%20%20%20%20%20";

+    } else { $confdatafromdb['tel_recwh_url'] = ''; }

+*/

+    if ($confdatafromdb['phax_api_key']) {

+        $confdatafromdb['phax_api_key'] = "%20%20%20%20%20%20%20";

+    } else { $confdatafromdb['phax_api_key'] = ''; }

+

+    if ($confdatafromdb['phax_api_secret']) {

+        $confdatafromdb['phax_api_secret'] = "%20%20%20%20%20%20%20";

+    } else { $confdatafromdb['phax_api_secret'] = ''; }

+

+    if ($confdatafromdb['phax_webhook_token']) {

+        $confdatafromdb['phax_webhook_token'] = "%20%20%20%20%20%20%20";

+    } else { $confdatafromdb['phax_webhook_token'] = ''; }

+/*

+    if ($confdatafromdb['phax_receive_url']) {

+        $confdatafromdb['phax_receive_url'] = "%20%20%20%20%20%20%20";

+    } else { $confdatafromdb['phax_receive_url'] = ''; }

+*/

+    if ($confdatafromdb['rcpassword']) {

+	    $confdatafromdb['rcpassword'] = "%20%20%20%20%20%20%20";

+    } else { $confdatafromdb['rcpassword'] = ''; }

+

+    if ($confdatafromdb['rcbasicauthpass']) {

+	    $confdatafromdb['rcbasicauthpass'] = "%20%20%20%20%20%20%20";

+    } else { $confdatafromdb['rcbasicauthpass'] = ''; }

+

+

+    // Get the text conference data from the 'conferences_text' table

+    $querygettxt = $mysqli->prepare("SELECT id, text_conf_extension, text_conf_label, limit_to_groups FROM conferences_text");

+    $querygettxt->execute();

+    $textconfdatadb = $querygettxt->get_result();

+    $textconfarr = [];

+

+    while ($textconfinfo = $textconfdatadb->fetch_assoc()) {

+           $textconfarr[] = ['text_conf_extension' => $textconfinfo['text_conf_extension'], 'text_conf_label' => $textconfinfo['text_conf_label'], 

+                             'limit_to_groups' => $textconfinfo['limit_to_groups']];

+    }

+

+    // Get the audio conference data from the 'conferences_audio' table

+    $querygetaudio = $mysqli->prepare("SELECT id, audio_conf_extension, audio_conf_label, limit_to_groups FROM conferences_audio");

+    $querygetaudio->execute();

+    $audioconfdatadb = $querygetaudio->get_result();

+    $audioconfarr = [];

+

+    while ($audioconfinfo = $audioconfdatadb->fetch_assoc()) {

+           $audioconfarr[] = ['audio_conf_extension' => $audioconfinfo['audio_conf_extension'], 'audio_conf_label' => $audioconfinfo['audio_conf_label'], 

+                              'limit_to_groups' => $audioconfinfo['limit_to_groups']];

+    }

+

+    // Get the video conference data from the 'conferences_video' table

+    $querygetvideo = $mysqli->prepare("SELECT id, video_conf_extension, video_conf_label, limit_to_groups FROM conferences_video");

+    $querygetvideo->execute();

+    $videoconfdatadb = $querygetvideo->get_result();

+    $videoconfarr = [];

+

+    while ($videoconfinfo = $videoconfdatadb->fetch_assoc()) {

+           $videoconfarr[] = ['video_conf_extension' => $videoconfinfo['video_conf_extension'], 'video_conf_label' => $videoconfinfo['video_conf_label'], 

+                              'limit_to_groups' => $videoconfinfo['limit_to_groups']];

+    }

+

+    $response = ['datafromdb' => $confdatafromdb, 'textconferences' => $textconfarr, 'audioconferences' => $audioconfarr, 'videoconferences' => $videoconfarr];

+

+    echo json_encode($response);

+

+} else {

+    header("Location: ../login.php");

+}

+

+?>