new file mode 100644

@@ -0,0 +1,584 @@

+<?php

+/**

+ *  Copyright (C) 2021  Double Bastion LLC

+ *

+ *  This file is part of Roundpin, which is licensed under the

+ *  GNU Affero General Public License Version 3.0. The license terms

+ *  are detailed in the "LICENSE.txt" file located in the root directory.

+ */

+

+session_start();

+

+ // header('Set-Cookie: PHPSESSID= ' . session_id() . '; SameSite=strict; Secure=true; HttpOnly=true;');

+

+if (isset($_POST['s_ajax_call']) && ($_POST['s_ajax_call'] == $_SESSION['validate_s_access'])) {

+

+

+    define('ACCESSCONST', TRUE);

+

+    require('db-connect.php');

+

+    $username = $_POST['username'];

+    $wssServer = $_POST['wss_server'];

+    $webSocketPort = $_POST['web_socket_port'];

+    $serverPath = $_POST['server_path'];

+    $profileName = $_POST['profile_name'];

+    $sipUsername = $_POST['sip_username'];

+    $sipPasswordPre = $_POST['sip_password'];

+    $stunServer = $_POST['stun_server'];

+    $audioOutputId = $_POST['audio_output_id'];

+    $videoSrcId = $_POST['video_src_id'];

+    $videoHeight = $_POST['video_height'];

+    $frameRate = $_POST['frame_rate'];

+    $aspectRatio = $_POST['aspect_ratio'];

+    $videoOrientation = $_POST['video_orientation'];

+    $ringTone = $_POST['ringtone'];

+    $audioSrcId = $_POST['audio_src_id'];

+    $autoGainControl = $_POST['auto_gain_control'];

+    $echoCancellation = $_POST['echo_cancellation'];

+    $noiseSuppression = $_POST['noise_suppression'];

+    $ringOutputId = $_POST['ring_output_id'];

+    $videoConfWindowWidth = $_POST['video_conf_window_width'];

+    $profilePicture = $_POST['profile_picture'];

+    $language = $_POST['language'];

+    $notifications = $_POST['notifications'];

+    $showVconfNames = $_POST['show_vconf_usernames'];

+    $displayVconfUser = $_POST['display_vconf_user'];

+    $useEmail = $_POST['use_email'];

+    $rcDomain = $_POST['rcdomain'];

+    $rcBasicAuthUser = $_POST['rcbasicauthuser'];

+    $rcBasicAuthPass = $_POST['rcbasicauthpass'];

+    $rcUser = $_POST['rcuser'];

+    $rcPassword = $_POST['rcpassword'];

+    $loadGroups = $_POST['load_groups'];

+    $voicenmb = $_POST['voicenmb'];

+    $voicedefnmb = $_POST['voicedefnmb'];

+    $smsnmb = $_POST['smsnmb'];

+    $smsdefnmb = $_POST['smsdefnmb'];

+    $telsecretkey = $_POST['telsecretkey'];

+    $telfaxappid = $_POST['telfaxappid'];

+    $telrecwhurl = $_POST['telrecwhurl'];

+    $phaxapikey = $_POST['phaxapikey'];

+    $phaxapisecret = $_POST['phaxapisecret'];

+    $phaxwebhooktoken = $_POST['phaxwebhooktoken'];

+    $phaxreceiveurl = $_POST['phaxreceiveurl'];

+    $faxnotification = $_POST['faxnotification'];

+    $faxnotifyemail = $_POST['faxnotifyemail'];

+    $faxnmb = $_POST['faxnmb'];

+    $faxdefnmb = $_POST['faxdefnmb'];

+

+    $messageupdata5 = 'success';

+    $messageupdata6 = 'success';

+    $messageupdata7 = 'success';

+    $messageupdata8 = 'success';

+    $messageupdata9 = 'success';

+    $messageupdata10 = 'success';

+    $messageupdata11 = 'success';

+    $messageupdata12 = 'success';

+

+

+    // Get the id of the current user from the 'app_users' table

+    $queryselid = $mysqli->prepare("SELECT id, username FROM app_users WHERE BINARY username = ?");

+    $queryselid->bind_param("s", $username);

+    $queryselid->execute(); 

+    $queryselid = $queryselid->get_result()->fetch_assoc();

+    $userid = $queryselid['id'];

+

+

+    // Remove the directories for temporary files from the 'src/email-to-fax/tmp' folder, for the current user, if any

+    $queryfaxwhurl = $mysqli->prepare("SELECT userid, tel_recwh_url, phax_receive_url FROM fax_settings WHERE userid = ?");

+    $queryfaxwhurl->bind_param("i", $userid);

+    $queryfaxwhurl->execute(); 

+    $queryfxurlres = $queryfaxwhurl->get_result()->fetch_assoc();

+    $telnyxurl = $queryfxurlres['tel_recwh_url'];

+    $phaxiourl = $queryfxurlres['phax_receive_url'];

+

+    if ($queryfxurlres) {

+

+        if ($telnyxurl) {

+

+            // Remove the directory for temporary files from the 'src/email-to-fax/tmp' folder, for the current user, for Telnyx, if any

+            $usertmpdirtxarr = explode("/", $telnyxurl);

+            $usertmpdirtxpre = array_reverse($usertmpdirtxarr);

+            $usertmpdirtx = substr($usertmpdirtxpre[0], 8, 20);

+            if (is_dir(dirname(__FILE__) . '/email-to-fax/tmp/' . $usertmpdirtx)) {

+                array_map('unlink', glob(dirname(__FILE__) . '/email-to-fax/tmp/' . $usertmpdirtx . "/*"));

+                rmdir(dirname(__FILE__) . '/email-to-fax/tmp/' . $usertmpdirtx);

+            }

+

+

+            if ($telrecwhurl) {

+

+                // Remove the files with random alphanumeric strings as names, that were previously created to receive webhook requests from Telnyx

+                foreach (glob(dirname(__FILE__) . "/telnyxfaxwh-*.php") as $flnametx) { unlink($flnametx); }

+

+                // Create a new file having a random alphanumeric string as name, to prevent unwanted access, since its name will be part of the webhook URL for Telnyx

+                $telrecwhurlarr = explode("/", $telrecwhurl);

+                $telrecwhfile = end($telrecwhurlarr);

+                // The atypical indentation that follows is intentional

+                $texttosavetx = "<?php

+/**

+ *  Copyright (C) 2021  Double Bastion LLC

+ *

+ *  This file is part of Roundpin, which is licensed under the

+ *  GNU Affero General Public License Version 3.0. The license terms

+ *  are detailed in the 'LICENSE.txt' file located in the root directory.

+ */

+

+include(dirname(__FILE__) . '/receive-telnyx-fax-webhooks.php');

+?>";

+                file_put_contents(dirname(__FILE__) . "/" . $telrecwhfile, $texttosavetx);

+            }   

+        }

+

+        if ($phaxiourl) {

+

+            // Remove the directory for temporary files from the 'src/email-to-fax/tmp' folder, for the current user, for Phaxio, if any

+            $usertmpdirpharr = explode("/", $phaxiourl);

+            $usertmpdirphpre = array_reverse($usertmpdirpharr);

+            $usertmpdirph = substr($usertmpdirphpre[0], 9, 20);

+            if (is_dir(dirname(__FILE__) . '/email-to-fax/tmp/' . $usertmpdirph)) {

+                array_map('unlink', glob(dirname(__FILE__) . '/email-to-fax/tmp/' . $usertmpdirph . "/*"));

+                rmdir(dirname(__FILE__) . '/email-to-fax/tmp/' . $usertmpdirph);

+            }

+

+

+            if ($phaxreceiveurl) {

+

+                // Remove the files with random alphanumeric strings as names, that were previously created to receive webhook requests from Phaxio

+                foreach (glob(dirname(__FILE__) . "/phaxiofaxwh-*.php") as $flnameph) { unlink($flnameph); }

+

+                // Create a new file having a random alphanumeric string as name, to prevent unwanted access, since its name will be part of the webhook URL for Phaxio

+                $phaxrecwhurlarr = explode("/", $phaxreceiveurl);

+                $phaxrecwhfile = end($phaxrecwhurlarr);

+                // The atypical indentation that follows is intentional

+                $texttosaveph = "<?php

+/**

+ *  Copyright (C) 2021  Double Bastion LLC

+ *

+ *  This file is part of Roundpin, which is licensed under the

+ *  GNU Affero General Public License Version 3.0. The license terms

+ *  are detailed in the 'LICENSE.txt' file located in the root directory.

+ */

+

+include(dirname(__FILE__) . '/receive-phaxio-fax-webhooks.php');

+?>";

+                file_put_contents(dirname(__FILE__) . "/" . $phaxrecwhfile, $texttosaveph);

+            }

+        }

+    }

+

+

+    // Encrypt the SIP password, the keys from the Fax and SMS sections (if any), Roundcube password (if any) and Roundcube basic auth password (if any), before inserting them into the database

+

+    if ($sipPasswordPre != '' && $sipPasswordPre != "%20%20%20%20%20%20%20") {

+

+        $keypass = substr(sha1((string) mt_rand()), 0, 32);

+        $keysalt = openssl_random_pseudo_bytes(12);

+        $generated_key = openssl_pbkdf2($keypass, $keysalt, 40, 100, 'sha256');

+        $psswdadded = bin2hex($generated_key);

+

+        if (!is_dir('../restr')) {

+            mkdir('../restr', 0700);

+        }

+

+        if (!is_dir('../restr/' . $username . '')) {

+            mkdir('../restr/' . $username . '', 0700);

+        }

+

+        if (file_put_contents('../restr/' . $username . '/pwdkey', $psswdadded)) { $messageupdatasippwd1 = 'success'; } else { $messageupdatasippwd1 = 'failure'; }

+        if (chmod('../restr/' . $username . '/pwdkey', 0600)) { $messageupdatasippwd2 = 'success'; } else { $messageupdatasippwd2 = 'failure'; }

+        if ($messageupdatasippwd1 == 'success' && $messageupdatasippwd2 == 'success') { $messageupdata5 = 'success'; } else { $messageupdata5 = 'failure'; }

+

+        $iv = substr(sha1((string) mt_rand()), 0, 16);

+        $encpwdin = openssl_encrypt($sipPasswordPre, 'AES-256-CBC', $psswdadded, false, $iv);

+        $sipPasswordEnc = $encpwdin.':'.$iv;

+

+    } elseif ($sipPasswordPre == "%20%20%20%20%20%20%20") {

+

+              $queryselsippass = $mysqli->prepare("SELECT username, sip_password FROM app_users WHERE BINARY username = ?");

+              $queryselsippass->bind_param("s", $username);

+              $queryselsippass->execute();

+              $sippassarr = $queryselsippass->get_result()->fetch_assoc();

+              $sipPasswordEnc = $sippassarr['sip_password'];

+

+    } elseif ($sipPasswordPre == '') {

+              $sipPasswordEnc = '';

+

+    } else { $sipPasswordEnc = ''; }

+

+

+    if ($telsecretkey != '' && $telsecretkey != "%20%20%20%20%20%20%20") {

+

+        $keypasstelkey = substr(sha1((string) mt_rand()), 0, 32);

+        $keysalttelkey = openssl_random_pseudo_bytes(12);

+        $generated_keytelkey = openssl_pbkdf2($keypasstelkey, $keysalttelkey, 40, 100, 'sha256');

+        $psswdaddedtelkey = bin2hex($generated_keytelkey);

+

+        if (!is_dir('../restr')) {

+            mkdir('../restr', 0700);

+        }

+

+        if (!is_dir('../restr/' . $username . '')) {

+            mkdir('../restr/' . $username . '', 0700);

+        }

+

+        if (file_put_contents('../restr/' . $username . '/pwdtelnyxkey', $psswdaddedtelkey)) { $messageupdatatelkey1 = 'success'; } else { $messageupdatatelkey1 = 'failure'; }

+        if (chmod('../restr/' . $username . '/pwdtelnyxkey', 0600)) { $messageupdatatelkey2 = 'success'; } else { $messageupdatatelkey2 = 'failure'; }

+        if ($messageupdatatelkey1 == 'success' && $messageupdatatelkey2 == 'success') { $messageupdata11 = 'success'; } else { $messageupdata11 = 'failure'; }

+

+        $iv8 = substr(sha1((string) mt_rand()), 0, 16);

+        $enctelkey = openssl_encrypt($telsecretkey, 'AES-256-CBC', $psswdaddedtelkey, false, $iv8);

+        $telsecretkeyEnc = $enctelkey.':'.$iv8;

+

+    } elseif ($telsecretkey == "%20%20%20%20%20%20%20") {

+              $queryseltelkeypass = $mysqli->prepare("SELECT userid, tel_secret_key FROM fax_settings WHERE userid = ?");

+              $queryseltelkeypass->bind_param("i", $userid);

+              $queryseltelkeypass->execute();

+              $telkeypassarr = $queryseltelkeypass->get_result()->fetch_assoc();

+              $telsecretkeyEnc = $telkeypassarr['tel_secret_key'];

+

+    } elseif ($telsecretkey == '') {

+              $telsecretkeyEnc = '';

+

+    } else { $telsecretkeyEnc = ''; }

+

+

+    if ($telfaxappid != '' && $telfaxappid != "%20%20%20%20%20%20%20") {

+

+        $keypasstelappid = substr(sha1((string) mt_rand()), 0, 32);

+        $keysalttelappid = openssl_random_pseudo_bytes(12);

+        $generated_keytelappid = openssl_pbkdf2($keypasstelappid, $keysalttelappid, 40, 100, 'sha256');

+        $psswdaddedtelappid = bin2hex($generated_keytelappid);

+

+        if (!is_dir('../restr')) {

+            mkdir('../restr', 0700);

+        }

+

+        if (!is_dir('../restr/' . $username . '')) {

+            mkdir('../restr/' . $username . '', 0700);

+        }

+

+        if (file_put_contents('../restr/' . $username . '/pwdtelnyxappid', $psswdaddedtelappid)) { $messageupdatatelappid1 = 'success'; } else { $messageupdatatelappid1 = 'failure'; }

+        if (chmod('../restr/' . $username . '/pwdtelnyxappid', 0600)) { $messageupdatatelappid2 = 'success'; } else { $messageupdatatelappid2 = 'failure'; }

+        if ($messageupdatatelappid1 == 'success' && $messageupdatatelappid2 == 'success') { $messageupdata12 = 'success'; } else { $messageupdata12 = 'failure'; }

+

+        $iv9 = substr(sha1((string) mt_rand()), 0, 16);

+        $enctelappid = openssl_encrypt($telfaxappid, 'AES-256-CBC', $psswdaddedtelappid, false, $iv9);

+        $telfaxappidEnc = $enctelappid.':'.$iv9;

+

+    } elseif ($telfaxappid == "%20%20%20%20%20%20%20") {

+              $queryseltelappidpass = $mysqli->prepare("SELECT userid, tel_fax_app_id FROM fax_settings WHERE userid = ?");

+              $queryseltelappidpass->bind_param("i", $userid);

+              $queryseltelappidpass->execute();

+              $telappidpassarr = $queryseltelappidpass->get_result()->fetch_assoc();

+              $telfaxappidEnc = $telappidpassarr['tel_fax_app_id'];

+

+    } elseif ($telfaxappid == '') {

+              $telfaxappidEnc = '';

+

+    } else { $telfaxappidEnc = ''; }

+

+

+    if ($phaxapikey != '' && $phaxapikey != "%20%20%20%20%20%20%20") {

+

+        $keypassphkey = substr(sha1((string) mt_rand()), 0, 32);

+        $keysaltphkey = openssl_random_pseudo_bytes(12);

+        $generated_keyphkey = openssl_pbkdf2($keypassphkey, $keysaltphkey, 40, 100, 'sha256');

+        $psswdaddedphkey = bin2hex($generated_keyphkey);

+

+        if (!is_dir('../restr')) {

+            mkdir('../restr', 0700);

+        }

+

+        if (!is_dir('../restr/' . $username . '')) {

+            mkdir('../restr/' . $username . '', 0700);

+        }

+

+        if (file_put_contents('../restr/' . $username . '/pwdphaxiokey', $psswdaddedphkey)) { $messageupdataphkey1 = 'success'; } else { $messageupdataphkey1 = 'failure'; }

+        if (chmod('../restr/' . $username . '/pwdphaxiokey', 0600)) { $messageupdataphkey2 = 'success'; } else { $messageupdataphkey2 = 'failure'; }

+        if ($messageupdataphkey1 == 'success' && $messageupdataphkey2 == 'success') { $messageupdata6 = 'success'; } else { $messageupdata6 = 'failure'; }

+

+        $iv2 = substr(sha1((string) mt_rand()), 0, 16);

+        $encphkey = openssl_encrypt($phaxapikey, 'AES-256-CBC', $psswdaddedphkey, false, $iv2);

+        $phaxapikeyEnc = $encphkey.':'.$iv2;

+

+    } elseif ($phaxapikey == "%20%20%20%20%20%20%20") {

+              $queryselphkeypass = $mysqli->prepare("SELECT userid, phax_api_key FROM fax_settings WHERE userid = ?");

+              $queryselphkeypass->bind_param("i", $userid);

+              $queryselphkeypass->execute();

+              $phkeypassarr = $queryselphkeypass->get_result()->fetch_assoc();

+              $phaxapikeyEnc = $phkeypassarr['phax_api_key'];

+

+    } elseif ($phaxapikey == '') {

+              $phaxapikeyEnc = '';

+

+    } else { $phaxapikeyEnc = ''; }

+

+

+    if ($phaxapisecret != '' && $phaxapisecret != "%20%20%20%20%20%20%20") {

+

+        $keypassphsecret = substr(sha1(string) (mt_rand()), 0, 32);

+        $keysaltphsecret = openssl_random_pseudo_bytes(12);

+        $generated_keyphsecret = openssl_pbkdf2($keypassphsecret, $keysaltphsecret, 40, 100, 'sha256');

+        $psswdaddedphsecret = bin2hex($generated_keyphsecret);

+

+        if (!is_dir('../restr')) {

+            mkdir('../restr', 0700);

+        }

+

+        if (!is_dir('../restr/' . $username . '')) {

+            mkdir('../restr/' . $username . '', 0700);

+        }

+

+        if (file_put_contents('../restr/' . $username . '/pwdphaxiosecret', $psswdaddedphsecret)) { $messageupdataphsec1 = 'success'; } else { $messageupdataphsec1 = 'failure'; }

+        if (chmod('../restr/' . $username . '/pwdphaxiosecret', 0600)) { $messageupdataphsec2 = 'success'; } else { $messageupdataphsec2 = 'failure'; }

+        if ($messageupdataphsec1 == 'success' && $messageupdataphsec2 == 'success') { $messageupdata7 = 'success'; } else { $messageupdata7 = 'failure'; }

+

+        $iv3 = substr(sha1((string) mt_rand()), 0, 16);

+        $encphsecret = openssl_encrypt($phaxapisecret, 'AES-256-CBC', $psswdaddedphsecret, false, $iv3);

+        $phaxapisecretEnc = $encphsecret.':'.$iv3;

+

+    } elseif ($phaxapisecret == "%20%20%20%20%20%20%20") {

+              $queryselphsecretpass = $mysqli->prepare("SELECT userid, phax_api_secret FROM fax_settings WHERE userid = ?");

+              $queryselphsecretpass->bind_param("i", $userid);

+              $queryselphsecretpass->execute();

+              $phsecretpassarr = $queryselphsecretpass->get_result()->fetch_assoc();

+              $phaxapisecretEnc = $phsecretpassarr['phax_api_secret'];

+

+    } elseif ($phaxapisecret == '') {

+              $phaxapisecretEnc = '';

+

+    } else { $phaxapisecretEnc = ''; }

+

+

+    if ($phaxwebhooktoken != '' && $phaxwebhooktoken != "%20%20%20%20%20%20%20") {

+

+        $keypassphwhtoken = substr(sha1((string) mt_rand()), 0, 32);

+        $keysaltphwhtoken = openssl_random_pseudo_bytes(12);

+        $generated_keyphwhtoken = openssl_pbkdf2($keypassphwhtoken, $keysaltphwhtoken, 40, 100, 'sha256');

+        $psswdaddedphwhtoken = bin2hex($generated_keyphwhtoken);

+

+        if (!is_dir('../restr')) {

+            mkdir('../restr', 0700);

+        }

+

+        if (!is_dir('../restr/' . $username . '')) {

+            mkdir('../restr/' . $username . '', 0700);

+        }

+

+        if (file_put_contents('../restr/' . $username . '/pwdphaxiowhtoken', $psswdaddedphwhtoken)) { $messageupdataphwht1 = 'success'; } else { $messageupdataphwht1 = 'failure'; }

+        if (chmod('../restr/' . $username . '/pwdphaxiowhtoken', 0600)) { $messageupdataphwht2 = 'success'; } else { $messageupdataphwht2 = 'failure'; }

+        if ($messageupdataphwht1 == 'success' && $messageupdataphwht2 == 'success') { $messageupdata8 = 'success'; } else { $messageupdata8 = 'failure'; }

+

+        $iv4 = substr(sha1((string) mt_rand()), 0, 16);

+        $encphwhtoken = openssl_encrypt($phaxwebhooktoken, 'AES-256-CBC', $psswdaddedphwhtoken, false, $iv4);

+        $phaxapiwhtokenEnc = $encphwhtoken.':'.$iv4;

+

+    } elseif ($phaxwebhooktoken == "%20%20%20%20%20%20%20") {

+              $queryselphwhtpass = $mysqli->prepare("SELECT userid, phax_webhook_token FROM fax_settings WHERE userid = ?");

+              $queryselphwhtpass->bind_param("i", $userid);

+              $queryselphwhtpass->execute();

+              $phwhtpassarr = $queryselphwhtpass->get_result()->fetch_assoc();

+              $phaxapiwhtokenEnc = $phwhtpassarr['phax_webhook_token'];

+

+    } elseif ($phaxwebhooktoken == '') {

+              $phaxapiwhtokenEnc = '';

+

+    } else { $phaxapiwhtokenEnc = ''; }

+

+

+    if ($rcBasicAuthPass != '' && $rcBasicAuthPass != "%20%20%20%20%20%20%20") {

+

+        $keypassrcba = substr(sha1((string) mt_rand()), 0, 32);

+        $keysaltrcba = openssl_random_pseudo_bytes(12);

+        $generated_keyrcba = openssl_pbkdf2($keypassrcba, $keysaltrcba, 40, 100, 'sha256');

+        $psswdaddedrcba = bin2hex($generated_keyrcba);

+

+        if (!is_dir('../restr')) {

+            mkdir('../restr', 0700);

+        }

+

+        if (!is_dir('../restr/' . $username . '')) {

+            mkdir('../restr/' . $username . '', 0700);

+        }

+

+        if (file_put_contents('../restr/' . $username . '/pwdkeyrcba', $psswdaddedrcba)) { $messageupdatarcba1 = 'success'; } else { $messageupdatarcba1 = 'failure'; }

+        if (chmod('../restr/' . $username . '/pwdkeyrcba', 0600)) { $messageupdatarcba2 = 'success'; } else { $messageupdatarcba2 = 'failure'; }

+        if ($messageupdatarcba1 == 'success' && $messageupdatarcba2 == 'success') { $messageupdata9 = 'success'; } else { $messageupdata9 = 'failure'; }

+

+        $iv6 = substr(sha1((string) mt_rand()), 0, 16);

+        $encRcBasicAuthPass = openssl_encrypt($rcBasicAuthPass, 'AES-256-CBC', $psswdaddedrcba, false, $iv6);

+        $rcBasicAuthPassEnc = $encRcBasicAuthPass.':'.$iv6;

+

+    } elseif ($rcBasicAuthPass == "%20%20%20%20%20%20%20") {

+              $queryselrcbapass = $mysqli->prepare("SELECT userid, rcbasicauthpass FROM email_conf WHERE userid = ?");

+              $queryselrcbapass->bind_param("i", $userid);

+              $queryselrcbapass->execute();

+              $rcbapassarr = $queryselrcbapass->get_result()->fetch_assoc();

+              $rcBasicAuthPassEnc = $rcbapassarr['rcbasicauthpass'];

+

+    } elseif ($rcBasicAuthPass == '') {

+              $rcBasicAuthPassEnc = '';

+

+    } else { $rcBasicAuthPassEnc = ''; }

+

+

+    if ($rcPassword != '' && $rcPassword != "%20%20%20%20%20%20%20") {

+

+        $keypassrc = substr(sha1((string) mt_rand()), 0, 32);

+        $keysaltrc = openssl_random_pseudo_bytes(12);

+        $generated_keyrc = openssl_pbkdf2($keypassrc, $keysaltrc, 40, 100, 'sha256');

+        $psswdaddedrc = bin2hex($generated_keyrc);

+

+        if (!is_dir('../restr')) {

+            mkdir('../restr', 0700);

+        }

+

+        if (!is_dir('../restr/' . $username . '')) {

+            mkdir('../restr/' . $username . '', 0700);

+        }

+

+        if (file_put_contents('../restr/' . $username . '/pwdkeyrc', $psswdaddedrc)) { $messageupdatarcp1 = 'success'; } else { $messageupdatarcp1 = 'failure'; }

+        if (chmod('../restr/' . $username . '/pwdkeyrc', 0600)) { $messageupdatarcp2 = 'success'; } else { $messageupdatarcp2 = 'failure'; }

+        if ($messageupdatarcp1 == 'success' && $messageupdatarcp2 == 'success') { $messageupdata10 = 'success'; } else { $messageupdata10 = 'failure'; }

+

+        $iv7 = substr(sha1((string) mt_rand()), 0, 16);

+        $encRcPassword = openssl_encrypt($rcPassword, 'AES-256-CBC', $psswdaddedrc, false, $iv7);

+        $rcPasswordEnc = $encRcPassword.':'.$iv7;

+

+    } elseif ($rcPassword == "%20%20%20%20%20%20%20") {

+              $queryselrcpass = $mysqli->prepare("SELECT userid, rcpassword FROM email_conf WHERE userid = ?");

+              $queryselrcpass->bind_param("i", $userid);

+              $queryselrcpass->execute(); 

+              $queryselres = $queryselrcpass->get_result()->fetch_assoc();

+              $rcPasswordEnc = $queryselres['rcpassword'];

+

+    } elseif ($rcPassword == '') { 

+              $rcPasswordEnc = '';

+

+    } else { $rcPasswordEnc = ''; }

+

+

+    // Insert account data for the current user in the 'app_users' table

+    $crrntTime = date("Y-m-d H:i:s");

+

+    $query1 = $mysqli->prepare("UPDATE `app_users` SET `wss_server`=?, `web_socket_port`=?, `server_path`=?, `profile_name`=?, `sip_username`=?, `sip_password`=?, `stun_server`=?,

+                               `audio_output_id`=?, `video_src_id`=?, `video_height`=?, `frame_rate`=?, `aspect_ratio`=?, `video_orientation`=?, `ringtone`=?, `audio_src_id`=?, 

+                               `auto_gain_control`=?, `echo_cancellation`=?, `noise_suppression`=?, `ring_output_id`=?, `video_conf_window_width`=?, `profile_picture`=?, 

+                               `language`=?, `notifications`=?, `show_vconf_usernames`=?, `display_vconf_user`=?, `use_email`=?, `load_groups`=?, `date_modified`=? 

+                                WHERE BINARY `username`=?");

+    $query1->bind_param("sissssssssisssssssssssiiiisss", $wssServer, $webSocketPort, $serverPath, $profileName, $sipUsername, $sipPasswordEnc, $stunServer, $audioOutputId,

+                         $videoSrcId, $videoHeight, $frameRate, $aspectRatio, $videoOrientation, $ringTone, $audioSrcId, $autoGainControl, $echoCancellation, $noiseSuppression,

+                         $ringOutputId, $videoConfWindowWidth, $profilePicture, $language, $notifications, $showVconfNames, $displayVconfUser, $useEmail, $loadGroups, 

+                         $crrntTime, $username);

+    if ($query1->execute()) { $messageupdata1 = 'success'; } else { $messageupdata1 = 'failure'; }

+

+

+    // Check if the fax settings for the current user are already in the `fax_settings` table

+    $queryfaxck = $mysqli->prepare("SELECT id, userid FROM fax_settings WHERE userid = ?");

+    $queryfaxck->bind_param("i", $userid);

+    $queryfaxck->execute(); 

+    $queryfaxckres = $queryfaxck->get_result()->fetch_assoc();

+

+    if ($queryfaxckres) {

+

+        // Update the fax settings for the current user in the `fax_settings` table

+        $queryupfax = $mysqli->prepare("UPDATE `fax_settings` SET `tel_secret_key`=?, `tel_fax_app_id`=?, `tel_recwh_url`=?, `phax_api_key`=?, `phax_api_secret`=?, 

+                                       `phax_webhook_token`=?, `phax_receive_url`=?, `get_notification`=?, `notification_email`=? WHERE `userid`=?");

+        $queryupfax->bind_param("sssssssisi", $telsecretkeyEnc, $telfaxappidEnc, $telrecwhurl, $phaxapikeyEnc, $phaxapisecretEnc, $phaxapiwhtokenEnc, $phaxreceiveurl, 

+                                 $faxnotification, $faxnotifyemail, $userid);

+        if ($queryupfax->execute()) { $messageupdata2 = 'success'; } else { $messageupdata2 = 'failure'; }

+

+    } else {

+

+        // Insert the fax settings for the current user in the `fax_settings` table

+        $queryinsfax = $mysqli->prepare("INSERT INTO `fax_settings` (userid, tel_secret_key, tel_fax_app_id, tel_recwh_url, phax_api_key, phax_api_secret, phax_webhook_token, 

+                                         phax_receive_url, get_notification, notification_email) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");

+        $queryinsfax->bind_param("isssssssis", $userid, $telsecretkeyEnc, $telfaxappidEnc, $telrecwhurl, $phaxapikeyEnc, $phaxapisecretEnc, $phaxapiwhtokenEnc, $phaxreceiveurl, 

+                                  $faxnotification, $faxnotifyemail);

+        if ($queryinsfax->execute()) { $messageupdata2 = 'success'; } else { $messageupdata2 = 'failure'; }

+    }

+

+

+    // Check if the voice/sms/fax numbers for the current user are already in the `phone_numbers` table

+    $queryphck = $mysqli->prepare("SELECT id, userid FROM phone_numbers WHERE userid = ?");

+    $queryphck->bind_param("i", $userid);

+    $queryphck->execute(); 

+    $queryphckres = $queryphck->get_result()->fetch_assoc();

+

+    if ($queryphckres) {

+

+        // Update voice/sms/fax numbers for the current user in the `phone_numbers` table

+        $queryuphnb = $mysqli->prepare("UPDATE `phone_numbers` SET `voice_numbers`=?, `default_voice_number`=?, `sms_numbers`=?, `default_sms_number`=?, `fax_numbers`=?, 

+                                       `default_fax_number`=? WHERE `userid`=?");

+        $queryuphnb->bind_param("ssssssi", $voicenmb, $voicedefnmb, $smsnmb, $smsdefnmb, $faxnmb, $faxdefnmb, $userid);

+        if ($queryuphnb->execute()) { $messageupdata3 = 'success'; } else { $messageupdata3 = 'failure'; }

+

+    } else {

+

+        // Insert voice/sms/fax numbers for the current user in the `phone_numbers` table

+        $queryinsnb = $mysqli->prepare("INSERT INTO `phone_numbers` (userid, voice_numbers, default_voice_number, sms_numbers, default_sms_number, fax_numbers, default_fax_number) 

+                                        VALUES (?, ?, ?, ?, ?, ?, ?)");

+        $queryinsnb->bind_param("issssss", $userid, $voicenmb, $voicedefnmb, $smsnmb, $smsdefnmb, $faxnmb, $faxdefnmb);

+        if ($queryinsnb->execute()) { $messageupdata3 = 'success'; } else { $messageupdata3 = 'failure'; }

+    }

+

+

+    // Check if the email configuration data is already in the `email_conf` table

+    $query2 = $mysqli->prepare("SELECT id, userid FROM email_conf WHERE userid = ?");

+    $query2->bind_param("s", $userid);

+    $query2->execute(); 

+    $querychck = $query2->get_result()->fetch_assoc();

+

+    if ($querychck) {

+

+        // Update email configuration data in the 'email_conf' table

+        $query3 = $mysqli->prepare("UPDATE `email_conf` SET `rcdomain`=?, `rcuser`=?, `rcpassword`=?, `rcbasicauthuser`=?, `rcbasicauthpass`=? WHERE `userid`=?");

+        $query3->bind_param("sssssi", $rcDomain, $rcUser, $rcPasswordEnc, $rcBasicAuthUser, $rcBasicAuthPassEnc, $userid);

+        if ($query3->execute()) { $messageupdata4 = 'success'; } else { $messageupdata4 = 'failure'; }

+

+    } else {

+

+        // Insert email configuration data in the 'email_conf' table

+        $query4 = $mysqli->prepare("INSERT INTO `email_conf` (userid, rcdomain, rcuser, rcpassword, rcbasicauthuser, rcbasicauthpass) VALUES (?, ?, ?, ?, ?, ?)");

+        $query4->bind_param("isssss", $userid, $rcDomain, $rcUser, $rcPasswordEnc, $rcBasicAuthUser, $rcBasicAuthPassEnc);

+        if ($query4->execute()) { $messageupdata4 = 'success'; } else { $messageupdata4 = 'failure'; }

+    }

+

+

+    // Update profile picture in the 'contacts' table

+    if ($profilePicture != '') {

+

+              $queryselextno = $mysqli->prepare("SELECT id, extension_number FROM contacts WHERE extension_number = ?");

+              $queryselextno->bind_param("s", $sipUsername);

+              $queryselextno->execute(); 

+              $totextensions = $queryselextno->get_result();

+              $errchck = 0;

+              while ($foundextensions = $totextensions->fetch_assoc()) {

+                     $querypics = $mysqli->prepare("UPDATE `contacts` SET `profile_picture_c`=? WHERE `extension_number`=?");

+                     $querypics->bind_param("ss", $profilePicture, $sipUsername);

+                     if (!$querypics->execute()) { ++$errchck; }

+              }

+              if ($errchck == 0) { $messageuppicture = 'success'; } else { $messageuppicture = 'failure'; }

+

+    } else { $messageuppicture = 'success'; }

+

+

+    if ($messageupdata1 == 'success' && $messageupdata2 == 'success' && $messageupdata3 == 'success' && $messageupdata4 == 'success' &&

+        $messageupdata5 == 'success' && $messageupdata6 == 'success' && $messageupdata7 == 'success' && $messageupdata8 == 'success' &&

+        $messageupdata9 == 'success' && $messageupdata10 == 'success' && $messageupdata11 == 'success' && $messageupdata12 == 'success') {

+        $messageupdata = 'success';

+    } else { 

+        $messageupdata = 'failure';

+    }

+

+    $response = array('resultupdata' => $messageupdata, 'resultuppicture' => $messageuppicture, 'indivresults' => [$messageupdata1, $messageupdata2, $messageupdata3,

+                       $messageupdata4, $messageupdata5, $messageupdata6, $messageupdata7, $messageupdata8, $messageupdata9, $messageupdata10, $messageupdata11, $messageupdata12]);

+    echo json_encode($response);

+

+} else {

+    header("Location: ../login.php");

+}

+

+?>