From df38004bb1f82682966fd36b9ce2f432b560f46c Mon Sep 17 00:00:00 2001 From: azammitdcarf Date: Thu, 23 Dec 2010 00:34:26 +0000 Subject: [PATCH] Removed debugging information from .htaccess Added operatorlist administrative function which can enable/disable operators, update passwords and download VoIP configuration --- .htaccess | 11 --- admin/index.php | 2 + admin/operatorlist.php | 169 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 171 insertions(+), 11 deletions(-) create mode 100644 admin/operatorlist.php diff --git a/.htaccess b/.htaccess index 1c983b59..6351c87a 100644 --- a/.htaccess +++ b/.htaccess @@ -1,14 +1,3 @@ -php_flag display_startup_errors on -php_flag display_errors on -php_flag html_errors on -php_flag ignore_repeated_errors off -php_flag ignore_repeated_source off -php_flag report_memleaks on -php_flag track_errors on -php_value docref_root 0 -php_value docref_ext 0 -php_value error_reporting -1 - AuthType Basic AuthName "queXS CATI: Authentication Required" AuthUserFile /var/opt/quexs/htpasswd diff --git a/admin/index.php b/admin/index.php index 26273ced..e87ad6d0 100644 --- a/admin/index.php +++ b/admin/index.php @@ -57,6 +57,7 @@ print "
  • " print "
  • " . T_("Quota management") . "
    • "; print "
  • " . T_("Quota row management") . "
    • "; print "
  • " . T_("Add operators to the system") . "
    • "; +print "
  • " . T_("Operator management") . "
    • "; print "
  • " . T_("Assign operators to questionnaires") . "
    • "; print "
  • " . T_("Modify operator skills") . "
    • "; print "
  • " . T_("Shift management (add/remove)") . "
    • "; @@ -90,6 +91,7 @@ if (VOIP_ENABLED) { print "

  • " . T_("VoIP") . "

    "; print "
    • "; } diff --git a/admin/operatorlist.php b/admin/operatorlist.php new file mode 100644 index 00000000..7ec3c185 --- /dev/null +++ b/admin/operatorlist.php @@ -0,0 +1,169 @@ + + * @copyright Australian Consortium for Social and Political Research Incorporated (ACSPRI) 2007,2008,2009,2010,2011 + * @package queXS + * @subpackage admin + * @link http://www.acspri.org.au/software queXS was writen for ACSPRI + * @license http://opensource.org/licenses/gpl-2.0.php The GNU General Public License (GPL) Version 2 + * + */ + +/** + * Configuration file + */ +include_once(dirname(__FILE__).'/../config.inc.php'); + +/** + * Database + */ +include_once(dirname(__FILE__).'/../db.inc.php'); + +/** + * XHTML functions + */ +include_once(dirname(__FILE__).'/../functions/functions.xhtml.php'); + +$display = true; + +if (isset($_POST)) +{ + foreach($_POST as $key => $val) + { + if (substr($key,0,8) == "password") + { + if (HTPASSWD_PATH !== false) + { + $operator_id = intval(substr($key,8)); + //update password in htaccess + include_once(dirname(__FILE__).'/../functions/functions.htpasswd.php'); + $htp = New Htpasswd(HTPASSWD_PATH); + $htp->deleteUser($_POST["username" . $operator_id]); + $htp->addUser($_POST["username" . $operator_id],$val); + } + } + } +} + +if (isset($_GET['disable'])) +{ + $operator_id = intval($_GET['disable']); + + $sql = "UPDATE operator + SET enabled = 0 + WHERE operator_id = '$operator_id'"; + + $db->Execute($sql); +} + +if (isset($_GET['enable'])) +{ + $operator_id = intval($_GET['enable']); + + $sql = "UPDATE operator + SET enabled = 1 + WHERE operator_id = '$operator_id'"; + + $db->Execute($sql); +} + +if (isset($_GET['operator_id'])) +{ + $operator_id = intval($_GET['operator_id']); + + $sql = "SELECT *,SUBSTRING_INDEX(extension, '/', -1) as ext + FROM operator + WHERE operator_id = $operator_id"; + + $rs = $db->GetRow($sql); + + if (!empty($rs)) + { + $display = false; + + if (isset($_GET['winbat']) || isset($_GET['sh'])) + { + header("Content-Type: text/txt"); + if (isset($_GET['winbat'])) + header("Content-Disposition: attachment; filename=operator_$operator_id.bat"); + else + header("Content-Disposition: attachment; filename=operator_$operator_id.sh"); + header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past + header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); + header("Pragma: public"); // HTTP/1.0 + + if (isset($_GET['winbat'])) + echo "voip.exe -i -u {$rs['ext']} -p {$rs['extension_password']} -h " . VOIP_SERVER; + else + echo "./voip -i -u {$rs['ext']} -p {$rs['extension_password']} -h " . VOIP_SERVER; + } + } +} + +if ($display) +{ + $sql = "SELECT + CONCAT(firstName, ' ', lastName) as name, + CONCAT('
    ') as password, + CONCAT('" . T_("Windows bat file") . "') as winbat, + CONCAT('" . T_("*nix script file") . "') as sh, + CASE WHEN enabled = 0 THEN + CONCAT('" . T_("Enable") . "') + ELSE + CONCAT('" . T_("Disable") . "') + END + as enabledisable + FROM operator"; + + $rs = $db->GetAll($sql); + + xhtml_head(T_("Operator list"),true,array("../css/table.css")); + + $columns = array("name","enabledisable"); + $titles = array(T_("Operator"),T_("Enable/Disable")); + + if (VOIP_ENABLED) + { + print "

    " . T_("Download the file for each user and save in the same folder as the voip.exe executable. When the file is executed, it will run the voip.exe program with the correct connection details to connect the operator to the VoIP server") . "

    "; + + print "

    " . T_("Download Windows VoIP Executable") . "

    "; + print "

    " . T_("Download Linux VoIP Executable") . "

    "; + + $columns[] = "winbat"; + $columns[] = "sh"; + $titles[] = T_("Windows VoIP"); + $titles[] = T_("*nix VoIP"); + } + + if (HTPASSWD_PATH !== false) + { + $columns[] = "password"; + $titles[] = T_("Update password"); + } + + xhtml_table($rs,$columns,$titles); + + + xhtml_foot(); +} +?>