forked from ccabrerar/ViciPhone
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathviciphone.php
211 lines (180 loc) · 5.56 KB
/
viciphone.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
<?php
// Required default values. This can be overrided by using $_GET and $_POST variables
$language = 'en';
$dial_number = ''; // The number to pre-fill in the phone
$debug_enabled = false;
// Default display values
$hide_dialpad = false; // Show the dialplan
$hide_dialbox = false; // Show the dialbox
$hide_volume = false; // Display volume controls
$hide_mute = false; // Display mute button
$auto_answer = false; // Auto answer incoming calls
$auto_dial_out = true; // Auto dial out after loading (only works if a dial_number is specified)
$auto_login = true; // Auto login agent as soon as webphone gets loaded
// Enable to enable the debug access log
$debug_access_log = true;
// GET / POST Options
// the phone login used as the auth_user
if (isset($_GET["phone_login"])) {
$phone_login=$_GET["phone_login"];
} elseif (isset($_POST["phone_login"])) {
$phone_login=$_POST["phone_login"];
}
// the phone registration password
if (isset($_GET["phone_pass"])) {
$phone_pass=$_GET["phone_pass"];
} elseif (isset($_POST["phone_pass"])) {
$phone_pass=$_POST["phone_pass"];
}
// the server IP to register to
if (isset($_GET["server_ip"])) {
$server_ip=$_GET["server_ip"];
} elseif (isset($_POST["server_ip"])) {
$server_ip=$_POST["server_ip"];
}
// the pre-filled dial number
if (isset($_GET["dial_number"])) {
$dial_number=$_GET["dial_number"];
} elseif (isset($_POST["dial_number"])) {
$dial_number=$_POST["dial_number"];
}
// the audio codecs to use ( currently not supported )
if (isset($_GET["codecs"])) {
$codecs=$_GET["codecs"];
} elseif (isset($_POST["codecs"])) {
$codecs=$_POST["codecs"];
}
// additional webphone options
if (isset($_GET["options"])) {
$options=$_GET["options"];
} elseif (isset($_POST["options"])) {
$options=$_POST["options"];
}
// decode the GET/POST data
$phone_login = base64_decode($phone_login);
$phone_pass = base64_decode($phone_pass);
$server_ip = base64_decode($server_ip);
$codecs = base64_decode($codecs);
$options = base64_decode($options);
// Encryption check
// Get remote address
$referring_url = "https://viciphone.com";
if (!empty($_SERVER['HTTP_REFERER'])) {
$referring_url = $_SERVER['HTTP_REFERER'];
}
$ref_url_array = parse_url( $referring_url );
// Do not include
// user / pass / port / get / post
// data in the URL that is logged or displayed
$base_referring_url = $ref_url_array['scheme'] . "://" . $ref_url_array['host'] . $ref_url_array['path'];
// Create the debug log string
$log_string = date("Y-m-d H:i:s");
$log_string .= "\t";
if (!empty($_SERVER['REMOTE_ADDR'])) {
$log_string .= $_SERVER['REMOTE_ADDR'];
}
$log_string .= "\t";
$log_string .= $base_referring_url;
$log_string .= "\t";
if (!empty($_SERVER['HTTP_USER_AGENT'])) {
$log_string .= $_SERVER['HTTP_USER_AGENT'];
}
$log_string .= "\t";
$log_string .= get_browser(null,true);
$log_string .= "\n";
if ( $debug_access_log ) {
// log it
file_put_contents( "debug/viciphone_access.log",$log_string,FILE_APPEND );
}
// Encryption Check
if ( $ref_url_array['scheme'] != 'https' ) {
// Remote address is not https
// Throw and Alert and exit
echo "<script language='javascript'>";
echo "alert('Referring URL ( $base_referring_url ) is not encrypted. VICIphone cannot load without encryption. Please make sure you are using the correct URL.')";
echo "</script>";
exit;
}
// whether debug should be enabled
$debug_enabled = false;
// sip connection info
$cid_name = "$phone_login";
$sip_uri = "$phone_login@$server_ip";
$auth_user = "$phone_login";
$password = "$phone_pass";
// process options
$options_array = explode("--", $options);
// DEBUG options
if ( in_array( "DEBUG" , $options_array ) ) {
$debug_enabled = true;
}
// display restriction options
if ( in_array( "DIALPAD_N" , $options_array ) ) {
$hide_dialpad = true;
}
// whether to disable the dial box
if ( in_array( "DIALBOX_N" , $options_array ) ) {
$hide_dialbox = true;
}
// whether to disable the mute button
if ( in_array( "MUTE_N" , $options_array ) ) {
$hide_mute = true;
}
// whether to disable the volume buttons
if ( in_array( "VOLUME_N" , $options_array ) ) {
$hide_volume = true;
}
// behavior options
// whether to enable auto answer
if ( in_array( "AUTOANSWER_Y" , $options_array ) ) {
$auto_answer = true;
}
// whether to enable auto dial out
if ( in_array( "AUTODIAL_Y" , $options_array ) ) {
$auto_dial_out = true;
}
// whether to enable auto dial out
if ( in_array( "AUTOLOGIN_N" , $options_array ) ) {
$auto_login = false;
}
// WEBSOCKET url
$ws_server = '';
foreach( $options_array as $value ) {
if ( strpos( $value, 'WEBSOCKETURL' ) !== false ) {
$ws_server = $value;
$ws_server = str_replace( 'WEBSOCKETURL', '', $ws_server );
}
}
// Layout file handling
$layout = '';
foreach( $options_array as $value ) {
if ( strpos( $value, 'WEBPHONELAYOUT' ) !== false ) {
$layout = $value;
$layout = str_replace( 'WEBPHONELAYOUT', '', $layout );
}
}
if ( $layout == '' ) {
# layout is blank use the default
$layout = 'css/default.css';
} elseif ( preg_match('#^https?://#i', $layout) === 1 ) {
# layout begins with http:// or https:// so it is a link
# do nothing
} elseif ( preg_match('#^css/#i', $layout) === 1 ) {
# layout begins with css/
if ( preg_match('#\.css$#i', $layout) === 1 ) {
# layout ends in .css
# do nothing
} else {
# append .css to the layout
$layout .= ".css";
}
} elseif ( preg_match('#\.css$#i', $layout) === 1 ) {
# layout ends in .css
$layout = "css/" . $layout;
} else {
$layout = "css/" . $layout . ".css";
}
# sanitize the layout to try to prevent XSS
$layout = filter_var($layout, FILTER_SANITIZE_URL );
// call the template
require_once('vp_template.php');