Skip to content

Commit

Permalink
fix code to working with last php version
Browse files Browse the repository at this point in the history
  • Loading branch information
@callcenter-magnus
callcenter-magnus committed Aug 31, 2024
1 parent 04c6865 commit d693c1f
Show file tree
Hide file tree
Showing 12 changed files with 71 additions and 92 deletions.
Binary file modified build/MagnusBilling-current.tar.gz
View file
Binary file not shown.
7 changes: 6 additions & 1 deletion protected/commands/UpdateMysqlCommand.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,17 @@
* Magnusbilling.com <[email protected]>
*
*/
class UpdateMysqlCommand extends ConsoleCommand
class UpdateMysqlCommand extends CConsoleCommand
{

public $debug = 0;
public $config;

public function run($args)
{

$this->config = LoadConfig::getConfig();

if (file_exists('/var/spool/cron/root')) {
$CRONPATH = '/var/spool/cron/root';
} elseif (file_exists('/var/spool/cron/crontabs/root')) {
Expand Down
10 changes: 5 additions & 5 deletions protected/commands/update.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,10 +54,6 @@ wget --no-check-certificate https://raw.githubusercontent.com/magnussolution/mag
tar xzf MagnusBilling-current.tar.gz



##update database
php /var/www/html/mbilling/cron.php UpdateMysql

## remove unnecessary directories
rm -rf /var/www/html/mbilling/doc
rm -rf /var/www/html/mbilling/script
Expand Down Expand Up @@ -99,6 +95,10 @@ if [[ -e /var/www/html/mbilling/resources/images/lock-screen-background.jpg ]];
done
fi

##update database
php /var/www/html/mbilling/cron.php UpdateMysql

if [[ -e /var/www/html/mbilling/protected/commands/update3.sh ]]; then
/var/www/html/mbilling/protected/commands/update3.sh
fi
fi

4 changes: 2 additions & 2 deletions protected/components/BaseController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -281,7 +281,7 @@ public function setStart($value)
public function setLimit($value)
{
$limit = isset($value[$this->nameParamLimit]) ? $value[$this->nameParamLimit] : -1;
$this->limit = (strlen($this->filter) < 2 && isset($this->limit)) ? $this->limit : $limit;
$this->limit = ( ! is_null($this->limit) && strlen($this->filter) < 2 && isset($this->limit)) ? $this->limit : $limit;
}

public function setSort()
Expand Down Expand Up @@ -1187,7 +1187,7 @@ public function setAttributesModels($attributes, $models)

public function getAttributesModels($models, $itemsExtras = [])
{
$attributes = false;
$attributes = [];
$namePk = $this->abstractModel->primaryKey();
foreach ($models as $key => $item) {
$attributes[$key] = $item->attributes;
Expand Down
44 changes: 22 additions & 22 deletions protected/components/CCJSON.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ public static function encode($var)
*/
for ($c = 0; $c < $strlen_var; ++$c) {

$ord_var_c = ord($var{$c});
$ord_var_c = ord($var[$c]);

switch (true) {
case $ord_var_c == 0x08:
Expand All @@ -59,18 +59,18 @@ public static function encode($var)
case $ord_var_c == 0x2F:
case $ord_var_c == 0x5C:
// double quote, slash, slosh
$ascii .= '\\' . $var{$c};
$ascii .= '\\' . $var[$c];
break;

case (($ord_var_c >= 0x20) && ($ord_var_c <= 0x7F)):
// characters U-00000000 - U-0000007F (same as ASCII)
$ascii .= $var{$c};
$ascii .= $var[$c];
break;

case (($ord_var_c & 0xE0) == 0xC0):
// characters U-00000080 - U-000007FF, mask 110XXXXX
// see http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8
$char = pack('C*', $ord_var_c, ord($var{$c + 1}));
$char = pack('C*', $ord_var_c, ord($var[$c + 1]));
$c += 1;
$utf16 = self::utf8ToUTF16BE($char);
$ascii .= sprintf('\u%04s', bin2hex($utf16));
Expand All @@ -80,8 +80,8 @@ public static function encode($var)
// characters U-00000800 - U-0000FFFF, mask 1110XXXX
// see http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8
$char = pack('C*', $ord_var_c,
ord($var{$c + 1}),
ord($var{$c + 2}));
ord($var[$c + 1]),
ord($var[$c + 2]));
$c += 2;
$utf16 = self::utf8ToUTF16BE($char);
$ascii .= sprintf('\u%04s', bin2hex($utf16));
Expand All @@ -91,9 +91,9 @@ public static function encode($var)
// characters U-00010000 - U-001FFFFF, mask 11110XXX
// see http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8
$char = pack('C*', $ord_var_c,
ord($var{$c + 1}),
ord($var{$c + 2}),
ord($var{$c + 3}));
ord($var[$c + 1]),
ord($var[$c + 2]),
ord($var[$c + 3]));
$c += 3;
$utf16 = self::utf8ToUTF16BE($char);
$ascii .= sprintf('\u%04s', bin2hex($utf16));
Expand All @@ -103,10 +103,10 @@ public static function encode($var)
// characters U-00200000 - U-03FFFFFF, mask 111110XX
// see http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8
$char = pack('C*', $ord_var_c,
ord($var{$c + 1}),
ord($var{$c + 2}),
ord($var{$c + 3}),
ord($var{$c + 4}));
ord($var[$c + 1]),
ord($var[$c + 2]),
ord($var[$c + 3]),
ord($var[$c + 4]));
$c += 4;
$utf16 = self::utf8ToUTF16BE($char);
$ascii .= sprintf('\u%04s', bin2hex($utf16));
Expand All @@ -116,11 +116,11 @@ public static function encode($var)
// characters U-04000000 - U-7FFFFFFF, mask 1111110X
// see http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8
$char = pack('C*', $ord_var_c,
ord($var{$c + 1}),
ord($var{$c + 2}),
ord($var{$c + 3}),
ord($var{$c + 4}),
ord($var{$c + 5}));
ord($var[$c + 1]),
ord($var[$c + 2]),
ord($var[$c + 3]),
ord($var[$c + 4]),
ord($var[$c + 5]));
$c += 5;
$utf16 = self::utf8ToUTF16BE($char);
$ascii .= sprintf('\u%04s', bin2hex($utf16));
Expand Down Expand Up @@ -152,19 +152,19 @@ public static function encode($var)
// treat as a JSON object
if (is_array($var) && count($var) && (array_keys($var) !== range(0, sizeof($var) - 1))) {
return '{' .
join(',', array_map(array('CJSON', 'nameValue'),
join(',', array_map(['CJSON', 'nameValue'],
array_keys($var),
array_values($var)))
. '}';
}

// treat it like a regular array
return '[' . join(',', array_map(array('CJSON', 'encode'), $var)) . ']';
return '[' . join(',', array_map(['CJSON', 'encode'], $var)) . ']';

case 'object':
if ($var instanceof Traversable) {
$var = get_parent_class($var) === 'Model' ? $var->getAttributes() : $var;
$vars = array();
$vars = [];
foreach ($var as $k => $v) {
$vars[$k] = $v;
}
Expand All @@ -174,7 +174,7 @@ public static function encode($var)
}

return '{' .
join(',', array_map(array('CJSON', 'nameValue'),
join(',', array_map(['CJSON', 'nameValue'],
array_keys($vars),
array_values($vars)))
. '}';
Expand Down
22 changes: 19 additions & 3 deletions protected/controllers/CallController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@ public function actionDownloadRecord()

$host = $modelCall->idServer->public_ip > 0 ? $modelCall->idServer->public_ip : $modelCall->idServer->host;
$url = 'http://' . $host . '/mbilling/record.php?id=' . $uniqueid . '&u=' . $modelCall->idUser->username;
$output = LinuxAccess::exec("cd /var/www/html/mbilling/tmp/ && wget --quiet -O " . $uniqueid . ".gsm '$url'");
$output = LinuxAccess::exec("cd /var/www/html/mbilling/tmp/ && wget --quiet -O " . trim($uniqueid) . ".gsm '$url'");
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=" . $uniqueid);
Expand All @@ -194,7 +194,7 @@ public function actionDownloadRecord()
exit;
}

$output = LinuxAccess::exec("ls /var/spool/asterisk/monitor/" . $modelCall->idUser->username . '/*.' . $uniqueid . '* ');
$output = LinuxAccess::exec("ls /var/spool/asterisk/monitor/" . $modelCall->idUser->username . '/*.' . trim($uniqueid) . '* ');

if (isset($output[0])) {

Expand Down Expand Up @@ -258,7 +258,7 @@ public function actionDownloadRecord()
$username = $records->idUser->username;

$mix_monitor_format = $this->config['global']['MixMonitor_format'];
LinuxAccess::exec('cp -rf /var/spool/asterisk/monitor/' . $username . '/*.' . $uniqueid . '* ' . $folder . '/');
LinuxAccess::exec('cp -rf /var/spool/asterisk/monitor/' . $username . '/*.' . trim($uniqueid) . '* ' . $folder . '/');
}

LinuxAccess::exec("cd $folder && tar -czf records_" . Yii::app()->session['username'] . ".tar.gz *");
Expand Down Expand Up @@ -423,9 +423,25 @@ public function actionCsv()
$this->convertRelationFilter();
$header = '';
foreach ($columns as $key => $value) {
if (strlen($value['header']) > 40) {
MagnusLog::insertLOG('EDIT', $id_user, $_SERVER['REMOTE_ADDR'], 'CDR export columns have more than 40 char.' . print_r($columns, true));
exit;
}
$header .= "'" . ($value['header']) . "',";
}

if (preg_match('/echo|system|exec|touch|pass|cd |rm |curl|wget|assets|resources|mbilling|protected/', $header)) {
$info = 'Trying SQL inject, code: ' . $value . '. Controller => ' . Yii::app()->controller->id;
$id_user = isset(Yii::app()->session['id_user']) ? Yii::app()->session['id_user'] : 'NULL';
MagnusLog::insertLOG('EDIT', $id_user, $_SERVER['REMOTE_ADDR'], $info);
echo json_encode([
'rows' => [],
'count' => 0,
'sum' => [],
'msg' => 'SQL INJECT FOUND',
]);
}

$fileName = 'cdr_' . time();
LinuxAccess::exec("echo '" . substr($header, 0, -1) . "' > /var/www/html/mbilling/tmp/" . $fileName . ".csv ");

Expand Down
7 changes: 7 additions & 0 deletions protected/controllers/DidwwController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,10 @@ public function actionAdd()
public function confirmeDid($id_did)
{

if ( ! is_numeric($id_did)) {
exit;
}

$result = LinuxAccess::exec("
curl -H 'Accept: application/vnd.api+json' \
-H 'Api-Key: " . $this->api_key . "' \
Expand Down Expand Up @@ -170,6 +174,9 @@ public function orderDid()
public function getDids($id_city)
{

if ( ! is_numeric($id_city)) {
exit;
}
$result = LinuxAccess::exec("
curl -H 'Accept: application/vnd.api+json' \
-H 'Api-Key: " . $this->api_key . "' \
Expand Down
3 changes: 3 additions & 0 deletions protected/controllers/FirewallController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,9 @@ class FirewallController extends Controller

public function init()
{
if ( ! Yii::app()->session['isAdmin']) {
exit;
}
$this->instanceModel = new Firewall;
$this->abstractModel = Firewall::model();
$this->titleReport = Yii::t('zii', 'Firewall');
Expand Down
2 changes: 1 addition & 1 deletion protected/controllers/SipTraceController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -402,7 +402,7 @@ public function actionRead($asJson = true, $condition = null)
public function actionDestroy()
{
SipTrace::model()->deleteAll();
LinuxAccess::exec("rm -rf " . $this->log_name);
LinuxAccess::exec("rm -rf /var/www/html/mbilling/resources/reports/siptrace.log");
}

public function actionExport()
Expand Down
56 changes: 1 addition & 55 deletions protected/controllers/SmsInfoBipController.php
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,5 @@
<?php

/**
* Url for http://localhost/mbilling/index.php/smsInfoBip/send?user=6964554610&pass=6964554610&number=57325064403&text=test_sms .
*/
class SmsInfoBipController extends CController
{

Expand All @@ -14,57 +11,6 @@ public function init()

public function actionSend()
{
$UNIX_TIMESTAMP = "UNIX_TIMESTAMP(";

if (isset($_GET['text'])) {
$text = $_GET['text'];
} else {
exit;
}

if (isset($_GET['user'])) {
$user = $_GET['user'];
} else {
exit;
}

if (isset($_GET['pass'])) {
$pass = $_GET['pass'];
} else {
exit;
}

if (isset($_GET['number'])) {
$number = $_GET['number'];
} else {
exit;
}

if (isset($_GET['from'])) {
$from = $_GET['from'];
} else {
$from = '55555555555';
}

$authorization = base64_encode("$user:$pass");

$result = LinuxAccess::exec("
curl -X POST \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Basic $authorization' \
-d '{
\"from\":\"$from\",
\"to\":\"$number\",
\"text\":\"$text\"
}' https://api.infobip.com/sms/1/text/single");

$result = json_decode($result);

if (isset($result->messages[0]->status->groupName)) {
echo 'ok';
} else {
echo 'error';
}
//
}
}
2 changes: 1 addition & 1 deletion resources/asterisk/mbilling.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -213,7 +213,7 @@
$MAGNUS->modelUser = $agi->query($sql)->fetch(PDO::FETCH_OBJ);
$MAGNUS->accountcode = isset($MAGNUS->modelUser->username) ? $MAGNUS->modelUser->username : null;

$sql = "SELECT * FROM pkg_sip WHERE name = '" . $MAGNUS->dnid . "' LIMIT 1";
$sql = "SELECT * FROM pkg_sip WHERE name = '" . $MAGNUS->dnid . "' OR (alias = '$MAGNUS->dnid' AND accountcode = '$MAGNUS->accountcode') LIMIT 1";
$MAGNUS->modelSip = $agi->query($sql)->fetch(PDO::FETCH_OBJ);
$MAGNUS->sip_account = $MAGNUS->modelSip->name;

Expand Down
6 changes: 4 additions & 2 deletions script/install.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -163,10 +163,12 @@ fi

if [ ${DIST} = "DEBIAN" ]; then
apt-get update --allow-releaseinfo-change
echo "LC_ALL=en_US.UTF-8" >> /etc/environment
echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen
apt-get install -y locales
echo "LANG=en_US.utf-8" >> /etc/locale.gen
echo "LC_ALL=en_US.utf-8" >> /etc/locale.gen
echo "LANG=en_US.UTF-8" > /etc/locale.conf
locale-gen en_US.UTF-8
source /etc/environment

apt-get -o Acquire::Check-Valid-Until=false update
apt-get install -y autoconf automake devscripts gawk ntpdate ntp g++ git-core curl sudo xmlstarlet apache2 libjansson-dev git odbcinst1debian2 libodbc1 odbcinst unixodbc unixodbc-dev
Expand Down

0 comments on commit d693c1f

Please sign in to comment.