1<?php
2/*
3	FusionPBX
4	Version: MPL 1.1
5
6	The contents of this file are subject to the Mozilla Public License Version
7	1.1 (the "License"); you may not use this file except in compliance with
8	the License. You may obtain a copy of the License at
9	http://www.mozilla.org/MPL/
10
11	Software distributed under the License is distributed on an "AS IS" basis,
12	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
13	for the specific language governing rights and limitations under the
14	License.
15
16	The Original Code is FusionPBX
17
18	The Initial Developer of the Original Code is
19	Mark J Crane <markjcrane@fusionpbx.com>
20	Portions created by the Initial Developer are Copyright (C) 2008-2012
21	the Initial Developer. All Rights Reserved.
22
23	Contributor(s):
24	Mark J Crane <markjcrane@fusionpbx.com>
25	James Rose <james.o.rose@gmail.com>
26*/
27include "root.php";
28require_once "resources/require.php";
29require_once "resources/check_auth.php";
30require_once "resources/functions/object_to_array.php";
31require_once "resources/functions/parse_message.php";
32if (permission_exists('fax_inbox_view')) {
33	//access granted
34}
35else {
36	echo "access denied";
37	exit;
38}
39
40//add multi-lingual support
41	$language = new text;
42	$text = $language->get();
43
44//get fax server uuid, set connection parameters
45	if (strlen($_GET['id']) > 0) {
46		$fax_uuid = check_str($_GET["id"]);
47
48		if (if_group("superadmin") || if_group("admin")) {
49			//show all fax extensions
50			$sql = "select * from v_fax ";
51			$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
52			$sql .= "and fax_uuid = '$fax_uuid' ";
53		}
54		else {
55			//show only assigned fax extensions
56			$sql = "select * from v_fax as f, v_fax_users as u ";
57			$sql .= "where f.fax_uuid = u.fax_uuid ";
58			$sql .= "and f.domain_uuid = '".$_SESSION['domain_uuid']."' ";
59			$sql .= "and f.fax_uuid = '$fax_uuid' ";
60			$sql .= "and u.user_uuid = '".$_SESSION['user_uuid']."' ";
61		}
62		$prep_statement = $db->prepare(check_sql($sql));
63		$prep_statement->execute();
64		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
65		if (count($result) == 0) {
66			if (!if_group("superadmin") && !if_group("admin")) {
67				echo "access denied";
68				exit;
69			}
70		}
71		foreach ($result as &$row) {
72			$fax_name = $row["fax_name"];
73			$fax_extension = $row["fax_extension"];
74			$fax_email_connection_type = $row["fax_email_connection_type"];
75			$fax_email_connection_host = $row["fax_email_connection_host"];
76			$fax_email_connection_port = $row["fax_email_connection_port"];
77			$fax_email_connection_security = $row["fax_email_connection_security"];
78			$fax_email_connection_validate = $row["fax_email_connection_validate"];
79			$fax_email_connection_username = $row["fax_email_connection_username"];
80			$fax_email_connection_password = $row["fax_email_connection_password"];
81			$fax_email_connection_mailbox = $row["fax_email_connection_mailbox"];
82			$fax_email_inbound_subject_tag = $row["fax_email_inbound_subject_tag"];
83			break;
84		}
85		unset ($prep_statement);
86
87		// make connection
88		$fax_email_connection = "{".$fax_email_connection_host.":".$fax_email_connection_port."/".$fax_email_connection_type;
89		$fax_email_connection .= ($fax_email_connection_security != '') ? "/".$fax_email_connection_security : "/notls";
90		$fax_email_connection .= "/".(($fax_email_connection_validate == 'false') ? "no" : null)."validate-cert";
91		$fax_email_connection .= "}".$fax_email_connection_mailbox;
92		if (!$connection = imap_open($fax_email_connection, $fax_email_connection_username, $fax_email_connection_password)) {
93			messages::add($text['message-cannot_connect']."(".imap_last_error().")", 'neative');
94			header("Location: fax.php");
95			exit;
96		}
97
98	}
99	else {
100		header("Location: fax.php");
101		exit;
102	}
103
104//message action
105	if ($_GET['email_id'] != '') {
106		$email_id = check_str($_GET['email_id']);
107
108		//download attachment
109		if (isset($_GET['download'])) {
110			$message = parse_message($connection, $email_id, FT_UID);
111			$attachment = $message['attachments'][0];
112			if ($attachment) {
113				$file_type = pathinfo($attachment['name'], PATHINFO_EXTENSION);
114				switch ($file_type) {
115					case "pdf" : header("Content-Type: application/pdf"); break;
116					case "tif" : header("Contet-Type: image/tiff"); break;
117				}
118				header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
119				header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // date in the past
120				header("Content-Length: ".$attachment['size']);
121				$browser = $_SERVER["HTTP_USER_AGENT"];
122				if (preg_match("/MSIE 5.5/", $browser) || preg_match("/MSIE 6.0/", $browser)) {
123					header("Content-Disposition: filename=\"".$attachment['name']."\"");
124				}
125				else {
126					header("Content-Disposition: attachment; filename=\"".$attachment['name']."\"");
127				}
128				header("Content-Transfer-Encoding: binary");
129				echo $attachment['data'];
130				exit;
131			}
132			else{
133				//redirect user
134				messages::add($text['message-download_failed'], 'negative');
135				header("Location: ?id=".$fax_uuid);
136				exit;
137			}
138
139		}
140
141		//delete email
142		if (isset($_GET['delete']) && permission_exists('fax_inbox_delete')) {
143			$message = parse_message($connection, $email_id, FT_UID);
144			$attachment = $message['attachments'][0];
145			if (imap_delete($connection, $email_id, FT_UID)) {
146				if (imap_expunge($connection)) {
147					//clean up local inbox copy
148					$fax_dir = $_SESSION['switch']['storage']['dir'].'/fax/'.$_SESSION['domain_name'];
149					@unlink($fax_dir.'/'.$fax_extension.'/inbox/'.$attachment['name']);
150					//redirect user
151					messages::add($text['message-delete']);
152					header("Location: ?id=".$fax_uuid);
153					exit;
154				}
155			}
156			else {
157				//redirect user
158				messages::add($text['message-delete_failed'], 'negative');
159				header("Location: ?id=".$fax_uuid);
160				exit;
161			}
162		}
163		else {
164			//redirect user
165			messages::add($text['message-delete_failed'], 'negative');
166			header("Location: ?id=".$fax_uuid);
167			exit;
168		}
169
170	}
171
172//get emails
173	$emails = imap_search($connection, "SUBJECT \"".$fax_email_inbound_subject_tag."\"", SE_UID);
174
175//show the header
176	require_once "resources/header.php";
177
178	$row_style["0"] = "row_style0";
179	$row_style["1"] = "row_style1";
180
181//show the inbox
182	$c = 0;
183	echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
184	echo "	<tr>\n";
185	echo "		<td align='left' valign='top'>\n";
186	echo "			<b>".$text['header-inbox'].": <span style='color: #000;'>".$fax_name." (".$fax_extension.")</span></b>\n";
187	echo "		</td>\n";
188	echo "		<td width='70%' align='right' valign='top'>\n";
189	echo "			<input type='button' class='btn' alt='".$text['button-back']."' onclick=\"window.location='fax.php';\" value='".$text['button-back']."'>\n";
190	echo "			<input type='button' class='btn' alt='".$text['button-refresh']."' onclick=\"document.location.reload();\" value='".$text['button-refresh']."'>\n";
191	echo "		</td>\n";
192	echo "	</tr>\n";
193	echo "</table>\n";
194	echo "<br><br>\n";
195
196	echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
197	echo "	<tr>\n";
198	echo "		<th>".$text['label-fax_caller_id_name']."</th>\n";
199	echo "		<th>".$text['label-fax_caller_id_number']."</th>\n";
200	echo "		<th>".$text['table-file']."</th>\n";
201	echo "		<th>".$text['label-email_size']."</th>\n";
202	echo "		<th>".$text['label-email_received']."</th>\n";
203	if (permission_exists('fax_inbox_delete')) {
204		echo "		<td style='width: 25px;' class='list_control_icons'>&nbsp;</td>\n";
205	}
206	echo "	</tr>";
207
208	if ($emails) {
209
210		rsort($emails); // most recent on top
211
212		foreach ($emails as $email_id) {
213			$metadata = object_to_array(imap_fetch_overview($connection, $email_id, FT_UID));
214			$message = parse_message($connection, $email_id, FT_UID);
215			$attachment = $message['attachments'][0];
216			$file_name = $attachment['name'];
217			$caller_id_name = substr($file_name, 0, strpos($file_name, '-'));
218			$caller_id_number = (is_numeric($caller_id_name)) ? format_phone((int) $caller_id_name) : null;
219			echo "	<tr ".(($metadata[0]['seen'] == 0) ? "style='font-weight: bold;'" : null).">\n";
220			echo "		<td valign='top' class='".$row_style[$c]."'>".$caller_id_name."</td>\n";
221			echo "		<td valign='top' class='".$row_style[$c]."'>".$caller_id_number."</td>\n";
222			echo "		<td valign='top' class='".$row_style[$c]."'><a href='?id=".$fax_uuid."&email_id=".$email_id."&download'>".$file_name."</a></td>\n";
223			echo "		<td valign='top' class='".$row_style[$c]."'>".byte_convert($attachment['size'])."</td>\n";
224			echo "		<td valign='top' class='".$row_style[$c]."'>".$metadata[0]['date']."</td>\n";
225			if (permission_exists('fax_inbox_delete')) {
226				echo "		<td style='width: 25px;' class='list_control_icons'><a href='?id=".$fax_uuid."&email_id=".$email_id."&delete' onclick=\"return confirm('".$text['confirm-delete']."')\">".$v_link_label_delete."</a></td>\n";
227			}
228			echo "	</tr>\n";
229			$c = ($c) ? 0 : 1;
230
231		}
232
233	}
234	else {
235		echo "<tr valign='top'>\n";
236		echo "	<td colspan='4' style='text-align: center;'><br><br>".$text['message-no_faxes_found']."<br><br></td>\n";
237		echo "</tr>\n";
238	}
239
240	echo "</table>";
241	echo "<br><br>";
242
243/* close the connection */
244imap_close($connection);
245
246
247//show the footer
248	require_once "resources/footer.php";
249?>
250