Add group manager changes

core/groups/classes/groups.php

@@ -0,0 +1,411 @@
+<?php
+/*
+	FusionPBX
+	Version: MPL 1.1
+
+	The contents of this file are subject to the Mozilla Public License Version
+	1.1 (the "License"); you may not use this file except in compliance with
+	the License. You may obtain a copy of the License at
+	http://www.mozilla.org/MPL/
+
+	Software distributed under the License is distributed on an "AS IS" basis,
+	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+	for the specific language governing rights and limitations under the
+	License.
+
+	The Original Code is FusionPBX
+
+	The Initial Developer of the Original Code is
+	Mark J Crane <[email protected]>
+	Portions created by the Initial Developer are Copyright (C) 2019
+	the Initial Developer. All Rights Reserved.
+
+	Contributor(s):
+	Mark J Crane <[email protected]>
+*/
+
+/**
+ * groups class
+ *
+ * @method null delete
+ * @method null toggle
+ * @method null copy
+ */
+if (!class_exists('groups')) {
+	class groups {
+
+		/**
+		* declare the variables
+		*/
+		private $app_name;
+		private $app_uuid;
+		private $name;
+		private $table;
+		private $toggle_field;
+		private $toggle_values;
+		private $location;
+
+		/**
+		 * called when the object is created
+		 */
+		public function __construct() {
+			//assign the variables
+				$this->app_name = 'groups';
+				$this->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+				$this->name = 'group';
+				$this->table = 'groups';
+				$this->toggle_field = 'group_protected';
+				$this->toggle_values = ['true','false'];
+				$this->location = 'groups.php';
+		}
+
+		/**
+		 * called when there are no references to a particular object
+		 * unset the variables used in the class
+		 */
+		public function __destruct() {
+			foreach ($this as $key => $value) {
+				unset($this->$key);
+			}
+		}
+
+		/**
+		 * delete rows from the database
+		 */
+		public function delete($records) {
+			if (permission_exists($this->name.'_delete')) {
+
+				//add multi-lingual support
+					$language = new text;
+					$text = $language->get();
+
+				//validate the token
+					$token = new token;
+					if (!$token->validate($_SERVER['PHP_SELF'])) {
+						message::add($text['message-invalid_token'],'negative');
+						header('Location: '.$this->location);
+						exit;
+					}
+
+				//delete multiple records
+					if (is_array($records) && @sizeof($records) != 0) {
+						//build the delete array
+							$x = 0;
+							foreach ($records as $record) {
+								//add to the array
+									if ($record['checked'] == 'true' && is_uuid($record['uuid'])) {
+										$array[$this->table][$x][$this->name.'_uuid'] = $record['uuid'];
+									}
+
+								//get the group permissions
+									$sql = "select group_permission_uuid ";
+									$sql .= "from v_group_permissions ";
+									$sql .= "where group_uuid = :group_uuid ";
+									$parameters['group_uuid'] = $record['uuid'];
+									$database = new database;
+									$result = $database->select($sql, $parameters, 'all');
+									if (is_array($result) && sizeof($result) != 0) {
+										foreach ($result as $index => $row) {
+											//build array
+												$array['group_permissions'][$index]['group_permission_uuid'] = $row['group_permission_uuid'];
+												$array['group_permissions'][$index]['group_uuid'] = $record['uuid'];
+										}
+										if (is_array($array) && sizeof($array) != 0) {
+											//delete the group permissions
+												$p = new permissions;
+												$p->add('group_permission_delete', 'temp');
+
+												$database = new database;
+												$database->app_name = 'groups';
+												$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+												$database->delete($array);
+												unset($array);
+
+												$p->delete('group_permission_delete', 'temp');
+										}
+									}
+									unset($sql, $parameters, $result, $row);
+
+								//delete the group
+									$array['groups'][0]['group_uuid'] = $group_uuid;
+									$database = new database;
+									$database->app_name = 'groups';
+									$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+									$database->delete($array);
+									unset($array);
+
+								//increment the id
+									$x++;
+							}
+
+						//delete the checked rows
+							if (is_array($array) && @sizeof($array) != 0) {
+								//execute delete
+									$database = new database;
+									$database->app_name = $this->app_name;
+									$database->app_uuid = $this->app_uuid;
+									$database->delete($array);
+									unset($array);
+
+								//set message
+									message::add($text['message-delete']);
+							}
+							unset($records);
+					}
+			}
+		}
+
+		/**
+		 * toggle a field between two values
+		 */
+		public function toggle($records) {
+			if (permission_exists($this->name.'_edit')) {
+
+				//add multi-lingual support
+					$language = new text;
+					$text = $language->get();
+
+				//validate the token
+					$token = new token;
+					if (!$token->validate($_SERVER['PHP_SELF'])) {
+						message::add($text['message-invalid_token'],'negative');
+						header('Location: '.$this->location);
+						exit;
+					}
+
+				//toggle the checked records
+					if (is_array($records) && @sizeof($records) != 0) {
+						//get current toggle state
+							foreach($records as $record) {
+								if ($record['checked'] == 'true' && is_uuid($record['uuid'])) {
+									$uuids[] = "'".$record['uuid']."'";
+								}
+							}
+							if (is_array($uuids) && @sizeof($uuids) != 0) {
+								$sql = "select ".$this->name."_uuid as uuid, ".$this->toggle_field." as toggle from v_".$this->table." ";
+								$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
+								$sql .= "and ".$this->name."_uuid in (".implode(', ', $uuids).") ";
+								$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+								$database = new database;
+								$rows = $database->select($sql, $parameters, 'all');
+								if (is_array($rows) && @sizeof($rows) != 0) {
+									foreach ($rows as $row) {
+										$states[$row['uuid']] = $row['toggle'];
+									}
+								}
+								unset($sql, $parameters, $rows, $row);
+							}
+
+						//build update array
+							$x = 0;
+							foreach($states as $uuid => $state) {
+								//create the array
+									$array[$this->table][$x][$this->name.'_uuid'] = $uuid;
+									$array[$this->table][$x][$this->toggle_field] = $state == $this->toggle_values[0] ? $this->toggle_values[1] : $this->toggle_values[0];
+
+								//increment the id
+									$x++;
+							}
+
+						//save the changes
+							if (is_array($array) && @sizeof($array) != 0) {
+								//save the array
+									$database = new database;
+									$database->app_name = $this->app_name;
+									$database->app_uuid = $this->app_uuid;
+									$database->save($array);
+									unset($array);
+
+								//set message
+									message::add($text['message-toggle']);
+							}
+							unset($records, $states);
+					}
+			}
+		}
+
+		/**
+		 * copy rows from the database
+		 */
+		public function copy($records) {
+			if (permission_exists($this->name.'_add')) {
+
+				//add multi-lingual support
+					$language = new text;
+					$text = $language->get();
+
+				//validate the token
+					$token = new token;
+					if (!$token->validate($_SERVER['PHP_SELF'])) {
+						message::add($text['message-invalid_token'],'negative');
+						header('Location: '.$this->location);
+						exit;
+					}
+
+				//copy the checked records
+					if (is_array($records) && @sizeof($records) != 0) {
+
+						//get checked records
+							foreach($records as $record) {
+								if ($record['checked'] == 'true' && is_uuid($record['uuid'])) {
+									$uuids[] = "'".$record['uuid']."'";
+								}
+							}
+
+						//create the array from existing data
+							if (is_array($uuids) && @sizeof($uuids) != 0) {
+								$sql = "select * from v_".$this->table." ";
+								$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
+								$sql .= "and ".$this->name."_uuid in (".implode(', ', $uuids).") ";
+								$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
+								$database = new database;
+								$rows = $database->select($sql, $parameters, 'all');
+								if (is_array($rows) && @sizeof($rows) != 0) {
+									$x = 0;
+									foreach ($rows as $row) {
+										//copy data
+											$array[$this->table][$x] = $row;
+
+										//add copy to the description
+											$array[$this->table][$x][$this->name.'_uuid'] = uuid();
+											$array[$this->table][$x][$this->name.'_description'] = trim($row[$this->name.'_description']).' ('.$text['label-copy'].')';
+
+										//increment the id
+											$x++;
+									}
+								}
+								unset($sql, $parameters, $rows, $row);
+							}
+
+						//save the changes and set the message
+							if (is_array($array) && @sizeof($array) != 0) {
+								//save the array
+									$database = new database;
+									$database->app_name = $this->app_name;
+									$database->app_uuid = $this->app_uuid;
+									$database->save($array);
+									unset($array);
+
+								//set message
+									message::add($text['message-copy']);
+							}
+							unset($records);
+					}
+			}
+		}
+
+
+		/**
+		 * add defaults groups
+		 */
+		public function defaults() {
+
+			//if the are no groups add the default groups
+				$sql = "select * from v_groups ";
+				$sql .= "where domain_uuid is null ";
+				$database = new database;
+				$result = $database->select($sql, null, 'all');
+				if (count($result) == 0) {
+					$x = 0;
+					$array['groups'][$x]['group_uuid'] = uuid();
+					$array['groups'][$x]['domain_uuid'] = null;
+					$array['groups'][$x]['group_name'] = 'superadmin';
+					$array['groups'][$x]['group_level'] = '80';
+					$array['groups'][$x]['group_description'] = 'Super Administrator Group';
+					$array['groups'][$x]['group_protected'] = 'false';
+					$x++;
+					$array['groups'][$x]['group_uuid'] = uuid();
+					$array['groups'][$x]['domain_uuid'] = null;
+					$array['groups'][$x]['group_name'] = 'admin';
+					$array['groups'][$x]['group_level'] = '50';
+					$array['groups'][$x]['group_description'] = 'Administrator Group';
+					$array['groups'][$x]['group_protected'] = 'false';
+					$x++;
+					$array['groups'][$x]['group_uuid'] = uuid();
+					$array['groups'][$x]['domain_uuid'] = null;
+					$array['groups'][$x]['group_name'] = 'user';
+					$array['groups'][$x]['group_level'] = '30';
+					$array['groups'][$x]['group_description'] = 'User Group';
+					$array['groups'][$x]['group_protected'] = 'false';
+					$x++;
+					$array['groups'][$x]['group_uuid'] = uuid();
+					$array['groups'][$x]['domain_uuid'] = null;
+					$array['groups'][$x]['group_name'] = 'agent';
+					$array['groups'][$x]['group_level'] = '20';
+					$array['groups'][$x]['group_description'] = 'Call Center Agent Group';
+					$array['groups'][$x]['group_protected'] = 'false';
+					$x++;
+					$array['groups'][$x]['group_uuid'] = uuid();
+					$array['groups'][$x]['domain_uuid'] = null;
+					$array['groups'][$x]['group_name'] = 'public';
+					$array['groups'][$x]['group_level'] = '10';
+					$array['groups'][$x]['group_description'] = 'Public Group';
+					$array['groups'][$x]['group_protected'] = 'false';
+
+					//add the temporary permissions
+					$p = new permissions;
+					$p->add("group_add", "temp");
+					$p->add("group_edit", "temp");
+
+					//save the data to the database
+					$database = new database;
+					$database->app_name = 'groups';
+					$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+					$database->save($array);
+					unset($array);
+
+					//remove the temporary permission
+					$p->delete("group_add", "temp");
+					$p->delete("group_edit", "temp");
+				}
+				unset($result);
+
+			//if there are no permissions listed in v_group_permissions then set the default permissions
+				$sql = "select count(*) from v_group_permissions ";
+				$sql .= "where domain_uuid is null ";
+				$database = new database;
+				$num_rows = $database->select($sql, null, 'column');
+				if ($num_rows == 0) {
+					//build the apps array
+					$config_list = glob($_SERVER["DOCUMENT_ROOT"] . PROJECT_PATH . "/*/*/app_config.php");
+					$x = 0;
+					foreach ($config_list as &$config_path) {
+						include($config_path);
+						$x++;
+					}
+
+					//no permissions found add the defaults
+					foreach($apps as $app) {
+						if (is_array($app['permissions'])) foreach ($app['permissions'] as $row) {
+							if (is_array($row['groups'])) foreach ($row['groups'] as $group) {
+								$x++;
+								$array['group_permissions'][$x]['group_permission_uuid'] = uuid();
+								$array['group_permissions'][$x]['domain_uuid'] = null;
+								$array['group_permissions'][$x]['permission_name'] = $row['name'];
+								$array['group_permissions'][$x]['group_name'] = $group;
+							}
+						}
+					}
+
+					//add the temporary permissions
+					$p = new permissions;
+					$p->add("group_permission_add", "temp");
+					$p->add("group_permission_edit", "temp");
+
+					//save the data to the database
+					$database = new database;
+					$database->app_name = 'groups';
+					$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
+					$database->save($array);
+					unset($array);
+
+					//remove the temporary permission
+					$p->delete("group_permission_add", "temp");
+					$p->delete("group_permission_edit", "temp");
+				}
+		}
+
+	}
+}
+
+?>

core/groups/groupadd.php

@@ -1,183 +0,0 @@
-<?php
-/*
-	FusionPBX
-	Version: MPL 1.1
-
-	The contents of this file are subject to the Mozilla Public License Version
-	1.1 (the "License"); you may not use this file except in compliance with
-	the License. You may obtain a copy of the License at
-	http://www.mozilla.org/MPL/
-
-	Software distributed under the License is distributed on an "AS IS" basis,
-	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-	for the specific language governing rights and limitations under the
-	License.
-
-	The Original Code is FusionPBX
-
-	The Initial Developer of the Original Code is
-	Mark J Crane <[email protected]>
-	Portions created by the Initial Developer are Copyright (C) 2008-2014
-	the Initial Developer. All Rights Reserved.
-
-	Contributor(s):
-	Mark J Crane <[email protected]>
-*/
-
-//includes
-	include "root.php";
-	require_once "resources/require.php";
-	require_once "resources/check_auth.php";
-
-//check permissions
-	if (permission_exists('group_add')) {
-		//access allowed
-	}
-	else {
-		echo "access denied";
-		return;
-	}
-
-//add multi-lingual support
-	$language = new text;
-	$text = $language->get();
-
-//get the http values and set them as variables
-	if (count($_POST) > 0) {
-		//set the variables
-			$group_name = $_POST["group_name"];
-			if (permission_exists('group_domain')) {
-				$domain_uuid = $_POST["domain_uuid"];
-			}
-			else {
-				$domain_uuid = $_SESSION['domain_uuid'];
-			}
-			$group_description = $_POST["group_description"];
-
-		//validate the token
-			$token = new token;
-			if (!$token->validate($_SERVER['PHP_SELF'])) {
-				message::add($text['message-invalid_token'],'negative');
-				header('Location: groups.php');
-				exit;
-			}
-
-		//check for global/domain duplicates
-			$sql = "select count(*) from v_groups where ";
-			$sql .= "group_name = :group_name ";
-			if (is_uuid($domain_uuid)) {
-				$sql .= "and domain_uuid = :domain_uuid ";
-				$parameters['domain_uuid'] = $domain_uuid;
-			}
-			else {
-				$sql .= "and domain_uuid is null ";
-			}
-			$parameters['group_name'] = $group_name;
-			$database = new database;
-			$num_rows = $database->select($sql, $parameters, 'column');
-			$group_exists = ($num_rows > 0) ? true : false;
-			unset($sql, $parameters, $num_rows);
-
-		//insert group
-			if (!$group_exists) {
-				$array['groups'][0]['group_uuid'] = uuid();
-				$array['groups'][0]['domain_uuid'] = is_uuid($domain_uuid) ? $domain_uuid : null;
-				$array['groups'][0]['group_name'] = $group_name;
-				$array['groups'][0]['group_description'] = $group_description;
-				$database = new database;
-				$database->app_name = 'groups';
-				$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-				$database->save($array);
-				unset($array);
-
-				message::add($text['message-add']);
-				header("Location: groups.php");
-			}
-			else {
-				message::add($text['message-group_exists'], 'negative');
-				header("Location: groupadd.php");
-			}
-
-		//redirect the user
-			return;
-	}
-
-//create token
-	$object = new token;
-	$token = $object->create($_SERVER['PHP_SELF']);
-
-//include the header
-	include "resources/header.php";
-	$document['title'] = $text['title-group_add'];
-
-//show the content
-	echo "<form name='login' method='post' action=''>\n";
-
-	echo "<table width='100%' cellpadding='0' cellspacing='0'>\n";
-	echo "	<tr>\n";
-	echo "		<td align='left' valign='top'>\n";
-	echo "			<b>".$text['header-group_add']."</b>\n";
-	echo "			<br><br>\n";
-	echo "			".$text['description-group_add']."\n";
-	echo "		</td>\n";
-	echo "		<td align='right' valign='top'>\n";
-	echo "			<input type='button' class='btn' name='' alt='back' onclick=\"window.location='groups.php'\" value='".$text['button-back']."'> ";
-	echo "  		<input type='submit' class='btn' value=\"".$text['button-save']."\">\n";
-	echo "		</td>\n";
-	echo "	</tr>\n";
-	echo "</table>\n";
-	echo "<br>";
-
-	echo "<table width='100%' cellpadding='0' cellspacing='0'>\n";
-	echo "<tr>\n";
-	echo "<td width='30%' class='vncellreq'>\n";
-	echo $text['label-group_name']."\n";
-	echo "</td>\n";
-	echo "<td width='70%' align='left' class='vtable'>\n";
-	echo "  <input type='text' class='formfld' name='group_name'>\n";
-	echo "</td>\n";
-	echo "</tr>\n";
-
-	if (permission_exists('group_domain')) {
-		echo "<tr>\n";
-		echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
-		echo "	".$text['label-domain']."\n";
-		echo "</td>\n";
-		echo "<td class='vtable' align='left'>\n";
-		echo "    <select class='formfld' name='domain_uuid'>\n";
-		echo "    	<option value='' ".((strlen($domain_uuid) == 0) ? "selected='selected'" : null).">".$text['option-global']."</option>\n";
-		foreach ($_SESSION['domains'] as $row) {
-			echo "	<option value='".$row['domain_uuid']."' ".(($row['domain_uuid'] == $domain_uuid) ? "selected='selected'" : null).">".$row['domain_name']."</option>\n";
-		}
-		echo "    </select>\n";
-		echo "<br />\n";
-		echo $text['description-domain_name']."\n";
-		echo "</td>\n";
-		echo "</tr>\n";
-	}
-
-	echo "<tr>\n";
-	echo "<td class='vncell'>\n";
-	echo $text['label-group_description']."\n";
-	echo "</td>\n";
-	echo "<td align='left' class='vtable'>\n";
-	echo "<textarea name='group_description' class='formfld' style='width: 250px; height: 50px;'></textarea>\n";
-	echo "</td>\n";
-	echo "</tr>\n";
-
-	echo "<tr>\n";
-	echo "<td colspan='2' align='right'>\n";
-	echo "	<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
-	echo "	<br />";
-	echo "	<input type='submit' class='btn' value=\"".$text['button-save']."\">\n";
-	echo "</td>\n";
-	echo "</tr>\n";
-
-	echo "</table>\n";
-	echo "<br><br>";
-	echo "</form>";
-
-//include the footer
-	include "resources/footer.php";
-
-?>

core/groups/groupdelete.php

@@ -1,138 +0,0 @@
-<?php
-/*
-	FusionPBX
-	Version: MPL 1.1
-
-	The contents of this file are subject to the Mozilla Public License Version
-	1.1 (the "License"); you may not use this file except in compliance with
-	the License. You may obtain a copy of the License at
-	http://www.mozilla.org/MPL/
-
-	Software distributed under the License is distributed on an "AS IS" basis,
-	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-	for the specific language governing rights and limitations under the
-	License.
-
-	The Original Code is FusionPBX
-
-	The Initial Developer of the Original Code is
-	Mark J Crane <[email protected]>
-	Portions created by the Initial Developer are Copyright (C) 2008-2015
-	the Initial Developer. All Rights Reserved.
-
-	Contributor(s):
-	Mark J Crane <[email protected]>
-*/
-
-//includes
-	include "root.php";
-	require_once "resources/require.php";
-	require_once "resources/check_auth.php";
-
-//check permissions
-	if (permission_exists('group_delete') || if_group("superadmin")) {
-		//access allowed
-	}
-	else {
-		echo "access denied";
-		return;
-	}
-
-//add multi-lingual support
-	$language = new text;
-	$text = $language->get();
-
-//validate the uuid
-	if (is_uuid($_GET["id"])) {
-		$group_uuid = $_GET["id"];
-
-		//get the group from v_groups
-			$sql = "select domain_uuid, group_name from v_groups ";
-			$sql .= "where group_uuid = :group_uuid ";
-			if (!permission_exists('group_domain')) {
-				$sql .= "and (domain_uuid = :domain_uuid or domain_uuid is null) ";
-				$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
-			}
-			$parameters['group_uuid'] = $group_uuid;
-			$database = new database;
-			$row = $database->select($sql, $parameters, 'row');
-			unset($sql, $parameters);
-
-			if (is_array($row) && sizeof($row) != 0) {
-
-				$domain_uuid = $row["domain_uuid"];
-				$group_name = $row["group_name"];
-
-				//delete the user groups
-					$array['user_groups'][0]['group_uuid'] = $group_uuid;
-
-					$p = new permissions;
-					$p->add('user_group_delete', 'temp');
-
-					$database = new database;
-					$database->app_name = 'groups';
-					$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-					$database->delete($array);
-					unset($array);
-
-					$p->delete('user_group_delete', 'temp');
-
-				//get the group permissions
-					$sql = "select group_permission_uuid ";
-					$sql .= "from v_group_permissions ";
-					$sql .= "where group_name = :group_name ";
-					if (is_uuid($domain_uuid)) {
-						$sql .= "and domain_uuid = :domain_uuid ";
-						$parameters['domain_uuid'] = $domain_uuid;
-					}
-					else {
-						$sql .= "and domain_uuid is null ";
-					}
-					$parameters['group_name'] = $group_name;
-					$database = new database;
-					$result = $database->select($sql, $parameters, 'all');
-					if (is_array($result) && sizeof($result) != 0) {
-						foreach ($result as $index => $row) {
-							//build array
-								$array['group_permissions'][$index]['group_permission_uuid'] = $row['group_permission_uuid'];
-								$array['group_permissions'][$index]['group_name'] = $group_name;
-						}
-						if (is_array($array) && sizeof($array) != 0) {
-							//delete the group permissions
-								$p = new permissions;
-								$p->add('group_permission_delete', 'temp');
-
-								$database = new database;
-								$database->app_name = 'groups';
-								$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-								$database->delete($array);
-								unset($array);
-
-								$p->delete('group_permission_delete', 'temp');
-						}
-					}
-					unset($sql, $parameters, $result, $row);
-
-				//delete the group
-					$array['groups'][0]['group_uuid'] = $group_uuid;
-					if (is_uuid($domain_uuid)) {
-						$array['groups'][0]['domain_uuid'] = $domain_uuid;
-					}
-
-					$database = new database;
-					$database->app_name = 'groups';
-					$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-					$database->delete($array);
-					unset($array);
-
-				//set message
-					message::add($text['message-delete']);
-
-			}
-			unset($sql, $parameters, $row);
-	}
-
-//redirect the user
-	header("Location: groups.php");
-
-?>

core/groups/groupedit.php

@@ -1,417 +0,0 @@
-<?php
-/*
-	FusionPBX
-	Version: MPL 1.1
-
-	The contents of this file are subject to the Mozilla Public License Version
-	1.1 (the "License"); you may not use this file except in compliance with
-	the License. You may obtain a copy of the License at
-	http://www.mozilla.org/MPL/
-
-	Software distributed under the License is distributed on an "AS IS" basis,
-	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-	for the specific language governing rights and limitations under the
-	License.
-
-	The Original Code is FusionPBX
-
-	The Initial Developer of the Original Code is
-	Mark J Crane <[email protected]>
-	Portions created by the Initial Developer are Copyright (C) 2008-2019
-	the Initial Developer. All Rights Reserved.
-
-	Contributor(s):
-	Mark J Crane <[email protected]>
-*/
-
-//includes
-	include "root.php";
-	require_once "resources/require.php";
-	require_once "resources/check_auth.php";
-
-//check permissions
-	if (permission_exists('group_edit')) {
-		//access allowed
-	}
-	else {
-		echo "access denied";
-		return;
-	}
-
-//add multi-lingual support
-	$language = new text;
-	$text = $language->get();
-
-//process update
-	if (count($_POST) > 0) {
-		//set the variables
-			$group_uuid = $_POST['group_uuid'];
-			$group_name = $_POST['group_name'];
-			$group_name_previous = $_POST['group_name_previous'];
-			$domain_uuid = $_POST["domain_uuid"];
-			$domain_uuid_previous = $_POST["domain_uuid_previous"];
-			$group_level = $_POST["group_level"];
-			$group_description = $_POST["group_description"];
-
-		//validate the token
-			$token = new token;
-			if (!$token->validate($_SERVER['PHP_SELF'])) {
-				message::add($text['message-invalid_token'],'negative');
-				header('Location: groups.php');
-				exit;
-			}
-
-		//check for global/domain duplicates
-			$sql = "select count(*) from v_groups ";
-			$sql .= "where group_name = :group_name ";
-			$sql .= "and group_uuid <> :group_uuid ";
-			if (is_uuid($domain_uuid)) {
-				$sql .= "and domain_uuid = :domain_uuid ";
-				$parameters['domain_uuid'] = $domain_uuid;
-			}
-			else {
-				$sql .= "and domain_uuid is null ";
-			}
-			$parameters['group_name'] = $group_name;
-			$parameters['group_uuid'] = $group_uuid;
-			$database = new database;
-			$num_rows = $database->select($sql, $parameters, 'column');
-			$group_exists = ($num_rows > 0) ? true : false;
-			unset($sql, $parameters, $num_rows);
-
-		//update group
-			if (!$group_exists) {
-				$array['groups'][0]['group_uuid'] = $group_uuid;
-				$array['groups'][0]['domain_uuid'] = is_uuid($domain_uuid) ? $domain_uuid : null;
-				$array['groups'][0]['group_name'] = $group_name;
-				$array['groups'][0]['group_level'] = $group_level;
-				$array['groups'][0]['group_description'] = $group_description;
-				$database = new database;
-				$database->app_name = 'groups';
-				$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-				$database->save($array);
-				unset($array);
-
-				//group changed from global to domain-specific
-				if (!is_uuid($domain_uuid_previous) && is_uuid($domain_uuid)) {
-					//remove any users assigned to the group from the old domain
-						$sql = "delete from v_user_groups where group_uuid = :group_uuid and domain_uuid <> :domain_uuid ";
-						$parameters['group_uuid'] = $group_uuid;
-						$parameters['domain_uuid'] = $domain_uuid;
-						$database = new database;
-						$database->app_name = 'groups';
-						$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-						$database->execute($sql, $parameters);
-						unset($sql, $parameters);
-
-					//update permissions to use new domain uuid
-						$sql = "update v_group_permissions set domain_uuid = :domain_uuid where group_name = :group_name and domain_uuid is null ";
-						$parameters['domain_uuid'] = $domain_uuid;
-						$parameters['group_name'] = $group_name_previous;
-						$database = new database;
-						$database->app_name = 'groups';
-						$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-						$database->execute($sql, $parameters);
-						unset($sql, $parameters);
-
-					//change group name
-						if ($group_name != $group_name_previous && $group_name != '') {
-							//change group name in group users
-								$sql = "update v_user_groups set group_name = :group_name_new where group_uuid = :group_uuid and group_name = :group_name_old ";
-								$parameters['group_name_new'] = $group_name;
-								$parameters['group_uuid'] = $group_uuid;
-								$parameters['group_name_old'] = $group_name_previous;
-								$database = new database;
-								$database->app_name = 'groups';
-								$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-								$database->execute($sql, $parameters);
-								unset($sql, $parameters);
-
-							//change group name in permissions
-								$sql = "update v_group_permissions set group_name = :group_name_new where domain_uuid = :domain_uuid and group_name = :group_name_old ";
-								$parameters['group_name_new'] = $group_name;
-								$parameters['domain_uuid'] = $domain_uuid;
-								$parameters['group_name_old'] = $group_name_previous;
-								$database = new database;
-								$database->app_name = 'groups';
-								$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-								$database->execute($sql, $parameters);
-								unset($sql, $parameters);
-						}
-				}
-				//group changed from one domain to another
-				else if (is_uuid($domain_uuid_previous) && is_uuid($domain_uuid) && $domain_uuid_previous != $domain_uuid) {
-					//remove any users assigned to the group from the old domain
-						$array['user_groups'][0]['group_uuid'] = $group_uuid;
-						$array['user_groups'][0]['domain_uuid'] = $domain_uuid_previous;
-
-						$p = new permissions;
-						$p->add('user_group_delete', 'temp');
-
-						$database = new database;
-						$database->app_name = 'groups';
-						$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-						$database->delete($array);
-						unset($array);
-
-						$p->delete('user_group_delete', 'temp');
-					//update permissions to use new domain uuid
-						$sql = "update v_group_permissions set domain_uuid = :domain_uuid_new where group_name = :group_name and domain_uuid = :domain_uuid_old ";
-						$parameters['domain_uuid_new'] = $domain_uuid;
-						$parameters['group_name'] = $group_name_previous;
-						$parameters['domain_uuid_old'] = $domain_uuid_previous;
-						$database = new database;
-						$database->app_name = 'groups';
-						$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-						$database->execute($sql, $parameters);
-						unset($sql, $parameters);
-					//change group name
-						if ($group_name != $group_name_previous && $group_name != '') {
-							//change group name in group users
-								$sql = "update v_user_groups set group_name = :group_name_new where group_uuid = :group_uuid and group_name = :group_name_old ";
-								$parameters['group_name_new'] = $group_name;
-								$parameters['group_uuid'] = $group_uuid;
-								$parameters['group_name_old'] = $group_name_previous;
-								$database = new database;
-								$database->app_name = 'groups';
-								$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-								$database->execute($sql, $parameters);
-								unset($sql, $parameters);
-							//change group name in permissions
-								$sql = "update v_group_permissions set group_name = :group_name_new where domain_uuid = :domain_uuid and group_name = :group_name_old ";
-								$parameters['group_name_new'] = $group_name;
-								$parameters['domain_uuid'] = $domain_uuid;
-								$parameters['group_name_old'] = $group_name_previous;
-								$database = new database;
-								$database->app_name = 'groups';
-								$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-								$database->execute($sql, $parameters);
-								unset($sql, $parameters);
-						}
-				}
-
-				//group changed from domain-specific to global
-				else if (is_uuid($domain_uuid_previous) && !is_uuid($domain_uuid)) {
-					//change group name
-						if ($group_name != $group_name_previous && $group_name != '') {
-							//change group name in group users
-								$sql = "update v_user_groups set group_name = :group_name_new where group_uuid = :group_uuid and group_name = :group_name_old ";
-								$parameters['group_name_new'] = $group_name;
-								$parameters['group_uuid'] = $group_uuid;
-								$parameters['group_name_old'] = $group_name_previous;
-								$database = new database;
-								$database->app_name = 'groups';
-								$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-								$database->execute($sql, $parameters);
-								unset($sql, $parameters);
-							//change group name in permissions
-								$sql = "update v_group_permissions set group_name = :group_name_new where domain_uuid = :domain_uuid and group_name = :group_name_old ";
-								$parameters['group_name_new'] = $group_name;
-								$parameters['domain_uuid'] = $domain_uuid_previous;
-								$parameters['group_name_old'] = $group_name_previous;
-								$database = new database;
-								$database->app_name = 'groups';
-								$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-								$database->execute($sql, $parameters);
-								unset($sql, $parameters);
-						}
-					//update permissions to not use a domain uuid
-						$sql = "update v_group_permissions set domain_uuid = null where group_name = :group_name and domain_uuid = :domain_uuid ";
-						$parameters['group_name'] = $group_name;
-						$parameters['domain_uuid'] = $domain_uuid_previous;
-						$database = new database;
-						$database->app_name = 'groups';
-						$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-						$database->execute($sql, $parameters);
-						unset($sql, $parameters);
-				}
-
-				//domain didn't change, but name may still
-				else {
-					//change group name
-						if ($group_name != $group_name_previous && $group_name != '') {
-							//change group name in group users
-								$sql = "update v_user_groups set group_name = :group_name_new where group_uuid = :group_uuid and group_name = :group_name_old ";
-								$parameters['group_name_new'] = $group_name;
-								$parameters['group_uuid'] = $group_uuid;
-								$parameters['group_name_old'] = $group_name_previous;
-								$database = new database;
-								$database->app_name = 'groups';
-								$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-								$database->execute($sql, $parameters);
-								unset($sql, $parameters);
-							//change group name in permissions
-								$sql = "update v_group_permissions set group_name = :group_name_new ";
-								if (is_uuid($domain_uuid)) {
-									$sql .= "where domain_uuid = :domain_uuid ";
-									$parameters['domain_uuid'] = $domain_uuid;
-								}
-								else {
-									$sql .= "where domain_uuid is null ";
-								}
-								$sql .= "and group_name = :group_name_old ";
-								$parameters['group_name_new'] = $group_name;
-								$parameters['group_name_old'] = $group_name_previous;
-								$database = new database;
-								$database->app_name = 'groups';
-								$database->app_uuid = '2caf27b0-540a-43d5-bb9b-c9871a1e4f84';
-								$database->execute($sql, $parameters);
-								unset($sql, $parameters);
-						}
-				}
-
-				message::add($text['message-update']);
-				header("Location: groups.php");
-			}
-			else {
-				message::add($text['message-group_exists'], 'negative');
-				header("Location: groupedit.php?id=".$group_uuid);
-			}
-
-		//redirect the user
-			return;
-	}
-
-//pre-populate the form
-	$group_uuid = $_REQUEST['id'];
-	if (is_uuid($group_uuid)) {
-		$sql = "select * from v_groups where ";
-		$sql .= "group_uuid = :group_uuid ";
-		$parameters['group_uuid'] = $group_uuid;
-		$database = new database;
-		$row = $database->select($sql, $parameters, 'row');
-		if (is_array($row) && sizeof($row) != 0) {
-			$group_name = $row['group_name'];
-			$domain_uuid = $row['domain_uuid'];
-			$group_level = $row['group_level'];
-			$group_description = $row['group_description'];
-		}
-		unset($sql, $parameters, $row);
-	}
-
-//create token
-	$object = new token;
-	$token = $object->create($_SERVER['PHP_SELF']);
-
-//include the header
-	include "resources/header.php";
-	$document['title'] = $text['title-group_edit'];
-
-//copy group javascript
-	echo "<script language='javascript' type='text/javascript'>\n";
-	echo "	function copy_group() {\n";
-	echo "		var new_group_name;\n";
-	echo "		var new_group_desc;\n";
-	echo "		new_group_name = prompt('".$text['message-new_group_name']."');\n";
-	echo "		if (new_group_name != null) {\n";
-	echo "			new_group_desc = prompt('".$text['message-new_group_description']."');\n";
-	echo "			if (new_group_desc != null) {\n";
-	echo "				window.location = 'permissions_copy.php?id=".escape($group_uuid)."&new_group_name=' + new_group_name + '&new_group_desc=' + new_group_desc;\n";
-	echo "			}\n";
-	echo "		}\n";
-	echo "	}\n";
-	echo "</script>\n";
-
-//show the content
-	echo "<form name='login' method='post' action=''>\n";
-
-	echo "<table width='100%' cellpadding='0' cellspacing='0'>\n";
-	echo "	<tr>\n";
-	echo "		<td align='left' valign='top'>\n";
-	echo "			<b>".$text['header-group_edit']."</b>\n";
-	echo "			<br><br>\n";
-	echo "			".$text['description-group_edit']."\n";
-	echo "		</td>\n";
-	echo "		<td align='right' valign='top'>\n";
-	echo "			<input type='button' class='btn' name='' alt='back' onclick=\"window.location='groups.php'\" value='".$text['button-back']."'> ";
-	echo "			<input type='button' class='btn' alt='".$text['button-copy']."' onclick='copy_group();' value='".$text['button-copy']."'>";
-	echo "  		<input type='submit' class='btn' value=\"".$text['button-save']."\">\n";
-	echo "		</td>\n";
-	echo "	</tr>\n";
-	echo "</table>\n";
-	echo "<br>";
-
-	echo "<table width='100%' cellpadding='0' cellspacing='0'>\n";
-	echo "<tr>\n";
-	echo "<td width='30%' class='vncellreq' valign='top'>\n";
-	echo 	$text['label-group_name']."\n";
-	echo "</td>\n";
-	echo "<td width='70%' align='left' class='vtable'>\n";
-	echo "	<input type='hidden' name='group_name_previous' value=\"".escape($group_name)."\">\n";
-	echo "  <input type='text' class='formfld' name='group_name' value=\"".escape($group_name)."\">\n";
-	echo "</td>\n";
-	echo "</tr>\n";
-
-	if (permission_exists('group_domain')) {
-		echo "<tr>\n";
-		echo "<td class='vncell' valign='top'>\n";
-		echo "	".$text['label-domain']."\n";
-		echo "</td>\n";
-		echo "<td class='vtable' align='left'>\n";
-		echo "	<input type='hidden' name='domain_uuid_previous' value='".escape($domain_uuid)."'>\n";
-		echo "	<select class='formfld' name='domain_uuid'>\n";
-		echo "	<option value='' ".((strlen($domain_uuid) == 0) ? "selected='selected'" : null).">".$text['option-global']."</option>\n";
-		foreach ($_SESSION['domains'] as $row) {
-			echo "<option value='".escape($row['domain_uuid'])."' ".(($row['domain_uuid'] == $domain_uuid) ? "selected='selected'" : null).">".escape($row['domain_name'])."</option>\n";
-		}
-		echo "	</select>\n";
-		echo "	<br />\n";
-		echo 	$text['description-domain_name']."\n";
-		echo "</td>\n";
-		echo "</tr>\n";
-	}
-	else {
-		echo "<input type='hidden' name='domain_uuid' value='".escape($domain_uuid)."'>";
-	}
-
-	echo "<tr>\n";
-	echo "<td class='vncell' valign='top'>\n";
-	echo "		".$text['label-level']."\n";
-	echo "</td>\n";
-	echo "<td align='left' class='vtable' valign='top'>\n";
-	echo "		<select name='group_level' class='formfld'>\n";
-	$i = 10;
-	while ($i <= 90) {
-		$selected = ($i == $group_level) ? "selected" : null;
-		if (strlen($i) == 1) {
-			echo "			<option value='00$i' ".$selected.">00$i</option>\n";
-		}
-		if (strlen($i) == 2) {
-			echo "			<option value='0$i' ".$selected.">0$i</option>\n";
-		}
-		if (strlen($i) == 3) {
-			echo "			<option value='$i' ".$selected.">$i</option>\n";
-		}
-		$i = $i + 10;
-	}
-	echo "		</select>\n";
-	echo "		<br />\n";
-	echo "</td>\n";
-	echo "</tr>\n";
-
-	echo "<tr>\n";
-	echo "<td class='vncell' valign='top'>\n";
-	echo 	$text['label-group_description']."\n";
-	echo "</td>\n";
-	echo "<td align='left' class='vtable' valign='top'>\n";
-	echo "	<textarea name='group_description' class='formfld' style='width: 250px; height: 50px;'>".$group_description."</textarea>\n";
-	echo "</td>\n";
-	echo "</tr>\n";
-
-	echo "<tr>\n";
-	echo "<td colspan='2' align='right'>\n";
-	echo "	<input type='hidden' name='group_uuid' value='".escape($group_uuid)."'>\n";
-	echo "	<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
-	echo "	<br />";
-	echo "	<input type='submit' class='btn' value=\"".$text['button-save']."\">\n";
-	echo "</td>\n";
-	echo "</tr>\n";
-
-	echo "</table>\n";
-	echo "<br><br>";
-	echo "</form>";
-
-//include the footer
-	include "resources/footer.php";
-
-?>

core/groups/groups.php

@@ -1,259 +1,266 @@
-<?php
-/*
-	FusionPBX
-	Version: MPL 1.1
-
-	The contents of this file are subject to the Mozilla Public License Version
-	1.1 (the "License"); you may not use this file except in compliance with
-	the License. You may obtain a copy of the License at
-	http://www.mozilla.org/MPL/
-
-	Software distributed under the License is distributed on an "AS IS" basis,
-	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
-	for the specific language governing rights and limitations under the
-	License.
-
-	The Original Code is FusionPBX
-
-	The Initial Developer of the Original Code is
-	Mark J Crane <[email protected]>
-	Portions created by the Initial Developer are Copyright (C) 2008-2017
-	the Initial Developer. All Rights Reserved.
-
-	Contributor(s):
-	Mark J Crane <[email protected]>
-*/
-
-//includes
-	include "root.php";
-	require_once "resources/require.php";
-	require_once "resources/check_auth.php";
-
-//check permissions
-	if (permission_exists('group_all')) {
-		//access allowed
-	}
-	else {
-		echo "access denied";
-		return;
-	}
-
-//add multi-lingual support
-	$language = new text;
-	$text = $language->get();
-
-//show the header
-	require_once "resources/header.php";
-	$document['title'] = $text['title-group_manager'];
-	if (isset($_REQUEST["change"])) {
-		//get the values from the HTTP POST and save them as PHP variables
-		$change = $_REQUEST["change"];
-		$group_uuid = $_REQUEST["group_uuid"];
-		$group_name = $_REQUEST["group_name"];
-
-		$sql = "update v_groups set group_protected = :group_protected ";
-		$sql .= "where group_uuid = :group_uuid ";
-		if (!permission_exists('group_domain')) {
-			$sql .= "and (";
-			$sql .= "	domain_uuid = :domain_uuid ";
-			$sql .= "	or domain_uuid is null ";
-			$sql .= ") ";
-			$parameters['domain_uuid'] = $domain_uuid;
-		}
-		$parameters['group_protected'] = $change;
-		$parameters['group_uuid'] = $group_uuid;
-		$database = new database;
-		$database->execute($sql, $parameters);
-		unset($sql, $parameters);
-
-		message::add($text['message-update']);
-	}
-
-//get the groups
-	$sql = "select * from v_groups ";
-	if (!(permission_exists('group_all') && $_GET['show'] == 'all')) {
-		$sql .= "where domain_uuid = :domain_uuid ";
-		$sql .= "or domain_uuid is null ";
-		$parameters['domain_uuid'] = $domain_uuid;
-	}
-	$sql .= "order by domain_uuid desc, group_name asc ";
-	$database = new database;
-	$groups = $database->select($sql, $parameters, 'all');
-	unset($sql, $parameters);
-	//$system_groups = array('superadmin','admin','user','public','agent');
-	$system_groups = array();
-
-//get group counts
-	$sql = "select group_uuid, count(user_uuid) as group_count from v_user_groups ";
-	if (!permission_exists('user_all')) {
-		$sql .= "where domain_uuid = :domain_uuid ";
-		$parameters['domain_uuid'] = $_SESSION['domain_uuid'];
-	}
-	$sql .= "group by group_uuid ";
-	$database = new database;
-	$result = $database->select($sql, $parameters, 'all');
-	if (is_array($result) && sizeof($result) != 0) {
-		foreach ($result as $row) {
-			$group_counts[$row['group_uuid']] = $row['group_count'];
-		}
-	}
-	unset($sql, $parameters, $result, $row);
-
-//show the content
-	echo "<table width='100%' cellpadding='0' cellspacing='0' border='0'>";
-	echo "<tr>";
-	echo "<td width='50%' valign='top'>";
-	echo "	<b>".$text['header-group_manager']."</b>";
-	echo "	<br><br>";
-	echo "</td>";
-	echo "<td width='50%' align='right' valign='top'>";
-	if (permission_exists('group_all')) {
-		if ($_GET['show'] != 'all') {
-			echo "<input type='button' class='btn' value='".$text['button-show_all']."' onclick=\"window.location='groups.php?show=all';\">\n";
-		}
-	}
-	if (permission_exists('user_view')) {
-		echo "  <input type='button' class='btn' onclick=\"window.location='../users/users.php'\" value='".$text['header-user_manager']."'>";
-	}
-	if (permission_exists('group_edit')) {
-		echo "	<input type='button' class='btn' alt='".$text['button-restore']."' onclick=\"window.location='permissions_default.php'\" value='".$text['button-restore']."'>";
-	}
-	echo "</td>\n";
-	echo "</tr>";
-	echo "</table>";
-	echo "<br>";
-
-//set the row styles
-	$c = 0;
-	$row_style["0"] = "row_style0";
-	$row_style["1"] = "row_style1";
-
-//set the columns
-	$column_count = 5;
-
-//build the html
-	$html = "<table class='tr_hover' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
-	$html .= "<tr>\n";
-	if (permission_exists('group_all') && $_GET['show'] == 'all') {
-		$column_count++;
-		$html .= "	<th nowrap='nowrap'>".$text['label-domain']."</th>\n";
-	}
-	$html .= "	<th nowrap='nowrap'>".$text['label-group_name']."</th>\n";
-	$html .= "	<th nowrap='nowrap'>".$text['label-group_tools']."</th>\n";
-	$html .= "	<th nowrap='nowrap'>".$text['label-level']."</th>\n";
-	$html .= "	<th style='text-align: center;' nowrap='nowrap'>".$text['label-group_protected']."</th>\n";
-	$html .= "	<th nowrap='nowrap'>".$text['label-group_description']."</th>\n";
-	$html .= "	<td class='list_control_icons' style='width: 25px;'>";
-	if (permission_exists('group_add')) {
-		$html .= "<a href='groupadd.php' alt='".$text['button-add']."'>".$v_link_label_add."</a>";
-	}
-	$html .= "	</td>\n";
-	$html .= "</tr>\n";
-
-	$count = 0;
-	foreach ($groups as &$row) {
-		$domain_uuid = $row['domain_uuid'];
-		$group_uuid = $row["group_uuid"];
-		$group_name = $row["group_name"];
-		$group_level = $row["group_level"];
-		$group_protected = $row["group_protected"];
-		$group_description = $row["group_description"];
-		if (strlen($group_name) == 0) { $group_name = "&nbsp;"; }
-		if (strlen($group_description) == 0) { $group_description = "&nbsp;"; }
-		$group_description = wordwrap($group_description, 50, "<br />\n");
-
-		if (!if_group("superadmin") && $group_name == "superadmin") {
-			//hide the superadmin group from non superadmin's
-		}
-		else {
-			if (permission_exists('group_edit') && !($domain_uuid == '' && in_array($group_name, $system_groups))) {
-				$tr_link = (permission_exists('group_edit')) ? "href='groupedit.php?id=".$group_uuid."'" : null;
-			}
-			else {
-				unset($tr_link);
-			}
-			$html .= "<tr ".$tr_link.">\n";
-			if (permission_exists('group_all') && $_GET['show'] == 'all') {
-				$html .= "";
-				if (strlen($_SESSION['domains'][$domain_uuid]['domain_name']) > 0) {
-					$domain = $_SESSION['domains'][$domain_uuid]['domain_name'];
-				}
-				else {
-					$domain = $text['label-global'];
-				}
-				$html .= "<td class='".$row_style[$c]."' nowrap='nowrap'>$domain</td>\n";
-			}
-			$html .= "<td class='".$row_style[$c]."' nowrap='nowrap'>";
-			if (permission_exists('group_edit') && !($domain_uuid == '' && in_array($group_name, $system_groups))) {
-				$html .= "<a href='groupedit.php?id=".$group_uuid."'>".(($domain_uuid == '' && $_GET['show'] != 'all') ? "<i>".$group_name."</i>" : $group_name)."</a>";
-			}
-			else {
-				$html .= ($domain_uuid == '' && $_GET['show'] != 'all') ? "<i>".$group_name."</i>" : $group_name;
-			}
-			$html .= "</td>\n";
-
-			$html .= "<td class='".$row_style[$c]." tr_link_void' nowrap='nowrap'>\n";
-			if (permission_exists('group_add') || if_group("superadmin")) {
-				$html .= "<a class='' href='group_permissions.php?group_uuid=".$group_uuid."' title='".$text['label-group_permissions']."'>".$text['label-group_permissions']."</a>&nbsp;&nbsp;&nbsp;";
-			}
-			if (permission_exists('group_member_view') || if_group("superadmin")) {
-				$html .= "<a class='' href='groupmembers.php?group_uuid=".$group_uuid."&group_name=".$group_name."' title='".$text['label-group_members']."'>".$text['label-group_members']."</a>";
-				if (sizeof($group_counts) > 0 && $group_counts[$group_uuid] > 0) {
-					$html .= " <span style='font-size: 80%;'>(".$group_counts[$group_uuid].")</span>";
-				}
-			}
-			$html .= "</td>\n";
-
-			$html .= "<td class='".$row_style[$c]."' nowrap='nowrap'>";
-			$html .= "	".$group_level;
-			$html .= "</td>\n";
-
-			$html .= "<td class='".$row_style[$c]." tr_link_void' style='padding: 0px; text-align: center;' align='center' nowrap='nowrap'>\n";
-			$html .= "	<input type='checkbox' name='group_protected' ".(($group_protected == "true") ? "checked='checked'" : null)." value='".(($group_protected == "true") ? 'false' : 'true')."' onchange=\"window.location='".PROJECT_PATH."/core/groups/groups.php?change=".(($group_protected == "true") ? 'false' : 'true')."&group_uuid=".$group_uuid."&group_name=".$group_name.(($_GET['show'] == 'all') ? "&show=all" : null)."';\">\n";
-			$html .= "</td>\n";
-
-			$html .= "<td class='row_stylebg' nowrap='nowrap'>".$group_description."</td>\n";
-			$html .= "<td class='list_control_icons' style='width: 25px;'>";
-			if (permission_exists('group_edit')) {
-				if (!($domain_uuid == '' && in_array($group_name, $system_groups))) {
-					$html .= "<a href='groupedit.php?id=".$group_uuid."' alt='".$text['button-edit']."'>".$v_link_label_edit."</a>";
-				}
-				else {
-					$html .= "<span onclick=\"alert('".$text['message-default_system_group']."');\" alt='".$text['button-edit']."'>".str_replace("list_control_icon", "list_control_icon_disabled", $v_link_label_edit)."</span>";
-				}
-			}
-			if (permission_exists('group_delete')) {
-				if (!($domain_uuid == '' && in_array($group_name, $system_groups))) {
-					$html .= "<a href='groupdelete.php?id=".$group_uuid."' onclick=\"return confirm('".$text['confirm-delete']."')\" alt='".$text['button-delete']."'>".$v_link_label_delete."</a>";
-				}
-				else {
-					$html .= "<span onclick=\"alert('".$text['message-default_system_group']."');\" alt='".$text['button-delete']."'>".str_replace("list_control_icon", "list_control_icon_disabled", $v_link_label_delete)."</span>";
-				}
-			}
-			$html .= "</td>\n";
-			$html .= "</tr>\n";
-		}
-		$c = ($c) ? 0 : 1;
-		$count++;
-	}
-	
-	$html .= "<tr>\n";
-	$html .= "<td colspan='".$column_count."'>&nbsp;</td>";
-	$html .= "<td class='list_control_icons' style='width: 25px;'>";
-	if (permission_exists('group_add')) {
-		$html .= "<a href='groupadd.php' alt='".$text['button-add']."'>".$v_link_label_add."</a>";
-	}
-	$html .= "</td>\n";
-	$html .= "</tr>\n";
-
-	$html .= "</table>\n";
-	$html .= "<br>";
-
-	if ($count > 0) {
-		echo $html;
-	}
-
-//show the footer
-	require_once "resources/footer.php";
-
-?>
+<?php
+/*
+	FusionPBX
+	Version: MPL 1.1
+
+	The contents of this file are subject to the Mozilla Public License Version
+	1.1 (the "License"); you may not use this file except in compliance with
+	the License. You may obtain a copy of the License at
+	http://www.mozilla.org/MPL/
+
+	Software distributed under the License is distributed on an "AS IS" basis,
+	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+	for the specific language governing rights and limitations under the
+	License.
+
+	The Original Code is FusionPBX
+
+	The Initial Developer of the Original Code is
+	Mark J Crane <[email protected]>
+	Portions created by the Initial Developer are Copyright (C) 2018 - 2019
+	the Initial Developer. All Rights Reserved.
+
+	Contributor(s):
+	Mark J Crane <[email protected]>
+*/
+
+//includes
+	require_once "root.php";
+	require_once "resources/require.php";
+	require_once "resources/check_auth.php";
+	require_once "resources/paging.php";
+
+//check permissions
+	if (permission_exists('group_view')) {
+		//access granted
+	}
+	else {
+		echo "access denied";
+		exit;
+	}
+
+//add multi-lingual support
+	$language = new text;
+	$text = $language->get();
+
+//get the http post data
+	if (is_array($_POST['groups'])) {
+		$action = $_POST['action'];
+		$search = $_POST['search'];
+		$groups = $_POST['groups'];
+	}
+
+//process the http post data by action
+	if ($action != '' && is_array($groups) && @sizeof($groups) != 0) {
+		switch ($action) {
+			case 'copy':
+				if (permission_exists('group_add')) {
+					$obj = new groups;
+					$obj->copy($groups);
+				}
+				break;
+			case 'toggle':
+				if (permission_exists('group_edit')) {
+					$obj = new groups;
+					$obj->toggle($groups);
+				}
+				break;
+			case 'delete':
+				if (permission_exists('group_delete')) {
+					$obj = new groups;
+					$obj->delete($groups);
+				}
+				break;
+		}
+
+		header('Location: groups.php'.($search != '' ? '?search='.urlencode($search) : null));
+		exit;
+	}
+
+//get order and order by
+	$order_by = $_GET["order_by"];
+	$order = $_GET["order"];
+
+//add the search string
+	if (isset($_GET["search"])) {
+		$search =  strtolower($_GET["search"]);
+		$sql_search = " (";
+		$sql_search .= "	lower(group_name) like :search ";
+		$sql_search .= "	or lower(group_description) like :search ";
+		$sql_search .= ") ";
+		$parameters['search'] = '%'.$search.'%';
+	}
+
+//get the count
+	$sql = "select count(*) from view_groups ";
+	if ($_GET['show'] == "all" && permission_exists('group_all')) {
+		if (isset($sql_search)) {
+			$sql .= "where ".$sql_search;
+		}
+	}
+	else {
+		$sql .= "where (domain_uuid = :domain_uuid or domain_uuid is null) ";
+		if (isset($sql_search)) {
+			$sql .= "and ".$sql_search;
+		}
+		$parameters['domain_uuid'] = $domain_uuid;
+	}
+	$database = new database;
+	$num_rows = $database->select($sql, $parameters, 'column');
+
+//prepare to page the results
+	$rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50;
+	$param = $search ? "&search=".$search : null;
+	$param = ($_GET['show'] == 'all' && permission_exists('group_all')) ? "&show=all" : null;
+	$page = is_numeric($_GET['page']) ? $_GET['page'] : 0;
+	list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page);
+	list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true);
+	$offset = $rows_per_page * $page;
+
+//get the list
+	$sql = str_replace('count(*)', '*', $sql);
+	$sql .= order_by($order_by, $order, 'group_name', 'asc');
+	$sql .= limit_offset($rows_per_page, $offset);
+	$database = new database;
+	$groups = $database->select($sql, $parameters, 'all');
+	unset($sql, $parameters);
+
+//create token
+	$object = new token;
+	$token = $object->create($_SERVER['PHP_SELF']);
+
+//include the header
+	require_once "resources/header.php";
+
+//show the content
+	echo "<div class='action_bar' id='action_bar'>\n";
+	echo "	<div class='heading'><b>".$text['title-groups']." (".$num_rows.")</b></div>\n";
+	echo "	<div class='actions'>\n";
+	if (permission_exists('group_add')) {
+		echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$_SESSION['theme']['button_icon_add'],'link'=>'group_edit.php']);
+	}
+	if (permission_exists('group_add') && $groups) {
+		echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'onclick'=>"if (confirm('".$text['confirm-copy']."')) { list_action_set('copy'); list_form_submit('form_list'); } else { this.blur(); return false; }"]);
+	}
+	if (permission_exists('group_edit') && $groups) {
+		echo button::create(['type'=>'button','label'=>$text['button-toggle'],'icon'=>$_SESSION['theme']['button_icon_toggle'],'onclick'=>"if (confirm('".$text['confirm-toggle']."')) { list_action_set('toggle'); list_form_submit('form_list'); } else { this.blur(); return false; }"]);
+	}
+	if (permission_exists('group_delete') && $groups) {
+		echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'onclick'=>"if (confirm('".$text['confirm-delete']."')) { list_action_set('delete'); list_form_submit('form_list'); } else { this.blur(); return false; }"]);
+	}
+	echo 		"<form id='form_search' class='inline' method='get'>\n";
+	if (permission_exists('group_all')) {
+		if ($_GET['show'] == 'all') {
+			echo "		<input type='hidden' name='show' value='all'>\n";
+		}
+		else {
+			echo button::create(['type'=>'button','label'=>$text['button-show_all'],'icon'=>$_SESSION['theme']['button_icon_all'],'link'=>'?show=all']);
+		}
+	}
+
+	echo button::create(['type'=>'button','label'=>$text['button-users'],'icon'=>$_SESSION['theme']['button_icon_users'],'onclick'=>"window.location='../users/users.php'"]);
+	echo button::create(['type'=>'button','label'=>$text['button-restore_default'],'icon'=>$_SESSION['theme']['button_icon_sync'],'onclick'=>"window.location='permissions_default.php'"]);
+
+	echo 		"<input type='text' class='txt list-search' name='search' id='search' value=\"".escape($search)."\" placeholder=\"".$text['label-search']."\" onkeydown='list_search_reset();'>";
+	echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search','style'=>($search != '' ? 'display: none;' : null)]);
+	echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','link'=>'groups.php','style'=>($search == '' ? 'display: none;' : null)]);
+	if ($paging_controls_mini != '') {
+		echo 	"<span style='margin-left: 15px;'>".$paging_controls_mini."</span>\n";
+	}
+	echo "		</form>\n";
+	echo "	</div>\n";
+	echo "	<div style='clear: both;'></div>\n";
+	echo "</div>\n";
+
+	echo $text['description-groups']."\n";
+	echo "<br /><br />\n";
+
+	echo "<form id='form_list' method='post'>\n";
+	echo "<input type='hidden' id='action' name='action' value=''>\n";
+	echo "<input type='hidden' name='search' value=\"".escape($search)."\">\n";
+
+	echo "<table class='list'>\n";
+	echo "<tr class='list-header'>\n";
+	if (permission_exists('group_add') || permission_exists('group_edit') || permission_exists('group_delete')) {
+		echo "	<th class='checkbox'>\n";
+		echo "		<input type='checkbox' id='checkbox_all' name='checkbox_all' onclick='list_all_toggle();' ".($groups ?: "style='visibility: hidden;'").">\n";
+		echo "	</th>\n";
+	}
+	if ($_GET['show'] == 'all' && permission_exists('group_all')) {
+		echo th_order_by('domain_name', $text['label-domain'], $order_by, $order);
+	}
+	echo th_order_by('group_name', $text['label-group_name'], $order_by, $order);
+	//echo "<th style=''>".$text['label-group_permissions']."</th>\n";
+	//echo "<th style=''>".$text['label-group_members']."</th>\n";
+	echo "<th style=''>".$text['label-tools']."</th>\n";
+	echo th_order_by('group_level', $text['label-group_level'], $order_by, $order);
+	echo th_order_by('group_protected', $text['label-group_protected'], $order_by, $order, null, "class='center'");
+	echo "	<th class='hide-sm-dn'>".$text['label-group_description']."</th>\n";
+	if (permission_exists('group_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') {
+		echo "	<td class='action-button'>&nbsp;</td>\n";
+	}
+	echo "</tr>\n";
+
+	if (is_array($groups) && @sizeof($groups) != 0) {
+		$x = 0;
+		foreach ($groups as $row) {
+			if (permission_exists('group_edit')) {
+				$list_row_url = "group_edit.php?id=".urlencode($row['group_uuid']);
+			}
+			echo "<tr class='list-row' href='".$list_row_url."'>\n";
+			if (permission_exists('group_add') || permission_exists('group_edit') || permission_exists('group_delete')) {
+				echo "	<td class='checkbox'>\n";
+				echo "		<input type='checkbox' name='groups[$x][checked]' id='checkbox_".$x."' value='true' onclick=\"if (!this.checked) { document.getElementById('checkbox_all').checked = false; }\">\n";
+				echo "		<input type='hidden' name='groups[$x][uuid]' value='".escape($row['group_uuid'])."' />\n";
+				echo "	</td>\n";
+			}
+			if ($_GET['show'] == 'all' && permission_exists('group_all')) {
+				echo "	<td>".escape($_SESSION['domains'][$row['domain_uuid']]['domain_name'])."</td>\n";
+			}
+			echo "	<td>\n";
+			if (permission_exists('group_edit')) {
+				echo "	<a href='".$list_row_url."' title=\"".$text['button-edit']."\">".escape($row['group_name'])."</a>\n";
+			}
+			else {
+				echo "	".escape($row['group_name']);
+			}
+			echo "	</td>\n";
+			echo "	<td valign='top'>\n";
+			echo "		<a href=\"/core/groups/group_permissions.php?group_uuid=".urlencode($row['group_uuid'])."\">".$text['label-group_permissions']."</a>\n";
+			//echo "	</td>\n";
+			//echo "	<td valign='top'>\n";
+			echo "		&nbsp;&nbsp;\n";
+			echo "		<a href=\"/core/groups/groupmembers.php?group_uuid=".urlencode($row['group_uuid'])."\">".$text['label-group_members']." (".$row['group_members'].")</a>\n";
+			echo "	</td>\n";
+			echo "	<td>".escape($row['group_level'])."</td>\n";
+			if (permission_exists('group_edit')) {
+				echo "	<td class='no-link center'>\n";
+				echo button::create(['type'=>'submit','class'=>'link','label'=>$text['label-'.$row['group_protected']],'title'=>$text['button-toggle'],'onclick'=>"list_self_check('checkbox_".$x."'); list_action_set('toggle'); list_form_submit('form_list')"]);
+			}
+			else {
+				echo "	<td class='center'>\n";
+				echo $text['label-'.$row['group_protected']];
+			}
+			echo "	</td>\n";
+			echo "	<td class='description overflow hide-sm-dn'>".escape($row['group_description'])."</td>\n";
+			if (permission_exists('group_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') {
+				echo "	<td class='action-button'>\n";
+				echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]);
+				echo "	</td>\n";
+			}
+			echo "</tr>\n";
+			$x++;
+		}
+		unset($groups);
+	}
+
+	echo "</table>\n";
+	echo "<br />\n";
+	echo "<div align='center'>".$paging_controls."</div>\n";
+	echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
+	echo "</form>\n";
+
+//include the footer
+	require_once "resources/footer.php";
+
+?>