Portions created by the Initial Developer are Copyright (C) 2022-2024 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ //includes files require_once dirname(__DIR__, 2) . "/resources/require.php"; //if config.conf file does not exist then redirect to the install page if (file_exists("/usr/local/etc/fusionpbx/config.conf")){ //BSD } elseif (file_exists("/etc/fusionpbx/config.conf")){ //Linux } elseif (file_exists(getenv('SystemDrive') . DIRECTORY_SEPARATOR . 'ProgramData' . DIRECTORY_SEPARATOR . 'fusionpbx' . DIRECTORY_SEPARATOR . 'config.conf')) { // Windows } else { header("Location: /core/install/install.php"); exit; } //additional includes require_once "resources/check_auth.php"; //initialize the database $database = new database; //disable login message if (isset($_GET['msg']) && $_GET['msg'] == 'dismiss') { unset($_SESSION['login']['message']['text']); $sql = "update v_default_settings "; $sql .= "set default_setting_enabled = 'false' "; $sql .= "where "; $sql .= "default_setting_category = 'login' "; $sql .= "and default_setting_subcategory = 'message' "; $sql .= "and default_setting_name = 'text' "; $database->execute($sql); unset($sql); } //build a list of groups the user is a member of to be used in a SQL in if (is_array($_SESSION['user']['groups'])) { foreach ($_SESSION['user']['groups'] as $group) { $group_uuids[] = $group['group_uuid']; } } if (is_array($group_uuids)) { $group_uuids_in = "'".implode("','", $group_uuids)."'"; } //get the list $sql = "select "; $sql .= "dashboard_uuid, "; $sql .= "dashboard_name, "; $sql .= "dashboard_path, "; $sql .= "dashboard_icon, "; $sql .= "dashboard_url, "; $sql .= "dashboard_target, "; $sql .= "dashboard_width, "; $sql .= "dashboard_height, "; $sql .= "dashboard_content, "; $sql .= "dashboard_content_text_align, "; $sql .= "dashboard_content_details, "; $sql .= "dashboard_chart_type, "; $sql .= "cast(dashboard_label_enabled as text), "; $sql .= "dashboard_label_text_color, "; $sql .= "dashboard_label_text_color_hover, "; $sql .= "dashboard_label_background_color, "; $sql .= "dashboard_label_background_color_hover, "; $sql .= "dashboard_number_text_color, "; $sql .= "dashboard_number_text_color_hover, "; $sql .= "dashboard_background_color, "; $sql .= "dashboard_background_color_hover, "; $sql .= "dashboard_detail_background_color, "; $sql .= "dashboard_background_gradient_style, "; $sql .= "dashboard_background_gradient_angle, "; $sql .= "dashboard_column_span, "; $sql .= "dashboard_row_span, "; $sql .= "dashboard_details_state, "; $sql .= "dashboard_order, "; $sql .= "cast(dashboard_enabled as text), "; $sql .= "dashboard_description "; $sql .= "from v_dashboard as d "; $sql .= "where dashboard_enabled = 'true' "; $sql .= "and dashboard_parent_uuid is null "; $sql .= "and dashboard_uuid in ("; $sql .= " select dashboard_uuid from v_dashboard_groups where group_uuid in ("; $sql .= " ".$group_uuids_in." "; $sql .= " )"; $sql .= ")"; $sql .= "order by dashboard_order, dashboard_name asc "; $dashboard = $database->select($sql, $parameters ?? null, 'all'); unset($sql, $parameters); //get http post variables and set them to php variables if (count($_POST) > 0 && permission_exists('dashboard_edit')) { //set the variables from the http values if (isset($_POST["widget_order"])) { $widgets = explode(",", $_POST["widget_order"]); $dashboard_order = '0'; $x = 0; foreach ($widgets as $widget) { foreach ($dashboard as $row) { $dashboard_name = trim(preg_replace("/[^a-z]/", '_', strtolower($row['dashboard_name'])),'_'); if ($widget == $dashboard_name) { $dashboard_order = $dashboard_order + 10; $array['dashboard'][$x]['dashboard_uuid'] = $row['dashboard_uuid']; $array['dashboard'][$x]['dashboard_name'] = $row['dashboard_name']; $array['dashboard'][$x]['dashboard_icon'] = $row['dashboard_icon']; $array['dashboard'][$x]['dashboard_url'] = $row['dashboard_url']; $array['dashboard'][$x]['dashboard_content'] = $row['dashboard_content']; $array['dashboard'][$x]['dashboard_content_text_align'] = $row['dashboard_content_text_align']; $array['dashboard'][$x]['dashboard_content_details'] = $row['dashboard_content_details']; $array['dashboard'][$x]['dashboard_target'] = $row['dashboard_target']; $array['dashboard'][$x]['dashboard_width'] = $row['dashboard_width']; $array['dashboard'][$x]['dashboard_height'] = $row['dashboard_height']; $array['dashboard'][$x]['dashboard_order'] = $dashboard_order; $x++; } } } //save the data $database->app_name = 'dashboard'; $database->app_uuid = '55533bef-4f04-434a-92af-999c1e9927f7'; $database->save($array); //redirect the browser message::add($text['message-update']); header("Location: /core/dashboard/index.php"); return; } } //add multi-lingual support $language = new text; $text = $language->get(); //add the settings object $settings = new settings(["domain_uuid" => $_SESSION['domain_uuid'], "user_uuid" => $_SESSION['user_uuid']]); //load the header $document['title'] = $text['title-dashboard']; require_once "resources/header.php"; //include sortablejs echo ""; //include chart.js echo ""; //chart variables echo "\n"; //determine initial state all button to display $expanded_all = true; if (is_array($dashboard) && @sizeof($dashboard) != 0) { foreach ($dashboard as $row) { if ($row['dashboard_details_state'] == 'contracted' || $row['dashboard_details_state'] == 'hidden' || $row['dashboard_details_state'] == 'disabled') { $expanded_all = false; } } } //show the content echo "
\n"; echo "
".$text['title-dashboard']."
\n"; echo "
\n"; echo "
\n"; if ($_SESSION['theme']['menu_style']['text'] != 'side') { echo " ".$text['label-welcome']." ".$_SESSION["username"]."   "; } if (permission_exists('dashboard_edit')) { echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'id'=>'btn_back','name'=>'btn_back','style'=>'display: none;','onclick'=>"edit_mode('off');"]); echo button::create(['type'=>'submit','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save'],'id'=>'btn_save','name'=>'btn_save','style'=>'display: none; margin-left: 15px;']); } echo "\n"; echo button::create(['type'=>'button','label'=>$text['button-expand_all'],'icon'=>$_SESSION['theme']['button_icon_expand'],'id'=>'btn_expand','name'=>'btn_expand','style'=>($expanded_all ? 'display: none;' : null),'onclick'=>"$('.hud_details').slideDown('fast'); $(this).hide(); $('#btn_contract').show(); toggle_grid_row_end_all();"]); echo button::create(['type'=>'button','label'=>$text['button-collapse_all'],'icon'=>$_SESSION['theme']['button_icon_contract'],'id'=>'btn_contract','name'=>'btn_contract','style'=>(!$expanded_all ? 'display: none;' : null),'onclick'=>"$('.hud_details').slideUp('fast'); $(this).hide(); $('#btn_expand').show(); toggle_grid_row_end_all();"]); echo "\n"; if (permission_exists('dashboard_edit')) { echo button::create(['type'=>'button','label'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'id'=>'btn_edit','name'=>'btn_edit','style'=>'margin-left: 15px;','onclick'=>"edit_mode('on');"]); echo button::create(['type'=>'button','label'=>$text['button-settings'],'icon'=>$_SESSION['theme']['button_icon_add'],'id'=>'btn_add','name'=>'btn_add','link'=>'dashboard.php']); } echo " \n"; echo "
\n"; echo "
\n"; echo "
\n"; echo "
\n"; //display login message //if (if_group("superadmin") && isset($_SESSION['login']['message']['text']) && $_SESSION['login']['message']['text'] != '') { // echo "
".$text['login-message_attention']."  ".$_SESSION['login']['message']['text']."  (".$text['login-message_dismiss'].")
\n"; //} ?> \n"; $x = 0; foreach ($dashboard as $row) { //set the variables $dashboard_uuid = $row['dashboard_uuid'] ?? ''; $dashboard_name = $row['dashboard_name'] ?? ''; $dashboard_icon = $row['dashboard_icon'] ?? ''; $dashboard_url = $row['dashboard_url'] ?? ''; $dashboard_target = $row['dashboard_target'] ?? ''; $dashboard_width = $row['dashboard_width'] ?? ''; $dashboard_height = $row['dashboard_height'] ?? ''; $dashboard_content = $row['dashboard_content'] ?? ''; $dashboard_content_text_align = $row['dashboard_content_text_align'] ?? ''; $dashboard_content_details = $row['dashboard_content_details'] ?? ''; $dashboard_chart_type = $row['dashboard_chart_type'] ?? "doughnut"; $dashboard_label_text_color = $row['dashboard_label_text_color'] ?? $settings->get('theme', 'dashboard_label_text_color'); $dashboard_number_text_color = $row['dashboard_number_text_color'] ?? $settings->get('theme', 'dashboard_number_text_color'); $dashboard_details_state = $row['dashboard_details_state'] ?? "expanded"; $dashboard_row_span = $row['dashboard_row_span'] ?? 2; //define the regex patterns $uuid_pattern = '/[^-A-Fa-f0-9]/'; $number_pattern = '/[^-A-Za-z0-9()*#]/'; $text_pattern = '/[^a-zA-Z0-9 _\-\/.\?:\=#\n]/'; //sanitize the data $dashboard_uuid = preg_replace($uuid_pattern, '', $dashboard_uuid); $dashboard_name = trim(preg_replace($text_pattern, '', $dashboard_name)); $dashboard_name_id = trim(preg_replace("/[^a-z_]/", '_', strtolower($dashboard_name)),'_'); $dashboard_icon = preg_replace($text_pattern, '', $dashboard_icon); $dashboard_url = trim(preg_replace($text_pattern, '', $dashboard_url)); $dashboard_target = trim(preg_replace($text_pattern, '', $dashboard_target)); $dashboard_width = trim(preg_replace($text_pattern, '', $dashboard_width)); $dashboard_height = trim(preg_replace($text_pattern, '', $dashboard_height)); $dashboard_content = preg_replace($text_pattern, '', $dashboard_content); $dashboard_content = str_replace("\n", '
', $dashboard_content); $dashboard_content_text_align = trim(preg_replace($text_pattern, '', $dashboard_content_text_align)); $dashboard_content_details = preg_replace($text_pattern, '', $dashboard_content_details); $dashboard_content_details = str_replace("\n", '
', $dashboard_content_details); $dashboard_chart_type = preg_replace($text_pattern, '', $dashboard_chart_type); $dashboard_label_text_color = preg_replace($text_pattern, '', $dashboard_label_text_color); $dashboard_number_text_color = preg_replace($text_pattern, '', $dashboard_number_text_color); $dashboard_details_state = preg_replace($text_pattern, '', $dashboard_details_state); $dashboard_row_span = preg_replace($number_pattern, '', $dashboard_row_span); $dashboard_path = preg_replace($text_pattern, '', strtolower($row['dashboard_path'])); //find the application and widget $dashboard_path_array = explode('/', $dashboard_path); $application_name = $dashboard_path_array[0]; $widget_name = $dashboard_path_array[1]; $path_array = glob(dirname(__DIR__, 2).'/*/'.$application_name.'/resources/dashboard/'.$widget_name.'.php'); echo "
\n"; if (file_exists($path_array[0])) { include $path_array[0]; } echo "
\n"; $x++; } echo "\n"; //begin edit if (permission_exists('dashboard_edit')) { ?>