Ticket #3581: functions.inc.php.patch

File functions.inc.php.patch, 3.1 kB (added by jjshoe, 3 years ago)

  • functions.inc.php

    old new  
    45364536    $msgInvalidChannel = _("Please enter the channel for this device"); 
    45374537    $msgConfirmSecret = _("You have not entered a Secret for this device, although this is possible it is generally bad practice to not assign a Secret to a device. Are you sure you want to leave the Secret empty?"); 
    45384538    $msgInvalidSecret = _("Please enter a Secret for this device"); 
    4539     $msgSecretSameAsExtension = _("You have set your secret and device/extension to the same value. This can be a serious security vulnerability resulting in a hacker compromising your system to make free phone calls. There are many known instances where this has already occurred"); 
    45404539 
    45414540    // zap 
    45424541    $tmparr = array(); 
     
    45604559     
    45614560    // iax2 
    45624561    $tmparr = array(); 
    4563     $tmparr['secret'] = array('value' => '', 'level' => 0, 'jsvalidation' => '(' . $_REQUEST['extdisplay'] . ' == theForm.devinfo_secret.value && !confirm("' . $msgSecretSameAsExtension . '")) || isEmpty() && !confirm("'.$msgConfirmSecret.'")', 'failvalidationmsg' => $msgInvalidSecret); 
     4562    $tmparr['secret'] = array('value' => '', 'level' => 0, 'jsvalidation' => '(isEmpty() && !confirm("'.$msgConfirmSecret.'") || (!isEmpty() && weakSecret())', 'failvalidationmsg' => $msgInvalidSecret); 
    45644563    $tmparr['notransfer'] = array('value' => 'yes', 'level' => 1); 
    45654564    $tmparr['context'] = array('value' => 'from-internal', 'level' => 1); 
    45664565    $tmparr['host'] = array('value' => 'dynamic', 'level' => 1); 
     
    45774576 
    45784577    // sip 
    45794578    $tmparr = array(); 
    4580     $tmparr['secret'] = array('value' => '', 'level' => 0, 'jsvalidation' => '(' . $_REQUEST['extdisplay'] . ' == theForm.devinfo_secret.value && !confirm("' . $msgSecretSameAsExtension . '")) || isEmpty() && !confirm("'.$msgConfirmSecret.'")', 'failvalidationmsg' => $msgInvalidSecret); 
     4579    $tmparr['secret'] = array('value' => '', 'level' => 0, 'jsvalidation' => '(isEmpty() && !confirm("'.$msgConfirmSecret.'") || (!isEmpty() && weakSecret())', 'failvalidationmsg' => $msgInvalidSecret); 
    45814580    $tmparr['dtmfmode'] = array('value' => 'rfc2833', 'level' => 0, 'jsvalidation' => 'isEmpty()', 'failvalidationmsg' => $msgInvalidDTMFMODE ); 
    45824581    $tmparr['canreinvite'] = array('value' => 'no', 'level' => 1); 
    45834582    $tmparr['context'] = array('value' => 'from-internal', 'level' => 1); 
     
    47494748        $devoptjs = isset($devoptarr['jsvalidation']) ? $devoptarr['jsvalidation'] : ''; 
    47504749        $devoptfailmsg = isset($devoptarr['failvalidationmsg']) ? $devoptarr['failvalidationmsg'] : ''; 
    47514750 
     4751        // We compare the existing secret against what might be in the put to detect changes when validating 
     4752        if ($devopt == "secret") 
     4753        { 
     4754          $currentcomponent->addguielem($section, new gui_hidden($devopname . "_origional", $devoptcurrent), 4); 
     4755        } 
     4756 
    47524757        if ( $devoptarr['level'] == 0 || ($extdisplay && $devoptarr['level'] == 1) ) { // editing to show advanced as well 
    47534758          $currentcomponent->addguielem($section, new gui_textbox($devopname, $devoptcurrent, $devopt, '', $devoptjs, $devoptfailmsg), 4); 
    47544759        } else { // add so only basic