Changeset 6232
- Timestamp:
- 07/31/08 10:04:22 (2 months ago)
- Files:
-
- modules/branches/2.5/recordings/audio.php (modified) (1 diff)
- modules/branches/2.5/recordings/module.xml (modified) (2 diffs)
- modules/branches/2.5/recordings/page.recordings.php (modified) (3 diffs)
- modules/branches/2.5/recordings/popup.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
modules/branches/2.5/recordings/audio.php
r5078 r6232 16 16 $opath = $_GET['recording']; 17 17 $path = $crypt->decrypt($opath,urldecode($REC_CRYPT_PASSWORD)); 18 $path=$opath;19 18 20 19 // strip ".." from path for security modules/branches/2.5/recordings/module.xml
r6161 r6232 2 2 <rawname>recordings</rawname> 3 3 <name>Recordings</name> 4 <version>3.3.8. 1</version>4 <version>3.3.8.2</version> 5 5 <candisable>no</candisable> 6 6 <canuninstall>no</canuninstall> … … 9 9 <description>Creates and manages system recordings, used by many other modules (eg, IVR).</description> 10 10 <changelog> 11 *3.3.8.2* #2547 remove access violation so modules dir can be locked down, fix bug in sound file path, add back encryption 11 12 *3.3.8.1* fixed typo in recordings_list 12 13 *3.3.8* #2063, #2064, #2065, #2066, #2067, #2068, #2069 modules/branches/2.5/recordings/page.recordings.php
r6196 r6232 16 16 17 17 $action = isset($_REQUEST['action'])?$_REQUEST['action']:''; 18 19 // Lite weight popup code here, don't need everything else below 20 // 21 switch ($action) { 22 case 'popup': 23 case 'audio': 24 include_once("$action.php"); 25 exit; 26 break; 27 default: 28 break; 29 } 18 30 $id = isset($_REQUEST['id'])?$_REQUEST['id']:''; 19 31 $notes = isset($_REQUEST['notes'])?$_REQUEST['notes']:''; … … 235 247 global $fcode; 236 248 global $fcode_pass; 249 global $recordings_astsnd_path; 237 250 ?> 238 251 <div class="content"> … … 498 511 499 512 $REC_CRYPT_PASSWORD = urlencode((isset($amp_conf['AMPPLAYKEY']) && trim($amp_conf['AMPPLAYKEY']) != "")?trim($amp_conf['AMPPLAYKEY']):'moufdsuu3nma0'); 500 $recurl= "modules/recordings/popup.php?cryptpass=$REC_CRYPT_PASSWORD&recording=$audio";513 $recurl=$_SERVER['PHP_SELF']."?display=recordings&action=popup&cryptpass=$REC_CRYPT_PASSWORD&recording=$audio"; 501 514 502 515 $html_txt .= "<a href='#' ".(($count)?$hidden_state:'')." type='submit' id='play$count' onClick=\"javascript:popUp('$recurl',document.prompt.sysrec$count); return false;\" input='foo'>"; modules/branches/2.5/recordings/popup.php
r5109 r6232 14 14 <head> 15 15 <TITLE>FreePBX Recording Review</TITLE> 16 <link rel="stylesheet" href=" popup.css" type="text/css">16 <link rel="stylesheet" href="modules/recordings/popup.css" type="text/css"> 17 17 <meta http-equiv="content-type" content="text/html; charset=UTF-8"> 18 18 </head> … … 21 21 <?php 22 22 23 $REC_CRYPT_PASSWORD = urlencode((isset($_REQUEST['cryptpass']) && trim($_REQUEST['cryptpass']) != "")?trim($_REQUEST['cryptpass']):'moufdsuu3nma0');24 23 25 24 $crypt = new Crypt(); 26 25 26 $REC_CRYPT_PASSWORD = (isset($_REQUEST['cryptpass']) && trim($_REQUEST['cryptpass']) != "")?trim($_REQUEST['cryptpass']):'moufdsuu3nma0'; 27 27 $file = $crypt->encrypt($_REQUEST['recording'],$REC_CRYPT_PASSWORD); 28 $ufile = $_REQUEST['recording'];29 $ file = $_REQUEST['recording'];28 $ufile = basename($_REQUEST['recording']); 29 $REC_CRYPT_PASSWORD = urlencode($REC_CRYPT_PASSWORD); 30 30 31 31 if (isset($file)) { 32 32 echo("<br>"); 33 echo("<embed src=' audio.php?cryptpass=$REC_CRYPT_PASSWORD&recording=$file' width=300, height=20 autoplay=true loop=false></embed><br>");34 echo("<br><h1 class='popup_download'>playing: $ file</h1><br>");33 echo("<embed src='".$_SERVER['PHP_SELF']."?display=recordings&action=audio&cryptpass=$REC_CRYPT_PASSWORD&recording=$file' width=300, height=20 autoplay=true loop=false></embed><br>"); 34 echo("<br><h1 class='popup_download'>playing: $ufile</h1><br>"); 35 35 } 36 36 ?>
