--- vmail.cgi.orig	2004-05-27 16:27:11.000000000 -0500
+++ vmail.cgi	2004-06-16 15:56:31.000000000 -0500
@@ -1,4 +1,4 @@
-#!/usr/bin/perl
+#!/usr/bin/perl -w
 #
 # Web based Voicemail for Asterisk
 #
@@ -10,12 +10,32 @@
 #
 # (icky, I know....  if you know better perl please help!)
 #
+# --------------------------------------------------------------------------------------------------------------
+# 20040614 wwarneck (wwarneck@scc.net) / Eric Osterberg (ejo1@scc.net) - Sound Choice Communications LLC - MN,US
+#  added support for db or flat file authentication schemes
+# --------------------------------------------------------------------------------------------------------------
 #
 use CGI qw/:standard/;
 use Carp::Heavy;
 use CGI::Carp qw(fatalsToBrowser);
 
+# -- customizable stuff here -----------------------------------------------------------------------------------
+
+# call custom authentication routine
+%db = (
+        hostname        => "localhost",
+        username        => "ast33isk",
+        password        => "aSsew0",
+        database        => "voicemail",
+        users           => "users"
+);
+authentication_mysql();
+
+$context = "default"; 	# Define here your by default context (so you dont need to put voicemail@context in the login
 @validfolders = ( "INBOX", "Old", "Work", "Family", "Friends", "Cust1", "Cust2", "Cust3", "Cust4", "Cust5" );
+$footer = "<hr><font size=-1><a href=\"http://www.asterisk.org\">The Asterisk Open Source PBX</a> Copyright 2002, <a href=\"http://www.digium.com\">Digium, Inc.</a></a>";
+$webtitle = "Sound Choice Communications Web-Voicemail";
+$astpath = "/_asterisk";
 
 %formats = (
 	"wav" => {
@@ -35,30 +55,29 @@
 	}
 );
 
-$astpath = "/_asterisk";
-
 $stdcontainerstart = "<table align=center width=600><tr><td>\n";
-#$footer = "<hr><font size=-1><a href=\"http://www.asterisk.org\">The Asterisk Open Source PBX</a> Copyright 2002, <a href=\"http://www.digium.com\">Digium, Inc.</a></a>";
-$footer = "<hr>Sound Choice Communications";
 $stdcontainerend = "</td></tr><tr><td align=right>$footer</td></tr></table>\n";
 
+# --------------------------------------------------------------------------------------------------------------
+
 sub login_screen() {
 	print header;
 	my ($message) = @_;
 	print <<_EOH;
 
-<TITLE>Asterisk Web-Voicemail</TITLE>
+<TITLE>$webtitle</TITLE>
 <BODY BGCOLOR="white">
 $stdcontainerstart
 <FORM METHOD="post">
 <input type=hidden name="action" value="login">
 <table align=center>
-<tr><td></td></tr>
-<tr><td><h1>Voicemail Login</h1></td></tr>
+<tr><td valign=top align=center rowspan=6><img align=center src="$astpath/animlogo.gif"></td></tr>
+<tr><td align=center colspan=2><font size=+2>Voice Mail Login</font></td></tr>
 <tr><td align=center colspan=2><font size=+1>$message</font></td></tr>
 <tr><td>Mailbox:</td><td><input type=text name="mailbox"></td></tr>
 <tr><td>Password:</td><td><input type=password name="password"></td></tr>
 <tr><td align=right colspan=2><input value="Login" type=submit></td></tr>
+<input type=hidden name="context" value="$context">
 </table>
 </FORM>
 $stdcontainerend
@@ -88,7 +107,7 @@
 	if (!$filename) {
 		$filename = "/etc/asterisk/voicemail.conf";
 	}
-#	print header;
+	#print header;
 #	print "Including <h2>$filename</h2> while in <h2>$category</h2>...\n";
 	open(VMAIL, "<$filename") || die("Bleh, no $filename");
 	while(<VMAIL>) {
@@ -101,11 +120,12 @@
 			}
 		} elsif (/\[(.*)\]/) {
 			$category = $1;
-		} elsif ($category ne "general") {
+		} elsif (($category ne "general") && ($category ne "zonemessages")) { 
 			if (/([^\s]+)\s*\=\>?\s*(.*)/) {
 				@fields = split(/\,\s*/, $2);
-#				print "<p>Mailbox is $1\n";
+				#print "<p>Mailbox is $1\n";
 				if (($mbox eq $1) && ($pass eq $fields[0]) && ($context eq $category)) {
+					#print $fields[1] . " <- f1 and stringy thing -> Extension $mbox in $context cat -> $category";
 					return ($fields[1] ? $fields[1] : "Extension $mbox in $context", $category);
 				}
 			}
@@ -115,6 +135,109 @@
 	return ("", $category);
 }
 
+sub authentication_mysql()
+{
+	# voodoo magic
+	if(\&check_login != \&mysql_check_login) {
+		undef &check_login;
+		*check_login = \&mysql_check_login;	
+	}
+	if(\&validmailbox != \&mysql_validmailbox) {
+		undef &validmailbox;
+		*validmailbox = \&mysql_validmailbox;
+	}
+	if(\&mailbox_list != \&mysql_mailbox_list) {
+		undef &mailbox_list;
+		*mailbox_list = \&mysql_mailbox_list;
+	}
+}
+
+sub mysql_check_login()
+{
+	use DBI;
+	use DBD::mysql;
+
+        local $sql;
+        local ($mbox, $context) = split(/\@/, param('mailbox'));
+        local $pass = param('password');
+
+        if (!$context) {
+                $context = "default";
+        }
+
+	$dbh = DBI->connect("dbi:mysql:$db{database}:$db{hostname}:","$db{username}","$db{password}");
+	if (!$dbh) {
+		die("could not connect to $db{database}");
+	}
+
+	$sql = "SELECT * FROM $db{users} WHERE mailbox=? AND password=? AND context=?";
+	$sth = $dbh->prepare($sql);
+	$rc = $sth->execute($mbox,$pass,$context);
+	if(!$rc) { die("bad db return value"); }
+	$row = $sth->fetchrow_hashref;
+	#print "sql: $sql :: mbox: $mbox :: pass: $pass";
+	return($row->{fullname});
+
+}
+
+sub mysql_validmailbox()
+{
+        use DBI;
+        use DBD::mysql;
+
+        local $sql;
+        local ($mbox, $context) = split(/\@/, param('mailbox'));
+        local $pass = param('password');
+
+        if (!$context) {
+                $context = "default";
+        }
+
+        $dbh = DBI->connect("dbi:mysql:$db{database}:$db{hostname}:","$db{username}","$db{password}");
+        if (!$dbh) {
+                die("could not connect to $db{database}");
+        }
+
+	$sql = "SELECT * FROM $db{users} WHERE mailbox=? AND context=?";
+	$sth = $dbh->prepare($sql);
+	$rc = $sth->execute($mbox,$context);
+	if(!$rc) { die("bad db return value"); }
+	$row = $sth->fetchrow_hashref;
+	return($row->{email} ? $row->{email} : "unknown");
+}
+
+sub mysql_mailbox_list()
+{
+        use DBI;
+        use DBD::mysql;
+
+	local ($name, $context, $current) = @_;
+
+        local $sql;
+        local ($mbox, $context) = split(/\@/, param('mailbox'));
+        local $pass = param('password');
+
+        if (!$context) {
+                $context = "default";
+        }
+
+        $dbh = DBI->connect("dbi:mysql:$db{database}:$db{hostname}:","$db{username}","$db{password}");
+        if (!$dbh) {
+                die("could not connect to $db{database}");
+        }
+
+	$sql = "SELECT * FROM $db{users}";
+	$sth = $dbh->prepare($sql);
+	$rc = $sth->execute();
+	if(!$rc) { die("bad db return value"); }
+	$ret = "<SELECT name=\"$name\">\n";
+	while($row = $sth->fetchrow_hashref) {
+		$ret .= "<OPTION>" . $row->{mailbox} . " (" . $row->{fullname} . ")</OPTION>";
+	}
+	$ret .= "</SELECT>";
+	return($ret);
+}
+
 sub validmailbox()
 {
 	local ($context, $mbox, $filename, $startcat) = @_;
@@ -143,7 +266,7 @@
 			}
 		} elsif (/\[(.*)\]/) {
 			$category = $1;
-		} elsif (($category ne "general") && ($category eq $context)) {
+		} elsif (($category ne "general") && ($category ne "zonemessages") && ($category eq $context)) {
 			if (/([^\s]+)\s*\=\>?\s*(.*)/) {
 				@fields = split(/\,\s*/, $2);
 				if (($mbox eq $1) && ($context eq $category)) {
@@ -179,11 +302,11 @@
 			$tmp .= $tmp2;
 		} elsif (/\[(.*)\]/) {
 			$category = $1;
-		} elsif ($category ne "general") {
+		} elsif (($category ne "general") && ($category ne "zonemessages")) {
 			if (/([^\s]+)\s*\=\>?\s*(.*)/) {
 				@fields = split(/\,\s*/, $2);
 				$text = "$1";
-				if ($fields[2]) {
+				if ($fields[1]) {
 					$text .= " ($fields[1])";
 				}
 				if ($1 eq $current) {
@@ -286,6 +409,7 @@
 	my ($nextaction, $msgid) = @_;
 	my $folder = param('folder');
 	my $mbox = param('mailbox');
+	my $context = param('context');
 	my $passwd = param('password');
 	my $format = param('format');
 	if (!$format) {
@@ -374,7 +498,7 @@
 <table>
 	<tr><td colspan=2 align=center><font size=+1>$folder <b>$msgid</b></font></td></tr>
 	<tr><td><b>Message:</b></td><td>$msgid</td></tr>\n
-	<tr><td><b>Mailbox:</b></td><td>$mbox</td></tr>\n
+	<tr><td><b>Mailbox:</b></td><td>$mbox\@$context</td></tr>\n
 	<tr><td><b>Folder:</b></td><td>$folder</td></tr>\n
 	<tr><td><b>From:</b></td><td>$fields->{callerid}</td></tr>\n
 	<tr><td><b>Duration:</b></td><td>$duration</td></tr>\n
@@ -383,16 +507,16 @@
 	<tr><td><b>Caller Channel:</b></td><td>$fields->{callerchan}</td></tr>\n
 	<tr><td align=center colspan=2>
 	<input name="action" type=submit value="index">&nbsp;
-	<input name="action" type=submit value="delete ">&nbsp;
+	<input name="action" type=submit value="delete ">&nbsp;<BR />
 	<input name="action" type=submit value="forward to -> ">&nbsp;
-	$mailboxes&nbsp;<BR />
+	$mailboxes&nbsp;
 	<input name="action" type=submit value="save to ->">
 	$folders&nbsp;
 	<input name="action" type=submit value="play ">
 	<input name="action" type=submit value="download">
 </td></tr>
 <tr><td colspan=2 align=center>
-<embed width=400 height=40 src="vmail.cgi?action=audio&folder=$folder&mailbox=$mbox&password=$passwd&msgid=$msgid&format=$format&dontcasheme=$$.$format" autostart=yes loop=false></embed>
+<embed width=400 height=40 src="vmail.cgi?action=audio&folder=$folder&mailbox=$mbox&context=$context&password=$passwd&msgid=$msgid&format=$format&dontcasheme=$$.$format" autostart=yes loop=false></embed>
 </td></tr></table>
 </td></tr>
 </table>
@@ -413,11 +537,12 @@
 	my $folder = param('folder');
 	my $msgid = param('msgid');
 	my $mailbox = param('mailbox');
+	my $context = param('context');
 	my $format = param('format');
 	if (!$format) {
 		$format = &getcookie('format');
 	}
-	my $path = "/var/spool/asterisk/vm/$mailbox/$folder/msg${msgid}.$format";
+	my $path = "/var/spool/asterisk/voicemail/$context/$mailbox/$folder/msg${msgid}.$format";
 
 	$msgid =~ /^\d\d\d\d$/ || die("Msgid Liar ($msgid)!");
 	grep(/^${format}$/, keys %formats) || die("Format Liar ($format)!");
@@ -508,7 +633,7 @@
 	print header(-cookie => &makecookie($format));
 	print <<_EOH;
 
-<TITLE>Asterisk Web-Voicemail: $mbox $folder</TITLE>
+<TITLE>Asterisk Web-Voicemail: $mbox\@$context $folder</TITLE>
 <BODY BGCOLOR="white">
 $stdcontainerstart
 <FORM METHOD="post">
@@ -639,7 +764,7 @@
 	}
 	
 	my $path = "/var/spool/asterisk/voicemail/$context/$mbox/$newfolder";
-	mkdir $path, 0755;
+	mkdir $path, 0770;
 	my $path = "/var/spool/asterisk/voicemail/$context/$mbox/$oldfolder";
 	opendir(DIR, $path) || die("Unable to open directory\n");
 	my @files = grep /^msg${old}\.\w+$/, readdir(DIR);
@@ -673,7 +798,7 @@
 
 sub message_copy()
 {
-	my ($mbox, $oldfolder, $old, $newmbox, $new) = @_;
+	my ($context, $mbox, $newmbox, $oldfolder, $old, $new) = @_;
 	my $oldfile, $newfile;
 	return if ($mbox eq $newmbox);
 	
@@ -686,7 +811,7 @@
 	if ($newmbox =~ /^(\w+)$/) {
 		$newmbox = $1;
 	} else {
-		die ("Invalid new mailbox<BR>\n");
+		die ("Invalid new mailbox : $newmbox <BR>\n");
 	}
 	
 	if ($oldfolder =~ /^(\w+)$/) {
@@ -707,11 +832,11 @@
 		die("Invalid old Message<BR>\n");
 	}
 	
-	my $path = "/var/spool/asterisk/vm/$newmbox";
-	mkdir $path, 0755;
-	my $path = "/var/spool/asterisk/vm/$newmbox/INBOX";
-	mkdir $path, 0755;
-	my $path = "/var/spool/asterisk/vm/$mbox/$oldfolder";
+	my $path = "/var/spool/asterisk/voicemail/$context/$newmbox";
+	mkdir $path, 0770;
+	my $path = "/var/spool/asterisk/voicemail/$context/$newmbox/INBOX";
+	mkdir $path, 0770;
+	my $path = "/var/spool/asterisk/voicemail/$context/$mbox/$oldfolder";
 	opendir(DIR, $path) || die("Unable to open directory\n");
 	my @files = grep /^msg${old}\.\w+$/, readdir(DIR);
 	closedir(DIR);
@@ -721,7 +846,7 @@
 			$tmp = $1;
 			$oldfile = $path . "/$tmp";
 			$tmp =~ s/msg${old}/msg${new}/;
-			$newfile = "/var/spool/asterisk/vm/$newmbox/INBOX/$tmp";
+			$newfile = "/var/spool/asterisk/voicemail/$context/$newmbox/INBOX/$tmp";
 #			print "Copying $oldfile to $newfile<BR>\n";
 			&file_copy($oldfile, $newfile);
 		}
@@ -789,7 +914,7 @@
 #		print header;
 		foreach $msg (@msgs) {
 #			print "Forwarding $msg from $mbox to $newmbox<BR>\n";
-			&message_copy($context, $mbox, $folder, $msg, $newmbox, sprintf "%04d", $msgcount);
+			&message_copy($context, $mbox, $newmbox, $folder, $msg, sprintf "%04d", $msgcount);
 			$msgcount++;
 		}
 		$txt = "Forwarded messages " . join(', ', @msgs) . "to $newmbox";
@@ -841,12 +966,12 @@
 			}
 		}
 		if ($del) {
-			$txt .= "Deleted messages "  . join (', ', @msgs);
+			$txt = "Deleted messages "  . join (', ', @msgs);
 		} else {
-			$txt .= "Moved messages "  . join (', ', @msgs) . " to $newfolder";
+			$txt = "Moved messages "  . join (', ', @msgs) . " to $newfolder";
 		}
 	} else {
-		$txt .= "Can't move a message to the same folder they're in already";
+		$txt = "Can't move a message to the same folder they're in already";
 	}
 	# Not as many messages now
 	$msgcount--;
@@ -885,6 +1010,9 @@
 	@msgs = ($msgid) unless @msgs;
 	{
 		($mailbox) = &check_login();
+		#print header;
+		#print "MBOX: $mailbox";
+		
 		if (length($mailbox)) {
 			if ($action eq 'login') {
 				&message_index($folder, "Welcome, $mailbox");

$folder $msgid
Message:	$msgid
Mailbox:	$mbox
Mailbox:	$mbox\@$context
Folder:	$folder
From:	$fields->{callerid}
Duration:	$duration
Caller Channel:	$fields->{callerchan}
- + - $mailboxes + $mailboxes $folders
- +