From cec5ae9f97282dfa5619a7feab6ff15fbe0eb779 Mon Sep 17 00:00:00 2001
From: Sylvain Berfini <sylvain.berfini@belledonne-communications.com>
Date: Thu, 25 Jul 2019 13:39:41 +0200
Subject: [PATCH] Fixed SMS related issues

---
 src/misc/sms.php        | 35 +++++++++++++++++++++--------------
 src/xmlrpc/accounts.php |  7 +++----
 src/xmlrpc/aliases.php  |  5 ++---
 3 files changed, 26 insertions(+), 21 deletions(-)

diff --git a/src/misc/sms.php b/src/misc/sms.php
index 82f27f4..cce3b90 100644
--- a/src/misc/sms.php
+++ b/src/misc/sms.php
@@ -23,7 +23,8 @@
 require __DIR__ . '/../vendor/autoload.php';
 use \Ovh\Sms\SmsApi;
 
-include_once __DIR__ . '/../config/config.php';
+include_once __DIR__ . '/../database/database.php';
+include_once __DIR__ . '/../objects/sms.php';
 include_once __DIR__ . '/../misc/logging.php';
 include_once __DIR__ . '/../xmlrpc/results_values.php';
 include_once __DIR__ . '/utilities.php';
@@ -120,7 +121,7 @@ function send_sms_legacy($phone, $password) {
 	curl_close($ch);
 }
 
-function send_sms($phone, $key, $lang, $password) {
+function send_sms($phone, $key, $lang) {
 	if (!SMS_API_ENABLED) {
 		Logger::getInstance()->warning("[SMS] SMS API disabled");
 		return SMS_DISABLED;
@@ -134,24 +135,30 @@ function send_sms($phone, $key, $lang, $password) {
 	$now_date = new DateTime('now');
 	$now = $now_date->getTimestamp() * 1000;
 	
-	if (db_has_sms_already_been_sent_to($phone)) {
-		$count = db_get_sms_count($phone);
-		$time = db_get_last_sms($phone);
-		$diff = $now - $time;
-		if ($count >= SMS_COUNT_LIMIT_IN_PERIOD and $diff < SMS_TIME_PERIOD) {
-			Logger::getInstance()->error("[SMS] Last sms was sent at " . $time . ", time elapsed since then is " . $diff . "ms which is less than the configured time period " . SMS_TIME_PERIOD);
+	$database = new Database();
+	$db = $database->getConnection();
+	$sms = new SMS($db);
+	$sms->phone = $phone;
+
+	if ($sms->getOne()) {
+		$diff = $now - $sms->last_sms;
+		if ($sms->count >= SMS_COUNT_LIMIT_IN_PERIOD and $diff < SMS_TIME_PERIOD) {
+			Logger::getInstance()->error("[SMS] Last sms was sent at " . $sms->last_sms . ", time elapsed since then is " . $diff . "ms which is less than the configured time period " . SMS_TIME_PERIOD);
 			return MAX_SMS_ALLOWED_EXCEEDED;
 		} else if ($diff >= SMS_TIME_PERIOD) {
-			db_update_sms($phone, $now, 1);
+			$sms->last_sms = $now;
+			$sms->count = 1;
+			$sms->update();
 		} else {
-			$count = $count + 1;
-			db_update_sms($phone, $now, $count);
+			$sms->count = $sms->count + 1;
+			$sms->update();
 		}
 	} else {
-		db_insert_sms($phone, $now);
+		$sms->last_sms = $now;
+		$sms->count = 1;
+		$sms->create();
 	}
 	
-	
 	if (SMS_OVH_API_KEY != NULL && SMS_OVH_API_KEY != "" && SMS_OVH_API_SECRET != NULL && SMS_OVH_API_SECRET != "" && SMS_OVH_CONSUMER_KEY != NULL && SMS_OVH_CONSUMER_KEY != "" && SMS_OVH_ENDPOINT != NULL && SMS_OVH_ENDPOINT != "") {
 		try {
 			send_sms_ovh($phone, $key, $lang);
@@ -160,7 +167,7 @@ function send_sms($phone, $key, $lang, $password) {
 			Logger::getInstance()->error("[OVH-SMS] Exception: " . $e->getMessage());
 		}
 	} else if (SMS_API_URL != NULL && SMS_API_URL != "" && SMS_API_USERNAME != NULL && SMS_API_USERNAME != "" && SMS_API_PASSWORD != NULL && SMS_API_PASSWORD != "") {
-		send_sms_legacy($phone, $password);
+		send_sms_legacy($phone, $key);
 		return OK;
 	} else {
 		Logger::getInstance()->error("[SMS] No SMS API configured, discarding sms...");
diff --git a/src/xmlrpc/accounts.php b/src/xmlrpc/accounts.php
index b3c9a78..13b8e60 100644
--- a/src/xmlrpc/accounts.php
+++ b/src/xmlrpc/accounts.php
@@ -398,7 +398,7 @@ function xmlrpc_create_phone_account($method, $args) {
 			// This is a hack to allow testing without sending SMS
 			return OK;
 		}
-		$ok = send_sms($phone, $key, $lang);
+		$ok = send_sms($phone, $account->confirmation_key, $lang);
 		return $ok;
 	} else if (AUTO_ACTIVATE_ACCOUNT) {
 		if (USE_IN_APP_PURCHASES) {
@@ -628,15 +628,14 @@ function xmlrpc_recover_phone_account($method, $args) {
 	}
 
 	if (SEND_ACTIVATION_SMS) {
-		$key = generate_4_digits_code();
-		$account->confirmation_key = $key;
+		$account->confirmation_key = generate_4_digits_code();
 		$account->update();
 
 		if (!SMS_API_ENABLED) {
 			// This is a hack to allow testing without sending SMS
 			return $account->username;
 		}
-		$ok = send_sms($phone, $key, $lang);
+		$ok = send_sms($phone, $account->confirmation_key, $lang);
 		if ($ok != OK) {
 			return $ok;
 		}
diff --git a/src/xmlrpc/aliases.php b/src/xmlrpc/aliases.php
index cd47856..b7540b5 100644
--- a/src/xmlrpc/aliases.php
+++ b/src/xmlrpc/aliases.php
@@ -88,10 +88,9 @@ function xmlrpc_link_phone_number_with_account($method, $args) {
 			// This is a hack to allow testing without sending SMS
 			return OK;
 		}
-		$key = generate_4_digits_code();
-		$account->confirmation_key = $key;
+		$account->confirmation_key = generate_4_digits_code();
 		$account->update();
-		$ok = send_sms($phone, $key, $lang);
+		$ok = send_sms($phone, $account->confirmation_key, $lang);
 		return $ok;
 	}