wp-plugins/twilio-wp-plugin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Security enhancement: Remove frontend browser phone interface

Browse Source 
- Updated shortcode to redirect to admin browser phone page for enhanced security
- Removed frontend browser phone assets (108KB total):
  - assets/js/browser-phone-frontend.js (85KB)
  - assets/css/browser-phone-frontend.css (23KB)
- Modified shortcode to show secure redirect interface with authentication checks
- Added new shortcode attributes: title, button_text, target
- Enhanced documentation with security improvements and new behavior
- Reduced frontend attack surface by eliminating JavaScript exposure
- Improved performance with minimal asset loading for shortcode pages

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
jknapp
2025-09-02 11:40:49 -07:00
parent 6e01e27cb9
commit 345ef43740
5 changed files with 147 additions and 3961 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
CLAUDE.md
View File

@@ -154,7 +154,7 @@ twilio-wp-plugin/
#### TWP_Shortcodes #### TWP_Shortcodes
- **Purpose**: WordPress shortcodes for frontend features - **Purpose**: WordPress shortcodes for frontend features
- **Shortcode**: `[twp_browser_phone]` - Browser phone interface - **Shortcode**: `[twp_browser_phone]` - Admin browser phone redirect interface
## 💾 Database Schema ## 💾 Database Schema
@@ -240,7 +240,7 @@ twilio-wp-plugin/
- `/smart-routing-fallback` - Routing error handler - `/smart-routing-fallback` - Routing error handler
- `/browser-fallback` - Browser phone fallback - `/browser-fallback` - Browser phone fallback
## 🎛️ AJAX Endpoints (Admin & Frontend) ## 🎛️ AJAX Endpoints (Admin Only)
### Total: 68 AJAX Actions ### Total: 68 AJAX Actions
@@ -271,12 +271,31 @@ All call control functions (`twp_toggle_hold`, `twp_transfer_call`, `twp_requeue
## 🎨 Frontend Components ## 🎨 Frontend Components
### Shortcode Implementation
The `[twp_browser_phone]` shortcode now provides a **redirect interface** instead of a full browser phone:
#### Shortcode Attributes
- **`title`**: Display title (default: "Browser Phone")
- **`button_text`**: Button text (default: "Access Browser Phone")
- **`target`**: Link target (default: "_blank" - opens in new tab)
#### Security Features
- **Login Required**: Users must be logged in to see the redirect
- **Permission Check**: Requires `twp_access_browser_phone` or `manage_options` capability
- **Error Messages**: Clear feedback for unauthorized access
#### Styling
- **Inline CSS Only**: No external CSS files loaded
- **Minimal Assets**: Reduces frontend bloat
- **Responsive Design**: Works on all device sizes
### JavaScript Files ### JavaScript Files
1. **admin.js** (116KB) - Admin interface functionality 1. **admin.js** (116KB) - Admin interface functionality
2. **browser-phone-frontend.js** (85KB) - Browser phone implementation 2. **twp-service-worker.js** (2.5KB) - Push notifications
3. **twp-service-worker.js** (2.5KB) - Push notifications
### Browser Phone Features ### Browser Phone Features (Admin Only)
- **Enhanced Security**: All browser phone functionality restricted to admin area
- **Admin URL**: `admin.php?page=twilio-wp-browser-phone`
- Twilio Device SDK integration - Twilio Device SDK integration
- Real-time call controls (hold, transfer, record) - Real-time call controls (hold, transfer, record)
- Queue monitoring dashboard - Queue monitoring dashboard
@@ -285,11 +304,36 @@ All call control functions (`twp_toggle_hold`, `twp_transfer_call`, `twp_requeue
- Visual call state indicators - Visual call state indicators
### CSS Files ### CSS Files
- **admin.css** - Admin interface styling - **admin.css** - Admin interface styling (includes browser phone UI)
- **browser-phone-frontend.css** - Browser phone UI
## 🔧 Recent Fixes & Improvements ## 🔧 Recent Fixes & Improvements
### SECURITY ENHANCEMENT: Frontend Browser Phone Removal (September 2025) - PRODUCTION READY
Major security enhancement by removing frontend browser phone interface and implementing admin-only access.
#### Browser Phone Security Enhancement
- **Frontend Interface Removed**: Eliminated full browser phone interface from frontend shortcode
- **Admin-Only Access**: All browser phone functionality moved to secure admin area
- **Asset Reduction**: Removed 108KB of frontend assets (browser-phone-frontend.js and browser-phone-frontend.css)
- **Redirect Interface**: Shortcode now provides secure redirect to admin browser phone page
- **Enhanced Permissions**: Strict capability checking with clear error messages for unauthorized users
- **Reduced Attack Surface**: Minimized frontend JavaScript exposure and potential security vectors
- **Performance Improvement**: Reduced frontend asset loading and improved page load times
#### Shortcode Transformation
- **Security-First Design**: Login and permission validation before any functionality access
- **Minimal Asset Loading**: Only essential inline CSS for redirect interface styling
- **Responsive Redirect**: Professional redirect interface works on all devices
- **Customizable Attributes**: title, button_text, and target attributes for flexibility
- **Clear Error Messaging**: Informative error messages for authentication and authorization failures
#### Technical Implementation
- **File Removal**: `assets/js/browser-phone-frontend.js` and `assets/css/browser-phone-frontend.css` eliminated
- **Inline Styling**: Minimal CSS injected only when shortcode is present on page
- **Permission System**: Leverages WordPress capability system (`twp_access_browser_phone` or `manage_options`)
- **Admin URL Generation**: Secure admin_url() function for proper WordPress admin integration
- **Target Control**: Configurable link target (_blank by default for better UX)
### PRODUCTION READY: Extension Transfer System Overhaul (September 2025) - FULLY RESOLVED ### PRODUCTION READY: Extension Transfer System Overhaul (September 2025) - FULLY RESOLVED
Comprehensive overhaul of extension-based call transfers with enterprise-grade reliability. Comprehensive overhaul of extension-based call transfers with enterprise-grade reliability.

82
README.md
View File

@@ -46,7 +46,8 @@ This plugin **requires** the Twilio PHP SDK v8.7.0 to function. The plugin will
- **Queue Notifications**: SMS alerts to designated numbers when calls enter queues - **Queue Notifications**: SMS alerts to designated numbers when calls enter queues
### 🌐 Browser Phone (WebRTC) ### 🌐 Browser Phone (WebRTC)
- **In-Browser Calling**: Make and receive calls directly from WordPress admin or frontend - **Admin-Only Access**: Secure browser phone interface available only in WordPress admin area
- **Enhanced Security**: All browser phone functionality moved from frontend for improved security
- **Twilio Voice SDK v2**: Uses latest SDK for WebRTC functionality - **Twilio Voice SDK v2**: Uses latest SDK for WebRTC functionality
- **Visual Dialpad**: Click-to-dial interface with DTMF support - **Visual Dialpad**: Click-to-dial interface with DTMF support
- **Call Controls**: Mute, hold indicators, call timer - **Call Controls**: Mute, hold indicators, call timer
@@ -54,7 +55,7 @@ This plugin **requires** the Twilio PHP SDK v8.7.0 to function. The plugin will
- **Queue Integration**: Accept calls from specific queues - **Queue Integration**: Accept calls from specific queues
- **Token Management**: Automatic token refresh for uninterrupted service - **Token Management**: Automatic token refresh for uninterrupted service
- **Mobile-Friendly**: Responsive design optimized for smartphones and tablets - **Mobile-Friendly**: Responsive design optimized for smartphones and tablets
- **Shortcode Support**: Embed browser phone on any page with `[twp_browser_phone]` - **Shortcode Redirect**: `[twp_browser_phone]` shortcode provides secure redirect to admin interface
### 🕒 Business Hours Management ### 🕒 Business Hours Management
- **Schedule-based Routing**: Different call flows for business hours vs after-hours - **Schedule-based Routing**: Different call flows for business hours vs after-hours
@@ -113,7 +114,15 @@ This plugin **requires** the Twilio PHP SDK v8.7.0 to function. The plugin will
## Recent Updates ## Recent Updates
### MAJOR RELEASE v2.3.0 (September 2025) - Enterprise Ready ### MAJOR RELEASE v2.3.0 (September 2025) - Enterprise Ready
Comprehensive system overhaul with production-ready reliability improvements. Comprehensive system overhaul with production-ready reliability improvements and enhanced security.
#### 🔒 Security Enhancement: Frontend Browser Phone Removal
- **Security-First Approach**: Removed full browser phone interface from frontend shortcode
- **Admin-Only Access**: All browser phone functionality now restricted to secure WordPress admin area
- **Asset Reduction**: Eliminated 108KB of frontend assets (browser-phone-frontend.js and CSS)
- **Reduced Attack Surface**: Minimized frontend JavaScript exposure and potential security vectors
- **Performance Boost**: Improved page load times with reduced frontend asset loading
- **Professional Redirect**: Shortcode now provides clean redirect interface to admin browser phone
#### 🚀 Extension Transfer System - Complete Solution #### 🚀 Extension Transfer System - Complete Solution
- **FIXED: Direct Voicemail Issue**: Extension transfers no longer go directly to voicemail for available agents - **FIXED: Direct Voicemail Issue**: Extension transfers no longer go directly to voicemail for available agents
@@ -326,11 +335,16 @@ Comprehensive redesign of hold, transfer, and requeue functionality with profess
- Enter TwiML App SID - Enter TwiML App SID
- Save settings - Save settings
3. **Access Browser Phone**: 3. **Access Browser Phone** (Admin Only):
- Navigate to **Twilio** → **Browser Phone** - Navigate to **WordPress Admin** → **Twilio** → **Browser Phone**
- Select caller ID from available numbers - Select caller ID from available numbers
- Start making/receiving calls - Start making/receiving calls
4. **Frontend Access** (Optional):
- Use `[twp_browser_phone]` shortcode on any page
- Shortcode provides secure redirect to admin interface
- Requires user login and appropriate permissions
### Agent Configuration ### Agent Configuration
1. **Create Agent Groups** (Twilio → Agent Groups) 1. **Create Agent Groups** (Twilio → Agent Groups)
2. **Add Agents** to groups with priorities 2. **Add Agents** to groups with priorities
@@ -356,37 +370,41 @@ Comprehensive redesign of hold, transfer, and requeue functionality with profess
- **Queue Timeouts**: Alert when calls wait too long (configurable threshold) - **Queue Timeouts**: Alert when calls wait too long (configurable threshold)
- **Missed Calls**: Alert when calls are abandoned or timeout - **Missed Calls**: Alert when calls are abandoned or timeout
## Frontend Browser Phone ## Browser Phone Access
### Shortcode Usage ### Shortcode Usage (Redirect Interface)
The browser phone can be embedded on any WordPress page using the `[twp_browser_phone]` shortcode. This is perfect for creating dedicated agent pages or customer service portals. The `[twp_browser_phone]` shortcode now provides a **secure redirect interface** that directs users to the WordPress admin browser phone page for enhanced security.
**Basic Usage:** **Basic Usage:**
``` ```
[twp_browser_phone] [twp_browser_phone]
``` ```
**With Options:** **With Custom Options:**
``` ```
[twp_browser_phone title="Customer Service Phone" show_title="true" compact="false"] [twp_browser_phone title="Customer Service Phone" button_text="Access Phone System" target="_blank"]
``` ```
### Shortcode Parameters ### Shortcode Parameters
- **title**: Custom title for the phone widget (default: "Browser Phone") - **title**: Custom title for the redirect interface (default: "Browser Phone")
- **show_title**: Display the title above the phone (default: "true") - **button_text**: Text for the admin link button (default: "Access Browser Phone")
- **compact**: Use compact layout for smaller spaces (default: "false") - **target**: Link target behavior (default: "_blank" - opens in new tab)
### Permission Requirements ### Security Features
- Users must be **logged in** to access the browser phone - **Authentication Required**: Users must be logged in to see the redirect interface
- Users need the **`twp_access_browser_phone`** capability or **`manage_options`** - **Permission Validation**: Requires `twp_access_browser_phone` capability or `manage_options`
- Phone Agent role users have access by default - **Clear Error Messages**: Informative feedback for unauthorized access attempts
- **Admin-Only Interface**: All browser phone functionality restricted to WordPress admin area
### Mobile Optimization ### Browser Phone Interface (Admin Area)
- **Responsive Design**: Adapts to all screen sizes Access the full browser phone interface at: **WordPress Admin → Twilio → Browser Phone**
- **Touch-Friendly**: Large buttons optimized for mobile devices
- **Haptic Feedback**: Vibration on button press (where supported) #### Features:
- **Auto-Zoom Prevention**: Proper viewport handling for mobile browsers - **Enhanced Security**: Protected by WordPress admin authentication
- **Dark Mode Support**: Automatically adapts to user's system preference - **Full Functionality**: Complete browser phone features available in secure environment
- **Responsive Design**: Adapts to all screen sizes within admin interface
- **Professional Interface**: Integrated with WordPress admin styling
- **No Frontend Assets**: Eliminates security risks from frontend JavaScript exposure
## Voice Configuration ## Voice Configuration
@@ -407,10 +425,12 @@ The browser phone can be embedded on any WordPress page using the `[twp_browser_
### Common Issues ### Common Issues
#### Browser Phone "Client version not supported" #### Browser Phone Access Issues
- **Fixed in latest version**: Upgraded to Voice SDK v2 - **Access via Admin Only**: Browser phone moved to WordPress admin area for security
- Clear browser cache and reload page - **Shortcode Redirect**: Frontend shortcode now provides redirect to admin interface
- Check TwiML App SID is configured - **Permission Required**: Ensure user has `twp_access_browser_phone` or `manage_options` capability
- **Login Required**: Users must be logged in to access browser phone functionality
- Check TwiML App SID is configured in WordPress admin settings
#### "Twilio SDK classes not available" #### "Twilio SDK classes not available"
```bash ```bash
@@ -519,6 +539,10 @@ All webhooks are REST API endpoints under `/wp-json/twilio-webhook/v1/`:
- **Mobile Browsers**: Limited WebRTC support - **Mobile Browsers**: Limited WebRTC support
### Security Considerations ### Security Considerations
- **Admin-Only Browser Phone**: All browser phone functionality restricted to WordPress admin area
- **Frontend Asset Elimination**: Removed 108KB of frontend JavaScript and CSS to reduce attack surface
- **Authentication Required**: Shortcode requires user login and appropriate permissions
- **Secure Redirects**: Frontend shortcode provides authenticated redirect to admin interface
- All webhooks use WordPress nonce verification - All webhooks use WordPress nonce verification
- Phone numbers validated and sanitized - Phone numbers validated and sanitized
- SQL queries use prepared statements - SQL queries use prepared statements
@@ -528,6 +552,10 @@ All webhooks are REST API endpoints under `/wp-json/twilio-webhook/v1/`:
## Version History ## Version History
### v2.3.0 (Current - September 2025) - ENTERPRISE READY ### v2.3.0 (Current - September 2025) - ENTERPRISE READY
- **SECURITY ENHANCEMENT**: Removed frontend browser phone interface, moved to admin-only access for enhanced security
- **ASSET REDUCTION**: Eliminated 108KB of frontend assets (browser-phone-frontend.js and CSS files)
- **SHORTCODE SECURITY**: Browser phone shortcode now provides secure redirect with authentication checks
- **ATTACK SURFACE REDUCTION**: Minimized frontend JavaScript exposure and potential security vectors
- **EXTENSION TRANSFER SYSTEM**: Complete overhaul with queue-based routing, 2-minute timeout, and automatic voicemail fallback - **EXTENSION TRANSFER SYSTEM**: Complete overhaul with queue-based routing, 2-minute timeout, and automatic voicemail fallback
- **BROWSER PHONE UNIVERSAL**: Firefox support, permission management, call stability, and cross-browser compatibility - **BROWSER PHONE UNIVERSAL**: Firefox support, permission management, call stability, and cross-browser compatibility
- **AGENT STATUS AUTOMATION**: 1-minute auto-revert system with WordPress cron job integration - **AGENT STATUS AUTOMATION**: 1-minute auto-revert system with WordPress cron job integration

1340
assets/css/browser-phone-frontend.css
View File

File diff suppressed because it is too large Load Diff

2373
assets/js/browser-phone-frontend.js
View File

File diff suppressed because it is too large Load Diff

255
includes/class-twp-shortcodes.php
View File

@@ -21,67 +21,44 @@ class TWP_Shortcodes {
/** /**
* Enqueue frontend assets when shortcode is present * Enqueue frontend assets when shortcode is present
* Since we now redirect to admin, only basic styling is needed
*/ */
public static function enqueue_frontend_assets() { public static function enqueue_frontend_assets() {
global $post; global $post;
if (is_a($post, 'WP_Post') && has_shortcode($post->post_content, 'twp_browser_phone')) { if (is_a($post, 'WP_Post') && has_shortcode($post->post_content, 'twp_browser_phone')) {
// Enqueue Twilio Voice SDK from unpkg CDN (same as backend) // Add basic styling for the redirect interface
wp_enqueue_script( wp_add_inline_style('wp-admin', '
'twilio-voice-sdk', .twp-browser-phone-redirect {
'https://unpkg.com/@twilio/voice-sdk@2.11.0/dist/twilio.min.js', padding: 20px;
array(), border: 1px solid #ddd;
'2.11.0', border-radius: 5px;
false // Load in head to ensure it's available background: #f9f9f9;
); text-align: center;
margin: 20px 0;
// Add backup SDK loading }
wp_add_inline_script('twilio-voice-sdk', " .twp-browser-phone-redirect h3 {
window.twpLoadTwilioSDK = function() { margin-top: 0;
if (typeof Twilio === 'undefined') { color: #333;
console.warn('Primary Twilio SDK failed, attempting fallback load'); }
var script = document.createElement('script'); .twp-browser-phone-redirect p {
script.src = 'https://unpkg.com/@twilio/voice-sdk@2.11.0/dist/twilio.min.js'; margin-bottom: 15px;
script.onload = function() { console.log('Fallback Twilio SDK loaded'); }; }
script.onerror = function() { console.error('Fallback Twilio SDK failed'); }; .twp-error {
document.head.appendChild(script); padding: 10px;
} border: 1px solid #dc3232;
}; border-radius: 3px;
background: #fbeaea;
// Try loading after a delay if not available color: #dc3232;
setTimeout(window.twpLoadTwilioSDK, 2000); margin: 10px 0;
", 'after'); }
');
// Enqueue our browser phone script
wp_enqueue_script(
'twp-browser-phone-frontend',
TWP_PLUGIN_URL . 'assets/js/browser-phone-frontend.js',
array('jquery', 'twilio-voice-sdk'),
TWP_VERSION,
true
);
// Enqueue mobile-friendly styles
wp_enqueue_style(
'twp-browser-phone-frontend',
TWP_PLUGIN_URL . 'assets/css/browser-phone-frontend.css',
array(),
TWP_VERSION
);
// Localize script with AJAX data
wp_localize_script('twp-browser-phone-frontend', 'twp_frontend_ajax', array(
'ajax_url' => admin_url('admin-ajax.php'),
'admin_url' => admin_url(),
'nonce' => wp_create_nonce('twp_frontend_nonce'),
'user_id' => get_current_user_id(),
'is_logged_in' => is_user_logged_in()
));
} }
} }
/** /**
* Browser phone shortcode handler * Browser phone shortcode handler
* Redirects users to the admin browser phone page
*/ */
public static function browser_phone_shortcode($atts) { public static function browser_phone_shortcode($atts) {
// Check if user is logged in // Check if user is logged in
@@ -97,174 +74,24 @@ class TWP_Shortcodes {
// Parse shortcode attributes // Parse shortcode attributes
$atts = shortcode_atts(array( $atts = shortcode_atts(array(
'title' => 'Browser Phone', 'title' => 'Browser Phone',
'show_title' => 'true', 'button_text' => 'Access Browser Phone',
'compact' => 'false' 'target' => '_blank'
), $atts, 'twp_browser_phone'); ), $atts, 'twp_browser_phone');
$show_title = ($atts['show_title'] === 'true'); // Generate admin URL for browser phone page
$compact_mode = ($atts['compact'] === 'true'); $admin_url = admin_url('admin.php?page=twilio-wp-browser-phone');
$target = ($atts['target'] === '_blank') ? 'target="_blank"' : '';
ob_start(); ob_start();
?> ?>
<div id="twp-frontend-browser-phone" class="twp-browser-phone-container <?php echo $compact_mode ? 'compact' : ''; ?>"> <div class="twp-browser-phone-redirect">
<?php if ($show_title): ?> <h3><?php echo esc_html($atts['title']); ?></h3>
<h3 class="twp-browser-phone-title"><?php echo esc_html($atts['title']); ?></h3> <p>The browser phone interface has been moved to the WordPress admin area for enhanced security and functionality.</p>
<?php endif; ?> <p>
<a href="<?php echo esc_url($admin_url); ?>" <?php echo $target; ?> class="button button-primary">
<!-- Connection Status --> <?php echo esc_html($atts['button_text']); ?>
<div class="twp-connection-status"> </a>
<span class="status-indicator offline" id="twp-status-indicator"></span> </p>
<span class="status-text" id="twp-status-text">Connecting...</span>
</div>
<!-- Phone Number Selection -->
<div class="twp-phone-selection">
<label for="twp-caller-id">Caller ID:</label>
<select id="twp-caller-id" class="twp-select">
<option value="">Loading...</option>
</select>
</div>
<!-- Dial Pad -->
<div class="twp-dialpad">
<div class="twp-number-display">
<input type="tel" id="twp-dial-number" placeholder="Enter number to dial" />
<button id="twp-clear-number" class="twp-btn-clear" title="Clear">×</button>
</div>
<div class="twp-dial-grid">
<button class="twp-dial-btn" data-digit="1">1<span></span></button>
<button class="twp-dial-btn" data-digit="2">2<span>ABC</span></button>
<button class="twp-dial-btn" data-digit="3">3<span>DEF</span></button>
<button class="twp-dial-btn" data-digit="4">4<span>GHI</span></button>
<button class="twp-dial-btn" data-digit="5">5<span>JKL</span></button>
<button class="twp-dial-btn" data-digit="6">6<span>MNO</span></button>
<button class="twp-dial-btn" data-digit="7">7<span>PQRS</span></button>
<button class="twp-dial-btn" data-digit="8">8<span>TUV</span></button>
<button class="twp-dial-btn" data-digit="9">9<span>WXYZ</span></button>
<button class="twp-dial-btn" data-digit="*">*</button>
<button class="twp-dial-btn" data-digit="0">0<span>+</span></button>
<button class="twp-dial-btn" data-digit="#">#</button>
</div>
</div>
<!-- Call Controls -->
<div class="twp-call-controls">
<button id="twp-call-btn" class="twp-btn twp-btn-primary">
<span class="call-icon">📞</span>
<span class="call-text">Call</span>
</button>
<button id="twp-hangup-btn" class="twp-btn twp-btn-danger" style="display: none;">
<span class="hangup-icon">📞</span>
<span class="hangup-text">Hang Up</span>
</button>
<button id="twp-resume-btn" class="twp-btn twp-btn-warning" style="display: none;">
<span class="resume-icon">▶️</span>
<span class="resume-text">Resume Call</span>
</button>
</div>
<!-- Call Info -->
<div class="twp-call-info" id="twp-call-info" style="display: none;">
<div class="call-timer">
<span class="timer-label">Call Duration:</span>
<span class="timer-value" id="twp-call-timer">00:00</span>
</div>
<div class="call-status">
<span id="twp-call-status">Connecting...</span>
</div>
</div>
<!-- Call Control Panel (shown during active calls) -->
<div class="twp-call-controls-panel" id="twp-call-controls-panel" style="display: none;">
<div class="call-control-buttons">
<button id="twp-hold-btn" class="twp-btn twp-btn-control" title="Put call on hold">
Hold
</button>
<button id="twp-transfer-btn" class="twp-btn twp-btn-control" title="Transfer to another agent">
Transfer
</button>
<button id="twp-requeue-btn" class="twp-btn twp-btn-control" title="Put call back in queue">
Requeue
</button>
<button id="twp-record-btn" class="twp-btn twp-btn-control" title="Start/stop recording">
Record
</button>
</div>
</div>
<!-- Queue Management Section -->
<div class="twp-queue-section" id="twp-queue-section">
<h4>Your Queues</h4>
<div class="twp-queue-list" id="twp-queue-list">
<div class="queue-loading">Loading queues...</div>
</div>
<!-- Queue Actions (Always Visible) -->
<div class="queue-global-actions" id="twp-queue-global-actions" style="display: none;">
<div class="global-queue-actions">
<button id="twp-refresh-queues" class="twp-btn twp-btn-secondary">
Refresh
</button>
<button id="twp-alert-toggle" class="twp-btn twp-btn-secondary alert-off">
🔕 Alerts OFF
</button>
</div>
</div>
<!-- Queue Controls (Only When Call Selected) -->
<div class="twp-queue-controls" id="twp-queue-controls" style="display: none;">
<div class="selected-queue-info">
<h5 id="selected-queue-name">No queue selected</h5>
<div class="queue-stats">
<span class="waiting-count">Waiting: <span id="twp-waiting-count">0</span></span>
<span class="queue-size">Max: <span id="twp-queue-max-size">-</span></span>
</div>
</div>
<div class="queue-actions">
<button id="twp-accept-queue-call" class="twp-btn twp-btn-success">
Accept Next Call
</button>
</div>
</div>
</div>
<!-- Voicemail Section -->
<div class="twp-voicemail-section" id="twp-voicemail-section">
<div class="voicemail-header" id="twp-voicemail-header">
<h4>Recent Voicemails</h4>
<div class="voicemail-summary">
<span class="summary-stats">
Total: <span id="twp-total-voicemails">0</span> |
Today: <span id="twp-today-voicemails">0</span>
</span>
<button class="voicemail-toggle" id="twp-voicemail-toggle">
<span class="toggle-icon">▼</span>
</button>
</div>
</div>
<div class="voicemail-content" id="twp-voicemail-content" style="display: none;">
<div class="twp-voicemail-list" id="twp-voicemail-list">
<div class="voicemail-loading">Loading voicemails...</div>
</div>
<div class="voicemail-actions">
<button id="twp-refresh-voicemails" class="twp-btn twp-btn-secondary">
Refresh
</button>
<button id="twp-view-all-voicemails" class="twp-btn twp-btn-secondary">
View All
</button>
</div>
</div>
</div>
<!-- Audio elements for incoming calls handled by browser -->
<audio id="twp-ringtone" style="display: none;"></audio>
<!-- Error/Success Messages -->
<div class="twp-messages" id="twp-messages"></div>
</div> </div>
<?php <?php
return ob_get_clean(); return ob_get_clean();