Agc — Vicidial.php

  • Rollback: disable agc_enabled in campaign_settings to stop processing; remove worker and revert DB columns if needed.

    • A common point of confusion for newcomers is that there isn't just one vicidial.php. Depending on the version of Vicidial you are running (SVN trunk, version 2.14, 3.x, etc.), the functionality may be split or renamed. Common variations you might see include:

    Note: Always check your specific version's file structure, as the Vicidial community frequently optimizes code organization.

    In the context of the VICIdial open-source contact center vicidial.php (located in the

    directory) is the primary web-based interface that agents use to handle calls and manage lead data. Core Functionality Agent Login Interface

    : It serves as the portal where agents input their phone credentials (phone login/password) and user credentials (username/password) to access specific campaigns. Call Control

    : Agents use this page to perform actions such as manual dialing, hanging up, transferring calls, and setting "Pause" or "Ready" statuses. Lead Information Display agc vicidial.php

    : It dynamically displays lead data (name, address, etc.) for the current call and allows agents to update this information in real-time. Technical Details File Location : Typically found at

    agc/vicidial.php is the core script for the Agent Control Graphical User Interface (GUI) in the VICIdial open-source contact center system. It serves as the primary interface where agents manage their daily calling activities, including logging in, receiving calls, and handling dispositions. Core Functionality

    Agent Interaction: This is the live operational layer where agents spend their shifts. It provides tools for manual dialing, receiving auto-dialed or inbound calls, and recording management.

    Login Flow: Accessing the script requires a two-step authentication process:

    Phone Login/Password: Authenticates the physical or softphone associated with the session. A common point of confusion for newcomers is

    Agent User/Password: Authenticates the specific agent account and assigns them to a campaign.

    Real-Time Data: The interface utilizes AJAX to communicate with the server, ensuring that lead information, call statuses, and scripts are updated without reloading the full page. Configuration and Customization AGC VICIdial PHP Setup & Agent Login Guide - KingAsterisk

    Vicidial traditionally uses FastAGI over TCP to reduce overhead, but agc is often a misnomer for legacy or direct execution modes. However, in modern Vicidial clusters:

    This distinction is critical for performance. Launching agc vicidial.php as a new process per call consumes more memory and CPU than using persistent FastAGI connections.

    When an agent interacts with the VICIdial agent screen, the browser sends HTTP POST/GET requests to agc vicidial.php. The script validates the session, executes the requested action, and returns an XML or JSON response. Note: Always check your specific version's file structure,

    Typical Request Parameters: | Parameter | Description | Example | |-----------|-------------|---------| | agent | Agent user ID | 1001 | | pass | Agent password (often hashed or plain in legacy setups) | secret | | function | Action to perform | NEXT_CALL, PAUSE, DISPO | | lead_id | Lead/customer record ID | 203944 | | campaign_id | Campaign identifier | SALES2023 | | session_name | Unique session token | 8629abc123 |

    Response Format: The script typically returns a custom key-value format or JSON:

    SUCCESS: 1
MESSAGE: Call transferred
NEXT_CALL: 1023

    agc vicidial.php is the operational backbone of the VICIdial agent experience, but its design as a stateful, API-like handler makes it a prime target for attackers. Numerous CVEs and real-world breaches have originated from insecure handling of parameters in this script. Organizations running VICIdial must move beyond default installations, enforce HTTPS, implement rigorous input sanitization, and monitor logs for anomalous requests to agc vicidial.php. Without these measures, the contact center’s entire data—including customer PII and call records—remains at significant risk.

    In the architecture of VICIDIAL, there was a problem to solve: How do you talk to the phone system (Asterisk) from a web page?

    In the early days, developers used a protocol called AGI (Asterisk Gateway Interface). This was powerful, but it could be slow. Every time a call connected, a script had to run, check a database, and tell the server what to do. In a high-volume call center, speed is money. If the connection takes 200 milliseconds too long, the customer hangs up.

    To solve this, the agi-bin directory was born. This was a special folder where scripts lived that could run instantly when the phone system triggered them.

    Among the many scripts—agi-VDAD_fix_dnc.agi (for Do Not Call lists), agi-call_log.agi—there was one script that formed the beating heart of the operation: vicidial.php (often referred to in configuration files simply as AGI=vicidial.php).