function TriggerLog($a = 0, $b = "No details.")
{
# DESCRIPTION: Logs an event, for debugging or audit purposes in the 'z_logs' table.
# FUNCTION RELEASE: 5.0.0
# FUNCTION AUTHOR: Bobby Allen (ballen@zpanel.co.uk)
$acc_key = $a;
$log_details = Cleaner('i', $b);
include 'conf/zcnf.php';
$sql = "INSERT INTO z_logs (lg_acc_fk, lg_when_ts, lg_ipaddress_vc, lg_details_tx) VALUES (" . $acc_key . ", '" . time() . "', '" . $_SERVER['REMOTE_ADDR'] . "', '" . $log_details . "')";
DataExchange("w", $z_db_name, $sql);
return;
}
<th><?php
echo $lang['16'];
?>
</th>
<td><input name="inPostCode" type="text" id="inPostCode" size="20" maxlength="10" value="<?php
echo Cleaner('o', $rowpersonal['ap_postcode_vc']);
?>
" /></td>
</tr>
<tr>
<th><?php
echo $lang['17'];
?>
</th>
<td><input name="inPhone" type="text" id="inPhone" size="20" maxlength="50" value="<?php
echo Cleaner('o', $rowpersonal['ap_phone_vc']);
?>
" /></td>
</tr>
<tr>
<th><?php
echo $lang['183'];
?>
:</th>
<td><input name="inNewPassword" type="password" id="inNewPassword" size="20" maxlength="50" />
</td>
</tr>
<tr>
<th colspan="2" align="right"><input type="hidden" name="inReturn" value="<?php
echo GetFullURL();
?>
*
*/
include 'inc/zAccountDetails.php';
include 'lang/' . GetPrefdLang($personalinfo['ap_language_vc']) . '.php';
echo $lang['2'];
echo "<br><br>";
if (isset($_GET['r']) && $_GET['r'] == 'ok') {
echo "<br><br><div class=\"zannouce\">" . $lang['61'] . "</div>";
echo "<br><br>";
}
echo "<form id=\"frmPersonalDetails\" name=\"frmPersonalDetails\" method=\"post\" action=\"runner.php?load=obj_personal\">\r\n <table class=\"zform\">\r\n <tr>\r\n <th>" . $lang['13'] . "</th>\r\n <td><input name=\"inFullname\" type=\"text\" id=\"inFullname\" size=\"40\" value=\"" . Cleaner("o", $personalinfo['ap_fullname_vc']) . "\" /></td>\r\n </tr>\r\n <tr>\r\n <th>" . $lang['14'] . "</th>\r\n <td><input name=\"inEmail\" type=\"text\" id=\"inEmail\" size=\"40\" value=\"" . Cleaner("o", $personalinfo['ap_email_vc']) . "\" /></td>\r\n </tr>\r\n <tr>\r\n <th>" . $lang['17'] . "</th>\r\n <td><input name=\"inPhone\" type=\"text\" id=\"inPhone\" size=\"20\" value=\"" . Cleaner("o", $personalinfo['ap_phone_vc']) . "\" /></td>\r\n </tr>\r\n <tr>\r\n <th>Choose Language</th>\r\n <td>";
echo "<select name=\"inTranslation\" id=\"inTranslation\">";
$handle = @opendir(GetSystemOption('zpanel_root') . "lang");
$chkdir = GetSystemOption('zpanel_root') . "lang/";
if (!$handle) {
# Log an error as the folder cannot be opened...
TriggerLog($useraccount['ac_id_pk'], $b = "Was unable to read the Language packs in (" . $chkdir . "), please ensure this folder exists.");
} else {
while ($file = readdir($handle)) {
if ($file != "." && $file != ".." && strstr($file, '.php') && !strstr($file, '_override')) {
if (str_replace(".php", "", $file) == $personalinfo['ap_language_vc']) {
echo "<option value=" . str_replace(".php", "", $file) . " selected=selected>" . str_replace(".php", "", $file) . "</option>\n";
} else {
echo "<option value=" . str_replace(".php", "", $file) . ">" . str_replace(".php", "", $file) . "</option>\n";
}
}
}
closedir($handle);
}
echo "</select>\r\n\t \r\n\t </td>\r\n </tr>\r\n <tr>\r\n <th>" . $lang['15'] . "</th>\r\n <td><textarea name=\"inAddress\" id=\"inAddress\" cols=\"45\" rows=\"5\">" . Cleaner("o", $personalinfo['ap_address_tx']) . "</textarea></td>\r\n </tr>\r\n <tr>\r\n <th>" . $lang['16'] . "</th>\r\n <td><input name=\"inPostalCode\" type=\"text\" id=\"inPostalCode\" size=\"15\" value=\"" . Cleaner("o", $personalinfo['ap_postcode_vc']) . "\" /></td>\r\n </tr>\r\n <tr>\r\n <th> </th>\r\n <td align=\"right\"><input type=\"hidden\" name=\"inReturnURL\" id=\"inReturnURL\" value=\"" . GetFullURL() . "\" /><input type=\"submit\" name=\"" . $lang['18'] . "\" id=\"" . $lang['18'] . "\" value=\"Submit\" /></td>\r\n </tr>\r\n </table>\r\n</form>";
<td><input name="inDiskQuota" type="text" id="inDiskQuota" value="<?php
echo Cleaner('o', $rowquotas['qt_diskspace_bi'] / 1024000);
?>
" size="10" maxlength="10" />
<?php
echo $lang['100'];
?>
</td>
</tr>
<tr>
<th><?php
echo $lang['99'];
?>
:</th>
<td><input name="inBandQuota" type="text" id="inBandQuota" value="<?php
echo Cleaner('o', $rowquotas['qt_bandwidth_bi'] / 1024000);
?>
" size="10" maxlength="10" />
<?php
echo $lang['100'];
?>
</td>
</tr>
<tr>
<th colspan="2" align="right"><input type="hidden" name="inReturn" value="<?php
echo GetFullURL();
?>
" /><input type="hidden" name="inPackageID" value="<?php
echo $rowpackage['pk_id_pk'];
?>
" /><input type="hidden" name="inAction" value="edit" /><input type="submit" name="inSubmit" id="inSubmit" value="<?php
}
if (isset($_GET['reset'])) {
# There has been a password reset request...
echo "<br><h2>" . $lang['194'] . "</h2>";
echo $lang['193'];
echo "<br><br>";
?>
<form id="frmResetPassword" name="frmResetPassword" method="post" action="runner.php?load=obj_mail">
<table class="zform">
<tr>
<th><?php
echo $lang['14'];
?>
</th>
<td><?php
echo Cleaner('o', $_GET['reset']);
?>
</td>
</tr>
<tr>
<th><?php
echo $lang['116'];
?>
:</th>
<td><input name="inPassword" type="password" id="inPassword"/></td>
</tr>
<tr>
<th colspan="2" align="right"><input type="hidden" name="inReturn" value="<?php
echo GetFullURL();
?>
" />
<th><?php
echo $lang['185'];
?>
</th>
<th></th>
</tr>
<?php
do {
?>
<tr>
<td><?php
echo Cleaner('o', $rowforwarders['fw_address_vc']);
?>
</td>
<td><?php
echo Cleaner('o', $rowforwarders['fw_destination_vc']);
?>
</td>
<td><input type="submit" name="inDelete_<?php
echo $rowforwarders['fw_id_pk'];
?>
" id="inDelete_<?php
echo $rowforwarders['fw_id_pk'];
?>
" value="<?php
echo $lang['84'];
?>
" /><input type="hidden" name="ForwardMailbox" value="<?php
echo $rowforwarders['fw_address_vc'];
?>
" /><input type="hidden" name="fw_address_vc" value="<?php
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
# Now we need to declare and cleanup some variables
$acc_fk = $useraccount['ac_id_pk'];
$returnurl = Cleaner('o', $_POST['inReturn']);
# Now we turn the values that are avaliable to be saved...
$sql = "SELECT * FROM z_settings WHERE st_editable_in=1";
$listoptions = DataExchange("r", $z_db_name, $sql);
$rowoptions = mysql_fetch_assoc($listoptions);
if (isset($_POST['inSaveSystem'])) {
do {
# Now we simply update the account details based on the current session.
DataExchange("w", $z_db_name, "UPDATE z_settings SET st_value_tx='" . Cleaner('o', $_POST['' . $rowoptions['st_name_vc'] . '']) . "' WHERE st_name_vc = '" . $rowoptions['st_name_vc'] . "'");
} while ($rowoptions = mysql_fetch_assoc($listoptions));
}
if (isset($_POST['inSaveTemplate'])) {
DataExchange("w", $z_db_name, "UPDATE z_settings SET st_value_tx='" . Cleaner('o', $_POST['inTemplate']) . "' WHERE st_name_vc = 'zpanel_template'");
DataExchange("w", $z_db_name, "UPDATE z_settings SET st_value_tx='" . Cleaner('o', str_replace(".php", "", $_POST['inTranslation'])) . "' WHERE st_name_vc = 'zpanel_lang'");
}
if (isset($_POST['inSaveWelcome'])) {
DataExchange("w", $z_db_name, "UPDATE z_settings SET st_value_tx='" . htmlentities($_POST['inWelcome']) . "' WHERE st_name_vc = 'zpanel_welcome'");
}
$returnurl = GetNormalModuleURL($returnurl) . "&r=ok";
header("location: " . $returnurl . "");
exit;
*
* ZPanel - A Cross-Platform Open-Source Web Hosting Control panel.
*
* @package ZPanel
* @version $Id$
* @author Bobby Allen - ballen@zpanelcp.com
* @copyright (c) 2008-2011 ZPanel Group - http://www.zpanelcp.com/
* @license http://opensource.org/licenses/gpl-3.0.html GNU Public License v3
*
* This program (ZPanel) is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
# Now we need to declare and cleanup some variables
$acc_fk = $useraccount['ac_id_pk'];
$returnurl = $_POST['inReturn'];
# Now we simply update the account details based on the current session.
DataExchange("w", $z_db_name, "UPDATE z_resellers SET rc_company_vc='" . Cleaner('i', $_POST['inCompanyName']) . "' WHERE rc_acc_fk=" . $acc_fk . "");
$returnurl = GetNormalModuleURL($returnurl) . "&r=ok";
header("location: " . $returnurl . "");
exit;
# If the login process has been initiated then lets check the login!
if (isset($_SESSION['zUserID'])) {
if (isset($_GET['logout'])) {
# Lets log the user out!
$_SESSION['zUsername'] = NULL;
$_SESSION['zUserID'] = NULL;
unset($_SESSION['zUsername']);
unset($_SESSION['zUserID']);
} else {
header("location: ./");
exit;
}
} else {
if (isset($_POST['inUsername'])) {
$username = Cleaner('i', $_POST['inUsername']);
$password = Cleaner('i', $_POST['inPassword']);
$sql = "SELECT ac_id_pk, ac_user_vc FROM z_accounts WHERE ac_user_vc='" . $username . "' AND ac_pass_vc='" . md5($password) . "' AND ac_deleted_ts IS NULL";
$checklogin = DataExchange("l", $z_db_name, $sql);
$accountexists = DataExchange("t", $z_db_name, $sql);
$_SESSION['zUsername'] = $checklogin['ac_user_vc'];
$_SESSION['zUserID'] = $checklogin['ac_id_pk'];
include 'inc/zAccountDetails.php';
$is_admin = $permissionset['pr_admin_in'];
if ($accountexists > 0) {
if ($lockdown_option == 1) {
if ($is_admin == 1) {
TriggerLog($checklogin['ac_id_pk'], "User has logged into ZPanel.");
$sql = "UPDATE z_settings SET st_value_tx='http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "' WHERE st_name_vc='login_url';";
DataExchange("w", $z_db_name, $sql);
header("location: ./index.php");
exit;
if (ShowServerPlatform() == 'Windows') {
$api_resault = zapi_cronjob_add(GetSystemOption('cron_file'), $cronid['ct_id_pk'], $_POST['inTiming'], ChangeSafeSlashesToWin(GetSystemOption('php_exer')), RemoveDoubleSlash(ChangeSafeSlashesToWin(GetSystemOption('hosted_dir') . $useraccount['ac_user_vc'] . '/' . $_POST['inScript'])));
} else {
$api_resault = zapi_cronjob_add(GetSystemOption('cron_file'), $cronid['ct_id_pk'], $_POST['inTiming'], GetSystemOption('php_exer'), RemoveDoubleSlash(GetSystemOption('hosted_dir') . $useraccount['ac_user_vc'] . '/' . $_POST['inScript']));
}
if ($api_resault == false) {
# The cronjob was not added for some reason!
# We will remove the cron id from the database so it will not show as active.
$sql = "UPDATE z_cronjobs SET ct_deleted_ts=" . time() . " WHERE ct_id_pk=" . $cronid['ct_id_pk'] . "";
DataExchange("w", $z_db_name, $sql);
TriggerLog($useraccount['ac_id_pk'], $b = "Was unable to write to the crontab file (" . GetSystemOption('cron_file') . "), check that the file is not read-only and that the file path in the ZPanel settings is correct.");
header("location: " . GetNormalModuleURL($returnurl) . "&r=error");
exit;
}
# Now we add some infomation to the system log.
TriggerLog($useraccount['ac_id_pk'], $b = "New cron job has been added by user (" . Cleaner('i', $_POST['inScript']) . ")\rDescription:-\r" . Cleaner('i', $_POST['inDescription']) . "");
header("location: " . GetNormalModuleURL($returnurl) . "&r=ok");
exit;
}
if ($_POST['inAction'] == 'delete') {
# User has choosen to delete the task...
do {
if (isset($_POST['inDelete_' . $rowtasks['ct_id_pk']])) {
# Call the API function!
$api_resault = zapi_cronjob_remove(GetSystemOption('cron_file'), $rowtasks['ct_id_pk']);
if ($api_resault == false) {
# The cronjob was not deleted for some reason!
TriggerLog($useraccount['ac_id_pk'], $b = "Was unable to write to the crontab file (" . GetSystemOption('cron_file') . "), check that the file is not read-only and that the file path in the ZPanel settings is correct.");
header("location: " . GetNormalModuleURL($returnurl) . "&r=error");
exit;
}
DataExchange("w", $z_db_name, $sql);
$sql = "INSERT INTO z_permissions (pr_package_fk) VALUES (" . $packageid['pk_id_pk'] . ");";
DataExchange("w", $z_db_name, $sql);
# Insert default mod_bw quota limits for package
$sql = "SELECT * FROM z_throttle WHERE tr_id_pk=1";
$throttledefaults = DataExchange("l", $z_db_name, $sql);
$sql = "UPDATE z_quotas SET qt_bwenabled_in = '" . $throttledefaults['tr_bwenabled_in'] . "',\r\n\t\t\t\t\t\t\t\tqt_dlenabled_in = '" . $throttledefaults['tr_dlenabled_in'] . "',\r\n\t\t\t\t\t\t\t\tqt_totalbw_fk = '" . $throttledefaults['tr_totalbw_fk'] . "',\r\n\t\t\t\t\t\t\t\tqt_minbw_fk = '" . $throttledefaults['tr_minbw_fk'] . "',\r\n\t\t\t\t\t\t\t\tqt_maxcon_fk = '" . $throttledefaults['tr_maxcon_fk'] . "',\r\n\t\t\t\t\t\t\t\tqt_filesize_fk = '" . $throttledefaults['tr_filespeed_fk'] . "',\r\n\t\t\t\t\t\t\t\tqt_filespeed_fk = '" . $throttledefaults['tr_filespeed_fk'] . "',\r\n\t\t\t\t\t\t\t\tqt_filetype_vc = '" . $throttledefaults['tr_filetype_vc'] . "',\r\n\t\t\t\t\t\t\t\tqt_modified_in = '1'\r\n\t\t\t\t\t\t\t\tWHERE qt_package_fk = '" . $packageid['pk_id_pk'] . "'";
DataExchange("w", $z_db_name, $sql);
header("location: " . $returnurl . "&r=ok");
exit;
}
if ($_POST['inAction'] == 'edit') {
# User has choosen to edit a package...
$sql = "UPDATE z_packages SET pk_name_vc='" . Cleaner('i', $_POST['inPackageName']) . "',\r\n\t\t\t\t\t\t\t\tpk_enablephp_in=" . GetCheckboxValue($_POST['inEnablePHP']) . ",\r\n\t\t\t\t\t\t\t\tpk_enablecgi_in=" . GetCheckboxValue($_POST['inEnableCGI']) . " WHERE pk_id_pk=" . $_POST['inPackageID'] . "";
DataExchange("w", $z_db_name, $sql);
$sql = "UPDATE z_quotas SET qt_domains_in=" . Cleaner('i', $_POST['inNoDomains']) . ",\r\n\t\t\t\t\t\t\t\t\tqt_subdomains_in=" . Cleaner('i', $_POST['inNoSubDomains']) . ",\r\n\t\t\t\t\t\t\t\t\tqt_parkeddomains_in=" . Cleaner('i', $_POST['inNoParkedDomains']) . ",\r\n\t\t\t\t\t\t\t\t\tqt_mailboxes_in=" . Cleaner('i', $_POST['inNoMailboxes']) . ",\r\n\t\t\t\t\t\t\t\t\tqt_fowarders_in=" . Cleaner('i', $_POST['inNoFowarders']) . ",\r\n\t\t\t\t\t\t\t\t\tqt_distlists_in=" . Cleaner('i', $_POST['inNoDistLists']) . ",\r\n\t\t\t\t\t\t\t\t\tqt_ftpaccounts_in=" . Cleaner('i', $_POST['inNoFTPAccounts']) . ",\r\n\t\t\t\t\t\t\t\t\tqt_mysql_in=" . Cleaner('i', $_POST['inNoMySQL']) . ",\r\n\t\t\t\t\t\t\t\t\tqt_diskspace_bi=" . Cleaner('i', $_POST['inDiskQuota'] * 1024000) . ",\r\n\t\t\t\t\t\t\t\t\tqt_bandwidth_bi=" . Cleaner('i', $_POST['inBandQuota'] * 1024000) . " WHERE qt_package_fk=" . $_POST['inPackageID'] . "";
DataExchange("w", $z_db_name, $sql);
$returnurl = GetNormalModuleURL($returnurl) . "&r=ok";
header("location: " . $returnurl . "");
exit;
}
if ($_POST['inAction'] == 'delete') {
# User has choosen to delete a package...
do {
if (isset($_POST['inEdit_' . $rowpackages['pk_id_pk']])) {
header("location: " . $returnurl . "&edit=" . $rowpackages['pk_id_pk'] . "");
exit;
}
if (isset($_POST['inDelete_' . $rowpackages['pk_id_pk']])) {
$sql = "UPDATE z_packages SET pk_deleted_ts=" . time() . " WHERE pk_id_pk=" . $rowpackages['pk_id_pk'] . "";
$packageid = DataExchange("w", $z_db_name, $sql);
$alias = "ServerAlias " . $domain . " www." . $domain . "";
# Check to see if version IS Windows (If so use the default hMailServer and create domain) - Otherwise we skip it!
if (ShowServerPlatform() == 'Windows') {
if (GetSystemOption('disable_hostsen') == 'false') {
# Lets add the hostname to the HOSTS file so that the server can view the domain immediately...
@exec("C:/ZPanel/bin/zpanel/tools/setroute.exe " . $domain . "");
@exec("C:/ZPanel/bin/zpanel/tools/setroute.exe www." . $domain . "");
}
}
# Call the API!
zapi_vhparked_add(GetSystemOption('apache_vhost'), $domain, GetSystemOption('parking_path'));
# If all has gone well we need to now create the domain in the database...
$sql = "INSERT INTO z_vhosts (vh_acc_fk,\r\n\t\t\t\t\t\t\t\t\tvh_name_vc,\r\n\t\t\t\t\t\t\t\t\tvh_directory_vc,\r\n\t\t\t\t\t\t\t\t\tvh_type_in,\r\n\t\t\t\t\t\t\t\t\tvh_created_ts) VALUES (\r\n\t\t\t\t\t\t\t\t\t" . $acc_fk . ",\r\n\t\t\t\t\t\t\t\t\t'" . Cleaner('i', $domain) . "',\r\n\t\t\t\t\t\t\t\t\t'" . Cleaner('i', $homedirectoy_to_use) . "',\r\n\t\t\t\t\t\t\t\t\t3,\r\n\t\t\t\t\t\t\t\t\t" . time() . ")";
DataExchange("w", $z_db_name, $sql);
# Now we add some infomation to the system log.
TriggerLog($useraccount['ac_id_pk'], $b = "New parked domain has been added by the user (" . Cleaner('i', $_POST['inDomain']) . ").");
header("location: " . GetNormalModuleURL($returnurl) . "&r=ok");
exit;
}
if ($_POST['inAction'] == 'delete') {
# User has choosen to delete the task...
do {
if (isset($_POST['inDelete_' . $rowdomains['vh_id_pk']])) {
# Log the action in the database...
TriggerLog($useraccount['ac_id_pk'], $b = "User domain vhost ID: " . $rowdomains['ct_id_pk'] . " was deleted.");
# Call the API
zapi_vhost_remove(GetSystemOption('apache_vhost'), $rowdomains['vh_name_vc']);
# Check to see if version IS Windows (If so use the default hMailServer and create domain) - Otherwise we skip it!
if (ShowServerPlatform() == 'Windows') {
# Lets now go and try removing the domain from hMailServer (if configured in the ZPanel system settings:-
$hmaildatabase = GetSystemOption('hmailserver_db');
<input type="hidden" name="inAction" value="NewDistList" />
<input type="submit" name="inSubmit" id="inSubmit" value="<?php
echo $lang['128'];
?>
" /></th>
</tr>
</table>
</form><?php
} else {
echo $lang['234'];
}
}
# Check the see if the user wants to edit the dist list in queston...
if (isset($_GET['edit'])) {
# Get a list of the dist list users....
$sql = "SELECT * FROM z_distlists WHERE dl_acc_fk=" . $useraccount['ac_id_pk'] . " AND dl_address_vc='" . Cleaner('i', $_GET['edit']) . "' AND dl_deleted_ts IS NULL";
$listdistlist = DataExchange("r", $z_db_name, $sql);
$rowdistlist = mysql_fetch_assoc($listdistlist);
$totaldistlist = DataExchange("t", $z_db_name, $sql);
$sql = "SELECT * FROM z_distlistusers WHERE du_distlist_fk=" . $rowdistlist['dl_id_pk'] . " AND du_deleted_ts IS NULL";
$listdistlistusers = DataExchange("r", $z_db_name, $sql);
$rowdistlistusers = mysql_fetch_assoc($listdistlistusers);
$totaldistlistusers = DataExchange("t", $z_db_name, $sql);
echo "<br><h2>Edit distrubution list</h2>";
echo "<form id=\"frmNewDistListUser\" name=\"frmNewDistListUser\" method=\"post\" action=\"runner.php?load=obj_mail\">\r\n\t<table class=\"zform\">\r\n\t<tr>\r\n <th colspan=\"3\">" . $rowdistlist['dl_address_vc'] . "</th>\r\n \t</tr>\r\n\t <tr>\r\n <th> </th>\r\n <td> </td>\r\n\t<td> </td>\r\n </tr>";
if ($rowdistlistusers > 0) {
do {
echo "<tr>\r\n <th>Email Address:</th><td>" . $rowdistlistusers['du_address_vc'] . "</td>\r\n <td><input type=\"submit\" name=\"inDelete_" . $rowdistlistusers['du_id_pk'] . "\" id=\"inDelete_" . $rowforwarders['du_id_pk'] . "\" value=\"" . $lang['84'] . "\" /></td>\r\n </tr>";
} while ($rowdistlistusers = mysql_fetch_assoc($listdistlistusers));
}
echo "\r\n <tr>\r\n <th> </th>\r\n <td> </td>\r\n\t<td> </td>\r\n </tr>\r\n <tr>\r\n <th>Add new address:</th>\r\n <td><input type=\"text\" name=\"inDistListAddress\" id=\"inDistListAddress\" /></td><td> </td>\r\n </tr>\r\n <tr>\r\n <th colspan=\"3\" align=\"right\"><input type=\"hidden\" name=\"inReturn\" value=\"" . GetFullURL() . "\" />\r\n <input type=\"hidden\" name=\"inAction\" value=\"edit_distlists\" />\r\n\t\t <input type=\"hidden\" name=\"inDLID\" value=\"" . $rowdistlist['dl_id_pk'] . "\" />\r\n <input type=\"submit\" name=\"inSubmit\" id=\"inSubmit\" value=\"" . $lang['128'] . "\" /></th>\r\n </tr>\r\n</table>";
# Fist lets make sure it doesnt exist before we create the database and continue...
$sql = "SELECT * FROM z_mysql WHERE my_name_vc='" . Cleaner('i', $useraccount['ac_user_vc'] . "_" . $_POST['inDatabase']) . "' AND my_deleted_ts IS NULL";
$doesexist = DataExchange("t", $z_db_name, $sql);
if ($doesexist < 1) {
# Ok so the database doesnt exist, so lets create the database...
$api_resault = zapi_mysqldb_add($useraccount['ac_user_vc'], $_POST['inDatabase'], "utf8", "utf8_general_ci", $zdb);
if ($api_resault == false) {
# The cronjob was not added for some reason!
TriggerLog($useraccount['ac_id_pk'], $b = "Unable to create mysql database (" . $_POST['inDatabase'] . ").");
}
# If the user submitted a 'new' request then we will simply add the cron task to the database...
$sql = "INSERT INTO z_mysql (my_acc_fk,\r\n\t\t\t\t\t\t\t\t\t\tmy_name_vc,\r\n\t\t\t\t\t\t\t\t\t\tmy_created_ts) VALUES (\r\n\t\t\t\t\t\t\t\t\t\t" . $acc_fk . ",\r\n\t\t\t\t\t\t\t\t\t\t'" . Cleaner('i', $useraccount['ac_user_vc'] . "_" . $_POST['inDatabase']) . "',\r\n\t\t\t\t\t\t\t\t\t\t" . time() . ")";
DataExchange("w", $z_db_name, $sql);
# Now we have to add the entry to the cron file.
# Now we add some infomation to the system log.
TriggerLog($useraccount['ac_id_pk'], $b = "New MySQL database added by user (" . Cleaner('i', $_POST['inDatabase']) . ").");
header("location: " . GetNormalModuleURL($returnurl) . "&r=ok");
} else {
header("location: " . GetNormalModuleURL($returnurl) . "&r=exists");
}
exit;
}
if ($_POST['inAction'] == 'delete') {
# User has choosen to delete the task...
do {
if (isset($_POST['inDelete_' . $rowmysql['my_id_pk']])) {
# Ok so lets drop the MySQL database...
$api_resault = zapi_mysqldb_remove($rowmysql['my_name_vc'], $zdb);
if ($api_resault == false) {
# The cronjob was not added for some reason!
TriggerLog($useraccount['ac_id_pk'], $b = "Unable to remove mysql database (" . $rowmysql['my_name_vc'] . ").");
}
//-->
</script>
<blockquote>
<table>
<?php
do {
?>
<tr>
<td><img src="modules/advanced/faqs/item.png" width="16" height="16"></td>
<td><a href="#" onclick="toggle_visibility('<?php
echo $rowfaqs['fq_id_pk'];
?>
');"><strong><?php
echo Cleaner('o', $rowfaqs['fq_queston_tx']);
?>
</strong></a>
<div id="<?php
echo $rowfaqs['fq_id_pk'];
?>
" style="display:none;"><?php
echo Cleaner('o', $rowfaqs['fq_answer_tx']);
?>
<br><br></div></td>
</tr>
<?php
} while ($rowfaqs = mysql_fetch_assoc($listfaqs));
?>
</table>
</blockquote>
* @copyright (c) 2008-2011 ZPanel Group - http://www.zpanelcp.com/
* @license http://opensource.org/licenses/gpl-3.0.html GNU Public License v3
*
* This program (ZPanel) is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
# Now we need to declare and cleanup some variables
$acc_fk = $useraccount['ac_id_pk'];
$fullname = Cleaner("i", $_POST['inFullname']);
$email_address = Cleaner("i", $_POST['inEmail']);
$postal_address = Cleaner("i", $_POST['inAddress']);
$postal_code = Cleaner("i", $_POST['inPostalCode']);
$phone = Cleaner("i", $_POST['inPhone']);
$returnurl = $_POST['inReturnURL'];
$language = $_POST['inTranslation'];
# Now we simply update the account details based on the current session.
DataExchange("w", $z_db_name, "UPDATE z_personal SET ap_fullname_vc='" . $fullname . "', ap_email_vc='" . $email_address . "', ap_address_tx='" . $postal_address . "', ap_postcode_vc='" . $postal_code . "', ap_phone_vc='" . $phone . "', ap_language_vc='" . $language . "' WHERE ap_acc_fk=" . $acc_fk . "");
$returnurl = GetNormalModuleURL($returnurl) . "&r=ok";
header("location: " . $returnurl . "");
exit;
<th><?php
echo $lang['163'];
?>
</th>
<th></th>
</tr>
<?php
do {
?>
<tr>
<td><?php
echo Cleaner('o', $rowdomains['vh_name_vc']);
?>
</td>
<td><?php
echo Cleaner('o', $rowdomains['vh_directory_vc']);
?>
</td>
<td><?php
if ($rowdomains['vh_active_in'] == 1) {
echo "<font color=\"green\">Live</font>";
} else {
echo "<font color=\"orange\">Pending</font>";
}
?>
</td>
<td><input type="submit" name="inDelete_<?php
echo $rowdomains['vh_id_pk'];
?>
" id="inDelete_<?php
echo $rowdomains['vh_id_pk'];
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
# Now we need to declare and cleanup some variables
$acc_fk = $useraccount['ac_id_pk'];
$current_pass = Cleaner("i", $_POST['inCurPass']);
$newpass = Cleaner("i", $_POST['inNewPass']);
$conpass = Cleaner("i", $_POST['inConPass']);
$doresetmysql = Cleaner("i", $_POST['inResMySQL']);
$returnurl = $_POST['inReturnURL'];
if (md5($current_pass) != $useraccount['ac_pass_vc'] || empty($newpass)) {
# Current password does not match!
$endonerror = "&r=error";
} else {
if ($newpass == $conpass) {
# Check that the new password matches the confirmation box.
if ($doresetmysql != '1') {
# User has selected to update ZPanel account password only!
$sql = "UPDATE z_accounts SET ac_pass_vc='" . md5($newpass) . "' WHERE ac_id_pk=" . $acc_fk . "";
DataExchange("w", $z_db_name, $sql);
TriggerLog($acc_fk, "User has updated their ZPanel account password.");
$endonerror = "&r=ok";
} else {
# User has selected to change both passwords.
$obFA->Name = $ExMessageAccount;
$obFA->MinutesBetweenFetch = $ExMessagecheck;
$obFA->Port = $ExMessagePort;
$obFA->ProcessMIMERecipients = $ExMessageMIME;
$obFA->ProcessMIMEDate = '1';
$obFA->ServerAddress = $ExMessageAddress;
$obFA->ServerType = '1';
$obFA->Username = $ExMessageUser;
$obFA->UseAntiVirus = '0';
$obFA->UseAntiSpam = '0';
$obFA->EnableRouteRecipients = '0';
$obFA->DaysToKeepMessages = $ExMessageOption;
$obFA->UseSSL = $ExMessageSSL;
$Password = $ExMessagePass;
if (strlen($Password) > 0) {
$obFA->Password = $Password;
}
$obFA->Save();
$faid = $obFA->ID;
# Log the action in the database...
TriggerLog($useraccount['ac_id_pk'], $b = "Added external email acount " . $ExMessageUser . " for mailbox: " . $Usermailbox . "");
#Life is good, lets inform the user all is ok...
header("location: " . GetNormalModuleURL($returnurl) . "&r=ok");
exit;
}
if ($_POST['inAction'] == 'filter_mailbox') {
# Filter the mailbox listing
$filter = Cleaner('i', $_POST['inFilter']);
header("location: " . $returnurl . "&r=off&rfilter=" . $filter . "");
exit;
}
function zapi_mysqldb_add($username, $databasename, $charset, $collate, $zdb)
{
$sql = "CREATE DATABASE `" . Cleaner('i', $username . "_" . $databasename) . "` DEFAULT CHARACTER SET " . $charset . " COLLATE " . $collate . ";";
mysql_query($sql, $zdb);
$sql = "GRANT ALL PRIVILEGES ON `" . $username . "\\_" . $databasename . "`.* TO '" . $username . "'@'%'";
$result = mysql_query($sql, $zdb) or die(TriggerLog(1, "Error whilst granting priviledges to MySQL user, MySQL error was: " . mysql_error()));
return true;
}
<th><?php
echo $lang['166'];
?>
</th>
<th><?php
echo $lang['163'];
?>
</th>
<th></th>
</tr>
<?php
do {
?>
<tr>
<td><?php
echo Cleaner('o', $rowdomains['vh_name_vc']);
?>
</td>
<td><?php
echo date(GetSystemOption('zpanel_df'), $rowdomains['vh_created_ts']);
?>
</td>
<td><?php
if ($rowdomains['vh_active_in'] == 1) {
echo "<font color=\"green\">Live</font>";
} else {
echo "<font color=\"orange\">Pending</font>";
}
?>
</td>
<td><input type="submit" name="inDelete_<?php
$sql = "SELECT * FROM z_ftpaccounts WHERE ft_user_vc='" . $_POST['inAccount'] . "' AND ft_acc_fk=" . $acc_fk . " AND ft_deleted_ts IS NULL";
$listisowner = DataExchange("r", $z_db_name, $sql);
$rowisowner = mysql_fetch_assoc($listisowner);
$totalisowner = DataExchange("t", $z_db_name, $sql);
if ($totalisowner > 0) {
# Call the API!
$api_resault = zapi_ftpaccount_edit(GetSystemOption('filezilla_root'), $_POST['inAccount'], $_POST['inPassword']);
if ($api_resault == false) {
# The cronjob was not added for some reason!
TriggerLog($useraccount['ac_id_pk'], $b = "FTP password for user (" . Cleaner('i', $_POST['inAccount']) . ") could not be reset.");
} else {
TriggerLog($useraccount['ac_id_pk'], $b = "FTP password for user (" . Cleaner('i', $_POST['inAccount']) . ") has been reset.");
$reboot = system($filezilla_reload);
}
} else {
TriggerLog($useraccount['ac_id_pk'], $b = "FTP password for user (" . Cleaner('i', $_POST['inAccount']) . ") not been reset as you are not the owner.");
}
header("location: " . GetNormalModuleURL($returnurl) . "&r=ok");
exit;
}
if ($_POST['inAction'] == 'delete') {
# User has choosen to delete the task...
do {
#Check to make sure this isnt a password reset...
if (isset($_POST['inReset_' . $rowftpaccounts['ft_id_pk']])) {
header("location: " . GetNormalModuleURL($returnurl) . "&reset=" . $rowftpaccounts['ft_user_vc'] . "");
exit;
}
# Ok so lets just go and delete the FTP account now...
if (isset($_POST['inDelete_' . $rowftpaccounts['ft_id_pk']])) {
# Call the API!
<th><?php
echo $lang['131'];
?>
</th>
<th></th>
</tr>
<?php
do {
?>
<tr>
<td><?php
echo Cleaner('o', $rowmysql['my_name_vc']);
?>
</td>
<td><?php
echo Cleaner('o', FormatFileSize($rowmysql['my_usedspace_bi']));
?>
</td>
<td><input type="submit" name="inDelete_<?php
echo $rowmysql['my_id_pk'];
?>
" id="inDelete_<?php
echo $rowmysql['my_id_pk'];
?>
" value="<?php
echo $lang['84'];
?>
" /></td>
</tr>
<?php
} while ($rowmysql = mysql_fetch_assoc($listmysql));
</th>
<th><?php
echo $lang['112'];
?>
</th>
<th> </th>
</tr>
<?php
do {
# Get package infomation for the user...
$sql = "SELECT pk_name_vc FROM z_packages WHERE pk_id_pk=" . $rowclients['ac_package_fk'] . "";
$package = DataExchange("l", $z_db_name, $sql);
?>
<tr>
<td><?php
echo Cleaner('o', $rowclients['ac_user_vc']);
?>
</td>
<td><?php
echo $package['pk_name_vc'];
?>
</td>
<td><?php
echo FormatFileSize(GetQuotaUsages('diskspace', $rowclients['ac_id_pk']));
?>
</td>
<td><?php
echo FormatFileSize(GetQuotaUsages('bandwidth', $rowclients['ac_id_pk']));
?>
</td>
<td><input type="submit" name="inShadow_<?php
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
# Now we need to declare and cleanup some variables
$acc_fk = $useraccount['ac_id_pk'];
$returnurl = Cleaner('o', $_POST['inReturn']);
# Lets grab and archive the user's web data....
$homedir = GetSystemOption('hosted_dir') . $useraccount['ac_user_vc'];
$backupname = $useraccount['ac_user_vc'] . "_" . date("dmy_Gi", time());
$dbstamp = date("dmy_Gi", time());
# We now see what the OS is before we work out what compression command to use..
if (ShowServerPlatform() == "Windows") {
$resault = exec(ChangeSafeSlashesToWin(GetSystemOption('7z_exe') . " a -tzip -y-r " . GetSystemOption('temp_dir') . $backupname . ".zip " . $homedir . ""));
} else {
$resault = exec(GetSystemOption('7z_exe') . " -r9 " . GetSystemOption('temp_dir') . $backupname . " " . $homedir . "/*");
@chmod(GetSystemOption('temp_dir') . $backupname . ".zip", 0777);
}
# Now lets backup all MySQL datbases for the user and add them to the archive...
$sql = "SELECT * FROM z_mysql WHERE my_acc_fk=" . $useraccount['ac_id_pk'] . " AND my_deleted_ts IS NULL";
$mysql = DataExchange("r", $z_db_name, $sql);
$row_mysql = mysql_fetch_assoc($mysql);
if (isset($_POST['inNewPassword']) && $_POST['inNewPassword'] != "") {
# Get account username...
$sql = "SELECT * FROM z_accounts WHERE ac_id_pk=" . $_POST['inClientID'] . " AND ac_deleted_ts IS NULL";
$listclientid = DataExchange("r", $z_db_name, $sql);
$rowclientid = mysql_fetch_assoc($listclientid);
$resetforuser = $rowclientid['ac_user_vc'];
$sql = "UPDATE z_accounts SET ac_pass_vc='" . md5(Cleaner("i", $_POST['inNewPassword'])) . "' WHERE ac_id_pk=" . $_POST['inClientID'] . "";
DataExchange("w", $z_db_name, $sql);
$sql = "UPDATE z_accounts SET ac_pass_vc='" . md5(Cleaner("i", $_POST['inNewPassword'])) . "' WHERE ac_id_pk=" . $_POST['inClientID'] . "";
DataExchange("w", $z_db_name, $sql);
zapi_mysqluser_setpass($resetforuser, Cleaner("i", $_POST['inNewPassword']), $zdb);
TriggerLog($useraccount['ac_id_pk'], "Account password for (" . $resetforuser . ") has been reset by the account admin.");
}
# Log the package as modified so the daemon will make changes to vhosts if the client was moved to a different package.
if ($rowoldpackage['ac_package_fk'] != Cleaner('i', $_POST['inPackage'])) {
$sql = "UPDATE z_quotas SET qt_modified_in = 1 WHERE qt_package_fk = " . Cleaner('i', $_POST['inPackage']) . "";
DataExchange("w", $z_db_name, $sql);
}
$returnurl = GetNormalModuleURL($returnurl) . "&r=ok";
TriggerLog($useraccount['ac_id_pk'], $b = "User account ID: " . $_POST['inClientID'] . " was updated.");
header("location: " . $returnurl . "");
exit;
}
if ($_POST['inAction'] == 'delete') {
# User has choosen to delete a package...
do {
if (isset($_POST['inEdit_' . $rowclients['ac_id_pk']])) {
header("location: " . $returnurl . "&edit=" . $rowclients['ac_id_pk'] . "");
exit;
}
if (isset($_POST['inDelete_' . $rowclients['ac_id_pk']])) {
<th><?php
echo $lang['124'];
?>
</th>
<th></th>
</tr>
<?php
do {
?>
<tr>
<td><?php
echo Cleaner('o', $rowtasks['ct_script_vc']);
?>
</td>
<td><?php
echo Cleaner('o', $rowtasks['ct_description_tx']);
?>
</td>
<td><input type="submit" name="inDelete_<?php
echo $rowtasks['ct_id_pk'];
?>
" id="inDelete_<?php
echo $rowtasks['ct_id_pk'];
?>
" value="<?php
echo $lang['84'];
?>
" /></td>
</tr>
<?php
} while ($rowtasks = mysql_fetch_assoc($listtasks));
if (isset($_POST['inPackage'])) {
header("location: " . $returnurl . "&r=0&package=" . $inPackage . "");
exit;
}
}
# Update package bandwidth quotas
if ($_POST['inAction'] == 'EditPackage') {
$inUseBT = Cleaner('o', $_POST['inUseBT']);
$inMaxBW = Cleaner('o', $_POST['inMaxBW']);
$inMinBW = Cleaner('o', $_POST['inMinBW']);
$inMaxCon = Cleaner('o', $_POST['inMaxCon']);
$inUseFT = Cleaner('o', $_POST['inUseFT']);
$inDLsize = Cleaner('o', $_POST['inDLsize']);
$inDLspeed = Cleaner('o', $_POST['inDLspeed']);
$inQuotaID = Cleaner('o', $_POST['inQuotaID']);
$inPackage = Cleaner('o', $_POST['inPackage']);
#$inDLtype = Cleaner('o',$_POST['inDLtype']);
# Update quota table with new settings.
$sql = "UPDATE z_quotas SET qt_bwenabled_in = '" . $inUseBT . "',\r\n\t\t\t\t\t\t\t\tqt_dlenabled_in = '" . $inUseFT . "',\r\n\t\t\t\t\t\t\t\tqt_totalbw_fk = '" . $inMaxBW . "',\r\n\t\t\t\t\t\t\t\tqt_minbw_fk = '" . $inMinBW . "',\r\n\t\t\t\t\t\t\t\tqt_maxcon_fk = '" . $inMaxCon . "',\r\n\t\t\t\t\t\t\t\tqt_filesize_fk = '" . $inDLsize . "',\r\n\t\t\t\t\t\t\t\tqt_filespeed_fk = '" . $inDLspeed . "',\r\n\t\t\t\t\t\t\t\tqt_filetype_vc = '" . $inDLtype . "',\r\n\t\t\t\t\t\t\t\tqt_modified_in = '1'\r\n\t\t\t\t\t\t\t\tWHERE qt_id_pk = '" . $inQuotaID . "'";
DataExchange("w", $z_db_name, $sql);
$sql = "SELECT * FROM z_packages WHERE pk_id_pk ='" . $inPackage . "'";
$listpackages = DataExchange("r", $z_db_name, $sql);
$rowpackages = mysql_fetch_assoc($listpackages);
# Write the package mod_bw .conf
if ($inUseBT == 1) {
$inUseBT = "On";
} else {
$inUseBT = "Off";
}
if ($inUseFT == 1) {
$inUseFT = "On";
