function add_ip(&$tpl, &$sql) { global $ip_number_1, $ip_number_2, $ip_number_3, $ip_number_4; global $domain, $alias; if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_ip') { if (check_user_data()) { //add ip global $ip_number_1, $ip_number_2, $ip_number_3, $ip_number_4; $ip_number = trim($ip_number_1) . '.' . trim($ip_number_2) . '.' . trim($ip_number_3) . '.' . trim($ip_number_4); $query = <<<SQL_QUERY insert into server_ips (ip_number,ip_domain,ip_alias) values (?,?,?) SQL_QUERY; $rs = exec_query($sql, $query, array($ip_number, htmlspecialchars($domain, ENT_QUOTES, "UTF-8"), htmlspecialchars($alias, ENT_QUOTES, "UTF-8"))); set_page_message(tr('New IP was added!')); $user_logged = $_SESSION['user_logged']; write_log("{$user_logged}: add new IP4 address: {$ip_number}"); } $tpl->assign(array('VALUE_IP1' => $_POST['ip_number_1'], 'VALUE_IP2' => $_POST['ip_number_2'], 'VALUE_IP3' => $_POST['ip_number_3'], 'VALUE_IP4' => $_POST['ip_number_4'], 'VALUE_DOMAIN' => $_POST['domain'], 'VALUE_ALIAS' => $_POST['alias'])); } else { $tpl->assign(array('VALUE_IP1' => '', 'VALUE_IP2' => '', 'VALUE_IP3' => '', 'VALUE_IP4' => '', 'VALUE_DOMAIN' => '', 'VALUE_ALIAS' => '')); } }
/** * @param EasySCP_TemplateEngine $tpl */ function add_reseller($tpl) { global $reseller_ips; $cfg = EasySCP_Registry::get('Config'); $sql = EasySCP_Registry::get('Db'); if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_reseller') { if (check_user_data()) { $upass = crypt_user_pass($_POST['pass']); $user_id = $_SESSION['user_id']; $username = clean_input($_POST['username']); $fname = clean_input($_POST['fname']); $lname = clean_input($_POST['lname']); $gender = clean_input($_POST['gender']); $firm = clean_input($_POST['firm']); $zip = clean_input($_POST['zip']); $city = clean_input($_POST['city']); $state = clean_input($_POST['state']); $country = clean_input($_POST['country']); $email = clean_input($_POST['email']); $phone = clean_input($_POST['phone']); $fax = clean_input($_POST['fax']); $street1 = clean_input($_POST['street1']); $street2 = clean_input($_POST['street2']); $query = "\n\t\t\t\tINSERT INTO `admin` (\n\t\t\t\t\t`admin_name`,\n\t\t\t\t\t`admin_pass`,\n\t\t\t\t\t`admin_type`,\n\t\t\t\t\t`domain_created`,\n\t\t\t\t\t`created_by`,\n\t\t\t\t\t`fname`,\n\t\t\t\t\t`lname`,\n\t\t\t\t\t`firm`,\n\t\t\t\t\t`zip`,\n\t\t\t\t\t`city`,\n\t\t\t\t\t`state`,\n\t\t\t\t\t`country`,\n\t\t\t\t\t`email`,\n\t\t\t\t\t`phone`,\n\t\t\t\t\t`fax`,\n\t\t\t\t\t`street1`,\n\t\t\t\t\t`street2`,\n\t\t\t\t\t`gender`\n\t\t\t\t) VALUES (\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t'reseller',\n\t\t\t\t\tunix_timestamp(),\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?\n\t\t\t\t)\n\t\t\t"; exec_query($sql, $query, array($username, $upass, $user_id, $fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender)); $new_admin_id = $sql->insertId(); $user_logged = $_SESSION['user_logged']; write_log("{$user_logged}: add reseller: {$username}"); // $user_def_lang = $cfg->USER_INITIAL_LANG; $user_def_lang = ''; // $user_theme_color = $cfg->USER_INITIAL_THEME; $user_theme_color = ''; $query = "\n\t\t\t\tINSERT INTO `user_gui_props`\n\t\t\t\t\t(\n\t\t\t\t\t`user_id`,\n\t\t\t\t\t`lang`,\n\t\t\t\t\t`layout`\n\t\t\t\t\t)\n\t\t\t\tVALUES\n\t\t\t\t\t(?, ?, ?)\n\t\t\t"; exec_query($sql, $query, array($new_admin_id, $user_def_lang, $user_theme_color)); /* * 'reseller_props' table entry; */ $nreseller_max_domain_cnt = clean_input($_POST['nreseller_max_domain_cnt']); $nreseller_max_subdomain_cnt = clean_input($_POST['nreseller_max_subdomain_cnt']); $nreseller_max_alias_cnt = clean_input($_POST['nreseller_max_alias_cnt']); $nreseller_max_mail_cnt = clean_input($_POST['nreseller_max_mail_cnt']); $nreseller_max_ftp_cnt = clean_input($_POST['nreseller_max_ftp_cnt']); $nreseller_max_sql_db_cnt = clean_input($_POST['nreseller_max_sql_db_cnt']); $nreseller_max_sql_user_cnt = clean_input($_POST['nreseller_max_sql_user_cnt']); $nreseller_max_traffic = clean_input($_POST['nreseller_max_traffic']); $nreseller_max_disk = clean_input($_POST['nreseller_max_disk']); $customer_id = clean_input($_POST['customer_id']); $support_system = clean_input($_POST['support_system']); $query = "\n\t\t\t\tINSERT INTO `reseller_props` (\n\t\t\t\t\t`reseller_id`, `reseller_ips`,\n\t\t\t\t\t`max_dmn_cnt`, `current_dmn_cnt`,\n\t\t\t\t\t`max_sub_cnt`, `current_sub_cnt`,\n\t\t\t\t\t`max_als_cnt`, `current_als_cnt`,\n\t\t\t\t\t`max_mail_cnt`, `current_mail_cnt`,\n\t\t\t\t\t`max_ftp_cnt`, `current_ftp_cnt`,\n\t\t\t\t\t`max_sql_db_cnt`, `current_sql_db_cnt`,\n\t\t\t\t\t`max_sql_user_cnt`, `current_sql_user_cnt`,\n\t\t\t\t\t`max_traff_amnt`, `current_traff_amnt`,\n\t\t\t\t\t`max_disk_amnt`, `current_disk_amnt`,\n\t\t\t\t\t`support_system`, `customer_id`\n\t\t\t\t) VALUES (\n\t\t\t\t\t?, ?,\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, ?\n\t\t\t\t)\n\t\t\t\t"; exec_query($sql, $query, array($new_admin_id, $reseller_ips, $nreseller_max_domain_cnt, $nreseller_max_subdomain_cnt, $nreseller_max_alias_cnt, $nreseller_max_mail_cnt, $nreseller_max_ftp_cnt, $nreseller_max_sql_db_cnt, $nreseller_max_sql_user_cnt, $nreseller_max_traffic, $nreseller_max_disk, $support_system, $customer_id)); send_add_user_auto_msg($user_id, clean_input($_POST['username']), $_POST['pass'], clean_input($_POST['email']), clean_input($_POST['fname']), clean_input($_POST['lname']), tr('Reseller'), $gender); $_SESSION['reseller_added'] = 1; user_goto('manage_users.php'); } else { $tpl->assign(array('EMAIL' => clean_input($_POST['email'], true), 'USERNAME' => clean_input($_POST['username'], true), 'FIRST_NAME' => clean_input($_POST['fname'], true), 'CUSTOMER_ID' => clean_input($_POST['customer_id'], true), 'LAST_NAME' => clean_input($_POST['lname'], true), 'FIRM' => clean_input($_POST['firm'], true), 'ZIP' => clean_input($_POST['zip'], true), 'CITY' => clean_input($_POST['city'], true), 'STATE' => clean_input($_POST['state'], true), 'COUNTRY' => clean_input($_POST['country'], true), 'STREET_1' => clean_input($_POST['street1'], true), 'STREET_2' => clean_input($_POST['street2'], true), 'PHONE' => clean_input($_POST['phone'], true), 'FAX' => clean_input($_POST['fax'], true), 'VL_MALE' => $_POST['gender'] == 'M' ? $cfg->HTML_SELECTED : '', 'VL_FEMALE' => $_POST['gender'] == 'F' ? $cfg->HTML_SELECTED : '', 'VL_UNKNOWN' => $_POST['gender'] == 'U' || empty($_POST['gender']) ? $cfg->HTML_SELECTED : '', 'MAX_DOMAIN_COUNT' => clean_input($_POST['nreseller_max_domain_cnt'], true), 'MAX_SUBDOMAIN_COUNT' => clean_input($_POST['nreseller_max_subdomain_cnt'], true), 'MAX_ALIASES_COUNT' => clean_input($_POST['nreseller_max_alias_cnt'], true), 'MAX_MAIL_USERS_COUNT' => clean_input($_POST['nreseller_max_mail_cnt'], true), 'MAX_FTP_USERS_COUNT' => clean_input($_POST['nreseller_max_ftp_cnt'], true), 'MAX_SQLDB_COUNT' => clean_input($_POST['nreseller_max_sql_db_cnt'], true), 'MAX_SQL_USERS_COUNT' => clean_input($_POST['nreseller_max_sql_user_cnt'], true), 'MAX_TRAFFIC_AMOUNT' => clean_input($_POST['nreseller_max_traffic'], true), 'MAX_DISK_AMOUNT' => clean_input($_POST['nreseller_max_disk'], true), 'SUPPORT_SYSTEM_YES' => $_POST['support_system'] == 'yes' ? $cfg->HTML_SELECTED : '', 'SUPPORT_SYSTEM_NO' => $_POST['support_system'] == 'no' ? $cfg->HTML_SELECTED : '', 'SUPPORT_SYSTEM' => clean_input($_POST['support_system'], true))); } } else { $tpl->assign(array('EMAIL' => '', 'USERNAME' => '', 'FIRST_NAME' => '', 'CUSTOMER_ID' => '', 'LAST_NAME' => '', 'FIRM' => '', 'ZIP' => '', 'CITY' => '', 'STATE' => '', 'COUNTRY' => '', 'STREET_1' => '', 'STREET_2' => '', 'PHONE' => '', 'FAX' => '', 'VL_MALE' => '', 'VL_FEMALE' => '', 'VL_UNKNOWN' => $cfg->HTML_SELECTED, 'MAX_DOMAIN_COUNT' => '', 'MAX_SUBDOMAIN_COUNT' => '', 'MAX_ALIASES_COUNT' => '', 'MAX_MAIL_USERS_COUNT' => '', 'MAX_FTP_USERS_COUNT' => '', 'MAX_SQLDB_COUNT' => '', 'MAX_SQL_USERS_COUNT' => '', 'MAX_TRAFFIC_AMOUNT' => '', 'MAX_DISK_AMOUNT' => '', 'SUPPORT_SYSTEM_YES' => $cfg->HTML_SELECTED, 'SUPPORT_SYSTEM_NO' => '')); } }
/** * @param EasySCP_TemplateEngine $tpl */ function add_ip($tpl) { $cfg = EasySCP_Registry::get('Config'); if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_ip') { if (check_user_data()) { $sql_param = array(':ip_number' => trim($_POST['ip_number_1']) . '.' . trim($_POST['ip_number_2']) . '.' . trim($_POST['ip_number_3']) . '.' . trim($_POST['ip_number_4']), ':ip_number_v6' => trim($_POST['ipv6']), ':ip_domain' => htmlspecialchars(trim($_POST['domain']), ENT_QUOTES, 'UTF-8'), ':ip_alias' => htmlspecialchars(trim($_POST['alias']), ENT_QUOTES, 'UTF-8'), ':ip_card' => htmlspecialchars(trim($_POST['ip_card']), ENT_QUOTES, 'UTF-8'), ':ip_ssl_domain_id' => NULL, ':ip_status' => $cfg->ITEM_OK_STATUS); $sql_query = "\n\t\t\t\tINSERT INTO\n\t\t\t\t\tserver_ips (ip_number, ip_number_v6, ip_domain, ip_alias, ip_card, ip_ssl_domain_id, ip_status)\n\t\t\t\tVALUES\n\t\t\t\t\t(:ip_number, :ip_number_v6, :ip_domain, :ip_alias, :ip_card, :ip_ssl_domain_id, :ip_status)\n\t\t\t"; DB::prepare($sql_query); DB::execute($sql_param)->closeCursor(); // todo Prüfen wie man das zukünftig behandeln soll // send_request(); set_page_message(tr('New IP was added!'), 'success'); write_log('{' . $_SESSION['user_logged'] . '}: adds new IPv4 address: {' . trim($_POST['ip_number_1']) . '.' . trim($_POST['ip_number_2']) . '.' . trim($_POST['ip_number_3']) . '.' . trim($_POST['ip_number_4']) . '}!'); if (isset($_POST['ipv6']) && $_POST['ipv6'] != '') { write_log('{' . $_SESSION['user_logged'] . '}: adds new IPv6 address: {' . trim($_POST['ipv6']) . '}!'); } $sucess = true; } } if (!isset($sucess) && isset($_POST['ip_number_1'])) { $tpl->assign(array('VALUE_IP1' => tohtml($_POST['ip_number_1']), 'VALUE_IP2' => tohtml($_POST['ip_number_2']), 'VALUE_IP3' => tohtml($_POST['ip_number_3']), 'VALUE_IP4' => tohtml($_POST['ip_number_4']), 'VALUE_IPv6' => tohtml($_POST['ipv6']), 'VALUE_DOMAIN' => clean_input($_POST['domain'], true), 'VALUE_ALIAS' => clean_input($_POST['alias'], true))); } else { $tpl->assign(array('VALUE_IP1' => '', 'VALUE_IP2' => '', 'VALUE_IP3' => '', 'VALUE_IP4' => '', 'VALUE_IPv6' => '', 'VALUE_DOMAIN' => '', 'VALUE_ALIAS' => '')); } }
function send_circular(&$tpl, &$sql) { if (isset($_POST['uaction']) && $_POST['uaction'] === 'send_circular') { if (check_user_data($tpl)) { send_reseller_users_message(&$sql, $_SESSION['user_id']); unset($_POST['uaction']); gen_page_data($tpl, $sql); } } }
/** * @param $tpl iMSCP_pTemplate * @return void */ function add_user($tpl) { /** @var $cfg iMSCP_Config_Handler_File */ $cfg = iMSCP_Registry::get('config'); if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_user') { iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeAddUser); if (check_user_data()) { $upass = cryptPasswordWithSalt(clean_input($_POST['password'])); $user_id = $_SESSION['user_id']; $username = clean_input($_POST['username']); $fname = clean_input($_POST['fname']); $lname = clean_input($_POST['lname']); $gender = clean_input($_POST['gender']); $firm = clean_input($_POST['firm']); $zip = clean_input($_POST['zip']); $city = clean_input($_POST['city']); $state = clean_input($_POST['state']); $country = clean_input($_POST['country']); $email = clean_input($_POST['email']); $phone = clean_input($_POST['phone']); $fax = clean_input($_POST['fax']); $street1 = clean_input($_POST['street1']); $street2 = clean_input($_POST['street2']); if (get_gender_by_code($gender, true) === null) { $gender = ''; } $query = "\n\t\t\t\tINSERT INTO `admin` (\n\t\t\t\t\t`admin_name`, `admin_pass`, `admin_type`, `domain_created`, `created_by`, `fname`, `lname`, `firm`,\n\t\t\t\t\t`zip`, `city`, `state`, `country`, `email`, `phone`, `fax`, `street1`, `street2`, `gender`\n\t\t\t\t) VALUES (\n\t\t\t\t\t?, ?, 'admin', unix_timestamp(), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?\n\t\t\t\t)\n\t\t\t"; exec_query($query, array($username, $upass, $user_id, $fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender)); /** @var $db iMSCP_Database */ $db = iMSCP_Registry::get('db'); $new_admin_id = $db->insertId(); $user_logged = $_SESSION['user_logged']; write_log("{$user_logged}: add admin: {$username}", E_USER_WARNING); $user_def_lang = $cfg->USER_INITIAL_LANG; $user_theme_color = $cfg->USER_INITIAL_THEME; $query = "\n\t\t\t\tREPLACE INTO `user_gui_props` (\n\t\t\t\t\t`user_id`, `lang`, `layout`\n\t\t\t\t) VALUES (\n\t\t\t\t\t?, ?, ?\n\t\t\t\t)\n\t\t\t"; exec_query($query, array($new_admin_id, $user_def_lang, $user_theme_color)); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterAddUser); send_add_user_auto_msg($user_id, clean_input($_POST['username']), clean_input($_POST['password']), clean_input($_POST['email']), clean_input($_POST['fname']), clean_input($_POST['lname']), tr('Administrator')); //$_SESSION['user_added'] = 1; set_page_message(tr('Admin account successfully created.'), 'success'); redirectTo('manage_users.php'); } else { // check user data $tpl->assign(array('EMAIL' => clean_input($_POST['email'], true), 'USERNAME' => clean_input($_POST['username'], true), 'FIRST_NAME' => clean_input($_POST['fname'], true), 'LAST_NAME' => clean_input($_POST['lname'], true), 'FIRM' => clean_input($_POST['firm'], true), 'ZIP' => clean_input($_POST['zip'], true), 'CITY' => clean_input($_POST['city'], true), 'STATE' => clean_input($_POST['state'], true), 'COUNTRY' => clean_input($_POST['country'], true), 'STREET_1' => clean_input($_POST['street1'], true), 'STREET_2' => clean_input($_POST['street2'], true), 'PHONE' => clean_input($_POST['phone'], true), 'FAX' => clean_input($_POST['fax'], true), 'VL_MALE' => $_POST['gender'] == 'M' ? $cfg->HTML_SELECTED : '', 'VL_FEMALE' => $_POST['gender'] == 'F' ? $cfg->HTML_SELECTED : '', 'VL_UNKNOWN' => $_POST['gender'] == 'U' || empty($_POST['gender']) ? $cfg->HTML_SELECTED : '')); } } else { $tpl->assign(array('EMAIL' => '', 'USERNAME' => '', 'FIRST_NAME' => '', 'LAST_NAME' => '', 'FIRM' => '', 'ZIP' => '', 'CITY' => '', 'STATE' => '', 'COUNTRY' => '', 'STREET_1' => '', 'STREET_2' => '', 'PHONE' => '', 'FAX' => '', 'VL_MALE' => '', 'VL_FEMALE' => '', 'VL_UNKNOWN' => $cfg->HTML_SELECTED)); } }
/** * @param EasySCP_TemplateEngine $tpl */ function add_user($tpl) { $cfg = EasySCP_Registry::get('Config'); $sql = EasySCP_Registry::get('Db'); if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_user') { if (check_user_data()) { $upass = crypt_user_pass($_POST['pass']); $user_id = $_SESSION['user_id']; $username = clean_input($_POST['username']); $fname = clean_input($_POST['fname']); $lname = clean_input($_POST['lname']); $gender = clean_input($_POST['gender']); $firm = clean_input($_POST['firm']); $zip = clean_input($_POST['zip']); $city = clean_input($_POST['city']); $state = clean_input($_POST['state']); $country = clean_input($_POST['country']); $email = clean_input($_POST['email']); $phone = clean_input($_POST['phone']); $fax = clean_input($_POST['fax']); $street1 = clean_input($_POST['street1']); $street2 = clean_input($_POST['street2']); if (get_gender_by_code($gender, true) === null) { $gender = ''; } $query = "\n\t\t\t\tINSERT INTO `admin`\n\t\t\t\t\t(\n\t\t\t\t\t\t`admin_name`,\n\t\t\t\t\t\t`admin_pass`,\n\t\t\t\t\t\t`admin_type`,\n\t\t\t\t\t\t`domain_created`,\n\t\t\t\t\t\t`created_by`,\n\t\t\t\t\t\t`fname`,\n\t\t\t\t\t\t`lname`,\n\t\t\t\t\t\t`firm`,\n\t\t\t\t\t\t`zip`,\n\t\t\t\t\t\t`city`,\n\t\t\t\t\t\t`state`,\n\t\t\t\t\t\t`country`,\n\t\t\t\t\t\t`email`,\n\t\t\t\t\t\t`phone`,\n\t\t\t\t\t\t`fax`,\n\t\t\t\t\t\t`street1`,\n\t\t\t\t\t\t`street2`,\n\t\t\t\t\t\t`gender`\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t'admin',\n\t\t\t\t\t\tunix_timestamp(),\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?\n\t\t\t\t\t)\n\t\t\t"; exec_query($sql, $query, array($username, $upass, $user_id, $fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender)); $new_admin_id = $sql->insertId(); $user_logged = $_SESSION['user_logged']; write_log("{$user_logged}: add admin: {$username}"); $user_def_lang = $_SESSION['user_def_lang']; $user_theme_color = $_SESSION['user_theme']; $query = "\n\t\t\t\tINSERT INTO `user_gui_props` (\n\t\t\t\t\t`user_id`,\n\t\t\t\t\t`lang`,\n\t\t\t\t\t`layout`\n\t\t\t\t) VALUES (?,?,?)\n\t\t\t"; exec_query($sql, $query, array($new_admin_id, $user_def_lang, $user_theme_color)); send_add_user_auto_msg($user_id, clean_input($_POST['username']), clean_input($_POST['pass']), clean_input($_POST['email']), clean_input($_POST['fname']), clean_input($_POST['lname']), tr('Administrator'), $gender); $_SESSION['user_added'] = 1; user_goto('manage_users.php'); } else { // check user data $tpl->assign(array('EMAIL' => clean_input($_POST['email'], true), 'USERNAME' => clean_input($_POST['username'], true), 'FIRST_NAME' => clean_input($_POST['fname'], true), 'LAST_NAME' => clean_input($_POST['lname'], true), 'FIRM' => clean_input($_POST['firm'], true), 'ZIP' => clean_input($_POST['zip'], true), 'CITY' => clean_input($_POST['city'], true), 'STATE' => clean_input($_POST['state'], true), 'COUNTRY' => clean_input($_POST['country'], true), 'STREET_1' => clean_input($_POST['street1'], true), 'STREET_2' => clean_input($_POST['street2'], true), 'PHONE' => clean_input($_POST['phone'], true), 'FAX' => clean_input($_POST['fax'], true), 'VL_MALE' => $_POST['gender'] == 'M' ? $cfg->HTML_SELECTED : '', 'VL_FEMALE' => $_POST['gender'] == 'F' ? $cfg->HTML_SELECTED : '', 'VL_UNKNOWN' => $_POST['gender'] == 'U' || empty($_POST['gender']) ? $cfg->HTML_SELECTED : '')); } } else { $tpl->assign(array('EMAIL' => '', 'USERNAME' => '', 'FIRST_NAME' => '', 'LAST_NAME' => '', 'FIRM' => '', 'ZIP' => '', 'CITY' => '', 'STATE' => '', 'COUNTRY' => '', 'STREET_1' => '', 'STREET_2' => '', 'PHONE' => '', 'FAX' => '', 'VL_MALE' => '', 'VL_FEMALE' => '', 'VL_UNKNOWN' => $cfg->HTML_SELECTED)); } // end else }
function update_admin_personal_data($sql, $user_id) { if (check_user_data()) { $fname = clean_input($_POST['fname']); $lname = clean_input($_POST['lname']); $gender = $_POST['gender']; $firm = clean_input($_POST['firm']); $zip = clean_input($_POST['zip']); $city = clean_input($_POST['city']); $state = clean_input($_POST['state']); $country = clean_input($_POST['country']); $street1 = clean_input($_POST['street1']); $street2 = clean_input($_POST['street2']); $email = clean_input($_POST['email']); $phone = clean_input($_POST['phone']); $fax = clean_input($_POST['fax']); $query = "\n\t\t\tUPDATE\n\t\t\t\t`admin`\n\t\t\tSET\n\t\t\t\t`fname` = ?,\n\t\t\t\t`lname` = ?,\n\t\t\t\t`firm` = ?,\n\t\t\t\t`zip` = ?,\n\t\t\t\t`city` = ?,\n\t\t\t\t`state` = ?,\n\t\t\t\t`country` = ?,\n\t\t\t\t`street1` = ?,\n\t\t\t\t`street2` = ?,\n\t\t\t\t`email` = ?,\n\t\t\t\t`phone` = ?,\n\t\t\t\t`fax` = ?,\n\t\t\t\t`gender` = ?\n\t\t\tWHERE\n\t\t\t\t`admin_id` = ?\n\t"; exec_query($sql, $query, array($fname, $lname, $firm, $zip, $city, $state, $country, $street1, $street2, $email, $phone, $fax, $gender, $user_id)); set_page_message(tr('Personal data updated successfully!'), 'success'); } }
// check if we have only hosting plans for admins - reseller should not edit them if (isset($cfg->HOSTING_PLANS_LEVEL) && $cfg->HOSTING_PLANS_LEVEL === 'admin') { user_goto('users.php?psi=last'); } // static page messages. gen_logged_from($tpl); $tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP - User/Add user(step2)'), 'TR_ADD_USER' => tr('Add user'), 'TR_HOSTING_PLAN_PROPERTIES' => tr('Hosting plan properties'), 'TR_TEMPLATE_NAME' => tr('Template name'), 'TR_MAX_DOMAIN' => tr('Max domains<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_SUBDOMAIN' => tr('Max subdomains<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_DOMAIN_ALIAS' => tr('Max aliases<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_MAIL_COUNT' => tr('Mail accounts limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_FTP' => tr('FTP accounts limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_SQL_DB' => tr('SQL databases limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_SQL_USERS' => tr('SQL users limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_TRAFFIC' => tr('Traffic limit [MB]<br /><em>(0 unlimited)</em>'), 'TR_MAX_DISK_USAGE' => tr('Disk limit [MB]<br /><em>(0 unlimited)</em>'), 'TR_PHP' => tr('PHP'), 'TR_PHP_EDIT' => tr('PHP editor'), 'TR_CGI' => tr('CGI / Perl'), 'TR_SSL' => tr('SSL support'), 'TR_BACKUP' => tr('Backup'), 'TR_BACKUP_DOMAIN' => tr('Domain'), 'TR_BACKUP_SQL' => tr('SQL'), 'TR_BACKUP_FULL' => tr('Full'), 'TR_BACKUP_NO' => tr('No'), 'TR_BACKUP_COUNT' => tr('Count backups to disk usage'), 'TR_DNS' => tr('Manual DNS support'), 'TR_YES' => tr('Yes'), 'TR_NO' => tr('No'), 'TR_NEXT_STEP' => tr('Next step'))); gen_reseller_mainmenu($tpl, 'reseller/main_menu_users_manage.tpl'); gen_reseller_menu($tpl, 'reseller/menu_users_manage.tpl'); if (!get_pageone_param()) { set_page_message(tr("Domain data has been altered. Please enter again."), 'warning'); unset_messages(); user_goto('user_add1.php'); } if (isset($_POST['uaction']) && "user_add2_nxt" === $_POST['uaction'] && !isset($_SESSION['step_one'])) { if (check_user_data()) { $_SESSION["step_two_data"] = "{$dmn_name};0;"; $newProps = array('allow_php' => $hp_php, 'allow_phpe' => $hp_phpe, 'allow_cgi' => $hp_cgi, 'subdomain_cnt' => $hp_sub, 'alias_cnt' => $hp_als, 'mail_cnt' => $hp_mail, 'ftp_cnt' => $hp_ftp, 'db_cnt' => $hp_sql_db, 'sqluser_cnt' => $hp_sql_user, 'traffic' => $hp_traff, 'disk' => $hp_disk, 'disk_countbackup' => $hp_countbackup, 'allow_backup' => $hp_backup, 'allow_dns' => $hp_dns, 'allow_ssl' => $hp_ssl); $_SESSION["ch_hpprops"] = $newProps; if (reseller_limits_check($sql, $ehp_error, $_SESSION['user_id'], 0, $_SESSION["ch_hpprops"])) { user_goto('user_add3.php'); } } } else { unset($_SESSION['step_one']); global $dmn_chp; get_hp_data($dmn_chp, $_SESSION['user_id']); } get_init_au2_page($tpl); gen_page_message($tpl); list($rsub_max, $rals_max, $rmail_max, $rftp_max, $rsql_db_max, $rsql_user_max) = check_reseller_permissions($_SESSION['user_id'], 'all_permissions');
function update_data(&$sql) { global $edit_id; if (isset($_POST['uaction']) && $_POST['uaction'] === 'edit_user') { if (check_user_data()) { $user_id = $_SESSION['user_id']; $fname = $_POST['fname']; $lname = $_POST['lname']; $firm = $_POST['firm']; $zip = $_POST['zip']; $city = $_POST['city']; $country = $_POST['country']; $email = $_POST['email']; $phone = $_POST['phone']; $fax = $_POST['fax']; $street1 = $_POST['street1']; $street2 = $_POST['street2']; if ($_POST['pass'] == '') { $query = <<<SQL_QUERY update admin set fname = ?, lname = ?, firm = ?, zip = ?, city = ?, country = ?, email = ?, phone = ?, fax = ?, street1 = ?, street2 = ? where admin_id= ? SQL_QUERY; $rs = exec_query($sql, $query, array($fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2, $edit_id)); } else { $edit_id = $_POST['edit_id']; if (chk_password($_POST['pass'])) { set_page_message(tr("Incorrect password range or syntax!")); header("Location: edit_user.php?edit_id={$edit_id}"); die; } if ($_POST['pass'] != $_POST['pass_rep']) { set_page_message(tr("Entered passwords does not match!")); header("Location: edit_user.php?edit_id={$edit_id}"); die; } $upass = crypt_user_pass($_POST['pass']); $query = <<<SQL_QUERY update admin set admin_pass = ?, fname = ?, lname = ?, firm = ?, zip = ?, city = ?, country = ?, email = ?, phone = ?, fax = ?, street1 = ?, street2 = ? where admin_id = ? SQL_QUERY; $rs = exec_query($sql, $query, array($upass, $fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2, $edit_id)); } $edit_username = $_POST['edit_username']; $user_logged = $_SESSION['user_logged']; write_log("{$user_logged}: change data/password for {$edit_username}!"); $_SESSION['user_updated'] = 1; header("Location: manage_users.php"); die; } } }
* * @link http://www.easyscp.net * @author EasySCP Team */ require '../../include/easyscp-lib.php'; check_login(__FILE__); $cfg = EasySCP_Registry::get('Config'); $tpl = EasySCP_TemplateEngine::getInstance(); $template = 'reseller/user_add1.tpl'; // static page messages gen_logged_from($tpl); $tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP - Users/Add user'), 'TR_ADD_USER' => tr('Add user'), 'TR_CORE_DATA' => tr('Core data'), 'TR_DOMAIN_NAME' => tr('Domain name'), 'TR_DOMAIN_EXPIRE' => tr('Domain expire'), 'TR_CHOOSE_HOSTING_PLAN' => tr('Choose hosting plan'), 'TR_PERSONALIZE_TEMPLATE' => tr('Personalise template'), 'TR_YES' => tr('Yes'), 'TR_NO' => tr('No'), 'TR_NEXT_STEP' => tr('Next step'), 'TR_DMN_HELP' => tr("You do not need 'www.' EasySCP will add it on its own."), 'TR_EXPIRE_CHECKBOX' => tr('or check if domain should <strong>never</strong> expire'), 'TR_SU' => tr('Su'), 'TR_MO' => tr('Mo'), 'TR_TU' => tr('Tu'), 'TR_WE' => tr('We'), 'TR_TH' => tr('Th'), 'TR_FR' => tr('Fr'), 'TR_SA' => tr('Sa'), 'TR_JANUARY' => tr('January'), 'TR_FEBRUARY' => tr('February'), 'TR_MARCH' => tr('March'), 'TR_APRIL' => tr('April'), 'TR_MAY' => tr('May'), 'TR_JUNE' => tr('June'), 'TR_JULY' => tr('July'), 'TR_AUGUST' => tr('August'), 'TR_SEPTEMBER' => tr('September'), 'TR_OCTOBER' => tr('October'), 'TR_NOVEMBER' => tr('November'), 'TR_DECEMBER' => tr('December'), 'VL_DATE_FORMAT' => jQueryDatepickerDateFormat($cfg->DATE_FORMAT))); gen_reseller_mainmenu($tpl, 'reseller/main_menu_users_manage.tpl'); gen_reseller_menu($tpl, 'reseller/menu_users_manage.tpl'); if (isset($_POST['uaction'])) { if (!check_user_data()) { get_data_au1_page($tpl); } } else { get_empty_au1_page($tpl); } get_hp_data_list($tpl, $_SESSION['user_id']); gen_page_message($tpl); if ($cfg->DUMP_GUI_DEBUG) { dump_gui_debug($tpl); } $tpl->display($template); unset_messages(); // Function declaration path /** * Check correction of entered users data
function update_reseller_user($sql) { if (isset($_POST['uaction']) && $_POST['uaction'] === 'move_user') { if (check_user_data()) { set_page_message(tr('User was moved')); } } }
function update_data($sql) { global $edit_id; $cfg = EasySCP_Registry::get('Config'); if (isset($_POST['Submit']) && isset($_POST['uaction']) && $_POST['uaction'] === 'edit_user') { if (check_user_data()) { $user_id = $_SESSION['user_id']; $fname = clean_input($_POST['fname']); $lname = clean_input($_POST['lname']); $firm = clean_input($_POST['firm']); $gender = clean_input($_POST['gender']); $zip = clean_input($_POST['zip']); $city = clean_input($_POST['city']); $state = clean_input($_POST['state']); $country = clean_input($_POST['country']); $email = clean_input($_POST['email']); $phone = clean_input($_POST['phone']); $fax = clean_input($_POST['fax']); $street1 = clean_input($_POST['street1']); $street2 = clean_input($_POST['street2']); if (empty($_POST['pass'])) { $query = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\t`admin`\n\t\t\t\t\tSET\n\t\t\t\t\t\t`fname` = ?,\n\t\t\t\t\t\t`lname` = ?,\n\t\t\t\t\t\t`firm` = ?,\n\t\t\t\t\t\t`zip` = ?,\n\t\t\t\t\t\t`city` = ?,\n\t\t\t\t\t\t`state` = ?,\n\t\t\t\t\t\t`country` = ?,\n\t\t\t\t\t\t`email` = ?,\n\t\t\t\t\t\t`phone` = ?,\n\t\t\t\t\t\t`fax` = ?,\n\t\t\t\t\t\t`street1` = ?,\n\t\t\t\t\t\t`street2` = ?,\n\t\t\t\t\t\t`gender` = ?\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`admin_id` = ?\n\t\t\t\t"; exec_query($sql, $query, array($fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $edit_id)); } else { $edit_id = $_POST['edit_id']; if ($_POST['pass'] != $_POST['pass_rep']) { set_page_message(tr("Entered passwords do not match!"), 'warning'); user_goto('admin_edit.php?edit_id=' . $edit_id); } if (!chk_password($_POST['pass'])) { if ($cfg->PASSWD_STRONG) { set_page_message(sprintf(tr('The password must be at least %s chars long and contain letters and numbers to be valid.'), $cfg->PASSWD_CHARS), 'warning'); } else { set_page_message(sprintf(tr('Password data is shorter than %s signs or includes not permitted signs!'), $cfg->PASSWD_CHARS), 'warning'); } user_goto('admin_edit.php?edit_id=' . $edit_id); } $upass = crypt_user_pass($_POST['pass']); $query = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\t`admin`\n\t\t\t\t\tSET\n\t\t\t\t\t\t`admin_pass` = ?,\n\t\t\t\t\t\t`fname` = ?,\n\t\t\t\t\t\t`lname` = ?,\n\t\t\t\t\t\t`firm` = ?,\n\t\t\t\t\t\t`zip` = ?,\n\t\t\t\t\t\t`city` = ?,\n\t\t\t\t\t\t`state` = ?,\n\t\t\t\t\t\t`country` = ?,\n\t\t\t\t\t\t`email` = ?,\n\t\t\t\t\t\t`phone` = ?,\n\t\t\t\t\t\t`fax` = ?,\n\t\t\t\t\t\t`street1` = ?,\n\t\t\t\t\t\t`street2` = ?,\n\t\t\t\t\t\t`gender` = ?\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`admin_id` = ?\n\t\t\t\t"; exec_query($sql, $query, array($upass, $fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $edit_id)); // Kill any existing session of the edited user $admin_name = get_user_name($edit_id); $query = "\n\t\t\t\t\tDELETE FROM\n\t\t\t\t\t\t`login`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`user_name` = ?\n\t\t\t\t"; $rs = exec_query($sql, $query, $admin_name); if ($rs->recordCount() != 0) { set_page_message(tr('User session was killed!'), 'info'); write_log($_SESSION['user_logged'] . " killed " . $admin_name . "'s session because of password change"); } } $edit_username = clean_input($_POST['edit_username']); $user_logged = $_SESSION['user_logged']; write_log("{$user_logged}: changes data/password for {$edit_username}!"); if (isset($_POST['send_data']) && !empty($_POST['pass'])) { $query = "SELECT admin_type FROM admin WHERE admin_id='" . addslashes(htmlspecialchars($edit_id)) . "'"; $res = exec_query($sql, $query); if ($res->fields['admin_type'] == 'admin') { $admin_type = tr('Administrator'); } else { if ($res->fields['admin_type'] == 'reseller') { $admin_type = tr('Reseller'); } else { $admin_type = tr('Domain account'); } } send_add_user_auto_msg($user_id, $edit_username, clean_input($_POST['pass']), clean_input($_POST['email']), clean_input($_POST['fname']), clean_input($_POST['lname']), tr($admin_type), $gender); } $_SESSION['user_updated'] = 1; user_goto('manage_users.php'); } } }
return true; } /*********************************************************************************************************************** * Main * */ // Include core library require 'imscp-lib.php'; iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAdminScriptStart); check_login('admin'); if (!systemHasResellers(2)) { showBadRequestErrorPage(); } /** @var $cfg iMSCP_Config_Handler_File */ $cfg = iMSCP_Registry::get('config'); if (isset($_POST['uaction']) && $_POST['uaction'] == 'move_user' && check_user_data()) { set_page_message(tr('Customer(s) successfully moved.'), 'success'); redirectTo('manage_users.php'); } $tpl = new iMSCP_pTemplate(); $tpl->define_dynamic(array('layout' => 'shared/layouts/ui.tpl', 'page' => 'admin/manage_reseller_users.tpl', 'page_message' => 'layout', 'reseller_list' => 'page', 'reseller_item' => 'page', 'src_reseller' => 'page', 'src_reseller_option' => 'src_reseller', 'dst_reseller' => 'page', 'dst_reseller_option' => 'dst_reseller')); $tpl->assign(array('TR_PAGE_TITLE' => tr('Admin / Users / Customers Assignment'), 'TR_USER_ASSIGNMENT' => tr('User assignment'), 'TR_RESELLER_USERS' => tr('Users'), 'TR_CUSTOMER_ID' => tr('Customer ID'), 'TR_MARK' => tr('Mark'), 'TR_USER_NAME' => tr('Username'), 'TR_FROM_RESELLER' => tr('From reseller'), 'TR_TO_RESELLER' => tr('To reseller'), 'TR_MOVE' => tr('Move'))); iMSCP_Events_Aggregator::getInstance()->registerListener('onGetJsTranslations', function ($e) { /** @var $e \iMSCP_Events_Event */ $e->getParam('translations')->core['dataTable'] = getDataTablesPluginTranslations(false); }); generateNavigation($tpl); admin_generateCustomersTable($tpl); generatePageMessage($tpl); $tpl->parse('LAYOUT_CONTENT', 'page'); iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAdminScriptEnd, array('templateEngine' => $tpl));
<?php require 'db.php'; require 'connection.php'; $redir = "index.php"; if (!empty($_GET['location'])) { $redir = $_GET['location']; } if (!empty($_POST['submit'])) { $username = sanitize_post('username'); $password = sanitize_post('password'); $ok = check_user_data($username, $password); if ($ok) { if (empty($_SESSION)) { session_start(); } $_SESSION['login'] = 1; $_SESSION['user'] = $username; header("Location: {$redir}"); echo "done"; } else { echo "Username or password invalid"; } } else { header("Location: {$redir}"); }
if (isset($cfg['HOSTING_PLANS_LEVEL']) && $cfg['HOSTING_PLANS_LEVEL'] === 'admin') { Header("Location: users.php"); die; } $tpl->assign(array('TR_CLIENT_CHANGE_PERSONAL_DATA_PAGE_TITLE' => tr('VHCS - User/Add user(step2)'), 'THEME_COLOR_PATH' => "../themes/{$theme_color}", 'THEME_CHARSET' => tr('encoding'), 'VHCS_LICENSE' => $cfg['VHCS_LICENSE'], 'ISP_LOGO' => get_logo($_SESSION['user_id']))); /* * * static page messages. * */ gen_reseller_menu($tpl); gen_logged_from($tpl); $tpl->assign(array('TR_ADD_USER' => tr('Add user'), 'TR_HOSTING_PLAN_PROPERTIES' => tr('Hosting plan properties'), 'TR_TEMPLATE_NAME' => tr('Template name'), 'TR_MAX_DOMAIN' => tr('Max domain count<br><i>(0 unlimited)</i>'), 'TR_MAX_SUBDOMAIN' => tr('Max subdomain count<br><i>(0 unlimited)'), 'TR_MAX_DOMAIN_ALIAS' => tr('Max aliases count<br><i>(0 unlimited)</i>'), 'TR_MAX_MAIL_COUNT' => tr('Max mail users count<br><i>(0 unlimited)</i>'), 'TR_MAX_FTP' => tr('Max FTP users count<br><i>(0 unlimited)</i>'), 'TR_MAX_SQL_DB' => tr('Max SQL databases count<br><i>(-1 disabled, 0 unlimited)</i>'), 'TR_MAX_SQL_USERS' => tr('Max SQL users count<br><i>(-1 disabled, 0 unlimited)</i>'), 'TR_MAX_TRAFFIC' => tr('Max traffic amount [MB]<br><i>(0 unlimited)</i>'), 'TR_MAX_DISK_USAGE' => tr('Max disk amount [MB]<br><i>(0 unlimited)</i>'), 'TR_PHP' => tr('PHP'), 'TR_CGI' => tr('CGI / Perl'), 'TR_YES' => tr('yes'), 'TR_NO' => tr('no'), 'TR_NEXT_STEP' => tr('Next step'), 'TR_BACKUP_RESTORE' => tr('Backup / Restore'), 'TR_APACHE_LOGS' => tr('Apache logs'), 'TR_AWSTATS' => tr('Awstats'))); get_pageone_param(); if (isset($_POST['uaction']) && "rau2_nxt" === $_POST['uaction'] && !isset($_SESSION['step_one_data'])) { if (check_user_data($tpl)) { update_hp_data($_SESSION['user_id']); } } else { unset($_SESSION['step_one_data']); global $dmn_chp; get_hp_data($dmn_chp, $_SESSION['user_id']); $tpl->assign('MESSAGE', ""); } get_init_au2_page($tpl); gen_page_message($tpl); $tpl->parse('PAGE', 'page'); $tpl->prnt(); if (isset($cfg['DUMP_GUI_DEBUG'])) { dump_gui_debug(); }
* GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, * MA 02110-1301, USA. * * */ $username = $_POST["username"]; $passwd = $_POST["pass"]; require_once __DIR__ . "/../../moneyio.php"; if (isset($username) && !empty($username) && isset($passwd) && !empty($passwd)) { require_once __DIR__ . "/login_func.php"; $new_passwd = pass_generator($passwd); $user_data = check_user_data($username, $new_passwd); // 2015-11-26 problem. $username = "******" so, It does not do login if (isset($user_data) && !empty($user_data)) { if ($username === $user_data->nick && $new_passwd === $user_data->passwd) { require_once __DIR__ . "/../../session.php"; open_session(); $_SESSION["mio-username"] = $user_data->nick; $_SESSION["mio-username_id"] = $user_data->id; $_SESSION["mio-pic"] = $user_data->avatar; echo get_message("login_ok"); } else { echo get_message("login_bad"); } } else { echo get_message("no_data"); }
function add_user(&$tpl, &$sql) { if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_user') { if (check_user_data()) { $upass = crypt_user_pass($_POST['pass']); $user_id = $_SESSION['user_id']; $username = $_POST['username']; $fname = htmlspecialchars($_POST['fname'], ENT_QUOTES, "UTF-8"); $lname = htmlspecialchars($_POST['lname'], ENT_QUOTES, "UTF-8"); $firm = htmlspecialchars($_POST['firm'], ENT_QUOTES, "UTF-8"); $zip = htmlspecialchars($_POST['zip'], ENT_QUOTES, "UTF-8"); $city = htmlspecialchars($_POST['city'], ENT_QUOTES, "UTF-8"); $country = htmlspecialchars($_POST['country'], ENT_QUOTES, "UTF-8"); $email = htmlspecialchars($_POST['email'], ENT_QUOTES, "UTF-8"); $phone = htmlspecialchars($_POST['phone'], ENT_QUOTES, "UTF-8"); $fax = htmlspecialchars($_POST['fax'], ENT_QUOTES, "UTF-8"); $street1 = htmlspecialchars($_POST['street1'], ENT_QUOTES, "UTF-8"); $street2 = htmlspecialchars($_POST['street2'], ENT_QUOTES, "UTF-8"); $query = <<<SQL_QUERY insert into admin ( admin_name, admin_pass, admin_type, domain_created, created_by, fname, lname, firm, zip, city, country, email, phone, fax, street1, street2 ) values ( ?, ?, 'admin', unix_timestamp(), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? ) SQL_QUERY; $rs = exec_query($sql, $query, array($username, $upass, $user_id, $fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2)); $new_admin_id = $sql->Insert_ID(); $user_logged = $_SESSION['user_logged']; write_log("{$user_logged} : add admin -> {$username}"); insert_email_tpl($sql, $new_admin_id); $user_def_lang = $_SESSION['user_def_lang']; $user_theme_color = $_SESSION['user_theme_color']; $user_logo = 0; $query = <<<SQL_QUERY insert into user_gui_props ( user_id, lang, layout, logo ) values ( ?,?,?,? ) SQL_QUERY; $rs = exec_query($sql, $query, array($new_admin_id, $user_def_lang, $user_theme_color, $user_logo)); send_add_user_auto_msg($user_id, $_POST['username'], $_POST['pass'], $_POST['email'], $_POST['fname'], $_POST['lname'], tr('Administrator')); $_SESSION['user_added'] = 1; header("Location: manage_users.php"); die; } else { $tpl->assign(array('EMAIL' => $_POST['email'], 'USERNAME' => $_POST['username'], 'FIRST_NAME' => $_POST['fname'], 'LAST_NAME' => $_POST['lname'], 'FIRM' => $_POST['firm'], 'ZIP' => $_POST['zip'], 'CITY' => $_POST['city'], 'COUNTRY' => $_POST['country'], 'STREET_1' => $_POST['street1'], 'STREET_2' => $_POST['street2'], 'PHONE' => $_POST['phone'], 'FAX' => $_POST['fax'])); } } else { $tpl->assign(array('EMAIL' => '', 'USERNAME' => '', 'FIRST_NAME' => '', 'LAST_NAME' => '', 'FIRM' => '', 'ZIP' => '', 'CITY' => '', 'COUNTRY' => '', 'STREET_1' => '', 'STREET_2' => '', 'PHONE' => '', 'FAX' => '')); } // else }
$cfg = EasySCP_Registry::get('Config'); $tpl = EasySCP_TemplateEngine::getInstance(); $template = 'reseller/domain_edit.tpl'; if (isset($cfg->HOSTING_PLANS_LEVEL) && $cfg->HOSTING_PLANS_LEVEL === 'admin') { user_goto('users.php?psi=last'); } if (isset($_POST['uaction']) && 'sub_data' === $_POST['uaction']) { // Process data if (isset($_SESSION['edit_id'])) { $editid = $_SESSION['edit_id']; } else { unset($_SESSION['edit_id']); $_SESSION['edit'] = '_no_'; user_goto('users.php?psi=last'); } if (check_user_data($_SESSION['user_id'], $editid)) { // Save data to db $_SESSION['dedit'] = "_yes_"; user_goto('users.php?psi=last'); } load_additional_data($_SESSION['user_id'], $editid); } else { // Get user id that comes for edit if (isset($_GET['edit_id'])) { $editid = $_GET['edit_id']; } load_user_data($_SESSION['user_id'], $editid); $_SESSION['edit_id'] = $editid; } gen_editdomain_page($tpl); // static page messages
function update_reseller_user() { if (isset($_POST['uaction']) && $_POST['uaction'] === 'move_user' && check_user_data()) { set_page_message(tr('User was moved'), 'success'); } }
gen_logged_from($tpl); if (isset($_POST['uaction']) && 'modify' === $_POST['uaction']) { // Process data if (isset($_SESSION['edit_ID'])) { $editid = $_SESSION['edit_ID']; } else { if (isset($_GET['edit_id'])) { $editid = $_GET['edit_id']; } else { unset($_SESSION['edit_ID']); $_SESSION['aledit'] = '_no_'; //Header('Location: domain_alias.php'); //die(); } } if (check_user_data($tpl, $editid)) { // Save data to db $_SESSION['aledit'] = "_yes_"; Header("Location: domain_alias.php"); die; } } else { // Get user id that come for edit if (isset($_GET['edit_id'])) { $editid = $_GET['edit_id']; } $_SESSION['edit_ID'] = $editid; $tpl->assign('MESSAGE', ""); } gen_editalias_page($tpl, $editid); $tpl->parse('PAGE', 'page');
function send_circular($tpl) { if (isset($_POST['uaction']) && $_POST['uaction'] === 'send_circular') { if (check_user_data()) { send_reseller_message(); unset($_POST['uaction']); gen_page_data($tpl); } } }
function add_reseller(&$tpl, &$sql) { global $reseller_ips; if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_reseller') { if (check_user_data()) { $upass = crypt_user_pass($_POST['pass']); $user_id = $_SESSION['user_id']; $username = $_POST['username']; $fname = htmlspecialchars($_POST['fname'], ENT_QUOTES, "UTF-8"); $lname = htmlspecialchars($_POST['lname'], ENT_QUOTES, "UTF-8"); $firm = htmlspecialchars($_POST['firm'], ENT_QUOTES, "UTF-8"); $zip = htmlspecialchars($_POST['zip'], ENT_QUOTES, "UTF-8"); $city = htmlspecialchars($_POST['city'], ENT_QUOTES, "UTF-8"); $country = htmlspecialchars($_POST['country'], ENT_QUOTES, "UTF-8"); $email = htmlspecialchars($_POST['email'], ENT_QUOTES, "UTF-8"); $phone = htmlspecialchars($_POST['phone'], ENT_QUOTES, "UTF-8"); $fax = htmlspecialchars($_POST['fax'], ENT_QUOTES, "UTF-8"); $street1 = htmlspecialchars($_POST['street1'], ENT_QUOTES, "UTF-8"); $street2 = htmlspecialchars($_POST['street2'], ENT_QUOTES, "UTF-8"); $query = <<<SQL_QUERY insert into admin ( admin_name, admin_pass, admin_type, domain_created, created_by, fname, lname, firm, zip, city, country, email, phone, fax, street1, street2 ) values ( ?, ?, 'reseller', unix_timestamp(), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? ) SQL_QUERY; $rs = exec_query($sql, $query, array($username, $upass, $user_id, $fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2)); $new_admin_id = $sql->Insert_ID(); insert_email_tpl($sql, $new_admin_id); $user_logged = $_SESSION['user_logged']; write_log("{$user_logged} : add reseller -> {$username}"); $user_def_lang = $_SESSION['user_def_lang']; $user_theme_color = $_SESSION['user_theme_color']; $user_logo = 0; $query = <<<SQL_QUERY insert into user_gui_props ( user_id, lang, layout, logo ) values ( ?, ?, ?, ? ) SQL_QUERY; $rs = exec_query($sql, $query, array($new_admin_id, $user_def_lang, $user_theme_color, $user_logo)); /* * 'reseller_props' table entry; */ $nreseller_max_domain_cnt = $_POST['nreseller_max_domain_cnt']; $nreseller_max_subdomain_cnt = $_POST['nreseller_max_subdomain_cnt']; $nreseller_max_alias_cnt = $_POST['nreseller_max_alias_cnt']; $nreseller_max_mail_cnt = $_POST['nreseller_max_mail_cnt']; $nreseller_max_ftp_cnt = $_POST['nreseller_max_ftp_cnt']; $nreseller_max_sql_db_cnt = $_POST['nreseller_max_sql_db_cnt']; $nreseller_max_sql_user_cnt = $_POST['nreseller_max_sql_user_cnt']; $nreseller_max_traffic = $_POST['nreseller_max_traffic']; $nreseller_max_disk = $_POST['nreseller_max_disk']; $customer_id = $_POST['customer_id']; $query = <<<SQL_QUERY insert into reseller_props ( reseller_id, reseller_ips, max_dmn_cnt, current_dmn_cnt, max_sub_cnt, current_sub_cnt, max_als_cnt, current_als_cnt, max_mail_cnt, current_mail_cnt, max_ftp_cnt, current_ftp_cnt, max_sql_db_cnt, current_sql_db_cnt, max_sql_user_cnt, current_sql_user_cnt, max_traff_amnt, current_traff_amnt, max_disk_amnt, current_disk_amnt, customer_id ) values ( ?, ?, ?, '0', ?, '0', ?, '0', ?, '0', ?, '0', ?, '0', ?, '0', ?, '0', ?, '0', ? ) SQL_QUERY; $rs = exec_query($sql, $query, array($new_admin_id, $reseller_ips, $nreseller_max_domain_cnt, $nreseller_max_subdomain_cnt, $nreseller_max_alias_cnt, $nreseller_max_mail_cnt, $nreseller_max_ftp_cnt, $nreseller_max_sql_db_cnt, $nreseller_max_sql_user_cnt, $nreseller_max_traffic, $nreseller_max_disk, $customer_id)); send_add_user_auto_msg($user_id, $_POST['username'], $_POST['pass'], $_POST['email'], htmlspecialchars($_POST['fname'], ENT_QUOTES, "UTF-8"), htmlspecialchars($_POST['lname'], ENT_QUOTES, "UTF-8"), tr('Reseller')); $_SESSION['reseller_added'] = 1; header("Location: manage_users.php"); die; } else { $tpl->assign(array('EMAIL' => $_POST['email'], 'USERNAME' => $_POST['username'], 'FIRST_NAME' => $_POST['fname'], 'CUSTOMER_ID' => $_POST['customer_id'], 'LAST_NAME' => $_POST['lname'], 'FIRM' => $_POST['firm'], 'ZIP' => $_POST['zip'], 'CITY' => $_POST['city'], 'COUNTRY' => $_POST['country'], 'STREET_1' => $_POST['street1'], 'STREET_2' => $_POST['street2'], 'PHONE' => $_POST['phone'], 'FAX' => $_POST['fax'], 'MAX_DOMAIN_COUNT' => $_POST['nreseller_max_domain_cnt'], 'MAX_SUBDOMAIN_COUNT' => $_POST['nreseller_max_subdomain_cnt'], 'MAX_ALIASES_COUNT' => $_POST['nreseller_max_alias_cnt'], 'MAX_MAIL_USERS_COUNT' => $_POST['nreseller_max_mail_cnt'], 'MAX_FTP_USERS_COUNT' => $_POST['nreseller_max_ftp_cnt'], 'MAX_SQLDB_COUNT' => $_POST['nreseller_max_sql_db_cnt'], 'MAX_SQL_USERS_COUNT' => $_POST['nreseller_max_sql_user_cnt'], 'MAX_TRAFFIC_AMOUNT' => $_POST['nreseller_max_traffic'], 'MAX_DISK_AMOUNT' => $_POST['nreseller_max_disk'])); } } else { $tpl->assign(array('EMAIL' => '', 'USERNAME' => '', 'FIRST_NAME' => '', 'CUSTOMER_ID' => '', 'LAST_NAME' => '', 'FIRM' => '', 'ZIP' => '', 'CITY' => '', 'COUNTRY' => '', 'STREET_1' => '', 'STREET_2' => '', 'PHONE' => '', 'FAX' => '', 'MAX_DOMAIN_COUNT' => '', 'MAX_SUBDOMAIN_COUNT' => '', 'MAX_ALIASES_COUNT' => '', 'MAX_MAIL_USERS_COUNT' => '', 'MAX_FTP_USERS_COUNT' => '', 'MAX_SQLDB_COUNT' => '', 'MAX_SQL_USERS_COUNT' => '', 'MAX_TRAFFIC_AMOUNT' => '', 'MAX_DISK_AMOUNT' => '')); } }
function update_reseller(&$sql) { global $edit_id, $reseller_ips; if (isset($_POST['uaction']) && $_POST['uaction'] === 'update_reseller') { $user_id = $_SESSION['user_id']; if (check_user_data()) { $fname = $_POST['fname']; $lname = $_POST['lname']; $firm = $_POST['firm']; $zip = $_POST['zip']; $city = $_POST['city']; $country = $_POST['country']; $email = $_POST['email']; $phone = $_POST['phone']; $fax = $_POST['fax']; $street1 = $_POST['street1']; $street2 = $_POST['street2']; if ($_POST['pass'] == '') { $query = <<<SQL_QUERY update admin set fname = ?, lname = ?, firm = ?, zip = ?, city = ?, country = ?, email = ?, phone = ?, fax = ?, street1 = ?, street2 = ? where admin_id = ? SQL_QUERY; $rs = exec_query($sql, $query, array($fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2, $edit_id)); } else { $upass = crypt_user_pass($_POST['pass']); $query = <<<SQL_QUERY update admin set admin_pass = ?, fname = ?, lname = ?, firm = ?, zip = ?, city = ?, country = ?, email = ?, phone = ?, fax = ?, street1 = ?, street2 = ? where admin_id = ? SQL_QUERY; $rs = exec_query($sql, $query, array($upass, $fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2, $edit_id)); } $nreseller_max_domain_cnt = $_POST['nreseller_max_domain_cnt']; $nreseller_max_subdomain_cnt = $_POST['nreseller_max_subdomain_cnt']; $nreseller_max_alias_cnt = $_POST['nreseller_max_alias_cnt']; $nreseller_max_mail_cnt = $_POST['nreseller_max_mail_cnt']; $nreseller_max_ftp_cnt = $_POST['nreseller_max_ftp_cnt']; $nreseller_max_sql_db_cnt = $_POST['nreseller_max_sql_db_cnt']; $nreseller_max_sql_user_cnt = $_POST['nreseller_max_sql_user_cnt']; $nreseller_max_traffic = $_POST['nreseller_max_traffic']; $nreseller_max_disk = $_POST['nreseller_max_disk']; $customer_id = $_POST['customer_id']; $query = <<<SQL_QUERY update reseller_props set reseller_ips = ?, max_dmn_cnt = ?, max_sub_cnt = ?, max_als_cnt = ?, max_mail_cnt = ?, max_ftp_cnt = ?, max_sql_db_cnt = ?, max_sql_user_cnt = ?, max_traff_amnt = ?, max_disk_amnt = ?, customer_id = ? where reseller_id = ? SQL_QUERY; $rs = exec_query($sql, $query, array($reseller_ips, $nreseller_max_domain_cnt, $nreseller_max_subdomain_cnt, $nreseller_max_alias_cnt, $nreseller_max_mail_cnt, $nreseller_max_ftp_cnt, $nreseller_max_sql_db_cnt, $nreseller_max_sql_user_cnt, $nreseller_max_traffic, $nreseller_max_disk, $customer_id, $edit_id)); $edit_username = $_POST['edit_username']; $user_logged = $_SESSION['user_logged']; write_log("{$user_logged}: change data/password for reseller -> {$edit_username}!"); $_SESSION['user_updated'] = 1; $_SESSION['reseller_ips'] = $reseller_ips; header("Location: manage_users.php"); die; } else { } } }
function update_email_data(&$tpl, &$sql) { global $sender_name, $sender_email, $auto_message, $auto_subject; $user_id = $_SESSION['user_id']; if (isset($_POST['uaction']) && $_POST['uaction'] === 'email_setup') { $sender_name = $_POST['sender_name']; $sender_email = $_POST['sender_email']; $auto_message = $_POST['auto_message']; $auto_subject = $_POST['auto_subject']; if (check_user_data($tpl)) { //list($fname, $lname) = explode(" ", $sender_name); $query = <<<SQL_QUERY update email_tpls set subject = ?, message = ? where owner_id = ? and name = 'add-user-auto-msg' SQL_QUERY; $rs = exec_query($sql, $query, array($auto_subject, $auto_message, $user_id)); // $_SESSION['email_updated'] = 1; set_page_message(tr('Email Updated!')); // Header("Location: manage_users.php"); // die(); } } }
function update_email_data(&$tpl, &$sql) { global $sender_name, $sender_email; global $auto_message1, $auto_subject1; global $auto_message2, $auto_subject2; $user_id = $_SESSION['user_id']; if (isset($_POST['uaction']) && $_POST['uaction'] === 'lostpw_email_setup') { $sender_name = $_POST['sender_name']; $sender_email = $_POST['sender_email']; $auto_message1 = $_POST['auto_message1']; $auto_subject1 = $_POST['auto_subject1']; $auto_message2 = $_POST['auto_message2']; $auto_subject2 = $_POST['auto_subject2']; if (check_user_data($tpl)) { // list($fname, $lname) = explode(" ", $sender_name); // Update email 1 $query = <<<SQL_QUERY update email_tpls set subject = ?, message = ? where owner_id = ? and name = 'lostpw-msg-1' SQL_QUERY; $rs = exec_query($sql, $query, array($auto_subject1, $auto_message1, $user_id)); // Update email 2 $query = <<<SQL_QUERY update email_tpls set subject = ?, message = ? where owner_id = ? and name = 'lostpw-msg-2' SQL_QUERY; $rs = exec_query($sql, $query, array($auto_subject2, $auto_message2, $user_id)); set_page_message(tr('Auto email template data updated!')); // Header("Location: users.php"); // die(); } } }