static function ExecuteCreateClient($uid, $username, $packageid, $groupid, $fullname, $email, $address, $post, $phone, $password, $sendemail, $emailsubject, $emailbody)
{
global $zdbh;
// Check for spaces and remove if found...
$username = strtolower(str_replace(' ', '', $username));
$reseller = ctrl_users::GetUserDetail($uid);
// Check for errors before we continue...
if (fs_director::CheckForEmptyValue(self::CheckCreateForErrors($username, $packageid, $groupid, $email, $password))) {
return false;
}
runtime_hook::Execute('OnBeforeCreateClient');
$crypto = new runtime_hash();
$crypto->SetPassword($password);
$randomsalt = $crypto->RandomSalt();
$crypto->SetSalt($randomsalt);
$secure_password = $crypto->CryptParts($crypto->Crypt())->Hash;
// No errors found, so we can add the user to the database...
$sql = $zdbh->prepare("INSERT INTO x_accounts (ac_user_vc, ac_pass_vc, ac_passsalt_vc, ac_email_vc, ac_package_fk, ac_group_fk, ac_usertheme_vc, ac_usercss_vc, ac_reseller_fk, ac_created_ts) VALUES (\n :username, :password, :passsalt, :email, :packageid, :groupid, :resellertheme, :resellercss, :uid, :time)");
$sql->bindParam(':uid', $uid);
$time = time();
$sql->bindParam(':time', $time);
$sql->bindParam(':username', $username);
$sql->bindParam(':password', $secure_password);
$sql->bindParam(':passsalt', $randomsalt);
$sql->bindParam(':email', $email);
$sql->bindParam(':packageid', $packageid);
$sql->bindParam(':groupid', $groupid);
$sql->bindParam(':resellertheme', $reseller['usertheme']);
$sql->bindParam(':resellercss', $reseller['usercss']);
$sql->execute();
// Now lets pull back the client ID so that we can add their personal address details etc...
//$client = $zdbh->query("SELECT * FROM x_accounts WHERE ac_reseller_fk=" . $uid . " ORDER BY ac_id_pk DESC")->Fetch();
$numrows = $zdbh->prepare("SELECT * FROM x_accounts WHERE ac_reseller_fk=:uid ORDER BY ac_id_pk DESC");
$numrows->bindParam(':uid', $uid);
$numrows->execute();
$client = $numrows->fetch();
$sql = $zdbh->prepare("INSERT INTO x_profiles (ud_user_fk, ud_fullname_vc, ud_group_fk, ud_package_fk, ud_address_tx, ud_postcode_vc, ud_phone_vc, ud_created_ts) VALUES (:userid, :fullname, :packageid, :groupid, :address, :postcode, :phone, :time)");
$sql->bindParam(':userid', $client['ac_id_pk']);
$sql->bindParam(':fullname', $fullname);
$sql->bindParam(':packageid', $packageid);
$sql->bindParam(':groupid', $groupid);
$sql->bindParam(':address', $address);
$sql->bindParam(':postcode', $post);
$sql->bindParam(':phone', $phone);
$time = time();
$sql->bindParam(':time', $time);
$sql->execute();
// Now we add an entry into the bandwidth table, for the user for the upcoming month.
$sql = $zdbh->prepare("INSERT INTO x_bandwidth (bd_acc_fk, bd_month_in, bd_transamount_bi, bd_diskamount_bi) VALUES (:ac_id_pk, :date, 0, 0)");
$date = date("Ym", time());
$sql->bindParam(':date', $date);
$sql->bindParam(':ac_id_pk', $client['ac_id_pk']);
$sql->execute();
// Lets create the client diectories
fs_director::CreateDirectory(ctrl_options::GetSystemOption('hosted_dir') . $username);
fs_director::SetFileSystemPermissions(ctrl_options::GetSystemOption('hosted_dir') . $username, 0777);
fs_director::CreateDirectory(ctrl_options::GetSystemOption('hosted_dir') . $username . "/public_html");
fs_director::SetFileSystemPermissions(ctrl_options::GetSystemOption('hosted_dir') . $username . "/public_html", 0777);
fs_director::CreateDirectory(ctrl_options::GetSystemOption('hosted_dir') . $username . "/backups");
fs_director::SetFileSystemPermissions(ctrl_options::GetSystemOption('hosted_dir') . $username . "/backups", 0777);
// Send the user account details via. email (if requested)...
if ($sendemail != 0) {
if (isset($_SERVER['HTTPS'])) {
$protocol = 'https://';
} else {
$protocol = 'http://';
}
$emailsubject = str_replace("{{username}}", $username, $emailsubject);
$emailsubject = str_replace("{{password}}", $password, $emailsubject);
$emailsubject = str_replace("{{fullname}}", $fullname, $emailsubject);
$emailbody = str_replace("{{username}}", $username, $emailbody);
$emailbody = str_replace("{{password}}", $password, $emailbody);
$emailbody = str_replace("{{fullname}}", $fullname, $emailbody);
$emailbody = str_replace('{{controlpanelurl}}', $protocol . ctrl_options::GetSystemOption('MADmin_domain'), $emailbody);
$phpmailer = new sys_email();
$phpmailer->Subject = $emailsubject;
$phpmailer->Body = $emailbody;
$phpmailer->AddAddress($email);
$phpmailer->SendEmail();
}
runtime_hook::Execute('OnAfterCreateClient');
self::$resetform = true;
self::$ok = true;
return true;
}
static function UpdatePassword($uid, $password)
{
global $zdbh;
$crypto = new runtime_hash();
$crypto->SetPassword($password);
$randomsalt = $crypto->RandomSalt();
$crypto->SetSalt($randomsalt);
$secure_password = $crypto->CryptParts($crypto->Crypt())->Hash;
$sql = $zdbh->prepare("UPDATE x_accounts SET ac_pass_vc=:secure_password, ac_passsalt_vc= :randomsalt WHERE ac_id_pk=:userid");
$sql->bindParam(':randomsalt', $randomsalt);
$sql->bindParam(':secure_password', $secure_password);
$sql->bindParam(':userid', $uid);
$sql->execute();
return true;
}
$phpmailer->Body = "Hi " . $result['ac_user_vc'] . ",\n \nYou, or somebody pretending to be you, has requested a password reset link to be sent for your web hosting control panel login.\n \nIf you wish to proceed with the password reset on your account, please use the link below to be taken to the password reset page.\n \n" . $protocol . ctrl_options::GetSystemOption('zpanel_domain') . "/?resetkey=" . $randomkey . "\n\n\n ";
$phpmailer->AddAddress($result['ac_email_vc']);
$phpmailer->SendEmail();
runtime_hook::Execute('OnRequestForgotPassword');
}
}
if (isset($_POST['inConfEmail'])) {
runtime_csfr::Protect();
$sql = $zdbh->prepare("SELECT ac_id_pk FROM x_accounts WHERE ac_email_vc = :email AND ac_resethash_tx = :resetkey AND ac_resethash_tx IS NOT NULL");
$sql->bindParam(':email', $_POST['inConfEmail']);
$sql->bindParam(':resetkey', $_GET['resetkey']);
$sql->execute();
$result = $sql->fetch();
$crypto = new runtime_hash();
$crypto->SetPassword($_POST['inNewPass']);
$randomsalt = $crypto->RandomSalt();
$crypto->SetSalt($randomsalt);
$secure_password = $crypto->CryptParts($crypto->Crypt())->Hash;
if ($result) {
$sql = $zdbh->prepare("UPDATE x_accounts SET ac_resethash_tx = '', ac_pass_vc = :password, ac_passsalt_vc = :salt WHERE ac_id_pk = :uid");
$sql->bindParam(':password', $secure_password);
$sql->bindParam(':salt', $randomsalt);
$sql->bindParam(':uid', $result['ac_id_pk']);
$sql->execute();
runtime_hook::Execute('OnSuccessfulPasswordReset');
} else {
runtime_hook::Execute('OnFailedPasswordReset');
}
header("location: ./?passwordreset");
exit;
}
static function ExecuteUpdateClient($clientid, $package, $enabled, $group, $fullname, $email, $address, $post, $phone, $newpass)
{
global $zdbh;
runtime_hook::Execute('OnBeforeUpdateClient');
//convert package to numerical id if needed
if (!is_numeric($package)) {
$package = self::getPackageIdFix($package);
}
if ($enabled == 0) {
runtime_hook::Execute('OnBeforeDisableClient');
}
if ($enabled == 1) {
runtime_hook::Execute('OnBeforeEnableClient');
}
if ($newpass != "") {
// Check for password length...
if (strlen($newpass) < ctrl_options::GetSystemOption('password_minlength')) {
self::$badpassword = true;
return false;
}
$crypto = new runtime_hash();
$crypto->SetPassword($newpass);
$randomsalt = $crypto->RandomSalt();
$crypto->SetSalt($randomsalt);
$secure_password = $crypto->CryptParts($crypto->Crypt())->Hash;
$sql = $zdbh->prepare("UPDATE x_accounts SET ac_pass_vc= :newpass, ac_passsalt_vc= :passsalt WHERE ac_id_pk= :clientid");
$sql->bindParam(':clientid', $clientid);
$sql->bindParam(':newpass', $secure_password);
$sql->bindParam(':passsalt', $randomsalt);
$sql->execute();
}
$sql = $zdbh->prepare("UPDATE x_accounts SET ac_email_vc= :email, ac_package_fk= :package, ac_enabled_in= :isenabled, ac_group_fk= :group WHERE ac_id_pk = :clientid");
$sql->bindParam(':email', $email);
$sql->bindParam(':package', $package);
$sql->bindParam(':isenabled', $enabled);
$sql->bindParam(':group', $group);
$sql->bindParam(':clientid', $clientid);
//$sql->bindParam(':accountid', $clientid);
$sql->execute();
$sql = $zdbh->prepare("UPDATE x_profiles SET ud_fullname_vc= :fullname, ud_group_fk= :group, ud_package_fk= :package, ud_address_tx= :address,ud_postcode_vc= :postcode, ud_phone_vc= :phone WHERE ud_user_fk=:accountid");
$sql->bindParam(':fullname', $fullname);
$sql->bindParam(':group', $group);
$sql->bindParam(':package', $package);
$sql->bindParam(':address', $address);
$sql->bindParam(':postcode', $post);
$sql->bindParam(':phone', $phone);
$sql->bindParam(':accountid', $clientid);
$sql->execute();
if ($enabled == 0) {
runtime_hook::Execute('OnAfterDisableClient');
}
if ($enabled == 1) {
runtime_hook::Execute('OnAfterEnableClient');
}
runtime_hook::Execute('OnAfterUpdateClient');
self::$ok = true;
return true;
}
