static function ExecuteCreateClient($uid, $username, $packageid, $groupid, $fullname, $email, $address, $post, $phone, $password, $sendemail, $emailsubject, $emailbody)
{
global $zdbh;
// Check for spaces and remove if found...
$username = strtolower(str_replace(' ', '', $username));
$reseller = ctrl_users::GetUserDetail($uid);
// Check for errors before we continue...
if (fs_director::CheckForEmptyValue(self::CheckCreateForErrors($username, $packageid, $groupid, $email, $password))) {
return false;
}
runtime_hook::Execute('OnBeforeCreateClient');
$crypto = new runtime_hash();
$crypto->SetPassword($password);
$randomsalt = $crypto->RandomSalt();
$crypto->SetSalt($randomsalt);
$secure_password = $crypto->CryptParts($crypto->Crypt())->Hash;
// No errors found, so we can add the user to the database...
$sql = $zdbh->prepare("INSERT INTO x_accounts (ac_user_vc, ac_pass_vc, ac_passsalt_vc, ac_email_vc, ac_package_fk, ac_group_fk, ac_usertheme_vc, ac_usercss_vc, ac_reseller_fk, ac_created_ts) VALUES (\n :username, :password, :passsalt, :email, :packageid, :groupid, :resellertheme, :resellercss, :uid, :time)");
$sql->bindParam(':uid', $uid);
$time = time();
$sql->bindParam(':time', $time);
$sql->bindParam(':username', $username);
$sql->bindParam(':password', $secure_password);
$sql->bindParam(':passsalt', $randomsalt);
$sql->bindParam(':email', $email);
$sql->bindParam(':packageid', $packageid);
$sql->bindParam(':groupid', $groupid);
$sql->bindParam(':resellertheme', $reseller['usertheme']);
$sql->bindParam(':resellercss', $reseller['usercss']);
$sql->execute();
// Now lets pull back the client ID so that we can add their personal address details etc...
//$client = $zdbh->query("SELECT * FROM x_accounts WHERE ac_reseller_fk=" . $uid . " ORDER BY ac_id_pk DESC")->Fetch();
$numrows = $zdbh->prepare("SELECT * FROM x_accounts WHERE ac_reseller_fk=:uid ORDER BY ac_id_pk DESC");
$numrows->bindParam(':uid', $uid);
$numrows->execute();
$client = $numrows->fetch();
$sql = $zdbh->prepare("INSERT INTO x_profiles (ud_user_fk, ud_fullname_vc, ud_group_fk, ud_package_fk, ud_address_tx, ud_postcode_vc, ud_phone_vc, ud_created_ts) VALUES (:userid, :fullname, :packageid, :groupid, :address, :postcode, :phone, :time)");
$sql->bindParam(':userid', $client['ac_id_pk']);
$sql->bindParam(':fullname', $fullname);
$sql->bindParam(':packageid', $packageid);
$sql->bindParam(':groupid', $groupid);
$sql->bindParam(':address', $address);
$sql->bindParam(':postcode', $post);
$sql->bindParam(':phone', $phone);
$time = time();
$sql->bindParam(':time', $time);
$sql->execute();
// Now we add an entry into the bandwidth table, for the user for the upcoming month.
$sql = $zdbh->prepare("INSERT INTO x_bandwidth (bd_acc_fk, bd_month_in, bd_transamount_bi, bd_diskamount_bi) VALUES (:ac_id_pk, :date, 0, 0)");
$date = date("Ym", time());
$sql->bindParam(':date', $date);
$sql->bindParam(':ac_id_pk', $client['ac_id_pk']);
$sql->execute();
// Lets create the client diectories
fs_director::CreateDirectory(ctrl_options::GetSystemOption('hosted_dir') . $username);
fs_director::SetFileSystemPermissions(ctrl_options::GetSystemOption('hosted_dir') . $username, 0777);
fs_director::CreateDirectory(ctrl_options::GetSystemOption('hosted_dir') . $username . "/public_html");
fs_director::SetFileSystemPermissions(ctrl_options::GetSystemOption('hosted_dir') . $username . "/public_html", 0777);
fs_director::CreateDirectory(ctrl_options::GetSystemOption('hosted_dir') . $username . "/backups");
fs_director::SetFileSystemPermissions(ctrl_options::GetSystemOption('hosted_dir') . $username . "/backups", 0777);
// Send the user account details via. email (if requested)...
if ($sendemail != 0) {
if (isset($_SERVER['HTTPS'])) {
$protocol = 'https://';
} else {
$protocol = 'http://';
}
$emailsubject = str_replace("{{username}}", $username, $emailsubject);
$emailsubject = str_replace("{{password}}", $password, $emailsubject);
$emailsubject = str_replace("{{fullname}}", $fullname, $emailsubject);
$emailbody = str_replace("{{username}}", $username, $emailbody);
$emailbody = str_replace("{{password}}", $password, $emailbody);
$emailbody = str_replace("{{fullname}}", $fullname, $emailbody);
$emailbody = str_replace('{{controlpanelurl}}', $protocol . ctrl_options::GetSystemOption('MADmin_domain'), $emailbody);
$phpmailer = new sys_email();
$phpmailer->Subject = $emailsubject;
$phpmailer->Body = $emailbody;
$phpmailer->AddAddress($email);
$phpmailer->SendEmail();
}
runtime_hook::Execute('OnAfterCreateClient');
self::$resetform = true;
self::$ok = true;
return true;
}
static function UpdatePassword($uid, $password)
{
global $zdbh;
$crypto = new runtime_hash();
$crypto->SetPassword($password);
$randomsalt = $crypto->RandomSalt();
$crypto->SetSalt($randomsalt);
$secure_password = $crypto->CryptParts($crypto->Crypt())->Hash;
$sql = $zdbh->prepare("UPDATE x_accounts SET ac_pass_vc=:secure_password, ac_passsalt_vc= :randomsalt WHERE ac_id_pk=:userid");
$sql->bindParam(':randomsalt', $randomsalt);
$sql->bindParam(':secure_password', $secure_password);
$sql->bindParam(':userid', $uid);
$sql->execute();
return true;
}
runtime_hook::Execute('OnFailedPasswordReset');
}
header("location: ./?passwordreset");
exit;
}
if (isset($_POST['inUsername'])) {
if (ctrl_options::GetSystemOption('login_csfr') == 'false') {
runtime_csfr::Protect();
}
$rememberdetails = isset($_POST['inRemember']);
$inSessionSecuirty = isset($_POST['inSessionSecuirty']);
$sql = $zdbh->prepare("SELECT ac_passsalt_vc FROM x_accounts WHERE ac_user_vc = :username AND ac_deleted_ts IS NULL");
$sql->bindParam(':username', $_POST['inUsername']);
$sql->execute();
$result = $sql->fetch();
$crypto = new runtime_hash();
$crypto->SetPassword($_POST['inPassword']);
$crypto->SetSalt($result['ac_passsalt_vc']);
$secure_password = $crypto->CryptParts($crypto->Crypt())->Hash;
if (!ctrl_auth::Authenticate($_POST['inUsername'], $secure_password, $rememberdetails, false, $inSessionSecuirty)) {
header("location: ./?invalidlogin");
exit;
}
}
if (isset($_COOKIE['zUser'])) {
if (isset($_COOKIE['zSec'])) {
if ($_COOKIE['zSec'] == false) {
$secure = false;
} else {
$secure = true;
}
static function ExecuteUpdateClient($clientid, $package, $enabled, $group, $fullname, $email, $address, $post, $phone, $newpass)
{
global $zdbh;
runtime_hook::Execute('OnBeforeUpdateClient');
//convert package to numerical id if needed
if (!is_numeric($package)) {
$package = self::getPackageIdFix($package);
}
if ($enabled == 0) {
runtime_hook::Execute('OnBeforeDisableClient');
}
if ($enabled == 1) {
runtime_hook::Execute('OnBeforeEnableClient');
}
if ($newpass != "") {
// Check for password length...
if (strlen($newpass) < ctrl_options::GetSystemOption('password_minlength')) {
self::$badpassword = true;
return false;
}
$crypto = new runtime_hash();
$crypto->SetPassword($newpass);
$randomsalt = $crypto->RandomSalt();
$crypto->SetSalt($randomsalt);
$secure_password = $crypto->CryptParts($crypto->Crypt())->Hash;
$sql = $zdbh->prepare("UPDATE x_accounts SET ac_pass_vc= :newpass, ac_passsalt_vc= :passsalt WHERE ac_id_pk= :clientid");
$sql->bindParam(':clientid', $clientid);
$sql->bindParam(':newpass', $secure_password);
$sql->bindParam(':passsalt', $randomsalt);
$sql->execute();
}
$sql = $zdbh->prepare("UPDATE x_accounts SET ac_email_vc= :email, ac_package_fk= :package, ac_enabled_in= :isenabled, ac_group_fk= :group WHERE ac_id_pk = :clientid");
$sql->bindParam(':email', $email);
$sql->bindParam(':package', $package);
$sql->bindParam(':isenabled', $enabled);
$sql->bindParam(':group', $group);
$sql->bindParam(':clientid', $clientid);
//$sql->bindParam(':accountid', $clientid);
$sql->execute();
$sql = $zdbh->prepare("UPDATE x_profiles SET ud_fullname_vc= :fullname, ud_group_fk= :group, ud_package_fk= :package, ud_address_tx= :address,ud_postcode_vc= :postcode, ud_phone_vc= :phone WHERE ud_user_fk=:accountid");
$sql->bindParam(':fullname', $fullname);
$sql->bindParam(':group', $group);
$sql->bindParam(':package', $package);
$sql->bindParam(':address', $address);
$sql->bindParam(':postcode', $post);
$sql->bindParam(':phone', $phone);
$sql->bindParam(':accountid', $clientid);
$sql->execute();
if ($enabled == 0) {
runtime_hook::Execute('OnAfterDisableClient');
}
if ($enabled == 1) {
runtime_hook::Execute('OnAfterEnableClient');
}
runtime_hook::Execute('OnAfterUpdateClient');
self::$ok = true;
return true;
}