Example #1
0
<?php

define('_MEXEC', 'OK');
require_once "../../system/load.php";
$action = $_REQUEST['action'];
switch ($action) {
    case "viewClients":
        viewClients();
        break;
    case "addClient":
        addClient();
        break;
    case "updateClient":
        updateClient();
        break;
    case "deleteClient":
        deleteClient();
    case "ExisUserName":
        ExisUserName();
        break;
    case "ExisEmail":
        ExisEmail();
        break;
    case "ExisEmailEdit":
        ExisEmailEdit();
        break;
    case "loginClient":
        loginClient();
        break;
    case "logout":
        logout();
Example #2
0
                $emaildomain = $emaildomain[1];
                if (!preg_match('/^([a-zA-Z0-9&\'.])+([\\.a-zA-Z0-9+_-])*@([a-zA-Z0-9_-])+(\\.[a-zA-Z0-9_-]+)*\\.([a-zA-Z]{2,6})$/', $email)) {
                    $errormessage .= "<li>" . $_LANG['clientareaerroremailinvalid'];
                    infoBox($aInt->lang("global", "validationerror"), $aInt->lang("clients", "invalidemail"), "error");
                } else {
                    $query = "subaccount=1 AND email='" . mysql_real_escape_string($email) . "'";
                    $result = select_query("tblcontacts", "COUNT(*)", $query);
                    $data = mysql_fetch_array($result);
                    if ($data[0]) {
                        infoBox($aInt->lang("clients", "duplicateemail"), $aInt->lang("clients", "duplicateemailexp"), "error");
                    }
                }
            }
            if (!$infobox) {
                $_SESSION['currency'] = $currency;
                $userid = addClient($firstname, $lastname, $companyname, $email, $address1, $address2, $city, $state, $postcode, $country, $phonenumber, $password, $securityqid, $securityqans, $sendemail, array("notes" => $notes, "status" => $status, "credit" => $credit, "taxexempt" => $taxexempt, "latefeeoveride" => $latefeeoveride, "overideduenotices" => $overideduenotices, "language" => $language, "billingcid" => $billingcid, "lastlogin" => "00000000000000", "groupid" => $groupid, "separateinvoices" => $separateinvoices, "disableautocc" => $disableautocc, "defaultgateway" => $paymentmethod));
                unset($_SESSION['uid']);
                unset($_SESSION['upw']);
                redir("userid=" . $userid, "clientssummary.php");
            }
        }
    }
}
releaseSession();
ob_start();
$questions = getSecurityQuestions("");
echo $infobox;
echo "\n<form method=\"post\" action=\"";
echo $PHP_SELF;
echo "?action=add\">\n\n<table class=\"form\" width=\"100%\" border=\"0\" cellspacing=\"2\" cellpadding=\"3\">\n<tr><td width=\"15%\" class=\"fieldlabel\">";
echo $aInt->lang("fields", "firstname");
Example #3
0
function convertQuotetoInvoice($id, $invoicetype, $invoiceduedate, $depositpercent, $depositduedate, $finalduedate, $sendemail)
{
    global $CONFIG;
    global $_LANG;
    $result = select_query("tblquotes", "", array("id" => $id));
    $data = mysql_fetch_array($result);
    $userid = $data['userid'];
    $firstname = $data['firstname'];
    $lastname = $data['lastname'];
    $companyname = $data['companyname'];
    $email = $data['email'];
    $address1 = $data['address1'];
    $address2 = $data['address2'];
    $city = $data['city'];
    $state = $data['state'];
    $postcode = $data['postcode'];
    $country = $data['country'];
    $phonenumber = $data['phonenumber'];
    $currency = $data['currency'];
    if ($userid) {
        getUsersLang($userid);
        $clientsdetails = getClientsDetails($userid);
        $state = $clientsdetails['state'];
        $country = $clientsdetails['country'];
    } else {
        if (!function_exists("addClient")) {
            require ROOTDIR . "/clientfunctions.php";
        }
        $_SESSION['currency'] = $currency;
        $userid = addClient($firstname, $lastname, $companyname, $email, $address1, $address2, $city, $state, $postcode, $country, $phonenumber, substr(md5($id), 0, 10), 0, "", "on");
    }
    if ($CONFIG['TaxEnabled'] == "on") {
        $taxlevel1 = getTaxRate(1, $state, $country);
        $taxlevel2 = getTaxRate(2, $state, $country);
        $taxrate = $taxlevel1['rate'];
        $taxrate2 = $taxlevel2['rate'];
    }
    $subtotal = $data['subtotal'];
    $tax1 = $data['tax1'];
    $tax2 = $data['tax2'];
    $total = $data['total'];
    $result = select_query("tblpaymentgateways", "gateway", array("setting" => "name"), "order", "ASC");
    $data = mysql_fetch_array($result);
    $gateway = $data['gateway'];
    $duedate = $finaldate = "";
    if ($invoicetype == "deposit") {
        if ($depositduedate) {
            $duedate = toMySQLDate($depositduedate);
        }
        $finaldate = $finalduedate ? toMySQLDate($finalduedate) : date("Y-m-d");
    } else {
        if ($invoiceduedate) {
            $duedate = toMySQLDate($invoiceduedate);
        }
    }
    if (!$duedate) {
        $duedate = date("Y-m-d");
    }
    $invoiceid = insert_query("tblinvoices", array("date" => "now()", "duedate" => $duedate, "userid" => $userid, "status" => "Unpaid", "paymentmethod" => $gateway, "taxrate" => $taxrate, "taxrate2" => $taxrate2, "subtotal" => $subtotal, "tax" => $tax1, "tax2" => $tax2, "total" => $total, "notes" => $_LANG['quoteref'] . $id));
    if ($finaldate) {
        $finalinvoiceid = insert_query("tblinvoices", array("date" => "now()", "duedate" => $finaldate, "userid" => $userid, "status" => "Unpaid", "paymentmethod" => $gateway, "taxrate" => $taxrate, "taxrate2" => $taxrate2, "subtotal" => $subtotal, "tax" => $tax1, "tax2" => $tax2, "total" => $total, "notes" => $_LANG['quoteref'] . $id));
    }
    $result = select_query("tblquoteitems", "", array("quoteid" => $id), "id", "ASC");
    while ($data = mysql_fetch_array($result)) {
        $line_id = $data['id'];
        $line_desc = $data['description'];
        $line_qty = $data['quantity'];
        $line_unitprice = $data['unitprice'];
        $line_discount = $data['discount'];
        $line_taxable = $data['taxable'];
        $line_total = format_as_currency($line_qty * $line_unitprice * (1 - $line_discount / 100));
        $lineitemdesc = "" . $line_qty . " x " . $line_desc . " @ " . $line_unitprice;
        if (0 < $line_discount) {
            $lineitemdesc .= " - " . $line_discount . "% " . $_LANG['orderdiscount'];
        }
        if ($finalinvoiceid) {
            $originalamount = $line_total;
            $line_total = $originalamount * ($depositpercent / 100);
            $final_amount = $originalamount - $line_total;
            insert_query("tblinvoiceitems", array("invoiceid" => $finalinvoiceid, "userid" => $userid, "description" => $lineitemdesc . " (" . (100 - $depositpercent) . "% " . $_LANG['quotefinalpayment'] . ")", "amount" => $final_amount, "taxed" => $line_taxable));
            $lineitemdesc .= " (" . $depositpercent . "% " . $_LANG['quotedeposit'] . ")";
        }
        insert_query("tblinvoiceitems", array("invoiceid" => $invoiceid, "userid" => $userid, "description" => $lineitemdesc, "amount" => $line_total, "taxed" => $line_taxable));
    }
    if (!function_exists("updateInvoiceTotal")) {
        require ROOTDIR . "/includes/invoicefunctions.php";
    }
    updateInvoiceTotal($invoiceid);
    if ($finalinvoiceid) {
        updateInvoiceTotal($finalinvoiceid);
    }
    run_hook("InvoiceCreationPreEmail", array("invoiceid" => $invoiceid));
    if ($finalinvoiceid) {
        run_hook("InvoiceCreationPreEmail", array("invoiceid" => $finalinvoiceid));
    }
    if ($sendemail) {
        sendMessage("Invoice Created", $invoiceid);
        if ($finalinvoiceid) {
            sendMessage("Invoice Created", $finalinvoiceid);
        }
    }
    run_hook("InvoiceCreated", array("invoiceid" => $invoiceid));
    if ($finalinvoiceid) {
        run_hook("InvoiceCreated", array("invoiceid" => $finalinvoiceid));
    }
    if (1 < $CONFIG['InvoiceIncrement']) {
        $invoiceincrement = $CONFIG['InvoiceIncrement'] - 1;
        $counter = 1;
        while ($counter <= $invoiceincrement) {
            $tempinvoiceid = insert_query("tblinvoices", array("date" => "now()"));
            delete_query("tblinvoices", array("id" => $tempinvoiceid));
            $counter += 1;
        }
    }
    update_query("tblquotes", array("userid" => $userid, "stage" => "Accepted"), array("id" => $id));
    return $invoiceid;
}
Example #4
0
<?php

// Juju Login and Registration Scripts
// by D. Brad Talton Jr.
// (c) 2010 by PathosEthos LLC
// gets and sets details for the client list
$username = $_REQUEST['email'];
// this is the unique key that defines a client
$password = $_REQUEST['pass'];
// in the database, this is hashed with sha1
$pathToClientList = "./ClientList.csv";
// ACTUAL SCRIPT EXECUTION
loadData();
if ($_REQUEST['action'] == "register") {
    // attempt a registration
    $success = addClient($username, $password, $_REQUEST['first'], $_REQUEST['last'], $_REQUEST['company']);
    if ($success == TRUE) {
        echo "<xml result='0' ></xml>";
        // client's new login level
        writeData();
        // save to disk
    }
    echo "<xml result='-1'></xml>";
    // failed to register
} else {
    echo "<xml result='" . checkLogin($username, $password) . "' ></xml>";
}
/*	
 * 	JUJU API
 *	
 *	loadData() - Opens the CSV and reads out all data
Example #5
0
    $remote_ip = $clientip;
}
$errormessage = checkDetailsareValid();
if ($errormessage && !$skipvalidation) {
    $errormessage = explode("<li>", $errormessage);
    $error = $errormessage[1];
    $apiresults = array("result" => "error", "message" => $error);
    return 1;
}
$_SESSION['currency'] = $currency;
$sendemail = $noemail ? false : true;
$langatstart = $_SESSION['Language'];
if ($language) {
    $_SESSION['Language'] = $language;
}
addClient($firstname, $lastname, $companyname, $email, $address1, $address2, $city, $state, $postcode, $country, $phonenumber, $password2, $securityqid, $securityqans, $sendemail);
if ($_POST['cctype']) {
    if (!function_exists("updateCCDetails")) {
        require ROOTDIR . "/includes/ccfunctions.php";
    }
    updateCCDetails($_SESSION['uid'], $_POST['cctype'], $_POST['cardnum'], $_POST['expdate'], $_POST['startdate'], $_POST['issuenumber']);
}
$updateqry = array();
if ($groupid) {
    $updateqry['groupid'] = $groupid;
}
if ($notes) {
    $updateqry['notes'] = $notes;
}
if (count($updateqry)) {
    update_query("tblclients", $updateqry, array("id" => $_SESSION['uid']));
Example #6
0
function validateClientLogin($username, $password, $twofadone = false)
{
    global $CONFIG;
    global $whmcs;
    if ($username && ($password || $_SESSION['adminid'] || $twofadone)) {
    } else {
        return false;
    }
    if (isset($_SESSION['uid'])) {
        unset($_SESSION['uid']);
    }
    if (isset($_SESSION['cid'])) {
        unset($_SESSION['cid']);
    }
    if (isset($_SESSION['upw'])) {
        unset($_SESSION['upw']);
    }
    $login_uid = $login_cid = $login_pwd = $loginsharematch = "";
    $where = array();
    $where['email'] = $username;
    if (!$_SESSION['adminid']) {
        $where['status'] = array("sqltype" => "NEQ", "value" => "Closed");
    }
    $result = select_query("tblclients", "", $where);
    $data = mysql_fetch_array($result);
    $login_uid = $data['id'];
    $login_pwd = $data['password'];
    $language = $data['language'];
    $authmodule = $data['authmodule'];
    if (!$login_uid) {
        $result = select_query("tblcontacts", "", array("email" => $username, "subaccount" => "1", "password" => array("sqltype" => "NEQ", "value" => "")));
        $data = mysql_fetch_array($result);
        $login_cid = $data['id'];
        $login_uid = $data['userid'];
        $login_pwd = $data['password'];
        $result = select_query("tblclients", "id,language", array("id" => $login_uid, "status" => array("sqltype" => "NEQ", "value" => "Closed")));
        $data = mysql_fetch_array($result);
        $login_uid = $data['id'];
        $language = $data['language'];
    }
    if (!$login_uid) {
        $hookresults = run_hook("ClientLoginShare", array("username" => $username, "password" => $password));
        foreach ($hookresults as $hookres) {
            if ($hookres) {
                $hookid = $hookres['id'];
                $hookemail = $hookres['email'];
                if ($hookid) {
                    $result = select_query("tblclients", "", array("id" => $hookid));
                } else {
                    $result = select_query("tblclients", "", array("email" => $hookemail));
                }
                $data = mysql_fetch_array($result);
                $login_uid = $data['id'];
                if ($login_uid) {
                    $loginsharematch = true;
                    $login_pwd = $data['password'];
                    $language = $data['language'];
                    continue;
                }
                if ($hookres['create']) {
                    addClient($hookres['firstname'], $hookres['lastname'], $hookres['companyname'], $hookres['email'], $hookres['address1'], $hookres['address2'], $hookres['city'], $hookres['state'], $hookres['postcode'], $hookres['country'], $hookres['phonenumber'], $hookres['password'], "", "", false);
                    return true;
                }
                continue;
            }
        }
    }
    if ($login_uid) {
        if ($CONFIG['NOMD5']) {
            $check_pwd = decrypt($login_pwd);
        } else {
            $salt = explode(":", $login_pwd);
            $salt = $salt[1];
            $password = generateClientPW($password, $salt);
            $check_pwd = $login_pwd;
        }
        $adminallowedclientlogin = false;
        if (isset($_SESSION['adminid'])) {
            $adminroleid = get_query_val("tbladmins", "roleid", array("id" => $_SESSION['adminid']));
            $adminallowedclientlogin = get_query_val("tbladminperms", "permid", array("roleid" => $adminroleid, "permid" => "120"));
        }
        if ($password === $check_pwd || isset($_SESSION['adminid']) && $adminallowedclientlogin || $loginsharematch || $twofadone) {
            $twofa = new WHMCS_2FA();
            if ($twofa->isActiveClients() && $authmodule && !$twofadone && !isset($_SESSION['adminid'])) {
                $_SESSION['2faverifyc'] = true;
                $_SESSION['2faclientid'] = $login_uid;
                $_SESSION['2farememberme'] = $whmcs->get_req_var("rememberme");
                return false;
            }
            if (!isset($_SESSION['adminid'])) {
                $fullhost = gethostbyaddr($whmcs->get_user_ip());
                update_query("tblclients", array("lastlogin" => "now()", "ip" => $whmcs->get_user_ip(), "host" => $fullhost), array("id" => $login_uid));
            }
            $_SESSION['uid'] = $login_uid;
            if ($login_cid) {
                $_SESSION['cid'] = $login_cid;
            }
            $haship = $CONFIG['DisableSessionIPCheck'] ? "" : $whmcs->get_user_ip();
            $_SESSION['upw'] = sha1($login_uid . $login_cid . $login_pwd . $haship . substr(sha1($whmcs->get_hash()), 0, 20));
            if (!isset($_SESSION['adminid'])) {
                set_token(genRandomVal());
            }
            if ($language && !isset($_SESSION['adminid'])) {
                $_SESSION['Language'] = $language;
            }
            run_hook("ClientLogin", array("userid" => $login_uid));
            return true;
        }
    }
    if ($login_uid) {
        logActivity("Failed Login Attempt - User ID: " . $login_uid, $login_uid);
    }
    return false;
}