function dtcListItemsEdit($dsc) { global $adm_pass; $out = "<h3>" . $dsc["title"] . "</u></b></h3>"; // Calculate the forwards parameters for links and forms $nbr_forwards = sizeof($dsc["forward"]); $keys_fw = array_keys($dsc["forward"]); $fw = ""; $fw_link = $_SERVER["PHP_SELF"] . "?"; for ($i = 0; $i < $nbr_forwards; $i++) { if ($dsc["forward"][$i] == "adm_pass") { $fw .= "<input type=\"hidden\" name=\"" . $dsc["forward"][$i] . "\" value=\"" . $adm_pass . "\">"; } else { $fw .= "<input type=\"hidden\" name=\"" . $dsc["forward"][$i] . "\" value=\"" . $_REQUEST[$dsc["forward"][$i]] . "\">"; } if ($i != 0) { $fw_link .= "&"; } if ($dsc["forward"][$i] == "adm_pass") { $fw_link .= $dsc["forward"][$i] . "={$adm_pass}"; } else { $fw_link .= $dsc["forward"][$i] . "=" . $_REQUEST[$dsc["forward"][$i]]; } } // Condition to add to each queries $where = "WHERE 1"; if (isset($dsc["order_by"])) { $order_by = " ORDER BY " . $dsc["order_by"]; } else { $order_by = ""; } $added_insert_names = ""; $added_insert_values = ""; if (isset($dsc["where_list"])) { $nbr_where = sizeof($dsc["where_list"]); $where_keys = array_keys($dsc["where_list"]); for ($i = 0; $i < $nbr_where; $i++) { if ($i != 0) { $added_insert_names .= ","; $added_insert_values .= ","; } $added_insert_names .= $where_keys[$i]; $added_insert_values .= "'" . $dsc["where_list"][$where_keys[$i]] . "'"; $where .= " AND " . $where_keys[$i] . "='" . $dsc["where_list"][$where_keys[$i]] . "'"; } // As there will be other fields, we need that one $added_insert_names .= ","; $added_insert_values .= ","; } // Number of fields that we are about to manage here and theire names $nbr_fld = sizeof($dsc["cols"]); $keys = array_keys($dsc["cols"]); // We need the current number of items now to check against the max number for addition $q = "SELECT " . $dsc["id_fld"] . "," . $dsc["list_fld_show"] . " FROM " . $dsc["table_name"] . " {$where};"; $r_item_list = mysql_query($q) or die("Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error()); $current_num_items = mysql_num_rows($r_item_list); // SQL submit stuffs if (isset($_REQUEST["action"]) && $_REQUEST["action"] == $dsc["action"] . "_new_item") { // Todo: do the fields checkings $commit_flag = "yes"; $commit_err = ""; for ($i = 0; $i < $nbr_fld; $i++) { switch ($dsc["cols"][$keys[$i]]["type"]) { case "popup": case "radio": $nbr_choices = sizeof($dsc["cols"][$keys[$i]]["values"]); $is_one_of_them = "no"; for ($j = 0; $j < $nbr_choices; $j++) { if ($dsc["cols"][$keys[$i]]["values"][$j] == $_REQUEST[$keys[$i]]) { $is_one_of_them = "yes"; } } if ($is_one_of_them == "no") { $commit_flag = "no"; $commit_err = "the variable " . $keys[$i] . " is not one of the allowed values<br>"; } break; default: break; } if (isset($dsc["cols"][$keys[$i]]["check"])) { switch ($dsc["cols"][$keys[$i]]["check"]) { case "subdomain": if (!checkSubdomainFormat($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a subdomain<br>"; } } break; case "subdomain_or_ip": if (!checkSubdomainFormat($_REQUEST[$keys[$i]]) && !isIP($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a subdomain or IP addresse<br>"; } } break; case "ip6": if (!isIP6($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { if (!isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) || $dsc["cols"][$keys[$i]]["empty_makes_default"] != "yes" || $_REQUEST[$keys[$i]] != "default") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not an IPv6 address<br>"; } } } break; case "ip_addr": if (!isIP($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not an IP address<br>"; } } break; case "domain_or_ip": if (!isIP($_REQUEST[$keys[$i]]) && !isHostname($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a domain or IP addresse<br>"; } } break; case "dtc_login": if (!isFtpLogin($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct login format.<br>"; } } break; case "dtc_login_or_email": if (!isFtpLogin($_REQUEST[$keys[$i]]) && !isValidEmail($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct login format.<br>"; } } break; case "mail_alias_group": $mail_alias_group_raw = trim($_REQUEST[$keys[$i]], "\r\n"); $mail_alias_nocr = str_replace("\r", "", $mail_alias_group_raw); $mail_alias_array = split("\n", $mail_alias_nocr); for ($x = 0; $x < count($mail_alias_array); $x++) { if (!isValidEmail($mail_alias_array[$x])) { $commit_flag = "no"; $commit_err .= $mail_alias_array[$x] . ": not a valid email format.<br>"; } } break; case "dtc_pass": if (!isDTCPassword($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct password format<br>"; } } break; case "email": if (!isValidEmail($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct email format<br>"; } } break; case "number": if (!isRandomNum($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct number format<br>"; } } break; case "max_value_2096": if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { if (!isRandomNum($_REQUEST[$keys[$i]])) { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct number format<br>"; } if ($_REQUEST[$keys[$i]] >= 2096) { $commit_flag = "no"; $commit_err .= $keys[$i] . ": is greater or equal than the max value 2096<br>"; } } break; default: $commit_flag = "no"; $commit_err .= $keys[$i] . ": unknown field checking type (" . $dsc["cols"][$keys[$i]]["check"] . ").<br>"; break; } } } if (isset($dsc["max_item"]) && $current_num_items >= $dsc["max_item"]) { $commit_flag = "no"; $commit_err = "Max number of items reached!"; } if (isset($dsc["check_unique"])) { $nbr_unique_check = sizeof($dsc["check_unique"]); $where_clause = ""; for ($i = 0; $i < $nbr_unique_check; $i++) { if ($i != 0) { $where_clause .= " AND "; } if (isset($dsc["cols"][$dsc["check_unique"][$i]]["happen_domain"])) { $where_clause .= $dsc["check_unique"][$i] . "='" . $_REQUEST[$dsc["check_unique"][$i]] . $dsc["cols"][$dsc["check_unique"][$i]]["happen_domain"] . "' "; } else { $where_clause .= $dsc["check_unique"][$i] . "='" . $_REQUEST[$dsc["check_unique"][$i]] . "' "; } } if (!isset($dsc["check_unique_use_where_list"]) || $dsc["check_unique_use_where_list"] == "yes") { $nbr_where_list_fld = sizeof($dsc["where_list"]); $where_list_keys_fld = array_keys($dsc["where_list"]); for ($i = 0; $i < $nbr_where_list_fld; $i++) { $where_clause .= " AND " . $where_list_keys_fld[$i] . "='" . $dsc["where_list"][$where_list_keys_fld[$i]] . "'"; } } $q = "SELECT * FROM " . $dsc["table_name"] . " WHERE {$where_clause} "; $r = mysql_query($q) or die("Cannot query \"{$q}\" line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n > 0) { $commit_flag = "no"; $commit_err = $dsc["check_unique_msg"]; } } // Build the request $fld_names = ""; $values = ""; $added_one = "no"; for ($i = 0; $i < $nbr_fld; $i++) { switch ($dsc["cols"][$keys[$i]]["type"]) { case "password": if ($added_one == "yes") { $fld_names .= ","; $values .= ","; } $fld_names .= $keys[$i]; if (isset($dsc["cols"][$keys[$i]]["empty_makes_sql_null"]) && $dsc["cols"][$keys[$i]]["empty_makes_sql_null"] == "yes" && $_REQUEST[$keys[$i]] == "") { $values .= "NULL"; } else { if (isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) && $dsc["cols"][$keys[$i]]["empty_makes_default"] == "yes" && $_REQUEST[$keys[$i]] == "") { $values .= "'default'"; } else { if (isset($dsc["cols"][$keys[$i]]["happen_domain"])) { $values .= "'" . addslashes($_REQUEST[$keys[$i]]) . $dsc["cols"][$keys[$i]]["happen_domain"] . "'"; } else { $values .= "'" . addslashes($_REQUEST[$keys[$i]]) . "'"; } // if the crypt field is set, then we use this as the SQL field to populate the crypted password into if (isset($dsc["cols"][$keys[$i]]["cryptfield"])) { if ($added_one == "yes") { $fld_names .= ","; $values .= ","; } $fld_names .= $dsc["cols"][$keys[$i]]["cryptfield"]; $values .= "'" . crypt($_REQUEST[$keys[$i]], dtc_makesalt()) . "'"; } } } $added_one = "yes"; break; case "text": case "textarea": if ($added_one == "yes") { $fld_names .= ","; $values .= ","; } $fld_names .= $keys[$i]; if (isset($dsc["cols"][$keys[$i]]["empty_makes_sql_null"]) && $dsc["cols"][$keys[$i]]["empty_makes_sql_null"] == "yes" && $_REQUEST[$keys[$i]] == "") { $values .= "NULL"; } else { if (isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) && $dsc["cols"][$keys[$i]]["empty_makes_default"] == "yes" && $_REQUEST[$keys[$i]] == "") { $values .= "'default'"; } else { if (isset($dsc["cols"][$keys[$i]]["happen_domain"])) { $values .= "'" . addslashes($_REQUEST[$keys[$i]]) . $dsc["cols"][$keys[$i]]["happen_domain"] . "'"; } else { $values .= "'" . addslashes($_REQUEST[$keys[$i]]) . "'"; } } } $added_one = "yes"; break; case "checkbox": if ($added_one == "yes") { $fld_names .= ","; $values .= ","; } $added_one = "yes"; $fld_names .= $keys[$i]; if (isset($_REQUEST[$keys[$i]])) { $values .= "'" . $dsc["cols"][$keys[$i]]["values"][0] . "'"; } else { $values .= "'" . $dsc["cols"][$keys[$i]]["values"][1] . "'"; } break; case "popup": case "radio": if ($added_one == "yes") { $fld_names .= ","; $values .= ","; } $fld_names .= $keys[$i]; $values .= "'" . addslashes($_REQUEST[$keys[$i]]) . "'"; $added_one = "yes"; break; } } if ($commit_flag == "yes") { $q = "INSERT INTO " . $dsc["table_name"] . " ({$added_insert_names} {$fld_names}) VALUES ({$added_insert_values} {$values});"; $success = "yes"; $r = mysql_query($q) or $success = "no"; if ($success == "yes") { $insert_id = mysql_insert_id(); if (isset($dsc["create_item_callback"])) { $out .= $dsc["create_item_callback"]($insert_id); } } else { $out .= "<font color=\"red\">Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error() . "</font>"; } } else { $out .= "<font color=\"red\">Could not commit the changes because of an error in field format: <br>{$commit_err}</font><br>"; } } else { if (isset($_REQUEST["action"]) && $_REQUEST["action"] == $dsc["action"] . "_save_item") { // Todo: do the fields checkings $commit_flag = "yes"; $commit_err = ""; for ($i = 0; $i < $nbr_fld; $i++) { switch ($dsc["cols"][$keys[$i]]["type"]) { case "checkbox": break; case "popup": case "radio": case "checkbox": $nbr_choices = sizeof($dsc["cols"][$keys[$i]]["values"]); $is_one_of_them = "no"; for ($j = 0; $j < $nbr_choices; $j++) { if ($dsc["cols"][$keys[$i]]["values"][$j] == $_REQUEST[$keys[$i]]) { $is_one_of_them = "yes"; } } if ($is_one_of_them == "no") { $commit_flag = "no"; $commit_err = "the variable " . $keys[$i] . " is not one of the allowed values<br>"; } break; default: break; } if (isset($dsc["cols"][$keys[$i]]["check"]) && (!isset($dsc["cols"][$keys[$i]]["disable_edit"]) || $dsc["cols"][$keys[$i]]["disable_edit"] != "yes")) { switch ($dsc["cols"][$keys[$i]]["check"]) { case "subdomain": if (!checkSubdomainFormat($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a subdomain<br>"; } } break; case "subdomain_or_ip": if (!checkSubdomainFormat($_REQUEST[$keys[$i]]) && !isIP($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a subdomain or IP addresse<br>"; } } break; case "ip6": if (!isIP6($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { if (!isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) || $dsc["cols"][$keys[$i]]["empty_makes_default"] != "yes" || $_REQUEST[$keys[$i]] != "default") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not an IPv6 address<br>"; } } } break; case "ip_addr": if (!isIP($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not an IP address<br>"; } } break; case "domain_or_ip": if (!isIP($_REQUEST[$keys[$i]]) && !isHostname($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a domain or IP addresse<br>"; } } break; case "dtc_login": if (!isFtpLogin($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct login format.<br>"; } } break; case "dtc_login_or_email": if (!isFtpLogin($_REQUEST[$keys[$i]]) && !isValidEmail($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct login format.<br>"; } } break; case "mail_alias_group": $mail_alias_group_raw = trim($_REQUEST[$keys[$i]], "\r\n"); $mail_alias_nocr = str_replace("\r", "", $mail_alias_group_raw); $mail_alias_array = split("\n", $mail_alias_nocr); for ($x = 0; $x < count($mail_alias_array); $x++) { if (!isValidEmail($mail_alias_array[$x])) { $commit_flag = "no"; $commit_err .= $mail_alias_array[$x] . ": not a valid email format.<br>"; } } break; case "dtc_pass": if (!isDTCPassword($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct password format<br>"; } } break; case "email": if (!isValidEmail($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct email format<br>"; } } break; case "number": if (!isRandomNum($_REQUEST[$keys[$i]])) { if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct number format<br>"; } } break; case "max_value_2096": if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") { if (!isRandomNum($_REQUEST[$keys[$i]])) { $commit_flag = "no"; $commit_err .= $keys[$i] . ": not a correct number format<br>"; } if ($_REQUEST[$keys[$i]] >= 2096) { $commit_flag = "no"; $commit_err .= $keys[$i] . ": is greater or equal than the max value 2096<br>"; } } break; default: $commit_flag = "no"; $commit_err .= $keys[$i] . ": unknown field checking type (" . $dsc["cols"][$keys[$i]]["check"] . ").<br>"; break; } } } // Build the request $added_one = "no"; $reqs = ""; for ($i = 0; $i < $nbr_fld; $i++) { switch ($dsc["cols"][$keys[$i]]["type"]) { case "id": $id_fldname = $keys[$i]; $id_fld_value = addslashes($_REQUEST[$keys[$i]]); break; case "readonly": break; case "text": case "textarea": case "password": if (!isset($dsc["cols"][$keys[$i]]["disable_edit"]) || $dsc["cols"][$keys[$i]]["disable_edit"] != "yes") { if ($added_one == "yes") { $reqs .= ","; } if (isset($dsc["cols"][$keys[$i]]["happen_domain"])) { $happen = $dsc["cols"][$keys[$i]]["happen_domain"]; } else { $happen = ""; } if (isset($dsc["cols"][$keys[$i]]["empty_makes_sql_null"]) && $dsc["cols"][$keys[$i]]["empty_makes_sql_null"] == "yes" && $_REQUEST[$keys[$i]] == "") { $reqs .= $keys[$i] . "=NULL"; } else { if (isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) && $dsc["cols"][$keys[$i]]["empty_makes_default"] == "yes" && $_REQUEST[$keys[$i]] == "") { $reqs .= $keys[$i] . "='default'"; } else { $reqs .= $keys[$i] . "='" . addslashes($_REQUEST[$keys[$i]]) . $happen . "'"; // if the crypt field is set, then we use this as the SQL field to populate the crypted password into if (isset($dsc["cols"][$keys[$i]]["cryptfield"])) { if ($added_one == "yes") { $reqs .= ", "; } $reqs .= " " . $dsc["cols"][$keys[$i]]["cryptfield"] . "='" . crypt($_REQUEST[$keys[$i]], dtc_makesalt()) . "' "; } } } $added_one = "yes"; } break; case "popup": case "radio": if ($added_one == "yes") { $reqs .= ","; } $reqs .= $keys[$i] . "='" . addslashes($_REQUEST[$keys[$i]]) . "'"; $added_one = "yes"; break; case "checkbox": if ($added_one == "yes") { $reqs .= ","; } if (isset($_REQUEST[$keys[$i]])) { $reqs .= $keys[$i] . "='" . $dsc["cols"][$keys[$i]]["values"][0] . "'"; } else { $reqs .= $keys[$i] . "='" . $dsc["cols"][$keys[$i]]["values"][1] . "'"; } break; default: die($dsc["cols"][$keys[$i]]["type"] . ": Not implemented yet line " . __LINE__ . " file " . __FILE__); break; } } if ($commit_flag != "yes") { $out .= "<font color=\"red\">Could not commit the changes because of an error in field format: [todo: error desc]<br>{$commit_err}</font>"; } else { if (!isset($id_fldname) || !isset($id_fld_value)) { $out .= "<font color=\"red\">Could not commit the changes because the id is not set!</font>"; } else { $q = "UPDATE " . $dsc["table_name"] . " SET {$reqs} {$where} AND {$id_fldname}='{$id_fld_value}';"; $r = mysql_query($q) or $out .= "<font color=\"red\">Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error() . "</font>"; if (isset($dsc["edit_item_callback"])) { $dsc["edit_item_callback"]($id_fld_value); } } } } else { if (isset($_REQUEST["action"]) && $_REQUEST["action"] == $dsc["action"] . "_delete_item") { for ($i = 0; $i < $nbr_fld; $i++) { if ($dsc["cols"][$keys[$i]]["type"] == "id") { $id_fldname = $keys[$i]; $id_fld_value = addslashes($_REQUEST[$keys[$i]]); } } if (isset($id_fldname) && isset($id_fld_value)) { if (isset($dsc["delete_item_callback"])) { $dsc["delete_item_callback"]($id_fld_value); } $q = "DELETE FROM " . $dsc["table_name"] . " {$where} AND {$id_fldname}='" . $id_fld_value . "';"; $r = mysql_query($q) or $out .= "<font color=\"red\">Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error() . "</font>"; } else { $out .= "<font color=\"red\">Could not commit the deletion because the id field could not be found.</font>"; } } } } // We have to query it again, in case an insert or a delete has occured! $q = "SELECT " . $dsc["id_fld"] . "," . $dsc["list_fld_show"] . " FROM " . $dsc["table_name"] . " {$where} {$order_by};"; $r_item_list = mysql_query($q) or die("Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error()); $current_num_items = mysql_num_rows($r_item_list); if (isset($dsc["max_item"])) { if ($current_num_items >= $dsc["max_item"]) { $out .= "<font color=\"red\">"; } $out .= $dsc["num_item_txt"] . $current_num_items . "/" . $dsc["max_item"]; if ($current_num_items >= $dsc["max_item"]) { $out .= "</font>"; } $out .= "<br><br>"; } // First display a list of items for ($i = 0; $i < $current_num_items; $i++) { $a = mysql_fetch_array($r_item_list); if ($i != 0) { $out .= " - "; } if (isset($_REQUEST["subaction"]) && $_REQUEST["subaction"] == $dsc["action"] . "_edit_item" && $_REQUEST["item"] == $a[$dsc["id_fld"]]) { $out .= $a[$dsc["list_fld_show"]]; } else { $out .= "<a href=\"{$fw_link}&subaction=" . $dsc["action"] . "_edit_item&item=" . $a[$dsc["id_fld"]] . "\">" . $a[$dsc["list_fld_show"]] . "</a>"; } } $out .= "<br><br>"; // Creation of new items if (!isset($_REQUEST["subaction"]) || $_REQUEST["subaction"] != $dsc["action"] . "_edit_item") { $out .= $dsc["new_item_link"] . "<br><br>"; $out .= "<h3>" . $dsc["new_item_title"] . "</h3><br>"; if (isset($dsc["max_item"]) && $current_num_items >= $dsc["max_item"]) { $out .= "<font color=\"red\">" . _("Maximum number reached") . "!</font><br>"; } else { $out .= "<form name=\"" . $dsc["action"] . "_new_item_frm\" action=\"" . $_SERVER["PHP_SELF"] . "\">{$fw}\n\t\t\t\t<input type=\"hidden\" name=\"action\" value=\"" . $dsc["action"] . "_new_item\">" . dtcFormTableAttrs(); for ($i = 0; $i < $nbr_fld; $i++) { if (isset($dsc["cols"][$keys[$i]]["help"])) { $help = $dsc["cols"][$keys[$i]]["help"]; } else { $help = ""; } switch ($dsc["cols"][$keys[$i]]["type"]) { case "id": $out .= "<input type=\"hidden\" name=\"" . $keys[$i] . "\" value=\"\">"; break; case "password": $genpass = autoGeneratePassButton($dsc["action"] . "_new_item_frm", $keys[$i]); $ctrl = "<input type=\"password\" name=\"" . $keys[$i] . "\" value=\"\">{$genpass}"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; case "text": case "readonly": if (isset($dsc["cols"][$keys[$i]]["hide_create"]) && $dsc["cols"][$keys[$i]]["hide_create"] == "yes") { break; } if (isset($dsc["cols"][$keys[$i]]["happen_domain"])) { $happen = $dsc["cols"][$keys[$i]]["happen_domain"]; } else { $happen = ""; } if (isset($dsc["cols"][$keys[$i]]["happen"])) { $happen .= $dsc["cols"][$keys[$i]]["happen"]; } if (isset($dsc["cols"][$keys[$i]]["default"])) { $ctrl_value = $dsc["cols"][$keys[$i]]["default"]; } else { $ctrl_value = ""; } if ($dsc["cols"][$keys[$i]]["type"] == "readonly") { $ctrl = "<input type=\"text\" name=\"" . $keys[$i] . "\" value=\"{$ctrl_value}\" READONLY>{$happen}"; } else { $ctrl = "<input type=\"text\" name=\"" . $keys[$i] . "\" value=\"{$ctrl_value}\">{$happen}"; } $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; case "textarea": if (isset($dsc["cols"][$keys[$i]]["cols"])) { $ctrl_cols = " cols=\"" . $dsc["cols"][$keys[$i]]["cols"] . "\" "; } else { $ctrl_cols = ""; } if (isset($dsc["cols"][$keys[$i]]["rows"])) { $ctrl_rows = " rows=\"" . $dsc["cols"][$keys[$i]]["rows"] . "\" "; } else { $ctrl_rows = ""; } $ctrl = "<textarea {$ctrl_cols} {$ctrl_rows} name=\"" . $keys[$i] . "\"></textarea>"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; case "radio": $nbr_choices = sizeof($dsc["cols"][$keys[$i]]["values"]); $ctrl = ""; for ($x = 0; $x < $nbr_choices; $x++) { if (isset($dsc["cols"][$keys[$i]]["default"])) { if ($dsc["cols"][$keys[$i]]["values"][$x] == $dsc["cols"][$keys[$i]]["default"]) { $selected = " checked "; } else { $selected = ""; } } else { if ($x == 0) { $selected = " checked "; } else { $selected = ""; } } if (isset($dsc["cols"][$keys[$i]]["display_replace"][$x])) { $display_val = $dsc["cols"][$keys[$i]]["display_replace"][$x]; } else { $display_val = $dsc["cols"][$keys[$i]]["values"][$x]; } $ctrl .= "<input type=\"radio\" name=\"" . $keys[$i] . "\" value=\"" . $dsc["cols"][$keys[$i]]["values"][$x] . "\" {$selected}> "; $ctrl .= $display_val; } $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; case "checkbox": if (!isset($dsc["cols"][$keys[$i]]["default"])) { $checked = " checked "; } else { $checked = " "; } $ctrl = "<input type=\"checkbox\" name=\"" . $keys[$i] . "\" value=\"yes\" {$checked}>"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; case "popup": $nbr_choices = sizeof($dsc["cols"][$keys[$i]]["values"]); $ctrl = "<select name=\"" . $keys[$i] . "\">"; for ($x = 0; $x < $nbr_choices; $x++) { $selected = ""; if (isset($dsc["cols"][$keys[$i]]["default"])) { if ($dsc["cols"][$keys[$i]]["values"][$x] == $dsc["cols"][$keys[$i]]["default"]) { $selected = " selected "; } else { $selected = ""; } } if (isset($dsc["cols"][$keys[$i]]["display_replace"][$x])) { $display_val = $dsc["cols"][$keys[$i]]["display_replace"][$x]; } else { $display_val = $dsc["cols"][$keys[$i]]["values"][$x]; } $ctrl .= " <option value=\"" . $dsc["cols"][$keys[$i]]["values"][$x] . "\" {$selected}>{$display_val}</option>"; } $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; default: $ctrl = "Not implemented yet!!!"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help); break; } } $out .= dtcFromOkDraw(); $out .= "</table></form>"; } // Edition of existing items } else { $out .= "<a href=\"{$fw_link}&subaction=" . $dsc["action"] . "_new_item\">" . $dsc["new_item_link"] . "</a><br><br>"; $out .= "<h3>" . $dsc["edit_item_title"] . "</h3><br>"; $q = "SELECT * FROM " . $dsc["table_name"] . " {$where} AND " . $dsc["id_fld"] . "='" . addslashes($_REQUEST["item"]) . "';"; $r = mysql_query($q) or die("Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n == 1) { $a = mysql_fetch_array($r); $out .= "<form name=\"" . $dsc["action"] . "_save_item_frm\" action=\"" . $_SERVER["PHP_SELF"] . "\">{$fw}"; $out .= "<input type=\"hidden\" name=\"action\" value=\"" . $dsc["action"] . "_save_item\">"; $out .= "<input type=\"hidden\" name=\"subaction\" value=\"" . $dsc["action"] . "_edit_item\">"; $out .= "<input type=\"hidden\" name=\"item\" value=\"" . $a[$dsc["id_fld"]] . "\">"; $out .= dtcFormTableAttrs(); for ($j = 0; $j < $nbr_fld; $j++) { $the_fld = $dsc["cols"][$keys[$j]]; if (isset($dsc["cols"][$keys[$j]]["help"])) { $help = $dsc["cols"][$keys[$j]]["help"]; } else { $help = ""; } switch ($the_fld["type"]) { case "id": $out .= "<input type=\"hidden\" name=\"" . $keys[$j] . "\" value=\"" . $a[$keys[$j]] . "\">"; $id_fldname = $keys[$j]; $id_fld_value = $a[$keys[$j]]; break; case "textarea": if (isset($dsc["cols"][$keys[$j]]["cols"])) { $ctrl_cols = " cols=\"" . $dsc["cols"][$keys[$j]]["cols"] . "\" "; } else { $ctrl_cols = ""; } if (isset($dsc["cols"][$keys[$j]]["rows"])) { $ctrl_rows = " rows=\"" . $dsc["cols"][$keys[$j]]["rows"] . "\" "; } else { $ctrl_rows = ""; } $ctrl = "<textarea {$ctrl_cols} {$ctrl_rows} name=\"" . $keys[$j] . "\">" . stripslashes($a[$keys[$j]]) . "</textarea>"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help); break; case "password": case "text": case "readonly": if (isset($dsc["cols"][$keys[$j]]["disable_edit"]) && $dsc["cols"][$keys[$j]]["disable_edit"] == "yes") { $disabled = " disabled "; } else { $disabled = " "; } if (isset($dsc["cols"][$keys[$j]]["size"])) { $size = " size=\"" . $dsc["cols"][$keys[$j]]["size"] . "\" "; } else { $size = ""; } if (isset($dsc["cols"][$keys[$j]]["happen_domain"]) && preg_match("/" . $dsc["cols"][$keys[$j]]["happen_domain"] . "\$/", $a[$keys[$j]])) { $input_disp_value = substr($a[$keys[$j]], 0, strlen($a[$keys[$j]]) - strlen($dsc["cols"][$keys[$j]]["happen_domain"])); $happen = $dsc["cols"][$keys[$j]]["happen_domain"]; } else { if ($dsc["cols"][$keys[$j]]["type"] != "readonly") { $input_disp_value = $a[$keys[$j]]; } $happen = ""; } if (isset($dsc["cols"][$keys[$j]]["happen"])) { $happen .= $dsc["cols"][$keys[$j]]["happen"]; } if ($the_fld["type"] == "password") { $genpass = autoGeneratePassButton($dsc["action"] . "_save_item_frm", $keys[$j]); $input_disp_type = "password"; } else { $genpass = ""; $input_disp_type = "text"; } // Do this only for readonly if ($dsc["cols"][$keys[$j]]["type"] == "readonly") { $disabled = " READONLY"; isset($dsc["cols"][$keys[$j]]["default"]) ? $input_disp_value = $dsc["cols"][$keys[$j]]["default"] : ($input_disp_value = ''); isset($dsc["cols"][$keys[$j]]["happen"]) ? $happen = $dsc["cols"][$keys[$j]]["happen"] : ($happen = ''); } if (isset($dsc["cols"][$keys[$j]]["callback"])) { $retArray = $dsc["cols"][$keys[$j]]["callback"]($id_fld_value); $input_disp_value = $retArray["value"]; $happen = $retArray["happen"]; } $ctrl = "<input type=\"{$input_disp_type}\" {$size} name=\"" . $keys[$j] . "\" value=\"" . stripslashes($input_disp_value) . "\" {$disabled}>{$genpass}{$happen}"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help); break; case "radio": $nbr_choices = sizeof($dsc["cols"][$keys[$j]]["values"]); $ctrl = ""; for ($x = 0; $x < $nbr_choices; $x++) { if ($dsc["cols"][$keys[$j]]["values"][$x] == $a[$keys[$j]]) { $selected = " checked "; } else { $selected = ""; } $ctrl .= " <input type=\"radio\" name=\"" . $keys[$j] . "\" value=\"" . $dsc["cols"][$keys[$j]]["values"][$x] . "\" {$selected}> "; $ctrl .= $dsc["cols"][$keys[$j]]["values"][$x]; } $out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help); break; case "checkbox": if ($dsc["cols"][$keys[$j]]["values"][0] == $a[$keys[$j]]) { $selected = " checked "; } else { $selected = " "; } $ctrl = "<input type=\"checkbox\" name=\"" . $keys[$j] . "\" value=\"yes\" " . $selected . ">"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help); break; case "popup": $nbr_choices = sizeof($dsc["cols"][$keys[$j]]["values"]); $ctrl = "<select name=\"" . $keys[$j] . "\">"; for ($x = 0; $x < $nbr_choices; $x++) { if ($dsc["cols"][$keys[$j]]["values"][$x] == $a[$keys[$j]]) { $selected = " selected "; } else { $selected = ""; } if (isset($dsc["cols"][$keys[$j]]["display_replace"][$x])) { $display_val = $dsc["cols"][$keys[$j]]["display_replace"][$x]; } else { $display_val = $dsc["cols"][$keys[$j]]["values"][$x]; } $ctrl .= " <option value=\"" . $dsc["cols"][$keys[$j]]["values"][$x] . "\" {$selected}>{$display_val}</option>"; } $out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help); break; default: $ctrl = "Not implemented yet!!!"; $out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help); break; } } $delete_button = "<form action=\"" . $_SERVER["PHP_SELF"] . "\">{$fw}\n\t\t\t<input type=\"hidden\" name=\"action\" value=\"" . $dsc["action"] . "_delete_item" . "\">\n\t\t\t<input type=\"hidden\" name=\"{$id_fldname}\" value=\"{$id_fld_value}\">\n\t\t\t" . dtcDeleteButton() . "</form>"; $out .= "<tr><td> </td><td><table cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n\t\t\t<tr><td>" . dtcApplyButton() . "</form></td><td>{$delete_button}</td></tr></table></td></tr>"; $out .= "</table>"; } else { $out .= "No item by this number!"; } } return $out; }
function drawNewAdminForm() { global $conf_site_root_host_path; global $lang; global $pro_mysql_admin_table; global $pro_mysql_client_table; global $pro_mysql_new_admin_table; global $pro_mysql_pending_queries_table; global $pro_mysql_pay_table; global $pro_mysql_pending_renewal_table; global $pro_mysql_product_table; global $pro_mysql_vps_table; global $pro_mysql_tik_admins_table; global $pro_mysql_tik_queries_table; global $pro_mysql_tik_cats_table; global $pro_mysql_dedicated_table; global $secpayconf_currency_letters; global $secpayconf_use_maxmind; get_secpay_conf(); $out = ""; // Resolve support ticket stuff if (isset($_REQUEST["subaction"]) && $_REQUEST["subaction"] == "resolv_ticket") { $q = "SELECT * FROM {$pro_mysql_tik_queries_table} WHERE id='" . $_REQUEST["tik_id"] . "';"; $r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n != 1) { return _("Cannot find ticket!"); } $a = mysql_fetch_array($r); $out .= _("Subject: ") . htmlspecialchars(stripslashes($a["subject"])) . "<br>"; $q2 = "SELECT * FROM {$pro_mysql_tik_cats_table} WHERE id='" . $a["cat_id"] . "';"; $r2 = mysql_query($q2) or die("Cannot query {$q2} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $n2 = mysql_num_rows($r2); if ($n2 != 1) { $tmp = _("Type not found!"); } else { $a2 = mysql_fetch_array($r2); $tmp = $a2["catdescript"] . "<br>"; } $out .= _("Type:") . $tmp; $out .= _("First query date: ") . $a["date"] . " " . $a["time"] . "<br>"; $out .= _("Server hostname related: ") . $a["server_hostname"] . "<br>"; $out .= _("Admin login: "******"adm_login"] . "<br><br>"; $out .= "<table cellspacing=\"0\" cellpadding=\"4\" border=\"0\">"; $next_tikq = $_REQUEST["tik_id"]; $close_request = "no"; while ($next_tikq != 0) { $q = "SELECT * FROM {$pro_mysql_tik_queries_table} WHERE adm_login='******' AND id='{$next_tikq}';"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n != 1) { $out .= _("Cannot find ticket!"); break; } $a = mysql_fetch_array($r); $last_tik = $next_tikq; $next_tikq = $a["reply_id"]; if ($a["admin_or_user"] == "user") { $bg = " bgcolor=\"#AAAAFF\" "; } else { $bg = " bgcolor=\"#FFFFAA\" "; } if ($a["admin_or_user"] == "admin") { $replied_by = "<br>" . _("Replied by:") . " " . $a["admin_name"]; } else { $replied_by = ""; } $out .= "<tr><td{$bg} valign=\"top\"><i>" . $a["date"] . " " . $a["time"] . "</i>" . $replied_by . "</td><td{$bg}>" . nl2br(htmlspecialchars(stripslashes($a["text"]))) . "</td></tr>"; if ($a["request_close"] == "yes") { $close_request = "yes"; } } $out .= "</table>"; $out .= _("Request to close the ticket: "); if ($close_request == "yes") { $out .= "<font color=\"#00FF00\">" . _("Yes") . "</font><br>"; } else { $out .= "<font color=\"#FF0000\">" . _("No") . "</font><br>"; } $out .= "<form action=\"" . $_SERVER["PHP_SELF"] . "\" method=\"post\">\n\t\t<input type=\"hidden\" name=\"subaction\" value=\"ticket_reply\">\n\t\t<textarea cols=\"100\" rows=\"10\" wrap=\"physical\" name=\"ticketbody\"></textarea><br>\n\t\t<input type=\"hidden\" name=\"tik_id\" value=\"" . $_REQUEST["tik_id"] . "\">\n\t\t<input type=\"hidden\" name=\"server_hostname\" value=\"" . $a["server_hostname"] . "\">\n\t\t<input type=\"hidden\" name=\"last_tik_id\" value=\"{$last_tik}\">\n\t\t<div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" name=\"answer\" value=\"" . _("Send reply") . "\"></div>\n <div class=\"input_btn_right\"></div>\n</div>\n\t\t<div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" name=\"answer_close\" value=\"" . _("Send reply and close ticket") . "\"></div>\n <div class=\"input_btn_right\"></div>\n</div>\n\t\t<div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" name=\"close\" value=\"" . _("Close without reply") . "\"></div>\n <div class=\"input_btn_right\"></div>\n</div>\n\t\t<div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" name=\"delete_thread\" value=\"" . _("Delete thread silently") . "\"></div>\n <div class=\"input_btn_right\"></div>\n</div>\n\t\t</form>"; return $out; } // Reply to support ticket stuff if (isset($_REQUEST["subaction"]) && $_REQUEST["subaction"] == "ticket_reply") { $q = "SELECT * FROM {$pro_mysql_tik_queries_table} WHERE id='" . $_REQUEST["tik_id"] . "';"; $r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n != 1) { return _("Cannot find ticket!"); } $a = mysql_fetch_array($r); if (isset($_REQUEST["answer"])) { $closed = "no"; } else { $closed = "yes"; } $adm_login = $a["adm_login"]; if (strlen($adm_login) != 0) { $q = "SELECT * FROM {$pro_mysql_admin_table} WHERE adm_login='******';"; $r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n != 1) { return "Admin {$adm_login} not found line " . __LINE__ . " file " . __FILE__; } $admin = mysql_fetch_array($r); if ($admin["id_client"] == "0") { return _("The virtual administrator for which you are trying to manage a support ticket has no client file. Go in the Customer management screen and create a client file for this administrator."); } $q = "SELECT * FROM {$pro_mysql_client_table} WHERE id='" . $admin["id_client"] . "';"; $r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n != 1) { return "Client id for admin {$adm_login} not found line " . __LINE__ . " file " . __FILE__; } $client = mysql_fetch_array($r); } else { $adm_login = ""; } if (isset($_REQUEST["delete_thread"])) { deleteTicketThread($_REQUEST["tik_id"]); $closed = "no"; } if (isset($_REQUEST["answer"]) || isset($_REQUEST["answer_close"])) { $qps = "SELECT * FROM {$pro_mysql_tik_admins_table} WHERE pseudo='" . $_SERVER["PHP_AUTH_USER"] . "';"; $rps = mysql_query($qps) or die("Cannot query {$qps} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $nps = mysql_num_rows($rps); if ($nps != 1) { die("Ticket admin not found line " . __LINE__ . " file " . __FILE__); } $aps = mysql_fetch_array($rps); $pseudo = $aps["pseudo"]; $q2 = "INSERT INTO {$pro_mysql_tik_queries_table} (id,adm_login,date,time,in_reply_of_id,reply_id,admin_or_user,subject,text,cat_id,initial_ticket,server_hostname,closed,admin_name)\n\t\t\tVALUES ('','" . $a["adm_login"] . "','" . date("Y-m-d") . "','" . date("H:i:s") . "','" . $_REQUEST["last_tik_id"] . "','0','admin','" . mysql_real_escape_string($a["subject"]) . "','" . mysql_real_escape_string($_REQUEST["ticketbody"]) . "','" . $a["cat_id"] . "','no','" . $a["server_hostname"] . "','{$closed}','{$pseudo}');"; $r2 = mysql_query($q2) or die("Cannot query {$q2} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $ins_id = mysql_insert_id(); $q2 = "UPDATE {$pro_mysql_tik_queries_table} SET reply_id='{$ins_id}' WHERE id='" . $_REQUEST["last_tik_id"] . "';"; $r2 = mysql_query($q2) or die("Cannot query {$q2} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $out .= "Ticket reply sent!<br>"; if (strlen($adm_login) != 0) { mailUserTicketReply($client["email"], $a["hash"], $a["subject"], $_REQUEST["ticketbody"], $closed, $adm_login); } if (strlen($a["customer_email"]) != 0) { mailUserTicketReply($a["customer_email"], $a["hash"], $a["subject"], $_REQUEST["ticketbody"], $closed, $adm_login); } } if ($closed == "yes") { $q2 = "UPDATE {$pro_mysql_tik_queries_table} SET closed='yes' WHERE id='" . $_REQUEST["tik_id"] . "';"; $r2 = mysql_query($q2) or die("Cannot query {$q2} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); } if (isset($_REQUEST["close"])) { if (strlen($adm_login) != 0) { mailUserTicketReply($client["email"], $a["hash"], "The ticket has been closed (without text reply)", "The ticket has been closed (without text reply)", $closed, $adm_login); } if (strlen($a["customer_email"]) != 0) { mailUserTicketReply($a["customer_email"], $a["hash"], "The ticket has been closed (without text reply)", "The ticket has been closed (without text reply)", $closed, $adm_login); } } } // Draw the form for making a new admin $add_a_user = "******" . _("Add a new user") . "</h3>\n<form name=\"addnewuser_frm\" action=\"?\" method=\"post\">\n<input type=\"hidden\" name=\"newadminuser\" value=\"Ok\">\n" . dtcFormTableAttrs() . dtcFormLineDraw(_("Login:"******"<input class=\"dtcDatagrid_input_color\" type=\"text\" name=\"newadmin_login\" value=\"\">") . dtcFormLineDraw(_("Password:"******"<input class=\"dtcDatagrid_input_alt_color\" type=\"password\" name=\"newadmin_pass\" value=\"\">" . autoGeneratePassButton("addnewuser_frm", "newadmin_pass"), 0) . dtcFormLineDraw(_("Path:"), "<input class=\"dtcDatagrid_input_color\" type=\"text\" name=\"newadmin_path\" value=\"{$conf_site_root_host_path}\">") . dtcFromOkDraw() . "\n</form>\n</table>\n"; if ($secpayconf_use_maxmind == "yes") { $maxmindsays_th = "<td>" . _("MaxMind says") . "</td>"; } else { $maxmindsays_th = ""; } // Draw the list of users awaiting for an account $waiting_new_users = "<h3>" . _("User and domain waiting for addition:") . "</h3>"; $q = "SELECT * FROM {$pro_mysql_new_admin_table} ORDER BY date,time"; $r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n < 1) { $waiting_new_users .= "<b>" . _("No user waiting!") . "</b>"; } else { $waiting_new_users .= "<table width=\"100%\"border=\"1\">\n<tr><td>" . _("Name") . "</td><td>" . _("Login") . "</td><td>" . _("Domain name / VPS server hostname") . "</td><td>" . _("Product") . "</td><td>" . _("Date") . "</td><td>" . _("Bank validated") . "</td>{$maxmindsays_th}<td>" . _("Action") . "</td></tr>"; for ($i = 0; $i < $n; $i++) { $a = mysql_fetch_array($r); $waiting_new_users .= "<tr><td style=\"white-space:nowrap\"><u>" . $a["comp_name"] . ":</u><br>"; $waiting_new_users .= $a["family_name"] . ", " . $a["first_name"] . "</td>"; $waiting_new_users .= "<td>" . $a["reqadm_login"] . "</td>"; $prod_id = $a["product_id"]; $q2 = "SELECT * FROM {$pro_mysql_product_table} WHERE id='{$prod_id}';"; $r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); $n2 = mysql_num_rows($r2); if ($n2 != 1) { $dom_name = _("Cannot find product in db!"); $prod_name = _("Cannot find product in db!"); } else { $a2 = mysql_fetch_array($r2); $prod_name = $a2["name"]; if ($a2["heb_type"] == "vps") { $dom_name = $a["vps_location"]; } else { $dom_name = $a["domain_name"]; } } $waiting_new_users .= "<td>{$dom_name}</td><td>{$prod_name}</td>"; $waiting_new_users .= "<td>" . $a["date"] . " " . $a["time"] . "<br>" . calculateAge($a["date"], $a["time"]) . "</td>"; if ($a["paiement_id"] == 0) { $waiting_new_users .= "<td>" . _("No pay ID!") . "</td>"; } else { $q = "SELECT * FROM {$pro_mysql_pay_table} WHERE id='" . $a["paiement_id"] . "';"; $r2 = mysql_query($q) or die("Cannot select {$q} line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error()); $n2 = mysql_num_rows($r2); if ($n2 != 1) { echo "Numrows!=1 in {$q} line: " . __LINE__ . " file: " . __FILE__ . " : problems with sql tables !"; } $a2 = mysql_fetch_array($r2); if ($a2["valid"] == "yes") { $waiting_new_users .= "<td><font color=\"green\">" . _("Yes") . "</font></td>"; } elseif ($a2["valid"] == "pending") { $waiting_new_users .= "<td><font color=\"#FF8800\">" . _("Pending") . ": " . $a2["pending_reason"] . "</font></td>"; } else { $waiting_new_users .= "<td><font color=\"red\">" . _("No") . "</font></td>"; } } if ($secpayconf_use_maxmind == "yes") { $waiting_new_users .= "<td><pre style='width: 200px; height: 100px; overflow: scroll;'>" . htmlspecialchars(print_r(unserialize($a["maxmind_output"]), true)) . "</pre></td>"; } $waiting_new_users .= "<td style=\"white-space:nowrap\"><a target=\"_blank\" href=\"/dtcadmin/view_waitingusers.php?reqadm_id=" . $a["id"] . "\">" . _("Edit") . "</a><br/>\n\t\t\t<a href=\"" . $_SERVER["PHP_SELF"] . "?action=valid_waiting_user&reqadm_id=" . $a["id"] . "\">" . _("Add") . "</a><br/>\n\t\t\t<a href=\"" . $_SERVER["PHP_SELF"] . "?action=delete_waiting_user&reqadm_id=" . $a["id"] . "\">" . _("Delete") . "</a></td>"; $waiting_new_users .= "</tr>"; } $waiting_new_users .= "</table>"; } // Draw the list of domains awaiting to be add to users $q = "SELECT * FROM {$pro_mysql_pending_queries_table}"; $r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n < 1) { $waiting_new_users .= "<br><b>" . _("No domain waiting!") . "</b><br>"; } else { $waiting_new_users .= "<table border=\"1\">\n\t<tr><td>" . _("Login") . "</td><td>" . _("Domain name") . "</td><td>" . _("Action") . "</td></tr>"; for ($i = 0; $i < $n; $i++) { $a = mysql_fetch_array($r); $waiting_new_users .= "<td>" . $a["adm_login"] . "</td>"; $waiting_new_users .= "<td>" . $a["domain_name"] . "</td>"; $waiting_new_users .= "<td><a href=\"" . $_SERVER["PHP_SELF"] . "?action=valid_waiting_domain_to_user&reqid=" . $a["id"] . "\">" . _("Add") . "</a>\n- <a href=\"" . $_SERVER["PHP_SELF"] . "?action=delete_waiting_domain_to_user&reqid=" . $a["id"] . "\">" . _("Delete") . "</a></td></tr>"; } $waiting_new_users .= "</table>"; } // Draw the list of pending renewals $q = "SELECT * FROM {$pro_mysql_pending_renewal_table} ORDER BY renew_date,renew_time"; $r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n < 1) { $waiting_new_users .= "<b>" . _("No pending renewals!") . "</b><br>"; } else { $waiting_new_users .= "<table border=\"1\">\n<tr><td>" . _("Login") . "</td><td>" . _("Product") . "</td><td>" . _("Payment date") . "</td><td>" . _("Bank validated") . "</td><td>" . _("Type") . "</td><td>" . _("Action") . "</td></tr>"; for ($i = 0; $i < $n; $i++) { $a = mysql_fetch_array($r); $waiting_new_users .= "<tr><td>" . $a["adm_login"] . "</td>"; $q2 = "SELECT name,price_dollar,period FROM {$pro_mysql_product_table} WHERE id='" . $a["product_id"] . "';"; $r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); $n2 = mysql_num_rows($r2); if ($n2 != 1) { $prod_name = _("Cannot find product!"); } else { $a2 = mysql_fetch_array($r2); $prod_name = $a2["name"] . " (" . $a2["price_dollar"] . " {$secpayconf_currency_letters}: " . $a2["period"] . ")"; } $waiting_new_users .= "<td>{$prod_name}</td>"; $waiting_new_users .= "<td>" . $a["renew_date"] . " " . $a["renew_time"] . "</td>"; $q2 = "SELECT * FROM {$pro_mysql_pay_table} WHERE id='" . $a["pay_id"] . "';"; $r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); $n2 = mysql_num_rows($r2); if ($n2 != 1) { $bank = _("Cannot find payment!"); } else { $a2 = mysql_fetch_array($r2); switch ($a2["valid"]) { case "yes": $bank = "<font color=\"green\">" . _("Yes") . "</font>"; break; default: case "no": $bank = "<font color=\"red\">" . _("No") . "</font>"; break; case "pending": $bank = "<font color=\"#FF8800\">" . _("Pending") . ": " . $a2["pending_reason"] . "</font>"; break; } } $waiting_new_users .= "<td>{$bank}</td>"; switch ($a["heb_type"]) { case "vps": $q2 = "SELECT * FROM {$pro_mysql_vps_table} WHERE id='" . $a["renew_id"] . "'"; $r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); if ($n2 != 1) { $heb_type = _("VPS: Cannot find VPS in db!"); } else { $a2 = mysql_fetch_array($r2); $heb_type = "VPS: " . $a2["vps_xen_name"] . "@" . $a2["vps_server_hostname"]; } break; case "shared": case "ssl": $heb_type = _("Shared"); break; case "shared-upgrade": $heb_type = _("Shared Upgrade"); break; case "ssl": $heb_type = _("SSL Token purchase"); break; case "ssl_renew": $heb_type = _("SSL Token renewal"); break; case "server": $q2 = "SELECT * FROM {$pro_mysql_dedicated_table} WHERE id='" . $a["renew_id"] . "'"; $r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); if ($n2 != 1) { $tmp = _("Cannot find server in db!"); } else { $a2 = mysql_fetch_array($r2); $tmp = $a2["server_hostname"]; } $heb_type = _("Server:") . $tmp; break; default: echo "Renew type " . $a["heb_type"] . " not implemented line " . __LINE__ . " file " . __FILE__; break; } $waiting_new_users .= "<td>{$heb_type}</td>"; $waiting_new_users .= "<td style=\"white-space:nowrap\"><a href=\"" . $_SERVER["PHP_SELF"] . "?action=validate_renewal&id=" . $a["id"] . "\">" . _("Validate") . "</a> <a href=\"" . $_SERVER["PHP_SELF"] . "?action=delete_renewal&id=" . $a["id"] . "\">" . _("Del") . "</a></td>"; $waiting_new_users .= "</tr>"; } $waiting_new_users .= "</table>"; } // Ticket manager: draw all open tickets $q = "SELECT * FROM {$pro_mysql_tik_queries_table} WHERE closed='no' AND initial_ticket='yes' ORDER BY `date`,`time`;"; $r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n < 1) { $waiting_new_users .= "<b>" . _("No pending support tickets!") . "</b><br>"; } else { $waiting_new_users .= "<table border=\"1\">\n<tr><td>" . _("Login") . "</td><td>" . _("Age") . "</td><td>" . _("Type") . "</td><td>" . _("Subject") . "</td><td>" . _("Last message from") . "</td><td>" . _("Last message age") . "</td></tr>"; for ($i = 0; $i < $n; $i++) { $a = mysql_fetch_array($r); if (strlen($a["customer_email"]) != 0) { $who = $a["customer_email"]; if (strlen($a["adm_login"]) != 0) { $who .= " / " . $a["adm_login"]; } } else { $who = $a["adm_login"]; } $waiting_new_users .= "<tr><td>{$who}</td>"; $q2 = "SELECT * FROM {$pro_mysql_tik_cats_table} WHERE id='" . $a["cat_id"] . "'"; $r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); $n2 = mysql_num_rows($r2); if ($n2 != 1) { $cat = _("Type not found!"); } else { $a2 = mysql_fetch_array($r2); $cat = $a2["catname"]; } $age = calculateAge($a["date"], $a["time"]); $waiting_new_users .= "<td style=\"white-space:nowrap;\">{$age}</td><td>{$cat}</td><td style=\"white-space:nowrap;\"><a href=\"" . $_SERVER["PHP_SELF"] . "?subaction=resolv_ticket&tik_id=" . $a["id"] . "\">" . htmlspecialchars(stripslashes($a["subject"])) . "</a></td>"; $next_reply_id = $a["reply_id"]; $last_reply_text = "<font color=\"green\">" . _("Admin") . "</font>"; $last_message_date = $a["date"]; $last_message_time = $a["time"]; $loop_num = 0; $last_guy_replied = "user"; while ($next_reply_id != 0 && $loop_num < 49) { $loop_num++; $q2 = "SELECT * FROM {$pro_mysql_tik_queries_table} WHERE id='{$next_reply_id}';"; $r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error()); $n2 = mysql_num_rows($r2); if ($n2 != 1) { echo "Warning: couldn't find tik query {$next_reply_id} in last reply detection!"; break; } $a3 = mysql_fetch_array($r2); $last_message_date = $a3["date"]; $last_message_time = $a3["time"]; if ($a3["admin_or_user"] == "user") { $last_guy_replied = "user"; } else { $last_guy_replied = "admin"; } $next_reply_id = $a3["reply_id"]; if ($loop_num >= 49) { echo "Warning: loop_num exeeded 50, not displaying last ticket reply from line" . __LINE__ . " file " . __FILE__; } } if ($last_guy_replied == "user") { $last_reply_text = "<font color=\"red\">" . _("User") . "</font>"; } $waiting_new_users .= "<td>{$last_reply_text}</td>"; $age2 = calculateAge($last_message_date, $last_message_time); $waiting_new_users .= "<td>" . $age2 . "</td>"; $waiting_new_users .= "</tr>"; } $waiting_new_users .= "</table>"; } return "<table>\n<tr>\n\t<td valign=\"top\">" . $waiting_new_users . "</td>\n\t</tr><tr>\n\t<td valign=\"top\">" . $add_a_user . "</td>\n</tr></table>"; }
function drawEditAdmin($admin) { global $pro_mysql_vps_server_table; global $pro_mysql_vps_ip_table; global $pro_mysql_vps_table; global $pro_mysql_product_table; global $pro_mysql_dedicated_table; global $cc_code_popup; global $adm_login; global $adm_pass; global $rub; global $conf_hide_password; $info = $admin["info"]; if (isset($admin["data"])) { $data = $admin["data"]; } $adm_cur_pass = $info["adm_pass"]; $adm_path = $info["path"]; $adm_max_email = $info["max_email"]; $adm_max_ftp = $info["max_ftp"]; $adm_quota = $info["quota"]; $bandwidth_per_month_mb = $info["bandwidth_per_month_mb"]; $adm_id_client = $info["id_client"]; $expire = $info["expire"]; $prod_id = $info["prod_id"]; $allow_add_domain = $info["allow_add_domain"]; $max_domain = $info["max_domain"]; $restricted_ftp_path = $info["restricted_ftp_path"]; $allow_dns_and_mx_change = $info["allow_dns_and_mx_change"]; $allow_mailing_list_edit = $info["allow_mailing_list_edit"]; $allow_subdomain_edit = $info["allow_subdomain_edit"]; $resseller_flag = $info["resseller_flag"]; $ssh_login_flag = $info["ssh_login_flag"]; $ftp_login_flag = $info["ftp_login_flag"]; $pkg_install_flag = $info["pkg_install_flag"]; if ($resseller_flag == "yes") { $resflag_yes = " checked='checked' "; $resflag_no = ""; } else { $resflag_yes = " "; $resflag_no = " checked='checked' "; } $res_selector = "<input type=\"radio\" name=\"resseller_flag\" value=\"yes\"{$resflag_yes}> " . _("Yes") . "\n\t<input type=\"radio\" name=\"resseller_flag\" value=\"no\"{$resflag_no}> " . _("No") . "</div>"; if ($ssh_login_flag == "yes") { $sshlogin_yes = " checked='checked' "; $sshlogin_no = ""; } else { $sshlogin_yes = ""; $sshlogin_no = " checked='checked' "; } $sshlog_selector = "<input type=\"radio\" name=\"ssh_login_flag\" value=\"yes\"{$sshlogin_yes}> " . _("Yes") . "\n\t<input type=\"radio\" name=\"ssh_login_flag\" value=\"no\"{$sshlogin_no}> " . _("No"); if ($ftp_login_flag == "yes") { $ftplogin_yes = " checked='checked' "; $ftplogin_no = ""; } else { $ftplogin_yes = ""; $ftplogin_no = " checked='checked' "; } $ftplog_selector = "<input type=\"radio\" name=\"ftp_login_flag\" value=\"yes\"{$ftplogin_yes}> " . _("Yes") . "\n\t<input type=\"radio\" name=\"ftp_login_flag\" value=\"no\"{$ftplogin_no}> " . _("No"); if ($pkg_install_flag == "yes") { $pkg_install_yes = " checked='checked' "; $pkg_install_no = ""; } else { $pkg_install_yes = ""; $pkg_install_no = " checked='checked' "; } $pkg_install_selector = "<input type=\"radio\" name=\"pkg_install_flag\" value=\"yes\"{$pkg_install_yes}> " . _("Yes") . "\n\t<input type=\"radio\" name=\"pkg_install_flag\" value=\"no\"{$pkg_install_no}> " . _("No"); if ($allow_add_domain == "yes") { $adyes = "selected='selected'"; } else { $adyes = ""; } if ($allow_add_domain == "check") { $adcheck = "selected='selected'"; } else { $adcheck = ""; } if ($allow_add_domain == "no") { $adno = "selected='selected'"; } else { $adno = ""; } $aldom_popup = "<select class=\"dtcDatagrid_input_color\" name=\"allow_add_domain\">\n<option value=\"yes\" {$adyes}>" . _("Yes") . "</option>\n<option value=\"check\" {$adcheck}>" . _("Check") . "</option>\n<option value=\"no\" {$adno}>" . _("No") . "</option>\n</select>\n"; // Restriction of FTP path selection if ($restricted_ftp_path == "yes") { $restricted_ftp_path_yes = " checked='checked' "; $restricted_ftp_path_no = ""; } else { $restricted_ftp_path_yes = ""; $restricted_ftp_path_no = " checked='checked' "; } $restricted_ftp_path_selector = "<input type=\"radio\" name=\"restricted_ftp_path\" value=\"yes\"{$restricted_ftp_path_yes}> " . _("Yes") . "\n<input type=\"radio\" name=\"restricted_ftp_path\" value=\"no\"{$restricted_ftp_path_no}> " . _("No"); // Allowing change of DNS and MX if ($allow_dns_and_mx_change == "yes") { $allow_dns_and_mx_change_yes = " checked='checked' "; $allow_dns_and_mx_change_no = ""; } else { $allow_dns_and_mx_change_yes = ""; $allow_dns_and_mx_change_no = " checked='checked' "; } $allow_dns_and_mx_change_selector = "<input type=\"radio\" name=\"allow_dns_and_mx_change\" value=\"yes\"{$allow_dns_and_mx_change_yes}> " . _("Yes") . "\n<input type=\"radio\" name=\"allow_dns_and_mx_change\" value=\"no\"{$allow_dns_and_mx_change_no}> " . _("No"); // Allow users to edit mailing lists if ($allow_mailing_list_edit == "yes") { $allow_mailing_list_edit_yes = " checked='checked' "; $allow_mailing_list_edit_no = ""; } else { $allow_mailing_list_edit_yes = ""; $allow_mailing_list_edit_no = " checked='checked' "; } $allow_mailing_list_edit_selector = "<input type=\"radio\" name=\"allow_mailing_list_edit\" value=\"yes\"{$allow_mailing_list_edit_yes}> " . _("Yes") . "\n<input type=\"radio\" name=\"allow_mailing_list_edit\" value=\"no\"{$allow_mailing_list_edit_no}> " . _("No"); // Allow users to edit subdomains if ($allow_subdomain_edit == "yes") { $allow_subdomain_edit_yes = " checked='checked' "; $allow_subdomain_edit_no = ""; } else { $allow_subdomain_edit_yes = ""; $allow_subdomain_edit_no = " checked='checked' "; } $allow_subdomain_edit_selector = "<input type=\"radio\" name=\"allow_subdomain_edit\" value=\"yes\"{$allow_subdomain_edit_yes}> " . _("Yes") . "\n<input type=\"radio\" name=\"allow_subdomain_edit\" value=\"no\"{$allow_subdomain_edit_no}> " . _("No"); // Generate the user configuration form $user_data = "\n<form name=\"admattrbfrm\" action=\"?\" methode=\"post\">\n<input type=\"hidden\" name=\"rub\" value=\"{$rub}\">\n<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n<input type=\"hidden\" name=\"updateuserinfo\" value=\"Ok\">\n" . dtcFormTableAttrs(); $genpass = autoGeneratePassButton("admattrbfrm", "changed_pass"); if ($conf_hide_password == "yes") { $ctrl = "<input class=\"dtcDatagrid_input_color\" type=\"password\" name=\"changed_pass\" value=\"{$adm_cur_pass}\">{$genpass}"; } else { $ctrl = "<input class=\"dtcDatagrid_input_color\" type=\"text\" name=\"changed_pass\" value=\"{$adm_cur_pass}\">{$genpass}"; } $user_data .= dtcFormLineDraw(_("Password:"******"SELECT * FROM {$pro_mysql_product_table} WHERE (heb_type='shared' OR heb_type='ssl') AND renew_prod_id='0' ORDER BY id;"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); $prodsid = ""; $prodsid .= "<select class=\"dtcDatagrid_input_color\" name=\"heb_prod_id\"><option value=\"0\">" . _("No product") . "</option>"; for ($i = 0; $i < $n; $i++) { $a = mysql_fetch_array($r); if ($a["id"] == $prod_id) { $prodsid_sel = " selected "; } else { $prodsid_sel = " "; } $prodsid .= "<option value=\"" . $a["id"] . "\"{$prodsid_sel}>" . $a["id"] . ": " . $a["name"] . "</option>"; } $prodsid .= "</select>"; $user_data .= dtcFormLineDraw(_("Path:"), "<input class=\"dtcDatagrid_input_alt_color\" type=\"text\" name=\"changed_path\" value=\"{$adm_path}\">", 0); $user_data .= dtcFormLineDraw(_("Client ID:"), "<input class=\"dtcDatagrid_input_color\" type=\"text\" name=\"changed_id_client\" value=\"{$adm_id_client}\"><a href=\"?rub=crm&id={$adm_id_client}\">" . _("client") . "</a>"); $user_data .= dtcFormLineDraw(_("Disk quota (MB):"), "<input class=\"dtcDatagrid_input_alt_color\" type=\"text\" name=\"adm_quota\" value=\"{$adm_quota}\">", 0); $user_data .= dtcFormLineDraw(_("Allowed bandwidth per month (MB):"), "<input class=\"dtcDatagrid_input_color\" type=\"text\" name=\"bandwidth_per_month\" value=\"{$bandwidth_per_month_mb}\">"); $user_data .= dtcFormLineDraw(_("Expiry date:"), "<input class=\"dtcDatagrid_input_alt_color\" type=\"text\" name=\"expire\" value=\"{$expire}\">", 0); $user_data .= dtcFormLineDraw(_("Product ID:"), $prodsid); $user_data .= dtcFormLineDraw(_("Number of databases:"), "<input class=\"dtcDatagrid_input_alt_color\" type=\"text\" name=\"nbrdb\" value=\"" . $info["nbrdb"] . "\">", 0); $user_data .= dtcFormLineDraw(_("Allow to add domains:"), $aldom_popup); $user_data .= dtcFormLineDraw(_("Max domain:"), "<input class=\"dtcDatagrid_input_alt_color\" type=\"text\" name=\"max_domain\" value=\"{$max_domain}\">", 0); $user_data .= dtcFormLineDraw(_("Grant sub-account addition rights (reseller):"), $res_selector); $user_data .= dtcFormLineDraw(_("Allow addition of SSH logins:"), $sshlog_selector, 0); $user_data .= dtcFormLineDraw(_("Allow addition of FTP logins:"), $ftplog_selector); $user_data .= dtcFormLineDraw(_("Restrict FTP to the html folder:"), $restricted_ftp_path_selector, 0); $user_data .= dtcFormLineDraw(_("Allow addition of mailing lists and mail groups:"), $allow_mailing_list_edit_selector); $user_data .= dtcFormLineDraw(_("Allow edition of DNS and MX:"), $allow_dns_and_mx_change_selector, 0); $user_data .= dtcFormLineDraw(_("Allow edition subdomains:"), $allow_subdomain_edit_selector); $user_data .= dtcFormLineDraw(_("Allow the use of the package installer:"), $pkg_install_selector, 0); $user_data .= dtcFromOkDraw() . "</table></form>"; // Generate the admin tool configuration module // Deletion of domains : $url = "" . $_SERVER["PHP_SELF"] . "?delete_admin_user={$adm_login}&rub={$rub}"; $confirmed_url = dtcJavascriptConfirmLink(_("Are your sure you want to delete this user? This will erase all his hosted domain names, files, and databases !!!"), $url); $domain_conf = "<a href=\"{$confirmed_url}\"><b>" . _("Delete the user") . "</b></a><br><br>"; if (isset($data)) { $domain_conf .= "<h3>" . _("Delete a user domain:") . "</h3><br>"; $nbr_domain = sizeof($data); for ($i = 0; $i < $nbr_domain; $i++) { $dom = $data[$i]["name"]; if ($i != 0) { $domain_conf .= " - "; } $url = "?adm_login={$adm_login}&adm_pass={$adm_pass}&deluserdomain={$dom}&rub={$rub}"; $js_url = dtcJavascriptConfirmLink(_("Are you sure you want to delete this domain name ? This will erase all hosted files for this domain!!!"), $url); $domain_conf .= "<a href=\"{$js_url}\">{$dom}</a>"; } $domain_conf .= "</b><br><br>"; } // Creation of domains : $domain_conf .= "<h3>" . _("Add a domain for this user:"******"</h3>"; $domain_conf .= "<form action=\"?\"><table cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n<tr><td><input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n\t<input type=\"hidden\" name=\"rub\" value=\"{$rub}\">\n\t<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n\t<input type=\"text\" name=\"newdomain_name\" value=\"\"></td>\n\t<td><div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" name=\"newdomain\" value=\"Ok\"></div>\n <div class=\"input_btn_right\"></div>\n</div></td></tr></table>\n\t</form>"; $domain_conf .= "<h3>" . _("Import a domain file for this user:"******"<h3></b>\n\t<form action=\"?\" enctype=\"multipart/form-data\" method=\"post\">\n\t<table cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n\t<tr><td><input type=\"hidden\" name=\"rub\" value=\"{$rub}\">\n\t<input type=\"hidden\" name=\"action\" value=\"import_domain\">\n\t<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n\t<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n\t<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"30000000\">\n\t<input type=\"file\" name=\"domain_import_file\" size=\"30\"></td>\n\t<td><div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" value=\"" . _("Import") . "\"></div>\n <div class=\"input_btn_right\"></div>\n</div></td></tr></table></form>"; // Deletion of VPS $q = "SELECT * FROM {$pro_mysql_vps_table} WHERE owner='{$adm_login}' ORDER BY vps_server_hostname,vps_xen_name;"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n > 0) { $domain_conf .= "<h3>" . _("Delete one of the admin VPS: ") . "</h3><br>"; for ($i = 0; $i < $n; $i++) { $a = mysql_fetch_array($r); if ($i > 0) { $domain_conf .= " - "; } $delete_vps_url = dtcJavascriptConfirmLink(_("Are you sure you want to delete this VPS? This will also delete the partitions!"), "?adm_login={$adm_login}&adm_pass={$adm_pass}&rub={$rub}&action=delete_a_vps&id=" . $a["id"]); $domain_conf .= "<a href=\"" . $delete_vps_url . "\"><b>" . $a["vps_server_hostname"] . ":" . $a["vps_xen_name"] . "</b></a>"; } $domain_conf .= "<br><br>"; } // Creation of VPS $q = "SELECT * FROM {$pro_mysql_product_table} WHERE heb_type='vps' AND renew_prod_id='0';"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); $num_prods_vps = $n; $vps_prods = ""; for ($i = 0; $i < $n; $i++) { $a = mysql_fetch_array($r); $vps_prods .= "<option value=\"" . $a["id"] . "\">" . $a["name"] . "</option>"; } $q = "SELECT * FROM {$pro_mysql_vps_ip_table} WHERE available='yes' ORDER BY vps_server_hostname,vps_xen_name;"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); $vps_srvs = ""; for ($i = 0; $i < $n; $i++) { $a = mysql_fetch_array($r); $vps_srvs .= "<option value=\"" . $a["ip_addr"] . "\">" . $a["vps_server_hostname"] . ":" . $a["vps_xen_name"] . " (" . $a["ip_addr"] . ")</option>"; } if ($n > 0 && $num_prods_vps > 0) { $domain_conf .= "<h3>" . _("Add a VPS for this admin:") . "</h3>\n\t\t<form action=\"?\">\n\t\t<input type=\"hidden\" name=\"rub\" value=\"{$rub}\">\n\t\t<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n\t\t<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n\t\t<input type=\"hidden\" name=\"action\" value=\"add_vps_to_user\">\n\t\t<table border=\"0\">\n\t\t<tr><td style=\"text-align: right; white-space: nowrap;\">" . _("VPS Server hostname: ") . "</td>\n\t\t<td><select name=\"vps_server_ip\">{$vps_srvs}</select></td></tr>\n\t\t<tr><td style=\"text-align: right; white-space: nowrap;\">" . _("Product: ") . "</td>\n\t\t<td><select name=\"product_id\">{$vps_prods}</select></td></tr>\n\t\t<tr><td style=\"text-align: right; white-space: nowrap;\">" . _("Setup physical VPS (LVM): ") . "</td>\n\t\t<td><input type=\"radio\" name=\"physical_setup\" value=\"yes\">" . _("Yes") . "\n\t\t<input type=\"radio\" name=\"physical_setup\" value=\"no\" checked='checked'>" . _("No") . "</td></tr>\n\t\t<tr><td></td><td><div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" value=\"Add VPS\"></div>\n <div class=\"input_btn_right\"></div>\n</div></td></tr></table></form>"; } else { $domain_conf .= _("To add a VPS, you need to setup some free IPs VPS in the general config and setup some VPS products."); } // Deletion of dedicated $q = "SELECT * FROM {$pro_mysql_dedicated_table} WHERE owner='{$adm_login}';"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); if ($n > 0) { $domain_conf .= "<br><br><h3>" . _("Delete one of the admin dedicated server:") . "</h3><br>"; for ($i = 0; $i < $n; $i++) { $a = mysql_fetch_array($r); if ($i > 0) { $domain_conf .= " - "; } $domain_conf .= "<a href=\"?adm_login={$adm_login}&adm_pass={$adm_pass}&rub={$rub}&action=delete_a_dedicated&id=" . $a["id"] . "\"><b>" . $a["server_hostname"] . "</b></a>"; } } // Creation of dedicated servers $q = "SELECT * FROM {$pro_mysql_product_table} WHERE heb_type='server' AND renew_prod_id='0';"; $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error()); $n = mysql_num_rows($r); $num_prods_vps = $n; $server_prods = ""; for ($i = 0; $i < $n; $i++) { $a = mysql_fetch_array($r); $server_prods .= "<option value=\"" . $a["id"] . "\">" . $a["name"] . "</option>"; } $domain_conf .= "<br><br><h3>" . _("Add a dedicated server for this admin:") . "</h3>\n\t<form action=\"?\">\n\t<input type=\"hidden\" name=\"rub\" value=\"{$rub}\">\n\t<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n\t<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n\t<input type=\"hidden\" name=\"action\" value=\"add_dedicated_to_user\">\n\t<table border=\"0\">\n\t<tr><td style=\"text-align: right; white-space: nowrap;\">" . _("Product: ") . "</td>\n\t\t<td><select name=\"product_id\">{$server_prods}</select></td></tr>\n\t<tr><td style=\"text-align: right; white-space: nowrap;\">" . _("Hostname: ") . "</td>\n\t\t<td><input type=\"text\" name=\"server_hostname\" value=\"\"></td>\n\t<tr><td style=\"text-align: right; white-space: nowrap;\">" . _("Country: ") . "</td>\n\t\t<td><select name=\"country\">{$cc_code_popup}</select></td>\n\t<tr><td></td><td>" . dtcApplyButton() . "</td></tr></table></form>"; $out = "<font size=\"-1\">\n<table>\n <tr>\n <td>{$domain_conf}</td><td background=\"gfx/border_2.gif\"> </td>\n <td>{$user_data}</td>\n </tr>\n</table>\n</font>\n"; return $out; }