Example #1
0
function drawAdminTools_AddDomain($admin)
{
    global $adm_login;
    global $adm_pass;
    global $addrlink;
    global $registration_added_price;
    global $conf_addr_primary_dns;
    global $conf_addr_secondary_dns;
    global $form_enter_dns_infos;
    global $form_enter_domain_name;
    global $whois_forwareded_params;
    global $form_period_popup;
    global $conf_webmaster_email_addr;
    global $conf_use_registrar_api;
    global $pro_mysql_pending_queries_table;
    global $pro_mysql_domain_table;
    global $pro_mysql_client_table;
    global $pro_mysql_product_table;
    global $registry_api_modules;
    global $secpayconf_currency_letters;
    global $pro_mysql_handle_table;
    get_secpay_conf();
    $out = "";
    $form_start = "\n<form action=\"" . $_SERVER["PHP_SELF"] . "\">\n<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n<input type=\"hidden\" name=\"addrlink\" value=\"{$addrlink}\">\n<input type=\"hidden\" name=\"action\" value=\"dtcrm_add_domain\">\n";
    // User is trying to add a new service, let's complete the form!
    if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "add_new_service") {
        if (!isRandomNum($_REQUEST["product_id"])) {
            $out .= _("The product ID is not a valid integer number.");
            return $out;
        }
        $q = "SELECT * FROM {$pro_mysql_product_table} WHERE id='" . $_REQUEST["product_id"] . "';";
        $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        $n = mysql_num_rows($r);
        if ($n != 1) {
            $out .= _("Cannot reselect product: registration failed!");
            return $out;
        }
        $product = mysql_fetch_array($r);
        switch ($product["heb_type"]) {
            default:
            case "shared":
                // -> Something has to be done to select dedicated servers location in the form !!!
            // -> Something has to be done to select dedicated servers location in the form !!!
            case "server":
                $added1 = "<input type=\"hidden\" name=\"vps_location\" value=\"node0001.example.com\">\n<input type=\"hidden\" name=\"vps_os\" value=\"debian\">";
                break;
            case "vps":
                $added1 = _("VPS location: ") . "<select name=\"vps_location\">" . vpsLocationSelector() . "</select><br>" . _("VPS OS: ") . "<select name=\"vps_os\">\n<option value=\"debian\">Debian</option>\n<option value=\"centos\">CentOS</option>\n<option value=\"gentoo\">Gentoo</option>\n<option value=\"netbsd\">NetBSD</option>\n</select><br>";
                break;
        }
        $out .= "<br><br><h3>" . _("Add another service to your account:") . "</h3>" . "<br><form action=\"/dtc/new_account.php\">\n<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n<input type=\"hidden\" name=\"addrlink\" value=\"{$addrlink}\">\n<input type=\"hidden\" name=\"product_id\" value=\"" . $_REQUEST["product_id"] . "\">\n<input type=\"hidden\" name=\"action\" value=\"add_new_service\">" . $added1 . "\n" . _("Special notes for the setup") . ":<textarea name=\"custom_notes\" cols=\"50\" rows=\"5\"></textarea><br>\n" . submitButtonStart() . _("Register") . submitButtonEnd() . "\n";
        return $out;
    }
    // Registration, hosting, or both ?
    if (!isset($_REQUEST["add_domain_type"]) || $_REQUEST["add_domain_type"] != "domregandhosting" && $_REQUEST["add_domain_type"] != "domreg" && $_REQUEST["add_domain_type"] != "hosting") {
        $out .= "<br><h3>" . _("What do you want to add:") . "</h3>\n{$form_start}";
        if ($conf_use_registrar_api == "yes") {
            $out .= "<input type=\"radio\" name=\"add_domain_type\" value=\"domregandhosting\" checked>" . _("Hosting + domain name registration or transfer") . "<br>";
            $add_domain_type_checked = " ";
        } else {
            $add_domain_type_checked = " checked ";
        }
        $out .= "<input type=\"radio\" name=\"add_domain_type\" value=\"hosting\" checked>" . _("Hosting only") . "<br>\n" . submitButtonStart() . _("Ok") . submitButtonEnd() . "\n</form>\n";
        $out .= "<br><br><h3>" . _("Add another service to your account:") . "</h3>";
        if (isset($admin["data"])) {
            $added_conditions = " AND heb_type NOT LIKE 'shared' ";
        } else {
            $added_conditions = "";
        }
        $q = "SELECT * FROM {$pro_mysql_product_table} WHERE private='no' AND renew_prod_id='0' AND heb_type NOT LIKE 'ssl' {$added_conditions};";
        $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        $n = mysql_num_rows($r);
        for ($i = 0; $i < $n; $i++) {
            $a = mysql_fetch_array($r);
            //			if($i > 0){
            //				$out .= " - ";
            //			}
            $out .= "<form action=\"" . $_SERVER["PHP_SELF"] . "\">\n\t\t\t<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n\t\t\t<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n\t\t\t<input type=\"hidden\" name=\"action\" value=\"add_new_service\">\n\t\t\t<input type=\"hidden\" name=\"product_id\" value=\"" . $a["id"] . "\">\n\t\t\t<input type=\"hidden\" name=\"addrlink\" value=\"{$addrlink}\">\n\t\t\t" . submitButtonStart() . $a["name"] . submitButtonEnd() . "</form>";
            //			$out .= "<a href=\"/dtc/new_account.php?action=add_new_service&adm_login=$adm_login&product_id=".$a["id"]."\">".$a["name"]."</a>";
        }
        return $out;
    }
    $form_start .= "<input type=\"hidden\" name=\"add_domain_type\" value=\"" . $_REQUEST["add_domain_type"] . "\">";
    //	$form_start .= "<input type=\"hidden\" name=\"add_domain_type\" value=\"domregandhosting\">";
    if ($_REQUEST["add_domain_type"] == "hosting") {
        // The don't want name registration or transfer,
        // Simply add the domain.
        if ($admin["info"]["allow_add_domain"] == "no") {
            return _("You curently don't have enough privileges to add domain names. If you often add domain names, you can ask the administrator to do so. To request hosting for a new domain without domain name registration, please write to:") . "<br>" . "<a href=\"mailto:{$conf_webmaster_email_addr}?subject=[DTC] More domains\">{$conf_webmaster_email_addr}</a>.";
        }
        if ($admin["info"]["max_domain"] != 0) {
            $maxdomq = "SELECT COUNT(name) AS numofdomains FROM {$pro_mysql_domain_table} WHERE owner='{$adm_login}';";
            $maxdomr = mysql_query($maxdomq) or die("Cannot query {$maxdomq} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
            $maxdoma = mysql_fetch_array($maxdomr);
            $num_of_installed_domains = $maxdoma["numofdomains"];
            if ($num_of_installed_domains >= $admin["info"]["max_domain"]) {
                return _("You have reached the maximum number of domains that you are allowed to run with this type of account.\nIf you want to add more domain names, you should get in touch by opening a new support ticket.");
            }
        }
        if (!isset($_REQUEST["domain_name"]) || $_REQUEST["domain_name"] == "") {
            return "<br><b><u>" . _("Please enter the domain name you wish to add:") . "</u></b><br>\n{$form_start}<input type=\"text\" name=\"domain_name\" value=\"\">\n" . submitButtonStart() . _("Ok") . submitButtonEnd() . "\n</form>";
        }
        if (!isHostname($_REQUEST["domain_name"])) {
            return _("Domain name is not in correct format. Please enter another name.");
        }
        $q = "SELECT * FROM {$pro_mysql_domain_table} WHERE name='" . $_REQUEST["domain_name"] . "';";
        $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        $n = mysql_num_rows($r);
        if ($n > 0) {
            return _("This domain name already hosted here, please enter another name.");
        }
        if ($admin["info"]["allow_add_domain"] == "check") {
            $q = "INSERT INTO {$pro_mysql_pending_queries_table} (adm_login,domain_name,date) VALUES ('{$adm_login}','" . $_REQUEST["domain_name"] . "','" . date("Y-m-d H:i") . "');";
            $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
            return "<br><u><b>" . _("Your domain name will be soon validated:") . "</b></u><br>" . _("An administrator will examine your request shortly, and validate the addition of this domain name to your account. You curently don't have enough privileges to add domain names. If you often add domain names, you can ask the administrator to grant you the privilege of automatic domain name addition. To request hosting for a new domain name, without administrator validation or domain name registration, please write to:") . "<br>\n<a href=\"{$conf_webmaster_email_addr}?subject=[DTC] More domains\">{$conf_webmaster_email_addr}</a>.<br>\n<br>\n" . _("You can add another domain name:") . "\n{$form_start}<input type=\"text\" name=\"domain_name\" value=\"\">\n" . submitButtonStart() . _("Ok") . submitButtonEnd() . "\n</form>\n";
        }
        addDomainToUser($adm_login, $adm_pass, $_REQUEST["domain_name"]);
        return "<br><u><b>" . _("Your domain name is now ready:") . "</b></u><br>\n" . _("Now you can go to check its configuration by clicking here:") . "<br>\n<a href=\"" . $_SERVER["PHP_SELF"] . "?adm_login={$adm_login}&adm_pass={$adm_pass}&addrlink=" . $_REQUEST["domain_name"] . "\">" . $_REQUEST["domain_name"] . "</a><br>\n<br>\n" . _("Alternatively, you can add another domain name:") . "\n{$form_start}<input type=\"text\" name=\"domain_name\" value=\"\">\n" . submitButtonStart() . _("Ok") . submitButtonEnd() . "\n</form>\n";
    }
    // Registration or domain transfer ?
    if (!isset($_REQUEST["add_regortrans"]) || $_REQUEST["add_regortrans"] != "register" && $_REQUEST["add_regortrans"] != "transfer") {
        $out .= "<br><h3>" . _("Do you want to transfer an existing domain or register a new domain?") . "</h3>\n{$form_start}\n<input type=\"radio\" name=\"add_regortrans\" value=\"register\" checked>" . _("Register a new domain") . "<br>\n<input type=\"radio\" name=\"add_regortrans\" value=\"transfer\">" . _("Transfer an existing domain from another registrar") . "<br>\n" . submitButtonStart() . _("Ok") . submitButtonEnd() . "\n</form>\n";
        return $out;
    }
    if ($_REQUEST["add_regortrans"] == "transfer") {
        return drawNameTransfer($admin);
    }
    $form_start .= "<input type=\"hidden\" name=\"add_regortrans\" value=\"register\">";
    // Start registration procedure (with or without hosting)
    $out .= "<br><h3>" . _("Register a domain name") . "</h3>";
    $out .= "<i><u>" . _("Step 1: Verify availability") . "</u></i><br>";
    if (!isset($_REQUEST["toreg_domain"]) || $_REQUEST["toreg_domain"] == "" || !isset($_REQUEST["toreg_extention"]) || $_REQUEST["toreg_extention"] == "") {
        $out .= "<br>" . _("Enter the domain name you want to register:") . "<br>\n{$form_start} " . make_registration_tld_popup() . "</form>";
        return $out;
    }
    $fqdn = $_REQUEST["toreg_domain"] . $_REQUEST["toreg_extention"];
    $domlookup = registry_check_availability($fqdn);
    if ($domlookup["is_success"] != 1) {
        $out .= "<font color=\"red\">" . _("Could not connect to domain registration server: please try again later!") . "</font><br>" . $domlookup['response_text'];
        return $out;
    }
    if ($domlookup["attributes"]["status"] != "available") {
        $out .= "<br>\n" . _("Sorry, the domain name ") . " <b>{$fqdn}</b> " . _("is NOT available for registration. The registration server returned: ") . "<br><font color=\"red\">" . $domlookup["response_text"] . "</font>\n<br><br>\nHave another try:<br>{$form_start} " . make_registration_tld_popup() . "</form>";
        return $out;
    }
    $form_start .= "<input type=\"hidden\" name=\"toreg_domain\" value=\"" . $_REQUEST["toreg_domain"] . "\">\n<input type=\"hidden\" name=\"toreg_extention\" value=\"" . $_REQUEST["toreg_extention"] . "\">";
    $q = "SELECT * FROM {$pro_mysql_domain_table} WHERE name='{$fqdn}';";
    $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    if ($n != 0) {
        $out .= "<br>\n" . _("The domain name") . " <b>{$fqdn}</b> " . _("is already in use in this server: you can't register that domain name.") . "<br>" . _("Have another try:") . "<br>{$form_start} " . make_registration_tld_popup() . "</form>";
        return $out;
    }
    // DOMAIN IS AVAILABLE, PROCEED DO REGISTRATION
    $out .= "Domain name <b>{$fqdn}</b> is available for registration.<br><br>\n<i><u>" . _("Step 2: Enter whois information") . "</u></i><br>\n";
    //http://dtc.example.com/dtc/index.php?adm_login=dtc&adm_pass=bemybest&
    //addrlink=myaccount%2Fadddomain&
    //action=dtcrm_add_domain&add_domain_type=domreg&add_regortrans=register&
    //toreg_domain=yugluxrfvcd&toreg_extention=.com&
    //dtcrm_owner_hdl=1&dtcrm_billing_hdl=1&dtcrm_admin_hdl=1&
    //toreg_dns1=default&toreg_dns2=default&
    //toreg_period=1
    if (!isset($_REQUEST["dtcrm_owner_hdl"]) || $_REQUEST["dtcrm_owner_hdl"] == "" || !isset($_REQUEST["dtcrm_admin_hdl"]) || $_REQUEST["dtcrm_admin_hdl"] == "" || !isset($_REQUEST["dtcrm_billing_hdl"]) || $_REQUEST["dtcrm_billing_hdl"] == "" || !isset($_REQUEST["dtcrm_teck_hdl"]) || $_REQUEST["dtcrm_teck_hdl"] == "" || !isset($_REQUEST["toreg_dns1"]) || $_REQUEST["toreg_dns1"] == "" || !isset($_REQUEST["toreg_dns2"]) || $_REQUEST["toreg_dns2"] == "" || $_REQUEST["toreg_period"] < 1 || $_REQUEST["toreg_period"] > 10) {
        $year = _("year");
        $years = _("years");
        $out .= _("Please select registran and the 3 contact handles you want to use for registering that domain name.") . "<br><br>{$form_start}";
        $out .= whoisHandleSelection($admin);
        if (isset($domlookup["attributes"]["minperiod"])) {
            $minreg = str_replace("Y", "", $domlookup["attributes"]["maxperiod"]);
        } else {
            $minreg = 1;
        }
        if (isset($domlookup["attributes"]["maxperiod"])) {
            $maxreg = str_replace("Y", "", $domlookup["attributes"]["maxperiod"]);
        } else {
            $maxreg = 10;
        }
        $out .= "<br>{$form_enter_dns_infos}<br><br>\n" . _("Select how long you want to register this domain name:") . "<br>\n<select name=\"toreg_period\"><option value=\"1\">1 {$year}</option>";
        for ($p = 2; $p <= $maxreg; $p++) {
            $out .= "<option value=\"{$p}\"";
            if ($p == $minreg) {
                $out .= " selected>Minimum";
            } else {
                $out .= ">";
            }
            $out .= " {$p} {$years}</option>";
        }
        $out .= "</select><br><br>\n" . submitButtonStart() . _("Ok") . submitButtonEnd() . "\n</form>\n";
        return $out;
    }
    $form_start .= "{$whois_forwareded_params}\n<input type=\"hidden\" name=\"toreg_period\" value=\"" . $_REQUEST["toreg_period"] . "\">";
    $out .= "Registration for <b>" . $_REQUEST["toreg_period"] . " years</b><br>";
    $out .= "DNS1: " . $_REQUEST["toreg_dns1"] . "<br>";
    $out .= "DNS2: " . $_REQUEST["toreg_dns2"] . "<br><br>";
    $out .= "<i><u>" . _("Step 3: Proceed to registration") . "</u></i>\n{$form_start}\n";
    // Check if paiement has just occured !
    if (isset($_REQUEST["inner_action"]) && $_REQUEST["inner_action"] == "return_from_paypal_domain_add") {
        $ze_refund = isPayIDValidated(addslashes($_REQUEST["pay_id"]));
        if ($ze_refund == 0) {
            $out .= "<font color=\"red\">The transaction failed, please try again!</font>";
        } else {
            $out .= "<font color=\"green\">Funds added to your account</font>";
            $q = "UPDATE {$pro_mysql_client_table} SET dollar = dollar+" . $ze_refund . " WHERE id='" . $admin["info"]["id_client"] . "';";
            $r = mysql_query($q) or die("Cannot querry {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error());
            $admin["client"]["dollar"] += $ze_refund;
        }
    }
    // Check billing to know if user has enough money on his account
    $price = find_domain_price($_REQUEST["toreg_extention"]);
    $fqdn_price = $price;
    $fqdn_price *= $_REQUEST["toreg_period"];
    if ($admin["info"]["id_client"] != 0) {
        $remaining = $admin["client"]["dollar"];
    } else {
        $out .= _("You don't have a client ID. Please contact us.") . "<br>";
        $remaining = 0;
        return $out;
    }
    $out .= _("Remaining on your account: ") . " {$secpayconf_currency_letters}" . $remaining . "<br>\n" . _("Total price: ") . " " . $secpayconf_currency_letters . "" . $fqdn_price . "<br><br>";
    if ($fqdn_price > $remaining) {
        $to_pay = $fqdn_price - $remaining;
        $payid = createCreditCardPaiementID($to_pay, $admin["info"]["id_client"], "Domain name registration " . $_REQUEST["toreg_extention"], "no");
        $return_url = $_SERVER["PHP_SELF"] . "?adm_login={$adm_login}&adm_pass={$adm_pass}" . "&addrlink={$addrlink}&action=dtcrm_add_domain&add_domain_type=" . $_REQUEST["add_domain_type"] . "&add_regortrans=" . $_REQUEST["add_regortrans"] . "&toreg_domain=" . $_REQUEST["toreg_domain"] . "&toreg_extention=" . $_REQUEST["toreg_extention"] . "&dtcrm_owner_hdl=" . $_REQUEST["dtcrm_owner_hdl"] . "&dtcrm_admin_hdl=" . $_REQUEST["dtcrm_admin_hdl"] . "&dtcrm_billing_hdl=" . $_REQUEST["dtcrm_billing_hdl"] . "&dtcrm_teck_hdl=" . $_REQUEST["dtcrm_teck_hdl"] . "&toreg_dns1=" . $_REQUEST["toreg_dns1"] . "&toreg_dns2=" . $_REQUEST["toreg_dns2"] . "&toreg_dns3=" . $_REQUEST["toreg_dns3"] . "&toreg_dns4=" . $_REQUEST["toreg_dns4"] . "&toreg_dns5=" . $_REQUEST["toreg_dns5"] . "&toreg_dns6=" . $_REQUEST["toreg_dns6"] . "&toreg_period=" . $_REQUEST["toreg_period"] . "&inner_action=return_from_paypal_domain_add&payid={$payid}";
        $paybutton = paynowButton($payid, $to_pay, "Domain name registration " . $_REQUEST["toreg_extention"], $return_url);
        $out .= _("You currently don't have enough funds on your account. You will be redirected to our payment system. Please click on the button below to pay.") . "<br>\n<br><br>\n{$form_start}\n" . submitButtonStart() . _("Payment complete. Proceed to checkout") . submitButtonEnd() . "\n</form> {$paybutton}";
        return $out;
    }
    // Check for confirmation
    if (!isset($_REQUEST["toreg_confirm_register"]) || $_REQUEST["toreg_confirm_register"] != "yes") {
        $out .= _("You have enough funds on your account to proceed with registration. Press the confirm button to proceed.") . "<br><br>\n{$form_start}\n<input type=\"hidden\" name=\"toreg_confirm_register\" value=\"yes\">\n" . submitButtonStart() . _("Proceed to name-registration") . submitButtonEnd() . "\n</form>";
        return $out;
    }
    ///////////////////////////////////////
    // START OF DOMAIN NAME REGISTRATION //
    $owner_id = $_REQUEST["dtcrm_owner_hdl"];
    $billing_id = $_REQUEST["dtcrm_billing_hdl"];
    $admin_id = $_REQUEST["dtcrm_admin_hdl"];
    $teck_id = $_REQUEST["dtcrm_teck_hdl"];
    $contacts = getContactsArrayFromID($owner_id, $billing_id, $admin_id, $teck_id);
    $dns_servers = array();
    for ($i = 1; $i < 7; $i++) {
        if (isset($_REQUEST["toreg_dns{$i}"]) && isHostname($_REQUEST["toreg_dns{$i}"])) {
            $dns_servers[] = $_REQUEST["toreg_dns{$i}"];
        } else {
            if ($i == 1) {
                $dns_servers[] = $conf_addr_primary_dns;
            } else {
                if ($i == 2) {
                    $dns_servers[] = $conf_addr_secondary_dns;
                }
            }
        }
    }
    $q = "SELECT * FROM {$pro_mysql_domain_table} WHERE owner='{$adm_login}' AND whois='here';";
    $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    if ($n > 0) {
        $new_user = "******";
    } else {
        $new_user = "******";
    }
    //	sleep(2);
    $regz = registry_register_domain($adm_login, $adm_pass, $fqdn, $_REQUEST["toreg_period"], $contacts, $dns_servers, $new_user);
    if ($regz["is_success"] != 1) {
        $out .= "<font color=\"red\"><b>" . _("Registration failed") . "</b></font><br>\n" . _("Server said: ") . "<i>" . $regz["response_text"] . "</i>";
        return $out;
    }
    $out .= "<font color=\"green\"><b>Registration succesfull</b></font><br>\nServer said: <i>" . $regz["response_text"] . "</i><br>";
    $operation = $remaining - $fqdn_price;
    $query = "UPDATE {$pro_mysql_client_table} SET dollar='{$operation}' WHERE id='" . $admin["info"]["id_client"] . "';";
    mysql_query($query) or die("Cannot query \"{$query}\" !!!" . mysql_error());
    addDomainToUser($adm_login, $adm_pass, $fqdn, $adm_pass);
    if ($regz["is_success"] == 1) {
        $id = find_registry_id($fqdn);
        $q = "UPDATE {$pro_mysql_domain_table} SET registrar='" . $registry_api_modules[$id]["name"] . "' WHERE name='{$fqdn}';";
        $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
        unset($ns_ar);
        $ns_ar = array();
        $ns_ar[] = $_REQUEST["toreg_dns1"];
        $ns_ar[] = $_REQUEST["toreg_dns2"];
        if (isset($_REQUEST["toreg_dns3"]) && $_REQUEST["toreg_dns3"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns3"];
        }
        if (isset($_REQUEST["toreg_dns4"]) && $_REQUEST["toreg_dns4"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns4"];
        }
        if (isset($_REQUEST["toreg_dns5"]) && $_REQUEST["toreg_dns5"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns5"];
        }
        if (isset($_REQUEST["toreg_dns6"]) && $_REQUEST["toreg_dns6"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns6"];
        }
        newWhois($fqdn, $owner_id, $billing_id, $admin_id, $teck_id, $_REQUEST["toreg_period"], $ns_ar, $registry_api_modules[$id]["name"]);
    }
    $out .= "<font color=\"green\"><b>" . _("Successfully added your domain name to the hosting database") . "</b></font><br>";
    $out .= _("Click") . " " . "<a href=\"" . $_SERVER["PHP_SELF"] . "?adm_login={$adm_login}&adm_pass={$adm_pass}&addrlink={$addrlink}\">" . _("here") . "</a>" . " " . _("to refresh the menu or add another domain name.");
    // END OF DOMAIN NAME REGISTRATION //
    /////////////////////////////////////
    return $out;
}
function drawNameTransfer($admin, $given_fqdn = "none")
{
    global $adm_login;
    global $adm_pass;
    global $addrlink;
    global $registration_added_price;
    global $pro_mysql_domain_table;
    global $pro_mysql_client_table;
    global $registry_api_modules;
    global $form_enter_dns_infos;
    global $form_enter_auth_code;
    global $whois_forwareded_params;
    global $secpayconf_currency_letters;
    global $allTLD;
    get_secpay_conf();
    $out = "";
    if (isset($_REQUEST["toreg_domain"])) {
        $toreg_domain = $_REQUEST["toreg_domain"];
    }
    if (isset($_REQUEST["toreg_extention"])) {
        $toreg_extention = $_REQUEST["toreg_extention"];
    }
    if ($given_fqdn != "none" && !isset($toreg_extention)) {
        $c = strrpos($given_fqdn, ".");
        $toreg_extention = find_domain_extension($given_fqdn);
        $toreg_domain = str_replace($toreg_extention, "", $given_fqdn);
        # echo "extension: $toreg_extention    domain: $toreg_domain<br />";
    }
    // Step 1: enter domain name and check domain transferability
    $form_start = "<form action=\"" . $_SERVER["PHP_SELF"] . "\">\n<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n<input type=\"hidden\" name=\"addrlink\" value=\"{$addrlink}\">\n<input type=\"hidden\" name=\"dtcrm_action\" value=\"transfer_domain\">\n<input type=\"hidden\" name=\"add_regortrans\" value=\"transfer\">\n<input type=\"hidden\" name=\"add_domain_type\" value=\"" . $_REQUEST["add_domain_type"] . "\">\n";
    $out .= "<br><h3>" . _("Transfer from another registrar to this server:") . "</h3>\n<i><u>" . _("Step1: check if domain is transferable") . "</u></i>";
    # echo "Checking1 $toreg_domain$toreg_extention<br />";
    if (!isset($toreg_extention) || $toreg_extention == "" || !isset($toreg_domain) || $toreg_domain == "" || $toreg_extention != ".com" && $toreg_extention != ".net" && $toreg_extention != ".org" && $toreg_extention != ".biz" && $toreg_extention != ".name" && $toreg_extention != ".info" && $toreg_extention != ".co.uk") {
        $out .= "{$form_start}<br>\n" . _("Please enter the domain name you wish to transfer:") . "<br>\n" . make_registration_tld_popup();
        return $out;
    }
    $form_start .= "<input type=\"hidden\" name=\"toreg_domain\" value=\"{$toreg_domain}\">\n<input type=\"hidden\" name=\"toreg_extention\" value=\"{$toreg_extention}\">";
    $regz = registry_check_transfer($toreg_domain . $toreg_extention);
    # echo "Checking2 $toreg_domain$toreg_extention<br />";
    if ($regz["is_success"] != 1) {
        die("<font color=\"red\">" . _("TRANSFER CHECK FAILED: registry server didn't reply successfuly.") . "</font>");
    }
    if ($regz["attributes"]["transferrable"] != 1) {
        $out .= "<br><font color=\"red\">" . _("TRANSFER CHECK FAILED") . "</font><br>\n" . _("Server said: ") . $regz["attributes"]["reason"] . "<br>\n{$form_start}<br>\n" . _("Please enter the domain name you wish to transfer:") . "<br>\n" . make_registration_tld_popup();
        return $out;
    }
    $out .= "<br><font color=\"green\">" . _("TRANSFER CHECK SUCCESSFUL") . "</font><br><br>";
    // Step 2: enter whois infos
    $out .= "<i><u>" . _("Step 2: select contacts for domain transfer") . "</u></i><br>";
    if (!isset($_REQUEST["dtcrm_owner_hdl"]) || $_REQUEST["dtcrm_owner_hdl"] == "" || !isset($_REQUEST["dtcrm_admin_hdl"]) || $_REQUEST["dtcrm_admin_hdl"] == "" || !isset($_REQUEST["dtcrm_billing_hdl"]) || $_REQUEST["dtcrm_billing_hdl"] == "" || !isset($_REQUEST["toreg_dns1"]) || $_REQUEST["toreg_dns1"] == "" || !isset($_REQUEST["toreg_dns2"]) || $_REQUEST["toreg_dns2"] == "") {
        $out .= $form_start . whoisHandleSelection($admin);
        $out .= $form_enter_dns_infos;
        $out .= $form_enter_auth_code;
        $out .= "<br>" . submitButtonStart() . _("Proceed to transfer") . submitButtonEnd() . "</form>";
        return $out;
    }
    $form_start .= $whois_forwareded_params;
    $out .= "DNS1: " . $_REQUEST["toreg_dns1"] . "<br>";
    $out .= "DNS2: " . $_REQUEST["toreg_dns2"] . "<br><br>";
    $fqdn = $toreg_domain . $toreg_extention;
    $fqdn_price = $price = find_domain_price($toreg_extention);
    if ($admin["info"]["id_client"] != 0) {
        $remaining = $admin["client"]["dollar"];
    } else {
        $out .= _("You don't have a client ID. Please contact us.");
        $remaining = 0;
        return $out;
    }
    // Step 3: check account balance and transfer the domain name after transaction aprooval
    $out .= "<i><u>Step3: Proceed for transfer</u></i><br>";
    $out .= _("Remaining on your account: ") . " " . $remaining . " {$secpayconf_currency_letters}<br>\n" . _("Total price: ") . " " . $fqdn_price . " {$secpayconf_currency_letters}<br><br>";
    if (!isset($_REQUEST["authcode"])) {
        $out .= $form_enter_auth_code;
    } else {
        $out .= "Auth Code:" . " " . $_REQUEST["authcode"] . "<br />";
    }
    if (isset($_REQUEST["inner_action"]) && $_REQUEST["inner_action"] == "return_from_paypal_domain_add") {
        $ze_refund = isPayIDValidated(addslashes($_REQUEST["pay_id"]));
        if ($ze_refund == 0) {
            $out .= "<font color=\"red\">" . _("The transaction failed, please try again!") . "</font>";
        } else {
            $out .= "<font color=\"green\">" . _("Your account has been credited!") . "</font><br>";
            $q = "UPDATE {$pro_mysql_client_table} SET dollar = dollar+" . $ze_refund . " WHERE id='" . $admin["info"]["id_client"] . "';";
            $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error());
            $remaining += $ze_refund;
        }
    }
    if ($fqdn_price > $remaining) {
        $payid = createCreditCardPaiementID($fqdn_price, $admin["info"]["id_client"], "Domain name registration " . $_REQUEST["toreg_extention"], "no");
        $return_url = $_SERVER["PHP_SELF"] . "?adm_login={$adm_login}&adm_pass={$adm_pass}" . "&addrlink={$addrlink}&add_domain_type=" . $_REQUEST["add_domain_type"] . "&add_regortrans=" . $_REQUEST["add_regortrans"] . "&toreg_domain=" . $_REQUEST["toreg_domain"] . "&toreg_extention=" . $_REQUEST["toreg_extention"] . "&dtcrm_owner_hdl=" . $_REQUEST["dtcrm_owner_hdl"] . "&dtcrm_admin_hdl=" . $_REQUEST["dtcrm_admin_hdl"] . "&dtcrm_billing_hdl=" . $_REQUEST["dtcrm_billing_hdl"] . "&toreg_dns1=" . $_REQUEST["toreg_dns1"] . "&toreg_dns2=" . $_REQUEST["toreg_dns2"] . "&toreg_dns3=" . $_REQUEST["toreg_dns3"] . "&toreg_dns4=" . $_REQUEST["toreg_dns4"] . "&toreg_dns5=" . $_REQUEST["toreg_dns5"] . "&toreg_dns6=" . $_REQUEST["toreg_dns6"] . "&toreg_period=1&inner_action=return_from_paypal_domain_add&payid={$payid}";
        if (isset($_REQUEST["action"])) {
            $return_url .= "&action=" . $_REQUEST["action"];
        }
        if (isset($_REQUEST["dtcrm_action"])) {
            $return_url .= "&dtcrm_action=" . $_REQUEST["dtcrm_action"];
        }
        $paybutton = paynowButton($payid, $fqdn_price, "Domain name registration " . $_REQUEST["toreg_extention"], $return_url);
        $out .= _("You currently don't have enough funds on your account. You will be redirected to our payment system. Please click on the button below to pay.") . "<br><br>\n{$paybutton}";
        return $out;
    }
    // Check for confirmation
    if (!isset($_REQUEST["toreg_confirm_transfert"]) || $_REQUEST["toreg_confirm_transfert"] != "yes") {
        $out .= _("You have enough funds on your account to proceed with transfert. Press the confirm button to proceed.") . "<br><br>\n{$form_start}\n<input type=\"hidden\" name=\"toreg_confirm_transfert\" value=\"yes\">\n<input type=\"hidden\" name=\"authcode\" value=\"" . $_REQUEST['authcode'] . "\">\n" . submitButtonStart() . _("Proceed to name-transfert") . submitButtonEnd() . "\n</form>";
        return $out;
    }
    ///////////////////////////////////////
    // START OF DOMAIN NAME TRANSFERT //
    $owner_id = $_REQUEST["dtcrm_owner_hdl"];
    $billing_id = $_REQUEST["dtcrm_billing_hdl"];
    $admin_id = $_REQUEST["dtcrm_admin_hdl"];
    $teck_id = $_REQUEST["dtcrm_teck_hdl"];
    $authcode = $_REQUEST["authcode"];
    $contacts = getContactsArrayFromID($owner_id, $billing_id, $admin_id, $teck_id);
    $dns_servers = array();
    for ($i = 1; $i < 7; $i++) {
        if (isset($_REQUEST["toreg_dns{$i}"]) && isHostname($_REQUEST["toreg_dns{$i}"])) {
            $dns_servers[] = $_REQUEST["toreg_dns{$i}"];
        } else {
            if ($i == 1) {
                $dns_servers[] = $conf_addr_primary_dns;
            } else {
                if ($i == 2) {
                    $dns_servers[] = $conf_addr_secondary_dns;
                }
            }
        }
    }
    $q = "SELECT * FROM {$pro_mysql_domain_table} WHERE owner='{$adm_login}';";
    $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    if ($n > 0) {
        $new_user = "******";
    } else {
        $new_user = "******";
    }
    //	sleep(2);
    $regz = registry_transfert_domain($adm_login, $adm_pass, $fqdn, $contacts, $dns_servers, $new_user, $authcode);
    if ($regz["is_success"] != 1) {
        $out .= "<font color=\"red\"><b>" . _("Transfert failed") . "</b></font><br>\n" . _("Server said: ") . "<i>" . $regz["response_text"] . "</i>";
        return $out;
    }
    $out .= "<font color=\"green\"><b>Transfert succesfull</b></font><br>\nServer said: <i>" . $regz["response_text"] . "</i><br>";
    $operation = $remaining - $fqdn_price;
    $query = "UPDATE {$pro_mysql_client_table} SET dollar='{$operation}' WHERE id='" . $admin["info"]["id_client"] . "';";
    mysql_query($query) or die("Cannot query \"{$query}\" !!!" . mysql_error());
    $q = "SELECT * FROM {$pro_mysql_domain_table} WHERE domain='{$fqdn}';";
    $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    // Is this a transfer of a domain already hosted?
    if ($n == 0) {
        addDomainToUser($adm_login, $adm_pass, $fqdn, $adm_pass);
    }
    if ($regz["is_success"] == 1) {
        $id = find_registry_id($fqdn);
        $q = "UPDATE {$pro_mysql_domain_table} SET registrar='" . $registry_api_modules[$id]["name"] . "' WHERE name='{$fqdn}';";
        $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
        unset($ns_ar);
        $ns_ar = array();
        $ns_ar[] = $_REQUEST["toreg_dns1"];
        $ns_ar[] = $_REQUEST["toreg_dns2"];
        if (isset($_REQUEST["toreg_dns3"]) && $_REQUEST["toreg_dns3"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns3"];
        }
        if (isset($_REQUEST["toreg_dns4"]) && $_REQUEST["toreg_dns4"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns4"];
        }
        if (isset($_REQUEST["toreg_dns5"]) && $_REQUEST["toreg_dns5"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns5"];
        }
        if (isset($_REQUEST["toreg_dns6"]) && $_REQUEST["toreg_dns6"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns6"];
        }
        newWhois($fqdn, $owner_id, $billing_id, $admin_id, $teck_id, $period = "1", $ns_ar, $registry_api_modules[$id]["name"]);
    }
    $out .= "<font color=\"green\"><b>" . _("Successfully added your domain name to the hosting database") . "</b></font><br>";
    $out .= _("Click") . " " . "<a href=\"" . $_SERVER["PHP_SELF"] . "?adm_login={$adm_login}&adm_pass={$adm_pass}&addrlink={$addrlink}\">" . _("here") . "</a>" . " " . _("to refresh the menu or add another domain name.");
    // END OF DOMAIN NAME TRANSFERT //
    /////////////////////////////////////
    return $out;
}