public function failedLogin()
{
global $whmcs;
$remote_ip = $whmcs->get_user_ip();
if ($this->isWhitelistedIP($remote_ip)) {
return false;
}
$loginfailures = unserialize($whmcs->get_config("LoginFailures"));
if (!is_array($loginfailures[$remote_ip])) {
$loginfailures[$remote_ip] = array();
}
if ($loginfailures[$remote_ip]['expires'] < time()) {
$loginfailures[$remote_ip]['count'] = 0;
}
++$loginfailures[$remote_ip]['count'];
$loginfailures[$remote_ip]['expires'] = time() + 30 * 60;
if (3 <= $loginfailures[$remote_ip]['count']) {
unset($loginfailures[$remote_ip]);
insert_query("tblbannedips", array("ip" => $remote_ip, "reason" => "3 Invalid Login Attempts", "expires" => $this->getLoginBanDate()));
}
$whmcs->set_config("LoginFailures", serialize($loginfailures));
if (isset($this->admindata['username'])) {
$username = $this->admindata['username'];
sendAdminNotification("system", "WHMCS Admin Failed Login Attempt", "<p>A recent login attempt failed. Details of the attempt are below.</p><p>Date/Time: " . date("d/m/Y H:i:s") . ("<br>Username: "******"<br>IP Address: " . $remote_ip . "<br>Hostname: ") . gethostbyaddr($remote_ip) . "</p>");
logActivity("Failed Admin Login Attempt - Username: "******"system", "WHMCS Admin Failed Login Attempt", "<p>A recent login attempt failed. Details of the attempt are below.</p><p>Date/Time: " . date("d/m/Y H:i:s") . "<br>Username: "******"<br>IP Address: " . $remote_ip . "<br>Hostname: ") . gethostbyaddr($remote_ip) . "</p>");
logActivity("Failed Admin Login Attempt - IP: " . $remote_ip);
}
public function updateClient()
{
global $whmcs;
$exinfo = getClientsDetails($this->getID());
if (defined("ADMINAREA")) {
$updatefieldsarray = array();
} else {
$updatefieldsarray = array("firstname" => "First Name", "lastname" => "Last Name", "companyname" => "Company Name", "email" => "Email Address", "address1" => "Address 1", "address2" => "Address 2", "city" => "City", "state" => "State", "postcode" => "Postcode", "country" => "Country", "phonenumber" => "Phone Number", "billingcid" => "Billing Contact");
if ($whmcs->get_config("AllowClientsEmailOptOut")) {
$updatefieldsarray['emailoptout'] = "Newsletter Email Opt Out";
}
}
$changelist = array();
$updateqry = array();
foreach ($updatefieldsarray as $field => $displayname) {
if ($this->isEditableField($field)) {
$value = $whmcs->get_req_var($field);
if ($field == "emailoptout" && !$value) {
$value = "0";
}
$updateqry[$field] = $value;
if ($value != $exinfo[$field]) {
$changelist[] = "" . $displayname . ": '" . $exinfo[$field] . "' to '" . $value . "'";
continue;
}
continue;
}
}
update_query("tblclients", $updateqry, array("id" => $this->getID()));
$old_customfieldsarray = getCustomFields("client", "", $this->getID(), "", "");
$customfields = getCustomFields("client", "", $this->getID(), "", "");
foreach ($customfields as $v) {
$k = $v['id'];
$customfieldsarray[$k] = $_POST['customfield'][$k];
}
saveCustomFields($this->getID(), $customfieldsarray);
$paymentmethod = $whmcs->get_req_var("paymentmethod");
clientChangeDefaultGateway($this->getID(), $paymentmethod);
if ($paymentmethod != $exinfo['defaultgateway']) {
$changelist[] = "Default Payment Method: '" . getGatewayName($exinfo['defaultgateway']) . "' to '" . getGatewayName($paymentmethod) . "'<br>\n";
}
run_hook("ClientEdit", array_merge(array("userid" => $this->getID(), "olddata" => $exinfo), $updateqry));
if (!defined("ADMINAREA") && $whmcs->get_config("SendEmailNotificationonUserDetailsChange")) {
foreach ($old_customfieldsarray as $values) {
if ($values['value'] != $_POST['customfield'][$values['id']]) {
$changelist[] = $values['name'] . ": '" . $values['value'] . "' to '" . $_POST['customfield'][$values['id']] . "'";
continue;
}
}
if (0 < count($changelist)) {
$adminurl = $whmcs->get_config("SystemSSLURL") ? $whmcs->get_config("SystemSSLURL") : $whmcs->get_config("SystemURL");
$adminurl .= "/" . $whmcs->get_admin_folder_name() . "/clientssummary.php?userid=" . $this->getID();
sendAdminNotification("account", "WHMCS User Details Change", "<p>Client ID: <a href=\"" . $adminurl . "\">" . $this->getID() . " - " . $exinfo['firstname'] . " " . $exinfo['lastname'] . "</a> has requested to change his/her details as indicated below:<br><br>" . implode("<br />\n", $changelist) . "<br>If you are unhappy with any of the changes, you need to login and revert them - this is the only record of the old details.</p>");
logActivity("Client Profile Modified - " . implode(", ", $changelist) . " - User ID: " . $this->getID());
}
}
return true;
}
function namecheap_SaveContactDetails($params)
{
require_once dirname(__FILE__) . "/namecheapapi.php";
$testmode = (bool) $params['TestMode'];
$username = $testmode ? $params['SandboxUsername'] : $params['Username'];
$password = $testmode ? $params['SandboxPassword'] : $params['Password'];
$tld = $params['tld'];
$sld = $params['sld'];
$oIDNA = new NamecheapRegistrarIDNA($sld, $tld);
$sld = $oIDNA->getEncodedSld();
$response = '';
$result = $request_params = $values = array();
try {
$request_params = array('DomainName' => $sld . '.' . $tld);
// see namecheap_GetContactDetails for data format
foreach ($params['contactdetails'] as $k => $v) {
if (in_array($k, array('Registrant', 'Admin', 'Tech', 'AuxBilling'))) {
$request_params[$k . 'FirstName'] = $v['First Name'];
$request_params[$k . 'LastName'] = $v['Last Name'];
$request_params[$k . 'OrganizationName'] = $v['Organization Name'];
$request_params[$k . 'Address1'] = $v['Address'];
$request_params[$k . 'Address2'] = $v['Address1'];
$request_params[$k . 'City'] = $v['City'];
$request_params[$k . 'StateProvince'] = $v['State'];
$request_params[$k . 'PostalCode'] = $v['Postcode'];
$request_params[$k . 'Country'] = $v['Country'];
$request_params[$k . 'Phone'] = $v['Phone'];
$request_params[$k . 'Fax'] = !empty($v['Fax']) ? $v['Fax'] : $v['Phone'];
$request_params[$k . 'EmailAddress'] = $v['Email'];
}
}
$api = new NamecheapRegistrarApi($username, $password, $testmode);
$response = $api->request("namecheap.domains.setContacts", $request_params);
$result = $api->parseResponse($response);
if (isset($result['DomainSetContactResult']['Warnings']['Warning'])) {
$message = "Saving Contact Details warning<br />" . "-----------------------------------------------------------------------------------------<br />" . $result['DomainSetContactResult']['Warnings']['Warning']['@value'] . "<br /" . "-----------------------------------------------------------------------------------------<br />" . "Domain: " . $sld . "." . $tld;
sendAdminNotification("system", "WHMCS Namecheap Domain Registrar Module", $message);
}
} catch (Exception $e) {
$values['error'] = "An error occurred: " . $e->getMessage();
logModuleCall('namecheap', 'SaveContactDetails', array('command' => "namecheap.domains.setContacts") + $request_params, $response, $result, array($password));
}
return $values;
}
function Namecheapssl_hook_report()
{
// create html for report
$dateEnd = date('Y-m-d H:i:00');
$dateStart = date('Y-m-d H:i:59', mktime(date('H'), date('i'), date('s'), date('n'), date('d') - 1));
$query = "SELECT log.*,c.email FROM mod_namecheapssl_log log LEFT JOIN tblclients AS c ON (log.userid=c.id AND user='******') WHERE log.date BETWEEN '{$dateStart}' AND '{$dateEnd}' AND `debug`=0 ";
$r = mysql_query($query);
if (mysql_num_rows($r)) {
$html = "Namecheap SSL Module Cron Job Report for {$dateStart}-{$dateEnd} <br><br>";
while ($row = mysql_fetch_assoc($r)) {
$html .= "{$row['date']}; {$row['description']}; " . ('client' == $row['user'] ? ' User(client): ' . $row['email'] : ' Admin user: '******'user']) . "({$row['userid']});" . (!empty($row['serviceid']) ? "Service id: {$row['serviceid']}; " : '');
$html .= '<br>';
}
sendAdminNotification('system', "SSL Actions Report", $html);
}
}
function resellerclub_DomainSync($registrar)
{
$lcregistrar = strtolower($registrar);
$cronreport = "" . $registrar . " Domain Sync Report<br>\n---------------------------------------------------<br>\n";
$params = getRegistrarConfigOptions($lcregistrar);
$postfields['auth-userid'] = $params['ResellerID'];
$postfields['api-key'] = $params['APIKey'];
$testmode = $params['TestMode'];
$queryresult = select_query("tbldomains", "id,domain,status", "registrar='" . $lcregistrar . "' AND (status='Pending Transfer' OR status='Active')");
while ($data = mysql_fetch_array($queryresult)) {
$domainid = $data['id'];
$domainname = $data['domain'];
$status = $data['status'];
$postfields['domain-name'] = $domainname;
$orderid = resellerclub_getOrderID($postfields, $params);
if (!is_numeric($orderid)) {
$cronreport .= "Error for " . $domainname . ": " . $orderid . "<br>\n";
}
unset($postfields);
$postfields['auth-userid'] = $params['ResellerID'];
$postfields['api-key'] = $params['APIKey'];
$postfields['order-id'] = $orderid;
$postfields['options'] = "All";
$result = resellerclub_SendCommand("details", "domains", $postfields, $params, "GET");
if ($result['status'] == "ERROR") {
$cronreport .= "Error for " . $domainname . ": " . $result['message'] . "<br>\n";
}
$expirytime = $currentstatus = "";
$expirytime = $result['endtime'];
$currentstatus = $result['currentstatus'];
if ($expirytime) {
$updateqry = array();
if ($currentstatus == "Active") {
$updateqry['status'] = "Active";
}
$expirydate = date("Y-m-d", $expirytime);
$updateqry['expirydate'] = $expirydate;
if (count($updateqry)) {
update_query("tbldomains", $updateqry, array("id" => $domainid));
}
if ($status == "Pending Transfer" && $currentstatus == "Active") {
sendMessage("Domain Transfer Completed", $domainid);
$cronreport .= "Processed Domain Transfer Completion of " . $domainname . " - Updated expiry to " . fromMySQLDate($expirydate) . "<br>\n";
}
$cronreport .= "Updated " . $domainname . " expiry to " . fromMySQLDate($expirydate) . "<br>\n";
}
$cronreport .= "Error for " . $domainname . ": No expiry date returned<br>\n";
}
echo $cronreport;
logActivity("" . $registrar . " Domain Sync Run");
sendAdminNotification("system", "WHMCS " . $registrar . " Domain Syncronisation Report", $cronreport);
}
$buttoncode = str_replace("<form", "<form target=\"3dauth\"", $buttoncode);
$smartyvalues['code'] = $buttoncode;
$smartyvalues['width'] = "400";
$smartyvalues['height'] = "500";
if ($buttoncode == "success" || $buttoncode == "declined") {
$result = $buttoncode;
} else {
$templatefile = "3dsecure";
outputClientArea($templatefile);
exit;
}
} else {
$result = captureCCPayment($invoiceid, $cccvv, true);
}
if ($params['paymentmethod'] == "offlinecc") {
sendAdminNotification("account", "Offline Credit Card Payment Submitted", "<p>An offline credit card payment has just been submitted. Details are below:</p><p>Client ID: " . $_SESSION['uid'] . "<br />Invoice ID: " . $invoiceid . "</p>");
redir("id=" . $invoiceid . "&offlinepaid=true", "viewinvoice.php");
}
if ($result == "success") {
redir("id=" . $invoiceid . "&paymentsuccess=true", "viewinvoice.php");
exit;
} else {
$errormessage = "<li>" . $_LANG['creditcarddeclined'];
$action = "";
if ($ccinfo == "new") {
updateCCDetails($_SESSION['uid'], "", "", "", "", "");
}
}
}
}
$clientsdetails = getClientsDetails($_SESSION['uid'], "billing");
}
if ($CONFIG['DomainSyncNotifyOnly']) {
$updateqry = array("synced" => "1");
}
update_query("tbldomains", $updateqry, array("id" => $domainid));
$cronreport .= " - " . $domain . ": ";
if (!count($response)) {
$cronreport .= "Sync Not Supported by Registrar Module";
} else {
if ($response['error'] && strtolower(substr($response['error'], 0, 4)) == "curl") {
if (!in_array($registrar, $curlerrorregistrars)) {
$curlerrorregistrars[] = $registrar;
}
$cronreport .= "Error: " . $response['error'];
} else {
if ($response['error']) {
$cronreport .= "Error: " . $response['error'];
} else {
if (!function_exists($registrar . "_TransfersSync") && $status == "Pending Transfer" && $response['active']) {
sendMessage("Domain Transfer Completed", $domainid);
}
$cronreport .= count($synceditems) ? ($CONFIG['DomainSyncNotifyOnly'] ? "Out of Sync " : "Updated ") . implode(", ", $synceditems) : "In Sync";
}
}
}
$cronreport .= "<br />\n";
}
echo $cronreport;
logActivity("Domain Sync Cron: Completed");
sendAdminNotification("system", "WHMCS Domain Syncronisation Cron Report", $cronreport);
function makeDomainPayment($func_domainid, $type = "")
{
global $whmcs;
$result = select_query("tbldomains", "", array("id" => $func_domainid));
$data = mysql_fetch_array($result);
$userid = $data['userid'];
$orderid = $data['orderid'];
$registrationperiod = $data['registrationperiod'];
$registrationdate = $data['registrationdate'];
$nextduedate = $data['nextduedate'];
$recurringamount = $data['recurringamount'];
$domain = $data['domain'];
$paymentmethod = $data['paymentmethod'];
$registrar = $data['registrar'];
$status = $data['status'];
$year = substr($nextduedate, 0, 4);
$month = substr($nextduedate, 5, 2);
$day = substr($nextduedate, 8, 2);
$newnextduedate = date("Y-m-d", mktime(0, 0, 0, $month, $day, $year + $registrationperiod));
update_query("tbldomains", array("nextduedate" => $newnextduedate), array("id" => $func_domainid));
$domaintype = substr($type, 6);
$domainparts = explode(".", $domain, 2);
$sld = $domainparts[0];
$tld = $domainparts[1];
$params = array();
$params['domainid'] = $func_domainid;
$params['sld'] = $sld;
$params['tld'] = $tld;
if (!function_exists("getRegistrarConfigOptions")) {
require ROOTDIR . "/includes/registrarfunctions.php";
}
if ($domaintype == "Register" || $domaintype == "Transfer") {
$result = select_query("tbldomainpricing", "autoreg", array("extension" => "." . $tld));
$data = mysql_fetch_array($result);
$autoreg = $data[0];
if ($status == "Pending") {
if (getNewClientAutoProvisionStatus($userid)) {
if ($autoreg) {
update_query("tbldomains", array("registrar" => $autoreg), array("id" => $func_domainid));
$params['registrar'] = $autoreg;
if ($domaintype == "Register") {
logActivity("Running Automatic Domain Registration on Payment", $userid);
$result = RegRegisterDomain($params);
$emailmessage = "Domain Registration Confirmation";
} else {
if ($domaintype == "Transfer") {
logActivity("Running Automatic Domain Transfer on Payment", $userid);
$result = RegTransferDomain($params);
$emailmessage = "Domain Transfer Initiated";
}
}
$result = $result['error'];
if ($result) {
sendAdminMessage("Automatic Setup Failed", array("client_id" => $userid, "domain_id" => $func_domainid, "domain_type" => $domaintype, "domain_name" => $domain, "error_msg" => $result), "account");
if ($whmcs->get_config("DomainToDoListEntries")) {
if ($domaintype == "Register") {
addToDoItem("Manual Domain Registration", "Client ID " . $userid . " has paid for the registration of domain " . $domain . " and the automated registration attempt has failed with the following error: " . $result);
return null;
}
if ($domaintype == "Transfer") {
addToDoItem("Manual Domain Transfer", "Client ID " . $userid . " has paid for the transfer of domain " . $domain . " and the automated transfer attempt has failed with the following error: " . $result);
return null;
}
}
} else {
sendMessage($emailmessage, $func_domainid);
sendAdminMessage("Automatic Setup Successful", array("client_id" => $userid, "domain_id" => $func_domainid, "domain_type" => $domaintype, "domain_name" => $domain, "error_msg" => ""), "account");
return null;
}
}
if ($whmcs->get_config("DomainToDoListEntries")) {
if ($domaintype == "Register") {
addToDoItem("Manual Domain Registration", "Client ID " . $userid . " has paid for the registration of domain " . $domain);
return null;
}
if ($domaintype == "Transfer") {
addToDoItem("Manual Domain Transfer", "Client ID " . $userid . " has paid for the transfer of domain " . $domain);
return null;
}
}
} else {
logActivity("Automatic Domain Registration on Payment Suppressed for New Client", $userid);
return null;
}
}
if ($autoreg) {
logActivity("Automatic Domain Registration Suppressed as Domain Is Already Active", $userid);
return null;
}
} else {
if ($status != "Pending" && $status != "Cancelled" && $status != "Fraud") {
if ($whmcs->get_config("AutoRenewDomainsonPayment") && $registrar) {
if ($whmcs->get_config("FreeDomainAutoRenewRequiresProduct") && $recurringamount <= 0 && !get_query_val("tblhosting", "COUNT(*)", array("userid" => $userid, "domain" => $domain, "domainstatus" => "Active"))) {
logActivity("Surpressed Automatic Domain Renewal on Payment Due to Domain Being Free and having No Active Associated Product", $userid);
sendAdminNotification("account", "Free Domain Renewal Manual Action Required", "The domain " . $domain . " (ID: " . $func_domainid . ") was just invoiced for renewal and automatically marked paid due to it being free, but because no active Product/Service matching the domain was found in order to qualify for the free domain offer, the renewal has not been automatically submitted to the registrar. You must login to review & process this renewal manually should it be desired.");
return null;
}
logActivity("Running Automatic Domain Renewal on Payment", $userid);
$params['registrar'] = $registrar;
$result = RegRenewDomain($params);
$result = $result['error'];
if ($result) {
sendAdminMessage("Domain Renewal Failed", array("client_id" => $userid, "domain_id" => $func_domainid, "domain_name" => $domain, "error_msg" => $result), "account");
if ($whmcs->get_config("DomainToDoListEntries")) {
addToDoItem("Manual Domain Renewal", "Client ID " . $userid . " has paid for the renewal of domain " . $domain . " and the automated renewal attempt has failed with the following error: " . $result);
return null;
}
} else {
sendMessage("Domain Renewal Confirmation", $func_domainid);
sendAdminMessage("Domain Renewal Successful", array("client_id" => $userid, "domain_id" => $func_domainid, "domain_name" => $domain, "error_msg" => ""), "account");
return null;
}
}
if ($whmcs->get_config("DomainToDoListEntries")) {
addToDoItem("Manual Domain Renewal", "Client ID " . $userid . " has paid for the renewal of domain " . $domain);
}
}
}
}
