Example #1
0
     }
     $maincontent = style::replaceVar("tpl/order/packages-list.tpl", $packages_list_array);
 } else {
     if ($_POST['submitfinish']) {
         check::empty_fields(array("coupon"));
         if (main::errors()) {
             $order_form_array['ERRORS'] = style::replaceVar("tpl/order/errors.tpl", array()) . "<br><br>";
         } else {
             //We don't check that the TOS is checked because it will be seen as an empty field and get caught by check:empty_fields.
             if (!check::user($postvar['username'])) {
                 main::errors(nl2br("The username was either taken or was in an invalid format.\n\n                                           Usernames:\n                                           1.) Must be between 4-8 characters long\n                                           2.) Must not start with a number\n                                           3.) Must be alphanumeric"));
             }
             if (!check::pass($postvar['password'], $postvar['confirmp'])) {
                 main::errors(nl2br("Your passwords either do not match or contain invalid characters.  (< and > are not allowed.  O>.<O  Nor is #"));
             }
             if (!check::email($postvar['email'])) {
                 main::errors(nl2br("Your email address didn't match one or more of the following:\n\n                                           Your email address:\n                                           1.) Must be in the correct format\n                                           2.) Must not be associated with another client\n                                           3.) If you're using an email address hosted with us, please make sure your email address has the proper \"MX\" or \"A\" DNS record."));
             }
             if (!check::firstname($postvar['firstname'])) {
                 main::errors(nl2br("In our system, your first and last name may only contain letters and the following characters:.' - and space."));
             }
             if (!check::lastname($postvar['lastname'])) {
                 main::errors(nl2br("In our system, your first and last name may only contain letters and the following characters:.' - and space."));
             }
             if (!check::address($postvar['address'])) {
                 main::errors(nl2br("Your address may only contain letters, numbers and the following characters:.- and space."));
             }
             if (!check::city($postvar['city'])) {
                 main::errors(nl2br("Your city may only contain letters and spaces."));
             }
             if (!check::state($postvar['state'])) {
Example #2
0
 public function content()
 {
     global $dbh, $postvar, $getvar, $instance;
     $client = $dbh->client($_SESSION['cuser']);
     $edit_account_array['USER'] = $client['user'];
     $edit_account_array['EMAIL'] = $client['email'];
     $edit_account_array['DOMAIN'] = $client['domain'];
     $edit_account_array['FIRSTNAME'] = $client['firstname'];
     $edit_account_array['LASTNAME'] = $client['lastname'];
     $edit_account_array['ADDRESS'] = $client['address'];
     $edit_account_array['CITY'] = $client['city'];
     $edit_account_array['STATE'] = $client['state'];
     $edit_account_array['ZIP'] = $client['zip'];
     $edit_account_array['PHONE'] = $client['phone'];
     $edit_account_array['TZADJUST'] = main::tzlist($client['tzadjust']);
     $edit_account_array['DISP'] = "<div>";
     $edit_account_array['COUNTRY'] = main::countries(1, $client['country']) . '<a title="Your country." class="tooltip"><img src="<ICONDIR>information.png" /></a>';
     if ($_POST) {
         if (!check::email($postvar['email'], $_SESSION['cuser'])) {
             main::errors("Your email is the wrong format!");
         }
         if (!check::state($postvar['state'])) {
             main::errors("Please enter a valid state!");
         }
         if (!check::address($postvar['address'])) {
             main::errors("Please enter a valid address!");
         }
         if (!check::phone($postvar['phone'])) {
             main::errors("Please enter a valid phone number!");
         }
         if (!check::zip($postvar['zip'])) {
             main::errors("Please enter a valid zip/postal code!");
         }
         if (!check::city($postvar['city'])) {
             main::errors("Please enter a valid city!");
         }
         if (!check::firstname($postvar['firstname'])) {
             main::errors("Please enter a valid first name!");
         }
         if (!check::lastname($postvar['lastname'])) {
             main::errors("Please enter a valid time last name!");
         }
         if (!main::errors()) {
             if ($postvar['country']) {
                 $country_q = "";
             }
             $users_update = array("email" => $postvar['email'], "state" => $postvar['state'], "address" => $postvar['address'], "phone" => $postvar['phone'], "zip" => $postvar['zip'], "city" => $postvar['city'], "tzadjust" => $postvar['tzones'], "firstname" => $postvar['firstname'], "lastname" => $postvar['lastname'], "country" => $postvar['country']);
             $dbh->update("users", $users_update, array("id", "=", $_SESSION['cuser']));
             if ($postvar['change']) {
                 $client = $dbh->client($_SESSION['cuser']);
                 if (crypto::passhash($postvar['currentpass'], $client['salt']) == $client['password']) {
                     if ($postvar['newpass'] === $postvar['cpass']) {
                         $cmd = main::changeClientPassword($_SESSION['cuser'], $postvar['newpass']);
                         if ($cmd === true) {
                             main::errors("Details updated!");
                         } else {
                             main::errors((string) $cmd);
                         }
                     } else {
                         main::errors("Your passwords don't match!");
                     }
                 } else {
                     main::errors("Your current password is incorrect.");
                 }
             } else {
                 $edit_account_array['DISP'] = "<div style=\"display:none;\">";
                 main::errors("Details updated!");
             }
         }
     }
     echo style::replaceVar("tpl/client/edit-account.tpl", $edit_account_array);
 }
Example #3
0
 public function content()
 {
     global $dbh, $postvar, $getvar, $instance;
     switch ($getvar['sub']) {
         default:
             if ($_POST) {
                 check::empty_fields();
                 foreach ($postvar as $key => $value) {
                     $broke = explode("_", $key);
                     if ($broke[0] == "pages") {
                         $postvar['perms'][$broke[1]] = $value;
                     }
                 }
                 if (!main::errors()) {
                     $staff_query = $dbh->select("staff", array("user", "=", $postvar['user']), 0, "1", 1);
                     if (!check::email($postvar['email'])) {
                         main::errors("Your email is the wrong format or is already in use by another staff member or client.");
                     } elseif ($postvar['pass'] != $postvar['conpass']) {
                         main::errors("Passwords don't match!");
                     } elseif ($dbh->num_rows($staff_query) >= 1) {
                         main::errors("That account already exists!");
                     } else {
                         if ($postvar['perms']) {
                             foreach ($postvar['perms'] as $key => $value) {
                                 if ($n) {
                                     $perms .= ",";
                                 }
                                 if ($value == "1") {
                                     $perms .= $key;
                                 }
                                 $n++;
                             }
                         }
                         $salt = crypto::salt();
                         $password = crypto::passhash($postvar['pass'], $salt);
                         $staff_insert = array("user" => $postvar['user'], "name" => $postvar['name'], "email" => $postvar['email'], "password" => $password, "salt" => $salt, "perms" => $perms, "tzadjust" => $postvar['tzones']);
                         $dbh->insert("staff", $staff_insert);
                         main::errors("Account added!");
                     }
                 }
             }
             $acpnav_query = $dbh->select("acpnav", array("link", "!=", "home"), array("id", "ASC"), 0, 1);
             $add_staff_member_array['PAGES'] = '<table width="100%" border="0" cellspacing="0" cellpadding="1">';
             while ($acpnav_data = $dbh->fetch_array($acpnav_query)) {
                 $add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">' . $acpnav_data['visual'] . ':</td><td><input name="pages_' . $acpnav_data['id'] . '" id="pages_' . $acpnav_data['id'] . '" type="checkbox" value="1" /></td></tr>';
             }
             $add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">Paid Configuration:</td><td><input name="pages_paid" id="pages_paid" type="checkbox" value="1" /></td></tr>';
             $add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">P2H Forums:</td><td><input name="pages_p2h" id="pages_p2h" type="checkbox" value="1" /></td></tr>';
             $add_staff_member_array['PAGES'] .= "</table>";
             $add_staff_member_array['TZADJUST'] = main::tzlist();
             echo style::replaceVar("tpl/admin/staff/add-staff-member.tpl", $add_staff_member_array);
             break;
         case "edit":
             if (isset($getvar['do'])) {
                 $staff_data = $dbh->select("staff", array("id", "=", $getvar['do']));
                 if (!$staff_data["user"]) {
                     echo "That account doesn't exist!";
                 } else {
                     if ($_POST) {
                         check::empty_fields();
                         foreach ($postvar as $key => $value) {
                             $broke = explode("_", $key);
                             if ($broke[0] == "pages") {
                                 $postvar['perms'][$broke[1]] = $value;
                             }
                         }
                         if (!main::errors()) {
                             if (!check::email($postvar['email'], $getvar['do'], "staff")) {
                                 main::errors("Your email is the wrong format or is already in use by another staff member or client.");
                             } else {
                                 if ($postvar['perms']) {
                                     foreach ($postvar['perms'] as $key => $value) {
                                         if ($n) {
                                             $perms .= ",";
                                         }
                                         if ($value == "1") {
                                             $perms .= $key;
                                         }
                                         $n++;
                                     }
                                 }
                                 $staff_update = array("email" => $postvar['email'], "name" => $postvar['name'], "perms" => $perms, "tzadjust" => $postvar['tzones'], "user" => $postvar['user']);
                                 $dbh->update("staff", $staff_update, array("id", "=", $getvar['do']));
                                 //Staff account edit complete
                                 main::done();
                             }
                         }
                     }
                     $edit_staff_member_array['USER'] = $staff_data['user'];
                     $edit_staff_member_array['EMAIL'] = $staff_data['email'];
                     $edit_staff_member_array['NAME'] = $staff_data['name'];
                     $edit_staff_member_array['TZADJUST'] = main::tzlist($staff_data['tzadjust']);
                     $acpnav_query = $dbh->select("acpnav", array("link", "!=", "home"), array("id", "ASC"), 0, 1);
                     $edit_staff_member_array['PAGES'] = '<table width="100%" border="0" cellspacing="0" cellpadding="1">';
                     while ($acpnav_data = $dbh->fetch_array($acpnav_query)) {
                         if (!main::checkPerms($acpnav_data['id'], $staff_data['id'])) {
                             $checked = 'checked="checked"';
                         }
                         $edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">' . $acpnav_data['visual'] . ':</td><td><input name="pages_' . $acpnav_data['id'] . '" id="pages_' . $acpnav_data['id'] . '" type="checkbox" value="1" ' . $checked . '/></td></tr>' . "\n";
                         $checked = NULL;
                     }
                     if (substr_count($staff_data['perms'], "paid") == '1') {
                         $paid_check = 'checked="checked"';
                     }
                     if (substr_count($staff_data['perms'], "p2h") == '1') {
                         $p2h_check = 'checked="checked"';
                     }
                     $edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">Paid Configuration:</td><td><input name="pages_paid" id="pages_paid" type="checkbox" value="1" ' . $paid_check . '/></td></tr>' . "\n";
                     $edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">P2H Forums:</td><td><input name="pages_p2h" id="pages_p2h" type="checkbox" value="1" ' . $p2h_check . '/></td></tr>' . "\n";
                     $edit_staff_member_array['PAGES'] .= "</table>";
                     echo style::replaceVar("tpl/admin/staff/edit-staff-member.tpl", $edit_staff_member_array);
                 }
             } else {
                 $staff_query = $dbh->select("staff");
                 if ($dbh->num_rows($staff_query) == 0) {
                     echo "There are no staff accounts to edit!";
                 } else {
                     echo "<ERRORS>";
                     while ($staff_data = $dbh->fetch_array($staff_query)) {
                         echo main::sub("<strong>" . $staff_data['user'] . "</strong>", '<a href="?page=staff&sub=edit&do=' . $staff_data['id'] . '"><img src="' . URL . 'themes/icons/pencil.png"></a>');
                     }
                 }
             }
             break;
         case "delete":
             $staff_query = $dbh->select("staff");
             if ($getvar['do'] && $dbh->num_rows($staff_query) > 1) {
                 $dbh->delete("staff", array("id", "=", $getvar['do']));
                 main::errors("Staff Account Deleted!");
             } elseif ($getvar['do']) {
                 main::errors("Theres only one staff account!");
             }
             if ($dbh->num_rows($staff_query) == 0) {
                 echo "There are no staff accounts to edit!";
             } else {
                 $staff_query = $dbh->select("staff");
                 //This pulls the current staff list after deletion.
                 echo "<ERRORS>";
                 while ($staff_data = $dbh->fetch_array($staff_query)) {
                     echo main::sub("<strong>" . $staff_data['user'] . "</strong>", '<a href="?page=staff&sub=delete&do=' . $staff_data['id'] . '"><img src="' . URL . 'themes/icons/delete.png"></a>');
                 }
             }
             break;
     }
 }
Example #4
0
 public function content()
 {
     global $dbh, $postvar, $getvar, $instance;
     switch ($getvar['sub']) {
         default:
             if ($_POST) {
                 $no_check_fields = array("last_tld_update", "otherdefault");
                 check::empty_fields($no_check_fields);
                 if ($postvar['url'] && substr($postvar['url'], -1, 1) != "/") {
                     $postvar['url'] = $postvar['url'] . "/";
                 }
                 if ($postvar['default_page'] && $postvar['default_page'] == "-other-") {
                     if (!$postvar['otherdefault']) {
                         main::errors("Please enter the default directory to redirect to.");
                     } else {
                         if (is_dir("../" . $postvar['otherdefault'])) {
                             $postvar['default_page'] = $postvar['otherdefault'];
                         } else {
                             main::errors("The default directory entered does not exist.");
                         }
                     }
                 }
                 if ($postvar['last_tld_update'] == "never") {
                     $dbh->updateConfig("last_tld_update", "never");
                 } else {
                     unset($postvar['last_tld_update']);
                 }
                 if (!main::errors()) {
                     foreach ($postvar as $key => $value) {
                         $dbh->updateConfig($key, $value);
                     }
                     main::errors("Settings Updated!");
                 }
             }
             $general_settings_array['NAME'] = $dbh->config("name");
             $general_settings_array['URL'] = $dbh->config("url");
             $general_settings_array['RECURL'] = $_SERVER['HTTP_HOST'];
             $values[] = array("Order Form", "order");
             $values[] = array("Client Area", "client");
             $values[] = array("Knowledge Base", "support");
             $values[] = array("Other", "-other-");
             if ($dbh->config('default_page') != ADMINDIR && $dbh->config('default_page') != "order" && $dbh->config('default_page') != "client") {
                 $general_settings_array['DEFAULT_PAGE'] = main::dropDown("default_page", $values, "-other-");
                 $general_settings_array['OTHERDEFAULT'] = $dbh->config('default_page');
             } else {
                 $general_settings_array['OTHERDEFAULT'] = "";
                 $general_settings_array['DEFAULT_PAGE'] = main::dropDown('default_page', $values, $dbh->config('default_page'));
             }
             $IANA_queue_values[] = array("No", "");
             $IANA_queue_values[] = array("Yes", "never");
             $general_settings_array['QUEUE_IANA'] = main::dropDown("last_tld_update", $IANA_queue_values, $dbh->config("last_tld_update"));
             $general_settings_array['TLD_UPDATE_DAYS'] = $dbh->config("tld_update_days");
             echo style::replaceVar("tpl/admin/settings/general-settings.tpl", $general_settings_array);
             break;
         case "security":
             //security settings
             if ($_POST) {
                 check::empty_fields();
                 if (!check::email($postvar['email_for_cron'], 0, 0, 1)) {
                     main::errors("Please verify that the email you're using for cron output is of a valid format.");
                 }
                 if (!main::errors()) {
                     foreach ($postvar as $key => $value) {
                         $dbh->updateConfig($key, $value);
                     }
                     main::errors("Settings Updated!");
                 }
             }
             $values[] = array("Yes", "1");
             $values[] = array("No", "0");
             $security_settings_array['SHOW_VERSION_ID'] = main::dropDown("show_version_id", $values, $dbh->config("show_version_id"));
             $security_settings_array['SHOW_PAGE_GENTIME'] = main::dropDown("show_page_gentime", $values, $dbh->config("show_page_gentime"));
             $security_settings_array['SHOW_FOOTER'] = main::dropDown("show_footer", $values, $dbh->config("show_footer"));
             $security_settings_array['SHOW_ERRORS'] = main::dropDown("show_errors", $values, $dbh->config("show_errors"));
             $security_settings_array['EMAIL_ON_CRON'] = main::dropDown("emailoncron", $values, $dbh->config("emailoncron"));
             $security_settings_array['EMAIL_FOR_CRON'] = $dbh->config("email_for_cron");
             $security_settings_array['SESSION_TIMEOUT'] = $dbh->config("session_timeout");
             echo style::replaceVar("tpl/admin/settings/security-settings.tpl", $security_settings_array);
             break;
         case "tos":
             if ($_POST) {
                 check::empty_fields();
                 if (!main::errors()) {
                     $dbh->updateConfig("tos", $postvar['tos']);
                     main::errors("Settings Updated!");
                 }
             }
             $tos_array['TOS'] = $dbh->config("tos");
             echo style::replaceVar("tpl/admin/settings/tos.tpl", $tos_array);
             break;
         case "signup":
             if ($_POST) {
                 check::empty_fields();
                 if (!main::errors()) {
                     foreach ($postvar as $key => $value) {
                         $dbh->updateConfig($key, $value);
                     }
                     main::errors("Settings Updated!");
                 }
             }
             $values[] = array("Enabled", "1");
             $values[] = array("Disabled", "0");
             $signup_settings_array['MULTIPLE'] = main::dropDown("multiple", $values, $dbh->config("multiple"));
             $signup_settings_array['TLDONLY'] = main::dropDown("tldonly", $values, $dbh->config("tldonly"));
             $signup_settings_array['GENERAL'] = main::dropDown("general", $values, $dbh->config("general"));
             $signup_settings_array['MESSAGE'] = $dbh->config("message");
             echo style::replaceVar("tpl/admin/settings/signup-settings.tpl", $signup_settings_array);
             break;
         case "client":
             if ($_POST) {
                 $no_check_fields = array("alerts");
                 check::empty_fields($no_check_fields);
                 if (!main::errors()) {
                     foreach ($postvar as $key => $value) {
                         $dbh->updateConfig($key, $value);
                     }
                     main::errors("Settings Updated!");
                 }
             }
             $values[] = array("Enabled", "1");
             $values[] = array("Disabled", "0");
             $client_area_settings_array['DELACC'] = main::dropDown("delacc", $values, $dbh->config("delacc"));
             $client_area_settings_array['ENABLED'] = main::dropDown("cenabled", $values, $dbh->config("cenabled"));
             $client_area_settings_array['ALERTS'] = $dbh->config("alerts");
             echo style::replaceVar("tpl/admin/settings/client-area-settings.tpl", $client_area_settings_array);
             break;
         case "support":
             if ($_POST) {
                 check::empty_fields();
                 if (!main::errors()) {
                     foreach ($postvar as $key => $value) {
                         $dbh->updateConfig($key, $value);
                     }
                     main::errors("Settings Updated!");
                 }
             }
             $values[] = array("Enabled", "1");
             $values[] = array("Disabled", "0");
             $support_settings_array['ENABLED'] = main::dropDown("senabled", $values, $dbh->config("senabled"));
             $support_settings_array['MESSAGE'] = $dbh->config("smessage");
             echo style::replaceVar("tpl/admin/settings/support-settings.tpl", $support_settings_array);
             break;
         case "email":
             if ($_POST) {
                 check::empty_fields();
                 if (!main::errors()) {
                     foreach ($postvar as $key => $value) {
                         $dbh->updateConfig($key, $value);
                     }
                     main::errors("Settings Updated!");
                 }
             }
             $values[] = array("PHP Mail", "php");
             $values[] = array("SMTP", "smtp");
             $email_settings_array['METHOD'] = main::dropDown("emailmethod", $values, $dbh->config("emailmethod"), 0);
             $email_settings_array['EMAILFROM'] = $dbh->config("emailfrom");
             $email_settings_array['SMTP_HOST'] = $dbh->config("smtp_host");
             $email_settings_array['SMTP_USER'] = $dbh->config("smtp_user");
             $email_settings_array['SMTP_PASS'] = $dbh->config("smtp_password");
             $email_settings_array['SMTP_PORT'] = $dbh->config("smtp_port");
             echo style::replaceVar("tpl/admin/settings/email-settings.tpl", $email_settings_array);
             break;
     }
 }