/**
  * Get the latest requests and updates the values avaliable to the model/view.
  * @author Bobby Allen (ballen@bobbyallen.me)
  */
 public function Init()
 {
     //Set class varables
     $this->vars_get = array($_GET);
     $this->vars_post = array($_POST);
     $this->vars_session = array($_SESSION);
     $this->vars_cookie = array($_COOKIE);
     //Here we get the users information
     $user = ctrl_users::GetUserDetail();
     if (!isset($this->vars_session[0]['zpuid'])) {
         ui_module::GetLoginTemplate();
     }
     if (isset($this->vars_get[0]['module'])) {
         ui_module::getModule($this->GetCurrentModule());
     }
     if (isset($this->vars_get[0]['action'])) {
         if (ctrl_groups::CheckGroupModulePermissions($user['usergroupid'], ui_module::GetModuleID())) {
             if (class_exists('module_controller', FALSE) && method_exists('module_controller', 'do' . $this->vars_get[0]['action'])) {
                 call_user_func(array('module_controller', 'do' . $this->vars_get[0]['action']));
             } else {
                 echo ui_sysmessage::shout("No 'do" . runtime_xss::xssClean($this->vars_get[0]['action']) . "' class exists - Please create it to enable controller actions and runtime placeholders within your module.");
             }
         }
     }
     return;
 }
Example #2
0
 static function getAccountSettings()
 {
     $currentuser = ctrl_users::GetUserDetail();
     $res = array();
     array_push($res, array('fullname' => runtime_xss::xssClean($currentuser['fullname']), 'email' => runtime_xss::xssClean($currentuser['email']), 'phone' => runtime_xss::xssClean($currentuser['phone']), 'address' => runtime_xss::xssClean($currentuser['address']), 'postcode' => runtime_xss::xssClean($currentuser['postcode'])));
     return $res;
 }
Example #3
0
 static function ExecuteShowNotice($rid)
 {
     global $zdbh;
     //$result = $zdbh->query("SELECT ac_notice_tx FROM x_accounts WHERE ac_id_pk = :rid")->Fetch();
     $sql = $zdbh->prepare("SELECT ac_notice_tx FROM x_accounts WHERE ac_id_pk = :rid");
     $sql->bindParam(':rid', $rid);
     $sql->execute();
     $result = $sql->fetch();
     if ($result) {
         return runtime_xss::xssClean($result['ac_notice_tx']);
     } else {
         return false;
     }
 }
Example #4
0
 public static function Template()
 {
     $user_array = ctrl_users::GetUserDetail();
     global $zdbh;
     $result = $zdbh->query("SELECT ac_notice_tx FROM x_accounts WHERE ac_id_pk = " . $user_array['resellerid'] . "")->Fetch();
     if ($result) {
         if ($result['ac_notice_tx'] != "") {
             return ui_sysmessage::shout(runtime_xss::xssClean($result['ac_notice_tx']), 'notice', 'Notice:', true);
         }
         return false;
     } else {
         return false;
     }
 }
Example #5
0
 static function ListGroups($uid)
 {
     global $zdbh;
     $currentuser = ctrl_users::GetUserDetail($uid);
     $sql = "SELECT * FROM x_groups WHERE ug_reseller_fk=:resellerid";
     //$numrows = $zdbh->query($sql);
     $numrows = $zdbh->prepare($sql);
     $numrows->bindParam(':resellerid', $currentuser['resellerid']);
     $numrows->execute();
     if ($numrows->fetchColumn() != 0) {
         $sql = $zdbh->prepare($sql);
         $sql->bindParam(':resellerid', $currentuser['resellerid']);
         $res = array();
         $sql->execute();
         while ($rowgroups = $sql->fetch()) {
             if (strtoupper($currentuser['usergroup']) == "ADMINISTRATORS") {
                 $selected = "";
                 if ($rowgroups['ug_id_pk'] == $currentuser['usergroupid']) {
                     $selected = " selected";
                 }
                 array_push($res, array('groupid' => $rowgroups['ug_id_pk'], 'groupname' => runtime_xss::xssClean(ui_language::translate($rowgroups['ug_name_vc'])), 'groupselected' => $selected));
             } else {
                 if (strtoupper($rowgroups['ug_name_vc']) == "USERS") {
                     array_push($res, array('groupid' => $rowgroups['ug_id_pk'], 'groupname' => runtime_xss::xssClean(ui_language::translate($rowgroups['ug_name_vc'])), 'groupselected' => $selected));
                 }
             }
         }
         return $res;
     } else {
         return false;
     }
 }
Example #6
0
    ctrl_auth::KillCookies();
    header("location: ./?loggedout");
    exit;
}
if (isset($_GET['returnsession'])) {
    if (isset($_SESSION['ruid'])) {
        ctrl_auth::SetUserSession($_SESSION['ruid'], runtime_sessionsecurity::getSessionSecurityEnabled());
        $_SESSION['ruid'] = null;
    }
    header("location: ./");
    exit;
}
if (isset($_POST['inForgotPassword'])) {
    runtime_csfr::Protect();
    $randomkey = runtime_randomstring::randomHash();
    $forgotPass = runtime_xss::xssClean($_POST['inForgotPassword']);
    $sth = $zdbh->prepare("SELECT ac_id_pk, ac_user_vc, ac_email_vc  FROM x_accounts WHERE ac_email_vc = :forgotPass");
    $sth->bindParam(':forgotPass', $forgotPass);
    $sth->execute();
    $rows = $sth->fetchAll();
    if ($rows) {
        $result = $rows['0'];
        $zdbh->exec("UPDATE x_accounts SET ac_resethash_tx = '" . $randomkey . "' WHERE ac_id_pk=" . $result['ac_id_pk'] . "");
        if (isset($_SERVER['HTTPS'])) {
            $protocol = 'https://';
        } else {
            $protocol = 'http://';
        }
        $phpmailer = new sys_email();
        $phpmailer->Subject = "Hosting Panel Password Reset";
        $phpmailer->Body = "Hi " . $result['ac_user_vc'] . ",\n            \nYou, or somebody pretending to be you, has requested a password reset link to be sent for your web hosting control panel login.\n        \nIf you wish to proceed with the password reset on your account, please use the link below to be taken to the password reset page.\n            \n" . $protocol . ctrl_options::GetSystemOption('zpanel_domain') . "/?resetkey=" . $randomkey . "\n\n\n                ";
Example #7
0
 static function ListDomainDirs($uid)
 {
     $currentuser = ctrl_users::GetUserDetail($uid);
     $res = array();
     $handle = @opendir(ctrl_options::GetSystemOption('hosted_dir') . $currentuser['username'] . "/public_html");
     $chkdir = ctrl_options::GetSystemOption('hosted_dir') . $currentuser['username'] . "/public_html/";
     if (!$handle) {
         // Log an error as the folder cannot be opened...
     } else {
         while ($file = @readdir($handle)) {
             if ($file != "." && $file != ".." && $file != "_errorpages") {
                 if (is_dir($chkdir . $file)) {
                     $res[] = array('domains' => runtime_xss::xssClean($file));
                 }
             }
         }
         closedir($handle);
     }
     return $res;
 }
Example #8
0
 public static function Template()
 {
     $user_array = ctrl_users::GetUserDetail();
     return runtime_xss::xssClean($user_array['fullname']);
 }
Example #9
0
 static function doEditGroup()
 {
     global $controller;
     runtime_csfr::Protect();
     $currentuser = ctrl_users::GetUserDetail();
     $formvars = $controller->GetAllControllerRequests('FORM');
     foreach (self::ListGroups($currentuser['userid']) as $row) {
         if (isset($formvars['inDelete_' . $row['groupid'] . ''])) {
             header("location: ./?module=" . runtime_xss::xssClean($controller->GetCurrentModule()) . "&show=Delete&other=" . runtime_xss::xssClean($row['groupid']) . "");
             exit;
         }
         if (isset($formvars['inEdit_' . $row['groupid'] . ''])) {
             header("location: ./?module=" . runtime_xss::xssClean($controller->GetCurrentModule()) . "&show=Edit&other=" . runtime_xss::xssClean($row['groupid']) . "");
             exit;
         }
     }
     return;
 }