<?php define('_MEXEC', 'OK'); require_once "../../system/load.php"; $action = $_REQUEST['action']; switch ($action) { case "viewClients": viewClients(); break; case "addClient": addClient(); break; case "updateClient": updateClient(); break; case "deleteClient": deleteClient(); case "ExisUserName": ExisUserName(); break; case "ExisEmail": ExisEmail(); break; case "ExisEmailEdit": ExisEmailEdit(); break; case "loginClient": loginClient(); break; case "logout": logout();
$emaildomain = $emaildomain[1]; if (!preg_match('/^([a-zA-Z0-9&\'.])+([\\.a-zA-Z0-9+_-])*@([a-zA-Z0-9_-])+(\\.[a-zA-Z0-9_-]+)*\\.([a-zA-Z]{2,6})$/', $email)) { $errormessage .= "<li>" . $_LANG['clientareaerroremailinvalid']; infoBox($aInt->lang("global", "validationerror"), $aInt->lang("clients", "invalidemail"), "error"); } else { $query = "subaccount=1 AND email='" . mysql_real_escape_string($email) . "'"; $result = select_query("tblcontacts", "COUNT(*)", $query); $data = mysql_fetch_array($result); if ($data[0]) { infoBox($aInt->lang("clients", "duplicateemail"), $aInt->lang("clients", "duplicateemailexp"), "error"); } } } if (!$infobox) { $_SESSION['currency'] = $currency; $userid = addClient($firstname, $lastname, $companyname, $email, $address1, $address2, $city, $state, $postcode, $country, $phonenumber, $password, $securityqid, $securityqans, $sendemail, array("notes" => $notes, "status" => $status, "credit" => $credit, "taxexempt" => $taxexempt, "latefeeoveride" => $latefeeoveride, "overideduenotices" => $overideduenotices, "language" => $language, "billingcid" => $billingcid, "lastlogin" => "00000000000000", "groupid" => $groupid, "separateinvoices" => $separateinvoices, "disableautocc" => $disableautocc, "defaultgateway" => $paymentmethod)); unset($_SESSION['uid']); unset($_SESSION['upw']); redir("userid=" . $userid, "clientssummary.php"); } } } } releaseSession(); ob_start(); $questions = getSecurityQuestions(""); echo $infobox; echo "\n<form method=\"post\" action=\""; echo $PHP_SELF; echo "?action=add\">\n\n<table class=\"form\" width=\"100%\" border=\"0\" cellspacing=\"2\" cellpadding=\"3\">\n<tr><td width=\"15%\" class=\"fieldlabel\">"; echo $aInt->lang("fields", "firstname");
function convertQuotetoInvoice($id, $invoicetype, $invoiceduedate, $depositpercent, $depositduedate, $finalduedate, $sendemail) { global $CONFIG; global $_LANG; $result = select_query("tblquotes", "", array("id" => $id)); $data = mysql_fetch_array($result); $userid = $data['userid']; $firstname = $data['firstname']; $lastname = $data['lastname']; $companyname = $data['companyname']; $email = $data['email']; $address1 = $data['address1']; $address2 = $data['address2']; $city = $data['city']; $state = $data['state']; $postcode = $data['postcode']; $country = $data['country']; $phonenumber = $data['phonenumber']; $currency = $data['currency']; if ($userid) { getUsersLang($userid); $clientsdetails = getClientsDetails($userid); $state = $clientsdetails['state']; $country = $clientsdetails['country']; } else { if (!function_exists("addClient")) { require ROOTDIR . "/clientfunctions.php"; } $_SESSION['currency'] = $currency; $userid = addClient($firstname, $lastname, $companyname, $email, $address1, $address2, $city, $state, $postcode, $country, $phonenumber, substr(md5($id), 0, 10), 0, "", "on"); } if ($CONFIG['TaxEnabled'] == "on") { $taxlevel1 = getTaxRate(1, $state, $country); $taxlevel2 = getTaxRate(2, $state, $country); $taxrate = $taxlevel1['rate']; $taxrate2 = $taxlevel2['rate']; } $subtotal = $data['subtotal']; $tax1 = $data['tax1']; $tax2 = $data['tax2']; $total = $data['total']; $result = select_query("tblpaymentgateways", "gateway", array("setting" => "name"), "order", "ASC"); $data = mysql_fetch_array($result); $gateway = $data['gateway']; $duedate = $finaldate = ""; if ($invoicetype == "deposit") { if ($depositduedate) { $duedate = toMySQLDate($depositduedate); } $finaldate = $finalduedate ? toMySQLDate($finalduedate) : date("Y-m-d"); } else { if ($invoiceduedate) { $duedate = toMySQLDate($invoiceduedate); } } if (!$duedate) { $duedate = date("Y-m-d"); } $invoiceid = insert_query("tblinvoices", array("date" => "now()", "duedate" => $duedate, "userid" => $userid, "status" => "Unpaid", "paymentmethod" => $gateway, "taxrate" => $taxrate, "taxrate2" => $taxrate2, "subtotal" => $subtotal, "tax" => $tax1, "tax2" => $tax2, "total" => $total, "notes" => $_LANG['quoteref'] . $id)); if ($finaldate) { $finalinvoiceid = insert_query("tblinvoices", array("date" => "now()", "duedate" => $finaldate, "userid" => $userid, "status" => "Unpaid", "paymentmethod" => $gateway, "taxrate" => $taxrate, "taxrate2" => $taxrate2, "subtotal" => $subtotal, "tax" => $tax1, "tax2" => $tax2, "total" => $total, "notes" => $_LANG['quoteref'] . $id)); } $result = select_query("tblquoteitems", "", array("quoteid" => $id), "id", "ASC"); while ($data = mysql_fetch_array($result)) { $line_id = $data['id']; $line_desc = $data['description']; $line_qty = $data['quantity']; $line_unitprice = $data['unitprice']; $line_discount = $data['discount']; $line_taxable = $data['taxable']; $line_total = format_as_currency($line_qty * $line_unitprice * (1 - $line_discount / 100)); $lineitemdesc = "" . $line_qty . " x " . $line_desc . " @ " . $line_unitprice; if (0 < $line_discount) { $lineitemdesc .= " - " . $line_discount . "% " . $_LANG['orderdiscount']; } if ($finalinvoiceid) { $originalamount = $line_total; $line_total = $originalamount * ($depositpercent / 100); $final_amount = $originalamount - $line_total; insert_query("tblinvoiceitems", array("invoiceid" => $finalinvoiceid, "userid" => $userid, "description" => $lineitemdesc . " (" . (100 - $depositpercent) . "% " . $_LANG['quotefinalpayment'] . ")", "amount" => $final_amount, "taxed" => $line_taxable)); $lineitemdesc .= " (" . $depositpercent . "% " . $_LANG['quotedeposit'] . ")"; } insert_query("tblinvoiceitems", array("invoiceid" => $invoiceid, "userid" => $userid, "description" => $lineitemdesc, "amount" => $line_total, "taxed" => $line_taxable)); } if (!function_exists("updateInvoiceTotal")) { require ROOTDIR . "/includes/invoicefunctions.php"; } updateInvoiceTotal($invoiceid); if ($finalinvoiceid) { updateInvoiceTotal($finalinvoiceid); } run_hook("InvoiceCreationPreEmail", array("invoiceid" => $invoiceid)); if ($finalinvoiceid) { run_hook("InvoiceCreationPreEmail", array("invoiceid" => $finalinvoiceid)); } if ($sendemail) { sendMessage("Invoice Created", $invoiceid); if ($finalinvoiceid) { sendMessage("Invoice Created", $finalinvoiceid); } } run_hook("InvoiceCreated", array("invoiceid" => $invoiceid)); if ($finalinvoiceid) { run_hook("InvoiceCreated", array("invoiceid" => $finalinvoiceid)); } if (1 < $CONFIG['InvoiceIncrement']) { $invoiceincrement = $CONFIG['InvoiceIncrement'] - 1; $counter = 1; while ($counter <= $invoiceincrement) { $tempinvoiceid = insert_query("tblinvoices", array("date" => "now()")); delete_query("tblinvoices", array("id" => $tempinvoiceid)); $counter += 1; } } update_query("tblquotes", array("userid" => $userid, "stage" => "Accepted"), array("id" => $id)); return $invoiceid; }
<?php // Juju Login and Registration Scripts // by D. Brad Talton Jr. // (c) 2010 by PathosEthos LLC // gets and sets details for the client list $username = $_REQUEST['email']; // this is the unique key that defines a client $password = $_REQUEST['pass']; // in the database, this is hashed with sha1 $pathToClientList = "./ClientList.csv"; // ACTUAL SCRIPT EXECUTION loadData(); if ($_REQUEST['action'] == "register") { // attempt a registration $success = addClient($username, $password, $_REQUEST['first'], $_REQUEST['last'], $_REQUEST['company']); if ($success == TRUE) { echo "<xml result='0' ></xml>"; // client's new login level writeData(); // save to disk } echo "<xml result='-1'></xml>"; // failed to register } else { echo "<xml result='" . checkLogin($username, $password) . "' ></xml>"; } /* * JUJU API * * loadData() - Opens the CSV and reads out all data
$remote_ip = $clientip; } $errormessage = checkDetailsareValid(); if ($errormessage && !$skipvalidation) { $errormessage = explode("<li>", $errormessage); $error = $errormessage[1]; $apiresults = array("result" => "error", "message" => $error); return 1; } $_SESSION['currency'] = $currency; $sendemail = $noemail ? false : true; $langatstart = $_SESSION['Language']; if ($language) { $_SESSION['Language'] = $language; } addClient($firstname, $lastname, $companyname, $email, $address1, $address2, $city, $state, $postcode, $country, $phonenumber, $password2, $securityqid, $securityqans, $sendemail); if ($_POST['cctype']) { if (!function_exists("updateCCDetails")) { require ROOTDIR . "/includes/ccfunctions.php"; } updateCCDetails($_SESSION['uid'], $_POST['cctype'], $_POST['cardnum'], $_POST['expdate'], $_POST['startdate'], $_POST['issuenumber']); } $updateqry = array(); if ($groupid) { $updateqry['groupid'] = $groupid; } if ($notes) { $updateqry['notes'] = $notes; } if (count($updateqry)) { update_query("tblclients", $updateqry, array("id" => $_SESSION['uid']));
function validateClientLogin($username, $password, $twofadone = false) { global $CONFIG; global $whmcs; if ($username && ($password || $_SESSION['adminid'] || $twofadone)) { } else { return false; } if (isset($_SESSION['uid'])) { unset($_SESSION['uid']); } if (isset($_SESSION['cid'])) { unset($_SESSION['cid']); } if (isset($_SESSION['upw'])) { unset($_SESSION['upw']); } $login_uid = $login_cid = $login_pwd = $loginsharematch = ""; $where = array(); $where['email'] = $username; if (!$_SESSION['adminid']) { $where['status'] = array("sqltype" => "NEQ", "value" => "Closed"); } $result = select_query("tblclients", "", $where); $data = mysql_fetch_array($result); $login_uid = $data['id']; $login_pwd = $data['password']; $language = $data['language']; $authmodule = $data['authmodule']; if (!$login_uid) { $result = select_query("tblcontacts", "", array("email" => $username, "subaccount" => "1", "password" => array("sqltype" => "NEQ", "value" => ""))); $data = mysql_fetch_array($result); $login_cid = $data['id']; $login_uid = $data['userid']; $login_pwd = $data['password']; $result = select_query("tblclients", "id,language", array("id" => $login_uid, "status" => array("sqltype" => "NEQ", "value" => "Closed"))); $data = mysql_fetch_array($result); $login_uid = $data['id']; $language = $data['language']; } if (!$login_uid) { $hookresults = run_hook("ClientLoginShare", array("username" => $username, "password" => $password)); foreach ($hookresults as $hookres) { if ($hookres) { $hookid = $hookres['id']; $hookemail = $hookres['email']; if ($hookid) { $result = select_query("tblclients", "", array("id" => $hookid)); } else { $result = select_query("tblclients", "", array("email" => $hookemail)); } $data = mysql_fetch_array($result); $login_uid = $data['id']; if ($login_uid) { $loginsharematch = true; $login_pwd = $data['password']; $language = $data['language']; continue; } if ($hookres['create']) { addClient($hookres['firstname'], $hookres['lastname'], $hookres['companyname'], $hookres['email'], $hookres['address1'], $hookres['address2'], $hookres['city'], $hookres['state'], $hookres['postcode'], $hookres['country'], $hookres['phonenumber'], $hookres['password'], "", "", false); return true; } continue; } } } if ($login_uid) { if ($CONFIG['NOMD5']) { $check_pwd = decrypt($login_pwd); } else { $salt = explode(":", $login_pwd); $salt = $salt[1]; $password = generateClientPW($password, $salt); $check_pwd = $login_pwd; } $adminallowedclientlogin = false; if (isset($_SESSION['adminid'])) { $adminroleid = get_query_val("tbladmins", "roleid", array("id" => $_SESSION['adminid'])); $adminallowedclientlogin = get_query_val("tbladminperms", "permid", array("roleid" => $adminroleid, "permid" => "120")); } if ($password === $check_pwd || isset($_SESSION['adminid']) && $adminallowedclientlogin || $loginsharematch || $twofadone) { $twofa = new WHMCS_2FA(); if ($twofa->isActiveClients() && $authmodule && !$twofadone && !isset($_SESSION['adminid'])) { $_SESSION['2faverifyc'] = true; $_SESSION['2faclientid'] = $login_uid; $_SESSION['2farememberme'] = $whmcs->get_req_var("rememberme"); return false; } if (!isset($_SESSION['adminid'])) { $fullhost = gethostbyaddr($whmcs->get_user_ip()); update_query("tblclients", array("lastlogin" => "now()", "ip" => $whmcs->get_user_ip(), "host" => $fullhost), array("id" => $login_uid)); } $_SESSION['uid'] = $login_uid; if ($login_cid) { $_SESSION['cid'] = $login_cid; } $haship = $CONFIG['DisableSessionIPCheck'] ? "" : $whmcs->get_user_ip(); $_SESSION['upw'] = sha1($login_uid . $login_cid . $login_pwd . $haship . substr(sha1($whmcs->get_hash()), 0, 20)); if (!isset($_SESSION['adminid'])) { set_token(genRandomVal()); } if ($language && !isset($_SESSION['adminid'])) { $_SESSION['Language'] = $language; } run_hook("ClientLogin", array("userid" => $login_uid)); return true; } } if ($login_uid) { logActivity("Failed Login Attempt - User ID: " . $login_uid, $login_uid); } return false; }