public function __construct($reqpermission, $releaseSession = true)
{
global $CONFIG;
global $licensing;
global $_ADMINLANG;
global $infobox;
global $whmcs;
$infobox = "";
$licensing->remoteCheck();
if ($licensing->getStatus() != "Active") {
redir("licenseerror=" . $licensing->getStatus(), "licenseerror.php");
}
if ($CONFIG['AdminForceSSL'] && $CONFIG['SystemSSLURL']) {
if (!$_SERVER['HTTPS'] || $_SERVER['HTTPS'] == "off") {
$requesturl = $_SERVER['PHP_SELF'] . "?";
foreach ($_REQUEST as $key => $value) {
if (!is_array($value)) {
$requesturl .= "" . $key . "=" . urlencode($value) . "&";
continue;
}
}
$requesturl = substr($requesturl, 0, 0 - 1);
$requesturl = substr($requesturl, strrpos($requesturl, "/"));
header("Location: " . $CONFIG['SystemSSLURL'] . "/" . $whmcs->get_admin_folder_name() . $requesturl);
exit;
}
}
if ($reqpermission == "loginonly") {
$this->loginRequired = true;
} else {
if ($reqpermission) {
$this->requiredPermission = $reqpermission;
} else {
$this->loginRequired = false;
}
}
require ROOTDIR . "/includes/smarty/Smarty.class.php";
if ($this->loginRequired) {
$auth = new WHMCS_Auth();
if (!$auth->isLoggedIn()) {
$_SESSION['admloginurlredirect'] = html_entity_decode($_SERVER['REQUEST_URI']);
redir("", "login.php");
}
$auth->getInfobyID($_SESSION['adminid']);
if ($auth->isSessionPWHashValid()) {
$auth->updateAdminLog();
$this->adminTemplate = $auth->getAdminTemplate();
if ($auth->getAdminLanguage()) {
$this->language = $auth->getAdminLanguage();
}
} else {
$auth->destroySession();
redir("", "login.php");
}
}
if ($releaseSession) {
releaseSession();
}
if ($this->requiredPermission) {
$permid = array_search($this->requiredPermission, getAdminPermsArray());
$result = select_query("tbladmins", "roleid", array("id" => $_SESSION['adminid']));
$data = mysql_fetch_array($result);
$roleid = $data['roleid'];
$result = select_query("tbladminperms", "COUNT(*)", array("roleid" => $roleid, "permid" => $permid));
$data = mysql_fetch_array($result);
$match = $data[0];
if (!$match) {
redir("permid=" . $permid, "accessdenied.php");
exit;
}
}
$filename = $_SERVER['PHP_SELF'];
$filename = substr($filename, strrpos($filename, "/"));
$filename = str_replace(array("/", ".php"), "", $filename);
if (isset($_SESSION['adminid'])) {
$twofa = new WHMCS_2FA();
$twofa->setAdminID($_SESSION['adminid']);
if ($filename != "myaccount" && $twofa->isForced() && !$twofa->isEnabled() && $twofa->isActiveAdmins()) {
redir("2faenforce=1", "myaccount.php");
}
}
$this->filename = $filename;
$this->rowLimit = $CONFIG['NumRecordstoDisplay'];
if (isset($_SESSION['adminlang']) && $_SESSION['adminlang']) {
$this->language = $_SESSION['adminlang'];
}
$this->language = $whmcs->validateLanguage($this->language, true);
$whmcs->loadLanguage($this->language, true);
}
* @ Author : MTIMER
* @ Release on : 2013-12-24
* @ Website : http://www.mtimer.cn
*
**/
define("ADMINAREA", true);
require "../init.php";
$aInt = new WHMCS_Admin("My Account", false);
$aInt->title = $aInt->lang("global", "myaccount");
$aInt->sidebar = "config";
$aInt->icon = "home";
$aInt->requiredFiles(array("ticketfunctions"));
$action = $whmcs->get_req_var("action");
$errormessage = "";
$twofa = new WHMCS_2FA();
$twofa->setAdminID($_SESSION['adminid']);
if ($whmcs->get_req_var("2fasetup")) {
if (!$twofa->isActiveAdmins()) {
exit("Access denied");
}
ob_start();
if ($twofa->isEnabled()) {
echo "<div class=\"content\"><div style=\"padding:15px;\">";
$disabled = $incorrect = false;
if ($password = $whmcs->get_req_var("pwverify")) {
$auth = new WHMCS_Auth();
$auth->getInfobyID($_SESSION['adminid']);
if ($auth->comparePassword($password)) {
$twofa->disableUser();
$disabled = true;
} else {
}
}
}
echo "<div id=\"login_msg\"><span style=\"font-size:14px;\"><strong>" . $msgtitle . "</strong></span><br>" . $msg . "</div>";
if (isset($_SESSION['2fabackupcodenew'])) {
$twofa = new WHMCS_2FA();
if ($twofa->setAdminID($_SESSION['2faadminid'])) {
$backupcode = $twofa->generateNewBackupCode();
echo "<div id=\"login\"><p align=\"center\">Your New Backup Code is:</p><div style=\"margin:20px auto;padding:10px;width:280px;background-color:#F2D4CE;border:1px dashed #AE432E;text-align:center;font-size:20px;\">" . $backupcode . "</div><p align=\"center\">Write this down on paper and keep it safe.<br />It will be needed if you ever lose your 2nd factor device or it is unavailable to you again in future.</p><form method=\"post\" action=\"dologin.php\"><p align=\"center\"><input type=\"submit\" value=\"Continue to Admin Area »\" /></p></form></div>";
} else {
echo "<div id=\"login\">An error occurred. Please try again.</div>";
}
} else {
if (isset($_SESSION['2faverify'])) {
$twofa = new WHMCS_2FA();
if ($twofa->setAdminID($_SESSION['2faadminid'])) {
if (!$twofa->isActiveAdmins() || !$twofa->isEnabled()) {
WHMCS_Session::destroy();
redir();
}
if ($whmcs->get_req_var("backupcode")) {
echo "<div id=\"login\"><form method=\"post\" action=\"dologin.php\"><input type=\"hidden\" name=\"backupcode\" value=\"1\" /><p align=\"center\"><input type=\"text\" name=\"code\" size=\"25\" /> <input type=\"submit\" value=\"Login »\" /></p><p align=\"center\">Enter Your Backup Code Above to Login</p></form></div>";
} else {
$challenge = $twofa->moduleCall("challenge");
if ($challenge) {
echo "<div id=\"login\">" . $challenge . "<p align=\"center\">Can't Access Your 2nd Factor Device? <a href=\"login.php?backupcode=1\">Login using Backup Code</a></p></div>";
} else {
echo "<div id=\"login\">Bad 2 Factor Auth Module. Please contact support.</div>";
}
}
} else {