Exemple #1
0
 public function content()
 {
     global $dbh, $postvar, $getvar, $instance;
     switch ($getvar['sub']) {
         default:
             if ($_POST) {
                 check::empty_fields();
                 foreach ($postvar as $key => $value) {
                     $broke = explode("_", $key);
                     if ($broke[0] == "pages") {
                         $postvar['perms'][$broke[1]] = $value;
                     }
                 }
                 if (!main::errors()) {
                     $staff_query = $dbh->select("staff", array("user", "=", $postvar['user']), 0, "1", 1);
                     if (!check::email($postvar['email'])) {
                         main::errors("Your email is the wrong format or is already in use by another staff member or client.");
                     } elseif ($postvar['pass'] != $postvar['conpass']) {
                         main::errors("Passwords don't match!");
                     } elseif ($dbh->num_rows($staff_query) >= 1) {
                         main::errors("That account already exists!");
                     } else {
                         if ($postvar['perms']) {
                             foreach ($postvar['perms'] as $key => $value) {
                                 if ($n) {
                                     $perms .= ",";
                                 }
                                 if ($value == "1") {
                                     $perms .= $key;
                                 }
                                 $n++;
                             }
                         }
                         $salt = crypto::salt();
                         $password = crypto::passhash($postvar['pass'], $salt);
                         $staff_insert = array("user" => $postvar['user'], "name" => $postvar['name'], "email" => $postvar['email'], "password" => $password, "salt" => $salt, "perms" => $perms, "tzadjust" => $postvar['tzones']);
                         $dbh->insert("staff", $staff_insert);
                         main::errors("Account added!");
                     }
                 }
             }
             $acpnav_query = $dbh->select("acpnav", array("link", "!=", "home"), array("id", "ASC"), 0, 1);
             $add_staff_member_array['PAGES'] = '<table width="100%" border="0" cellspacing="0" cellpadding="1">';
             while ($acpnav_data = $dbh->fetch_array($acpnav_query)) {
                 $add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">' . $acpnav_data['visual'] . ':</td><td><input name="pages_' . $acpnav_data['id'] . '" id="pages_' . $acpnav_data['id'] . '" type="checkbox" value="1" /></td></tr>';
             }
             $add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">Paid Configuration:</td><td><input name="pages_paid" id="pages_paid" type="checkbox" value="1" /></td></tr>';
             $add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">P2H Forums:</td><td><input name="pages_p2h" id="pages_p2h" type="checkbox" value="1" /></td></tr>';
             $add_staff_member_array['PAGES'] .= "</table>";
             $add_staff_member_array['TZADJUST'] = main::tzlist();
             echo style::replaceVar("tpl/admin/staff/add-staff-member.tpl", $add_staff_member_array);
             break;
         case "edit":
             if (isset($getvar['do'])) {
                 $staff_data = $dbh->select("staff", array("id", "=", $getvar['do']));
                 if (!$staff_data["user"]) {
                     echo "That account doesn't exist!";
                 } else {
                     if ($_POST) {
                         check::empty_fields();
                         foreach ($postvar as $key => $value) {
                             $broke = explode("_", $key);
                             if ($broke[0] == "pages") {
                                 $postvar['perms'][$broke[1]] = $value;
                             }
                         }
                         if (!main::errors()) {
                             if (!check::email($postvar['email'], $getvar['do'], "staff")) {
                                 main::errors("Your email is the wrong format or is already in use by another staff member or client.");
                             } else {
                                 if ($postvar['perms']) {
                                     foreach ($postvar['perms'] as $key => $value) {
                                         if ($n) {
                                             $perms .= ",";
                                         }
                                         if ($value == "1") {
                                             $perms .= $key;
                                         }
                                         $n++;
                                     }
                                 }
                                 $staff_update = array("email" => $postvar['email'], "name" => $postvar['name'], "perms" => $perms, "tzadjust" => $postvar['tzones'], "user" => $postvar['user']);
                                 $dbh->update("staff", $staff_update, array("id", "=", $getvar['do']));
                                 //Staff account edit complete
                                 main::done();
                             }
                         }
                     }
                     $edit_staff_member_array['USER'] = $staff_data['user'];
                     $edit_staff_member_array['EMAIL'] = $staff_data['email'];
                     $edit_staff_member_array['NAME'] = $staff_data['name'];
                     $edit_staff_member_array['TZADJUST'] = main::tzlist($staff_data['tzadjust']);
                     $acpnav_query = $dbh->select("acpnav", array("link", "!=", "home"), array("id", "ASC"), 0, 1);
                     $edit_staff_member_array['PAGES'] = '<table width="100%" border="0" cellspacing="0" cellpadding="1">';
                     while ($acpnav_data = $dbh->fetch_array($acpnav_query)) {
                         if (!main::checkPerms($acpnav_data['id'], $staff_data['id'])) {
                             $checked = 'checked="checked"';
                         }
                         $edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">' . $acpnav_data['visual'] . ':</td><td><input name="pages_' . $acpnav_data['id'] . '" id="pages_' . $acpnav_data['id'] . '" type="checkbox" value="1" ' . $checked . '/></td></tr>' . "\n";
                         $checked = NULL;
                     }
                     if (substr_count($staff_data['perms'], "paid") == '1') {
                         $paid_check = 'checked="checked"';
                     }
                     if (substr_count($staff_data['perms'], "p2h") == '1') {
                         $p2h_check = 'checked="checked"';
                     }
                     $edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">Paid Configuration:</td><td><input name="pages_paid" id="pages_paid" type="checkbox" value="1" ' . $paid_check . '/></td></tr>' . "\n";
                     $edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">P2H Forums:</td><td><input name="pages_p2h" id="pages_p2h" type="checkbox" value="1" ' . $p2h_check . '/></td></tr>' . "\n";
                     $edit_staff_member_array['PAGES'] .= "</table>";
                     echo style::replaceVar("tpl/admin/staff/edit-staff-member.tpl", $edit_staff_member_array);
                 }
             } else {
                 $staff_query = $dbh->select("staff");
                 if ($dbh->num_rows($staff_query) == 0) {
                     echo "There are no staff accounts to edit!";
                 } else {
                     echo "<ERRORS>";
                     while ($staff_data = $dbh->fetch_array($staff_query)) {
                         echo main::sub("<strong>" . $staff_data['user'] . "</strong>", '<a href="?page=staff&sub=edit&do=' . $staff_data['id'] . '"><img src="' . URL . 'themes/icons/pencil.png"></a>');
                     }
                 }
             }
             break;
         case "delete":
             $staff_query = $dbh->select("staff");
             if ($getvar['do'] && $dbh->num_rows($staff_query) > 1) {
                 $dbh->delete("staff", array("id", "=", $getvar['do']));
                 main::errors("Staff Account Deleted!");
             } elseif ($getvar['do']) {
                 main::errors("Theres only one staff account!");
             }
             if ($dbh->num_rows($staff_query) == 0) {
                 echo "There are no staff accounts to edit!";
             } else {
                 $staff_query = $dbh->select("staff");
                 //This pulls the current staff list after deletion.
                 echo "<ERRORS>";
                 while ($staff_data = $dbh->fetch_array($staff_query)) {
                     echo main::sub("<strong>" . $staff_data['user'] . "</strong>", '<a href="?page=staff&sub=delete&do=' . $staff_data['id'] . '"><img src="' . URL . 'themes/icons/delete.png"></a>');
                 }
             }
             break;
     }
 }
Exemple #2
0
 $order_form_array['EMAIL'] = $postvar['email'];
 $order_form_array['FIRSTNAME'] = stripslashes($postvar['firstname']);
 $order_form_array['LASTNAME'] = stripslashes($postvar['lastname']);
 $order_form_array['ADDRESS'] = $postvar['address'];
 $order_form_array['CITY'] = $postvar['city'];
 $order_form_array['STATE'] = $postvar['state'];
 $order_form_array['ZIP'] = $postvar['zip'];
 $order_form_array['PHONE'] = $postvar['phone'];
 $order_form_array['COUPON'] = $postvar['coupon'] == "" ? $getvar['coupon'] : $postvar['coupon'];
 $order_form_array['PACKID'] = $getvar['package'];
 $domain_array['DOMAIN'] = $postvar['cdom'];
 if (empty($domain_array['DOMAIN'])) {
     $domain_array['DOMAIN'] = $postvar['csub'];
 }
 $order_form_array['TOS'] = $dbh->config("tos");
 $order_form_array['TZADJUST'] = main::tzlist($tz_default);
 $order_form_array['COUNTRIES'] = main::countries(1, $postvar['country']);
 //1 = Make it a drop down instead of pulling an array.  The second part makes it set it's default.
 $ptype = type::packagetype($getvar['package']);
 $order_form_array['TYPESPECIFIC'] = type::orderForm($ptype);
 if ($getvar['domsub'] == "dom") {
     $order_form_array['DOMORSUB'] = style::replaceVar("tpl/order/domain.tpl", $domain_array);
 } else {
     $pack = $getvar['package'];
     $server_type = type::packageserver($pack);
     $serverfile = server::createServer($server_type);
     $can_create_subs = $serverfile->subdomains;
     if ($can_create_subs == false) {
         $maincontent = main::table("Subdomain Error", "Sorry, but the server for this package doesn't allow subdomains to be used without a unique domain present on the account.  If you'd like to\n                                                                   use a domain, please go back and select the domain option.");
     } else {
         $subdomains_query = $dbh->select("subdomains", array("server", "=", $server_type), array("subdomain", "ASC"), 0, 1);
Exemple #3
0
 public function content()
 {
     global $dbh, $postvar, $getvar, $instance;
     $client = $dbh->client($_SESSION['cuser']);
     $edit_account_array['USER'] = $client['user'];
     $edit_account_array['EMAIL'] = $client['email'];
     $edit_account_array['DOMAIN'] = $client['domain'];
     $edit_account_array['FIRSTNAME'] = $client['firstname'];
     $edit_account_array['LASTNAME'] = $client['lastname'];
     $edit_account_array['ADDRESS'] = $client['address'];
     $edit_account_array['CITY'] = $client['city'];
     $edit_account_array['STATE'] = $client['state'];
     $edit_account_array['ZIP'] = $client['zip'];
     $edit_account_array['PHONE'] = $client['phone'];
     $edit_account_array['TZADJUST'] = main::tzlist($client['tzadjust']);
     $edit_account_array['DISP'] = "<div>";
     $edit_account_array['COUNTRY'] = main::countries(1, $client['country']) . '<a title="Your country." class="tooltip"><img src="<ICONDIR>information.png" /></a>';
     if ($_POST) {
         if (!check::email($postvar['email'], $_SESSION['cuser'])) {
             main::errors("Your email is the wrong format!");
         }
         if (!check::state($postvar['state'])) {
             main::errors("Please enter a valid state!");
         }
         if (!check::address($postvar['address'])) {
             main::errors("Please enter a valid address!");
         }
         if (!check::phone($postvar['phone'])) {
             main::errors("Please enter a valid phone number!");
         }
         if (!check::zip($postvar['zip'])) {
             main::errors("Please enter a valid zip/postal code!");
         }
         if (!check::city($postvar['city'])) {
             main::errors("Please enter a valid city!");
         }
         if (!check::firstname($postvar['firstname'])) {
             main::errors("Please enter a valid first name!");
         }
         if (!check::lastname($postvar['lastname'])) {
             main::errors("Please enter a valid time last name!");
         }
         if (!main::errors()) {
             if ($postvar['country']) {
                 $country_q = "";
             }
             $users_update = array("email" => $postvar['email'], "state" => $postvar['state'], "address" => $postvar['address'], "phone" => $postvar['phone'], "zip" => $postvar['zip'], "city" => $postvar['city'], "tzadjust" => $postvar['tzones'], "firstname" => $postvar['firstname'], "lastname" => $postvar['lastname'], "country" => $postvar['country']);
             $dbh->update("users", $users_update, array("id", "=", $_SESSION['cuser']));
             if ($postvar['change']) {
                 $client = $dbh->client($_SESSION['cuser']);
                 if (crypto::passhash($postvar['currentpass'], $client['salt']) == $client['password']) {
                     if ($postvar['newpass'] === $postvar['cpass']) {
                         $cmd = main::changeClientPassword($_SESSION['cuser'], $postvar['newpass']);
                         if ($cmd === true) {
                             main::errors("Details updated!");
                         } else {
                             main::errors((string) $cmd);
                         }
                     } else {
                         main::errors("Your passwords don't match!");
                     }
                 } else {
                     main::errors("Your current password is incorrect.");
                 }
             } else {
                 $edit_account_array['DISP'] = "<div style=\"display:none;\">";
                 main::errors("Details updated!");
             }
         }
     }
     echo style::replaceVar("tpl/client/edit-account.tpl", $edit_account_array);
 }