public function content()
{
global $dbh, $postvar, $getvar, $instance;
switch ($getvar['sub']) {
default:
if ($_POST) {
check::empty_fields();
foreach ($postvar as $key => $value) {
$broke = explode("_", $key);
if ($broke[0] == "pages") {
$postvar['perms'][$broke[1]] = $value;
}
}
if (!main::errors()) {
$staff_query = $dbh->select("staff", array("user", "=", $postvar['user']), 0, "1", 1);
if (!check::email($postvar['email'])) {
main::errors("Your email is the wrong format or is already in use by another staff member or client.");
} elseif ($postvar['pass'] != $postvar['conpass']) {
main::errors("Passwords don't match!");
} elseif ($dbh->num_rows($staff_query) >= 1) {
main::errors("That account already exists!");
} else {
if ($postvar['perms']) {
foreach ($postvar['perms'] as $key => $value) {
if ($n) {
$perms .= ",";
}
if ($value == "1") {
$perms .= $key;
}
$n++;
}
}
$salt = crypto::salt();
$password = crypto::passhash($postvar['pass'], $salt);
$staff_insert = array("user" => $postvar['user'], "name" => $postvar['name'], "email" => $postvar['email'], "password" => $password, "salt" => $salt, "perms" => $perms, "tzadjust" => $postvar['tzones']);
$dbh->insert("staff", $staff_insert);
main::errors("Account added!");
}
}
}
$acpnav_query = $dbh->select("acpnav", array("link", "!=", "home"), array("id", "ASC"), 0, 1);
$add_staff_member_array['PAGES'] = '<table width="100%" border="0" cellspacing="0" cellpadding="1">';
while ($acpnav_data = $dbh->fetch_array($acpnav_query)) {
$add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">' . $acpnav_data['visual'] . ':</td><td><input name="pages_' . $acpnav_data['id'] . '" id="pages_' . $acpnav_data['id'] . '" type="checkbox" value="1" /></td></tr>';
}
$add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">Paid Configuration:</td><td><input name="pages_paid" id="pages_paid" type="checkbox" value="1" /></td></tr>';
$add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">P2H Forums:</td><td><input name="pages_p2h" id="pages_p2h" type="checkbox" value="1" /></td></tr>';
$add_staff_member_array['PAGES'] .= "</table>";
$add_staff_member_array['TZADJUST'] = main::tzlist();
echo style::replaceVar("tpl/admin/staff/add-staff-member.tpl", $add_staff_member_array);
break;
case "edit":
if (isset($getvar['do'])) {
$staff_data = $dbh->select("staff", array("id", "=", $getvar['do']));
if (!$staff_data["user"]) {
echo "That account doesn't exist!";
} else {
if ($_POST) {
check::empty_fields();
foreach ($postvar as $key => $value) {
$broke = explode("_", $key);
if ($broke[0] == "pages") {
$postvar['perms'][$broke[1]] = $value;
}
}
if (!main::errors()) {
if (!check::email($postvar['email'], $getvar['do'], "staff")) {
main::errors("Your email is the wrong format or is already in use by another staff member or client.");
} else {
if ($postvar['perms']) {
foreach ($postvar['perms'] as $key => $value) {
if ($n) {
$perms .= ",";
}
if ($value == "1") {
$perms .= $key;
}
$n++;
}
}
$staff_update = array("email" => $postvar['email'], "name" => $postvar['name'], "perms" => $perms, "tzadjust" => $postvar['tzones'], "user" => $postvar['user']);
$dbh->update("staff", $staff_update, array("id", "=", $getvar['do']));
//Staff account edit complete
main::done();
}
}
}
$edit_staff_member_array['USER'] = $staff_data['user'];
$edit_staff_member_array['EMAIL'] = $staff_data['email'];
$edit_staff_member_array['NAME'] = $staff_data['name'];
$edit_staff_member_array['TZADJUST'] = main::tzlist($staff_data['tzadjust']);
$acpnav_query = $dbh->select("acpnav", array("link", "!=", "home"), array("id", "ASC"), 0, 1);
$edit_staff_member_array['PAGES'] = '<table width="100%" border="0" cellspacing="0" cellpadding="1">';
while ($acpnav_data = $dbh->fetch_array($acpnav_query)) {
if (!main::checkPerms($acpnav_data['id'], $staff_data['id'])) {
$checked = 'checked="checked"';
}
$edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">' . $acpnav_data['visual'] . ':</td><td><input name="pages_' . $acpnav_data['id'] . '" id="pages_' . $acpnav_data['id'] . '" type="checkbox" value="1" ' . $checked . '/></td></tr>' . "\n";
$checked = NULL;
}
if (substr_count($staff_data['perms'], "paid") == '1') {
$paid_check = 'checked="checked"';
}
if (substr_count($staff_data['perms'], "p2h") == '1') {
$p2h_check = 'checked="checked"';
}
$edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">Paid Configuration:</td><td><input name="pages_paid" id="pages_paid" type="checkbox" value="1" ' . $paid_check . '/></td></tr>' . "\n";
$edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">P2H Forums:</td><td><input name="pages_p2h" id="pages_p2h" type="checkbox" value="1" ' . $p2h_check . '/></td></tr>' . "\n";
$edit_staff_member_array['PAGES'] .= "</table>";
echo style::replaceVar("tpl/admin/staff/edit-staff-member.tpl", $edit_staff_member_array);
}
} else {
$staff_query = $dbh->select("staff");
if ($dbh->num_rows($staff_query) == 0) {
echo "There are no staff accounts to edit!";
} else {
echo "<ERRORS>";
while ($staff_data = $dbh->fetch_array($staff_query)) {
echo main::sub("<strong>" . $staff_data['user'] . "</strong>", '<a href="?page=staff&sub=edit&do=' . $staff_data['id'] . '"><img src="' . URL . 'themes/icons/pencil.png"></a>');
}
}
}
break;
case "delete":
$staff_query = $dbh->select("staff");
if ($getvar['do'] && $dbh->num_rows($staff_query) > 1) {
$dbh->delete("staff", array("id", "=", $getvar['do']));
main::errors("Staff Account Deleted!");
} elseif ($getvar['do']) {
main::errors("Theres only one staff account!");
}
if ($dbh->num_rows($staff_query) == 0) {
echo "There are no staff accounts to edit!";
} else {
$staff_query = $dbh->select("staff");
//This pulls the current staff list after deletion.
echo "<ERRORS>";
while ($staff_data = $dbh->fetch_array($staff_query)) {
echo main::sub("<strong>" . $staff_data['user'] . "</strong>", '<a href="?page=staff&sub=delete&do=' . $staff_data['id'] . '"><img src="' . URL . 'themes/icons/delete.png"></a>');
}
}
break;
}
}
$order_form_array['EMAIL'] = $postvar['email'];
$order_form_array['FIRSTNAME'] = stripslashes($postvar['firstname']);
$order_form_array['LASTNAME'] = stripslashes($postvar['lastname']);
$order_form_array['ADDRESS'] = $postvar['address'];
$order_form_array['CITY'] = $postvar['city'];
$order_form_array['STATE'] = $postvar['state'];
$order_form_array['ZIP'] = $postvar['zip'];
$order_form_array['PHONE'] = $postvar['phone'];
$order_form_array['COUPON'] = $postvar['coupon'] == "" ? $getvar['coupon'] : $postvar['coupon'];
$order_form_array['PACKID'] = $getvar['package'];
$domain_array['DOMAIN'] = $postvar['cdom'];
if (empty($domain_array['DOMAIN'])) {
$domain_array['DOMAIN'] = $postvar['csub'];
}
$order_form_array['TOS'] = $dbh->config("tos");
$order_form_array['TZADJUST'] = main::tzlist($tz_default);
$order_form_array['COUNTRIES'] = main::countries(1, $postvar['country']);
//1 = Make it a drop down instead of pulling an array. The second part makes it set it's default.
$ptype = type::packagetype($getvar['package']);
$order_form_array['TYPESPECIFIC'] = type::orderForm($ptype);
if ($getvar['domsub'] == "dom") {
$order_form_array['DOMORSUB'] = style::replaceVar("tpl/order/domain.tpl", $domain_array);
} else {
$pack = $getvar['package'];
$server_type = type::packageserver($pack);
$serverfile = server::createServer($server_type);
$can_create_subs = $serverfile->subdomains;
if ($can_create_subs == false) {
$maincontent = main::table("Subdomain Error", "Sorry, but the server for this package doesn't allow subdomains to be used without a unique domain present on the account. If you'd like to\n use a domain, please go back and select the domain option.");
} else {
$subdomains_query = $dbh->select("subdomains", array("server", "=", $server_type), array("subdomain", "ASC"), 0, 1);
public function content()
{
global $dbh, $postvar, $getvar, $instance;
$client = $dbh->client($_SESSION['cuser']);
$edit_account_array['USER'] = $client['user'];
$edit_account_array['EMAIL'] = $client['email'];
$edit_account_array['DOMAIN'] = $client['domain'];
$edit_account_array['FIRSTNAME'] = $client['firstname'];
$edit_account_array['LASTNAME'] = $client['lastname'];
$edit_account_array['ADDRESS'] = $client['address'];
$edit_account_array['CITY'] = $client['city'];
$edit_account_array['STATE'] = $client['state'];
$edit_account_array['ZIP'] = $client['zip'];
$edit_account_array['PHONE'] = $client['phone'];
$edit_account_array['TZADJUST'] = main::tzlist($client['tzadjust']);
$edit_account_array['DISP'] = "<div>";
$edit_account_array['COUNTRY'] = main::countries(1, $client['country']) . '<a title="Your country." class="tooltip"><img src="<ICONDIR>information.png" /></a>';
if ($_POST) {
if (!check::email($postvar['email'], $_SESSION['cuser'])) {
main::errors("Your email is the wrong format!");
}
if (!check::state($postvar['state'])) {
main::errors("Please enter a valid state!");
}
if (!check::address($postvar['address'])) {
main::errors("Please enter a valid address!");
}
if (!check::phone($postvar['phone'])) {
main::errors("Please enter a valid phone number!");
}
if (!check::zip($postvar['zip'])) {
main::errors("Please enter a valid zip/postal code!");
}
if (!check::city($postvar['city'])) {
main::errors("Please enter a valid city!");
}
if (!check::firstname($postvar['firstname'])) {
main::errors("Please enter a valid first name!");
}
if (!check::lastname($postvar['lastname'])) {
main::errors("Please enter a valid time last name!");
}
if (!main::errors()) {
if ($postvar['country']) {
$country_q = "";
}
$users_update = array("email" => $postvar['email'], "state" => $postvar['state'], "address" => $postvar['address'], "phone" => $postvar['phone'], "zip" => $postvar['zip'], "city" => $postvar['city'], "tzadjust" => $postvar['tzones'], "firstname" => $postvar['firstname'], "lastname" => $postvar['lastname'], "country" => $postvar['country']);
$dbh->update("users", $users_update, array("id", "=", $_SESSION['cuser']));
if ($postvar['change']) {
$client = $dbh->client($_SESSION['cuser']);
if (crypto::passhash($postvar['currentpass'], $client['salt']) == $client['password']) {
if ($postvar['newpass'] === $postvar['cpass']) {
$cmd = main::changeClientPassword($_SESSION['cuser'], $postvar['newpass']);
if ($cmd === true) {
main::errors("Details updated!");
} else {
main::errors((string) $cmd);
}
} else {
main::errors("Your passwords don't match!");
}
} else {
main::errors("Your current password is incorrect.");
}
} else {
$edit_account_array['DISP'] = "<div style=\"display:none;\">";
main::errors("Details updated!");
}
}
}
echo style::replaceVar("tpl/client/edit-account.tpl", $edit_account_array);
}