Esempio n. 1
0
function drawAdminTools_AddDomain($admin)
{
    global $adm_login;
    global $adm_pass;
    global $addrlink;
    global $registration_added_price;
    global $conf_addr_primary_dns;
    global $conf_addr_secondary_dns;
    global $form_enter_dns_infos;
    global $form_enter_domain_name;
    global $whois_forwareded_params;
    global $form_period_popup;
    global $conf_webmaster_email_addr;
    global $conf_use_registrar_api;
    global $pro_mysql_pending_queries_table;
    global $pro_mysql_domain_table;
    global $pro_mysql_client_table;
    global $pro_mysql_product_table;
    global $registry_api_modules;
    global $secpayconf_currency_letters;
    global $pro_mysql_handle_table;
    get_secpay_conf();
    $out = "";
    $form_start = "\n<form action=\"" . $_SERVER["PHP_SELF"] . "\">\n<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n<input type=\"hidden\" name=\"addrlink\" value=\"{$addrlink}\">\n<input type=\"hidden\" name=\"action\" value=\"dtcrm_add_domain\">\n";
    // User is trying to add a new service, let's complete the form!
    if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "add_new_service") {
        if (!isRandomNum($_REQUEST["product_id"])) {
            $out .= _("The product ID is not a valid integer number.");
            return $out;
        }
        $q = "SELECT * FROM {$pro_mysql_product_table} WHERE id='" . $_REQUEST["product_id"] . "';";
        $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        $n = mysql_num_rows($r);
        if ($n != 1) {
            $out .= _("Cannot reselect product: registration failed!");
            return $out;
        }
        $product = mysql_fetch_array($r);
        switch ($product["heb_type"]) {
            default:
            case "shared":
                // -> Something has to be done to select dedicated servers location in the form !!!
            // -> Something has to be done to select dedicated servers location in the form !!!
            case "server":
                $added1 = "<input type=\"hidden\" name=\"vps_location\" value=\"node0001.example.com\">\n<input type=\"hidden\" name=\"vps_os\" value=\"debian\">";
                break;
            case "vps":
                $added1 = _("VPS location: ") . "<select name=\"vps_location\">" . vpsLocationSelector() . "</select><br>" . _("VPS OS: ") . "<select name=\"vps_os\">\n<option value=\"debian\">Debian</option>\n<option value=\"centos\">CentOS</option>\n<option value=\"gentoo\">Gentoo</option>\n<option value=\"netbsd\">NetBSD</option>\n</select><br>";
                break;
        }
        $out .= "<br><br><h3>" . _("Add another service to your account:") . "</h3>" . "<br><form action=\"/dtc/new_account.php\">\n<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n<input type=\"hidden\" name=\"addrlink\" value=\"{$addrlink}\">\n<input type=\"hidden\" name=\"product_id\" value=\"" . $_REQUEST["product_id"] . "\">\n<input type=\"hidden\" name=\"action\" value=\"add_new_service\">" . $added1 . "\n" . _("Special notes for the setup") . ":<textarea name=\"custom_notes\" cols=\"50\" rows=\"5\"></textarea><br>\n" . submitButtonStart() . _("Register") . submitButtonEnd() . "\n";
        return $out;
    }
    // Registration, hosting, or both ?
    if (!isset($_REQUEST["add_domain_type"]) || $_REQUEST["add_domain_type"] != "domregandhosting" && $_REQUEST["add_domain_type"] != "domreg" && $_REQUEST["add_domain_type"] != "hosting") {
        $out .= "<br><h3>" . _("What do you want to add:") . "</h3>\n{$form_start}";
        if ($conf_use_registrar_api == "yes") {
            $out .= "<input type=\"radio\" name=\"add_domain_type\" value=\"domregandhosting\" checked>" . _("Hosting + domain name registration or transfer") . "<br>";
            $add_domain_type_checked = " ";
        } else {
            $add_domain_type_checked = " checked ";
        }
        $out .= "<input type=\"radio\" name=\"add_domain_type\" value=\"hosting\" checked>" . _("Hosting only") . "<br>\n" . submitButtonStart() . _("Ok") . submitButtonEnd() . "\n</form>\n";
        $out .= "<br><br><h3>" . _("Add another service to your account:") . "</h3>";
        if (isset($admin["data"])) {
            $added_conditions = " AND heb_type NOT LIKE 'shared' ";
        } else {
            $added_conditions = "";
        }
        $q = "SELECT * FROM {$pro_mysql_product_table} WHERE private='no' AND renew_prod_id='0' AND heb_type NOT LIKE 'ssl' {$added_conditions};";
        $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        $n = mysql_num_rows($r);
        for ($i = 0; $i < $n; $i++) {
            $a = mysql_fetch_array($r);
            //			if($i > 0){
            //				$out .= " - ";
            //			}
            $out .= "<form action=\"" . $_SERVER["PHP_SELF"] . "\">\n\t\t\t<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n\t\t\t<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n\t\t\t<input type=\"hidden\" name=\"action\" value=\"add_new_service\">\n\t\t\t<input type=\"hidden\" name=\"product_id\" value=\"" . $a["id"] . "\">\n\t\t\t<input type=\"hidden\" name=\"addrlink\" value=\"{$addrlink}\">\n\t\t\t" . submitButtonStart() . $a["name"] . submitButtonEnd() . "</form>";
            //			$out .= "<a href=\"/dtc/new_account.php?action=add_new_service&adm_login=$adm_login&product_id=".$a["id"]."\">".$a["name"]."</a>";
        }
        return $out;
    }
    $form_start .= "<input type=\"hidden\" name=\"add_domain_type\" value=\"" . $_REQUEST["add_domain_type"] . "\">";
    //	$form_start .= "<input type=\"hidden\" name=\"add_domain_type\" value=\"domregandhosting\">";
    if ($_REQUEST["add_domain_type"] == "hosting") {
        // The don't want name registration or transfer,
        // Simply add the domain.
        if ($admin["info"]["allow_add_domain"] == "no") {
            return _("You curently don't have enough privileges to add domain names. If you often add domain names, you can ask the administrator to do so. To request hosting for a new domain without domain name registration, please write to:") . "<br>" . "<a href=\"mailto:{$conf_webmaster_email_addr}?subject=[DTC] More domains\">{$conf_webmaster_email_addr}</a>.";
        }
        if ($admin["info"]["max_domain"] != 0) {
            $maxdomq = "SELECT COUNT(name) AS numofdomains FROM {$pro_mysql_domain_table} WHERE owner='{$adm_login}';";
            $maxdomr = mysql_query($maxdomq) or die("Cannot query {$maxdomq} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
            $maxdoma = mysql_fetch_array($maxdomr);
            $num_of_installed_domains = $maxdoma["numofdomains"];
            if ($num_of_installed_domains >= $admin["info"]["max_domain"]) {
                return _("You have reached the maximum number of domains that you are allowed to run with this type of account.\nIf you want to add more domain names, you should get in touch by opening a new support ticket.");
            }
        }
        if (!isset($_REQUEST["domain_name"]) || $_REQUEST["domain_name"] == "") {
            return "<br><b><u>" . _("Please enter the domain name you wish to add:") . "</u></b><br>\n{$form_start}<input type=\"text\" name=\"domain_name\" value=\"\">\n" . submitButtonStart() . _("Ok") . submitButtonEnd() . "\n</form>";
        }
        if (!isHostname($_REQUEST["domain_name"])) {
            return _("Domain name is not in correct format. Please enter another name.");
        }
        $q = "SELECT * FROM {$pro_mysql_domain_table} WHERE name='" . $_REQUEST["domain_name"] . "';";
        $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        $n = mysql_num_rows($r);
        if ($n > 0) {
            return _("This domain name already hosted here, please enter another name.");
        }
        if ($admin["info"]["allow_add_domain"] == "check") {
            $q = "INSERT INTO {$pro_mysql_pending_queries_table} (adm_login,domain_name,date) VALUES ('{$adm_login}','" . $_REQUEST["domain_name"] . "','" . date("Y-m-d H:i") . "');";
            $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
            return "<br><u><b>" . _("Your domain name will be soon validated:") . "</b></u><br>" . _("An administrator will examine your request shortly, and validate the addition of this domain name to your account. You curently don't have enough privileges to add domain names. If you often add domain names, you can ask the administrator to grant you the privilege of automatic domain name addition. To request hosting for a new domain name, without administrator validation or domain name registration, please write to:") . "<br>\n<a href=\"{$conf_webmaster_email_addr}?subject=[DTC] More domains\">{$conf_webmaster_email_addr}</a>.<br>\n<br>\n" . _("You can add another domain name:") . "\n{$form_start}<input type=\"text\" name=\"domain_name\" value=\"\">\n" . submitButtonStart() . _("Ok") . submitButtonEnd() . "\n</form>\n";
        }
        addDomainToUser($adm_login, $adm_pass, $_REQUEST["domain_name"]);
        return "<br><u><b>" . _("Your domain name is now ready:") . "</b></u><br>\n" . _("Now you can go to check its configuration by clicking here:") . "<br>\n<a href=\"" . $_SERVER["PHP_SELF"] . "?adm_login={$adm_login}&adm_pass={$adm_pass}&addrlink=" . $_REQUEST["domain_name"] . "\">" . $_REQUEST["domain_name"] . "</a><br>\n<br>\n" . _("Alternatively, you can add another domain name:") . "\n{$form_start}<input type=\"text\" name=\"domain_name\" value=\"\">\n" . submitButtonStart() . _("Ok") . submitButtonEnd() . "\n</form>\n";
    }
    // Registration or domain transfer ?
    if (!isset($_REQUEST["add_regortrans"]) || $_REQUEST["add_regortrans"] != "register" && $_REQUEST["add_regortrans"] != "transfer") {
        $out .= "<br><h3>" . _("Do you want to transfer an existing domain or register a new domain?") . "</h3>\n{$form_start}\n<input type=\"radio\" name=\"add_regortrans\" value=\"register\" checked>" . _("Register a new domain") . "<br>\n<input type=\"radio\" name=\"add_regortrans\" value=\"transfer\">" . _("Transfer an existing domain from another registrar") . "<br>\n" . submitButtonStart() . _("Ok") . submitButtonEnd() . "\n</form>\n";
        return $out;
    }
    if ($_REQUEST["add_regortrans"] == "transfer") {
        return drawNameTransfer($admin);
    }
    $form_start .= "<input type=\"hidden\" name=\"add_regortrans\" value=\"register\">";
    // Start registration procedure (with or without hosting)
    $out .= "<br><h3>" . _("Register a domain name") . "</h3>";
    $out .= "<i><u>" . _("Step 1: Verify availability") . "</u></i><br>";
    if (!isset($_REQUEST["toreg_domain"]) || $_REQUEST["toreg_domain"] == "" || !isset($_REQUEST["toreg_extention"]) || $_REQUEST["toreg_extention"] == "") {
        $out .= "<br>" . _("Enter the domain name you want to register:") . "<br>\n{$form_start} " . make_registration_tld_popup() . "</form>";
        return $out;
    }
    $fqdn = $_REQUEST["toreg_domain"] . $_REQUEST["toreg_extention"];
    $domlookup = registry_check_availability($fqdn);
    if ($domlookup["is_success"] != 1) {
        $out .= "<font color=\"red\">" . _("Could not connect to domain registration server: please try again later!") . "</font><br>" . $domlookup['response_text'];
        return $out;
    }
    if ($domlookup["attributes"]["status"] != "available") {
        $out .= "<br>\n" . _("Sorry, the domain name ") . " <b>{$fqdn}</b> " . _("is NOT available for registration. The registration server returned: ") . "<br><font color=\"red\">" . $domlookup["response_text"] . "</font>\n<br><br>\nHave another try:<br>{$form_start} " . make_registration_tld_popup() . "</form>";
        return $out;
    }
    $form_start .= "<input type=\"hidden\" name=\"toreg_domain\" value=\"" . $_REQUEST["toreg_domain"] . "\">\n<input type=\"hidden\" name=\"toreg_extention\" value=\"" . $_REQUEST["toreg_extention"] . "\">";
    $q = "SELECT * FROM {$pro_mysql_domain_table} WHERE name='{$fqdn}';";
    $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    if ($n != 0) {
        $out .= "<br>\n" . _("The domain name") . " <b>{$fqdn}</b> " . _("is already in use in this server: you can't register that domain name.") . "<br>" . _("Have another try:") . "<br>{$form_start} " . make_registration_tld_popup() . "</form>";
        return $out;
    }
    // DOMAIN IS AVAILABLE, PROCEED DO REGISTRATION
    $out .= "Domain name <b>{$fqdn}</b> is available for registration.<br><br>\n<i><u>" . _("Step 2: Enter whois information") . "</u></i><br>\n";
    //http://dtc.example.com/dtc/index.php?adm_login=dtc&adm_pass=bemybest&
    //addrlink=myaccount%2Fadddomain&
    //action=dtcrm_add_domain&add_domain_type=domreg&add_regortrans=register&
    //toreg_domain=yugluxrfvcd&toreg_extention=.com&
    //dtcrm_owner_hdl=1&dtcrm_billing_hdl=1&dtcrm_admin_hdl=1&
    //toreg_dns1=default&toreg_dns2=default&
    //toreg_period=1
    if (!isset($_REQUEST["dtcrm_owner_hdl"]) || $_REQUEST["dtcrm_owner_hdl"] == "" || !isset($_REQUEST["dtcrm_admin_hdl"]) || $_REQUEST["dtcrm_admin_hdl"] == "" || !isset($_REQUEST["dtcrm_billing_hdl"]) || $_REQUEST["dtcrm_billing_hdl"] == "" || !isset($_REQUEST["dtcrm_teck_hdl"]) || $_REQUEST["dtcrm_teck_hdl"] == "" || !isset($_REQUEST["toreg_dns1"]) || $_REQUEST["toreg_dns1"] == "" || !isset($_REQUEST["toreg_dns2"]) || $_REQUEST["toreg_dns2"] == "" || $_REQUEST["toreg_period"] < 1 || $_REQUEST["toreg_period"] > 10) {
        $year = _("year");
        $years = _("years");
        $out .= _("Please select registran and the 3 contact handles you want to use for registering that domain name.") . "<br><br>{$form_start}";
        $out .= whoisHandleSelection($admin);
        if (isset($domlookup["attributes"]["minperiod"])) {
            $minreg = str_replace("Y", "", $domlookup["attributes"]["maxperiod"]);
        } else {
            $minreg = 1;
        }
        if (isset($domlookup["attributes"]["maxperiod"])) {
            $maxreg = str_replace("Y", "", $domlookup["attributes"]["maxperiod"]);
        } else {
            $maxreg = 10;
        }
        $out .= "<br>{$form_enter_dns_infos}<br><br>\n" . _("Select how long you want to register this domain name:") . "<br>\n<select name=\"toreg_period\"><option value=\"1\">1 {$year}</option>";
        for ($p = 2; $p <= $maxreg; $p++) {
            $out .= "<option value=\"{$p}\"";
            if ($p == $minreg) {
                $out .= " selected>Minimum";
            } else {
                $out .= ">";
            }
            $out .= " {$p} {$years}</option>";
        }
        $out .= "</select><br><br>\n" . submitButtonStart() . _("Ok") . submitButtonEnd() . "\n</form>\n";
        return $out;
    }
    $form_start .= "{$whois_forwareded_params}\n<input type=\"hidden\" name=\"toreg_period\" value=\"" . $_REQUEST["toreg_period"] . "\">";
    $out .= "Registration for <b>" . $_REQUEST["toreg_period"] . " years</b><br>";
    $out .= "DNS1: " . $_REQUEST["toreg_dns1"] . "<br>";
    $out .= "DNS2: " . $_REQUEST["toreg_dns2"] . "<br><br>";
    $out .= "<i><u>" . _("Step 3: Proceed to registration") . "</u></i>\n{$form_start}\n";
    // Check if paiement has just occured !
    if (isset($_REQUEST["inner_action"]) && $_REQUEST["inner_action"] == "return_from_paypal_domain_add") {
        $ze_refund = isPayIDValidated(addslashes($_REQUEST["pay_id"]));
        if ($ze_refund == 0) {
            $out .= "<font color=\"red\">The transaction failed, please try again!</font>";
        } else {
            $out .= "<font color=\"green\">Funds added to your account</font>";
            $q = "UPDATE {$pro_mysql_client_table} SET dollar = dollar+" . $ze_refund . " WHERE id='" . $admin["info"]["id_client"] . "';";
            $r = mysql_query($q) or die("Cannot querry {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error());
            $admin["client"]["dollar"] += $ze_refund;
        }
    }
    // Check billing to know if user has enough money on his account
    $price = find_domain_price($_REQUEST["toreg_extention"]);
    $fqdn_price = $price;
    $fqdn_price *= $_REQUEST["toreg_period"];
    if ($admin["info"]["id_client"] != 0) {
        $remaining = $admin["client"]["dollar"];
    } else {
        $out .= _("You don't have a client ID. Please contact us.") . "<br>";
        $remaining = 0;
        return $out;
    }
    $out .= _("Remaining on your account: ") . " {$secpayconf_currency_letters}" . $remaining . "<br>\n" . _("Total price: ") . " " . $secpayconf_currency_letters . "" . $fqdn_price . "<br><br>";
    if ($fqdn_price > $remaining) {
        $to_pay = $fqdn_price - $remaining;
        $payid = createCreditCardPaiementID($to_pay, $admin["info"]["id_client"], "Domain name registration " . $_REQUEST["toreg_extention"], "no");
        $return_url = $_SERVER["PHP_SELF"] . "?adm_login={$adm_login}&adm_pass={$adm_pass}" . "&addrlink={$addrlink}&action=dtcrm_add_domain&add_domain_type=" . $_REQUEST["add_domain_type"] . "&add_regortrans=" . $_REQUEST["add_regortrans"] . "&toreg_domain=" . $_REQUEST["toreg_domain"] . "&toreg_extention=" . $_REQUEST["toreg_extention"] . "&dtcrm_owner_hdl=" . $_REQUEST["dtcrm_owner_hdl"] . "&dtcrm_admin_hdl=" . $_REQUEST["dtcrm_admin_hdl"] . "&dtcrm_billing_hdl=" . $_REQUEST["dtcrm_billing_hdl"] . "&dtcrm_teck_hdl=" . $_REQUEST["dtcrm_teck_hdl"] . "&toreg_dns1=" . $_REQUEST["toreg_dns1"] . "&toreg_dns2=" . $_REQUEST["toreg_dns2"] . "&toreg_dns3=" . $_REQUEST["toreg_dns3"] . "&toreg_dns4=" . $_REQUEST["toreg_dns4"] . "&toreg_dns5=" . $_REQUEST["toreg_dns5"] . "&toreg_dns6=" . $_REQUEST["toreg_dns6"] . "&toreg_period=" . $_REQUEST["toreg_period"] . "&inner_action=return_from_paypal_domain_add&payid={$payid}";
        $paybutton = paynowButton($payid, $to_pay, "Domain name registration " . $_REQUEST["toreg_extention"], $return_url);
        $out .= _("You currently don't have enough funds on your account. You will be redirected to our payment system. Please click on the button below to pay.") . "<br>\n<br><br>\n{$form_start}\n" . submitButtonStart() . _("Payment complete. Proceed to checkout") . submitButtonEnd() . "\n</form> {$paybutton}";
        return $out;
    }
    // Check for confirmation
    if (!isset($_REQUEST["toreg_confirm_register"]) || $_REQUEST["toreg_confirm_register"] != "yes") {
        $out .= _("You have enough funds on your account to proceed with registration. Press the confirm button to proceed.") . "<br><br>\n{$form_start}\n<input type=\"hidden\" name=\"toreg_confirm_register\" value=\"yes\">\n" . submitButtonStart() . _("Proceed to name-registration") . submitButtonEnd() . "\n</form>";
        return $out;
    }
    ///////////////////////////////////////
    // START OF DOMAIN NAME REGISTRATION //
    $owner_id = $_REQUEST["dtcrm_owner_hdl"];
    $billing_id = $_REQUEST["dtcrm_billing_hdl"];
    $admin_id = $_REQUEST["dtcrm_admin_hdl"];
    $teck_id = $_REQUEST["dtcrm_teck_hdl"];
    $contacts = getContactsArrayFromID($owner_id, $billing_id, $admin_id, $teck_id);
    $dns_servers = array();
    for ($i = 1; $i < 7; $i++) {
        if (isset($_REQUEST["toreg_dns{$i}"]) && isHostname($_REQUEST["toreg_dns{$i}"])) {
            $dns_servers[] = $_REQUEST["toreg_dns{$i}"];
        } else {
            if ($i == 1) {
                $dns_servers[] = $conf_addr_primary_dns;
            } else {
                if ($i == 2) {
                    $dns_servers[] = $conf_addr_secondary_dns;
                }
            }
        }
    }
    $q = "SELECT * FROM {$pro_mysql_domain_table} WHERE owner='{$adm_login}' AND whois='here';";
    $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    if ($n > 0) {
        $new_user = "******";
    } else {
        $new_user = "******";
    }
    //	sleep(2);
    $regz = registry_register_domain($adm_login, $adm_pass, $fqdn, $_REQUEST["toreg_period"], $contacts, $dns_servers, $new_user);
    if ($regz["is_success"] != 1) {
        $out .= "<font color=\"red\"><b>" . _("Registration failed") . "</b></font><br>\n" . _("Server said: ") . "<i>" . $regz["response_text"] . "</i>";
        return $out;
    }
    $out .= "<font color=\"green\"><b>Registration succesfull</b></font><br>\nServer said: <i>" . $regz["response_text"] . "</i><br>";
    $operation = $remaining - $fqdn_price;
    $query = "UPDATE {$pro_mysql_client_table} SET dollar='{$operation}' WHERE id='" . $admin["info"]["id_client"] . "';";
    mysql_query($query) or die("Cannot query \"{$query}\" !!!" . mysql_error());
    addDomainToUser($adm_login, $adm_pass, $fqdn, $adm_pass);
    if ($regz["is_success"] == 1) {
        $id = find_registry_id($fqdn);
        $q = "UPDATE {$pro_mysql_domain_table} SET registrar='" . $registry_api_modules[$id]["name"] . "' WHERE name='{$fqdn}';";
        $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
        unset($ns_ar);
        $ns_ar = array();
        $ns_ar[] = $_REQUEST["toreg_dns1"];
        $ns_ar[] = $_REQUEST["toreg_dns2"];
        if (isset($_REQUEST["toreg_dns3"]) && $_REQUEST["toreg_dns3"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns3"];
        }
        if (isset($_REQUEST["toreg_dns4"]) && $_REQUEST["toreg_dns4"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns4"];
        }
        if (isset($_REQUEST["toreg_dns5"]) && $_REQUEST["toreg_dns5"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns5"];
        }
        if (isset($_REQUEST["toreg_dns6"]) && $_REQUEST["toreg_dns6"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns6"];
        }
        newWhois($fqdn, $owner_id, $billing_id, $admin_id, $teck_id, $_REQUEST["toreg_period"], $ns_ar, $registry_api_modules[$id]["name"]);
    }
    $out .= "<font color=\"green\"><b>" . _("Successfully added your domain name to the hosting database") . "</b></font><br>";
    $out .= _("Click") . " " . "<a href=\"" . $_SERVER["PHP_SELF"] . "?adm_login={$adm_login}&adm_pass={$adm_pass}&addrlink={$addrlink}\">" . _("here") . "</a>" . " " . _("to refresh the menu or add another domain name.");
    // END OF DOMAIN NAME REGISTRATION //
    /////////////////////////////////////
    return $out;
}
Esempio n. 2
0
function validateWaitingUser($waiting_login_id)
{
    global $conf_administrative_site;
    global $conf_use_ssl;
    global $pro_mysql_admin_table;
    global $pro_mysql_client_table;
    global $pro_mysql_new_admin_table;
    global $pro_mysql_product_table;
    global $pro_mysql_vps_ip_table;
    global $pro_mysql_vps_server_table;
    global $pro_mysql_completedorders_table;
    global $pro_mysql_domain_table;
    global $dtcshared_path;
    global $txt_userwaiting_account_activated_subject;
    global $txt_userwaiting_account_activated_text_header;
    global $conf_site_root_host_path;
    global $conf_demo_version;
    global $conf_use_ssl;
    global $conf_webmaster_email_addr;
    global $conf_this_server_country_code;
    global $conf_message_subject_header;
    global $console;
    //get affiliate cookie
    if (isset($_COOKIE["affiliate"]) && isMailbox($affiliatename)) {
        $affiliatename = $_COOKIE["affiliate"];
    }
    if (isset($affiliatename)) {
        //Step 1: validate that the affiliatename exists
        $q = "SELECT * FROM {$pro_mysql_admin_table} WHERE adm_login='******';";
        $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        if (mysql_num_rows($r) != 1) {
            unset($affiliatename);
        }
        // at this point, we should have an affiliatename
    }
    // Get the informations from the user waiting table
    $q = "SELECT * FROM {$pro_mysql_new_admin_table} WHERE id='{$waiting_login_id}';";
    //	$q = "SELECT * FROM $pro_mysql_new_admin_table WHERE reqadm_login='******';";
    $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    if ($n != 1) {
        die("I can't find username with id {$waiting_login_id} in the userwaiting table line: " . __LINE__ . " file: " . __FILE__ . "!");
    }
    $a = mysql_fetch_array($r);
    $waiting_login = $a["reqadm_login"];
    $last_used_lang = $a["last_used_lang"];
    // Check if there is a user by that name
    $q = "SELECT * FROM {$pro_mysql_admin_table} WHERE adm_login='******';";
    $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    if ($a["add_service"] == "yes") {
        if ($n != 1) {
            die("There is no user with name {$waiting_login} in database: I can't add a service to it line: " . __LINE__ . " file: " . __FILE__ . "!");
        }
        $existing_admin = mysql_fetch_array($r);
        $cid = $existing_admin["id_client"];
        $vps_root_pass = $existing_admin["adm_pass"];
    } else {
        if ($n != 0) {
            die("There is already a user with name {$waiting_login} in database: I can't add another one line: " . __LINE__ . " file: " . __FILE__ . "!");
        }
        $vps_root_pass = $a["reqadm_pass"];
    }
    // Calculate user's path with default path
    $newadmin_path = $conf_site_root_host_path . "/" . $waiting_login;
    // Create admin's directory
    if ($conf_demo_version == "no" && $a["add_service"] != "yes") {
        $oldumask = umask(0);
        if (!file_exists($newadmin_path)) {
            mkdir("{$newadmin_path}", 0750);
            $console .= "mkdir {$newadmin_path};<br>";
        }
    }
    // Get the informations from the product table
    $q2 = "SELECT * FROM {$pro_mysql_product_table} WHERE id='" . $a["product_id"] . "'";
    $r2 = mysql_query($q2) or die("Cannot execute query \"{$q2}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
    $n2 = mysql_num_rows($r2);
    if ($n2 != 1) {
        die("I can't find the product in the table line: " . __LINE__ . " file: " . __FILE__ . "!");
    }
    $a2 = mysql_fetch_array($r2);
    // Add customer's info to production table
    if ($a["add_service"] != "yes") {
        $adm_query = "INSERT INTO {$pro_mysql_client_table}\n(id,is_company,company_name,vat_num,familyname,christname,addr1,addr2,addr3,\ncity,zipcode,state,country,phone,fax,email,\ndisk_quota_mb,bw_quota_per_month_gb,\nspecial_note) VALUES ('','" . $a["iscomp"] . "',\n'" . addslashes($a["comp_name"]) . "','" . addslashes($a["vat_num"]) . "','" . addslashes($a["family_name"]) . "','" . addslashes($a["first_name"]) . "',\n'" . addslashes($a["addr1"]) . "','" . addslashes($a["addr2"]) . "','" . addslashes($a["addr3"]) . "','" . addslashes($a["city"]) . "',\n'" . addslashes($a["zipcode"]) . "','" . addslashes($a["state"]) . "','" . addslashes($a["country"]) . "','" . addslashes($a["phone"]) . "',\n'" . addslashes($a["fax"]) . "','" . addslashes($a["email"]) . "','" . $a2["quota_disk"] . "','" . $a2["bandwidth"] / 1024 . "',\n'" . addslashes($a["restricted_ftp_path"]) . "','" . addslashes($a["allow_dns_and_mx_change"]) . "',\n'" . addslashes($a["ftp_login_flag"]) . "','" . addslashes($a["allow_mailing_list_edit"]) . "','" . addslashes($a["allow_subdomain_edit"]) . "',\n'" . addslashes($a["custom_notes"]) . "');";
        $r = mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        $cid = mysql_insert_id();
    }
    // Add user in database
    $expires = calculateExpirationDate(date("Y-m-d"), $a2["period"]);
    if ($a2["heb_type"] == "vps") {
        $admtbl_added1 = ",expire,prod_id";
        $admtbl_added2 = ",'0000-00-00','0'";
    } else {
        if ($a2["heb_type"] == "server") {
            $admtbl_added1 = ",expire,prod_id";
            $admtbl_added2 = ",'0000-00-00','0'";
        } else {
            $admtbl_added1 = ",expire,prod_id";
            $admtbl_added2 = ",'{$expires}','" . $a2["id"] . "'";
            $admtbl_added3 = ", expire='{$expires}', prod_id='" . $a2["id"] . "' ";
        }
    }
    if ($a["add_service"] != "yes") {
        $adm_query = "INSERT INTO {$pro_mysql_admin_table}\n(adm_login        ,adm_pass              ,last_used_lang   ,path            ,id_client,bandwidth_per_month_mb,quota,nbrdb,allow_add_domain,max_domain,restricted_ftp_path,allow_dns_and_mx_change,ftp_login_flag,allow_mailing_list_edit,allow_subdomain_edit,max_email{$admtbl_added1}) VALUES\n('{$waiting_login}','" . $a["reqadm_pass"] . "','{$last_used_lang}','{$newadmin_path}','{$cid}','" . $a2["bandwidth"] . "','" . $a2["quota_disk"] . "','" . $a2["nbr_database"] . "','" . $a2["allow_add_domain"] . "','" . $a2["max_domain"] . "',\n'" . $a2["restricted_ftp_path"] . "','" . $a2["allow_dns_and_mx_change"] . "','" . $a2["ftp_login_flag"] . "','" . $a2["allow_mailing_list_edit"] . "','" . $a2["allow_subdomain_edit"] . "','" . $a2["nbr_email"] . "'{$admtbl_added2});";
        mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
    } else {
        if ($a2["heb_type"] == "shared") {
            $adm_query = "UPDATE {$pro_mysql_admin_table}\n\t\t\tSET bandwidth_per_month_mb='" . $a2["bandwidth"] . "', quota='" . $a2["quota_disk"] . "', nbrdb='" . $a2["nbr_database"] . "',\n\t\t\tallow_add_domain='" . $a2["allow_add_domain"] . "', max_domain='" . $a2["max_domain"] . "', restricted_ftp_path='" . $a2["restricted_ftp_path"] . "',\n\t\t\tallow_dns_and_mx_change='" . $a2["allow_dns_and_mx_change"] . "', ftp_login_flag='" . $a2["ftp_login_flag"] . "', allow_mailing_list_edit='" . $a2["allow_mailing_list_edit"] . "',\n\t\t\tallow_subdomain_edit='" . $a2["allow_subdomain_edit"] . "', max_email='" . $a2["nbr_email"] . "' {$admtbl_added3}\n\t\t\tWHERE adm_login='******';";
            mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        }
    }
    if ($a2["heb_type"] == "vps") {
        $vps_xen_name = addVPSToUser($waiting_login, $a["vps_location"], $a2["id"], $a["vps_os"]);
        $soap_client = connectToVPSServer($a["vps_location"]);
        if ($soap_client == false) {
            echo "Could not connect to the VPS server for doing the setup: please contact the administrator!";
        } else {
            $image_type = "lvm";
            if (isVPSNodeLVMEnabled($a["vps_location"]) == "no") {
                $image_type = "vbd";
            }
            $r = $soap_client->call("setupLVMDisks", array("vpsname" => $vps_xen_name, "hddsize" => $a2["quota_disk"], "swapsize" => $a2["memory_size"], "imagetype" => $image_type), "", "", "");
            $qvps = "SELECT * FROM {$pro_mysql_vps_ip_table} WHERE vps_server_hostname='" . $a["vps_location"] . "' AND vps_xen_name='{$vps_xen_name}' LIMIT 1;";
            $rvps = mysql_query($qvps) or die("Cannot execute query \"{$qvps}\" line " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
            $nvps = mysql_num_rows($rvps);
            if ($nvps != 1) {
                echo "Cannot find VPS IP: wont be able to setup the os, please get in touch with the administrator!";
            } else {
                $avps = mysql_fetch_array($rvps);
                $r = $soap_client->call("reinstallVPSos", array("vpsname" => $vps_xen_name, "ostype" => $a["vps_os"], "hddsize" => $a2["quota_disk"], "ramsize" => $a2["memory_size"], "ipaddr" => $avps["ip_addr"], "password" => $vps_root_pass), "", "", "");
                $qcountry = "SELECT * FROM {$pro_mysql_vps_server_table} WHERE hostname='" . $a["vps_location"] . "';";
                $rcountry = mysql_query($qcountry) or die("Cannot execute query \"{$qcountry}\" line " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
                $ncountry = mysql_num_rows($rcountry);
                if ($ncountry != 1) {
                    echo "Cannot find VPS server country!";
                    $country = 'US';
                } else {
                    $acountry = mysql_fetch_array($rcountry);
                    $country = $acountry["country_code"];
                }
            }
        }
        // Read the (customizable) registration message to send
        $txt_welcome_message = readCustomizedMessage("registration_msg/vps_open", $waiting_login);
    } else {
        if ($a2["heb_type"] == "server") {
            // As there is currently no dedicated server provision system, we just do this:
            $country = $conf_this_server_country_code;
            addDedicatedToUser($waiting_login, $a["domain_name"], $a2["id"]);
            // Read the (customizable) registration message to send
            $txt_welcome_message = readCustomizedMessage("registration_msg/dedicated_open", $waiting_login);
        } else {
            $country = $conf_this_server_country_code;
            addDomainToUser($waiting_login, $a["reqadm_pass"], $a["domain_name"]);
            // Read the (customizable) registration message to send
            $txt_welcome_message = readCustomizedMessage("registration_msg/shared_open", $waiting_login);
            $q = "UPDATE {$pro_mysql_domain_table} SET max_email='" . $a2["nbr_email"] . "',quota='" . $a2["quota_disk"] . "' WHERE name='" . $a["domain_name"] . "';";
            $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        }
    }
    // Send a mail to user with how to login and use interface.
    $txt_userwaiting_account_activated_subject = "{$conf_message_subject_header} Account {$waiting_login} has been activated!";
    // Manage the signature of all registration messages
    $signature = readCustomizedMessage("signature", $waiting_login);
    $msg_2_send = str_replace("%%%SIGNATURE%%%", $signature, $txt_welcome_message);
    // Manage the login info part of the message
    if ($conf_use_ssl == "yes") {
        $surl = "s";
    } else {
        $surl = "";
    }
    $dtc_login_info = "URL: http{$surl}://{$conf_administrative_site}/dtc/\nLogin: {$waiting_login}\nPassword: "******"reqadm_pass"];
    $msg_2_send = str_replace("%%%DTC_LOGIN_INFO%%%", $dtc_login_info, $msg_2_send);
    // Manage the header of the messages
    $head = readCustomizedMessage("messages_header", $waiting_login);
    $msg_2_send = $head . "\n" . $msg_2_send;
    $headers = "From: " . $conf_webmaster_email_addr;
    mail($a["email"], $txt_userwaiting_account_activated_subject, $msg_2_send, $headers);
    // Now add a command to the user so we keep tracks of payments
    $q = "INSERT INTO {$pro_mysql_completedorders_table} (id,id_client,domain_name,quantity,date,product_id,payment_id,country_code,last_expiry_date)\n\tVALUES ('','{$cid}','" . $a["domain_name"] . "','1','" . date("Y-m-d") . "','" . $a["product_id"] . "','" . $a["paiement_id"] . "','{$country}','" . date("Y-d-m") . "');";
    mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
    if (isset($affiliatename)) {
        // Step 2) retrieve the kickback from the products table
        $kickback = $a2["affiliate_kickback"];
        $orderid = mysql_insert_id();
        if ($kickback) {
            // Step 3) if a kickback exists, store it in the affiliate transaction table
            $kickback = 1.0 + $kickback - 1.0;
            //cast to float.  I hate PHP.
            $xxs = "INSERT INTO affiliate_payments (adm_login,order_id,kickback) VALUES('{$affiliatename}',{$orderid},{$kickback});";
            mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
        }
    }
    // Finaly delete the user from the userwaiting table
    $q = "DELETE FROM {$pro_mysql_new_admin_table} WHERE id='{$waiting_login_id}';";
    mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
}
function drawNameTransfer($admin, $given_fqdn = "none")
{
    global $adm_login;
    global $adm_pass;
    global $addrlink;
    global $registration_added_price;
    global $pro_mysql_domain_table;
    global $pro_mysql_client_table;
    global $registry_api_modules;
    global $form_enter_dns_infos;
    global $form_enter_auth_code;
    global $whois_forwareded_params;
    global $secpayconf_currency_letters;
    global $allTLD;
    get_secpay_conf();
    $out = "";
    if (isset($_REQUEST["toreg_domain"])) {
        $toreg_domain = $_REQUEST["toreg_domain"];
    }
    if (isset($_REQUEST["toreg_extention"])) {
        $toreg_extention = $_REQUEST["toreg_extention"];
    }
    if ($given_fqdn != "none" && !isset($toreg_extention)) {
        $c = strrpos($given_fqdn, ".");
        $toreg_extention = find_domain_extension($given_fqdn);
        $toreg_domain = str_replace($toreg_extention, "", $given_fqdn);
        # echo "extension: $toreg_extention    domain: $toreg_domain<br />";
    }
    // Step 1: enter domain name and check domain transferability
    $form_start = "<form action=\"" . $_SERVER["PHP_SELF"] . "\">\n<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n<input type=\"hidden\" name=\"addrlink\" value=\"{$addrlink}\">\n<input type=\"hidden\" name=\"dtcrm_action\" value=\"transfer_domain\">\n<input type=\"hidden\" name=\"add_regortrans\" value=\"transfer\">\n<input type=\"hidden\" name=\"add_domain_type\" value=\"" . $_REQUEST["add_domain_type"] . "\">\n";
    $out .= "<br><h3>" . _("Transfer from another registrar to this server:") . "</h3>\n<i><u>" . _("Step1: check if domain is transferable") . "</u></i>";
    # echo "Checking1 $toreg_domain$toreg_extention<br />";
    if (!isset($toreg_extention) || $toreg_extention == "" || !isset($toreg_domain) || $toreg_domain == "" || $toreg_extention != ".com" && $toreg_extention != ".net" && $toreg_extention != ".org" && $toreg_extention != ".biz" && $toreg_extention != ".name" && $toreg_extention != ".info" && $toreg_extention != ".co.uk") {
        $out .= "{$form_start}<br>\n" . _("Please enter the domain name you wish to transfer:") . "<br>\n" . make_registration_tld_popup();
        return $out;
    }
    $form_start .= "<input type=\"hidden\" name=\"toreg_domain\" value=\"{$toreg_domain}\">\n<input type=\"hidden\" name=\"toreg_extention\" value=\"{$toreg_extention}\">";
    $regz = registry_check_transfer($toreg_domain . $toreg_extention);
    # echo "Checking2 $toreg_domain$toreg_extention<br />";
    if ($regz["is_success"] != 1) {
        die("<font color=\"red\">" . _("TRANSFER CHECK FAILED: registry server didn't reply successfuly.") . "</font>");
    }
    if ($regz["attributes"]["transferrable"] != 1) {
        $out .= "<br><font color=\"red\">" . _("TRANSFER CHECK FAILED") . "</font><br>\n" . _("Server said: ") . $regz["attributes"]["reason"] . "<br>\n{$form_start}<br>\n" . _("Please enter the domain name you wish to transfer:") . "<br>\n" . make_registration_tld_popup();
        return $out;
    }
    $out .= "<br><font color=\"green\">" . _("TRANSFER CHECK SUCCESSFUL") . "</font><br><br>";
    // Step 2: enter whois infos
    $out .= "<i><u>" . _("Step 2: select contacts for domain transfer") . "</u></i><br>";
    if (!isset($_REQUEST["dtcrm_owner_hdl"]) || $_REQUEST["dtcrm_owner_hdl"] == "" || !isset($_REQUEST["dtcrm_admin_hdl"]) || $_REQUEST["dtcrm_admin_hdl"] == "" || !isset($_REQUEST["dtcrm_billing_hdl"]) || $_REQUEST["dtcrm_billing_hdl"] == "" || !isset($_REQUEST["toreg_dns1"]) || $_REQUEST["toreg_dns1"] == "" || !isset($_REQUEST["toreg_dns2"]) || $_REQUEST["toreg_dns2"] == "") {
        $out .= $form_start . whoisHandleSelection($admin);
        $out .= $form_enter_dns_infos;
        $out .= $form_enter_auth_code;
        $out .= "<br>" . submitButtonStart() . _("Proceed to transfer") . submitButtonEnd() . "</form>";
        return $out;
    }
    $form_start .= $whois_forwareded_params;
    $out .= "DNS1: " . $_REQUEST["toreg_dns1"] . "<br>";
    $out .= "DNS2: " . $_REQUEST["toreg_dns2"] . "<br><br>";
    $fqdn = $toreg_domain . $toreg_extention;
    $fqdn_price = $price = find_domain_price($toreg_extention);
    if ($admin["info"]["id_client"] != 0) {
        $remaining = $admin["client"]["dollar"];
    } else {
        $out .= _("You don't have a client ID. Please contact us.");
        $remaining = 0;
        return $out;
    }
    // Step 3: check account balance and transfer the domain name after transaction aprooval
    $out .= "<i><u>Step3: Proceed for transfer</u></i><br>";
    $out .= _("Remaining on your account: ") . " " . $remaining . " {$secpayconf_currency_letters}<br>\n" . _("Total price: ") . " " . $fqdn_price . " {$secpayconf_currency_letters}<br><br>";
    if (!isset($_REQUEST["authcode"])) {
        $out .= $form_enter_auth_code;
    } else {
        $out .= "Auth Code:" . " " . $_REQUEST["authcode"] . "<br />";
    }
    if (isset($_REQUEST["inner_action"]) && $_REQUEST["inner_action"] == "return_from_paypal_domain_add") {
        $ze_refund = isPayIDValidated(addslashes($_REQUEST["pay_id"]));
        if ($ze_refund == 0) {
            $out .= "<font color=\"red\">" . _("The transaction failed, please try again!") . "</font>";
        } else {
            $out .= "<font color=\"green\">" . _("Your account has been credited!") . "</font><br>";
            $q = "UPDATE {$pro_mysql_client_table} SET dollar = dollar+" . $ze_refund . " WHERE id='" . $admin["info"]["id_client"] . "';";
            $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said " . mysql_error());
            $remaining += $ze_refund;
        }
    }
    if ($fqdn_price > $remaining) {
        $payid = createCreditCardPaiementID($fqdn_price, $admin["info"]["id_client"], "Domain name registration " . $_REQUEST["toreg_extention"], "no");
        $return_url = $_SERVER["PHP_SELF"] . "?adm_login={$adm_login}&adm_pass={$adm_pass}" . "&addrlink={$addrlink}&add_domain_type=" . $_REQUEST["add_domain_type"] . "&add_regortrans=" . $_REQUEST["add_regortrans"] . "&toreg_domain=" . $_REQUEST["toreg_domain"] . "&toreg_extention=" . $_REQUEST["toreg_extention"] . "&dtcrm_owner_hdl=" . $_REQUEST["dtcrm_owner_hdl"] . "&dtcrm_admin_hdl=" . $_REQUEST["dtcrm_admin_hdl"] . "&dtcrm_billing_hdl=" . $_REQUEST["dtcrm_billing_hdl"] . "&toreg_dns1=" . $_REQUEST["toreg_dns1"] . "&toreg_dns2=" . $_REQUEST["toreg_dns2"] . "&toreg_dns3=" . $_REQUEST["toreg_dns3"] . "&toreg_dns4=" . $_REQUEST["toreg_dns4"] . "&toreg_dns5=" . $_REQUEST["toreg_dns5"] . "&toreg_dns6=" . $_REQUEST["toreg_dns6"] . "&toreg_period=1&inner_action=return_from_paypal_domain_add&payid={$payid}";
        if (isset($_REQUEST["action"])) {
            $return_url .= "&action=" . $_REQUEST["action"];
        }
        if (isset($_REQUEST["dtcrm_action"])) {
            $return_url .= "&dtcrm_action=" . $_REQUEST["dtcrm_action"];
        }
        $paybutton = paynowButton($payid, $fqdn_price, "Domain name registration " . $_REQUEST["toreg_extention"], $return_url);
        $out .= _("You currently don't have enough funds on your account. You will be redirected to our payment system. Please click on the button below to pay.") . "<br><br>\n{$paybutton}";
        return $out;
    }
    // Check for confirmation
    if (!isset($_REQUEST["toreg_confirm_transfert"]) || $_REQUEST["toreg_confirm_transfert"] != "yes") {
        $out .= _("You have enough funds on your account to proceed with transfert. Press the confirm button to proceed.") . "<br><br>\n{$form_start}\n<input type=\"hidden\" name=\"toreg_confirm_transfert\" value=\"yes\">\n<input type=\"hidden\" name=\"authcode\" value=\"" . $_REQUEST['authcode'] . "\">\n" . submitButtonStart() . _("Proceed to name-transfert") . submitButtonEnd() . "\n</form>";
        return $out;
    }
    ///////////////////////////////////////
    // START OF DOMAIN NAME TRANSFERT //
    $owner_id = $_REQUEST["dtcrm_owner_hdl"];
    $billing_id = $_REQUEST["dtcrm_billing_hdl"];
    $admin_id = $_REQUEST["dtcrm_admin_hdl"];
    $teck_id = $_REQUEST["dtcrm_teck_hdl"];
    $authcode = $_REQUEST["authcode"];
    $contacts = getContactsArrayFromID($owner_id, $billing_id, $admin_id, $teck_id);
    $dns_servers = array();
    for ($i = 1; $i < 7; $i++) {
        if (isset($_REQUEST["toreg_dns{$i}"]) && isHostname($_REQUEST["toreg_dns{$i}"])) {
            $dns_servers[] = $_REQUEST["toreg_dns{$i}"];
        } else {
            if ($i == 1) {
                $dns_servers[] = $conf_addr_primary_dns;
            } else {
                if ($i == 2) {
                    $dns_servers[] = $conf_addr_secondary_dns;
                }
            }
        }
    }
    $q = "SELECT * FROM {$pro_mysql_domain_table} WHERE owner='{$adm_login}';";
    $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    if ($n > 0) {
        $new_user = "******";
    } else {
        $new_user = "******";
    }
    //	sleep(2);
    $regz = registry_transfert_domain($adm_login, $adm_pass, $fqdn, $contacts, $dns_servers, $new_user, $authcode);
    if ($regz["is_success"] != 1) {
        $out .= "<font color=\"red\"><b>" . _("Transfert failed") . "</b></font><br>\n" . _("Server said: ") . "<i>" . $regz["response_text"] . "</i>";
        return $out;
    }
    $out .= "<font color=\"green\"><b>Transfert succesfull</b></font><br>\nServer said: <i>" . $regz["response_text"] . "</i><br>";
    $operation = $remaining - $fqdn_price;
    $query = "UPDATE {$pro_mysql_client_table} SET dollar='{$operation}' WHERE id='" . $admin["info"]["id_client"] . "';";
    mysql_query($query) or die("Cannot query \"{$query}\" !!!" . mysql_error());
    $q = "SELECT * FROM {$pro_mysql_domain_table} WHERE domain='{$fqdn}';";
    $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    // Is this a transfer of a domain already hosted?
    if ($n == 0) {
        addDomainToUser($adm_login, $adm_pass, $fqdn, $adm_pass);
    }
    if ($regz["is_success"] == 1) {
        $id = find_registry_id($fqdn);
        $q = "UPDATE {$pro_mysql_domain_table} SET registrar='" . $registry_api_modules[$id]["name"] . "' WHERE name='{$fqdn}';";
        $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
        unset($ns_ar);
        $ns_ar = array();
        $ns_ar[] = $_REQUEST["toreg_dns1"];
        $ns_ar[] = $_REQUEST["toreg_dns2"];
        if (isset($_REQUEST["toreg_dns3"]) && $_REQUEST["toreg_dns3"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns3"];
        }
        if (isset($_REQUEST["toreg_dns4"]) && $_REQUEST["toreg_dns4"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns4"];
        }
        if (isset($_REQUEST["toreg_dns5"]) && $_REQUEST["toreg_dns5"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns5"];
        }
        if (isset($_REQUEST["toreg_dns6"]) && $_REQUEST["toreg_dns6"] != "") {
            $ns_ar[] = $_REQUEST["toreg_dns6"];
        }
        newWhois($fqdn, $owner_id, $billing_id, $admin_id, $teck_id, $period = "1", $ns_ar, $registry_api_modules[$id]["name"]);
    }
    $out .= "<font color=\"green\"><b>" . _("Successfully added your domain name to the hosting database") . "</b></font><br>";
    $out .= _("Click") . " " . "<a href=\"" . $_SERVER["PHP_SELF"] . "?adm_login={$adm_login}&adm_pass={$adm_pass}&addrlink={$addrlink}\">" . _("here") . "</a>" . " " . _("to refresh the menu or add another domain name.");
    // END OF DOMAIN NAME TRANSFERT //
    /////////////////////////////////////
    return $out;
}
Esempio n. 4
0
if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "valid_waiting_domain_to_user") {
    $q = "SELECT * FROM {$pro_mysql_pending_queries_table} WHERE id='" . $_REQUEST["reqid"] . "';";
    $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    if ($n != 1) {
        die("ID of pending domain not found!");
    }
    $pending = mysql_fetch_array($r);
    $q = "SELECT * FROM {$pro_mysql_admin_table} WHERE adm_login='******';";
    $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
    $n = mysql_num_rows($r);
    if ($n != 1) {
        die("adm_login of pending domain not found!");
    }
    $a = mysql_fetch_array($r);
    addDomainToUser($a["adm_login"], $a["adm_pass"], $pending["domain_name"]);
    triggerDomainListUpdate();
    $q = "DELETE FROM {$pro_mysql_pending_queries_table} WHERE id='" . $_REQUEST["reqid"] . "';";
    $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
}
if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "delete_waiting_domain_to_user") {
    $q = "DELETE FROM {$pro_mysql_pending_queries_table} WHERE id='" . $_REQUEST["reqid"] . "';";
    $r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
}
///////////////////////////////////////////////////////////////
if (isset($_REQUEST["deluserdomain"]) && $_REQUEST["deluserdomain"] != "") {
    deleteUserDomain($adm_login, $adm_pass, $_REQUEST["deluserdomain"], true);
    // Tell the cron job to activate the changes
    $adm_query = "UPDATE {$pro_mysql_cronjob_table} SET qmail_newu='yes',restart_qmail='yes',reload_named='yes',\n\trestart_apache='yes',gen_vhosts='yes',gen_named='yes',gen_qmail='yes',gen_webalizer='yes',gen_backup='yes',gen_ssh='yes' WHERE 1;";
    mysql_query($adm_query);
    triggerDomainListUpdate();
Esempio n. 5
0
function domainImport($path_from, $adm_login, $adm_pass)
{
    global $pro_mysql_domain_table;
    global $pro_mysql_pop_table;
    global $pro_mysql_subdomain_table;
    global $pro_mysql_pop_table;
    global $pro_mysql_mailaliasgroup_table;
    global $pro_mysql_list_table;
    global $pro_mysql_ftp_table;
    global $pro_mysql_ssh_table;
    global $conf_dtc_system_uid;
    global $conf_dtc_system_gid;
    // Read the file
    $fp = fopen($path_from, "r+");
    $xml_content = fread($fp, filesize($path_from));
    fclose($fp);
    // Unserialize
    $options = array('tagMap' => array('util' => 'XML_Util'), 'classAttribute' => '_classname');
    $unserializer = new XML_Unserializer($options);
    $result = $unserializer->unserialize($xml_content);
    if (PEAR::isError($result)) {
        echo _("Method unserialize() failed, could not import your domain configuration: ") . $result->getMessage();
        return;
    }
    $dom_ar = $unserializer->getUnserializedData();
    if (PEAR::isError($dom_ar)) {
        echo _("Method getUnserializedData() failed, could not import your domain configuration: ") . $dom_ar->getMessage();
        return;
    }
    // Because of an issue of the programming of older versions of DTC,
    // if there was multiple domains in the XLM file, then we have things like this,
    // as PHP assotiative array, once Unserialize() is done:
    // <dtc-export-file version="0.1">
    //   <domains>
    //      <item>
    //         <example.com>
    //           ........
    //         </example.com>
    //      </item>
    //   </domains
    // </dtc-export-file>
    // the below code will remove the <item> thing that is on the way,
    // and quite annoying for using array_keys().
    if (isset($dom_ar["domains"]["item"])) {
        $nbr_domains = sizeof($dom_ar["domains"]["item"]);
        $my_domains = array();
        for ($doms = 0; $doms < $nbr_domains; $doms++) {
            $mykey = array_keys($dom_ar["domains"]["item"][$doms]);
            $my_domains["domains"][$mykey[0]] = $dom_ar["domains"]["item"][$doms][$mykey[0]];
        }
        $dom_ar = $my_domains;
        $all_domains = array_keys($dom_ar["domains"]);
    } else {
        $all_domains = array_keys($dom_ar["domains"]);
        $nbr_domains = sizeof($all_domains);
    }
    // Iterate on all domains of the file (if there's only one, it's fine too...)
    for ($doms = 0; $doms < $nbr_domains; $doms++) {
        // We will work on each domains one by one
        $dom_name = $all_domains[$doms];
        if ($dom_name == "" || $dom_name == "Array") {
            echo _("Domain name is empty in your export file: could not import domain number ") . $doms;
            return;
        }
        $console .= "Importing domain: {$dom_name}<br>";
        $cur_dom = $dom_ar["domains"][$dom_name];
        $dom_name = $cur_dom["domain_config"]["name"];
        // Check if the domain exists, if not, add it to the user
        $q = "SELECT * FROM {$pro_mysql_domain_table} WHERE name='{$dom_name}';";
        $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
        $n = mysql_num_rows($r);
        if ($n == 0) {
            addDomainToUser($adm_login, $adm_pass, $dom_name);
        }
        // Add owner path to ftp & ssh accounts
        $adm_path = getAdminPath($adm_login);
        $cur_dom = addOwnerPathToArray($cur_dom, $adm_path, "ftp", "homedir");
        $cur_dom = addOwnerPathToArray($cur_dom, $adm_path, "ssh", "homedir");
        $cur_dom = addOwnerPathToArray($cur_dom, $adm_path, "mailboxes", "home");
        // Reimport all the stuff
        updateRowValue($pro_mysql_domain_table, "name='{$dom_name}'", $cur_dom["domain_config"], "safe_mode,sbox_protect,default_subdomain,quota,max_email,max_lists,max_ftp,max_subdomain,max_ssh,primary_dns,other_dns,primary_mx,other_mx,whois,hosting,gen_unresolved_domain_alias,txt_root_entry,txt_root_entry2,catchall_email,domain_parking,registrar_password,ttl,stats_login,stats_pass,stats_subdomain,wildcard_dns,domain_parking_type");
        recreateAllRows($pro_mysql_subdomain_table, "domain_name='{$dom_name}'", $cur_dom["subdomains"], "safe_mode,sbox_protect,subdomain_name,ip,register_globals,associated_txt_record,generate_vhost,ssl_ip,nameserver_for,ttl,srv_record,add_default_charset,customize_vhost", ",domain_name", ",'{$dom_name}'");
        recreateAllRows($pro_mysql_pop_table, "mbox_host='{$dom_name}'", $cur_dom["mailboxes"], "id,home,passwd,crypt,redirect1,redirect2,localdeliver,vacation_flag,bounce_msg,vacation_text,spam_mailbox_enable,quota_size,quota_files,quota_couriermaildrop", ",mbox_host", ",'{$dom_name}'");
        recreateAllRows($pro_mysql_mailaliasgroup_table, "domain_parent='{$dom_name}'", $cur_dom["alias_group"], "id,delivery_group", ",domain_parent", ",'{$dom_name}'");
        recreateAllRows($pro_mysql_list_table, "domain='{$dom_name}'", $cur_dom["lists"], "name,owner,spammode,webarchive", ",domain", ",'{$dom_name}'");
        recreateAllRows($pro_mysql_ftp_table, "hostname='{$dom_name}'", $cur_dom["ftp"], "login,password,homedir", ",hostname", ",'{$dom_name}'");
        recreateAllRows($pro_mysql_ssh_table, "hostname='{$dom_name}'", $cur_dom["ssh"], "login,crypt,password,homedir", ",hostname", ",'{$dom_name}'");
        // Fixes the UID / GID for ssh, ftp and email accounts
        $q = "UPDATE {$pro_mysql_pop_table} SET uid='{$conf_dtc_system_uid}',gid='{$conf_dtc_system_gid}' WHERE mbox_host='{$dom_name}';";
        $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
        $q = "UPDATE {$pro_mysql_ftp_table} SET uid='{$conf_dtc_system_uid}',gid='{$conf_dtc_system_gid}' WHERE hostname='{$dom_name}';";
        $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
        $q = "UPDATE {$pro_mysql_ssh_table} SET uid='{$conf_dtc_system_uid}',gid='{$conf_dtc_system_gid}' WHERE hostname='{$dom_name}';";
        $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
    }
    if (isset($dom_ar["mysql"])) {
        $n_user = sizeof($dom_ar["mysql"]);
        $console .= _("Number of database users in this import: ") . $n_user . "<br>";
        $musers = array_keys($dom_ar["mysql"]);
        for ($i = 0; $i < $n_user; $i++) {
            $username = $musers[$i];
            $console .= _("Importing database username: "******"<br>";
            unset($user);
            $user = $dom_ar["mysql"][$musers[$i]];
            $password = $user["password"];
            $q = "INSERT IGNORE INTO mysql.user\n\t\t\t(Host,User,Password,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Reload_priv,Shutdown_priv,Process_priv,File_priv,\n\t\t\tGrant_priv,References_priv,Index_priv,Alter_priv,Show_db_priv,Super_priv,Create_tmp_table_priv,Lock_tables_priv,\n\t\t\tExecute_priv,Repl_slave_priv,Repl_client_priv,Create_view_priv,Show_view_priv,Create_routine_priv,\n\t\t\tAlter_routine_priv,Create_user_priv,dtcowner)\n\t\t\tVALUES ('%','{$username}','{$password}','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N',\n\t\t\t'N','N','N','N','N','N','N','N','{$adm_login}');";
            $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
            $q = "INSERT IGNORE INTO mysql.user\n\t\t\t(Host,User,Password,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Reload_priv,Shutdown_priv,Process_priv,File_priv,\n\t\t\tGrant_priv,References_priv,Index_priv,Alter_priv,Show_db_priv,Super_priv,Create_tmp_table_priv,Lock_tables_priv,\n\t\t\tExecute_priv,Repl_slave_priv,Repl_client_priv,Create_view_priv,Show_view_priv,Create_routine_priv,\n\t\t\tAlter_routine_priv,Create_user_priv,dtcowner)\n\t\t\tVALUES ('localhost','{$username}','{$password}','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N','N',\n\t\t\t'N','N','N','N','N','N','N','N','{$adm_login}');";
            $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
            if (isset($user["dbs"])) {
                $n_db = sizeof($user["dbs"]);
                $console .= _("Number of database owned by user") . " " . $username . ": " . $n_db . "<br>";
                $mdbs = array_keys($user["dbs"]);
                for ($j = 0; $j < $n_db; $j++) {
                    $db = $mdbs[$j];
                    $q = "INSERT IGNORE INTO mysql.db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,\n\t\t\t\t\tReferences_priv,Index_priv,Alter_priv,Create_tmp_table_priv,Lock_tables_priv,Create_view_priv,\n\t\t\t\t\tShow_view_priv,Create_routine_priv,Alter_routine_priv,Execute_priv)\n\t\t\t\t\tVALUES('%','{$db}','{$username}','Y','Y','Y','Y','Y','Y','N','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y');";
                    $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
                    $q = "INSERT IGNORE INTO mysql.db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_priv,Drop_priv,Grant_priv,\n\t\t\t\t\tReferences_priv,Index_priv,Alter_priv,Create_tmp_table_priv,Lock_tables_priv,Create_view_priv,\n\t\t\t\t\tShow_view_priv,Create_routine_priv,Alter_routine_priv,Execute_priv)\n\t\t\t\t\tVALUES('localhost','{$db}','{$username}','Y','Y','Y','Y','Y','Y','N','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y');";
                    $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
                }
            }
        }
        $q = "FLUSH PRIVILEGES;";
        $r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
    }
    return;
}