} else {
# Now we send the output (POSIX)...
$file = GetSystemOption('temp_dir') . $backupname . ".zip";
header('Pragma: public');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Cache-Control: private', false);
header('Content-Description: File Transfer');
header('Content-Transfer-Encoding: binary');
header('Content-Type: application/force-download');
header('Content-Length: ' . filesize($file));
header('Content-Disposition: attachment; filename=' . $backupname . '.zip');
readfile_chunked($file);
unlink(GetSystemOption('temp_dir') . $backupname . ".zip ");
function readfile_chunked($filename)
{
$chunksize = 1 * (1024 * 1024);
$buffer = '';
$handle = fopen($filename, 'rb');
if ($handle === false) {
return false;
}
while (!feof($handle)) {
$buffer = fread($handle, $chunksize);
print $buffer;
}
return fclose($handle);
}
}
header("location: " . GetNormalModuleURL($returnurl) . "&r=ok");
exit;
*/
include 'conf/zcnf.php';
include 'lang/' . GetPrefdLang($personalinfo['ap_language_vc']) . '.php';
include 'inc/zAccountDetails.php';
$sql = "SELECT * FROM z_vhosts WHERE vh_acc_fk=" . $useraccount['ac_id_pk'] . " AND vh_deleted_ts IS NULL";
$listdomains = DataExchange("r", $z_db_name, $sql);
$rowdomains = mysql_fetch_assoc($listdomains);
$totaldomains = DataExchange("t", $z_db_name, $sql);
if (isset($_GET['a'])) {
if ($_GET['a'] == 'show') {
$report_to_show1 = GetSystemOption('webalizer_sd') . $useraccount['ac_user_vc'] . "/" . $_POST['inDomain'] . "/index.html";
if (!file_exists($report_to_show1)) {
$report_to_show = "static/nowebstats/index.html";
} else {
$report_to_show = GetSystemOption('webalizer_sd') . $useraccount['ac_user_vc'] . "/" . $_POST['inDomain'] . "/index.html";
}
}
}
echo "" . $lang['27'] . "<br><br><h2>" . $lang['29'] . "</h2>";
if ($totaldomains > 0) {
echo "<form action=\"" . GetNormalModuleURL(GetFullURL()) . "&a=show\" method=\"post\" name=\"frmStats\" id=\"frmStats\">\r\n<table class=\"zform\">\r\n<tr>\r\n<td><strong>" . $lang['28'] . "</strong></td>\r\n<td><select name=\"inDomain\" id=\"inDomain\">\r\n<option value=\"\">-- " . $lang['29'] . " --</option>";
do {
echo "<option value=\"" . $rowdomains['vh_name_vc'] . "\">" . $rowdomains['vh_name_vc'] . "</option>";
} while ($rowdomains = mysql_fetch_assoc($listdomains));
echo "</select></td>\r\n<td><input type=\"submit\" name=\"Submit\" value=\"" . $lang['30'] . "\"></td>\r\n</tr>\r\n</table>\r\n</form>";
if (isset($_GET['a']) && $_GET['a'] == "show") {
echo "<br><h2>" . $lang['31'] . "</h2><iframe height=\"400\" width=\"100%\" allowtransparency=\"\" src=\"" . $report_to_show . "\" title=\"" . $lang['31'] . "\" frameborder=\"0\" scrolling=\"auto\"></iframe>";
}
} else {
echo $lang['32'];
}
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
# Now we need to declare and cleanup some variables
$acc_fk = $useraccount['ac_id_pk'];
$returnurl = Cleaner('o', $_POST['inReturn']);
# Now we turn the values that are avaliable to be saved...
$sql = "SELECT * FROM z_settings WHERE st_editable_in=1";
$listoptions = DataExchange("r", $z_db_name, $sql);
$rowoptions = mysql_fetch_assoc($listoptions);
if (isset($_POST['inSaveSystem'])) {
do {
# Now we simply update the account details based on the current session.
DataExchange("w", $z_db_name, "UPDATE z_settings SET st_value_tx='" . Cleaner('o', $_POST['' . $rowoptions['st_name_vc'] . '']) . "' WHERE st_name_vc = '" . $rowoptions['st_name_vc'] . "'");
} while ($rowoptions = mysql_fetch_assoc($listoptions));
}
if (isset($_POST['inSaveTemplate'])) {
DataExchange("w", $z_db_name, "UPDATE z_settings SET st_value_tx='" . Cleaner('o', $_POST['inTemplate']) . "' WHERE st_name_vc = 'zpanel_template'");
DataExchange("w", $z_db_name, "UPDATE z_settings SET st_value_tx='" . Cleaner('o', str_replace(".php", "", $_POST['inTranslation'])) . "' WHERE st_name_vc = 'zpanel_lang'");
}
if (isset($_POST['inSaveWelcome'])) {
DataExchange("w", $z_db_name, "UPDATE z_settings SET st_value_tx='" . htmlentities($_POST['inWelcome']) . "' WHERE st_name_vc = 'zpanel_welcome'");
}
$returnurl = GetNormalModuleURL($returnurl) . "&r=ok";
header("location: " . $returnurl . "");
exit;
$newpass = Cleaner("i", $_POST['inNewPass']);
$conpass = Cleaner("i", $_POST['inConPass']);
$doresetmysql = Cleaner("i", $_POST['inResMySQL']);
$returnurl = $_POST['inReturnURL'];
if (md5($current_pass) != $useraccount['ac_pass_vc'] || empty($newpass)) {
# Current password does not match!
$endonerror = "&r=error";
} else {
if ($newpass == $conpass) {
# Check that the new password matches the confirmation box.
if ($doresetmysql != '1') {
# User has selected to update ZPanel account password only!
$sql = "UPDATE z_accounts SET ac_pass_vc='" . md5($newpass) . "' WHERE ac_id_pk=" . $acc_fk . "";
DataExchange("w", $z_db_name, $sql);
TriggerLog($acc_fk, "User has updated their ZPanel account password.");
$endonerror = "&r=ok";
} else {
# User has selected to change both passwords.
$sql = "UPDATE z_accounts SET ac_pass_vc='" . md5($newpass) . "' WHERE ac_id_pk=" . $acc_fk . "";
DataExchange("w", $z_db_name, $sql);
zapi_mysqluser_setpass($useraccount['ac_user_vc'], $newpass, $zdb);
TriggerLog($acc_fk, "User has updated both their ZPanel and MySQL account passwords.");
$endonerror = "&r=ok-both";
}
} else {
$endonerror = "&r=error";
}
}
$returnurl = GetNormalModuleURL($returnurl) . "" . $endonerror . "";
header("location: " . $returnurl . "");
exit;