function licenseKeyGen($userData, $privKey, $password)
{
$rsa = new Crypt_RSA();
$rsa->loadKey($privKey);
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
$crypted = $rsa->encrypt($userData);
// JSON->RAW Format
$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
$rsa->setHash('sha512');
$signature = $rsa->sign(hash('sha512', $userData) . hash('sha512', $crypted));
//sha512(JSON)+sha512(RAW)->RAW
$license = ['Key1' => base64_encode($crypted), 'Key2' => base64_encode($signature)];
$gzdata = gzencode(json_encode($license), 9);
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CFB);
$iv = mcrypt_create_iv($iv_size);
$crypted_license = $iv . mcrypt_encrypt(MCRYPT_RIJNDAEL_256, passgen($password, $iv, true), $gzdata, MCRYPT_MODE_CFB, $iv);
return base64_encode($crypted_license);
}
} else {
if (isset($_POST['edit_id'])) {
$edit_id = $_POST['edit_id'];
} else {
user_goto('users.php?psi=last');
}
}
$tpl = EasySCP_TemplateEngine::getInstance();
$template = 'reseller/user_edit.tpl';
// static page messages
gen_logged_from($tpl);
$tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP - Users/Edit'), 'TR_EDIT_USER' => tr('Edit user'), 'TR_CORE_DATA' => tr('Core data'), 'TR_USERNAME' => tr('Username'), 'TR_PASSWORD' => tr('Password'), 'TR_REP_PASSWORD' => tr('Repeat password'), 'TR_DMN_IP' => tr('Domain IP'), 'TR_USREMAIL' => tr('Email'), 'TR_ADDITIONAL_DATA' => tr('Additional data'), 'TR_CUSTOMER_ID' => tr('Customer ID'), 'TR_FIRSTNAME' => tr('First name'), 'TR_LASTNAME' => tr('Last name'), 'TR_COMPANY' => tr('Company'), 'TR_POST_CODE' => tr('Zip/Postal code'), 'TR_CITY' => tr('City'), 'TR_STATE' => tr('State/Province'), 'TR_COUNTRY' => tr('Country'), 'TR_STREET1' => tr('Street 1'), 'TR_STREET2' => tr('Street 2'), 'TR_MAIL' => tr('Email'), 'TR_PHONE' => tr('Phone'), 'TR_FAX' => tr('Fax'), 'TR_GENDER' => tr('Gender'), 'TR_MALE' => tr('Male'), 'TR_FEMALE' => tr('Female'), 'TR_UNKNOWN' => tr('Unknown'), 'EDIT_ID' => $edit_id, 'TR_BTN_ADD_USER' => tr('Submit changes'), 'TR_MANAGE_USERS' => tr('Manage users'), 'TR_USERS' => tr('Users'), 'TR_NO' => tr('No.'), 'TR_ACTION' => tr('Action'), 'TR_BACK' => tr('Back'), 'TR_TITLE_BACK' => tr('Return to previous menu'), 'TR_TABLE_NAME' => tr('Users list'), 'TR_SEND_DATA' => tr('Send new login data'), 'TR_PASSWORD_GENERATE' => tr('Generate password'), 'PASSWORD_DISABLED' => tr('Password change is deactivated!'), 'DEMO_VERSION' => tr('Demo Version!')));
gen_reseller_mainmenu($tpl, 'reseller/main_menu_users_manage.tpl');
gen_reseller_menu($tpl, 'reseller/menu_users_manage.tpl');
if (isset($_POST['genpass'])) {
$tpl->assign('VAL_PASSWORD', passgen());
} else {
$tpl->assign('VAL_PASSWORD', '');
}
if (isset($_POST['Submit']) && isset($_POST['uaction']) && 'save_changes' === $_POST['uaction']) {
// Process data
if (isset($_SESSION['edit_ID'])) {
$hpid = $_SESSION['edit_ID'];
} else {
$_SESSION['edit'] = '_no_';
user_goto('users.php?psi=last');
}
if (isset($_SESSION['user_name'])) {
$dmn_user_name = $_SESSION['user_name'];
} else {
$_SESSION['edit'] = '_no_';
$req = mysql_query("SELECT * FROM `users` WHERE `id` = '{$id}'");
if (mysql_num_rows($req)) {
$res = mysql_fetch_assoc($req);
if (empty($res['rest_code']) || empty($res['rest_time'])) {
$error = $lng_pass['error_fatal'];
}
if (!$error && ($res['rest_time'] < time() - 3600 || $code != $res['rest_code'])) {
$error = $lng_pass['error_timelimit'];
mysql_query("UPDATE `users` SET `rest_code` = '', `rest_time` = '' WHERE `id` = '{$id}'");
}
} else {
$error = $lng['error_user_not_exist'];
}
if (!$error) {
// Высылаем пароль на E-mail
$pass = passgen(4);
$subject = $lng_pass['your_new_password'];
$mail = $lng_pass['restore_help1'] . ', ' . $res['name'] . "\r\n" . $lng_pass['restore_help8'] . ' ' . $set['homeurl'] . "\r\n";
$mail .= $lng_pass['your_new_password'] . ": {$pass}\r\n";
$mail .= $lng_pass['restore_help7'];
$adds = "From: <" . $set['email'] . ">\n";
$adds .= "Content-Type: text/plain; charset=\"utf-8\"\r\n";
if (mail($res['mail'], $subject, $mail, $adds)) {
mysql_query("UPDATE `users` SET `rest_code` = '', `password` = '" . md5(md5($pass)) . "' WHERE `id` = '{$id}'");
echo '<div class="phdr">' . $lng_pass['change_password'] . '</div>';
echo '<div class="gmenu"><p>' . $lng_pass['change_password_conf'] . '</p></div>';
} else {
echo '<div class="rmenu"><p>' . $lng_pass['error_email_sent'] . '</p></div>';
}
} else {
// Выводим сообщение об ошибке
/**
* generate page add user 3
* @param EasySCP_TemplateEngine $tpl
*/
function gen_user_add3_page($tpl)
{
global $dmn_name, $hpid, $dmn_user_name, $user_email, $customer_id, $first_name, $last_name, $gender, $firm, $zip, $city, $state, $country, $street_one, $street_two, $phone, $fax;
$cfg = EasySCP_Registry::get('Config');
$dmn_user_name = decode_idna($dmn_user_name);
// Fill in the fields
$tpl->assign(array('VL_USERNAME' => tohtml($dmn_user_name), 'VL_USR_PASS' => passgen(), 'VL_MAIL' => tohtml($user_email), 'VL_USR_ID' => $customer_id, 'VL_USR_NAME' => tohtml($first_name), 'VL_LAST_USRNAME' => tohtml($last_name), 'VL_USR_FIRM' => tohtml($firm), 'VL_USR_POSTCODE' => tohtml($zip), 'VL_USRCITY' => tohtml($city), 'VL_USRSTATE' => tohtml($state), 'VL_MALE' => $gender == 'M' ? $cfg->HTML_SELECTED : '', 'VL_FEMALE' => $gender == 'F' ? $cfg->HTML_SELECTED : '', 'VL_UNKNOWN' => $gender == 'U' ? $cfg->HTML_SELECTED : '', 'VL_COUNTRY' => tohtml($country), 'VL_STREET1' => tohtml($street_one), 'VL_STREET2' => tohtml($street_two), 'VL_PHONE' => tohtml($phone), 'VL_FAX' => tohtml($fax)));
generate_ip_list($tpl, $_SESSION['user_id']);
$_SESSION['local_data'] = "{$dmn_name};{$hpid}";
}
function sendpassword($uniqkey)
{
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
$query = "\n\t\tSELECT\n\t\t\t`admin_name`, `created_by`, `fname`, `lname`, `email`\n\t\tFROM\n\t\t\t`admin`\n\t\tWHERE\n\t\t\t`uniqkey` = ?\n\t";
$res = exec_query($sql, $query, $uniqkey);
if ($res->recordCount() == 1) {
$admin_name = $res->fields['admin_name'];
$created_by = $res->fields['created_by'];
$admin_fname = $res->fields['fname'];
$admin_lname = $res->fields['lname'];
$to = $res->fields['email'];
$upass = passgen();
setPassword($uniqkey, $upass);
write_log('Lostpassword: '******': password updated');
$query = "\n\t\t\tUPDATE\n\t\t\t\t`admin`\n\t\t\tSET\n\t\t\t\t`uniqkey` = ?,\n\t\t\t\t`uniqkey_time` = ?\n\t\t\tWHERE\n\t\t\t\t`uniqkey` = ?\n\t\t";
exec_query($sql, $query, array('', '', $uniqkey));
if ($created_by == 0) {
$created_by = 1;
}
$data = get_lostpassword_password_email($created_by);
$from_name = $data['sender_name'];
$from_email = $data['sender_email'];
$subject = $data['subject'];
$message = $data['message'];
$base_vhost = $cfg->BASE_SERVER_VHOST;
$base_vhost_prefix = $cfg->BASE_SERVER_VHOST_PREFIX;
if ($from_name) {
$from = '"' . $from_name . '" <' . $from_email . '>';
} else {
$from = $from_email;
}
$search = array();
$replace = array();
$search[] = '{USERNAME}';
$replace[] = $admin_name;
$search[] = '{NAME}';
$replace[] = $admin_fname . " " . $admin_lname;
$search[] = '{PASSWORD}';
$replace[] = $upass;
$search[] = '{BASE_SERVER_VHOST}';
$replace[] = $base_vhost;
$search[] = '{BASE_SERVER_VHOST_PREFIX}';
$replace[] = $base_vhost_prefix;
$subject = str_replace($search, $replace, $subject);
$message = str_replace($search, $replace, $message);
$headers = 'From: ' . $from . "\n";
$headers .= "MIME-Version: 1.0\nContent-Type: text/plain; charset=utf-8\nContent-Transfer-Encoding: 7bit\n";
$headers .= 'X-Mailer: EasySCP lostpassword mailer';
$mail_result = mail($to, $subject, $message, $headers);
$mail_status = $mail_result ? 'OK' : 'NOT OK';
$from = tohtml($from);
write_log("Lostpassword activated: To: |{$to}|, From: |{$from}|, Status: |{$mail_status}| !", E_USER_NOTICE);
return true;
}
return false;
}
/**
* Send password
*
* @param string $uniqueKey
* @return bool TRUE when password was sended, FALSE otherwise
*/
function sendPassword($uniqueKey)
{
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
$stmt = exec_query('SELECT `admin_name`, `created_by`, `fname`, `lname`, `email` FROM `admin` WHERE `uniqkey` = ?', $uniqueKey);
if ($stmt->rowCount()) {
$adminName = $stmt->fields['admin_name'];
$createdBy = $stmt->fields['created_by'];
$adminFirstName = $stmt->fields['fname'];
$adminLastName = $stmt->fields['lname'];
$to = $stmt->fields['email'];
$userPassword = passgen();
setPassword($uniqueKey, $userPassword);
write_log('Lostpassword: '******': password updated', E_USER_NOTICE);
exec_query('UPDATE `admin` SET `uniqkey` = ?, `uniqkey_time` = ? WHERE `uniqkey` = ?', array('', '', $uniqueKey));
if ($createdBy == 0) {
$createdBy = 1;
}
$data = get_lostpassword_password_email($createdBy);
$fromName = $data['sender_name'];
$fromEmail = $data['sender_email'];
$subject = $data['subject'];
$message = $data['message'];
$baseServerVhostPrefix = $cfg['BASE_SERVER_VHOST_PREFIX'];
$baseServerVhost = $cfg['BASE_SERVER_VHOST'];
$baseServerVhostPort = $baseServerVhostPrefix == 'http://' ? $cfg['BASE_SERVER_VHOST_HTTP_PORT'] == '80' ? '' : ':' . $cfg['BASE_SERVER_VHOST_HTTP_PORT'] : ($cfg['BASE_SERVER_VHOST_HTTPS_PORT'] == '443' ? '' : ':' . $cfg['BASE_SERVER_VHOST_HTTPS_PORT']);
if ($fromName) {
$from = '"' . $fromName . '" <' . $fromEmail . '>';
} else {
$from = $fromEmail;
}
$search = array();
$replace = array();
$search[] = '{USERNAME}';
$replace[] = $adminName;
$search[] = '{NAME}';
$replace[] = $adminFirstName . " " . $adminLastName;
$search[] = '{PASSWORD}';
$replace[] = $userPassword;
$search[] = '{BASE_SERVER_VHOST_PREFIX}';
$replace[] = $baseServerVhostPrefix;
$search[] = '{BASE_SERVER_VHOST}';
$replace[] = $baseServerVhost;
$search[] = '{BASE_SERVER_VHOST_PORT}';
$replace[] = $baseServerVhostPort;
$subject = str_replace($search, $replace, $subject);
$message = str_replace($search, $replace, $message);
$headers = 'From: ' . $from . "\n";
$headers .= "MIME-Version: 1.0\nContent-Type: text/plain; charset=utf-8\n";
$headers .= "Content-Transfer-Encoding: 7bit\n";
$headers .= 'X-Mailer: i-MSCP mailer';
$mailResult = mail($to, $subject, $message, $headers);
$mailStatus = $mailResult ? 'OK' : 'NOT OK';
$from = tohtml($from);
write_log("Lostpassword activated: To: |{$to}|, From: |{$from}|, Status: |{$mailStatus}| !", E_USER_NOTICE);
return true;
}
return false;
}
function sendpw($uniqkey)
{
global $sql;
$query = <<<SQL_QUERY
select
admin_name, created_by, fname, lname, email
from
admin
where
uniqkey = ?
SQL_QUERY;
$res = exec_query($sql, $query, array($uniqkey));
if ($res->RecordCount() == 1) {
$admin_name = $res->fields['admin_name'];
$created_by = $res->fields['created_by'];
$admin_fname = $res->fields['fname'];
$admin_lname = $res->fields['lname'];
$to = $res->fields['email'];
$upass = passgen();
$query = <<<SQL_QUERY
update
admin
set
admin_pass = ?
where
uniqkey = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array(crypt_user_pass($upass), $uniqkey));
write_log("Lostpassword: "******" : password updated");
$query = <<<SQL_QUERY
update
admin
set
uniqkey = ?
where
uniqkey = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array('', $uniqkey));
$query = <<<SQL_QUERY
\t select
\t admin_id, fname, lname, email
\t from
\t admin
\twhere
\t admin_id = ?
SQL_QUERY;
if ($created_by == 0) {
$created_by = 1;
}
$res = exec_query($sql, $query, array($created_by));
$admin_id = $res->fields['admin_id'];
$from_fname = $res->fields['fname'];
$from_lname = $res->fields['lname'];
$from_email = $res->fields['email'];
if ($from_fname && $from_lname) {
$from = "{$from_fname} {$from_lname} <{$from_email}>";
} else {
$from = $from_email;
}
$query = <<<SQL_QUERY
select
subject, message
from
email_tpls
where
owner_id = ?
and
name = 'lostpw-msg-2'
SQL_QUERY;
$res = exec_query($sql, $query, array($admin_id));
$subject = $res->fields['subject'];
$message = $res->fields['message'];
if ($res->RecordCount() == 0) {
$subject = "Auto message allert for lostpw ! {USERNAME}";
$message = <<<MSG
Hello {NAME} !
Your VHCS login is: {USERNAME}
Your VHCS password is: {PASSWORD}
Good Luck with VHCS Pro System
Hosting Provider Team
MSG;
}
$subject = preg_replace("/\\{USERNAME\\}/", $admin_name, $subject);
$message = preg_replace("/\\{USERNAME\\}/", $admin_name, $message);
$message = preg_replace("/\\{NAME\\}/", $admin_fname . " " . $admin_lname, $message);
$message = preg_replace("/\\{PASSWORD\\}/", $upass, $message);
$message = str_replace(chr(10), "", $message);
$headers = "From: {$from}\r\n";
$headers .= "Content-Type: text/plain\nContent-Transfer-Encoding: 7bit\n";
$headers .= "X-Mailer: VHCS Pro lostpassword mailer";
$mail_result = mail($to, $subject, $message, $headers);
$mail_status = $mail_result ? 'OK' : 'NOT OK';
$log_message = "Lostpassword aktivated: To: |{$to}|, From: |{$from}|, Status: |{$mail_status}| !";
write_log($log_message);
return true;
}
return false;
}
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
* @link http://www.easyscp.net
* @author EasySCP Team
*/
require '../../include/easyscp-lib.php';
check_login(__FILE__);
$cfg = EasySCP_Registry::get('Config');
$tpl = EasySCP_TemplateEngine::getInstance();
$template = 'admin/admin_add.tpl';
add_user($tpl);
// static page messages
$tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP - Admin/Manage users/Add User'), 'TR_EMPTY_OR_WORNG_DATA' => tr('Empty data or wrong field!'), 'TR_PASSWORD_NOT_MATCH' => tr("Passwords don't match!"), 'TR_ADD_ADMIN' => tr('Add admin'), 'TR_CORE_DATA' => tr('Core data'), 'TR_USERNAME' => tr('Username'), 'TR_PASSWORD' => tr('Password'), 'TR_PASSWORD_REPEAT' => tr('Repeat password'), 'TR_EMAIL' => tr('Email'), 'TR_ADDITIONAL_DATA' => tr('Additional data'), 'TR_FIRST_NAME' => tr('First name'), 'TR_LAST_NAME' => tr('Last name'), 'TR_GENDER' => tr('Gender'), 'TR_MALE' => tr('Male'), 'TR_FEMALE' => tr('Female'), 'TR_UNKNOWN' => tr('Unknown'), 'TR_COMPANY' => tr('Company'), 'TR_ZIP_POSTAL_CODE' => tr('Zip/Postal code'), 'TR_CITY' => tr('City'), 'TR_STATE' => tr('State/Province'), 'TR_COUNTRY' => tr('Country'), 'TR_STREET_1' => tr('Street 1'), 'TR_STREET_2' => tr('Street 2'), 'TR_PHONE' => tr('Phone'), 'TR_FAX' => tr('Fax'), 'TR_PHONE' => tr('Phone'), 'TR_ADD' => tr('Add'), 'GENPAS' => passgen()));
gen_admin_mainmenu($tpl, 'admin/main_menu_users_manage.tpl');
gen_admin_menu($tpl, 'admin/menu_users_manage.tpl');
gen_page_message($tpl);
if ($cfg->DUMP_GUI_DEBUG) {
dump_gui_debug($tpl);
}
$tpl->display($template);
unset_messages();
/**
* @param EasySCP_TemplateEngine $tpl
*/
function add_user($tpl)
{
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
* @link http://www.easyscp.net
* @author EasySCP Team
*/
require '../../include/easyscp-lib.php';
check_login(__FILE__);
$cfg = EasySCP_Registry::get('Config');
$tpl = EasySCP_TemplateEngine::getInstance();
$template = 'admin/reseller_add.tpl';
// static page messages
$reseller_ips = get_server_ip($tpl);
add_reseller($tpl);
$tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP - Admin/Manage users/Add reseller'), 'TR_ADD_RESELLER' => tr('Add reseller'), 'TR_CORE_DATA' => tr('Core data'), 'TR_USERNAME' => tr('Username'), 'TR_PASSWORD' => tr('Password'), 'TR_PASSWORD_REPEAT' => tr('Repeat password'), 'TR_EMAIL' => tr('Email'), 'TR_MAX_DOMAIN_COUNT' => tr('Domains limit<br /><em>(0 unlimited)</em>'), 'TR_MAX_SUBDOMAIN_COUNT' => tr('Subdomains limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_ALIASES_COUNT' => tr('Aliases limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_MAIL_USERS_COUNT' => tr('Mail accounts limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_FTP_USERS_COUNT' => tr('FTP accounts limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_SQLDB_COUNT' => tr('SQL databases limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_SQL_USERS_COUNT' => tr('SQL users limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_TRAFFIC_AMOUNT' => tr('Traffic limit [MB]<br /><em>(0 unlimited)</em>'), 'TR_MAX_DISK_AMOUNT' => tr('Disk limit [MB]<br /><em>(0 unlimited)</em>'), 'TR_PHP' => tr('PHP'), 'TR_PERL_CGI' => tr('CGI / Perl'), 'TR_JSP' => tr('JSP'), 'TR_SSI' => tr('SSI'), 'TR_FRONTPAGE_EXT' => tr('Frontpage extensions'), 'TR_BACKUP_RESTORE' => tr('Backup and restore'), 'TR_CUSTOM_ERROR_PAGES' => tr('Custom error pages'), 'TR_PROTECTED_AREAS' => tr('Protected areas'), 'TR_WEBMAIL' => tr('Webmail'), 'TR_DIR_LIST' => tr('Directory listing'), 'TR_APACHE_LOGFILES' => tr('Apache logfiles'), 'TR_AWSTATS' => tr('AwStats'), 'TR_LOGO_UPLOAD' => tr('Logo upload'), 'TR_YES' => tr('Yes'), 'TR_NO' => tr('No'), 'TR_SUPPORT_SYSTEM' => tr('Support system'), 'TR_RESELLER_IPS' => tr('Reseller IPs'), 'TR_ADDITIONAL_DATA' => tr('Additional data'), 'TR_CUSTOMER_ID' => tr('Customer ID'), 'TR_FIRST_NAME' => tr('First name'), 'TR_LAST_NAME' => tr('Last name'), 'TR_GENDER' => tr('Gender'), 'TR_MALE' => tr('Male'), 'TR_FEMALE' => tr('Female'), 'TR_UNKNOWN' => tr('Unknown'), 'TR_COMPANY' => tr('Company'), 'TR_ZIP_POSTAL_CODE' => tr('Zip/Postal code'), 'TR_CITY' => tr('City'), 'TR_STATE' => tr('State/Province'), 'TR_COUNTRY' => tr('Country'), 'TR_STREET_1' => tr('Street 1'), 'TR_STREET_2' => tr('Street 2'), 'TR_PHONE' => tr('Phone'), 'TR_FAX' => tr('Fax'), 'TR_ADD' => tr('Add'), 'GENPAS' => passgen()));
gen_admin_mainmenu($tpl, 'admin/main_menu_users_manage.tpl');
gen_admin_menu($tpl, 'admin/menu_users_manage.tpl');
gen_page_message($tpl);
if ($cfg->DUMP_GUI_DEBUG) {
dump_gui_debug($tpl);
}
$tpl->display($template);
unset_messages();
/**
* Get Server IPs
* @param EasySCP_TemplateEngine $tpl
*/
function get_server_ip($tpl)
{
$cfg = EasySCP_Registry::get('Config');