public function content()
{
global $dbh, $postvar, $getvar, $instance;
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
$user = $dbh->staff($_SESSION['user']);
if (!$user['password']) {
main::errors("Wrong username!?");
} else {
if (crypto::passhash($postvar['old'], $user['salt']) == $user['password']) {
if ($postvar['new'] != $postvar['confirm']) {
main::errors("Your passwords don't match!");
} else {
$salt = crypto::salt();
$newpass = crypto::passhash($postvar['new'], $salt);
$update_staff = array("password" => $newpass, "salt" => $salt);
$dbh->update("staff", $update_staff, array("id", "=", $_SESSION['user']));
main::errors("Password changed!");
}
} else {
main::errors("Your old password was wrong!");
}
}
}
}
echo style::replaceVar("tpl/admin/change-admin-password.tpl");
}
public function import()
{
global $dbh, $postvar, $getvar, $instance;
if (!$_POST) {
$servers_query = $dbh->select("servers", array("type", "=", "zpanel"), 0, 0, 1);
while ($servers_data = $dbh->fetch_array($servers_query)) {
$values[] = array($servers_data['name'], $servers_data['id']);
}
$zpanel_array['DROPDOWN'] = main::dropdown("server", $values);
echo style::replaceVar("tpl/admin/import/zpanel.tpl", $zpanel_array);
} elseif ($_POST) {
$postvar['server'] = $postvar['server'];
//Hack to make sure we post the 'server' field as it doesn't post if it's empty.
check::empty_fields();
if (main::errors()) {
echo "<ERRORS>";
} else {
$n = 0;
include INC . "/servers/zpanel.php";
$zpanel = new zpanel($postvar['server']);
$zpanel_accounts = $zpanel->listaccs($postvar['server']);
foreach ($zpanel_accounts as $zpanel_data) {
$packages_data = $dbh->select("packages", array("backend", "=", $zpanel_data['package']));
$users_data = $dbh->select("users", array("user", "=", $zpanel_data['user']));
if (!$packages_data['id']) {
$packages_insert = array("name" => $zpanel_data['package'], "backend" => $zpanel_data['package'], "description" => "Imported from ZPanel: " . $zpanel_data['package'], "type" => "free", "server" => $postvar['server'], "admin" => "1");
$dbh->insert("packages", $packages_insert);
}
$new_packages_data = $dbh->select("packages", array("backend", "=", $zpanel_data['package']));
if (!$users_data['id']) {
$salt = crypto::salt();
$newpass = crypto::passhash(rand(), $salt);
$users_insert = array("user" => $zpanel_data['user'], "zpanel_uid" => $zpanel_data['user'], "email" => $zpanel_data['user'], "password" => $zpanel_data['user'], "salt" => $zpanel_data['user'], "signup" => $zpanel_data['user'], "status" => $zpanel_data['user'], "domain" => $zpanel_data['user'], "pid" => $zpanel_data['user']);
$dbh->insert("users", $users_insert);
$dbh->insert("users_bak", $users_insert);
$n++;
}
}
echo $n . " Accounts have been imported";
}
}
}
$packages_list_array['PACKAGES'] .= "</tr>";
$n = 0;
}
}
//Subdomains
$subdomains_query = $dbh->select("subdomains");
$tldonly = $dbh->config("tldonly");
if ($dbh->num_rows($subdomains_query) == 0 || $tldonly == "1") {
$packages_list_array["CANHASSUBDOMAIN"] = "";
} else {
$packages_list_array["CANHASSUBDOMAIN"] = '<option value="sub">Subdomain</option>';
}
$maincontent = style::replaceVar("tpl/order/packages-list.tpl", $packages_list_array);
} else {
if ($_POST['submitfinish']) {
check::empty_fields(array("coupon"));
if (main::errors()) {
$order_form_array['ERRORS'] = style::replaceVar("tpl/order/errors.tpl", array()) . "<br><br>";
} else {
//We don't check that the TOS is checked because it will be seen as an empty field and get caught by check:empty_fields.
if (!check::user($postvar['username'])) {
main::errors(nl2br("The username was either taken or was in an invalid format.\n\n Usernames:\n 1.) Must be between 4-8 characters long\n 2.) Must not start with a number\n 3.) Must be alphanumeric"));
}
if (!check::pass($postvar['password'], $postvar['confirmp'])) {
main::errors(nl2br("Your passwords either do not match or contain invalid characters. (< and > are not allowed. O>.<O Nor is #"));
}
if (!check::email($postvar['email'])) {
main::errors(nl2br("Your email address didn't match one or more of the following:\n\n Your email address:\n 1.) Must be in the correct format\n 2.) Must not be associated with another client\n 3.) If you're using an email address hosted with us, please make sure your email address has the proper \"MX\" or \"A\" DNS record."));
}
if (!check::firstname($postvar['firstname'])) {
main::errors(nl2br("In our system, your first and last name may only contain letters and the following characters:.' - and space."));
public function content()
{
global $dbh, $postvar, $getvar, $instance;
switch ($getvar['sub']) {
default:
if ($_POST) {
check::empty_fields();
foreach ($postvar as $key => $value) {
$broke = explode("_", $key);
if ($broke[0] == "pages") {
$postvar['perms'][$broke[1]] = $value;
}
}
if (!main::errors()) {
$staff_query = $dbh->select("staff", array("user", "=", $postvar['user']), 0, "1", 1);
if (!check::email($postvar['email'])) {
main::errors("Your email is the wrong format or is already in use by another staff member or client.");
} elseif ($postvar['pass'] != $postvar['conpass']) {
main::errors("Passwords don't match!");
} elseif ($dbh->num_rows($staff_query) >= 1) {
main::errors("That account already exists!");
} else {
if ($postvar['perms']) {
foreach ($postvar['perms'] as $key => $value) {
if ($n) {
$perms .= ",";
}
if ($value == "1") {
$perms .= $key;
}
$n++;
}
}
$salt = crypto::salt();
$password = crypto::passhash($postvar['pass'], $salt);
$staff_insert = array("user" => $postvar['user'], "name" => $postvar['name'], "email" => $postvar['email'], "password" => $password, "salt" => $salt, "perms" => $perms, "tzadjust" => $postvar['tzones']);
$dbh->insert("staff", $staff_insert);
main::errors("Account added!");
}
}
}
$acpnav_query = $dbh->select("acpnav", array("link", "!=", "home"), array("id", "ASC"), 0, 1);
$add_staff_member_array['PAGES'] = '<table width="100%" border="0" cellspacing="0" cellpadding="1">';
while ($acpnav_data = $dbh->fetch_array($acpnav_query)) {
$add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">' . $acpnav_data['visual'] . ':</td><td><input name="pages_' . $acpnav_data['id'] . '" id="pages_' . $acpnav_data['id'] . '" type="checkbox" value="1" /></td></tr>';
}
$add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">Paid Configuration:</td><td><input name="pages_paid" id="pages_paid" type="checkbox" value="1" /></td></tr>';
$add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">P2H Forums:</td><td><input name="pages_p2h" id="pages_p2h" type="checkbox" value="1" /></td></tr>';
$add_staff_member_array['PAGES'] .= "</table>";
$add_staff_member_array['TZADJUST'] = main::tzlist();
echo style::replaceVar("tpl/admin/staff/add-staff-member.tpl", $add_staff_member_array);
break;
case "edit":
if (isset($getvar['do'])) {
$staff_data = $dbh->select("staff", array("id", "=", $getvar['do']));
if (!$staff_data["user"]) {
echo "That account doesn't exist!";
} else {
if ($_POST) {
check::empty_fields();
foreach ($postvar as $key => $value) {
$broke = explode("_", $key);
if ($broke[0] == "pages") {
$postvar['perms'][$broke[1]] = $value;
}
}
if (!main::errors()) {
if (!check::email($postvar['email'], $getvar['do'], "staff")) {
main::errors("Your email is the wrong format or is already in use by another staff member or client.");
} else {
if ($postvar['perms']) {
foreach ($postvar['perms'] as $key => $value) {
if ($n) {
$perms .= ",";
}
if ($value == "1") {
$perms .= $key;
}
$n++;
}
}
$staff_update = array("email" => $postvar['email'], "name" => $postvar['name'], "perms" => $perms, "tzadjust" => $postvar['tzones'], "user" => $postvar['user']);
$dbh->update("staff", $staff_update, array("id", "=", $getvar['do']));
//Staff account edit complete
main::done();
}
}
}
$edit_staff_member_array['USER'] = $staff_data['user'];
$edit_staff_member_array['EMAIL'] = $staff_data['email'];
$edit_staff_member_array['NAME'] = $staff_data['name'];
$edit_staff_member_array['TZADJUST'] = main::tzlist($staff_data['tzadjust']);
$acpnav_query = $dbh->select("acpnav", array("link", "!=", "home"), array("id", "ASC"), 0, 1);
$edit_staff_member_array['PAGES'] = '<table width="100%" border="0" cellspacing="0" cellpadding="1">';
while ($acpnav_data = $dbh->fetch_array($acpnav_query)) {
if (!main::checkPerms($acpnav_data['id'], $staff_data['id'])) {
$checked = 'checked="checked"';
}
$edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">' . $acpnav_data['visual'] . ':</td><td><input name="pages_' . $acpnav_data['id'] . '" id="pages_' . $acpnav_data['id'] . '" type="checkbox" value="1" ' . $checked . '/></td></tr>' . "\n";
$checked = NULL;
}
if (substr_count($staff_data['perms'], "paid") == '1') {
$paid_check = 'checked="checked"';
}
if (substr_count($staff_data['perms'], "p2h") == '1') {
$p2h_check = 'checked="checked"';
}
$edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">Paid Configuration:</td><td><input name="pages_paid" id="pages_paid" type="checkbox" value="1" ' . $paid_check . '/></td></tr>' . "\n";
$edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">P2H Forums:</td><td><input name="pages_p2h" id="pages_p2h" type="checkbox" value="1" ' . $p2h_check . '/></td></tr>' . "\n";
$edit_staff_member_array['PAGES'] .= "</table>";
echo style::replaceVar("tpl/admin/staff/edit-staff-member.tpl", $edit_staff_member_array);
}
} else {
$staff_query = $dbh->select("staff");
if ($dbh->num_rows($staff_query) == 0) {
echo "There are no staff accounts to edit!";
} else {
echo "<ERRORS>";
while ($staff_data = $dbh->fetch_array($staff_query)) {
echo main::sub("<strong>" . $staff_data['user'] . "</strong>", '<a href="?page=staff&sub=edit&do=' . $staff_data['id'] . '"><img src="' . URL . 'themes/icons/pencil.png"></a>');
}
}
}
break;
case "delete":
$staff_query = $dbh->select("staff");
if ($getvar['do'] && $dbh->num_rows($staff_query) > 1) {
$dbh->delete("staff", array("id", "=", $getvar['do']));
main::errors("Staff Account Deleted!");
} elseif ($getvar['do']) {
main::errors("Theres only one staff account!");
}
if ($dbh->num_rows($staff_query) == 0) {
echo "There are no staff accounts to edit!";
} else {
$staff_query = $dbh->select("staff");
//This pulls the current staff list after deletion.
echo "<ERRORS>";
while ($staff_data = $dbh->fetch_array($staff_query)) {
echo main::sub("<strong>" . $staff_data['user'] . "</strong>", '<a href="?page=staff&sub=delete&do=' . $staff_data['id'] . '"><img src="' . URL . 'themes/icons/delete.png"></a>');
}
}
break;
}
}
public function acpPage()
{
global $dbh, $postvar, $getvar, $instance;
switch ($getvar['do']) {
default:
if ($_POST) {
check::empty_fields(array("prefix"));
if (!main::errors()) {
$forumcon = $dbh->connect($postvar['hostname'], $postvar['username'], $postvar['password'], $postvar['database']);
if (is_string($forumcon)) {
main::errors($forumcon);
} else {
$forums_params = $this->forumdata($postvar['forumname']);
if ($forums_params['id']) {
main::errors("This forum name has already been used! Please choose a new one.<br>");
} else {
$p2h_insert = array("forumname" => $postvar['forumname'], "username" => $postvar['username'], "password" => $postvar['password'], "forumdb" => $postvar['database'], "hostname" => $postvar['hostname'], "prefix" => $postvar['prefix'], "forumtype" => $postvar['forum'], "url" => $postvar['url']);
$dbh->insert("p2h", $p2h_insert);
main::errors("Your forum has been added!<br>");
}
}
}
}
$manage_forums_array['CONTENT'] = style::replaceVar("tpl/admin/p2h/add-forum.tpl");
break;
case "edit":
$forums_params = $this->forumdata();
if ($dbh->num_rows($forums_params) == 0) {
$manage_forums_array['CONTENT'] = "There are no forums to edit!<br>";
} else {
if ($getvar['id']) {
if ($_POST) {
check::empty_fields(array("password"));
if (!main::errors()) {
$forumcon = $dbh->connect($postvar['hostname'], $postvar['username'], $postvar['password'], $postvar['database']);
if (is_string($forumcon)) {
main::errors($forumcon);
} else {
$forums_params = $this->forumdata($getvar['id']);
if (!$forums_params['id']) {
main::errors("This forum name does not exist.<br>");
} else {
$p2h_update = array("forumname" => $postvar['forumname'], "username" => $postvar['username'], "forumdb" => $postvar['database'], "hostname" => $postvar['hostname'], "prefix" => $postvar['prefix'], "url" => $postvar['url']);
$dbh->update("p2h", $p2h_update, array("id", "=", $getvar['id']));
if ($postvar['password']) {
$dbh->update("p2h", array("password" => $postvar['password']), array("id", "=", $getvar['id']));
}
main::errors("Forum Edited!<br>");
}
}
}
}
$forumdata = $this->forumdata($getvar['id']);
if (!$forumdata['id']) {
main::done();
}
$edit_forum_array['HOST'] = $forumdata['hostname'];
$edit_forum_array['NAME'] = $forumdata['forumname'];
$edit_forum_array['URL'] = $forumdata['url'];
$manage_forums_array['CONTENT'] = style::replaceVar("tpl/admin/p2h/edit-forum.tpl", $edit_forum_array);
} else {
$manage_forums_array['CONTENT'] .= "<ERRORS>";
while ($forums_params_data = $dbh->fetch_array($forums_params)) {
$manage_forums_array['CONTENT'] .= main::sub("<strong>" . $forums_params_data['forumname'] . "</strong>", '<a href="?page=type&type=p2h&sub=forums&do=edit&id=' . $forums_params_data['id'] . '"><img src="' . URL . 'themes/icons/pencil.png"></a>');
}
}
}
break;
case "delete":
$forums_params = $this->forumdata();
if ($dbh->num_rows($forums_params) == 0) {
$manage_forums_array['CONTENT'] = "There are no forums to delete!<br>";
} else {
if ($getvar['id']) {
$dbh->delete("p2h", array("id", "=", $getvar['id']));
main::errors("Forum deleted!<br>");
$forums_params = $this->forumdata();
}
$manage_forums_array['CONTENT'] .= "<ERRORS>";
while ($forums_params_data = $dbh->fetch_array($forums_params)) {
$manage_forums_array['CONTENT'] .= main::sub("<strong>" . $forums_params_data['forumname'] . "</strong>", '<a href="?page=type&type=p2h&sub=forums&do=delete&id=' . $forums_params_data['id'] . '"><img src="' . URL . 'themes/icons/delete.png"></a>');
}
}
break;
case "config":
if ($_POST) {
check::empty_fields(array("password"));
if (!main::errors()) {
if (!is_numeric($postvar['p2hwarndate']) || !($postvar['p2hwarndate'] < 28)) {
main::errors("The P2H Warn date must be a number less than 28.<br>");
} else {
$dbh->updateConfig("p2hwarndate", $postvar['p2hwarndate']);
main::errors("Configuration updated.<br>");
}
}
}
$forum_config_array['WARNDATE'] = $dbh->config("p2hwarndate");
$manage_forums_array['CONTENT'] = style::replaceVar("tpl/admin/p2h/forum-config.tpl", $forum_config_array);
break;
}
echo style::replaceVar("tpl/admin/p2h/manage-forums.tpl", $manage_forums_array);
}
public function content()
{
global $dbh, $postvar, $getvar, $instance;
switch ($getvar['sub']) {
default:
if ($_POST['add']) {
$no_check_array = array("resellerport", "welcome", "nstmp", "passtoo", "resellerid");
check::empty_fields($no_check_array);
if (!main::errors()) {
$servers_insert = array("ip" => $postvar['ip'], "resellerport" => $postvar['resellerport'], "port" => $postvar['port'], "nameservers" => $postvar['nameservers'], "name" => $postvar['name'], "host" => $postvar['host'], "user" => $postvar['user'], "accesshash" => $postvar['hash'], "type" => $postvar['type'], "dnstemplate" => $postvar['nstmp'], "welcome" => $postvar['welcome'], "pass" => $postvar['pass'], "reseller_id" => $postvar['resellerid'], "https" => $postvar['https'], "apiport" => $postvar['apiport']);
$dbh->insert("servers", $servers_insert);
main::errors("Server has been added!");
}
}
if ($_POST['addtype'] || $_POST['add']) {
$serverfile = server::createServer(0, $postvar['type']);
$server_fields = $serverfile->acp_form();
$add_server_array['SERVER_FIELDS'] = $server_fields;
$add_server_array['TYPE'] = $postvar['type'];
echo style::replaceVar("tpl/admin/servers/add-server.tpl", $add_server_array);
break;
}
$files = main::folderFiles(INC . "/servers/");
foreach ($files as $value) {
include INC . "/servers/" . $value;
$fname = explode(".", $value);
$stype = new $fname[0]();
$values[] = array($stype->name, $fname[0]);
}
$server_type_array['TYPE'] = main::dropDown("type", $values, 0);
echo style::replaceVar("tpl/admin/servers/server-type.tpl", $server_type_array);
break;
case "view":
if (isset($getvar['do'])) {
$servers_query = $dbh->select("servers", array("id", "=", $getvar['do']), 0, 0, 1);
if ($dbh->num_rows($servers_query) == 0) {
echo "That server doesn't exist!";
} else {
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
$servers_update = array("name" => $postvar['name'], "host" => $postvar['host'], "reseller_id" => $postvar['resellerid'], "user" => $postvar['user'], "pass" => $postvar['pass'], "accesshash" => $postvar['hash'], "port" => $postvar['port'], "resellerport" => $postvar['resellerport'], "nameservers" => $postvar['nameservers'], "ip" => $postvar['ip'], "dnstemplate" => $postvar['nstmp'], "welcome" => $postvar['welcome'], "https" => $postvar['https'], "apiport" => $postvar['apiport']);
$dbh->update("servers", $servers_update, array("id", "=", $getvar['do']), 1);
//Server edit complete
main::done();
}
}
$servers_data = $dbh->fetch_array($servers_query);
$serverfile = server::createServer(0, $servers_data['type']);
$server_fields = $serverfile->acp_form($getvar['do']);
$edit_server_array['NAME'] = $servers_data['name'];
$edit_server_array['HOST'] = $servers_data['host'];
$edit_server_array['SERVERIP'] = $servers_data['ip'];
$edit_server_array['RESELLERPORT'] = $servers_data['resellerport'];
$edit_server_array['PORT'] = $servers_data['port'];
$edit_server_array['NAMESERVERS'] = $servers_data['nameservers'];
$edit_server_array['SERVER_FIELDS'] = $server_fields;
echo style::replaceVar("tpl/admin/servers/edit-server.tpl", $edit_server_array);
}
} else {
$servers_query = $dbh->select("servers");
if ($dbh->num_rows($servers_query) == 0) {
echo "There are no servers to view!";
} else {
echo "<ERRORS>";
while ($servers_data = $dbh->fetch_array($servers_query)) {
echo main::sub("<strong>" . $servers_data['name'] . "</strong>", '<a href="?page=servers&sub=view&do=' . $servers_data['id'] . '"><img src="' . URL . 'themes/icons/magnifier.png"></a>');
}
}
}
break;
case "delete":
if ($getvar['do']) {
$dbh->delete("servers", array("id", "=", $getvar['do']));
main::errors("Server Deleted!");
}
$servers_query = $dbh->select("servers");
if ($dbh->num_rows($servers_query) == 0) {
echo "There are no servers to delete!";
} else {
echo "<ERRORS>";
while ($servers_data = $dbh->fetch_array($servers_query)) {
echo main::sub("<strong>" . $servers_data['name'] . "</strong>", '<a href="?page=servers&sub=delete&do=' . $servers_data['id'] . '"><img src="' . URL . 'themes/icons/delete.png"></a>');
}
}
break;
case "test":
if (isset($getvar["do"])) {
$result = server::testConnection($getvar["do"]);
if ($result === true) {
echo '<div style="text-align:center;padding-top:10px;">' . style::notice(true, "Connected to the server successfully!") . "</div>";
} else {
echo '<div style="text-align:center;">' . style::notice(false, "Couldn't connect to the server...") . "</div>";
echo '<strong>Error:</strong><pre>' . (string) $result . '</pre>';
}
} else {
$servers_query = $dbh->select("servers");
if ($dbh->num_rows($servers_query) == 0) {
echo "There are no servers to view!";
} else {
echo "Caution: Some servers are set to automatically ban the IP address of this server (" . $_SERVER['SERVER_ADDR'] . ") after a certain number of failed logins.<br />";
while ($servers_data = $dbh->fetch_array($servers_query)) {
echo main::sub("<strong>" . $servers_data['name'] . "</strong>", '<a href="?page=servers&sub=test&do=' . $servers_data['id'] . '"><img src="' . URL . 'themes/icons/server_chart.png"></a>');
}
}
}
break;
case "status":
$server_status_array['EXTRA'] = '';
if (!main::canRun('shell_exec')) {
$server_status_array['EXTRA'] = 'Some statistics could not be provided because shell_exec has been disabled.<br>';
}
$server = $_SERVER['HTTP_HOST'];
$server_status_array['OS'] = php_uname();
$server_status_array['DISTRO'] = '';
if (php_uname('s') == 'Linux') {
$distro = main::getLinuxDistro();
if ($distro) {
$server_status_array['DISTRO'] = '<tr><td><strong>Linux Distro:</strong></td><td> ' . $distro . ' </td></tr>';
}
}
$server_status_array['SOFTWARE'] = getenv('SERVER_SOFTWARE');
$server_status_array['PHP_VERSION'] = phpversion();
$server_status_array['MYSQL_VERSION'] = '';
$mysqlVersion = $dbh->version();
if ($mysqlVersion) {
$server_status_array['MYSQL_VERSION'] = '<tr><td><strong>MySQL Version:</strong><br><br></td><td> ' . $mysqlVersion . ' <br><br></td></tr>';
}
$server_status_array['SERVER'] = $server;
echo style::replaceVar('tpl/admin/servers/server-status.tpl', $server_status_array);
break;
case "phpinfo":
echo server::show_phpinfo();
break;
}
}
public function content()
{
global $dbh, $postvar, $getvar, $instance;
switch ($getvar['sub']) {
default:
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
$subdomains_insert = array("domain" => $postvar['domain'], "server" => $postvar['server']);
$dbh->insert("subdomains", $subdomains_insert);
main::errors("Subdomain domain has been added!");
}
}
$servers_query = $dbh->select("servers");
if ($dbh->num_rows($servers_query) == 0) {
echo "There are no servers, you need to add a server first!";
return;
}
while ($servers_data = $dbh->fetch_array($servers_query)) {
$values[] = array($servers_data['name'], $servers_data['id']);
}
$add_subdomain_array['SERVER'] = main::dropDown("server", $values);
echo style::replaceVar("tpl/admin/subdomains/add-subdomain.tpl", $add_subdomain_array);
break;
case "edit":
if (isset($getvar['do'])) {
$subdomains_data = $dbh->select("subdomains", array("id", "=", $getvar['do']));
if (!$subdomains_data['id']) {
echo "That subdomain domain doesn't exist!";
} else {
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
$subdomains_update = array("domain" => $postvar['domain'], "server" => $postvar['server']);
$dbh->update("subdomains", $subdomains_update, array("id", "=", $getvar['do']));
//Subdomain added
main::done();
}
}
$edit_subdomain_array['DOMAIN'] = $subdomains_data['domain'];
$servers_query = $dbh->select("servers");
while ($servers_data = $dbh->fetch_array($servers_query)) {
$values[] = array($servers_data['name'], $servers_data['id']);
}
$edit_subdomain_array['SERVER'] = main::dropDown("server", $values, $servers_data['server']);
echo style::replaceVar("tpl/admin/subdomains/edit-subdomain.tpl", $edit_subdomain_array);
}
} else {
$subdomains_query = $dbh->select("subdomains");
if ($dbh->num_rows($subdomains_query) == 0) {
echo "There are no subdomain domains to edit!";
} else {
echo "<ERRORS>";
while ($subdomains_data = $dbh->fetch_array($subdomains_query)) {
echo main::sub("<strong>" . $subdomains_data['domain'] . "</strong>", '<a href="?page=sub&sub=edit&do=' . $subdomains_data['id'] . '"><img src="' . URL . 'themes/icons/pencil.png"></a>');
}
}
}
break;
case "delete":
if (isset($getvar['do'])) {
$dbh->delete("subdomains", array("id", "=", $getvar['do']));
main::errors("Subdomain Deleted!");
}
$subdomains_query = $dbh->select("subdomains");
if ($dbh->num_rows($subdomains_query) == 0) {
echo "There are no subdomain domains to delete!";
} else {
echo "<ERRORS>";
while ($subdomains_data = $dbh->fetch_array($subdomains_query)) {
echo main::sub("<strong>" . $subdomains_data['domain'] . "</strong>", '<a href="?page=sub&sub=delete&do=' . $subdomains_data['id'] . '"><img src="' . URL . 'themes/icons/delete.png"></a>');
}
}
break;
}
}
private function MassMailClients()
{
global $dbh, $postvar, $getvar, $instance;
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
$users_query = $dbh->select("users");
while ($users_data = $dbh->fetch_array($users_query)) {
$result = email::send($users_data['email'], $postvar['msgsubject'], $postvar['msgcontent']);
if (!$result) {
$error = true;
}
}
if (!$error) {
main::errors("The email has been sent to all your clients.");
} else {
main::errors("Houston, you have problems. Check the THT Log to find out what all went wrong.");
}
}
}
echo style::replaceVar("tpl/admin/mail/mass-email.tpl");
}
public function content()
{
global $dbh, $postvar, $getvar, $instance;
switch ($getvar['sub']) {
default:
if ($_POST['add']) {
$no_check_array = array("admin", "groupid", "sendwelcome", "welcomesubject", "welcomebody");
check::empty_fields($no_check_array);
$ZserverID = $postvar['server'];
unset($where);
$where[] = array("id", "=", $ZserverID, "AND");
$where[] = array("type", "=", "zpanel");
$servers_query = $dbh->select("servers", $where, 0, 0, 1);
if ($dbh->num_rows($servers_query) == 1) {
$zpanel_srv = 1;
}
//Hack to make sure the Group ID isn't 0 on ZPanel
if ($zpanel_srv && ($postvar["groupid"] == 0 || $postvar["backend"] == 0)) {
main::errors(" ZPanel server packages must include a Group ID for the package and the a backend package ID that's greater than 0. See the info bubbles for help.");
}
if ($postvar["monthly"] && !is_numeric($postvar["monthly"]) || $postvar["signup"] && !is_numeric($postvar["signup"])) {
main::errors("Please enter a positive number for the cost or posts fields.");
}
if (!main::errors()) {
$not_additional_array = array("add", "name", "backend", "description", "type", "server", "admin", "groupid", "sendwelcome", "welcomesubject", "welcomebody", $GLOBALS['csrf']['input-name']);
foreach ($postvar as $key => $value) {
if (!in_array($key, $not_additional_array)) {
if ($n) {
$additional .= ",";
}
$additional .= $key . "=" . str_replace(array(" ", ","), array("", "."), $value);
$n++;
}
}
$packages_insert = array("name" => $postvar['name'], "backend" => $postvar['backend'], "description" => $postvar['description'], "type" => $postvar['type'], "server" => $postvar['server'], "admin" => $postvar['admin'], "is_hidden" => $postvar['hidden'], "is_disabled" => $postvar['disabled'], "additional" => $additional, "reseller" => $postvar['reseller'], "groupid" => $postvar['groupid'], "send_email" => $postvar['sendwelcome'], "email_subject" => $postvar['welcomesubject'], "email_body" => $postvar['welcomebody']);
$dbh->insert("packages", $packages_insert);
main::errors("Package has been added!<br>");
}
}
if ($_POST['packserver'] || $_POST['add']) {
$servers_data = $dbh->select("servers", array("id", "=", $postvar['server']), 0, "1");
$serverfile = server::createServer(0, $servers_data['type']);
$package_fields = $serverfile->acp_packages_form();
$add_package_array['TYPE_FORM'] = type::acpPadd($postvar['type']);
$add_package_array['TYPE'] = $postvar['type'];
$add_package_array['PACKAGES_FIELDS'] = $package_fields;
$add_package_array['SERVER'] = $postvar['server'];
echo style::replaceVar("tpl/admin/packages/add-package.tpl", $add_package_array);
break;
}
$servers_query = $dbh->select("servers");
if ($dbh->num_rows($servers_query) == 0) {
echo "There are no servers, you need to add a server first!";
return;
}
while ($servers_data = $dbh->fetch_array($servers_query)) {
$values[] = array($servers_data['name'], $servers_data['id']);
}
$p2h_query = $dbh->select("p2h");
$p2h_data = $dbh->num_rows($p2h_query);
if ($p2h_data != "0") {
$package_server_array['P2HOPTION'] = '<option value="p2h">Post 2 Host</option>';
} else {
$package_server_array['P2HOPTION'] == "";
}
$package_server_array['SERVER'] = main::dropDown("server", $values);
echo "This will only add the package to THT, not create the package on the backend for you.<br><br>";
echo style::replaceVar("tpl/admin/packages/package-server.tpl", $package_server_array);
break;
case "edit":
if (isset($getvar['do'])) {
$packages_query = $dbh->select("packages", array("id", "=", $getvar['do']), 0, 0, 1);
if ($dbh->num_rows($packages_query) == 0) {
echo "That package doesn't exist!";
} else {
if ($_POST) {
$no_check_array = array("admin", "groupid", "sendwelcome", "welcomesubject", "welcomebody");
check::empty_fields($no_check_array);
$ZserverID = $postvar['server'];
unset($where);
$where[] = array("id", "=", $ZserverID, "AND");
$where[] = array("type", "=", "zpanel");
$servers_query = $dbh->select("servers", $where, 0, 0, 1);
if ($dbh->num_rows($servers_query) == 1) {
$zpanel_srv = 1;
}
//Hack to make sure the Group ID isn't 0 on ZPanel
if ($zpanel_srv && ($postvar["groupid"] == 0 || $postvar["backend"] == 0)) {
main::errors(" ZPanel server packages must include a Group ID for the package and the a backend package ID that's greater than 0. See the info bubbles for help.");
}
if ($postvar["monthly"] && !is_numeric($postvar["monthly"]) || $postvar["signup"] && !is_numeric($postvar["signup"])) {
main::errors("Please enter a positive number for the cost or posts fields.");
}
if (!main::errors()) {
$not_additional_array = array("edit", "name", "backend", "description", "type", "server", "admin", "groupid", "sendwelcome", "welcomesubject", "welcomebody", $GLOBALS['csrf']['input-name']);
foreach ($postvar as $key => $value) {
if (!in_array($key, $not_additional_array)) {
if ($n) {
$additional .= ",";
}
$additional .= $key . "=" . str_replace(array(" ", ","), array("", "."), $value);
$n++;
}
}
if ($postvar['sendwelcome'] && (!$postvar['welcomesubject'] || !$postvar['welcomebody'])) {
$serverid = $postvar['server'];
$server_type_data = $dbh->select("servers", array("id", "=", $serverid));
$server_type = $server_type_data['type'];
if ($server_type == "zpanel") {
include INC . "/servers/" . $server_type . ".php";
$server = new $server_type();
$server_subject_def = server::email_subject;
$server_body_def = server::email_body;
if (!$postvar['welcomesubject']) {
$postvar['welcomesubject'] = $server_subject_def;
}
if (!$postvar['welcomebody']) {
$postvar['welcomebody'] = $server_body_def;
}
}
}
$packages_update = array("name" => $postvar['name'], "backend" => $postvar['backend'], "description" => $postvar['description'], "server" => $postvar['server'], "admin" => $postvar['admin'], "additional" => $additional, "reseller" => $postvar['reseller'], "is_hidden" => $postvar['hidden'], "is_disabled" => $postvar['disabled'], "type" => $postvar['type'], "groupid" => $postvar['groupid'], "send_email" => $postvar['sendwelcome'], "email_subject" => $postvar['welcomesubject'], "email_body" => $postvar['welcomebody']);
$dbh->update("packages", $packages_update, array("id", "=", $getvar['do']));
//Package edit complete.
main::done();
}
}
$packages_data = $dbh->fetch_array($packages_query);
$edit_package_array['BACKEND'] = $packages_data['backend'];
$edit_package_array['DESCRIPTION'] = $packages_data['description'];
$edit_package_array['NAME'] = $packages_data['name'];
$edit_package_array['URL'] = $dbh->config("url");
$edit_package_array['ID'] = $packages_data['id'];
if ($packages_data['admin'] == 1) {
$edit_package_array['ADMIN_CHECKED'] = 'checked="checked"';
} else {
$edit_package_array['ADMIN_CHECKED'] = "";
}
if ($packages_data['reseller'] == 1) {
$edit_package_array['RESELLER_CHECKED'] = 'checked="checked"';
} else {
$edit_package_array['RESELLER_CHECKED'] = "";
}
if ($packages_data['is_hidden'] == 1) {
$edit_package_array['HIDDEN_CHECKED'] = 'checked="checked"';
} else {
$edit_package_array['HIDDEN_CHECKED'] = "";
}
if ($packages_data['is_disabled'] == 1) {
$edit_package_array['DISABLED_CHECKED'] = 'checked="checked"';
} else {
$edit_package_array['DISABLED_CHECKED'] = "";
}
$serverfile = server::createServer($getvar['do']);
$package_fields = $serverfile->acp_packages_form($getvar['do']);
$edit_package_array['PACKAGES_FIELDS'] = $package_fields;
$p2h_query = $dbh->select("p2h");
$p2h_data = $dbh->num_rows($p2h_query);
$edit_package_array['TYPE'] = $packages_data['type'];
$additional = $packages_data['additional'];
$edit_package_array['TYPE_FORM'] = type::acpPedit($packages_data['type'], $additional, $packages_data['type']);
if ($packages_data['type'] == "p2h" && $p2h_data == "0") {
$edit_package_array['TYPE_FORM'] = "";
}
$servers_query = $dbh->select("servers");
while ($servers_data = $dbh->fetch_array($servers_query)) {
$values[] = array($servers_data['name'], $servers_data['id']);
}
$edit_package_array['SERVER'] = $packages_data['server'];
echo "This will only edit the package on THT, not edit the package on the backend for you.<br><br>";
echo style::replaceVar("tpl/admin/packages/edit-package.tpl", $edit_package_array);
}
} else {
$packages_query = $dbh->select("packages");
if ($dbh->num_rows($packages_query) == 0) {
echo "There are no packages to edit!";
} else {
echo "<ERRORS>";
while ($packages_data = $dbh->fetch_array($packages_query)) {
echo main::sub("<strong>" . $packages_data['name'] . "</strong>", '<a href="?page=packages&sub=edit&do=' . $packages_data['id'] . '"><img src="' . URL . 'themes/icons/pencil.png"></a>');
$n++;
}
}
}
break;
case "delete":
if ($getvar['do']) {
$dbh->delete("packages", array("id", "=", $getvar['do']));
main::errors("Package has been Deleted.<br>");
}
$packages_query = $dbh->select("packages");
if ($dbh->num_rows($packages_query) == 0) {
echo "There are no packages to delete.";
} else {
echo "<ERRORS>This will only delete the package on THT, not delete the package on the backend for you.<br><br>";
while ($packages_data = $dbh->fetch_array($packages_query)) {
echo main::sub("<strong>" . $packages_data['name'] . "</strong>", '<a href="?page=packages&sub=delete&do=' . $packages_data['id'] . '"><img src="' . URL . 'themes/icons/delete.png"></a>');
$n++;
}
}
break;
}
}
echo '</div>';
$html_buff = ob_get_contents();
ob_clean();
return $html_buff;
}
if (!$_SESSION['logged']) {
if ($_SESSION['clogged'] || $_SESSION['cuser']) {
session_destroy();
main::redirect("?page=home");
}
if ($getvar['page'] == "forgotpass") {
define("SUB", "Reset Password");
define("INFO", SUB);
echo style::get("header.tpl");
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
$user = $postvar['user'];
$user_email = $postvar['email'];
unset($where);
$where[] = array("user", "=", $user, "AND");
$where[] = array("email", "=", $user_email);
$find_staff_query = $dbh->select("staff", $where, 0, 0, 1);
if ($dbh->num_rows($find_staff_query) == 0) {
main::errors("That account doesn't exist!");
} else {
$curstaff = $dbh->fetch_array($find_staff_query);
$password = rand(0, 999999);
$salt = crypto::salt();
$newpass = crypto::passhash($password, $salt);
$update_staff = array("password" => $newpass, "salt" => $salt);
public function content()
{
global $dbh, $postvar, $getvar, $instance;
if ($getvar['mode'] == 'ticketsall') {
$no_tickets_msg = "You currently have no tickets.";
$view_mode_text = "<center><i><u><a href=\"?page=tickets\" title=\"View open tickets\">View open tickets</a></u></i></center>";
} else {
$where[] = array("status", "!=", "3", "AND");
$no_tickets_msg = "You currently have no new tickets! <i><u><a href=\"?page=tickets&mode=ticketsall\" title=\"View all tickets.\">View all tickets</a></u></i>";
$view_mode_text = "<center><i><u><a href=\"?page=tickets&mode=ticketsall\" title=\"View all tickets\">View all tickets</a></u></i></center>";
}
if (!$getvar['do']) {
$where[] = array("reply", "=", "0");
$tickets_query = $dbh->select("tickets", $where, array("time", "DESC"), 0, 1);
if (!$dbh->num_rows($tickets_query)) {
echo $no_tickets_msg;
} else {
if ($getvar['mode'] == 'ticketsall') {
echo "<div style=\"display: none;\" id=\"nun-tickets\">You currently have no tickets!</div>";
} else {
echo "<div style=\"display: none;\" id=\"nun-tickets\">You currently have no new tickets!</div>";
}
$num_rows = $dbh->num_rows($tickets_query);
echo style::replaceVar("tpl/admin/tickets/tickets-js.tpl", array('NUM_TICKETS' => $num_rows));
while ($tickets_data = $dbh->fetch_array($tickets_query)) {
$ticket_view_box_array['TITLE'] = $tickets_data['title'];
$ticket_view_box_array['UPDATE'] = $this->lastUpdated($tickets_data['id']);
$ticket_view_box_array['STATUS'] = $tickets_data['status'];
$ticket_view_box_array['STATUSMSG'] = $this->status($tickets_data['status']);
$ticket_view_box_array['ID'] = $tickets_data['id'];
$ticket_view_box_array['URGENCYTEXT'] = $tickets_data['urgency'];
$ticket_view_box_array['URGENCY_CLASS'] = strtolower(str_replace(" ", "_", $tickets_data['urgency']));
echo style::replaceVar("tpl/admin/tickets/ticket-view-box.tpl", $ticket_view_box_array);
}
echo $view_mode_text;
}
} else {
unset($where);
$where[] = array("id", "=", $getvar['do'], "OR");
$where[] = array("ticketid", "=", $getvar['do']);
$tickets_query = $dbh->select("tickets", $where, array("time", "ASC"), 0, 1);
if (!$dbh->num_rows($tickets_query)) {
echo "That ticket doesn't exist!";
} else {
if ($_POST) {
check::empty_fields(array("admin"));
if (!main::errors()) {
$time = time();
$tickets_insert = array("title" => $postvar['title'], "content" => $postvar['content'], "time" => $time, "userid" => $_SESSION['user'], "reply" => "1", "ticketid" => $getvar['do'], "staff" => "1");
$dbh->insert("tickets", $tickets_insert);
main::errors("Reply has been added!");
$last_ticket_data = $dbh->select("tickets", array("time", "=", $time), 0, "1");
$tickets_data = $dbh->fetch_array($tickets_query);
$client = $dbh->staff($_SESSION['user']);
$user = $dbh->client($tickets_data['userid']);
$template = email::emailTemplate("ticket-staff-responded");
$clientresponse_array['TITLE'] = $tickets_data['title'];
$clientresponse_array['STAFF'] = $client['name'];
$clientresponse_array['CONTENT'] = $postvar['content'];
$clientresponse_array['LINK'] = $dbh->config("url") . "/client/?page=tickets&sub=view&do=" . $last_ticket_data['ticketid'];
email::send($user['email'], $template['subject'], $template['content'], $clientresponse_array);
main::redirect("?page=tickets&sub=view&do=" . $getvar['do']);
}
}
$tickets_data = $dbh->fetch_array($tickets_query);
$view_ticket_array['AUTHOR'] = $this->determineAuthor($tickets_data['userid'], $tickets_data['staff']);
$view_ticket_array['TIME'] = main::convertdate("n/d/Y - g:i A", $tickets_data['time']);
$view_ticket_array['NUMREPLIES'] = $dbh->num_rows($tickets_query) - 1;
$view_ticket_array['UPDATED'] = $this->lastUpdated($tickets_data['id']);
$view_ticket_array['ORIG'] = $this->showReply($tickets_data['id']);
$view_ticket_array['URGENCY'] = $tickets_data['urgency'];
$view_ticket_array['STATUS'] = $this->status($tickets_data['status']);
switch ($tickets_data['status']) {
case "1":
$view_ticket_array['STATUSCOLOR'] = "779500";
break;
case "2":
$view_ticket_array['STATUSCOLOR'] = "FF9500";
break;
case "3":
$view_ticket_array['STATUSCOLOR'] = "FF0000";
break;
default:
$view_ticket_array['STATUSCOLOR'] = "000000";
break;
}
$view_ticket_array['REPLIES'] = "";
$n = 0;
while ($reply = $dbh->fetch_array($tickets_query)) {
if (!$n) {
$view_ticket_array['REPLIES'] .= "<br /><b>Replies</b>";
}
$view_ticket_array['REPLIES'] .= $this->showReply($reply['id']);
$n++;
}
$view_ticket_array['ADDREPLY'] .= "<br /><b>Change Ticket Status</b>";
$values[] = array("Open", 1);
$values[] = array("On Hold", 2);
$values[] = array("Closed", 3);
$change_status_array['DROPDOWN'] = main::dropdown("status", $values, $tickets_data['status'], 0);
$change_status_array['ID'] = $tickets_data['id'];
$view_ticket_array['ADDREPLY'] .= style::replaceVar("tpl/tickets/change-status.tpl", $change_status_array);
$view_ticket_array['ADDREPLY'] .= "<br /><b>Add Reply</b>";
$add_reply_array['TITLE'] = "RE: " . $tickets_data['title'];
$view_ticket_array['ADDREPLY'] .= style::replaceVar("tpl/tickets/add-reply.tpl", $add_reply_array);
echo style::replaceVar("tpl/tickets/view-ticket.tpl", $view_ticket_array);
}
}
}
private function edit_article()
{
global $dbh, $postvar, $getvar, $instance;
$cats_query = $dbh->select("cats");
if (!$dbh->num_rows($cats_query)) {
echo "You need to add a category before you add an article.";
return;
}
if ($_POST['edit']) {
check::empty_fields();
if (!main::errors()) {
$articles_update = array("name" => $postvar['editname'], "content" => $postvar['editdescription'], "catid" => $postvar['catid']);
$dbh->update("articles", $articles_update, array("id", "=", $getvar['id']));
main::errors("Article Edited!");
}
}
if ($getvar['del']) {
$dbh->delete("articles", array("id", "=", $getvar['del']));
main::errors("Article Deleted!");
}
if (main::isint($getvar['categoryid'])) {
$show_cat[] = array("catid", "=", $getvar['categoryid']);
}
if (!main::isint($getvar['id'])) {
$list_articles_array['BOXES'] = "";
$articles_query = $dbh->select("articles", $show_cat, 0, 0, 1);
if ($dbh->num_rows($articles_query)) {
while ($articles_data = $dbh->fetch_array($articles_query)) {
$edit_article_box_array['NAME'] = $articles_data['name'];
$edit_article_box_array['ID'] = $articles_data['id'];
$list_articles_array['BOXES'] .= style::replaceVar("tpl/admin/kb/edit-article-box.tpl", $edit_article_box_array);
}
}
echo style::replaceVar("tpl/admin/kb/list-articles.tpl", $list_articles_array);
} else {
$cats_query = $dbh->select("cats");
while ($cat = $dbh->fetch_array($cats_query)) {
$values[] = array($cat['name'], $cat['id']);
}
$article_data = $dbh->select("articles", array("id", "=", $getvar['id']), 0, "1");
$edit_article_array['NAME'] = $article_data['name'];
$edit_article_array['DESCRIPTION'] = $article_data['content'];
$edit_article_array['DROPDOWN'] = main::dropDown("catid", $values, $article_data['catid']);
echo style::replaceVar("tpl/admin/kb/edit-article.tpl", $edit_article_array);
}
}
public function content()
{
global $dbh, $postvar, $getvar, $instance;
switch ($getvar['sub']) {
default:
if ($_POST) {
$no_check_fields = array("last_tld_update", "otherdefault");
check::empty_fields($no_check_fields);
if ($postvar['url'] && substr($postvar['url'], -1, 1) != "/") {
$postvar['url'] = $postvar['url'] . "/";
}
if ($postvar['default_page'] && $postvar['default_page'] == "-other-") {
if (!$postvar['otherdefault']) {
main::errors("Please enter the default directory to redirect to.");
} else {
if (is_dir("../" . $postvar['otherdefault'])) {
$postvar['default_page'] = $postvar['otherdefault'];
} else {
main::errors("The default directory entered does not exist.");
}
}
}
if ($postvar['last_tld_update'] == "never") {
$dbh->updateConfig("last_tld_update", "never");
} else {
unset($postvar['last_tld_update']);
}
if (!main::errors()) {
foreach ($postvar as $key => $value) {
$dbh->updateConfig($key, $value);
}
main::errors("Settings Updated!");
}
}
$general_settings_array['NAME'] = $dbh->config("name");
$general_settings_array['URL'] = $dbh->config("url");
$general_settings_array['RECURL'] = $_SERVER['HTTP_HOST'];
$values[] = array("Order Form", "order");
$values[] = array("Client Area", "client");
$values[] = array("Knowledge Base", "support");
$values[] = array("Other", "-other-");
if ($dbh->config('default_page') != ADMINDIR && $dbh->config('default_page') != "order" && $dbh->config('default_page') != "client") {
$general_settings_array['DEFAULT_PAGE'] = main::dropDown("default_page", $values, "-other-");
$general_settings_array['OTHERDEFAULT'] = $dbh->config('default_page');
} else {
$general_settings_array['OTHERDEFAULT'] = "";
$general_settings_array['DEFAULT_PAGE'] = main::dropDown('default_page', $values, $dbh->config('default_page'));
}
$IANA_queue_values[] = array("No", "");
$IANA_queue_values[] = array("Yes", "never");
$general_settings_array['QUEUE_IANA'] = main::dropDown("last_tld_update", $IANA_queue_values, $dbh->config("last_tld_update"));
$general_settings_array['TLD_UPDATE_DAYS'] = $dbh->config("tld_update_days");
echo style::replaceVar("tpl/admin/settings/general-settings.tpl", $general_settings_array);
break;
case "security":
//security settings
if ($_POST) {
check::empty_fields();
if (!check::email($postvar['email_for_cron'], 0, 0, 1)) {
main::errors("Please verify that the email you're using for cron output is of a valid format.");
}
if (!main::errors()) {
foreach ($postvar as $key => $value) {
$dbh->updateConfig($key, $value);
}
main::errors("Settings Updated!");
}
}
$values[] = array("Yes", "1");
$values[] = array("No", "0");
$security_settings_array['SHOW_VERSION_ID'] = main::dropDown("show_version_id", $values, $dbh->config("show_version_id"));
$security_settings_array['SHOW_PAGE_GENTIME'] = main::dropDown("show_page_gentime", $values, $dbh->config("show_page_gentime"));
$security_settings_array['SHOW_FOOTER'] = main::dropDown("show_footer", $values, $dbh->config("show_footer"));
$security_settings_array['SHOW_ERRORS'] = main::dropDown("show_errors", $values, $dbh->config("show_errors"));
$security_settings_array['EMAIL_ON_CRON'] = main::dropDown("emailoncron", $values, $dbh->config("emailoncron"));
$security_settings_array['EMAIL_FOR_CRON'] = $dbh->config("email_for_cron");
$security_settings_array['SESSION_TIMEOUT'] = $dbh->config("session_timeout");
echo style::replaceVar("tpl/admin/settings/security-settings.tpl", $security_settings_array);
break;
case "tos":
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
$dbh->updateConfig("tos", $postvar['tos']);
main::errors("Settings Updated!");
}
}
$tos_array['TOS'] = $dbh->config("tos");
echo style::replaceVar("tpl/admin/settings/tos.tpl", $tos_array);
break;
case "signup":
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
foreach ($postvar as $key => $value) {
$dbh->updateConfig($key, $value);
}
main::errors("Settings Updated!");
}
}
$values[] = array("Enabled", "1");
$values[] = array("Disabled", "0");
$signup_settings_array['MULTIPLE'] = main::dropDown("multiple", $values, $dbh->config("multiple"));
$signup_settings_array['TLDONLY'] = main::dropDown("tldonly", $values, $dbh->config("tldonly"));
$signup_settings_array['GENERAL'] = main::dropDown("general", $values, $dbh->config("general"));
$signup_settings_array['MESSAGE'] = $dbh->config("message");
echo style::replaceVar("tpl/admin/settings/signup-settings.tpl", $signup_settings_array);
break;
case "client":
if ($_POST) {
$no_check_fields = array("alerts");
check::empty_fields($no_check_fields);
if (!main::errors()) {
foreach ($postvar as $key => $value) {
$dbh->updateConfig($key, $value);
}
main::errors("Settings Updated!");
}
}
$values[] = array("Enabled", "1");
$values[] = array("Disabled", "0");
$client_area_settings_array['DELACC'] = main::dropDown("delacc", $values, $dbh->config("delacc"));
$client_area_settings_array['ENABLED'] = main::dropDown("cenabled", $values, $dbh->config("cenabled"));
$client_area_settings_array['ALERTS'] = $dbh->config("alerts");
echo style::replaceVar("tpl/admin/settings/client-area-settings.tpl", $client_area_settings_array);
break;
case "support":
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
foreach ($postvar as $key => $value) {
$dbh->updateConfig($key, $value);
}
main::errors("Settings Updated!");
}
}
$values[] = array("Enabled", "1");
$values[] = array("Disabled", "0");
$support_settings_array['ENABLED'] = main::dropDown("senabled", $values, $dbh->config("senabled"));
$support_settings_array['MESSAGE'] = $dbh->config("smessage");
echo style::replaceVar("tpl/admin/settings/support-settings.tpl", $support_settings_array);
break;
case "email":
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
foreach ($postvar as $key => $value) {
$dbh->updateConfig($key, $value);
}
main::errors("Settings Updated!");
}
}
$values[] = array("PHP Mail", "php");
$values[] = array("SMTP", "smtp");
$email_settings_array['METHOD'] = main::dropDown("emailmethod", $values, $dbh->config("emailmethod"), 0);
$email_settings_array['EMAILFROM'] = $dbh->config("emailfrom");
$email_settings_array['SMTP_HOST'] = $dbh->config("smtp_host");
$email_settings_array['SMTP_USER'] = $dbh->config("smtp_user");
$email_settings_array['SMTP_PASS'] = $dbh->config("smtp_password");
$email_settings_array['SMTP_PORT'] = $dbh->config("smtp_port");
echo style::replaceVar("tpl/admin/settings/email-settings.tpl", $email_settings_array);
break;
}
}
public function validate_admin_form($add_edit)
{
global $dbh, $postvar, $getvar, $instance;
$no_check_fields = array("monthsgoodfor", "expiredate", "limitedcoupons", "unlimitedcoupons", "neverexpire", "username", "paiddisc", "p2hinitdisc", "p2hmonthlydisc", "coupid");
check::empty_fields($no_check_fields);
if (!main::errors()) {
$postvar = $postvar;
$coupon_code_check = self::coupon_data($postvar['coupcode']);
if (!empty($coupon_code_check) && $add_edit == 'add') {
$error = "The coupon code already exists in the database.<br>";
}
if (is_numeric($postvar['coupcode'])) {
$error = "The coupon code cannot be fully numeric.<br>";
}
if ($postvar['unlimitedcoupons']) {
$postvar['limitedcoupons'] = "";
} else {
if (!main::isint($postvar['limitedcoupons'])) {
$error = "Please enter the number of times the coupon may be used or check unlimited.<br>";
} elseif ($postvar['limitedcoupons'] <= 0) {
$error = "Please enter a number greater than 0 for the number of times the coupon may be used or check unlimited.<br>";
}
}
if ($postvar['goodfor'] == 'months' && (!$postvar['monthsgoodfor'] || !main::isint($postvar['monthsgoodfor']))) {
$error .= "Please specify the number of months the coupon is good for when applied. The months must not be specified as a decimal.<br>";
} else {
if ($postvar['goodfor'] != 'months') {
unset($postvar['monthsgoodfor']);
}
}
if (!$postvar['expiredate'] && !$postvar['neverexpire']) {
$error .= "Please enter an expiration date or check the box for never expire.<br>";
}
if (!$postvar['packages'] && !$postvar['allpacks']) {
$error .= "Please choose packages for this coupon or check the box for all packages.<br>";
}
if ($postvar['expiredate'] && !$postvar['neverexpire']) {
$date_blowed_up = explode("/", $postvar['expiredate']);
if (count($date_blowed_up) != 3 || !main::isint($date_blowed_up[0]) || !main::isint($date_blowed_up[1]) || !main::isint($date_blowed_up[2]) || strlen($date_blowed_up[0]) != 2 || strlen($date_blowed_up[1]) != 2 || strlen($date_blowed_up[2]) != 4 || $date_blowed_up[0] > 12 || $date_blowed_up[1] > 31) {
$error .= "Please enter a valid expiration date in the format MM/DD/YYYY or check the box to have the coupon never expire.<br>";
}
}
if ($postvar['userselect'] == 'newuser' && !$postvar['username']) {
$error .= "Please enter the new user's username who should be allowed to use this coupon.<br>";
}
if (!$postvar['paiddisc'] && !$postvar['p2hinitdisc'] && !$postvar['p2hmonthlydisc']) {
$error .= "You must enter the paid discount amount or you must enter the P2H initial discount and/or the P2H monthly discount.<br>";
} else {
if (!$postvar['paiddisc']) {
$postvar['paiddisc'] = "0";
$postvar['paidtype'] = "0";
}
if (!$postvar['p2hinitdisc']) {
$postvar['p2hinitdisc'] = "0";
$postvar['p2hinittype'] = "0";
}
if (!$postvar['p2hmonthlydisc']) {
$postvar['p2hmonthlydisc'] = "0";
$postvar['p2hmonthlytype'] = "0";
}
$postvar['paiddisc'] = str_replace(array(" ", ","), array("", "."), $postvar['paiddisc']);
if (!is_numeric($postvar['paiddisc'])) {
$error .= "The paid discount amount must be given as a number for paid packages. (Ex. 1.99)<br>";
}
if (!main::isint($postvar['p2hinitdisc']) || !main::isint($postvar['p2hmonthlydisc'])) {
$error .= "The P2H post discounts must be given as a whole number for p2h packages.<br>";
}
}
if (!$error) {
if ($postvar['neverexpire']) {
$postvar['expiredate'] = "99/99/9999";
}
if ($postvar['userselect'] == 'newuser') {
$postvar['userselect'] = $postvar['username'];
}
if ($postvar['allpacks']) {
$postvar['packages'] = "all";
$packages_query = $dbh->select("packages", array("type", "!=", "free"), 0, 0, 1);
while ($packages_data = $dbh->fetch_array($packages_query)) {
$packtype .= $packages_data['type'] . ",";
}
} else {
foreach ($postvar['packages'] as $key => $val) {
$packs .= $val . ",";
$packtype .= type::packagetype($val) . ",";
}
$postvar['packages'] = substr($packs, 0, -1);
}
if (substr_count($packtype, "paid") && $postvar['paiddisc'] == "0") {
$error .= "You selected at least one paid package. Please enter a discount amount greater than 0 for the paid discount field.<br>";
}
if (substr_count($packtype, "p2h") && $postvar['p2hinitdisc'] == "0" && $postvar['p2hmonthlydisc'] == "0") {
$error .= "You selected at least one p2h package. Please enter a discount amount greater than 0 for at least one of the post discount fields.<br>";
}
if (substr_count($packtype, "paid") && !substr_count($packtype, "p2h")) {
$postvar['p2hinitdisc'] = "0";
$postvar['p2hmonthlydisc'] = "0";
$postvar['p2hinittype'] = "0";
$postvar['p2hmonthlytype'] = "0";
}
if (!substr_count($packtype, "paid") && substr_count($packtype, "p2h")) {
$postvar['paiddisc'] = "0";
$postvar['paidtype'] = "0";
}
if (!$error) {
if ($add_edit == "add") {
$coupons_insert = array("paidtype" => $postvar['paidtype'], "p2hinittype" => $postvar['p2hinittype'], "p2hmonthlytype" => $postvar['p2hmonthlytype'], "limited" => $postvar['limitedcoupons'], "coupname" => $postvar['name'], "shortdesc" => $postvar['shortdesc'], "coupcode" => $postvar['coupcode'], "area" => $postvar['area'], "goodfor" => $postvar['goodfor'], "monthsgoodfor" => $postvar['monthsgoodfor'], "expiredate" => $postvar['expiredate'], "user" => $postvar['userselect'], "packages" => $postvar['packages'], "paiddisc" => $postvar['paiddisc'], "p2hinitdisc" => $postvar['p2hinitdisc'], "p2hmonthlydisc" => $postvar['p2hmonthlydisc']);
$dbh->insert("coupons", $coupons_insert);
$error = "The coupon has been added successfully!";
} else {
$coupons_update = array("paidtype" => $postvar['paidtype'], "p2hinittype" => $postvar['p2hinittype'], "p2hmonthlytype" => $postvar['p2hmonthlytype'], "limited" => $postvar['limitedcoupons'], "coupname" => $postvar['name'], "shortdesc" => $postvar['shortdesc'], "coupcode" => $postvar['coupcode'], "area" => $postvar['area'], "goodfor" => $postvar['goodfor'], "monthsgoodfor" => $postvar['monthsgoodfor'], "expiredate" => $postvar['expiredate'], "user" => $postvar['userselect'], "packages" => $postvar['packages'], "paiddisc" => $postvar['paiddisc'], "p2hinitdisc" => $postvar['p2hinitdisc'], "p2hmonthlydisc" => $postvar['p2hmonthlydisc']);
$dbh->update("coupons", $coupons_update, array("id", "=", $add_edit), "1");
$error = "The coupon has been edited successfully!";
}
}
}
}
return $error;
}
public function acpPage()
{
global $dbh, $postvar, $getvar, $instance;
if ($_POST) {
check::empty_fields(array("password", "paypalsandemail"));
if (!main::errors()) {
if (is_numeric($postvar['susdays']) && is_numeric($postvar['termdays'])) {
$dbh->updateConfig("suspensiondays", $postvar['susdays']);
$dbh->updateConfig("terminationdays", $postvar['termdays']);
$dbh->updateConfig("currency", $postvar['currency']);
$dbh->updateConfig("currency_format", $postvar['currency_format']);
$dbh->updateConfig("paypalemail", $postvar['paypalemail']);
$dbh->updateConfig("paypalmode", $postvar['paypalmode']);
$dbh->updateConfig("paypalsandemail", $postvar['paypalsandemail']);
main::errors("Values have been updated!");
} else {
main::errors("Please enter a valid value!");
}
}
}
$currency_values[] = array("Pound Sterling", "GBP");
$currency_values[] = array("US Dollars", "USD");
$currency_values[] = array("Australian Dollars", "AUD");
$currency_values[] = array("Canadian Dollars", "CAD");
$currency_values[] = array("Euros", "EUR");
$currency_values[] = array("Yen", "JPY");
$currency_values[] = array("New Zealand Dollar", "NZD");
$currency_values[] = array("Swiss Franc", "CHF");
$currency_values[] = array("Hong Kong Dollar", "HKD");
$currency_values[] = array("Singapore Dollar", "SGD");
$currency_values[] = array("Swedish Krona", "SEK");
$currency_values[] = array("Danish Krone", "DKK");
$currency_values[] = array("Polish Zloty", "PLN");
$currency_values[] = array("Norwegian Krone", "NOK");
$currency_values[] = array("Hungarian Forint", "HUF");
$currency_values[] = array("Czech Koruna", "CZK");
$currency_values[] = array("Israeli Shekel", "ILS");
$currency_values[] = array("Mexican Peso", "MXN");
$paypal_values[] = array("Live", "live");
$paypal_values[] = array("Sandbox", "sandbox");
$currency_format_values[] = array("1,000.99", ".");
$currency_format_values[] = array("1 000,99", ",");
$paid_configuration_array['CURRENCY'] = main::dropDown("currency", $currency_values, $dbh->config("currency"));
$paid_configuration_array['CURRENCY_FORMAT'] = main::dropDown("currency_format", $currency_format_values, $dbh->config("currency_format"));
$paid_configuration_array['PAYPALMODE'] = main::dropDown("paypalmode", $paypal_values, $dbh->config("paypalmode"));
$paid_configuration_array['PAYPALSANDEMAIL'] = $dbh->config("paypalsandemail");
$paid_configuration_array['SUSDAYS'] = $dbh->config("suspensiondays");
$paid_configuration_array['TERDAYS'] = $dbh->config("terminationdays");
$paid_configuration_array['PAYPALEMAIL'] = $dbh->config("paypalemail");
echo style::replaceVar("tpl/admin/paid-configuration.tpl", $paid_configuration_array);
}
public function content()
{
global $dbh, $postvar, $getvar, $instance;
switch ($getvar['sub']) {
case "tchoose":
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
foreach ($postvar as $key => $value) {
$dbh->updateConfig($key, $value);
}
main::errors("Settings Updated!");
}
}
$folder = "../themes/";
if ($handle = opendir($folder)) {
while (false !== ($file = readdir($handle))) {
if ($file != "." && $file != ".." && $file != ".svn" && $file != "icons" && $file != "index.html" && $file != "flags") {
$values[] = array($file, $file);
}
}
}
closedir($handle);
$theme_settings_array['THEME'] = main::dropDown("theme", $values, $dbh->config("theme"));
echo style::replaceVar("tpl/admin/lof/theme-settings.tpl", $theme_settings_array);
break;
case "tupload":
// Theme Uploader
echo "Here you can upload a theme of your choice to the installer. Please be sure that the theme is in .zip format.<br><br>";
if ($_POST) {
$response = main::upload_theme();
echo $response . "<br><br>";
}
echo style::replaceVar('tpl/admin/lof/theme-upload.tpl');
break;
case "cssedit":
echo $this->EditTemplate("style", "css");
break;
case "tpledit":
echo style::replaceVar('tpl/admin/lof/template-editor.tpl');
break;
case "navedit":
echo style::replaceVar("tpl/admin/lof/navedit/top.tpl");
$navbar_query = $dbh->select("navbar", 0, array("sortorder", "ASC"));
while ($navbar_data = $dbh->fetch_array($navbar_query)) {
$link_box_array['ID'] = $navbar_data['id'];
$link_box_array['NAME'] = $navbar_data['visual'];
$link_box_array['ICON'] = $navbar_data['icon'];
$link_box_array['LINK'] = $navbar_data['link'];
$links_array['LINKS'] .= style::replaceVar("tpl/admin/lof/navedit/link-box.tpl", $link_box_array);
}
echo style::replaceVar("tpl/admin/lof/navedit/links.tpl", $links_array);
echo style::replaceVar("tpl/admin/lof/navedit/bottom.tpl");
break;
case "editheader":
echo $this->EditTemplate("header", "tpl");
break;
case "editfooter":
echo $this->EditTemplate("footer", "tpl");
break;
case "ui-theme":
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
foreach ($postvar as $key => $value) {
$dbh->updateConfig($key, $value);
}
main::errors("Settings Updated!");
}
}
$folder = INC . "/css/";
foreach (main::folderFiles($folder) as $file) {
$files[] = array($file, $file);
}
$jquery_theme_changer_array['THEME'] = main::dropDown("ui-theme", $files, $dbh->config("ui-theme"));
echo style::replaceVar('tpl/admin/lof/jquery-theme-changer.tpl', $jquery_theme_changer_array);
break;
}
}
public function content()
{
global $dbh, $postvar, $getvar, $instance;
switch ($getvar['sub']) {
default:
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
$time = time();
$tickets_insert = array("title" => $postvar['title'], "content" => $postvar['content'], "urgency" => $postvar['urgency'], "time" => $time, "userid" => $_SESSION['cuser']);
$dbh->insert("tickets", $tickets_insert);
$last_ticket_data = $dbh->select("tickets", array("time", "=", $time), 0, "1");
$template = email::emailTemplate("new-ticket");
$newticket_array['TITLE'] = $postvar['title'];
$newticket_array['URGENCY'] = $postvar['urgency'];
$newticket_array['CONTENT'] = $postvar['content'];
$newticket_array['LINK'] = $dbh->config("url") . ADMINDIR . "/?page=tickets&sub=view&do=" . $last_ticket_data['id'];
email::staff($template['subject'], $template['content'], $newticket_array);
main::errors("Ticket has been added!");
}
}
echo style::replaceVar("tpl/client/tickets/add-ticket.tpl");
break;
case "view":
if (is_numeric($getvar['deltid'])) {
$userid = $_SESSION['cuser'];
$tid = $getvar['deltid'];
unset($where);
$where[] = array("id", "=", $tid, "AND");
$where[] = array("userid", "=", $userid);
$user_check = $dbh->select("tickets", $where, 0, "1", 1);
$user_check_rows = $dbh->num_rows($user_check);
if ($user_check_rows == "0") {
echo "<font color = '#FF0000'>This ticket is not yours to delete or does not exist.</font><br>";
} else {
unset($where);
$where[] = array("id", "=", $tid, "OR");
$where[] = array("ticketid", "=", $tid);
$dbh->delete("tickets", $where);
}
}
if (!$getvar['do']) {
unset($where);
$where[] = array("userid", "=", $_SESSION['cuser'], "AND");
$where[] = array("reply", "=", "0");
$tickets_query = $dbh->select("tickets", $where, 0, 0, 1);
if (!$dbh->num_rows($tickets_query)) {
echo "You currently have no tickets!";
} else {
while ($tickets_data = $dbh->fetch_array($tickets_query)) {
$ticket_view_box_array['TITLE'] = $tickets_data['title'];
$ticket_view_box_array['UPDATE'] = $this->lastUpdated($tickets_data['id']);
$ticket_view_box_array['ID'] = $tickets_data['id'];
$ticket_view_box_array['STATUS'] = $tickets_data['status'];
$ticket_view_box_array['STATUSMSG'] = $this->status($tickets_data['status']);
echo style::replaceVar("tpl/client/tickets/ticket-view-box.tpl", $ticket_view_box_array);
}
}
} else {
unset($where);
$where[] = array("id", "=", $getvar['do'], "OR");
$where[] = array("ticketid", "=", $getvar['do']);
$tickets_query = $dbh->select("tickets", $where, array("time", "ASC"), 0, 1);
if (!$dbh->num_rows($tickets_query)) {
echo "That ticket doesn't exist!";
} else {
if ($_POST) {
check::empty_fields();
if (!main::errors()) {
$time = time();
$tickets_insert = array("title" => $postvar['title'], "content" => $postvar['content'], "time" => $time, "userid" => $_SESSION['cuser'], "reply" => "1", "ticketid" => $getvar['do']);
$dbh->insert("tickets", $tickets_insert);
$last_ticket_data = $dbh->select("tickets", array("time", "=", $time), 0, "1");
$tickets_data = $dbh->fetch_array($tickets_query);
$client = $dbh->client($_SESSION['cuser']);
$template = email::emailTemplate("ticket-client-responded");
$newresponse_array['TITLE'] = $tickets_data['title'];
$newresponse_array['USER'] = $client['user'];
$newresponse_array['CONTENT'] = $postvar['content'];
$newresponse_array['LINK'] = $dbh->config("url") . ADMINDIR . "/?page=tickets&sub=view&do=" . $last_ticket_data['ticketid'];
email::staff($template['subject'], $template['content'], $newresponse_array);
main::redirect("?page=tickets&sub=view&do=" . $getvar['do']);
}
}
$tickets_data = $dbh->fetch_array($tickets_query);
$view_ticket_array['AUTHOR'] = $this->determineAuthor($tickets_data['userid'], $tickets_data['staff']);
$view_ticket_array['TIME'] = main::convertdate("n/d/Y - g:i A", $tickets_data['time']);
$view_ticket_array['NUMREPLIES'] = $dbh->num_rows($tickets_query) - 1;
$view_ticket_array['UPDATED'] = $this->lastUpdated($tickets_data['id']);
$view_ticket_array['ORIG'] = $this->showReply($tickets_data['id']);
$view_ticket_array['URGENCY'] = $tickets_data['urgency'];
$view_ticket_array['STATUS'] = $this->status($tickets_data['status']);
switch ($tickets_data['status']) {
case "1":
$view_ticket_array['STATUSCOLOR'] = "779500";
break;
case "2":
$view_ticket_array['STATUSCOLOR'] = "FF9500";
break;
case "3":
$view_ticket_array['STATUSCOLOR'] = "FF0000";
break;
default:
$view_ticket_array['STATUSCOLOR'] = "000000";
break;
}
$n = 0;
$view_ticket_array['REPLIES'] = "";
while ($reply = $dbh->fetch_array($tickets_query)) {
if (!$n) {
$view_ticket_array['REPLIES'] .= "<br /><b>Replies</b>";
}
$view_ticket_array['REPLIES'] .= $this->showReply($reply['id']);
$n++;
}
$view_ticket_array['ADDREPLY'] .= "<br /><b>Change Ticket Status</b>";
$values[] = array("Open", 1);
$values[] = array("On Hold", 2);
$values[] = array("Closed", 3);
$client_change_status_array['DROPDOWN'] = main::dropdown("status", $values, $tickets_data['status'], 0);
$client_change_status_array['ID'] = $tickets_data['id'];
$view_ticket_array['ADDREPLY'] .= style::replaceVar("tpl/tickets/change-status.tpl", $client_change_status_array);
$view_ticket_array['ADDREPLY'] .= "<br /><b>Add Reply</b>";
$add_reply_array['TITLE'] = "RE: " . $tickets_data['title'];
$view_ticket_array['ADDREPLY'] .= style::replaceVar("tpl/tickets/add-reply.tpl", $add_reply_array);
echo style::replaceVar("tpl/tickets/view-ticket.tpl", $view_ticket_array);
}
}
break;
}
}
