* @subpackage core * @author Bobby Allen (ballen@bobbyallen.me) * @copyright ZPanel Project (http://www.zpanelcp.com/) * @link http://www.zpanelcp.com/ * @license GPL (http://www.gnu.org/licenses/gpl.html) */ global $controller, $zdbh, $zlo; $controller = new runtime_controller(); $zlo->method = ctrl_options::GetSystemOption('logmode'); if ($zlo->hasInfo()) { $zlo->writeLog(); $zlo->reset(); } if (isset($_GET['logout'])) { ctrl_auth::KillSession(); ctrl_auth::KillCookies(); header("location: ./?loggedout"); exit; } if (isset($_GET['returnsession'])) { if (isset($_SESSION['ruid'])) { ctrl_auth::SetUserSession($_SESSION['ruid'], runtime_sessionsecurity::getSessionSecurityEnabled()); $_SESSION['ruid'] = null; } header("location: ./"); exit; } if (isset($_POST['inForgotPassword'])) { runtime_csfr::Protect(); $randomkey = runtime_randomstring::randomHash(); $forgotPass = runtime_xss::xssClean($_POST['inForgotPassword']);
static function doShadowUser() { global $zdbh; global $controller; runtime_csfr::Protect(); $currentuser = ctrl_users::GetUserDetail(); if ($currentuser['username'] == 'zadmin') { $sql = "SELECT * FROM x_accounts WHERE ac_deleted_ts IS NULL ORDER BY ac_user_vc"; $numrows = $zdbh->prepare($sql); } else { $sql = "SELECT * FROM x_accounts WHERE ac_reseller_fk = :userid AND ac_deleted_ts IS NULL"; $numrows = $zdbh->prepare($sql); $numrows->bindParam(':userid', $currentuser['userid']); } if ($numrows->execute()) { if ($numrows->fetchColumn() != 0) { $sql = $zdbh->prepare($sql); if ($currentuser['username'] == 'zadmin') { //no bind needed } else { //bind the username $sql->bindParam(':userid', $currentuser['userid']); } $sql->execute(); while ($rowclients = $sql->fetch()) { if (!fs_director::CheckForEmptyValue($controller->GetControllerRequest('FORM', 'inShadow_' . $rowclients['ac_id_pk']))) { ctrl_auth::KillCookies(); ctrl_auth::SetSession('ruid', $currentuser['userid']); ctrl_auth::SetUserSession($rowclients['ac_id_pk'], runtime_sessionsecurity::getSessionSecurityEnabled()); header("location: /"); exit; } } } } }