$send = isset($_POST['send'][$k]) ? 'yes' : 'no'; $priv = isset($_POST['priv'][$k]) ? 'yes' : 'no'; if ($name && mswIsValidEmail($email)) { $PORTAL = mswGetTableData('portal', 'email', $email); // Does visitor exists? If not, add account.. if (isset($PORTAL->id)) { $pass = ''; if ($PORTAL->language && file_exists(LANG_BASE_PATH . $PORTAL->language . '/mail-templates/admin-dispute-user-current.txt')) { $mailT = LANG_BASE_PATH . $PORTAL->language . '/mail-templates/admin-dispute-user-current.txt'; $pLang = $PORTAL->language; } else { $mailT = LANG_PATH . 'admin-dispute-user-current.txt'; } $userID = $PORTAL->id; } else { $pass = $MSPORTAL->ms_generate(); $mailT = LANG_PATH . 'admin-dispute-user-new.txt'; $userID = $MSACC->add(array('name' => $name, 'email' => $email, 'userPass' => $pass, 'enabled' => 'yes', 'timezone' => '', 'ip' => '', 'notes' => '')); $PORTAL = new stdclass(); $PORTAL->email = $email; } // If this user isn`t in dispute already, add them.. if ($PORTAL->email != $USER->email && mswRowCount('disputes WHERE `ticketID` = \'' . $tickID . '\' AND `visitorID` = \'' . $userID . '\'') == 0) { $MSTICKET->addDisputeUser($tickID, $userID, $priv); // Send notification if enabled.. if ($send == 'yes') { $MSMAIL->addTag('{NAME}', $name); $MSMAIL->addTag('{TITLE}', $TICKET->subject); $MSMAIL->addTag('{EMAIL}', $email); $MSMAIL->addTag('{PASSWORD}', $pass); $MSMAIL->addTag('{ID}', $tickID);
public function ms_password($email, $password = '') { $pass = $password ? $password : accountSystem::ms_generate(); mysql_query("UPDATE `" . DB_PREFIX . "portal` SET\n `userPass` = '" . md5(SECRET_KEY . $pass) . "'\n WHERE `email` = '{$email}'\n LIMIT 1\n "); return $pass; }
$u[] = $_POST['assigned'][$i]['value']; } } if (!empty($u)) { $MSTICKET->ticketUserAssign($ID, implode(',', $u), str_replace(array('{users}', '{admin}'), array($MSTICKET->assignedTeam(implode(',', $u)), $MSTEAM->name), $msg_ticket_history['assign-update'])); } $json = array('ok'); break; //=========================== // Password generator.. //=========================== //=========================== // Password generator.. //=========================== case 'passgen': $pass = $MSACC->ms_generate(); $json = array('pass' => $pass); break; //======================== // Account search.. //======================== //======================== // Account search.. //======================== case 'account-search': $json = $MSPTL->search(); break; //============================= // Dispute account search.. //============================= //=============================
break; // Reset passwords..can only be actioned by global admin.. // Reset passwords..can only be actioned by global admin.. case 'reset': if ($MSTEAM->id == '1') { $cnt = array(0, 0); // Account visitors.. if (isset($_POST['visitors'])) { $qA = mysql_query("SELECT `name`,`email`,`language` FROM `" . DB_PREFIX . "portal`\n\t " . (!isset($_POST['disabled']) ? 'WHERE `enabled` = \'yes\'' : '') . "\n\t\t\t GROUP BY `email`\n\t\t\t ORDER BY `name`\n\t\t\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); while ($ACC = mysql_fetch_object($qA)) { $pLang = ''; if ($ACC->language && file_exists(LANG_BASE_PATH . $ACC->language . '/mail-templates/html-wrapper.html')) { $pLang = $ACC->language; } // New password.. $newPass = $MSACCNT->ms_password($ACC->email, $MSACCNT->ms_generate()); // Send email.. if (isset($_POST['sendmail'])) { $MSMAIL->addTag('{NAME}', $ACC->name); $MSMAIL->addTag('{EMAIL}', $ACC->email); $MSMAIL->addTag('{PASS}', $newPass); $MSMAIL->addTag('{LOGIN_URL}', $SETTINGS->scriptpath); $MSMAIL->sendMSMail(array('from_email' => $SETTINGS->email, 'from_name' => $SETTINGS->website, 'to_email' => $ACC->email, 'to_name' => $ACC->name, 'subject' => str_replace(array('{website}'), array($SETTINGS->website), $emailSubjects['reset']), 'replyto' => array('name' => $SETTINGS->website, 'email' => $SETTINGS->replyto ? $SETTINGS->replyto : $SETTINGS->email), 'template' => $_POST['message'], 'language' => $pLang ? $pLang : $SETTINGS->language, 'alive' => 'yes')); } } $cnt[0] = mysql_num_rows($qA); } // Support team.. if (isset($_POST['team'])) { $qU = mysql_query("SELECT `id`,`name`,`email` FROM `" . DB_PREFIX . "users`\n\t WHERE `id` > 1\n\t " . (!isset($_POST['disabled']) ? 'AND `enabled` = \'yes\'' : '') . "\n\t\t\t GROUP BY `email`\n\t\t\t ORDER BY `name`\n\t\t\t ") or die(mswMysqlErrMsg(mysql_errno(), mysql_error(), __LINE__, __FILE__)); while ($USR = mysql_fetch_object($qU)) {