if (Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_defaultini') == $id || Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.defaultini') == $id) { standard_error('cannotdeletedefaultphpconfig'); } if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1 && $id != 1) { if (isset($_POST['send']) && $_POST['send'] == 'send') { // set php-config to default for all domains using the // config that is to be deleted $upd_stmt = Database::prepare("\n\t\t\t\t\tUPDATE `" . TABLE_PANEL_DOMAINS . "` SET\n\t\t\t\t\t`phpsettingid` = '1' WHERE `phpsettingid` = :id"); Database::pexecute($upd_stmt, array('id' => $id)); $del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"); Database::pexecute($del_stmt, array('id' => $id)); inserttask('1'); $log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with id #" . (int) $id . " has been deleted by '" . $userinfo['loginname'] . "'"); redirectTo($filename, array('page' => $page, 's' => $s)); } else { ask_yesno('phpsetting_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['description']); } } else { standard_error('nopermissionsorinvalidid'); } } if ($action == 'edit') { $result_stmt = Database::prepare("\n\t\t\tSELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id"); $result = Database::pexecute_first($result_stmt, array('id' => $id)); if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1) { if (isset($_POST['send']) && $_POST['send'] == 'send') { $description = validate($_POST['description'], 'description'); $phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\\0]*$/'); if (Settings::Get('system.mod_fcgid') == 1) { $binary = makeCorrectFile(validate($_POST['binary'], 'binary')); $file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\\s]*$/');
$taxclass = isset($taxclasses[$_POST['taxclass']]) ? $_POST['taxclass'] : '1'; $db->query('INSERT INTO `' . TABLE_BILLING_TAXRATES . '` (`taxclass`, `taxrate`, `valid_from`) VALUES( \'' . $db->escape($taxclass) . '\', \'' . $db->escape($taxrate) . '\', \'' . $db->escape($valid_from) . '\' ) '); redirectTo($filename, array('s' => $s)); } else { $valid_from = date('Y-m-d'); eval('echo "' . getTemplate('billing/taxrates_add') . '";'); } } if ($action == 'delete') { $result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_TAXRATES . '` WHERE `taxid` = \'' . $id . '\' '); if ($result['taxid'] == $id && $id != '0') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $db->query('DELETE FROM `' . TABLE_BILLING_TAXRATES . '` WHERE `taxid` = \'' . $id . '\' '); redirectTo($filename, array('s' => $s)); } else { ask_yesno('billing_taxrate_reallydelete', $filename, array('id' => $id, 'action' => $action), $taxclasses[$result['taxclass']] . ' - ' . $result['taxrate']); } } } if ($action == 'edit') { $result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_TAXRATES . '` WHERE `taxid` = \'' . $id . '\' '); if ($result['taxid'] == $id && $id != '0') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $valid_from = validate($_POST['valid_from'], html_entity_decode($lng['service']['valid_from']), '/^(19|20)\\d\\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', '')); if (isset($_POST['taxrate'])) { $taxrate = doubleval(str_replace(',', '.', $_POST['taxrate'])); } elseif (isset($_POST['taxrate_percent'])) { $taxrate = doubleval(str_replace(',', '.', $_POST['taxrate_percent'])) / 100; } else { $texrate = $result['taxrate']; }
$db_root->query('DELETE FROM `mysql`.`user` WHERE `User` = "' . $db_root->escape($result['databasename']) . '" AND `Host` = "' . $db_root->escape($mysql_access_host) . '"'); } $db_root->query('DROP DATABASE IF EXISTS `' . $db_root->escape($result['databasename']) . '`'); $db_root->query('FLUSH PRIVILEGES'); $db_root->close(); // End root-session $db->query('DELETE FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int) $userinfo['customerid'] . '" AND `id`="' . (int) $id . '"'); if ($userinfo['mysqls_used'] == '1') { $resetaccnumber = " , `mysql_lastaccountnumber`='0' "; } else { $resetaccnumber = ''; } $result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`-1 ' . $resetaccnumber . 'WHERE `customerid`="' . (int) $userinfo['customerid'] . '"'); redirectTo($filename, array('page' => $page, 's' => $s)); } else { ask_yesno('mysql_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['databasename']); } } } elseif ($action == 'add') { if ($userinfo['mysqls_used'] < $userinfo['mysqls'] || $userinfo['mysqls'] == '-1') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $password = validate($_POST['mysql_password'], 'password'); if ($password == '') { standard_error(array('stringisempty', 'mypassword')); } else { $username = $userinfo['loginname'] . $settings['customer']['mysqlprefix'] . (intval($userinfo['mysql_lastaccountnumber']) + 1); if (count($sql_root) > 1) { $dbserver = validate($_POST['mysql_server'], html_entity_decode($lng['mysql']['mysql_server']), '', '', 0); if (!isset($sql_root[$dbserver]) || !is_array($sql_root[$dbserver])) { $dbserver = 0; }
break; default: $_action = $lng['logger']['unknown']; break; } $row['action'] = $_action; eval("\$log.=\"" . getTemplate('logger/logger_action') . "\";"); } $log_count++; $row['type'] = getLogLevelDesc($row['type']); eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";"); $count++; $_action = $action; } $i++; } $i++; } eval("echo \"" . getTemplate('logger/logger') . "\";"); } elseif ($action == 'truncate') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $truncatedate = time() - 60 * 10; $trunc_stmt = Database::prepare("\n\t\t\t\tDELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < :trunc"); Database::pexecute($trunc_stmt, array('trunc' => $truncatedate)); $log->logAction(ADM_ACTION, LOG_WARNING, 'truncated the system-log (mysql)'); redirectTo($filename, array('page' => $page, 's' => $s)); } else { ask_yesno('logger_reallytruncate', $filename, array('page' => $page, 'action' => $action), TABLE_PANEL_LOG); } } }
} } else { standard_error('allresourcesused'); } } elseif ($action == 'delete' && $id != 0) { $result = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `id`='" . (int) $id . "'"); if (isset($result['destination']) && $result['destination'] != '') { if (isset($_POST['forwarderid'])) { $forwarderid = intval($_POST['forwarderid']); } elseif (isset($_GET['forwarderid'])) { $forwarderid = intval($_GET['forwarderid']); } else { $forwarderid = 0; } $result['destination'] = explode(' ', $result['destination']); if (isset($result['destination'][$forwarderid]) && $result['email'] != $result['destination'][$forwarderid]) { $forwarder = $result['destination'][$forwarderid]; if (isset($_POST['send']) && $_POST['send'] == 'send') { unset($result['destination'][$forwarderid]); $result['destination'] = implode(' ', $result['destination']); $db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `destination` = '" . $db->escape(makeCorrectDestination($result['destination'])) . "' WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `id`='" . (int) $id . "'"); $db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_forwarders_used` = `email_forwarders_used` - 1 WHERE `customerid`='" . (int) $userinfo['customerid'] . "'"); $log->logAction(USR_ACTION, LOG_NOTICE, "deleted email forwarder for '" . $result['email_full'] . "'"); redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s)); } else { ask_yesno('email_reallydelete_forwarder', $filename, array('id' => $id, 'forwarderid' => $forwarderid, 'page' => $page, 'action' => $action), $idna_convert->decode($result['email_full']) . ' -> ' . $idna_convert->decode($forwarder)); } } } } }
if (isset($result['username']) && $result['username'] != $userinfo['loginname']) { if (isset($_POST['send']) && $_POST['send'] == 'send') { $db->query('UPDATE `' . TABLE_FTP_USERS . "` SET `up_count`=`up_count`+'" . (int) $result['up_count'] . "', `up_bytes`=`up_bytes`+'" . (int) $result['up_bytes'] . "', `down_count`=`down_count`+'" . (int) $result['down_count'] . "', `down_bytes`=`down_bytes`+'" . (int) $result['down_bytes'] . "' WHERE `username`='" . $db->escape($userinfo['loginname']) . "'"); $db->query('DELETE FROM `' . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `id`='" . (int) $id . "'"); $log->logAction(USR_ACTION, LOG_INFO, "deleted ftp-account '" . $result['username'] . "'"); $db->query('UPDATE `' . TABLE_FTP_GROUPS . "` SET `members`=REPLACE(`members`,'," . $db->escape($result['username']) . "','') WHERE `customerid`='" . (int) $userinfo['customerid'] . "'"); // $db->query("DELETE FROM `".TABLE_FTP_GROUPS."` WHERE `customerid`='".$userinfo['customerid']."' AND `id`='$id'"); if ($userinfo['ftps_used'] == '1') { $resetaccnumber = " , `ftp_lastaccountnumber`='0'"; } else { $resetaccnumber = ''; } $result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . "` SET `ftps_used`=`ftps_used`-1 {$resetaccnumber} WHERE `customerid`='" . (int) $userinfo['customerid'] . "'"); redirectTo($filename, array('page' => $page, 's' => $s)); } else { ask_yesno('ftp_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']); } } else { standard_error('ftp_cantdeletemainaccount'); } } elseif ($action == 'add') { if ($userinfo['ftps_used'] < $userinfo['ftps'] || $userinfo['ftps'] == '-1') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $path = validate($_POST['path'], 'path'); $password = validate($_POST['ftp_password'], 'password'); if ($settings['customer']['ftpatdomain'] == '1') { $ftpusername = validate($_POST['ftp_username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\\-_]+\\$?$/'); if ($ftpusername == '') { standard_error(array('stringisempty', 'username')); } $ftpdomain = $idna_convert->encode(validate($_POST['ftp_domain'], 'domain'));
$subject = htmlspecialchars($row['subject']); $message = htmlspecialchars($row['message']); $checked = ''; if ($row['enabled'] == 1) { $checked = "checked=\"checked\""; } eval("echo \"" . getTemplate("email/autoresponder_edit") . "\";"); } else { if ($action == "delete") { if (isset($_POST['send']) && $_POST['send'] == 'send') { $account = trim($_POST['account']); // Does autoresponder exist? $result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int) $userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1"); if ($db->num_rows($result) == 0) { standard_error('invalidautoresponder'); } $db->query("DELETE FROM `" . TABLE_MAIL_AUTORESPONDER . "`\n\t\t\tWHERE `email` = '" . $db->escape($account) . "'\n\t\t\tAND `customerid` = '" . $db->escape((int) $userinfo['customerid']) . "'\n\t\t\t"); redirectTo($filename, array('s' => $s)); } $email = trim(htmlspecialchars($_GET['email'])); ask_yesno('autoresponderdelete', $filename, array('action' => $action, 'account' => $email)); } else { $autoresponder = ''; $result = $db->query("SELECT * FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int) $userinfo['customerid'] . "' ORDER BY email ASC"); while ($row = $db->fetch_array($result)) { eval("\$autoresponder.=\"" . getTemplate("email/autoresponder_autoresponder") . "\";"); } eval("echo \"" . getTemplate("email/autoresponder") . "\";"); } } }
$db_root->close(); // End root-session $db->query('DELETE FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int) $userinfo['customerid'] . '" AND `id`="' . (int) $id . '"'); if ($userinfo['mysqls_used'] == '1') { $resetaccnumber = " , `mysql_lastaccountnumber`='0' "; } else { $resetaccnumber = ''; } $result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`-1 ' . $resetaccnumber . 'WHERE `customerid`="' . (int) $userinfo['customerid'] . '"'); redirectTo($filename, array('page' => $page, 's' => $s)); } else { $dbnamedesc = $result['databasename']; if (isset($result['description']) && $result['description'] != '') { $dbnamedesc .= ' (' . $result['description'] . ')'; } ask_yesno('mysql_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $dbnamedesc); } } } elseif ($action == 'add') { if ($userinfo['mysqls_used'] < $userinfo['mysqls'] || $userinfo['mysqls'] == '-1') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $password = validate($_POST['mysql_password'], 'password'); $password = validatePassword($password); $sendinfomail = intval($_POST['sendinfomail']); if ($sendinfomail != 1) { $sendinfomail = 0; } if ($password == '') { standard_error(array('stringisempty', 'mypassword')); } else { $username = $userinfo['loginname'] . $settings['customer']['mysqlprefix'] . (intval($userinfo['mysql_lastaccountnumber']) + 1);
standard_error('youcantdeleteyourself'); } if (isset($_POST['send']) && $_POST['send'] == 'send') { $del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :adminid\n\t\t\t\t"); Database::pexecute($del_stmt, array('adminid' => $id)); $del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_PANEL_TRAFFIC_ADMINS . "` WHERE `adminid` = :adminid\n\t\t\t\t"); Database::pexecute($del_stmt, array('adminid' => $id)); $upd_stmt = Database::prepare("\n\t\t\t\t\tUPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET\n\t\t\t\t\t`adminid` = :userid WHERE `adminid` = :adminid\n\t\t\t\t"); Database::pexecute($upd_stmt, array('userid' => $userinfo['userid'], 'adminid' => $id)); $upd_stmt = Database::prepare("\n\t\t\t\t\tUPDATE `" . TABLE_PANEL_DOMAINS . "` SET\n\t\t\t\t\t`adminid` = :userid WHERE `adminid` = :adminid\n\t\t\t\t"); Database::pexecute($upd_stmt, array('userid' => $userinfo['userid'], 'adminid' => $id)); $log->logAction(ADM_ACTION, LOG_INFO, "deleted admin '" . $result['loginname'] . "'"); updateCounters(); redirectTo($filename, array('page' => $page, 's' => $s)); } else { ask_yesno('admin_admin_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['loginname']); } } } elseif ($action == 'add') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $name = validate($_POST['name'], 'name'); $email = $idna_convert->encode(validate($_POST['email'], 'email')); $custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\\0]*$/'); $custom_notes_show = 0; if (isset($_POST['custom_notes_show'])) { $custom_notes_show = intval_ressource($_POST['custom_notes_show']); } $loginname = validate($_POST['loginname'], 'loginname'); $password = validate($_POST['admin_password'], 'password'); $password = validatePassword($password); $def_language = validate($_POST['def_language'], 'default language');
ask_yesno('admin_template_reallydelete', $filename, array('subjectid' => $subjectid, 'mailbodyid' => $mailbodyid, 'page' => $page, 'action' => $action), $result['language'] . ' - ' . $lng['admin']['templates'][str_replace('_subject', '', $result['varname'])]); } } } elseif ($action == 'deletef' && $id != 0) { //file templates $result_stmt = Database::prepare("\n\t\tSELECT * FROM `" . TABLE_PANEL_TEMPLATES . "`\n\t\tWHERE `adminid` = :adminid AND `id` = :id"); Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'id' => $id)); if (Database::num_rows() > 0) { $row = $result_stmt->fetch(PDO::FETCH_ASSOC); if (isset($_POST['send']) && $_POST['send'] == 'send') { $del_stmt = Database::prepare("\n\t\t\t\tDELETE FROM `" . TABLE_PANEL_TEMPLATES . "`\n\t\t\t\tWHERE `adminid` = :adminid AND `id` = :id"); Database::pexecute($del_stmt, array('adminid' => $userinfo['adminid'], 'id' => $id)); $log->logAction(ADM_ACTION, LOG_INFO, "deleted template '" . $lng['admin']['templates'][$row['varname']] . "'"); redirectTo($filename, array('page' => $page, 's' => $s)); } else { ask_yesno('admin_template_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $lng['admin']['templates'][$row['varname']]); } } else { standard_error('templatenotfound'); exit; } } elseif ($action == 'add') { if (Settings::Get('panel.sendalternativemail') == 1) { $available_templates[] = 'pop_success_alternative'; } if (isset($_POST['prepare']) && $_POST['prepare'] == 'prepare') { //email templates $language = htmlentities(validate($_POST['language'], 'language', '/^[^\\r\\n\\0"\']+$/', 'nolanguageselect')); $template = validate($_POST['template'], 'template'); $lng_bak = $lng; foreach ($langs['English'] as $key => $value) {
$interval_type = getIntervalTypes('option'); $service_active = makeyesno('service_active', '1', '0', '0'); $interval_payment = makeoption($lng['service']['interval_payment_prepaid'], '0', '0', true) . makeoption($lng['service']['interval_payment_postpaid'], '1', '0', true); eval("echo \"" . getTemplate("billing/other_add") . "\";"); } } if ($action == 'delete') { $result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_OTHER . '` WHERE `id` = \'' . $id . '\' '); if ($result['id'] == $id && $id != '0') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $db->query('DELETE FROM `' . TABLE_BILLING_SERVICE_OTHER . '` WHERE `id` = \'' . $id . '\' '); redirectTo($filename, array('s' => $s)); } else { $result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_OTHER . '` WHERE `id` = \'' . $id . '\' '); $result['valid_from'] = date('Y-m-d', $result['valid_from']); ask_yesno('billing_other_service_reallydelete', $filename, array('id' => $id, 'action' => $action)); } } } if ($action == 'edit') { $result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_OTHER . '` WHERE `id` = \'' . $id . '\' '); if ($result['id'] == $id && $id != '0') { $override_billing_data_edit = isset($_GET['override_billing_data_edit']) && $_GET['override_billing_data_edit'] == '1' || isset($_POST['override_billing_data_edit']) && $_POST['override_billing_data_edit'] == '1'; $enable_billing_data_edit = $result['servicestart_date'] == '0000-00-00' || $result['interval_payment'] == CONST_BILLING_INTERVALPAYMENT_PREPAID && calculateDayDifference(time(), $result['lastinvoiced_date']) >= 0 || $override_billing_data_edit === true; if (isset($_POST['send']) && $_POST['send'] == 'send') { if ($enable_billing_data_edit === true) { if (isset($_POST['templateid']) && intval($_POST['templateid']) != 0 && isset($other_templates[$_POST['templateid']])) { $templateid = $_POST['templateid']; } else { $templateid = '0'; }
while ($array = $result_stmt->fetch(PDO::FETCH_ASSOC)) { $difference = Settings::Get('system.mail_quota') - $array['quota']; Database::pexecute($upd_stmt, array('diff' => $difference, 'customerid' => $customerid)); } } // Set the new quota $upd_stmt = Database::prepare("\n\t\t\tUPDATE `" . TABLE_MAIL_USERS . "` SET `quota` = :quota\n\t\t"); Database::pexecute($upd_stmt, array('quota' => Settings::Get('system.mail_quota'))); // Update the Customer, if the used quota is bigger than the allowed quota Database::query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_quota` = `email_quota_used` WHERE `email_quota` < `email_quota_used`"); $log->logAction(ADM_ACTION, LOG_WARNING, 'enforcing mailquota to all customers: ' . Settings::Get('system.mail_quota') . ' MB'); redirectTo($filename, array('s' => $s)); } else { ask_yesno('admin_quotas_reallyenforce', $filename, array('page' => $page)); } } elseif ($page == 'integritycheck' && $userinfo['change_serversettings'] == '1') { $integrity = new IntegrityCheck(); if (isset($_POST['send']) && $_POST['send'] == 'send') { $integrity->fixAll(); } elseif (isset($_GET['action']) && $_GET['action'] == "fix") { ask_yesno('admin_integritycheck_reallyfix', $filename, array('page' => $page)); } $integritycheck = ''; foreach ($integrity->available as $id => $check) { $displayid = $id + 1; $result = $integrity->{$check}(); $checkdesc = $lng['integrity_check'][$check]; eval("\$integritycheck.=\"" . getTemplate("settings/integritycheck_row") . "\";"); } eval("echo \"" . getTemplate("settings/integritycheck") . "\";"); }
} else { $valid_from = date('Y-m-d'); $valid_to = date('Y-m-d'); $interval_type = getIntervalTypes('option'); $interval_payment = makeoption($lng['service']['interval_payment_prepaid'], '0', '0', true) . makeoption($lng['service']['interval_payment_postpaid'], '1', '0', true); eval('echo "' . getTemplate('billing/other_templates_add') . '";'); } } if ($action == 'delete') { $result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_OTHER_TEMPLATES . '` WHERE `templateid` = \'' . $id . '\' '); if ($result['templateid'] == $id && $id != '0') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $db->query('DELETE FROM `' . TABLE_BILLING_SERVICE_OTHER_TEMPLATES . '` WHERE `templateid` = \'' . $id . '\' '); redirectTo($filename, array('s' => $s)); } else { ask_yesno('billing_other_template_reallydelete', $filename, array('id' => $id, 'action' => $action), $result['caption_setup'] . ' / ' . $result['caption_interval'] . ' (' . $result['valid_from'] . ' - ' . $result['valid_to'] . ')'); } } } if ($action == 'edit') { $result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_OTHER_TEMPLATES . '` WHERE `templateid` = \'' . $id . '\' '); if ($result['templateid'] == $id && $id != '0') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $valid_from = validate($_POST['valid_from'], html_entity_decode($lng['service']['valid_from']), '/^(19|20)\\d\\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', '')); $valid_to = validate($_POST['valid_to'], html_entity_decode($lng['service']['valid_to']), '/^(19|20)\\d\\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', '')); if (isset($_POST['taxclass']) && intval($_POST['taxclass']) != 0 && isset($taxclasses[$_POST['taxclass']])) { $taxclass = $_POST['taxclass']; } else { $taxclass = '0'; } $interval_fee = doubleval(str_replace(',', '.', $_POST['interval_fee']));
/** * This file is part of the SysCP project. * Copyright (c) 2003-2009 the SysCP Team (see authors). * * For the full copyright and license information, please view the COPYING * file that was distributed with this source code. You can also view the * COPYING file online at http://files.syscp.org/misc/COPYING.txt * * @copyright (c) the authors * @author Florian Lippert <*****@*****.**> * @license GPLv2 http://files.syscp.org/misc/COPYING.txt * * @version $Id$ */ function processForm($form, $input, $url_params = array()) { if (validateFormDefinition($form)) { $submitted_fields = array(); $changed_fields = array(); $saved_fields = array(); foreach ($form['groups'] as $groupname => $groupdetails) { if (validateFieldDefinition($groupdetails)) { // Prefetch form fields foreach ($groupdetails['fields'] as $fieldname => $fielddetails) { $groupdetails['fields'][$fieldname] = array_merge_prefix($fielddetails, $fielddetails['type'], prefetchFormFieldData($fieldname, $fielddetails)); $form['groups'][$groupname]['fields'][$fieldname] = $groupdetails['fields'][$fieldname]; } } } foreach ($form['groups'] as $groupname => $groupdetails) { if (validateFieldDefinition($groupdetails)) { // Validate fields foreach ($groupdetails['fields'] as $fieldname => $fielddetails) { $newfieldvalue = getFormFieldData($fieldname, $fielddetails, $input); if (isset($fielddetails['value']) && $newfieldvalue != $fielddetails['value']) { if (($error = validateFormField($fieldname, $fielddetails, $newfieldvalue)) !== true) { standard_error($error, $fieldname); } else { $changed_fields[$fieldname] = $newfieldvalue; } } $submitted_fields[$fieldname] = $newfieldvalue; } } } foreach ($form['groups'] as $groupname => $groupdetails) { if (validateFieldDefinition($groupdetails)) { // Check fields for plausibility foreach ($groupdetails['fields'] as $fieldname => $fielddetails) { if (($plausibility_check = checkPlausibilityFormField($fieldname, $fielddetails, $submitted_fields[$fieldname], $submitted_fields)) !== false) { if (is_array($plausibility_check) && isset($plausibility_check[0])) { if ($plausibility_check[0] == FORMFIELDS_PLAUSIBILITY_CHECK_OK) { // Nothing to do here, everything's okay } elseif ($plausibility_check[0] == FORMFIELDS_PLAUSIBILITY_CHECK_ERROR) { unset($plausibility_check[0]); $error = $plausibility_check[1]; unset($plausibility_check[1]); $targetname = implode(' ', $plausibility_check); standard_error($error, $targetname); } elseif ($plausibility_check[0] == FORMFIELDS_PLAUSIBILITY_CHECK_QUESTION) { unset($plausibility_check[0]); $question = $plausibility_check[1]; unset($plausibility_check[1]); $targetname = implode(' ', $plausibility_check); if (!isset($input[$question])) { if (is_array($url_params) && isset($url_params['filename'])) { $filename = $url_params['filename']; unset($url_params['filename']); } else { $filename = ''; } ask_yesno($question, $filename, array_merge($url_params, $submitted_fields, array($question => $question)), $targetname); } } else { standard_error('plausibilitychecknotunderstood'); } } } } } } foreach ($form['groups'] as $groupname => $groupdetails) { if (validateFieldDefinition($groupdetails)) { // Save fields foreach ($groupdetails['fields'] as $fieldname => $fielddetails) { if (isset($changed_fields[$fieldname])) { if (($saved_field = saveFormField($fieldname, $fielddetails, manipulateFormFieldData($fieldname, $fielddetails, $changed_fields[$fieldname]))) !== false) { $saved_fields = array_merge($saved_fields, $saved_field); } else { standard_error('errorwhensaving', $fieldname); } } } } } // Save form return saveForm($form, $saved_fields); } }
eval("\$htaccess.=\"" . getTemplate("extras/htaccess_htaccess") . "\";"); $count++; } $i++; } eval("echo \"" . getTemplate("extras/htaccess") . "\";"); } elseif ($action == 'delete' && $id != 0) { $result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `id`='" . (int) $id . "'"); if (isset($result['customerid']) && $result['customerid'] != '' && $result['customerid'] == $userinfo['customerid']) { if (isset($_POST['send']) && $_POST['send'] == 'send') { $db->query("DELETE FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `id`='" . (int) $id . "'"); $log->logAction(USR_ACTION, LOG_INFO, "deleted htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'"); inserttask('1'); redirectTo($filename, array('page' => $page, 's' => $s)); } else { ask_yesno('extras_reallydelete_pathoptions', $filename, array('id' => $id, 'page' => $page, 'action' => $action), str_replace($userinfo['documentroot'], '', $result['path'])); } } } elseif ($action == 'add') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $path = makeCorrectDir(validate($_POST['path'], 'path')); $userpath = $path; $path = makeCorrectDir($userinfo['documentroot'] . '/' . $path); $path_dupe_check = $db->query_first("SELECT `id`, `path` FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `path`='" . $db->escape($path) . "' AND `customerid`='" . (int) $userinfo['customerid'] . "'"); if (!$_POST['path']) { standard_error('invalidpath'); } if ($_POST['error404path'] === '' || validateUrl($idna_convert->encode($_POST['error404path']))) { $error404path = $_POST['error404path']; } else { standard_error('mustbeurl');
$del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_DOMAINTOIP . "`\n\t\t\t\t\tWHERE `id_domain` = :domainid"); Database::pexecute($del_stmt, array('domainid' => $id)); $del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_PANEL_DOMAINREDIRECTS . "`\n\t\t\t\t\tWHERE `did` = :domainid"); Database::pexecute($del_stmt, array('domainid' => $id)); // remove certificate from domain_ssl_settings, fixes #1596 $del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`\n\t\t\t\t\tWHERE `domainid` = :domainid"); Database::pexecute($del_stmt, array('domainid' => $id)); // remove possible existing DNS entries $del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_DOMAIN_DNS . "`\n\t\t\t\t\tWHERE `domain_id` = :domainid\n\t\t\t\t"); Database::pexecute($del_stmt, array('domainid' => $id)); inserttask('1'); // Using nameserver, insert a task which rebuilds the server config inserttask('4'); redirectTo($filename, array('page' => $page, 's' => $s)); } else { ask_yesno('domains_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['domain'])); } } else { standard_error('domains_cantdeletemaindomain'); } } elseif ($action == 'add') { if ($userinfo['subdomains_used'] < $userinfo['subdomains'] || $userinfo['subdomains'] == '-1') { if (isset($_POST['send']) && $_POST['send'] == 'send') { if (strpos($_POST['subdomain'], '--') !== false) { standard_error('domain_nopunycode'); } $subdomain = $idna_convert->encode(preg_replace(array('/\\:(\\d)+$/', '/^https?\\:\\/\\//'), '', validate($_POST['subdomain'], 'subdomain', '', 'subdomainiswrong'))); $domain = $_POST['domain']; $domain_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`\n\t\t\t\t\tWHERE `domain` = :domain\n\t\t\t\t\tAND `customerid` = :customerid\n\t\t\t\t\tAND `parentdomainid` = '0'\n\t\t\t\t\tAND `email_only` = '0'\n\t\t\t\t\tAND `caneditdomain` = '1'"); $domain_check = Database::pexecute_first($domain_stmt, array("domain" => $domain, "customerid" => $userinfo['customerid'])); $completedomain = $subdomain . '.' . $domain;
$result_stmt = Database::prepare("\n\t\t\t\t\t\t\tSELECT `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "`\n\t\t\t\t\t\t\tWHERE `id` = :id"); $result = Database::pexecute_first($result_stmt, array('id' => $id)); if ($result['ip'] != '') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $del_stmt = Database::prepare("\n\t\t\t\t\t\t\t\t\tDELETE FROM `" . TABLE_PANEL_IPSANDPORTS . "`\n\t\t\t\t\t\t\t\t\tWHERE `id` = :id"); Database::pexecute($del_stmt, array('id' => $id)); // also, remove connections to domains (multi-stack) $del_stmt = Database::prepare("\n\t\t\t\t\t\t\t\t\tDELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_ipandports` = :id"); Database::pexecute($del_stmt, array('id' => $id)); $log->logAction(ADM_ACTION, LOG_WARNING, "deleted IP/port '" . $result['ip'] . ":" . $result['port'] . "'"); inserttask('1'); // Using nameserver, insert a task which rebuilds the server config inserttask('4'); redirectTo($filename, array('page' => $page, 's' => $s)); } else { ask_yesno('admin_ip_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['ip'] . ':' . $result['port']); } } } else { standard_error('cantdeletesystemip'); } } else { standard_error('cantdeletedefaultip'); } } else { standard_error('ipstillhasdomains'); } } } elseif ($action == 'add') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $ip = validate_ip($_POST['ip']);
} else { ask_yesno('admin_cleartextmailpws_reallywipe', $filename, array('page' => $page)); } } elseif ($page == 'wipequotas' && $userinfo['change_serversettings'] == '1') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $log->logAction(ADM_ACTION, LOG_WARNING, "wiped all mailquotas"); // Set the quota to 0 which means unlimited $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `quota`='0' "); $db->query("UPDATE " . TABLE_PANEL_CUSTOMERS . " SET `email_quota_used` = 0"); redirectTo('admin_settings.php', array('s' => $s)); } else { ask_yesno('admin_quotas_reallywipe', $filename, array('page' => $page)); } } elseif ($page == 'enforcequotas' && $userinfo['change_serversettings'] == '1') { if (isset($_POST['send']) && $_POST['send'] == 'send') { // Fetch all accounts $result = $db->query("SELECT `quota`, `customerid` FROM " . TABLE_MAIL_USERS); while ($array = $db->fetch_array($result)) { $difference = $settings['system']['mail_quota'] - $array['quota']; $db->query("UPDATE " . TABLE_PANEL_CUSTOMERS . " SET `email_quota_used` = `email_quota_used` + " . (int) $difference . " WHERE `customerid` = '" . $array['customerid'] . "'"); } // Set the new quota $db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `quota`='" . $settings['system']['mail_quota'] . "'"); // Update the Customer, if the used quota is bigger than the allowed quota $db->query("UPDATE " . TABLE_PANEL_CUSTOMERS . " SET `email_quota` = `email_quota_used` WHERE `email_quota` < `email_quota_used`"); $log->logAction(ADM_ACTION, LOG_WARNING, 'enforcing mailquota to all customers: ' . $settings['system']['mail_quota'] . ' MB'); redirectTo('admin_settings.php', array('s' => $s)); } else { ask_yesno('admin_quotas_reallyenforce', $filename, array('page' => $page)); } }
while ($row2 = $db->fetch_array($andere)) { $subticket = ticket::getInstanceOf($userinfo, $db, $settings, (int) $row2['id']); $lastchange = date("d.m.Y H:i\\h", $subticket->Get('lastchange')); if ($subticket->Get('by') == '1') { $by = $lng['ticket']['staff']; } else { $by = $lng['ticket']['customer']; } $subject = htmlentities($subticket->Get('subject')); $message = htmlentities($subticket->Get('message')); eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_list") . "\";"); } $priorities = makeoption($lng['ticket']['high'], '1', htmlentities($mainticket->Get('priority')), true, true); $priorities .= makeoption($lng['ticket']['normal'], '2', htmlentities($mainticket->Get('priority')), true, true); $priorities .= makeoption($lng['ticket']['low'], '3', htmlentities($mainticket->Get('priority')), true, true); $subject = htmlentities($mainticket->Get('subject')); $ticket_replies_count = $db->num_rows($andere) + 1; // don't forget the main-ticket! eval("echo \"" . getTemplate("tickets/tickets_view") . "\";"); } elseif ($action == 'delete' && $id != 0) { if (isset($_POST['send']) && $_POST['send'] == 'send') { $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int) $id); $log->logAction(ADM_ACTION, LOG_INFO, "deleted archived ticket '" . $mainticket->Get('subject') . "'"); $mainticket->Delete(); redirectTo($filename, array('page' => $page, 's' => $s)); } else { $mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int) $id); ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject')); } } }
} else { $valid_from = date('Y-m-d'); $valid_to = date('Y-m-d'); $interval_type = getIntervalTypes('option'); $interval_payment = makeoption($lng['service']['interval_payment_prepaid'], '0', '0', true) . makeoption($lng['service']['interval_payment_postpaid'], '1', '0', true); eval('echo "' . getTemplate('billing/domains_templates_add') . '";'); } } if ($action == 'delete') { $result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_DOMAINS_TEMPLATES . '` WHERE `id` = \'' . $id . '\' '); if ($result['id'] == $id && $id != '0') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $db->query('DELETE FROM `' . TABLE_BILLING_SERVICE_DOMAINS_TEMPLATES . '` WHERE `id` = \'' . $id . '\' '); redirectTo($filename, array('s' => $s)); } else { ask_yesno('billing_domains_template_reallydelete', $filename, array('id' => $id, 'action' => $action), $result['tld'] . ' (' . $result['valid_from'] . ' - ' . $result['valid_to'] . ')'); } } } if ($action == 'edit') { $result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_DOMAINS_TEMPLATES . '` WHERE `id` = \'' . $id . '\' '); if ($result['id'] == $id && $id != '0') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $valid_from = validate($_POST['valid_from'], html_entity_decode($lng['service']['valid_from']), '/^(19|20)\\d\\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', '')); $valid_to = validate($_POST['valid_to'], html_entity_decode($lng['service']['valid_to']), '/^(19|20)\\d\\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', '')); if (isset($taxclasses[$_POST['taxclass']])) { $taxclass = $_POST['taxclass']; } else { $taxclass_keys = array_keys($taxclasses); $taxclass = $taxclass_keys[0]; unset($taxclass_keys);
redirectTo('index.php', array('action' => 'login')); } } elseif ($action == 'unlock' && $id != 0) { $result_stmt = Database::prepare("\n\t\t\tSELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "`\n\t\t\tWHERE `customerid` = :id" . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid")); $result_data = array('id' => $id); if ($userinfo['customers_see_all'] == '0') { $result_data['adminid'] = $userinfo['adminid']; } $result = Database::pexecute_first($result_stmt, $result_data); if ($result['loginname'] != '') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $result_stmt = Database::prepare("\n\t\t\t\t\tUPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET\n\t\t\t\t\t`loginfail_count` = '0'\n\t\t\t\t\tWHERE `customerid`= :id"); Database::pexecute($result_stmt, array('id' => $id)); redirectTo($filename, array('page' => $page, 's' => $s)); } else { ask_yesno('customer_reallyunlock', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['loginname']); } } } elseif ($action == 'delete' && $id != 0) { $result_stmt = Database::prepare("\n\t\t\tSELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "`\n\t\t\tWHERE `customerid` = :id" . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid")); $params = array('id' => $id); if ($userinfo['customers_see_all'] == '0') { $params['adminid'] = $userinfo['adminid']; } $result = Database::pexecute_first($result_stmt, $params); if ($result['loginname'] != '') { if (isset($_POST['send']) && $_POST['send'] == 'send') { $databases_stmt = Database::prepare("\n\t\t\t\t\tSELECT * FROM `" . TABLE_PANEL_DATABASES . "`\n\t\t\t\t\tWHERE `customerid` = :id ORDER BY `dbserver`"); Database::pexecute($databases_stmt, array('id' => $id)); Database::needRoot(true); $last_dbserver = 0;
if ($aliasdomain_check['id'] != $aliasdomain) { standard_error('domainisaliasorothercustomer'); } if ($issubof <= '0') { $issubof = '0'; } if ($serveraliasoption != '1' && $serveraliasoption != '2') { $serveraliasoption = '0'; } $params = array('id' => $id, 'page' => $page, 'action' => $action, 'customerid' => $customerid, 'adminid' => $adminid, 'documentroot' => $documentroot, 'alias' => $aliasdomain, 'isbinddomain' => $isbinddomain, 'isemaildomain' => $isemaildomain, 'email_only' => $email_only, 'subcanemaildomain' => $subcanemaildomain, 'caneditdomain' => $caneditdomain, 'zonefile' => $zonefile, 'dkim' => $dkim, 'selectserveralias' => $serveraliasoption, 'ssl_redirect' => $ssl_redirect, 'openbasedir' => $openbasedir, 'phpsettingid' => $phpsettingid, 'mod_fcgid_starter' => $mod_fcgid_starter, 'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests, 'specialsettings' => $specialsettings, 'registration_date' => $registration_date, 'issubof' => $issubof, 'speciallogfile' => $speciallogfile, 'speciallogverified' => $speciallogverified, 'ipandport' => serialize($ipandports), 'ssl_ipandport' => serialize($ssl_ipandports)); $security_questions = array('reallydisablesecuritysetting' => $openbasedir == '0' && $userinfo['change_serversettings'] == '1', 'reallydocrootoutofcustomerroot' => substr($documentroot, 0, strlen($customer['documentroot'])) != $customer['documentroot'] && !preg_match('/^https?\\:\\/\\//', $documentroot)); foreach ($security_questions as $question_name => $question_launch) { if ($question_launch !== false) { $params[$question_name] = $question_name; if (!isset($_POST[$question_name]) || $_POST[$question_name] != $question_name) { ask_yesno('admin_domain_' . $question_name, $filename, $params); exit; } } } $wwwserveralias = $serveraliasoption == '1' ? '1' : '0'; $iswildcarddomain = $serveraliasoption == '0' ? '1' : '0'; if ($documentroot != $result['documentroot'] || $ssl_redirect != $result['ssl_redirect'] || $wwwserveralias != $result['wwwserveralias'] || $iswildcarddomain != $result['iswildcarddomain'] || $openbasedir != $result['openbasedir'] || $phpsettingid != $result['phpsettingid'] || $mod_fcgid_starter != $result['mod_fcgid_starter'] || $mod_fcgid_maxrequests != $result['mod_fcgid_maxrequests'] || $specialsettings != $result['specialsettings'] || $aliasdomain != $result['aliasdomain'] || $issubof != $result['ismainbutsubto'] || $email_only != $result['email_only'] || $speciallogfile != $result['speciallogfile'] && $speciallogverified == '1') { inserttask('1'); } if ($speciallogfile != $result['speciallogfile'] && $speciallogverified != '1') { $speciallogfile = $result['speciallogfile']; } if ($isbinddomain != $result['isbinddomain'] || $zonefile != $result['zonefile'] || $dkim != $result['dkim']) { inserttask('4'); }
} else { $key = ''; } if (isset($_POST['send']) && $_POST['send'] == 'send') { if (isset($key) && $key != '') { $db->query('DELETE FROM `' . getModeDetails($mode, 'TABLE_BILLING_INVOICE_CHANGES', 'table') . '` WHERE `' . getModeDetails($mode, 'TABLE_BILLING_INVOICE_CHANGES', 'key') . '` = \'' . $db->escape($id) . '\' AND `key` = \'' . $key . '\''); } else { $db->query('DELETE FROM `' . getModeDetails($mode, 'TABLE_BILLING_INVOICE_CHANGES', 'table') . '` WHERE `' . getModeDetails($mode, 'TABLE_BILLING_INVOICE_CHANGES', 'key') . '` = \'' . $db->escape($id) . '\''); } cacheInvoiceFees($mode, null, null, $id); redirectTo($filename, array('s' => $s, 'id' => $id, 'mode' => $mode, 'page' => $page)); } else { if (isset($key) && $key != '') { ask_yesno('billing_invoice_row_reallyreset_key', $filename, array('id' => $id, 'mode' => $mode, 'page' => $page, 'action' => $action, 'key' => $key)); } else { ask_yesno('billing_invoice_row_reallyreset', $filename, array('id' => $id, 'mode' => $mode, 'page' => $page, 'action' => $action)); } } } if ($action == 'fixinvoice') { $invoice_number_preset = strtr($lng['invoice']['invoicenumbertemplate'], array('{number}' => (int) $settings['billing']['invoicenumber_count'] + 1, '{year}' => date('Y'), '{month}' => date('m'), '{day}' => date('d'))); if (isset($_POST['send']) && $_POST['send'] == 'send') { $invoice_number = validate($_POST['invoice_number'], html_entity_decode($lng['billing']['number'])); if (isset($lng['invoice']['states'][$_POST['state']])) { $state = intval($_POST['state']); } $myInvoice = new invoice(&$db, $mode, explode('-', $user['customer_categories_once']), explode('-', $user['customer_categories_period'])); if ($myInvoice->collect($id, true) === true) { $invoiceXmlString = $myInvoice->exportXml($lng, $invoice_number); $invoiceXml = new SimpleXMLElement($invoiceXmlString); $db->query('INSERT INTO `' . getModeDetails($mode, 'TABLE_BILLING_INVOICES', 'table') . '` (`' . getModeDetails($mode, 'TABLE_BILLING_INVOICES', 'key') . '`, `xml`, `invoice_date`, `invoice_number`, `state`, `state_change`, `total_fee`, `total_fee_taxed`) VALUES(\'' . $db->escape($id) . '\', \'' . $db->escape($invoiceXmlString) . '\', \'' . $db->escape(date('Y-m-d')) . '\', \'' . $db->escape($invoice_number) . '\', \'' . $db->escape($state) . '\', \'' . time() . '\', \'' . $db->escape((string) $invoiceXml->total_fee[0]) . '\', \'' . $db->escape((string) $invoiceXml->total_fee_taxed[0]) . '\' ) ');