if (Settings::Get('system.mod_fcgid') == '1' && Settings::Get('system.mod_fcgid_defaultini') == $id || Settings::Get('phpfpm.enabled') == '1' && Settings::Get('phpfpm.defaultini') == $id) {
standard_error('cannotdeletedefaultphpconfig');
}
if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1 && $id != 1) {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
// set php-config to default for all domains using the
// config that is to be deleted
$upd_stmt = Database::prepare("\n\t\t\t\t\tUPDATE `" . TABLE_PANEL_DOMAINS . "` SET\n\t\t\t\t\t`phpsettingid` = '1' WHERE `phpsettingid` = :id");
Database::pexecute($upd_stmt, array('id' => $id));
$del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id");
Database::pexecute($del_stmt, array('id' => $id));
inserttask('1');
$log->logAction(ADM_ACTION, LOG_INFO, "php.ini setting with id #" . (int) $id . " has been deleted by '" . $userinfo['loginname'] . "'");
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
ask_yesno('phpsetting_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['description']);
}
} else {
standard_error('nopermissionsorinvalidid');
}
}
if ($action == 'edit') {
$result_stmt = Database::prepare("\n\t\t\tSELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "` WHERE `id` = :id");
$result = Database::pexecute_first($result_stmt, array('id' => $id));
if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['change_serversettings'] == 1) {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$description = validate($_POST['description'], 'description');
$phpsettings = validate(str_replace("\r\n", "\n", $_POST['phpsettings']), 'phpsettings', '/^[^\\0]*$/');
if (Settings::Get('system.mod_fcgid') == 1) {
$binary = makeCorrectFile(validate($_POST['binary'], 'binary'));
$file_extensions = validate($_POST['file_extensions'], 'file_extensions', '/^[a-zA-Z0-9\\s]*$/');
$taxclass = isset($taxclasses[$_POST['taxclass']]) ? $_POST['taxclass'] : '1';
$db->query('INSERT INTO `' . TABLE_BILLING_TAXRATES . '` (`taxclass`, `taxrate`, `valid_from`) VALUES( \'' . $db->escape($taxclass) . '\', \'' . $db->escape($taxrate) . '\', \'' . $db->escape($valid_from) . '\' ) ');
redirectTo($filename, array('s' => $s));
} else {
$valid_from = date('Y-m-d');
eval('echo "' . getTemplate('billing/taxrates_add') . '";');
}
}
if ($action == 'delete') {
$result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_TAXRATES . '` WHERE `taxid` = \'' . $id . '\' ');
if ($result['taxid'] == $id && $id != '0') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$db->query('DELETE FROM `' . TABLE_BILLING_TAXRATES . '` WHERE `taxid` = \'' . $id . '\' ');
redirectTo($filename, array('s' => $s));
} else {
ask_yesno('billing_taxrate_reallydelete', $filename, array('id' => $id, 'action' => $action), $taxclasses[$result['taxclass']] . ' - ' . $result['taxrate']);
}
}
}
if ($action == 'edit') {
$result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_TAXRATES . '` WHERE `taxid` = \'' . $id . '\' ');
if ($result['taxid'] == $id && $id != '0') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$valid_from = validate($_POST['valid_from'], html_entity_decode($lng['service']['valid_from']), '/^(19|20)\\d\\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', ''));
if (isset($_POST['taxrate'])) {
$taxrate = doubleval(str_replace(',', '.', $_POST['taxrate']));
} elseif (isset($_POST['taxrate_percent'])) {
$taxrate = doubleval(str_replace(',', '.', $_POST['taxrate_percent'])) / 100;
} else {
$texrate = $result['taxrate'];
}
$db_root->query('DELETE FROM `mysql`.`user` WHERE `User` = "' . $db_root->escape($result['databasename']) . '" AND `Host` = "' . $db_root->escape($mysql_access_host) . '"');
}
$db_root->query('DROP DATABASE IF EXISTS `' . $db_root->escape($result['databasename']) . '`');
$db_root->query('FLUSH PRIVILEGES');
$db_root->close();
// End root-session
$db->query('DELETE FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int) $userinfo['customerid'] . '" AND `id`="' . (int) $id . '"');
if ($userinfo['mysqls_used'] == '1') {
$resetaccnumber = " , `mysql_lastaccountnumber`='0' ";
} else {
$resetaccnumber = '';
}
$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`-1 ' . $resetaccnumber . 'WHERE `customerid`="' . (int) $userinfo['customerid'] . '"');
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
ask_yesno('mysql_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['databasename']);
}
}
} elseif ($action == 'add') {
if ($userinfo['mysqls_used'] < $userinfo['mysqls'] || $userinfo['mysqls'] == '-1') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$password = validate($_POST['mysql_password'], 'password');
if ($password == '') {
standard_error(array('stringisempty', 'mypassword'));
} else {
$username = $userinfo['loginname'] . $settings['customer']['mysqlprefix'] . (intval($userinfo['mysql_lastaccountnumber']) + 1);
if (count($sql_root) > 1) {
$dbserver = validate($_POST['mysql_server'], html_entity_decode($lng['mysql']['mysql_server']), '', '', 0);
if (!isset($sql_root[$dbserver]) || !is_array($sql_root[$dbserver])) {
$dbserver = 0;
}
break;
default:
$_action = $lng['logger']['unknown'];
break;
}
$row['action'] = $_action;
eval("\$log.=\"" . getTemplate('logger/logger_action') . "\";");
}
$log_count++;
$row['type'] = getLogLevelDesc($row['type']);
eval("\$log.=\"" . getTemplate('logger/logger_log') . "\";");
$count++;
$_action = $action;
}
$i++;
}
$i++;
}
eval("echo \"" . getTemplate('logger/logger') . "\";");
} elseif ($action == 'truncate') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$truncatedate = time() - 60 * 10;
$trunc_stmt = Database::prepare("\n\t\t\t\tDELETE FROM `" . TABLE_PANEL_LOG . "` WHERE `date` < :trunc");
Database::pexecute($trunc_stmt, array('trunc' => $truncatedate));
$log->logAction(ADM_ACTION, LOG_WARNING, 'truncated the system-log (mysql)');
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
ask_yesno('logger_reallytruncate', $filename, array('page' => $page, 'action' => $action), TABLE_PANEL_LOG);
}
}
}
}
} else {
standard_error('allresourcesused');
}
} elseif ($action == 'delete' && $id != 0) {
$result = $db->query_first("SELECT `id`, `email`, `email_full`, `iscatchall`, `destination`, `customerid`, `popaccountid` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `id`='" . (int) $id . "'");
if (isset($result['destination']) && $result['destination'] != '') {
if (isset($_POST['forwarderid'])) {
$forwarderid = intval($_POST['forwarderid']);
} elseif (isset($_GET['forwarderid'])) {
$forwarderid = intval($_GET['forwarderid']);
} else {
$forwarderid = 0;
}
$result['destination'] = explode(' ', $result['destination']);
if (isset($result['destination'][$forwarderid]) && $result['email'] != $result['destination'][$forwarderid]) {
$forwarder = $result['destination'][$forwarderid];
if (isset($_POST['send']) && $_POST['send'] == 'send') {
unset($result['destination'][$forwarderid]);
$result['destination'] = implode(' ', $result['destination']);
$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `destination` = '" . $db->escape(makeCorrectDestination($result['destination'])) . "' WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `id`='" . (int) $id . "'");
$db->query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_forwarders_used` = `email_forwarders_used` - 1 WHERE `customerid`='" . (int) $userinfo['customerid'] . "'");
$log->logAction(USR_ACTION, LOG_NOTICE, "deleted email forwarder for '" . $result['email_full'] . "'");
redirectTo($filename, array('page' => 'emails', 'action' => 'edit', 'id' => $id, 's' => $s));
} else {
ask_yesno('email_reallydelete_forwarder', $filename, array('id' => $id, 'forwarderid' => $forwarderid, 'page' => $page, 'action' => $action), $idna_convert->decode($result['email_full']) . ' -> ' . $idna_convert->decode($forwarder));
}
}
}
}
}
if (isset($result['username']) && $result['username'] != $userinfo['loginname']) {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$db->query('UPDATE `' . TABLE_FTP_USERS . "` SET `up_count`=`up_count`+'" . (int) $result['up_count'] . "', `up_bytes`=`up_bytes`+'" . (int) $result['up_bytes'] . "', `down_count`=`down_count`+'" . (int) $result['down_count'] . "', `down_bytes`=`down_bytes`+'" . (int) $result['down_bytes'] . "' WHERE `username`='" . $db->escape($userinfo['loginname']) . "'");
$db->query('DELETE FROM `' . TABLE_FTP_USERS . "` WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `id`='" . (int) $id . "'");
$log->logAction(USR_ACTION, LOG_INFO, "deleted ftp-account '" . $result['username'] . "'");
$db->query('UPDATE `' . TABLE_FTP_GROUPS . "` SET `members`=REPLACE(`members`,'," . $db->escape($result['username']) . "','') WHERE `customerid`='" . (int) $userinfo['customerid'] . "'");
// $db->query("DELETE FROM `".TABLE_FTP_GROUPS."` WHERE `customerid`='".$userinfo['customerid']."' AND `id`='$id'");
if ($userinfo['ftps_used'] == '1') {
$resetaccnumber = " , `ftp_lastaccountnumber`='0'";
} else {
$resetaccnumber = '';
}
$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . "` SET `ftps_used`=`ftps_used`-1 {$resetaccnumber} WHERE `customerid`='" . (int) $userinfo['customerid'] . "'");
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
ask_yesno('ftp_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['username']);
}
} else {
standard_error('ftp_cantdeletemainaccount');
}
} elseif ($action == 'add') {
if ($userinfo['ftps_used'] < $userinfo['ftps'] || $userinfo['ftps'] == '-1') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$path = validate($_POST['path'], 'path');
$password = validate($_POST['ftp_password'], 'password');
if ($settings['customer']['ftpatdomain'] == '1') {
$ftpusername = validate($_POST['ftp_username'], 'username', '/^[a-zA-Z0-9][a-zA-Z0-9\\-_]+\\$?$/');
if ($ftpusername == '') {
standard_error(array('stringisempty', 'username'));
}
$ftpdomain = $idna_convert->encode(validate($_POST['ftp_domain'], 'domain'));
$subject = htmlspecialchars($row['subject']);
$message = htmlspecialchars($row['message']);
$checked = '';
if ($row['enabled'] == 1) {
$checked = "checked=\"checked\"";
}
eval("echo \"" . getTemplate("email/autoresponder_edit") . "\";");
} else {
if ($action == "delete") {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$account = trim($_POST['account']);
// Does autoresponder exist?
$result = $db->query("SELECT `email` FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int) $userinfo['customerid'] . "' AND `email` = '" . $db->escape($account) . "' LIMIT 0,1");
if ($db->num_rows($result) == 0) {
standard_error('invalidautoresponder');
}
$db->query("DELETE FROM `" . TABLE_MAIL_AUTORESPONDER . "`\n\t\t\tWHERE `email` = '" . $db->escape($account) . "'\n\t\t\tAND `customerid` = '" . $db->escape((int) $userinfo['customerid']) . "'\n\t\t\t");
redirectTo($filename, array('s' => $s));
}
$email = trim(htmlspecialchars($_GET['email']));
ask_yesno('autoresponderdelete', $filename, array('action' => $action, 'account' => $email));
} else {
$autoresponder = '';
$result = $db->query("SELECT * FROM `" . TABLE_MAIL_AUTORESPONDER . "` WHERE `customerid` = '" . (int) $userinfo['customerid'] . "' ORDER BY email ASC");
while ($row = $db->fetch_array($result)) {
eval("\$autoresponder.=\"" . getTemplate("email/autoresponder_autoresponder") . "\";");
}
eval("echo \"" . getTemplate("email/autoresponder") . "\";");
}
}
}
$db_root->close();
// End root-session
$db->query('DELETE FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int) $userinfo['customerid'] . '" AND `id`="' . (int) $id . '"');
if ($userinfo['mysqls_used'] == '1') {
$resetaccnumber = " , `mysql_lastaccountnumber`='0' ";
} else {
$resetaccnumber = '';
}
$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`-1 ' . $resetaccnumber . 'WHERE `customerid`="' . (int) $userinfo['customerid'] . '"');
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
$dbnamedesc = $result['databasename'];
if (isset($result['description']) && $result['description'] != '') {
$dbnamedesc .= ' (' . $result['description'] . ')';
}
ask_yesno('mysql_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $dbnamedesc);
}
}
} elseif ($action == 'add') {
if ($userinfo['mysqls_used'] < $userinfo['mysqls'] || $userinfo['mysqls'] == '-1') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$password = validate($_POST['mysql_password'], 'password');
$password = validatePassword($password);
$sendinfomail = intval($_POST['sendinfomail']);
if ($sendinfomail != 1) {
$sendinfomail = 0;
}
if ($password == '') {
standard_error(array('stringisempty', 'mypassword'));
} else {
$username = $userinfo['loginname'] . $settings['customer']['mysqlprefix'] . (intval($userinfo['mysql_lastaccountnumber']) + 1);
standard_error('youcantdeleteyourself');
}
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :adminid\n\t\t\t\t");
Database::pexecute($del_stmt, array('adminid' => $id));
$del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_PANEL_TRAFFIC_ADMINS . "` WHERE `adminid` = :adminid\n\t\t\t\t");
Database::pexecute($del_stmt, array('adminid' => $id));
$upd_stmt = Database::prepare("\n\t\t\t\t\tUPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET\n\t\t\t\t\t`adminid` = :userid WHERE `adminid` = :adminid\n\t\t\t\t");
Database::pexecute($upd_stmt, array('userid' => $userinfo['userid'], 'adminid' => $id));
$upd_stmt = Database::prepare("\n\t\t\t\t\tUPDATE `" . TABLE_PANEL_DOMAINS . "` SET\n\t\t\t\t\t`adminid` = :userid WHERE `adminid` = :adminid\n\t\t\t\t");
Database::pexecute($upd_stmt, array('userid' => $userinfo['userid'], 'adminid' => $id));
$log->logAction(ADM_ACTION, LOG_INFO, "deleted admin '" . $result['loginname'] . "'");
updateCounters();
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
ask_yesno('admin_admin_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['loginname']);
}
}
} elseif ($action == 'add') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$name = validate($_POST['name'], 'name');
$email = $idna_convert->encode(validate($_POST['email'], 'email'));
$custom_notes = validate(str_replace("\r\n", "\n", $_POST['custom_notes']), 'custom_notes', '/^[^\\0]*$/');
$custom_notes_show = 0;
if (isset($_POST['custom_notes_show'])) {
$custom_notes_show = intval_ressource($_POST['custom_notes_show']);
}
$loginname = validate($_POST['loginname'], 'loginname');
$password = validate($_POST['admin_password'], 'password');
$password = validatePassword($password);
$def_language = validate($_POST['def_language'], 'default language');
ask_yesno('admin_template_reallydelete', $filename, array('subjectid' => $subjectid, 'mailbodyid' => $mailbodyid, 'page' => $page, 'action' => $action), $result['language'] . ' - ' . $lng['admin']['templates'][str_replace('_subject', '', $result['varname'])]);
}
}
} elseif ($action == 'deletef' && $id != 0) {
//file templates
$result_stmt = Database::prepare("\n\t\tSELECT * FROM `" . TABLE_PANEL_TEMPLATES . "`\n\t\tWHERE `adminid` = :adminid AND `id` = :id");
Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'id' => $id));
if (Database::num_rows() > 0) {
$row = $result_stmt->fetch(PDO::FETCH_ASSOC);
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$del_stmt = Database::prepare("\n\t\t\t\tDELETE FROM `" . TABLE_PANEL_TEMPLATES . "`\n\t\t\t\tWHERE `adminid` = :adminid AND `id` = :id");
Database::pexecute($del_stmt, array('adminid' => $userinfo['adminid'], 'id' => $id));
$log->logAction(ADM_ACTION, LOG_INFO, "deleted template '" . $lng['admin']['templates'][$row['varname']] . "'");
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
ask_yesno('admin_template_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $lng['admin']['templates'][$row['varname']]);
}
} else {
standard_error('templatenotfound');
exit;
}
} elseif ($action == 'add') {
if (Settings::Get('panel.sendalternativemail') == 1) {
$available_templates[] = 'pop_success_alternative';
}
if (isset($_POST['prepare']) && $_POST['prepare'] == 'prepare') {
//email templates
$language = htmlentities(validate($_POST['language'], 'language', '/^[^\\r\\n\\0"\']+$/', 'nolanguageselect'));
$template = validate($_POST['template'], 'template');
$lng_bak = $lng;
foreach ($langs['English'] as $key => $value) {
$interval_type = getIntervalTypes('option');
$service_active = makeyesno('service_active', '1', '0', '0');
$interval_payment = makeoption($lng['service']['interval_payment_prepaid'], '0', '0', true) . makeoption($lng['service']['interval_payment_postpaid'], '1', '0', true);
eval("echo \"" . getTemplate("billing/other_add") . "\";");
}
}
if ($action == 'delete') {
$result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_OTHER . '` WHERE `id` = \'' . $id . '\' ');
if ($result['id'] == $id && $id != '0') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$db->query('DELETE FROM `' . TABLE_BILLING_SERVICE_OTHER . '` WHERE `id` = \'' . $id . '\' ');
redirectTo($filename, array('s' => $s));
} else {
$result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_OTHER . '` WHERE `id` = \'' . $id . '\' ');
$result['valid_from'] = date('Y-m-d', $result['valid_from']);
ask_yesno('billing_other_service_reallydelete', $filename, array('id' => $id, 'action' => $action));
}
}
}
if ($action == 'edit') {
$result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_OTHER . '` WHERE `id` = \'' . $id . '\' ');
if ($result['id'] == $id && $id != '0') {
$override_billing_data_edit = isset($_GET['override_billing_data_edit']) && $_GET['override_billing_data_edit'] == '1' || isset($_POST['override_billing_data_edit']) && $_POST['override_billing_data_edit'] == '1';
$enable_billing_data_edit = $result['servicestart_date'] == '0000-00-00' || $result['interval_payment'] == CONST_BILLING_INTERVALPAYMENT_PREPAID && calculateDayDifference(time(), $result['lastinvoiced_date']) >= 0 || $override_billing_data_edit === true;
if (isset($_POST['send']) && $_POST['send'] == 'send') {
if ($enable_billing_data_edit === true) {
if (isset($_POST['templateid']) && intval($_POST['templateid']) != 0 && isset($other_templates[$_POST['templateid']])) {
$templateid = $_POST['templateid'];
} else {
$templateid = '0';
}
while ($array = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
$difference = Settings::Get('system.mail_quota') - $array['quota'];
Database::pexecute($upd_stmt, array('diff' => $difference, 'customerid' => $customerid));
}
}
// Set the new quota
$upd_stmt = Database::prepare("\n\t\t\tUPDATE `" . TABLE_MAIL_USERS . "` SET `quota` = :quota\n\t\t");
Database::pexecute($upd_stmt, array('quota' => Settings::Get('system.mail_quota')));
// Update the Customer, if the used quota is bigger than the allowed quota
Database::query("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `email_quota` = `email_quota_used` WHERE `email_quota` < `email_quota_used`");
$log->logAction(ADM_ACTION, LOG_WARNING, 'enforcing mailquota to all customers: ' . Settings::Get('system.mail_quota') . ' MB');
redirectTo($filename, array('s' => $s));
} else {
ask_yesno('admin_quotas_reallyenforce', $filename, array('page' => $page));
}
} elseif ($page == 'integritycheck' && $userinfo['change_serversettings'] == '1') {
$integrity = new IntegrityCheck();
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$integrity->fixAll();
} elseif (isset($_GET['action']) && $_GET['action'] == "fix") {
ask_yesno('admin_integritycheck_reallyfix', $filename, array('page' => $page));
}
$integritycheck = '';
foreach ($integrity->available as $id => $check) {
$displayid = $id + 1;
$result = $integrity->{$check}();
$checkdesc = $lng['integrity_check'][$check];
eval("\$integritycheck.=\"" . getTemplate("settings/integritycheck_row") . "\";");
}
eval("echo \"" . getTemplate("settings/integritycheck") . "\";");
}
} else {
$valid_from = date('Y-m-d');
$valid_to = date('Y-m-d');
$interval_type = getIntervalTypes('option');
$interval_payment = makeoption($lng['service']['interval_payment_prepaid'], '0', '0', true) . makeoption($lng['service']['interval_payment_postpaid'], '1', '0', true);
eval('echo "' . getTemplate('billing/other_templates_add') . '";');
}
}
if ($action == 'delete') {
$result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_OTHER_TEMPLATES . '` WHERE `templateid` = \'' . $id . '\' ');
if ($result['templateid'] == $id && $id != '0') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$db->query('DELETE FROM `' . TABLE_BILLING_SERVICE_OTHER_TEMPLATES . '` WHERE `templateid` = \'' . $id . '\' ');
redirectTo($filename, array('s' => $s));
} else {
ask_yesno('billing_other_template_reallydelete', $filename, array('id' => $id, 'action' => $action), $result['caption_setup'] . ' / ' . $result['caption_interval'] . ' (' . $result['valid_from'] . ' - ' . $result['valid_to'] . ')');
}
}
}
if ($action == 'edit') {
$result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_OTHER_TEMPLATES . '` WHERE `templateid` = \'' . $id . '\' ');
if ($result['templateid'] == $id && $id != '0') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$valid_from = validate($_POST['valid_from'], html_entity_decode($lng['service']['valid_from']), '/^(19|20)\\d\\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', ''));
$valid_to = validate($_POST['valid_to'], html_entity_decode($lng['service']['valid_to']), '/^(19|20)\\d\\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', ''));
if (isset($_POST['taxclass']) && intval($_POST['taxclass']) != 0 && isset($taxclasses[$_POST['taxclass']])) {
$taxclass = $_POST['taxclass'];
} else {
$taxclass = '0';
}
$interval_fee = doubleval(str_replace(',', '.', $_POST['interval_fee']));
/**
* This file is part of the SysCP project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.syscp.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <*****@*****.**>
* @license GPLv2 http://files.syscp.org/misc/COPYING.txt
*
* @version $Id$
*/
function processForm($form, $input, $url_params = array())
{
if (validateFormDefinition($form)) {
$submitted_fields = array();
$changed_fields = array();
$saved_fields = array();
foreach ($form['groups'] as $groupname => $groupdetails) {
if (validateFieldDefinition($groupdetails)) {
// Prefetch form fields
foreach ($groupdetails['fields'] as $fieldname => $fielddetails) {
$groupdetails['fields'][$fieldname] = array_merge_prefix($fielddetails, $fielddetails['type'], prefetchFormFieldData($fieldname, $fielddetails));
$form['groups'][$groupname]['fields'][$fieldname] = $groupdetails['fields'][$fieldname];
}
}
}
foreach ($form['groups'] as $groupname => $groupdetails) {
if (validateFieldDefinition($groupdetails)) {
// Validate fields
foreach ($groupdetails['fields'] as $fieldname => $fielddetails) {
$newfieldvalue = getFormFieldData($fieldname, $fielddetails, $input);
if (isset($fielddetails['value']) && $newfieldvalue != $fielddetails['value']) {
if (($error = validateFormField($fieldname, $fielddetails, $newfieldvalue)) !== true) {
standard_error($error, $fieldname);
} else {
$changed_fields[$fieldname] = $newfieldvalue;
}
}
$submitted_fields[$fieldname] = $newfieldvalue;
}
}
}
foreach ($form['groups'] as $groupname => $groupdetails) {
if (validateFieldDefinition($groupdetails)) {
// Check fields for plausibility
foreach ($groupdetails['fields'] as $fieldname => $fielddetails) {
if (($plausibility_check = checkPlausibilityFormField($fieldname, $fielddetails, $submitted_fields[$fieldname], $submitted_fields)) !== false) {
if (is_array($plausibility_check) && isset($plausibility_check[0])) {
if ($plausibility_check[0] == FORMFIELDS_PLAUSIBILITY_CHECK_OK) {
// Nothing to do here, everything's okay
} elseif ($plausibility_check[0] == FORMFIELDS_PLAUSIBILITY_CHECK_ERROR) {
unset($plausibility_check[0]);
$error = $plausibility_check[1];
unset($plausibility_check[1]);
$targetname = implode(' ', $plausibility_check);
standard_error($error, $targetname);
} elseif ($plausibility_check[0] == FORMFIELDS_PLAUSIBILITY_CHECK_QUESTION) {
unset($plausibility_check[0]);
$question = $plausibility_check[1];
unset($plausibility_check[1]);
$targetname = implode(' ', $plausibility_check);
if (!isset($input[$question])) {
if (is_array($url_params) && isset($url_params['filename'])) {
$filename = $url_params['filename'];
unset($url_params['filename']);
} else {
$filename = '';
}
ask_yesno($question, $filename, array_merge($url_params, $submitted_fields, array($question => $question)), $targetname);
}
} else {
standard_error('plausibilitychecknotunderstood');
}
}
}
}
}
}
foreach ($form['groups'] as $groupname => $groupdetails) {
if (validateFieldDefinition($groupdetails)) {
// Save fields
foreach ($groupdetails['fields'] as $fieldname => $fielddetails) {
if (isset($changed_fields[$fieldname])) {
if (($saved_field = saveFormField($fieldname, $fielddetails, manipulateFormFieldData($fieldname, $fielddetails, $changed_fields[$fieldname]))) !== false) {
$saved_fields = array_merge($saved_fields, $saved_field);
} else {
standard_error('errorwhensaving', $fieldname);
}
}
}
}
}
// Save form
return saveForm($form, $saved_fields);
}
}
eval("\$htaccess.=\"" . getTemplate("extras/htaccess_htaccess") . "\";");
$count++;
}
$i++;
}
eval("echo \"" . getTemplate("extras/htaccess") . "\";");
} elseif ($action == 'delete' && $id != 0) {
$result = $db->query_first("SELECT * FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `id`='" . (int) $id . "'");
if (isset($result['customerid']) && $result['customerid'] != '' && $result['customerid'] == $userinfo['customerid']) {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$db->query("DELETE FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `customerid`='" . (int) $userinfo['customerid'] . "' AND `id`='" . (int) $id . "'");
$log->logAction(USR_ACTION, LOG_INFO, "deleted htaccess for '" . str_replace($userinfo['documentroot'], '', $result['path']) . "'");
inserttask('1');
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
ask_yesno('extras_reallydelete_pathoptions', $filename, array('id' => $id, 'page' => $page, 'action' => $action), str_replace($userinfo['documentroot'], '', $result['path']));
}
}
} elseif ($action == 'add') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$path = makeCorrectDir(validate($_POST['path'], 'path'));
$userpath = $path;
$path = makeCorrectDir($userinfo['documentroot'] . '/' . $path);
$path_dupe_check = $db->query_first("SELECT `id`, `path` FROM `" . TABLE_PANEL_HTACCESS . "` WHERE `path`='" . $db->escape($path) . "' AND `customerid`='" . (int) $userinfo['customerid'] . "'");
if (!$_POST['path']) {
standard_error('invalidpath');
}
if ($_POST['error404path'] === '' || validateUrl($idna_convert->encode($_POST['error404path']))) {
$error404path = $_POST['error404path'];
} else {
standard_error('mustbeurl');
$del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_DOMAINTOIP . "`\n\t\t\t\t\tWHERE `id_domain` = :domainid");
Database::pexecute($del_stmt, array('domainid' => $id));
$del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_PANEL_DOMAINREDIRECTS . "`\n\t\t\t\t\tWHERE `did` = :domainid");
Database::pexecute($del_stmt, array('domainid' => $id));
// remove certificate from domain_ssl_settings, fixes #1596
$del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_PANEL_DOMAIN_SSL_SETTINGS . "`\n\t\t\t\t\tWHERE `domainid` = :domainid");
Database::pexecute($del_stmt, array('domainid' => $id));
// remove possible existing DNS entries
$del_stmt = Database::prepare("\n\t\t\t\t\tDELETE FROM `" . TABLE_DOMAIN_DNS . "`\n\t\t\t\t\tWHERE `domain_id` = :domainid\n\t\t\t\t");
Database::pexecute($del_stmt, array('domainid' => $id));
inserttask('1');
// Using nameserver, insert a task which rebuilds the server config
inserttask('4');
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
ask_yesno('domains_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $idna_convert->decode($result['domain']));
}
} else {
standard_error('domains_cantdeletemaindomain');
}
} elseif ($action == 'add') {
if ($userinfo['subdomains_used'] < $userinfo['subdomains'] || $userinfo['subdomains'] == '-1') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
if (strpos($_POST['subdomain'], '--') !== false) {
standard_error('domain_nopunycode');
}
$subdomain = $idna_convert->encode(preg_replace(array('/\\:(\\d)+$/', '/^https?\\:\\/\\//'), '', validate($_POST['subdomain'], 'subdomain', '', 'subdomainiswrong')));
$domain = $_POST['domain'];
$domain_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DOMAINS . "`\n\t\t\t\t\tWHERE `domain` = :domain\n\t\t\t\t\tAND `customerid` = :customerid\n\t\t\t\t\tAND `parentdomainid` = '0'\n\t\t\t\t\tAND `email_only` = '0'\n\t\t\t\t\tAND `caneditdomain` = '1'");
$domain_check = Database::pexecute_first($domain_stmt, array("domain" => $domain, "customerid" => $userinfo['customerid']));
$completedomain = $subdomain . '.' . $domain;
$result_stmt = Database::prepare("\n\t\t\t\t\t\t\tSELECT `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "`\n\t\t\t\t\t\t\tWHERE `id` = :id");
$result = Database::pexecute_first($result_stmt, array('id' => $id));
if ($result['ip'] != '') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$del_stmt = Database::prepare("\n\t\t\t\t\t\t\t\t\tDELETE FROM `" . TABLE_PANEL_IPSANDPORTS . "`\n\t\t\t\t\t\t\t\t\tWHERE `id` = :id");
Database::pexecute($del_stmt, array('id' => $id));
// also, remove connections to domains (multi-stack)
$del_stmt = Database::prepare("\n\t\t\t\t\t\t\t\t\tDELETE FROM `" . TABLE_DOMAINTOIP . "` WHERE `id_ipandports` = :id");
Database::pexecute($del_stmt, array('id' => $id));
$log->logAction(ADM_ACTION, LOG_WARNING, "deleted IP/port '" . $result['ip'] . ":" . $result['port'] . "'");
inserttask('1');
// Using nameserver, insert a task which rebuilds the server config
inserttask('4');
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
ask_yesno('admin_ip_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['ip'] . ':' . $result['port']);
}
}
} else {
standard_error('cantdeletesystemip');
}
} else {
standard_error('cantdeletedefaultip');
}
} else {
standard_error('ipstillhasdomains');
}
}
} elseif ($action == 'add') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$ip = validate_ip($_POST['ip']);
} else {
ask_yesno('admin_cleartextmailpws_reallywipe', $filename, array('page' => $page));
}
} elseif ($page == 'wipequotas' && $userinfo['change_serversettings'] == '1') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$log->logAction(ADM_ACTION, LOG_WARNING, "wiped all mailquotas");
// Set the quota to 0 which means unlimited
$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `quota`='0' ");
$db->query("UPDATE " . TABLE_PANEL_CUSTOMERS . " SET `email_quota_used` = 0");
redirectTo('admin_settings.php', array('s' => $s));
} else {
ask_yesno('admin_quotas_reallywipe', $filename, array('page' => $page));
}
} elseif ($page == 'enforcequotas' && $userinfo['change_serversettings'] == '1') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
// Fetch all accounts
$result = $db->query("SELECT `quota`, `customerid` FROM " . TABLE_MAIL_USERS);
while ($array = $db->fetch_array($result)) {
$difference = $settings['system']['mail_quota'] - $array['quota'];
$db->query("UPDATE " . TABLE_PANEL_CUSTOMERS . " SET `email_quota_used` = `email_quota_used` + " . (int) $difference . " WHERE `customerid` = '" . $array['customerid'] . "'");
}
// Set the new quota
$db->query("UPDATE `" . TABLE_MAIL_USERS . "` SET `quota`='" . $settings['system']['mail_quota'] . "'");
// Update the Customer, if the used quota is bigger than the allowed quota
$db->query("UPDATE " . TABLE_PANEL_CUSTOMERS . " SET `email_quota` = `email_quota_used` WHERE `email_quota` < `email_quota_used`");
$log->logAction(ADM_ACTION, LOG_WARNING, 'enforcing mailquota to all customers: ' . $settings['system']['mail_quota'] . ' MB');
redirectTo('admin_settings.php', array('s' => $s));
} else {
ask_yesno('admin_quotas_reallyenforce', $filename, array('page' => $page));
}
}
while ($row2 = $db->fetch_array($andere)) {
$subticket = ticket::getInstanceOf($userinfo, $db, $settings, (int) $row2['id']);
$lastchange = date("d.m.Y H:i\\h", $subticket->Get('lastchange'));
if ($subticket->Get('by') == '1') {
$by = $lng['ticket']['staff'];
} else {
$by = $lng['ticket']['customer'];
}
$subject = htmlentities($subticket->Get('subject'));
$message = htmlentities($subticket->Get('message'));
eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_list") . "\";");
}
$priorities = makeoption($lng['ticket']['high'], '1', htmlentities($mainticket->Get('priority')), true, true);
$priorities .= makeoption($lng['ticket']['normal'], '2', htmlentities($mainticket->Get('priority')), true, true);
$priorities .= makeoption($lng['ticket']['low'], '3', htmlentities($mainticket->Get('priority')), true, true);
$subject = htmlentities($mainticket->Get('subject'));
$ticket_replies_count = $db->num_rows($andere) + 1;
// don't forget the main-ticket!
eval("echo \"" . getTemplate("tickets/tickets_view") . "\";");
} elseif ($action == 'delete' && $id != 0) {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int) $id);
$log->logAction(ADM_ACTION, LOG_INFO, "deleted archived ticket '" . $mainticket->Get('subject') . "'");
$mainticket->Delete();
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int) $id);
ask_yesno('ticket_reallydelete', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
}
}
}
} else {
$valid_from = date('Y-m-d');
$valid_to = date('Y-m-d');
$interval_type = getIntervalTypes('option');
$interval_payment = makeoption($lng['service']['interval_payment_prepaid'], '0', '0', true) . makeoption($lng['service']['interval_payment_postpaid'], '1', '0', true);
eval('echo "' . getTemplate('billing/domains_templates_add') . '";');
}
}
if ($action == 'delete') {
$result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_DOMAINS_TEMPLATES . '` WHERE `id` = \'' . $id . '\' ');
if ($result['id'] == $id && $id != '0') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$db->query('DELETE FROM `' . TABLE_BILLING_SERVICE_DOMAINS_TEMPLATES . '` WHERE `id` = \'' . $id . '\' ');
redirectTo($filename, array('s' => $s));
} else {
ask_yesno('billing_domains_template_reallydelete', $filename, array('id' => $id, 'action' => $action), $result['tld'] . ' (' . $result['valid_from'] . ' - ' . $result['valid_to'] . ')');
}
}
}
if ($action == 'edit') {
$result = $db->query_first('SELECT * FROM `' . TABLE_BILLING_SERVICE_DOMAINS_TEMPLATES . '` WHERE `id` = \'' . $id . '\' ');
if ($result['id'] == $id && $id != '0') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$valid_from = validate($_POST['valid_from'], html_entity_decode($lng['service']['valid_from']), '/^(19|20)\\d\\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', ''));
$valid_to = validate($_POST['valid_to'], html_entity_decode($lng['service']['valid_to']), '/^(19|20)\\d\\d[-](0[1-9]|1[012])[-](0[1-9]|[12][0-9]|3[01])$/', '', array('0000-00-00', '0', ''));
if (isset($taxclasses[$_POST['taxclass']])) {
$taxclass = $_POST['taxclass'];
} else {
$taxclass_keys = array_keys($taxclasses);
$taxclass = $taxclass_keys[0];
unset($taxclass_keys);
redirectTo('index.php', array('action' => 'login'));
}
} elseif ($action == 'unlock' && $id != 0) {
$result_stmt = Database::prepare("\n\t\t\tSELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "`\n\t\t\tWHERE `customerid` = :id" . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid"));
$result_data = array('id' => $id);
if ($userinfo['customers_see_all'] == '0') {
$result_data['adminid'] = $userinfo['adminid'];
}
$result = Database::pexecute_first($result_stmt, $result_data);
if ($result['loginname'] != '') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$result_stmt = Database::prepare("\n\t\t\t\t\tUPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET\n\t\t\t\t\t`loginfail_count` = '0'\n\t\t\t\t\tWHERE `customerid`= :id");
Database::pexecute($result_stmt, array('id' => $id));
redirectTo($filename, array('page' => $page, 's' => $s));
} else {
ask_yesno('customer_reallyunlock', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $result['loginname']);
}
}
} elseif ($action == 'delete' && $id != 0) {
$result_stmt = Database::prepare("\n\t\t\tSELECT * FROM `" . TABLE_PANEL_CUSTOMERS . "`\n\t\t\tWHERE `customerid` = :id" . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid"));
$params = array('id' => $id);
if ($userinfo['customers_see_all'] == '0') {
$params['adminid'] = $userinfo['adminid'];
}
$result = Database::pexecute_first($result_stmt, $params);
if ($result['loginname'] != '') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$databases_stmt = Database::prepare("\n\t\t\t\t\tSELECT * FROM `" . TABLE_PANEL_DATABASES . "`\n\t\t\t\t\tWHERE `customerid` = :id ORDER BY `dbserver`");
Database::pexecute($databases_stmt, array('id' => $id));
Database::needRoot(true);
$last_dbserver = 0;
if ($aliasdomain_check['id'] != $aliasdomain) {
standard_error('domainisaliasorothercustomer');
}
if ($issubof <= '0') {
$issubof = '0';
}
if ($serveraliasoption != '1' && $serveraliasoption != '2') {
$serveraliasoption = '0';
}
$params = array('id' => $id, 'page' => $page, 'action' => $action, 'customerid' => $customerid, 'adminid' => $adminid, 'documentroot' => $documentroot, 'alias' => $aliasdomain, 'isbinddomain' => $isbinddomain, 'isemaildomain' => $isemaildomain, 'email_only' => $email_only, 'subcanemaildomain' => $subcanemaildomain, 'caneditdomain' => $caneditdomain, 'zonefile' => $zonefile, 'dkim' => $dkim, 'selectserveralias' => $serveraliasoption, 'ssl_redirect' => $ssl_redirect, 'openbasedir' => $openbasedir, 'phpsettingid' => $phpsettingid, 'mod_fcgid_starter' => $mod_fcgid_starter, 'mod_fcgid_maxrequests' => $mod_fcgid_maxrequests, 'specialsettings' => $specialsettings, 'registration_date' => $registration_date, 'issubof' => $issubof, 'speciallogfile' => $speciallogfile, 'speciallogverified' => $speciallogverified, 'ipandport' => serialize($ipandports), 'ssl_ipandport' => serialize($ssl_ipandports));
$security_questions = array('reallydisablesecuritysetting' => $openbasedir == '0' && $userinfo['change_serversettings'] == '1', 'reallydocrootoutofcustomerroot' => substr($documentroot, 0, strlen($customer['documentroot'])) != $customer['documentroot'] && !preg_match('/^https?\\:\\/\\//', $documentroot));
foreach ($security_questions as $question_name => $question_launch) {
if ($question_launch !== false) {
$params[$question_name] = $question_name;
if (!isset($_POST[$question_name]) || $_POST[$question_name] != $question_name) {
ask_yesno('admin_domain_' . $question_name, $filename, $params);
exit;
}
}
}
$wwwserveralias = $serveraliasoption == '1' ? '1' : '0';
$iswildcarddomain = $serveraliasoption == '0' ? '1' : '0';
if ($documentroot != $result['documentroot'] || $ssl_redirect != $result['ssl_redirect'] || $wwwserveralias != $result['wwwserveralias'] || $iswildcarddomain != $result['iswildcarddomain'] || $openbasedir != $result['openbasedir'] || $phpsettingid != $result['phpsettingid'] || $mod_fcgid_starter != $result['mod_fcgid_starter'] || $mod_fcgid_maxrequests != $result['mod_fcgid_maxrequests'] || $specialsettings != $result['specialsettings'] || $aliasdomain != $result['aliasdomain'] || $issubof != $result['ismainbutsubto'] || $email_only != $result['email_only'] || $speciallogfile != $result['speciallogfile'] && $speciallogverified == '1') {
inserttask('1');
}
if ($speciallogfile != $result['speciallogfile'] && $speciallogverified != '1') {
$speciallogfile = $result['speciallogfile'];
}
if ($isbinddomain != $result['isbinddomain'] || $zonefile != $result['zonefile'] || $dkim != $result['dkim']) {
inserttask('4');
}
} else {
$key = '';
}
if (isset($_POST['send']) && $_POST['send'] == 'send') {
if (isset($key) && $key != '') {
$db->query('DELETE FROM `' . getModeDetails($mode, 'TABLE_BILLING_INVOICE_CHANGES', 'table') . '` WHERE `' . getModeDetails($mode, 'TABLE_BILLING_INVOICE_CHANGES', 'key') . '` = \'' . $db->escape($id) . '\' AND `key` = \'' . $key . '\'');
} else {
$db->query('DELETE FROM `' . getModeDetails($mode, 'TABLE_BILLING_INVOICE_CHANGES', 'table') . '` WHERE `' . getModeDetails($mode, 'TABLE_BILLING_INVOICE_CHANGES', 'key') . '` = \'' . $db->escape($id) . '\'');
}
cacheInvoiceFees($mode, null, null, $id);
redirectTo($filename, array('s' => $s, 'id' => $id, 'mode' => $mode, 'page' => $page));
} else {
if (isset($key) && $key != '') {
ask_yesno('billing_invoice_row_reallyreset_key', $filename, array('id' => $id, 'mode' => $mode, 'page' => $page, 'action' => $action, 'key' => $key));
} else {
ask_yesno('billing_invoice_row_reallyreset', $filename, array('id' => $id, 'mode' => $mode, 'page' => $page, 'action' => $action));
}
}
}
if ($action == 'fixinvoice') {
$invoice_number_preset = strtr($lng['invoice']['invoicenumbertemplate'], array('{number}' => (int) $settings['billing']['invoicenumber_count'] + 1, '{year}' => date('Y'), '{month}' => date('m'), '{day}' => date('d')));
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$invoice_number = validate($_POST['invoice_number'], html_entity_decode($lng['billing']['number']));
if (isset($lng['invoice']['states'][$_POST['state']])) {
$state = intval($_POST['state']);
}
$myInvoice = new invoice(&$db, $mode, explode('-', $user['customer_categories_once']), explode('-', $user['customer_categories_period']));
if ($myInvoice->collect($id, true) === true) {
$invoiceXmlString = $myInvoice->exportXml($lng, $invoice_number);
$invoiceXml = new SimpleXMLElement($invoiceXmlString);
$db->query('INSERT INTO `' . getModeDetails($mode, 'TABLE_BILLING_INVOICES', 'table') . '` (`' . getModeDetails($mode, 'TABLE_BILLING_INVOICES', 'key') . '`, `xml`, `invoice_date`, `invoice_number`, `state`, `state_change`, `total_fee`, `total_fee_taxed`) VALUES(\'' . $db->escape($id) . '\', \'' . $db->escape($invoiceXmlString) . '\', \'' . $db->escape(date('Y-m-d')) . '\', \'' . $db->escape($invoice_number) . '\', \'' . $db->escape($state) . '\', \'' . time() . '\', \'' . $db->escape((string) $invoiceXml->total_fee[0]) . '\', \'' . $db->escape((string) $invoiceXml->total_fee_taxed[0]) . '\' ) ');
