function add_ip(&$tpl, &$sql)
{
global $ip_number_1, $ip_number_2, $ip_number_3, $ip_number_4;
global $domain, $alias;
if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_ip') {
if (check_user_data()) {
//add ip
global $ip_number_1, $ip_number_2, $ip_number_3, $ip_number_4;
$ip_number = trim($ip_number_1) . '.' . trim($ip_number_2) . '.' . trim($ip_number_3) . '.' . trim($ip_number_4);
$query = <<<SQL_QUERY
insert into server_ips
(ip_number,ip_domain,ip_alias)
values
(?,?,?)
SQL_QUERY;
$rs = exec_query($sql, $query, array($ip_number, htmlspecialchars($domain, ENT_QUOTES, "UTF-8"), htmlspecialchars($alias, ENT_QUOTES, "UTF-8")));
set_page_message(tr('New IP was added!'));
$user_logged = $_SESSION['user_logged'];
write_log("{$user_logged}: add new IP4 address: {$ip_number}");
}
$tpl->assign(array('VALUE_IP1' => $_POST['ip_number_1'], 'VALUE_IP2' => $_POST['ip_number_2'], 'VALUE_IP3' => $_POST['ip_number_3'], 'VALUE_IP4' => $_POST['ip_number_4'], 'VALUE_DOMAIN' => $_POST['domain'], 'VALUE_ALIAS' => $_POST['alias']));
} else {
$tpl->assign(array('VALUE_IP1' => '', 'VALUE_IP2' => '', 'VALUE_IP3' => '', 'VALUE_IP4' => '', 'VALUE_DOMAIN' => '', 'VALUE_ALIAS' => ''));
}
}
/**
* @param EasySCP_TemplateEngine $tpl
*/
function add_reseller($tpl)
{
global $reseller_ips;
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_reseller') {
if (check_user_data()) {
$upass = crypt_user_pass($_POST['pass']);
$user_id = $_SESSION['user_id'];
$username = clean_input($_POST['username']);
$fname = clean_input($_POST['fname']);
$lname = clean_input($_POST['lname']);
$gender = clean_input($_POST['gender']);
$firm = clean_input($_POST['firm']);
$zip = clean_input($_POST['zip']);
$city = clean_input($_POST['city']);
$state = clean_input($_POST['state']);
$country = clean_input($_POST['country']);
$email = clean_input($_POST['email']);
$phone = clean_input($_POST['phone']);
$fax = clean_input($_POST['fax']);
$street1 = clean_input($_POST['street1']);
$street2 = clean_input($_POST['street2']);
$query = "\n\t\t\t\tINSERT INTO `admin` (\n\t\t\t\t\t`admin_name`,\n\t\t\t\t\t`admin_pass`,\n\t\t\t\t\t`admin_type`,\n\t\t\t\t\t`domain_created`,\n\t\t\t\t\t`created_by`,\n\t\t\t\t\t`fname`,\n\t\t\t\t\t`lname`,\n\t\t\t\t\t`firm`,\n\t\t\t\t\t`zip`,\n\t\t\t\t\t`city`,\n\t\t\t\t\t`state`,\n\t\t\t\t\t`country`,\n\t\t\t\t\t`email`,\n\t\t\t\t\t`phone`,\n\t\t\t\t\t`fax`,\n\t\t\t\t\t`street1`,\n\t\t\t\t\t`street2`,\n\t\t\t\t\t`gender`\n\t\t\t\t) VALUES (\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t'reseller',\n\t\t\t\t\tunix_timestamp(),\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?\n\t\t\t\t)\n\t\t\t";
exec_query($sql, $query, array($username, $upass, $user_id, $fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender));
$new_admin_id = $sql->insertId();
$user_logged = $_SESSION['user_logged'];
write_log("{$user_logged}: add reseller: {$username}");
// $user_def_lang = $cfg->USER_INITIAL_LANG;
$user_def_lang = '';
// $user_theme_color = $cfg->USER_INITIAL_THEME;
$user_theme_color = '';
$query = "\n\t\t\t\tINSERT INTO `user_gui_props`\n\t\t\t\t\t(\n\t\t\t\t\t`user_id`,\n\t\t\t\t\t`lang`,\n\t\t\t\t\t`layout`\n\t\t\t\t\t)\n\t\t\t\tVALUES\n\t\t\t\t\t(?, ?, ?)\n\t\t\t";
exec_query($sql, $query, array($new_admin_id, $user_def_lang, $user_theme_color));
/*
* 'reseller_props' table entry;
*/
$nreseller_max_domain_cnt = clean_input($_POST['nreseller_max_domain_cnt']);
$nreseller_max_subdomain_cnt = clean_input($_POST['nreseller_max_subdomain_cnt']);
$nreseller_max_alias_cnt = clean_input($_POST['nreseller_max_alias_cnt']);
$nreseller_max_mail_cnt = clean_input($_POST['nreseller_max_mail_cnt']);
$nreseller_max_ftp_cnt = clean_input($_POST['nreseller_max_ftp_cnt']);
$nreseller_max_sql_db_cnt = clean_input($_POST['nreseller_max_sql_db_cnt']);
$nreseller_max_sql_user_cnt = clean_input($_POST['nreseller_max_sql_user_cnt']);
$nreseller_max_traffic = clean_input($_POST['nreseller_max_traffic']);
$nreseller_max_disk = clean_input($_POST['nreseller_max_disk']);
$customer_id = clean_input($_POST['customer_id']);
$support_system = clean_input($_POST['support_system']);
$query = "\n\t\t\t\tINSERT INTO `reseller_props` (\n\t\t\t\t\t`reseller_id`, `reseller_ips`,\n\t\t\t\t\t`max_dmn_cnt`, `current_dmn_cnt`,\n\t\t\t\t\t`max_sub_cnt`, `current_sub_cnt`,\n\t\t\t\t\t`max_als_cnt`, `current_als_cnt`,\n\t\t\t\t\t`max_mail_cnt`, `current_mail_cnt`,\n\t\t\t\t\t`max_ftp_cnt`, `current_ftp_cnt`,\n\t\t\t\t\t`max_sql_db_cnt`, `current_sql_db_cnt`,\n\t\t\t\t\t`max_sql_user_cnt`, `current_sql_user_cnt`,\n\t\t\t\t\t`max_traff_amnt`, `current_traff_amnt`,\n\t\t\t\t\t`max_disk_amnt`, `current_disk_amnt`,\n\t\t\t\t\t`support_system`, `customer_id`\n\t\t\t\t) VALUES (\n\t\t\t\t\t?, ?,\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, '0',\n\t\t\t\t\t?, ?\n\t\t\t\t)\n\t\t\t\t";
exec_query($sql, $query, array($new_admin_id, $reseller_ips, $nreseller_max_domain_cnt, $nreseller_max_subdomain_cnt, $nreseller_max_alias_cnt, $nreseller_max_mail_cnt, $nreseller_max_ftp_cnt, $nreseller_max_sql_db_cnt, $nreseller_max_sql_user_cnt, $nreseller_max_traffic, $nreseller_max_disk, $support_system, $customer_id));
send_add_user_auto_msg($user_id, clean_input($_POST['username']), $_POST['pass'], clean_input($_POST['email']), clean_input($_POST['fname']), clean_input($_POST['lname']), tr('Reseller'), $gender);
$_SESSION['reseller_added'] = 1;
user_goto('manage_users.php');
} else {
$tpl->assign(array('EMAIL' => clean_input($_POST['email'], true), 'USERNAME' => clean_input($_POST['username'], true), 'FIRST_NAME' => clean_input($_POST['fname'], true), 'CUSTOMER_ID' => clean_input($_POST['customer_id'], true), 'LAST_NAME' => clean_input($_POST['lname'], true), 'FIRM' => clean_input($_POST['firm'], true), 'ZIP' => clean_input($_POST['zip'], true), 'CITY' => clean_input($_POST['city'], true), 'STATE' => clean_input($_POST['state'], true), 'COUNTRY' => clean_input($_POST['country'], true), 'STREET_1' => clean_input($_POST['street1'], true), 'STREET_2' => clean_input($_POST['street2'], true), 'PHONE' => clean_input($_POST['phone'], true), 'FAX' => clean_input($_POST['fax'], true), 'VL_MALE' => $_POST['gender'] == 'M' ? $cfg->HTML_SELECTED : '', 'VL_FEMALE' => $_POST['gender'] == 'F' ? $cfg->HTML_SELECTED : '', 'VL_UNKNOWN' => $_POST['gender'] == 'U' || empty($_POST['gender']) ? $cfg->HTML_SELECTED : '', 'MAX_DOMAIN_COUNT' => clean_input($_POST['nreseller_max_domain_cnt'], true), 'MAX_SUBDOMAIN_COUNT' => clean_input($_POST['nreseller_max_subdomain_cnt'], true), 'MAX_ALIASES_COUNT' => clean_input($_POST['nreseller_max_alias_cnt'], true), 'MAX_MAIL_USERS_COUNT' => clean_input($_POST['nreseller_max_mail_cnt'], true), 'MAX_FTP_USERS_COUNT' => clean_input($_POST['nreseller_max_ftp_cnt'], true), 'MAX_SQLDB_COUNT' => clean_input($_POST['nreseller_max_sql_db_cnt'], true), 'MAX_SQL_USERS_COUNT' => clean_input($_POST['nreseller_max_sql_user_cnt'], true), 'MAX_TRAFFIC_AMOUNT' => clean_input($_POST['nreseller_max_traffic'], true), 'MAX_DISK_AMOUNT' => clean_input($_POST['nreseller_max_disk'], true), 'SUPPORT_SYSTEM_YES' => $_POST['support_system'] == 'yes' ? $cfg->HTML_SELECTED : '', 'SUPPORT_SYSTEM_NO' => $_POST['support_system'] == 'no' ? $cfg->HTML_SELECTED : '', 'SUPPORT_SYSTEM' => clean_input($_POST['support_system'], true)));
}
} else {
$tpl->assign(array('EMAIL' => '', 'USERNAME' => '', 'FIRST_NAME' => '', 'CUSTOMER_ID' => '', 'LAST_NAME' => '', 'FIRM' => '', 'ZIP' => '', 'CITY' => '', 'STATE' => '', 'COUNTRY' => '', 'STREET_1' => '', 'STREET_2' => '', 'PHONE' => '', 'FAX' => '', 'VL_MALE' => '', 'VL_FEMALE' => '', 'VL_UNKNOWN' => $cfg->HTML_SELECTED, 'MAX_DOMAIN_COUNT' => '', 'MAX_SUBDOMAIN_COUNT' => '', 'MAX_ALIASES_COUNT' => '', 'MAX_MAIL_USERS_COUNT' => '', 'MAX_FTP_USERS_COUNT' => '', 'MAX_SQLDB_COUNT' => '', 'MAX_SQL_USERS_COUNT' => '', 'MAX_TRAFFIC_AMOUNT' => '', 'MAX_DISK_AMOUNT' => '', 'SUPPORT_SYSTEM_YES' => $cfg->HTML_SELECTED, 'SUPPORT_SYSTEM_NO' => ''));
}
}
/**
* @param EasySCP_TemplateEngine $tpl
*/
function add_ip($tpl)
{
$cfg = EasySCP_Registry::get('Config');
if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_ip') {
if (check_user_data()) {
$sql_param = array(':ip_number' => trim($_POST['ip_number_1']) . '.' . trim($_POST['ip_number_2']) . '.' . trim($_POST['ip_number_3']) . '.' . trim($_POST['ip_number_4']), ':ip_number_v6' => trim($_POST['ipv6']), ':ip_domain' => htmlspecialchars(trim($_POST['domain']), ENT_QUOTES, 'UTF-8'), ':ip_alias' => htmlspecialchars(trim($_POST['alias']), ENT_QUOTES, 'UTF-8'), ':ip_card' => htmlspecialchars(trim($_POST['ip_card']), ENT_QUOTES, 'UTF-8'), ':ip_ssl_domain_id' => NULL, ':ip_status' => $cfg->ITEM_OK_STATUS);
$sql_query = "\n\t\t\t\tINSERT INTO\n\t\t\t\t\tserver_ips (ip_number, ip_number_v6, ip_domain, ip_alias, ip_card, ip_ssl_domain_id, ip_status)\n\t\t\t\tVALUES\n\t\t\t\t\t(:ip_number, :ip_number_v6, :ip_domain, :ip_alias, :ip_card, :ip_ssl_domain_id, :ip_status)\n\t\t\t";
DB::prepare($sql_query);
DB::execute($sql_param)->closeCursor();
// todo Prüfen wie man das zukünftig behandeln soll
// send_request();
set_page_message(tr('New IP was added!'), 'success');
write_log('{' . $_SESSION['user_logged'] . '}: adds new IPv4 address: {' . trim($_POST['ip_number_1']) . '.' . trim($_POST['ip_number_2']) . '.' . trim($_POST['ip_number_3']) . '.' . trim($_POST['ip_number_4']) . '}!');
if (isset($_POST['ipv6']) && $_POST['ipv6'] != '') {
write_log('{' . $_SESSION['user_logged'] . '}: adds new IPv6 address: {' . trim($_POST['ipv6']) . '}!');
}
$sucess = true;
}
}
if (!isset($sucess) && isset($_POST['ip_number_1'])) {
$tpl->assign(array('VALUE_IP1' => tohtml($_POST['ip_number_1']), 'VALUE_IP2' => tohtml($_POST['ip_number_2']), 'VALUE_IP3' => tohtml($_POST['ip_number_3']), 'VALUE_IP4' => tohtml($_POST['ip_number_4']), 'VALUE_IPv6' => tohtml($_POST['ipv6']), 'VALUE_DOMAIN' => clean_input($_POST['domain'], true), 'VALUE_ALIAS' => clean_input($_POST['alias'], true)));
} else {
$tpl->assign(array('VALUE_IP1' => '', 'VALUE_IP2' => '', 'VALUE_IP3' => '', 'VALUE_IP4' => '', 'VALUE_IPv6' => '', 'VALUE_DOMAIN' => '', 'VALUE_ALIAS' => ''));
}
}
function send_circular(&$tpl, &$sql)
{
if (isset($_POST['uaction']) && $_POST['uaction'] === 'send_circular') {
if (check_user_data($tpl)) {
send_reseller_users_message(&$sql, $_SESSION['user_id']);
unset($_POST['uaction']);
gen_page_data($tpl, $sql);
}
}
}
/**
* @param $tpl iMSCP_pTemplate
* @return void
*/
function add_user($tpl)
{
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_user') {
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onBeforeAddUser);
if (check_user_data()) {
$upass = cryptPasswordWithSalt(clean_input($_POST['password']));
$user_id = $_SESSION['user_id'];
$username = clean_input($_POST['username']);
$fname = clean_input($_POST['fname']);
$lname = clean_input($_POST['lname']);
$gender = clean_input($_POST['gender']);
$firm = clean_input($_POST['firm']);
$zip = clean_input($_POST['zip']);
$city = clean_input($_POST['city']);
$state = clean_input($_POST['state']);
$country = clean_input($_POST['country']);
$email = clean_input($_POST['email']);
$phone = clean_input($_POST['phone']);
$fax = clean_input($_POST['fax']);
$street1 = clean_input($_POST['street1']);
$street2 = clean_input($_POST['street2']);
if (get_gender_by_code($gender, true) === null) {
$gender = '';
}
$query = "\n\t\t\t\tINSERT INTO `admin` (\n\t\t\t\t\t`admin_name`, `admin_pass`, `admin_type`, `domain_created`, `created_by`, `fname`, `lname`, `firm`,\n\t\t\t\t\t`zip`, `city`, `state`, `country`, `email`, `phone`, `fax`, `street1`, `street2`, `gender`\n\t\t\t\t) VALUES (\n\t\t\t\t\t?, ?, 'admin', unix_timestamp(), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?\n\t\t\t\t)\n\t\t\t";
exec_query($query, array($username, $upass, $user_id, $fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender));
/** @var $db iMSCP_Database */
$db = iMSCP_Registry::get('db');
$new_admin_id = $db->insertId();
$user_logged = $_SESSION['user_logged'];
write_log("{$user_logged}: add admin: {$username}", E_USER_WARNING);
$user_def_lang = $cfg->USER_INITIAL_LANG;
$user_theme_color = $cfg->USER_INITIAL_THEME;
$query = "\n\t\t\t\tREPLACE INTO `user_gui_props` (\n\t\t\t\t\t`user_id`, `lang`, `layout`\n\t\t\t\t) VALUES (\n\t\t\t\t\t?, ?, ?\n\t\t\t\t)\n\t\t\t";
exec_query($query, array($new_admin_id, $user_def_lang, $user_theme_color));
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAfterAddUser);
send_add_user_auto_msg($user_id, clean_input($_POST['username']), clean_input($_POST['password']), clean_input($_POST['email']), clean_input($_POST['fname']), clean_input($_POST['lname']), tr('Administrator'));
//$_SESSION['user_added'] = 1;
set_page_message(tr('Admin account successfully created.'), 'success');
redirectTo('manage_users.php');
} else {
// check user data
$tpl->assign(array('EMAIL' => clean_input($_POST['email'], true), 'USERNAME' => clean_input($_POST['username'], true), 'FIRST_NAME' => clean_input($_POST['fname'], true), 'LAST_NAME' => clean_input($_POST['lname'], true), 'FIRM' => clean_input($_POST['firm'], true), 'ZIP' => clean_input($_POST['zip'], true), 'CITY' => clean_input($_POST['city'], true), 'STATE' => clean_input($_POST['state'], true), 'COUNTRY' => clean_input($_POST['country'], true), 'STREET_1' => clean_input($_POST['street1'], true), 'STREET_2' => clean_input($_POST['street2'], true), 'PHONE' => clean_input($_POST['phone'], true), 'FAX' => clean_input($_POST['fax'], true), 'VL_MALE' => $_POST['gender'] == 'M' ? $cfg->HTML_SELECTED : '', 'VL_FEMALE' => $_POST['gender'] == 'F' ? $cfg->HTML_SELECTED : '', 'VL_UNKNOWN' => $_POST['gender'] == 'U' || empty($_POST['gender']) ? $cfg->HTML_SELECTED : ''));
}
} else {
$tpl->assign(array('EMAIL' => '', 'USERNAME' => '', 'FIRST_NAME' => '', 'LAST_NAME' => '', 'FIRM' => '', 'ZIP' => '', 'CITY' => '', 'STATE' => '', 'COUNTRY' => '', 'STREET_1' => '', 'STREET_2' => '', 'PHONE' => '', 'FAX' => '', 'VL_MALE' => '', 'VL_FEMALE' => '', 'VL_UNKNOWN' => $cfg->HTML_SELECTED));
}
}
/**
* @param EasySCP_TemplateEngine $tpl
*/
function add_user($tpl)
{
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_user') {
if (check_user_data()) {
$upass = crypt_user_pass($_POST['pass']);
$user_id = $_SESSION['user_id'];
$username = clean_input($_POST['username']);
$fname = clean_input($_POST['fname']);
$lname = clean_input($_POST['lname']);
$gender = clean_input($_POST['gender']);
$firm = clean_input($_POST['firm']);
$zip = clean_input($_POST['zip']);
$city = clean_input($_POST['city']);
$state = clean_input($_POST['state']);
$country = clean_input($_POST['country']);
$email = clean_input($_POST['email']);
$phone = clean_input($_POST['phone']);
$fax = clean_input($_POST['fax']);
$street1 = clean_input($_POST['street1']);
$street2 = clean_input($_POST['street2']);
if (get_gender_by_code($gender, true) === null) {
$gender = '';
}
$query = "\n\t\t\t\tINSERT INTO `admin`\n\t\t\t\t\t(\n\t\t\t\t\t\t`admin_name`,\n\t\t\t\t\t\t`admin_pass`,\n\t\t\t\t\t\t`admin_type`,\n\t\t\t\t\t\t`domain_created`,\n\t\t\t\t\t\t`created_by`,\n\t\t\t\t\t\t`fname`,\n\t\t\t\t\t\t`lname`,\n\t\t\t\t\t\t`firm`,\n\t\t\t\t\t\t`zip`,\n\t\t\t\t\t\t`city`,\n\t\t\t\t\t\t`state`,\n\t\t\t\t\t\t`country`,\n\t\t\t\t\t\t`email`,\n\t\t\t\t\t\t`phone`,\n\t\t\t\t\t\t`fax`,\n\t\t\t\t\t\t`street1`,\n\t\t\t\t\t\t`street2`,\n\t\t\t\t\t\t`gender`\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t'admin',\n\t\t\t\t\t\tunix_timestamp(),\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?,\n\t\t\t\t\t\t?\n\t\t\t\t\t)\n\t\t\t";
exec_query($sql, $query, array($username, $upass, $user_id, $fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender));
$new_admin_id = $sql->insertId();
$user_logged = $_SESSION['user_logged'];
write_log("{$user_logged}: add admin: {$username}");
$user_def_lang = $_SESSION['user_def_lang'];
$user_theme_color = $_SESSION['user_theme'];
$query = "\n\t\t\t\tINSERT INTO `user_gui_props` (\n\t\t\t\t\t`user_id`,\n\t\t\t\t\t`lang`,\n\t\t\t\t\t`layout`\n\t\t\t\t) VALUES (?,?,?)\n\t\t\t";
exec_query($sql, $query, array($new_admin_id, $user_def_lang, $user_theme_color));
send_add_user_auto_msg($user_id, clean_input($_POST['username']), clean_input($_POST['pass']), clean_input($_POST['email']), clean_input($_POST['fname']), clean_input($_POST['lname']), tr('Administrator'), $gender);
$_SESSION['user_added'] = 1;
user_goto('manage_users.php');
} else {
// check user data
$tpl->assign(array('EMAIL' => clean_input($_POST['email'], true), 'USERNAME' => clean_input($_POST['username'], true), 'FIRST_NAME' => clean_input($_POST['fname'], true), 'LAST_NAME' => clean_input($_POST['lname'], true), 'FIRM' => clean_input($_POST['firm'], true), 'ZIP' => clean_input($_POST['zip'], true), 'CITY' => clean_input($_POST['city'], true), 'STATE' => clean_input($_POST['state'], true), 'COUNTRY' => clean_input($_POST['country'], true), 'STREET_1' => clean_input($_POST['street1'], true), 'STREET_2' => clean_input($_POST['street2'], true), 'PHONE' => clean_input($_POST['phone'], true), 'FAX' => clean_input($_POST['fax'], true), 'VL_MALE' => $_POST['gender'] == 'M' ? $cfg->HTML_SELECTED : '', 'VL_FEMALE' => $_POST['gender'] == 'F' ? $cfg->HTML_SELECTED : '', 'VL_UNKNOWN' => $_POST['gender'] == 'U' || empty($_POST['gender']) ? $cfg->HTML_SELECTED : ''));
}
} else {
$tpl->assign(array('EMAIL' => '', 'USERNAME' => '', 'FIRST_NAME' => '', 'LAST_NAME' => '', 'FIRM' => '', 'ZIP' => '', 'CITY' => '', 'STATE' => '', 'COUNTRY' => '', 'STREET_1' => '', 'STREET_2' => '', 'PHONE' => '', 'FAX' => '', 'VL_MALE' => '', 'VL_FEMALE' => '', 'VL_UNKNOWN' => $cfg->HTML_SELECTED));
}
// end else
}
function update_admin_personal_data($sql, $user_id)
{
if (check_user_data()) {
$fname = clean_input($_POST['fname']);
$lname = clean_input($_POST['lname']);
$gender = $_POST['gender'];
$firm = clean_input($_POST['firm']);
$zip = clean_input($_POST['zip']);
$city = clean_input($_POST['city']);
$state = clean_input($_POST['state']);
$country = clean_input($_POST['country']);
$street1 = clean_input($_POST['street1']);
$street2 = clean_input($_POST['street2']);
$email = clean_input($_POST['email']);
$phone = clean_input($_POST['phone']);
$fax = clean_input($_POST['fax']);
$query = "\n\t\t\tUPDATE\n\t\t\t\t`admin`\n\t\t\tSET\n\t\t\t\t`fname` = ?,\n\t\t\t\t`lname` = ?,\n\t\t\t\t`firm` = ?,\n\t\t\t\t`zip` = ?,\n\t\t\t\t`city` = ?,\n\t\t\t\t`state` = ?,\n\t\t\t\t`country` = ?,\n\t\t\t\t`street1` = ?,\n\t\t\t\t`street2` = ?,\n\t\t\t\t`email` = ?,\n\t\t\t\t`phone` = ?,\n\t\t\t\t`fax` = ?,\n\t\t\t\t`gender` = ?\n\t\t\tWHERE\n\t\t\t\t`admin_id` = ?\n\t";
exec_query($sql, $query, array($fname, $lname, $firm, $zip, $city, $state, $country, $street1, $street2, $email, $phone, $fax, $gender, $user_id));
set_page_message(tr('Personal data updated successfully!'), 'success');
}
}
// check if we have only hosting plans for admins - reseller should not edit them
if (isset($cfg->HOSTING_PLANS_LEVEL) && $cfg->HOSTING_PLANS_LEVEL === 'admin') {
user_goto('users.php?psi=last');
}
// static page messages.
gen_logged_from($tpl);
$tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP - User/Add user(step2)'), 'TR_ADD_USER' => tr('Add user'), 'TR_HOSTING_PLAN_PROPERTIES' => tr('Hosting plan properties'), 'TR_TEMPLATE_NAME' => tr('Template name'), 'TR_MAX_DOMAIN' => tr('Max domains<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_SUBDOMAIN' => tr('Max subdomains<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_DOMAIN_ALIAS' => tr('Max aliases<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_MAIL_COUNT' => tr('Mail accounts limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_FTP' => tr('FTP accounts limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_SQL_DB' => tr('SQL databases limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_SQL_USERS' => tr('SQL users limit<br /><em>(-1 disabled, 0 unlimited)</em>'), 'TR_MAX_TRAFFIC' => tr('Traffic limit [MB]<br /><em>(0 unlimited)</em>'), 'TR_MAX_DISK_USAGE' => tr('Disk limit [MB]<br /><em>(0 unlimited)</em>'), 'TR_PHP' => tr('PHP'), 'TR_PHP_EDIT' => tr('PHP editor'), 'TR_CGI' => tr('CGI / Perl'), 'TR_SSL' => tr('SSL support'), 'TR_BACKUP' => tr('Backup'), 'TR_BACKUP_DOMAIN' => tr('Domain'), 'TR_BACKUP_SQL' => tr('SQL'), 'TR_BACKUP_FULL' => tr('Full'), 'TR_BACKUP_NO' => tr('No'), 'TR_BACKUP_COUNT' => tr('Count backups to disk usage'), 'TR_DNS' => tr('Manual DNS support'), 'TR_YES' => tr('Yes'), 'TR_NO' => tr('No'), 'TR_NEXT_STEP' => tr('Next step')));
gen_reseller_mainmenu($tpl, 'reseller/main_menu_users_manage.tpl');
gen_reseller_menu($tpl, 'reseller/menu_users_manage.tpl');
if (!get_pageone_param()) {
set_page_message(tr("Domain data has been altered. Please enter again."), 'warning');
unset_messages();
user_goto('user_add1.php');
}
if (isset($_POST['uaction']) && "user_add2_nxt" === $_POST['uaction'] && !isset($_SESSION['step_one'])) {
if (check_user_data()) {
$_SESSION["step_two_data"] = "{$dmn_name};0;";
$newProps = array('allow_php' => $hp_php, 'allow_phpe' => $hp_phpe, 'allow_cgi' => $hp_cgi, 'subdomain_cnt' => $hp_sub, 'alias_cnt' => $hp_als, 'mail_cnt' => $hp_mail, 'ftp_cnt' => $hp_ftp, 'db_cnt' => $hp_sql_db, 'sqluser_cnt' => $hp_sql_user, 'traffic' => $hp_traff, 'disk' => $hp_disk, 'disk_countbackup' => $hp_countbackup, 'allow_backup' => $hp_backup, 'allow_dns' => $hp_dns, 'allow_ssl' => $hp_ssl);
$_SESSION["ch_hpprops"] = $newProps;
if (reseller_limits_check($sql, $ehp_error, $_SESSION['user_id'], 0, $_SESSION["ch_hpprops"])) {
user_goto('user_add3.php');
}
}
} else {
unset($_SESSION['step_one']);
global $dmn_chp;
get_hp_data($dmn_chp, $_SESSION['user_id']);
}
get_init_au2_page($tpl);
gen_page_message($tpl);
list($rsub_max, $rals_max, $rmail_max, $rftp_max, $rsql_db_max, $rsql_user_max) = check_reseller_permissions($_SESSION['user_id'], 'all_permissions');
function update_data(&$sql)
{
global $edit_id;
if (isset($_POST['uaction']) && $_POST['uaction'] === 'edit_user') {
if (check_user_data()) {
$user_id = $_SESSION['user_id'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$firm = $_POST['firm'];
$zip = $_POST['zip'];
$city = $_POST['city'];
$country = $_POST['country'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$fax = $_POST['fax'];
$street1 = $_POST['street1'];
$street2 = $_POST['street2'];
if ($_POST['pass'] == '') {
$query = <<<SQL_QUERY
update
admin
set
fname = ?,
lname = ?,
firm = ?,
zip = ?,
city = ?,
country = ?,
email = ?,
phone = ?,
fax = ?,
street1 = ?,
street2 = ?
where
admin_id= ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2, $edit_id));
} else {
$edit_id = $_POST['edit_id'];
if (chk_password($_POST['pass'])) {
set_page_message(tr("Incorrect password range or syntax!"));
header("Location: edit_user.php?edit_id={$edit_id}");
die;
}
if ($_POST['pass'] != $_POST['pass_rep']) {
set_page_message(tr("Entered passwords does not match!"));
header("Location: edit_user.php?edit_id={$edit_id}");
die;
}
$upass = crypt_user_pass($_POST['pass']);
$query = <<<SQL_QUERY
update
admin
set
admin_pass = ?,
fname = ?,
lname = ?,
firm = ?,
zip = ?,
city = ?,
country = ?,
email = ?,
phone = ?,
fax = ?,
street1 = ?,
street2 = ?
where
admin_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($upass, $fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2, $edit_id));
}
$edit_username = $_POST['edit_username'];
$user_logged = $_SESSION['user_logged'];
write_log("{$user_logged}: change data/password for {$edit_username}!");
$_SESSION['user_updated'] = 1;
header("Location: manage_users.php");
die;
}
}
}
*
* @link http://www.easyscp.net
* @author EasySCP Team
*/
require '../../include/easyscp-lib.php';
check_login(__FILE__);
$cfg = EasySCP_Registry::get('Config');
$tpl = EasySCP_TemplateEngine::getInstance();
$template = 'reseller/user_add1.tpl';
// static page messages
gen_logged_from($tpl);
$tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP - Users/Add user'), 'TR_ADD_USER' => tr('Add user'), 'TR_CORE_DATA' => tr('Core data'), 'TR_DOMAIN_NAME' => tr('Domain name'), 'TR_DOMAIN_EXPIRE' => tr('Domain expire'), 'TR_CHOOSE_HOSTING_PLAN' => tr('Choose hosting plan'), 'TR_PERSONALIZE_TEMPLATE' => tr('Personalise template'), 'TR_YES' => tr('Yes'), 'TR_NO' => tr('No'), 'TR_NEXT_STEP' => tr('Next step'), 'TR_DMN_HELP' => tr("You do not need 'www.' EasySCP will add it on its own."), 'TR_EXPIRE_CHECKBOX' => tr('or check if domain should <strong>never</strong> expire'), 'TR_SU' => tr('Su'), 'TR_MO' => tr('Mo'), 'TR_TU' => tr('Tu'), 'TR_WE' => tr('We'), 'TR_TH' => tr('Th'), 'TR_FR' => tr('Fr'), 'TR_SA' => tr('Sa'), 'TR_JANUARY' => tr('January'), 'TR_FEBRUARY' => tr('February'), 'TR_MARCH' => tr('March'), 'TR_APRIL' => tr('April'), 'TR_MAY' => tr('May'), 'TR_JUNE' => tr('June'), 'TR_JULY' => tr('July'), 'TR_AUGUST' => tr('August'), 'TR_SEPTEMBER' => tr('September'), 'TR_OCTOBER' => tr('October'), 'TR_NOVEMBER' => tr('November'), 'TR_DECEMBER' => tr('December'), 'VL_DATE_FORMAT' => jQueryDatepickerDateFormat($cfg->DATE_FORMAT)));
gen_reseller_mainmenu($tpl, 'reseller/main_menu_users_manage.tpl');
gen_reseller_menu($tpl, 'reseller/menu_users_manage.tpl');
if (isset($_POST['uaction'])) {
if (!check_user_data()) {
get_data_au1_page($tpl);
}
} else {
get_empty_au1_page($tpl);
}
get_hp_data_list($tpl, $_SESSION['user_id']);
gen_page_message($tpl);
if ($cfg->DUMP_GUI_DEBUG) {
dump_gui_debug($tpl);
}
$tpl->display($template);
unset_messages();
// Function declaration path
/**
* Check correction of entered users data
function update_reseller_user($sql)
{
if (isset($_POST['uaction']) && $_POST['uaction'] === 'move_user') {
if (check_user_data()) {
set_page_message(tr('User was moved'));
}
}
}
function update_data($sql)
{
global $edit_id;
$cfg = EasySCP_Registry::get('Config');
if (isset($_POST['Submit']) && isset($_POST['uaction']) && $_POST['uaction'] === 'edit_user') {
if (check_user_data()) {
$user_id = $_SESSION['user_id'];
$fname = clean_input($_POST['fname']);
$lname = clean_input($_POST['lname']);
$firm = clean_input($_POST['firm']);
$gender = clean_input($_POST['gender']);
$zip = clean_input($_POST['zip']);
$city = clean_input($_POST['city']);
$state = clean_input($_POST['state']);
$country = clean_input($_POST['country']);
$email = clean_input($_POST['email']);
$phone = clean_input($_POST['phone']);
$fax = clean_input($_POST['fax']);
$street1 = clean_input($_POST['street1']);
$street2 = clean_input($_POST['street2']);
if (empty($_POST['pass'])) {
$query = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\t`admin`\n\t\t\t\t\tSET\n\t\t\t\t\t\t`fname` = ?,\n\t\t\t\t\t\t`lname` = ?,\n\t\t\t\t\t\t`firm` = ?,\n\t\t\t\t\t\t`zip` = ?,\n\t\t\t\t\t\t`city` = ?,\n\t\t\t\t\t\t`state` = ?,\n\t\t\t\t\t\t`country` = ?,\n\t\t\t\t\t\t`email` = ?,\n\t\t\t\t\t\t`phone` = ?,\n\t\t\t\t\t\t`fax` = ?,\n\t\t\t\t\t\t`street1` = ?,\n\t\t\t\t\t\t`street2` = ?,\n\t\t\t\t\t\t`gender` = ?\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`admin_id` = ?\n\t\t\t\t";
exec_query($sql, $query, array($fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $edit_id));
} else {
$edit_id = $_POST['edit_id'];
if ($_POST['pass'] != $_POST['pass_rep']) {
set_page_message(tr("Entered passwords do not match!"), 'warning');
user_goto('admin_edit.php?edit_id=' . $edit_id);
}
if (!chk_password($_POST['pass'])) {
if ($cfg->PASSWD_STRONG) {
set_page_message(sprintf(tr('The password must be at least %s chars long and contain letters and numbers to be valid.'), $cfg->PASSWD_CHARS), 'warning');
} else {
set_page_message(sprintf(tr('Password data is shorter than %s signs or includes not permitted signs!'), $cfg->PASSWD_CHARS), 'warning');
}
user_goto('admin_edit.php?edit_id=' . $edit_id);
}
$upass = crypt_user_pass($_POST['pass']);
$query = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\t`admin`\n\t\t\t\t\tSET\n\t\t\t\t\t\t`admin_pass` = ?,\n\t\t\t\t\t\t`fname` = ?,\n\t\t\t\t\t\t`lname` = ?,\n\t\t\t\t\t\t`firm` = ?,\n\t\t\t\t\t\t`zip` = ?,\n\t\t\t\t\t\t`city` = ?,\n\t\t\t\t\t\t`state` = ?,\n\t\t\t\t\t\t`country` = ?,\n\t\t\t\t\t\t`email` = ?,\n\t\t\t\t\t\t`phone` = ?,\n\t\t\t\t\t\t`fax` = ?,\n\t\t\t\t\t\t`street1` = ?,\n\t\t\t\t\t\t`street2` = ?,\n\t\t\t\t\t\t`gender` = ?\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`admin_id` = ?\n\t\t\t\t";
exec_query($sql, $query, array($upass, $fname, $lname, $firm, $zip, $city, $state, $country, $email, $phone, $fax, $street1, $street2, $gender, $edit_id));
// Kill any existing session of the edited user
$admin_name = get_user_name($edit_id);
$query = "\n\t\t\t\t\tDELETE FROM\n\t\t\t\t\t\t`login`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`user_name` = ?\n\t\t\t\t";
$rs = exec_query($sql, $query, $admin_name);
if ($rs->recordCount() != 0) {
set_page_message(tr('User session was killed!'), 'info');
write_log($_SESSION['user_logged'] . " killed " . $admin_name . "'s session because of password change");
}
}
$edit_username = clean_input($_POST['edit_username']);
$user_logged = $_SESSION['user_logged'];
write_log("{$user_logged}: changes data/password for {$edit_username}!");
if (isset($_POST['send_data']) && !empty($_POST['pass'])) {
$query = "SELECT admin_type FROM admin WHERE admin_id='" . addslashes(htmlspecialchars($edit_id)) . "'";
$res = exec_query($sql, $query);
if ($res->fields['admin_type'] == 'admin') {
$admin_type = tr('Administrator');
} else {
if ($res->fields['admin_type'] == 'reseller') {
$admin_type = tr('Reseller');
} else {
$admin_type = tr('Domain account');
}
}
send_add_user_auto_msg($user_id, $edit_username, clean_input($_POST['pass']), clean_input($_POST['email']), clean_input($_POST['fname']), clean_input($_POST['lname']), tr($admin_type), $gender);
}
$_SESSION['user_updated'] = 1;
user_goto('manage_users.php');
}
}
}
return true;
}
/***********************************************************************************************************************
* Main
*
*/
// Include core library
require 'imscp-lib.php';
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAdminScriptStart);
check_login('admin');
if (!systemHasResellers(2)) {
showBadRequestErrorPage();
}
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
if (isset($_POST['uaction']) && $_POST['uaction'] == 'move_user' && check_user_data()) {
set_page_message(tr('Customer(s) successfully moved.'), 'success');
redirectTo('manage_users.php');
}
$tpl = new iMSCP_pTemplate();
$tpl->define_dynamic(array('layout' => 'shared/layouts/ui.tpl', 'page' => 'admin/manage_reseller_users.tpl', 'page_message' => 'layout', 'reseller_list' => 'page', 'reseller_item' => 'page', 'src_reseller' => 'page', 'src_reseller_option' => 'src_reseller', 'dst_reseller' => 'page', 'dst_reseller_option' => 'dst_reseller'));
$tpl->assign(array('TR_PAGE_TITLE' => tr('Admin / Users / Customers Assignment'), 'TR_USER_ASSIGNMENT' => tr('User assignment'), 'TR_RESELLER_USERS' => tr('Users'), 'TR_CUSTOMER_ID' => tr('Customer ID'), 'TR_MARK' => tr('Mark'), 'TR_USER_NAME' => tr('Username'), 'TR_FROM_RESELLER' => tr('From reseller'), 'TR_TO_RESELLER' => tr('To reseller'), 'TR_MOVE' => tr('Move')));
iMSCP_Events_Aggregator::getInstance()->registerListener('onGetJsTranslations', function ($e) {
/** @var $e \iMSCP_Events_Event */
$e->getParam('translations')->core['dataTable'] = getDataTablesPluginTranslations(false);
});
generateNavigation($tpl);
admin_generateCustomersTable($tpl);
generatePageMessage($tpl);
$tpl->parse('LAYOUT_CONTENT', 'page');
iMSCP_Events_Aggregator::getInstance()->dispatch(iMSCP_Events::onAdminScriptEnd, array('templateEngine' => $tpl));
<?php
require 'db.php';
require 'connection.php';
$redir = "index.php";
if (!empty($_GET['location'])) {
$redir = $_GET['location'];
}
if (!empty($_POST['submit'])) {
$username = sanitize_post('username');
$password = sanitize_post('password');
$ok = check_user_data($username, $password);
if ($ok) {
if (empty($_SESSION)) {
session_start();
}
$_SESSION['login'] = 1;
$_SESSION['user'] = $username;
header("Location: {$redir}");
echo "done";
} else {
echo "Username or password invalid";
}
} else {
header("Location: {$redir}");
}
if (isset($cfg['HOSTING_PLANS_LEVEL']) && $cfg['HOSTING_PLANS_LEVEL'] === 'admin') {
Header("Location: users.php");
die;
}
$tpl->assign(array('TR_CLIENT_CHANGE_PERSONAL_DATA_PAGE_TITLE' => tr('VHCS - User/Add user(step2)'), 'THEME_COLOR_PATH' => "../themes/{$theme_color}", 'THEME_CHARSET' => tr('encoding'), 'VHCS_LICENSE' => $cfg['VHCS_LICENSE'], 'ISP_LOGO' => get_logo($_SESSION['user_id'])));
/*
*
* static page messages.
*
*/
gen_reseller_menu($tpl);
gen_logged_from($tpl);
$tpl->assign(array('TR_ADD_USER' => tr('Add user'), 'TR_HOSTING_PLAN_PROPERTIES' => tr('Hosting plan properties'), 'TR_TEMPLATE_NAME' => tr('Template name'), 'TR_MAX_DOMAIN' => tr('Max domain count<br><i>(0 unlimited)</i>'), 'TR_MAX_SUBDOMAIN' => tr('Max subdomain count<br><i>(0 unlimited)'), 'TR_MAX_DOMAIN_ALIAS' => tr('Max aliases count<br><i>(0 unlimited)</i>'), 'TR_MAX_MAIL_COUNT' => tr('Max mail users count<br><i>(0 unlimited)</i>'), 'TR_MAX_FTP' => tr('Max FTP users count<br><i>(0 unlimited)</i>'), 'TR_MAX_SQL_DB' => tr('Max SQL databases count<br><i>(-1 disabled, 0 unlimited)</i>'), 'TR_MAX_SQL_USERS' => tr('Max SQL users count<br><i>(-1 disabled, 0 unlimited)</i>'), 'TR_MAX_TRAFFIC' => tr('Max traffic amount [MB]<br><i>(0 unlimited)</i>'), 'TR_MAX_DISK_USAGE' => tr('Max disk amount [MB]<br><i>(0 unlimited)</i>'), 'TR_PHP' => tr('PHP'), 'TR_CGI' => tr('CGI / Perl'), 'TR_YES' => tr('yes'), 'TR_NO' => tr('no'), 'TR_NEXT_STEP' => tr('Next step'), 'TR_BACKUP_RESTORE' => tr('Backup / Restore'), 'TR_APACHE_LOGS' => tr('Apache logs'), 'TR_AWSTATS' => tr('Awstats')));
get_pageone_param();
if (isset($_POST['uaction']) && "rau2_nxt" === $_POST['uaction'] && !isset($_SESSION['step_one_data'])) {
if (check_user_data($tpl)) {
update_hp_data($_SESSION['user_id']);
}
} else {
unset($_SESSION['step_one_data']);
global $dmn_chp;
get_hp_data($dmn_chp, $_SESSION['user_id']);
$tpl->assign('MESSAGE', "");
}
get_init_au2_page($tpl);
gen_page_message($tpl);
$tpl->parse('PAGE', 'page');
$tpl->prnt();
if (isset($cfg['DUMP_GUI_DEBUG'])) {
dump_gui_debug();
}
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301, USA.
*
*
*/
$username = $_POST["username"];
$passwd = $_POST["pass"];
require_once __DIR__ . "/../../moneyio.php";
if (isset($username) && !empty($username) && isset($passwd) && !empty($passwd)) {
require_once __DIR__ . "/login_func.php";
$new_passwd = pass_generator($passwd);
$user_data = check_user_data($username, $new_passwd);
// 2015-11-26 problem. $username = "******" so, It does not do login
if (isset($user_data) && !empty($user_data)) {
if ($username === $user_data->nick && $new_passwd === $user_data->passwd) {
require_once __DIR__ . "/../../session.php";
open_session();
$_SESSION["mio-username"] = $user_data->nick;
$_SESSION["mio-username_id"] = $user_data->id;
$_SESSION["mio-pic"] = $user_data->avatar;
echo get_message("login_ok");
} else {
echo get_message("login_bad");
}
} else {
echo get_message("no_data");
}
function add_user(&$tpl, &$sql)
{
if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_user') {
if (check_user_data()) {
$upass = crypt_user_pass($_POST['pass']);
$user_id = $_SESSION['user_id'];
$username = $_POST['username'];
$fname = htmlspecialchars($_POST['fname'], ENT_QUOTES, "UTF-8");
$lname = htmlspecialchars($_POST['lname'], ENT_QUOTES, "UTF-8");
$firm = htmlspecialchars($_POST['firm'], ENT_QUOTES, "UTF-8");
$zip = htmlspecialchars($_POST['zip'], ENT_QUOTES, "UTF-8");
$city = htmlspecialchars($_POST['city'], ENT_QUOTES, "UTF-8");
$country = htmlspecialchars($_POST['country'], ENT_QUOTES, "UTF-8");
$email = htmlspecialchars($_POST['email'], ENT_QUOTES, "UTF-8");
$phone = htmlspecialchars($_POST['phone'], ENT_QUOTES, "UTF-8");
$fax = htmlspecialchars($_POST['fax'], ENT_QUOTES, "UTF-8");
$street1 = htmlspecialchars($_POST['street1'], ENT_QUOTES, "UTF-8");
$street2 = htmlspecialchars($_POST['street2'], ENT_QUOTES, "UTF-8");
$query = <<<SQL_QUERY
insert into
admin
(
admin_name,
admin_pass,
admin_type,
domain_created,
created_by,
fname,
lname,
firm,
zip,
city,
country,
email,
phone,
fax,
street1,
street2
)
values
(
?,
?,
'admin',
unix_timestamp(),
?,
?,
?,
?,
?,
?,
?,
?,
?,
?,
?,
?
)
SQL_QUERY;
$rs = exec_query($sql, $query, array($username, $upass, $user_id, $fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2));
$new_admin_id = $sql->Insert_ID();
$user_logged = $_SESSION['user_logged'];
write_log("{$user_logged} : add admin -> {$username}");
insert_email_tpl($sql, $new_admin_id);
$user_def_lang = $_SESSION['user_def_lang'];
$user_theme_color = $_SESSION['user_theme_color'];
$user_logo = 0;
$query = <<<SQL_QUERY
insert into
user_gui_props
(
user_id,
lang,
layout,
logo
)
values
(
?,?,?,?
)
SQL_QUERY;
$rs = exec_query($sql, $query, array($new_admin_id, $user_def_lang, $user_theme_color, $user_logo));
send_add_user_auto_msg($user_id, $_POST['username'], $_POST['pass'], $_POST['email'], $_POST['fname'], $_POST['lname'], tr('Administrator'));
$_SESSION['user_added'] = 1;
header("Location: manage_users.php");
die;
} else {
$tpl->assign(array('EMAIL' => $_POST['email'], 'USERNAME' => $_POST['username'], 'FIRST_NAME' => $_POST['fname'], 'LAST_NAME' => $_POST['lname'], 'FIRM' => $_POST['firm'], 'ZIP' => $_POST['zip'], 'CITY' => $_POST['city'], 'COUNTRY' => $_POST['country'], 'STREET_1' => $_POST['street1'], 'STREET_2' => $_POST['street2'], 'PHONE' => $_POST['phone'], 'FAX' => $_POST['fax']));
}
} else {
$tpl->assign(array('EMAIL' => '', 'USERNAME' => '', 'FIRST_NAME' => '', 'LAST_NAME' => '', 'FIRM' => '', 'ZIP' => '', 'CITY' => '', 'COUNTRY' => '', 'STREET_1' => '', 'STREET_2' => '', 'PHONE' => '', 'FAX' => ''));
}
// else
}
$cfg = EasySCP_Registry::get('Config');
$tpl = EasySCP_TemplateEngine::getInstance();
$template = 'reseller/domain_edit.tpl';
if (isset($cfg->HOSTING_PLANS_LEVEL) && $cfg->HOSTING_PLANS_LEVEL === 'admin') {
user_goto('users.php?psi=last');
}
if (isset($_POST['uaction']) && 'sub_data' === $_POST['uaction']) {
// Process data
if (isset($_SESSION['edit_id'])) {
$editid = $_SESSION['edit_id'];
} else {
unset($_SESSION['edit_id']);
$_SESSION['edit'] = '_no_';
user_goto('users.php?psi=last');
}
if (check_user_data($_SESSION['user_id'], $editid)) {
// Save data to db
$_SESSION['dedit'] = "_yes_";
user_goto('users.php?psi=last');
}
load_additional_data($_SESSION['user_id'], $editid);
} else {
// Get user id that comes for edit
if (isset($_GET['edit_id'])) {
$editid = $_GET['edit_id'];
}
load_user_data($_SESSION['user_id'], $editid);
$_SESSION['edit_id'] = $editid;
}
gen_editdomain_page($tpl);
// static page messages
function update_reseller_user()
{
if (isset($_POST['uaction']) && $_POST['uaction'] === 'move_user' && check_user_data()) {
set_page_message(tr('User was moved'), 'success');
}
}
gen_logged_from($tpl);
if (isset($_POST['uaction']) && 'modify' === $_POST['uaction']) {
// Process data
if (isset($_SESSION['edit_ID'])) {
$editid = $_SESSION['edit_ID'];
} else {
if (isset($_GET['edit_id'])) {
$editid = $_GET['edit_id'];
} else {
unset($_SESSION['edit_ID']);
$_SESSION['aledit'] = '_no_';
//Header('Location: domain_alias.php');
//die();
}
}
if (check_user_data($tpl, $editid)) {
// Save data to db
$_SESSION['aledit'] = "_yes_";
Header("Location: domain_alias.php");
die;
}
} else {
// Get user id that come for edit
if (isset($_GET['edit_id'])) {
$editid = $_GET['edit_id'];
}
$_SESSION['edit_ID'] = $editid;
$tpl->assign('MESSAGE', "");
}
gen_editalias_page($tpl, $editid);
$tpl->parse('PAGE', 'page');
function send_circular($tpl)
{
if (isset($_POST['uaction']) && $_POST['uaction'] === 'send_circular') {
if (check_user_data()) {
send_reseller_message();
unset($_POST['uaction']);
gen_page_data($tpl);
}
}
}
function add_reseller(&$tpl, &$sql)
{
global $reseller_ips;
if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_reseller') {
if (check_user_data()) {
$upass = crypt_user_pass($_POST['pass']);
$user_id = $_SESSION['user_id'];
$username = $_POST['username'];
$fname = htmlspecialchars($_POST['fname'], ENT_QUOTES, "UTF-8");
$lname = htmlspecialchars($_POST['lname'], ENT_QUOTES, "UTF-8");
$firm = htmlspecialchars($_POST['firm'], ENT_QUOTES, "UTF-8");
$zip = htmlspecialchars($_POST['zip'], ENT_QUOTES, "UTF-8");
$city = htmlspecialchars($_POST['city'], ENT_QUOTES, "UTF-8");
$country = htmlspecialchars($_POST['country'], ENT_QUOTES, "UTF-8");
$email = htmlspecialchars($_POST['email'], ENT_QUOTES, "UTF-8");
$phone = htmlspecialchars($_POST['phone'], ENT_QUOTES, "UTF-8");
$fax = htmlspecialchars($_POST['fax'], ENT_QUOTES, "UTF-8");
$street1 = htmlspecialchars($_POST['street1'], ENT_QUOTES, "UTF-8");
$street2 = htmlspecialchars($_POST['street2'], ENT_QUOTES, "UTF-8");
$query = <<<SQL_QUERY
insert into admin
(
admin_name,
admin_pass,
admin_type,
domain_created,
created_by,
fname,
lname,
firm,
zip,
city,
country,
email,
phone,
fax,
street1,
street2
)
values
(
?,
?,
'reseller',
unix_timestamp(),
?,
?,
?,
?,
?,
?,
?,
?,
?,
?,
?,
?
)
SQL_QUERY;
$rs = exec_query($sql, $query, array($username, $upass, $user_id, $fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2));
$new_admin_id = $sql->Insert_ID();
insert_email_tpl($sql, $new_admin_id);
$user_logged = $_SESSION['user_logged'];
write_log("{$user_logged} : add reseller -> {$username}");
$user_def_lang = $_SESSION['user_def_lang'];
$user_theme_color = $_SESSION['user_theme_color'];
$user_logo = 0;
$query = <<<SQL_QUERY
insert into user_gui_props
(
user_id,
lang,
layout,
logo
)
values
(
?, ?, ?, ?
)
SQL_QUERY;
$rs = exec_query($sql, $query, array($new_admin_id, $user_def_lang, $user_theme_color, $user_logo));
/*
* 'reseller_props' table entry;
*/
$nreseller_max_domain_cnt = $_POST['nreseller_max_domain_cnt'];
$nreseller_max_subdomain_cnt = $_POST['nreseller_max_subdomain_cnt'];
$nreseller_max_alias_cnt = $_POST['nreseller_max_alias_cnt'];
$nreseller_max_mail_cnt = $_POST['nreseller_max_mail_cnt'];
$nreseller_max_ftp_cnt = $_POST['nreseller_max_ftp_cnt'];
$nreseller_max_sql_db_cnt = $_POST['nreseller_max_sql_db_cnt'];
$nreseller_max_sql_user_cnt = $_POST['nreseller_max_sql_user_cnt'];
$nreseller_max_traffic = $_POST['nreseller_max_traffic'];
$nreseller_max_disk = $_POST['nreseller_max_disk'];
$customer_id = $_POST['customer_id'];
$query = <<<SQL_QUERY
insert into reseller_props
(
reseller_id, reseller_ips,
max_dmn_cnt, current_dmn_cnt,
max_sub_cnt, current_sub_cnt,
max_als_cnt, current_als_cnt,
max_mail_cnt, current_mail_cnt,
max_ftp_cnt, current_ftp_cnt,
max_sql_db_cnt, current_sql_db_cnt,
max_sql_user_cnt, current_sql_user_cnt,
max_traff_amnt, current_traff_amnt,
max_disk_amnt, current_disk_amnt,
customer_id
)
values
(
?, ?,
?, '0',
?, '0',
?, '0',
?, '0',
?, '0',
?, '0',
?, '0',
?, '0',
?, '0',
?
)
SQL_QUERY;
$rs = exec_query($sql, $query, array($new_admin_id, $reseller_ips, $nreseller_max_domain_cnt, $nreseller_max_subdomain_cnt, $nreseller_max_alias_cnt, $nreseller_max_mail_cnt, $nreseller_max_ftp_cnt, $nreseller_max_sql_db_cnt, $nreseller_max_sql_user_cnt, $nreseller_max_traffic, $nreseller_max_disk, $customer_id));
send_add_user_auto_msg($user_id, $_POST['username'], $_POST['pass'], $_POST['email'], htmlspecialchars($_POST['fname'], ENT_QUOTES, "UTF-8"), htmlspecialchars($_POST['lname'], ENT_QUOTES, "UTF-8"), tr('Reseller'));
$_SESSION['reseller_added'] = 1;
header("Location: manage_users.php");
die;
} else {
$tpl->assign(array('EMAIL' => $_POST['email'], 'USERNAME' => $_POST['username'], 'FIRST_NAME' => $_POST['fname'], 'CUSTOMER_ID' => $_POST['customer_id'], 'LAST_NAME' => $_POST['lname'], 'FIRM' => $_POST['firm'], 'ZIP' => $_POST['zip'], 'CITY' => $_POST['city'], 'COUNTRY' => $_POST['country'], 'STREET_1' => $_POST['street1'], 'STREET_2' => $_POST['street2'], 'PHONE' => $_POST['phone'], 'FAX' => $_POST['fax'], 'MAX_DOMAIN_COUNT' => $_POST['nreseller_max_domain_cnt'], 'MAX_SUBDOMAIN_COUNT' => $_POST['nreseller_max_subdomain_cnt'], 'MAX_ALIASES_COUNT' => $_POST['nreseller_max_alias_cnt'], 'MAX_MAIL_USERS_COUNT' => $_POST['nreseller_max_mail_cnt'], 'MAX_FTP_USERS_COUNT' => $_POST['nreseller_max_ftp_cnt'], 'MAX_SQLDB_COUNT' => $_POST['nreseller_max_sql_db_cnt'], 'MAX_SQL_USERS_COUNT' => $_POST['nreseller_max_sql_user_cnt'], 'MAX_TRAFFIC_AMOUNT' => $_POST['nreseller_max_traffic'], 'MAX_DISK_AMOUNT' => $_POST['nreseller_max_disk']));
}
} else {
$tpl->assign(array('EMAIL' => '', 'USERNAME' => '', 'FIRST_NAME' => '', 'CUSTOMER_ID' => '', 'LAST_NAME' => '', 'FIRM' => '', 'ZIP' => '', 'CITY' => '', 'COUNTRY' => '', 'STREET_1' => '', 'STREET_2' => '', 'PHONE' => '', 'FAX' => '', 'MAX_DOMAIN_COUNT' => '', 'MAX_SUBDOMAIN_COUNT' => '', 'MAX_ALIASES_COUNT' => '', 'MAX_MAIL_USERS_COUNT' => '', 'MAX_FTP_USERS_COUNT' => '', 'MAX_SQLDB_COUNT' => '', 'MAX_SQL_USERS_COUNT' => '', 'MAX_TRAFFIC_AMOUNT' => '', 'MAX_DISK_AMOUNT' => ''));
}
}
function update_reseller(&$sql)
{
global $edit_id, $reseller_ips;
if (isset($_POST['uaction']) && $_POST['uaction'] === 'update_reseller') {
$user_id = $_SESSION['user_id'];
if (check_user_data()) {
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$firm = $_POST['firm'];
$zip = $_POST['zip'];
$city = $_POST['city'];
$country = $_POST['country'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$fax = $_POST['fax'];
$street1 = $_POST['street1'];
$street2 = $_POST['street2'];
if ($_POST['pass'] == '') {
$query = <<<SQL_QUERY
update
admin
set
fname = ?,
lname = ?,
firm = ?,
zip = ?,
city = ?,
country = ?,
email = ?,
phone = ?,
fax = ?,
street1 = ?,
street2 = ?
where
admin_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2, $edit_id));
} else {
$upass = crypt_user_pass($_POST['pass']);
$query = <<<SQL_QUERY
update
admin
set
admin_pass = ?,
fname = ?,
lname = ?,
firm = ?,
zip = ?,
city = ?,
country = ?,
email = ?,
phone = ?,
fax = ?,
street1 = ?,
street2 = ?
where
admin_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($upass, $fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2, $edit_id));
}
$nreseller_max_domain_cnt = $_POST['nreseller_max_domain_cnt'];
$nreseller_max_subdomain_cnt = $_POST['nreseller_max_subdomain_cnt'];
$nreseller_max_alias_cnt = $_POST['nreseller_max_alias_cnt'];
$nreseller_max_mail_cnt = $_POST['nreseller_max_mail_cnt'];
$nreseller_max_ftp_cnt = $_POST['nreseller_max_ftp_cnt'];
$nreseller_max_sql_db_cnt = $_POST['nreseller_max_sql_db_cnt'];
$nreseller_max_sql_user_cnt = $_POST['nreseller_max_sql_user_cnt'];
$nreseller_max_traffic = $_POST['nreseller_max_traffic'];
$nreseller_max_disk = $_POST['nreseller_max_disk'];
$customer_id = $_POST['customer_id'];
$query = <<<SQL_QUERY
update reseller_props
set
reseller_ips = ?,
max_dmn_cnt = ?,
max_sub_cnt = ?,
max_als_cnt = ?,
max_mail_cnt = ?,
max_ftp_cnt = ?,
max_sql_db_cnt = ?,
max_sql_user_cnt = ?,
max_traff_amnt = ?,
max_disk_amnt = ?,
customer_id = ?
where
reseller_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($reseller_ips, $nreseller_max_domain_cnt, $nreseller_max_subdomain_cnt, $nreseller_max_alias_cnt, $nreseller_max_mail_cnt, $nreseller_max_ftp_cnt, $nreseller_max_sql_db_cnt, $nreseller_max_sql_user_cnt, $nreseller_max_traffic, $nreseller_max_disk, $customer_id, $edit_id));
$edit_username = $_POST['edit_username'];
$user_logged = $_SESSION['user_logged'];
write_log("{$user_logged}: change data/password for reseller -> {$edit_username}!");
$_SESSION['user_updated'] = 1;
$_SESSION['reseller_ips'] = $reseller_ips;
header("Location: manage_users.php");
die;
} else {
}
}
}
function update_email_data(&$tpl, &$sql)
{
global $sender_name, $sender_email, $auto_message, $auto_subject;
$user_id = $_SESSION['user_id'];
if (isset($_POST['uaction']) && $_POST['uaction'] === 'email_setup') {
$sender_name = $_POST['sender_name'];
$sender_email = $_POST['sender_email'];
$auto_message = $_POST['auto_message'];
$auto_subject = $_POST['auto_subject'];
if (check_user_data($tpl)) {
//list($fname, $lname) = explode(" ", $sender_name);
$query = <<<SQL_QUERY
update
email_tpls
set
subject = ?,
message = ?
where
owner_id = ?
and
name = 'add-user-auto-msg'
SQL_QUERY;
$rs = exec_query($sql, $query, array($auto_subject, $auto_message, $user_id));
// $_SESSION['email_updated'] = 1;
set_page_message(tr('Email Updated!'));
// Header("Location: manage_users.php");
// die();
}
}
}
function update_email_data(&$tpl, &$sql)
{
global $sender_name, $sender_email;
global $auto_message1, $auto_subject1;
global $auto_message2, $auto_subject2;
$user_id = $_SESSION['user_id'];
if (isset($_POST['uaction']) && $_POST['uaction'] === 'lostpw_email_setup') {
$sender_name = $_POST['sender_name'];
$sender_email = $_POST['sender_email'];
$auto_message1 = $_POST['auto_message1'];
$auto_subject1 = $_POST['auto_subject1'];
$auto_message2 = $_POST['auto_message2'];
$auto_subject2 = $_POST['auto_subject2'];
if (check_user_data($tpl)) {
// list($fname, $lname) = explode(" ", $sender_name);
// Update email 1
$query = <<<SQL_QUERY
update email_tpls set
subject = ?,
message = ?
where
owner_id = ?
and
name = 'lostpw-msg-1'
SQL_QUERY;
$rs = exec_query($sql, $query, array($auto_subject1, $auto_message1, $user_id));
// Update email 2
$query = <<<SQL_QUERY
update email_tpls set
subject = ?,
message = ?
where
owner_id = ?
and
name = 'lostpw-msg-2'
SQL_QUERY;
$rs = exec_query($sql, $query, array($auto_subject2, $auto_message2, $user_id));
set_page_message(tr('Auto email template data updated!'));
// Header("Location: users.php");
// die();
}
}
}
