tunablesListRequestCheck($ctrl_dir, "delheaders");
tunablesTextareaRequestCheck($ctrl_dir, "footer");
tunablesSUBTextareaRequestCheck($list_dir, "sub");
tunablesUNSUBTextareaRequestCheck($list_dir, "unsub");
tunablesWABooleanRequestCheck($list_dir, "webarchive");
tunablesTextareaRequestCheck($list_dir, "rcfile");
tunablesWABooleanRequestCheck($ctrl_dir, "spammode");
tunablesWABooleanActionsRequestCheck($list_dir);
}
//////////////////////////////////
// $edit_domain $editmail_login
//////////////////////////////////
if (isset($_REQUEST["dellist"]) && $_REQUEST["dellist"] == "Del") {
checkLoginPassAndDomain($adm_login, $adm_pass, $edit_domain);
// Verify strings given
if (!isMailbox($_REQUEST["edit_mailbox"])) {
die($_REQUEST["edit_mailbox"] . _(" does not look like a mailbox login..."));
}
//Some vars
$name = $_REQUEST["edit_mailbox"];
$admin_path = getAdminPath($adm_login);
$folder_name = $edit_domain . "_" . $name;
$list_full_path = $admin_path . "/" . $edit_domain . "/lists/" . $folder_name;
//I delete all files of this mailing list
$del_spool = "rm /var/spool/mlmmj/" . $folder_name;
exec($del_spool);
$del_etc = "rm -rf /etc/mlmmj/lists/" . $folder_name;
exec($del_etc);
$del_ml = "rm -rf " . $list_full_path;
exec($del_ml);
// i need to add the postfix's aliases deletion
function validateWaitingUser($waiting_login_id)
{
global $conf_administrative_site;
global $conf_use_ssl;
global $pro_mysql_admin_table;
global $pro_mysql_client_table;
global $pro_mysql_new_admin_table;
global $pro_mysql_product_table;
global $pro_mysql_vps_ip_table;
global $pro_mysql_vps_server_table;
global $pro_mysql_completedorders_table;
global $pro_mysql_domain_table;
global $dtcshared_path;
global $txt_userwaiting_account_activated_subject;
global $txt_userwaiting_account_activated_text_header;
global $conf_site_root_host_path;
global $conf_demo_version;
global $conf_use_ssl;
global $conf_webmaster_email_addr;
global $conf_this_server_country_code;
global $conf_message_subject_header;
global $console;
//get affiliate cookie
if (isset($_COOKIE["affiliate"]) && isMailbox($affiliatename)) {
$affiliatename = $_COOKIE["affiliate"];
}
if (isset($affiliatename)) {
//Step 1: validate that the affiliatename exists
$q = "SELECT * FROM {$pro_mysql_admin_table} WHERE adm_login='******';";
$r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
if (mysql_num_rows($r) != 1) {
unset($affiliatename);
}
// at this point, we should have an affiliatename
}
// Get the informations from the user waiting table
$q = "SELECT * FROM {$pro_mysql_new_admin_table} WHERE id='{$waiting_login_id}';";
// $q = "SELECT * FROM $pro_mysql_new_admin_table WHERE reqadm_login='******';";
$r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n != 1) {
die("I can't find username with id {$waiting_login_id} in the userwaiting table line: " . __LINE__ . " file: " . __FILE__ . "!");
}
$a = mysql_fetch_array($r);
$waiting_login = $a["reqadm_login"];
$last_used_lang = $a["last_used_lang"];
// Check if there is a user by that name
$q = "SELECT * FROM {$pro_mysql_admin_table} WHERE adm_login='******';";
$r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($a["add_service"] == "yes") {
if ($n != 1) {
die("There is no user with name {$waiting_login} in database: I can't add a service to it line: " . __LINE__ . " file: " . __FILE__ . "!");
}
$existing_admin = mysql_fetch_array($r);
$cid = $existing_admin["id_client"];
$vps_root_pass = $existing_admin["adm_pass"];
} else {
if ($n != 0) {
die("There is already a user with name {$waiting_login} in database: I can't add another one line: " . __LINE__ . " file: " . __FILE__ . "!");
}
$vps_root_pass = $a["reqadm_pass"];
}
// Calculate user's path with default path
$newadmin_path = $conf_site_root_host_path . "/" . $waiting_login;
// Create admin's directory
if ($conf_demo_version == "no" && $a["add_service"] != "yes") {
$oldumask = umask(0);
if (!file_exists($newadmin_path)) {
mkdir("{$newadmin_path}", 0750);
$console .= "mkdir {$newadmin_path};<br>";
}
}
// Get the informations from the product table
$q2 = "SELECT * FROM {$pro_mysql_product_table} WHERE id='" . $a["product_id"] . "'";
$r2 = mysql_query($q2) or die("Cannot execute query \"{$q2}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
$n2 = mysql_num_rows($r2);
if ($n2 != 1) {
die("I can't find the product in the table line: " . __LINE__ . " file: " . __FILE__ . "!");
}
$a2 = mysql_fetch_array($r2);
// Add customer's info to production table
if ($a["add_service"] != "yes") {
$adm_query = "INSERT INTO {$pro_mysql_client_table}\n(id,is_company,company_name,vat_num,familyname,christname,addr1,addr2,addr3,\ncity,zipcode,state,country,phone,fax,email,\ndisk_quota_mb,bw_quota_per_month_gb,\nspecial_note) VALUES ('','" . $a["iscomp"] . "',\n'" . addslashes($a["comp_name"]) . "','" . addslashes($a["vat_num"]) . "','" . addslashes($a["family_name"]) . "','" . addslashes($a["first_name"]) . "',\n'" . addslashes($a["addr1"]) . "','" . addslashes($a["addr2"]) . "','" . addslashes($a["addr3"]) . "','" . addslashes($a["city"]) . "',\n'" . addslashes($a["zipcode"]) . "','" . addslashes($a["state"]) . "','" . addslashes($a["country"]) . "','" . addslashes($a["phone"]) . "',\n'" . addslashes($a["fax"]) . "','" . addslashes($a["email"]) . "','" . $a2["quota_disk"] . "','" . $a2["bandwidth"] / 1024 . "',\n'" . addslashes($a["restricted_ftp_path"]) . "','" . addslashes($a["allow_dns_and_mx_change"]) . "',\n'" . addslashes($a["ftp_login_flag"]) . "','" . addslashes($a["allow_mailing_list_edit"]) . "','" . addslashes($a["allow_subdomain_edit"]) . "',\n'" . addslashes($a["custom_notes"]) . "');";
$r = mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
$cid = mysql_insert_id();
}
// Add user in database
$expires = calculateExpirationDate(date("Y-m-d"), $a2["period"]);
if ($a2["heb_type"] == "vps") {
$admtbl_added1 = ",expire,prod_id";
$admtbl_added2 = ",'0000-00-00','0'";
} else {
if ($a2["heb_type"] == "server") {
$admtbl_added1 = ",expire,prod_id";
$admtbl_added2 = ",'0000-00-00','0'";
} else {
$admtbl_added1 = ",expire,prod_id";
$admtbl_added2 = ",'{$expires}','" . $a2["id"] . "'";
$admtbl_added3 = ", expire='{$expires}', prod_id='" . $a2["id"] . "' ";
}
}
if ($a["add_service"] != "yes") {
$adm_query = "INSERT INTO {$pro_mysql_admin_table}\n(adm_login ,adm_pass ,last_used_lang ,path ,id_client,bandwidth_per_month_mb,quota,nbrdb,allow_add_domain,max_domain,restricted_ftp_path,allow_dns_and_mx_change,ftp_login_flag,allow_mailing_list_edit,allow_subdomain_edit,max_email{$admtbl_added1}) VALUES\n('{$waiting_login}','" . $a["reqadm_pass"] . "','{$last_used_lang}','{$newadmin_path}','{$cid}','" . $a2["bandwidth"] . "','" . $a2["quota_disk"] . "','" . $a2["nbr_database"] . "','" . $a2["allow_add_domain"] . "','" . $a2["max_domain"] . "',\n'" . $a2["restricted_ftp_path"] . "','" . $a2["allow_dns_and_mx_change"] . "','" . $a2["ftp_login_flag"] . "','" . $a2["allow_mailing_list_edit"] . "','" . $a2["allow_subdomain_edit"] . "','" . $a2["nbr_email"] . "'{$admtbl_added2});";
mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
} else {
if ($a2["heb_type"] == "shared") {
$adm_query = "UPDATE {$pro_mysql_admin_table}\n\t\t\tSET bandwidth_per_month_mb='" . $a2["bandwidth"] . "', quota='" . $a2["quota_disk"] . "', nbrdb='" . $a2["nbr_database"] . "',\n\t\t\tallow_add_domain='" . $a2["allow_add_domain"] . "', max_domain='" . $a2["max_domain"] . "', restricted_ftp_path='" . $a2["restricted_ftp_path"] . "',\n\t\t\tallow_dns_and_mx_change='" . $a2["allow_dns_and_mx_change"] . "', ftp_login_flag='" . $a2["ftp_login_flag"] . "', allow_mailing_list_edit='" . $a2["allow_mailing_list_edit"] . "',\n\t\t\tallow_subdomain_edit='" . $a2["allow_subdomain_edit"] . "', max_email='" . $a2["nbr_email"] . "' {$admtbl_added3}\n\t\t\tWHERE adm_login='******';";
mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
}
}
if ($a2["heb_type"] == "vps") {
$vps_xen_name = addVPSToUser($waiting_login, $a["vps_location"], $a2["id"], $a["vps_os"]);
$soap_client = connectToVPSServer($a["vps_location"]);
if ($soap_client == false) {
echo "Could not connect to the VPS server for doing the setup: please contact the administrator!";
} else {
$image_type = "lvm";
if (isVPSNodeLVMEnabled($a["vps_location"]) == "no") {
$image_type = "vbd";
}
$r = $soap_client->call("setupLVMDisks", array("vpsname" => $vps_xen_name, "hddsize" => $a2["quota_disk"], "swapsize" => $a2["memory_size"], "imagetype" => $image_type), "", "", "");
$qvps = "SELECT * FROM {$pro_mysql_vps_ip_table} WHERE vps_server_hostname='" . $a["vps_location"] . "' AND vps_xen_name='{$vps_xen_name}' LIMIT 1;";
$rvps = mysql_query($qvps) or die("Cannot execute query \"{$qvps}\" line " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
$nvps = mysql_num_rows($rvps);
if ($nvps != 1) {
echo "Cannot find VPS IP: wont be able to setup the os, please get in touch with the administrator!";
} else {
$avps = mysql_fetch_array($rvps);
$r = $soap_client->call("reinstallVPSos", array("vpsname" => $vps_xen_name, "ostype" => $a["vps_os"], "hddsize" => $a2["quota_disk"], "ramsize" => $a2["memory_size"], "ipaddr" => $avps["ip_addr"], "password" => $vps_root_pass), "", "", "");
$qcountry = "SELECT * FROM {$pro_mysql_vps_server_table} WHERE hostname='" . $a["vps_location"] . "';";
$rcountry = mysql_query($qcountry) or die("Cannot execute query \"{$qcountry}\" line " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
$ncountry = mysql_num_rows($rcountry);
if ($ncountry != 1) {
echo "Cannot find VPS server country!";
$country = 'US';
} else {
$acountry = mysql_fetch_array($rcountry);
$country = $acountry["country_code"];
}
}
}
// Read the (customizable) registration message to send
$txt_welcome_message = readCustomizedMessage("registration_msg/vps_open", $waiting_login);
} else {
if ($a2["heb_type"] == "server") {
// As there is currently no dedicated server provision system, we just do this:
$country = $conf_this_server_country_code;
addDedicatedToUser($waiting_login, $a["domain_name"], $a2["id"]);
// Read the (customizable) registration message to send
$txt_welcome_message = readCustomizedMessage("registration_msg/dedicated_open", $waiting_login);
} else {
$country = $conf_this_server_country_code;
addDomainToUser($waiting_login, $a["reqadm_pass"], $a["domain_name"]);
// Read the (customizable) registration message to send
$txt_welcome_message = readCustomizedMessage("registration_msg/shared_open", $waiting_login);
$q = "UPDATE {$pro_mysql_domain_table} SET max_email='" . $a2["nbr_email"] . "',quota='" . $a2["quota_disk"] . "' WHERE name='" . $a["domain_name"] . "';";
$r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
}
}
// Send a mail to user with how to login and use interface.
$txt_userwaiting_account_activated_subject = "{$conf_message_subject_header} Account {$waiting_login} has been activated!";
// Manage the signature of all registration messages
$signature = readCustomizedMessage("signature", $waiting_login);
$msg_2_send = str_replace("%%%SIGNATURE%%%", $signature, $txt_welcome_message);
// Manage the login info part of the message
if ($conf_use_ssl == "yes") {
$surl = "s";
} else {
$surl = "";
}
$dtc_login_info = "URL: http{$surl}://{$conf_administrative_site}/dtc/\nLogin: {$waiting_login}\nPassword: "******"reqadm_pass"];
$msg_2_send = str_replace("%%%DTC_LOGIN_INFO%%%", $dtc_login_info, $msg_2_send);
// Manage the header of the messages
$head = readCustomizedMessage("messages_header", $waiting_login);
$msg_2_send = $head . "\n" . $msg_2_send;
$headers = "From: " . $conf_webmaster_email_addr;
mail($a["email"], $txt_userwaiting_account_activated_subject, $msg_2_send, $headers);
// Now add a command to the user so we keep tracks of payments
$q = "INSERT INTO {$pro_mysql_completedorders_table} (id,id_client,domain_name,quantity,date,product_id,payment_id,country_code,last_expiry_date)\n\tVALUES ('','{$cid}','" . $a["domain_name"] . "','1','" . date("Y-m-d") . "','" . $a["product_id"] . "','" . $a["paiement_id"] . "','{$country}','" . date("Y-d-m") . "');";
mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
if (isset($affiliatename)) {
// Step 2) retrieve the kickback from the products table
$kickback = $a2["affiliate_kickback"];
$orderid = mysql_insert_id();
if ($kickback) {
// Step 3) if a kickback exists, store it in the affiliate transaction table
$kickback = 1.0 + $kickback - 1.0;
//cast to float. I hate PHP.
$xxs = "INSERT INTO affiliate_payments (adm_login,order_id,kickback) VALUES('{$affiliatename}',{$orderid},{$kickback});";
mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
}
}
// Finaly delete the user from the userwaiting table
$q = "DELETE FROM {$pro_mysql_new_admin_table} WHERE id='{$waiting_login_id}';";
mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
}
<?php
///////////////////////////////////////////////
// Email account submition to mysql database //
///////////////////////////////////////////////
if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "set_catchall_account") {
checkLoginPassAndDomain($adm_login, $adm_pass, $edit_domain);
if ($_REQUEST["catchall_popup"] == "no-mail-account") {
$q = "UPDATE {$pro_mysql_domain_table} SET catchall_email='' WHERE name='{$edit_domain}';";
$r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said :" . mysql_error());
} else {
if (!isMailbox($_REQUEST["catchall_popup"])) {
$submit_err .= _("Incorect mail login format: it should consist of only lowercase letters, numbers, or the \"-\" sign.<br>\n");
$commit_flag = "no";
} else {
// Check if mail exists...
if ($_REQUEST["catchall_popup"] != "no-mail-account") {
$test_query = "SELECT * FROM {$pro_mysql_pop_table} WHERE id='" . $_REQUEST["catchall_popup"] . "' AND mbox_host='{$edit_domain}'";
$test_result = mysql_query($test_query) or die("Cannot execute query \"{$test_query}\"");
$testnum_rows = mysql_num_rows($test_result);
if ($testnum_rows != 1) {
$submit_err .= _("Mailbox does not exists in database!<br>\n");
$commit_flag = "no";
} else {
$catch = $_REQUEST["catchall_popup"];
writeCatchallDotQmailFile($catch, $edit_domain);
}
} else {
$catch = "";
}
}