Exemplo n.º 1
0
 /**
  * Writes the log infomation out to a predefined logging medium (from $this->method)
  * @author Bobby Allen (ballen@bobbyallen.me)
  * @global db_driver $zdbh The ZPX database handle.
  * @return boolean 
  */
 function writeLog()
 {
     global $zdbh;
     runtime_hook::Execute('OnWriteErrorLog');
     if ($this->method == "screen") {
         die($this->logcode . ' - ' . $this->detail);
     } elseif ($this->method == "file") {
         fs_filehandler::AddTextToFile(ctrl_options::GetSystemOption('logfile'), date('c') . ' - ' . $this->logcode . ' - ' . $this->detail, 1);
     } elseif ($this->method == "email") {
         $email_log = new sys_email();
         $email_log->Subject = "Sentora Error Log";
         $email_log->Body = "" . date('c') . ' - ' . $this->logcode . ' - ' . $this->detail . "";
         $email_log->AddAddress(ctrl_options::GetSystemOption('email_from_address'));
         $email_log->SendEmail();
     } elseif ($this->method == "db") {
         $statement = "INSERT INTO x_logs (lg_user_fk, lg_code_vc, lg_module_vc, lg_detail_tx, lg_stack_tx) VALUES (0, '" . $this->logcode . "', 'NA', '" . $this->detail . "', '" . $this->mextra . "')";
         if ($zdbh->exec($statement)) {
             $retval = true;
         } else {
             $retval = false;
         }
         try {
             $statement = "INSERT INTO x_logs (lg_user_fk, lg_code_vc, lg_module_vc, lg_detail_tx, lg_stack_tx, lg_when_ts) VALUES (0, '" . $this->logcode . "', 'NA', '" . $this->detail . "', '" . $this->mextra . "','" . time() . "')";
             if ($zdbh->exec($statement) > 0) {
                 $retval = true;
             } else {
                 $retval = false;
             }
         } catch (Exception $e) {
             $temp_log_obj->method = "text";
             $temp_log_obj->logcode = "012";
             $temp_log_obj->detail = "Unable to log infomation to the required place (in the database)";
             $temp_log_obj->mextra = $e;
             $temp_log_obj->writeLog();
         }
         return true;
     } else {
         echo $this->logcode . " - " . $this->detail . " - " . $this->mextra;
     }
     return;
 }
Exemplo n.º 2
0
 static function ExecuteCreateClient($uid, $username, $packageid, $groupid, $fullname, $email, $address, $post, $phone, $password, $sendemail, $emailsubject, $emailbody)
 {
     global $zdbh;
     // Check for spaces and remove if found...
     $username = strtolower(str_replace(' ', '', $username));
     $reseller = ctrl_users::GetUserDetail($uid);
     // Check for errors before we continue...
     if (fs_director::CheckForEmptyValue(self::CheckCreateForErrors($username, $packageid, $groupid, $email, $password))) {
         return false;
     }
     runtime_hook::Execute('OnBeforeCreateClient');
     $crypto = new runtime_hash();
     $crypto->SetPassword($password);
     $randomsalt = $crypto->RandomSalt();
     $crypto->SetSalt($randomsalt);
     $secure_password = $crypto->CryptParts($crypto->Crypt())->Hash;
     // No errors found, so we can add the user to the database...
     $sql = $zdbh->prepare("INSERT INTO x_accounts (ac_user_vc, ac_pass_vc, ac_passsalt_vc, ac_email_vc, ac_package_fk, ac_group_fk, ac_usertheme_vc, ac_usercss_vc, ac_reseller_fk, ac_created_ts) VALUES (\n            :username, :password, :passsalt, :email, :packageid, :groupid, :resellertheme, :resellercss, :uid, :time)");
     $sql->bindParam(':uid', $uid);
     $time = time();
     $sql->bindParam(':time', $time);
     $sql->bindParam(':username', $username);
     $sql->bindParam(':password', $secure_password);
     $sql->bindParam(':passsalt', $randomsalt);
     $sql->bindParam(':email', $email);
     $sql->bindParam(':packageid', $packageid);
     $sql->bindParam(':groupid', $groupid);
     $sql->bindParam(':resellertheme', $reseller['usertheme']);
     $sql->bindParam(':resellercss', $reseller['usercss']);
     $sql->execute();
     // Now lets pull back the client ID so that we can add their personal address details etc...
     //$client = $zdbh->query("SELECT * FROM x_accounts WHERE ac_reseller_fk=" . $uid . " ORDER BY ac_id_pk DESC")->Fetch();
     $numrows = $zdbh->prepare("SELECT * FROM x_accounts WHERE ac_reseller_fk=:uid ORDER BY ac_id_pk DESC");
     $numrows->bindParam(':uid', $uid);
     $numrows->execute();
     $client = $numrows->fetch();
     $sql = $zdbh->prepare("INSERT INTO x_profiles (ud_user_fk, ud_fullname_vc, ud_group_fk, ud_package_fk, ud_address_tx, ud_postcode_vc, ud_phone_vc, ud_created_ts) VALUES (:userid, :fullname, :packageid, :groupid, :address, :postcode, :phone, :time)");
     $sql->bindParam(':userid', $client['ac_id_pk']);
     $sql->bindParam(':fullname', $fullname);
     $sql->bindParam(':packageid', $packageid);
     $sql->bindParam(':groupid', $groupid);
     $sql->bindParam(':address', $address);
     $sql->bindParam(':postcode', $post);
     $sql->bindParam(':phone', $phone);
     $time = time();
     $sql->bindParam(':time', $time);
     $sql->execute();
     // Now we add an entry into the bandwidth table, for the user for the upcoming month.
     $sql = $zdbh->prepare("INSERT INTO x_bandwidth (bd_acc_fk, bd_month_in, bd_transamount_bi, bd_diskamount_bi) VALUES (:ac_id_pk, :date, 0, 0)");
     $date = date("Ym", time());
     $sql->bindParam(':date', $date);
     $sql->bindParam(':ac_id_pk', $client['ac_id_pk']);
     $sql->execute();
     // Lets create the client diectories
     fs_director::CreateDirectory(ctrl_options::GetSystemOption('hosted_dir') . $username);
     fs_director::SetFileSystemPermissions(ctrl_options::GetSystemOption('hosted_dir') . $username, 0777);
     fs_director::CreateDirectory(ctrl_options::GetSystemOption('hosted_dir') . $username . "/public_html");
     fs_director::SetFileSystemPermissions(ctrl_options::GetSystemOption('hosted_dir') . $username . "/public_html", 0777);
     fs_director::CreateDirectory(ctrl_options::GetSystemOption('hosted_dir') . $username . "/backups");
     fs_director::SetFileSystemPermissions(ctrl_options::GetSystemOption('hosted_dir') . $username . "/backups", 0777);
     // Send the user account details via. email (if requested)...
     if ($sendemail != 0) {
         if (isset($_SERVER['HTTPS'])) {
             $protocol = 'https://';
         } else {
             $protocol = 'http://';
         }
         $emailsubject = str_replace("{{username}}", $username, $emailsubject);
         $emailsubject = str_replace("{{password}}", $password, $emailsubject);
         $emailsubject = str_replace("{{fullname}}", $fullname, $emailsubject);
         $emailbody = str_replace("{{username}}", $username, $emailbody);
         $emailbody = str_replace("{{password}}", $password, $emailbody);
         $emailbody = str_replace("{{fullname}}", $fullname, $emailbody);
         $emailbody = str_replace('{{controlpanelurl}}', $protocol . ctrl_options::GetSystemOption('MADmin_domain'), $emailbody);
         $phpmailer = new sys_email();
         $phpmailer->Subject = $emailsubject;
         $phpmailer->Body = $emailbody;
         $phpmailer->AddAddress($email);
         $phpmailer->SendEmail();
     }
     runtime_hook::Execute('OnAfterCreateClient');
     self::$resetform = true;
     self::$ok = true;
     return true;
 }
Exemplo n.º 3
0
    runtime_csfr::Protect();
    $randomkey = runtime_randomstring::randomHash();
    $forgotPass = runtime_xss::xssClean($_POST['inForgotPassword']);
    $sth = $zdbh->prepare("SELECT ac_id_pk, ac_user_vc, ac_email_vc  FROM x_accounts WHERE ac_email_vc = :forgotPass");
    $sth->bindParam(':forgotPass', $forgotPass);
    $sth->execute();
    $rows = $sth->fetchAll();
    if ($rows) {
        $result = $rows['0'];
        $zdbh->exec("UPDATE x_accounts SET ac_resethash_tx = '" . $randomkey . "' WHERE ac_id_pk=" . $result['ac_id_pk'] . "");
        if (isset($_SERVER['HTTPS'])) {
            $protocol = 'https://';
        } else {
            $protocol = 'http://';
        }
        $phpmailer = new sys_email();
        $phpmailer->Subject = "Hosting Panel Password Reset";
        $phpmailer->Body = "Hi " . $result['ac_user_vc'] . ",\n            \nYou, or somebody pretending to be you, has requested a password reset link to be sent for your web hosting control panel login.\n        \nIf you wish to proceed with the password reset on your account, please use the link below to be taken to the password reset page.\n            \n" . $protocol . ctrl_options::GetSystemOption('zpanel_domain') . "/?resetkey=" . $randomkey . "\n\n\n                ";
        $phpmailer->AddAddress($result['ac_email_vc']);
        $phpmailer->SendEmail();
        runtime_hook::Execute('OnRequestForgotPassword');
    }
}
if (isset($_POST['inConfEmail'])) {
    runtime_csfr::Protect();
    $sql = $zdbh->prepare("SELECT ac_id_pk FROM x_accounts WHERE ac_email_vc = :email AND ac_resethash_tx = :resetkey AND ac_resethash_tx IS NOT NULL");
    $sql->bindParam(':email', $_POST['inConfEmail']);
    $sql->bindParam(':resetkey', $_GET['resetkey']);
    $sql->execute();
    $result = $sql->fetch();
    $crypto = new runtime_hash();
Exemplo n.º 4
0
 static function ExecuteCreateClient($uid, $username, $packageid, $groupid, $fullname, $email, $address, $post, $phone, $password, $sendemail, $emailsubject, $emailbody)
 {
     global $zdbh;
     // Check for spaces and remove if found...
     $username = is_array($username) ? implode($username) : $username;
     $username = strtolower(str_replace(' ', '', $username));
     $reseller = ctrl_users::GetUserDetail($uid);
     if (!is_numeric($packageid)) {
         $packageid = self::getPackageIdFix($packageid);
     }
     // Check for errors before we continue...
     if (fs_director::CheckForEmptyValue(self::CheckCreateForErrors($username, $packageid, $groupid, $email, $password))) {
         $errormsg = " ";
         if (self::$alreadyexists) {
             $errormsg .= sprintf(ui_language::translate("That username is already taken (\"%s\"). "), (string) $username);
         }
         if (self::$badname) {
             $errormsg .= sprintf(ui_language::translate("That username is invalid (\"%s\"). "), (string) $username);
         }
         if (self::$badpassword) {
             $errormsg .= sprintf(ui_language::translate("That password doesn't meet the requirements (\"%s\"). "), (string) $password);
         }
         if (self::$userblank) {
             $errormsg .= sprintf(ui_language::translate("The username is empty (\"%s\"). "), (string) $username);
         }
         if (self::$emailblank) {
             $errormsg .= sprintf(ui_language::translate("The email is empty (\"%s\"). "), (string) $email);
         }
         if (self::$passwordblank) {
             $errormsg .= sprintf(ui_language::translate("The password is empty (\"%s\"). "), (string) $password);
         }
         if (self::$packageblank) {
             $errormsg .= sprintf(ui_language::translate("The package is empty (\"%s\"). "), (string) $packageid);
         }
         if (self::$groupblank) {
             $errormsg .= sprintf(ui_language::translate("The group is empty (\"%s\"). "), (string) $groupid);
         }
         return ui_language::translate("Failed the check for valid parameters. ") . $errormsg;
     }
     runtime_hook::Execute('OnBeforeCreateClient');
     $crypto = new runtime_hash();
     $crypto->SetPassword($password);
     $randomsalt = $crypto->RandomSalt();
     $crypto->SetSalt($randomsalt);
     $secure_password = $crypto->CryptParts($crypto->Crypt())->Hash;
     $time = time();
     // No errors found, so we can add the user to the database...
     $sql = $zdbh->prepare("INSERT INTO x_accounts (ac_user_vc, ac_pass_vc, ac_passsalt_vc, ac_email_vc, ac_package_fk, ac_group_fk, ac_usertheme_vc, ac_usercss_vc, ac_reseller_fk, ac_created_ts) VALUES (:username, :password, :passsalt, :email, :packageid, :groupid, :resellertheme, :resellercss, :uid, :time)");
     $sql->bindParam(':uid', $uid);
     $sql->bindParam(':time', $time);
     $sql->bindParam(':username', $username);
     $sql->bindParam(':password', $secure_password);
     $sql->bindParam(':passsalt', $randomsalt);
     $sql->bindParam(':email', $email);
     $sql->bindParam(':packageid', $packageid);
     $sql->bindParam(':groupid', $groupid);
     $sql->bindParam(':resellertheme', $reseller['usertheme']);
     $sql->bindParam(':resellercss', $reseller['usercss']);
     $sql->execute();
     // Now lets pull back the client ID so that we can add their personal address details etc...
     $numrows = $zdbh->prepare("SELECT * FROM x_accounts WHERE ac_reseller_fk=:uid ORDER BY ac_id_pk DESC");
     $numrows->bindParam(':uid', $uid);
     $numrows->execute();
     $client = $numrows->fetch();
     $address = is_array($address) ? implode($address) : $address;
     $post = is_array($post) ? implode($post) : $post;
     $phone = is_array($phone) ? implode($phone) : $phone;
     $time = time();
     $sql = $zdbh->prepare("INSERT INTO x_profiles (ud_user_fk, ud_fullname_vc, ud_group_fk, ud_package_fk, ud_address_tx, ud_postcode_vc, ud_phone_vc, ud_created_ts) VALUES (:userid, :fullname, :packageid, :groupid, :address, :postcode, :phone, :time)");
     $sql->bindParam(':userid', $client['ac_id_pk']);
     $sql->bindParam(':fullname', $fullname);
     $sql->bindParam(':packageid', $packageid);
     $sql->bindParam(':groupid', $groupid);
     $sql->bindParam(':address', $address);
     $sql->bindParam(':postcode', $post);
     $sql->bindParam(':phone', $phone);
     $sql->bindParam(':time', $time);
     $sql->execute();
     // Now we add an entry into the bandwidth table, for the user for the upcoming month.
     $sql = $zdbh->prepare("INSERT INTO x_bandwidth (bd_acc_fk, bd_month_in, bd_transamount_bi, bd_diskamount_bi) VALUES (:ac_id_pk, :date, 0, 0)");
     $date = date("Ym", time());
     $sql->bindParam(':date', $date);
     $sql->bindParam(':ac_id_pk', $client['ac_id_pk']);
     $sql->execute();
     // Lets create the client diectories
     fs_director::CreateDirectory(ctrl_options::GetSystemOption('hosted_dir') . $username);
     fs_director::SetFileSystemPermissions(ctrl_options::GetSystemOption('hosted_dir') . $username, 0777);
     fs_director::CreateDirectory(ctrl_options::GetSystemOption('hosted_dir') . $username . "/public_html");
     fs_director::SetFileSystemPermissions(ctrl_options::GetSystemOption('hosted_dir') . $username . "/public_html", 0777);
     fs_director::CreateDirectory(ctrl_options::GetSystemOption('hosted_dir') . $username . "/backups");
     fs_director::SetFileSystemPermissions(ctrl_options::GetSystemOption('hosted_dir') . $username . "/backups", 0777);
     // Send the user account details via. email (if requested)...
     if ($sendemail != 0) {
         if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') {
             $protocol = 'https://';
         } else {
             $protocol = 'http://';
         }
         $domain = empty(ctrl_options::GetSystemOption('zpanel_domain')) ? ctrl_options::GetSystemOption('sentora_domain') : ctrl_options::GetSystemOption('zpanel_domain');
         $emailsubject = str_replace("{{username}}", $username, $emailsubject);
         $emailsubject = str_replace("{{password}}", $password, $emailsubject);
         $emailsubject = str_replace("{{fullname}}", $fullname, $emailsubject);
         $emailbody = str_replace("{{username}}", $username, $emailbody);
         $emailbody = str_replace("{{password}}", $password, $emailbody);
         $emailbody = str_replace("{{fullname}}", $fullname, $emailbody);
         $emailbody = str_replace('{{controlpanelurl}}', $protocol . $domain, $emailbody);
         $phpmailer = new sys_email();
         $phpmailer->Subject = $emailsubject;
         $phpmailer->Body = $emailbody;
         $phpmailer->AddAddress($email);
         $phpmailer->SendEmail();
     }
     runtime_hook::Execute('OnAfterCreateClient');
     self::$resetform = true;
     self::$ok = true;
     return true;
 }