/**
* Extract and show data for hosting plans
* @param EasySCP_TemplateEngine $tpl
* @param int $reseller_id
*/
function gen_hp_table($tpl, $reseller_id)
{
global $external_event;
$sql = EasySCP_Registry::get('Db');
$cfg = EasySCP_Registry::get('Config');
if (isset($cfg->HOSTING_PLANS_LEVEL) && $cfg->HOSTING_PLANS_LEVEL === 'admin') {
$query = "\n\t\t\tSELECT\n\t\t\t\tt1.`id`, t1.`reseller_id`, t1.`name`, t1.`props`, t1.`status`,\n\t\t\t\tt2.`admin_id`, t2.`admin_type`\n\t\t\tFROM\n\t\t\t\t`hosting_plans` AS t1,\n\t\t\t\t`admin` AS t2\n\t\t\tWHERE\n\t\t\t\tt2.`admin_type` = ?\n\t\t\tAND\n\t\t\t\tt1.`reseller_id` = t2.`admin_id`\n\t\t\tAND\n\t\t\t\tt1.`status` = 1\n\t\t\tORDER BY\n\t\t\t\tt1.`name`\n\t\t";
$rs = exec_query($sql, $query, 'admin');
$tr_edit = tr('View details');
$tpl->assign('HP_MENU_ADD', '');
} else {
$query = "\n\t\t\tSELECT\n\t\t\t\t`id`, `name`, `props`, `status`\n\t\t\tFROM\n\t\t\t\t`hosting_plans`\n\t\t\tWHERE\n\t\t\t\t`reseller_id` = ?\n\t\t\tORDER BY\n\t\t\t\t`name`\n\t\t";
$rs = exec_query($sql, $query, $reseller_id);
}
if ($rs->rowCount() == 0) {
set_page_message(tr('Hosting plans not found!'), 'info');
$tpl->assign('HP_TABLE', '');
} else {
// There is data for hosting plans :-)
if ($external_event == '_off_') {
$tpl->assign('HP_MESSAGE', '');
}
$tpl->assign(array('TR_HOSTING_PLANS' => tr('Hosting plans'), 'TR_NOM' => tr('No.'), 'TR_EDIT' => tr('Edit'), 'TR_DELETE' => tr('Delete'), 'PLAN_SHOW' => tr('Show hosting plan'), 'TR_PLAN_NAME' => tr('Name'), 'TR_ACTION' => tr('Actions')));
$coid = isset($cfg->CUSTOM_ORDERPANEL_ID) ? $cfg->CUSTOM_ORDERPANEL_ID : '';
$i = 1;
while ($data = $rs->fetchRow()) {
$status = $data['status'] ? tr('Enabled') : tr('Disabled');
$tpl->append(array('PLAN_NOM' => $i++, 'PLAN_NAME' => tohtml($data['name']), 'PLAN_NAME2' => addslashes(clean_html($data['name'])), 'PURCHASING' => $status, 'CUSTOM_ORDERPANEL_ID' => $coid, 'HP_ID' => $data['id'], 'RESELLER_ID' => $_SESSION['user_id']));
}
}
}
/**
* @param EasySCP_TemplateEngine $tpl
* @param int $reseller_id
* @param string $reseller_name
*/
function generate_page($tpl, $reseller_id, $reseller_name)
{
global $rid;
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
$start_index = 0;
$rows_per_page = $cfg->DOMAIN_ROWS_PER_PAGE;
if (isset($_GET['psi'])) {
$start_index = $_GET['psi'];
} else {
if (isset($_POST['psi'])) {
$start_index = $_POST['psi'];
}
}
$tpl->assign(array('POST_PREV_PSI' => $start_index));
// count query
$count_query = "\n\t\tSELECT\n\t\t\tCOUNT(`admin_id`) AS cnt\n\t\tFROM\n\t\t\t`admin`\n\t\tWHERE\n\t\t\t`admin_type` = 'user'\n\t\tAND\n\t\t\t`created_by` = ?\n\t";
$query = <<<SQL_QUERY
\t\tSELECT
\t\t\t`admin_id`
\t\tFROM
\t\t\t`admin`
\t\tWHERE
\t\t\t`admin_type` = 'user'
\t\tAND
\t\t\t`created_by` = ?
\t\tORDER BY
\t\t\t`admin_name` DESC
\t\tLIMIT
\t\t\t{$start_index}, {$rows_per_page}
SQL_QUERY;
$rs = exec_query($sql, $count_query, $reseller_id);
$records_count = $rs->fields['cnt'];
$rs = exec_query($sql, $query, $reseller_id);
$tpl->assign(array('RESELLER_NAME' => tohtml($reseller_name), 'RESELLER_ID' => $reseller_id));
if ($rs->rowCount() == 0) {
$tpl->assign(array('DOMAIN_LIST' => '', 'SCROLL_PREV' => '', 'SCROLL_NEXT' => ''));
} else {
$prev_si = $start_index - $rows_per_page;
if ($start_index == 0) {
$tpl->assign('SCROLL_PREV', '');
} else {
$tpl->assign(array('SCROLL_PREV_GRAY' => '', 'PREV_PSI' => $prev_si, 'RID' => $rid));
}
$next_si = $start_index + $rows_per_page;
if ($next_si + 1 > $records_count) {
$tpl->assign('SCROLL_NEXT', '');
} else {
$tpl->assign(array('SCROLL_NEXT_GRAY' => '', 'NEXT_PSI' => $next_si, 'RID' => $rid));
}
$row = 1;
while (!$rs->EOF) {
$admin_id = $rs->fields['admin_id'];
$query = "\n\t\t\t\tSELECT\n\t\t\t\t\t`domain_id`\n\t\t\t\tFROM\n\t\t\t\t\t`domain`\n\t\t\t\tWHERE\n\t\t\t\t\t`domain_admin_id` = ?\n\t\t\t;";
$dres = exec_query($sql, $query, $admin_id);
generate_domain_entry($tpl, $dres->fields['domain_id'], $row++);
$rs->moveNext();
}
}
}
/**
* @param EasySCP_TemplateEngine $tpl
* @param EasySCP_Database $sql
* @param int $dmn_id
*/
function gen_pgroups($tpl, $sql, &$dmn_id)
{
$cfg = EasySCP_Registry::get('Config');
$query = "\n\t\tSELECT\n\t\t\t*\n\t\tFROM\n\t\t\t`htaccess_groups`\n\t\tWHERE\n\t\t\t`dmn_id` = ?\n\t\tORDER BY\n\t\t\t`dmn_id` DESC\n\t";
$rs = exec_query($sql, $query, $dmn_id);
if ($rs->recordCount() == 0) {
$tpl->assign('GROUP_MESSAGE', tr('You have no groups!'));
} else {
while (!$rs->EOF) {
$tpl->append(array('GNAME' => tohtml($rs->fields['ugroup']), 'GSTATUS' => translate_dmn_status($rs->fields['status']), 'GROUP_ID' => $rs->fields['id'], 'GROUP_DELETE' => tr('Delete'), 'GROUP_DELETE_SCRIPT' => $rs->fields['status'] === $cfg->ITEM_OK_STATUS && $rs->fields['ugroup'] != $cfg->AWSTATS_GROUP_AUTH ? "action_delete('protected_group_delete.php?gname=" . $rs->fields['id'] . "', '" . $rs->fields['ugroup'] . "')" : tr('N/A')));
if ($rs->fields['members'] != '') {
$group_members = '';
$members = explode(',', $rs->fields['members']);
$cnt_members = count($members);
for ($i = 0; $i < $cnt_members; $i++) {
$query = "\n\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\t`uname`\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t`htaccess_users`\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`id` = ?\n\t\t\t\t\t";
$rs_members = exec_query($sql, $query, $members[$i]);
if ($cnt_members == 1 || $cnt_members == $i + 1) {
$group_members .= tohtml($rs_members->fields['uname']);
} else {
$group_members .= tohtml($rs_members->fields['uname']) . ', ';
}
}
$tpl->append('MEMBER', $group_members);
} else {
$tpl->append('MEMBER', '');
}
$rs->moveNext();
}
}
}
function pedit_user($tpl, $sql, &$dmn_id, &$uuser_id)
{
$cfg = EasySCP_Registry::get('Config');
if (isset($_POST['uaction']) && $_POST['uaction'] == 'modify_user') {
// we have to add the user
if (isset($_POST['pass']) && isset($_POST['pass_rep'])) {
if (!chk_password($_POST['pass'])) {
if ($cfg->PASSWD_STRONG) {
set_page_message(sprintf(tr('The password must be at least %s chars long and contain letters and numbers to be valid.'), $cfg->PASSWD_CHARS), 'warning');
} else {
set_page_message(sprintf(tr('Password data is shorter than %s signs or includes not permitted signs!'), $cfg->PASSWD_CHARS), 'warning');
}
return;
}
if ($_POST['pass'] !== $_POST['pass_rep']) {
set_page_message(tr('Passwords do not match!'), 'warning');
return;
}
$nadmin_password = crypt_user_pass_with_salt($_POST['pass']);
$change_status = $cfg->ITEM_CHANGE_STATUS;
$query = "\n\t\t\t\tUPDATE\n\t\t\t\t\t`htaccess_users`\n\t\t\t\tSET\n\t\t\t\t\t`upass` = ?,\n\t\t\t\t\t`status` = ?\n\t\t\t\tWHERE\n\t\t\t\t\t`dmn_id` = ?\n\t\t\t\tAND\n\t\t\t\t\t`id` = ?\n\t\t\t";
exec_query($sql, $query, array($nadmin_password, $change_status, $dmn_id, $uuser_id));
send_request();
$query = "\n\t\t\t\tSELECT\n\t\t\t\t\t`uname`\n\t\t\t\tFROM\n\t\t\t\t\t`htaccess_users`\n\t\t\t\tWHERE\n\t\t\t\t\t`dmn_id` = ?\n\t\t\t\tAND\n\t\t\t\t\t`id` = ?\n\t\t\t";
$rs = exec_query($sql, $query, array($dmn_id, $uuser_id));
$uname = $rs->fields['uname'];
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: modify user ID (protected areas): {$uname}");
user_goto('protected_user_manage.php');
}
} else {
return;
}
}
/**
* Generates a page message if something terribly goes wrong.
*
* @todo possible session injection, check $_SESSION['user_theme'] for valid
* value
*
* @param String $msg Message Content
* @param String $type Message Type (notice, warning, error, success)
* @param string $backButtonDestination Destiation where to go on back link
* click
*/
function system_message($msg, $type = 'error', $backButtonDestination = '')
{
$cfg = EasySCP_Registry::get('Config');
$theme_color = isset($_SESSION['user_theme']) ? $_SESSION['user_theme'] : $cfg->USER_INITIAL_THEME;
if (empty($backButtonDestination)) {
$backButtonDestination = "javascript:history.go(-1)";
}
$tpl = EasySCP_TemplateEngine::getInstance();
// If we are on the login page, path will be like this
$template = 'system-message.tpl';
if (!is_file($tpl->get_template_dir() . '/' . $template)) {
// But if we're inside the panel it will be like this
$template = '../system-message.tpl';
}
if (!is_file($tpl->get_template_dir() . '/' . $template)) {
// And if we don't find the template, we'll just displaying error
// message
throw new EasySCP_Exception($msg);
}
// Small workaround to be able to use the system_message() function during
// EasySCP initialization process without i18n support
if (function_exists('tr')) {
$tpl->assign(array('TR_PAGE_TITLE' => tr('EasySCP Error'), 'TR_BACK' => tr('Back'), 'TR_ERROR_MESSAGE' => tr('Error Message'), 'MESSAGE' => $msg, 'MSG_TYPE' => $type, 'BACKBUTTONDESTINATION' => $backButtonDestination, 'TR_LOGIN' => tr('Login'), 'TR_USERNAME' => tr('Username'), 'TR_PASSWORD' => tr('Password'), 'TR_LOSTPW' => tr('Lost password'), 'TR_WEBMAIL_SSL_LINK' => 'webmail', 'TR_FTP_SSL_LINK' => 'ftp', 'TR_PMA_SSL_LINK' => 'pma'));
} else {
$tpl->assign(array('TR_PAGE_TITLE' => 'EasySCP Error', 'TR_BACK' => 'Back', 'TR_ERROR_MESSAGE' => 'Error Message', 'MESSAGE' => $msg, 'MSG_TYPE' => $type, 'BACKBUTTONDESTINATION' => $backButtonDestination, 'TR_LOGIN' => 'Login', 'TR_USERNAME' => 'Username', 'TR_PASSWORD' => 'Password', 'TR_LOSTPW' => 'Lost password', 'TR_WEBMAIL_SSL_LINK' => 'webmail', 'TR_FTP_SSL_LINK' => 'ftp', 'TR_PMA_SSL_LINK' => 'pma'));
}
$tpl->display($template);
exit;
}
/**
* @param EasySCP_TemplateEngine $tpl
*/
function add_ip($tpl)
{
$cfg = EasySCP_Registry::get('Config');
if (isset($_POST['uaction']) && $_POST['uaction'] === 'add_ip') {
if (check_user_data()) {
$sql_param = array(':ip_number' => trim($_POST['ip_number_1']) . '.' . trim($_POST['ip_number_2']) . '.' . trim($_POST['ip_number_3']) . '.' . trim($_POST['ip_number_4']), ':ip_number_v6' => trim($_POST['ipv6']), ':ip_domain' => htmlspecialchars(trim($_POST['domain']), ENT_QUOTES, 'UTF-8'), ':ip_alias' => htmlspecialchars(trim($_POST['alias']), ENT_QUOTES, 'UTF-8'), ':ip_card' => htmlspecialchars(trim($_POST['ip_card']), ENT_QUOTES, 'UTF-8'), ':ip_ssl_domain_id' => NULL, ':ip_status' => $cfg->ITEM_OK_STATUS);
$sql_query = "\n\t\t\t\tINSERT INTO\n\t\t\t\t\tserver_ips (ip_number, ip_number_v6, ip_domain, ip_alias, ip_card, ip_ssl_domain_id, ip_status)\n\t\t\t\tVALUES\n\t\t\t\t\t(:ip_number, :ip_number_v6, :ip_domain, :ip_alias, :ip_card, :ip_ssl_domain_id, :ip_status)\n\t\t\t";
DB::prepare($sql_query);
DB::execute($sql_param)->closeCursor();
// todo Prüfen wie man das zukünftig behandeln soll
// send_request();
set_page_message(tr('New IP was added!'), 'success');
write_log('{' . $_SESSION['user_logged'] . '}: adds new IPv4 address: {' . trim($_POST['ip_number_1']) . '.' . trim($_POST['ip_number_2']) . '.' . trim($_POST['ip_number_3']) . '.' . trim($_POST['ip_number_4']) . '}!');
if (isset($_POST['ipv6']) && $_POST['ipv6'] != '') {
write_log('{' . $_SESSION['user_logged'] . '}: adds new IPv6 address: {' . trim($_POST['ipv6']) . '}!');
}
$sucess = true;
}
}
if (!isset($sucess) && isset($_POST['ip_number_1'])) {
$tpl->assign(array('VALUE_IP1' => tohtml($_POST['ip_number_1']), 'VALUE_IP2' => tohtml($_POST['ip_number_2']), 'VALUE_IP3' => tohtml($_POST['ip_number_3']), 'VALUE_IP4' => tohtml($_POST['ip_number_4']), 'VALUE_IPv6' => tohtml($_POST['ipv6']), 'VALUE_DOMAIN' => clean_input($_POST['domain'], true), 'VALUE_ALIAS' => clean_input($_POST['alias'], true)));
} else {
$tpl->assign(array('VALUE_IP1' => '', 'VALUE_IP2' => '', 'VALUE_IP3' => '', 'VALUE_IP4' => '', 'VALUE_IPv6' => '', 'VALUE_DOMAIN' => '', 'VALUE_ALIAS' => ''));
}
}
/**
* @todo What's about the outcommented code?
*/
function update_server_settings()
{
$sql = EasySCP_Registry::get('Db');
if (!isset($_POST['uaction']) && !isset($_POST['uaction'])) {
return;
}
/*global $data;
$match = array();
preg_match("/^(-1|0|[1-9][0-9]*)$/D", $data, $match);*/
$max_traffic = clean_input($_POST['max_traffic']);
$traffic_warning = $_POST['traffic_warning'];
if (!is_numeric($max_traffic) || !is_numeric($traffic_warning)) {
set_page_message(tr('Wrong data input!'), 'warning');
}
if ($traffic_warning > $max_traffic) {
set_page_message(tr('Warning traffic is bigger than max traffic!'), 'warning');
return;
}
if ($max_traffic < 0) {
$max_traffic = 0;
}
if ($traffic_warning < 0) {
$traffic_warning = 0;
}
$query = "\n\t\tUPDATE\n\t\t\t`straff_settings`\n\t\tSET\n\t\t\t`straff_max` = ?,\n\t\t\t`straff_warn` = ?\n\t";
exec_query($sql, $query, array($max_traffic, $traffic_warning));
set_page_message(tr('Server traffic settings updated successfully!'), 'success');
}
public static function check_udata($id, $pass)
{
$sql = EasySCP_Registry::get('Db');
$query = "\n\t\t\tSELECT\n\t\t\t\t`admin_id`, `admin_pass`\n\t\t\tFROM\n\t\t\t\t`admin`\n\t\t\tWHERE\n\t\t\t\t`admin_id` = ?\n\t\t\tAND\n\t\t\t\t`admin_pass` = ?\n\t\t";
$rs = exec_query($sql, $query, array($id, md5($pass)));
return $rs->recordCount() != 1 ? false : true;
}
/**
* Get an EasySCP_Registry instance
*
* Returns an {@link EasySCP_Registry} instance, only creating it if it
* doesn't already exist.
*
* @return EasySCP_Registry An EasySCP_Registry instance
*/
public static function getInstance()
{
if (is_null(self::$_instance)) {
self::$_instance = new self();
}
return self::$_instance;
}
function padd_group($tpl, $sql, $dmn_id)
{
$cfg = EasySCP_Registry::get('Config');
if (isset($_POST['uaction']) && $_POST['uaction'] == 'add_group') {
// we have to add the group
if (isset($_POST['groupname'])) {
if (!validates_username($_POST['groupname'])) {
set_page_message(tr('Invalid group name!'), 'warning');
return;
}
$groupname = $_POST['groupname'];
$query = "\n\t\t\t\tSELECT\n\t\t\t\t\t`id`\n\t\t\t\tFROM\n\t\t\t\t\t`htaccess_groups`\n\t\t\t\tWHERE\n\t\t\t\t\t`ugroup` = ?\n\t\t\t\tAND\n\t\t\t\t\t`dmn_id` = ?\n\t\t\t";
$rs = exec_query($sql, $query, array($groupname, $dmn_id));
if ($rs->recordCount() == 0) {
$change_status = $cfg->ITEM_ADD_STATUS;
$query = "\n\t\t\t\t\tINSERT INTO `htaccess_groups`\n\t\t\t\t\t\t(`dmn_id`, `ugroup`, `status`)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t(?, ?, ?)\n\t\t\t\t";
exec_query($sql, $query, array($dmn_id, $groupname, $change_status));
send_request();
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: add group (protected areas): {$groupname}");
user_goto('protected_user_manage.php');
} else {
set_page_message(tr('Group already exists!'), 'error');
return;
}
} else {
set_page_message(tr('Invalid group name!'), 'error');
return;
}
} else {
return;
}
}
/**
* @param EasySCP_TemplateEngine $tpl
* @param int $user_id
*/
function gen_admin_personal_data($tpl, $user_id)
{
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
$query = "\n\t\tSELECT\n\t\t\t`fname`,\n\t\t\t`lname`,\n\t\t\t`gender`,\n\t\t\t`firm`,\n\t\t\t`zip`,\n\t\t\t`city`,\n\t\t\t`state`,\n\t\t\t`country`,\n\t\t\t`street1`,\n\t\t\t`street2`,\n\t\t\t`email`,\n\t\t\t`phone`,\n\t\t\t`fax`\n\t\tFROM\n\t\t\t`admin`\n\t\tWHERE\n\t\t\t`admin_id` = ?\n\t";
$rs = exec_query($sql, $query, $user_id);
$tpl->assign(array('FIRST_NAME' => empty($rs->fields['fname']) ? '' : tohtml($rs->fields['fname']), 'LAST_NAME' => empty($rs->fields['lname']) ? '' : tohtml($rs->fields['lname']), 'FIRM' => empty($rs->fields['firm']) ? '' : tohtml($rs->fields['firm']), 'ZIP' => empty($rs->fields['zip']) ? '' : tohtml($rs->fields['zip']), 'CITY' => empty($rs->fields['city']) ? '' : tohtml($rs->fields['city']), 'STATE' => empty($rs->fields['state']) ? '' : tohtml($rs->fields['state']), 'COUNTRY' => empty($rs->fields['country']) ? '' : tohtml($rs->fields['country']), 'STREET_1' => empty($rs->fields['street1']) ? '' : tohtml($rs->fields['street1']), 'STREET_2' => empty($rs->fields['street2']) ? '' : tohtml($rs->fields['street2']), 'EMAIL' => empty($rs->fields['email']) ? '' : tohtml($rs->fields['email']), 'PHONE' => empty($rs->fields['phone']) ? '' : tohtml($rs->fields['phone']), 'FAX' => empty($rs->fields['fax']) ? '' : tohtml($rs->fields['fax']), 'VL_MALE' => $rs->fields['gender'] == 'M' ? $cfg->HTML_SELECTED : '', 'VL_FEMALE' => $rs->fields['gender'] == 'F' ? $cfg->HTML_SELECTED : '', 'VL_UNKNOWN' => $rs->fields['gender'] == 'U' || empty($rs->fields['gender']) ? $cfg->HTML_SELECTED : ''));
}
function set_email_tpl_data($admin_id, $tpl_name, $data)
{
$sql = EasySCP_Registry::get('Db');
$query = "\n\t\tSELECT\n\t\t\t`subject`, `message`\n\t\tFROM\n\t\t\t`email_tpls`\n\t\tWHERE\n\t\t\t`owner_id` = ?\n\t\tAND\n\t\t\t`name` = ?\n\t";
$rs = exec_query($sql, $query, array($admin_id, $tpl_name));
if ($rs->rowCount() == 0) {
$query = "\n\t\t\tINSERT INTO `email_tpls`\n\t\t\t\t(`subject`, `message`, `owner_id`, `name`)\n\t\t\tVALUES\n\t\t\t\t(?, ?, ?, ?)\n\t\t";
} else {
$query = "\n\t\t\tUPDATE\n\t\t\t\t`email_tpls`\n\t\t\tSET\n\t\t\t\t`subject` = ?,\n\t\t\t\t`message` = ?\n\t\t\tWHERE\n\t\t\t\t`owner_id` = ?\n\t\t\tAND\n\t\t\t\t`name` = ?\n\t\t";
}
exec_query($sql, $query, array($data['subject'], $data['message'], $admin_id, $tpl_name));
}
function check_udata($id, $pass)
{
$sql = EasySCP_Registry::get('Db');
$query = "\n\t\tSELECT\n\t\t\t`admin_name`, `admin_pass`\n\t\tFROM\n\t\t\t`admin`\n\t\tWHERE\n\t\t\t`admin_id` = ?\n\t";
$rs = exec_query($sql, $query, $id);
if ($rs->recordCount() == 1) {
$rs = $rs->fetchRow();
if (crypt($pass, $rs['admin_pass']) == $rs['admin_pass'] || md5($pass) == $rs['admin_pass']) {
return true;
}
}
return false;
}
/**
* @todo use template(s) instead of hardcoded XHTML
* @param object $tpl EasySCP_TemplateEngine instance
* @param object $sql EasySCP_Database instance
* @param int $user_id
* @param bool encode
*/
function gen_purchase_haf($tpl, $sql, $user_id, $encode = false)
{
$cfg = EasySCP_Registry::get('Config');
$query = "\n\t\tSELECT\n\t\t\t`header`, `footer`\n\t\tFROM\n\t\t\t`orders_settings`\n\t\tWHERE\n\t\t\t`user_id` = ?\n\t\t;\n\t";
$rs = exec_query($sql, $query, $user_id);
if ($rs->recordCount() == 0) {
$THEME_CHARSET = tr('encoding');
$title = tr("EasySCP - Order Panel");
$THEME_COLOR_PATH = $cfg->LOGIN_TEMPLATE_PATH;
$header = <<<RIC
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" xml:lang="en">
<head>
\t<title>{$title}</title>
\t<meta http-equiv='Content-Script-Type' content='text/javascript' />
\t<meta http-equiv='Content-Style-Type' content='text/css' />
\t<meta http-equiv='Content-Type' content='text/html; charset={$THEME_CHARSET}' />
\t<meta name='copyright' content='EasySCP' />
\t<meta name='owner' content='EasySCP' />
\t<meta name='publisher' content='EasySCP' />
\t<meta name='robots' content='nofollow, noindex' />
\t<meta name='title' content='{$title}' />
\t<link href="/{$THEME_COLOR_PATH}/css/easyscp.orderpanel.css" rel="stylesheet" type="text/css" />
</head>
<body>
\t<div style="margin: 20px auto;">
\t\t<table style="height: 95%;width: 100%;">
\t\t\t<tr>
\t\t\t\t<td align="center">
RIC;
$footer = <<<RIC
\t\t\t\t</td>
\t\t\t</tr>
\t\t</table>
\t</div>
</body>
</html>
RIC;
} else {
$header = $rs->fields['header'];
$footer = $rs->fields['footer'];
$header = str_replace('\\', '', $header);
$footer = str_replace('\\', '', $footer);
}
if ($encode) {
$header = htmlentities($header, ENT_COMPAT, 'UTF-8');
$footer = htmlentities($footer, ENT_COMPAT, 'UTF-8');
}
$tpl->assign(array('PURCHASE_HEADER' => $header, 'PURCHASE_FOOTER' => $footer));
}
/**
* @param EasySCP_TemplateEngine $tpl
*/
function gen_directories($tpl)
{
$sql = EasySCP_Registry::get('Db');
// Initialize variables
$path = isset($_GET['cur_dir']) ? $_GET['cur_dir'] : '';
$domain = $_SESSION['user_logged'];
// Create the virtual file system and open it so it can be used
$vfs = new EasySCP_VirtualFileSystem($domain, $sql);
// Get the directory listing
$list = $vfs->ls($path);
if (!$list) {
set_page_message(tr('Cannot open directory!<br />Please contact your administrator!'), 'error');
return;
}
// Show parent directory link
$parent = explode(DIRECTORY_SEPARATOR, $path);
array_pop($parent);
$parent = implode(DIRECTORY_SEPARATOR, $parent);
$tpl->append(array('ACTION' => '', 'ACTION_LINK' => 'no', 'ICON' => "parent", 'DIR_NAME' => tr('Parent Directory'), 'CHOOSE_IT' => '', 'LINK' => 'ftp_choose_dir.php?cur_dir=' . $parent));
// Show directories only
foreach ($list as $entry) {
// Skip non-directory entries
if ($entry['type'] != EasySCP_VirtualFileSystem::VFS_TYPE_DIR) {
continue;
}
// Skip '.' and '..'
if ($entry['file'] == '.' || $entry['file'] == '..') {
continue;
}
// Check for .htaccess existence to display another icon
$dr = $path . '/' . $entry['file'];
$tfile = $dr . '/.htaccess';
if ($vfs->exists($tfile)) {
$image = "locked";
} else {
$image = "folder";
}
// Check if folder does not contain a folder that can not be protected
// @todo: valid directories (e.g. /htdocs/disabled/) are excluded (false positive)
$forbiddenDirnames = '/backups|disabled|errors|logs|phptmp/i';
$forbidden = preg_match($forbiddenDirnames, $entry['file']);
if ($forbidden === 1) {
$tpl->append('ACTION_LINK', 'no');
} else {
$tpl->append('ACTION_LINK', 'yes');
}
// Create the directory link
$tpl->append(array('PROTECT_IT' => "protected_areas_add.php?file=" . $dr, 'ICON' => $image, 'DIR_NAME' => tohtml($entry['file']), 'CHOOSE_IT' => $dr, 'LINK' => "ftp_choose_dir.php?cur_dir=" . $dr));
}
}
/**
* Get ftp login credentials
*
* @author William Lightning <*****@*****.**>
* @since 1.1.0
* @access private
* @param string $userid FTP User
* @return array Array that contains login credentials or FALSE on failure
*/
function _getLoginCredentials($userId)
{
/**
* @var $db EasySCP_Database_ResultSet
*/
$db = EasySCP_Registry::get('Db');
// @todo Should be optimized
$query = "\n\t\tSELECT\n\t\t\t`userid`, `net2ftppasswd`\n\t\tFROM\n\t\t\t`ftp_users`, `domain`\n\t\tWHERE\n\t\t\t\t`ftp_users`.`uid` = `domain`.`domain_uid`\n\t\t\tAND\n\t\t\t\t`ftp_users`.`userid` = ?\n\t\t\tAND\n\t\t\t\t`domain`.`domain_admin_id` = ?;\n\t";
$stmt = exec_query($db, $query, array($userId, $_SESSION['user_id']));
if ($stmt->rowCount() == 1) {
return array($stmt->fields['userid'], decrypt_db_password($stmt->fields['net2ftppasswd']));
} else {
return false;
}
}
/**
* @param EasySCP_TemplateEngine $tpl
*/
function generate_page($tpl)
{
global $month, $year;
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
$start_index = 0;
$rows_per_page = $cfg->DOMAIN_ROWS_PER_PAGE;
if (isset($_GET['psi']) && is_numeric($_GET['psi'])) {
$start_index = $_GET['psi'];
} else {
if (isset($_POST['psi']) && is_numeric($_GET['psi'])) {
$start_index = $_POST['psi'];
}
}
$tpl->assign(array('POST_PREV_PSI' => $start_index));
// count query
$count_query = "\n\t\tSELECT\n\t\t\tCOUNT(`admin_id`) AS cnt\n\t\tFROM\n\t\t\t`admin`\n\t\tWHERE\n\t\t\t`admin_type` = 'reseller'\n\t";
$query = "\n\t\tSELECT\n\t\t\t`admin_id`, `admin_name`\n\t\tFROM\n\t\t\t`admin`\n\t\tWHERE\n\t\t\t`admin_type` = 'reseller'\n\t\tORDER BY\n\t\t\t`admin_name` DESC\n\t\tLIMIT\n\t\t\t{$start_index}, {$rows_per_page};\n\t";
$rs = exec_query($sql, $count_query);
$records_count = $rs->fields['cnt'];
$rs = exec_query($sql, $query);
if ($rs->rowCount() == 0) {
set_page_message(tr('There are no resellers in your system!'), 'info');
return;
} else {
$prev_si = $start_index - $rows_per_page;
if ($start_index == 0) {
$tpl->assign('SCROLL_PREV', '');
} else {
$tpl->assign(array('SCROLL_PREV_GRAY' => '', 'PREV_PSI' => $prev_si));
}
$next_si = $start_index + $rows_per_page;
if ($next_si + 1 > $records_count) {
$tpl->assign('SCROLL_NEXT', '');
} else {
$tpl->assign(array('SCROLL_NEXT_GRAY' => '', 'NEXT_PSI' => $next_si));
}
gen_select_lists($tpl, @$month, @$year);
$row = 1;
while (!$rs->EOF) {
generate_reseller_entry($tpl, $rs->fields['admin_id'], $rs->fields['admin_name'], $row++);
$rs->moveNext();
}
}
}
/**
* @param EasySCP_TemplateEngine $tpl
*/
function generate_page($tpl)
{
$sql = EasySCP_Registry::get('Db');
global $month, $year, $day;
$all[0] = 0;
$all[1] = 0;
$all[2] = 0;
$all[3] = 0;
$all[4] = 0;
$all[5] = 0;
$all[6] = 0;
$all[7] = 0;
$all_other_in = 0;
$all_other_out = 0;
$ftm = mktime(0, 0, 0, $month, $day, $year);
$ltm = mktime(0, 0, 0, $month, $day + 1, $year);
$query = "\n\t\tSELECT\n\t\t\tCOUNT(`bytes_in`) AS cnt\n\t\tFROM\n\t\t\t`server_traffic`\n\t\tWHERE\n\t\t\t`traff_time` > ? AND `traff_time` <= ?\n\t";
$rs = exec_query($sql, $query, array($ftm, $ltm));
$dnum = $rs->fields['cnt'];
$query = "\n\t\tSELECT\n\t\t\t`traff_time` AS ttime,\n\t\t\t`bytes_in` AS sbin,\n\t\t\t`bytes_out` AS sbout,\n\t\t\t`bytes_mail_in` AS smbin,\n\t\t\t`bytes_mail_out` AS smbout,\n\t\t\t`bytes_pop_in` AS spbin,\n\t\t\t`bytes_pop_out` AS spbout,\n\t\t\t`bytes_web_in` AS swbin,\n\t\t\t`bytes_web_out` AS swbout\n\t\tFROM\n\t\t\t`server_traffic`\n\t\tWHERE\n\t\t\t`traff_time` > ? AND `traff_time` <= ?\n\t";
$rs1 = exec_query($sql, $query, array($ftm, $ltm));
if ($dnum != 0) {
for ($i = 0; $i < $dnum; $i++) {
// make it in kb mb or bytes :)
$ttime = date('H:i', $rs1->fields['ttime']);
// make other traffic
$other_in = $rs1->fields['sbin'] - ($rs1->fields['swbin'] + $rs1->fields['smbin'] + $rs1->fields['spbin']);
$other_out = $rs1->fields['sbout'] - ($rs1->fields['swbout'] + $rs1->fields['smbout'] + $rs1->fields['spbout']);
$tpl->append(array('HOUR' => $ttime, 'WEB_IN' => sizeit($rs1->fields['swbin']), 'WEB_OUT' => sizeit($rs1->fields['swbout']), 'SMTP_IN' => sizeit($rs1->fields['smbin']), 'SMTP_OUT' => sizeit($rs1->fields['smbout']), 'POP_IN' => sizeit($rs1->fields['spbin']), 'POP_OUT' => sizeit($rs1->fields['spbout']), 'OTHER_IN' => sizeit($other_in), 'OTHER_OUT' => sizeit($other_out), 'ALL_IN' => sizeit($rs1->fields['sbin']), 'ALL_OUT' => sizeit($rs1->fields['sbout']), 'ALL' => sizeit($rs1->fields['sbin'] + $rs1->fields['sbout'])));
$all[0] = $all[0] + $rs1->fields['swbin'];
$all[1] = $all[1] + $rs1->fields['swbout'];
$all[2] = $all[2] + $rs1->fields['smbin'];
$all[3] = $all[3] + $rs1->fields['smbout'];
$all[4] = $all[4] + $rs1->fields['spbin'];
$all[5] = $all[5] + $rs1->fields['spbout'];
$all[6] = $all[6] + $rs1->fields['sbin'];
$all[7] = $all[7] + $rs1->fields['sbout'];
$rs1->moveNext();
}
// end for
$all_other_in = $all[6] - ($all[0] + $all[2] + $all[4]);
$all_other_out = $all[7] - ($all[1] + $all[3] + $all[5]);
}
$tpl->assign(array('WEB_IN_ALL' => sizeit($all[0]), 'WEB_OUT_ALL' => sizeit($all[1]), 'SMTP_IN_ALL' => sizeit($all[2]), 'SMTP_OUT_ALL' => sizeit($all[3]), 'POP_IN_ALL' => sizeit($all[4]), 'POP_OUT_ALL' => sizeit($all[5]), 'OTHER_IN_ALL' => sizeit($all_other_in), 'OTHER_OUT_ALL' => sizeit($all_other_out), 'ALL_IN_ALL' => sizeit($all[6]), 'ALL_OUT_ALL' => sizeit($all[7]), 'ALL_ALL' => sizeit($all[6] + $all[7])));
}
function change_sql_user_pass($sql, $db_user_id, $db_user_name)
{
$cfg = EasySCP_Registry::get('Config');
if (!isset($_POST['uaction'])) {
return;
}
if ($_POST['pass'] === '' && $_POST['pass_rep'] === '') {
set_page_message(tr('Please specify user password!'), 'warning');
return;
}
if ($_POST['pass'] !== $_POST['pass_rep']) {
set_page_message(tr('Entered passwords do not match!'), 'warning');
return;
}
if (strlen($_POST['pass']) > $cfg->MAX_SQL_PASS_LENGTH) {
set_page_message(tr('User password too long!'), 'warning');
return;
}
if (isset($_POST['pass']) && !preg_match('/^[[:alnum:]:!\\*\\+\\#_.-]+$/', $_POST['pass'])) {
set_page_message(tr('Don\'t use special chars like "@, $, %..." in the password!'), 'warning');
return;
}
if (!chk_password($_POST['pass'])) {
if ($cfg->PASSWD_STRONG) {
set_page_message(sprintf(tr('The password must be at least %s chars long and contain letters and numbers to be valid.'), $cfg->PASSWD_CHARS), 'warning');
} else {
set_page_message(sprintf(tr('Password data is shorter than %s signs or includes not permitted signs!'), $cfg->PASSWD_CHARS), 'warning');
}
return;
}
$user_pass = $_POST['pass'];
// update user pass in the EasySCP sql_user table;
$query = "\n\t\tUPDATE\n\t\t\t`sql_user`\n\t\tSET\n\t\t\t`sqlu_pass` = ?\n\t\tWHERE\n\t\t\t`sqlu_name` = ?\n\t";
exec_query($sql, $query, array(encrypt_db_password($user_pass), $db_user_name));
// update user pass in the mysql system tables;
// TODO use prepared statement for $user_pass
$query = "SET PASSWORD FOR '{$db_user_name}'@'%' = PASSWORD('{$user_pass}')";
execute_query($sql, $query);
// TODO use prepared statement for $user_pass
$query = "SET PASSWORD FOR '{$db_user_name}'@localhost = PASSWORD('{$user_pass}')";
execute_query($sql, $query);
write_log($_SESSION['user_logged'] . ": update SQL user password: " . tohtml($db_user_name));
set_page_message(tr('SQL user password was successfully changed!'), 'warning');
user_goto('sql_manage.php');
}
function update_reseller_owner()
{
$sql = EasySCP_Registry::get('Db');
if (isset($_POST['uaction']) && $_POST['uaction'] === 'reseller_owner') {
$query = "\n\t\t\tSELECT\n\t\t\t\t`admin_id`\n\t\t\tFROM\n\t\t\t\t`admin`\n\t\t\tWHERE\n\t\t\t\t`admin_type` = 'reseller'\n\t\t\tORDER BY\n\t\t\t\t`admin_name`\n\t\t";
$rs = execute_query($sql, $query);
while (!$rs->EOF) {
$admin_id = $rs->fields['admin_id'];
$admin_id_var_name = "admin_id_{$admin_id}";
if (isset($_POST[$admin_id_var_name]) && $_POST[$admin_id_var_name] === 'on') {
$dest_admin = $_POST['dest_admin'];
$query = "\n\t\t\t\t\tUPDATE\n\t\t\t\t\t\t`admin`\n\t\t\t\t\tSET\n\t\t\t\t\t\t`created_by` = ?\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`admin_id` = ?\n\t\t\t\t";
exec_query($sql, $query, array($dest_admin, $admin_id));
}
$rs->moveNext();
}
}
}
/**
* @param EasySCP_TemplateEngine $tpl
* @return void
*/
function get_update_infos($tpl)
{
$cfg = EasySCP_Registry::get('Config');
if (EasySCP_Update_Database::getInstance()->checkUpdateExists()) {
$tpl->assign(array('DATABASE_UPDATE' => '<a href="easyscp_updates.php" class="link">' . tr('A database update is available') . '</a>', 'DATABASE_MSG_TYPE' => 'info'));
}
if (!$cfg->CHECK_FOR_UPDATES) {
$tpl->assign(array('UPDATE' => tr('Update checking is disabled!'), 'UPDATE_TYPE' => 'info'));
return false;
}
if (EasyUpdate::checkUpdate()) {
$tpl->assign(array('UPDATE' => '<a href="easyscp_updates.php" class="link">' . tr('New EasySCP update is now available') . '</a>', 'UPDATE_TYPE' => 'info'));
} else {
if (EasySCP_Update_Version::getInstance()->getErrorMessage() != "") {
$tpl->assign(array('UPDATE' => EasySCP_Update_Version::getInstance()->getErrorMessage(), 'UPDATE_TYPE' => 'error'));
}
}
}
function padd_user($tpl, $sql, $dmn_id)
{
$cfg = EasySCP_Registry::get('Config');
if (isset($_POST['uaction']) && $_POST['uaction'] == 'add_user') {
// we have to add the user
if (isset($_POST['username']) && isset($_POST['pass']) && isset($_POST['pass_rep'])) {
if (!validates_username($_POST['username'])) {
set_page_message(tr('Wrong username!'), 'warning');
return;
}
if (!chk_password($_POST['pass'])) {
if ($cfg->PASSWD_STRONG) {
set_page_message(sprintf(tr('The password must be at least %s chars long and contain letters and numbers to be valid.'), $cfg->PASSWD_CHARS), 'warning');
} else {
set_page_message(sprintf(tr('Password data is shorter than %s signs or includes not permitted signs!'), $cfg->PASSWD_CHARS), 'warning');
}
return;
}
if ($_POST['pass'] !== $_POST['pass_rep']) {
set_page_message(tr('Passwords do not match!'), 'warning');
return;
}
$status = $cfg->ITEM_ADD_STATUS;
$uname = clean_input($_POST['username']);
$upass = crypt_user_pass_with_salt($_POST['pass']);
$query = "\n\t\t\t\tSELECT\n\t\t\t\t\t`id`\n\t\t\t\tFROM\n\t\t\t\t\t`htaccess_users`\n\t\t\t\tWHERE\n\t\t\t\t\t`uname` = ?\n\t\t\t\tAND\n\t\t\t\t\t`dmn_id` = ?\n\t\t\t";
$rs = exec_query($sql, $query, array($uname, $dmn_id));
if ($rs->recordCount() == 0) {
$query = "\n\t\t\t\t\tINSERT INTO `htaccess_users`\n\t\t\t\t\t\t(`dmn_id`, `uname`, `upass`, `status`)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t(?, ?, ?, ?)\n\t\t\t\t";
exec_query($sql, $query, array($dmn_id, $uname, $upass, $status));
send_request('110 DOMAIN htaccess ' . $dmn_id);
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: add user (protected areas): {$uname}");
user_goto('protected_user_manage.php');
} else {
set_page_message(tr('User already exist !'), 'error');
return;
}
}
} else {
return;
}
}
/**
* @param int $month
* @param int $year
*/
function generate_page($month, $year)
{
$tpl = EasySCP_TemplateEngine::getInstance();
$sql = EasySCP_Registry::get('Db');
if ($month == date('m') && $year == date('Y')) {
$curday = date('j');
} else {
$tmp = mktime(1, 0, 0, $month + 1, 0, $year);
$curday = date('j', $tmp);
}
$all[0] = 0;
$all[1] = 0;
$all[2] = 0;
$all[3] = 0;
$all[4] = 0;
$all[5] = 0;
$all[6] = 0;
$all[7] = 0;
for ($i = 1; $i <= $curday; $i++) {
$ftm = mktime(0, 0, 0, $month, $i, $year);
$ltm = mktime(0, 0, 0, $month, $i + 1, $year);
$query = "\n\t\t\tSELECT\n\t\t\t\tCOUNT(`bytes_in`) AS cnt\n\t\t\tFROM\n\t\t\t\t`server_traffic`\n\t\t\tWHERE\n\t\t\t\t`traff_time` > ? AND `traff_time` <= ?\n\t\t";
$rs = exec_query($sql, $query, array($ftm, $ltm));
// if ($rs->fields['cnt'] > 0) {
if ($rs->recordCount() > 0) {
list($web_in, $web_out, $smtp_in, $smtp_out, $pop_in, $pop_out, $other_in, $other_out, $all_in, $all_out) = get_server_trafic($ftm, $ltm);
$tpl->append(array('DAY' => $i, 'YEAR' => $year, 'MONTH' => $month, 'WEB_IN' => sizeit($web_in), 'WEB_OUT' => sizeit($web_out), 'SMTP_IN' => sizeit($smtp_in), 'SMTP_OUT' => sizeit($smtp_out), 'POP_IN' => sizeit($pop_in), 'POP_OUT' => sizeit($pop_out), 'OTHER_IN' => sizeit($other_in), 'OTHER_OUT' => sizeit($other_out), 'ALL_IN' => sizeit($all_in), 'ALL_OUT' => sizeit($all_out), 'ALL' => sizeit($all_in + $all_out)));
$all[0] = $all[0] + $web_in;
$all[1] = $all[1] + $web_out;
$all[2] = $all[2] + $smtp_in;
$all[3] = $all[3] + $smtp_out;
$all[4] = $all[4] + $pop_in;
$all[5] = $all[5] + $pop_out;
$all[6] = $all[6] + $all_in;
$all[7] = $all[7] + $all_out;
}
// if count
}
// end for
$all_other_in = $all[6] - ($all[0] + $all[2] + $all[4]);
$all_other_out = $all[7] - ($all[1] + $all[3] + $all[5]);
$tpl->assign(array('WEB_IN_ALL' => sizeit($all[0]), 'WEB_OUT_ALL' => sizeit($all[1]), 'SMTP_IN_ALL' => sizeit($all[2]), 'SMTP_OUT_ALL' => sizeit($all[3]), 'POP_IN_ALL' => sizeit($all[4]), 'POP_OUT_ALL' => sizeit($all[5]), 'OTHER_IN_ALL' => sizeit($all_other_in), 'OTHER_OUT_ALL' => sizeit($all_other_out), 'ALL_IN_ALL' => sizeit($all[6]), 'ALL_OUT_ALL' => sizeit($all[7]), 'ALL_ALL' => sizeit($all[6] + $all[7])));
}
/**
* Generate List of Domains assigned to IPs
*
* @param EasySCP_TemplateEngine $tpl
*/
function listIPDomains($tpl)
{
$sql = EasySCP_Registry::get('Db');
$query = "\n\t\tSELECT\n\t\t\tip_id, ip_number, ip_number_v6\n\t\tFROM\n\t\t\tserver_ips;\n\t";
$rs = exec_query($sql, $query);
while (!$rs->EOF) {
$no_domains = false;
$no_alias_domains = false;
$domains = array();
$reseller = array();
$query = "\n\t\t\tSELECT\n\t\t\t\t`d`.`domain_name`, `a`.`admin_name`\n\t\t\tFROM\n\t\t\t\t`domain` d\n\t\t\tINNER JOIN\n\t\t\t\t`admin` a\n\t\t\tON\n\t\t\t\t(`a`.`admin_id` = `d`.`domain_created_id`)\n\t\t\tWHERE\n\t\t\t\t`d`.`domain_ip_id` = ?\n\t\t\tORDER BY\n\t\t\t\t`d`.`domain_name`;\n\t\t";
$rs2 = exec_query($sql, $query, $rs->fields['ip_id']);
$domain_count = $rs2->recordCount();
if ($rs2->recordCount() == 0) {
$no_domains = true;
}
while (!$rs2->EOF) {
$domains[] = $rs2->fields['domain_name'];
$reseller[] = $rs2->fields['admin_name'];
$rs2->moveNext();
}
$query = "\n\t\t\tSELECT\n\t\t\t\t`da`.`alias_name`, `a`.`admin_name`\n\t\t\tFROM\n\t\t\t\t`domain_aliasses` da\n\t\t\tINNER JOIN\n\t\t\t\t`domain` d\n\t\t\tON\n\t\t\t\t(`d`.`domain_id` = `da`.`domain_id`)\n\t\t\tINNER JOIN\n\t\t\t\t`admin` a\n\t\t\tON\n\t\t\t\t(`a`.`admin_id` = `d`.`domain_created_id`)\n\t\t\tWHERE\n\t\t\t\t`da`.`alias_ip_id` = ?\n\t\t\tORDER BY\n\t\t\t\t`da`.`alias_name`;\n\t\t";
$rs3 = exec_query($sql, $query, $rs->fields['ip_id']);
$alias_count = $rs3->recordCount();
if ($rs3->recordCount() == 0) {
$no_alias_domains = true;
}
while (!$rs3->EOF) {
$domains[] = $rs3->fields['alias_name'];
$reseller[] = $rs3->fields['admin_name'];
$rs3->moveNext();
}
if ($no_domains && $no_alias_domains) {
$tpl->append(array('DOMAIN_NAME' => array(tr("No records found")), 'RESELLER_NAME' => array('')));
} else {
$tpl->append(array('DOMAIN_NAME' => $domains, 'RESELLER_NAME' => $reseller));
}
$tpl->append(array('IP' => $rs->fields['ip_number_v6'] != '' ? $rs->fields['ip_number'] . ' / ' . $rs->fields['ip_number_v6'] : $rs->fields['ip_number'], 'RECORD_COUNT' => tr('Total Domains') . " : " . ($domain_count + $alias_count)));
$rs->moveNext();
}
// end while
}
function update_ssl_data()
{
// Get a reference to the Config object
$cfg = EasySCP_Registry::get('Config');
// Gets a reference to the EasySCP_ConfigHandler_Db instance
$db_cfg = EasySCP_Registry::get('Db_Config');
$db_cfg->resetQueriesCounter('update');
$sslkey = clean_input(filter_input(INPUT_POST, 'ssl_key'));
$sslcert = clean_input(filter_input(INPUT_POST, 'ssl_cert'));
$sslcacert = clean_input(filter_input(INPUT_POST, 'ssl_cacert'));
$sslstatus = clean_input(filter_input(INPUT_POST, 'ssl_status'));
if (openssl_x509_check_private_key($sslcert, $sslkey)) {
// update the ssl related values
$db_cfg->SSL_KEY = $sslkey;
$db_cfg->SSL_CERT = $sslcert;
$db_cfg->SSL_CACERT = $sslcacert;
$db_cfg->SSL_STATUS = $sslstatus;
$cfg->replaceWith($db_cfg);
/*
$data = array (
'SSL_KEY' => $sslkey,
'SSL_CERT' => $sslcert,
'SSL_STATUS'=> $sslstatus
);
*/
$data = array('SSL_STATUS' => $sslstatus);
EasyConfig::Save($data);
write_log(get_session('user_logged') . ": Updated SSL configuration!");
// get number of updates
$update_count = $db_cfg->countQueries('update');
if ($update_count == 0) {
set_page_message(tr("SSL configuration unchanged"), 'info');
} elseif ($update_count > 0) {
set_page_message(tr('SSL configuration updated!'), 'success');
}
} else {
set_page_message(tr("SSL key/cert don't match"), 'Warning');
write_log(get_session('user_logged') . ": Update of SSL configuration failed!");
}
send_request('110 DOMAIN master');
user_goto('tools_config_ssl.php');
}
/**
* @param EasySCP_TemplateEngine $tpl
*/
function gen_user_sessions($tpl)
{
$sql = EasySCP_Registry::get('Db');
$query = "\n\t\tSELECT\n\t\t\t*\n\t\tFROM\n\t\t\t`login`\n\t";
$rs = exec_query($sql, $query);
while (!$rs->EOF) {
if ($rs->fields['user_name'] === NULL) {
$tpl->append(array('ADMIN_USERNAME' => tr('Unknown'), 'LOGIN_TIME' => date("G:i:s", $rs->fields['lastaccess'])));
} else {
$tpl->append(array('ADMIN_USERNAME' => $rs->fields['user_name'], 'LOGIN_TIME' => date("G:i:s", $rs->fields['lastaccess'])));
}
$sess_id = session_id();
if ($sess_id === $rs->fields['session_id']) {
$tpl->append('KILL_LINK', 'sessions_manage.php');
} else {
$tpl->append('KILL_LINK', 'sessions_manage.php?kill=' . $rs->fields['session_id']);
}
$rs->moveNext();
}
}
function update_user_personal_data($user_id)
{
$sql = EasySCP_Registry::get('Db');
$fname = clean_input($_POST['fname']);
$lname = clean_input($_POST['lname']);
$gender = $_POST['gender'];
$firm = clean_input($_POST['firm']);
$zip = clean_input($_POST['zip']);
$city = clean_input($_POST['city']);
$state = clean_input($_POST['state']);
$country = clean_input($_POST['country']);
$street1 = clean_input($_POST['street1']);
$street2 = clean_input($_POST['street2']);
$email = clean_input($_POST['email']);
$phone = clean_input($_POST['phone']);
$fax = clean_input($_POST['fax']);
$query = "\n\t\tUPDATE\n\t\t\t`admin`\n\t\tSET\n\t\t\t`fname` = ?,\n\t\t\t`lname` = ?,\n\t\t\t`firm` = ?,\n\t\t\t`zip` = ?,\n\t\t\t`city` = ?,\n\t\t\t`state` = ?,\n\t\t\t`country` = ?,\n\t\t\t`street1` = ?,\n\t\t\t`street2` = ?,\n\t\t\t`email` = ?,\n\t\t\t`phone` = ?,\n\t\t\t`fax` = ?,\n\t\t\t`gender` = ?\n\t\tWHERE\n\t\t\t`admin_id` = ?\n\t";
exec_query($sql, $query, array($fname, $lname, $firm, $zip, $city, $state, $country, $street1, $street2, $email, $phone, $fax, $gender, $user_id));
write_log($_SESSION['user_logged'] . ": update personal data");
set_page_message(tr('Personal data updated successfully!'), 'success');
}
function gen_user_catchall_action($mail_id, $mail_status)
{
$cfg = EasySCP_Registry::get('Config');
if ($mail_status === $cfg->ITEM_ADD_STATUS) {
return array(tr('N/A'), '#');
// Addition in progress
} else {
if ($mail_status === $cfg->ITEM_OK_STATUS) {
return array(tr('Delete CatchAll'), "mail_catchall_delete.php?id={$mail_id}");
} else {
if ($mail_status === $cfg->ITEM_CHANGE_STATUS) {
return array(tr('N/A'), '#');
} else {
if ($mail_status === $cfg->ITEM_DELETE_STATUS) {
return array(tr('N/A'), '#');
} else {
return null;
}
}
}
}
}
/**
* @param EasySCP_TemplateEngine $tpl
* @param int $month
* @param int $year
* @param int $domain_id
*/
function generate_page($tpl, $month, $year, $domain_id)
{
$cfg = EasySCP_Registry::get('Config');
$sql = EasySCP_Registry::get('Db');
if ($month == date('m') && $year == date('Y')) {
$curday = date('j');
} else {
$tmp = mktime(1, 0, 0, $month + 1, 0, $year);
$curday = date('j', $tmp);
}
$sum_web = 0;
$sum_ftp = 0;
$sum_mail = 0;
$sum_pop = 0;
for ($i = 1; $i <= $curday; $i++) {
$ftm = mktime(0, 0, 0, $month, $i, $year);
$ltm = mktime(23, 59, 59, $month, $i, $year);
$query = "\n\t\t\tSELECT\n\t\t\t\t`dtraff_web_in`, `dtraff_web_out`, `dtraff_ftp_in`, `dtraff_ftp_out`, `dtraff_mail`, `dtraff_pop`, `dtraff_time`\n\t\t\tFROM\n\t\t\t\t`domain_traffic`\n\t\t\tWHERE\n\t\t\t\t`domain_id` = ?\n\t\t\tAND\n\t\t\t\t`dtraff_time` >= ?\n\t\t\tAND\n\t\t\t\t`dtraff_time` <= ?\n\t\t";
exec_query($sql, $query, array($domain_id, $ftm, $ltm));
list($web_trf, $ftp_trf, $pop_trf, $smtp_trf) = get_domain_trafic($ftm, $ltm, $domain_id);
if ($web_trf == 0 && $ftp_trf == 0 && $smtp_trf == 0 && $pop_trf == 0) {
$tpl->append(array('DATE' => date($cfg->DATE_FORMAT, strtotime($year . "-" . $month . "-" . $i)), 'WEB_TRAFFIC' => 0, 'FTP_TRAFFIC' => 0, 'SMTP_TRAFFIC' => 0, 'POP3_TRAFFIC' => 0, 'ALL_TRAFFIC' => 0));
} else {
$sum_web += $web_trf;
$sum_ftp += $ftp_trf;
$sum_mail += $smtp_trf;
$sum_pop += $pop_trf;
$tpl->append(array('DATE' => date($cfg->DATE_FORMAT, strtotime($year . "-" . $month . "-" . $i)), 'WEB_TRAFFIC' => sizeit($web_trf), 'FTP_TRAFFIC' => sizeit($ftp_trf), 'SMTP_TRAFFIC' => sizeit($smtp_trf), 'POP3_TRAFFIC' => sizeit($pop_trf), 'ALL_TRAFFIC' => sizeit($web_trf + $ftp_trf + $smtp_trf + $pop_trf)));
}
}
$sql_param = array(':domain_id' => $domain_id);
$sql_query = "\n\t\tSELECT\n\t\t\ta.admin_id, a.admin_name\n\t\tFROM\n\t\t\tadmin a,\n\t\t\tdomain b\n\t\tWHERE\n\t\t\tb.domain_created_id = a.admin_id\n\t\tAND\n\t\t\tb.domain_id = :domain_id\n\t";
// Einzelne Schreibweise
DB::prepare($sql_query);
$row = DB::execute($sql_param, true);
$tpl->assign(array('RESELLER_NAME' => $row['admin_name'], 'RESELLER_ID' => $row['admin_id'], 'MONTH' => $month, 'YEAR' => $year, 'DOMAIN_ID' => $domain_id, 'ALL_WEB_TRAFFIC' => sizeit($sum_web), 'ALL_FTP_TRAFFIC' => sizeit($sum_ftp), 'ALL_SMTP_TRAFFIC' => sizeit($sum_mail), 'ALL_POP3_TRAFFIC' => sizeit($sum_pop), 'ALL_ALL_TRAFFIC' => sizeit($sum_web + $sum_ftp + $sum_mail + $sum_pop)));
}
<?php
/**
* EasySCP a Virtual Hosting Control Panel
* Copyright (C) 2010-2016 by Easy Server Control Panel - http://www.easyscp.net
*
* This work is licensed under the Creative Commons Attribution-NoDerivs 3.0 Unported License.
* To view a copy of this license, visit http://creativecommons.org/licenses/by-nd/3.0/.
*
* @link http://www.easyscp.net
* @author EasySCP Team
*/
require '../../include/easyscp-lib.php';
check_login(__FILE__);
$cfg = EasySCP_Registry::get('Config');
$tpl = EasySCP_TemplateEngine::getInstance();
$template = 'admin/cronjob_manage.tpl';
// static page messages
$tpl->assign(array('TR_CLIENT_CRONJOBS_TITLE' => tr('EasySCP - Admin/Cronjob Manager')));
if (isset($_GET['delete_cron_id']) && is_numeric($_GET['delete_cron_id'])) {
EasyCron::deleteCronJob($_GET['delete_cron_id']);
user_goto('cronjob_overview.php');
}
if (isset($_GET['status_cron_id']) && is_numeric($_GET['status_cron_id'])) {
EasyCron::toggleCronStatus($_GET['status_cron_id']);
user_goto('cronjob_overview.php');
}
/*
*
* static page messages.
*
