function dtcListItemsEdit($dsc)
{
global $adm_pass;
$out = "<h3>" . $dsc["title"] . "</u></b></h3>";
// Calculate the forwards parameters for links and forms
$nbr_forwards = sizeof($dsc["forward"]);
$keys_fw = array_keys($dsc["forward"]);
$fw = "";
$fw_link = $_SERVER["PHP_SELF"] . "?";
for ($i = 0; $i < $nbr_forwards; $i++) {
if ($dsc["forward"][$i] == "adm_pass") {
$fw .= "<input type=\"hidden\" name=\"" . $dsc["forward"][$i] . "\" value=\"" . $adm_pass . "\">";
} else {
$fw .= "<input type=\"hidden\" name=\"" . $dsc["forward"][$i] . "\" value=\"" . $_REQUEST[$dsc["forward"][$i]] . "\">";
}
if ($i != 0) {
$fw_link .= "&";
}
if ($dsc["forward"][$i] == "adm_pass") {
$fw_link .= $dsc["forward"][$i] . "={$adm_pass}";
} else {
$fw_link .= $dsc["forward"][$i] . "=" . $_REQUEST[$dsc["forward"][$i]];
}
}
// Condition to add to each queries
$where = "WHERE 1";
if (isset($dsc["order_by"])) {
$order_by = " ORDER BY " . $dsc["order_by"];
} else {
$order_by = "";
}
$added_insert_names = "";
$added_insert_values = "";
if (isset($dsc["where_list"])) {
$nbr_where = sizeof($dsc["where_list"]);
$where_keys = array_keys($dsc["where_list"]);
for ($i = 0; $i < $nbr_where; $i++) {
if ($i != 0) {
$added_insert_names .= ",";
$added_insert_values .= ",";
}
$added_insert_names .= $where_keys[$i];
$added_insert_values .= "'" . $dsc["where_list"][$where_keys[$i]] . "'";
$where .= " AND " . $where_keys[$i] . "='" . $dsc["where_list"][$where_keys[$i]] . "'";
}
// As there will be other fields, we need that one
$added_insert_names .= ",";
$added_insert_values .= ",";
}
// Number of fields that we are about to manage here and theire names
$nbr_fld = sizeof($dsc["cols"]);
$keys = array_keys($dsc["cols"]);
// We need the current number of items now to check against the max number for addition
$q = "SELECT " . $dsc["id_fld"] . "," . $dsc["list_fld_show"] . " FROM " . $dsc["table_name"] . " {$where};";
$r_item_list = mysql_query($q) or die("Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error());
$current_num_items = mysql_num_rows($r_item_list);
// SQL submit stuffs
if (isset($_REQUEST["action"]) && $_REQUEST["action"] == $dsc["action"] . "_new_item") {
// Todo: do the fields checkings
$commit_flag = "yes";
$commit_err = "";
for ($i = 0; $i < $nbr_fld; $i++) {
switch ($dsc["cols"][$keys[$i]]["type"]) {
case "popup":
case "radio":
$nbr_choices = sizeof($dsc["cols"][$keys[$i]]["values"]);
$is_one_of_them = "no";
for ($j = 0; $j < $nbr_choices; $j++) {
if ($dsc["cols"][$keys[$i]]["values"][$j] == $_REQUEST[$keys[$i]]) {
$is_one_of_them = "yes";
}
}
if ($is_one_of_them == "no") {
$commit_flag = "no";
$commit_err = "the variable " . $keys[$i] . " is not one of the allowed values<br>";
}
break;
default:
break;
}
if (isset($dsc["cols"][$keys[$i]]["check"])) {
switch ($dsc["cols"][$keys[$i]]["check"]) {
case "subdomain":
if (!checkSubdomainFormat($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a subdomain<br>";
}
}
break;
case "subdomain_or_ip":
if (!checkSubdomainFormat($_REQUEST[$keys[$i]]) && !isIP($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a subdomain or IP addresse<br>";
}
}
break;
case "ip6":
if (!isIP6($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
if (!isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) || $dsc["cols"][$keys[$i]]["empty_makes_default"] != "yes" || $_REQUEST[$keys[$i]] != "default") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not an IPv6 address<br>";
}
}
}
break;
case "ip_addr":
if (!isIP($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not an IP address<br>";
}
}
break;
case "domain_or_ip":
if (!isIP($_REQUEST[$keys[$i]]) && !isHostname($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a domain or IP addresse<br>";
}
}
break;
case "dtc_login":
if (!isFtpLogin($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a correct login format.<br>";
}
}
break;
case "dtc_login_or_email":
if (!isFtpLogin($_REQUEST[$keys[$i]]) && !isValidEmail($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a correct login format.<br>";
}
}
break;
case "mail_alias_group":
$mail_alias_group_raw = trim($_REQUEST[$keys[$i]], "\r\n");
$mail_alias_nocr = str_replace("\r", "", $mail_alias_group_raw);
$mail_alias_array = split("\n", $mail_alias_nocr);
for ($x = 0; $x < count($mail_alias_array); $x++) {
if (!isValidEmail($mail_alias_array[$x])) {
$commit_flag = "no";
$commit_err .= $mail_alias_array[$x] . ": not a valid email format.<br>";
}
}
break;
case "dtc_pass":
if (!isDTCPassword($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a correct password format<br>";
}
}
break;
case "email":
if (!isValidEmail($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a correct email format<br>";
}
}
break;
case "number":
if (!isRandomNum($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a correct number format<br>";
}
}
break;
case "max_value_2096":
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
if (!isRandomNum($_REQUEST[$keys[$i]])) {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a correct number format<br>";
}
if ($_REQUEST[$keys[$i]] >= 2096) {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": is greater or equal than the max value 2096<br>";
}
}
break;
default:
$commit_flag = "no";
$commit_err .= $keys[$i] . ": unknown field checking type (" . $dsc["cols"][$keys[$i]]["check"] . ").<br>";
break;
}
}
}
if (isset($dsc["max_item"]) && $current_num_items >= $dsc["max_item"]) {
$commit_flag = "no";
$commit_err = "Max number of items reached!";
}
if (isset($dsc["check_unique"])) {
$nbr_unique_check = sizeof($dsc["check_unique"]);
$where_clause = "";
for ($i = 0; $i < $nbr_unique_check; $i++) {
if ($i != 0) {
$where_clause .= " AND ";
}
if (isset($dsc["cols"][$dsc["check_unique"][$i]]["happen_domain"])) {
$where_clause .= $dsc["check_unique"][$i] . "='" . $_REQUEST[$dsc["check_unique"][$i]] . $dsc["cols"][$dsc["check_unique"][$i]]["happen_domain"] . "' ";
} else {
$where_clause .= $dsc["check_unique"][$i] . "='" . $_REQUEST[$dsc["check_unique"][$i]] . "' ";
}
}
if (!isset($dsc["check_unique_use_where_list"]) || $dsc["check_unique_use_where_list"] == "yes") {
$nbr_where_list_fld = sizeof($dsc["where_list"]);
$where_list_keys_fld = array_keys($dsc["where_list"]);
for ($i = 0; $i < $nbr_where_list_fld; $i++) {
$where_clause .= " AND " . $where_list_keys_fld[$i] . "='" . $dsc["where_list"][$where_list_keys_fld[$i]] . "'";
}
}
$q = "SELECT * FROM " . $dsc["table_name"] . " WHERE {$where_clause} ";
$r = mysql_query($q) or die("Cannot query \"{$q}\" line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n > 0) {
$commit_flag = "no";
$commit_err = $dsc["check_unique_msg"];
}
}
// Build the request
$fld_names = "";
$values = "";
$added_one = "no";
for ($i = 0; $i < $nbr_fld; $i++) {
switch ($dsc["cols"][$keys[$i]]["type"]) {
case "password":
if ($added_one == "yes") {
$fld_names .= ",";
$values .= ",";
}
$fld_names .= $keys[$i];
if (isset($dsc["cols"][$keys[$i]]["empty_makes_sql_null"]) && $dsc["cols"][$keys[$i]]["empty_makes_sql_null"] == "yes" && $_REQUEST[$keys[$i]] == "") {
$values .= "NULL";
} else {
if (isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) && $dsc["cols"][$keys[$i]]["empty_makes_default"] == "yes" && $_REQUEST[$keys[$i]] == "") {
$values .= "'default'";
} else {
if (isset($dsc["cols"][$keys[$i]]["happen_domain"])) {
$values .= "'" . addslashes($_REQUEST[$keys[$i]]) . $dsc["cols"][$keys[$i]]["happen_domain"] . "'";
} else {
$values .= "'" . addslashes($_REQUEST[$keys[$i]]) . "'";
}
// if the crypt field is set, then we use this as the SQL field to populate the crypted password into
if (isset($dsc["cols"][$keys[$i]]["cryptfield"])) {
if ($added_one == "yes") {
$fld_names .= ",";
$values .= ",";
}
$fld_names .= $dsc["cols"][$keys[$i]]["cryptfield"];
$values .= "'" . crypt($_REQUEST[$keys[$i]], dtc_makesalt()) . "'";
}
}
}
$added_one = "yes";
break;
case "text":
case "textarea":
if ($added_one == "yes") {
$fld_names .= ",";
$values .= ",";
}
$fld_names .= $keys[$i];
if (isset($dsc["cols"][$keys[$i]]["empty_makes_sql_null"]) && $dsc["cols"][$keys[$i]]["empty_makes_sql_null"] == "yes" && $_REQUEST[$keys[$i]] == "") {
$values .= "NULL";
} else {
if (isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) && $dsc["cols"][$keys[$i]]["empty_makes_default"] == "yes" && $_REQUEST[$keys[$i]] == "") {
$values .= "'default'";
} else {
if (isset($dsc["cols"][$keys[$i]]["happen_domain"])) {
$values .= "'" . addslashes($_REQUEST[$keys[$i]]) . $dsc["cols"][$keys[$i]]["happen_domain"] . "'";
} else {
$values .= "'" . addslashes($_REQUEST[$keys[$i]]) . "'";
}
}
}
$added_one = "yes";
break;
case "checkbox":
if ($added_one == "yes") {
$fld_names .= ",";
$values .= ",";
}
$added_one = "yes";
$fld_names .= $keys[$i];
if (isset($_REQUEST[$keys[$i]])) {
$values .= "'" . $dsc["cols"][$keys[$i]]["values"][0] . "'";
} else {
$values .= "'" . $dsc["cols"][$keys[$i]]["values"][1] . "'";
}
break;
case "popup":
case "radio":
if ($added_one == "yes") {
$fld_names .= ",";
$values .= ",";
}
$fld_names .= $keys[$i];
$values .= "'" . addslashes($_REQUEST[$keys[$i]]) . "'";
$added_one = "yes";
break;
}
}
if ($commit_flag == "yes") {
$q = "INSERT INTO " . $dsc["table_name"] . " ({$added_insert_names} {$fld_names}) VALUES ({$added_insert_values} {$values});";
$success = "yes";
$r = mysql_query($q) or $success = "no";
if ($success == "yes") {
$insert_id = mysql_insert_id();
if (isset($dsc["create_item_callback"])) {
$out .= $dsc["create_item_callback"]($insert_id);
}
} else {
$out .= "<font color=\"red\">Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error() . "</font>";
}
} else {
$out .= "<font color=\"red\">Could not commit the changes because of an error in field format: <br>{$commit_err}</font><br>";
}
} else {
if (isset($_REQUEST["action"]) && $_REQUEST["action"] == $dsc["action"] . "_save_item") {
// Todo: do the fields checkings
$commit_flag = "yes";
$commit_err = "";
for ($i = 0; $i < $nbr_fld; $i++) {
switch ($dsc["cols"][$keys[$i]]["type"]) {
case "checkbox":
break;
case "popup":
case "radio":
case "checkbox":
$nbr_choices = sizeof($dsc["cols"][$keys[$i]]["values"]);
$is_one_of_them = "no";
for ($j = 0; $j < $nbr_choices; $j++) {
if ($dsc["cols"][$keys[$i]]["values"][$j] == $_REQUEST[$keys[$i]]) {
$is_one_of_them = "yes";
}
}
if ($is_one_of_them == "no") {
$commit_flag = "no";
$commit_err = "the variable " . $keys[$i] . " is not one of the allowed values<br>";
}
break;
default:
break;
}
if (isset($dsc["cols"][$keys[$i]]["check"]) && (!isset($dsc["cols"][$keys[$i]]["disable_edit"]) || $dsc["cols"][$keys[$i]]["disable_edit"] != "yes")) {
switch ($dsc["cols"][$keys[$i]]["check"]) {
case "subdomain":
if (!checkSubdomainFormat($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a subdomain<br>";
}
}
break;
case "subdomain_or_ip":
if (!checkSubdomainFormat($_REQUEST[$keys[$i]]) && !isIP($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a subdomain or IP addresse<br>";
}
}
break;
case "ip6":
if (!isIP6($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
if (!isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) || $dsc["cols"][$keys[$i]]["empty_makes_default"] != "yes" || $_REQUEST[$keys[$i]] != "default") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not an IPv6 address<br>";
}
}
}
break;
case "ip_addr":
if (!isIP($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not an IP address<br>";
}
}
break;
case "domain_or_ip":
if (!isIP($_REQUEST[$keys[$i]]) && !isHostname($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a domain or IP addresse<br>";
}
}
break;
case "dtc_login":
if (!isFtpLogin($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a correct login format.<br>";
}
}
break;
case "dtc_login_or_email":
if (!isFtpLogin($_REQUEST[$keys[$i]]) && !isValidEmail($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a correct login format.<br>";
}
}
break;
case "mail_alias_group":
$mail_alias_group_raw = trim($_REQUEST[$keys[$i]], "\r\n");
$mail_alias_nocr = str_replace("\r", "", $mail_alias_group_raw);
$mail_alias_array = split("\n", $mail_alias_nocr);
for ($x = 0; $x < count($mail_alias_array); $x++) {
if (!isValidEmail($mail_alias_array[$x])) {
$commit_flag = "no";
$commit_err .= $mail_alias_array[$x] . ": not a valid email format.<br>";
}
}
break;
case "dtc_pass":
if (!isDTCPassword($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a correct password format<br>";
}
}
break;
case "email":
if (!isValidEmail($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a correct email format<br>";
}
}
break;
case "number":
if (!isRandomNum($_REQUEST[$keys[$i]])) {
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a correct number format<br>";
}
}
break;
case "max_value_2096":
if (!isset($dsc["cols"][$keys[$i]]["can_be_empty"]) || $dsc["cols"][$keys[$i]]["can_be_empty"] != "yes" || $_REQUEST[$keys[$i]] != "") {
if (!isRandomNum($_REQUEST[$keys[$i]])) {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": not a correct number format<br>";
}
if ($_REQUEST[$keys[$i]] >= 2096) {
$commit_flag = "no";
$commit_err .= $keys[$i] . ": is greater or equal than the max value 2096<br>";
}
}
break;
default:
$commit_flag = "no";
$commit_err .= $keys[$i] . ": unknown field checking type (" . $dsc["cols"][$keys[$i]]["check"] . ").<br>";
break;
}
}
}
// Build the request
$added_one = "no";
$reqs = "";
for ($i = 0; $i < $nbr_fld; $i++) {
switch ($dsc["cols"][$keys[$i]]["type"]) {
case "id":
$id_fldname = $keys[$i];
$id_fld_value = addslashes($_REQUEST[$keys[$i]]);
break;
case "readonly":
break;
case "text":
case "textarea":
case "password":
if (!isset($dsc["cols"][$keys[$i]]["disable_edit"]) || $dsc["cols"][$keys[$i]]["disable_edit"] != "yes") {
if ($added_one == "yes") {
$reqs .= ",";
}
if (isset($dsc["cols"][$keys[$i]]["happen_domain"])) {
$happen = $dsc["cols"][$keys[$i]]["happen_domain"];
} else {
$happen = "";
}
if (isset($dsc["cols"][$keys[$i]]["empty_makes_sql_null"]) && $dsc["cols"][$keys[$i]]["empty_makes_sql_null"] == "yes" && $_REQUEST[$keys[$i]] == "") {
$reqs .= $keys[$i] . "=NULL";
} else {
if (isset($dsc["cols"][$keys[$i]]["empty_makes_default"]) && $dsc["cols"][$keys[$i]]["empty_makes_default"] == "yes" && $_REQUEST[$keys[$i]] == "") {
$reqs .= $keys[$i] . "='default'";
} else {
$reqs .= $keys[$i] . "='" . addslashes($_REQUEST[$keys[$i]]) . $happen . "'";
// if the crypt field is set, then we use this as the SQL field to populate the crypted password into
if (isset($dsc["cols"][$keys[$i]]["cryptfield"])) {
if ($added_one == "yes") {
$reqs .= ", ";
}
$reqs .= " " . $dsc["cols"][$keys[$i]]["cryptfield"] . "='" . crypt($_REQUEST[$keys[$i]], dtc_makesalt()) . "' ";
}
}
}
$added_one = "yes";
}
break;
case "popup":
case "radio":
if ($added_one == "yes") {
$reqs .= ",";
}
$reqs .= $keys[$i] . "='" . addslashes($_REQUEST[$keys[$i]]) . "'";
$added_one = "yes";
break;
case "checkbox":
if ($added_one == "yes") {
$reqs .= ",";
}
if (isset($_REQUEST[$keys[$i]])) {
$reqs .= $keys[$i] . "='" . $dsc["cols"][$keys[$i]]["values"][0] . "'";
} else {
$reqs .= $keys[$i] . "='" . $dsc["cols"][$keys[$i]]["values"][1] . "'";
}
break;
default:
die($dsc["cols"][$keys[$i]]["type"] . ": Not implemented yet line " . __LINE__ . " file " . __FILE__);
break;
}
}
if ($commit_flag != "yes") {
$out .= "<font color=\"red\">Could not commit the changes because of an error in field format: [todo: error desc]<br>{$commit_err}</font>";
} else {
if (!isset($id_fldname) || !isset($id_fld_value)) {
$out .= "<font color=\"red\">Could not commit the changes because the id is not set!</font>";
} else {
$q = "UPDATE " . $dsc["table_name"] . " SET {$reqs} {$where} AND {$id_fldname}='{$id_fld_value}';";
$r = mysql_query($q) or $out .= "<font color=\"red\">Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error() . "</font>";
if (isset($dsc["edit_item_callback"])) {
$dsc["edit_item_callback"]($id_fld_value);
}
}
}
} else {
if (isset($_REQUEST["action"]) && $_REQUEST["action"] == $dsc["action"] . "_delete_item") {
for ($i = 0; $i < $nbr_fld; $i++) {
if ($dsc["cols"][$keys[$i]]["type"] == "id") {
$id_fldname = $keys[$i];
$id_fld_value = addslashes($_REQUEST[$keys[$i]]);
}
}
if (isset($id_fldname) && isset($id_fld_value)) {
if (isset($dsc["delete_item_callback"])) {
$dsc["delete_item_callback"]($id_fld_value);
}
$q = "DELETE FROM " . $dsc["table_name"] . " {$where} AND {$id_fldname}='" . $id_fld_value . "';";
$r = mysql_query($q) or $out .= "<font color=\"red\">Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error() . "</font>";
} else {
$out .= "<font color=\"red\">Could not commit the deletion because the id field could not be found.</font>";
}
}
}
}
// We have to query it again, in case an insert or a delete has occured!
$q = "SELECT " . $dsc["id_fld"] . "," . $dsc["list_fld_show"] . " FROM " . $dsc["table_name"] . " {$where} {$order_by};";
$r_item_list = mysql_query($q) or die("Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error());
$current_num_items = mysql_num_rows($r_item_list);
if (isset($dsc["max_item"])) {
if ($current_num_items >= $dsc["max_item"]) {
$out .= "<font color=\"red\">";
}
$out .= $dsc["num_item_txt"] . $current_num_items . "/" . $dsc["max_item"];
if ($current_num_items >= $dsc["max_item"]) {
$out .= "</font>";
}
$out .= "<br><br>";
}
// First display a list of items
for ($i = 0; $i < $current_num_items; $i++) {
$a = mysql_fetch_array($r_item_list);
if ($i != 0) {
$out .= " - ";
}
if (isset($_REQUEST["subaction"]) && $_REQUEST["subaction"] == $dsc["action"] . "_edit_item" && $_REQUEST["item"] == $a[$dsc["id_fld"]]) {
$out .= $a[$dsc["list_fld_show"]];
} else {
$out .= "<a href=\"{$fw_link}&subaction=" . $dsc["action"] . "_edit_item&item=" . $a[$dsc["id_fld"]] . "\">" . $a[$dsc["list_fld_show"]] . "</a>";
}
}
$out .= "<br><br>";
// Creation of new items
if (!isset($_REQUEST["subaction"]) || $_REQUEST["subaction"] != $dsc["action"] . "_edit_item") {
$out .= $dsc["new_item_link"] . "<br><br>";
$out .= "<h3>" . $dsc["new_item_title"] . "</h3><br>";
if (isset($dsc["max_item"]) && $current_num_items >= $dsc["max_item"]) {
$out .= "<font color=\"red\">" . _("Maximum number reached") . "!</font><br>";
} else {
$out .= "<form name=\"" . $dsc["action"] . "_new_item_frm\" action=\"" . $_SERVER["PHP_SELF"] . "\">{$fw}\n\t\t\t\t<input type=\"hidden\" name=\"action\" value=\"" . $dsc["action"] . "_new_item\">" . dtcFormTableAttrs();
for ($i = 0; $i < $nbr_fld; $i++) {
if (isset($dsc["cols"][$keys[$i]]["help"])) {
$help = $dsc["cols"][$keys[$i]]["help"];
} else {
$help = "";
}
switch ($dsc["cols"][$keys[$i]]["type"]) {
case "id":
$out .= "<input type=\"hidden\" name=\"" . $keys[$i] . "\" value=\"\">";
break;
case "password":
$genpass = autoGeneratePassButton($dsc["action"] . "_new_item_frm", $keys[$i]);
$ctrl = "<input type=\"password\" name=\"" . $keys[$i] . "\" value=\"\">{$genpass}";
$out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help);
break;
case "text":
case "readonly":
if (isset($dsc["cols"][$keys[$i]]["hide_create"]) && $dsc["cols"][$keys[$i]]["hide_create"] == "yes") {
break;
}
if (isset($dsc["cols"][$keys[$i]]["happen_domain"])) {
$happen = $dsc["cols"][$keys[$i]]["happen_domain"];
} else {
$happen = "";
}
if (isset($dsc["cols"][$keys[$i]]["happen"])) {
$happen .= $dsc["cols"][$keys[$i]]["happen"];
}
if (isset($dsc["cols"][$keys[$i]]["default"])) {
$ctrl_value = $dsc["cols"][$keys[$i]]["default"];
} else {
$ctrl_value = "";
}
if ($dsc["cols"][$keys[$i]]["type"] == "readonly") {
$ctrl = "<input type=\"text\" name=\"" . $keys[$i] . "\" value=\"{$ctrl_value}\" READONLY>{$happen}";
} else {
$ctrl = "<input type=\"text\" name=\"" . $keys[$i] . "\" value=\"{$ctrl_value}\">{$happen}";
}
$out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help);
break;
case "textarea":
if (isset($dsc["cols"][$keys[$i]]["cols"])) {
$ctrl_cols = " cols=\"" . $dsc["cols"][$keys[$i]]["cols"] . "\" ";
} else {
$ctrl_cols = "";
}
if (isset($dsc["cols"][$keys[$i]]["rows"])) {
$ctrl_rows = " rows=\"" . $dsc["cols"][$keys[$i]]["rows"] . "\" ";
} else {
$ctrl_rows = "";
}
$ctrl = "<textarea {$ctrl_cols} {$ctrl_rows} name=\"" . $keys[$i] . "\"></textarea>";
$out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help);
break;
case "radio":
$nbr_choices = sizeof($dsc["cols"][$keys[$i]]["values"]);
$ctrl = "";
for ($x = 0; $x < $nbr_choices; $x++) {
if (isset($dsc["cols"][$keys[$i]]["default"])) {
if ($dsc["cols"][$keys[$i]]["values"][$x] == $dsc["cols"][$keys[$i]]["default"]) {
$selected = " checked ";
} else {
$selected = "";
}
} else {
if ($x == 0) {
$selected = " checked ";
} else {
$selected = "";
}
}
if (isset($dsc["cols"][$keys[$i]]["display_replace"][$x])) {
$display_val = $dsc["cols"][$keys[$i]]["display_replace"][$x];
} else {
$display_val = $dsc["cols"][$keys[$i]]["values"][$x];
}
$ctrl .= "<input type=\"radio\" name=\"" . $keys[$i] . "\" value=\"" . $dsc["cols"][$keys[$i]]["values"][$x] . "\" {$selected}> ";
$ctrl .= $display_val;
}
$out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help);
break;
case "checkbox":
if (!isset($dsc["cols"][$keys[$i]]["default"])) {
$checked = " checked ";
} else {
$checked = " ";
}
$ctrl = "<input type=\"checkbox\" name=\"" . $keys[$i] . "\" value=\"yes\" {$checked}>";
$out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help);
break;
case "popup":
$nbr_choices = sizeof($dsc["cols"][$keys[$i]]["values"]);
$ctrl = "<select name=\"" . $keys[$i] . "\">";
for ($x = 0; $x < $nbr_choices; $x++) {
$selected = "";
if (isset($dsc["cols"][$keys[$i]]["default"])) {
if ($dsc["cols"][$keys[$i]]["values"][$x] == $dsc["cols"][$keys[$i]]["default"]) {
$selected = " selected ";
} else {
$selected = "";
}
}
if (isset($dsc["cols"][$keys[$i]]["display_replace"][$x])) {
$display_val = $dsc["cols"][$keys[$i]]["display_replace"][$x];
} else {
$display_val = $dsc["cols"][$keys[$i]]["values"][$x];
}
$ctrl .= " <option value=\"" . $dsc["cols"][$keys[$i]]["values"][$x] . "\" {$selected}>{$display_val}</option>";
}
$out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help);
break;
default:
$ctrl = "Not implemented yet!!!";
$out .= dtcFormLineDraw($dsc["cols"][$keys[$i]]["legend"], $ctrl, $i % 2, $help);
break;
}
}
$out .= dtcFromOkDraw();
$out .= "</table></form>";
}
// Edition of existing items
} else {
$out .= "<a href=\"{$fw_link}&subaction=" . $dsc["action"] . "_new_item\">" . $dsc["new_item_link"] . "</a><br><br>";
$out .= "<h3>" . $dsc["edit_item_title"] . "</h3><br>";
$q = "SELECT * FROM " . $dsc["table_name"] . " {$where} AND " . $dsc["id_fld"] . "='" . addslashes($_REQUEST["item"]) . "';";
$r = mysql_query($q) or die("Cannot query {$q} in " . __FILE__ . " line " . __LINE__ . " sql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n == 1) {
$a = mysql_fetch_array($r);
$out .= "<form name=\"" . $dsc["action"] . "_save_item_frm\" action=\"" . $_SERVER["PHP_SELF"] . "\">{$fw}";
$out .= "<input type=\"hidden\" name=\"action\" value=\"" . $dsc["action"] . "_save_item\">";
$out .= "<input type=\"hidden\" name=\"subaction\" value=\"" . $dsc["action"] . "_edit_item\">";
$out .= "<input type=\"hidden\" name=\"item\" value=\"" . $a[$dsc["id_fld"]] . "\">";
$out .= dtcFormTableAttrs();
for ($j = 0; $j < $nbr_fld; $j++) {
$the_fld = $dsc["cols"][$keys[$j]];
if (isset($dsc["cols"][$keys[$j]]["help"])) {
$help = $dsc["cols"][$keys[$j]]["help"];
} else {
$help = "";
}
switch ($the_fld["type"]) {
case "id":
$out .= "<input type=\"hidden\" name=\"" . $keys[$j] . "\" value=\"" . $a[$keys[$j]] . "\">";
$id_fldname = $keys[$j];
$id_fld_value = $a[$keys[$j]];
break;
case "textarea":
if (isset($dsc["cols"][$keys[$j]]["cols"])) {
$ctrl_cols = " cols=\"" . $dsc["cols"][$keys[$j]]["cols"] . "\" ";
} else {
$ctrl_cols = "";
}
if (isset($dsc["cols"][$keys[$j]]["rows"])) {
$ctrl_rows = " rows=\"" . $dsc["cols"][$keys[$j]]["rows"] . "\" ";
} else {
$ctrl_rows = "";
}
$ctrl = "<textarea {$ctrl_cols} {$ctrl_rows} name=\"" . $keys[$j] . "\">" . stripslashes($a[$keys[$j]]) . "</textarea>";
$out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help);
break;
case "password":
case "text":
case "readonly":
if (isset($dsc["cols"][$keys[$j]]["disable_edit"]) && $dsc["cols"][$keys[$j]]["disable_edit"] == "yes") {
$disabled = " disabled ";
} else {
$disabled = " ";
}
if (isset($dsc["cols"][$keys[$j]]["size"])) {
$size = " size=\"" . $dsc["cols"][$keys[$j]]["size"] . "\" ";
} else {
$size = "";
}
if (isset($dsc["cols"][$keys[$j]]["happen_domain"]) && preg_match("/" . $dsc["cols"][$keys[$j]]["happen_domain"] . "\$/", $a[$keys[$j]])) {
$input_disp_value = substr($a[$keys[$j]], 0, strlen($a[$keys[$j]]) - strlen($dsc["cols"][$keys[$j]]["happen_domain"]));
$happen = $dsc["cols"][$keys[$j]]["happen_domain"];
} else {
if ($dsc["cols"][$keys[$j]]["type"] != "readonly") {
$input_disp_value = $a[$keys[$j]];
}
$happen = "";
}
if (isset($dsc["cols"][$keys[$j]]["happen"])) {
$happen .= $dsc["cols"][$keys[$j]]["happen"];
}
if ($the_fld["type"] == "password") {
$genpass = autoGeneratePassButton($dsc["action"] . "_save_item_frm", $keys[$j]);
$input_disp_type = "password";
} else {
$genpass = "";
$input_disp_type = "text";
}
// Do this only for readonly
if ($dsc["cols"][$keys[$j]]["type"] == "readonly") {
$disabled = " READONLY";
isset($dsc["cols"][$keys[$j]]["default"]) ? $input_disp_value = $dsc["cols"][$keys[$j]]["default"] : ($input_disp_value = '');
isset($dsc["cols"][$keys[$j]]["happen"]) ? $happen = $dsc["cols"][$keys[$j]]["happen"] : ($happen = '');
}
if (isset($dsc["cols"][$keys[$j]]["callback"])) {
$retArray = $dsc["cols"][$keys[$j]]["callback"]($id_fld_value);
$input_disp_value = $retArray["value"];
$happen = $retArray["happen"];
}
$ctrl = "<input type=\"{$input_disp_type}\" {$size} name=\"" . $keys[$j] . "\" value=\"" . stripslashes($input_disp_value) . "\" {$disabled}>{$genpass}{$happen}";
$out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help);
break;
case "radio":
$nbr_choices = sizeof($dsc["cols"][$keys[$j]]["values"]);
$ctrl = "";
for ($x = 0; $x < $nbr_choices; $x++) {
if ($dsc["cols"][$keys[$j]]["values"][$x] == $a[$keys[$j]]) {
$selected = " checked ";
} else {
$selected = "";
}
$ctrl .= " <input type=\"radio\" name=\"" . $keys[$j] . "\" value=\"" . $dsc["cols"][$keys[$j]]["values"][$x] . "\" {$selected}> ";
$ctrl .= $dsc["cols"][$keys[$j]]["values"][$x];
}
$out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help);
break;
case "checkbox":
if ($dsc["cols"][$keys[$j]]["values"][0] == $a[$keys[$j]]) {
$selected = " checked ";
} else {
$selected = " ";
}
$ctrl = "<input type=\"checkbox\" name=\"" . $keys[$j] . "\" value=\"yes\" " . $selected . ">";
$out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help);
break;
case "popup":
$nbr_choices = sizeof($dsc["cols"][$keys[$j]]["values"]);
$ctrl = "<select name=\"" . $keys[$j] . "\">";
for ($x = 0; $x < $nbr_choices; $x++) {
if ($dsc["cols"][$keys[$j]]["values"][$x] == $a[$keys[$j]]) {
$selected = " selected ";
} else {
$selected = "";
}
if (isset($dsc["cols"][$keys[$j]]["display_replace"][$x])) {
$display_val = $dsc["cols"][$keys[$j]]["display_replace"][$x];
} else {
$display_val = $dsc["cols"][$keys[$j]]["values"][$x];
}
$ctrl .= " <option value=\"" . $dsc["cols"][$keys[$j]]["values"][$x] . "\" {$selected}>{$display_val}</option>";
}
$out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help);
break;
default:
$ctrl = "Not implemented yet!!!";
$out .= dtcFormLineDraw($dsc["cols"][$keys[$j]]["legend"], $ctrl, $j % 2, $help);
break;
}
}
$delete_button = "<form action=\"" . $_SERVER["PHP_SELF"] . "\">{$fw}\n\t\t\t<input type=\"hidden\" name=\"action\" value=\"" . $dsc["action"] . "_delete_item" . "\">\n\t\t\t<input type=\"hidden\" name=\"{$id_fldname}\" value=\"{$id_fld_value}\">\n\t\t\t" . dtcDeleteButton() . "</form>";
$out .= "<tr><td> </td><td><table cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n\t\t\t<tr><td>" . dtcApplyButton() . "</form></td><td>{$delete_button}</td></tr></table></td></tr>";
$out .= "</table>";
} else {
$out .= "No item by this number!";
}
}
return $out;
}
function drawNewAdminForm()
{
global $conf_site_root_host_path;
global $lang;
global $pro_mysql_admin_table;
global $pro_mysql_client_table;
global $pro_mysql_new_admin_table;
global $pro_mysql_pending_queries_table;
global $pro_mysql_pay_table;
global $pro_mysql_pending_renewal_table;
global $pro_mysql_product_table;
global $pro_mysql_vps_table;
global $pro_mysql_tik_admins_table;
global $pro_mysql_tik_queries_table;
global $pro_mysql_tik_cats_table;
global $pro_mysql_dedicated_table;
global $secpayconf_currency_letters;
global $secpayconf_use_maxmind;
get_secpay_conf();
$out = "";
// Resolve support ticket stuff
if (isset($_REQUEST["subaction"]) && $_REQUEST["subaction"] == "resolv_ticket") {
$q = "SELECT * FROM {$pro_mysql_tik_queries_table} WHERE id='" . $_REQUEST["tik_id"] . "';";
$r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n != 1) {
return _("Cannot find ticket!");
}
$a = mysql_fetch_array($r);
$out .= _("Subject: ") . htmlspecialchars(stripslashes($a["subject"])) . "<br>";
$q2 = "SELECT * FROM {$pro_mysql_tik_cats_table} WHERE id='" . $a["cat_id"] . "';";
$r2 = mysql_query($q2) or die("Cannot query {$q2} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
$n2 = mysql_num_rows($r2);
if ($n2 != 1) {
$tmp = _("Type not found!");
} else {
$a2 = mysql_fetch_array($r2);
$tmp = $a2["catdescript"] . "<br>";
}
$out .= _("Type:") . $tmp;
$out .= _("First query date: ") . $a["date"] . " " . $a["time"] . "<br>";
$out .= _("Server hostname related: ") . $a["server_hostname"] . "<br>";
$out .= _("Admin login: "******"adm_login"] . "<br><br>";
$out .= "<table cellspacing=\"0\" cellpadding=\"4\" border=\"0\">";
$next_tikq = $_REQUEST["tik_id"];
$close_request = "no";
while ($next_tikq != 0) {
$q = "SELECT * FROM {$pro_mysql_tik_queries_table} WHERE adm_login='******' AND id='{$next_tikq}';";
$r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n != 1) {
$out .= _("Cannot find ticket!");
break;
}
$a = mysql_fetch_array($r);
$last_tik = $next_tikq;
$next_tikq = $a["reply_id"];
if ($a["admin_or_user"] == "user") {
$bg = " bgcolor=\"#AAAAFF\" ";
} else {
$bg = " bgcolor=\"#FFFFAA\" ";
}
if ($a["admin_or_user"] == "admin") {
$replied_by = "<br>" . _("Replied by:") . " " . $a["admin_name"];
} else {
$replied_by = "";
}
$out .= "<tr><td{$bg} valign=\"top\"><i>" . $a["date"] . " " . $a["time"] . "</i>" . $replied_by . "</td><td{$bg}>" . nl2br(htmlspecialchars(stripslashes($a["text"]))) . "</td></tr>";
if ($a["request_close"] == "yes") {
$close_request = "yes";
}
}
$out .= "</table>";
$out .= _("Request to close the ticket: ");
if ($close_request == "yes") {
$out .= "<font color=\"#00FF00\">" . _("Yes") . "</font><br>";
} else {
$out .= "<font color=\"#FF0000\">" . _("No") . "</font><br>";
}
$out .= "<form action=\"" . $_SERVER["PHP_SELF"] . "\" method=\"post\">\n\t\t<input type=\"hidden\" name=\"subaction\" value=\"ticket_reply\">\n\t\t<textarea cols=\"100\" rows=\"10\" wrap=\"physical\" name=\"ticketbody\"></textarea><br>\n\t\t<input type=\"hidden\" name=\"tik_id\" value=\"" . $_REQUEST["tik_id"] . "\">\n\t\t<input type=\"hidden\" name=\"server_hostname\" value=\"" . $a["server_hostname"] . "\">\n\t\t<input type=\"hidden\" name=\"last_tik_id\" value=\"{$last_tik}\">\n\t\t<div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" name=\"answer\" value=\"" . _("Send reply") . "\"></div>\n <div class=\"input_btn_right\"></div>\n</div>\n\t\t<div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" name=\"answer_close\" value=\"" . _("Send reply and close ticket") . "\"></div>\n <div class=\"input_btn_right\"></div>\n</div>\n\t\t<div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" name=\"close\" value=\"" . _("Close without reply") . "\"></div>\n <div class=\"input_btn_right\"></div>\n</div>\n\t\t<div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" name=\"delete_thread\" value=\"" . _("Delete thread silently") . "\"></div>\n <div class=\"input_btn_right\"></div>\n</div>\n\t\t</form>";
return $out;
}
// Reply to support ticket stuff
if (isset($_REQUEST["subaction"]) && $_REQUEST["subaction"] == "ticket_reply") {
$q = "SELECT * FROM {$pro_mysql_tik_queries_table} WHERE id='" . $_REQUEST["tik_id"] . "';";
$r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n != 1) {
return _("Cannot find ticket!");
}
$a = mysql_fetch_array($r);
if (isset($_REQUEST["answer"])) {
$closed = "no";
} else {
$closed = "yes";
}
$adm_login = $a["adm_login"];
if (strlen($adm_login) != 0) {
$q = "SELECT * FROM {$pro_mysql_admin_table} WHERE adm_login='******';";
$r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n != 1) {
return "Admin {$adm_login} not found line " . __LINE__ . " file " . __FILE__;
}
$admin = mysql_fetch_array($r);
if ($admin["id_client"] == "0") {
return _("The virtual administrator for which you are trying to manage a support ticket has no client file. Go in the Customer management screen and create a client file for this administrator.");
}
$q = "SELECT * FROM {$pro_mysql_client_table} WHERE id='" . $admin["id_client"] . "';";
$r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n != 1) {
return "Client id for admin {$adm_login} not found line " . __LINE__ . " file " . __FILE__;
}
$client = mysql_fetch_array($r);
} else {
$adm_login = "";
}
if (isset($_REQUEST["delete_thread"])) {
deleteTicketThread($_REQUEST["tik_id"]);
$closed = "no";
}
if (isset($_REQUEST["answer"]) || isset($_REQUEST["answer_close"])) {
$qps = "SELECT * FROM {$pro_mysql_tik_admins_table} WHERE pseudo='" . $_SERVER["PHP_AUTH_USER"] . "';";
$rps = mysql_query($qps) or die("Cannot query {$qps} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
$nps = mysql_num_rows($rps);
if ($nps != 1) {
die("Ticket admin not found line " . __LINE__ . " file " . __FILE__);
}
$aps = mysql_fetch_array($rps);
$pseudo = $aps["pseudo"];
$q2 = "INSERT INTO {$pro_mysql_tik_queries_table} (id,adm_login,date,time,in_reply_of_id,reply_id,admin_or_user,subject,text,cat_id,initial_ticket,server_hostname,closed,admin_name)\n\t\t\tVALUES ('','" . $a["adm_login"] . "','" . date("Y-m-d") . "','" . date("H:i:s") . "','" . $_REQUEST["last_tik_id"] . "','0','admin','" . mysql_real_escape_string($a["subject"]) . "','" . mysql_real_escape_string($_REQUEST["ticketbody"]) . "','" . $a["cat_id"] . "','no','" . $a["server_hostname"] . "','{$closed}','{$pseudo}');";
$r2 = mysql_query($q2) or die("Cannot query {$q2} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
$ins_id = mysql_insert_id();
$q2 = "UPDATE {$pro_mysql_tik_queries_table} SET reply_id='{$ins_id}' WHERE id='" . $_REQUEST["last_tik_id"] . "';";
$r2 = mysql_query($q2) or die("Cannot query {$q2} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
$out .= "Ticket reply sent!<br>";
if (strlen($adm_login) != 0) {
mailUserTicketReply($client["email"], $a["hash"], $a["subject"], $_REQUEST["ticketbody"], $closed, $adm_login);
}
if (strlen($a["customer_email"]) != 0) {
mailUserTicketReply($a["customer_email"], $a["hash"], $a["subject"], $_REQUEST["ticketbody"], $closed, $adm_login);
}
}
if ($closed == "yes") {
$q2 = "UPDATE {$pro_mysql_tik_queries_table} SET closed='yes' WHERE id='" . $_REQUEST["tik_id"] . "';";
$r2 = mysql_query($q2) or die("Cannot query {$q2} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
}
if (isset($_REQUEST["close"])) {
if (strlen($adm_login) != 0) {
mailUserTicketReply($client["email"], $a["hash"], "The ticket has been closed (without text reply)", "The ticket has been closed (without text reply)", $closed, $adm_login);
}
if (strlen($a["customer_email"]) != 0) {
mailUserTicketReply($a["customer_email"], $a["hash"], "The ticket has been closed (without text reply)", "The ticket has been closed (without text reply)", $closed, $adm_login);
}
}
}
// Draw the form for making a new admin
$add_a_user = "******" . _("Add a new user") . "</h3>\n<form name=\"addnewuser_frm\" action=\"?\" method=\"post\">\n<input type=\"hidden\" name=\"newadminuser\" value=\"Ok\">\n" . dtcFormTableAttrs() . dtcFormLineDraw(_("Login:"******"<input class=\"dtcDatagrid_input_color\" type=\"text\" name=\"newadmin_login\" value=\"\">") . dtcFormLineDraw(_("Password:"******"<input class=\"dtcDatagrid_input_alt_color\" type=\"password\" name=\"newadmin_pass\" value=\"\">" . autoGeneratePassButton("addnewuser_frm", "newadmin_pass"), 0) . dtcFormLineDraw(_("Path:"), "<input class=\"dtcDatagrid_input_color\" type=\"text\" name=\"newadmin_path\" value=\"{$conf_site_root_host_path}\">") . dtcFromOkDraw() . "\n</form>\n</table>\n";
if ($secpayconf_use_maxmind == "yes") {
$maxmindsays_th = "<td>" . _("MaxMind says") . "</td>";
} else {
$maxmindsays_th = "";
}
// Draw the list of users awaiting for an account
$waiting_new_users = "<h3>" . _("User and domain waiting for addition:") . "</h3>";
$q = "SELECT * FROM {$pro_mysql_new_admin_table} ORDER BY date,time";
$r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n < 1) {
$waiting_new_users .= "<b>" . _("No user waiting!") . "</b>";
} else {
$waiting_new_users .= "<table width=\"100%\"border=\"1\">\n<tr><td>" . _("Name") . "</td><td>" . _("Login") . "</td><td>" . _("Domain name / VPS server hostname") . "</td><td>" . _("Product") . "</td><td>" . _("Date") . "</td><td>" . _("Bank validated") . "</td>{$maxmindsays_th}<td>" . _("Action") . "</td></tr>";
for ($i = 0; $i < $n; $i++) {
$a = mysql_fetch_array($r);
$waiting_new_users .= "<tr><td style=\"white-space:nowrap\"><u>" . $a["comp_name"] . ":</u><br>";
$waiting_new_users .= $a["family_name"] . ", " . $a["first_name"] . "</td>";
$waiting_new_users .= "<td>" . $a["reqadm_login"] . "</td>";
$prod_id = $a["product_id"];
$q2 = "SELECT * FROM {$pro_mysql_product_table} WHERE id='{$prod_id}';";
$r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
$n2 = mysql_num_rows($r2);
if ($n2 != 1) {
$dom_name = _("Cannot find product in db!");
$prod_name = _("Cannot find product in db!");
} else {
$a2 = mysql_fetch_array($r2);
$prod_name = $a2["name"];
if ($a2["heb_type"] == "vps") {
$dom_name = $a["vps_location"];
} else {
$dom_name = $a["domain_name"];
}
}
$waiting_new_users .= "<td>{$dom_name}</td><td>{$prod_name}</td>";
$waiting_new_users .= "<td>" . $a["date"] . " " . $a["time"] . "<br>" . calculateAge($a["date"], $a["time"]) . "</td>";
if ($a["paiement_id"] == 0) {
$waiting_new_users .= "<td>" . _("No pay ID!") . "</td>";
} else {
$q = "SELECT * FROM {$pro_mysql_pay_table} WHERE id='" . $a["paiement_id"] . "';";
$r2 = mysql_query($q) or die("Cannot select {$q} line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
$n2 = mysql_num_rows($r2);
if ($n2 != 1) {
echo "Numrows!=1 in {$q} line: " . __LINE__ . " file: " . __FILE__ . " : problems with sql tables !";
}
$a2 = mysql_fetch_array($r2);
if ($a2["valid"] == "yes") {
$waiting_new_users .= "<td><font color=\"green\">" . _("Yes") . "</font></td>";
} elseif ($a2["valid"] == "pending") {
$waiting_new_users .= "<td><font color=\"#FF8800\">" . _("Pending") . ": " . $a2["pending_reason"] . "</font></td>";
} else {
$waiting_new_users .= "<td><font color=\"red\">" . _("No") . "</font></td>";
}
}
if ($secpayconf_use_maxmind == "yes") {
$waiting_new_users .= "<td><pre style='width: 200px; height: 100px; overflow: scroll;'>" . htmlspecialchars(print_r(unserialize($a["maxmind_output"]), true)) . "</pre></td>";
}
$waiting_new_users .= "<td style=\"white-space:nowrap\"><a target=\"_blank\" href=\"/dtcadmin/view_waitingusers.php?reqadm_id=" . $a["id"] . "\">" . _("Edit") . "</a><br/>\n\t\t\t<a href=\"" . $_SERVER["PHP_SELF"] . "?action=valid_waiting_user&reqadm_id=" . $a["id"] . "\">" . _("Add") . "</a><br/>\n\t\t\t<a href=\"" . $_SERVER["PHP_SELF"] . "?action=delete_waiting_user&reqadm_id=" . $a["id"] . "\">" . _("Delete") . "</a></td>";
$waiting_new_users .= "</tr>";
}
$waiting_new_users .= "</table>";
}
// Draw the list of domains awaiting to be add to users
$q = "SELECT * FROM {$pro_mysql_pending_queries_table}";
$r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n < 1) {
$waiting_new_users .= "<br><b>" . _("No domain waiting!") . "</b><br>";
} else {
$waiting_new_users .= "<table border=\"1\">\n\t<tr><td>" . _("Login") . "</td><td>" . _("Domain name") . "</td><td>" . _("Action") . "</td></tr>";
for ($i = 0; $i < $n; $i++) {
$a = mysql_fetch_array($r);
$waiting_new_users .= "<td>" . $a["adm_login"] . "</td>";
$waiting_new_users .= "<td>" . $a["domain_name"] . "</td>";
$waiting_new_users .= "<td><a href=\"" . $_SERVER["PHP_SELF"] . "?action=valid_waiting_domain_to_user&reqid=" . $a["id"] . "\">" . _("Add") . "</a>\n- <a href=\"" . $_SERVER["PHP_SELF"] . "?action=delete_waiting_domain_to_user&reqid=" . $a["id"] . "\">" . _("Delete") . "</a></td></tr>";
}
$waiting_new_users .= "</table>";
}
// Draw the list of pending renewals
$q = "SELECT * FROM {$pro_mysql_pending_renewal_table} ORDER BY renew_date,renew_time";
$r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n < 1) {
$waiting_new_users .= "<b>" . _("No pending renewals!") . "</b><br>";
} else {
$waiting_new_users .= "<table border=\"1\">\n<tr><td>" . _("Login") . "</td><td>" . _("Product") . "</td><td>" . _("Payment date") . "</td><td>" . _("Bank validated") . "</td><td>" . _("Type") . "</td><td>" . _("Action") . "</td></tr>";
for ($i = 0; $i < $n; $i++) {
$a = mysql_fetch_array($r);
$waiting_new_users .= "<tr><td>" . $a["adm_login"] . "</td>";
$q2 = "SELECT name,price_dollar,period FROM {$pro_mysql_product_table} WHERE id='" . $a["product_id"] . "';";
$r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
$n2 = mysql_num_rows($r2);
if ($n2 != 1) {
$prod_name = _("Cannot find product!");
} else {
$a2 = mysql_fetch_array($r2);
$prod_name = $a2["name"] . " (" . $a2["price_dollar"] . " {$secpayconf_currency_letters}: " . $a2["period"] . ")";
}
$waiting_new_users .= "<td>{$prod_name}</td>";
$waiting_new_users .= "<td>" . $a["renew_date"] . " " . $a["renew_time"] . "</td>";
$q2 = "SELECT * FROM {$pro_mysql_pay_table} WHERE id='" . $a["pay_id"] . "';";
$r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
$n2 = mysql_num_rows($r2);
if ($n2 != 1) {
$bank = _("Cannot find payment!");
} else {
$a2 = mysql_fetch_array($r2);
switch ($a2["valid"]) {
case "yes":
$bank = "<font color=\"green\">" . _("Yes") . "</font>";
break;
default:
case "no":
$bank = "<font color=\"red\">" . _("No") . "</font>";
break;
case "pending":
$bank = "<font color=\"#FF8800\">" . _("Pending") . ": " . $a2["pending_reason"] . "</font>";
break;
}
}
$waiting_new_users .= "<td>{$bank}</td>";
switch ($a["heb_type"]) {
case "vps":
$q2 = "SELECT * FROM {$pro_mysql_vps_table} WHERE id='" . $a["renew_id"] . "'";
$r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
if ($n2 != 1) {
$heb_type = _("VPS: Cannot find VPS in db!");
} else {
$a2 = mysql_fetch_array($r2);
$heb_type = "VPS: " . $a2["vps_xen_name"] . "@" . $a2["vps_server_hostname"];
}
break;
case "shared":
case "ssl":
$heb_type = _("Shared");
break;
case "shared-upgrade":
$heb_type = _("Shared Upgrade");
break;
case "ssl":
$heb_type = _("SSL Token purchase");
break;
case "ssl_renew":
$heb_type = _("SSL Token renewal");
break;
case "server":
$q2 = "SELECT * FROM {$pro_mysql_dedicated_table} WHERE id='" . $a["renew_id"] . "'";
$r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
if ($n2 != 1) {
$tmp = _("Cannot find server in db!");
} else {
$a2 = mysql_fetch_array($r2);
$tmp = $a2["server_hostname"];
}
$heb_type = _("Server:") . $tmp;
break;
default:
echo "Renew type " . $a["heb_type"] . " not implemented line " . __LINE__ . " file " . __FILE__;
break;
}
$waiting_new_users .= "<td>{$heb_type}</td>";
$waiting_new_users .= "<td style=\"white-space:nowrap\"><a href=\"" . $_SERVER["PHP_SELF"] . "?action=validate_renewal&id=" . $a["id"] . "\">" . _("Validate") . "</a> <a href=\"" . $_SERVER["PHP_SELF"] . "?action=delete_renewal&id=" . $a["id"] . "\">" . _("Del") . "</a></td>";
$waiting_new_users .= "</tr>";
}
$waiting_new_users .= "</table>";
}
// Ticket manager: draw all open tickets
$q = "SELECT * FROM {$pro_mysql_tik_queries_table} WHERE closed='no' AND initial_ticket='yes' ORDER BY `date`,`time`;";
$r = mysql_query($q) or die("Cannot query \"{$q}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n < 1) {
$waiting_new_users .= "<b>" . _("No pending support tickets!") . "</b><br>";
} else {
$waiting_new_users .= "<table border=\"1\">\n<tr><td>" . _("Login") . "</td><td>" . _("Age") . "</td><td>" . _("Type") . "</td><td>" . _("Subject") . "</td><td>" . _("Last message from") . "</td><td>" . _("Last message age") . "</td></tr>";
for ($i = 0; $i < $n; $i++) {
$a = mysql_fetch_array($r);
if (strlen($a["customer_email"]) != 0) {
$who = $a["customer_email"];
if (strlen($a["adm_login"]) != 0) {
$who .= " / " . $a["adm_login"];
}
} else {
$who = $a["adm_login"];
}
$waiting_new_users .= "<tr><td>{$who}</td>";
$q2 = "SELECT * FROM {$pro_mysql_tik_cats_table} WHERE id='" . $a["cat_id"] . "'";
$r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
$n2 = mysql_num_rows($r2);
if ($n2 != 1) {
$cat = _("Type not found!");
} else {
$a2 = mysql_fetch_array($r2);
$cat = $a2["catname"];
}
$age = calculateAge($a["date"], $a["time"]);
$waiting_new_users .= "<td style=\"white-space:nowrap;\">{$age}</td><td>{$cat}</td><td style=\"white-space:nowrap;\"><a href=\"" . $_SERVER["PHP_SELF"] . "?subaction=resolv_ticket&tik_id=" . $a["id"] . "\">" . htmlspecialchars(stripslashes($a["subject"])) . "</a></td>";
$next_reply_id = $a["reply_id"];
$last_reply_text = "<font color=\"green\">" . _("Admin") . "</font>";
$last_message_date = $a["date"];
$last_message_time = $a["time"];
$loop_num = 0;
$last_guy_replied = "user";
while ($next_reply_id != 0 && $loop_num < 49) {
$loop_num++;
$q2 = "SELECT * FROM {$pro_mysql_tik_queries_table} WHERE id='{$next_reply_id}';";
$r2 = mysql_query($q2) or die("Cannot query \"{$q2}\" ! Line: " . __LINE__ . " in file: " . __FILE__ . " mysql said: " . mysql_error());
$n2 = mysql_num_rows($r2);
if ($n2 != 1) {
echo "Warning: couldn't find tik query {$next_reply_id} in last reply detection!";
break;
}
$a3 = mysql_fetch_array($r2);
$last_message_date = $a3["date"];
$last_message_time = $a3["time"];
if ($a3["admin_or_user"] == "user") {
$last_guy_replied = "user";
} else {
$last_guy_replied = "admin";
}
$next_reply_id = $a3["reply_id"];
if ($loop_num >= 49) {
echo "Warning: loop_num exeeded 50, not displaying last ticket reply from line" . __LINE__ . " file " . __FILE__;
}
}
if ($last_guy_replied == "user") {
$last_reply_text = "<font color=\"red\">" . _("User") . "</font>";
}
$waiting_new_users .= "<td>{$last_reply_text}</td>";
$age2 = calculateAge($last_message_date, $last_message_time);
$waiting_new_users .= "<td>" . $age2 . "</td>";
$waiting_new_users .= "</tr>";
}
$waiting_new_users .= "</table>";
}
return "<table>\n<tr>\n\t<td valign=\"top\">" . $waiting_new_users . "</td>\n\t</tr><tr>\n\t<td valign=\"top\">" . $add_a_user . "</td>\n</tr></table>";
}
function drawEditAdmin($admin)
{
global $pro_mysql_vps_server_table;
global $pro_mysql_vps_ip_table;
global $pro_mysql_vps_table;
global $pro_mysql_product_table;
global $pro_mysql_dedicated_table;
global $cc_code_popup;
global $adm_login;
global $adm_pass;
global $rub;
global $conf_hide_password;
$info = $admin["info"];
if (isset($admin["data"])) {
$data = $admin["data"];
}
$adm_cur_pass = $info["adm_pass"];
$adm_path = $info["path"];
$adm_max_email = $info["max_email"];
$adm_max_ftp = $info["max_ftp"];
$adm_quota = $info["quota"];
$bandwidth_per_month_mb = $info["bandwidth_per_month_mb"];
$adm_id_client = $info["id_client"];
$expire = $info["expire"];
$prod_id = $info["prod_id"];
$allow_add_domain = $info["allow_add_domain"];
$max_domain = $info["max_domain"];
$restricted_ftp_path = $info["restricted_ftp_path"];
$allow_dns_and_mx_change = $info["allow_dns_and_mx_change"];
$allow_mailing_list_edit = $info["allow_mailing_list_edit"];
$allow_subdomain_edit = $info["allow_subdomain_edit"];
$resseller_flag = $info["resseller_flag"];
$ssh_login_flag = $info["ssh_login_flag"];
$ftp_login_flag = $info["ftp_login_flag"];
$pkg_install_flag = $info["pkg_install_flag"];
if ($resseller_flag == "yes") {
$resflag_yes = " checked='checked' ";
$resflag_no = "";
} else {
$resflag_yes = " ";
$resflag_no = " checked='checked' ";
}
$res_selector = "<input type=\"radio\" name=\"resseller_flag\" value=\"yes\"{$resflag_yes}> " . _("Yes") . "\n\t<input type=\"radio\" name=\"resseller_flag\" value=\"no\"{$resflag_no}> " . _("No") . "</div>";
if ($ssh_login_flag == "yes") {
$sshlogin_yes = " checked='checked' ";
$sshlogin_no = "";
} else {
$sshlogin_yes = "";
$sshlogin_no = " checked='checked' ";
}
$sshlog_selector = "<input type=\"radio\" name=\"ssh_login_flag\" value=\"yes\"{$sshlogin_yes}> " . _("Yes") . "\n\t<input type=\"radio\" name=\"ssh_login_flag\" value=\"no\"{$sshlogin_no}> " . _("No");
if ($ftp_login_flag == "yes") {
$ftplogin_yes = " checked='checked' ";
$ftplogin_no = "";
} else {
$ftplogin_yes = "";
$ftplogin_no = " checked='checked' ";
}
$ftplog_selector = "<input type=\"radio\" name=\"ftp_login_flag\" value=\"yes\"{$ftplogin_yes}> " . _("Yes") . "\n\t<input type=\"radio\" name=\"ftp_login_flag\" value=\"no\"{$ftplogin_no}> " . _("No");
if ($pkg_install_flag == "yes") {
$pkg_install_yes = " checked='checked' ";
$pkg_install_no = "";
} else {
$pkg_install_yes = "";
$pkg_install_no = " checked='checked' ";
}
$pkg_install_selector = "<input type=\"radio\" name=\"pkg_install_flag\" value=\"yes\"{$pkg_install_yes}> " . _("Yes") . "\n\t<input type=\"radio\" name=\"pkg_install_flag\" value=\"no\"{$pkg_install_no}> " . _("No");
if ($allow_add_domain == "yes") {
$adyes = "selected='selected'";
} else {
$adyes = "";
}
if ($allow_add_domain == "check") {
$adcheck = "selected='selected'";
} else {
$adcheck = "";
}
if ($allow_add_domain == "no") {
$adno = "selected='selected'";
} else {
$adno = "";
}
$aldom_popup = "<select class=\"dtcDatagrid_input_color\" name=\"allow_add_domain\">\n<option value=\"yes\" {$adyes}>" . _("Yes") . "</option>\n<option value=\"check\" {$adcheck}>" . _("Check") . "</option>\n<option value=\"no\" {$adno}>" . _("No") . "</option>\n</select>\n";
// Restriction of FTP path selection
if ($restricted_ftp_path == "yes") {
$restricted_ftp_path_yes = " checked='checked' ";
$restricted_ftp_path_no = "";
} else {
$restricted_ftp_path_yes = "";
$restricted_ftp_path_no = " checked='checked' ";
}
$restricted_ftp_path_selector = "<input type=\"radio\" name=\"restricted_ftp_path\" value=\"yes\"{$restricted_ftp_path_yes}> " . _("Yes") . "\n<input type=\"radio\" name=\"restricted_ftp_path\" value=\"no\"{$restricted_ftp_path_no}> " . _("No");
// Allowing change of DNS and MX
if ($allow_dns_and_mx_change == "yes") {
$allow_dns_and_mx_change_yes = " checked='checked' ";
$allow_dns_and_mx_change_no = "";
} else {
$allow_dns_and_mx_change_yes = "";
$allow_dns_and_mx_change_no = " checked='checked' ";
}
$allow_dns_and_mx_change_selector = "<input type=\"radio\" name=\"allow_dns_and_mx_change\" value=\"yes\"{$allow_dns_and_mx_change_yes}> " . _("Yes") . "\n<input type=\"radio\" name=\"allow_dns_and_mx_change\" value=\"no\"{$allow_dns_and_mx_change_no}> " . _("No");
// Allow users to edit mailing lists
if ($allow_mailing_list_edit == "yes") {
$allow_mailing_list_edit_yes = " checked='checked' ";
$allow_mailing_list_edit_no = "";
} else {
$allow_mailing_list_edit_yes = "";
$allow_mailing_list_edit_no = " checked='checked' ";
}
$allow_mailing_list_edit_selector = "<input type=\"radio\" name=\"allow_mailing_list_edit\" value=\"yes\"{$allow_mailing_list_edit_yes}> " . _("Yes") . "\n<input type=\"radio\" name=\"allow_mailing_list_edit\" value=\"no\"{$allow_mailing_list_edit_no}> " . _("No");
// Allow users to edit subdomains
if ($allow_subdomain_edit == "yes") {
$allow_subdomain_edit_yes = " checked='checked' ";
$allow_subdomain_edit_no = "";
} else {
$allow_subdomain_edit_yes = "";
$allow_subdomain_edit_no = " checked='checked' ";
}
$allow_subdomain_edit_selector = "<input type=\"radio\" name=\"allow_subdomain_edit\" value=\"yes\"{$allow_subdomain_edit_yes}> " . _("Yes") . "\n<input type=\"radio\" name=\"allow_subdomain_edit\" value=\"no\"{$allow_subdomain_edit_no}> " . _("No");
// Generate the user configuration form
$user_data = "\n<form name=\"admattrbfrm\" action=\"?\" methode=\"post\">\n<input type=\"hidden\" name=\"rub\" value=\"{$rub}\">\n<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n<input type=\"hidden\" name=\"updateuserinfo\" value=\"Ok\">\n" . dtcFormTableAttrs();
$genpass = autoGeneratePassButton("admattrbfrm", "changed_pass");
if ($conf_hide_password == "yes") {
$ctrl = "<input class=\"dtcDatagrid_input_color\" type=\"password\" name=\"changed_pass\" value=\"{$adm_cur_pass}\">{$genpass}";
} else {
$ctrl = "<input class=\"dtcDatagrid_input_color\" type=\"text\" name=\"changed_pass\" value=\"{$adm_cur_pass}\">{$genpass}";
}
$user_data .= dtcFormLineDraw(_("Password:"******"SELECT * FROM {$pro_mysql_product_table} WHERE (heb_type='shared' OR heb_type='ssl') AND renew_prod_id='0' ORDER BY id;";
$r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
$n = mysql_num_rows($r);
$prodsid = "";
$prodsid .= "<select class=\"dtcDatagrid_input_color\" name=\"heb_prod_id\"><option value=\"0\">" . _("No product") . "</option>";
for ($i = 0; $i < $n; $i++) {
$a = mysql_fetch_array($r);
if ($a["id"] == $prod_id) {
$prodsid_sel = " selected ";
} else {
$prodsid_sel = " ";
}
$prodsid .= "<option value=\"" . $a["id"] . "\"{$prodsid_sel}>" . $a["id"] . ": " . $a["name"] . "</option>";
}
$prodsid .= "</select>";
$user_data .= dtcFormLineDraw(_("Path:"), "<input class=\"dtcDatagrid_input_alt_color\" type=\"text\" name=\"changed_path\" value=\"{$adm_path}\">", 0);
$user_data .= dtcFormLineDraw(_("Client ID:"), "<input class=\"dtcDatagrid_input_color\" type=\"text\" name=\"changed_id_client\" value=\"{$adm_id_client}\"><a href=\"?rub=crm&id={$adm_id_client}\">" . _("client") . "</a>");
$user_data .= dtcFormLineDraw(_("Disk quota (MB):"), "<input class=\"dtcDatagrid_input_alt_color\" type=\"text\" name=\"adm_quota\" value=\"{$adm_quota}\">", 0);
$user_data .= dtcFormLineDraw(_("Allowed bandwidth per month (MB):"), "<input class=\"dtcDatagrid_input_color\" type=\"text\" name=\"bandwidth_per_month\" value=\"{$bandwidth_per_month_mb}\">");
$user_data .= dtcFormLineDraw(_("Expiry date:"), "<input class=\"dtcDatagrid_input_alt_color\" type=\"text\" name=\"expire\" value=\"{$expire}\">", 0);
$user_data .= dtcFormLineDraw(_("Product ID:"), $prodsid);
$user_data .= dtcFormLineDraw(_("Number of databases:"), "<input class=\"dtcDatagrid_input_alt_color\" type=\"text\" name=\"nbrdb\" value=\"" . $info["nbrdb"] . "\">", 0);
$user_data .= dtcFormLineDraw(_("Allow to add domains:"), $aldom_popup);
$user_data .= dtcFormLineDraw(_("Max domain:"), "<input class=\"dtcDatagrid_input_alt_color\" type=\"text\" name=\"max_domain\" value=\"{$max_domain}\">", 0);
$user_data .= dtcFormLineDraw(_("Grant sub-account addition rights (reseller):"), $res_selector);
$user_data .= dtcFormLineDraw(_("Allow addition of SSH logins:"), $sshlog_selector, 0);
$user_data .= dtcFormLineDraw(_("Allow addition of FTP logins:"), $ftplog_selector);
$user_data .= dtcFormLineDraw(_("Restrict FTP to the html folder:"), $restricted_ftp_path_selector, 0);
$user_data .= dtcFormLineDraw(_("Allow addition of mailing lists and mail groups:"), $allow_mailing_list_edit_selector);
$user_data .= dtcFormLineDraw(_("Allow edition of DNS and MX:"), $allow_dns_and_mx_change_selector, 0);
$user_data .= dtcFormLineDraw(_("Allow edition subdomains:"), $allow_subdomain_edit_selector);
$user_data .= dtcFormLineDraw(_("Allow the use of the package installer:"), $pkg_install_selector, 0);
$user_data .= dtcFromOkDraw() . "</table></form>";
// Generate the admin tool configuration module
// Deletion of domains :
$url = "" . $_SERVER["PHP_SELF"] . "?delete_admin_user={$adm_login}&rub={$rub}";
$confirmed_url = dtcJavascriptConfirmLink(_("Are your sure you want to delete this user? This will erase all his hosted domain names, files, and databases !!!"), $url);
$domain_conf = "<a href=\"{$confirmed_url}\"><b>" . _("Delete the user") . "</b></a><br><br>";
if (isset($data)) {
$domain_conf .= "<h3>" . _("Delete a user domain:") . "</h3><br>";
$nbr_domain = sizeof($data);
for ($i = 0; $i < $nbr_domain; $i++) {
$dom = $data[$i]["name"];
if ($i != 0) {
$domain_conf .= " - ";
}
$url = "?adm_login={$adm_login}&adm_pass={$adm_pass}&deluserdomain={$dom}&rub={$rub}";
$js_url = dtcJavascriptConfirmLink(_("Are you sure you want to delete this domain name ? This will erase all hosted files for this domain!!!"), $url);
$domain_conf .= "<a href=\"{$js_url}\">{$dom}</a>";
}
$domain_conf .= "</b><br><br>";
}
// Creation of domains :
$domain_conf .= "<h3>" . _("Add a domain for this user:"******"</h3>";
$domain_conf .= "<form action=\"?\"><table cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n<tr><td><input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n\t<input type=\"hidden\" name=\"rub\" value=\"{$rub}\">\n\t<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n\t<input type=\"text\" name=\"newdomain_name\" value=\"\"></td>\n\t<td><div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" name=\"newdomain\" value=\"Ok\"></div>\n <div class=\"input_btn_right\"></div>\n</div></td></tr></table>\n\t</form>";
$domain_conf .= "<h3>" . _("Import a domain file for this user:"******"<h3></b>\n\t<form action=\"?\" enctype=\"multipart/form-data\" method=\"post\">\n\t<table cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n\t<tr><td><input type=\"hidden\" name=\"rub\" value=\"{$rub}\">\n\t<input type=\"hidden\" name=\"action\" value=\"import_domain\">\n\t<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n\t<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n\t<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"30000000\">\n\t<input type=\"file\" name=\"domain_import_file\" size=\"30\"></td>\n\t<td><div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" value=\"" . _("Import") . "\"></div>\n <div class=\"input_btn_right\"></div>\n</div></td></tr></table></form>";
// Deletion of VPS
$q = "SELECT * FROM {$pro_mysql_vps_table} WHERE owner='{$adm_login}' ORDER BY vps_server_hostname,vps_xen_name;";
$r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n > 0) {
$domain_conf .= "<h3>" . _("Delete one of the admin VPS: ") . "</h3><br>";
for ($i = 0; $i < $n; $i++) {
$a = mysql_fetch_array($r);
if ($i > 0) {
$domain_conf .= " - ";
}
$delete_vps_url = dtcJavascriptConfirmLink(_("Are you sure you want to delete this VPS? This will also delete the partitions!"), "?adm_login={$adm_login}&adm_pass={$adm_pass}&rub={$rub}&action=delete_a_vps&id=" . $a["id"]);
$domain_conf .= "<a href=\"" . $delete_vps_url . "\"><b>" . $a["vps_server_hostname"] . ":" . $a["vps_xen_name"] . "</b></a>";
}
$domain_conf .= "<br><br>";
}
// Creation of VPS
$q = "SELECT * FROM {$pro_mysql_product_table} WHERE heb_type='vps' AND renew_prod_id='0';";
$r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
$n = mysql_num_rows($r);
$num_prods_vps = $n;
$vps_prods = "";
for ($i = 0; $i < $n; $i++) {
$a = mysql_fetch_array($r);
$vps_prods .= "<option value=\"" . $a["id"] . "\">" . $a["name"] . "</option>";
}
$q = "SELECT * FROM {$pro_mysql_vps_ip_table} WHERE available='yes' ORDER BY vps_server_hostname,vps_xen_name;";
$r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
$n = mysql_num_rows($r);
$vps_srvs = "";
for ($i = 0; $i < $n; $i++) {
$a = mysql_fetch_array($r);
$vps_srvs .= "<option value=\"" . $a["ip_addr"] . "\">" . $a["vps_server_hostname"] . ":" . $a["vps_xen_name"] . " (" . $a["ip_addr"] . ")</option>";
}
if ($n > 0 && $num_prods_vps > 0) {
$domain_conf .= "<h3>" . _("Add a VPS for this admin:") . "</h3>\n\t\t<form action=\"?\">\n\t\t<input type=\"hidden\" name=\"rub\" value=\"{$rub}\">\n\t\t<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n\t\t<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n\t\t<input type=\"hidden\" name=\"action\" value=\"add_vps_to_user\">\n\t\t<table border=\"0\">\n\t\t<tr><td style=\"text-align: right; white-space: nowrap;\">" . _("VPS Server hostname: ") . "</td>\n\t\t<td><select name=\"vps_server_ip\">{$vps_srvs}</select></td></tr>\n\t\t<tr><td style=\"text-align: right; white-space: nowrap;\">" . _("Product: ") . "</td>\n\t\t<td><select name=\"product_id\">{$vps_prods}</select></td></tr>\n\t\t<tr><td style=\"text-align: right; white-space: nowrap;\">" . _("Setup physical VPS (LVM): ") . "</td>\n\t\t<td><input type=\"radio\" name=\"physical_setup\" value=\"yes\">" . _("Yes") . "\n\t\t<input type=\"radio\" name=\"physical_setup\" value=\"no\" checked='checked'>" . _("No") . "</td></tr>\n\t\t<tr><td></td><td><div class=\"input_btn_container\" onMouseOver=\"this.className='input_btn_container-hover';\" onMouseOut=\"this.className='input_btn_container';\">\n <div class=\"input_btn_left\"></div>\n <div class=\"input_btn_mid\"><input class=\"input_btn\" type=\"submit\" value=\"Add VPS\"></div>\n <div class=\"input_btn_right\"></div>\n</div></td></tr></table></form>";
} else {
$domain_conf .= _("To add a VPS, you need to setup some free IPs VPS in the general config and setup some VPS products.");
}
// Deletion of dedicated
$q = "SELECT * FROM {$pro_mysql_dedicated_table} WHERE owner='{$adm_login}';";
$r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n > 0) {
$domain_conf .= "<br><br><h3>" . _("Delete one of the admin dedicated server:") . "</h3><br>";
for ($i = 0; $i < $n; $i++) {
$a = mysql_fetch_array($r);
if ($i > 0) {
$domain_conf .= " - ";
}
$domain_conf .= "<a href=\"?adm_login={$adm_login}&adm_pass={$adm_pass}&rub={$rub}&action=delete_a_dedicated&id=" . $a["id"] . "\"><b>" . $a["server_hostname"] . "</b></a>";
}
}
// Creation of dedicated servers
$q = "SELECT * FROM {$pro_mysql_product_table} WHERE heb_type='server' AND renew_prod_id='0';";
$r = mysql_query($q) or die("Cannot query {$q} line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
$n = mysql_num_rows($r);
$num_prods_vps = $n;
$server_prods = "";
for ($i = 0; $i < $n; $i++) {
$a = mysql_fetch_array($r);
$server_prods .= "<option value=\"" . $a["id"] . "\">" . $a["name"] . "</option>";
}
$domain_conf .= "<br><br><h3>" . _("Add a dedicated server for this admin:") . "</h3>\n\t<form action=\"?\">\n\t<input type=\"hidden\" name=\"rub\" value=\"{$rub}\">\n\t<input type=\"hidden\" name=\"adm_login\" value=\"{$adm_login}\">\n\t<input type=\"hidden\" name=\"adm_pass\" value=\"{$adm_pass}\">\n\t<input type=\"hidden\" name=\"action\" value=\"add_dedicated_to_user\">\n\t<table border=\"0\">\n\t<tr><td style=\"text-align: right; white-space: nowrap;\">" . _("Product: ") . "</td>\n\t\t<td><select name=\"product_id\">{$server_prods}</select></td></tr>\n\t<tr><td style=\"text-align: right; white-space: nowrap;\">" . _("Hostname: ") . "</td>\n\t\t<td><input type=\"text\" name=\"server_hostname\" value=\"\"></td>\n\t<tr><td style=\"text-align: right; white-space: nowrap;\">" . _("Country: ") . "</td>\n\t\t<td><select name=\"country\">{$cc_code_popup}</select></td>\n\t<tr><td></td><td>" . dtcApplyButton() . "</td></tr></table></form>";
$out = "<font size=\"-1\">\n<table>\n <tr>\n <td>{$domain_conf}</td><td background=\"gfx/border_2.gif\"> </td>\n <td>{$user_data}</td>\n </tr>\n</table>\n</font>\n";
return $out;
}
