function gen_page_dynamic_data(&$tpl, &$sql, $mail_id)
{
global $cfg;
if (isset($_POST['uaction']) && $_POST['uaction'] === 'enable_arsp') {
if ($_POST['arsp_message'] === '') {
$tpl->assign('ARSP_MESSAGE', '');
set_page_message(tr('Please type your mail autorespond message!'));
return;
}
$arsp_message = $_POST['arsp_message'];
$item_change_status = $cfg['ITEM_CHANGE_STATUS'];
check_for_lock_file();
$query = <<<SQL_QUERY
update
mail_users
set
status = ?,
mail_auto_respond = ?
where
mail_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($item_change_status, $arsp_message, $mail_id));
send_request();
write_log($_SESSION['user_logged'] . " : add mail autorsponder");
set_page_message(tr('Mail account scheduler for modification!'));
header("Location: email_accounts.php");
exit(0);
} else {
$tpl->assign('ARSP_MESSAGE', '');
}
}
function get_user_gui_props(&$sql, $user_id)
{
global $cfg;
$query = <<<SQL_QUERY
select
lang, layout
from
user_gui_props
where
user_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($user_id));
if ($rs->RecordCount() == 0) {
// values for user id
// some default staff
return array($cfg['USER_INITIAL_LANG'], $cfg['USER_INITIAL_THEME_COLOR']);
} else {
if ($rs->fields['lang'] === '' && $rs->fields['layout'] === '') {
return array($cfg['USER_INITIAL_LANG'], $cfg['USER_INITIAL_THEME_COLOR']);
} else {
if ($rs->fields['lang'] === '') {
return array($cfg['USER_INITIAL_LANG'], $rs->fields['layout']);
} else {
if ($rs->fields['layout'] === '') {
return array($rs->fields['lang'], $cfg['USER_INITIAL_THEME_COLOR']);
} else {
if ($rs->fields['layout'] === 'blue' || $rs->fields['layout'] === 'green' || $rs->fields['layout'] === 'red' || $rs->fields['layout'] === 'yellow') {
return array($rs->fields['lang'], $rs->fields['layout']);
}
}
}
}
}
return array($rs->fields['lang'], $cfg['USER_INITIAL_THEME_COLOR']);
}
/**
* @todo What's about the outcommented code?
*/
function update_server_settings()
{
$sql = EasySCP_Registry::get('Db');
if (!isset($_POST['uaction']) && !isset($_POST['uaction'])) {
return;
}
/*global $data;
$match = array();
preg_match("/^(-1|0|[1-9][0-9]*)$/D", $data, $match);*/
$max_traffic = clean_input($_POST['max_traffic']);
$traffic_warning = $_POST['traffic_warning'];
if (!is_numeric($max_traffic) || !is_numeric($traffic_warning)) {
set_page_message(tr('Wrong data input!'), 'warning');
}
if ($traffic_warning > $max_traffic) {
set_page_message(tr('Warning traffic is bigger than max traffic!'), 'warning');
return;
}
if ($max_traffic < 0) {
$max_traffic = 0;
}
if ($traffic_warning < 0) {
$traffic_warning = 0;
}
$query = "\n\t\tUPDATE\n\t\t\t`straff_settings`\n\t\tSET\n\t\t\t`straff_max` = ?,\n\t\t\t`straff_warn` = ?\n\t";
exec_query($sql, $query, array($max_traffic, $traffic_warning));
set_page_message(tr('Server traffic settings updated successfully!'), 'success');
}
/**
* Get mail data
*
* @throws iMSCP_Exception in case data are not found
* @param string $domainName Domain name
* @return array Array which contains mail data
*/
function cli_getMailData($domainName)
{
static $data = array();
if (!array_key_exists($domainName, $data)) {
$stmt = exec_query('SELECT domain_id FROM domain WHERE domain_name = ?', $domainName);
if ($stmt->rowCount()) {
$row = $stmt->fetchRow(PDO::FETCH_ASSOC);
$data[$domainName] = array('domain_id' => $row['domain_id'], 'sub_id' => '0', 'mail_type' => MT_NORMAL_MAIL);
} else {
$stmt = exec_query("\n\t\t\t\t\tSELECT\n\t\t\t\t\t\tdomain_id, subdomain_id\n\t\t\t\t\tFROM\n\t\t\t\t\t\tsubdomain\n\t\t\t\t\tINNER JOIN\n\t\t\t\t\t\tdomain USING(domain_id)\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tCONCAT(subdomain_name, '.', domain_name) = ?\n\t\t\t\t", $domainName);
if ($stmt->rowCount()) {
$row = $stmt->fetchRow(PDO::FETCH_ASSOC);
$data[$domainName] = array('domain_id' => $row['domain_id'], 'sub_id' => $row['subdomain_id'], 'mail_type' => MT_SUBDOM_MAIL);
} else {
$stmt = exec_query('SELECT domain_id FROM domain_aliasses WHERE alias_name = ?', $domainName);
if ($stmt->rowCount()) {
$row = $stmt->fetchRow(PDO::FETCH_ASSOC);
$data[$domainName] = array('domain_id' => $row['domain_id'], 'sub_id' => '0', 'mail_type' => MT_ALIAS_MAIL);
} else {
$stmt = exec_query("\n\t\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\t\tdomain_id, subdomain_alias_id\n\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\tsubdomain_alias\n\t\t\t\t\t\t\tINNER JOIN\n\t\t\t\t\t\t\t\tdomain_aliasses USING(alias_id)\n\t\t\t\t\t\t\tINNER JOIN\n\t\t\t\t\t\t\t\tdomain USING(domain_id)\n\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\tCONCAT(subdomain_alias_name, '.', alias_name) = ?\n\t\t\t\t\t\t", $domainName);
if ($stmt->rowCount()) {
$row = $stmt->fetchRow(PDO::FETCH_ASSOC);
$data[$domainName] = array('domain_id' => $row['domain_id'], 'sub_id' => $row['subdomain_alias_id'], 'mail_type' => MT_ALSSUB_MAIL);
} else {
$data[$domainName] = null;
}
}
}
}
}
if ($data[$domainName] !== null) {
return $data[$domainName];
}
throw new iMSCP_Exception('This script can only add mail accounts for domains which are already managed by i-MSCP.');
}
function gen_db_list(&$tpl, &$sql, $user_id)
{
$dmn_id = get_user_domain_id($sql, $user_id);
$query = <<<SQL_QUERY
select
sqld_id, sqld_name
from
sql_database
where
domain_id = ?
order by
sqld_name
SQL_QUERY;
$rs = exec_query($sql, $query, array($dmn_id));
if ($rs->RecordCount() == 0) {
set_page_message(tr('Database list is empty!'));
$tpl->assign('DB_LIST', '');
} else {
while (!$rs->EOF) {
$db_id = $rs->fields['sqld_id'];
$db_name = $rs->fields['sqld_name'];
gen_db_user_list($tpl, $sql, $db_id);
$tpl->assign(array('DB_ID' => "{$db_id}", 'DB_NAME' => "{$db_name}"));
$tpl->parse('DB_LIST', '.db_list');
$rs->MoveNext();
}
}
}
function construire_tableau($theme = 0, $pertinence = 0, $diff = 0, $nbQuestions)
{
$connexion = connect($host, $port, $user, $password, $database);
//On récupère un recordset correspondant aux critères
$query = "SELECT Q.noq, Q.question, Q.reponse " . "FROM questions Q";
/* ", sujets S, themes T, pertinences P, difficultes D ".
"WHERE Q.noq = S.noq AND S.theme = T.theme AND ".
"S.pertinence = P.pertinence AND S.difficulte = D.difficulte".
"AND S.theme = ". $theme ." AND S.pertinence = ". $pertinence ." AND S.difficulte = ". $diff .";";
*/
$result = exec_query($connexion, $query);
$Nbr = numrows($result);
echo "Nombre d'enregistrements : " . $Nbr . "<BR>";
//Organisation aléatoire des questions
$ints = range(0, $Nbr - 1);
srand(time());
shuffle($ints);
if ($Nbr < $nbQuestions) {
$nbQuestions = $Nbr;
}
// On construit le tableau permettant de trier aléatoirement
for ($i = 0; $i < $nbQuestions && ($row = fetch_array($result, $ints[$i])); $i++) {
echo "libelle Q : " . $row[1] . "<BR>";
$tabQ[$i][0] = $row[0];
// recuperation du numero,
$tabQ[$i][1] = $row[1];
// du libelle,
$tabQ[$i][2] = $row[2];
// de la reponse a la question
}
close($connexion);
return $tabQ;
}
function gen_htaccess_entries(&$tpl, &$sql, &$dmn_id)
{
$query = <<<SQL_QUERY
select
*
from
htaccess
where
dmn_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($dmn_id));
if ($rs->RecordCount() == 0) {
$tpl->assign('PROTECTED_AREAS', '');
set_page_message(tr('You do not have protected areas'));
} else {
$counter = 0;
while (!$rs->EOF) {
if ($counter % 2 == 0) {
$tpl->assign('CLASS', 'content');
} else {
$tpl->assign('CLASS', 'content2');
}
$id = $rs->fields['id'];
$user_id = $rs->fields['user_id'];
$group_id = $rs->fields['group_id'];
$status = $rs->fields['status'];
$path = $rs->fields['path'];
$auth_name = $rs->fields['auth_name'];
$tpl->assign(array('AREA_NAME' => $auth_name, 'AREA_PATH' => $path, 'PID' => $id, 'STATUS' => translate_dmn_status($status)));
$tpl->parse('DIR_ITEM', '.dir_item');
$rs->MoveNext();
$counter++;
}
}
}
/**
* Updates htaccess user.
*
* @param int $dmn_id Domain unique identifier
* @param int $uuser_id Htaccess user unique identifier
* @return
*/
function client_updateHtaccessUser(&$dmn_id, &$uuser_id)
{
if (isset($_POST['uaction']) && $_POST['uaction'] == 'modify_user') {
// we have to add the user
if (isset($_POST['pass']) && isset($_POST['pass_rep'])) {
if (!checkPasswordSyntax($_POST['pass'])) {
return;
}
if ($_POST['pass'] !== $_POST['pass_rep']) {
set_page_message(tr("Passwords do not match."), 'error');
return;
}
$nadmin_password = cryptPasswordWithSalt($_POST['pass'], generateRandomSalt(true));
$change_status = 'tochange';
$query = "\n\t\t\t\tUPDATE\n\t\t\t\t\t`htaccess_users`\n\t\t\t\tSET\n\t\t\t\t\t`upass` = ?, `status` = ?\n\t\t\t\tWHERE\n\t\t\t\t\t`dmn_id` = ?\n\t\t\t\tAND\n\t\t\t\t\t`id` = ?\n\t\t\t";
exec_query($query, array($nadmin_password, $change_status, $dmn_id, $uuser_id));
send_request();
$query = "\n\t\t\t\tSELECT\n\t\t\t\t\t`uname`\n\t\t\t\tFROM\n\t\t\t\t\t`htaccess_users`\n\t\t\t\tWHERE\n\t\t\t\t\t`dmn_id` = ?\n\t\t\t\tAND\n\t\t\t\t\t`id` = ?\n\t\t\t";
$rs = exec_query($query, array($dmn_id, $uuser_id));
$uname = $rs->fields['uname'];
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: updated htaccess user ID: {$uname}", E_USER_NOTICE);
redirectTo('protected_user_manage.php');
}
} else {
return;
}
}
function padd_group($tpl, $sql, $dmn_id)
{
$cfg = EasySCP_Registry::get('Config');
if (isset($_POST['uaction']) && $_POST['uaction'] == 'add_group') {
// we have to add the group
if (isset($_POST['groupname'])) {
if (!validates_username($_POST['groupname'])) {
set_page_message(tr('Invalid group name!'), 'warning');
return;
}
$groupname = $_POST['groupname'];
$query = "\n\t\t\t\tSELECT\n\t\t\t\t\t`id`\n\t\t\t\tFROM\n\t\t\t\t\t`htaccess_groups`\n\t\t\t\tWHERE\n\t\t\t\t\t`ugroup` = ?\n\t\t\t\tAND\n\t\t\t\t\t`dmn_id` = ?\n\t\t\t";
$rs = exec_query($sql, $query, array($groupname, $dmn_id));
if ($rs->recordCount() == 0) {
$change_status = $cfg->ITEM_ADD_STATUS;
$query = "\n\t\t\t\t\tINSERT INTO `htaccess_groups`\n\t\t\t\t\t\t(`dmn_id`, `ugroup`, `status`)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t(?, ?, ?)\n\t\t\t\t";
exec_query($sql, $query, array($dmn_id, $groupname, $change_status));
send_request();
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: add group (protected areas): {$groupname}");
user_goto('protected_user_manage.php');
} else {
set_page_message(tr('Group already exists!'), 'error');
return;
}
} else {
set_page_message(tr('Invalid group name!'), 'error');
return;
}
} else {
return;
}
}
function update_password()
{
global $sql;
if (isset($_POST['uaction']) && $_POST['uaction'] === 'updt_pass') {
if (!vhcs_password_check($_POST['pass'], 20)) {
set_page_message(tr('Incorrect password range or syntax!'));
} else {
if ($_POST['pass'] === '' || $_POST['pass_rep'] === '') {
set_page_message(tr('Please fill up both data fields!'));
} else {
if ($_POST['pass'] !== $_POST['pass_rep']) {
set_page_message(tr('Passwords does not match!'));
} else {
$upass = crypt_user_pass($_POST['pass']);
$user_id = $_SESSION['user_id'];
$query = <<<SQL_QUERY
update
admin
set
admin_pass = ?
where
admin_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($upass, $user_id));
set_page_message(tr('User password updated successfully!'));
}
}
}
}
}
function gen_user_sessions(&$tpl, &$sql)
{
$query = <<<SQL_QUERY
select
*
from
login
SQL_QUERY;
$rs = exec_query($sql, $query, array());
$row = 1;
while (!$rs->EOF) {
if ($row++ % 2 == 0) {
$tpl->assign(array('ADMIN_CLASS' => 'content2'));
} else {
$tpl->assign(array('ADMIN_CLASS' => 'content'));
}
$tpl->assign(array('ADMIN_USERNAME' => $rs->fields['session_id'], 'LOGIN_TIME' => date("G:i:s", $rs->fields['lastaccess'])));
if ($_SESSION['user_logged'] === $rs->fields['session_id']) {
$tpl->assign('KILL_LINK', 'manage_sessions.php');
} else {
$tpl->assign('KILL_LINK', 'manage_sessions.php?kill=' . $rs->fields['session_id']);
}
$tpl->parse('USER_SESSION', '.user_session');
$rs->MoveNext();
}
}
/**
* client_generatePageLists.
*
* @param iMSCP_pTemplate $tpl Template engine instance
* @return void
*/
function client_generatePageLists($tpl)
{
$domainProperties = get_domain_default_props($_SESSION['user_id']);
$stmt = exec_query('SELECT created_by FROM admin WHERE admin_id = ?', $_SESSION['user_id']);
$software_poss = gen_software_list($tpl, $domainProperties['domain_id'], $stmt->fields['created_by']);
$tpl->assign('TOTAL_SOFTWARE_AVAILABLE', $software_poss);
}
function getListOfBuyClicks($dt)
{
global $mycatid;
$str = "";
$lnk = dbConnect('localhost', 'root', 'lyntik');
$query = "SELECT b.fdate as fdate,b.ip as cip,b.goodid as gid,b.name as sname,b.source as src,b.price as price FROM buylog b WHERE b.date='{$dt}' AND b.mycat_id={$mycatid} ORDER BY b.ip,b.fdate";
$res = exec_query($query);
$ip = "0.0.0.0";
$i = 0;
$str .= "<div class=\"all_clicks\">";
$str .= "<div class=\"click_row_title\">\n <div class=\"left click_date title\">Дата</div>\n <div class=\"left click_id title\">ID товара</div>\n <div class=\"left click_name title\">Наименование</div>\n <div class=\"left click_id title\">Цена</div>\n <div class=\"left click_name title\">Источник</div>\n " . closeFloat() . "\n </div>";
if (mysql_num_rows($res) == 0) {
$str .= "<div>За выбранную дату нажатий не было</div>";
} else {
while ($rows = fetch_array($res)) {
if ($ip != $rows['cip']) {
$ip = $rows['cip'];
if ($i != 0) {
$str .= "</div>";
}
$str .= "<div class=\"ipclicks\">";
$str .= "<div class=\"client_ip\">Клики с адреса:<b>" . $rows['cip'] . "</b></div>";
}
$str .= "<div class=\"click_row\">\n <div class=\"left click_date\">" . $rows['fdate'] . "</div>\n <div class=\"left click_id\">" . $rows['gid'] . "</div>\n <div class=\"left click_name\">" . $rows['sname'] . "</div>\n <div class=\"left click_id\">" . $rows['price'] . "</div>\n <div class=\"left click_name\">" . $rows['src'] . "</div>\n " . closeFloat() . "\n </div>";
}
$str .= "</div>";
}
$str .= "</div></div>";
mysql_free_result($res);
dbDisconnect($lnk);
return $str;
}
/**
* Schedule backup restoration.
*
* @param int $userId Customer unique identifier
* @return void
*/
function scheduleBackupRestoration($userId)
{
exec_query("UPDATE `domain` SET `domain_status` = ? WHERE `domain_admin_id` = ?", array('torestore', $userId));
send_request();
write_log($_SESSION['user_logged'] . ": scheduled backup restoration.", E_USER_NOTICE);
set_page_message(tr('Backup has been successfully scheduled for restoration.'), 'success');
}
function send_user_message(&$sql, $user_id, $reseller_id)
{
if (!isset($_POST['uaction'])) {
return;
}
if ($_POST['subj'] === '') {
set_page_message(tr('Please specify message subject!'));
return;
}
if ($_POST['user_message'] === '') {
set_page_message(tr('Please type your message!'));
return;
}
$ticket_date = time();
$urgency = $_POST['urgency'];
$subj = $_POST['subj'];
$user_message = preg_replace("/\n/", "<br>", $_POST["user_message"]);
$ticket_status = 1;
$ticket_reply = 0;
$ticket_level = 1;
$query = <<<SQL_QUERY
insert into tickets
(ticket_level, ticket_from, ticket_to,
ticket_status, ticket_reply, ticket_urgency,
ticket_date, ticket_subject, ticket_message)
values
(?, ?, ?, ?, ?, ?, ?, ?, ?)
SQL_QUERY;
$rs = exec_query($sql, $query, array($ticket_level, $user_id, $reseller_id, $ticket_status, $ticket_reply, $urgency, $ticket_date, htmlspecialchars($subj, ENT_QUOTES, "UTF-8"), htmlspecialchars($user_message, ENT_QUOTES, "UTF-8")));
send_tickets_msg($reseller_id, $user_id, $subj);
set_page_message(tr('Your message was sent!'));
header("Location: support_system.php");
exit(0);
}
function update_reseller_personal_data(&$sql, $user_id)
{
$fname = htmlspecialchars($_POST['fname'], ENT_QUOTES, "UTF-8");
$lname = htmlspecialchars($_POST['lname'], ENT_QUOTES, "UTF-8");
$firm = htmlspecialchars($_POST['firm'], ENT_QUOTES, "UTF-8");
$zip = htmlspecialchars($_POST['zip'], ENT_QUOTES, "UTF-8");
$city = htmlspecialchars($_POST['city'], ENT_QUOTES, "UTF-8");
$country = htmlspecialchars($_POST['country'], ENT_QUOTES, "UTF-8");
$street1 = htmlspecialchars($_POST['street1'], ENT_QUOTES, "UTF-8");
$street2 = htmlspecialchars($_POST['street2'], ENT_QUOTES, "UTF-8");
$email = htmlspecialchars($_POST['email'], ENT_QUOTES, "UTF-8");
$phone = htmlspecialchars($_POST['phone'], ENT_QUOTES, "UTF-8");
$fax = htmlspecialchars($_POST['fax'], ENT_QUOTES, "UTF-8");
$query = <<<SQL_QUERY
update
admin
set
fname = ?,
lname = ?,
firm = ?,
zip = ?,
city = ?,
country = ?,
email = ?,
phone = ?,
fax = ?,
street1 = ?,
street2 = ?
where
admin_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($fname, $lname, $firm, $zip, $city, $country, $email, $phone, $fax, $street1, $street2, $user_id));
set_page_message(tr('Personal data updated successfully!'));
}
/**
* Adds Htaccess group.
*
* @param int $domainId Domain unique identifier
* @return
*/
function client_addHtaccessGroup($domainId)
{
if (isset($_POST['uaction']) && $_POST['uaction'] == 'add_group') {
// we have to add the group
if (isset($_POST['groupname'])) {
if (!validates_username($_POST['groupname'])) {
set_page_message(tr('Invalid group name!'), 'error');
return;
}
$groupname = $_POST['groupname'];
$query = "\n\t\t\t\tSELECT\n\t\t\t\t\t`id`\n\t\t\t\tFROM\n\t\t\t\t\t`htaccess_groups`\n\t\t\t\tWHERE\n\t\t\t\t\t`ugroup` = ?\n\t\t\t\tAND\n\t\t\t\t\t`dmn_id` = ?\n\t\t\t";
$rs = exec_query($query, array($groupname, $domainId));
if ($rs->rowCount() == 0) {
$change_status = 'toadd';
$query = "\n\t\t\t\t\tINSERT INTO `htaccess_groups` (\n\t\t\t\t\t `dmn_id`, `ugroup`, `status`\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t ?, ?, ?\n\t\t\t\t\t)\n\t\t\t\t";
exec_query($query, array($domainId, $groupname, $change_status));
send_request();
set_page_message(tr('Htaccess group successfully scheduled for addition.'), 'success');
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: added htaccess group: {$groupname}", E_USER_NOTICE);
redirectTo('protected_user_manage.php');
} else {
set_page_message(tr('This htaccess group already exists.'), 'error');
return;
}
} else {
set_page_message(tr('Invalid htaccess group name.'), 'error');
return;
}
} else {
return;
}
}
function gen_page_ftp_list(&$tpl, &$sql, $dmn_id, $dmn_name)
{
$query = <<<SQL_QUERY
select gid, members from ftp_group where groupname = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($dmn_name));
if ($rs->RecordCount() == 0) {
$tpl->assign(array('FTP_MSG' => tr('FTP list is empty!'), 'FTP_ITEM' => '', 'FTPS_TOTAL' => ''));
$tpl->parse('FTP_MESSAGE', 'ftp_message');
} else {
$tpl->assign('FTP_MESSAGE', '');
$ftp_accs = split(',', $rs->fields['members']);
for ($i = 0; $i < count($ftp_accs); $i++) {
if ($i % 2 == 0) {
$tpl->assign('ITEM_CLASS', 'content');
} else {
$tpl->assign('ITEM_CLASS', 'content2');
}
$ftp_accs_encode[$i] = decode_idna($ftp_accs[$i]);
$tpl->assign(array('FTP_ACCOUNT' => $ftp_accs_encode[$i], 'UID' => $ftp_accs[$i]));
$tpl->parse('FTP_ITEM', '.ftp_item');
}
$tpl->assign('TOTAL_FTP_ACCOUNTS', count($ftp_accs));
}
}
/**
* @param EasySCP_TemplateEngine $tpl
* @param EasySCP_Database $sql
* @param int $dmn_id
*/
function gen_pgroups($tpl, $sql, &$dmn_id)
{
$cfg = EasySCP_Registry::get('Config');
$query = "\n\t\tSELECT\n\t\t\t*\n\t\tFROM\n\t\t\t`htaccess_groups`\n\t\tWHERE\n\t\t\t`dmn_id` = ?\n\t\tORDER BY\n\t\t\t`dmn_id` DESC\n\t";
$rs = exec_query($sql, $query, $dmn_id);
if ($rs->recordCount() == 0) {
$tpl->assign('GROUP_MESSAGE', tr('You have no groups!'));
} else {
while (!$rs->EOF) {
$tpl->append(array('GNAME' => tohtml($rs->fields['ugroup']), 'GSTATUS' => translate_dmn_status($rs->fields['status']), 'GROUP_ID' => $rs->fields['id'], 'GROUP_DELETE' => tr('Delete'), 'GROUP_DELETE_SCRIPT' => $rs->fields['status'] === $cfg->ITEM_OK_STATUS && $rs->fields['ugroup'] != $cfg->AWSTATS_GROUP_AUTH ? "action_delete('protected_group_delete.php?gname=" . $rs->fields['id'] . "', '" . $rs->fields['ugroup'] . "')" : tr('N/A')));
if ($rs->fields['members'] != '') {
$group_members = '';
$members = explode(',', $rs->fields['members']);
$cnt_members = count($members);
for ($i = 0; $i < $cnt_members; $i++) {
$query = "\n\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\t`uname`\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t`htaccess_users`\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`id` = ?\n\t\t\t\t\t";
$rs_members = exec_query($sql, $query, $members[$i]);
if ($cnt_members == 1 || $cnt_members == $i + 1) {
$group_members .= tohtml($rs_members->fields['uname']);
} else {
$group_members .= tohtml($rs_members->fields['uname']) . ', ';
}
}
$tpl->append('MEMBER', $group_members);
} else {
$tpl->append('MEMBER', '');
}
$rs->moveNext();
}
}
}
public static function check_udata($id, $pass)
{
$sql = EasySCP_Registry::get('Db');
$query = "\n\t\t\tSELECT\n\t\t\t\t`admin_id`, `admin_pass`\n\t\t\tFROM\n\t\t\t\t`admin`\n\t\t\tWHERE\n\t\t\t\t`admin_id` = ?\n\t\t\tAND\n\t\t\t\t`admin_pass` = ?\n\t\t";
$rs = exec_query($sql, $query, array($id, md5($pass)));
return $rs->recordCount() != 1 ? false : true;
}
/**
* Generate page
*
* @param iMSCP_pTemplate $tpl Template engine
* @return void
*/
function generatePage($tpl)
{
$stmt = exec_query('SELECT admin_id FROM admin WHERE created_by = ?', intval($_SESSION['user_id']));
while ($row = $stmt->fetchRow(PDO::FETCH_ASSOC)) {
_generateUserStatistics($tpl, $row['admin_id']);
$tpl->parse('USER_STATISTICS_ENTRY_BLOCK', '.user_statistics_entry_block');
}
}
/**
* Generates page.
*
* @param iMSCP_pTemplate $tpl Template engine instance
*/
function reseller_generatePage($tpl)
{
/** @var $cfg iMSCP_Config_Handler_File */
$cfg = iMSCP_Registry::get('config');
$query = "SELECT domain_created from admin where admin_id = ?";
$stmt = exec_query($query, (int) $_SESSION['user_id']);
$tpl->assign(array('TR_ACCOUNT_SUMMARY' => tr('Account summary'), 'TR_USERNAME' => tr('Username'), 'USERNAME' => tohtml($_SESSION['user_logged']), 'TR_ACCOUNT_TYPE' => tr('Account type'), 'ACCOUNT_TYPE' => $_SESSION['user_type'], 'TR_REGISTRATION_DATE' => tr('Registration date'), 'REGISTRATION_DATE' => $stmt->fields['domain_created'] != 0 ? date($cfg->DATE_FORMAT, $stmt->fields['domain_created']) : tr('Unknown')));
}
function padd_user(&$tpl, &$sql, &$dmn_id)
{
if (isset($_POST['uaction']) && $_POST['uaction'] == 'add_user') {
// we have user to add
if (isset($_POST['username']) && isset($_POST['pass']) && isset($_POST['pass_rep'])) {
if (chk_username($_POST['username']) > 0) {
set_page_message(tr('Wrong username!'));
return;
}
if (chk_password($_POST['pass']) > 0) {
set_page_message(tr('Incorrect password range or syntax!'));
return;
}
if ($_POST['pass'] !== $_POST['pass_rep']) {
set_page_message(tr('Passwords does not match!'));
return;
}
$uname = $_POST['username'];
$upass = crypt($_POST['pass']);
$query = <<<SQL_QUERY
select
\t\t\tid
from
htaccess_users
where
uname = ?
\t\t\t and
\t\t\t dmn_id = ?
SQL_QUERY;
$rs = exec_query($sql, $query, array($uname, $dmn_id));
if ($rs->RecordCount() == 0) {
$query = <<<SQL_QUERY
insert into htaccess_users
(dmn_id, uname, upass)
values
(?, ?, ?)
SQL_QUERY;
$rs = exec_query($sql, $query, array($dmn_id, $uname, $upass));
$admin_login = $_SESSION['user_logged'];
write_log("{$admin_login}: add user (protected areas) -> {$uname}");
header('Location: puser_manage.php');
die;
} else {
set_page_message(tr('User already exist !'));
return;
}
}
} else {
return;
}
}
/**
* Check if a database with same name already exists
*
* @param EasySCP_Database $sql EasySCP_Database instance
* @param string $db_name database name to be checked
* @return boolean TRUE if database exists, false otherwise
*/
function check_db_name($sql, $db_name)
{
$rs = exec_query($sql, 'SHOW DATABASES');
while (!$rs->EOF) {
if ($db_name == $rs->fields['Database']) {
return true;
}
$rs->moveNext();
}
return false;
}
/**
* Check admin current password.
*
* @access private
* @param string $password Admin current password
* @return bool TRUE if current password is valid, FALSE otherwise
*/
function _reseller_checkCurrentPassword($password)
{
$stmt = exec_query('SELECT `admin_pass` FROM `admin` WHERE `admin_id` = ?', $_SESSION['user_id']);
if (!$stmt->rowCount()) {
set_page_message(tr('Unable to retrieve your password from the database.'), 'error');
return false;
} elseif (cryptPasswordWithSalt($password, $stmt->fields['admin_pass']) !== $stmt->fields['admin_pass']) {
return false;
}
return true;
}
/**
* Generates statistics page for the given period
*
* @param iMSCP_pTemplate $tpl template engine instance
* @return void
*/
function generatePage($tpl)
{
if (isset($_GET['month']) && isset($_GET['year'])) {
$year = intval($_GET['year']);
$month = intval($_GET['month']);
} else {
if (isset($_POST['month']) && isset($_POST['year'])) {
$year = intval($_POST['year']);
$month = intval($_POST['month']);
} else {
$month = date('m');
$year = date('y');
}
}
$stmt = exec_query('SELECT traff_time FROM server_traffic ORDER BY traff_time ASC LIMIT 1');
if ($stmt->rowCount()) {
$row = $stmt->fetchRow(PDO::FETCH_ASSOC);
$numberYears = date('y') - date('y', $row['traff_time']);
$numberYears = $numberYears ? $numberYears + 1 : 1;
} else {
$numberYears = 1;
}
generateMonthsAndYearsHtmlList($tpl, $month, $year, $numberYears);
$stmt = exec_query('SELECT bytes_in FROM server_traffic WHERE traff_time BETWEEN ? AND ? LIMIT 1', array(getFirstDayOfMonth($month, $year), getLastDayOfMonth($month, $year)));
if ($stmt->rowCount()) {
if ($month == date('m') && $year == date('y')) {
$curday = date('j');
} else {
$curday = date('j', getLastDayOfMonth($month, $year));
}
$all = array_fill(0, 8, 0);
for ($day = 1; $day <= $curday; $day++) {
$beginDate = mktime(0, 0, 0, $month, $day, $year);
$endDate = mktime(23, 59, 59, $month, $day, $year);
list($webIn, $webOut, $smtpIn, $smtpOut, $popIn, $popOut, $otherIn, $otherOut, $allIn, $allOut) = _getServerTraffic($beginDate, $endDate);
$tpl->assign(array('DAY' => tohtml($day), 'YEAR' => tohtml($year), 'MONTH' => tohtml($month), 'WEB_IN' => tohtml(bytesHuman($webIn)), 'WEB_OUT' => tohtml(bytesHuman($webOut)), 'SMTP_IN' => tohtml(bytesHuman($smtpIn)), 'SMTP_OUT' => tohtml(bytesHuman($smtpOut)), 'POP_IN' => tohtml(bytesHuman($popIn)), 'POP_OUT' => tohtml(bytesHuman($popOut)), 'OTHER_IN' => tohtml(bytesHuman($otherIn)), 'OTHER_OUT' => tohtml(bytesHuman($otherOut)), 'ALL_IN' => tohtml(bytesHuman($allIn)), 'ALL_OUT' => tohtml(bytesHuman($allOut)), 'ALL' => tohtml(bytesHuman($allIn + $allOut)), 'DAY_STATS_QSTRING' => tohtml("year={$year}&month={$month}&day={$day}", 'htmlAttr')));
$all[0] += $webIn;
$all[1] += $webOut;
$all[2] += $smtpIn;
$all[3] += $smtpOut;
$all[4] += $popIn;
$all[5] += $popOut;
$all[6] += $allIn;
$all[7] += $allOut;
$tpl->parse('DAY_SERVER_STATISTICS_BLOCK', '.day_server_statistics_block');
}
$allOtherIn = $all[6] - ($all[0] + $all[2] + $all[4]);
$allOtherOut = $all[7] - ($all[1] + $all[3] + $all[5]);
$tpl->assign(array('WEB_IN_ALL' => tohtml(bytesHuman($all[0])), 'WEB_OUT_ALL' => tohtml(bytesHuman($all[1])), 'SMTP_IN_ALL' => tohtml(bytesHuman($all[2])), 'SMTP_OUT_ALL' => tohtml(bytesHuman($all[3])), 'POP_IN_ALL' => tohtml(bytesHuman($all[4])), 'POP_OUT_ALL' => tohtml(bytesHuman($all[5])), 'OTHER_IN_ALL' => tohtml(bytesHuman($allOtherIn)), 'OTHER_OUT_ALL' => tohtml(bytesHuman($allOtherOut)), 'ALL_IN_ALL' => tohtml(bytesHuman($all[6])), 'ALL_OUT_ALL' => tohtml(bytesHuman($all[7])), 'ALL_ALL' => tohtml(bytesHuman($all[6] + $all[7]))));
} else {
set_page_message(tr('No statistics found for the given period. Try another period.'), 'static_info');
$tpl->assign('SERVER_STATISTICS_BLOCK', '');
}
}
function gen_packages_list(&$tpl, &$sql, $user_id)
{
global $cfg;
if (isset($cfg['HOSTING_PLANS_LEVEL']) && $cfg['HOSTING_PLANS_LEVEL'] === 'admin') {
$query = <<<SQL_QUERY
\t\t\tselect
\t\t\t\tt1.*,
\t\t\t\tt2.admin_id, t2.admin_type
\t\t\tfrom
\t\t\t\thosting_plans as t1,
\t\t\t\tadmin as t2
\t\t\twhere
\t\t\t\tt2.admin_type=?
\t\t\tand
\t\t\t\tt1.reseller_id = t2.admin_id
\t\t\tand
\t\t\t\tt1.status=1
\t\t\torder by
\t\t\t\tt1.id
SQL_QUERY;
$rs = exec_query($sql, $query, array('admin'));
} else {
$query = <<<SQL_QUERY
\t\t\t\tselect
\t\t\t\t\t*
\t\t\t\tfrom
\t\t\t\t\thosting_plans
\t\t\t\twhere
\t\t\t\t\treseller_id = ?
\t\t\t\t and
\t\t\t\t\tstatus = '1'
SQL_QUERY;
$rs = exec_query($sql, $query, array($user_id));
}
if ($rs->RecordCount() == 0) {
system_message(tr('No available hosting packages'));
} else {
while (!$rs->EOF) {
$description = $rs->fields['description'];
if ($description == '') {
$description = '';
}
$price = $rs->fields['price'];
if ($price == 0 || $price == '') {
$price = "/ " . tr('free of charge');
} else {
$price = "/ " . $price . " " . $rs->fields['value'] . " " . $rs->fields['payment'];
}
$tpl->assign(array('PACK_NAME' => $rs->fields['name'], 'PACK_ID' => $rs->fields['id'], 'USER_ID' => $user_id, 'PURCHASE' => tr('Purchase'), 'PACK_INFO' => $description, 'PRICE' => $price));
$tpl->parse('PURCHASE_LIST', '.purchase_list');
$rs->MoveNext();
}
}
}
function set_email_tpl_data($admin_id, $tpl_name, $data)
{
$sql = EasySCP_Registry::get('Db');
$query = "\n\t\tSELECT\n\t\t\t`subject`, `message`\n\t\tFROM\n\t\t\t`email_tpls`\n\t\tWHERE\n\t\t\t`owner_id` = ?\n\t\tAND\n\t\t\t`name` = ?\n\t";
$rs = exec_query($sql, $query, array($admin_id, $tpl_name));
if ($rs->rowCount() == 0) {
$query = "\n\t\t\tINSERT INTO `email_tpls`\n\t\t\t\t(`subject`, `message`, `owner_id`, `name`)\n\t\t\tVALUES\n\t\t\t\t(?, ?, ?, ?)\n\t\t";
} else {
$query = "\n\t\t\tUPDATE\n\t\t\t\t`email_tpls`\n\t\t\tSET\n\t\t\t\t`subject` = ?,\n\t\t\t\t`message` = ?\n\t\t\tWHERE\n\t\t\t\t`owner_id` = ?\n\t\t\tAND\n\t\t\t\t`name` = ?\n\t\t";
}
exec_query($sql, $query, array($data['subject'], $data['message'], $admin_id, $tpl_name));
}
/**
* Generates page
*
* @param iMSCP_pTemplate $tpl Template engine instance
* @param int $resellerId Reseller unique identifier
* @return void
*/
function generatePage($tpl, $resellerId)
{
$stmt = exec_query('SELECT admin_id FROM admin WHERE created_by = ?', $resellerId);
if ($stmt->rowCount()) {
while ($row = $stmt->fetchRow(PDO::FETCH_ASSOC)) {
_generateUserStatistics($tpl, $row['admin_id']);
$tpl->parse('RESELLER_USER_STATISTICS_BLOCK', '.reseller_user_statistics_block');
}
} else {
$tpl->assign('RESELLER_USER_STATISTICS_BLOCK', '');
}
}
function send_backup_restore_request($sql, $user_id)
{
if (isset($_POST['uaction']) && $_POST['uaction'] === 'bk_restore') {
$query = "\n\t\t\tUPDATE\n\t\t\t\t`domain`\n\t\t\tSET\n\t\t\t\t`status` = 'restore'\n\t\t\tWHERE\n\t\t\t\t`domain_admin_id` = ?\n\t\t";
exec_query($sql, $query, $user_id);
send_request();
write_log($_SESSION['user_logged'] . ": restore backup files.");
set_page_message(tr('Backup archive scheduled for restoring!'), 'success');
}
}
