function validateWaitingUser($waiting_login_id)
{
global $conf_administrative_site;
global $conf_use_ssl;
global $pro_mysql_admin_table;
global $pro_mysql_client_table;
global $pro_mysql_new_admin_table;
global $pro_mysql_product_table;
global $pro_mysql_vps_ip_table;
global $pro_mysql_vps_server_table;
global $pro_mysql_completedorders_table;
global $pro_mysql_domain_table;
global $dtcshared_path;
global $txt_userwaiting_account_activated_subject;
global $txt_userwaiting_account_activated_text_header;
global $conf_site_root_host_path;
global $conf_demo_version;
global $conf_use_ssl;
global $conf_webmaster_email_addr;
global $conf_this_server_country_code;
global $conf_message_subject_header;
global $console;
//get affiliate cookie
if (isset($_COOKIE["affiliate"]) && isMailbox($affiliatename)) {
$affiliatename = $_COOKIE["affiliate"];
}
if (isset($affiliatename)) {
//Step 1: validate that the affiliatename exists
$q = "SELECT * FROM {$pro_mysql_admin_table} WHERE adm_login='******';";
$r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
if (mysql_num_rows($r) != 1) {
unset($affiliatename);
}
// at this point, we should have an affiliatename
}
// Get the informations from the user waiting table
$q = "SELECT * FROM {$pro_mysql_new_admin_table} WHERE id='{$waiting_login_id}';";
// $q = "SELECT * FROM $pro_mysql_new_admin_table WHERE reqadm_login='******';";
$r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($n != 1) {
die("I can't find username with id {$waiting_login_id} in the userwaiting table line: " . __LINE__ . " file: " . __FILE__ . "!");
}
$a = mysql_fetch_array($r);
$waiting_login = $a["reqadm_login"];
$last_used_lang = $a["last_used_lang"];
// Check if there is a user by that name
$q = "SELECT * FROM {$pro_mysql_admin_table} WHERE adm_login='******';";
$r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
$n = mysql_num_rows($r);
if ($a["add_service"] == "yes") {
if ($n != 1) {
die("There is no user with name {$waiting_login} in database: I can't add a service to it line: " . __LINE__ . " file: " . __FILE__ . "!");
}
$existing_admin = mysql_fetch_array($r);
$cid = $existing_admin["id_client"];
$vps_root_pass = $existing_admin["adm_pass"];
} else {
if ($n != 0) {
die("There is already a user with name {$waiting_login} in database: I can't add another one line: " . __LINE__ . " file: " . __FILE__ . "!");
}
$vps_root_pass = $a["reqadm_pass"];
}
// Calculate user's path with default path
$newadmin_path = $conf_site_root_host_path . "/" . $waiting_login;
// Create admin's directory
if ($conf_demo_version == "no" && $a["add_service"] != "yes") {
$oldumask = umask(0);
if (!file_exists($newadmin_path)) {
mkdir("{$newadmin_path}", 0750);
$console .= "mkdir {$newadmin_path};<br>";
}
}
// Get the informations from the product table
$q2 = "SELECT * FROM {$pro_mysql_product_table} WHERE id='" . $a["product_id"] . "'";
$r2 = mysql_query($q2) or die("Cannot execute query \"{$q2}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
$n2 = mysql_num_rows($r2);
if ($n2 != 1) {
die("I can't find the product in the table line: " . __LINE__ . " file: " . __FILE__ . "!");
}
$a2 = mysql_fetch_array($r2);
// Add customer's info to production table
if ($a["add_service"] != "yes") {
$adm_query = "INSERT INTO {$pro_mysql_client_table}\n(id,is_company,company_name,vat_num,familyname,christname,addr1,addr2,addr3,\ncity,zipcode,state,country,phone,fax,email,\ndisk_quota_mb,bw_quota_per_month_gb,\nspecial_note) VALUES ('','" . $a["iscomp"] . "',\n'" . addslashes($a["comp_name"]) . "','" . addslashes($a["vat_num"]) . "','" . addslashes($a["family_name"]) . "','" . addslashes($a["first_name"]) . "',\n'" . addslashes($a["addr1"]) . "','" . addslashes($a["addr2"]) . "','" . addslashes($a["addr3"]) . "','" . addslashes($a["city"]) . "',\n'" . addslashes($a["zipcode"]) . "','" . addslashes($a["state"]) . "','" . addslashes($a["country"]) . "','" . addslashes($a["phone"]) . "',\n'" . addslashes($a["fax"]) . "','" . addslashes($a["email"]) . "','" . $a2["quota_disk"] . "','" . $a2["bandwidth"] / 1024 . "',\n'" . addslashes($a["restricted_ftp_path"]) . "','" . addslashes($a["allow_dns_and_mx_change"]) . "',\n'" . addslashes($a["ftp_login_flag"]) . "','" . addslashes($a["allow_mailing_list_edit"]) . "','" . addslashes($a["allow_subdomain_edit"]) . "',\n'" . addslashes($a["custom_notes"]) . "');";
$r = mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
$cid = mysql_insert_id();
}
// Add user in database
$expires = calculateExpirationDate(date("Y-m-d"), $a2["period"]);
if ($a2["heb_type"] == "vps") {
$admtbl_added1 = ",expire,prod_id";
$admtbl_added2 = ",'0000-00-00','0'";
} else {
if ($a2["heb_type"] == "server") {
$admtbl_added1 = ",expire,prod_id";
$admtbl_added2 = ",'0000-00-00','0'";
} else {
$admtbl_added1 = ",expire,prod_id";
$admtbl_added2 = ",'{$expires}','" . $a2["id"] . "'";
$admtbl_added3 = ", expire='{$expires}', prod_id='" . $a2["id"] . "' ";
}
}
if ($a["add_service"] != "yes") {
$adm_query = "INSERT INTO {$pro_mysql_admin_table}\n(adm_login ,adm_pass ,last_used_lang ,path ,id_client,bandwidth_per_month_mb,quota,nbrdb,allow_add_domain,max_domain,restricted_ftp_path,allow_dns_and_mx_change,ftp_login_flag,allow_mailing_list_edit,allow_subdomain_edit,max_email{$admtbl_added1}) VALUES\n('{$waiting_login}','" . $a["reqadm_pass"] . "','{$last_used_lang}','{$newadmin_path}','{$cid}','" . $a2["bandwidth"] . "','" . $a2["quota_disk"] . "','" . $a2["nbr_database"] . "','" . $a2["allow_add_domain"] . "','" . $a2["max_domain"] . "',\n'" . $a2["restricted_ftp_path"] . "','" . $a2["allow_dns_and_mx_change"] . "','" . $a2["ftp_login_flag"] . "','" . $a2["allow_mailing_list_edit"] . "','" . $a2["allow_subdomain_edit"] . "','" . $a2["nbr_email"] . "'{$admtbl_added2});";
mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
} else {
if ($a2["heb_type"] == "shared") {
$adm_query = "UPDATE {$pro_mysql_admin_table}\n\t\t\tSET bandwidth_per_month_mb='" . $a2["bandwidth"] . "', quota='" . $a2["quota_disk"] . "', nbrdb='" . $a2["nbr_database"] . "',\n\t\t\tallow_add_domain='" . $a2["allow_add_domain"] . "', max_domain='" . $a2["max_domain"] . "', restricted_ftp_path='" . $a2["restricted_ftp_path"] . "',\n\t\t\tallow_dns_and_mx_change='" . $a2["allow_dns_and_mx_change"] . "', ftp_login_flag='" . $a2["ftp_login_flag"] . "', allow_mailing_list_edit='" . $a2["allow_mailing_list_edit"] . "',\n\t\t\tallow_subdomain_edit='" . $a2["allow_subdomain_edit"] . "', max_email='" . $a2["nbr_email"] . "' {$admtbl_added3}\n\t\t\tWHERE adm_login='******';";
mysql_query($adm_query) or die("Cannot execute query \"{$adm_query}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
}
}
if ($a2["heb_type"] == "vps") {
$vps_xen_name = addVPSToUser($waiting_login, $a["vps_location"], $a2["id"], $a["vps_os"]);
$soap_client = connectToVPSServer($a["vps_location"]);
if ($soap_client == false) {
echo "Could not connect to the VPS server for doing the setup: please contact the administrator!";
} else {
$image_type = "lvm";
if (isVPSNodeLVMEnabled($a["vps_location"]) == "no") {
$image_type = "vbd";
}
$r = $soap_client->call("setupLVMDisks", array("vpsname" => $vps_xen_name, "hddsize" => $a2["quota_disk"], "swapsize" => $a2["memory_size"], "imagetype" => $image_type), "", "", "");
$qvps = "SELECT * FROM {$pro_mysql_vps_ip_table} WHERE vps_server_hostname='" . $a["vps_location"] . "' AND vps_xen_name='{$vps_xen_name}' LIMIT 1;";
$rvps = mysql_query($qvps) or die("Cannot execute query \"{$qvps}\" line " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
$nvps = mysql_num_rows($rvps);
if ($nvps != 1) {
echo "Cannot find VPS IP: wont be able to setup the os, please get in touch with the administrator!";
} else {
$avps = mysql_fetch_array($rvps);
$r = $soap_client->call("reinstallVPSos", array("vpsname" => $vps_xen_name, "ostype" => $a["vps_os"], "hddsize" => $a2["quota_disk"], "ramsize" => $a2["memory_size"], "ipaddr" => $avps["ip_addr"], "password" => $vps_root_pass), "", "", "");
$qcountry = "SELECT * FROM {$pro_mysql_vps_server_table} WHERE hostname='" . $a["vps_location"] . "';";
$rcountry = mysql_query($qcountry) or die("Cannot execute query \"{$qcountry}\" line " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
$ncountry = mysql_num_rows($rcountry);
if ($ncountry != 1) {
echo "Cannot find VPS server country!";
$country = 'US';
} else {
$acountry = mysql_fetch_array($rcountry);
$country = $acountry["country_code"];
}
}
}
// Read the (customizable) registration message to send
$txt_welcome_message = readCustomizedMessage("registration_msg/vps_open", $waiting_login);
} else {
if ($a2["heb_type"] == "server") {
// As there is currently no dedicated server provision system, we just do this:
$country = $conf_this_server_country_code;
addDedicatedToUser($waiting_login, $a["domain_name"], $a2["id"]);
// Read the (customizable) registration message to send
$txt_welcome_message = readCustomizedMessage("registration_msg/dedicated_open", $waiting_login);
} else {
$country = $conf_this_server_country_code;
addDomainToUser($waiting_login, $a["reqadm_pass"], $a["domain_name"]);
// Read the (customizable) registration message to send
$txt_welcome_message = readCustomizedMessage("registration_msg/shared_open", $waiting_login);
$q = "UPDATE {$pro_mysql_domain_table} SET max_email='" . $a2["nbr_email"] . "',quota='" . $a2["quota_disk"] . "' WHERE name='" . $a["domain_name"] . "';";
$r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
}
}
// Send a mail to user with how to login and use interface.
$txt_userwaiting_account_activated_subject = "{$conf_message_subject_header} Account {$waiting_login} has been activated!";
// Manage the signature of all registration messages
$signature = readCustomizedMessage("signature", $waiting_login);
$msg_2_send = str_replace("%%%SIGNATURE%%%", $signature, $txt_welcome_message);
// Manage the login info part of the message
if ($conf_use_ssl == "yes") {
$surl = "s";
} else {
$surl = "";
}
$dtc_login_info = "URL: http{$surl}://{$conf_administrative_site}/dtc/\nLogin: {$waiting_login}\nPassword: "******"reqadm_pass"];
$msg_2_send = str_replace("%%%DTC_LOGIN_INFO%%%", $dtc_login_info, $msg_2_send);
// Manage the header of the messages
$head = readCustomizedMessage("messages_header", $waiting_login);
$msg_2_send = $head . "\n" . $msg_2_send;
$headers = "From: " . $conf_webmaster_email_addr;
mail($a["email"], $txt_userwaiting_account_activated_subject, $msg_2_send, $headers);
// Now add a command to the user so we keep tracks of payments
$q = "INSERT INTO {$pro_mysql_completedorders_table} (id,id_client,domain_name,quantity,date,product_id,payment_id,country_code,last_expiry_date)\n\tVALUES ('','{$cid}','" . $a["domain_name"] . "','1','" . date("Y-m-d") . "','" . $a["product_id"] . "','" . $a["paiement_id"] . "','{$country}','" . date("Y-d-m") . "');";
mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
if (isset($affiliatename)) {
// Step 2) retrieve the kickback from the products table
$kickback = $a2["affiliate_kickback"];
$orderid = mysql_insert_id();
if ($kickback) {
// Step 3) if a kickback exists, store it in the affiliate transaction table
$kickback = 1.0 + $kickback - 1.0;
//cast to float. I hate PHP.
$xxs = "INSERT INTO affiliate_payments (adm_login,order_id,kickback) VALUES('{$affiliatename}',{$orderid},{$kickback});";
mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
}
}
// Finaly delete the user from the userwaiting table
$q = "DELETE FROM {$pro_mysql_new_admin_table} WHERE id='{$waiting_login_id}';";
mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
}
$NICS = $nic;
} else {
$NICS .= "+" . $nic;
}
}
}
if ($commit_flag == "yes") {
$soap_client = connectToVPSServer($vps_node);
if ($soap_client === false) {
echo "<font color=\"red\">" . _("Could not connect to VPS server!") . "</font>";
return;
}
$q = "UPDATE {$pro_mysql_vps_table} SET operatingsystem='" . $_REQUEST["os_type"] . "' WHERE vps_xen_name='{$vps_name}' AND vps_server_hostname='{$vps_node}';";
$r = mysql_query($q) or die("Cannot execute query \"{$q}\" ! line: " . __LINE__ . " file: " . __FILE__ . " sql said: " . mysql_error());
if ($_REQUEST["os_type"] != "netbsd") {
if (isVPSNodeLVMEnabled($vps_node) == "no") {
$image_type = "vbd";
} else {
$image_type = "lvm";
}
// On this one we pass only "XX" and not "xenXX" as parameter !
$r = $soap_client->call("reinstallVPSos", array("vpsname" => $vps_name, "ostype" => $_REQUEST["os_type"], "ramsize" => $ze_vps["ramsize"], "password" => $_REQUEST["root_password"], "nics" => $NICS, "gateway" => $gateway, "dns" => $dns), "", "", "");
}
}
}
if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "change_xenhvm_boot_iso") {
if (checkVPSAdmin($adm_login, $adm_pass, $vps_node, $vps_name) != true) {
$submit_err = _("Access not granted line ") . __LINE__ . _(" file ") . __FILE__;
$commit_flag = "no";
}
$soap_client = connectToVPSServer($vps_node);
$n = mysql_num_rows($r);
if ($n != 1) {
die("Didn't find the IP address you want to add line " . __LINE__ . " file " . __FILE__);
}
$prod = mysql_fetch_array($r);
$exp_date = calculateExpirationDate(date("Y-m-d"), $prod["period"]);
$q = "INSERT INTO {$pro_mysql_vps_table} (id,owner,vps_server_hostname,vps_xen_name,start_date,expire_date,hddsize,ramsize,bandwidth_per_month_gb,product_id)\n\tVALUES('','{$adm_login}','" . $a["vps_server_hostname"] . "','" . $a["vps_xen_name"] . "','" . date("Y-m-d") . "','{$exp_date}','" . $prod["quota_disk"] . "','" . $prod["memory_size"] . "','" . $prod["bandwidth"] . "','" . $_REQUEST["product_id"] . "');";
$r = mysql_query($q) or die("Cannot execute query \"{$q}\" line " . __LINE__ . " file " . __FILE__ . " sql said: " . mysql_error());
// Setup the physical VPS (do the lvcreate remotly)
if ($_REQUEST["physical_setup"] == "yes") {
$soap_client = connectToVPSServer($a["vps_server_hostname"]);
if ($soap_client == false) {
echo "Could not connect to the VPS server for doing the setup: please contact the administrator!";
} else {
$image_type = "lvm";
if (isVPSNodeLVMEnabled($a["vps_server_hostname"]) == "no") {
$image_type = "vbd";
}
$r = $soap_client->call("setupLVMDisks", array("vpsname" => $a["vps_xen_name"], "hddsize" => $prod["quota_disk"], "swapsize" => $prod["memory_size"], "imagetype" => $image_type), "", "", "");
}
}
}
// Import of domain config
if (isset($_REQUEST["action"]) && $_REQUEST["action"] == "import_domain") {
$adm_path = getAdminPath($adm_login);
$uploaded_file = basename($_FILES['domain_import_file']['name']);
$uploaded_full_path = $adm_path . "/" . $uploaded_file;
// echo "Importing domain file: ".$_FILES["domain_import_file"]["name"]." for user $adm_login";
move_uploaded_file($_FILES["domain_import_file"]["tmp_name"], $uploaded_full_path);
domainImport($uploaded_full_path, $adm_login, $adm_pass);
unlink($uploaded_full_path);