示例#1
0
    $sql = "UPDATE z_accounts SET ac_package_fk=" . Cleaner('i', $_POST['inPackage']) . " WHERE ac_id_pk=" . $_POST['inClientID'] . "";
    DataExchange("w", $z_db_name, $sql);
    $sql = "UPDATE z_personal SET ap_fullname_vc='" . Cleaner('i', $_POST['inFullName']) . "',\r\n\t\t\t\t\t\t\t\t\tap_email_vc='" . Cleaner('i', $_POST['inEmailAddress']) . "',\r\n\t\t\t\t\t\t\t\t\tap_address_tx='" . Cleaner('i', $_POST['inAddress']) . "',\r\n\t\t\t\t\t\t\t\t\tap_postcode_vc='" . Cleaner('i', $_POST['inPostCode']) . "',\r\n\t\t\t\t\t\t\t\t\tap_phone_vc='" . Cleaner('i', $_POST['inPhone']) . "'\r\n\t\t\t\t\t\t\t\t\tWHERE ap_acc_fk=" . $_POST['inClientID'] . "";
    DataExchange("w", $z_db_name, $sql);
    # See if a password reset has been initiated! - Added in ZPanel 5.1.0
    if (isset($_POST['inNewPassword']) && $_POST['inNewPassword'] != "") {
        # Get account username...
        $sql = "SELECT * FROM z_accounts WHERE ac_id_pk=" . $_POST['inClientID'] . " AND ac_deleted_ts IS NULL";
        $listclientid = DataExchange("r", $z_db_name, $sql);
        $rowclientid = mysql_fetch_assoc($listclientid);
        $resetforuser = $rowclientid['ac_user_vc'];
        $sql = "UPDATE z_accounts SET ac_pass_vc='" . md5(Cleaner("i", $_POST['inNewPassword'])) . "' WHERE ac_id_pk=" . $_POST['inClientID'] . "";
        DataExchange("w", $z_db_name, $sql);
        $sql = "UPDATE z_accounts SET ac_pass_vc='" . md5(Cleaner("i", $_POST['inNewPassword'])) . "' WHERE ac_id_pk=" . $_POST['inClientID'] . "";
        DataExchange("w", $z_db_name, $sql);
        zapi_mysqluser_setpass($resetforuser, Cleaner("i", $_POST['inNewPassword']), $zdb);
        TriggerLog($useraccount['ac_id_pk'], "Account password for (" . $resetforuser . ") has been reset by the account admin.");
    }
    # Log the package as modified so the daemon will make changes to vhosts if the client was moved to a different package.
    if ($rowoldpackage['ac_package_fk'] != Cleaner('i', $_POST['inPackage'])) {
        $sql = "UPDATE z_quotas SET qt_modified_in = 1 WHERE qt_package_fk = " . Cleaner('i', $_POST['inPackage']) . "";
        DataExchange("w", $z_db_name, $sql);
    }
    $returnurl = GetNormalModuleURL($returnurl) . "&r=ok";
    TriggerLog($useraccount['ac_id_pk'], $b = "User account ID: " . $_POST['inClientID'] . " was updated.");
    header("location: " . $returnurl . "");
    exit;
}
if ($_POST['inAction'] == 'delete') {
    # User has choosen to delete a package...
    do {
示例#2
0
$newpass = Cleaner("i", $_POST['inNewPass']);
$conpass = Cleaner("i", $_POST['inConPass']);
$doresetmysql = Cleaner("i", $_POST['inResMySQL']);
$returnurl = $_POST['inReturnURL'];
if (md5($current_pass) != $useraccount['ac_pass_vc'] || empty($newpass)) {
    # Current password does not match!
    $endonerror = "&r=error";
} else {
    if ($newpass == $conpass) {
        # Check that the new password matches the confirmation box.
        if ($doresetmysql != '1') {
            # User has selected to update ZPanel account password only!
            $sql = "UPDATE z_accounts SET ac_pass_vc='" . md5($newpass) . "' WHERE ac_id_pk=" . $acc_fk . "";
            DataExchange("w", $z_db_name, $sql);
            TriggerLog($acc_fk, "User has updated their ZPanel account password.");
            $endonerror = "&r=ok";
        } else {
            # User has selected to change both passwords.
            $sql = "UPDATE z_accounts SET ac_pass_vc='" . md5($newpass) . "' WHERE ac_id_pk=" . $acc_fk . "";
            DataExchange("w", $z_db_name, $sql);
            zapi_mysqluser_setpass($useraccount['ac_user_vc'], $newpass, $zdb);
            TriggerLog($acc_fk, "User has updated both their ZPanel and MySQL account passwords.");
            $endonerror = "&r=ok-both";
        }
    } else {
        $endonerror = "&r=error";
    }
}
$returnurl = GetNormalModuleURL($returnurl) . "" . $endonerror . "";
header("location: " . $returnurl . "");
exit;