$sql = "UPDATE z_accounts SET ac_package_fk=" . Cleaner('i', $_POST['inPackage']) . " WHERE ac_id_pk=" . $_POST['inClientID'] . "";
DataExchange("w", $z_db_name, $sql);
$sql = "UPDATE z_personal SET ap_fullname_vc='" . Cleaner('i', $_POST['inFullName']) . "',\r\n\t\t\t\t\t\t\t\t\tap_email_vc='" . Cleaner('i', $_POST['inEmailAddress']) . "',\r\n\t\t\t\t\t\t\t\t\tap_address_tx='" . Cleaner('i', $_POST['inAddress']) . "',\r\n\t\t\t\t\t\t\t\t\tap_postcode_vc='" . Cleaner('i', $_POST['inPostCode']) . "',\r\n\t\t\t\t\t\t\t\t\tap_phone_vc='" . Cleaner('i', $_POST['inPhone']) . "'\r\n\t\t\t\t\t\t\t\t\tWHERE ap_acc_fk=" . $_POST['inClientID'] . "";
DataExchange("w", $z_db_name, $sql);
# See if a password reset has been initiated! - Added in ZPanel 5.1.0
if (isset($_POST['inNewPassword']) && $_POST['inNewPassword'] != "") {
# Get account username...
$sql = "SELECT * FROM z_accounts WHERE ac_id_pk=" . $_POST['inClientID'] . " AND ac_deleted_ts IS NULL";
$listclientid = DataExchange("r", $z_db_name, $sql);
$rowclientid = mysql_fetch_assoc($listclientid);
$resetforuser = $rowclientid['ac_user_vc'];
$sql = "UPDATE z_accounts SET ac_pass_vc='" . md5(Cleaner("i", $_POST['inNewPassword'])) . "' WHERE ac_id_pk=" . $_POST['inClientID'] . "";
DataExchange("w", $z_db_name, $sql);
$sql = "UPDATE z_accounts SET ac_pass_vc='" . md5(Cleaner("i", $_POST['inNewPassword'])) . "' WHERE ac_id_pk=" . $_POST['inClientID'] . "";
DataExchange("w", $z_db_name, $sql);
zapi_mysqluser_setpass($resetforuser, Cleaner("i", $_POST['inNewPassword']), $zdb);
TriggerLog($useraccount['ac_id_pk'], "Account password for (" . $resetforuser . ") has been reset by the account admin.");
}
# Log the package as modified so the daemon will make changes to vhosts if the client was moved to a different package.
if ($rowoldpackage['ac_package_fk'] != Cleaner('i', $_POST['inPackage'])) {
$sql = "UPDATE z_quotas SET qt_modified_in = 1 WHERE qt_package_fk = " . Cleaner('i', $_POST['inPackage']) . "";
DataExchange("w", $z_db_name, $sql);
}
$returnurl = GetNormalModuleURL($returnurl) . "&r=ok";
TriggerLog($useraccount['ac_id_pk'], $b = "User account ID: " . $_POST['inClientID'] . " was updated.");
header("location: " . $returnurl . "");
exit;
}
if ($_POST['inAction'] == 'delete') {
# User has choosen to delete a package...
do {
$newpass = Cleaner("i", $_POST['inNewPass']);
$conpass = Cleaner("i", $_POST['inConPass']);
$doresetmysql = Cleaner("i", $_POST['inResMySQL']);
$returnurl = $_POST['inReturnURL'];
if (md5($current_pass) != $useraccount['ac_pass_vc'] || empty($newpass)) {
# Current password does not match!
$endonerror = "&r=error";
} else {
if ($newpass == $conpass) {
# Check that the new password matches the confirmation box.
if ($doresetmysql != '1') {
# User has selected to update ZPanel account password only!
$sql = "UPDATE z_accounts SET ac_pass_vc='" . md5($newpass) . "' WHERE ac_id_pk=" . $acc_fk . "";
DataExchange("w", $z_db_name, $sql);
TriggerLog($acc_fk, "User has updated their ZPanel account password.");
$endonerror = "&r=ok";
} else {
# User has selected to change both passwords.
$sql = "UPDATE z_accounts SET ac_pass_vc='" . md5($newpass) . "' WHERE ac_id_pk=" . $acc_fk . "";
DataExchange("w", $z_db_name, $sql);
zapi_mysqluser_setpass($useraccount['ac_user_vc'], $newpass, $zdb);
TriggerLog($acc_fk, "User has updated both their ZPanel and MySQL account passwords.");
$endonerror = "&r=ok-both";
}
} else {
$endonerror = "&r=error";
}
}
$returnurl = GetNormalModuleURL($returnurl) . "" . $endonerror . "";
header("location: " . $returnurl . "");
exit;