2024-02-19 15:24:34 +08:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
|
|
|
|
|
* by https://t.me/ibnux
|
|
|
|
|
**/
|
|
|
|
|
|
|
|
|
|
if (realpath(__FILE__) == realpath($_SERVER['SCRIPT_FILENAME'])) {
|
|
|
|
|
header('HTTP/1.0 403 Forbidden', TRUE, 403);
|
|
|
|
|
header('location: ../');
|
|
|
|
|
die();
|
|
|
|
|
}
|
|
|
|
|
$root_path = realpath(dirname(__FILE__)) . DIRECTORY_SEPARATOR;
|
2024-05-07 11:53:04 +08:00
|
|
|
if (!isset($isApi)) {
|
2024-03-31 22:23:19 +08:00
|
|
|
$isApi = false;
|
|
|
|
|
}
|
2024-02-19 15:24:34 +08:00
|
|
|
// on some server, it getting error because of slash is backwards
|
|
|
|
|
function _autoloader($class)
|
|
|
|
|
{
|
|
|
|
|
global $root_path;
|
|
|
|
|
if (strpos($class, '_') !== false) {
|
|
|
|
|
$class = str_replace('_', DIRECTORY_SEPARATOR, $class);
|
|
|
|
|
if (file_exists($root_path . DIRECTORY_SEPARATOR . 'system' . DIRECTORY_SEPARATOR . 'autoload' . DIRECTORY_SEPARATOR . $class . '.php')) {
|
|
|
|
|
include $root_path . DIRECTORY_SEPARATOR . 'system' . DIRECTORY_SEPARATOR . 'autoload' . DIRECTORY_SEPARATOR . $class . '.php';
|
|
|
|
|
} else {
|
|
|
|
|
$class = str_replace("\\", DIRECTORY_SEPARATOR, $class);
|
|
|
|
|
if (file_exists($root_path . DIRECTORY_SEPARATOR . 'system' . DIRECTORY_SEPARATOR . 'autoload' . DIRECTORY_SEPARATOR . $class . '.php'))
|
|
|
|
|
include $root_path . DIRECTORY_SEPARATOR . 'system' . DIRECTORY_SEPARATOR . 'autoload' . DIRECTORY_SEPARATOR . $class . '.php';
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if (file_exists($root_path . DIRECTORY_SEPARATOR . 'system' . DIRECTORY_SEPARATOR . 'autoload' . DIRECTORY_SEPARATOR . $class . '.php')) {
|
|
|
|
|
include $root_path . DIRECTORY_SEPARATOR . 'system' . DIRECTORY_SEPARATOR . 'autoload' . DIRECTORY_SEPARATOR . $class . '.php';
|
|
|
|
|
} else {
|
|
|
|
|
$class = str_replace("\\", DIRECTORY_SEPARATOR, $class);
|
|
|
|
|
if (file_exists($root_path . DIRECTORY_SEPARATOR . 'system' . DIRECTORY_SEPARATOR . 'autoload' . DIRECTORY_SEPARATOR . $class . '.php'))
|
|
|
|
|
include $root_path . DIRECTORY_SEPARATOR . 'system' . DIRECTORY_SEPARATOR . 'autoload' . DIRECTORY_SEPARATOR . $class . '.php';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
spl_autoload_register('_autoloader');
|
|
|
|
|
|
|
|
|
|
if (!file_exists($root_path . 'config.php')) {
|
|
|
|
|
$root_path .= '..' . DIRECTORY_SEPARATOR;
|
|
|
|
|
if (!file_exists($root_path . 'config.php')) {
|
2024-02-26 12:01:54 +08:00
|
|
|
r2('install');
|
2024-02-19 15:24:34 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!file_exists($root_path . File::pathFixer('system/orm.php'))) {
|
|
|
|
|
die($root_path . "orm.php file not found");
|
|
|
|
|
}
|
|
|
|
|
|
2024-06-04 18:14:04 +08:00
|
|
|
$DEVICE_PATH = $root_path . File::pathFixer('system/devices');
|
2024-02-26 12:01:54 +08:00
|
|
|
$UPLOAD_PATH = $root_path . File::pathFixer('system/uploads');
|
|
|
|
|
$CACHE_PATH = $root_path . File::pathFixer('system/cache');
|
|
|
|
|
$PAGES_PATH = $root_path . File::pathFixer('pages');
|
2024-02-26 15:38:04 +08:00
|
|
|
$PLUGIN_PATH = $root_path . File::pathFixer('system/plugin');
|
|
|
|
|
$PAYMENTGATEWAY_PATH = $root_path . File::pathFixer('system/paymentgateway');
|
|
|
|
|
$UI_PATH = 'ui';
|
|
|
|
|
|
|
|
|
|
if (!file_exists($UPLOAD_PATH . File::pathFixer('/notifications.default.json'))) {
|
|
|
|
|
die($UPLOAD_PATH . File::pathFixer("/notifications.default.json file not found"));
|
|
|
|
|
}
|
2024-02-26 12:01:54 +08:00
|
|
|
|
2024-02-19 15:24:34 +08:00
|
|
|
require_once $root_path . 'config.php';
|
|
|
|
|
require_once $root_path . File::pathFixer('system/orm.php');
|
|
|
|
|
require_once $root_path . File::pathFixer('system/autoload/PEAR2/Autoload.php');
|
|
|
|
|
include $root_path . File::pathFixer('system/autoload/Hookers.php');
|
|
|
|
|
|
2024-07-29 17:19:43 +08:00
|
|
|
if($db_password != null && ($db_pass == null || empty($db_pass))){
|
2024-07-24 10:20:21 +08:00
|
|
|
// compability for old version
|
|
|
|
|
$db_pass = $db_password;
|
|
|
|
|
}
|
2024-07-29 17:19:43 +08:00
|
|
|
if($db_pass != null){
|
2024-07-29 10:06:27 +08:00
|
|
|
// compability for old version
|
|
|
|
|
$db_password = $db_pass;
|
|
|
|
|
}
|
2024-02-19 15:24:34 +08:00
|
|
|
ORM::configure("mysql:host=$db_host;dbname=$db_name");
|
|
|
|
|
ORM::configure('username', $db_user);
|
2024-07-24 10:20:21 +08:00
|
|
|
ORM::configure('password', $db_pass);
|
2024-02-19 15:24:34 +08:00
|
|
|
ORM::configure('return_result_sets', true);
|
|
|
|
|
if ($_app_stage != 'Live') {
|
|
|
|
|
ORM::configure('logging', true);
|
|
|
|
|
}
|
2024-05-07 11:53:04 +08:00
|
|
|
if ($isApi) {
|
2024-04-01 14:01:21 +08:00
|
|
|
define('U', APP_URL . '/system/api.php?r=');
|
2024-05-07 11:53:04 +08:00
|
|
|
} else {
|
2024-04-01 14:01:21 +08:00
|
|
|
define('U', APP_URL . '/index.php?_route=');
|
|
|
|
|
}
|
2024-02-19 15:24:34 +08:00
|
|
|
|
|
|
|
|
// notification message
|
2024-02-27 11:31:56 +08:00
|
|
|
if (file_exists($UPLOAD_PATH . DIRECTORY_SEPARATOR . "notifications.json")) {
|
|
|
|
|
$_notifmsg = json_decode(file_get_contents($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'notifications.json'), true);
|
2024-02-19 15:24:34 +08:00
|
|
|
}
|
2024-02-27 11:31:56 +08:00
|
|
|
$_notifmsg_default = json_decode(file_get_contents($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'notifications.default.json'), true);
|
2024-02-19 15:24:34 +08:00
|
|
|
|
|
|
|
|
//register all plugin
|
2024-02-26 15:38:04 +08:00
|
|
|
foreach (glob(File::pathFixer($PLUGIN_PATH . DIRECTORY_SEPARATOR . '*.php')) as $filename) {
|
2024-02-19 15:24:34 +08:00
|
|
|
try {
|
|
|
|
|
include $filename;
|
|
|
|
|
} catch (Throwable $e) {
|
|
|
|
|
//ignore plugin error
|
|
|
|
|
} catch (Exception $e) {
|
|
|
|
|
//ignore plugin error
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$result = ORM::for_table('tbl_appconfig')->find_many();
|
|
|
|
|
foreach ($result as $value) {
|
|
|
|
|
$config[$value['setting']] = $value['value'];
|
|
|
|
|
}
|
2024-02-28 19:19:17 +08:00
|
|
|
$_c = $config;
|
2024-02-19 15:24:34 +08:00
|
|
|
if (empty($http_proxy) && !empty($config['http_proxy'])) {
|
|
|
|
|
$http_proxy = $config['http_proxy'];
|
|
|
|
|
if (empty($http_proxyauth) && !empty($config['http_proxyauth'])) {
|
|
|
|
|
$http_proxyauth = $config['http_proxyauth'];
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
date_default_timezone_set($config['timezone']);
|
|
|
|
|
|
|
|
|
|
if ((!empty($radius_user) && $config['radius_enable']) || _post('radius_enable')) {
|
2024-05-21 10:03:22 +08:00
|
|
|
if(!empty($radius_password)){
|
2024-07-24 10:20:21 +08:00
|
|
|
// compability for old version
|
2024-05-21 10:03:22 +08:00
|
|
|
$radius_pass = $radius_password;
|
|
|
|
|
}
|
2024-02-19 15:24:34 +08:00
|
|
|
ORM::configure("mysql:host=$radius_host;dbname=$radius_name", null, 'radius');
|
|
|
|
|
ORM::configure('username', $radius_user, 'radius');
|
|
|
|
|
ORM::configure('password', $radius_pass, 'radius');
|
|
|
|
|
ORM::configure('driver_options', array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'), 'radius');
|
|
|
|
|
ORM::configure('return_result_sets', true, 'radius');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2024-08-15 01:24:43 +08:00
|
|
|
// Check if the user has selected a language
|
|
|
|
|
if (!empty($_SESSION['user_language'])) {
|
|
|
|
|
$config['language'] = $_SESSION['user_language'];
|
2024-08-16 10:35:25 +08:00
|
|
|
}else if (!empty($_COOKIE['user_language'])) {
|
|
|
|
|
$config['language'] = $_COOKIE['user_language'];
|
2024-08-19 15:58:52 +08:00
|
|
|
}else if(User::getID()>0){
|
|
|
|
|
$lang = User::getAttribute("Language");
|
|
|
|
|
if(!empty($lang)){
|
|
|
|
|
$config['language'] = $lang;
|
|
|
|
|
}
|
2024-02-19 15:24:34 +08:00
|
|
|
}
|
2024-08-15 01:24:43 +08:00
|
|
|
|
|
|
|
|
if (empty($_SESSION['Lang'])) {
|
|
|
|
|
if (empty($config['language'])) {
|
|
|
|
|
$config['language'] = 'english';
|
|
|
|
|
}
|
|
|
|
|
$lan_file = $root_path . File::pathFixer('system/lan/' . $config['language'] . '.json');
|
|
|
|
|
if (file_exists($lan_file)) {
|
|
|
|
|
$_L = json_decode(file_get_contents($lan_file), true);
|
|
|
|
|
$_SESSION['Lang'] = $_L;
|
|
|
|
|
} else {
|
|
|
|
|
$_L['author'] = 'Auto Generated by iBNuX Script';
|
|
|
|
|
$_SESSION['Lang'] = $_L;
|
|
|
|
|
file_put_contents($lan_file, json_encode($_L));
|
|
|
|
|
}
|
2024-02-19 15:24:34 +08:00
|
|
|
} else {
|
2024-08-15 01:24:43 +08:00
|
|
|
$_L = $_SESSION['Lang'];
|
2024-02-19 15:24:34 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function safedata($value)
|
|
|
|
|
{
|
|
|
|
|
$value = trim($value);
|
|
|
|
|
return $value;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function _post($param, $defvalue = '')
|
|
|
|
|
{
|
|
|
|
|
if (!isset($_POST[$param])) {
|
|
|
|
|
return $defvalue;
|
|
|
|
|
} else {
|
|
|
|
|
return safedata($_POST[$param]);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function _get($param, $defvalue = '')
|
|
|
|
|
{
|
|
|
|
|
if (!isset($_GET[$param])) {
|
|
|
|
|
return $defvalue;
|
|
|
|
|
} else {
|
|
|
|
|
return safedata($_GET[$param]);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function _req($param, $defvalue = '')
|
|
|
|
|
{
|
|
|
|
|
if (!isset($_REQUEST[$param])) {
|
|
|
|
|
return $defvalue;
|
|
|
|
|
} else {
|
|
|
|
|
return safedata($_REQUEST[$param]);
|
|
|
|
|
}
|
2024-02-19 17:28:55 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function _auth($login = true)
|
|
|
|
|
{
|
|
|
|
|
if (User::getID()) {
|
|
|
|
|
return true;
|
|
|
|
|
} else {
|
|
|
|
|
if ($login) {
|
|
|
|
|
r2(U . 'login');
|
|
|
|
|
} else {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function _admin($login = true)
|
|
|
|
|
{
|
|
|
|
|
if (Admin::getID()) {
|
|
|
|
|
return true;
|
|
|
|
|
} else {
|
|
|
|
|
if ($login) {
|
|
|
|
|
r2(U . 'login');
|
|
|
|
|
} else {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function _log($description, $type = '', $userid = '0')
|
|
|
|
|
{
|
|
|
|
|
$d = ORM::for_table('tbl_logs')->create();
|
|
|
|
|
$d->date = date('Y-m-d H:i:s');
|
|
|
|
|
$d->type = $type;
|
|
|
|
|
$d->description = $description;
|
|
|
|
|
$d->userid = $userid;
|
2024-03-29 00:20:14 +08:00
|
|
|
if (!empty($_SERVER['HTTP_CF_CONNECTING_IP'])) //to check ip is pass from cloudflare tunnel
|
|
|
|
|
{
|
2024-03-30 13:04:30 +08:00
|
|
|
$d->ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
|
|
|
|
|
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
|
2024-03-29 00:20:14 +08:00
|
|
|
{
|
2024-03-30 13:04:30 +08:00
|
|
|
$d->ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
|
|
|
|
} elseif (!empty($_SERVER['HTTP_CLIENT_IP'])) //to check ip from share internet
|
2024-03-29 00:20:14 +08:00
|
|
|
{
|
2024-03-30 13:04:30 +08:00
|
|
|
$d->ip = $_SERVER['HTTP_CLIENT_IP'];
|
|
|
|
|
} else {
|
|
|
|
|
$d->ip = $_SERVER["REMOTE_ADDR"];
|
2024-03-29 00:20:14 +08:00
|
|
|
}
|
2024-02-19 17:28:55 +08:00
|
|
|
$d->save();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function Lang($key)
|
|
|
|
|
{
|
|
|
|
|
return Lang::T($key);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function alphanumeric($str, $tambahan = "")
|
|
|
|
|
{
|
2024-04-22 15:02:33 +08:00
|
|
|
return Text::alphanumeric($str, $tambahan);
|
2024-02-19 17:28:55 +08:00
|
|
|
}
|
|
|
|
|
|
2024-03-30 13:04:30 +08:00
|
|
|
function showResult($success, $message = '', $result = [], $meta = [])
|
|
|
|
|
{
|
2024-04-01 14:01:21 +08:00
|
|
|
header("Content-Type: Application/json");
|
|
|
|
|
$json = json_encode(['success' => $success, 'message' => $message, 'result' => $result, 'meta' => $meta]);
|
|
|
|
|
echo $json;
|
|
|
|
|
die();
|
2024-03-30 13:04:30 +08:00
|
|
|
}
|
2024-02-19 17:28:55 +08:00
|
|
|
|
2024-05-01 04:16:20 +08:00
|
|
|
|
2024-05-07 11:53:04 +08:00
|
|
|
function generateUniqueNumericVouchers($totalVouchers, $length = 8)
|
|
|
|
|
{
|
2024-05-01 04:16:20 +08:00
|
|
|
// Define characters allowed in the voucher code
|
|
|
|
|
$characters = '0123456789';
|
|
|
|
|
$charactersLength = strlen($characters);
|
|
|
|
|
$vouchers = array();
|
2024-05-07 11:53:04 +08:00
|
|
|
|
2024-05-01 04:16:20 +08:00
|
|
|
// Attempt to generate unique voucher codes
|
|
|
|
|
for ($j = 0; $j < $totalVouchers; $j++) {
|
|
|
|
|
do {
|
|
|
|
|
$voucherCode = '';
|
|
|
|
|
// Generate the voucher code
|
|
|
|
|
for ($i = 0; $i < $length; $i++) {
|
|
|
|
|
$voucherCode .= $characters[rand(0, $charactersLength - 1)];
|
|
|
|
|
}
|
|
|
|
|
// Check if the generated voucher code already exists in the array
|
|
|
|
|
$isUnique = !in_array($voucherCode, $vouchers);
|
|
|
|
|
} while (!$isUnique);
|
2024-05-07 11:53:04 +08:00
|
|
|
|
2024-05-01 04:16:20 +08:00
|
|
|
$vouchers[] = $voucherCode;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $vouchers;
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-19 17:28:55 +08:00
|
|
|
function sendTelegram($txt)
|
|
|
|
|
{
|
|
|
|
|
Message::sendTelegram($txt);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function sendSMS($phone, $txt)
|
|
|
|
|
{
|
|
|
|
|
Message::sendSMS($phone, $txt);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function sendWhatsapp($phone, $txt)
|
|
|
|
|
{
|
|
|
|
|
Message::sendWhatsapp($phone, $txt);
|
|
|
|
|
}
|
|
|
|
|
|
2024-02-26 12:01:54 +08:00
|
|
|
function r2($to, $ntype = 'e', $msg = '')
|
|
|
|
|
{
|
2024-03-31 22:23:19 +08:00
|
|
|
global $isApi;
|
|
|
|
|
if ($isApi) {
|
|
|
|
|
showResult(
|
2024-05-07 11:53:04 +08:00
|
|
|
($ntype == 's') ? true : false,
|
2024-03-31 22:23:19 +08:00
|
|
|
$msg
|
|
|
|
|
);
|
|
|
|
|
}
|
2024-02-26 12:01:54 +08:00
|
|
|
if ($msg == '') {
|
|
|
|
|
header("location: $to");
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
$_SESSION['ntype'] = $ntype;
|
|
|
|
|
$_SESSION['notify'] = $msg;
|
|
|
|
|
header("location: $to");
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
|
2024-03-01 10:57:59 +08:00
|
|
|
function _alert($text, $type = 'success', $url = "home", $time = 3)
|
2024-02-23 15:20:12 +08:00
|
|
|
{
|
2024-03-30 13:02:57 +08:00
|
|
|
global $ui, $isApi;
|
|
|
|
|
if ($isApi) {
|
|
|
|
|
showResult(
|
2024-03-30 13:04:30 +08:00
|
|
|
($type == 'success') ? true : false,
|
2024-03-30 13:02:57 +08:00
|
|
|
$text
|
|
|
|
|
);
|
|
|
|
|
}
|
2024-02-26 12:01:54 +08:00
|
|
|
if (!isset($ui)) return;
|
|
|
|
|
if (strlen($url) > 4) {
|
|
|
|
|
if (substr($url, 0, 4) != "http") {
|
|
|
|
|
$url = U . $url;
|
2024-02-23 15:20:12 +08:00
|
|
|
}
|
2024-02-26 12:01:54 +08:00
|
|
|
} else {
|
|
|
|
|
$url = U . $url;
|
2024-02-23 15:20:12 +08:00
|
|
|
}
|
|
|
|
|
$ui->assign('text', $text);
|
|
|
|
|
$ui->assign('type', $type);
|
2024-03-01 10:57:59 +08:00
|
|
|
$ui->assign('time', $time);
|
2024-02-23 15:20:12 +08:00
|
|
|
$ui->assign('url', $url);
|
|
|
|
|
$ui->display('alert.tpl');
|
2024-03-01 10:57:59 +08:00
|
|
|
die();
|
2024-02-23 15:20:12 +08:00
|
|
|
}
|
|
|
|
|
|
2024-02-19 17:28:55 +08:00
|
|
|
|
2024-02-26 12:01:54 +08:00
|
|
|
if (!isset($api_secret)) {
|
2024-07-29 10:06:27 +08:00
|
|
|
$api_secret = $db_pass;
|
2024-02-19 17:28:55 +08:00
|
|
|
}
|
2024-05-21 07:22:40 +08:00
|
|
|
|
|
|
|
|
function displayMaintenanceMessage(): void
|
|
|
|
|
{
|
|
|
|
|
global $config, $ui;
|
|
|
|
|
$date = $config['maintenance_date'];
|
|
|
|
|
if ($date){
|
|
|
|
|
$ui->assign('date', $date);
|
2024-06-04 18:14:04 +08:00
|
|
|
}
|
2024-05-21 07:22:40 +08:00
|
|
|
http_response_code(503);
|
|
|
|
|
$ui->assign('companyName', $config['CompanyName']);
|
|
|
|
|
$ui->display('maintenance.tpl');
|
|
|
|
|
die();
|
|
|
|
|
}
|
2024-08-05 20:52:14 +08:00
|
|
|
|
2024-08-15 23:46:44 +08:00
|
|
|
function isTableExist($table)
|
2024-08-05 20:52:14 +08:00
|
|
|
{
|
|
|
|
|
try {
|
2024-08-15 23:46:44 +08:00
|
|
|
$record = ORM::forTable($table)->find_one();
|
2024-08-05 20:52:14 +08:00
|
|
|
return $record !== false;
|
|
|
|
|
} catch (Exception $e) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
2024-08-15 23:46:44 +08:00
|
|
|
|
