2017-03-11 03:51:06 +08:00
< ? php
2023-10-24 13:27:30 +08:00
2017-03-11 03:51:06 +08:00
/**
2023-10-12 16:55:42 +08:00
* PHP Mikrotik Billing ( https :// github . com / hotspotbilling / phpnuxbill / )
* by https :// t . me / ibnux
2021-11-08 20:56:30 +08:00
**/
2017-03-11 03:51:06 +08:00
_admin ();
2022-10-13 15:00:54 +08:00
$ui -> assign ( '_title' , $_L [ 'Settings' ]);
2017-03-11 03:51:06 +08:00
$ui -> assign ( '_system_menu' , 'settings' );
$action = $routes [ '1' ];
$admin = Admin :: _info ();
$ui -> assign ( '_admin' , $admin );
switch ( $action ) {
case 'app' :
2021-11-08 20:56:30 +08:00
if ( $admin [ 'user_type' ] != 'Admin' ) {
r2 ( U . " dashboard " , 'e' , $_L [ 'Do_Not_Access' ]);
}
2024-01-24 15:02:58 +08:00
if ( ! empty ( _get ( 'testWa' ))) {
$result = Message :: sendWhatsapp ( _get ( 'testWa' ), 'PHPNuxBill Test Whatsapp' );
r2 ( U . " settings/app " , 's' , 'Test Whatsapp has been send<br>Result: ' . $result );
}
if ( ! empty ( _get ( 'testSms' ))) {
$result = Message :: sendSMS ( _get ( 'testSms' ), 'PHPNuxBill Test SMS' );
r2 ( U . " settings/app " , 's' , 'Test SMS has been send<br>Result: ' . $result );
}
if ( ! empty ( _get ( 'testTg' ))) {
$result = Message :: sendTelegram ( 'PHPNuxBill Test Telegram' );
r2 ( U . " settings/app " , 's' , 'Test Telegram has been send<br>Result: ' . $result );
}
2023-08-30 10:55:39 +08:00
if ( file_exists ( 'system/uploads/logo.png' )) {
$logo = 'system/uploads/logo.png?' . time ();
} else {
$logo = 'system/uploads/logo.default.png' ;
}
$ui -> assign ( 'logo' , $logo );
2023-10-27 11:36:10 +08:00
if ( $_c [ 'radius_enable' ] && empty ( $_c [ 'radius_client' ])) {
2023-10-24 13:27:30 +08:00
try {
2023-10-12 16:01:49 +08:00
$_c [ 'radius_client' ] = Radius :: getClient ();
2023-10-12 15:33:37 +08:00
$ui -> assign ( '_c' , $_c );
2023-10-24 13:27:30 +08:00
} catch ( Exception $e ) {
2023-10-12 15:33:37 +08:00
//ignore
}
}
2023-10-12 17:15:50 +08:00
$themes = [];
$files = scandir ( 'ui/themes/' );
foreach ( $files as $file ) {
if ( is_dir ( 'ui/themes/' . $file ) && ! in_array ( $file , [ '.' , '..' ])) {
$themes [] = $file ;
}
}
2023-12-11 15:12:12 +08:00
$r = ORM :: for_table ( 'tbl_routers' ) -> find_many ();
$ui -> assign ( 'r' , $r );
if ( function_exists ( " shell_exec " )) {
$php = trim ( shell_exec ( 'which php' ));
if ( empty ( $php )) {
$php = 'php' ;
}
} else {
2023-10-17 17:51:53 +08:00
$php = 'php' ;
}
$ui -> assign ( 'php' , $php );
2023-10-24 13:27:30 +08:00
$ui -> assign ( 'dir' , str_replace ( 'controllers' , '' , __DIR__ ));
2023-10-12 17:15:50 +08:00
$ui -> assign ( 'themes' , $themes );
2022-09-18 01:00:40 +08:00
run_hook ( 'view_app_settings' ); #HOOK
2017-03-11 03:51:06 +08:00
$ui -> display ( 'app-settings.tpl' );
break ;
2021-11-08 20:56:30 +08:00
2017-03-11 03:51:06 +08:00
case 'localisation' :
2021-11-08 20:56:30 +08:00
if ( $admin [ 'user_type' ] != 'Admin' ) {
r2 ( U . " dashboard " , 'e' , $_L [ 'Do_Not_Access' ]);
}
2023-09-05 16:25:41 +08:00
$folders = [];
$files = scandir ( 'system/lan/' );
foreach ( $files as $file ) {
2023-10-06 17:57:18 +08:00
if ( is_dir ( 'system/lan/' . $file ) && ! in_array ( $file , [ '.' , '..' ])) {
2023-09-05 16:25:41 +08:00
$folders [] = $file ;
}
}
$ui -> assign ( 'lan' , $folders );
2017-03-11 03:51:06 +08:00
$timezonelist = Timezone :: timezoneList ();
2021-11-08 20:56:30 +08:00
$ui -> assign ( 'tlist' , $timezonelist );
2017-03-11 03:51:06 +08:00
$ui -> assign ( 'xjq' , ' $("#tzone").select2(); ' );
2022-09-18 01:00:40 +08:00
run_hook ( 'view_localisation' ); #HOOK
2017-03-11 03:51:06 +08:00
$ui -> display ( 'app-localisation.tpl' );
break ;
2021-11-08 20:56:30 +08:00
2017-03-11 03:51:06 +08:00
case 'users' :
2021-11-08 20:56:30 +08:00
if ( $admin [ 'user_type' ] != 'Admin' ) {
r2 ( U . " dashboard " , 'e' , $_L [ 'Do_Not_Access' ]);
}
2017-03-11 03:51:06 +08:00
$ui -> assign ( 'xfooter' , '<script type="text/javascript" src="ui/lib/c/users.js"></script>' );
2021-11-08 20:56:30 +08:00
$username = _post ( 'username' );
if ( $username != '' ) {
2023-10-24 13:27:30 +08:00
$paginator = Paginator :: build ( ORM :: for_table ( 'tbl_users' ), [ 'username' => '%' . $username . '%' ], $username );
2021-11-08 20:56:30 +08:00
$d = ORM :: for_table ( 'tbl_users' ) -> where_like ( 'username' , '%' . $username . '%' ) -> offset ( $paginator [ 'startpoint' ]) -> limit ( $paginator [ 'limit' ]) -> order_by_asc ( 'id' ) -> find_many ();
} else {
2023-10-24 13:27:30 +08:00
$paginator = Paginator :: build ( ORM :: for_table ( 'tbl_users' ));
2021-11-08 20:56:30 +08:00
$d = ORM :: for_table ( 'tbl_users' ) -> offset ( $paginator [ 'startpoint' ]) -> limit ( $paginator [ 'limit' ]) -> order_by_asc ( 'id' ) -> find_many ();
}
$ui -> assign ( 'd' , $d );
$ui -> assign ( 'paginator' , $paginator );
2022-09-18 01:00:40 +08:00
run_hook ( 'view_list_admin' ); #HOOK
2017-03-11 03:51:06 +08:00
$ui -> display ( 'users.tpl' );
break ;
case 'users-add' :
2021-11-08 20:56:30 +08:00
if ( $admin [ 'user_type' ] != 'Admin' ) {
r2 ( U . " dashboard " , 'e' , $_L [ 'Do_Not_Access' ]);
}
2022-09-18 01:00:40 +08:00
run_hook ( 'view_add_admin' ); #HOOK
2017-03-11 03:51:06 +08:00
$ui -> display ( 'users-add.tpl' );
break ;
case 'users-edit' :
2021-11-08 20:56:30 +08:00
if ( $admin [ 'user_type' ] != 'Admin' ) {
r2 ( U . " dashboard " , 'e' , $_L [ 'Do_Not_Access' ]);
}
2017-03-11 03:51:06 +08:00
$id = $routes [ '2' ];
$d = ORM :: for_table ( 'tbl_users' ) -> find_one ( $id );
2021-11-08 20:56:30 +08:00
if ( $d ) {
$ui -> assign ( 'd' , $d );
2022-09-18 01:00:40 +08:00
run_hook ( 'view_edit_admin' ); #HOOK
2017-03-11 03:51:06 +08:00
$ui -> display ( 'users-edit.tpl' );
2021-11-08 20:56:30 +08:00
} else {
2017-03-11 03:51:06 +08:00
r2 ( U . 'settings/users' , 'e' , $_L [ 'Account_Not_Found' ]);
}
break ;
case 'users-delete' :
2021-11-08 20:56:30 +08:00
if ( $admin [ 'user_type' ] != 'Admin' ) {
r2 ( U . " dashboard " , 'e' , $_L [ 'Do_Not_Access' ]);
}
2017-03-11 03:51:06 +08:00
$id = $routes [ '2' ];
2021-11-08 20:56:30 +08:00
if (( $admin [ 'id' ]) == $id ) {
2017-03-11 03:51:06 +08:00
r2 ( U . 'settings/users' , 'e' , 'Sorry You can\'t delete yourself' );
}
$d = ORM :: for_table ( 'tbl_users' ) -> find_one ( $id );
2021-11-08 20:56:30 +08:00
if ( $d ) {
2022-09-18 01:00:40 +08:00
run_hook ( 'delete_admin' ); #HOOK
2017-03-11 03:51:06 +08:00
$d -> delete ();
r2 ( U . 'settings/users' , 's' , $_L [ 'User_Delete_Ok' ]);
2021-11-08 20:56:30 +08:00
} else {
2017-03-11 03:51:06 +08:00
r2 ( U . 'settings/users' , 'e' , $_L [ 'Account_Not_Found' ]);
}
break ;
case 'users-post' :
$username = _post ( 'username' );
$fullname = _post ( 'fullname' );
$password = _post ( 'password' );
$cpassword = _post ( 'cpassword' );
$user_type = _post ( 'user_type' );
$msg = '' ;
2021-11-08 20:56:30 +08:00
if ( Validator :: Length ( $username , 16 , 2 ) == false ) {
$msg .= 'Username should be between 3 to 15 characters' . '<br>' ;
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
if ( Validator :: Length ( $fullname , 26 , 2 ) == false ) {
$msg .= 'Full Name should be between 3 to 25 characters' . '<br>' ;
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
if ( ! Validator :: Length ( $password , 15 , 5 )) {
$msg .= 'Password should be between 6 to 15 characters' . '<br>' ;
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
if ( $password != $cpassword ) {
$msg .= 'Passwords does not match' . '<br>' ;
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
$d = ORM :: for_table ( 'tbl_users' ) -> where ( 'username' , $username ) -> find_one ();
if ( $d ) {
$msg .= $_L [ 'account_already_exist' ] . '<br>' ;
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
$date_now = date ( " Y-m-d H:i:s " );
2022-09-18 01:00:40 +08:00
run_hook ( 'add_admin' ); #HOOK
2021-11-08 20:56:30 +08:00
if ( $msg == '' ) {
2017-03-11 03:51:06 +08:00
$password = Password :: _crypt ( $password );
$d = ORM :: for_table ( 'tbl_users' ) -> create ();
$d -> username = $username ;
2021-11-08 20:56:30 +08:00
$d -> fullname = $fullname ;
2017-03-11 03:51:06 +08:00
$d -> password = $password ;
$d -> user_type = $user_type ;
2021-11-08 20:56:30 +08:00
$d -> status = 'Active' ;
$d -> creationdate = $date_now ;
2017-03-11 03:51:06 +08:00
$d -> save ();
2021-11-08 20:56:30 +08:00
_log ( '[' . $admin [ 'username' ] . ']: ' . $_L [ 'account_created_successfully' ], 'Admin' , $admin [ 'id' ]);
2017-03-11 03:51:06 +08:00
r2 ( U . 'settings/users' , 's' , $_L [ 'account_created_successfully' ]);
2021-11-08 20:56:30 +08:00
} else {
2017-03-11 03:51:06 +08:00
r2 ( U . 'settings/users-add' , 'e' , $msg );
}
break ;
case 'users-edit-post' :
$username = _post ( 'username' );
$fullname = _post ( 'fullname' );
$password = _post ( 'password' );
$cpassword = _post ( 'cpassword' );
$msg = '' ;
2021-11-08 20:56:30 +08:00
if ( Validator :: Length ( $username , 16 , 2 ) == false ) {
$msg .= 'Username should be between 3 to 15 characters' . '<br>' ;
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
if ( Validator :: Length ( $fullname , 26 , 2 ) == false ) {
$msg .= 'Full Name should be between 3 to 25 characters' . '<br>' ;
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
if ( $password != '' ) {
if ( ! Validator :: Length ( $password , 15 , 5 )) {
$msg .= 'Password should be between 6 to 15 characters' . '<br>' ;
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
if ( $password != $cpassword ) {
$msg .= 'Passwords does not match' . '<br>' ;
2017-03-11 03:51:06 +08:00
}
}
$id = _post ( 'id' );
$d = ORM :: for_table ( 'tbl_users' ) -> find_one ( $id );
2021-11-08 20:56:30 +08:00
if ( $d ) {
} else {
$msg .= $_L [ 'Data_Not_Found' ] . '<br>' ;
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
if ( $d [ 'username' ] != $username ) {
$c = ORM :: for_table ( 'tbl_users' ) -> where ( 'username' , $username ) -> find_one ();
if ( $c ) {
$msg .= $_L [ 'account_already_exist' ] . '<br>' ;
2017-03-11 03:51:06 +08:00
}
}
2022-09-18 01:00:40 +08:00
run_hook ( 'edit_admin' ); #HOOK
2021-11-08 20:56:30 +08:00
if ( $msg == '' ) {
2017-03-11 03:51:06 +08:00
$d -> username = $username ;
2021-11-08 20:56:30 +08:00
if ( $password != '' ) {
2017-03-11 03:51:06 +08:00
$password = Password :: _crypt ( $password );
$d -> password = $password ;
}
$d -> fullname = $fullname ;
2021-11-08 20:56:30 +08:00
if (( $admin [ 'id' ]) != $id ) {
2017-03-11 03:51:06 +08:00
$user_type = _post ( 'user_type' );
$d -> user_type = $user_type ;
}
$d -> save ();
2021-11-08 20:56:30 +08:00
_log ( '[' . $admin [ 'username' ] . ']: ' . $_L [ 'User_Updated_Successfully' ], 'Admin' , $admin [ 'id' ]);
2017-03-11 03:51:06 +08:00
r2 ( U . 'settings/users' , 's' , 'User Updated Successfully' );
2021-11-08 20:56:30 +08:00
} else {
r2 ( U . 'settings/users-edit/' . $id , 'e' , $msg );
2017-03-11 03:51:06 +08:00
}
break ;
case 'app-post' :
2023-12-19 12:35:49 +08:00
$company = _post ( 'CompanyName' );
2022-09-18 01:00:40 +08:00
run_hook ( 'save_settings' ); #HOOK
2023-08-30 10:55:39 +08:00
if ( ! empty ( $_FILES [ 'logo' ][ 'name' ])) {
2023-10-24 13:27:30 +08:00
if ( function_exists ( 'imagecreatetruecolor' )) {
2023-10-17 15:38:37 +08:00
if ( file_exists ( 'system/uploads/logo.png' )) unlink ( 'system/uploads/logo.png' );
File :: resizeCropImage ( $_FILES [ 'logo' ][ 'tmp_name' ], 'system/uploads/logo.png' , 1078 , 200 , 100 );
if ( file_exists ( $_FILES [ 'logo' ][ 'tmp_name' ])) unlink ( $_FILES [ 'logo' ][ 'tmp_name' ]);
2023-10-24 13:27:30 +08:00
} else {
2023-10-17 15:38:37 +08:00
r2 ( U . 'settings/app' , 'e' , 'PHP GD is not installed' );
}
2023-08-30 10:55:39 +08:00
}
2022-09-01 15:52:32 +08:00
if ( $company == '' ) {
2021-11-08 20:56:30 +08:00
r2 ( U . 'settings/app' , 'e' , $_L [ 'All_field_is_required' ]);
} else {
2023-10-06 17:57:18 +08:00
if ( $radius_enable ) {
try {
2023-12-11 15:12:12 +08:00
Radius :: getTableNas () -> find_many ();
2023-10-06 17:57:18 +08:00
} catch ( Exception $e ) {
$ui -> assign ( " error_title " , " RADIUS Error " );
$ui -> assign ( " error_message " , " Radius table not found.<br><br> " .
$e -> getMessage () .
" <br><br>Download <a href= \" https://raw.githubusercontent.com/hotspotbilling/phpnuxbill/Development/install/radius.sql \" >here</a> or <a href= \" https://raw.githubusercontent.com/hotspotbilling/phpnuxbill/master/install/radius.sql \" >here</a> and import it to database.<br><br>Check config.php for radius connection details " );
$ui -> display ( 'router-error.tpl' );
die ();
}
}
2023-12-19 12:35:49 +08:00
// save all settings
2024-01-24 15:02:58 +08:00
foreach ( $_POST as $key => $value ) {
2023-12-19 12:35:49 +08:00
$d = ORM :: for_table ( 'tbl_appconfig' ) -> where ( 'setting' , $key ) -> find_one ();
if ( $d ) {
$d -> value = $value ;
$d -> save ();
} else {
$d = ORM :: for_table ( 'tbl_appconfig' ) -> create ();
$d -> setting = $key ;
$d -> value = $value ;
$d -> save ();
}
2023-10-12 15:33:37 +08:00
}
2024-02-07 13:02:39 +08:00
//checkbox
$checks = [ 'hide_mrc' , 'hide_tms' , 'hide_aui' , 'hide_al' , 'hide_uet' , 'hide_vs' , 'hide_pg' ];
foreach ( $checks as $check ) {
if ( ! isset ( $_POST [ $check ])){
$d = ORM :: for_table ( 'tbl_appconfig' ) -> where ( 'setting' , $check ) -> find_one ();
if ( $d ) {
$d -> value = 'no' ;
$d -> save ();
} else {
$d = ORM :: for_table ( 'tbl_appconfig' ) -> create ();
$d -> setting = $check ;
$d -> value = 'no' ;
$d -> save ();
}
}
}
2021-11-08 20:56:30 +08:00
_log ( '[' . $admin [ 'username' ] . ']: ' . $_L [ 'Settings_Saved_Successfully' ], 'Admin' , $admin [ 'id' ]);
r2 ( U . 'settings/app' , 's' , $_L [ 'Settings_Saved_Successfully' ]);
2017-03-11 03:51:06 +08:00
}
break ;
2021-11-08 20:56:30 +08:00
2017-03-11 03:51:06 +08:00
case 'localisation-post' :
$tzone = _post ( 'tzone' );
$date_format = _post ( 'date_format' );
2023-08-09 11:59:45 +08:00
$country_code_phone = _post ( 'country_code_phone' );
2017-03-11 03:51:06 +08:00
$lan = _post ( 'lan' );
2022-09-18 01:00:40 +08:00
run_hook ( 'save_localisation' ); #HOOK
2021-11-08 20:56:30 +08:00
if ( $tzone == '' or $date_format == '' or $lan == '' ) {
r2 ( U . 'settings/app' , 'e' , $_L [ 'All_field_is_required' ]);
} else {
$d = ORM :: for_table ( 'tbl_appconfig' ) -> where ( 'setting' , 'timezone' ) -> find_one ();
2017-03-11 03:51:06 +08:00
$d -> value = $tzone ;
$d -> save ();
2021-11-08 20:56:30 +08:00
$d = ORM :: for_table ( 'tbl_appconfig' ) -> where ( 'setting' , 'date_format' ) -> find_one ();
2017-03-11 03:51:06 +08:00
$d -> value = $date_format ;
$d -> save ();
2021-11-08 20:56:30 +08:00
2017-03-11 03:51:06 +08:00
$dec_point = $_POST [ 'dec_point' ];
2021-11-08 20:56:30 +08:00
if ( strlen ( $dec_point ) == '1' ) {
$d = ORM :: for_table ( 'tbl_appconfig' ) -> where ( 'setting' , 'dec_point' ) -> find_one ();
2017-03-11 03:51:06 +08:00
$d -> value = $dec_point ;
$d -> save ();
}
$thousands_sep = $_POST [ 'thousands_sep' ];
2021-11-08 20:56:30 +08:00
if ( strlen ( $thousands_sep ) == '1' ) {
$d = ORM :: for_table ( 'tbl_appconfig' ) -> where ( 'setting' , 'thousands_sep' ) -> find_one ();
2017-03-11 03:51:06 +08:00
$d -> value = $thousands_sep ;
$d -> save ();
}
2023-08-09 11:59:45 +08:00
$d = ORM :: for_table ( 'tbl_appconfig' ) -> where ( 'setting' , 'country_code_phone' ) -> find_one ();
2023-08-30 10:55:39 +08:00
if ( $d ) {
2023-08-09 11:59:45 +08:00
$d -> value = $country_code_phone ;
$d -> save ();
2023-08-30 10:55:39 +08:00
} else {
2023-08-09 11:59:45 +08:00
$d = ORM :: for_table ( 'tbl_appconfig' ) -> create ();
$d -> setting = 'country_code_phone' ;
$d -> value = $country_code_phone ;
$d -> save ();
}
2023-10-04 18:07:13 +08:00
$d = ORM :: for_table ( 'tbl_appconfig' ) -> where ( 'setting' , 'radius_plan' ) -> find_one ();
if ( $d ) {
$d -> value = _post ( 'radius_plan' );
$d -> save ();
} else {
$d = ORM :: for_table ( 'tbl_appconfig' ) -> create ();
$d -> setting = 'radius_plan' ;
$d -> value = _post ( 'radius_plan' );
$d -> save ();
}
$d = ORM :: for_table ( 'tbl_appconfig' ) -> where ( 'setting' , 'hotspot_plan' ) -> find_one ();
if ( $d ) {
$d -> value = _post ( 'hotspot_plan' );
$d -> save ();
} else {
$d = ORM :: for_table ( 'tbl_appconfig' ) -> create ();
$d -> setting = 'hotspot_plan' ;
$d -> value = _post ( 'hotspot_plan' );
$d -> save ();
}
$d = ORM :: for_table ( 'tbl_appconfig' ) -> where ( 'setting' , 'pppoe_plan' ) -> find_one ();
if ( $d ) {
$d -> value = _post ( 'pppoe_plan' );
$d -> save ();
} else {
$d = ORM :: for_table ( 'tbl_appconfig' ) -> create ();
$d -> setting = 'pppoe_plan' ;
$d -> value = _post ( 'pppoe_plan' );
$d -> save ();
}
2017-03-11 03:51:06 +08:00
$currency_code = $_POST [ 'currency_code' ];
2021-11-08 20:56:30 +08:00
$d = ORM :: for_table ( 'tbl_appconfig' ) -> where ( 'setting' , 'currency_code' ) -> find_one ();
2017-03-11 03:51:06 +08:00
$d -> value = $currency_code ;
$d -> save ();
2021-11-08 20:56:30 +08:00
$d = ORM :: for_table ( 'tbl_appconfig' ) -> where ( 'setting' , 'language' ) -> find_one ();
2017-03-11 03:51:06 +08:00
$d -> value = $lan ;
$d -> save ();
2021-11-08 20:56:30 +08:00
_log ( '[' . $admin [ 'username' ] . ']: ' . $_L [ 'Settings_Saved_Successfully' ], 'Admin' , $admin [ 'id' ]);
r2 ( U . 'settings/localisation' , 's' , $_L [ 'Settings_Saved_Successfully' ]);
2017-03-11 03:51:06 +08:00
}
break ;
2021-11-08 20:56:30 +08:00
2017-03-11 03:51:06 +08:00
case 'change-password' :
2021-11-08 20:56:30 +08:00
if ( $admin [ 'user_type' ] != 'Admin' and $admin [ 'user_type' ] != 'Sales' ) {
r2 ( U . " dashboard " , 'e' , $_L [ 'Do_Not_Access' ]);
}
2022-09-18 01:00:40 +08:00
run_hook ( 'view_change_password' ); #HOOK
2017-03-11 03:51:06 +08:00
$ui -> display ( 'change-password.tpl' );
break ;
case 'change-password-post' :
$password = _post ( 'password' );
2021-11-08 20:56:30 +08:00
if ( $password != '' ) {
$d = ORM :: for_table ( 'tbl_users' ) -> where ( 'username' , $admin [ 'username' ]) -> find_one ();
2022-09-18 01:00:40 +08:00
run_hook ( 'change_password' ); #HOOK
2021-11-08 20:56:30 +08:00
if ( $d ) {
2017-03-11 03:51:06 +08:00
$d_pass = $d [ 'password' ];
2021-11-08 20:56:30 +08:00
if ( Password :: _verify ( $password , $d_pass ) == true ) {
2017-03-11 03:51:06 +08:00
$npass = _post ( 'npass' );
$cnpass = _post ( 'cnpass' );
2021-11-08 20:56:30 +08:00
if ( ! Validator :: Length ( $npass , 15 , 5 )) {
r2 ( U . 'settings/change-password' , 'e' , 'New Password must be 6 to 14 character' );
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
if ( $npass != $cnpass ) {
r2 ( U . 'settings/change-password' , 'e' , 'Both Password should be same' );
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
2017-03-11 03:51:06 +08:00
$npass = Password :: _crypt ( $npass );
$d -> password = $npass ;
$d -> save ();
2021-11-08 20:56:30 +08:00
_msglog ( 's' , $_L [ 'Password_Changed_Successfully' ]);
_log ( '[' . $admin [ 'username' ] . ']: Password changed successfully' , 'Admin' , $admin [ 'id' ]);
r2 ( U . 'admin' );
} else {
r2 ( U . 'settings/change-password' , 'e' , $_L [ 'Incorrect_Current_Password' ]);
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
} else {
r2 ( U . 'settings/change-password' , 'e' , $_L [ 'Incorrect_Current_Password' ]);
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
} else {
r2 ( U . 'settings/change-password' , 'e' , $_L [ 'Incorrect_Current_Password' ]);
2017-03-11 03:51:06 +08:00
}
break ;
2023-08-14 12:24:27 +08:00
case 'notifications' :
if ( $admin [ 'user_type' ] != 'Admin' and $admin [ 'user_type' ] != 'Sales' ) {
r2 ( U . " dashboard " , 'e' , $_L [ 'Do_Not_Access' ]);
}
run_hook ( 'view_notifications' ); #HOOK
2023-08-30 10:55:39 +08:00
if ( file_exists ( " system/uploads/notifications.json " )) {
2023-08-14 12:24:27 +08:00
$ui -> assign ( '_json' , json_decode ( file_get_contents ( 'system/uploads/notifications.json' ), true ));
2023-08-30 10:55:39 +08:00
} else {
2023-08-14 12:24:27 +08:00
$ui -> assign ( '_json' , json_decode ( file_get_contents ( 'system/uploads/notifications.default.json' ), true ));
}
2023-08-24 12:35:23 +08:00
$ui -> assign ( '_default' , json_decode ( file_get_contents ( 'system/uploads/notifications.default.json' ), true ));
2023-08-14 12:24:27 +08:00
$ui -> display ( 'app-notifications.tpl' );
break ;
case 'notifications-post' :
file_put_contents ( " system/uploads/notifications.json " , json_encode ( $_POST ));
r2 ( U . 'settings/notifications' , 's' , $_L [ 'Settings_Saved_Successfully' ]);
break ;
2017-03-11 03:51:06 +08:00
case 'dbstatus' :
2021-11-08 20:56:30 +08:00
if ( $admin [ 'user_type' ] != 'Admin' ) {
r2 ( U . " dashboard " , 'e' , $_L [ 'Do_Not_Access' ]);
}
$dbc = new mysqli ( $db_host , $db_user , $db_password , $db_name );
2017-03-11 03:51:06 +08:00
if ( $result = $dbc -> query ( 'SHOW TABLE STATUS' )) {
$tables = array ();
2021-11-08 20:56:30 +08:00
while ( $row = $result -> fetch_array ()) {
2023-10-27 11:36:10 +08:00
$tables [ $row [ 'Name' ]][ 'rows' ] = ORM :: for_table ( $row [ " Name " ]) -> count ();
2021-11-08 20:56:30 +08:00
$tables [ $row [ 'Name' ]][ 'name' ] = $row [ " Name " ];
2017-03-11 03:51:06 +08:00
}
2021-11-08 20:56:30 +08:00
$ui -> assign ( 'tables' , $tables );
2022-09-18 01:00:40 +08:00
run_hook ( 'view_database' ); #HOOK
2021-11-08 20:56:30 +08:00
$ui -> display ( 'dbstatus.tpl' );
2017-03-11 03:51:06 +08:00
}
break ;
case 'dbbackup' :
2021-11-08 20:56:30 +08:00
if ( $admin [ 'user_type' ] != 'Admin' ) {
r2 ( U . " dashboard " , 'e' , $_L [ 'Do_Not_Access' ]);
}
2023-10-27 11:36:10 +08:00
$tables = $_POST [ 'tables' ];
set_time_limit ( - 1 );
header ( 'Pragma: public' );
header ( 'Expires: 0' );
header ( 'Cache-Control: must-revalidate, post-check=0, pre-check=0' );
header ( 'Content-Type: application/force-download' );
header ( 'Content-Type: application/octet-stream' );
header ( 'Content-Type: application/download' );
header ( 'Content-Disposition: attachment;filename="phpnuxbill_' . count ( $tables ) . '_tables_' . date ( 'Y-m-d_H_i' ) . '.json"' );
header ( 'Content-Transfer-Encoding: binary' );
$array = [];
foreach ( $tables as $table ) {
$array [ $table ] = ORM :: for_table ( $table ) -> find_array ();
}
echo json_encode ( $array );
break ;
case 'dbrestore' :
if ( $admin [ 'user_type' ] != 'Admin' ) {
r2 ( U . " dashboard " , 'e' , $_L [ 'Do_Not_Access' ]);
}
if ( file_exists ( $_FILES [ 'json' ][ 'tmp_name' ])) {
$suc = 0 ;
$fal = 0 ;
$json = json_decode ( file_get_contents ( $_FILES [ 'json' ][ 'tmp_name' ]), true );
foreach ( $json as $table => $records ) {
ORM :: raw_execute ( " TRUNCATE $table ; " );
foreach ( $records as $rec ) {
$t = ORM :: for_table ( $table ) -> create ();
foreach ( $rec as $k => $v ) {
if ( $k != 'id' ) {
$t -> set ( $k , $v );
}
}
if ( $t -> save ()) {
$suc ++ ;
} else {
$fal ++ ;
2017-03-11 03:51:06 +08:00
}
}
}
2023-10-27 11:36:10 +08:00
if ( file_exists ( $_FILES [ 'json' ][ 'tmp_name' ])) unlink ( $_FILES [ 'json' ][ 'tmp_name' ]);
r2 ( U . " settings/dbstatus " , 's' , " Restored $suc success $fal failed " );
} else {
r2 ( U . " settings/dbstatus " , 'e' , 'Upload failed' );
2017-03-11 03:51:06 +08:00
}
break ;
case 'language' :
2021-11-08 20:56:30 +08:00
if ( $admin [ 'user_type' ] != 'Admin' ) {
r2 ( U . " dashboard " , 'e' , $_L [ 'Do_Not_Access' ]);
}
2022-09-18 01:00:40 +08:00
run_hook ( 'view_add_language' ); #HOOK
2017-03-11 03:51:06 +08:00
$ui -> display ( 'language-add.tpl' );
break ;
2021-11-08 20:56:30 +08:00
2017-03-11 03:51:06 +08:00
case 'lang-post' :
$name = _post ( 'name' );
$folder = _post ( 'folder' );
2021-11-08 20:56:30 +08:00
$translator = _post ( 'translator' );
if ( $name == '' or $folder == '' ) {
$msg .= $_L [ 'All_field_is_required' ] . '<br>' ;
}
$d = ORM :: for_table ( 'tbl_language' ) -> where ( 'name' , $name ) -> find_one ();
if ( $d ) {
$msg .= $_L [ 'Lang_already_exist' ] . '<br>' ;
}
2022-09-18 01:00:40 +08:00
run_hook ( 'save_language' ); #HOOK
2021-11-08 20:56:30 +08:00
if ( $msg == '' ) {
$b = ORM :: for_table ( 'tbl_language' ) -> create ();
2017-03-11 03:51:06 +08:00
$b -> name = $name ;
$b -> folder = $folder ;
2021-11-08 20:56:30 +08:00
$b -> author = $translator ;
2017-03-11 03:51:06 +08:00
$b -> save ();
2021-11-08 20:56:30 +08:00
r2 ( U . 'settings/localisation' , 's' , $_L [ 'Created_Successfully' ]);
} else {
2017-03-11 03:51:06 +08:00
r2 ( U . 'settings/language' , 'e' , $msg );
}
break ;
2021-11-08 20:56:30 +08:00
2017-03-11 03:51:06 +08:00
default :
2023-09-27 16:01:48 +08:00
$ui -> display ( 'a404.tpl' );
2021-11-08 20:56:30 +08:00
}
