phpnuxbill/system/controllers/login.php

<?php

/**
 *  PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
 *  by https://t.me/ibnux
 **/

if(User::getID()){
    r2(U.'home');
}

if (isset($routes['1'])) {
    $do = $routes['1'];
} else {
    $do = 'login-display';
}

switch ($do) {
    case 'post':
        $username = _post('username');
        $password = _post('password');
        run_hook('customer_login'); #HOOK
        if ($username != '' and $password != '') {
            $d = ORM::for_table('tbl_customers')->where('username', $username)->find_one();
            if ($d) {
                $d_pass = $d['password'];
                if (Password::_uverify($password, $d_pass) == true) {
                    $_SESSION['uid'] = $d['id'];
                    User::setCookie($d['id']);
                    $d->last_login = date('Y-m-d H:i:s');
                    $d->save();
                    _log($username . ' ' . Lang::T('Login Successful'), 'User', $d['id']);
                    _alert(Lang::T('Login Successful'),'success', "home");
                } else {
                    _msglog('e', Lang::T('Invalid Username or Password'));
                    _log($username . ' ' . Lang::T('Failed Login'), 'User');
                    r2(U . 'login');
                }
            } else {
                _msglog('e', Lang::T('Invalid Username or Password'));
                r2(U . 'login');
            }
        } else {
            _msglog('e', Lang::T('Invalid Username or Password'));
            r2(U . 'login');
        }

        break;

    case 'activation':
        $voucher = _post('voucher');
        $username = _post('username');
        $v1 = ORM::for_table('tbl_voucher')->where('code', $voucher)->find_one();
        if ($v1) {
            // voucher exists, check customer exists or not
            $user = ORM::for_table('tbl_customers')->where('username', $username)->find_one();
            if (!$user) {
                $d = ORM::for_table('tbl_customers')->create();
                $d->username = alphanumeric($username, "+_.");
                $d->password = $voucher;
                $d->fullname = '';
                $d->address = '';
                $d->email = '';
                $d->phonenumber = (strlen($username) < 21) ? $username : '';
                if ($d->save()) {
                    $user = ORM::for_table('tbl_customers')->where('username', $username)->find_one($d->id());
                    if (!$user) {
                        r2(U . 'login', 'e', Lang::T('Voucher activation failed'));
                    }
                } else {
                    _alert(Lang::T('Login Successful'),'success', "dashboard");
                    r2(U . 'login', 'e', Lang::T('Voucher activation failed') . '.');
                }
            }
            if ($v1['status'] == 0) {
                $oldPass = $user['password'];
                // change customer password to voucher code
                $user->password = $voucher;
                $user->save();
                // voucher activation
                if (Package::rechargeUser($user['id'], $v1['routers'], $v1['id_plan'], "Voucher", $voucher)) {
                    $v1->status = "1";
                    $v1->user = $user['username'];
                    $v1->save();
                    $user->last_login = date('Y-m-d H:i:s');
                    $user->save();
                    // add customer to mikrotik
                    if (!empty($_SESSION['nux-mac']) && !empty($_SESSION['nux-ip'])) {
                        try {
                            $m = Mikrotik::info($v1['routers']);
                            $c = Mikrotik::getClient($m['ip_address'], $m['username'], $m['password']);
                            Mikrotik::logMeIn($c, $user['username'], $user['password'], $_SESSION['nux-ip'], $_SESSION['nux-mac']);
                            if (!empty($config['voucher_redirect'])) {
                                r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, you are connected to internet"));
                            } else {
                                r2(U . "login", 's', Lang::T("Voucher activation success, you are connected to internet"));
                            }
                        } catch (Exception $e) {
                            if (!empty($config['voucher_redirect'])) {
                                r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, now you can login"));
                            } else {
                                r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
                            }
                        }
                    }
                    if (!empty($config['voucher_redirect'])) {
                        r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, now you can login"));
                    } else {
                        r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
                    }
                } else {
                    // if failed to recharge, restore old password
                    $user->password = $oldPass;
                    $user->save();
                    r2(U . 'login', 'e', Lang::T("Failed to activate voucher"));
                }
            } else {
                // used voucher
                // check if voucher used by this username
                if ($v1['user'] == $user['username']) {
                    $user->last_login = date('Y-m-d H:i:s');
                    $user->save();
                    if (!empty($_SESSION['nux-mac']) && !empty($_SESSION['nux-ip'])) {
                        try {
                            $m = Mikrotik::info($v1['routers']);
                            $c = Mikrotik::getClient($m['ip_address'], $m['username'], $m['password']);
                            Mikrotik::logMeIn($c, $user['username'], $user['password'], $_SESSION['nux-ip'], $_SESSION['nux-mac']);
                            if (!empty($config['voucher_redirect'])) {
                                r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, you are connected to internet"));
                            } else {
                                r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
                            }
                        } catch (Exception $e) {
                            if (!empty($config['voucher_redirect'])) {
                                r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, now you can login"));
                            } else {
                                r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
                            }
                        }
                    } else {
                        if (!empty($config['voucher_redirect'])) {
                            r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, you are connected to internet"));
                        } else {
                            r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
                        }
                    }
                } else {
                    // voucher used by other customer
                    r2(U . 'login', 'e', Lang::T('Voucher Not Valid'));
                }
            }
        } else {
            _msglog('e', Lang::T('Invalid Username or Password'));
            r2(U . 'login');
        }
    default:
        run_hook('customer_view_login'); #HOOK
        if ($config['disable_registration'] == 'yes') {
            $ui->display('user-login-noreg.tpl');
        } else {
            $ui->display('user-login.tpl');
        }
        break;
}
PHPMixBill v5.0 - First Upload 2017-03-11 03:51:06 +08:00			`<?php`
Registration no need has voucher 2022-09-01 15:52:32 +08:00
PHPMixBill v5.0 - First Upload 2017-03-11 03:51:06 +08:00			`/**`
Change credits 2023-10-12 16:55:42 +08:00			`* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)`
			`* by https://t.me/ibnux`
Registration no need has voucher 2022-09-01 15:52:32 +08:00			`**/`
PHPMixBill v5.0 - First Upload 2017-03-11 03:51:06 +08:00
redirect after login 2024-02-27 11:37:41 +08:00			`if(User::getID()){`
			`r2(U.'home');`
			`}`

PHPMixBill v5.0 - First Upload 2017-03-11 03:51:06 +08:00			`if (isset($routes['1'])) {`
			`$do = $routes['1'];`
			`} else {`
			`$do = 'login-display';`
			`}`

Registration no need has voucher 2022-09-01 15:52:32 +08:00			`switch ($do) {`
PHPMixBill v5.0 - First Upload 2017-03-11 03:51:06 +08:00			`case 'post':`
Registration no need has voucher 2022-09-01 15:52:32 +08:00			`$username = _post('username');`
			`$password = _post('password');`
add hook 2022-09-18 01:00:40 +08:00			`run_hook('customer_login'); #HOOK`
Registration no need has voucher 2022-09-01 15:52:32 +08:00			`if ($username != '' and $password != '') {`
			`$d = ORM::for_table('tbl_customers')->where('username', $username)->find_one();`
			`if ($d) {`
			`$d_pass = $d['password'];`
			`if (Password::_uverify($password, $d_pass) == true) {`
			`$_SESSION['uid'] = $d['id'];`
Session using cookie 2024-02-12 10:45:44 +08:00			`User::setCookie($d['id']);`
Registration no need has voucher 2022-09-01 15:52:32 +08:00			`$d->last_login = date('Y-m-d H:i:s');`
			`$d->save();`
Auto Translate Language 2024-02-13 14:54:01 +08:00			`_log($username . ' ' . Lang::T('Login Successful'), 'User', $d['id']);`
Add Alert Page 2024-02-23 15:20:12 +08:00			`_alert(Lang::T('Login Successful'),'success', "home");`
Registration no need has voucher 2022-09-01 15:52:32 +08:00			`} else {`
Auto Translate Language 2024-02-13 14:54:01 +08:00			`_msglog('e', Lang::T('Invalid Username or Password'));`
			`_log($username . ' ' . Lang::T('Failed Login'), 'User');`
Registration no need has voucher 2022-09-01 15:52:32 +08:00			`r2(U . 'login');`
			`}`
			`} else {`
Auto Translate Language 2024-02-13 14:54:01 +08:00			`_msglog('e', Lang::T('Invalid Username or Password'));`
Registration no need has voucher 2022-09-01 15:52:32 +08:00			`r2(U . 'login');`
			`}`
			`} else {`
Auto Translate Language 2024-02-13 14:54:01 +08:00			`_msglog('e', Lang::T('Invalid Username or Password'));`
Registration no need has voucher 2022-09-01 15:52:32 +08:00			`r2(U . 'login');`
			`}`
PHPMixBill v5.0 - First Upload 2017-03-11 03:51:06 +08:00
			`break;`

Disable Registration 2023-12-19 12:35:49 +08:00			`case 'activation':`
			`$voucher = _post('voucher');`
			`$username = _post('username');`
			`$v1 = ORM::for_table('tbl_voucher')->where('code', $voucher)->find_one();`
			`if ($v1) {`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`// voucher exists, check customer exists or not`
Disable Registration 2023-12-19 12:35:49 +08:00			`$user = ORM::for_table('tbl_customers')->where('username', $username)->find_one();`
			`if (!$user) {`
			`$d = ORM::for_table('tbl_customers')->create();`
			`$d->username = alphanumeric($username, "+_.");`
			`$d->password = $voucher;`
			`$d->fullname = '';`
			`$d->address = '';`
			`$d->email = '';`
			`$d->phonenumber = (strlen($username) < 21) ? $username : '';`
			`if ($d->save()) {`
			`$user = ORM::for_table('tbl_customers')->where('username', $username)->find_one($d->id());`
			`if (!$user) {`
			`r2(U . 'login', 'e', Lang::T('Voucher activation failed'));`
			`}`
			`} else {`
Add Alert Page 2024-02-23 15:20:12 +08:00			`_alert(Lang::T('Login Successful'),'success', "dashboard");`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`r2(U . 'login', 'e', Lang::T('Voucher activation failed') . '.');`
Disable Registration 2023-12-19 12:35:49 +08:00			`}`
			`}`
			`if ($v1['status'] == 0) {`
			`$oldPass = $user['password'];`
			`// change customer password to voucher code`
			`$user->password = $voucher;`
			`$user->save();`
			`// voucher activation`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`if (Package::rechargeUser($user['id'], $v1['routers'], $v1['id_plan'], "Voucher", $voucher)) {`
Disable Registration 2023-12-19 12:35:49 +08:00			`$v1->status = "1";`
			`$v1->user = $user['username'];`
			`$v1->save();`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`$user->last_login = date('Y-m-d H:i:s');`
			`$user->save();`
Disable Registration 2023-12-19 12:35:49 +08:00			`// add customer to mikrotik`
			`if (!empty($_SESSION['nux-mac']) && !empty($_SESSION['nux-ip'])) {`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`try {`
detect if radius 2023-12-19 17:00:14 +08:00			`$m = Mikrotik::info($v1['routers']);`
			`$c = Mikrotik::getClient($m['ip_address'], $m['username'], $m['password']);`
			`Mikrotik::logMeIn($c, $user['username'], $user['password'], $_SESSION['nux-ip'], $_SESSION['nux-mac']);`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`if (!empty($config['voucher_redirect'])) {`
detect if radius 2023-12-19 17:00:14 +08:00			`r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, you are connected to internet"));`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`} else {`
detect if radius 2023-12-19 17:00:14 +08:00			`r2(U . "login", 's', Lang::T("Voucher activation success, you are connected to internet"));`
			`}`
			`} catch (Exception $e) {`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`if (!empty($config['voucher_redirect'])) {`
detect if radius 2023-12-19 17:00:14 +08:00			`r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, now you can login"));`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`} else {`
detect if radius 2023-12-19 17:00:14 +08:00			`r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));`
			`}`
Disable Registration 2023-12-19 12:35:49 +08:00			`}`
			`}`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`if (!empty($config['voucher_redirect'])) {`
Disable Registration 2023-12-19 12:35:49 +08:00			`r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, now you can login"));`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`} else {`
Disable Registration 2023-12-19 12:35:49 +08:00			`r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));`
			`}`
			`} else {`
			`// if failed to recharge, restore old password`
			`$user->password = $oldPass;`
			`$user->save();`
			`r2(U . 'login', 'e', Lang::T("Failed to activate voucher"));`
			`}`
			`} else {`
			`// used voucher`
			`// check if voucher used by this username`
			`if ($v1['user'] == $user['username']) {`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`$user->last_login = date('Y-m-d H:i:s');`
			`$user->save();`
Disable Registration 2023-12-19 12:35:49 +08:00			`if (!empty($_SESSION['nux-mac']) && !empty($_SESSION['nux-ip'])) {`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`try {`
detect if radius 2023-12-19 17:00:14 +08:00			`$m = Mikrotik::info($v1['routers']);`
			`$c = Mikrotik::getClient($m['ip_address'], $m['username'], $m['password']);`
			`Mikrotik::logMeIn($c, $user['username'], $user['password'], $_SESSION['nux-ip'], $_SESSION['nux-mac']);`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`if (!empty($config['voucher_redirect'])) {`
detect if radius 2023-12-19 17:00:14 +08:00			`r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, you are connected to internet"));`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`} else {`
detect if radius 2023-12-19 17:00:14 +08:00			`r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));`
			`}`
			`} catch (Exception $e) {`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`if (!empty($config['voucher_redirect'])) {`
detect if radius 2023-12-19 17:00:14 +08:00			`r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, now you can login"));`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`} else {`
detect if radius 2023-12-19 17:00:14 +08:00			`r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));`
			`}`
Disable Registration 2023-12-19 12:35:49 +08:00			`}`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`} else {`
			`if (!empty($config['voucher_redirect'])) {`
Disable Registration 2023-12-19 12:35:49 +08:00			`r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, you are connected to internet"));`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`} else {`
Disable Registration 2023-12-19 12:35:49 +08:00			`r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));`
			`}`
			`}`
			`} else {`
			`// voucher used by other customer`
Auto Translate Language 2024-02-13 14:54:01 +08:00			`r2(U . 'login', 'e', Lang::T('Voucher Not Valid'));`
Disable Registration 2023-12-19 12:35:49 +08:00			`}`
			`}`
			`} else {`
Auto Translate Language 2024-02-13 14:54:01 +08:00			`_msglog('e', Lang::T('Invalid Username or Password'));`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`r2(U . 'login');`
Disable Registration 2023-12-19 12:35:49 +08:00			`}`
PHPMixBill v5.0 - First Upload 2017-03-11 03:51:06 +08:00			`default:`
add hook 2022-09-18 01:00:40 +08:00			`run_hook('customer_view_login'); #HOOK`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`if ($config['disable_registration'] == 'yes') {`
Disable Registration 2023-12-19 12:35:49 +08:00			`$ui->display('user-login-noreg.tpl');`
Delete Used Voucher which not exists in tbl recharges 2024-01-08 17:12:21 +08:00			`} else {`
Disable Registration 2023-12-19 12:35:49 +08:00			`$ui->display('user-login.tpl');`
			`}`
PHPMixBill v5.0 - First Upload 2017-03-11 03:51:06 +08:00			`break;`
			`}`