hotspotbilling/phpnuxbill
1
1
Fork 0
mirror of https://github.com/hotspotbilling/phpnuxbill.git synced 2024-09-20 14:56:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

creating API, Work in Progress

Browse source
This commit is contained in:
Ibnu Maksum 2024-02-19 16:28:55 +07:00
parent ade714e2ae
commit fe082258cd
No known key found for this signature in database
GPG key ID: 7FC82848810579E5
8 changed files with 465 additions and 302 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

73
init.php
View file

@ -67,6 +67,7 @@ if ($_app_stage != 'Live') {
ORM::configure('logging', true);
}
define('U', APP_URL . '/index.php?_route=');
// notification message
if (file_exists($root_path . File::pathFixer("system/uploads/notifications.json"))) {
@ -151,4 +152,74 @@ function _req($param, $defvalue = '')
} else {
return safedata($_REQUEST[$param]);
}
}
}
function _auth($login = true)
{
if (User::getID()) {
return true;
} else {
if ($login) {
r2(U . 'login');
} else {
return false;
}
}
}
function _admin($login = true)
{
if (Admin::getID()) {
return true;
} else {
if ($login) {
r2(U . 'login');
} else {
return false;
}
}
}
function _log($description, $type = '', $userid = '0')
{
$d = ORM::for_table('tbl_logs')->create();
$d->date = date('Y-m-d H:i:s');
$d->type = $type;
$d->description = $description;
$d->userid = $userid;
$d->ip = $_SERVER["REMOTE_ADDR"];
$d->save();
}
function Lang($key)
{
return Lang::T($key);
}
function alphanumeric($str, $tambahan = "")
{
return preg_replace("/[^a-zA-Z0-9" . $tambahan . "]+/", "", $str);
}
function sendTelegram($txt)
{
Message::sendTelegram($txt);
}
function sendSMS($phone, $txt)
{
Message::sendSMS($phone, $txt);
}
function sendWhatsapp($phone, $txt)
{
Message::sendWhatsapp($phone, $txt);
}
if(!isset($api_secret)){
$api_secret = $db_password;
}

105
system/api.php Normal file
View file

@ -0,0 +1,105 @@
<?php
/**
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
* by https://t.me/ibnux
*
* This File is for API Access
**/
if ($_SERVER['REQUEST_METHOD'] === "OPTIONS" || $_SERVER['REQUEST_METHOD'] === "HEAD") {
header('Access-Control-Allow-Origin: *');
header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization");
header("HTTP/1.1 200 OK");
die();
}
include "../init.php";
$isApi = true;
// Dummy Class
$ui = new class($key)
{
var $assign = [];
function display($key)
{
}
function assign($key, $value)
{
$this->assign[$key] = $value;
}
function get($key, )
{
if(isset($this->assign[$key])){
return $this->assign[$key];
}
return '';
}
};
$req = _get('r');
# a/c.id.time.md5
# md5(a/c.id.time.$api_secret)
$token = _get('token');
$routes = explode('/', $req);
$handler = $routes[0];
if ($handler == '') {
$handler = 'default';
}
if(empty($token)){
showResult(false, Lang::T("Token is invalid"));
}
if($token == $config['api_key']){
$admin = ORM::for_table('tbl_users')->where('user_type','SuperAdmin')->find_one($id);
if(empty($admin)){
$admin = ORM::for_table('tbl_users')->where('user_type','Admin')->find_one($id);
if(empty($admin)){
showResult(false, Lang::T("Token is invalid"));
}
}
}else{
# validate token
list($tipe, $uid, $time, $md5) = explode('.', $token);
if ($md5 != md5($uid . '.' . $time . '.' . $api_secret)) {
showResult(false, Lang::T("Token is invalid"));
}
#cek token expiration
if ($time != 0 && time() > $time) {
showResult(false, Lang::T("Token Expired"), [], ['login' => true]);
}
if($tipe=='a'){
$_SESSION['aid'] = $uid;
}else if($tipe=='c'){
$_SESSION['uid'] = $uid;
}else{
showResult(false, Lang::T("Unknown Token"), [], ['login' => true]);
}
}
if($handler == 'isValid'){
showResult(true, Lang::T("Token is valid"));
}
function showResult($success, $message = '', $result = [], $meta = [])
{
header("Content-Type: Application/json; charset=utf-8");
die(json_encode(array('success' => $success, 'message' => $message, 'result' => $result, 'meta' => $meta)));
}
try {
$sys_render = File::pathFixer($root_path.'system/controllers/' . $handler . '.php');
if (file_exists($sys_render)) {
include($sys_render);
}else{
showResult(false, Lang::T('Command not found'));
}
} catch (Exception $e) {
showResult(false, $e->getMessage());
}

67
system/boot.php
View file

@ -80,7 +80,6 @@ $ui->setConfigDir(File::pathFixer('ui/conf/'));
$ui->setCacheDir(File::pathFixer('ui/cache/'));
$ui->assign('app_url', APP_URL);
$ui->assign('_domain', str_replace('www.', '', parse_url(APP_URL, PHP_URL_HOST)));
define('U', APP_URL . '/index.php?_route=');
$ui->assign('_url', APP_URL . '/index.php?_route=');
$ui->assign('_path', __DIR__);
$ui->assign('_c', $config);
@ -102,70 +101,6 @@ if (isset($_SESSION['notify'])) {
unset($_SESSION['ntype']);
}
function _auth($login = true)
{
if (User::getID()) {
return true;
} else {
if ($login) {
r2(U . 'login');
} else {
return false;
}
}
}
function _admin($login = true)
{
if (Admin::getID()) {
return true;
} else {
if ($login) {
r2(U . 'login');
} else {
return false;
}
}
}
function _log($description, $type = '', $userid = '0')
{
$d = ORM::for_table('tbl_logs')->create();
$d->date = date('Y-m-d H:i:s');
$d->type = $type;
$d->description = $description;
$d->userid = $userid;
$d->ip = $_SERVER["REMOTE_ADDR"];
$d->save();
}
function Lang($key)
{
return Lang::T($key);
}
function alphanumeric($str, $tambahan = "")
{
return preg_replace("/[^a-zA-Z0-9" . $tambahan . "]+/", "", $str);
}
function sendTelegram($txt)
{
Message::sendTelegram($txt);
}
function sendSMS($phone, $txt)
{
Message::sendSMS($phone, $txt);
}
function sendWhatsapp($phone, $txt)
{
Message::sendWhatsapp($phone, $txt);
}
// Routing Engine
$req = _get('_route');
@ -176,7 +111,7 @@ if ($handler == '') {
$handler = 'default';
}
try {
$sys_render = File::pathFixer('system/controllers/' . $handler . '.php');
$sys_render = $root_path.File::pathFixer('system/controllers/' . $handler . '.php');
if (file_exists($sys_render)) {
$menus = array();
// "name" => $name,

115
system/controllers/prepaid.php
View file

@ -60,23 +60,28 @@ switch ($action) {
}
$log .= "DONE : $plan[username], $plan[namebp], $plan[type], $plan[routers]<br>";
}
if ($isApi) {
showResult(true, $log);
}
r2(U . 'prepaid/list', 's', $log);
case 'list':
$ui->assign('xfooter', '<script type="text/javascript" src="ui/lib/c/prepaid.js"></script>');
$ui->assign('_title', Lang::T('Customer'));
$username = _post('username');
if ($username != '') {
$paginator = Paginator::build(ORM::for_table('tbl_user_recharges'), ['username' => '%' . $username . '%'], $username);
$d = ORM::for_table('tbl_user_recharges')->where_like('username', '%' . $username . '%')->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_desc('id')->find_many();
$search = _post('search');
if ($search != '') {
$paginator = Paginator::build(ORM::for_table('tbl_user_recharges'), ['username' => '%' . $search . '%'], $search);
$d = ORM::for_table('tbl_user_recharges')->where_like('username', '%' . $search . '%')->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_desc('id')->find_many();
} else {
$paginator = Paginator::build(ORM::for_table('tbl_user_recharges'));
$d = ORM::for_table('tbl_user_recharges')->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_desc('id')->find_many();
$d = ORM::for_table('tbl_user_recharges')->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_desc('id')->find_array();
}
$ui->assign('d', $d);
$ui->assign('cari', $username);
$ui->assign('paginator', $paginator);
run_hook('view_list_billing'); #HOOK
if ($isApi) {
showResult(true, $action, $d, ['search' => $search]);
}
$ui->assign('d', $d);
$ui->assign('search', $search);
$ui->assign('paginator', $paginator);
$ui->display('prepaid.tpl');
break;
@ -157,9 +162,9 @@ switch ($action) {
case 'print':
$content = $_POST['content'];
if(!empty($content)){
if (!empty($content)) {
$ui->assign('content', $content);
}else{
} else {
$id = _post('id');
$d = ORM::for_table('tbl_transactions')->where('id', $id)->find_one();
$ui->assign('in', $d);
@ -246,18 +251,18 @@ switch ($action) {
//$d->recharged_on = $recharged_on;
$d->expiration = $expiration;
$d->time = $time;
if($d['status'] == 'off'){
if(strtotime($expiration.' '.$time) > time()){
if ($d['status'] == 'off') {
if (strtotime($expiration . ' ' . $time) > time()) {
$d->status = 'on';
}
}
if($p['is_radius']){
if ($p['is_radius']) {
$d->routers = 'radius';
}else{
} else {
$d->routers = $p['routers'];
}
$d->save();
if($d['status'] == 'on'){
if ($d['status'] == 'on') {
Package::changeTo($username, $id_plan, $id);
}
_log('[' . $admin['username'] . ']: ' . 'Edit Plan for Customer ' . $d['username'] . ' to [' . $d['namebp'] . '][' . Lang::moneyFormat($p['price']) . ']', $admin['user_type'], $admin['id']);
@ -290,23 +295,23 @@ switch ($action) {
// extract admin
$admins = [];
foreach ($d as $k) {
if(!empty($k['generated_by'])){
if (!empty($k['generated_by'])) {
$admins[] = $k['generated_by'];
}
}
if(count($admins) > 0){
if (count($admins) > 0) {
$adms = ORM::for_table('tbl_users')->where_in('id', $admins)->find_many();
unset($admins);
foreach($adms as $adm){
foreach ($adms as $adm) {
$tipe = $adm['user_type'];
if($tipe == 'Sales'){
if ($tipe == 'Sales') {
$tipe = ' [S]';
}else if($tipe == 'Agent'){
} else if ($tipe == 'Agent') {
$tipe = ' [A]';
}else{
} else {
$tipe == '';
}
$admins[$adm['id']] = $adm['fullname'].$tipe;
$admins[$adm['id']] = $adm['fullname'] . $tipe;
}
}
$ui->assign('admins', $admins);
@ -337,12 +342,12 @@ switch ($action) {
if ($d) {
$jml = 0;
foreach ($d as $v) {
if(!ORM::for_table('tbl_user_recharges')->where_equal("method",'Voucher - '.$v['code'])->findOne()){
if (!ORM::for_table('tbl_user_recharges')->where_equal("method", 'Voucher - ' . $v['code'])->findOne()) {
$v->delete();
$jml++;
}
}
r2(U . 'prepaid/voucher', 's', "$jml ".Lang::T('Data Deleted Successfully'));
r2(U . 'prepaid/voucher', 's', "$jml " . Lang::T('Data Deleted Successfully'));
}
case 'print-voucher':
$from_id = _post('from_id');
@ -463,7 +468,7 @@ switch ($action) {
$msg .= 'The Length Code must be a number' . '<br>';
}
if ($msg == '') {
if(!empty($prefix)){
if (!empty($prefix)) {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'voucher_prefix')->find_one();
if ($d) {
$d->value = $prefix;
@ -487,14 +492,14 @@ switch ($action) {
$d->type = $type;
$d->routers = $server;
$d->id_plan = $plan;
$d->code = $prefix.$code;
$d->code = $prefix . $code;
$d->user = '0';
$d->status = '0';
$d->generated_by = $admin['id'];
$d->save();
}
if($numbervoucher == 1){
r2(U . 'prepaid/voucher-view/'.$d->id(), 's', Lang::T('Create Vouchers Successfully'));
if ($numbervoucher == 1) {
r2(U . 'prepaid/voucher-view/' . $d->id(), 's', Lang::T('Create Vouchers Successfully'));
}
r2(U . 'prepaid/voucher', 's', Lang::T('Create Vouchers Successfully'));
@ -506,41 +511,41 @@ switch ($action) {
case 'voucher-view':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
$voucher = ORM::for_table('tbl_voucher')->find_one($id);
}else{
} else {
$voucher = ORM::for_table('tbl_voucher')->where('generated_by', $admin['id'])->find_one($id);
}
$plan = ORM::for_table('tbl_plans')->find_one($d['id_plan']);
if ($voucher && $plan) {
$content = Lang::pad($config['CompanyName'],' ', 2)."\n";
$content .= Lang::pad($config['address'],' ', 2)."\n";
$content .= Lang::pad($config['phone'],' ', 2)."\n";
$content .= Lang::pad("", '=')."\n";
$content .= Lang::pads('ID', $voucher['id'], ' ')."\n";
$content .= Lang::pads(Lang::T('Code'), $voucher['code'], ' ')."\n";
$content .= Lang::pads(Lang::T('Plan Name'), $plan['name_plan'], ' ')."\n";
$content .= Lang::pads(Lang::T('Type'), $voucher['type'], ' ')."\n";
$content .= Lang::pads(Lang::T('Plan Price'), Lang::moneyFormat($plan['price']), ' ')."\n";
$content .= Lang::pads(Lang::T('Sales'), $admin['fullname'].' #'.$admin['id'], ' ')."\n";
$content .= Lang::pad("", '=')."\n";
$content .= Lang::pad($config['note'],' ', 2)."\n";
$content = Lang::pad($config['CompanyName'], ' ', 2) . "\n";
$content .= Lang::pad($config['address'], ' ', 2) . "\n";
$content .= Lang::pad($config['phone'], ' ', 2) . "\n";
$content .= Lang::pad("", '=') . "\n";
$content .= Lang::pads('ID', $voucher['id'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Code'), $voucher['code'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Plan Name'), $plan['name_plan'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Type'), $voucher['type'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Plan Price'), Lang::moneyFormat($plan['price']), ' ') . "\n";
$content .= Lang::pads(Lang::T('Sales'), $admin['fullname'] . ' #' . $admin['id'], ' ') . "\n";
$content .= Lang::pad("", '=') . "\n";
$content .= Lang::pad($config['note'], ' ', 2) . "\n";
$ui->assign('print', $content);
$config['printer_cols'] = 30;
$content = Lang::pad($config['CompanyName'],' ', 2)."\n";
$content .= Lang::pad($config['address'],' ', 2)."\n";
$content .= Lang::pad($config['phone'],' ', 2)."\n";
$content .= Lang::pad("", '=')."\n";
$content .= Lang::pads('ID', $voucher['id'], ' ')."\n";
$content .= Lang::pads(Lang::T('Code'), $voucher['code'], ' ')."\n";
$content .= Lang::pads(Lang::T('Plan Name'), $plan['name_plan'], ' ')."\n";
$content .= Lang::pads(Lang::T('Type'), $voucher['type'], ' ')."\n";
$content .= Lang::pads(Lang::T('Plan Price'), Lang::moneyFormat($plan['price']), ' ')."\n";
$content .= Lang::pads(Lang::T('Sales'), $admin['fullname'].' #'.$admin['id'], ' ')."\n";
$content .= Lang::pad("", '=')."\n";
$content .= Lang::pad($config['note'],' ', 2)."\n";
$content = Lang::pad($config['CompanyName'], ' ', 2) . "\n";
$content .= Lang::pad($config['address'], ' ', 2) . "\n";
$content .= Lang::pad($config['phone'], ' ', 2) . "\n";
$content .= Lang::pad("", '=') . "\n";
$content .= Lang::pads('ID', $voucher['id'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Code'), $voucher['code'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Plan Name'), $plan['name_plan'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Type'), $voucher['type'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Plan Price'), Lang::moneyFormat($plan['price']), ' ') . "\n";
$content .= Lang::pads(Lang::T('Sales'), $admin['fullname'] . ' #' . $admin['id'], ' ') . "\n";
$content .= Lang::pad("", '=') . "\n";
$content .= Lang::pad($config['note'], ' ', 2) . "\n";
$ui->assign('_title', Lang::T('View'));
$ui->assign('wa', urlencode("```$content```"));
$ui->display('voucher-view.tpl');
}else{
} else {
r2(U . 'prepaid/voucher/', 'e', Lang::T('Voucher Not Found'));
}
break;

359
system/controllers/settings.php
View file

@ -62,6 +62,20 @@ switch ($action) {
} else {
$php = 'php';
}
if (empty($config['api_key'])) {
$config['api_key'] = sha1(uniqid(rand(), true));
$d = ORM::for_table('tbl_appconfig')->where('setting', 'api_key')->find_one();
if ($d) {
$d->value = $config['api_key'];
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'api_key';
$d->value = $config['api_key'];
$d->save();
}
}
$ui->assign('_c', $config);
$ui->assign('php', $php);
$ui->assign('dir', str_replace('controllers', '', __DIR__));
$ui->assign('themes', $themes);
@ -69,6 +83,72 @@ switch ($action) {
$ui->display('app-settings.tpl');
break;
case 'app-post':
$company = _post('CompanyName');
run_hook('save_settings'); #HOOK
if (!empty($_FILES['logo']['name'])) {
if (function_exists('imagecreatetruecolor')) {
if (file_exists('system/uploads/logo.png')) unlink('system/uploads/logo.png');
File::resizeCropImage($_FILES['logo']['tmp_name'], 'system/uploads/logo.png', 1078, 200, 100);
if (file_exists($_FILES['logo']['tmp_name'])) unlink($_FILES['logo']['tmp_name']);
} else {
r2(U . 'settings/app', 'e', 'PHP GD is not installed');
}
}
if ($company == '') {
r2(U . 'settings/app', 'e', Lang::T('All field is required'));
} else {
if ($radius_enable) {
try {
Radius::getTableNas()->find_many();
} catch (Exception $e) {
$ui->assign("error_title", "RADIUS Error");
$ui->assign("error_message", "Radius table not found.<br><br>" .
$e->getMessage() .
"<br><br>Download <a href=\"https://raw.githubusercontent.com/hotspotbilling/phpnuxbill/Development/install/radius.sql\">here</a> or <a href=\"https://raw.githubusercontent.com/hotspotbilling/phpnuxbill/master/install/radius.sql\">here</a> and import it to database.<br><br>Check config.php for radius connection details");
$ui->display('router-error.tpl');
die();
}
}
// save all settings
foreach ($_POST as $key => $value) {
$d = ORM::for_table('tbl_appconfig')->where('setting', $key)->find_one();
if ($d) {
$d->value = $value;
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = $key;
$d->value = $value;
$d->save();
}
}
//checkbox
$checks = ['hide_mrc', 'hide_tms', 'hide_aui', 'hide_al', 'hide_uet', 'hide_vs', 'hide_pg'];
foreach ($checks as $check) {
if (!isset($_POST[$check])) {
$d = ORM::for_table('tbl_appconfig')->where('setting', $check)->find_one();
if ($d) {
$d->value = 'no';
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = $check;
$d->value = 'no';
$d->save();
}
}
}
_log('[' . $admin['username'] . ']: ' . Lang::T('Settings Saved Successfully'), $admin['user_type'], $admin['id']);
r2(U . 'settings/app', 's', Lang::T('Settings Saved Successfully'));
}
break;
case 'localisation':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
@ -96,6 +176,93 @@ switch ($action) {
$ui->display('app-localisation.tpl');
break;
case 'localisation-post':
$tzone = _post('tzone');
$date_format = _post('date_format');
$country_code_phone = _post('country_code_phone');
$lan = _post('lan');
run_hook('save_localisation'); #HOOK
if ($tzone == '' or $date_format == '' or $lan == '') {
r2(U . 'settings/app', 'e', Lang::T('All field is required'));
} else {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'timezone')->find_one();
$d->value = $tzone;
$d->save();
$d = ORM::for_table('tbl_appconfig')->where('setting', 'date_format')->find_one();
$d->value = $date_format;
$d->save();
$dec_point = $_POST['dec_point'];
if (strlen($dec_point) == '1') {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'dec_point')->find_one();
$d->value = $dec_point;
$d->save();
}
$thousands_sep = $_POST['thousands_sep'];
if (strlen($thousands_sep) == '1') {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'thousands_sep')->find_one();
$d->value = $thousands_sep;
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'country_code_phone')->find_one();
if ($d) {
$d->value = $country_code_phone;
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'country_code_phone';
$d->value = $country_code_phone;
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'radius_plan')->find_one();
if ($d) {
$d->value = _post('radius_plan');
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'radius_plan';
$d->value = _post('radius_plan');
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'hotspot_plan')->find_one();
if ($d) {
$d->value = _post('hotspot_plan');
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'hotspot_plan';
$d->value = _post('hotspot_plan');
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'pppoe_plan')->find_one();
if ($d) {
$d->value = _post('pppoe_plan');
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'pppoe_plan';
$d->value = _post('pppoe_plan');
$d->save();
}
$currency_code = $_POST['currency_code'];
$d = ORM::for_table('tbl_appconfig')->where('setting', 'currency_code')->find_one();
$d->value = $currency_code;
$d->save();
$d = ORM::for_table('tbl_appconfig')->where('setting', 'language')->find_one();
$d->value = $lan;
$d->save();
unset($_SESSION['Lang']);
_log('[' . $admin['username'] . ']: ' . Lang::T('Settings Saved Successfully'), $admin['user_type'], $admin['id']);
r2(U . 'settings/localisation', 's', Lang::T('Settings Saved Successfully'));
}
break;
case 'users':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
@ -107,7 +274,7 @@ switch ($action) {
$d = ORM::for_table('tbl_users')
->where_like('username', '%' . $search . '%')
->offset($paginator['startpoint'])
->limit($paginator['limit'])->order_by_asc('id')->find_many();
->limit($paginator['limit'])->order_by_asc('id')->findArray();
} else if ($admin['user_type'] == 'Admin') {
$paginator = Paginator::build(ORM::for_table('tbl_users'), [
'username' => '%' . $search . '%',
@ -123,7 +290,7 @@ switch ($action) {
['user_type' => 'Sales']
])
->offset($paginator['startpoint'])
->limit($paginator['limit'])->order_by_asc('id')->find_many();
->limit($paginator['limit'])->order_by_asc('id')->findArray();
} else {
$paginator = Paginator::build(ORM::for_table('tbl_users'), ['username' => '%' . $search . '%'], $search);
$d = ORM::for_table('tbl_users')
@ -133,19 +300,19 @@ switch ($action) {
['root' => $admin['id']]
])
->offset($paginator['startpoint'])
->limit($paginator['limit'])->order_by_asc('id')->find_many();
->limit($paginator['limit'])->order_by_asc('id')->findArray();
}
} else {
if ($admin['user_type'] == 'SuperAdmin') {
$paginator = Paginator::build(ORM::for_table('tbl_users'));
$d = ORM::for_table('tbl_users')->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_asc('id')->find_many();
$d = ORM::for_table('tbl_users')->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_asc('id')->findArray();
} else if ($admin['user_type'] == 'Admin') {
$paginator = Paginator::build(ORM::for_table('tbl_users'));
$d = ORM::for_table('tbl_users')->where_any_is([
['user_type' => 'Report'],
['user_type' => 'Agent'],
['user_type' => 'Sales']
])->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_asc('id')->find_many();
])->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_asc('id')->findArray();
} else {
$paginator = Paginator::build(ORM::for_table('tbl_users'));
$d = ORM::for_table('tbl_users')
@ -153,7 +320,7 @@ switch ($action) {
['id' => $admin['id']],
['root' => $admin['id']]
])
->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_asc('id')->find_many();
->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_asc('id')->findArray();
}
}
$admins = [];
@ -163,12 +330,18 @@ switch ($action) {
}
}
if (count($admins) > 0) {
$adms = ORM::for_table('tbl_users')->where_in('id', $admins)->find_many();
$adms = ORM::for_table('tbl_users')->where_in('id', $admins)->findArray();
unset($admins);
foreach ($adms as $adm) {
$admins[$adm['id']] = $adm['fullname'];
}
}
if ($isApi) {
showResult(true, $action, [
'admins' => $d,
'roots' => $admins
], ['search' => $search]);
}
$ui->assign('admins', $admins);
$ui->assign('d', $d);
$ui->assign('search', $search);
@ -193,22 +366,31 @@ switch ($action) {
}
//allow see himself
if ($admin['id'] == $id) {
$d = ORM::for_table('tbl_users')->find_one($id);
$d = ORM::for_table('tbl_users')->where('id', $id)->find_array($id)[0];
} else {
if (in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
// Super Admin can see anyone
$d = ORM::for_table('tbl_users')->find_one($id);
$d = ORM::for_table('tbl_users')->where('id', $id)->find_array()[0];
} else if ($admin['user_type'] == 'Agent') {
// Agent can see Sales
$d = ORM::for_table('tbl_users')->where('root', $admin['id'])->find_one($id);
$d = ORM::for_table('tbl_users')->where_any_is([['root' => $admin['id']], ['id' => $id]])->find_array()[0];
}
}
if ($d) {
run_hook('view_edit_admin'); #HOOK
if ($d['user_type'] == 'Sales') {
$ui->assign('agent', ORM::for_table('tbl_users')->find_one($d['root']));
$ui->assign('agent', ORM::for_table('tbl_users')->where('id', $d['root'])->find_array()[0]);
}
if ($isApi) {
unset($d['password']);
$agent = $ui->get('agent');
if($agent) unset($agent['password']);
showResult(true, $action, [
'admin' => $d,
'agent' => $agent
], ['search' => $search]);
}
$ui->assign('d', $d);
run_hook('view_edit_admin'); #HOOK
$ui->assign('_title', $d['username']);
$ui->display('users-view.tpl');
} else {
@ -427,159 +609,6 @@ switch ($action) {
}
break;
case 'app-post':
$company = _post('CompanyName');
run_hook('save_settings'); #HOOK
if (!empty($_FILES['logo']['name'])) {
if (function_exists('imagecreatetruecolor')) {
if (file_exists('system/uploads/logo.png')) unlink('system/uploads/logo.png');
File::resizeCropImage($_FILES['logo']['tmp_name'], 'system/uploads/logo.png', 1078, 200, 100);
if (file_exists($_FILES['logo']['tmp_name'])) unlink($_FILES['logo']['tmp_name']);
} else {
r2(U . 'settings/app', 'e', 'PHP GD is not installed');
}
}
if ($company == '') {
r2(U . 'settings/app', 'e', Lang::T('All field is required'));
} else {
if ($radius_enable) {
try {
Radius::getTableNas()->find_many();
} catch (Exception $e) {
$ui->assign("error_title", "RADIUS Error");
$ui->assign("error_message", "Radius table not found.<br><br>" .
$e->getMessage() .
"<br><br>Download <a href=\"https://raw.githubusercontent.com/hotspotbilling/phpnuxbill/Development/install/radius.sql\">here</a> or <a href=\"https://raw.githubusercontent.com/hotspotbilling/phpnuxbill/master/install/radius.sql\">here</a> and import it to database.<br><br>Check config.php for radius connection details");
$ui->display('router-error.tpl');
die();
}
}
// save all settings
foreach ($_POST as $key => $value) {
$d = ORM::for_table('tbl_appconfig')->where('setting', $key)->find_one();
if ($d) {
$d->value = $value;
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = $key;
$d->value = $value;
$d->save();
}
}
//checkbox
$checks = ['hide_mrc', 'hide_tms', 'hide_aui', 'hide_al', 'hide_uet', 'hide_vs', 'hide_pg'];
foreach ($checks as $check) {
if (!isset($_POST[$check])) {
$d = ORM::for_table('tbl_appconfig')->where('setting', $check)->find_one();
if ($d) {
$d->value = 'no';
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = $check;
$d->value = 'no';
$d->save();
}
}
}
_log('[' . $admin['username'] . ']: ' . Lang::T('Settings Saved Successfully'), $admin['user_type'], $admin['id']);
r2(U . 'settings/app', 's', Lang::T('Settings Saved Successfully'));
}
break;
case 'localisation-post':
$tzone = _post('tzone');
$date_format = _post('date_format');
$country_code_phone = _post('country_code_phone');
$lan = _post('lan');
run_hook('save_localisation'); #HOOK
if ($tzone == '' or $date_format == '' or $lan == '') {
r2(U . 'settings/app', 'e', Lang::T('All field is required'));
} else {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'timezone')->find_one();
$d->value = $tzone;
$d->save();
$d = ORM::for_table('tbl_appconfig')->where('setting', 'date_format')->find_one();
$d->value = $date_format;
$d->save();
$dec_point = $_POST['dec_point'];
if (strlen($dec_point) == '1') {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'dec_point')->find_one();
$d->value = $dec_point;
$d->save();
}
$thousands_sep = $_POST['thousands_sep'];
if (strlen($thousands_sep) == '1') {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'thousands_sep')->find_one();
$d->value = $thousands_sep;
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'country_code_phone')->find_one();
if ($d) {
$d->value = $country_code_phone;
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'country_code_phone';
$d->value = $country_code_phone;
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'radius_plan')->find_one();
if ($d) {
$d->value = _post('radius_plan');
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'radius_plan';
$d->value = _post('radius_plan');
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'hotspot_plan')->find_one();
if ($d) {
$d->value = _post('hotspot_plan');
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'hotspot_plan';
$d->value = _post('hotspot_plan');
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'pppoe_plan')->find_one();
if ($d) {
$d->value = _post('pppoe_plan');
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'pppoe_plan';
$d->value = _post('pppoe_plan');
$d->save();
}
$currency_code = $_POST['currency_code'];
$d = ORM::for_table('tbl_appconfig')->where('setting', 'currency_code')->find_one();
$d->value = $currency_code;
$d->save();
$d = ORM::for_table('tbl_appconfig')->where('setting', 'language')->find_one();
$d->value = $lan;
$d->save();
unset($_SESSION['Lang']);
_log('[' . $admin['username'] . ']: ' . Lang::T('Settings Saved Successfully'), $admin['user_type'], $admin['id']);
r2(U . 'settings/localisation', 's', Lang::T('Settings Saved Successfully'));
}
break;
case 'change-password':
run_hook('view_change_password'); #HOOK
$ui->display('change-password.tpl');

3
system/lan/english.json
View file

@ -412,5 +412,6 @@
"Sub_District": "Sub District",
"Ward": "Ward",
"Credentials": "Credentials",
"Agent": "Agent"
"Agent": "Agent",
"This_Token_will_act_as_SuperAdmin_Admin": "This Token will act as SuperAdmin\/Admin"
}

41
ui/ui/app-settings.tpl
View file

@ -53,6 +53,14 @@
<input type="text" class="form-control" id="phone" name="phone" value="{$_c['phone']}">
</div>
</div>
<div class="form-group">
<label class="col-md-2 control-label">{Lang::T('Invoice Footer')}</label>
<div class="col-md-6">
<textarea class="form-control" id="note" name="note"
rows="3">{Lang::htmlspecialchars($_c['note'])}</textarea>
<span class="help-block">{Lang::T('You can use html tag')}</span>
</div>
</div>
<div class="form-group">
<label class="col-md-2 control-label"><i class="glyphicon glyphicon-print"></i> Print Max
Char</label>
@ -95,13 +103,21 @@
</div>
<div class="panel-body">
<div class="form-group">
<label class="col-md-3 control-label"><input type="checkbox" name="hide_mrc" value="yes" {if $_c['hide_mrc'] eq 'yes'}checked{/if}> {Lang::T('Monthly Registered Customers')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_tms" value="yes" {if $_c['hide_tms'] eq 'yes'}checked{/if}> {Lang::T('Total Monthly Sales')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_aui" value="yes" {if $_c['hide_aui'] eq 'yes'}checked{/if}> {Lang::T('All Users Insights')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_al" value="yes" {if $_c['hide_al'] eq 'yes'}checked{/if}> {Lang::T('Activity Log')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_uet" value="yes" {if $_c['hide_uet'] eq 'yes'}checked{/if}> {Lang::T('User Expired, Today')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_vs" value="yes" {if $_c['hide_vs'] eq 'yes'}checked{/if}> Vouchers Stock</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_pg" value="yes" {if $_c['hide_pg'] eq 'yes'}checked{/if}> Payment Gateway</label>
<label class="col-md-3 control-label"><input type="checkbox" name="hide_mrc" value="yes"
{if $_c['hide_mrc'] eq 'yes'}checked{/if}>
{Lang::T('Monthly Registered Customers')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_tms" value="yes"
{if $_c['hide_tms'] eq 'yes'}checked{/if}> {Lang::T('Total Monthly Sales')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_aui" value="yes"
{if $_c['hide_aui'] eq 'yes'}checked{/if}> {Lang::T('All Users Insights')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_al" value="yes"
{if $_c['hide_al'] eq 'yes'}checked{/if}> {Lang::T('Activity Log')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_uet" value="yes"
{if $_c['hide_uet'] eq 'yes'}checked{/if}> {Lang::T('User Expired, Today')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_vs" value="yes"
{if $_c['hide_vs'] eq 'yes'}checked{/if}> Vouchers Stock</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_pg" value="yes"
{if $_c['hide_pg'] eq 'yes'}checked{/if}> Payment Gateway</label>
</div>
</div>
<div class="panel-heading">
@ -399,16 +415,17 @@
<button class="btn btn-primary btn-xs" title="save" type="submit"><span
class="glyphicon glyphicon-floppy-disk" aria-hidden="true"></span></button>
</div>
{Lang::T('Invoice')}
API Key
</div>
<div class="panel-body">
<div class="form-group">
<label class="col-md-2 control-label">{Lang::T('Invoice Footer')}</label>
<label class="col-md-2 control-label">Access Token</label>
<div class="col-md-6">
<textarea class="form-control" id="note" name="note"
rows="3">{Lang::htmlspecialchars($_c['note'])}</textarea>
<span class="help-block">{Lang::T('You can use html tag')}</span>
<input type="password" class="form-control" id="api_key" name="api_key"
value="{$_c['api_key']}" placeholder="Empty this to randomly created API key"
onmouseleave="this.type = 'password'" onmouseenter="this.type = 'text'">
</div>
<p class="col-md-4 help-block">{Lang::T('This Token will act as SuperAdmin/Admin')}</p>
</div>
</div>
<div class="panel-heading">

4
ui/ui/prepaid.tpl
View file

@ -26,8 +26,8 @@
<div class="input-group-addon">
<span class="fa fa-search"></span>
</div>
<input type="text" name="username" class="form-control"
placeholder="{Lang::T('Search by Username')}..." value="{$cari}">
<input type="text" name="search" class="form-control"
placeholder="{Lang::T('Search by Username')}..." value="{$search}">
<div class="input-group-btn">
<button class="btn btn-success" type="submit">{Lang::T('Search')}</button>
</div>