API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 9th, 2011
231
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 25.95 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /**
  3. *
  4. * @ This file is created by deZender.Net
  5. * @ deZender (PHP5 Decoder for ionCube Encoder)
  6. *
  7. * @ Version : 1.1.3.0
  8. * @ Author : DeZender
  9. * @ Release on : 17.05.2011
  10. * @ Official site : http://DeZender.Net
  11. *
  12. */
  13.  
  14. function clientarea_CCLink() {
  15. global $CONFIG;
  16.  
  17. $result = select_query( 'tblpaymentgateways', 'gateway', array( 'setting' => 'type', 'value' => 'CC' ) );
  18.  
  19. while ($data = mysql_fetch_array( $result )) {
  20. $gateway = $data['gateway'];
  21. require_once( ROOTDIR . ( '' . '/modules/gateways/' . $gateway . '.php' ) );
  22.  
  23. if (function_exists( $gateway . '_remoteupdate' )) {
  24. return true;
  25. }
  26. }
  27.  
  28.  
  29. if ($CONFIG['CCNeverStore']) {
  30. return false;
  31. }
  32.  
  33. $result = select_query( 'tblpaymentgateways', 'COUNT(*)', 'setting=\'type\' AND (value=\'CC\' OR value=\'OfflineCC\')' );
  34. $data = mysql_fetch_array( $result );
  35.  
  36. if ($data[0]) {
  37. return true;
  38. }
  39.  
  40. return false;
  41. }
  42.  
  43. define( 'CLIENTAREA', true );
  44. require( 'dbconnect.php' );
  45. require( 'includes/functions.php' );
  46. require( 'includes/clientareafunctions.php' );
  47. require( 'includes/clientfunctions.php' );
  48. require( 'includes/gatewayfunctions.php' );
  49. require( 'includes/ccfunctions.php' );
  50. require( 'includes/registrarfunctions.php' );
  51. require( 'includes/customfieldfunctions.php' );
  52. require( 'includes/invoicefunctions.php' );
  53. require( 'includes/configoptionsfunctions.php' );
  54.  
  55. if (!is_numeric( $page )) {
  56. $page = 1;
  57. }
  58.  
  59. $pagetitle = $_LANG['clientareatitle'];
  60. $pageicon = 'images/clientarea_big.gif';
  61. $breadcrumbnav = '<a href="index.php">' . $_LANG['globalsystemname'] . '</a> > <a href="clientarea.php">' . $_LANG['clientareatitle'] . '</a>';
  62.  
  63. if ($action == 'details') {
  64. $breadcrumbnav .= ' > <a href="clientarea.php?action=details">' . $_LANG['clientareanavdetails'] . '</a>';
  65. }
  66.  
  67. if ($action == 'hosting') {
  68. $breadcrumbnav .= ' > <a href="clientarea.php?action=hosting">' . $_LANG['clientareanavhosting'] . '</a>';
  69. }
  70.  
  71. if ($action == 'products') {
  72. $breadcrumbnav .= ' > <a href="clientarea.php?action=products">' . $_LANG['clientareaproducts'] . '</a>';
  73. }
  74.  
  75. if (( ( ( ( ( ( $action == 'domains' || $action == 'domaindetails' ) || $action == 'domaincontacts' ) || $action == 'domaindns' ) || $action == 'domainemailforwarding' ) || $action == 'domaingetepp' ) || $action == 'domainrenew' )) {
  76. $breadcrumbnav .= ' > <a href="clientarea.php?action=domains">' . $_LANG['clientareanavdomains'] . '</a>';
  77. }
  78.  
  79. if ($action == 'domainwhois') {
  80. $breadcrumbnav .= ' > <a href="clientarea.php?action=domains">' . $_LANG['clientareanavdomains'] . '</a>';
  81. }
  82.  
  83. if ($action == 'invoices') {
  84. $breadcrumbnav .= ' > <a href="clientarea.php?action=invoices">' . $_LANG['invoices'] . '</a>';
  85. }
  86.  
  87. if ($action == 'emails') {
  88. $breadcrumbnav .= ' > <a href="clientarea.php?action=emails">' . $_LANG['clientareaemails'] . '</a>';
  89. }
  90.  
  91. if ($action == 'cancel') {
  92. $breadcrumbnav .= ' > <a href="#">' . $_LANG['clientareacancelrequest'] . '</a>';
  93. }
  94.  
  95. if ($action == 'addfunds') {
  96. $breadcrumbnav .= ' > <a href="clientarea.php?action=addfunds">' . $_LANG['addfunds'] . '</a>';
  97. }
  98.  
  99. if ($action == 'masspay') {
  100. $breadcrumbnav .= ' > <a href="#">' . $_LANG['masspaytitle'] . '</a>';
  101. }
  102.  
  103. if ($action == 'quotes') {
  104. $breadcrumbnav .= ' > <a href="clientarea.php?action=quotes">' . $_LANG['quotestitle'] . '</a>';
  105. }
  106.  
  107. initialiseClientArea( $pagetitle, $pageicon, $breadcrumbnav );
  108. $content = '';
  109.  
  110. if ($_SESSION['uid']) {
  111. $pagelimit = 10;
  112.  
  113. if ($itemlimit == 'all') {
  114. $itemlimit = 99999999;
  115. }
  116.  
  117. if (is_numeric( $itemlimit )) {
  118. setcookie( 'pagelimit', $itemlimit, time( ) + 90 * 24 * 60 * 60 );
  119. $_COOKIE['pagelimit'] = $itemlimit;
  120. }
  121.  
  122. if (isset( $_COOKIE['pagelimit'] )) {
  123. if (is_numeric( $_COOKIE['pagelimit'] )) {
  124. $pagelimit = $_COOKIE['pagelimit'];
  125. }
  126. }
  127.  
  128. $currency = getCurrency( $_SESSION['uid'] );
  129. $id = (int)$id;
  130.  
  131. if ($action == '') {
  132. $templatefile = 'clientareahome';
  133. require( 'includes/ticketfunctions.php' );
  134. $tickets = array( );
  135. $statusfilter = '';
  136. $result = select_query( 'tblticketstatuses', 'title', array( 'showactive' => '1' ) );
  137.  
  138. while ($data = mysql_fetch_array( $result )) {
  139. $statusfilter .= '\'' . $data[0] . '\',';
  140. }
  141.  
  142. $statusfilter = substr( $statusfilter, 0, 0 - 1 );
  143. $result = select_query( 'tbltickets', '', 'userid=\'' . mysql_real_escape_string( $_SESSION['uid'] ) . ( '' . '\' AND status IN (' . $statusfilter . ')' ), 'lastreply', 'DESC' );
  144.  
  145. while ($data = mysql_fetch_array( $result )) {
  146. $id = $data['id'];
  147. $tid = $data['tid'];
  148. $c = $data['c'];
  149. $deptid = $data['did'];
  150. $date = $data['date'];
  151. $date = fromMySQLDate( $date, 'time' );
  152. $subject = $data['title'];
  153. $tstatus = $data['status'];
  154. $urgency = $data['urgency'];
  155. $clientunread = $data['clientunread'];
  156. $tstatus = getStatusColour( $tstatus );
  157. $dept = getDepartmentName( $deptid );
  158.  
  159. if ($urgency == 'Low') {
  160. $urgency = $_LANG['supportticketsticketurgencylow'];
  161. } else {
  162. if ($urgency == 'Medium') {
  163. $urgency = $_LANG['supportticketsticketurgencymedium'];
  164. } else {
  165. if ($urgency == 'High') {
  166. $urgency = $_LANG['supportticketsticketurgencyhigh'];
  167. }
  168. }
  169. }
  170.  
  171. $tickets[] = array( 'id' => $id, 'tid' => $tid, 'c' => $c, 'date' => $date, 'department' => $dept, 'subject' => $subject, 'status' => $tstatus, 'urgency' => $urgency, 'unread' => $clientunread );
  172. }
  173.  
  174. $smarty->assign( 'tickets', $tickets );
  175. $totalbalance = 0;
  176. $invoices = array( );
  177. $result = select_query( 'tblinvoices', 'tblinvoices.*,total-COALESCE((SELECT SUM(amountin) FROM tblaccounts WHERE tblaccounts.invoiceid=tblinvoices.id),0) AS balance', array( 'userid' => $_SESSION['uid'], 'status' => 'Unpaid', '(select count(id) from tblinvoiceitems where invoiceid=tblinvoices.id and type=\'Invoice\')' => array( 'sqltype' => '<=', 'value' => 0 ) ), 'id', 'DESC' );
  178.  
  179. while ($data = mysql_fetch_array( $result )) {
  180. $id = $data['id'];
  181. $invoicenum = $data['invoicenum'];
  182. $date = $data['date'];
  183. $duedate = $data['duedate'];
  184. $total = $data['total'];
  185. $balance = $data['balance'];
  186. $status = $data['status'];
  187. $totalbalance += $balance;
  188. $date = fromMySQLDate( $date );
  189. $duedate = fromMySQLDate( $duedate );
  190.  
  191. if (!$invoicenum) {
  192. $invoicenum = $id;
  193. }
  194.  
  195. $invoices[] = array( 'id' => $id, 'invoicenum' => $invoicenum, 'datecreated' => $date, 'datedue' => $duedate, 'total' => formatCurrency( $total ), 'balance' => formatCurrency( $balance ), 'status' => getInvoiceStatusColour( $status ) );
  196. }
  197.  
  198. $smarty->assign( 'invoices', $invoices );
  199. $smarty->assign( 'totalbalance', formatCurrency( $totalbalance ) );
  200. $smarty->assign( 'masspay', $CONFIG['EnableMassPay'] );
  201. $files = array( );
  202. $result = select_query( 'tblclientsfiles', '', array( 'userid' => $_SESSION['uid'], 'adminonly' => '' ), 'title', 'ASC' );
  203.  
  204. while ($data = mysql_fetch_assoc( $result )) {
  205. $id = $data['id'];
  206. $title = $data['title'];
  207. $filename = $data['filename'];
  208. $filename = substr( $filename, 11 );
  209. $date = fromMySQLDate( $data['dateadded'] );
  210. $files[] = array( 'id' => $id, 'date' => $date, 'title' => $title, 'filename' => $filename );
  211. }
  212.  
  213. $smarty->assign( 'files', $files );
  214. $smarty->assign( 'addfundsenabled', $CONFIG['AddFundsEnabled'] );
  215. $addons_html = run_hook( 'ClientAreaHomepage', array( ) );
  216. $smarty->assign( 'addons_html', $addons_html );
  217. } else {
  218. if ($action == 'details') {
  219. checkContactPermission( 'profile' );
  220. $templatefile = 'clientareadetails';
  221. $smartyvalues['ccenabled'] = clientarea_CCLink( );
  222. $uneditablefields = explode( ',', $CONFIG['ClientsProfileUneditableFields'] );
  223. $smartyvalues['uneditablefields'] = $uneditablefields;
  224. $updatefieldsarray = array( 'firstname' => 'First Name', 'lastname' => 'Last Name', 'companyname' => 'Company Name', 'email' => 'Email Address', 'address1' => 'Address 1', 'address2' => 'Address 2', 'city' => 'City', 'state' => 'State', 'postcode' => 'Postcode', 'country' => 'Country', 'phonenumber' => 'Phone Number', 'billingcid' => 'Billing Contact' );
  225.  
  226. if ($save) {
  227. $existingclientsdetails = getClientsDetails( $_SESSION['uid'] );
  228.  
  229. foreach ($updatefieldsarray as $field => $displayname) {
  230. if (in_array( $field, $uneditablefields )) {
  231. $$field = $existingclientsdetails[$field];
  232. continue;
  233. }
  234. }
  235.  
  236. $errormessage = checkDetailsareValid( $firstname, $lastname, $email, $address1, $city, $state, $postcode, $phonenumber, '', '', '', true );
  237. $errormessage .= checkCustomFields( $_POST['customfield'] );
  238.  
  239. if (!$errormessage) {
  240. $changelist = '';
  241. $old_customfieldsarray = getCustomFields( 'client', '', $_SESSION['uid'], '', '' );
  242. $updateqry = array( );
  243.  
  244. foreach ($updatefieldsarray as $field => $displayname) {
  245. if (!in_array( $field, $uneditablefields )) {
  246. $updateqry[$field] = $$field;
  247. }
  248.  
  249. if ($$field != $existingclientsdetails[$field]) {
  250. $changelist .= '' . $displayname . ': \'' . $existingclientsdetails[$field] . '\' to \'' . $$field . '\'<br>
  251. ';
  252. continue;
  253. }
  254. }
  255.  
  256. update_query( 'tblclients', $updateqry, array( 'id' => $_SESSION['uid'] ) );
  257. $customfields = getCustomFields( 'client', '', $_SESSION['uid'], '', '' );
  258.  
  259. foreach ($customfields as $v) {
  260. $k = $v['id'];
  261. $customfieldsarray[$k] = $_POST['customfield'][$k];
  262. }
  263.  
  264. saveCustomFields( $_SESSION['uid'], $customfieldsarray );
  265. run_hook( 'ClientEdit', array_merge( array( 'userid' => $_SESSION['uid'], 'olddata' => $existingclientsdetails ), $updateqry ) );
  266.  
  267. if ($CONFIG['SendEmailNotificationonUserDetailsChange'] == 'on') {
  268. foreach ($old_customfieldsarray as $values) {
  269. if ($values['value'] != $_POST['customfield'][$values['id']]) {
  270. $changelist .= $values['name'] . ': \'' . $values['value'] . '\' to \'' . $_POST['customfield'][$values['id']] . '\'<br>
  271. ';
  272. continue;
  273. }
  274. }
  275.  
  276.  
  277. if ($changelist) {
  278. $adminurl = ($CONFIG['SystemSSLURL'] ? $CONFIG['SystemSSLURL'] : $CONFIG['SystemURL']);
  279.  
  280. if (!$customadminpath) {
  281. $customadminpath = 'admin';
  282. }
  283.  
  284. $adminurl .= '/' . $customadminpath . '/clientssummary.php?userid=' . $_SESSION['uid'];
  285. sendAdminNotification( 'account', 'WHMCS User Details Change', '' . '<p>Client ID: <a href="' . $adminurl . '">' . $_SESSION['uid'] . ' - ' . $existingclientsdetails['firstname'] . ' ' . $existingclientsdetails['lastname'] . ( '' . '</a> has requested to change his/her details as indicated below:<br><br>' . $changelist . '<br>If you are unhappy with any of the changes, you need to login and revert them - this is the only record of the old details.</p>' ) );
  286. logActivity( 'Client Profile Modified - ' . substr( str_replace( '<br>
  287. ', ', ', $changelist ), 0, 0 - 2 ) . ' - User ID: ' . $_SESSION['uid'] );
  288. }
  289. }
  290.  
  291. $smartyvalues['successful'] = true;
  292. } else {
  293. $smarty->assign( 'errormessage', $errormessage );
  294. }
  295. }
  296.  
  297. if (!$errormessage) {
  298. $existingclientsdetails = getClientsDetails( $_SESSION['uid'] );
  299.  
  300. foreach ($updatefieldsarray as $field => $displayname) {
  301. $$field = $existingclientsdetails[$field];
  302. }
  303. }
  304.  
  305. include( 'includes/countries.php' );
  306. $countriesdropdown = getCountriesDropDown( $country );
  307. $smarty->assign( 'clientfirstname', $firstname );
  308. $smarty->assign( 'clientlastname', $lastname );
  309. $smarty->assign( 'clientcompanyname', $companyname );
  310. $smarty->assign( 'clientemail', $email );
  311. $smarty->assign( 'clientaddress1', $address1 );
  312. $smarty->assign( 'clientaddress2', $address2 );
  313. $smarty->assign( 'clientcity', $city );
  314. $smarty->assign( 'clientstate', $state );
  315. $smarty->assign( 'clientpostcode', $postcode );
  316. $smarty->assign( 'clientcountry', $countries[$country] );
  317. $smarty->assign( 'clientcountriesdropdown', $countriesdropdown );
  318. $smarty->assign( 'clientphonenumber', $phonenumber );
  319. $customfields = getCustomFields( 'client', '', $_SESSION['uid'], '', '', $_POST['customfield'] );
  320. $smarty->assign( 'customfields', $customfields );
  321. $result = select_query( 'tblcontacts', '', array( 'userid' => $_SESSION['uid'] ), 'firstname` ASC,`lastname', 'ASC' );
  322.  
  323. while ($data = mysql_fetch_array( $result )) {
  324. $contactsarray[] = array( 'id' => $data['id'], 'name' => $data['firstname'] . ' ' . $data['lastname'], 'email' => $data['email'] );
  325. }
  326.  
  327. $smartyvalues['contacts'] = $contactsarray;
  328. $smarty->assign( 'billingcid', $billingcid );
  329. } else {
  330. if ($action == 'contacts') {
  331. $templatefile = 'clientareacontacts';
  332. $smartyvalues['breadcrumbnav'] = '<a href="index.php">' . $_LANG['globalsystemname'] . '</a> > <a href="clientarea.php">' . $_LANG['clientareatitle'] . '</a> > <a href="clientarea.php?action=details">' . $_LANG['clientareanavdetails'] . '</a> > <a href="clientarea.php?action=contacts">' . $_LANG['clientareanavcontacts'] . '</a>';
  333. $smartyvalues['ccenabled'] = clientarea_CCLink( );
  334. checkContactPermission( 'contacts' );
  335.  
  336. if ($id) {
  337. $result = select_query( 'tblcontacts', 'id,subaccount', array( 'userid' => $_SESSION['uid'], 'id' => $id ) );
  338. $data = mysql_fetch_array( $result );
  339.  
  340. if (!$data['id']) {
  341. exit( 'Invalid Access Attempt' );
  342. }
  343.  
  344. $oldsubaccountval = $data['subaccount'];
  345. }
  346.  
  347. if ($delete) {
  348. delete_query( 'tblcontacts', array( 'userid' => $_SESSION['uid'], 'id' => $id ) );
  349. header( 'Location: clientarea.php?action=contacts' );
  350. exit( );
  351. }
  352.  
  353. if ($submit) {
  354. $errormessage = checkContactDetails( $firstname, $lastname, $email, $address1, $city, $state, $postcode, $phonenumber );
  355.  
  356. if ($subaccount) {
  357. $result = select_query( 'tblclients', 'COUNT(*)', array( 'email' => $email ) );
  358. $data = mysql_fetch_array( $result );
  359. $result = select_query( 'tblcontacts', 'COUNT(*)', array( 'email' => $email, 'id' => array( 'sqltype' => 'NEQ', 'value' => $id ) ) );
  360. $data2 = mysql_fetch_array( $result );
  361.  
  362. if ($data[0] + $data2[0]) {
  363. $errormessage .= '<li>' . $_LANG['ordererroruserexists'];
  364. }
  365.  
  366. if (( trim( $password ) || ( !$oldsubaccountval && $subaccount ) )) {
  367. if (!trim( $password2 )) {
  368. $errormessage .= '<li>' . $_LANG['clientareaerrorpasswordconfirm'];
  369. } else {
  370. if ($password != $password2) {
  371. $errormessage .= '<li>' . $_LANG['clientareaerrorpasswordnotmatch'];
  372. } else {
  373. $errormessage .= checkPasswordStrength( $password );
  374. }
  375. }
  376. }
  377. } else {
  378. $password = $permissions = '';
  379. }
  380.  
  381. $smartyvalues['errormessage'] = $errormessage;
  382.  
  383. if (!$errormessage) {
  384. $subaccount = ($subaccount ? '1' : '0');
  385.  
  386. if ($permissions) {
  387. $permissions = implode( ',', $permissions );
  388. }
  389.  
  390. $array = array( 'firstname' => $firstname, 'lastname' => $lastname, 'companyname' => $companyname, 'email' => $email, 'address1' => $address1, 'address2' => $address2, 'city' => $city, 'state' => $state, 'postcode' => $postcode, 'country' => $country, 'phonenumber' => $phonenumber, 'subaccount' => $subaccount, 'permissions' => $permissions, 'generalemails' => $generalemails, 'productemails' => $productemails, 'domainemails' => $domainemails, 'invoiceemails' => $invoiceemails, 'supportemails' => $supportemails );
  391.  
  392. if ($password) {
  393. $array['password'] = generateClientPW( $password );
  394. }
  395.  
  396. run_hook( 'ContactEdit', array_merge( array( 'userid' => $_SESSION['uid'], 'contactid' => $id ), $array ) );
  397. update_query( 'tblcontacts', $array, array( 'userid' => $_SESSION['uid'], 'id' => $id ) );
  398. logActivity( '' . 'Client Contact Modified - Contact ID: ' . $id . ' - User ID: ' . $_SESSION['uid'] );
  399. $smartyvalues['successful'] = true;
  400. }
  401. }
  402.  
  403. if ($success) {
  404. $smartyvalues['successful'] = true;
  405. }
  406.  
  407. $result = select_query( 'tblcontacts', '', array( 'userid' => $_SESSION['uid'] ) );
  408.  
  409. while ($data = mysql_fetch_array( $result )) {
  410. if (!$id) {
  411. $id = $data['id'];
  412. }
  413.  
  414. $contactsarray[] = array( 'id' => $data['id'], 'name' => $data['firstname'] . ' ' . $data['lastname'], 'email' => $data['email'] );
  415. }
  416.  
  417. $smartyvalues['contacts'] = $contactsarray;
  418. include( 'includes/countries.php' );
  419. $smartyvalues['contactid'] = $id;
  420.  
  421. if (!$errormessage) {
  422. $result = select_query( 'tblcontacts', '', array( 'userid' => $_SESSION['uid'], 'id' => $id ) );
  423. $data = mysql_fetch_array( $result );
  424. $id = $data['id'];
  425. $firstname = $data['firstname'];
  426. $lastname = $data['lastname'];
  427. $companyname = $data['companyname'];
  428. $email = $data['email'];
  429. $address1 = $data['address1'];
  430. $address2 = $data['address2'];
  431. $city = $data['city'];
  432. $state = $data['state'];
  433. $postcode = $data['postcode'];
  434. $country = $data['country'];
  435. $phonenumber = $data['phonenumber'];
  436. $subaccount = $data['subaccount'];
  437. $permissions = explode( ',', $data['permissions'] );
  438. $generalemails = $data['generalemails'];
  439. $productemails = $data['productemails'];
  440. $domainemails = $data['domainemails'];
  441. $invoiceemails = $data['invoiceemails'];
  442. $supportemails = $data['supportemails'];
  443. }
  444.  
  445. $smartyvalues['contactfirstname'] = $firstname;
  446. $smartyvalues['contactlastname'] = $lastname;
  447. $smartyvalues['contactcompanyname'] = $companyname;
  448. $smartyvalues['contactemail'] = $email;
  449. $smartyvalues['contactaddress1'] = $address1;
  450. $smartyvalues['contactaddress2'] = $address2;
  451. $smartyvalues['contactcity'] = $city;
  452. $smartyvalues['contactstate'] = $state;
  453. $smartyvalues['contactpostcode'] = $postcode;
  454. $smartyvalues['contactphonenumber'] = $phonenumber;
  455. $smartyvalues['countriesdropdown'] = getCountriesDropDown( $country );
  456. $smartyvalues['subaccount'] = $subaccount;
  457. $smartyvalues['permissions'] = $permissions;
  458. $smartyvalues['generalemails'] = $generalemails;
  459. $smartyvalues['productemails'] = $productemails;
  460. $smartyvalues['domainemails'] = $domainemails;
  461. $smartyvalues['invoiceemails'] = $invoiceemails;
  462. $smartyvalues['supportemails'] = $supportemails;
  463. } else {
  464. if ($action == 'addcontact') {
  465. $templatefile = 'clientareaaddcontact';
  466. $smartyvalues['breadcrumbnav'] = '<a href="index.php">' . $_LANG['globalsystemname'] . '</a> > <a href="clientarea.php">' . $_LANG['clientareatitle'] . '</a> > <a href="clientarea.php?action=details">' . $_LANG['clientareanavdetails'] . '</a> > <a href="clientarea.php?action=addcontact">' . $_LANG['clientareanavaddcontact'] . '</a>';
  467. $smartyvalues['ccenabled'] = clientarea_CCLink( );
  468. checkContactPermission( 'contacts' );
  469. include( 'includes/countries.php' );
  470.  
  471. if ($submit) {
  472. $errormessage = checkContactDetails( $firstname, $lastname, $email, $address1, $city, $state, $postcode, $phonenumber );
  473.  
  474. if ($subaccount) {
  475. $result = select_query( 'tblclients', 'COUNT(*)', array( 'email' => $email ) );
  476. $data = mysql_fetch_array( $result );
  477. $result = select_query( 'tblcontacts', 'COUNT(*)', array( 'email' => $email ) );
  478. $data2 = mysql_fetch_array( $result );
  479.  
  480. if ($data[0] + $data2[0]) {
  481. $errormessage .= '<li>' . $_LANG['ordererroruserexists'];
  482. }
  483.  
  484. if (trim( $password )) {
  485. if (!trim( $password2 )) {
  486. $errormessage .= '<li>' . $_LANG['clientareaerrorpasswordconfirm'];
  487. } else {
  488. if ($password != $password2) {
  489. $errormessage .= '<li>' . $_LANG['clientareaerrorpasswordnotmatch'];
  490. } else {
  491. $errormessage .= checkPasswordStrength( $password );
  492. }
  493. }
  494. } else {
  495. $errormessage .= '<li>' . $_LANG['ordererrorpassword'];
  496. }
  497. } else {
  498. $password = $permissions = '';
  499. }
  500.  
  501. $smartyvalues['errormessage'] = $errormessage;
  502.  
  503. if (!$errormessage) {
  504. $contactid = addContact( $_SESSION['uid'], $firstname, $lastname, $companyname, $email, $address1, $address2, $city, $state, $postcode, $country, $phonenumber, $password, $permissions, $generalemails, $productemails, $domainemails, $invoiceemails, $supportemails );
  505. header( '' . 'Location: clientarea.php?action=contacts&id=' . $contactid . '&success=1' );
  506. exit( );
  507. }
  508. }
  509.  
  510. if (!$permissions) {
  511. $permissions = array( );
  512. }
  513.  
  514. $smartyvalues['contactfirstname'] = $firstname;
  515. $smartyvalues['contactlastname'] = $lastname;
  516. $smartyvalues['contactcompanyname'] = $companyname;
  517. $smartyvalues['contactemail'] = $email;
  518. $smartyvalues['contactaddress1'] = $address1;
  519. $smartyvalues['contactaddress2'] = $address2;
  520. $smartyvalues['contactcity'] = $city;
  521. $smartyvalues['contactstate'] = $state;
  522. $smartyvalues['contactpostcode'] = $postcode;
  523. $smartyvalues['contactphonenumber'] = $phonenumber;
  524. $smartyvalues['countriesdropdown'] = getCountriesDropDown( $country );
  525. $smartyvalues['subaccount'] = $subaccount;
  526. $smartyvalues['permissions'] = $permissions;
  527. $smartyvalues['generalemails'] = $generalemails;
  528. $smartyvalues['productemails'] = $productemails;
  529. $smartyvalues['domainemails'] = $domainemails;
  530. $smartyvalues['invoiceemails'] = $invoiceemails;
  531. $smartyvalues['supportemails'] = $supportemails;
  532. } else {
  533. if ($action == 'creditcard') {
  534. checkContactPermission( 'invoices' );
  535. $templatefile = 'clientareacreditcard';
  536. $smartyvalues['breadcrumbnav'] = '<a href="index.php">' . $_LANG['globalsystemname'] . '</a> > <a href="clientarea.php">' . $_LANG['clientareatitle'] . '</a> > <a href="clientarea.php?action=details">' . $_LANG['clientareanavdetails'] . '</a> > <a href="clientarea.php?action=creditcard">' . $_LANG['clientareanavchangecc'] . '</a>';
  537.  
  538. if (!clientarea_CCLink( )) {
  539. header( 'Location: clientarea.php' );
  540. exit( );
  541. }
  542.  
  543. $smartyvalues['ccenabled'] = true;
  544. $result = select_query( 'tblpaymentgateways', 'gateway', array( 'setting' => 'type', 'value' => 'CC' ) );
  545.  
  546. while ($data = mysql_fetch_array( $result )) {
  547. $gateway = $data['gateway'];
  548.  
  549. if (function_exists( $gateway . '_remoteupdate' )) {
  550. $params = getGatewayVariables( $gateway );
  551. $result = select_query( 'tblclients', 'gatewayid', array( 'id' => $_SESSION['uid'] ) );
  552. $data = mysql_fetch_array( $result );
  553. $params['gatewayid'] = $data['gatewayid'];
  554. $remoteupdatecode = call_user_func( $gateway . '_remoteupdate', $params );
  555.  
  556. if (!$remoteupdatecode) {
  557. $remoteupdatecode = $_LANG['creditcardupdatenotpossible'];
  558. }
  559.  
  560. $smartyvalues['remoteupdatecode'] = $remoteupdatecode;
  561. continue;
  562. }
  563. }
  564.  
  565.  
  566. if ($submit) {
  567. $errormessage = updateCCDetails( $_SESSION['uid'], $cctype, $ccnumber, $ccexpirymonth . $ccexpiryyear, $ccstartmonth . $ccstartyear, $ccissuenum );
  568.  
  569. if (!$errormessage) {
  570. $smartyvalues['successful'] = true;
  571. }
  572. }
  573.  
  574. if (( $delete && $CONFIG['CCAllowCustomerDelete'] )) {
  575. updateCCDetails( $_SESSION['uid'], '', '', '', '', '' );
  576. update_query( 'tblclients', array( 'gatewayid' => '' ), array( 'id' => $_SESSION['uid'] ) );
  577. $errormessage = '<li>' . $_LANG['creditcarddeleteconfirmation'];
  578. }
  579.  
  580. $smartyvalues['errormessage'] = $errormessage;
  581. $data = getCCDetails( $_SESSION['uid'] );
  582. $smartyvalues['cardtype'] = $data['cardtype'];
  583. $smartyvalues['cardnum'] = $data['cardnum'];
  584. $smartyvalues['cardexp'] = $data['expdate'];
  585. $smartyvalues['cardstart'] = $data['startdate'];
  586. $smartyvalues['cardissuenum'] = $data['issuenumber'];
  587. $acceptedcctypes = $CONFIG['AcceptedCardTypes'];
  588. $acceptedcctypes = explode( ',', $acceptedcctypes );
  589. $smartyvalues['acceptedcctypes'] = $acceptedcctypes;
  590. $smartyvalues['showccissuestart'] = $CONFIG['ShowCCIssueStart'];
  591. $smartyvalues['allowcustomerdelete'] = $CONFIG['CCAllowCustomerDelete'];
  592. } else {
  593. if ($action == 'changepw') {
  594. $templatefile = 'clientareachangepw';
  595. $smartyvalues['breadcrumbnav'] = '<a href="index.php">' . $_LANG['globalsystemname'] . '</a> > <a href="clientarea.php">' . $_LANG['clientareatitle'] . '</a> > <a href="clientarea.php?action=details">' . $_LANG['clientareanavdetails'] . '</a> > <a href="clientarea.php?action=changepw">' . $_LANG['clientareanavchangepw'] . '</a>';
  596. $smartyvalues['ccenabled'] = clientarea_CCLink( );
  597.  
  598. if ($submit) {
  599. $existingpw = html_entity_decode( $existingpw );
  600. $newpw = html_entity_decode( $newpw );
  601. $confirmpw = html_entity_decode( $confirmpw );
  602.  
  603. if ($_SESSION['cid']) {
  604. $result = select_query( 'tblcontacts', 'password', array( 'id' => $_SESSION['cid'], 'userid' => $_SESSION['uid'] ) );
  605. } else {
  606. $result = select_query( 'tblclients', 'password', array( 'id' => $_SESSION['uid'] ) );
  607. }
  608.  
  609. $data = mysql_fetch_array( $result );
  610. $pwderror = false;
  611.  
  612. if ($CONFIG['NOMD5']) {
  613. $existingpwd = decrypt( $data['password'] );
  614.  
  615. if ($existingpw != $existingpwd) {
  616. $pwderror = true;
  617. }
  618. } else {
  619. $existingpwd = $data['password'];
  620. $salt = explode( ':', $existingpwd );
  621. $salt = $salt[1];
  622.  
  623. if (generateClientPW( $existingpw, $salt ) != $existingpwd) {
  624. $pwderror = true;
  625. }
  626. }
  627.  
  628. ..........................
  629. ...............
  630. .......
  631.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!