From e1ceb050e19c7574bca146a8da7047ee4ff456b5 Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Sun, 10 Jul 2016 05:02:35 -0400
Subject: [PATCH] Merge branch 'stable-3.1'
---
interface/web/client/reseller_edit.php | 186 +++++++++++++++++++++++++++++++++++++---------
1 files changed, 150 insertions(+), 36 deletions(-)
diff --git a/interface/web/client/reseller_edit.php b/interface/web/client/reseller_edit.php
index 3007ce0..fff4202 100644
--- a/interface/web/client/reseller_edit.php
+++ b/interface/web/client/reseller_edit.php
@@ -60,12 +60,12 @@
if($_SESSION["s"]["user"]["typ"] == 'user') {
// Get the limits of the client
- $client_group_id = $_SESSION["s"]["user"]["default_group"];
- $client = $app->db->queryOneRecord("SELECT limit_client FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+ $client = $app->db->queryOneRecord("SELECT limit_client FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
// Check if the user may add another website.
if($client["limit_client"] >= 0) {
- $tmp = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client WHERE sys_groupid = $client_group_id");
+ $tmp = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client WHERE sys_groupid = ?", $client_group_id);
if($tmp["number"] >= $client["limit_client"]) {
$app->error($app->tform->wordbook["limit_client_txt"]);
}
@@ -83,17 +83,37 @@
if($_SESSION["s"]["user"]["typ"] == 'user' && $this->id == 0) {
// Get the limits of the client
- $client_group_id = $_SESSION["s"]["user"]["default_group"];
- $client = $app->db->queryOneRecord("SELECT limit_client FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+ $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+ $client = $app->db->queryOneRecord("SELECT limit_client FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
// Check if the user may add another website.
if($client["limit_client"] >= 0) {
- $tmp = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client WHERE sys_groupid = $client_group_id");
+ $tmp = $app->db->queryOneRecord("SELECT count(client_id) as number FROM client WHERE sys_groupid = ?", $client_group_id);
if($tmp["number"] >= $client["limit_client"]) {
$app->error($app->tform->wordbook["limit_client_txt"]);
}
}
}
+
+ if($this->id != 0) {
+ $this->oldTemplatesAssigned = $app->db->queryAllRecords('SELECT * FROM `client_template_assigned` WHERE `client_id` = ?', $this->id);
+ if(!is_array($this->oldTemplatesAssigned) || count($this->oldTemplatesAssigned) < 1) {
+ // check previous type of storing templates
+ $tpls = explode('/', $this->oldDataRecord['template_additional']);
+ $this->oldTemplatesAssigned = array();
+ foreach($tpls as $item) {
+ $item = trim($item);
+ if(!$item) continue;
+ $this->oldTemplatesAssigned[] = array('assigned_template_id' => 0, 'client_template_id' => $item, 'client_id' => $this->id);
+ }
+ unset($tpls);
+ }
+ } else {
+ $this->oldTemplatesAssigned = array();
+ }
+
+ $this->_template_additional = explode('/', $this->dataRecord['template_additional']);
+ $this->dataRecord['template_additional'] = '';
parent::onSubmit();
}
@@ -114,20 +134,34 @@
$app->tpl->setVar('tpl_add_select', $option);
// check for new-style records
- $result = $app->db->queryAllRecords('SELECT assigned_template_id, client_template_id FROM client_template_assigned WHERE client_id = ' . $this->id);
+ $result = $app->db->queryAllRecords('SELECT assigned_template_id, client_template_id FROM client_template_assigned WHERE client_id = ?', $this->id);
if($result && count($result) > 0) {
// new style
+ $items = array();
$text = '';
foreach($result as $item){
if (trim($item['client_template_id']) != ''){
if ($text != '') $text .= '';
- $text .= '<li rel="' . $item['assigned_template_id'] . '">' . $tpl[$item['client_template_id']]. '<a href="#" class="button icons16 icoDelete"></a></li>';
+ $text .= '<li rel="' . $item['assigned_template_id'] . '">' . $tpl[$item['client_template_id']];
+ $text .= '<a href="#" class="button icons16 icoDelete"></a>';
+ $tmp = new stdClass();
+ $tmp->id = $item['assigned_template_id'];
+ $tmp->data = '';
+ $app->plugin->raiseEvent('get_client_template_details', $tmp);
+ if($tmp->data != '') $text .= '<br /><em>' . $tmp->data . '</em>';
+
+ $text .= '</li>';
+ $items[] = $item['assigned_template_id'] . ':' . $item['client_template_id'];
}
}
+
+ $tmprec = $app->tform->getHTML(array('template_additional' => implode('/', $items)), $this->active_tab, 'EDIT');
+ $app->tpl->setVar('template_additional', $tmprec['template_additional']);
+ unset($tmprec);
} else {
// old style
- $sql = "SELECT template_additional FROM client WHERE client_id = " . $this->id;
- $result = $app->db->queryOneRecord($sql);
+ $sql = "SELECT template_additional FROM client WHERE client_id = ?";
+ $result = $app->db->queryOneRecord($sql, $this->id);
$tplAdd = explode("/", $result['template_additional']);
$text = '';
foreach($tplAdd as $item){
@@ -139,7 +173,22 @@
}
$app->tpl->setVar('template_additional_list', $text);
-
+ $app->tpl->setVar('app_module', 'client');
+
+ //* Set the 'customer no' default value
+ if($this->id == 0) {
+ //* get the system config
+ $app->uses('getconf');
+ $system_config = $app->getconf->get_global_config();
+ if($system_config['misc']['customer_no_template'] != '') {
+
+ //* Set customer no default
+ $customer_no = $app->functions->intval($system_config['misc']['customer_no_start']+$system_config['misc']['customer_no_counter']);
+ $customer_no_string = str_replace('[CUSTOMER_NO]',$customer_no,$system_config['misc']['customer_no_template']);
+ $app->tpl->setVar('customer_no',$customer_no_string);
+ }
+ }
+
parent::onShowEnd();
}
@@ -151,17 +200,17 @@
function onAfterInsert() {
global $app, $conf;
// Create the group for the reseller
- $groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('".$app->db->quote($this->dataRecord["username"])."','',".$this->id.")", 'groupid');
+ $groupid = $app->db->datalogInsert('sys_group', array("name" => $this->dataRecord["username"], "description" => '', "client_id" => $this->id), 'groupid');
$groups = $groupid;
- $username = $app->db->quote($this->dataRecord["username"]);
- $password = $app->db->quote($this->dataRecord["password"]);
+ $username = $this->dataRecord["username"];
+ $password = $this->dataRecord["password"];
$modules = $conf['interface_modules_enabled'] . ',client';
$startmodule = (stristr($modules, 'dashboard'))?'dashboard':'client';
- $usertheme = $app->db->quote($this->dataRecord["usertheme"]);
+ $usertheme = $this->dataRecord["usertheme"];
$type = 'user';
$active = 1;
- $language = $app->db->quote($this->dataRecord["language"]);
+ $language = $this->dataRecord["language"];
$salt="$1$";
$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
@@ -173,11 +222,11 @@
// Create the controlpaneluser for the reseller
$sql = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
- VALUES ('$username','$password','$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,".$this->id.")";
- $app->db->query($sql);
+ VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
+ $app->db->query($sql, $username, $password, $modules, $startmodule, $usertheme, $type, $active, $language, $groups, $groupid, $this->id);
//* set the number of clients to 1
- $app->db->query("UPDATE client SET limit_client = 1 WHERE client_id = ".$this->id);
+ $app->db->query("UPDATE client SET limit_client = 1 WHERE client_id = ?", $this->id);
//* Set the default servers
$tmp = $app->db->queryOneRecord('SELECT server_id FROM server WHERE mail_server = 1 LIMIT 0,1');
@@ -189,8 +238,68 @@
$tmp = $app->db->queryOneRecord('SELECT server_id FROM server WHERE db_server = 1 LIMIT 0,1');
$default_dbserver = $app->functions->intval($tmp['server_id']);
- $sql = "UPDATE client SET default_mailserver = $default_mailserver, default_webserver = $default_webserver, default_dnsserver = $default_dnsserver, default_slave_dnsserver = $default_dnsserver, default_dbserver = $default_dbserver WHERE client_id = ".$this->id;
- $app->db->query($sql);
+ $sql = "UPDATE client SET default_mailserver = ?, default_webserver = ?, default_dnsserver = ?, default_slave_dnsserver = ?, default_dbserver = ? WHERE client_id = ?";
+ $app->db->query($sql, $default_mailserver, $default_webserver, $default_dnsserver, $default_dnsserver, $default_dbserver, $this->id);
+
+ if(isset($this->dataRecord['template_master'])) {
+ $app->uses('client_templates');
+ $app->client_templates->update_client_templates($this->id, $this->_template_additional);
+ }
+
+ if($this->dataRecord['customer_no'] == $this->dataRecord['customer_no_org']) {
+ //* get the system config
+ $app->uses('getconf');
+ $system_config = $app->getconf->get_global_config();
+ if($system_config['misc']['customer_no_template'] != '') {
+
+ //* save new counter value
+ $system_config['misc']['customer_no_counter']++;
+ $system_config_str = $app->ini_parser->get_ini_string($system_config);
+ $app->db->datalogUpdate('sys_ini', array("config" => $system_config_str), 'sysini_id', 1);
+
+ }
+ }
+
+ //* Send welcome email
+ $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+ $sql = "SELECT * FROM client_message_template WHERE template_type = 'welcome' AND sys_groupid = ?";
+ $email_template = $app->db->queryOneRecord($sql, $client_group_id);
+ $client = $app->tform->getDataRecord($this->id);
+
+ if(is_array($email_template) && $client['email'] != '') {
+ //* Parse client details into message
+ $message = $email_template['message'];
+ $subject = $email_template['subject'];
+ foreach($client as $key => $val) {
+ switch ($key) {
+ case 'password':
+ $message = str_replace('{password}', $this->dataRecord['password'], $message);
+ $subject = str_replace('{password}', $this->dataRecord['password'], $subject);
+ break;
+ case 'gender':
+ $message = str_replace('{salutation}', $wb['gender_'.$val.'_txt'], $message);
+ $subject = str_replace('{salutation}', $wb['gender_'.$val.'_txt'], $subject);
+ break;
+ default:
+ $message = str_replace('{'.$key.'}', $val, $message);
+ $subject = str_replace('{'.$key.'}', $val, $subject);
+ }
+ }
+
+ //* Get sender address
+ if($app->auth->is_admin()) {
+ $app->uses('getconf');
+ $system_config = $app->getconf->get_global_config();
+ $from = $system_config['admin_mail'];
+ } else {
+ $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
+ $reseller = $app->db->queryOneRecord("SELECT client.email FROM sys_group,client WHERE client.client_id = sys_group.client_id and sys_group.groupid = ?", $client_group_id);
+ $from = $reseller["email"];
+ }
+
+ //* Send the email
+ $app->functions->mail($client['email'], $subject, $message, $from);
+ }
parent::onAfterInsert();
}
@@ -205,19 +314,19 @@
// username changed
if(isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['username']) && $this->dataRecord['username'] != '' && $this->oldDataRecord['username'] != $this->dataRecord['username']) {
- $username = $app->db->quote($this->dataRecord["username"]);
+ $username = $this->dataRecord["username"];
$client_id = $this->id;
- $sql = "UPDATE sys_user SET username = '$username' WHERE client_id = $client_id";
- $app->db->query($sql);
+ $sql = "UPDATE sys_user SET username = ? WHERE client_id = ?";
+ $app->db->query($sql, $username, $client_id);
- $tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = $client_id");
- $app->db->datalogUpdate("sys_group", "name = '$username'", 'groupid', $tmp['groupid']);
+ $tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = ?", $client_id);
+ $app->db->datalogUpdate("sys_group", array("name" => $username), 'groupid', $tmp['groupid']);
unset($tmp);
}
// password changed
if(isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
- $password = $app->db->quote($this->dataRecord["password"]);
+ $password = $this->dataRecord["password"];
$client_id = $this->id;
$salt="$1$";
$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
@@ -226,32 +335,37 @@
}
$salt.="$";
$password = crypt(stripslashes($password), $salt);
- $sql = "UPDATE sys_user SET passwort = '$password' WHERE client_id = $client_id";
- $app->db->query($sql);
+ $sql = "UPDATE sys_user SET passwort = ? WHERE client_id = ?";
+ $app->db->query($sql, $password, $client_id);
}
// language changed
if(isset($conf['demo_mode']) && $conf['demo_mode'] != true && isset($this->dataRecord['language']) && $this->dataRecord['language'] != '' && $this->oldDataRecord['language'] != $this->dataRecord['language']) {
- $language = $app->db->quote($this->dataRecord["language"]);
+ $language = $this->dataRecord["language"];
$client_id = $this->id;
- $sql = "UPDATE sys_user SET language = '$language' WHERE client_id = $client_id";
- $app->db->query($sql);
+ $sql = "UPDATE sys_user SET language = ? WHERE client_id = ?";
+ $app->db->query($sql, $language, $client_id);
}
// ensure that a reseller is not converted to a client in demo mode when client_id <= 2
if(isset($conf['demo_mode']) && $conf['demo_mode'] == true && $this->id <= 2) {
if(isset($this->dataRecord["limit_client"]) && $this->dataRecord["limit_client"] != -1) {
- $app->db->query('UPDATE client set limit_client = -1 WHERE client_id = '.$this->id);
+ $app->db->query('UPDATE client set limit_client = -1 WHERE client_id = ?', $this->id);
}
}
// reseller status changed
if(isset($this->dataRecord["limit_client"]) && $this->dataRecord["limit_client"] != $this->oldDataRecord["limit_client"]) {
$modules = $conf['interface_modules_enabled'] . ',client';
- $modules = $app->db->quote($modules);
+ $modules = $modules;
$client_id = $this->id;
- $sql = "UPDATE sys_user SET modules = '$modules' WHERE client_id = $client_id";
- $app->db->query($sql);
+ $sql = "UPDATE sys_user SET modules = ? WHERE client_id = ?";
+ $app->db->query($sql, $modules, $client_id);
+ }
+
+ if(isset($this->dataRecord['template_master'])) {
+ $app->uses('client_templates');
+ $app->client_templates->update_client_templates($this->id, $this->_template_additional);
}
parent::onAfterUpdate();
--
Gitblit v1.9.1