2017-03-11 02:51:06 +07:00
|
|
|
<?php
|
2022-09-01 14:52:32 +07:00
|
|
|
|
2017-03-11 02:51:06 +07:00
|
|
|
/**
|
2023-10-12 15:55:42 +07:00
|
|
|
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
|
|
|
|
|
* by https://t.me/ibnux
|
2022-09-01 14:52:32 +07:00
|
|
|
**/
|
2017-03-11 02:51:06 +07:00
|
|
|
|
2024-06-16 16:19:55 +07:00
|
|
|
$maintenance_mode = $config['maintenance_mode'];
|
|
|
|
|
if ($maintenance_mode == true) {
|
|
|
|
|
displayMaintenanceMessage();
|
|
|
|
|
}
|
2024-05-21 00:22:40 +01:00
|
|
|
|
2024-05-17 09:20:53 +07:00
|
|
|
if (User::getID()) {
|
|
|
|
|
r2(U . 'home');
|
2024-02-27 10:37:41 +07:00
|
|
|
}
|
|
|
|
|
|
2017-03-11 02:51:06 +07:00
|
|
|
if (isset($routes['1'])) {
|
|
|
|
|
$do = $routes['1'];
|
|
|
|
|
} else {
|
|
|
|
|
$do = 'login-display';
|
|
|
|
|
}
|
|
|
|
|
|
2022-09-01 14:52:32 +07:00
|
|
|
switch ($do) {
|
2017-03-11 02:51:06 +07:00
|
|
|
case 'post':
|
2022-09-01 14:52:32 +07:00
|
|
|
$username = _post('username');
|
|
|
|
|
$password = _post('password');
|
2024-10-09 17:58:35 +01:00
|
|
|
$csrf_token = _post('csrf_token');
|
|
|
|
|
if (!Csrf::check($csrf_token)) {
|
|
|
|
|
_msglog('e', Lang::T('Invalid or Expired CSRF Token'));
|
|
|
|
|
r2(U . 'login');
|
|
|
|
|
}
|
2022-09-18 00:00:40 +07:00
|
|
|
run_hook('customer_login'); #HOOK
|
2022-09-01 14:52:32 +07:00
|
|
|
if ($username != '' and $password != '') {
|
|
|
|
|
$d = ORM::for_table('tbl_customers')->where('username', $username)->find_one();
|
|
|
|
|
if ($d) {
|
|
|
|
|
$d_pass = $d['password'];
|
2024-05-17 19:05:16 +07:00
|
|
|
if ($d['status'] == 'Banned') {
|
2024-05-17 09:20:53 +07:00
|
|
|
_alert(Lang::T('This account status') . ' : ' . Lang::T($d['status']), 'danger', "");
|
2024-05-17 09:19:04 +07:00
|
|
|
}
|
2022-09-01 14:52:32 +07:00
|
|
|
if (Password::_uverify($password, $d_pass) == true) {
|
|
|
|
|
$_SESSION['uid'] = $d['id'];
|
2024-02-12 09:45:44 +07:00
|
|
|
User::setCookie($d['id']);
|
2022-09-01 14:52:32 +07:00
|
|
|
$d->last_login = date('Y-m-d H:i:s');
|
|
|
|
|
$d->save();
|
2024-02-13 13:54:01 +07:00
|
|
|
_log($username . ' ' . Lang::T('Login Successful'), 'User', $d['id']);
|
2024-05-17 09:20:53 +07:00
|
|
|
_alert(Lang::T('Login Successful'), 'success', "home");
|
2022-09-01 14:52:32 +07:00
|
|
|
} else {
|
2024-02-13 13:54:01 +07:00
|
|
|
_msglog('e', Lang::T('Invalid Username or Password'));
|
|
|
|
|
_log($username . ' ' . Lang::T('Failed Login'), 'User');
|
2022-09-01 14:52:32 +07:00
|
|
|
r2(U . 'login');
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2024-02-13 13:54:01 +07:00
|
|
|
_msglog('e', Lang::T('Invalid Username or Password'));
|
2022-09-01 14:52:32 +07:00
|
|
|
r2(U . 'login');
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2024-02-13 13:54:01 +07:00
|
|
|
_msglog('e', Lang::T('Invalid Username or Password'));
|
2022-09-01 14:52:32 +07:00
|
|
|
r2(U . 'login');
|
|
|
|
|
}
|
2017-03-11 02:51:06 +07:00
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
2023-12-19 11:35:49 +07:00
|
|
|
case 'activation':
|
2024-07-23 12:03:13 +07:00
|
|
|
if (!empty(_post('voucher_only'))) {
|
2024-10-09 17:58:35 +01:00
|
|
|
$csrf_token = _post('csrf_token');
|
|
|
|
|
if (!Csrf::check($csrf_token)) {
|
|
|
|
|
_msglog('e', Lang::T('Invalid or Expired CSRF Token'));
|
|
|
|
|
r2(U . 'login');
|
|
|
|
|
}
|
2024-08-11 19:54:33 +07:00
|
|
|
$voucher = Text::alphanumeric(_post('voucher_only'), "-_.,");
|
2024-07-23 12:03:13 +07:00
|
|
|
$tur = ORM::for_table('tbl_user_recharges')
|
|
|
|
|
->where('username', $voucher)
|
|
|
|
|
->where('customer_id', '0') // Voucher Only will make customer ID as 0
|
|
|
|
|
->find_one();
|
|
|
|
|
if ($tur) {
|
|
|
|
|
if ($tur['status'] == 'off') {
|
|
|
|
|
_alert(Lang::T('Internet Voucher Expired'), 'danger', "login");
|
2023-12-19 11:35:49 +07:00
|
|
|
}
|
2024-07-23 12:03:13 +07:00
|
|
|
$p = ORM::for_table('tbl_plans')->where('id', $tur['plan_id'])->find_one();
|
|
|
|
|
if ($p) {
|
|
|
|
|
$dvc = Package::getDevice($p);
|
|
|
|
|
if ($_app_stage != 'demo') {
|
|
|
|
|
if (file_exists($dvc)) {
|
|
|
|
|
if (file_exists($dvc)) {
|
|
|
|
|
require_once $dvc;
|
|
|
|
|
$c = [
|
|
|
|
|
'fullname' => "Voucher",
|
|
|
|
|
'email' => '',
|
|
|
|
|
'username' => $voucher,
|
|
|
|
|
'password' => $voucher,
|
|
|
|
|
];
|
|
|
|
|
(new $p['device'])->add_customer($c, $p);
|
2024-01-08 16:12:21 +07:00
|
|
|
} else {
|
2024-07-23 12:03:13 +07:00
|
|
|
new Exception(Lang::T("Devices Not Found"));
|
2023-12-19 16:00:14 +07:00
|
|
|
}
|
2024-01-08 16:12:21 +07:00
|
|
|
if (!empty($config['voucher_redirect'])) {
|
2023-12-19 16:00:14 +07:00
|
|
|
r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, now you can login"));
|
2024-01-08 16:12:21 +07:00
|
|
|
} else {
|
2023-12-19 16:00:14 +07:00
|
|
|
r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
}
|
2024-07-23 12:03:13 +07:00
|
|
|
} else {
|
|
|
|
|
new Exception(Lang::T("Devices Not Found"));
|
2023-12-19 11:35:49 +07:00
|
|
|
}
|
|
|
|
|
}
|
2024-01-08 16:12:21 +07:00
|
|
|
if (!empty($config['voucher_redirect'])) {
|
2024-07-23 12:03:13 +07:00
|
|
|
_alert(Lang::T("Voucher activation success, now you can login"), 'danger', $config['voucher_redirect']);
|
2024-01-08 16:12:21 +07:00
|
|
|
} else {
|
2024-07-23 12:03:13 +07:00
|
|
|
r2(U . "login", 's', Lang::T("Voucher activation success, you are connected to internet"));
|
2023-12-19 11:35:49 +07:00
|
|
|
}
|
|
|
|
|
} else {
|
2024-07-23 12:03:13 +07:00
|
|
|
_alert(Lang::T('Internet Plan Expired'), 'danger', "login");
|
2023-12-19 11:35:49 +07:00
|
|
|
}
|
|
|
|
|
} else {
|
2024-08-11 19:54:33 +07:00
|
|
|
$v = ORM::for_table('tbl_voucher')->whereRaw("BINARY `code` = '$voucher'")->find_one();
|
2024-07-23 12:03:13 +07:00
|
|
|
if (!$v) {
|
|
|
|
|
_alert(Lang::T('Voucher invalid'), 'danger', "login");
|
|
|
|
|
}
|
|
|
|
|
if ($v['status'] == 0) {
|
|
|
|
|
if (Package::rechargeUser(0, $v['routers'], $v['id_plan'], "Voucher", $voucher)) {
|
|
|
|
|
$v->status = "1";
|
|
|
|
|
$v->save();
|
|
|
|
|
$tur = ORM::for_table('tbl_user_recharges')->where('username', $voucher)->find_one();
|
|
|
|
|
if ($tur) {
|
|
|
|
|
$p = ORM::for_table('tbl_plans')->where('id', $tur['plan_id'])->find_one();
|
|
|
|
|
if ($p) {
|
|
|
|
|
$dvc = Package::getDevice($p);
|
|
|
|
|
if ($_app_stage != 'demo') {
|
|
|
|
|
if (file_exists($dvc)) {
|
|
|
|
|
if (file_exists($dvc)) {
|
|
|
|
|
require_once $dvc;
|
|
|
|
|
$c = [
|
|
|
|
|
'fullname' => "Voucher",
|
|
|
|
|
'email' => '',
|
|
|
|
|
'username' => $voucher,
|
|
|
|
|
'password' => $voucher,
|
|
|
|
|
];
|
|
|
|
|
(new $p['device'])->add_customer($c, $p);
|
|
|
|
|
} else {
|
|
|
|
|
new Exception(Lang::T("Devices Not Found"));
|
|
|
|
|
}
|
|
|
|
|
if (!empty($config['voucher_redirect'])) {
|
|
|
|
|
r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
} else {
|
|
|
|
|
r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
}
|
2024-06-20 14:16:09 +07:00
|
|
|
} else {
|
2024-07-23 12:03:13 +07:00
|
|
|
new Exception(Lang::T("Devices Not Found"));
|
2024-06-20 14:16:09 +07:00
|
|
|
}
|
2024-07-23 12:03:13 +07:00
|
|
|
}
|
|
|
|
|
if (!empty($config['voucher_redirect'])) {
|
|
|
|
|
_alert(Lang::T("Voucher activation success, now you can login"), 'danger', $config['voucher_redirect']);
|
2024-06-07 17:21:29 +07:00
|
|
|
} else {
|
2024-07-23 12:03:13 +07:00
|
|
|
r2(U . "login", 's', Lang::T("Voucher activation success, you are connected to internet"));
|
2024-06-07 17:21:29 +07:00
|
|
|
}
|
2024-01-08 16:12:21 +07:00
|
|
|
} else {
|
2024-07-23 12:03:13 +07:00
|
|
|
_alert(Lang::T('Internet Plan Expired'), 'danger', "login");
|
2023-12-19 16:00:14 +07:00
|
|
|
}
|
2024-07-23 12:03:13 +07:00
|
|
|
} else {
|
|
|
|
|
_alert(Lang::T('Voucher activation failed'), 'danger', "login");
|
2023-12-19 11:35:49 +07:00
|
|
|
}
|
2024-01-08 16:12:21 +07:00
|
|
|
} else {
|
2024-07-23 12:03:13 +07:00
|
|
|
_alert(Lang::T('Voucher activation failed'), 'danger', "login");
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
_alert(Lang::T('Internet Voucher Expired'), 'danger', "login");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else {
|
2024-08-11 19:54:33 +07:00
|
|
|
$voucher = Text::alphanumeric(_post('voucher'), "-_.,");
|
2024-07-23 12:03:13 +07:00
|
|
|
$username = _post('username');
|
2024-08-11 19:54:33 +07:00
|
|
|
$v1 = ORM::for_table('tbl_voucher')->whereRaw("BINARY `code` = '$voucher'")->find_one();
|
2024-07-23 12:03:13 +07:00
|
|
|
if ($v1) {
|
|
|
|
|
// voucher exists, check customer exists or not
|
|
|
|
|
$user = ORM::for_table('tbl_customers')->where('username', $username)->find_one();
|
|
|
|
|
if (!$user) {
|
|
|
|
|
$d = ORM::for_table('tbl_customers')->create();
|
|
|
|
|
$d->username = alphanumeric($username, "+_.@-");
|
|
|
|
|
$d->password = $voucher;
|
|
|
|
|
$d->fullname = '';
|
|
|
|
|
$d->address = '';
|
|
|
|
|
$d->email = '';
|
|
|
|
|
$d->phonenumber = (strlen($username) < 21) ? $username : '';
|
|
|
|
|
if ($d->save()) {
|
|
|
|
|
$user = ORM::for_table('tbl_customers')->where('username', $username)->find_one($d->id());
|
|
|
|
|
if (!$user) {
|
|
|
|
|
r2(U . 'login', 'e', Lang::T('Voucher activation failed'));
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
_alert(Lang::T('Login Successful'), 'success', "dashboard");
|
|
|
|
|
r2(U . 'login', 'e', Lang::T('Voucher activation failed') . '.');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ($v1['status'] == 0) {
|
|
|
|
|
$oldPass = $user['password'];
|
|
|
|
|
// change customer password to voucher code
|
|
|
|
|
$user->password = $voucher;
|
|
|
|
|
$user->save();
|
|
|
|
|
// voucher activation
|
|
|
|
|
if (Package::rechargeUser($user['id'], $v1['routers'], $v1['id_plan'], "Voucher", $voucher)) {
|
|
|
|
|
$v1->status = "1";
|
2024-07-24 08:56:40 +07:00
|
|
|
$v1->used_date = date('Y-m-d H:i:s');
|
2024-07-23 12:03:13 +07:00
|
|
|
$v1->user = $user['username'];
|
|
|
|
|
$v1->save();
|
|
|
|
|
$user->last_login = date('Y-m-d H:i:s');
|
|
|
|
|
$user->save();
|
|
|
|
|
// add customer to mikrotik
|
|
|
|
|
if (!empty($_SESSION['nux-mac']) && !empty($_SESSION['nux-ip'])) {
|
|
|
|
|
try {
|
|
|
|
|
$p = ORM::for_table('tbl_plans')->where('id', $v1['id_plan'])->find_one();
|
|
|
|
|
$dvc = Package::getDevice($p);
|
|
|
|
|
if ($_app_stage != 'demo') {
|
|
|
|
|
if (file_exists($dvc)) {
|
|
|
|
|
require_once $dvc;
|
|
|
|
|
(new $p['device'])->connect_customer($user, $_SESSION['nux-ip'], $_SESSION['nux-mac'], $v1['routers']);
|
|
|
|
|
if (!empty($config['voucher_redirect'])) {
|
|
|
|
|
r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
} else {
|
|
|
|
|
r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
new Exception(Lang::T("Devices Not Found"));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (!empty($config['voucher_redirect'])) {
|
|
|
|
|
r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, you are connected to internet"));
|
|
|
|
|
} else {
|
|
|
|
|
r2(U . "login", 's', Lang::T("Voucher activation success, you are connected to internet"));
|
|
|
|
|
}
|
|
|
|
|
} catch (Exception $e) {
|
|
|
|
|
if (!empty($config['voucher_redirect'])) {
|
|
|
|
|
r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
} else {
|
|
|
|
|
r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2024-01-08 16:12:21 +07:00
|
|
|
if (!empty($config['voucher_redirect'])) {
|
2024-07-23 12:03:13 +07:00
|
|
|
r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, now you can login"));
|
2024-01-08 16:12:21 +07:00
|
|
|
} else {
|
2023-12-19 11:35:49 +07:00
|
|
|
r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
}
|
2024-07-23 12:03:13 +07:00
|
|
|
} else {
|
|
|
|
|
// if failed to recharge, restore old password
|
|
|
|
|
$user->password = $oldPass;
|
|
|
|
|
$user->save();
|
|
|
|
|
r2(U . 'login', 'e', Lang::T("Failed to activate voucher"));
|
2023-12-19 11:35:49 +07:00
|
|
|
}
|
|
|
|
|
} else {
|
2024-07-23 12:03:13 +07:00
|
|
|
// used voucher
|
|
|
|
|
// check if voucher used by this username
|
|
|
|
|
if ($v1['user'] == $user['username']) {
|
|
|
|
|
$user->last_login = date('Y-m-d H:i:s');
|
|
|
|
|
$user->save();
|
|
|
|
|
if (!empty($_SESSION['nux-mac']) && !empty($_SESSION['nux-ip'])) {
|
|
|
|
|
try {
|
|
|
|
|
$p = ORM::for_table('tbl_plans')->where('id', $v1['id_plan'])->find_one();
|
|
|
|
|
$dvc = Package::getDevice($p);
|
|
|
|
|
if ($_app_stage != 'demo') {
|
|
|
|
|
if (file_exists($dvc)) {
|
|
|
|
|
require_once $dvc;
|
|
|
|
|
(new $p['device'])->connect_customer($user, $_SESSION['nux-ip'], $_SESSION['nux-mac'], $v1['routers']);
|
|
|
|
|
if (!empty($config['voucher_redirect'])) {
|
|
|
|
|
r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
} else {
|
|
|
|
|
r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
new Exception(Lang::T("Devices Not Found"));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (!empty($config['voucher_redirect'])) {
|
|
|
|
|
r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, you are connected to internet"));
|
|
|
|
|
} else {
|
|
|
|
|
r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
}
|
|
|
|
|
} catch (Exception $e) {
|
|
|
|
|
if (!empty($config['voucher_redirect'])) {
|
|
|
|
|
r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
} else {
|
|
|
|
|
r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if (!empty($config['voucher_redirect'])) {
|
|
|
|
|
r2($config['voucher_redirect'], 's', Lang::T("Voucher activation success, you are connected to internet"));
|
|
|
|
|
} else {
|
|
|
|
|
r2(U . "login", 's', Lang::T("Voucher activation success, now you can login"));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
// voucher used by other customer
|
|
|
|
|
r2(U . 'login', 'e', Lang::T('Voucher Not Valid'));
|
|
|
|
|
}
|
2023-12-19 11:35:49 +07:00
|
|
|
}
|
2024-07-23 12:03:13 +07:00
|
|
|
} else {
|
|
|
|
|
_msglog('e', Lang::T('Invalid Username or Password'));
|
|
|
|
|
r2(U . 'login');
|
2023-12-19 11:35:49 +07:00
|
|
|
}
|
|
|
|
|
}
|
2017-03-11 02:51:06 +07:00
|
|
|
default:
|
2022-09-18 00:00:40 +07:00
|
|
|
run_hook('customer_view_login'); #HOOK
|
2024-10-09 17:58:35 +01:00
|
|
|
$csrf_token = Csrf::generateAndStoreToken();
|
2024-01-08 16:12:21 +07:00
|
|
|
if ($config['disable_registration'] == 'yes') {
|
2024-10-09 17:58:35 +01:00
|
|
|
$ui->assign('csrf_token', $csrf_token);
|
2024-09-20 10:23:01 +07:00
|
|
|
$ui->assign('_title', Lang::T('Activation'));
|
2024-06-20 14:16:09 +07:00
|
|
|
$ui->assign('code', alphanumeric(_get('code'), "-"));
|
2024-10-10 10:19:01 +07:00
|
|
|
$ui->display('customer/login-noreg.tpl');
|
2024-01-08 16:12:21 +07:00
|
|
|
} else {
|
2024-10-09 17:58:35 +01:00
|
|
|
$ui->assign('csrf_token', $csrf_token);
|
2024-09-20 10:23:01 +07:00
|
|
|
$ui->assign('_title', Lang::T('Login'));
|
2024-10-10 10:19:01 +07:00
|
|
|
$ui->display('customer/login.tpl');
|
2023-12-19 11:35:49 +07:00
|
|
|
}
|
2017-03-11 02:51:06 +07:00
|
|
|
break;
|
|
|
|
|
}
|
