mitrobill/system/controllers/accounts.php

<?php

/**
 *  PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
 *  by https://t.me/ibnux
 **/


_auth();
$ui->assign('_title', Lang::T('My Account'));
$ui->assign('_system_menu', 'accounts');

$action = $routes['1'];
$user = User::_info();
$ui->assign('_user', $user);

switch ($action) {

    case 'change-password':
        run_hook('customer_view_change_password'); #HOOK
        $ui->display('user-change-password.tpl');
        break;

    case 'change-password-post':
        $password = _post('password');
        run_hook('customer_change_password'); #HOOK
        if ($password != '') {
            $d_pass = $user['password'];
            $npass = _post('npass');
            $cnpass = _post('cnpass');
            if ($password == $d_pass) {
                if (!Validator::Length($password, 36, 2)) {
                    r2(U . 'accounts/change-password', 'e', 'New Password must be 2 to 35 character');
                }
                if ($npass != $cnpass) {
                    r2(U . 'accounts/change-password', 'e', 'Both Password should be same');
                }
                $user->password = $npass;
                $turs = ORM::for_table('tbl_user_recharges')->where('customer_id', $user['id'])->find_many();
                foreach($turs as $tur) {
                    // if has active plan, change the password to devices
                    if ($tur['status'] == 'on') {
                        $p = ORM::for_table('tbl_plans')->where('id', $tur['plan_id'])->find_one();
                        $dvc = Package::getDevice($p);
                        if ($_app_stage != 'demo') {
                            if (file_exists($dvc)) {
                                require_once $dvc;
                                (new $p['device'])->add_customer($user, $p);
                            } else {
                                new Exception(Lang::T("Devices Not Found"));
                            }
                        }
                    }
                }
                $user->save();
                User::removeCookie();
                session_destroy();
                _log('[' . $user['username'] . ']: Password changed successfully', 'User', $user['id']);
                _alert(Lang::T('Password changed successfully, Please login again'), 'success', "login");
            } else {
                die($password);
                r2(U . 'accounts/change-password', 'e', Lang::T('Incorrect Current Password'));
            }
        } else {
            r2(U . 'accounts/change-password', 'e', Lang::T('Incorrect Current Password'));
        }
        break;

    case 'profile':
        $d = ORM::for_table('tbl_customers')->find_one($user['id']);
        if ($d) {
            run_hook('customer_view_edit_profile'); #HOOK
            $ui->assign('d', $d);
            $ui->display('user-profile.tpl');
        } else {
            r2(U . 'home', 'e', Lang::T('Account Not Found'));
        }
        break;

    case 'edit-profile-post':
        $fullname = _post('fullname');
        $address = _post('address');
        $email = _post('email');
        $phonenumber = _post('phonenumber');
        run_hook('customer_edit_profile'); #HOOK
        $msg = '';
        if (Validator::Length($fullname, 31, 2) == false) {
            $msg .= 'Full Name should be between 3 to 30 characters' . '<br>';
        }
        if (Validator::UnsignedNumber($phonenumber) == false) {
            $msg .= 'Phone Number must be a number' . '<br>';
        }

        $d = ORM::for_table('tbl_customers')->find_one($user['id']);
        if ($d) {
        } else {
            $msg .= Lang::T('Data Not Found') . '<br>';
        }

        if ($msg == '') {
            $d->fullname = $fullname;
            $d->address = $address;
            $d->email = $email;
            $d->phonenumber = $phonenumber;
            $d->save();

            _log('[' . $user['username'] . ']: ' . Lang::T('User Updated Successfully'), 'User', $user['id']);
            r2(U . 'accounts/profile', 's', Lang::T('User Updated Successfully'));
        } else {
            r2(U . 'accounts/profile', 'e', $msg);
        }
        break;


    case 'phone-update':

        $d = ORM::for_table('tbl_customers')->find_one($user['id']);
        if ($d) {
            //run_hook('customer_view_edit_profile'); #HOOK
            $ui->assign('d', $d);
            $ui->assign('new_phone', $_SESSION['new_phone']);
            $ui->display('user-phone-update.tpl');
        } else {
            r2(U . 'home', 'e', Lang::T('Account Not Found'));
        }
        break;

    case 'phone-update-otp':
        $phone = Lang::phoneFormat(_post('phone'));
        $username = $user['username'];
        $otpPath = $CACHE_PATH . '/sms/';
        $_SESSION['new_phone'] = $phone;
        // Validate the phone number format
        if (!preg_match('/^[0-9]{10,}$/', $phone)) {
            r2(U . 'accounts/phone-update', 'e', Lang::T('Invalid phone number format'));
        }

        if (empty($config['sms_url'])) {
            r2(U . 'accounts/phone-update', 'e', Lang::T('SMS server not Available, Please try again later'));
        }

        if (!empty($config['sms_url'])) {
            if (!empty($phone)) {
                $d = ORM::for_table('tbl_customers')->where('username', $username)->where('phonenumber', $phone)->find_one();
                if ($d) {
                    r2(U . 'accounts/phone-update', 'e', Lang::T('You cannot use your current phone number'));
                }
                if (!file_exists($otpPath)) {
                    mkdir($otpPath);
                    touch($otpPath . 'index.html');
                }
                $otpFile = $otpPath . sha1($username . $db_pass) . ".txt";
                $phoneFile = $otpPath . sha1($username . $db_pass) . "_phone.txt";

                // expired 10 minutes
                if (file_exists($otpFile) && time() - filemtime($otpFile) < 1200) {
                    r2(U . 'accounts/phone-update', 'e', Lang::T('Please wait ' . (1200 - (time() - filemtime($otpFile))) . ' seconds before sending another SMS'));
                } else {
                    $otp = rand(100000, 999999);
                    file_put_contents($otpFile, $otp);
                    file_put_contents($phoneFile, $phone);
                    // send send OTP to user
                    if ($config['phone_otp_type'] === 'sms') {
                        Message::sendSMS($phone, $config['CompanyName'] . "\n Your Verification code is: $otp");
                    } elseif ($config['phone_otp_type'] === 'whatsapp') {
                        Message::sendWhatsapp($phone, $config['CompanyName'] . "\n Your Verification code is: $otp");
                    } elseif ($config['phone_otp_type'] === 'both') {
                        Message::sendSMS($phone, $config['CompanyName'] . "\n Your Verification code is: $otp");
                        Message::sendWhatsapp($phone, $config['CompanyName'] . "\n Your Verification code is: $otp");
                    }
                    //redirect after sending OTP
                    r2(U . 'accounts/phone-update', 'e', Lang::T('Verification code has been sent to your phone'));
                }
            }
        }

        break;

    case 'phone-update-post':
        $phone = Lang::phoneFormat(_post('phone'));
        $otp_code = _post('otp');
        $username = $user['username'];
        $otpPath = $CACHE_PATH . '/sms/';

        // Validate the phone number format
        if (!preg_match('/^[0-9]{10,}$/', $phone)) {
            r2(U . 'accounts/phone-update', 'e', Lang::T('Invalid phone number format'));
            exit();
        }

        if (!empty($config['sms_url'])) {
            $otpFile = $otpPath . sha1($username . $db_pass) . ".txt";
            $phoneFile = $otpPath . sha1($username . $db_pass) . "_phone.txt";

            // Check if OTP file exists
            if (!file_exists($otpFile)) {
                r2(U . 'accounts/phone-update', 'e', Lang::T('Please request OTP first'));
                exit();
            }

            // expired 10 minutes
            if (time() - filemtime($otpFile) > 1200) {
                unlink($otpFile);
                unlink($phoneFile);
                r2(U . 'accounts/phone-update', 'e', Lang::T('Verification code expired'));
                exit();
            } else {
                $code = file_get_contents($otpFile);

                // Check if OTP code matches
                if ($code != $otp_code) {
                    r2(U . 'accounts/phone-update', 'e', Lang::T('Wrong Verification code'));
                    exit();
                }

                // Check if the phone number matches the one that requested the OTP
                $savedPhone = file_get_contents($phoneFile);
                if ($savedPhone !== $phone) {
                    r2(U . 'accounts/phone-update', 'e', Lang::T('The phone number does not match the one that requested the OTP'));
                    exit();
                }

                // OTP verification successful, delete OTP and phone number files
                unlink($otpFile);
                unlink($phoneFile);
            }
        } else {
            r2(U . 'accounts/phone-update', 'e', Lang::T('SMS server not available'));
            exit();
        }

        // Update the phone number in the database
        $d = ORM::for_table('tbl_customers')->where('username', $username)->find_one();
        if ($d) {
            $d->phonenumber = Lang::phoneFormat($phone);
            $d->save();
        }

        r2(U . 'accounts/profile', 's', Lang::T('Phone number updated successfully'));
        break;

    default:
        $ui->display('a404.tpl');
}
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`<?php`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`/**`
show error stacktrace 2023-10-12 15:47:45 +07:00			`* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)`
Change credits 2023-10-12 15:55:42 +07:00			`* by https://t.me/ibnux`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`**/`
show error stacktrace 2023-10-12 15:47:45 +07:00

PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`_auth();`
Auto Translate Language 2024-02-13 13:54:01 +07:00			`$ui->assign('_title', Lang::T('My Account'));`
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`$ui->assign('_system_menu', 'accounts');`

			`$action = $routes['1'];`
			`$user = User::_info();`
			`$ui->assign('_user', $user);`

			`switch ($action) {`
Show error, and fix IP Port custom 2022-08-23 16:33:21 +07:00
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`case 'change-password':`
add hook 2022-09-18 00:00:40 +07:00			`run_hook('customer_view_change_password'); #HOOK`
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`$ui->display('user-change-password.tpl');`
			`break;`

			`case 'change-password-post':`
			`$password = _post('password');`
add menu hook 2022-09-17 22:34:55 +07:00			`run_hook('customer_change_password'); #HOOK`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`if ($password != '') {`
fix Customer change password 2024-06-25 13:51:46 +07:00			`$d_pass = $user['password'];`
Check if Customer has active plan, if yes then connect to routers 2024-06-25 12:06:34 +07:00			`$npass = _post('npass');`
			`$cnpass = _post('cnpass');`
fix Customer change password 2024-06-25 13:51:46 +07:00			`if ($password == $d_pass) {`
Check if Customer has active plan, if yes then connect to routers 2024-06-25 12:06:34 +07:00			`if (!Validator::Length($password, 36, 2)) {`
			`r2(U . 'accounts/change-password', 'e', 'New Password must be 2 to 35 character');`
			`}`
			`if ($npass != $cnpass) {`
			`r2(U . 'accounts/change-password', 'e', 'Both Password should be same');`
			`}`
Fix change password Customer 2024-06-25 14:02:48 +07:00			`$user->password = $npass;`
Update Multiple Active plan when change pass or username 2024-06-25 16:08:40 +07:00			`$turs = ORM::for_table('tbl_user_recharges')->where('customer_id', $user['id'])->find_many();`
			`foreach($turs as $tur) {`
Check if Customer has active plan, if yes then connect to routers 2024-06-25 12:06:34 +07:00			`// if has active plan, change the password to devices`
			`if ($tur['status'] == 'on') {`
			`$p = ORM::for_table('tbl_plans')->where('id', $tur['plan_id'])->find_one();`
Change to devices 2024-06-05 17:19:24 +07:00			`$dvc = Package::getDevice($p);`
Fix Demo mode 2024-06-20 14:16:09 +07:00			`if ($_app_stage != 'demo') {`
			`if (file_exists($dvc)) {`
			`require_once $dvc;`
Check if Customer has active plan, if yes then connect to routers 2024-06-25 12:06:34 +07:00			`(new $p['device'])->add_customer($user, $p);`
Fix Demo mode 2024-06-20 14:16:09 +07:00			`} else {`
			`new Exception(Lang::T("Devices Not Found"));`
			`}`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`}`
Radius name reserved 2023-10-04 16:25:21 +07:00			`}`
Check if Customer has active plan, if yes then connect to routers 2024-06-25 12:06:34 +07:00			`}`
			`$user->save();`
fix Customer change password 2024-06-25 13:51:46 +07:00			`User::removeCookie();`
			`session_destroy();`
Check if Customer has active plan, if yes then connect to routers 2024-06-25 12:06:34 +07:00			`_log('[' . $user['username'] . ']: Password changed successfully', 'User', $user['id']);`
fix Customer change password 2024-06-25 13:51:46 +07:00			`_alert(Lang::T('Password changed successfully, Please login again'), 'success', "login");`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`} else {`
fix Customer change password 2024-06-25 13:51:46 +07:00			`die($password);`
Auto Translate Language 2024-02-13 13:54:01 +07:00			`r2(U . 'accounts/change-password', 'e', Lang::T('Incorrect Current Password'));`
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`}`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`} else {`
Auto Translate Language 2024-02-13 13:54:01 +07:00			`r2(U . 'accounts/change-password', 'e', Lang::T('Incorrect Current Password'));`
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`}`
			`break;`

			`case 'profile':`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`$d = ORM::for_table('tbl_customers')->find_one($user['id']);`
			`if ($d) {`
add hook 2022-09-18 00:00:40 +07:00			`run_hook('customer_view_edit_profile'); #HOOK`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`$ui->assign('d', $d);`
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`$ui->display('user-profile.tpl');`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`} else {`
Update accounts.php fix lang function 2024-02-21 10:13:05 +01:00			`r2(U . 'home', 'e', Lang::T('Account Not Found'));`
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`}`
			`break;`

			`case 'edit-profile-post':`
			`$fullname = _post('fullname');`
			`$address = _post('address');`
change to adminlte 2 2022-10-15 23:18:24 +07:00			`$email = _post('email');`
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`$phonenumber = _post('phonenumber');`
add menu hook 2022-09-17 22:34:55 +07:00			`run_hook('customer_edit_profile'); #HOOK`
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`$msg = '';`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`if (Validator::Length($fullname, 31, 2) == false) {`
			`$msg .= 'Full Name should be between 3 to 30 characters' . '<br>';`
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`}`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`if (Validator::UnsignedNumber($phonenumber) == false) {`
			`$msg .= 'Phone Number must be a number' . '<br>';`
			`}`

			`$d = ORM::for_table('tbl_customers')->find_one($user['id']);`
			`if ($d) {`
			`} else {`
Auto Translate Language 2024-02-13 13:54:01 +07:00			`$msg .= Lang::T('Data Not Found') . '<br>';`
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`}`

Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`if ($msg == '') {`
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`$d->fullname = $fullname;`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`$d->address = $address;`
			`$d->email = $email;`
			`$d->phonenumber = $phonenumber;`
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`$d->save();`
Show error, and fix IP Port custom 2022-08-23 16:33:21 +07:00
Auto Translate Language 2024-02-13 13:54:01 +07:00			`_log('[' . $user['username'] . ']: ' . Lang::T('User Updated Successfully'), 'User', $user['id']);`
			`r2(U . 'accounts/profile', 's', Lang::T('User Updated Successfully'));`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`} else {`
PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`r2(U . 'accounts/profile', 'e', $msg);`
			`}`
			`break;`
Show error, and fix IP Port custom 2022-08-23 16:33:21 +07:00
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`case 'phone-update':`

			`$d = ORM::for_table('tbl_customers')->find_one($user['id']);`
			`if ($d) {`
			`//run_hook('customer_view_edit_profile'); #HOOK`
			`$ui->assign('d', $d);`
Phone otp update from customer 2024-06-25 14:31:12 +07:00			`$ui->assign('new_phone', $_SESSION['new_phone']);`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`$ui->display('user-phone-update.tpl');`
			`} else {`
			`r2(U . 'home', 'e', Lang::T('Account Not Found'));`
			`}`
			`break;`

			`case 'phone-update-otp':`
Check if Customer has active plan, if yes then connect to routers 2024-06-25 12:06:34 +07:00			`$phone = Lang::phoneFormat(_post('phone'));`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`$username = $user['username'];`
Path Configuration 2024-02-26 14:38:04 +07:00			`$otpPath = $CACHE_PATH . '/sms/';`
Phone otp update from customer 2024-06-25 14:31:12 +07:00			`$_SESSION['new_phone'] = $phone;`
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00			`// Validate the phone number format`
			`if (!preg_match('/^[0-9]{10,}$/', $phone)) {`
			`r2(U . 'accounts/phone-update', 'e', Lang::T('Invalid phone number format'));`
			`}`

Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`if (empty($config['sms_url'])) {`
			`r2(U . 'accounts/phone-update', 'e', Lang::T('SMS server not Available, Please try again later'));`
			`}`

			`if (!empty($config['sms_url'])) {`
			`if (!empty($phone)) {`
			`$d = ORM::for_table('tbl_customers')->where('username', $username)->where('phonenumber', $phone)->find_one();`
			`if ($d) {`
			`r2(U . 'accounts/phone-update', 'e', Lang::T('You cannot use your current phone number'));`
			`}`
			`if (!file_exists($otpPath)) {`
			`mkdir($otpPath);`
			`touch($otpPath . 'index.html');`
			`}`
change $db_password to $db_pass 2024-07-29 09:06:27 +07:00			`$otpFile = $otpPath . sha1($username . $db_pass) . ".txt";`
			`$phoneFile = $otpPath . sha1($username . $db_pass) . "_phone.txt";`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00
			`// expired 10 minutes`
			`if (file_exists($otpFile) && time() - filemtime($otpFile) < 1200) {`
			`r2(U . 'accounts/phone-update', 'e', Lang::T('Please wait ' . (1200 - (time() - filemtime($otpFile))) . ' seconds before sending another SMS'));`
			`} else {`
			`$otp = rand(100000, 999999);`
			`file_put_contents($otpFile, $otp);`
			`file_put_contents($phoneFile, $phone);`
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00			`// send send OTP to user`
Update accounts.php Fix OTP not sending bug 2024-02-21 11:58:13 +01:00			`if ($config['phone_otp_type'] === 'sms') {`
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00			`Message::sendSMS($phone, $config['CompanyName'] . "\n Your Verification code is: $otp");`
Update accounts.php Fix OTP not sending bug 2024-02-21 11:58:13 +01:00			`} elseif ($config['phone_otp_type'] === 'whatsapp') {`
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00			`Message::sendWhatsapp($phone, $config['CompanyName'] . "\n Your Verification code is: $otp");`
Update accounts.php Fix OTP not sending bug 2024-02-21 11:58:13 +01:00			`} elseif ($config['phone_otp_type'] === 'both') {`
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00			`Message::sendSMS($phone, $config['CompanyName'] . "\n Your Verification code is: $otp");`
			`Message::sendWhatsapp($phone, $config['CompanyName'] . "\n Your Verification code is: $otp");`
			`}`
Path Configuration 2024-02-26 14:38:04 +07:00			`//redirect after sending OTP`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`r2(U . 'accounts/phone-update', 'e', Lang::T('Verification code has been sent to your phone'));`
			`}`
			`}`
			`}`

			`break;`

			`case 'phone-update-post':`
Check if Customer has active plan, if yes then connect to routers 2024-06-25 12:06:34 +07:00			`$phone = Lang::phoneFormat(_post('phone'));`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`$otp_code = _post('otp');`
			`$username = $user['username'];`
Path Configuration 2024-02-26 14:38:04 +07:00			`$otpPath = $CACHE_PATH . '/sms/';`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00			`// Validate the phone number format`
			`if (!preg_match('/^[0-9]{10,}$/', $phone)) {`
			`r2(U . 'accounts/phone-update', 'e', Lang::T('Invalid phone number format'));`
			`exit();`
			`}`

Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`if (!empty($config['sms_url'])) {`
change $db_password to $db_pass 2024-07-29 09:06:27 +07:00			`$otpFile = $otpPath . sha1($username . $db_pass) . ".txt";`
			`$phoneFile = $otpPath . sha1($username . $db_pass) . "_phone.txt";`
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00
			`// Check if OTP file exists`
			`if (!file_exists($otpFile)) {`
			`r2(U . 'accounts/phone-update', 'e', Lang::T('Please request OTP first'));`
			`exit();`
			`}`

Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`// expired 10 minutes`
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00			`if (time() - filemtime($otpFile) > 1200) {`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`unlink($otpFile);`
			`unlink($phoneFile);`
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00			`r2(U . 'accounts/phone-update', 'e', Lang::T('Verification code expired'));`
			`exit();`
			`} else {`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`$code = file_get_contents($otpFile);`
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00
			`// Check if OTP code matches`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`if ($code != $otp_code) {`
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00			`r2(U . 'accounts/phone-update', 'e', Lang::T('Wrong Verification code'));`
			`exit();`
			`}`

			`// Check if the phone number matches the one that requested the OTP`
			`$savedPhone = file_get_contents($phoneFile);`
			`if ($savedPhone !== $phone) {`
			`r2(U . 'accounts/phone-update', 'e', Lang::T('The phone number does not match the one that requested the OTP'));`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`exit();`
			`}`
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00
			`// OTP verification successful, delete OTP and phone number files`
			`unlink($otpFile);`
			`unlink($phoneFile);`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`}`
Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00			`} else {`
			`r2(U . 'accounts/phone-update', 'e', Lang::T('SMS server not available'));`
			`exit();`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`}`

Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00			`// Update the phone number in the database`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`$d = ORM::for_table('tbl_customers')->where('username', $username)->find_one();`
			`if ($d) {`
			`$d->phonenumber = Lang::phoneFormat($phone);`
			`$d->save();`
			`}`

Bug Fix: OTP bugs add phone number validation to prevent invalid phone number, phone number must be 10 digits up fix issue with updating phone number without OTP 2024-02-21 10:02:31 +01:00			`r2(U . 'accounts/profile', 's', Lang::T('Phone number updated successfully'));`
Update: New Features "Miscellaneous" [option] OTP is required when user want to change phone number. admin can choose option in [Miscellaneous] 2024-02-21 00:15:36 +01:00			`break;`

PHPMixBill v5.0 - First Upload 2017-03-11 02:51:06 +07:00			`default:`
404 2023-09-27 15:01:48 +07:00			`$ui->display('a404.tpl');`
Fix redirect and check user in database 2023-06-15 17:06:22 +07:00			`}`