diff --git a/system/controllers/plan.php b/system/controllers/plan.php
index b7a5d536..09fff6d3 100644
--- a/system/controllers/plan.php
+++ b/system/controllers/plan.php
@@ -107,15 +107,15 @@ switch ($action) {
$cust = User::_info($id_customer);
$plan = ORM::for_table('tbl_plans')->find_one($planId);
list($bills, $add_cost) = User::getBills($id_customer);
- $add_inv = User::getAttribute("Invoice", $id_customer);
- if (!empty($add_inv)) {
- $plan['price'] = $add_inv;
- }
+ $add_inv = User::getAttribute("Invoice", $id_customer);
+ if (!empty($add_inv)) {
+ $plan['price'] = $add_inv;
+ }
// Tax calculation start
$tax_enable = isset($config['enable_tax']) ? $config['enable_tax'] : 'no';
$tax_rate_setting = isset($config['tax_rate']) ? $config['tax_rate'] : null;
- $custom_tax_rate = isset($config['custom_tax_rate']) ? (float)$config['custom_tax_rate'] : null;
+ $custom_tax_rate = isset($config['custom_tax_rate']) ? (float) $config['custom_tax_rate'] : null;
if ($tax_rate_setting === 'custom') {
$tax_rate = $custom_tax_rate;
@@ -164,7 +164,7 @@ switch ($action) {
$ui->assign('server', $server);
$ui->assign('using', $using);
$ui->assign('plan', $plan);
- $ui->assign('add_inv', $add_inv);
+ $ui->assign('add_inv', $add_inv);
$ui->display('admin/plan/recharge-confirm.tpl');
} else {
r2(getUrl('plan/recharge'), 'e', $msg);
@@ -205,7 +205,7 @@ switch ($action) {
// Tax calculation start
$tax_enable = isset($config['enable_tax']) ? $config['enable_tax'] : 'no';
$tax_rate_setting = isset($config['tax_rate']) ? $config['tax_rate'] : null;
- $custom_tax_rate = isset($config['custom_tax_rate']) ? (float)$config['custom_tax_rate'] : null;
+ $custom_tax_rate = isset($config['custom_tax_rate']) ? (float) $config['custom_tax_rate'] : null;
if ($tax_rate_setting === 'custom') {
$tax_rate = $custom_tax_rate;
@@ -299,7 +299,7 @@ switch ($action) {
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
- $id = $routes['2'];
+ $id = $routes['2'];
$d = ORM::for_table('tbl_user_recharges')->find_one($id);
if ($d) {
$ui->assign('d', $d);
@@ -329,7 +329,7 @@ switch ($action) {
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
- $id = $routes['2'];
+ $id = $routes['2'];
$d = ORM::for_table('tbl_user_recharges')->find_one($id);
if ($d) {
run_hook('delete_customer_active_plan'); #HOOK
@@ -453,7 +453,7 @@ switch ($action) {
$append_url = "&search=" . urlencode($search) . "&router=" . urlencode($router) . "&customer=" . urlencode($customer) . "&plan=" . urlencode($plan) . "&status=" . urlencode($status);
// option customers
- $ui->assign('customers', ORM::for_table('tbl_voucher')->distinct()->select("user")->whereNotEqual("user", '0')->findArray());
+ $ui->assign('customers', ORM::for_table('tbl_voucher')->distinct()->select("user")->whereNotEqual("user", '0')->findArray());
// option plans
$plns = ORM::for_table('tbl_voucher')->distinct()->select("id_plan")->findArray();
if (count($plns) > 0) {
@@ -563,9 +563,11 @@ switch ($action) {
if (empty($vpl)) {
$vpl = 3;
}
- if ($pagebreak < 1) $pagebreak = 12;
+ if ($pagebreak < 1)
+ $pagebreak = 12;
- if ($limit < 1) $limit = $pagebreak * 2;
+ if ($limit < 1)
+ $limit = $pagebreak * 2;
if (empty($from_id)) {
$from_id = 0;
}
@@ -626,7 +628,7 @@ switch ($action) {
$v = ORM::for_table('tbl_plans')
->left_outer_join('tbl_voucher', array('tbl_plans.id', '=', 'tbl_voucher.id_plan'))
->where('tbl_voucher.status', '0')
- ->where('tbl_voucher.created_at', $selected_datetime)
+ ->where('tbl_voucher.created_at', $selected_datetime)
->limit($limit);
$vc = ORM::for_table('tbl_plans')
->left_outer_join('tbl_voucher', array('tbl_plans.id', '=', 'tbl_voucher.id_plan'))
@@ -697,6 +699,9 @@ switch ($action) {
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent', 'Sales'])) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('plan/add-voucher/'), 'e', 'You cannot perform this action in Demo mode');
+ }
$type = _post('type');
$plan = _post('plan');
@@ -907,7 +912,7 @@ switch ($action) {
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
- $id = $routes['2'];
+ $id = $routes['2'];
run_hook('delete_voucher'); #HOOK
$d = ORM::for_table('tbl_voucher')->find_one($id);
if ($d) {
diff --git a/system/controllers/settings.php b/system/controllers/settings.php
index a81cbb15..79b92d1d 100644
--- a/system/controllers/settings.php
+++ b/system/controllers/settings.php
@@ -58,23 +58,35 @@ switch ($action) {
}
if (!empty(_get('testWa'))) {
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/app'), 'e', 'You cannot perform this action in Demo mode');
+ }
$result = Message::sendWhatsapp(_get('testWa'), 'PHPNuxBill Test Whatsapp');
r2(getUrl('settings/app'), 's', 'Test Whatsapp has been send
Result: ' . $result);
}
if (!empty(_get('testSms'))) {
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/app'), 'e', 'You cannot perform this action in Demo mode');
+ }
$result = Message::sendSMS(_get('testSms'), 'PHPNuxBill Test SMS');
r2(getUrl('settings/app'), 's', 'Test SMS has been send
Result: ' . $result);
}
if (!empty(_get('testEmail'))) {
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/app'), 'e', 'You cannot perform this action in Demo mode');
+ }
Message::sendEmail(_get('testEmail'), 'PHPNuxBill Test Email', 'PHPNuxBill Test Email Body');
r2(getUrl('settings/app'), 's', 'Test Email has been send');
}
if (!empty(_get('testTg'))) {
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/app'), 'e', 'You cannot perform this action in Demo mode');
+ }
$result = Message::sendTelegram('PHPNuxBill Test Telegram');
r2(getUrl('settings/app'), 's', 'Test Telegram has been send
Result: ' . $result);
}
- $UPLOAD_URL_PATH = str_replace($root_path, '', $UPLOAD_PATH);
+ $UPLOAD_URL_PATH = str_replace($root_path, '', $UPLOAD_PATH);
if (file_exists($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png')) {
$logo = $UPLOAD_URL_PATH . DIRECTORY_SEPARATOR . 'logo.png?' . time();
} else {
@@ -169,6 +181,11 @@ switch ($action) {
break;
case 'app-post':
+
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/app'), 'e', 'You cannot perform this action in Demo mode');
+ }
+
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
@@ -186,9 +203,11 @@ switch ($action) {
run_hook('save_settings'); #HOOK
if (!empty($_FILES['logo']['name'])) {
if (function_exists('imagecreatetruecolor')) {
- if (file_exists($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png')) unlink($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png');
+ if (file_exists($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png'))
+ unlink($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png');
File::resizeCropImage($_FILES['logo']['tmp_name'], $UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png', 1078, 200, 100);
- if (file_exists($_FILES['logo']['tmp_name'])) unlink($_FILES['logo']['tmp_name']);
+ if (file_exists($_FILES['logo']['tmp_name']))
+ unlink($_FILES['logo']['tmp_name']);
} else {
r2(getUrl('settings/app'), 'e', 'PHP GD is not installed');
}
@@ -248,6 +267,10 @@ switch ($action) {
break;
case 'login-page-post':
+
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/app'), 'e', 'You cannot perform this action in Demo mode');
+ }
// Login page post
$login_page_title = _post('login_page_head');
$login_page_description = _post('login_page_description');
@@ -290,7 +313,8 @@ switch ($action) {
$favicon_path = $UPLOAD_PATH . DIRECTORY_SEPARATOR . uniqid('favicon_') . '.' . $extension;
File::resizeCropImage($_FILES['login_page_favicon']['tmp_name'], $favicon_path, 16, 16, 100);
$settings['login_page_favicon'] = basename($favicon_path); // Save dynamic file name
- if (file_exists($_FILES['login_page_favicon']['tmp_name'])) unlink($_FILES['login_page_favicon']['tmp_name']);
+ if (file_exists($_FILES['login_page_favicon']['tmp_name']))
+ unlink($_FILES['login_page_favicon']['tmp_name']);
} else {
r2(getUrl('settings/app'), 'e', 'Favicon must be a JPG, JPEG, or PNG image.');
}
@@ -303,7 +327,8 @@ switch ($action) {
$wallpaper_path = $UPLOAD_PATH . DIRECTORY_SEPARATOR . uniqid('wallpaper_') . '.' . $extension;
File::resizeCropImage($_FILES['login_page_wallpaper']['tmp_name'], $wallpaper_path, 1920, 1080, 100);
$settings['login_page_wallpaper'] = basename($wallpaper_path); // Save dynamic file name
- if (file_exists($_FILES['login_page_wallpaper']['tmp_name'])) unlink($_FILES['login_page_wallpaper']['tmp_name']);
+ if (file_exists($_FILES['login_page_wallpaper']['tmp_name']))
+ unlink($_FILES['login_page_wallpaper']['tmp_name']);
} else {
r2(getUrl('settings/app'), 'e', 'Wallpaper must be a JPG, JPEG, or PNG image.');
}
@@ -316,7 +341,8 @@ switch ($action) {
$logo_path = $UPLOAD_PATH . DIRECTORY_SEPARATOR . uniqid('logo_') . '.' . $extension;
File::resizeCropImage($_FILES['login_page_logo']['tmp_name'], $logo_path, 300, 60, 100);
$settings['login_page_logo'] = basename($logo_path); // Save dynamic file name
- if (file_exists($_FILES['login_page_logo']['tmp_name'])) unlink($_FILES['login_page_logo']['tmp_name']);
+ if (file_exists($_FILES['login_page_logo']['tmp_name']))
+ unlink($_FILES['login_page_logo']['tmp_name']);
} else {
r2(getUrl('settings/app'), 'e', 'Logo must be a JPG, JPEG, or PNG image.');
}
@@ -372,9 +398,12 @@ switch ($action) {
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/localisation'), 'e', 'You cannot perform this action in Demo mode');
+ }
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
- r2(getUrl('settings/app'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
+ r2(getUrl('settings/localisation'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
}
$tzone = _post('tzone');
$date_format = _post('date_format');
@@ -382,7 +411,7 @@ switch ($action) {
$lan = _post('lan');
run_hook('save_localisation'); #HOOK
if ($tzone == '' or $date_format == '' or $lan == '') {
- r2(getUrl('settings/app'), 'e', Lang::T('All field is required'));
+ r2(getUrl('settings/localisation'), 'e', Lang::T('All field is required'));
} else {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'timezone')->find_one();
$d->value = $tzone;
@@ -485,11 +514,11 @@ switch ($action) {
} else if ($admin['user_type'] == 'Admin') {
$query = ORM::for_table('tbl_users')
->where_like('username', '%' . $search . '%')->where_any_is([
- ['user_type' => 'Report'],
- ['user_type' => 'Agent'],
- ['user_type' => 'Sales'],
- ['id' => $admin['id']]
- ])->order_by_asc('id');
+ ['user_type' => 'Report'],
+ ['user_type' => 'Agent'],
+ ['user_type' => 'Sales'],
+ ['id' => $admin['id']]
+ ])->order_by_asc('id');
$d = Paginator::findMany($query, ['search' => $search]);
} else {
$query = ORM::for_table('tbl_users')
@@ -555,7 +584,7 @@ switch ($action) {
break;
case 'users-view':
$ui->assign('_title', Lang::T('Edit User'));
- $id = $routes['2'];
+ $id = $routes['2'];
if (empty($id)) {
$id = $admin['id'];
}
@@ -590,7 +619,7 @@ switch ($action) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
$ui->assign('_title', Lang::T('Edit User'));
- $id = $routes['2'];
+ $id = $routes['2'];
if (empty($id)) {
$id = $admin['id'];
}
@@ -646,8 +675,10 @@ switch ($action) {
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
-
- $id = $routes['2'];
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/users'), 'e', 'You cannot perform this action in Demo mode');
+ }
+ $id = $routes['2'];
if (($admin['id']) == $id) {
r2(getUrl('settings/users'), 'e', 'Sorry You can\'t delete yourself');
}
@@ -665,6 +696,9 @@ switch ($action) {
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/users-add'), 'e', 'You cannot perform this action in Demo mode');
+ }
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(getUrl('settings/users-add'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
@@ -733,6 +767,9 @@ switch ($action) {
break;
case 'users-edit-post':
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/users-edit/'), 'e', 'You cannot perform this action in Demo mode');
+ }
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(getUrl('settings/users-edit/'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
@@ -826,7 +863,7 @@ switch ($action) {
}
}
if (file_exists($imgPath)) {
- if ($d['photo'] != '' && strpos($d['photo'], 'default') === false) {
+ if ($d['photo'] != '' && strpos($d['photo'], 'default') === false) {
if (file_exists($UPLOAD_PATH . $d['photo'])) {
unlink($UPLOAD_PATH . $d['photo']);
if (file_exists($UPLOAD_PATH . $d['photo'] . '.thumb.jpg')) {
@@ -836,7 +873,8 @@ switch ($action) {
}
$d->photo = '/photos/' . $subfolder . '/' . $hash . '.jpg';
}
- if (file_exists($_FILES['photo']['tmp_name'])) unlink($_FILES['photo']['tmp_name']);
+ if (file_exists($_FILES['photo']['tmp_name']))
+ unlink($_FILES['photo']['tmp_name']);
} else {
r2(getUrl('settings/app'), 'e', 'PHP GD is not installed');
}
@@ -886,6 +924,9 @@ switch ($action) {
break;
case 'change-password-post':
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/change-password'), 'e', 'You cannot perform this action in Demo mode');
+ }
$password = _post('password');
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
@@ -942,6 +983,9 @@ switch ($action) {
$ui->display('admin/settings/notifications.tpl');
break;
case 'notifications-post':
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/notifications'), 'e', 'You cannot perform this action in Demo mode');
+ }
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
@@ -971,6 +1015,9 @@ switch ($action) {
break;
case 'dbbackup':
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/dbstatus'), 'e', 'You cannot perform this action in Demo mode');
+ }
if (!in_array($admin['user_type'], ['SuperAdmin'])) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
@@ -991,6 +1038,9 @@ switch ($action) {
echo json_encode($array);
break;
case 'dbrestore':
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/dbstatus'), 'e', 'You cannot perform this action in Demo mode');
+ }
if (!in_array($admin['user_type'], ['SuperAdmin'])) {
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
}
@@ -1038,7 +1088,8 @@ switch ($action) {
} catch (Throwable $e) {
} catch (Exception $e) {
}
- if (file_exists($_FILES['json']['tmp_name'])) unlink($_FILES['json']['tmp_name']);
+ if (file_exists($_FILES['json']['tmp_name']))
+ unlink($_FILES['json']['tmp_name']);
r2(getUrl('settings/dbstatus'), 's', "Restored $suc success $fal failed");
} else {
r2(getUrl('settings/dbstatus'), 'e', 'Upload failed');
@@ -1060,6 +1111,9 @@ switch ($action) {
break;
case 'lang-post':
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/dbstatus'), 'e', 'You cannot perform this action in Demo mode');
+ }
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(getUrl('settings/language'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
@@ -1075,6 +1129,9 @@ switch ($action) {
}
if (_post('save') == 'save') {
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/maintenance'), 'e', 'You cannot perform this action in Demo mode');
+ }
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(getUrl('settings/maintenance'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
@@ -1117,6 +1174,9 @@ switch ($action) {
exit;
}
if (_post('save') == 'save') {
+ if ($_app_stage == 'Demo') {
+ r2(getUrl('settings/miscellaneous'), 'e', 'You cannot perform this action in Demo mode');
+ }
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(getUrl('settings/miscellaneous'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");