refactor: enhance code formatting and add demo mode check for actions
This commit is contained in:
Focuslinkstech
parent
da14a7bfef
commit
43b1025d3c
@ -107,15 +107,15 @@ switch ($action) {
|
|||||||
$cust = User::_info($id_customer);
|
$cust = User::_info($id_customer);
|
||||||
$plan = ORM::for_table('tbl_plans')->find_one($planId);
|
$plan = ORM::for_table('tbl_plans')->find_one($planId);
|
||||||
list($bills, $add_cost) = User::getBills($id_customer);
|
list($bills, $add_cost) = User::getBills($id_customer);
|
||||||
$add_inv = User::getAttribute("Invoice", $id_customer);
|
$add_inv = User::getAttribute("Invoice", $id_customer);
|
||||||
if (!empty($add_inv)) {
|
if (!empty($add_inv)) {
|
||||||
$plan['price'] = $add_inv;
|
$plan['price'] = $add_inv;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Tax calculation start
|
// Tax calculation start
|
||||||
$tax_enable = isset($config['enable_tax']) ? $config['enable_tax'] : 'no';
|
$tax_enable = isset($config['enable_tax']) ? $config['enable_tax'] : 'no';
|
||||||
$tax_rate_setting = isset($config['tax_rate']) ? $config['tax_rate'] : null;
|
$tax_rate_setting = isset($config['tax_rate']) ? $config['tax_rate'] : null;
|
||||||
$custom_tax_rate = isset($config['custom_tax_rate']) ? (float)$config['custom_tax_rate'] : null;
|
$custom_tax_rate = isset($config['custom_tax_rate']) ? (float) $config['custom_tax_rate'] : null;
|
||||||
|
|
||||||
if ($tax_rate_setting === 'custom') {
|
if ($tax_rate_setting === 'custom') {
|
||||||
$tax_rate = $custom_tax_rate;
|
$tax_rate = $custom_tax_rate;
|
||||||
@ -164,7 +164,7 @@ switch ($action) {
|
|||||||
$ui->assign('server', $server);
|
$ui->assign('server', $server);
|
||||||
$ui->assign('using', $using);
|
$ui->assign('using', $using);
|
||||||
$ui->assign('plan', $plan);
|
$ui->assign('plan', $plan);
|
||||||
$ui->assign('add_inv', $add_inv);
|
$ui->assign('add_inv', $add_inv);
|
||||||
$ui->display('admin/plan/recharge-confirm.tpl');
|
$ui->display('admin/plan/recharge-confirm.tpl');
|
||||||
} else {
|
} else {
|
||||||
r2(getUrl('plan/recharge'), 'e', $msg);
|
r2(getUrl('plan/recharge'), 'e', $msg);
|
||||||
@ -205,7 +205,7 @@ switch ($action) {
|
|||||||
// Tax calculation start
|
// Tax calculation start
|
||||||
$tax_enable = isset($config['enable_tax']) ? $config['enable_tax'] : 'no';
|
$tax_enable = isset($config['enable_tax']) ? $config['enable_tax'] : 'no';
|
||||||
$tax_rate_setting = isset($config['tax_rate']) ? $config['tax_rate'] : null;
|
$tax_rate_setting = isset($config['tax_rate']) ? $config['tax_rate'] : null;
|
||||||
$custom_tax_rate = isset($config['custom_tax_rate']) ? (float)$config['custom_tax_rate'] : null;
|
$custom_tax_rate = isset($config['custom_tax_rate']) ? (float) $config['custom_tax_rate'] : null;
|
||||||
|
|
||||||
if ($tax_rate_setting === 'custom') {
|
if ($tax_rate_setting === 'custom') {
|
||||||
$tax_rate = $custom_tax_rate;
|
$tax_rate = $custom_tax_rate;
|
||||||
@ -299,7 +299,7 @@ switch ($action) {
|
|||||||
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
|
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
|
||||||
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
||||||
}
|
}
|
||||||
$id = $routes['2'];
|
$id = $routes['2'];
|
||||||
$d = ORM::for_table('tbl_user_recharges')->find_one($id);
|
$d = ORM::for_table('tbl_user_recharges')->find_one($id);
|
||||||
if ($d) {
|
if ($d) {
|
||||||
$ui->assign('d', $d);
|
$ui->assign('d', $d);
|
||||||
@ -329,7 +329,7 @@ switch ($action) {
|
|||||||
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
|
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
|
||||||
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
||||||
}
|
}
|
||||||
$id = $routes['2'];
|
$id = $routes['2'];
|
||||||
$d = ORM::for_table('tbl_user_recharges')->find_one($id);
|
$d = ORM::for_table('tbl_user_recharges')->find_one($id);
|
||||||
if ($d) {
|
if ($d) {
|
||||||
run_hook('delete_customer_active_plan'); #HOOK
|
run_hook('delete_customer_active_plan'); #HOOK
|
||||||
@ -453,7 +453,7 @@ switch ($action) {
|
|||||||
$append_url = "&search=" . urlencode($search) . "&router=" . urlencode($router) . "&customer=" . urlencode($customer) . "&plan=" . urlencode($plan) . "&status=" . urlencode($status);
|
$append_url = "&search=" . urlencode($search) . "&router=" . urlencode($router) . "&customer=" . urlencode($customer) . "&plan=" . urlencode($plan) . "&status=" . urlencode($status);
|
||||||
|
|
||||||
// option customers
|
// option customers
|
||||||
$ui->assign('customers', ORM::for_table('tbl_voucher')->distinct()->select("user")->whereNotEqual("user", '0')->findArray());
|
$ui->assign('customers', ORM::for_table('tbl_voucher')->distinct()->select("user")->whereNotEqual("user", '0')->findArray());
|
||||||
// option plans
|
// option plans
|
||||||
$plns = ORM::for_table('tbl_voucher')->distinct()->select("id_plan")->findArray();
|
$plns = ORM::for_table('tbl_voucher')->distinct()->select("id_plan")->findArray();
|
||||||
if (count($plns) > 0) {
|
if (count($plns) > 0) {
|
||||||
@ -563,9 +563,11 @@ switch ($action) {
|
|||||||
if (empty($vpl)) {
|
if (empty($vpl)) {
|
||||||
$vpl = 3;
|
$vpl = 3;
|
||||||
}
|
}
|
||||||
if ($pagebreak < 1) $pagebreak = 12;
|
if ($pagebreak < 1)
|
||||||
|
$pagebreak = 12;
|
||||||
|
|
||||||
if ($limit < 1) $limit = $pagebreak * 2;
|
if ($limit < 1)
|
||||||
|
$limit = $pagebreak * 2;
|
||||||
if (empty($from_id)) {
|
if (empty($from_id)) {
|
||||||
$from_id = 0;
|
$from_id = 0;
|
||||||
}
|
}
|
||||||
@ -626,7 +628,7 @@ switch ($action) {
|
|||||||
$v = ORM::for_table('tbl_plans')
|
$v = ORM::for_table('tbl_plans')
|
||||||
->left_outer_join('tbl_voucher', array('tbl_plans.id', '=', 'tbl_voucher.id_plan'))
|
->left_outer_join('tbl_voucher', array('tbl_plans.id', '=', 'tbl_voucher.id_plan'))
|
||||||
->where('tbl_voucher.status', '0')
|
->where('tbl_voucher.status', '0')
|
||||||
->where('tbl_voucher.created_at', $selected_datetime)
|
->where('tbl_voucher.created_at', $selected_datetime)
|
||||||
->limit($limit);
|
->limit($limit);
|
||||||
$vc = ORM::for_table('tbl_plans')
|
$vc = ORM::for_table('tbl_plans')
|
||||||
->left_outer_join('tbl_voucher', array('tbl_plans.id', '=', 'tbl_voucher.id_plan'))
|
->left_outer_join('tbl_voucher', array('tbl_plans.id', '=', 'tbl_voucher.id_plan'))
|
||||||
@ -697,6 +699,9 @@ switch ($action) {
|
|||||||
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent', 'Sales'])) {
|
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent', 'Sales'])) {
|
||||||
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
||||||
}
|
}
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('plan/add-voucher/'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
|
|
||||||
$type = _post('type');
|
$type = _post('type');
|
||||||
$plan = _post('plan');
|
$plan = _post('plan');
|
||||||
@ -907,7 +912,7 @@ switch ($action) {
|
|||||||
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
|
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
|
||||||
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
||||||
}
|
}
|
||||||
$id = $routes['2'];
|
$id = $routes['2'];
|
||||||
run_hook('delete_voucher'); #HOOK
|
run_hook('delete_voucher'); #HOOK
|
||||||
$d = ORM::for_table('tbl_voucher')->find_one($id);
|
$d = ORM::for_table('tbl_voucher')->find_one($id);
|
||||||
if ($d) {
|
if ($d) {
|
||||||
|
|||||||
@ -58,23 +58,35 @@ switch ($action) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!empty(_get('testWa'))) {
|
if (!empty(_get('testWa'))) {
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/app'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
$result = Message::sendWhatsapp(_get('testWa'), 'PHPNuxBill Test Whatsapp');
|
$result = Message::sendWhatsapp(_get('testWa'), 'PHPNuxBill Test Whatsapp');
|
||||||
r2(getUrl('settings/app'), 's', 'Test Whatsapp has been send<br>Result: ' . $result);
|
r2(getUrl('settings/app'), 's', 'Test Whatsapp has been send<br>Result: ' . $result);
|
||||||
}
|
}
|
||||||
if (!empty(_get('testSms'))) {
|
if (!empty(_get('testSms'))) {
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/app'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
$result = Message::sendSMS(_get('testSms'), 'PHPNuxBill Test SMS');
|
$result = Message::sendSMS(_get('testSms'), 'PHPNuxBill Test SMS');
|
||||||
r2(getUrl('settings/app'), 's', 'Test SMS has been send<br>Result: ' . $result);
|
r2(getUrl('settings/app'), 's', 'Test SMS has been send<br>Result: ' . $result);
|
||||||
}
|
}
|
||||||
if (!empty(_get('testEmail'))) {
|
if (!empty(_get('testEmail'))) {
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/app'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
Message::sendEmail(_get('testEmail'), 'PHPNuxBill Test Email', 'PHPNuxBill Test Email Body');
|
Message::sendEmail(_get('testEmail'), 'PHPNuxBill Test Email', 'PHPNuxBill Test Email Body');
|
||||||
r2(getUrl('settings/app'), 's', 'Test Email has been send');
|
r2(getUrl('settings/app'), 's', 'Test Email has been send');
|
||||||
}
|
}
|
||||||
if (!empty(_get('testTg'))) {
|
if (!empty(_get('testTg'))) {
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/app'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
$result = Message::sendTelegram('PHPNuxBill Test Telegram');
|
$result = Message::sendTelegram('PHPNuxBill Test Telegram');
|
||||||
r2(getUrl('settings/app'), 's', 'Test Telegram has been send<br>Result: ' . $result);
|
r2(getUrl('settings/app'), 's', 'Test Telegram has been send<br>Result: ' . $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
$UPLOAD_URL_PATH = str_replace($root_path, '', $UPLOAD_PATH);
|
$UPLOAD_URL_PATH = str_replace($root_path, '', $UPLOAD_PATH);
|
||||||
if (file_exists($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png')) {
|
if (file_exists($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png')) {
|
||||||
$logo = $UPLOAD_URL_PATH . DIRECTORY_SEPARATOR . 'logo.png?' . time();
|
$logo = $UPLOAD_URL_PATH . DIRECTORY_SEPARATOR . 'logo.png?' . time();
|
||||||
} else {
|
} else {
|
||||||
@ -169,6 +181,11 @@ switch ($action) {
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case 'app-post':
|
case 'app-post':
|
||||||
|
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/app'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
|
|
||||||
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
|
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
|
||||||
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
||||||
}
|
}
|
||||||
@ -186,9 +203,11 @@ switch ($action) {
|
|||||||
run_hook('save_settings'); #HOOK
|
run_hook('save_settings'); #HOOK
|
||||||
if (!empty($_FILES['logo']['name'])) {
|
if (!empty($_FILES['logo']['name'])) {
|
||||||
if (function_exists('imagecreatetruecolor')) {
|
if (function_exists('imagecreatetruecolor')) {
|
||||||
if (file_exists($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png')) unlink($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png');
|
if (file_exists($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png'))
|
||||||
|
unlink($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png');
|
||||||
File::resizeCropImage($_FILES['logo']['tmp_name'], $UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png', 1078, 200, 100);
|
File::resizeCropImage($_FILES['logo']['tmp_name'], $UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png', 1078, 200, 100);
|
||||||
if (file_exists($_FILES['logo']['tmp_name'])) unlink($_FILES['logo']['tmp_name']);
|
if (file_exists($_FILES['logo']['tmp_name']))
|
||||||
|
unlink($_FILES['logo']['tmp_name']);
|
||||||
} else {
|
} else {
|
||||||
r2(getUrl('settings/app'), 'e', 'PHP GD is not installed');
|
r2(getUrl('settings/app'), 'e', 'PHP GD is not installed');
|
||||||
}
|
}
|
||||||
@ -248,6 +267,10 @@ switch ($action) {
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case 'login-page-post':
|
case 'login-page-post':
|
||||||
|
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/app'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
// Login page post
|
// Login page post
|
||||||
$login_page_title = _post('login_page_head');
|
$login_page_title = _post('login_page_head');
|
||||||
$login_page_description = _post('login_page_description');
|
$login_page_description = _post('login_page_description');
|
||||||
@ -290,7 +313,8 @@ switch ($action) {
|
|||||||
$favicon_path = $UPLOAD_PATH . DIRECTORY_SEPARATOR . uniqid('favicon_') . '.' . $extension;
|
$favicon_path = $UPLOAD_PATH . DIRECTORY_SEPARATOR . uniqid('favicon_') . '.' . $extension;
|
||||||
File::resizeCropImage($_FILES['login_page_favicon']['tmp_name'], $favicon_path, 16, 16, 100);
|
File::resizeCropImage($_FILES['login_page_favicon']['tmp_name'], $favicon_path, 16, 16, 100);
|
||||||
$settings['login_page_favicon'] = basename($favicon_path); // Save dynamic file name
|
$settings['login_page_favicon'] = basename($favicon_path); // Save dynamic file name
|
||||||
if (file_exists($_FILES['login_page_favicon']['tmp_name'])) unlink($_FILES['login_page_favicon']['tmp_name']);
|
if (file_exists($_FILES['login_page_favicon']['tmp_name']))
|
||||||
|
unlink($_FILES['login_page_favicon']['tmp_name']);
|
||||||
} else {
|
} else {
|
||||||
r2(getUrl('settings/app'), 'e', 'Favicon must be a JPG, JPEG, or PNG image.');
|
r2(getUrl('settings/app'), 'e', 'Favicon must be a JPG, JPEG, or PNG image.');
|
||||||
}
|
}
|
||||||
@ -303,7 +327,8 @@ switch ($action) {
|
|||||||
$wallpaper_path = $UPLOAD_PATH . DIRECTORY_SEPARATOR . uniqid('wallpaper_') . '.' . $extension;
|
$wallpaper_path = $UPLOAD_PATH . DIRECTORY_SEPARATOR . uniqid('wallpaper_') . '.' . $extension;
|
||||||
File::resizeCropImage($_FILES['login_page_wallpaper']['tmp_name'], $wallpaper_path, 1920, 1080, 100);
|
File::resizeCropImage($_FILES['login_page_wallpaper']['tmp_name'], $wallpaper_path, 1920, 1080, 100);
|
||||||
$settings['login_page_wallpaper'] = basename($wallpaper_path); // Save dynamic file name
|
$settings['login_page_wallpaper'] = basename($wallpaper_path); // Save dynamic file name
|
||||||
if (file_exists($_FILES['login_page_wallpaper']['tmp_name'])) unlink($_FILES['login_page_wallpaper']['tmp_name']);
|
if (file_exists($_FILES['login_page_wallpaper']['tmp_name']))
|
||||||
|
unlink($_FILES['login_page_wallpaper']['tmp_name']);
|
||||||
} else {
|
} else {
|
||||||
r2(getUrl('settings/app'), 'e', 'Wallpaper must be a JPG, JPEG, or PNG image.');
|
r2(getUrl('settings/app'), 'e', 'Wallpaper must be a JPG, JPEG, or PNG image.');
|
||||||
}
|
}
|
||||||
@ -316,7 +341,8 @@ switch ($action) {
|
|||||||
$logo_path = $UPLOAD_PATH . DIRECTORY_SEPARATOR . uniqid('logo_') . '.' . $extension;
|
$logo_path = $UPLOAD_PATH . DIRECTORY_SEPARATOR . uniqid('logo_') . '.' . $extension;
|
||||||
File::resizeCropImage($_FILES['login_page_logo']['tmp_name'], $logo_path, 300, 60, 100);
|
File::resizeCropImage($_FILES['login_page_logo']['tmp_name'], $logo_path, 300, 60, 100);
|
||||||
$settings['login_page_logo'] = basename($logo_path); // Save dynamic file name
|
$settings['login_page_logo'] = basename($logo_path); // Save dynamic file name
|
||||||
if (file_exists($_FILES['login_page_logo']['tmp_name'])) unlink($_FILES['login_page_logo']['tmp_name']);
|
if (file_exists($_FILES['login_page_logo']['tmp_name']))
|
||||||
|
unlink($_FILES['login_page_logo']['tmp_name']);
|
||||||
} else {
|
} else {
|
||||||
r2(getUrl('settings/app'), 'e', 'Logo must be a JPG, JPEG, or PNG image.');
|
r2(getUrl('settings/app'), 'e', 'Logo must be a JPG, JPEG, or PNG image.');
|
||||||
}
|
}
|
||||||
@ -372,9 +398,12 @@ switch ($action) {
|
|||||||
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
|
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
|
||||||
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
||||||
}
|
}
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/localisation'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
$csrf_token = _post('csrf_token');
|
$csrf_token = _post('csrf_token');
|
||||||
if (!Csrf::check($csrf_token)) {
|
if (!Csrf::check($csrf_token)) {
|
||||||
r2(getUrl('settings/app'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
|
r2(getUrl('settings/localisation'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
|
||||||
}
|
}
|
||||||
$tzone = _post('tzone');
|
$tzone = _post('tzone');
|
||||||
$date_format = _post('date_format');
|
$date_format = _post('date_format');
|
||||||
@ -382,7 +411,7 @@ switch ($action) {
|
|||||||
$lan = _post('lan');
|
$lan = _post('lan');
|
||||||
run_hook('save_localisation'); #HOOK
|
run_hook('save_localisation'); #HOOK
|
||||||
if ($tzone == '' or $date_format == '' or $lan == '') {
|
if ($tzone == '' or $date_format == '' or $lan == '') {
|
||||||
r2(getUrl('settings/app'), 'e', Lang::T('All field is required'));
|
r2(getUrl('settings/localisation'), 'e', Lang::T('All field is required'));
|
||||||
} else {
|
} else {
|
||||||
$d = ORM::for_table('tbl_appconfig')->where('setting', 'timezone')->find_one();
|
$d = ORM::for_table('tbl_appconfig')->where('setting', 'timezone')->find_one();
|
||||||
$d->value = $tzone;
|
$d->value = $tzone;
|
||||||
@ -485,11 +514,11 @@ switch ($action) {
|
|||||||
} else if ($admin['user_type'] == 'Admin') {
|
} else if ($admin['user_type'] == 'Admin') {
|
||||||
$query = ORM::for_table('tbl_users')
|
$query = ORM::for_table('tbl_users')
|
||||||
->where_like('username', '%' . $search . '%')->where_any_is([
|
->where_like('username', '%' . $search . '%')->where_any_is([
|
||||||
['user_type' => 'Report'],
|
['user_type' => 'Report'],
|
||||||
['user_type' => 'Agent'],
|
['user_type' => 'Agent'],
|
||||||
['user_type' => 'Sales'],
|
['user_type' => 'Sales'],
|
||||||
['id' => $admin['id']]
|
['id' => $admin['id']]
|
||||||
])->order_by_asc('id');
|
])->order_by_asc('id');
|
||||||
$d = Paginator::findMany($query, ['search' => $search]);
|
$d = Paginator::findMany($query, ['search' => $search]);
|
||||||
} else {
|
} else {
|
||||||
$query = ORM::for_table('tbl_users')
|
$query = ORM::for_table('tbl_users')
|
||||||
@ -555,7 +584,7 @@ switch ($action) {
|
|||||||
break;
|
break;
|
||||||
case 'users-view':
|
case 'users-view':
|
||||||
$ui->assign('_title', Lang::T('Edit User'));
|
$ui->assign('_title', Lang::T('Edit User'));
|
||||||
$id = $routes['2'];
|
$id = $routes['2'];
|
||||||
if (empty($id)) {
|
if (empty($id)) {
|
||||||
$id = $admin['id'];
|
$id = $admin['id'];
|
||||||
}
|
}
|
||||||
@ -590,7 +619,7 @@ switch ($action) {
|
|||||||
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
||||||
}
|
}
|
||||||
$ui->assign('_title', Lang::T('Edit User'));
|
$ui->assign('_title', Lang::T('Edit User'));
|
||||||
$id = $routes['2'];
|
$id = $routes['2'];
|
||||||
if (empty($id)) {
|
if (empty($id)) {
|
||||||
$id = $admin['id'];
|
$id = $admin['id'];
|
||||||
}
|
}
|
||||||
@ -646,8 +675,10 @@ switch ($action) {
|
|||||||
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
|
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
|
||||||
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
||||||
}
|
}
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
$id = $routes['2'];
|
r2(getUrl('settings/users'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
|
$id = $routes['2'];
|
||||||
if (($admin['id']) == $id) {
|
if (($admin['id']) == $id) {
|
||||||
r2(getUrl('settings/users'), 'e', 'Sorry You can\'t delete yourself');
|
r2(getUrl('settings/users'), 'e', 'Sorry You can\'t delete yourself');
|
||||||
}
|
}
|
||||||
@ -665,6 +696,9 @@ switch ($action) {
|
|||||||
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
|
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
|
||||||
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
||||||
}
|
}
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/users-add'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
$csrf_token = _post('csrf_token');
|
$csrf_token = _post('csrf_token');
|
||||||
if (!Csrf::check($csrf_token)) {
|
if (!Csrf::check($csrf_token)) {
|
||||||
r2(getUrl('settings/users-add'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
|
r2(getUrl('settings/users-add'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
|
||||||
@ -733,6 +767,9 @@ switch ($action) {
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case 'users-edit-post':
|
case 'users-edit-post':
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/users-edit/'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
$csrf_token = _post('csrf_token');
|
$csrf_token = _post('csrf_token');
|
||||||
if (!Csrf::check($csrf_token)) {
|
if (!Csrf::check($csrf_token)) {
|
||||||
r2(getUrl('settings/users-edit/'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
|
r2(getUrl('settings/users-edit/'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
|
||||||
@ -826,7 +863,7 @@ switch ($action) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (file_exists($imgPath)) {
|
if (file_exists($imgPath)) {
|
||||||
if ($d['photo'] != '' && strpos($d['photo'], 'default') === false) {
|
if ($d['photo'] != '' && strpos($d['photo'], 'default') === false) {
|
||||||
if (file_exists($UPLOAD_PATH . $d['photo'])) {
|
if (file_exists($UPLOAD_PATH . $d['photo'])) {
|
||||||
unlink($UPLOAD_PATH . $d['photo']);
|
unlink($UPLOAD_PATH . $d['photo']);
|
||||||
if (file_exists($UPLOAD_PATH . $d['photo'] . '.thumb.jpg')) {
|
if (file_exists($UPLOAD_PATH . $d['photo'] . '.thumb.jpg')) {
|
||||||
@ -836,7 +873,8 @@ switch ($action) {
|
|||||||
}
|
}
|
||||||
$d->photo = '/photos/' . $subfolder . '/' . $hash . '.jpg';
|
$d->photo = '/photos/' . $subfolder . '/' . $hash . '.jpg';
|
||||||
}
|
}
|
||||||
if (file_exists($_FILES['photo']['tmp_name'])) unlink($_FILES['photo']['tmp_name']);
|
if (file_exists($_FILES['photo']['tmp_name']))
|
||||||
|
unlink($_FILES['photo']['tmp_name']);
|
||||||
} else {
|
} else {
|
||||||
r2(getUrl('settings/app'), 'e', 'PHP GD is not installed');
|
r2(getUrl('settings/app'), 'e', 'PHP GD is not installed');
|
||||||
}
|
}
|
||||||
@ -886,6 +924,9 @@ switch ($action) {
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case 'change-password-post':
|
case 'change-password-post':
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/change-password'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
$password = _post('password');
|
$password = _post('password');
|
||||||
$csrf_token = _post('csrf_token');
|
$csrf_token = _post('csrf_token');
|
||||||
if (!Csrf::check($csrf_token)) {
|
if (!Csrf::check($csrf_token)) {
|
||||||
@ -942,6 +983,9 @@ switch ($action) {
|
|||||||
$ui->display('admin/settings/notifications.tpl');
|
$ui->display('admin/settings/notifications.tpl');
|
||||||
break;
|
break;
|
||||||
case 'notifications-post':
|
case 'notifications-post':
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/notifications'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
|
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
|
||||||
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
||||||
}
|
}
|
||||||
@ -971,6 +1015,9 @@ switch ($action) {
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case 'dbbackup':
|
case 'dbbackup':
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/dbstatus'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
if (!in_array($admin['user_type'], ['SuperAdmin'])) {
|
if (!in_array($admin['user_type'], ['SuperAdmin'])) {
|
||||||
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
||||||
}
|
}
|
||||||
@ -991,6 +1038,9 @@ switch ($action) {
|
|||||||
echo json_encode($array);
|
echo json_encode($array);
|
||||||
break;
|
break;
|
||||||
case 'dbrestore':
|
case 'dbrestore':
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/dbstatus'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
if (!in_array($admin['user_type'], ['SuperAdmin'])) {
|
if (!in_array($admin['user_type'], ['SuperAdmin'])) {
|
||||||
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
_alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
|
||||||
}
|
}
|
||||||
@ -1038,7 +1088,8 @@ switch ($action) {
|
|||||||
} catch (Throwable $e) {
|
} catch (Throwable $e) {
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
}
|
}
|
||||||
if (file_exists($_FILES['json']['tmp_name'])) unlink($_FILES['json']['tmp_name']);
|
if (file_exists($_FILES['json']['tmp_name']))
|
||||||
|
unlink($_FILES['json']['tmp_name']);
|
||||||
r2(getUrl('settings/dbstatus'), 's', "Restored $suc success $fal failed");
|
r2(getUrl('settings/dbstatus'), 's', "Restored $suc success $fal failed");
|
||||||
} else {
|
} else {
|
||||||
r2(getUrl('settings/dbstatus'), 'e', 'Upload failed');
|
r2(getUrl('settings/dbstatus'), 'e', 'Upload failed');
|
||||||
@ -1060,6 +1111,9 @@ switch ($action) {
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case 'lang-post':
|
case 'lang-post':
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/dbstatus'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
$csrf_token = _post('csrf_token');
|
$csrf_token = _post('csrf_token');
|
||||||
if (!Csrf::check($csrf_token)) {
|
if (!Csrf::check($csrf_token)) {
|
||||||
r2(getUrl('settings/language'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
|
r2(getUrl('settings/language'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
|
||||||
@ -1075,6 +1129,9 @@ switch ($action) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (_post('save') == 'save') {
|
if (_post('save') == 'save') {
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/maintenance'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
$csrf_token = _post('csrf_token');
|
$csrf_token = _post('csrf_token');
|
||||||
if (!Csrf::check($csrf_token)) {
|
if (!Csrf::check($csrf_token)) {
|
||||||
r2(getUrl('settings/maintenance'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
|
r2(getUrl('settings/maintenance'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
|
||||||
@ -1117,6 +1174,9 @@ switch ($action) {
|
|||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
if (_post('save') == 'save') {
|
if (_post('save') == 'save') {
|
||||||
|
if ($_app_stage == 'Demo') {
|
||||||
|
r2(getUrl('settings/miscellaneous'), 'e', 'You cannot perform this action in Demo mode');
|
||||||
|
}
|
||||||
$csrf_token = _post('csrf_token');
|
$csrf_token = _post('csrf_token');
|
||||||
if (!Csrf::check($csrf_token)) {
|
if (!Csrf::check($csrf_token)) {
|
||||||
r2(getUrl('settings/miscellaneous'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
|
r2(getUrl('settings/miscellaneous'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user