kevinowino869/mitrobill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Path Configuration

Browse Source
This commit is contained in:
Ibnu Maksum 2024-02-26 14:38:04 +07:00
parent 617e628b04
commit d2fa9be8d1
No known key found for this signature in database
GPG Key ID: 7FC82848810579E5
18 changed files with 270 additions and 242 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1,6 +1,7 @@
config.php config.php
.DS_Store .DS_Store
.vscode/ .vscode/
ui/ui/compiled
ui/compiled/*.php ui/compiled/*.php
ui/cache/*.php ui/cache/*.php
test.php test.php

20
init.php
View File

@ -45,18 +45,20 @@ if (!file_exists($root_path . 'config.php')) {
} }
} }
if (!file_exists($root_path . File::pathFixer('system/orm.php'))) { if (!file_exists($root_path . File::pathFixer('system/orm.php'))) {
die($root_path . "orm.php file not found"); die($root_path . "orm.php file not found");
} }
if (!file_exists($root_path . File::pathFixer('system/uploads/notifications.default.json'))) {
die($root_path . File::pathFixer("system/uploads/notifications.default.json file not found"));
}
$UPLOAD_PATH = $root_path . File::pathFixer('system/uploads'); $UPLOAD_PATH = $root_path . File::pathFixer('system/uploads');
$CACHE_PATH = $root_path . File::pathFixer('system/cache'); $CACHE_PATH = $root_path . File::pathFixer('system/cache');
$PAGES_PATH = $root_path . File::pathFixer('pages'); $PAGES_PATH = $root_path . File::pathFixer('pages');
$PLUGIN_PATH = $root_path . File::pathFixer('system/plugin');
$PAYMENTGATEWAY_PATH = $root_path . File::pathFixer('system/paymentgateway');
$UI_PATH = 'ui';
if (!file_exists($UPLOAD_PATH . File::pathFixer('/notifications.default.json'))) {
die($UPLOAD_PATH . File::pathFixer("/notifications.default.json file not found"));
}
require_once $root_path . 'config.php'; require_once $root_path . 'config.php';
require_once $root_path . File::pathFixer('system/orm.php'); require_once $root_path . File::pathFixer('system/orm.php');
@ -74,13 +76,13 @@ if ($_app_stage != 'Live') {
define('U', APP_URL . '/index.php?_route='); define('U', APP_URL . '/index.php?_route=');
// notification message // notification message
if (file_exists($root_path . File::pathFixer("system/uploads/notifications.json"))) { if (file_exists($root_path . $UPLOAD_PATH . DIRECTORY_SEPARATOR . "notifications.json")) {
$_notifmsg = json_decode(file_get_contents($root_path . File::pathFixer('system/uploads/notifications.json')), true); $_notifmsg = json_decode(file_get_contents($root_path . $UPLOAD_PATH . DIRECTORY_SEPARATOR . 'notifications.json'), true);
} }
$_notifmsg_default = json_decode(file_get_contents($root_path . File::pathFixer('system/uploads/notifications.default.json')), true); $_notifmsg_default = json_decode(file_get_contents($root_path . $UPLOAD_PATH . DIRECTORY_SEPARATOR . 'notifications.default.json'), true);
//register all plugin //register all plugin
foreach (glob(File::pathFixer($root_path . File::pathFixer("system/plugin/*.php"))) as $filename) { foreach (glob(File::pathFixer($PLUGIN_PATH . DIRECTORY_SEPARATOR . '*.php')) as $filename) {
try { try {
include $filename; include $filename;
} catch (Throwable $e) { } catch (Throwable $e) {

42
system/autoload/Admin.php
View File

@ -1,21 +1,24 @@
<?php <?php
/** /**
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/) * PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
* by https://t.me/ibnux * by https://t.me/ibnux
**/ **/
Class Admin{ class Admin
{
public static function getID(){ public static function getID()
{
global $db_password; global $db_password;
if(isset($_SESSION['aid'])){ if (isset($_SESSION['aid'])) {
return $_SESSION['aid']; return $_SESSION['aid'];
}else if(isset($_COOKIE['aid'])){ } else if (isset($_COOKIE['aid'])) {
// id.time.sha1 // id.time.sha1
$tmp = explode('.',$_COOKIE['aid']); $tmp = explode('.', $_COOKIE['aid']);
if(sha1($tmp[0].$tmp[1].$db_password)==$tmp[2]){ if (sha1($tmp[0] . '.' . $tmp[1] . '.' . $db_password) == $tmp[2]) {
if($tmp[1] < 86400*7){ if (time() - $tmp[1] < 86400 * 7) {
$_SESSION['aid'] = $tmp[0]; $_SESSION['aid'] = $tmp[0];
return $tmp[0]; return $tmp[0];
} }
@ -24,28 +27,31 @@ Class Admin{
return 0; return 0;
} }
public static function setCookie($aid){ public static function setCookie($aid)
{
global $db_password; global $db_password;
if(isset($aid)){ if (isset($aid)) {
$time = time(); $time = time();
setcookie('aid', $aid.'.'.$time.'.'.sha1($aid.'.'.$time.'.'.$db_password), time()+86400*7); setcookie('aid', $aid . '.' . $time . '.' . sha1($aid . '.' . $time . '.' . $db_password), time() + 86400 * 7);
} }
} }
public static function removeCookie(){ public static function removeCookie()
if(isset($_COOKIE['aid'])){ {
setcookie('aid', '', time()-86400); if (isset($_COOKIE['aid'])) {
setcookie('aid', '', time() - 86400);
} }
} }
public static function _info($id = 0){ public static function _info($id = 0)
if(empty($id) && $id==0){ {
if (empty($id) && $id == 0) {
$id = Admin::getID(); $id = Admin::getID();
} }
if($id){ if ($id) {
return ORM::for_table('tbl_users')->find_one($id); return ORM::for_table('tbl_users')->find_one($id);
}else{ } else {
return []; return [];
} }
} }
} }

6
system/autoload/User.php
View File

@ -10,13 +10,13 @@ class User
{ {
public static function getID(){ public static function getID(){
global $db_password; global $db_password;
if(isset($_SESSION['uid'])){ if(isset($_SESSION['uid']) && !empty($_SESSION['uid'])){
return $_SESSION['uid']; return $_SESSION['uid'];
}else if(isset($_COOKIE['uid'])){ }else if(isset($_COOKIE['uid'])){
// id.time.sha1 // id.time.sha1
$tmp = explode('.',$_COOKIE['uid']); $tmp = explode('.',$_COOKIE['uid']);
if(sha1($tmp[0].$tmp[1].$db_password)==$tmp[2]){ if(sha1($tmp[0].'.'.$tmp[1].'.'.$db_password)==$tmp[2]){
if($tmp[1] < 86400*30){ if(time()-$tmp[1] < 86400*30){
$_SESSION['uid'] = $tmp[0]; $_SESSION['uid'] = $tmp[0];
return $tmp[0]; return $tmp[0];
} }

55
system/boot.php
View File

@ -9,11 +9,14 @@ try {
require_once 'init.php'; require_once 'init.php';
} catch (Throwable $e) { } catch (Throwable $e) {
$ui = new Smarty(); $ui = new Smarty();
$ui->setTemplateDir(['custom' => File::pathFixer('ui/ui_custom/'), 'default' => File::pathFixer('ui/ui/')]); $ui->setTemplateDir([
'custom' => File::pathFixer($UI_PATH . '/ui_custom/'),
'default' => File::pathFixer($UI_PATH . '/ui/')
]);
$ui->assign('_url', APP_URL . '/index.php?_route='); $ui->assign('_url', APP_URL . '/index.php?_route=');
$ui->setCompileDir(File::pathFixer('ui/compiled/')); $ui->setCompileDir(File::pathFixer($UI_PATH . '/compiled/'));
$ui->setConfigDir(File::pathFixer('ui/conf/')); $ui->setConfigDir(File::pathFixer($UI_PATH . '/conf/'));
$ui->setCacheDir(File::pathFixer('ui/cache/')); $ui->setCacheDir(File::pathFixer($UI_PATH . '/cache/'));
$ui->assign("error_title", "PHPNuxBill Crash"); $ui->assign("error_title", "PHPNuxBill Crash");
if (_auth()) { if (_auth()) {
$ui->assign("error_message", $e->getMessage() . '<br>'); $ui->assign("error_message", $e->getMessage() . '<br>');
@ -24,11 +27,14 @@ try {
die(); die();
} catch (Exception $e) { } catch (Exception $e) {
$ui = new Smarty(); $ui = new Smarty();
$ui->setTemplateDir(['custom' => File::pathFixer('ui/ui_custom/'), 'default' => File::pathFixer('ui/ui/')]); $ui->setTemplateDir([
'custom' => File::pathFixer($UI_PATH . '/ui_custom/'),
'default' => File::pathFixer($UI_PATH . '/ui/')
]);
$ui->assign('_url', APP_URL . '/index.php?_route='); $ui->assign('_url', APP_URL . '/index.php?_route=');
$ui->setCompileDir(File::pathFixer('ui/compiled/')); $ui->setCompileDir(File::pathFixer($UI_PATH . '/compiled/'));
$ui->setConfigDir(File::pathFixer('ui/conf/')); $ui->setConfigDir(File::pathFixer($UI_PATH . '/conf/'));
$ui->setCacheDir(File::pathFixer('ui/cache/')); $ui->setCacheDir(File::pathFixer($UI_PATH . '/cache/'));
$ui->assign("error_title", "PHPNuxBill Crash"); $ui->assign("error_title", "PHPNuxBill Crash");
if (_auth()) { if (_auth()) {
$ui->assign("error_message", $e->getMessage() . '<br>'); $ui->assign("error_message", $e->getMessage() . '<br>');
@ -48,24 +54,33 @@ function _notify($msg, $type = 'e')
$ui = new Smarty(); $ui = new Smarty();
$ui->assign('_kolaps', $_COOKIE['kolaps']); $ui->assign('_kolaps', $_COOKIE['kolaps']);
if (!empty($config['theme']) && $config['theme'] != 'default') { if (!empty($config['theme']) && $config['theme'] != 'default') {
$_theme = APP_URL . '/ui/themes/' . $config['theme']; $_theme = APP_URL . '/' . $UI_PATH . '/themes/' . $config['theme'];
$ui->setTemplateDir(['custom' => File::pathFixer('ui/ui_custom/'), 'theme' => File::pathFixer('ui/themes/' . $config['theme']), 'default' => File::pathFixer('ui/ui/')]); $ui->setTemplateDir([
'custom' => File::pathFixer($UI_PATH . '/ui_custom/'),
'theme' => File::pathFixer($UI_PATH . '/themes/' . $config['theme']),
'default' => File::pathFixer($UI_PATH . '/ui/')
]);
} else { } else {
$_theme = APP_URL . '/ui/ui'; $_theme = APP_URL . '/' . $UI_PATH . '/ui';
$ui->setTemplateDir(['custom' => File::pathFixer('ui/ui_custom/'), 'default' => File::pathFixer('ui/ui/')]); $ui->setTemplateDir([
'custom' => File::pathFixer($UI_PATH . '/ui_custom/'),
'default' => File::pathFixer($UI_PATH . '/ui/')
]);
} }
$ui->assign('_theme', $_theme); $ui->assign('_theme', $_theme);
$ui->addTemplateDir(File::pathFixer('system/paymentgateway/ui/'), 'pg'); $ui->addTemplateDir($PAYMENTGATEWAY_PATH . File::pathFixer('/ui/'), 'pg');
$ui->addTemplateDir(File::pathFixer('system/plugin/ui/'), 'plugin'); $ui->addTemplateDir($PLUGIN_PATH . File::pathFixer('/ui/'), 'plugin');
$ui->setCompileDir(File::pathFixer('ui/compiled/')); $ui->setCompileDir(File::pathFixer($UI_PATH . '/compiled/'));
$ui->setConfigDir(File::pathFixer('ui/conf/')); $ui->setConfigDir(File::pathFixer($UI_PATH . '/conf/'));
$ui->setCacheDir(File::pathFixer('ui/cache/')); $ui->setCacheDir(File::pathFixer($UI_PATH . '/cache/'));
$ui->assign('app_url', APP_URL); $ui->assign('app_url', APP_URL);
$ui->assign('_domain', str_replace('www.', '', parse_url(APP_URL, PHP_URL_HOST))); $ui->assign('_domain', str_replace('www.', '', parse_url(APP_URL, PHP_URL_HOST)));
$ui->assign('_url', APP_URL . '/index.php?_route='); $ui->assign('_url', APP_URL . '/index.php?_route=');
$ui->assign('_path', __DIR__); $ui->assign('_path', __DIR__);
$ui->assign('_c', $config); $ui->assign('_c', $config);
$ui->assign('_L', $_L); $ui->assign('UPLOAD_PATH', $UPLOAD_PATH);
$ui->assign('CACHE_PATH', $CACHE_PATH);
$ui->assign('PAGES_PATH', $PAGES_PATH);
$ui->assign('_system_menu', 'dashboard'); $ui->assign('_system_menu', 'dashboard');
function _msglog($type, $msg) function _msglog($type, $msg)
@ -93,7 +108,7 @@ if ($handler == '') {
} }
$admin = Admin::_info(); $admin = Admin::_info();
try { try {
$sys_render = $root_path.File::pathFixer('system/controllers/' . $handler . '.php'); $sys_render = $root_path . File::pathFixer('system/controllers/' . $handler . '.php');
if (file_exists($sys_render)) { if (file_exists($sys_render)) {
$menus = array(); $menus = array();
// "name" => $name, // "name" => $name,
@ -103,7 +118,7 @@ try {
$ui->assign('_system_menu', $routes[0]); $ui->assign('_system_menu', $routes[0]);
foreach ($menu_registered as $menu) { foreach ($menu_registered as $menu) {
if ($menu['admin'] && _admin(false)) { if ($menu['admin'] && _admin(false)) {
if(count($menu['auth'])==0 || in_array($admin['user_type'], $menu['auth'])){ if (count($menu['auth']) == 0 || in_array($admin['user_type'], $menu['auth'])) {
$menus[$menu['position']] .= '<li' . (($routes[1] == $menu['function']) ? ' class="active"' : '') . '><a href="' . U . 'plugin/' . $menu['function'] . '">'; $menus[$menu['position']] .= '<li' . (($routes[1] == $menu['function']) ? ' class="active"' : '') . '><a href="' . U . 'plugin/' . $menu['function'] . '">';
if (!empty($menu['icon'])) { if (!empty($menu['icon'])) {
$menus[$menu['position']] .= '<i class="' . $menu['icon'] . '"></i>'; $menus[$menu['position']] .= '<i class="' . $menu['icon'] . '"></i>';

6
system/controllers/accounts.php
View File

@ -138,7 +138,7 @@ switch ($action) {
case 'phone-update-otp': case 'phone-update-otp':
$phone = _post('phone'); $phone = _post('phone');
$username = $user['username']; $username = $user['username'];
$otpPath = 'system/cache/sms/'; $otpPath = $CACHE_PATH . '/sms/';
// Validate the phone number format // Validate the phone number format
if (!preg_match('/^[0-9]{10,}$/', $phone)) { if (!preg_match('/^[0-9]{10,}$/', $phone)) {
@ -178,7 +178,7 @@ switch ($action) {
Message::sendSMS($phone, $config['CompanyName'] . "\n Your Verification code is: $otp"); Message::sendSMS($phone, $config['CompanyName'] . "\n Your Verification code is: $otp");
Message::sendWhatsapp($phone, $config['CompanyName'] . "\n Your Verification code is: $otp"); Message::sendWhatsapp($phone, $config['CompanyName'] . "\n Your Verification code is: $otp");
} }
//redirect after sending OTP //redirect after sending OTP
r2(U . 'accounts/phone-update', 'e', Lang::T('Verification code has been sent to your phone')); r2(U . 'accounts/phone-update', 'e', Lang::T('Verification code has been sent to your phone'));
} }
} }
@ -190,7 +190,7 @@ switch ($action) {
$phone = _post('phone'); $phone = _post('phone');
$otp_code = _post('otp'); $otp_code = _post('otp');
$username = $user['username']; $username = $user['username'];
$otpPath = 'system/cache/sms/'; $otpPath = $CACHE_PATH . '/sms/';
// Validate the phone number format // Validate the phone number format
if (!preg_match('/^[0-9]{10,}$/', $phone)) { if (!preg_match('/^[0-9]{10,}$/', $phone)) {

10
system/controllers/callback.php
View File

@ -9,14 +9,14 @@
$action = $routes['1']; $action = $routes['1'];
if(file_exists('system/paymentgateway/'.$action.'.php')){ if (file_exists($PAYMENTGATEWAY_PATH . DIRECTORY_SEPARATOR . $action . '.php')) {
include 'system/paymentgateway/'.$action.'.php'; include $PAYMENTGATEWAY_PATH . DIRECTORY_SEPARATOR . $action . '.php';
if(function_exists($action.'_payment_notification')){ if (function_exists($action . '_payment_notification')) {
run_hook('callback_payment_notification'); #HOOK run_hook('callback_payment_notification'); #HOOK
call_user_func($action.'_payment_notification'); call_user_func($action . '_payment_notification');
die(); die();
} }
} }
header('HTTP/1.1 404 Not Found'); header('HTTP/1.1 404 Not Found');
echo 'Not Found'; echo 'Not Found';

23
system/controllers/codecanyon.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/) * PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
* by https://t.me/ibnux * by https://t.me/ibnux
@ -12,10 +13,10 @@ $plugin_repository = 'https://hotspotbilling.github.io/Plugin-Repository/reposit
$action = $routes['1']; $action = $routes['1'];
$ui->assign('_admin', $admin); $ui->assign('_admin', $admin);
$cache = File::pathFixer('system/cache/codecanyon.json'); $cache = File::pathFixer($CACHE_PATH . '/codecanyon.json');
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
if (empty($config['envato_token'])) { if (empty($config['envato_token'])) {
r2(U . 'settings/app', 'w', '<a href="' . U . 'settings/app#envato' . '">Envato Personal Access Token</a> is not set'); r2(U . 'settings/app', 'w', '<a href="' . U . 'settings/app#envato' . '">Envato Personal Access Token</a> is not set');
@ -24,14 +25,14 @@ if (empty($config['envato_token'])) {
switch ($action) { switch ($action) {
case 'install': case 'install':
if (!is_writeable(File::pathFixer('system/cache/'))) { if (!is_writeable(File::pathFixer($CACHE_PATH . '/'))) {
r2(U . "codecanyon", 'e', 'Folder system/cache/ is not writable'); r2(U . "codecanyon", 'e', 'Folder system/cache/ is not writable');
} }
if (!is_writeable(File::pathFixer('system/plugin/'))) { if (!is_writeable($PLUGIN_PATH)) {
r2(U . "codecanyon", 'e', 'Folder system/plugin/ is not writable'); r2(U . "codecanyon", 'e', 'Folder plugin/ is not writable');
} }
if (!is_writeable(File::pathFixer('system/paymentgateway/'))) { if (!is_writeable($PAYMENTGATEWAY_PATH)) {
r2(U . "codecanyon", 'e', 'Folder system/paymentgateway/ is not writable'); r2(U . "codecanyon", 'e', 'Folder paymentgateway/ is not writable');
} }
set_time_limit(-1); set_time_limit(-1);
$item_id = $routes['2']; $item_id = $routes['2'];
@ -41,7 +42,7 @@ switch ($action) {
if (!isset($json['download_url'])) { if (!isset($json['download_url'])) {
r2(U . 'codecanyon', 'e', 'Failed to get download url. ' . $json['description']); r2(U . 'codecanyon', 'e', 'Failed to get download url. ' . $json['description']);
} }
$file = File::pathFixer('system/cache/codecanyon/'); $file = File::pathFixer($CACHE_PATH . '/codecanyon/');
if (!file_exists($file)) { if (!file_exists($file)) {
mkdir($file); mkdir($file);
} }
@ -61,16 +62,16 @@ switch ($action) {
curl_close($ch); curl_close($ch);
fclose($fp); fclose($fp);
//extract //extract
$target = File::pathFixer('system/cache/codecanyon/' . $item_id . '/'); $target = File::pathFixer($CACHE_PATH . '/codecanyon/' . $item_id . '/');
$zip = new ZipArchive(); $zip = new ZipArchive();
$zip->open($file); $zip->open($file);
$zip->extractTo($target); $zip->extractTo($target);
$zip->close(); $zip->close();
//moving //moving
if (file_exists($target . 'plugin')) { if (file_exists($target . 'plugin')) {
File::copyFolder($target . 'plugin', File::pathFixer('system/plugin/')); File::copyFolder($target . 'plugin', $PLUGIN_PATH . DIRECTORY_SEPARATOR);
} else if (file_exists($target . 'paymentgateway')) { } else if (file_exists($target . 'paymentgateway')) {
File::copyFolder($target . 'paymentgateway', File::pathFixer('system/paymentgateway/')); File::copyFolder($target . 'paymentgateway', $PAYMENTGATEWAY_PATH . DIRECTORY_SEPARATOR);
} else if (file_exists($target . 'theme')) { } else if (file_exists($target . 'theme')) {
File::copyFolder($target . 'theme', File::pathFixer('ui/themes/')); File::copyFolder($target . 'theme', File::pathFixer('ui/themes/'));
} }

24
system/controllers/dashboard.php
View File

@ -47,7 +47,7 @@ if (empty($c_all)) {
} }
$ui->assign('c_all', $c_all); $ui->assign('c_all', $c_all);
if($config['hide_uet'] != 'yes'){ if ($config['hide_uet'] != 'yes') {
//user expire //user expire
$paginator = Paginator::build(ORM::for_table('tbl_user_recharges')); $paginator = Paginator::build(ORM::for_table('tbl_user_recharges'));
$expire = ORM::for_table('tbl_user_recharges') $expire = ORM::for_table('tbl_user_recharges')
@ -77,14 +77,14 @@ $log = ORM::for_table('tbl_logs')->count();
$ui->assign('log', $log); $ui->assign('log', $log);
if($config['hide_vs'] != 'yes'){ if ($config['hide_vs'] != 'yes') {
$cacheStocksfile = File::pathFixer('system/cache/VoucherStocks.temp'); $cacheStocksfile = $CACHE_PATH . File::pathFixer('/VoucherStocks.temp');
$cachePlanfile = File::pathFixer('system/cache/VoucherPlans.temp'); $cachePlanfile = $CACHE_PATH . File::pathFixer('/VoucherPlans.temp');
//Cache for 5 minutes //Cache for 5 minutes
if(file_exists($cacheStocksfile) && time()- filemtime($cacheStocksfile) < 600){ if (file_exists($cacheStocksfile) && time() - filemtime($cacheStocksfile) < 600) {
$stocks = json_decode(file_get_contents($cacheStocksfile), true); $stocks = json_decode(file_get_contents($cacheStocksfile), true);
$plans = json_decode(file_get_contents($cachePlanfile), true); $plans = json_decode(file_get_contents($cachePlanfile), true);
}else{ } else {
// Count stock // Count stock
$tmp = $v = ORM::for_table('tbl_plans')->select('id')->select('name_plan')->find_many(); $tmp = $v = ORM::for_table('tbl_plans')->select('id')->select('name_plan')->find_many();
$plans = array(); $plans = array();
@ -111,11 +111,11 @@ if($config['hide_vs'] != 'yes'){
} }
} }
$cacheMRfile = File::pathFixer('system/cache/monthlyRegistered.temp'); $cacheMRfile = File::pathFixer('/monthlyRegistered.temp');
//Cache for 1 hour //Cache for 1 hour
if(file_exists($cacheMRfile) && time()- filemtime($cacheMRfile) < 3600){ if (file_exists($cacheMRfile) && time() - filemtime($cacheMRfile) < 3600) {
$monthlyRegistered = json_decode(file_get_contents($cacheMRfile), true); $monthlyRegistered = json_decode(file_get_contents($cacheMRfile), true);
}else{ } else {
//Monthly Registered Customers //Monthly Registered Customers
$result = ORM::for_table('tbl_customers') $result = ORM::for_table('tbl_customers')
->select_expr('MONTH(created_at)', 'month') ->select_expr('MONTH(created_at)', 'month')
@ -134,11 +134,11 @@ if(file_exists($cacheMRfile) && time()- filemtime($cacheMRfile) < 3600){
file_put_contents($cacheMRfile, json_encode($monthlyRegistered)); file_put_contents($cacheMRfile, json_encode($monthlyRegistered));
} }
$cacheMSfile = File::pathFixer('system/cache/monthlySales.temp'); $cacheMSfile = $CACHE_PATH . File::pathFixer('/monthlySales.temp');
//Cache for 12 hours //Cache for 12 hours
if(file_exists($cacheMSfile) && time()- filemtime($cacheMSfile) < 43200){ if (file_exists($cacheMSfile) && time() - filemtime($cacheMSfile) < 43200) {
$monthlySales = json_decode(file_get_contents($cacheMSfile), true); $monthlySales = json_decode(file_get_contents($cacheMSfile), true);
}else{ } else {
// Query to retrieve monthly data // Query to retrieve monthly data
$results = ORM::for_table('tbl_transactions') $results = ORM::for_table('tbl_transactions')
->select_expr('MONTH(recharged_on)', 'month') ->select_expr('MONTH(recharged_on)', 'month')

20
system/controllers/export.php
View File

@ -62,10 +62,10 @@ switch ($action) {
$title = ' Reports [' . $mdate . ']'; $title = ' Reports [' . $mdate . ']';
$title = str_replace('-', ' ', $title); $title = str_replace('-', ' ', $title);
if(file_exists('system/uploads/logo.png')){ if (file_exists($UPLOAD_PATH . '/logo.png')) {
$logo = 'system/uploads/logo.png'; $logo = $UPLOAD_PATH . '/logo.png';
}else{ } else {
$logo = 'system/uploads/logo.default.png'; $logo = $UPLOAD_PATH . '/logo.default.png';
} }
if ($x) { if ($x) {
@ -76,7 +76,7 @@ switch ($action) {
' . $config['address'] . '<br> ' . $config['address'] . '<br>
' . Lang::T('Phone Number') . ': ' . $config['phone'] . '<br> ' . Lang::T('Phone Number') . ': ' . $config['phone'] . '<br>
</div> </div>
<div id="logo"><img id="image" src="'.$logo.'" alt="logo" /></div> <div id="logo"><img id="image" src="' . $logo . '" alt="logo" /></div>
</div> </div>
<div id="header">' . Lang::T('All Transactions at Date') . ': ' . date($config['date_format'], strtotime($mdate)) . '</div> <div id="header">' . Lang::T('All Transactions at Date') . ': ' . date($config['date_format'], strtotime($mdate)) . '</div>
<table id="customers"> <table id="customers">
@ -234,10 +234,10 @@ EOF;
$title = ' Reports [' . $mdate . ']'; $title = ' Reports [' . $mdate . ']';
$title = str_replace('-', ' ', $title); $title = str_replace('-', ' ', $title);
if(file_exists('system/uploads/logo.png')){ if (file_exists($UPLOAD_PATH . '/logo.png')) {
$logo = 'system/uploads/logo.png'; $logo = $UPLOAD_PATH . '/logo.png';
}else{ } else {
$logo = 'system/uploads/logo.default.png'; $logo = $UPLOAD_PATH . '/logo.default.png';
} }
if ($x) { if ($x) {
@ -248,7 +248,7 @@ EOF;
' . $config['address'] . '<br> ' . $config['address'] . '<br>
' . Lang::T('Phone Number') . ': ' . $config['phone'] . '<br> ' . Lang::T('Phone Number') . ': ' . $config['phone'] . '<br>
</div> </div>
<div id="logo"><img id="image" src="'.$logo.'" alt="logo" /></div> <div id="logo"><img id="image" src="' . $logo . '" alt="logo" /></div>
</div> </div>
<div id="header">' . Lang::T('All Transactions at Date') . ': ' . date($config['date_format'], strtotime($fdate)) . ' - ' . date($config['date_format'], strtotime($tdate)) . '</div> <div id="header">' . Lang::T('All Transactions at Date') . ': ' . date($config['date_format'], strtotime($fdate)) . ' - ' . date($config['date_format'], strtotime($tdate)) . '</div>
<table id="customers"> <table id="customers">

102
system/controllers/order.php
View File

@ -19,7 +19,7 @@ switch ($action) {
break; break;
case 'history': case 'history':
$ui->assign('_system_menu', 'history'); $ui->assign('_system_menu', 'history');
$paginator = Paginator::build(ORM::for_table('tbl_payment_gateway'),['username'=>$user['username']]); $paginator = Paginator::build(ORM::for_table('tbl_payment_gateway'), ['username' => $user['username']]);
$d = ORM::for_table('tbl_payment_gateway') $d = ORM::for_table('tbl_payment_gateway')
->where('username', $user['username']) ->where('username', $user['username'])
->order_by_desc('id') ->order_by_desc('id')
@ -31,51 +31,51 @@ switch ($action) {
run_hook('customer_view_order_history'); #HOOK run_hook('customer_view_order_history'); #HOOK
$ui->display('user-orderHistory.tpl'); $ui->display('user-orderHistory.tpl');
break; break;
case 'balance': case 'balance':
if (strpos($user['email'], '@') === false) { if (strpos($user['email'], '@') === false) {
r2(U . 'accounts/profile', 'e', Lang::T("Please enter your email address")); r2(U . 'accounts/profile', 'e', Lang::T("Please enter your email address"));
} }
$ui->assign('_title', 'Top Up'); $ui->assign('_title', 'Top Up');
$ui->assign('_system_menu', 'balance'); $ui->assign('_system_menu', 'balance');
$plans_balance = ORM::for_table('tbl_plans')->where('enabled', '1')->where('type', 'Balance')->where('allow_purchase', 'yes')->find_many(); $plans_balance = ORM::for_table('tbl_plans')->where('enabled', '1')->where('type', 'Balance')->where('allow_purchase', 'yes')->find_many();
$ui->assign('plans_balance', $plans_balance); $ui->assign('plans_balance', $plans_balance);
$ui->display('user-orderBalance.tpl'); $ui->display('user-orderBalance.tpl');
break; break;
case 'package': case 'package':
if (strpos($user['email'], '@') === false) { if (strpos($user['email'], '@') === false) {
r2(U . 'accounts/profile', 'e', Lang::T("Please enter your email address")); r2(U . 'accounts/profile', 'e', Lang::T("Please enter your email address"));
} }
$ui->assign('_title', 'Order Plan'); $ui->assign('_title', 'Order Plan');
$ui->assign('_system_menu', 'package'); $ui->assign('_system_menu', 'package');
if (!empty($_SESSION['nux-router'])) { if (!empty($_SESSION['nux-router'])) {
if ($_SESSION['nux-router'] == 'radius') { if ($_SESSION['nux-router'] == 'radius') {
$radius_pppoe = ORM::for_table('tbl_plans')->where('enabled', '1')->where('is_radius', 1)->where('type', 'PPPOE')->where('allow_purchase', 'yes')->find_many();
$radius_hotspot = ORM::for_table('tbl_plans')->where('enabled', '1')->where('is_radius', 1)->where('type', 'Hotspot')->where('allow_purchase', 'yes')->find_many();
} else {
$routers = ORM::for_table('tbl_routers')->where('id', $_SESSION['nux-router'])->find_many();
$rs = [];
foreach ($routers as $r) {
$rs[] = $r['name'];
}
$plans_pppoe = ORM::for_table('tbl_plans')->where('enabled', '1')->where_in('routers', $rs)->where('is_radius', 0)->where('type', 'PPPOE')->where('allow_purchase', 'yes')->find_many();
$plans_hotspot = ORM::for_table('tbl_plans')->where('enabled', '1')->where_in('routers', $rs)->where('is_radius', 0)->where('type', 'Hotspot')->where('allow_purchase', 'yes')->find_many();
}
} else {
$radius_pppoe = ORM::for_table('tbl_plans')->where('enabled', '1')->where('is_radius', 1)->where('type', 'PPPOE')->where('allow_purchase', 'yes')->find_many(); $radius_pppoe = ORM::for_table('tbl_plans')->where('enabled', '1')->where('is_radius', 1)->where('type', 'PPPOE')->where('allow_purchase', 'yes')->find_many();
$radius_hotspot = ORM::for_table('tbl_plans')->where('enabled', '1')->where('is_radius', 1)->where('type', 'Hotspot')->where('allow_purchase', 'yes')->find_many(); $radius_hotspot = ORM::for_table('tbl_plans')->where('enabled', '1')->where('is_radius', 1)->where('type', 'Hotspot')->where('allow_purchase', 'yes')->find_many();
} else {
$routers = ORM::for_table('tbl_routers')->find_many(); $routers = ORM::for_table('tbl_routers')->where('id', $_SESSION['nux-router'])->find_many();
$plans_pppoe = ORM::for_table('tbl_plans')->where('enabled', '1')->where('is_radius', 0)->where('type', 'PPPOE')->where('allow_purchase', 'yes')->find_many(); $rs = [];
$plans_hotspot = ORM::for_table('tbl_plans')->where('enabled', '1')->where('is_radius', 0)->where('type', 'Hotspot')->where('allow_purchase', 'yes')->find_many(); foreach ($routers as $r) {
$rs[] = $r['name'];
}
$plans_pppoe = ORM::for_table('tbl_plans')->where('enabled', '1')->where_in('routers', $rs)->where('is_radius', 0)->where('type', 'PPPOE')->where('allow_purchase', 'yes')->find_many();
$plans_hotspot = ORM::for_table('tbl_plans')->where('enabled', '1')->where_in('routers', $rs)->where('is_radius', 0)->where('type', 'Hotspot')->where('allow_purchase', 'yes')->find_many();
} }
$ui->assign('routers', $routers); } else {
$ui->assign('radius_pppoe', $radius_pppoe); $radius_pppoe = ORM::for_table('tbl_plans')->where('enabled', '1')->where('is_radius', 1)->where('type', 'PPPOE')->where('allow_purchase', 'yes')->find_many();
$ui->assign('radius_hotspot', $radius_hotspot); $radius_hotspot = ORM::for_table('tbl_plans')->where('enabled', '1')->where('is_radius', 1)->where('type', 'Hotspot')->where('allow_purchase', 'yes')->find_many();
$ui->assign('plans_pppoe', $plans_pppoe);
$ui->assign('plans_hotspot', $plans_hotspot); $routers = ORM::for_table('tbl_routers')->find_many();
run_hook('customer_view_order_plan'); #HOOK $plans_pppoe = ORM::for_table('tbl_plans')->where('enabled', '1')->where('is_radius', 0)->where('type', 'PPPOE')->where('allow_purchase', 'yes')->find_many();
$ui->display('user-orderPlan.tpl'); $plans_hotspot = ORM::for_table('tbl_plans')->where('enabled', '1')->where('is_radius', 0)->where('type', 'Hotspot')->where('allow_purchase', 'yes')->find_many();
break; }
$ui->assign('routers', $routers);
$ui->assign('radius_pppoe', $radius_pppoe);
$ui->assign('radius_hotspot', $radius_hotspot);
$ui->assign('plans_pppoe', $plans_pppoe);
$ui->assign('plans_hotspot', $plans_hotspot);
run_hook('customer_view_order_plan'); #HOOK
$ui->display('user-orderPlan.tpl');
break;
case 'unpaid': case 'unpaid':
$d = ORM::for_table('tbl_payment_gateway') $d = ORM::for_table('tbl_payment_gateway')
->where('username', $user['username']) ->where('username', $user['username'])
@ -108,11 +108,11 @@ switch ($action) {
r2(U . "order/buy/" . (($trx['routers_id'] == 0) ? $trx['routers'] : $trx['routers_id']) . '/' . $trx['plan_id'], 'w', Lang::T("Checking payment")); r2(U . "order/buy/" . (($trx['routers_id'] == 0) ? $trx['routers'] : $trx['routers_id']) . '/' . $trx['plan_id'], 'w', Lang::T("Checking payment"));
} }
if ($routes['3'] == 'check') { if ($routes['3'] == 'check') {
if (!file_exists('system/paymentgateway/' . $trx['gateway'] . '.php')) { if (!file_exists($PAYMENTGATEWAY_PATH . DIRECTORY_SEPARATOR . $trx['gateway'] . '.php')) {
r2(U . 'order/view/' . $trxid, 'e', Lang::T("No Payment Gateway Available")); r2(U . 'order/view/' . $trxid, 'e', Lang::T("No Payment Gateway Available"));
} }
run_hook('customer_check_payment_status'); #HOOK run_hook('customer_check_payment_status'); #HOOK
include 'system/paymentgateway/' . $trx['gateway'] . '.php'; include $PAYMENTGATEWAY_PATH . DIRECTORY_SEPARATOR . $trx['gateway'] . '.php';
call_user_func($trx['gateway'] . '_validate_config'); call_user_func($trx['gateway'] . '_validate_config');
call_user_func($config['payment_gateway'] . '_get_status', $trx, $user); call_user_func($config['payment_gateway'] . '_get_status', $trx, $user);
} else if ($routes['3'] == 'cancel') { } else if ($routes['3'] == 'cancel') {
@ -149,10 +149,10 @@ switch ($action) {
if (empty($plan)) { if (empty($plan)) {
r2(U . "order/package", 'e', Lang::T("Plan Not found")); r2(U . "order/package", 'e', Lang::T("Plan Not found"));
} }
if(!$plan['enabled']){ if (!$plan['enabled']) {
r2(U . "home", 'e', 'Plan is not exists'); r2(U . "home", 'e', 'Plan is not exists');
} }
if($plan['allow_purchase'] != 'yes'){ if ($plan['allow_purchase'] != 'yes') {
r2(U . "home", 'e', 'Cannot recharge this plan'); r2(U . "home", 'e', 'Cannot recharge this plan');
} }
if ($routes['2'] == 'radius') { if ($routes['2'] == 'radius') {
@ -185,10 +185,10 @@ switch ($action) {
if (empty($plan)) { if (empty($plan)) {
r2(U . "order/package", 'e', Lang::T("Plan Not found")); r2(U . "order/package", 'e', Lang::T("Plan Not found"));
} }
if(!$plan['enabled']){ if (!$plan['enabled']) {
r2(U . "home", 'e', 'Plan is not exists'); r2(U . "home", 'e', 'Plan is not exists');
} }
if($plan['allow_purchase'] != 'yes'){ if ($plan['allow_purchase'] != 'yes') {
r2(U . "home", 'e', 'Cannot recharge this plan'); r2(U . "home", 'e', 'Cannot recharge this plan');
} }
if ($routes['2'] == 'radius') { if ($routes['2'] == 'radius') {
@ -273,11 +273,11 @@ switch ($action) {
if ($config['payment_gateway'] == 'none') { if ($config['payment_gateway'] == 'none') {
r2(U . 'home', 'e', Lang::T("No Payment Gateway Available")); r2(U . 'home', 'e', Lang::T("No Payment Gateway Available"));
} }
if (!file_exists('system/paymentgateway/' . $config['payment_gateway'] . '.php')) { if (!file_exists($PAYMENTGATEWAY_PATH . DIRECTORY_SEPARATOR . $config['payment_gateway'] . '.php')) {
r2(U . 'home', 'e', Lang::T("No Payment Gateway Available")); r2(U . 'home', 'e', Lang::T("No Payment Gateway Available"));
} }
run_hook('customer_buy_plan'); #HOOK run_hook('customer_buy_plan'); #HOOK
include 'system/paymentgateway/' . $config['payment_gateway'] . '.php'; include $PAYMENTGATEWAY_PATH . DIRECTORY_SEPARATOR . $config['payment_gateway'] . '.php';
call_user_func($config['payment_gateway'] . '_validate_config'); call_user_func($config['payment_gateway'] . '_validate_config');
if ($routes['2'] == 'radius') { if ($routes['2'] == 'radius') {

41
system/controllers/paymentgateway.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/) * PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
* by https://t.me/ibnux * by https://t.me/ibnux
@ -10,38 +11,38 @@ $ui->assign('_system_menu', 'paymentgateway');
$action = alphanumeric($routes['1']); $action = alphanumeric($routes['1']);
$ui->assign('_admin', $admin); $ui->assign('_admin', $admin);
if(file_exists('system/paymentgateway/'.$action.'.php')){ if (file_exists($PAYMENTGATEWAY_PATH . DIRECTORY_SEPARATOR . $action . '.php')) {
include 'system/paymentgateway/'.$action.'.php'; include $PAYMENTGATEWAY_PATH . DIRECTORY_SEPARATOR . $action . '.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if(function_exists($action.'_save_config')){ if (function_exists($action . '_save_config')) {
call_user_func($action.'_save_config'); call_user_func($action . '_save_config');
}else{ } else {
$ui->display('a404.tpl'); $ui->display('a404.tpl');
} }
}else{ } else {
if(function_exists($action.'_show_config')){ if (function_exists($action . '_show_config')) {
call_user_func($action.'_show_config'); call_user_func($action . '_show_config');
}else{ } else {
$ui->display('a404.tpl'); $ui->display('a404.tpl');
} }
} }
}else{ } else {
if(!empty($action)){ if (!empty($action)) {
r2(U . 'paymentgateway', 'w', Lang::T('Payment Gateway Not Found')); r2(U . 'paymentgateway', 'w', Lang::T('Payment Gateway Not Found'));
}else{ } else {
$files = scandir('system/paymentgateway/'); $files = scandir($PAYMENTGATEWAY_PATH);
foreach($files as $file){ foreach ($files as $file) {
if(pathinfo($file, PATHINFO_EXTENSION)=='php'){ if (pathinfo($file, PATHINFO_EXTENSION) == 'php') {
$pgs[] = str_replace('.php','',$file); $pgs[] = str_replace('.php', '', $file);
} }
} }
if(isset($_POST['payment_gateway'])){ if (isset($_POST['payment_gateway'])) {
$payment_gateway = _post('payment_gateway'); $payment_gateway = _post('payment_gateway');
$d = ORM::for_table('tbl_appconfig')->where('setting', 'payment_gateway')->find_one(); $d = ORM::for_table('tbl_appconfig')->where('setting', 'payment_gateway')->find_one();
if($d){ if ($d) {
$d->value = $payment_gateway; $d->value = $payment_gateway;
$d->save(); $d->save();
}else{ } else {
$d = ORM::for_table('tbl_appconfig')->create(); $d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'payment_gateway'; $d->setting = 'payment_gateway';
$d->value = $payment_gateway; $d->value = $payment_gateway;
@ -53,4 +54,4 @@ if(file_exists('system/paymentgateway/'.$action.'.php')){
$ui->assign('pgs', $pgs); $ui->assign('pgs', $pgs);
$ui->display('paymentgateway.tpl'); $ui->display('paymentgateway.tpl');
} }
} }

49
system/controllers/pluginmanager.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/) * PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
* by https://t.me/ibnux * by https://t.me/ibnux
@ -15,14 +16,14 @@ $ui->assign('_admin', $admin);
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
$cache = File::pathFixer('system/cache/plugin_repository.json'); $cache = $CACHE_PATH . File::pathFixer('/plugin_repository.json');
if (file_exists($cache) && time() - filemtime($cache) < (24 * 60 * 60)) { if (file_exists($cache) && time() - filemtime($cache) < (24 * 60 * 60)) {
$txt = file_get_contents($cache); $txt = file_get_contents($cache);
$json = json_decode($txt, true); $json = json_decode($txt, true);
if(empty($json['plugins']) && empty($json['payment_gateway'])){ if (empty($json['plugins']) && empty($json['payment_gateway'])) {
unlink($cache); unlink($cache);
r2(U . 'dashboard', 'd', $txt); r2(U . 'dashboard', 'd', $txt);
} }
@ -35,22 +36,22 @@ if (file_exists($cache) && time() - filemtime($cache) < (24 * 60 * 60)) {
switch ($action) { switch ($action) {
case 'install': case 'install':
if(!is_writeable(File::pathFixer('system/cache/'))){ if (!is_writeable($CACHE_PATH)) {
r2(U . "pluginmanager", 'e', 'Folder system/cache/ is not writable'); r2(U . "pluginmanager", 'e', 'Folder cache/ is not writable');
} }
if(!is_writeable(File::pathFixer('system/plugin/'))){ if (!is_writeable($PLUGIN_PATH)) {
r2(U . "pluginmanager", 'e', 'Folder system/plugin/ is not writable'); r2(U . "pluginmanager", 'e', 'Folder plugin/ is not writable');
} }
set_time_limit(-1); set_time_limit(-1);
$tipe = $routes['2']; $tipe = $routes['2'];
$plugin = $routes['3']; $plugin = $routes['3'];
$file = File::pathFixer('system/cache/') . $plugin . '.zip'; $file = $CACHE_PATH . File::pathFixer('/') . $plugin . '.zip';
if (file_exists($file)) unlink($file); if (file_exists($file)) unlink($file);
if ($tipe == 'plugin') { if ($tipe == 'plugin') {
foreach ($json['plugins'] as $plg) { foreach ($json['plugins'] as $plg) {
if ($plg['id'] == $plugin) { if ($plg['id'] == $plugin) {
$fp = fopen($file, 'w+'); $fp = fopen($file, 'w+');
$ch = curl_init($plg['github'].'/archive/refs/heads/master.zip'); $ch = curl_init($plg['github'] . '/archive/refs/heads/master.zip');
curl_setopt($ch, CURLOPT_POST, 0); curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15);
curl_setopt($ch, CURLOPT_TIMEOUT, 15); curl_setopt($ch, CURLOPT_TIMEOUT, 15);
@ -63,19 +64,19 @@ switch ($action) {
$zip = new ZipArchive(); $zip = new ZipArchive();
$zip->open($file); $zip->open($file);
$zip->extractTo(File::pathFixer('system/cache/')); $zip->extractTo($CACHE_PATH);
$zip->close(); $zip->close();
$folder = File::pathFixer('system/cache/' . $plugin.'-main/'); $folder = $CACHE_PATH . File::pathFixer('/' . $plugin . '-main/');
if(!file_exists($folder)){ if (!file_exists($folder)) {
$folder = File::pathFixer('system/cache/' . $plugin.'-master/'); $folder = $CACHE_PATH . File::pathFixer('/' . $plugin . '-master/');
} }
if(!file_exists($folder)){ if (!file_exists($folder)) {
r2(U . "pluginmanager", 'e', 'Extracted Folder is unknown'); r2(U . "pluginmanager", 'e', 'Extracted Folder is unknown');
} }
File::copyFolder($folder, File::pathFixer('system/plugin/'), ['README.md','LICENSE']); File::copyFolder($folder, $PLUGIN_PATH . DIRECTORY_SEPARATOR, ['README.md', 'LICENSE']);
File::deleteFolder($folder); File::deleteFolder($folder);
unlink($file); unlink($file);
r2(U . "pluginmanager", 's', 'Plugin '.$plugin.' has been installed'); r2(U . "pluginmanager", 's', 'Plugin ' . $plugin . ' has been installed');
break; break;
} }
} }
@ -84,7 +85,7 @@ switch ($action) {
foreach ($json['payment_gateway'] as $plg) { foreach ($json['payment_gateway'] as $plg) {
if ($plg['id'] == $plugin) { if ($plg['id'] == $plugin) {
$fp = fopen($file, 'w+'); $fp = fopen($file, 'w+');
$ch = curl_init($plg['github'].'/archive/refs/heads/master.zip'); $ch = curl_init($plg['github'] . '/archive/refs/heads/master.zip');
curl_setopt($ch, CURLOPT_POST, 0); curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15);
curl_setopt($ch, CURLOPT_TIMEOUT, 15); curl_setopt($ch, CURLOPT_TIMEOUT, 15);
@ -97,19 +98,19 @@ switch ($action) {
$zip = new ZipArchive(); $zip = new ZipArchive();
$zip->open($file); $zip->open($file);
$zip->extractTo(File::pathFixer('system/cache/')); $zip->extractTo($CACHE_PATH);
$zip->close(); $zip->close();
$folder = File::pathFixer('system/cache/' . $plugin.'-main/'); $folder = $CACHE_PATH . File::pathFixer('/' . $plugin . '-main/');
if(!file_exists($folder)){ if (!file_exists($folder)) {
$folder = File::pathFixer('system/cache/' . $plugin.'-master/'); $folder = $CACHE_PATH . File::pathFixer('/' . $plugin . '-master/');
} }
if(!file_exists($folder)){ if (!file_exists($folder)) {
r2(U . "pluginmanager", 'e', 'Extracted Folder is unknown'); r2(U . "pluginmanager", 'e', 'Extracted Folder is unknown');
} }
File::copyFolder($folder, File::pathFixer('system/paymentgateway/'), ['README.md','LICENSE']); File::copyFolder($folder, $PAYMENTGATEWAY_PATH . DIRECTORY_SEPARATOR, ['README.md', 'LICENSE']);
File::deleteFolder($folder); File::deleteFolder($folder);
unlink($file); unlink($file);
r2(U . "paymentgateway", 's', 'Payment Gateway '.$plugin.' has been installed'); r2(U . "paymentgateway", 's', 'Payment Gateway ' . $plugin . ' has been installed');
break; break;
} }
} }

49
system/controllers/register.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/) * PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
* by https://t.me/ibnux * by https://t.me/ibnux
@ -10,21 +11,21 @@ if (isset($routes['1'])) {
$do = 'register-display'; $do = 'register-display';
} }
$otpPath = 'system/cache/sms/'; $otpPath = $CACHE_PATH . File::pathFixer('/sms/');
switch ($do) { switch ($do) {
case 'post': case 'post':
$otp_code = _post('otp_code'); $otp_code = _post('otp_code');
$username = alphanumeric(_post('username'),"+_."); $username = alphanumeric(_post('username'), "+_.");
$email = _post('email'); $email = _post('email');
$fullname = _post('fullname'); $fullname = _post('fullname');
$password = _post('password'); $password = _post('password');
$cpassword = _post('cpassword'); $cpassword = _post('cpassword');
$address = _post('address'); $address = _post('address');
if(!empty($config['sms_url'])){ if (!empty($config['sms_url'])) {
$phonenumber = Lang::phoneFormat($username); $phonenumber = Lang::phoneFormat($username);
$username = $phonenumber; $username = $phonenumber;
}else if(strlen($username)<21){ } else if (strlen($username) < 21) {
$phonenumber = $username; $phonenumber = $username;
} }
$msg = ''; $msg = '';
@ -44,16 +45,16 @@ switch ($do) {
$msg .= Lang::T('Passwords does not match') . '<br>'; $msg .= Lang::T('Passwords does not match') . '<br>';
} }
if(!empty($config['sms_url'])){ if (!empty($config['sms_url'])) {
$otpPath .= sha1($username.$db_password).".txt"; $otpPath .= sha1($username . $db_password) . ".txt";
run_hook('validate_otp'); #HOOK run_hook('validate_otp'); #HOOK
//expired 10 minutes //expired 10 minutes
if(file_exists($otpPath) && time()-filemtime($otpPath)>1200){ if (file_exists($otpPath) && time() - filemtime($otpPath) > 1200) {
unlink($otpPath); unlink($otpPath);
r2(U . 'register', 's', 'Verification code expired'); r2(U . 'register', 's', 'Verification code expired');
}else if(file_exists($otpPath)){ } else if (file_exists($otpPath)) {
$code = file_get_contents($otpPath); $code = file_get_contents($otpPath);
if($code!=$otp_code){ if ($code != $otp_code) {
$ui->assign('username', $username); $ui->assign('username', $username);
$ui->assign('fullname', $fullname); $ui->assign('fullname', $fullname);
$ui->assign('address', $address); $ui->assign('address', $address);
@ -63,10 +64,10 @@ switch ($do) {
$ui->assign('notify_t', 'd'); $ui->assign('notify_t', 'd');
$ui->display('register-otp.tpl'); $ui->display('register-otp.tpl');
exit(); exit();
}else{ } else {
unlink($otpPath); unlink($otpPath);
} }
}else{ } else {
r2(U . 'register', 's', 'No Verification code'); r2(U . 'register', 's', 'No Verification code');
} }
} }
@ -77,7 +78,7 @@ switch ($do) {
if ($msg == '') { if ($msg == '') {
run_hook('register_user'); #HOOK run_hook('register_user'); #HOOK
$d = ORM::for_table('tbl_customers')->create(); $d = ORM::for_table('tbl_customers')->create();
$d->username = alphanumeric($username,"+_."); $d->username = alphanumeric($username, "+_.");
$d->password = $password; $d->password = $password;
$d->fullname = $fullname; $d->fullname = $fullname;
$d->address = $address; $d->address = $address;
@ -110,38 +111,38 @@ switch ($do) {
break; break;
default: default:
if(!empty($config['sms_url'])){ if (!empty($config['sms_url'])) {
$username = _post('username'); $username = _post('username');
if(!empty($username)){ if (!empty($username)) {
$d = ORM::for_table('tbl_customers')->where('username', $username)->find_one(); $d = ORM::for_table('tbl_customers')->where('username', $username)->find_one();
if ($d) { if ($d) {
r2(U . 'register', 's', Lang::T('Account already axist')); r2(U . 'register', 's', Lang::T('Account already axist'));
} }
if(!file_exists($otpPath)){ if (!file_exists($otpPath)) {
mkdir($otpPath); mkdir($otpPath);
touch($otpPath.'index.html'); touch($otpPath . 'index.html');
} }
$otpPath .= sha1($username.$db_password).".txt"; $otpPath .= sha1($username . $db_password) . ".txt";
//expired 10 minutes //expired 10 minutes
if(file_exists($otpPath) && time()-filemtime($otpPath)<1200){ if (file_exists($otpPath) && time() - filemtime($otpPath) < 1200) {
$ui->assign('username', $username); $ui->assign('username', $username);
$ui->assign('notify', 'Please wait '.(1200-(time()-filemtime($otpPath))).' seconds before sending another SMS'); $ui->assign('notify', 'Please wait ' . (1200 - (time() - filemtime($otpPath))) . ' seconds before sending another SMS');
$ui->assign('notify_t', 'd'); $ui->assign('notify_t', 'd');
$ui->display('register-otp.tpl'); $ui->display('register-otp.tpl');
}else{ } else {
$otp = rand(100000,999999); $otp = rand(100000, 999999);
file_put_contents($otpPath, $otp); file_put_contents($otpPath, $otp);
Message::sendSMS($username,$config['CompanyName']."\nYour Verification code are: $otp"); Message::sendSMS($username, $config['CompanyName'] . "\nYour Verification code are: $otp");
$ui->assign('username', $username); $ui->assign('username', $username);
$ui->assign('notify', 'Verification code has been sent to your phone'); $ui->assign('notify', 'Verification code has been sent to your phone');
$ui->assign('notify_t', 's'); $ui->assign('notify_t', 's');
$ui->display('register-otp.tpl'); $ui->display('register-otp.tpl');
} }
}else{ } else {
run_hook('view_otp_register'); #HOOK run_hook('view_otp_register'); #HOOK
$ui->display('register-rotp.tpl'); $ui->display('register-rotp.tpl');
} }
}else{ } else {
$ui->assign('username', ""); $ui->assign('username', "");
$ui->assign('fullname', ""); $ui->assign('fullname', "");
$ui->assign('address', ""); $ui->assign('address', "");

54
system/controllers/settings.php
View File

@ -14,7 +14,7 @@ $ui->assign('_admin', $admin);
switch ($action) { switch ($action) {
case 'app': case 'app':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
if (!empty(_get('testWa'))) { if (!empty(_get('testWa'))) {
@ -30,10 +30,10 @@ switch ($action) {
r2(U . "settings/app", 's', 'Test Telegram has been send<br>Result: ' . $result); r2(U . "settings/app", 's', 'Test Telegram has been send<br>Result: ' . $result);
} }
if (file_exists('system/uploads/logo.png')) { if (file_exists($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png')) {
$logo = 'system/uploads/logo.png?' . time(); $logo = $UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png?' . time();
} else { } else {
$logo = 'system/uploads/logo.default.png'; $logo = $UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.default.png';
} }
$ui->assign('logo', $logo); $ui->assign('logo', $logo);
if ($_c['radius_enable'] && empty($_c['radius_client'])) { if ($_c['radius_enable'] && empty($_c['radius_client'])) {
@ -84,7 +84,7 @@ switch ($action) {
case 'app-post': case 'app-post':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
$company = _post('CompanyName'); $company = _post('CompanyName');
run_hook('save_settings'); #HOOK run_hook('save_settings'); #HOOK
@ -92,8 +92,8 @@ switch ($action) {
if (!empty($_FILES['logo']['name'])) { if (!empty($_FILES['logo']['name'])) {
if (function_exists('imagecreatetruecolor')) { if (function_exists('imagecreatetruecolor')) {
if (file_exists('system/uploads/logo.png')) unlink('system/uploads/logo.png'); if (file_exists($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png')) unlink($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png');
File::resizeCropImage($_FILES['logo']['tmp_name'], 'system/uploads/logo.png', 1078, 200, 100); File::resizeCropImage($_FILES['logo']['tmp_name'], $UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png', 1078, 200, 100);
if (file_exists($_FILES['logo']['tmp_name'])) unlink($_FILES['logo']['tmp_name']); if (file_exists($_FILES['logo']['tmp_name'])) unlink($_FILES['logo']['tmp_name']);
} else { } else {
r2(U . 'settings/app', 'e', 'PHP GD is not installed'); r2(U . 'settings/app', 'e', 'PHP GD is not installed');
@ -153,7 +153,7 @@ switch ($action) {
case 'localisation': case 'localisation':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
$folders = []; $folders = [];
$files = scandir('system/lan/'); $files = scandir('system/lan/');
@ -180,7 +180,7 @@ switch ($action) {
case 'localisation-post': case 'localisation-post':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
$tzone = _post('tzone'); $tzone = _post('tzone');
$date_format = _post('date_format'); $date_format = _post('date_format');
@ -270,7 +270,7 @@ switch ($action) {
case 'users': case 'users':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
$search = _req('search'); $search = _req('search');
if ($search != '') { if ($search != '') {
@ -360,7 +360,7 @@ switch ($action) {
case 'users-add': case 'users-add':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
$ui->assign('_title', Lang::T('Add User')); $ui->assign('_title', Lang::T('Add User'));
$ui->assign('agents', ORM::for_table('tbl_users')->where('user_type', 'Agent')->find_many()); $ui->assign('agents', ORM::for_table('tbl_users')->where('user_type', 'Agent')->find_many());
@ -392,7 +392,7 @@ switch ($action) {
if ($isApi) { if ($isApi) {
unset($d['password']); unset($d['password']);
$agent = $ui->get('agent'); $agent = $ui->get('agent');
if($agent) unset($agent['password']); if ($agent) unset($agent['password']);
showResult(true, $action, [ showResult(true, $action, [
'admin' => $d, 'admin' => $d,
'agent' => $agent 'agent' => $agent
@ -407,7 +407,7 @@ switch ($action) {
break; break;
case 'users-edit': case 'users-edit':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
$ui->assign('_title', Lang::T('Edit User')); $ui->assign('_title', Lang::T('Edit User'));
$id = $routes['2']; $id = $routes['2'];
@ -445,7 +445,7 @@ switch ($action) {
case 'users-delete': case 'users-delete':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
$id = $routes['2']; $id = $routes['2'];
@ -464,7 +464,7 @@ switch ($action) {
case 'users-post': case 'users-post':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
$username = _post('username'); $username = _post('username');
$fullname = _post('fullname'); $fullname = _post('fullname');
@ -602,7 +602,7 @@ switch ($action) {
$d->city = $city; $d->city = $city;
$d->subdistrict = $subdistrict; $d->subdistrict = $subdistrict;
$d->ward = $ward; $d->ward = $ward;
if(isset($_POST['status'])){ if (isset($_POST['status'])) {
$d->status = $status; $d->status = $status;
} }
@ -665,27 +665,27 @@ switch ($action) {
case 'notifications': case 'notifications':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
run_hook('view_notifications'); #HOOK run_hook('view_notifications'); #HOOK
if (file_exists("system/uploads/notifications.json")) { if (file_exists($UPLOAD_PATH . DIRECTORY_SEPARATOR . "notifications.json")) {
$ui->assign('_json', json_decode(file_get_contents('system/uploads/notifications.json'), true)); $ui->assign('_json', json_decode(file_get_contents($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'notifications.json'), true));
} else { } else {
$ui->assign('_json', json_decode(file_get_contents('system/uploads/notifications.default.json'), true)); $ui->assign('_json', json_decode(file_get_contents($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'notifications.default.json'), true));
} }
$ui->assign('_default', json_decode(file_get_contents('system/uploads/notifications.default.json'), true)); $ui->assign('_default', json_decode(file_get_contents($UPLOAD_PATH . DIRECTORY_SEPARATOR . 'notifications.default.json'), true));
$ui->display('app-notifications.tpl'); $ui->display('app-notifications.tpl');
break; break;
case 'notifications-post': case 'notifications-post':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
file_put_contents("system/uploads/notifications.json", json_encode($_POST)); file_put_contents($UPLOAD_PATH . "/notifications.json", json_encode($_POST));
r2(U . 'settings/notifications', 's', Lang::T('Settings Saved Successfully')); r2(U . 'settings/notifications', 's', Lang::T('Settings Saved Successfully'));
break; break;
case 'dbstatus': case 'dbstatus':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
$dbc = new mysqli($db_host, $db_user, $db_password, $db_name); $dbc = new mysqli($db_host, $db_user, $db_password, $db_name);
@ -703,7 +703,7 @@ switch ($action) {
case 'dbbackup': case 'dbbackup':
if (!in_array($admin['user_type'], ['SuperAdmin'])) { if (!in_array($admin['user_type'], ['SuperAdmin'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
$tables = $_POST['tables']; $tables = $_POST['tables'];
set_time_limit(-1); set_time_limit(-1);
@ -723,7 +723,7 @@ switch ($action) {
break; break;
case 'dbrestore': case 'dbrestore':
if (!in_array($admin['user_type'], ['SuperAdmin'])) { if (!in_array($admin['user_type'], ['SuperAdmin'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
if (file_exists($_FILES['json']['tmp_name'])) { if (file_exists($_FILES['json']['tmp_name'])) {
$suc = 0; $suc = 0;
@ -753,7 +753,7 @@ switch ($action) {
break; break;
case 'language': case 'language':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
_alert(Lang::T('You do not have permission to access this page'),'danger', "dashboard"); _alert(Lang::T('You do not have permission to access this page'), 'danger', "dashboard");
} }
run_hook('view_add_language'); #HOOK run_hook('view_add_language'); #HOOK
if (file_exists($lan_file)) { if (file_exists($lan_file)) {

2
ui/ui/customers-view.tpl
View File

@ -6,7 +6,7 @@
<div class="box-body box-profile"> <div class="box-body box-profile">
<img class="profile-user-img img-responsive img-circle" <img class="profile-user-img img-responsive img-circle"
src="https://robohash.org/{$d['id']}?set=set3&size=100x100&bgset=bg1" src="https://robohash.org/{$d['id']}?set=set3&size=100x100&bgset=bg1"
onerror="this.src='system/uploads/user.default.jpg'" alt="avatar"> onerror="this.src='{$UPLOAD_PATH}/user.default.jpg'" alt="avatar">
<h3 class="profile-username text-center">{$d['fullname']}</h3> <h3 class="profile-username text-center">{$d['fullname']}</h3>

4
ui/ui/sections/header.tpl
View File

@ -81,14 +81,14 @@
<li class="dropdown user user-menu"> <li class="dropdown user user-menu">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown">
<img src="https://robohash.org/{$_admin['id']}?set=set3&size=100x100&bgset=bg1" <img src="https://robohash.org/{$_admin['id']}?set=set3&size=100x100&bgset=bg1"
onerror="this.src='system/uploads/admin.default.png'" class="user-image" onerror="this.src='{$UPLOAD_PATH}/admin.default.png'" class="user-image"
alt="Avatar"> alt="Avatar">
<span class="hidden-xs">{$_admin['fullname']}</span> <span class="hidden-xs">{$_admin['fullname']}</span>
</a> </a>
<ul class="dropdown-menu"> <ul class="dropdown-menu">
<li class="user-header"> <li class="user-header">
<img src="https://robohash.org/{$_admin['id']}?set=set3&size=100x100&bgset=bg1" <img src="https://robohash.org/{$_admin['id']}?set=set3&size=100x100&bgset=bg1"
onerror="this.src='system/uploads/admin.default.png'" class="img-circle" onerror="this.src='{$UPLOAD_PATH}/admin.default.png'" class="img-circle"
alt="Avatar"> alt="Avatar">
<p> <p>
{$_admin['fullname']} {$_admin['fullname']}

4
ui/ui/sections/user-header.tpl
View File

@ -66,13 +66,13 @@
<span>{$_user['fullname']}</span> <span>{$_user['fullname']}</span>
{/if} {/if}
<img src="https://robohash.org/{$_user['id']}?set=set3&size=100x100&bgset=bg1" <img src="https://robohash.org/{$_user['id']}?set=set3&size=100x100&bgset=bg1"
onerror="this.src='system/uploads/user.default.jpg'" class="user-image" onerror="this.src='{$UPLOAD_PATH}/user.default.jpg'" class="user-image"
alt="User Image"> alt="User Image">
</a> </a>
<ul class="dropdown-menu"> <ul class="dropdown-menu">
<li class="user-header"> <li class="user-header">
<img src="https://robohash.org/{$_user['id']}?set=set3&size=100x100&bgset=bg1" <img src="https://robohash.org/{$_user['id']}?set=set3&size=100x100&bgset=bg1"
onerror="this.src='system/uploads/user.default.jpg'" class="img-circle" onerror="this.src='{$UPLOAD_PATH}/user.default.jpg'" class="img-circle"
alt="User Image"> alt="User Image">
<p> <p>