kevinowino869/mitrobill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

creating API, Work in Progress

Browse Source
This commit is contained in:
Ibnu Maksum 2024-02-19 16:28:55 +07:00
parent ade714e2ae
commit fe082258cd
No known key found for this signature in database
GPG Key ID: 7FC82848810579E5
8 changed files with 465 additions and 302 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
init.php
View File

@ -67,6 +67,7 @@ if ($_app_stage != 'Live') {
ORM::configure('logging', true); ORM::configure('logging', true);
} }
define('U', APP_URL . '/index.php?_route=');
// notification message // notification message
if (file_exists($root_path . File::pathFixer("system/uploads/notifications.json"))) { if (file_exists($root_path . File::pathFixer("system/uploads/notifications.json"))) {
@ -152,3 +153,73 @@ function _req($param, $defvalue = '')
return safedata($_REQUEST[$param]); return safedata($_REQUEST[$param]);
} }
} }
function _auth($login = true)
{
if (User::getID()) {
return true;
} else {
if ($login) {
r2(U . 'login');
} else {
return false;
}
}
}
function _admin($login = true)
{
if (Admin::getID()) {
return true;
} else {
if ($login) {
r2(U . 'login');
} else {
return false;
}
}
}
function _log($description, $type = '', $userid = '0')
{
$d = ORM::for_table('tbl_logs')->create();
$d->date = date('Y-m-d H:i:s');
$d->type = $type;
$d->description = $description;
$d->userid = $userid;
$d->ip = $_SERVER["REMOTE_ADDR"];
$d->save();
}
function Lang($key)
{
return Lang::T($key);
}
function alphanumeric($str, $tambahan = "")
{
return preg_replace("/[^a-zA-Z0-9" . $tambahan . "]+/", "", $str);
}
function sendTelegram($txt)
{
Message::sendTelegram($txt);
}
function sendSMS($phone, $txt)
{
Message::sendSMS($phone, $txt);
}
function sendWhatsapp($phone, $txt)
{
Message::sendWhatsapp($phone, $txt);
}
if(!isset($api_secret)){
$api_secret = $db_password;
}

105
system/api.php Normal file
View File

@ -0,0 +1,105 @@
<?php
/**
* PHP Mikrotik Billing (https://github.com/hotspotbilling/phpnuxbill/)
* by https://t.me/ibnux
*
* This File is for API Access
**/
if ($_SERVER['REQUEST_METHOD'] === "OPTIONS" || $_SERVER['REQUEST_METHOD'] === "HEAD") {
header('Access-Control-Allow-Origin: *');
header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization");
header("HTTP/1.1 200 OK");
die();
}
include "../init.php";
$isApi = true;
// Dummy Class
$ui = new class($key)
{
var $assign = [];
function display($key)
{
}
function assign($key, $value)
{
$this->assign[$key] = $value;
}
function get($key, )
{
if(isset($this->assign[$key])){
return $this->assign[$key];
}
return '';
}
};
$req = _get('r');
# a/c.id.time.md5
# md5(a/c.id.time.$api_secret)
$token = _get('token');
$routes = explode('/', $req);
$handler = $routes[0];
if ($handler == '') {
$handler = 'default';
}
if(empty($token)){
showResult(false, Lang::T("Token is invalid"));
}
if($token == $config['api_key']){
$admin = ORM::for_table('tbl_users')->where('user_type','SuperAdmin')->find_one($id);
if(empty($admin)){
$admin = ORM::for_table('tbl_users')->where('user_type','Admin')->find_one($id);
if(empty($admin)){
showResult(false, Lang::T("Token is invalid"));
}
}
}else{
# validate token
list($tipe, $uid, $time, $md5) = explode('.', $token);
if ($md5 != md5($uid . '.' . $time . '.' . $api_secret)) {
showResult(false, Lang::T("Token is invalid"));
}
#cek token expiration
if ($time != 0 && time() > $time) {
showResult(false, Lang::T("Token Expired"), [], ['login' => true]);
}
if($tipe=='a'){
$_SESSION['aid'] = $uid;
}else if($tipe=='c'){
$_SESSION['uid'] = $uid;
}else{
showResult(false, Lang::T("Unknown Token"), [], ['login' => true]);
}
}
if($handler == 'isValid'){
showResult(true, Lang::T("Token is valid"));
}
function showResult($success, $message = '', $result = [], $meta = [])
{
header("Content-Type: Application/json; charset=utf-8");
die(json_encode(array('success' => $success, 'message' => $message, 'result' => $result, 'meta' => $meta)));
}
try {
$sys_render = File::pathFixer($root_path.'system/controllers/' . $handler . '.php');
if (file_exists($sys_render)) {
include($sys_render);
}else{
showResult(false, Lang::T('Command not found'));
}
} catch (Exception $e) {
showResult(false, $e->getMessage());
}

67
system/boot.php
View File

@ -80,7 +80,6 @@ $ui->setConfigDir(File::pathFixer('ui/conf/'));
$ui->setCacheDir(File::pathFixer('ui/cache/')); $ui->setCacheDir(File::pathFixer('ui/cache/'));
$ui->assign('app_url', APP_URL); $ui->assign('app_url', APP_URL);
$ui->assign('_domain', str_replace('www.', '', parse_url(APP_URL, PHP_URL_HOST))); $ui->assign('_domain', str_replace('www.', '', parse_url(APP_URL, PHP_URL_HOST)));
define('U', APP_URL . '/index.php?_route=');
$ui->assign('_url', APP_URL . '/index.php?_route='); $ui->assign('_url', APP_URL . '/index.php?_route=');
$ui->assign('_path', __DIR__); $ui->assign('_path', __DIR__);
$ui->assign('_c', $config); $ui->assign('_c', $config);
@ -102,70 +101,6 @@ if (isset($_SESSION['notify'])) {
unset($_SESSION['ntype']); unset($_SESSION['ntype']);
} }
function _auth($login = true)
{
if (User::getID()) {
return true;
} else {
if ($login) {
r2(U . 'login');
} else {
return false;
}
}
}
function _admin($login = true)
{
if (Admin::getID()) {
return true;
} else {
if ($login) {
r2(U . 'login');
} else {
return false;
}
}
}
function _log($description, $type = '', $userid = '0')
{
$d = ORM::for_table('tbl_logs')->create();
$d->date = date('Y-m-d H:i:s');
$d->type = $type;
$d->description = $description;
$d->userid = $userid;
$d->ip = $_SERVER["REMOTE_ADDR"];
$d->save();
}
function Lang($key)
{
return Lang::T($key);
}
function alphanumeric($str, $tambahan = "")
{
return preg_replace("/[^a-zA-Z0-9" . $tambahan . "]+/", "", $str);
}
function sendTelegram($txt)
{
Message::sendTelegram($txt);
}
function sendSMS($phone, $txt)
{
Message::sendSMS($phone, $txt);
}
function sendWhatsapp($phone, $txt)
{
Message::sendWhatsapp($phone, $txt);
}
// Routing Engine // Routing Engine
$req = _get('_route'); $req = _get('_route');
@ -176,7 +111,7 @@ if ($handler == '') {
$handler = 'default'; $handler = 'default';
} }
try { try {
$sys_render = File::pathFixer('system/controllers/' . $handler . '.php'); $sys_render = $root_path.File::pathFixer('system/controllers/' . $handler . '.php');
if (file_exists($sys_render)) { if (file_exists($sys_render)) {
$menus = array(); $menus = array();
// "name" => $name, // "name" => $name,

115
system/controllers/prepaid.php
View File

@ -60,23 +60,28 @@ switch ($action) {
} }
$log .= "DONE : $plan[username], $plan[namebp], $plan[type], $plan[routers]<br>"; $log .= "DONE : $plan[username], $plan[namebp], $plan[type], $plan[routers]<br>";
} }
if ($isApi) {
showResult(true, $log);
}
r2(U . 'prepaid/list', 's', $log); r2(U . 'prepaid/list', 's', $log);
case 'list': case 'list':
$ui->assign('xfooter', '<script type="text/javascript" src="ui/lib/c/prepaid.js"></script>'); $ui->assign('xfooter', '<script type="text/javascript" src="ui/lib/c/prepaid.js"></script>');
$ui->assign('_title', Lang::T('Customer')); $ui->assign('_title', Lang::T('Customer'));
$username = _post('username'); $search = _post('search');
if ($username != '') { if ($search != '') {
$paginator = Paginator::build(ORM::for_table('tbl_user_recharges'), ['username' => '%' . $username . '%'], $username); $paginator = Paginator::build(ORM::for_table('tbl_user_recharges'), ['username' => '%' . $search . '%'], $search);
$d = ORM::for_table('tbl_user_recharges')->where_like('username', '%' . $username . '%')->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_desc('id')->find_many(); $d = ORM::for_table('tbl_user_recharges')->where_like('username', '%' . $search . '%')->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_desc('id')->find_many();
} else { } else {
$paginator = Paginator::build(ORM::for_table('tbl_user_recharges')); $paginator = Paginator::build(ORM::for_table('tbl_user_recharges'));
$d = ORM::for_table('tbl_user_recharges')->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_desc('id')->find_many(); $d = ORM::for_table('tbl_user_recharges')->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_desc('id')->find_array();
} }
$ui->assign('d', $d);
$ui->assign('cari', $username);
$ui->assign('paginator', $paginator);
run_hook('view_list_billing'); #HOOK run_hook('view_list_billing'); #HOOK
if ($isApi) {
showResult(true, $action, $d, ['search' => $search]);
}
$ui->assign('d', $d);
$ui->assign('search', $search);
$ui->assign('paginator', $paginator);
$ui->display('prepaid.tpl'); $ui->display('prepaid.tpl');
break; break;
@ -157,9 +162,9 @@ switch ($action) {
case 'print': case 'print':
$content = $_POST['content']; $content = $_POST['content'];
if(!empty($content)){ if (!empty($content)) {
$ui->assign('content', $content); $ui->assign('content', $content);
}else{ } else {
$id = _post('id'); $id = _post('id');
$d = ORM::for_table('tbl_transactions')->where('id', $id)->find_one(); $d = ORM::for_table('tbl_transactions')->where('id', $id)->find_one();
$ui->assign('in', $d); $ui->assign('in', $d);
@ -246,18 +251,18 @@ switch ($action) {
//$d->recharged_on = $recharged_on; //$d->recharged_on = $recharged_on;
$d->expiration = $expiration; $d->expiration = $expiration;
$d->time = $time; $d->time = $time;
if($d['status'] == 'off'){ if ($d['status'] == 'off') {
if(strtotime($expiration.' '.$time) > time()){ if (strtotime($expiration . ' ' . $time) > time()) {
$d->status = 'on'; $d->status = 'on';
} }
} }
if($p['is_radius']){ if ($p['is_radius']) {
$d->routers = 'radius'; $d->routers = 'radius';
}else{ } else {
$d->routers = $p['routers']; $d->routers = $p['routers'];
} }
$d->save(); $d->save();
if($d['status'] == 'on'){ if ($d['status'] == 'on') {
Package::changeTo($username, $id_plan, $id); Package::changeTo($username, $id_plan, $id);
} }
_log('[' . $admin['username'] . ']: ' . 'Edit Plan for Customer ' . $d['username'] . ' to [' . $d['namebp'] . '][' . Lang::moneyFormat($p['price']) . ']', $admin['user_type'], $admin['id']); _log('[' . $admin['username'] . ']: ' . 'Edit Plan for Customer ' . $d['username'] . ' to [' . $d['namebp'] . '][' . Lang::moneyFormat($p['price']) . ']', $admin['user_type'], $admin['id']);
@ -290,23 +295,23 @@ switch ($action) {
// extract admin // extract admin
$admins = []; $admins = [];
foreach ($d as $k) { foreach ($d as $k) {
if(!empty($k['generated_by'])){ if (!empty($k['generated_by'])) {
$admins[] = $k['generated_by']; $admins[] = $k['generated_by'];
} }
} }
if(count($admins) > 0){ if (count($admins) > 0) {
$adms = ORM::for_table('tbl_users')->where_in('id', $admins)->find_many(); $adms = ORM::for_table('tbl_users')->where_in('id', $admins)->find_many();
unset($admins); unset($admins);
foreach($adms as $adm){ foreach ($adms as $adm) {
$tipe = $adm['user_type']; $tipe = $adm['user_type'];
if($tipe == 'Sales'){ if ($tipe == 'Sales') {
$tipe = ' [S]'; $tipe = ' [S]';
}else if($tipe == 'Agent'){ } else if ($tipe == 'Agent') {
$tipe = ' [A]'; $tipe = ' [A]';
}else{ } else {
$tipe == ''; $tipe == '';
} }
$admins[$adm['id']] = $adm['fullname'].$tipe; $admins[$adm['id']] = $adm['fullname'] . $tipe;
} }
} }
$ui->assign('admins', $admins); $ui->assign('admins', $admins);
@ -337,12 +342,12 @@ switch ($action) {
if ($d) { if ($d) {
$jml = 0; $jml = 0;
foreach ($d as $v) { foreach ($d as $v) {
if(!ORM::for_table('tbl_user_recharges')->where_equal("method",'Voucher - '.$v['code'])->findOne()){ if (!ORM::for_table('tbl_user_recharges')->where_equal("method", 'Voucher - ' . $v['code'])->findOne()) {
$v->delete(); $v->delete();
$jml++; $jml++;
} }
} }
r2(U . 'prepaid/voucher', 's', "$jml ".Lang::T('Data Deleted Successfully')); r2(U . 'prepaid/voucher', 's', "$jml " . Lang::T('Data Deleted Successfully'));
} }
case 'print-voucher': case 'print-voucher':
$from_id = _post('from_id'); $from_id = _post('from_id');
@ -463,7 +468,7 @@ switch ($action) {
$msg .= 'The Length Code must be a number' . '<br>'; $msg .= 'The Length Code must be a number' . '<br>';
} }
if ($msg == '') { if ($msg == '') {
if(!empty($prefix)){ if (!empty($prefix)) {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'voucher_prefix')->find_one(); $d = ORM::for_table('tbl_appconfig')->where('setting', 'voucher_prefix')->find_one();
if ($d) { if ($d) {
$d->value = $prefix; $d->value = $prefix;
@ -487,14 +492,14 @@ switch ($action) {
$d->type = $type; $d->type = $type;
$d->routers = $server; $d->routers = $server;
$d->id_plan = $plan; $d->id_plan = $plan;
$d->code = $prefix.$code; $d->code = $prefix . $code;
$d->user = '0'; $d->user = '0';
$d->status = '0'; $d->status = '0';
$d->generated_by = $admin['id']; $d->generated_by = $admin['id'];
$d->save(); $d->save();
} }
if($numbervoucher == 1){ if ($numbervoucher == 1) {
r2(U . 'prepaid/voucher-view/'.$d->id(), 's', Lang::T('Create Vouchers Successfully')); r2(U . 'prepaid/voucher-view/' . $d->id(), 's', Lang::T('Create Vouchers Successfully'));
} }
r2(U . 'prepaid/voucher', 's', Lang::T('Create Vouchers Successfully')); r2(U . 'prepaid/voucher', 's', Lang::T('Create Vouchers Successfully'));
@ -506,41 +511,41 @@ switch ($action) {
case 'voucher-view': case 'voucher-view':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
$voucher = ORM::for_table('tbl_voucher')->find_one($id); $voucher = ORM::for_table('tbl_voucher')->find_one($id);
}else{ } else {
$voucher = ORM::for_table('tbl_voucher')->where('generated_by', $admin['id'])->find_one($id); $voucher = ORM::for_table('tbl_voucher')->where('generated_by', $admin['id'])->find_one($id);
} }
$plan = ORM::for_table('tbl_plans')->find_one($d['id_plan']); $plan = ORM::for_table('tbl_plans')->find_one($d['id_plan']);
if ($voucher && $plan) { if ($voucher && $plan) {
$content = Lang::pad($config['CompanyName'],' ', 2)."\n"; $content = Lang::pad($config['CompanyName'], ' ', 2) . "\n";
$content .= Lang::pad($config['address'],' ', 2)."\n"; $content .= Lang::pad($config['address'], ' ', 2) . "\n";
$content .= Lang::pad($config['phone'],' ', 2)."\n"; $content .= Lang::pad($config['phone'], ' ', 2) . "\n";
$content .= Lang::pad("", '=')."\n"; $content .= Lang::pad("", '=') . "\n";
$content .= Lang::pads('ID', $voucher['id'], ' ')."\n"; $content .= Lang::pads('ID', $voucher['id'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Code'), $voucher['code'], ' ')."\n"; $content .= Lang::pads(Lang::T('Code'), $voucher['code'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Plan Name'), $plan['name_plan'], ' ')."\n"; $content .= Lang::pads(Lang::T('Plan Name'), $plan['name_plan'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Type'), $voucher['type'], ' ')."\n"; $content .= Lang::pads(Lang::T('Type'), $voucher['type'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Plan Price'), Lang::moneyFormat($plan['price']), ' ')."\n"; $content .= Lang::pads(Lang::T('Plan Price'), Lang::moneyFormat($plan['price']), ' ') . "\n";
$content .= Lang::pads(Lang::T('Sales'), $admin['fullname'].' #'.$admin['id'], ' ')."\n"; $content .= Lang::pads(Lang::T('Sales'), $admin['fullname'] . ' #' . $admin['id'], ' ') . "\n";
$content .= Lang::pad("", '=')."\n"; $content .= Lang::pad("", '=') . "\n";
$content .= Lang::pad($config['note'],' ', 2)."\n"; $content .= Lang::pad($config['note'], ' ', 2) . "\n";
$ui->assign('print', $content); $ui->assign('print', $content);
$config['printer_cols'] = 30; $config['printer_cols'] = 30;
$content = Lang::pad($config['CompanyName'],' ', 2)."\n"; $content = Lang::pad($config['CompanyName'], ' ', 2) . "\n";
$content .= Lang::pad($config['address'],' ', 2)."\n"; $content .= Lang::pad($config['address'], ' ', 2) . "\n";
$content .= Lang::pad($config['phone'],' ', 2)."\n"; $content .= Lang::pad($config['phone'], ' ', 2) . "\n";
$content .= Lang::pad("", '=')."\n"; $content .= Lang::pad("", '=') . "\n";
$content .= Lang::pads('ID', $voucher['id'], ' ')."\n"; $content .= Lang::pads('ID', $voucher['id'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Code'), $voucher['code'], ' ')."\n"; $content .= Lang::pads(Lang::T('Code'), $voucher['code'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Plan Name'), $plan['name_plan'], ' ')."\n"; $content .= Lang::pads(Lang::T('Plan Name'), $plan['name_plan'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Type'), $voucher['type'], ' ')."\n"; $content .= Lang::pads(Lang::T('Type'), $voucher['type'], ' ') . "\n";
$content .= Lang::pads(Lang::T('Plan Price'), Lang::moneyFormat($plan['price']), ' ')."\n"; $content .= Lang::pads(Lang::T('Plan Price'), Lang::moneyFormat($plan['price']), ' ') . "\n";
$content .= Lang::pads(Lang::T('Sales'), $admin['fullname'].' #'.$admin['id'], ' ')."\n"; $content .= Lang::pads(Lang::T('Sales'), $admin['fullname'] . ' #' . $admin['id'], ' ') . "\n";
$content .= Lang::pad("", '=')."\n"; $content .= Lang::pad("", '=') . "\n";
$content .= Lang::pad($config['note'],' ', 2)."\n"; $content .= Lang::pad($config['note'], ' ', 2) . "\n";
$ui->assign('_title', Lang::T('View')); $ui->assign('_title', Lang::T('View'));
$ui->assign('wa', urlencode("```$content```")); $ui->assign('wa', urlencode("```$content```"));
$ui->display('voucher-view.tpl'); $ui->display('voucher-view.tpl');
}else{ } else {
r2(U . 'prepaid/voucher/', 'e', Lang::T('Voucher Not Found')); r2(U . 'prepaid/voucher/', 'e', Lang::T('Voucher Not Found'));
} }
break; break;

359
system/controllers/settings.php
View File

@ -62,6 +62,20 @@ switch ($action) {
} else { } else {
$php = 'php'; $php = 'php';
} }
if (empty($config['api_key'])) {
$config['api_key'] = sha1(uniqid(rand(), true));
$d = ORM::for_table('tbl_appconfig')->where('setting', 'api_key')->find_one();
if ($d) {
$d->value = $config['api_key'];
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'api_key';
$d->value = $config['api_key'];
$d->save();
}
}
$ui->assign('_c', $config);
$ui->assign('php', $php); $ui->assign('php', $php);
$ui->assign('dir', str_replace('controllers', '', __DIR__)); $ui->assign('dir', str_replace('controllers', '', __DIR__));
$ui->assign('themes', $themes); $ui->assign('themes', $themes);
@ -69,6 +83,72 @@ switch ($action) {
$ui->display('app-settings.tpl'); $ui->display('app-settings.tpl');
break; break;
case 'app-post':
$company = _post('CompanyName');
run_hook('save_settings'); #HOOK
if (!empty($_FILES['logo']['name'])) {
if (function_exists('imagecreatetruecolor')) {
if (file_exists('system/uploads/logo.png')) unlink('system/uploads/logo.png');
File::resizeCropImage($_FILES['logo']['tmp_name'], 'system/uploads/logo.png', 1078, 200, 100);
if (file_exists($_FILES['logo']['tmp_name'])) unlink($_FILES['logo']['tmp_name']);
} else {
r2(U . 'settings/app', 'e', 'PHP GD is not installed');
}
}
if ($company == '') {
r2(U . 'settings/app', 'e', Lang::T('All field is required'));
} else {
if ($radius_enable) {
try {
Radius::getTableNas()->find_many();
} catch (Exception $e) {
$ui->assign("error_title", "RADIUS Error");
$ui->assign("error_message", "Radius table not found.<br><br>" .
$e->getMessage() .
"<br><br>Download <a href=\"https://raw.githubusercontent.com/hotspotbilling/phpnuxbill/Development/install/radius.sql\">here</a> or <a href=\"https://raw.githubusercontent.com/hotspotbilling/phpnuxbill/master/install/radius.sql\">here</a> and import it to database.<br><br>Check config.php for radius connection details");
$ui->display('router-error.tpl');
die();
}
}
// save all settings
foreach ($_POST as $key => $value) {
$d = ORM::for_table('tbl_appconfig')->where('setting', $key)->find_one();
if ($d) {
$d->value = $value;
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = $key;
$d->value = $value;
$d->save();
}
}
//checkbox
$checks = ['hide_mrc', 'hide_tms', 'hide_aui', 'hide_al', 'hide_uet', 'hide_vs', 'hide_pg'];
foreach ($checks as $check) {
if (!isset($_POST[$check])) {
$d = ORM::for_table('tbl_appconfig')->where('setting', $check)->find_one();
if ($d) {
$d->value = 'no';
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = $check;
$d->value = 'no';
$d->save();
}
}
}
_log('[' . $admin['username'] . ']: ' . Lang::T('Settings Saved Successfully'), $admin['user_type'], $admin['id']);
r2(U . 'settings/app', 's', Lang::T('Settings Saved Successfully'));
}
break;
case 'localisation': case 'localisation':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page')); r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
@ -96,6 +176,93 @@ switch ($action) {
$ui->display('app-localisation.tpl'); $ui->display('app-localisation.tpl');
break; break;
case 'localisation-post':
$tzone = _post('tzone');
$date_format = _post('date_format');
$country_code_phone = _post('country_code_phone');
$lan = _post('lan');
run_hook('save_localisation'); #HOOK
if ($tzone == '' or $date_format == '' or $lan == '') {
r2(U . 'settings/app', 'e', Lang::T('All field is required'));
} else {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'timezone')->find_one();
$d->value = $tzone;
$d->save();
$d = ORM::for_table('tbl_appconfig')->where('setting', 'date_format')->find_one();
$d->value = $date_format;
$d->save();
$dec_point = $_POST['dec_point'];
if (strlen($dec_point) == '1') {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'dec_point')->find_one();
$d->value = $dec_point;
$d->save();
}
$thousands_sep = $_POST['thousands_sep'];
if (strlen($thousands_sep) == '1') {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'thousands_sep')->find_one();
$d->value = $thousands_sep;
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'country_code_phone')->find_one();
if ($d) {
$d->value = $country_code_phone;
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'country_code_phone';
$d->value = $country_code_phone;
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'radius_plan')->find_one();
if ($d) {
$d->value = _post('radius_plan');
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'radius_plan';
$d->value = _post('radius_plan');
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'hotspot_plan')->find_one();
if ($d) {
$d->value = _post('hotspot_plan');
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'hotspot_plan';
$d->value = _post('hotspot_plan');
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'pppoe_plan')->find_one();
if ($d) {
$d->value = _post('pppoe_plan');
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'pppoe_plan';
$d->value = _post('pppoe_plan');
$d->save();
}
$currency_code = $_POST['currency_code'];
$d = ORM::for_table('tbl_appconfig')->where('setting', 'currency_code')->find_one();
$d->value = $currency_code;
$d->save();
$d = ORM::for_table('tbl_appconfig')->where('setting', 'language')->find_one();
$d->value = $lan;
$d->save();
unset($_SESSION['Lang']);
_log('[' . $admin['username'] . ']: ' . Lang::T('Settings Saved Successfully'), $admin['user_type'], $admin['id']);
r2(U . 'settings/localisation', 's', Lang::T('Settings Saved Successfully'));
}
break;
case 'users': case 'users':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) { if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin', 'Agent'])) {
r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page')); r2(U . "dashboard", 'e', Lang::T('You do not have permission to access this page'));
@ -107,7 +274,7 @@ switch ($action) {
$d = ORM::for_table('tbl_users') $d = ORM::for_table('tbl_users')
->where_like('username', '%' . $search . '%') ->where_like('username', '%' . $search . '%')
->offset($paginator['startpoint']) ->offset($paginator['startpoint'])
->limit($paginator['limit'])->order_by_asc('id')->find_many(); ->limit($paginator['limit'])->order_by_asc('id')->findArray();
} else if ($admin['user_type'] == 'Admin') { } else if ($admin['user_type'] == 'Admin') {
$paginator = Paginator::build(ORM::for_table('tbl_users'), [ $paginator = Paginator::build(ORM::for_table('tbl_users'), [
'username' => '%' . $search . '%', 'username' => '%' . $search . '%',
@ -123,7 +290,7 @@ switch ($action) {
['user_type' => 'Sales'] ['user_type' => 'Sales']
]) ])
->offset($paginator['startpoint']) ->offset($paginator['startpoint'])
->limit($paginator['limit'])->order_by_asc('id')->find_many(); ->limit($paginator['limit'])->order_by_asc('id')->findArray();
} else { } else {
$paginator = Paginator::build(ORM::for_table('tbl_users'), ['username' => '%' . $search . '%'], $search); $paginator = Paginator::build(ORM::for_table('tbl_users'), ['username' => '%' . $search . '%'], $search);
$d = ORM::for_table('tbl_users') $d = ORM::for_table('tbl_users')
@ -133,19 +300,19 @@ switch ($action) {
['root' => $admin['id']] ['root' => $admin['id']]
]) ])
->offset($paginator['startpoint']) ->offset($paginator['startpoint'])
->limit($paginator['limit'])->order_by_asc('id')->find_many(); ->limit($paginator['limit'])->order_by_asc('id')->findArray();
} }
} else { } else {
if ($admin['user_type'] == 'SuperAdmin') { if ($admin['user_type'] == 'SuperAdmin') {
$paginator = Paginator::build(ORM::for_table('tbl_users')); $paginator = Paginator::build(ORM::for_table('tbl_users'));
$d = ORM::for_table('tbl_users')->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_asc('id')->find_many(); $d = ORM::for_table('tbl_users')->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_asc('id')->findArray();
} else if ($admin['user_type'] == 'Admin') { } else if ($admin['user_type'] == 'Admin') {
$paginator = Paginator::build(ORM::for_table('tbl_users')); $paginator = Paginator::build(ORM::for_table('tbl_users'));
$d = ORM::for_table('tbl_users')->where_any_is([ $d = ORM::for_table('tbl_users')->where_any_is([
['user_type' => 'Report'], ['user_type' => 'Report'],
['user_type' => 'Agent'], ['user_type' => 'Agent'],
['user_type' => 'Sales'] ['user_type' => 'Sales']
])->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_asc('id')->find_many(); ])->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_asc('id')->findArray();
} else { } else {
$paginator = Paginator::build(ORM::for_table('tbl_users')); $paginator = Paginator::build(ORM::for_table('tbl_users'));
$d = ORM::for_table('tbl_users') $d = ORM::for_table('tbl_users')
@ -153,7 +320,7 @@ switch ($action) {
['id' => $admin['id']], ['id' => $admin['id']],
['root' => $admin['id']] ['root' => $admin['id']]
]) ])
->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_asc('id')->find_many(); ->offset($paginator['startpoint'])->limit($paginator['limit'])->order_by_asc('id')->findArray();
} }
} }
$admins = []; $admins = [];
@ -163,12 +330,18 @@ switch ($action) {
} }
} }
if (count($admins) > 0) { if (count($admins) > 0) {
$adms = ORM::for_table('tbl_users')->where_in('id', $admins)->find_many(); $adms = ORM::for_table('tbl_users')->where_in('id', $admins)->findArray();
unset($admins); unset($admins);
foreach ($adms as $adm) { foreach ($adms as $adm) {
$admins[$adm['id']] = $adm['fullname']; $admins[$adm['id']] = $adm['fullname'];
} }
} }
if ($isApi) {
showResult(true, $action, [
'admins' => $d,
'roots' => $admins
], ['search' => $search]);
}
$ui->assign('admins', $admins); $ui->assign('admins', $admins);
$ui->assign('d', $d); $ui->assign('d', $d);
$ui->assign('search', $search); $ui->assign('search', $search);
@ -193,22 +366,31 @@ switch ($action) {
} }
//allow see himself //allow see himself
if ($admin['id'] == $id) { if ($admin['id'] == $id) {
$d = ORM::for_table('tbl_users')->find_one($id); $d = ORM::for_table('tbl_users')->where('id', $id)->find_array($id)[0];
} else { } else {
if (in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) { if (in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
// Super Admin can see anyone // Super Admin can see anyone
$d = ORM::for_table('tbl_users')->find_one($id); $d = ORM::for_table('tbl_users')->where('id', $id)->find_array()[0];
} else if ($admin['user_type'] == 'Agent') { } else if ($admin['user_type'] == 'Agent') {
// Agent can see Sales // Agent can see Sales
$d = ORM::for_table('tbl_users')->where('root', $admin['id'])->find_one($id); $d = ORM::for_table('tbl_users')->where_any_is([['root' => $admin['id']], ['id' => $id]])->find_array()[0];
} }
} }
if ($d) { if ($d) {
run_hook('view_edit_admin'); #HOOK
if ($d['user_type'] == 'Sales') { if ($d['user_type'] == 'Sales') {
$ui->assign('agent', ORM::for_table('tbl_users')->find_one($d['root'])); $ui->assign('agent', ORM::for_table('tbl_users')->where('id', $d['root'])->find_array()[0]);
}
if ($isApi) {
unset($d['password']);
$agent = $ui->get('agent');
if($agent) unset($agent['password']);
showResult(true, $action, [
'admin' => $d,
'agent' => $agent
], ['search' => $search]);
} }
$ui->assign('d', $d); $ui->assign('d', $d);
run_hook('view_edit_admin'); #HOOK
$ui->assign('_title', $d['username']); $ui->assign('_title', $d['username']);
$ui->display('users-view.tpl'); $ui->display('users-view.tpl');
} else { } else {
@ -427,159 +609,6 @@ switch ($action) {
} }
break; break;
case 'app-post':
$company = _post('CompanyName');
run_hook('save_settings'); #HOOK
if (!empty($_FILES['logo']['name'])) {
if (function_exists('imagecreatetruecolor')) {
if (file_exists('system/uploads/logo.png')) unlink('system/uploads/logo.png');
File::resizeCropImage($_FILES['logo']['tmp_name'], 'system/uploads/logo.png', 1078, 200, 100);
if (file_exists($_FILES['logo']['tmp_name'])) unlink($_FILES['logo']['tmp_name']);
} else {
r2(U . 'settings/app', 'e', 'PHP GD is not installed');
}
}
if ($company == '') {
r2(U . 'settings/app', 'e', Lang::T('All field is required'));
} else {
if ($radius_enable) {
try {
Radius::getTableNas()->find_many();
} catch (Exception $e) {
$ui->assign("error_title", "RADIUS Error");
$ui->assign("error_message", "Radius table not found.<br><br>" .
$e->getMessage() .
"<br><br>Download <a href=\"https://raw.githubusercontent.com/hotspotbilling/phpnuxbill/Development/install/radius.sql\">here</a> or <a href=\"https://raw.githubusercontent.com/hotspotbilling/phpnuxbill/master/install/radius.sql\">here</a> and import it to database.<br><br>Check config.php for radius connection details");
$ui->display('router-error.tpl');
die();
}
}
// save all settings
foreach ($_POST as $key => $value) {
$d = ORM::for_table('tbl_appconfig')->where('setting', $key)->find_one();
if ($d) {
$d->value = $value;
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = $key;
$d->value = $value;
$d->save();
}
}
//checkbox
$checks = ['hide_mrc', 'hide_tms', 'hide_aui', 'hide_al', 'hide_uet', 'hide_vs', 'hide_pg'];
foreach ($checks as $check) {
if (!isset($_POST[$check])) {
$d = ORM::for_table('tbl_appconfig')->where('setting', $check)->find_one();
if ($d) {
$d->value = 'no';
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = $check;
$d->value = 'no';
$d->save();
}
}
}
_log('[' . $admin['username'] . ']: ' . Lang::T('Settings Saved Successfully'), $admin['user_type'], $admin['id']);
r2(U . 'settings/app', 's', Lang::T('Settings Saved Successfully'));
}
break;
case 'localisation-post':
$tzone = _post('tzone');
$date_format = _post('date_format');
$country_code_phone = _post('country_code_phone');
$lan = _post('lan');
run_hook('save_localisation'); #HOOK
if ($tzone == '' or $date_format == '' or $lan == '') {
r2(U . 'settings/app', 'e', Lang::T('All field is required'));
} else {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'timezone')->find_one();
$d->value = $tzone;
$d->save();
$d = ORM::for_table('tbl_appconfig')->where('setting', 'date_format')->find_one();
$d->value = $date_format;
$d->save();
$dec_point = $_POST['dec_point'];
if (strlen($dec_point) == '1') {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'dec_point')->find_one();
$d->value = $dec_point;
$d->save();
}
$thousands_sep = $_POST['thousands_sep'];
if (strlen($thousands_sep) == '1') {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'thousands_sep')->find_one();
$d->value = $thousands_sep;
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'country_code_phone')->find_one();
if ($d) {
$d->value = $country_code_phone;
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'country_code_phone';
$d->value = $country_code_phone;
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'radius_plan')->find_one();
if ($d) {
$d->value = _post('radius_plan');
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'radius_plan';
$d->value = _post('radius_plan');
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'hotspot_plan')->find_one();
if ($d) {
$d->value = _post('hotspot_plan');
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'hotspot_plan';
$d->value = _post('hotspot_plan');
$d->save();
}
$d = ORM::for_table('tbl_appconfig')->where('setting', 'pppoe_plan')->find_one();
if ($d) {
$d->value = _post('pppoe_plan');
$d->save();
} else {
$d = ORM::for_table('tbl_appconfig')->create();
$d->setting = 'pppoe_plan';
$d->value = _post('pppoe_plan');
$d->save();
}
$currency_code = $_POST['currency_code'];
$d = ORM::for_table('tbl_appconfig')->where('setting', 'currency_code')->find_one();
$d->value = $currency_code;
$d->save();
$d = ORM::for_table('tbl_appconfig')->where('setting', 'language')->find_one();
$d->value = $lan;
$d->save();
unset($_SESSION['Lang']);
_log('[' . $admin['username'] . ']: ' . Lang::T('Settings Saved Successfully'), $admin['user_type'], $admin['id']);
r2(U . 'settings/localisation', 's', Lang::T('Settings Saved Successfully'));
}
break;
case 'change-password': case 'change-password':
run_hook('view_change_password'); #HOOK run_hook('view_change_password'); #HOOK
$ui->display('change-password.tpl'); $ui->display('change-password.tpl');

3
system/lan/english.json
View File

@ -412,5 +412,6 @@
"Sub_District": "Sub District", "Sub_District": "Sub District",
"Ward": "Ward", "Ward": "Ward",
"Credentials": "Credentials", "Credentials": "Credentials",
"Agent": "Agent" "Agent": "Agent",
"This_Token_will_act_as_SuperAdmin_Admin": "This Token will act as SuperAdmin\/Admin"
} }

41
ui/ui/app-settings.tpl
View File

@ -53,6 +53,14 @@
<input type="text" class="form-control" id="phone" name="phone" value="{$_c['phone']}"> <input type="text" class="form-control" id="phone" name="phone" value="{$_c['phone']}">
</div> </div>
</div> </div>
<div class="form-group">
<label class="col-md-2 control-label">{Lang::T('Invoice Footer')}</label>
<div class="col-md-6">
<textarea class="form-control" id="note" name="note"
rows="3">{Lang::htmlspecialchars($_c['note'])}</textarea>
<span class="help-block">{Lang::T('You can use html tag')}</span>
</div>
</div>
<div class="form-group"> <div class="form-group">
<label class="col-md-2 control-label"><i class="glyphicon glyphicon-print"></i> Print Max <label class="col-md-2 control-label"><i class="glyphicon glyphicon-print"></i> Print Max
Char</label> Char</label>
@ -95,13 +103,21 @@
</div> </div>
<div class="panel-body"> <div class="panel-body">
<div class="form-group"> <div class="form-group">
<label class="col-md-3 control-label"><input type="checkbox" name="hide_mrc" value="yes" {if $_c['hide_mrc'] eq 'yes'}checked{/if}> {Lang::T('Monthly Registered Customers')}</label> <label class="col-md-3 control-label"><input type="checkbox" name="hide_mrc" value="yes"
<label class="col-md-2 control-label"><input type="checkbox" name="hide_tms" value="yes" {if $_c['hide_tms'] eq 'yes'}checked{/if}> {Lang::T('Total Monthly Sales')}</label> {if $_c['hide_mrc'] eq 'yes'}checked{/if}>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_aui" value="yes" {if $_c['hide_aui'] eq 'yes'}checked{/if}> {Lang::T('All Users Insights')}</label> {Lang::T('Monthly Registered Customers')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_al" value="yes" {if $_c['hide_al'] eq 'yes'}checked{/if}> {Lang::T('Activity Log')}</label> <label class="col-md-2 control-label"><input type="checkbox" name="hide_tms" value="yes"
<label class="col-md-2 control-label"><input type="checkbox" name="hide_uet" value="yes" {if $_c['hide_uet'] eq 'yes'}checked{/if}> {Lang::T('User Expired, Today')}</label> {if $_c['hide_tms'] eq 'yes'}checked{/if}> {Lang::T('Total Monthly Sales')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_vs" value="yes" {if $_c['hide_vs'] eq 'yes'}checked{/if}> Vouchers Stock</label> <label class="col-md-2 control-label"><input type="checkbox" name="hide_aui" value="yes"
<label class="col-md-2 control-label"><input type="checkbox" name="hide_pg" value="yes" {if $_c['hide_pg'] eq 'yes'}checked{/if}> Payment Gateway</label> {if $_c['hide_aui'] eq 'yes'}checked{/if}> {Lang::T('All Users Insights')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_al" value="yes"
{if $_c['hide_al'] eq 'yes'}checked{/if}> {Lang::T('Activity Log')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_uet" value="yes"
{if $_c['hide_uet'] eq 'yes'}checked{/if}> {Lang::T('User Expired, Today')}</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_vs" value="yes"
{if $_c['hide_vs'] eq 'yes'}checked{/if}> Vouchers Stock</label>
<label class="col-md-2 control-label"><input type="checkbox" name="hide_pg" value="yes"
{if $_c['hide_pg'] eq 'yes'}checked{/if}> Payment Gateway</label>
</div> </div>
</div> </div>
<div class="panel-heading"> <div class="panel-heading">
@ -399,16 +415,17 @@
<button class="btn btn-primary btn-xs" title="save" type="submit"><span <button class="btn btn-primary btn-xs" title="save" type="submit"><span
class="glyphicon glyphicon-floppy-disk" aria-hidden="true"></span></button> class="glyphicon glyphicon-floppy-disk" aria-hidden="true"></span></button>
</div> </div>
{Lang::T('Invoice')} API Key
</div> </div>
<div class="panel-body"> <div class="panel-body">
<div class="form-group"> <div class="form-group">
<label class="col-md-2 control-label">{Lang::T('Invoice Footer')}</label> <label class="col-md-2 control-label">Access Token</label>
<div class="col-md-6"> <div class="col-md-6">
<textarea class="form-control" id="note" name="note" <input type="password" class="form-control" id="api_key" name="api_key"
rows="3">{Lang::htmlspecialchars($_c['note'])}</textarea> value="{$_c['api_key']}" placeholder="Empty this to randomly created API key"
<span class="help-block">{Lang::T('You can use html tag')}</span> onmouseleave="this.type = 'password'" onmouseenter="this.type = 'text'">
</div> </div>
<p class="col-md-4 help-block">{Lang::T('This Token will act as SuperAdmin/Admin')}</p>
</div> </div>
</div> </div>
<div class="panel-heading"> <div class="panel-heading">

4
ui/ui/prepaid.tpl
View File

@ -26,8 +26,8 @@
<div class="input-group-addon"> <div class="input-group-addon">
<span class="fa fa-search"></span> <span class="fa fa-search"></span>
</div> </div>
<input type="text" name="username" class="form-control" <input type="text" name="search" class="form-control"
placeholder="{Lang::T('Search by Username')}..." value="{$cari}"> placeholder="{Lang::T('Search by Username')}..." value="{$search}">
<div class="input-group-btn"> <div class="input-group-btn">
<button class="btn btn-success" type="submit">{Lang::T('Search')}</button> <button class="btn btn-success" type="submit">{Lang::T('Search')}</button>
</div> </div>