nestict/mitrobill
1
0
Fork 0
forked from kevinowino869/mitrobill
Code Pull Requests Activity

url using getUrl

Browse Source
This commit is contained in:
iBNu Maksum
2025-01-31 16:22:58 +07:00
parent 9bf80467a1
commit 1e43ac210a
37 changed files with 415 additions and 390 deletions
Download Patch File Download Diff File Expand all files Collapse all files

100
system/controllers/settings.php
View File

@ -59,19 +59,19 @@ switch ($action) {
if (!empty(_get('testWa'))) {
$result = Message::sendWhatsapp(_get('testWa'), 'PHPNuxBill Test Whatsapp');
r2(U . "settings/app", 's', 'Test Whatsapp has been send<br>Result: ' . $result);
r2(getUrl('settings/app'), 's', 'Test Whatsapp has been send<br>Result: ' . $result);
}
if (!empty(_get('testSms'))) {
$result = Message::sendSMS(_get('testSms'), 'PHPNuxBill Test SMS');
r2(U . "settings/app", 's', 'Test SMS has been send<br>Result: ' . $result);
r2(getUrl('settings/app'), 's', 'Test SMS has been send<br>Result: ' . $result);
}
if (!empty(_get('testEmail'))) {
Message::sendEmail(_get('testEmail'), 'PHPNuxBill Test Email', 'PHPNuxBill Test Email Body');
r2(U . "settings/app", 's', 'Test Email has been send');
r2(getUrl('settings/app'), 's', 'Test Email has been send');
}
if (!empty(_get('testTg'))) {
$result = Message::sendTelegram('PHPNuxBill Test Telegram');
r2(U . "settings/app", 's', 'Test Telegram has been send<br>Result: ' . $result);
r2(getUrl('settings/app'), 's', 'Test Telegram has been send<br>Result: ' . $result);
}
$UPLOAD_URL_PATH = str_replace($root_path, '', $UPLOAD_PATH);
@ -105,7 +105,7 @@ switch ($action) {
} else {
$favicon = $UPLOAD_URL_PATH . DIRECTORY_SEPARATOR . 'favicon.default.png';
}
$ui->assign('login_logo', $login_logo);
$ui->assign('wallpaper', $wallpaper);
$ui->assign('favicon', $favicon);
@ -174,12 +174,12 @@ switch ($action) {
}
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(U . 'settings/app', 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
r2(getUrl('settings/app'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
}
$company = _post('CompanyName');
$custom_tax_rate = filter_var(_post('custom_tax_rate'), FILTER_SANITIZE_SPECIAL_CHARS);
if (preg_match('/[^0-9.]/', $custom_tax_rate)) {
r2(U . 'settings/app', 'e', 'Special characters are not allowed in tax rate');
r2(getUrl('settings/app'), 'e', 'Special characters are not allowed in tax rate');
die();
}
run_hook('save_settings'); #HOOK
@ -189,11 +189,11 @@ switch ($action) {
File::resizeCropImage($_FILES['logo']['tmp_name'], $UPLOAD_PATH . DIRECTORY_SEPARATOR . 'logo.png', 1078, 200, 100);
if (file_exists($_FILES['logo']['tmp_name'])) unlink($_FILES['logo']['tmp_name']);
} else {
r2(U . 'settings/app', 'e', 'PHP GD is not installed');
r2(getUrl('settings/app'), 'e', 'PHP GD is not installed');
}
}
if ($_POST['general'] && $company == '') {
r2(U . 'settings/app', 'e', Lang::T('All field is required'));
r2(getUrl('settings/app'), 'e', Lang::T('All field is required'));
} else {
if ($radius_enable) {
try {
@ -229,7 +229,7 @@ switch ($action) {
}
_log('[' . $admin['username'] . ']: ' . Lang::T('Settings Saved Successfully'), $admin['user_type'], $admin['id']);
r2(U . 'settings/app', 's', Lang::T('Settings Saved Successfully'));
r2(getUrl('settings/app'), 's', Lang::T('Settings Saved Successfully'));
}
break;
@ -242,20 +242,20 @@ switch ($action) {
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(U . 'settings/app', 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
r2(getUrl('settings/app'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
}
if ($login_page_type == 'custom' && (empty($login_Page_template) || empty($login_page_title) || empty($login_page_description))) {
r2(U . 'settings/app', 'e', 'Please fill all required fields');
r2(getUrl('settings/app'), 'e', 'Please fill all required fields');
return;
}
if (strlen($login_page_title) > 25) {
r2(U . 'settings/app', 'e', 'Login page title must not exceed 25 characters');
r2(getUrl('settings/app'), 'e', 'Login page title must not exceed 25 characters');
return;
}
if (strlen($login_page_description) > 100) {
r2(U . 'settings/app', 'e', 'Login page description must not exceed 50 characters');
r2(getUrl('settings/app'), 'e', 'Login page description must not exceed 50 characters');
return;
}
@ -278,7 +278,7 @@ switch ($action) {
$settings['login_page_favicon'] = basename($favicon_path); // Save dynamic file name
if (file_exists($_FILES['login_page_favicon']['tmp_name'])) unlink($_FILES['login_page_favicon']['tmp_name']);
} else {
r2(U . 'settings/app', 'e', 'Favicon must be a JPG, JPEG, or PNG image.');
r2(getUrl('settings/app'), 'e', 'Favicon must be a JPG, JPEG, or PNG image.');
}
}
@ -291,7 +291,7 @@ switch ($action) {
$settings['login_page_wallpaper'] = basename($wallpaper_path); // Save dynamic file name
if (file_exists($_FILES['login_page_wallpaper']['tmp_name'])) unlink($_FILES['login_page_wallpaper']['tmp_name']);
} else {
r2(U . 'settings/app', 'e', 'Wallpaper must be a JPG, JPEG, or PNG image.');
r2(getUrl('settings/app'), 'e', 'Wallpaper must be a JPG, JPEG, or PNG image.');
}
}
@ -304,7 +304,7 @@ switch ($action) {
$settings['login_page_logo'] = basename($logo_path); // Save dynamic file name
if (file_exists($_FILES['login_page_logo']['tmp_name'])) unlink($_FILES['login_page_logo']['tmp_name']);
} else {
r2(U . 'settings/app', 'e', 'Logo must be a JPG, JPEG, or PNG image.');
r2(getUrl('settings/app'), 'e', 'Logo must be a JPG, JPEG, or PNG image.');
}
}
@ -322,7 +322,7 @@ switch ($action) {
}
_log('[' . $admin['username'] . ']: ' . Lang::T('Login Page Settings Saved Successfully'), $admin['user_type'], $admin['id']);
r2(U . 'settings/app', 's', Lang::T('Login Page Settings Saved Successfully'));
r2(getUrl('settings/app'), 's', Lang::T('Login Page Settings Saved Successfully'));
break;
case 'localisation':
@ -360,7 +360,7 @@ switch ($action) {
}
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(U . 'settings/app', 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
r2(getUrl('settings/app'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
}
$tzone = _post('tzone');
$date_format = _post('date_format');
@ -368,7 +368,7 @@ switch ($action) {
$lan = _post('lan');
run_hook('save_localisation'); #HOOK
if ($tzone == '' or $date_format == '' or $lan == '') {
r2(U . 'settings/app', 'e', Lang::T('All field is required'));
r2(getUrl('settings/app'), 'e', Lang::T('All field is required'));
} else {
$d = ORM::for_table('tbl_appconfig')->where('setting', 'timezone')->find_one();
$d->value = $tzone;
@ -453,7 +453,7 @@ switch ($action) {
$d->value = $lan;
$d->save();
_log('[' . $admin['username'] . ']: ' . 'Settings Saved Successfully', $admin['user_type'], $admin['id']);
r2(U . 'settings/localisation', 's', 'Settings Saved Successfully');
r2(getUrl('settings/localisation'), 's', 'Settings Saved Successfully');
}
break;
@ -568,7 +568,7 @@ switch ($action) {
$ui->assign('csrf_token', $csrf_token);
$ui->display('admin-view.tpl');
} else {
r2(U . 'settings/users', 'e', Lang::T('Account Not Found'));
r2(getUrl('settings/users'), 'e', Lang::T('Account Not Found'));
}
break;
case 'users-edit':
@ -624,7 +624,7 @@ switch ($action) {
$ui->assign('csrf_token', $csrf_token);
$ui->display('admin-edit.tpl');
} else {
r2(U . 'settings/users', 'e', Lang::T('Account Not Found'));
r2(getUrl('settings/users'), 'e', Lang::T('Account Not Found'));
}
break;
@ -635,15 +635,15 @@ switch ($action) {
$id = $routes['2'];
if (($admin['id']) == $id) {
r2(U . 'settings/users', 'e', 'Sorry You can\'t delete yourself');
r2(getUrl('settings/users'), 'e', 'Sorry You can\'t delete yourself');
}
$d = ORM::for_table('tbl_users')->find_one($id);
if ($d) {
run_hook('delete_admin'); #HOOK
$d->delete();
r2(U . 'settings/users', 's', Lang::T('User deleted Successfully'));
r2(getUrl('settings/users'), 's', Lang::T('User deleted Successfully'));
} else {
r2(U . 'settings/users', 'e', Lang::T('Account Not Found'));
r2(getUrl('settings/users'), 'e', Lang::T('Account Not Found'));
}
break;
@ -653,7 +653,7 @@ switch ($action) {
}
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(U . 'settings/users-add', 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
r2(getUrl('settings/users-add'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
}
$username = _post('username');
$fullname = _post('fullname');
@ -712,16 +712,16 @@ switch ($action) {
}
_log('[' . $admin['username'] . ']: ' . "Created $user_type <b>$username</b>", $admin['user_type'], $admin['id']);
r2(U . 'settings/users', 's', Lang::T('Account Created Successfully'));
r2(getUrl('settings/users'), 's', Lang::T('Account Created Successfully'));
} else {
r2(U . 'settings/users-add', 'e', $msg);
r2(getUrl('settings/users-add'), 'e', $msg);
}
break;
case 'users-edit-post':
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(U . 'settings/users-edit/', 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
r2(getUrl('settings/users-edit/'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
}
$username = _post('username');
$fullname = _post('fullname');
@ -824,7 +824,7 @@ switch ($action) {
}
if (file_exists($_FILES['photo']['tmp_name'])) unlink($_FILES['photo']['tmp_name']);
} else {
r2(U . 'settings/app', 'e', 'PHP GD is not installed');
r2(getUrl('settings/app'), 'e', 'PHP GD is not installed');
}
}
@ -858,9 +858,9 @@ switch ($action) {
$d->save();
_log('[' . $admin['username'] . ']: $username ' . Lang::T('User Updated Successfully'), $admin['user_type'], $admin['id']);
r2(U . 'settings/users-view/' . $id, 's', 'User Updated Successfully');
r2(getUrl('settings/users-view/') . $id, 's', 'User Updated Successfully');
} else {
r2(U . 'settings/users-edit/' . $id, 'e', $msg);
r2(getUrl('settings/users-edit/') . $id, 'e', $msg);
}
break;
@ -875,7 +875,7 @@ switch ($action) {
$password = _post('password');
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(U . 'settings/change-password', 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
r2(getUrl('settings/change-password'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
}
if ($password != '') {
$d = ORM::for_table('tbl_users')->where('username', $admin['username'])->find_one();
@ -886,10 +886,10 @@ switch ($action) {
$npass = _post('npass');
$cnpass = _post('cnpass');
if (!Validator::Length($npass, 15, 5)) {
r2(U . 'settings/change-password', 'e', 'New Password must be 6 to 14 character');
r2(getUrl('settings/change-password'), 'e', 'New Password must be 6 to 14 character');
}
if ($npass != $cnpass) {
r2(U . 'settings/change-password', 'e', 'Both Password should be same');
r2(getUrl('settings/change-password'), 'e', 'Both Password should be same');
}
$npass = Password::_crypt($npass);
@ -899,15 +899,15 @@ switch ($action) {
_msglog('s', Lang::T('Password changed successfully, Please login again'));
_log('[' . $admin['username'] . ']: Password changed successfully', $admin['user_type'], $admin['id']);
r2(U . 'admin');
r2(getUrl('admin'));
} else {
r2(U . 'settings/change-password', 'e', Lang::T('Incorrect Current Password'));
r2(getUrl('settings/change-password'), 'e', Lang::T('Incorrect Current Password'));
}
} else {
r2(U . 'settings/change-password', 'e', Lang::T('Incorrect Current Password'));
r2(getUrl('settings/change-password'), 'e', Lang::T('Incorrect Current Password'));
}
} else {
r2(U . 'settings/change-password', 'e', Lang::T('Incorrect Current Password'));
r2(getUrl('settings/change-password'), 'e', Lang::T('Incorrect Current Password'));
}
break;
@ -933,10 +933,10 @@ switch ($action) {
}
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(U . 'settings/notifications', 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
r2(getUrl('settings/notifications'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
}
file_put_contents($UPLOAD_PATH . "/notifications.json", json_encode($_POST));
r2(U . 'settings/notifications', 's', Lang::T('Settings Saved Successfully'));
r2(getUrl('settings/notifications'), 's', Lang::T('Settings Saved Successfully'));
break;
case 'dbstatus':
if (!in_array($admin['user_type'], ['SuperAdmin', 'Admin'])) {
@ -1025,9 +1025,9 @@ switch ($action) {
} catch (Exception $e) {
}
if (file_exists($_FILES['json']['tmp_name'])) unlink($_FILES['json']['tmp_name']);
r2(U . "settings/dbstatus", 's', "Restored $suc success $fal failed");
r2(getUrl('settings/dbstatus'), 's', "Restored $suc success $fal failed");
} else {
r2(U . "settings/dbstatus", 'e', 'Upload failed');
r2(getUrl('settings/dbstatus'), 'e', 'Upload failed');
}
break;
case 'language':
@ -1048,10 +1048,10 @@ switch ($action) {
case 'lang-post':
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(U . 'settings/language', 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
r2(getUrl('settings/language'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
}
file_put_contents($lan_file, json_encode($_POST, JSON_PRETTY_PRINT));
r2(U . 'settings/language', 's', Lang::T('Translation saved Successfully'));
r2(getUrl('settings/language'), 's', Lang::T('Translation saved Successfully'));
break;
case 'maintenance':
@ -1063,7 +1063,7 @@ switch ($action) {
if (_post('save') == 'save') {
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(U . 'settings/maintenance', 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
r2(getUrl('settings/maintenance'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
}
$status = isset($_POST['maintenance_mode']) ? 1 : 0; // Checkbox returns 1 if checked, otherwise 0
$force_logout = isset($_POST['maintenance_mode_logout']) ? 1 : 0; // Checkbox returns 1 if checked, otherwise 0
@ -1088,7 +1088,7 @@ switch ($action) {
}
}
r2(U . "settings/maintenance", 's', Lang::T('Settings Saved Successfully'));
r2(getUrl('settings/maintenance'), 's', Lang::T('Settings Saved Successfully'));
}
$csrf_token = Csrf::generateAndStoreToken();
$ui->assign('csrf_token', $csrf_token);
@ -1105,7 +1105,7 @@ switch ($action) {
if (_post('save') == 'save') {
$csrf_token = _post('csrf_token');
if (!Csrf::check($csrf_token)) {
r2(U . 'settings/miscellaneous', 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
r2(getUrl('settings/miscellaneous'), 'e', Lang::T('Invalid or Expired CSRF Token') . ".");
}
foreach ($_POST as $key => $value) {
$d = ORM::for_table('tbl_appconfig')->where('setting', $key)->find_one();
@ -1120,7 +1120,7 @@ switch ($action) {
}
}
r2(U . "settings/miscellaneous", 's', Lang::T('Settings Saved Successfully'));
r2(getUrl('settings/miscellaneous'), 's', Lang::T('Settings Saved Successfully'));
}
$csrf_token = Csrf::generateAndStoreToken();
$ui->assign('csrf_token', $csrf_token);