title = $aInt->lang('administrators', 'title'); $aInt->sidebar = 'config'; $aInt->icon = 'admins'; $aInt->helplink = 'Administrators'; $validate = new WHMCS_Validate(); $file = new WHMCS_File_Directory($whmcs->get_admin_folder_name() . DIRECTORY_SEPARATOR . 'templates'); $adminTemplates = $file->getSubdirectories(); if( $action == 'save' ) { check_token("WHMCS.admin.default"); if( defined('DEMO_MODE') ) { redir("demo=1"); } $auth = new WHMCS_Auth(); $auth->getInfobyID(WHMCS_Session::get('adminid')); if( !$auth->comparePassword($whmcs->get_req_var('confirmpassword')) ) { $_ADMINLANG['administrators']['confirmexistingpw'] = "You must confirm your existing administrator password"; $validate->addError(array( 'administrators', 'confirmexistingpw' )); } else { $validate->validate('required', 'firstname', array( 'administrators', 'namerequired' )); if( $validate->validate('required', 'email', array( 'administrators', 'emailerror' )) ) { $validate->validate('email', 'email', array( 'administrators', 'emailinvalid' )); } if( $validate->validate('required', 'username', array( 'administrators', 'usererror' )) ) { $existingid = get_query_val('tbladmins', 'id', array( 'username' => $username )); if( !$id && $existingid || $id && $existingid && $id != $existingid ) { $validate->addError(array( 'administrators', 'userexists' )); } } if( !$id && $validate->validate('required', 'password', array( 'administrators', 'pwerror' )) ) { $validate->validate('match_value', 'password', array( 'administrators', 'pwmatcherror' ), 'password2'); } } if( $validate->hasErrors() ) { $action = 'manage'; } else { $supportdepts = implode(',', $deptids); $ticketnotify = implode(',', $ticketnotify); $disabled = $disabled == 'on' ? 1 : 0; if( !in_array($template, $adminTemplates) ) { $template = $adminTemplates[0]; } $language = $whmcs->validateLanguage($language, true); $adminDetails = array( 'roleid' => $roleid, 'username' => $username, 'firstname' => $firstname, 'lastname' => $lastname, 'email' => $email, 'signature' => $signature, 'disabled' => $disabled, 'notes' => $notes, 'template' => $template, 'language' => $language, 'supportdepts' => $supportdepts, 'ticketnotifications' => $ticketnotify ); $userProvidedPassword = $whmcs->get_req_var('password'); if( $id ) { update_query('tbladmins', $adminDetails, array( 'id' => $id )); $adminToUpdate = new WHMCS_Auth(); $adminToUpdate->getInfobyID($id, null, false); if( $adminToUpdate->getAdminID() && $userProvidedPassword && ($userProvidedPassword = trim($userProvidedPassword)) ) { if( $adminToUpdate->generateNewPasswordHashAndStore($userProvidedPassword) ) { $adminToUpdate->generateNewPasswordHashAndStoreForApi(md5($userProvidedPassword)); if( $id == $auth->getAdminID() ) { $adminToUpdate->setSessionVars(); } } else { logActivity(sprintf("Failed to update password hash for admin %s.", $adminDetails['username'])); } } redir("saved=true"); } else { $adminDetails['password'] = crypt_random_string(21); insert_query('tbladmins', $adminDetails); $newAdmin = new WHMCS_Auth(); $newAdmin->getInfobyUsername($adminDetails['username'], null, false); $userProvidedPassword = trim($userProvidedPassword); if( $newAdmin->getAdminID() && $userProvidedPassword && $newAdmin->generateNewPasswordHashAndStore($userProvidedPassword) ) { $newAdmin->generateNewPasswordHashAndStoreForApi(md5($userProvidedPassword)); } else { logActivity(sprintf("Failed to assign password hash for new admin %s." . " Account will stay locked until properly reset.", $adminDetails['username'])); } redir("added=true"); } exit(); } } if( $action == 'delete' ) { check_token("WHMCS.admin.default"); if( defined('DEMO_MODE') ) { redir("demo=1"); } delete_query('tbladmins', array( 'id' => $id )); redir("deleted=true"); } ob_start(); if( $action == '' ) { $infobox = ''; if( defined('DEMO_MODE') ) { infoBox("Demo Mode", "Actions on this page are unavailable while in demo mode. Changes will not be saved."); } if( $saved ) { infoBox($aInt->lang('administrators', 'changesuccess'), $aInt->lang('administrators', 'changesuccessinfo')); } else { if( $added ) { infoBox($aInt->lang('administrators', 'addsuccess'), $aInt->lang('administrators', 'addsuccessinfo')); } else { if( $deleted ) { infoBox($aInt->lang('administrators', 'deletesuccess'), $aInt->lang('administrators', 'deletesuccessinfo')); } } } echo $infobox; $data = get_query_vals('tbladmins', "COUNT(id),id", array( 'roleid' => '1' )); $numrows = $data[0]; $onlyadminid = $numrows == '1' ? $data['id'] : 0; $jscode = "function doDelete(id) {\n if(id != " . $onlyadminid . "){\n if (confirm(\"" . $aInt->lang('administrators', 'deletesure', 1) . "\")) {\n window.location='" . $_SERVER['PHP_SELF'] . "?action=delete&id='+id+'" . generate_token('link') . "';\n }\n } else alert(\"" . $aInt->lang('administrators', 'deleteonlyadmin', 1) . "\");\n }"; echo "

"; echo $aInt->lang('administrators', 'description'); echo "

\n

"; echo $aInt->lang('fields', 'options'); echo ": "; echo $aInt->lang('administrators', 'addnew'); echo "

\n\n"; echo "

" . $aInt->lang('administrators', 'active') . "

"; $aInt->sortableTableInit('nopagination'); $result = select_query('tbladmins', "tbladmins.*,tbladminroles.name", array( 'disabled' => '0' ), "firstname` ASC,`lastname", 'ASC', '', "tbladminroles ON tbladmins.roleid=tbladminroles.id"); while( $data = mysql_fetch_array($result) ) { $departments = $deptnames = array( ); $supportdepts = db_build_in_array(explode(',', $data['supportdepts'])); if( $supportdepts ) { $resultdeptids = select_query('tblticketdepartments', 'name', "id IN (" . $supportdepts . ")"); while( $data_resultdeptids = mysql_fetch_array($resultdeptids) ) { $deptnames[] = $data_resultdeptids[0]; } } if( !count($deptnames) ) { $deptnames[] = $aInt->lang('global', 'none'); } $tabledata[] = array( $data['firstname'] . " " . $data['lastname'], "" . $data['email'] . "", $data['username'], $data['name'], implode(", ", $deptnames), "\"Edit\"", "\"Delete\"" ); } echo $aInt->sortableTable(array( $aInt->lang('fields', 'name'), $aInt->lang('fields', 'email'), $aInt->lang('fields', 'username'), $aInt->lang('administrators', 'adminrole'), $aInt->lang('administrators', 'assigneddepts'), '', '' ), $tabledata); echo "

" . $aInt->lang('administrators', 'inactive') . "

"; $tabledata = array( ); $result = select_query('tbladmins', "tbladmins.*,tbladminroles.name", array( 'disabled' => '1' ), "firstname` ASC,`lastname", 'ASC', '', "tbladminroles ON tbladmins.roleid=tbladminroles.id"); while( $data = mysql_fetch_array($result) ) { $departments = $deptnames = array( ); $supportdepts = db_build_in_array(explode(',', $data['supportdepts'])); if( $supportdepts ) { $resultdeptids = select_query('tblticketdepartments', 'name', "id IN (" . $supportdepts . ")"); while( $data_resultdeptids = mysql_fetch_array($resultdeptids) ) { $deptnames[] = $data_resultdeptids[0]; } } if( !count($deptnames) ) { $deptnames[] = $aInt->lang('global', 'none'); } $tabledata[] = array( $data['firstname'] . " " . $data['lastname'], "" . $data['email'] . "", $data['username'], $data['name'], implode(", ", $deptnames), "\"Edit\"", "\"Delete\"" ); } echo $aInt->sortableTable(array( $aInt->lang('fields', 'name'), $aInt->lang('fields', 'email'), $aInt->lang('fields', 'username'), $aInt->lang('administrators', 'adminrole'), $aInt->lang('administrators', 'assigneddepts'), '', '' ), $tabledata); } else { if( $action == 'manage' ) { if( $id ) { $result = select_query('tbladmins', '', array( 'id' => $id )); $data = mysql_fetch_array($result); $supportdepts = $data['supportdepts']; $ticketnotifications = $data['ticketnotifications']; $supportdepts = explode(',', $supportdepts); $ticketnotify = explode(',', $ticketnotifications); if( !$validate->hasErrors() ) { $roleid = $data['roleid']; $firstname = $data['firstname']; $lastname = $data['lastname']; $email = $data['email']; $username = $data['username']; $signature = $data['signature']; $notes = $data['notes']; $template = $data['template']; $language = $data['language']; $disabled = $data['disabled']; } $numrows = get_query_vals('tbladmins', "COUNT(id)", array( 'roleid' => '1' )); $onlyadmin = $numrows == '1' && $roleid == '1' ? true : false; $managetitle = $aInt->lang('administrators', 'editadmin'); } else { $supportdepts = $ticketnotify = array( ); $managetitle = $aInt->lang('administrators', 'addadmin'); } $language = $whmcs->validateLanguage($language, true); $infobox = ''; if( defined('DEMO_MODE') ) { infoBox("Demo Mode", "Actions on this page are unavailable while in demo mode. Changes will not be saved."); } echo $infobox; echo "

" . $managetitle . "

"; if( $validate->hasErrors() ) { infoBox($aInt->lang('global', 'validationerror'), $validate->getHTMLErrorOutput(), 'error'); echo $infobox; } echo "\n
getPhpSelf(); echo "?action=save&id="; echo $id; echo "\">\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
"; echo $aInt->lang('administrators', 'role'); echo "
"; echo $aInt->lang('fields', 'firstname'); echo "
"; echo $aInt->lang('fields', 'lastname'); echo "
"; echo $aInt->lang('fields', 'email'); echo "
"; echo $aInt->lang('fields', 'username'); echo "
"; echo $aInt->lang('fields', 'password'); echo ""; if( $id ) { echo " (" . $aInt->lang('administrators', 'entertochange') . ")"; } echo "
"; echo $aInt->lang('fields', 'confpassword'); echo "
"; echo $aInt->lang('administrators', 'assigneddepts'); echo ""; $nodepartments = true; $result = select_query('tblticketdepartments', '', '', 'order', 'ASC'); while( $data = mysql_fetch_array($result) ) { $deptid = $data['id']; $deptname = $data['name']; echo "
"; $nodepartments = false; } if( $nodepartments ) { echo $aInt->lang('administrators', 'nosupportdepts'); } echo "
"; echo $aInt->lang('administrators', 'supportsig'); echo "
"; echo $aInt->lang('administrators', 'privatenotes'); echo "
"; echo $aInt->lang('fields', 'template'); echo "
"; echo $aInt->lang('global', 'language'); echo "
"; echo $aInt->lang('fields', 'disable'); echo "
\n\n

Please confirm your admin password to add or make changes to administrator account details.

\n\n\n\n
"; echo $aInt->lang('fields', 'confpassword'); echo "
\n\n

lang('global', 'savechanges'); echo "\" class=\"button\">

\n\n
\n\n"; } } $content = ob_get_contents(); ob_end_clean(); $aInt->content = $content; $aInt->jscode = $jscode; $aInt->display();