Skip to content

GitLab

Commit c45e3c60 authored by panjalasanthosh's avatar panjalasanthosh
Browse files

first commit

parents
master
No related merge requests found
Pipeline #554 failed with stages
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 1079 additions and 0 deletions
+1079 -0
func/fn_connect.php 0 → 100644
View file @ c45e3c60
<?
session_start();
include ('../init.php');
include ('fn_common.php');
include ('../tools/email.php');
loadLanguage($gsValues['LANGUAGE']);
if(@$_POST['cmd'] == 'session_check')
{
checkUserSession();
if (checkUserSession2() == true)
{
echo 'true';
}
else
{
echo 'false';
}
die;
}
if(@$_POST['cmd'] == 'login')
{
$username = strtolower($_POST["username"]);
$password = $_POST["password"];
$remember_me = $_POST["remember_me"];
$mobile = $_POST["mobile"];
// check failed logins limit
$q = "SELECT * FROM `gs_user_failed_logins` WHERE `ip`='".$_SERVER['REMOTE_ADDR']."' AND dt_login > DATE_SUB(UTC_TIMESTAMP(), INTERVAL 10 MINUTE)";
$r = mysqli_query($ms, $q);
$count = mysqli_num_rows($r);
if ($count >= 10)
{
$result['cmd'] = 'msg';
$result['msg'] = $la['TOO_MANY_FAILED_LOGIN_ATTEMPTS'];
//write log
writeLog('user_access', 'User login: too many failed login attempts. Username: "'.$username.'"');
}
else
{
$q = "SELECT * FROM `gs_users` WHERE `username`='".$username."' AND `password`='".md5($password)."' LIMIT 1";
$r = mysqli_query($ms, $q);
if ($row = mysqli_fetch_array($r))
{
if ($row['active'] == 'true')
{
if ($remember_me == 'true')
{
setUserSessionHash($row['id']);
}
// reset session array
$_SESSION = array();
setUserSession($row['id']);
setUserSessionSettings($row['id']);
setUserSessionCPanel($row['id']);
if (($gsValues['PAGE_AFTER_LOGIN'] == 'cpanel') && ($_SESSION["cpanel_privileges"] != false))
{
$result['cmd'] = 'login_cpanel';
}
else
{
$result['cmd'] = 'login_tracking';
}
//write log
writeLog('user_access', 'User login: successful');
//update user usage
updateUserUsage($row['id'], 1, false, false, false);
}
else
{
$result['cmd'] = 'msg';
$result['msg'] = $la['THIS_ACCOUNT_IS_LOCKED'];
//write log
writeLog('user_access', 'User login: locked account. Username: "'.$username.'"');
}
}
else
{
// insert failed login
$q = "INSERT INTO `gs_user_failed_logins` (`ip`, `dt_login`) VALUES ('".$_SERVER['REMOTE_ADDR']."','".gmdate("Y-m-d H:i:s")."')";
$r = mysqli_query($ms, $q);
$result['cmd'] = 'msg';
$result['msg'] = $la['USERNAME_OR_PASSWORD_INCORRECT'];
//write log
writeLog('user_access', 'User login: unsuccessful. Username: "'.$username.'"');
}
}
header('Content-type: application/json');
echo json_encode($result);
die;
}
if (@$_POST['cmd'] == 'logout')
{
//write log
writeLog('user_access', 'User logout');
if (isset($_SESSION["user_id"]))
{
deleteUserSessionHash($_SESSION["user_id"]);
}
session_unset();
session_destroy();
echo $gsValues['URL_LOGIN'];
die;
}
if (@$_POST['cmd'] == 'recover_url')
{
$email = $_POST['email'];
$seccode = $_POST['seccode'];
if ($email != "")
{
if ($seccode == $_SESSION["seccode"])
{
$email = strtolower($email);
$q = "SELECT * FROM `gs_users` WHERE `email`='".$email."' AND `privileges` NOT LIKE ('%subuser%') LIMIT 1";
$r = mysqli_query($ms, $q);
$num = mysqli_num_rows($r);
if ($num > 0)
{
$row = mysqli_fetch_array($r);
$token = genAccountRecoverToken($email);
$url_recover = $gsValues['URL_ROOT'].'/index.php?op=rec&token='.$token;
$template = getDefaultTemplate('account_recover_url', $gsValues['LANGUAGE']);
$subject = $template['subject'];
$message = $template['message'];
$subject = str_replace("%SERVER_NAME%", $gsValues['NAME'], $subject);
$subject = str_replace("%URL_RECOVER%", $url_recover, $subject);
$message = str_replace("%SERVER_NAME%", $gsValues['NAME'], $message);
$message = str_replace("%URL_RECOVER%", $url_recover, $message);
if (sendEmail($email, $subject, $message))
{
// inset token
$q = "INSERT INTO `gs_user_account_recover` (`token`, `email`, `dt_recover`) VALUES ('".$token."','".$email."','".gmdate("Y-m-d H:i:s")."')";
$r = mysqli_query($ms, $q);
echo $la['RECOVERY_LINK_SENT'].' '.$la['PLEASE_CHECK_YOUR_EMAIL'];
//write log
writeLog('user_access', 'User recover: URL sent. E-mail: '.$email);
}
else
{
echo $la['CANT_SEND_EMAIL'].' '.$la['CONTACT_ADMINISTRATOR'];
}
}
else
{
echo $la['THIS_EMAIL_IS_NOT_REGISTERED'];
//write log
writeLog('user_access', 'User recover: no such e-mail. E-mail: '.$email);
}
}
else
{
echo $la['SECURITY_CODE_IS_INCORRECT'];
}
}
die;
}
if (@$_POST['cmd'] == 'recover')
{
$token = $_POST['token'];
$q = "SELECT * FROM `gs_user_account_recover` WHERE `token`='".$token."' LIMIT 1";
$r = mysqli_query($ms, $q);
$num = mysqli_num_rows($r);
if ($num > 0)
{
$row = mysqli_fetch_array($r);
$email = $row['email'];
$q = "SELECT * FROM `gs_users` WHERE `email`='".$email."' AND `privileges` NOT LIKE ('%subuser%') LIMIT 1";
$r = mysqli_query($ms, $q);
$num = mysqli_num_rows($r);
if ($num > 0)
{
$row = mysqli_fetch_array($r);
$new_password = genAccountPassword();
$template = getDefaultTemplate('account_recover', $gsValues['LANGUAGE']);
$subject = $template['subject'];
$message = $template['message'];
$subject = str_replace("%SERVER_NAME%", $gsValues['NAME'], $subject);
$subject = str_replace("%URL_LOGIN%", $gsValues['URL_LOGIN'], $subject);
$subject = str_replace("%EMAIL%", $email, $subject);
$subject = str_replace("%USERNAME%", $row['username'], $subject);
$subject = str_replace("%PASSWORD%", $new_password, $subject);
$message = str_replace("%SERVER_NAME%", $gsValues['NAME'], $message);
$message = str_replace("%URL_LOGIN%", $gsValues['URL_LOGIN'], $message);
$message = str_replace("%EMAIL%", $email, $message);
$message = str_replace("%USERNAME%", $row['username'], $message);
$message = str_replace("%PASSWORD%", $new_password, $message);
if (sendEmail($email, $subject, $message))
{
$q = "UPDATE gs_users SET password='".md5($new_password)."' WHERE email='".$email."'";
$r = mysqli_query($ms, $q);
$q = "DELETE FROM `gs_user_account_recover` WHERE `token`='".$token."'";
$r = mysqli_query($ms, $q);
echo $la['USERNAME_PASSWORD_SENT'].' '.$la['PLEASE_CHECK_YOUR_EMAIL'];
//write log
writeLog('user_access', 'User recover: successful. E-mail: '.$email);
}
else
{
echo $la['CANT_SEND_EMAIL'].' '.$la['CONTACT_ADMINISTRATOR'];
}
}
else
{
echo $la['THIS_EMAIL_IS_NOT_REGISTERED'];
//write log
writeLog('user_access', 'User recover: no such e-mail. E-mail: '.$email);
}
}
else
{
echo $la['RECOVERY_LINK_EXPIRED'];
}
die;
}
if ((@$_POST['cmd'] == 'register') && ($gsValues['ALLOW_REGISTRATION'] == "true"))
{
$email = $_POST['email'];
$seccode = $_POST['seccode'];
if ($email != '')
{
if ($seccode == @$_SESSION["seccode"])
{
$account_expire = $gsValues['ACCOUNT_EXPIRE'];
$account_expire_dt = '';
if ($account_expire == 'true')
{
$account_expire_dt = gmdate("Y-m-d", strtotime(gmdate("Y-m-d").' + '.$gsValues['ACCOUNT_EXPIRE_PERIOD'].' days'));
}
$privileges = array();
$privileges['type'] = 'user';
$privileges['history'] = stringToBool($gsValues['HISTORY']);
$privileges['reports'] = stringToBool($gsValues['REPORTS']);
$privileges['rilogbook'] = stringToBool($gsValues['RILOGBOOK']);
$privileges['dtc'] = stringToBool($gsValues['DTC']);
$privileges['object_control'] = stringToBool($gsValues['OBJECT_CONTROL']);
$privileges['image_gallery'] = stringToBool($gsValues['IMAGE_GALLERY']);
$privileges['chat'] = stringToBool($gsValues['CHAT']);
$privileges = json_encode($privileges);
$result = addUser('true', 'true', $account_expire, $account_expire_dt, $privileges, '', $email, '', $gsValues['OBJ_ADD'], $gsValues['OBJ_LIMIT'], $gsValues['OBJ_LIMIT_NUM'], $gsValues['OBJ_DAYS'], $gsValues['OBJ_DAYS_NUM'], $gsValues['OBJ_EDIT'], $gsValues['OBJ_HISTORY_CLEAR']);
if ($result == 'OK')
{
$result = $la['REGISTRATION_SUCCESSFUL'].' '.$la['PLEASE_CHECK_YOUR_EMAIL'];
}
echo $result;
}
else
{
echo $la['SECURITY_CODE_IS_INCORRECT'];
}
}
die;
}
?>
\ No newline at end of file
func/fn_cpanel.billing.php 0 → 100644
View file @ c45e3c60
<?
set_time_limit(0);
session_start();
include ('../init.php');
include ('fn_common.php');
include ('../tools/email.php');
include ('../tools/sms.php');
checkUserSession();
checkUserCPanelPrivileges();
loadLanguage($_SESSION["language"], $_SESSION["units"]);
if(@$_GET['cmd'] == 'load_billing_plan_list')
{
$page = $_GET['page']; // get the requested page
$limit = $_GET['rows']; // get how many rows we want to have into the grid
$sidx = $_GET['sidx']; // get index row - i.e. user click to sort
$sord = $_GET['sord']; // get the direction
$search = strtoupper(@$_GET['s']); // get search
$manager_id = @$_GET['manager_id'];
if(!$sidx) $sidx =1;
$q = "SELECT gs_user_billing_plans.*, gs_users.privileges, gs_users.manager_id, gs_users.username, gs_users.email
FROM gs_user_billing_plans
INNER JOIN gs_users ON gs_user_billing_plans.user_id = gs_users.id";
// check if admin or manager
if (($_SESSION["cpanel_privileges"] == 'super_admin') || ($_SESSION["cpanel_privileges"] == 'admin'))
{
if ($manager_id == 0)
{
$q .= " WHERE UPPER(`username`) LIKE '%$search%'
OR UPPER(`email`) LIKE '%$search%'
OR UPPER(`name`) LIKE '%$search%'";
}
else
{
$q .= " WHERE `manager_id`='".$manager_id."' AND
(UPPER(`username`) LIKE '%$search%'
OR UPPER(`email`) LIKE '%$search%'
OR UPPER(`name`) LIKE '%$search%')";
}
}
else
{
$q .= " WHERE `manager_id`='".$_SESSION["cpanel_manager_id"]."' AND
(UPPER(`username`) LIKE '%$search%'
OR UPPER(`email`) LIKE '%$search%'
OR UPPER(`name`) LIKE '%$search%')";
}
$r = mysqli_query($ms, $q);
$count = mysqli_num_rows($r);
if( $count >0 ) {
$total_pages = ceil($count/$limit);
} else {
$total_pages = 1;
}
if ($page > $total_pages) $page=$total_pages;
$start = $limit*$page - $limit; // do not put $limit*($page - 1)
$responce = new stdClass();
$responce->page = $page;
$responce->total = $total_pages;
$responce->records = $count;
if ($count > 0)
{
$q .= " ORDER BY $sidx $sord LIMIT $start, $limit";
$r = mysqli_query($ms, $q);
if (!$r){die;}
$i=0;
while($row = mysqli_fetch_array($r)) {
$plan_id = $row['plan_id'];
$dt_purchase = $row['dt_purchase'];
$name = $row['name'];
$objects = $row['objects'];
$period = $row['period'];
$period_type = $row['period_type'];
$price = $row['price'];
$price .= ' '.$gsValues['BILLING_CURRENCY'];
$dt_purchase = convUserTimezone($dt_purchase);
if ($period == 1)
{
$period_type = $la[substr(strtoupper($period_type),0,-1)];
}
else
{
$period_type = $la[strtoupper($period_type)];
}
$period = $period.' '.strtolower($period_type);
$used_in = '';
$user_id = $row['user_id'];
$privileges = json_decode($row['privileges'],true);
$manager_id = $row['manager_id'];
$username = $row['username'];
if ($_SESSION["cpanel_privileges"] == 'super_admin')
{
$used_in = '<a href="#" onclick="userEdit(\''.$user_id.'\');">'.$username.'</a>';
}
else if ($_SESSION["cpanel_privileges"] == 'admin')
{
if ($privileges["type"] == 'super_admin')
{
$used_in = $username;
}
else if (($privileges["type"] == 'admin') && ($user_id != $_SESSION["cpanel_user_id"]))
{
$used_in = $username;
}
else
{
$used_in = '<a href="#" onclick="userEdit(\''.$user_id.'\');">'.$username.'</a>';
}
}
else
{
if ($manager_id == $_SESSION["cpanel_manager_id"])
{
$used_in = '<a href="#" onclick="userEdit(\''.$user_id.'\');">'.$username.'</a>';
}
}
// set modify buttons
$modify = '<a href="#" onclick="userBillingPlanEdit(\''.$plan_id.'\');" title="'.$la['SAVE'].'"><img src="theme/images/edit.svg" /></a>';
$modify .= '<a href="#" onclick="userBillingPlanDelete(\''.$plan_id.'\');" title="'.$la['DELETE'].'"><img src="theme/images/remove3.svg" /></a>';
// set row
$responce->rows[$i]['id']=$plan_id;
$responce->rows[$i]['cell']=array($dt_purchase,$name,$objects,$period,$price,$used_in,$modify);
$i++;
}
}
header('Content-type: application/json');
echo json_encode($responce);
die;
}
if(@$_POST['cmd'] == 'delete_selected_billing_plans')
{
$ids = $_POST["ids"];
for ($i = 0; $i < count($ids); ++$i)
{
$id = $ids[$i];
$q = "DELETE FROM `gs_user_billing_plans` WHERE `plan_id`='".$id."'";
$r = mysqli_query($ms, $q);
}
echo 'OK';
die;
}
?>
\ No newline at end of file
func/fn_cpanel.objects.php 0 → 100644
View file @ c45e3c60
This diff is collapsed.
func/fn_cpanel.php 0 → 100644
View file @ c45e3c60
<?
set_time_limit(0);
session_start();
include ('../init.php');
include ('fn_common.php');
include ('../tools/email.php');
include ('../tools/sms.php');
checkUserSession();
checkUserCPanelPrivileges();
loadLanguage($_SESSION["language"], $_SESSION["units"]);
if(@$_POST['cmd'] == 'load_cpanel_values')
{
$result = array('user_id' => $_SESSION["cpanel_user_id"],
'privileges' => $_SESSION["cpanel_privileges"],
'manager_id' => $_SESSION["manager_id"],
'obj_add' => $_SESSION["obj_add"],
'obj_limit' => $_SESSION["obj_limit"],
'obj_limit_num' => $_SESSION["obj_limit_num"],
'obj_days' => $_SESSION["obj_days"],
'obj_days_dt' => $_SESSION["obj_days_dt"],
'language' => $_SESSION["language"]);
echo json_encode($result);
die;
}
if(@$_POST['cmd'] == 'load_manager_list')
{
$q = "SELECT * FROM `gs_users` WHERE privileges LIKE ('%manager%') ORDER BY `username` ASC";
$r = mysqli_query($ms, $q);
$result = array();
while($row=mysqli_fetch_array($r))
{
$privileges = json_decode($row['privileges'],true);
if ($privileges['type'] == 'manager')
{
$manager_id = $row['id'];
// get user number
$q2 = "SELECT * FROM `gs_users` WHERE `manager_id`='".$manager_id."'";
$r2 = mysqli_query($ms, $q2);
$row2 = mysqli_fetch_array($r2);
$user_count = mysqli_num_rows($r2);
// get obj number
$q2 = "SELECT * FROM `gs_objects` WHERE `manager_id`='".$manager_id."'";
$r2 = mysqli_query($ms, $q2);
$obj_count = mysqli_num_rows($r2);
// get obj num
if ($row["obj_limit"] == 'true')
{
$result[$manager_id] = array('username' => $row['username'].' ('.$user_count.' - '.$obj_count.'/'.$row['obj_limit_num'].')');
}
else
{
$result[$manager_id] = array('username' => $row['username'].' ('.$user_count.' - '.$obj_count.')');
}
}
}
echo json_encode($result);
die;
}
if(@$_POST['cmd'] == 'stats')
{
// check if admin or manager
if ($_SESSION["cpanel_privileges"] == 'super_admin')
{
$manager_id = @$_POST['manager_id'];
// switch admin/manager
if ($manager_id == 0)
{
$q_users = "SELECT * FROM `gs_users` WHERE `privileges` NOT LIKE ('%subuser%')";
$q_objects = "SELECT * FROM `gs_objects`";
$q_billing = "SELECT * FROM `gs_user_billing_plans`";
}
else
{
$q_users = "SELECT * FROM `gs_users` WHERE `privileges` NOT LIKE ('%subuser%') AND `manager_id`='".$manager_id."'";
$q_objects = "SELECT * FROM `gs_objects` WHERE `manager_id`='".$manager_id."'";
$q_billing = "SELECT gs_user_billing_plans.*, gs_users.manager_id FROM gs_user_billing_plans INNER JOIN gs_users ON gs_user_billing_plans.user_id = gs_users.id WHERE `manager_id`='".$manager_id."'";
}
}
else if ($_SESSION["cpanel_privileges"] == 'admin')
{
$manager_id = @$_POST['manager_id'];
// switch admin/manager
if ($manager_id == 0)
{
$q_users = "SELECT * FROM `gs_users` WHERE `privileges` NOT LIKE ('%subuser%') AND `privileges` NOT LIKE ('%super_admin%') AND (`privileges` NOT LIKE ('%admin%') OR `id`='".$_SESSION["cpanel_user_id"]."')";
$q_objects = "SELECT * FROM `gs_objects`";
$q_billing = "SELECT * FROM `gs_user_billing_plans`";
}
else
{
$q_users = "SELECT * FROM `gs_users` WHERE `privileges` NOT LIKE ('%subuser%') AND `manager_id`='".$manager_id."'";
$q_objects = "SELECT * FROM `gs_objects` WHERE `manager_id`='".$manager_id."'";
$q_billing = "SELECT gs_user_billing_plans.*, gs_users.manager_id FROM gs_user_billing_plans INNER JOIN gs_users ON gs_user_billing_plans.user_id = gs_users.id WHERE `manager_id`='".$manager_id."'";
}
}
else
{
$q_users = "SELECT * FROM `gs_users` WHERE `privileges` NOT LIKE ('%subuser%') AND `manager_id`='".$_SESSION["cpanel_manager_id"]."'";
$q_objects = "SELECT * FROM `gs_objects` WHERE `manager_id`='".$_SESSION["cpanel_manager_id"]."'";
$q_billing = "SELECT gs_user_billing_plans.*, gs_users.manager_id FROM gs_user_billing_plans INNER JOIN gs_users ON gs_user_billing_plans.user_id = gs_users.id WHERE `manager_id`='".$_SESSION["cpanel_manager_id"]."'";
}
$r = mysqli_query($ms, $q_users);
$total_users = mysqli_num_rows($r);
$r = mysqli_query($ms, $q_objects);
$total_objects = mysqli_num_rows($r);
$total_objects_online = 0;
while($row = mysqli_fetch_array($r))
{
$last_connection = $row['dt_server'];
$dt_now = gmdate("Y-m-d H:i:s");
$dt_difference = strtotime($dt_now) - strtotime($last_connection);
if($dt_difference < $gsValues['CONNECTION_TIMEOUT'] * 60)
{
$total_objects_online += 1;
}
}
if ($_SESSION["cpanel_privileges"] == 'manager')
{
if ($_SESSION["obj_limit"] == 'true')
{
$total_objects .= '/'.$_SESSION["obj_limit_num"];
}
}
// total unused objects
$total_unused_objects = 0;
if (($_SESSION["cpanel_privileges"] == 'super_admin') || ($_SESSION["cpanel_privileges"] == 'admin'))
{
$q_unused_objects = "SELECT * FROM `gs_objects_unused`";
$r = mysqli_query($ms, $q_unused_objects);
$total_unused_objects = mysqli_num_rows($r);
}
// total billing plans
$r = mysqli_query($ms, $q_billing);
$total_billing_plan = mysqli_num_rows($r);
$sms_gateway_total_in_queue = getSMSAPPTotalInQueue($gsValues['SMS_GATEWAY_IDENTIFIER']);
$result = array('total_users' => $total_users,
'total_objects' => $total_objects,
'total_objects_online' => $total_objects_online,
'total_unused_objects' => $total_unused_objects,
'total_billing_plan' => $total_billing_plan,
'sms_gateway_total_in_queue' => $sms_gateway_total_in_queue);
echo json_encode($result);
die;
}
if(@$_POST['cmd'] == 'send_email')
{
// close connection with web browser and start email sending loop on server side
ob_start();
echo 'OK';
header("Connection: close");
header("Content-length: " . (string)ob_get_length());
ob_end_flush();
$manager_id = $_POST['manager_id'];
$send_to = $_POST['send_to'];
$user_ids = $_POST['user_ids'];
$subject = $_POST['subject'];
$message = $_POST['message'];
$count = 0;
$email_arr = array();
if ($send_to == 'all')
{
if (($_SESSION["cpanel_privileges"] == 'super_admin') || ($_SESSION["cpanel_privileges"] == 'admin'))
{
if ($manager_id == 0)
{
$q = "SELECT * FROM `gs_users` WHERE `privileges` NOT LIKE ('%subuser%')";
}
else
{
$q = "SELECT * FROM `gs_users` WHERE `manager_id`='".$manager_id."' AND `privileges` NOT LIKE ('%subuser%')";
}
}
else
{
$q = "SELECT * FROM `gs_users` WHERE `manager_id`='".$_SESSION["cpanel_manager_id"]."' AND WHERE `privileges` NOT LIKE ('%subuser%')";
}
$r = mysqli_query($ms, $q);
while($row = mysqli_fetch_array($r))
{
$email_arr[] = $row["email"];
}
}
else if ($send_to == 'selected')
{
$user_ids_ = json_decode(stripslashes($user_ids),true);
foreach ($user_ids_ as $user_id)
{
$q = "SELECT * FROM `gs_users` WHERE `id`='".$user_id."'";
$r = mysqli_query($ms, $q);
$row = mysqli_fetch_array($r);
$email_arr[] = $row["email"];
}
}
foreach ($email_arr as $email)
{
sendEmail($email, $subject, $message);
$count++;
if ($count == 50);
{
sleep(1);
$count = 0;
}
}
die;
}
if(@$_POST['cmd'] == 'send_email_test')
{
// close connection with web browser and start email sending loop on server side
ob_start();
echo 'OK';
header("Connection: close");
header("Content-length: " . (string)ob_get_length());
ob_end_flush();
$subject = $_POST['subject'];
$message = $_POST['message'];
$email = $_SESSION["email"];
sendEmail($email, $subject, $message);
die;
}
?>
\ No newline at end of file
func/fn_cpanel.server.php 0 → 100644
View file @ c45e3c60
This diff is collapsed.
func/fn_cpanel.users.php 0 → 100644
View file @ c45e3c60
This diff is collapsed.
func/fn_dtc.php 0 → 100644
View file @ c45e3c60
<?
session_start();
include ('../init.php');
include ('fn_common.php');
checkUserSession();
loadLanguage($_SESSION["language"], $_SESSION["units"]);
// check privileges
if ($_SESSION["privileges"] == 'subuser')
{
$user_id = $_SESSION["manager_id"];
}
else
{
$user_id = $_SESSION["user_id"];
}
if(@$_GET['cmd'] == 'load_dtc_list')
{
$imei = @$_GET['imei'];
$page = $_GET['page']; // get the requested page
$limit = $_GET['rows']; // get how many rows we want to have into the grid
$sidx = $_GET['sidx']; // get index row - i.e. user click to sort
$sord = $_GET['sord']; // get the direction
if(!$sidx) $sidx =1;
// get records number
if ($_SESSION["privileges"] == 'subuser')
{
$q = "SELECT * FROM `gs_dtc_data` WHERE `imei` IN (".$_SESSION["privileges_imei"].")";
}
else
{
$q = "SELECT * FROM `gs_dtc_data` WHERE `imei` IN (".getUserObjectIMEIs($user_id).")";
}
if (isset($imei))
{
$q .= ' AND `imei`="'.$imei.'"';
}
if (isset($_GET['dtf']) && isset($_GET['dtt']))
{
$q .= " AND dt_server BETWEEN '".convUserUTCTimezone($_GET['dtf'])."' AND '".convUserUTCTimezone($_GET['dtt'])."'";
}
$r = mysqli_query($ms, $q);
if (!$r){die;}
$count = mysqli_num_rows($r);
if( $count >0 )
{
$total_pages = ceil($count/$limit);
}
else
{
$total_pages = 1;
}
if ($page > $total_pages) $page=$total_pages;
$start = $limit*$page - $limit; // do not put $limit*($page - 1)
if ($_SESSION["privileges"] == 'subuser')
{
$q = "SELECT * FROM `gs_dtc_data` WHERE `imei` IN (".$_SESSION["privileges_imei"].")";
}
else
{
$q = "SELECT * FROM `gs_dtc_data` WHERE `imei` IN (".getUserObjectIMEIs($user_id).")";
}
if (isset($imei))
{
$q .= ' AND `imei`="'.$imei.'"';
}
if (isset($_GET['dtf']) && isset($_GET['dtt']))
{
$q .= " AND dt_server BETWEEN '".convUserUTCTimezone($_GET['dtf'])."' AND '".convUserUTCTimezone($_GET['dtt'])."'";
}
$q .= " ORDER BY $sidx $sord LIMIT $start, $limit";
$r = mysqli_query($ms, $q);
if (!$r){die;}
$responce = new stdClass();
$responce->page = $page;
$responce->total = $total_pages;
$responce->records = $count;
$i=0;
while($row = mysqli_fetch_array($r))
{
$dtc_id = $row['dtc_id'];
$dt_tracker = convUserTimezone($row['dt_tracker']);
$imei = $row['imei'];
$code = strtoupper($row["code"]);
$lat = $row["lat"];
$lng = $row["lng"];
$object_name = getObjectName($imei);
$lat = sprintf('%0.6f', $lat);
$lng = sprintf('%0.6f', $lng);
$position = '<a href="http://maps.google.com/maps?q='.$lat.','.$lng.'&t=m" target="_blank">'.$lat.' &deg;, '.$lng.' &deg;</a>';
if ($row["address"] != '')
{
$position .= ' - '.$row["address"];
}
// set modify buttons
$modify = '</a><a href="#" onclick="dtcDelete(\''.$dtc_id.'\');" title="'.$la['DELETE'].'"><img src="theme/images/remove3.svg" /></a>';
// set row
$responce->rows[$i]['id']=$dtc_id;
$responce->rows[$i]['cell']=array($dt_tracker,$object_name,$code,$position,$modify);
$i++;
}
header('Content-type: application/json');
echo json_encode($responce);
die;
}
if(@$_POST['cmd'] == 'delete_record')
{
$dtc_id = $_POST["dtc_id"];
$q = "DELETE FROM `gs_dtc_data` WHERE `dtc_id`='".$dtc_id."'";
$r = mysqli_query($ms, $q);
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'delete_selected_records')
{
$items = $_POST["items"];
for ($i = 0; $i < count($items); ++$i)
{
$item = $items[$i];
$q = "DELETE FROM `gs_dtc_data` WHERE `dtc_id`='".$item."'";
$r = mysqli_query($ms, $q);
}
echo 'OK';
die;
}
if(@$_POST['cmd'] == 'delete_all_records')
{
if ($_SESSION["privileges"] == 'subuser')
{
$q = "DELETE FROM `gs_dtc_data` WHERE `imei` IN (".$_SESSION["privileges_imei"].")";
}
else
{
$q = "DELETE FROM `gs_dtc_data` WHERE `imei` IN (".getUserObjectIMEIs($user_id).")";
}
$r = mysqli_query($ms, $q);
echo 'OK';
die;
}
?>
\ No newline at end of file
func/fn_events.php 0 → 100644
View file @ c45e3c60
This diff is collapsed.
func/fn_export.php 0 → 100644
View file @ c45e3c60
This diff is collapsed.
func/fn_export.txt.php 0 → 100644
View file @ c45e3c60
<?
session_start();
include ('../init.php');
include ('fn_common.php');
checkUserSession();
$imei = '111111111111111';
$dtf = '2015-01-01';
$dtt = '2020-01-01';
if (substr($_SESSION["timezone"],0,1) == "+")
{
$timezone_diff = str_replace("+", "-", $_SESSION["timezone"]);
}
else
{
$timezone_diff = str_replace("-", "+", $_SESSION["timezone"]);
}
$dtf = gmdate("Y-m-d H:i:s", strtotime($dtf.$timezone_diff));
$dtt = gmdate("Y-m-d H:i:s", strtotime($dtt.$timezone_diff));
$q = "SELECT DISTINCT dt_tracker,
lat,
lng,
altitude,
angle,
speed,
params
FROM `gs_object_data_".$imei."` WHERE dt_tracker BETWEEN '".$dtf."' AND '".$dtt."' ORDER BY dt_tracker ASC";
$r = mysqli_query($ms, $q);
while($route_data=mysqli_fetch_array($r))
{
$dt_tracker = gmdate("Y-m-d H:i:s", strtotime($route_data['dt_tracker'].$_SESSION["timezone"]));
$lat = $route_data['lat'];
$lng = $route_data['lng'];
$altitude = $route_data['altitude'];
$angle = $route_data['angle'];
$speed = $route_data['speed'];
$route_data['params'] = json_decode($route_data['params'],true);
$params = paramsToStr($route_data['params']);
if (($lat != 0) || ($lng != 0))
{
echo $dt_tracker.','.$lat.','.$lng.','.$altitude.','.$angle.','.$speed.','.$params.',#<br/>';
}
}
function paramsToStr($params)
{
$arr_params = array();
foreach ($params as $key => $value)
{
array_push($arr_params, $key.'='.$value);
}
$result = implode('|', $arr_params);
if ($result != '')
{
$result.="|";
}
return $result;
}
?>
\ No newline at end of file
func/fn_files.php 0 → 100644
View file @ c45e3c60
<?
session_start();
include ('../init.php');
include ('fn_common.php');
checkUserSession();
if (isset($_POST['path']))
{
$filter = false;
if ($_POST['path'] == 'data/user/places')
{
$filter = $_SESSION['user_id'].'_';
}
if ($_POST['path'] == 'data/user/objects')
{
$filter = $_SESSION['user_id'].'_';
}
$path = $gsValues['PATH_ROOT'].$_POST['path'];
$dh = opendir($path);
$result = array();
while (($file = readdir($dh)) !== false)
{
if ($file != '.' && $file != '..' && $file != 'Thumbs.db')
{
if ($filter != false)
{
if (0 === strpos($file, $filter))
{
$result[] = $file;
}
}
else
{
$result[] = $file;
}
}
}
closedir($dh);
sort($result);
echo json_encode($result);
die;
}
?>
func/fn_history.php 0 → 100644
View file @ c45e3c60
This diff is collapsed.
func/fn_img.php 0 → 100644
View file @ c45e3c60
This diff is collapsed.
func/fn_import.php 0 → 100644
View file @ c45e3c60
This diff is collapsed.
func/fn_lng.php 0 → 100644
View file @ c45e3c60
<?
session_start();
include ('../init.php');
include ('fn_common.php');
if(@$_POST['cmd'] == 'load_language')
{
if (isset($_SESSION["language"]))
{
$lng = $_SESSION["language"];
}
else
{
$lng = $gsValues['LANGUAGE'];
}
if (isset($_SESSION["units"]))
{
loadLanguage($lng, $_SESSION["units"]);
}
else
{
loadLanguage($lng);
}
echo json_encode($la);
die;
}
?>
\ No newline at end of file
func/fn_object.follow.php 0 → 100644
View file @ c45e3c60
This diff is collapsed.
func/fn_objects.php 0 → 100644
View file @ c45e3c60
This diff is collapsed.
func/fn_places.php 0 → 100644
View file @ c45e3c60
This diff is collapsed.
func/fn_reports.gen.php 0 → 100644
View file @ c45e3c60
This diff is collapsed.
func/fn_reports.php 0 → 100644
View file @ c45e3c60
This diff is collapsed.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment