From a70b954981fea6ed9be28eccb66f68cbccb5564c Mon Sep 17 00:00:00 2001
From: Focuslinkstech <45756999+Focuslinkstech@users.noreply.github.com>
Date: Wed, 21 Feb 2024 00:15:36 +0100
Subject: [PATCH 1/6] Update: New Features "Miscellaneous"
[option] OTP is required when user want to change phone number.
admin can choose option in
[Miscellaneous]
---
system/controllers/accounts.php | 104 ++++++++++++++++++++--
ui/ui/app-settings.tpl | 150 ++++++++++++++++++--------------
ui/ui/user-phone-update.tpl | 80 +++++++++++++++++
ui/ui/user-profile.tpl | 22 ++++-
4 files changed, 285 insertions(+), 71 deletions(-)
create mode 100644 ui/ui/user-phone-update.tpl
diff --git a/system/controllers/accounts.php b/system/controllers/accounts.php
index b383fab2..423134b3 100644
--- a/system/controllers/accounts.php
+++ b/system/controllers/accounts.php
@@ -42,17 +42,17 @@
$c = ORM::for_table('tbl_user_recharges')->where('username', $user['username'])->find_one();
if ($c) {
$p = ORM::for_table('tbl_plans')->where('id', $c['plan_id'])->find_one();
- if($p['is_radius']){
- if($c['type'] == 'Hotspot' || ($c['type'] == 'PPPOE' && empty($d['pppoe_password']))){
+ if ($p['is_radius']) {
+ if ($c['type'] == 'Hotspot' || ($c['type'] == 'PPPOE' && empty($d['pppoe_password']))) {
Radius::customerUpsert($d, $p);
}
- }else{
+ } else {
$mikrotik = Mikrotik::info($c['routers']);
$client = Mikrotik::getClient($mikrotik['ip_address'], $mikrotik['username'], $mikrotik['password']);
if ($c['type'] == 'Hotspot') {
- Mikrotik::setHotspotUser($client, $c['username'], $npass);
- Mikrotik::removeHotspotActiveUser($client, $user['username']);
- } else if(empty($d['pppoe_password'])){
+ Mikrotik::setHotspotUser($client, $c['username'], $npass);
+ Mikrotik::removeHotspotActiveUser($client, $user['username']);
+ } else if (empty($d['pppoe_password'])) {
// only change when pppoe_password empty
Mikrotik::setPpoeUser($client, $c['username'], $npass);
Mikrotik::removePpoeActive($client, $user['username']);
@@ -122,6 +122,98 @@
}
break;
+ case 'phone-update':
+
+ $d = ORM::for_table('tbl_customers')->find_one($user['id']);
+ if ($d) {
+ //run_hook('customer_view_edit_profile'); #HOOK
+ $ui->assign('d', $d);
+ $ui->display('user-phone-update.tpl');
+ } else {
+ r2(U . 'home', 'e', Lang::T('Account Not Found'));
+ }
+ break;
+
+ case 'phone-update-otp':
+ $phone = _post('phone');
+ $username = $user['username'];
+ $otpPath = 'system/cache/sms/';
+
+ if (empty($config['sms_url'])) {
+ r2(U . 'accounts/phone-update', 'e', Lang::T('SMS server not Available, Please try again later'));
+ }
+
+ if (!empty($config['sms_url'])) {
+ if (!empty($phone)) {
+ $d = ORM::for_table('tbl_customers')->where('username', $username)->where('phonenumber', $phone)->find_one();
+ if ($d) {
+ r2(U . 'accounts/phone-update', 'e', Lang::T('You cannot use your current phone number'));
+ }
+ if (!file_exists($otpPath)) {
+ mkdir($otpPath);
+ touch($otpPath . 'index.html');
+ }
+ $otpFile = $otpPath . sha1($username . $db_password) . ".txt";
+ $phoneFile = $otpPath . sha1($username . $db_password) . "_phone.txt";
+
+ // expired 10 minutes
+ if (file_exists($otpFile) && time() - filemtime($otpFile) < 1200) {
+ r2(U . 'accounts/phone-update', 'e', Lang::T('Please wait ' . (1200 - (time() - filemtime($otpFile))) . ' seconds before sending another SMS'));
+ } else {
+ $otp = rand(100000, 999999);
+ file_put_contents($otpFile, $otp);
+ file_put_contents($phoneFile, $phone);
+ Message::sendSMS($phone, $config['CompanyName'] . "\n Your Verification code is: $otp");
+ r2(U . 'accounts/phone-update', 'e', Lang::T('Verification code has been sent to your phone'));
+ }
+ }
+ }
+
+ break;
+
+ case 'phone-update-post':
+ $phone = _post('phone');
+ $otp_code = _post('otp');
+ $username = $user['username'];
+ $otpPath = 'system/cache/sms/';
+
+ if (!empty($config['sms_url'])) {
+ $otpFile = $otpPath . sha1($username . $db_password) . ".txt";
+ $phoneFile = $otpPath . sha1($username . $db_password) . "_phone.txt";
+ // expired 10 minutes
+ if (file_exists($otpFile) && time() - filemtime($otpFile) > 1200) {
+ unlink($otpFile);
+ unlink($phoneFile);
+ r2(U . 'accounts/phone-update', 'e', 'Verification code expired');
+ } else if (file_exists($otpFile)) {
+ $code = file_get_contents($otpFile);
+ if ($code != $otp_code) {
+ r2(U . 'accounts/phone-update', 'e', 'Wrong Verification code');
+ exit();
+ } elseif (file_exists($phoneFile)) {
+ $savedPhone = file_get_contents($phoneFile);
+ if ($savedPhone !== $phone) {
+ r2(U . 'accounts/phone-update', 'e', 'The phone number does not match the one that requested the OTP');
+ exit();
+ } else {
+ unlink($otpFile);
+ unlink($phoneFile);
+ }
+ } else {
+ r2(U . 'accounts/phone-update', 'e', 'No Verification code');
+ }
+ }
+ }
+
+ $d = ORM::for_table('tbl_customers')->where('username', $username)->find_one();
+ if ($d) {
+ $d->phonenumber = Lang::phoneFormat($phone);
+ $d->save();
+ }
+ r2(U . 'accounts/profile', 's', 'Phone number updated successfully');
+
+ break;
+
default:
$ui->display('a404.tpl');
}
diff --git a/ui/ui/app-settings.tpl b/ui/ui/app-settings.tpl
index d618469d..7023f864 100644
--- a/ui/ui/app-settings.tpl
+++ b/ui/ui/app-settings.tpl
@@ -74,11 +74,11 @@
Theme
- Default
+ Default
{foreach $themes as $theme}
-
- {Lang::ucWords($theme)}
+
+ {Lang::ucWords($theme)}
{/foreach}
@@ -103,21 +103,21 @@
@@ -132,9 +132,9 @@
{Lang::T('Disable Voucher')}
- No
+ No
- Yes
+ Yes
@@ -144,12 +144,12 @@
{Lang::T('Voucher Format')}
- UPPERCASE
+ UPPERCASE
-
+
lowercase
-
+
RaNdoM
@@ -157,31 +157,33 @@
UPPERCASE lowercase RaNdoM
{if $_c['disable_voucher'] != 'yes'}
-
-
@@ -223,9 +225,9 @@
{Lang::T('Enable System')}
- No
+ No
- Yes
+ Yes
@@ -235,10 +237,10 @@
{Lang::T('Allow Transfer')}
-
+
No
- Yes
+
+ Yes
{Lang::T('Allow balance transfer between customers')}
@@ -304,8 +306,8 @@
onchange="document.getElementById('sms_url').value = this.value">
Select Router
{foreach $r as $rs}
-
- {$rs['name']}
+
+ {$rs['name']}
{/foreach}
@@ -352,9 +354,9 @@
None
- Whatsapp
- SMS
@@ -366,9 +368,9 @@
None
- Whatsapp
- SMS
@@ -381,9 +383,9 @@
None
- Whatsapp
- SMS
@@ -452,6 +454,28 @@
+
+
+
+
+ {Lang::T('Miscellaneous')}
+
+
{*
- {Lang::T('Save Changes')}
+ {Lang::T('Save
+ Changes')}
@@ -511,14 +535,14 @@ add dst-host=*.{$_domain}
function testWa() {
var target = prompt("Phone number\nSave First before Test", "");
if (target != null) {
- window.location.href = '{$_url}settings/app&testWa='+target;
+ window.location.href = '{$_url}settings/app&testWa=' + target;
}
}
function testSms() {
var target = prompt("Phone number\nSave First before Test", "");
if (target != null) {
- window.location.href = '{$_url}settings/app&testSms='+target;
+ window.location.href = '{$_url}settings/app&testSms=' + target;
}
}
diff --git a/ui/ui/user-phone-update.tpl b/ui/ui/user-phone-update.tpl
new file mode 100644
index 00000000..866f2637
--- /dev/null
+++ b/ui/ui/user-phone-update.tpl
@@ -0,0 +1,80 @@
+{include file="sections/user-header.tpl"}
+
+
+
+
+{include file="sections/user-footer.tpl"}
\ No newline at end of file
diff --git a/ui/ui/user-profile.tpl b/ui/ui/user-profile.tpl
index 3f5911a6..336856e8 100644
--- a/ui/ui/user-profile.tpl
+++ b/ui/ui/user-profile.tpl
@@ -34,6 +34,7 @@
+ {if $_c['allow_phone_otp'] == 'no'}
+ {elseif $_c['allow_phone_otp'] == 'yes'}
+
+ {/if}
- {if $_c['allow_phone_otp'] == 'no'}
-