<?php
/*
*********************************************************************************************************
* daloRADIUS - RADIUS Web Platform
* Copyright (C) 2007 - Liran Tal <hide@address.com> All Rights Reserved.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*
*********************************************************************************************************
*
* Authors: Liran Tal <hide@address.com>
*
*********************************************************************************************************
*/
include ("library/checklogin.php");
$operator = $_SESSION['operator_user'];
include('library/check_operator_perm.php');
isset($_REQUEST['username']) ? $username = $_REQUEST['username'] : $username = "";
isset($_POST['password']) ? $password = $_POST['password'] : $password = "";
isset($_POST['oldplanName']) ? $oldplanName = $_POST['oldplanName'] : $oldplanName = "";
isset($_POST['planName']) ? $planName = $_POST['planName'] : $planName = "";
isset($_POST['profiles']) ? $profiles = $_POST['profiles'] : $profiles = "";
isset($_POST['passwordType']) ? $passwordtype = $_POST['passwordType'] : $passwordtype = "";
isset($_POST['bi_contactperson']) ? $bi_contactperson = $_POST['bi_contactperson'] : $bi_contactperson = "";
isset($_POST['bi_company']) ? $bi_company = $_POST['bi_company'] : $bi_company = "";
isset($_POST['bi_email']) ? $bi_email = $_POST['bi_email'] : $bi_email = "";
isset($_POST['bi_phone']) ? $bi_phone = $_POST['bi_phone'] : $bi_phone = "";
isset($_POST['bi_address']) ? $bi_address = $_POST['bi_address'] : $bi_address = "";
isset($_POST['bi_city']) ? $bi_city = $_POST['bi_city'] : $bi_city = "";
isset($_POST['bi_state']) ? $bi_state = $_POST['bi_state'] : $bi_state = "";
isset($_POST['bi_zip']) ? $bi_zip = $_POST['bi_zip'] : $bi_zip = "";
isset($_POST['bi_paymentmethod']) ? $bi_paymentmethod = $_POST['bi_paymentmethod'] : $bi_paymentmethod = "";
isset($_POST['bi_cash']) ? $bi_cash = $_POST['bi_cash'] : $bi_cash = "";
isset($_POST['bi_creditcardname']) ? $bi_creditcardname = $_POST['bi_creditcardname'] : $bi_creditcardname = "";
isset($_POST['bi_creditcardnumber']) ? $bi_creditcardnumber = $_POST['bi_creditcardnumber'] : $bi_creditcardnumber = "";
isset($_POST['bi_creditcardverification']) ? $bi_creditcardverification = $_POST['bi_creditcardverification'] : $bi_creditcardverification = "";
isset($_POST['bi_creditcardtype']) ? $bi_creditcardtype = $_POST['bi_creditcardtype'] : $bi_creditcardtype = "";
isset($_POST['bi_creditcardexp']) ? $bi_creditcardexp = $_POST['bi_creditcardexp'] : $bi_creditcardexp = "";
isset($_POST['bi_notes']) ? $bi_notes = $_POST['bi_notes'] : $bi_notes = "";
isset($_POST['bi_lead']) ? $bi_lead = $_POST['bi_lead'] : $bi_lead = "";
isset($_POST['bi_coupon']) ? $bi_coupon = $_POST['bi_coupon'] : $bi_coupon = "";
isset($_POST['bi_ordertaker']) ? $bi_ordertaker = $_POST['bi_ordertaker'] : $bi_ordertaker = "";
isset($_POST['bi_billstatus']) ? $bi_billstatus = $_POST['bi_billstatus'] : $bi_billstatus = "";
isset($_POST['bi_lastbill']) ? $bi_lastbill = $_POST['bi_lastbill'] : $bi_lastbill = "";
isset($_POST['bi_nextbill']) ? $bi_nextbill = $_POST['bi_nextbill'] : $bi_nextbill = "";
isset($_POST['bi_postalinvoice']) ? $bi_postalinvoice = $_POST['bi_postalinvoice'] : $bi_postalinvoice = "";
isset($_POST['bi_faxinvoice']) ? $bi_faxinvoice = $_POST['bi_faxinvoice'] : $bi_faxinvoice = "";
isset($_POST['bi_emailinvoice']) ? $bi_emailinvoice = $_POST['bi_emailinvoice'] : $bi_emailinvoice = "";
isset($_POST['changeUserBillInfo']) ? $bi_changeuserbillinfo = $_POST['changeUserBillInfo'] : $bi_changeuserbillinfo = "0";
isset($_POST['firstname']) ? $firstname = $_POST['firstname'] : $firstname = "";
isset($_POST['lastname']) ? $lastname = $_POST['lastname'] : $lastname = "";
isset($_POST['email']) ? $email = $_POST['email'] : $email = "";
isset($_POST['department']) ? $department = $_POST['department'] : $department = "";
isset($_POST['company']) ? $company = $_POST['company'] : $company = "";
isset($_POST['workphone']) ? $workphone = $_POST['workphone'] : $workphone = "";
isset($_POST['homephone']) ? $homephone = $_POST['homephone'] : $homephone = "";
isset($_POST['mobilephone']) ? $mobilephone = $_POST['mobilephone'] : $mobilephone = "";
isset($_POST['address']) ? $address = $_POST['address'] : $address = "";
isset($_POST['city']) ? $city = $_POST['city'] : $city = "";
isset($_POST['state']) ? $state = $_POST['state'] : $state = "";
isset($_POST['zip']) ? $zip = $_POST['zip'] : $zip = "";
isset($_POST['notes']) ? $notes = $_POST['notes'] : $notes = "";
isset($_POST['changeUserInfo']) ? $ui_changeuserinfo = $_POST['changeUserInfo'] : $ui_changeuserinfo = "0";
$logAction = "";
$logDebugSQL = "";
function addPlanProfile($dbSocket, $username, $planName, $oldplanName) {
global $logDebugSQL;
global $configValues;
$sql = "SELECT planGroup FROM ".$configValues['CONFIG_DB_TBL_DALOBILLINGPLANS'].
" WHERE planName='".$dbSocket->escapeSimple($oldplanName)."'";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
$row = $res->fetchRow();
$oldplanGroup = $row[0];
if ( (isset($oldplanGroup)) && ($oldplanGroup != "") ) {
$sql = "DELETE FROM ".$configValues['CONFIG_DB_TBL_RADUSERGROUP']." WHERE ".
" (Username='".$dbSocket->escapeSimple($username)."' AND GroupName='".$dbSocket->escapeSimple($oldplanGroup)."') ";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
}
$sql = "SELECT planGroup FROM ".$configValues['CONFIG_DB_TBL_DALOBILLINGPLANS'].
" WHERE planName='".$dbSocket->escapeSimple($planName)."'";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
$row = $res->fetchRow();
$planGroup = $row[0];
if ( (isset($planGroup)) && ($planGroup != "") ) {
$sql = "INSERT INTO ".$configValues['CONFIG_DB_TBL_RADUSERGROUP']." (UserName,GroupName,priority) ".
" VALUES ('".$dbSocket->escapeSimple($username)."', '".$dbSocket->escapeSimple($planGroup)."',0) ";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
}
}
include 'library/opendb.php';
if (isset($_POST["submit"])) {
$currDate = date('Y-m-d H:i:s'); // current date and time to enter as creationdate field
$currBy = $_SESSION['operator_user'];
isset ($_POST['newgroups']) ? $newgroups = $_POST['newgroups'] : $newgroups = "";
isset ($_POST['groups']) ? $groups = $_POST['groups'] : $groups = "";
isset ($_POST['groups_priority']) ? $groups_priority = $_POST['groups_priority'] : $groups_priority = "";
// global $username;
// global $password;
// global $passwordtype;
/* update user information and user billing information */
if (trim($username) != "") {
/* perform user info table instructions */
$sql = "SELECT * FROM ".$configValues['CONFIG_DB_TBL_DALOUSERINFO'].
" WHERE username='".$dbSocket->escapeSimple($username)."'";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
// if there were no records for this user present in the userinfo table
if ($res->numRows() == 0) {
// we add these records to the userinfo table
$sql = "INSERT INTO ".$configValues['CONFIG_DB_TBL_DALOUSERINFO'].
" (id, username, firstname, lastname, email, department, company, workphone, homephone, mobilephone,".
" notes, changeuserinfo, creationdate, creationby, updatedate, updateby) ".
" VALUES (0, '".$dbSocket->escapeSimple($username)."', '".
$dbSocket->escapeSimple($firstname)."', '".$dbSocket->escapeSimple($lastname)."', '".
$dbSocket->escapeSimple($email)."','".$dbSocket->escapeSimple($department)."', '".
$dbSocket->escapeSimple($company)."', '".$dbSocket->escapeSimple($workphone)."','".
$dbSocket->escapeSimple($homephone)."', '".$dbSocket->escapeSimple($mobilephone)."', '".
$dbSocket->escapeSimple($address)."', '".$dbSocket->escapeSimple($city)."', '".
$dbSocket->escapeSimple($state)."', '".$dbSocket->escapeSimple($zip)."', '".
$dbSocket->escapeSimple($notes)."', '".$dbSocket->escapeSimple($ui_changeuserinfo)."', ".
"'$currDate', '$currBy', NULL, NULL)";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
} else {
// update user information table
$sql = "UPDATE ".$configValues['CONFIG_DB_TBL_DALOUSERINFO']." SET firstname='".
$dbSocket->escapeSimple($firstname).
"', lastname='".$dbSocket->escapeSimple($lastname).
"', email='".$dbSocket->escapeSimple($email).
"', department='".$dbSocket->escapeSimple($department).
"', company='".$dbSocket->escapeSimple($company).
"', workphone='".$dbSocket->escapeSimple($workphone).
"', homephone='".$dbSocket->escapeSimple($homephone).
"', mobilephone='".$dbSocket->escapeSimple($mobilephone).
"', address='".$dbSocket->escapeSimple($address).
"', city='".$dbSocket->escapeSimple($city).
"', state='".$dbSocket->escapeSimple($state).
"', zip='".$dbSocket->escapeSimple($zip).
"', notes='".$dbSocket->escapeSimple($notes).
"', changeuserinfo='".$dbSocket->escapeSimple($ui_changeuserinfo).
"', updatedate='$currDate', updateby='$currBy' ".
" WHERE username='".$dbSocket->escapeSimple($username)."'";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
}
/* perform user billing info table instructions */
$sql = "SELECT * FROM ".$configValues['CONFIG_DB_TBL_DALOUSERBILLINFO'].
" WHERE username='".$dbSocket->escapeSimple($username)."'";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
// if there were no records for this user present in the userbillinfo table
if ($res->numRows() == 0) {
$sql = "INSERT INTO ".$configValues['CONFIG_DB_TBL_DALOUSERBILLINFO'].
" (id, planname, username, contactperson, company, email, phone, ".
" address, city, state, zip, ".
" paymentmethod, cash, creditcardname, creditcardnumber, creditcardverification, creditcardtype, creditcardexp, ".
" notes, changeuserbillinfo, ".
" lead, coupon, ordertaker, billstatus, lastbill, nextbill, postalinvoice, faxinvoice, emailinvoice, ".
" creationdate, creationby, updatedate, updateby) ".
" VALUES (0, '".$dbSocket->escapeSimple($planName)."',
'".$dbSocket->escapeSimple($username)."', '".$dbSocket->escapeSimple($bi_contactperson)."', '".
$dbSocket->escapeSimple($bi_company)."', '".$dbSocket->escapeSimple($bi_email)."', '".
$dbSocket->escapeSimple($bi_phone)."', '".$dbSocket->escapeSimple($bi_address)."', '".
$dbSocket->escapeSimple($bi_city)."', '".$dbSocket->escapeSimple($bi_state)."', '".
$dbSocket->escapeSimple($bi_zip)."', '".$dbSocket->escapeSimple($bi_paymentmethod)."', '".
$dbSocket->escapeSimple($bi_cash)."', '".$dbSocket->escapeSimple($bi_creditcardname)."', '".
$dbSocket->escapeSimple($bi_creditcardnumber)."', '".$dbSocket->escapeSimple($bi_creditcardverification)."', '".
$dbSocket->escapeSimple($bi_creditcardtype)."', '".$dbSocket->escapeSimple($bi_creditcardexp)."', '".
$dbSocket->escapeSimple($bi_notes)."', '".
$dbSocket->escapeSimple($bi_changeuserbillinfo)."', '".
$dbSocket->escapeSimple($bi_lead)."', '".$dbSocket->escapeSimple($bi_coupon)."', '".
$dbSocket->escapeSimple($bi_ordertaker)."', '".$dbSocket->escapeSimple($bi_billstatus)."', '".
$dbSocket->escapeSimple($bi_lastbill)."', '".$dbSocket->escapeSimple($bi_nextbill)."', '".
$dbSocket->escapeSimple($bi_postalinvoice)."', '".$dbSocket->escapeSimple($bi_faxinvoice)."', '".
$dbSocket->escapeSimple($bi_emailinvoice).
"', '$currDate', '$currBy', NULL, NULL)";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
} else {
// update user information table
$sql = "UPDATE ".$configValues['CONFIG_DB_TBL_DALOUSERBILLINFO']." SET contactperson='".
$dbSocket->escapeSimple($bi_contactperson).
"', planname='".$dbSocket->escapeSimple($planName).
"', company='".$dbSocket->escapeSimple($bi_company).
"', email='".$dbSocket->escapeSimple($bi_email).
"', phone='".$dbSocket->escapeSimple($bi_phone).
"', paymentmethod='".$dbSocket->escapeSimple($bi_paymentmethod).
"', cash='".$dbSocket->escapeSimple($bi_cash).
"', creditcardname='".$dbSocket->escapeSimple($bi_creditcardname).
"', creditcardnumber='".$dbSocket->escapeSimple($bi_creditcardnumber).
"', creditcardverification='".$dbSocket->escapeSimple($bi_creditcardverification).
"', creditcardtype='".$dbSocket->escapeSimple($bi_creditcardtype).
"', creditcardexp='".$dbSocket->escapeSimple($bi_creditcardexp).
"', address='".$dbSocket->escapeSimple($bi_address).
"', city='".$dbSocket->escapeSimple($bi_city).
"', state='".$dbSocket->escapeSimple($bi_state).
"', zip='".$dbSocket->escapeSimple($bi_zip).
"', notes='".$dbSocket->escapeSimple($bi_notes).
"', changeuserbillinfo='".$dbSocket->escapeSimple($bi_changeuserbillinfo).
"', lead='".$dbSocket->escapeSimple($bi_lead).
"', coupon='".$dbSocket->escapeSimple($bi_coupon).
"', ordertaker='".$dbSocket->escapeSimple($bi_ordertaker).
"', billstatus='".$dbSocket->escapeSimple($bi_billstatus).
/*
"', lastbill='".$dbSocket->escapeSimple($bi_lastbill).
"', nextbill='".$dbSocket->escapeSimple($bi_nextbill).
*/
"', postalinvoice='".$dbSocket->escapeSimple($bi_postalinvoice).
"', faxinvoice='".$dbSocket->escapeSimple($bi_faxinvoice).
"', emailinvoice='".$dbSocket->escapeSimple($bi_emailinvoice).
"', updatedate='$currDate', updateby='$currBy' ".
" WHERE username='".$dbSocket->escapeSimple($username)."'";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
}
// update usergroup mapping (existing)
if ($groups) {
$sql = "DELETE FROM ". $configValues['CONFIG_DB_TBL_RADUSERGROUP'] ." WHERE UserName='".
$dbSocket->escapeSimple($username)."'";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
$grpcnt = 0; // group counter
foreach ($groups as $group) {
if (!($groups_priority[$grpcnt]))
$group_priority = 0;
else
$group_priority = $groups_priority[$grpcnt];
if (trim($group) != "") {
$sql = "INSERT INTO ".$configValues['CONFIG_DB_TBL_RADUSERGROUP']." (UserName,GroupName,priority) ".
" VALUES ('".$dbSocket->escapeSimple($username)."', '".$dbSocket->escapeSimple($group)."', ".
$dbSocket->escapeSimple($group_priority).")";
$res = $dbSocket->query($sql);
}
$logDebugSQL .= $sql . "\n";
$grpcnt++; // we increment group index count so we can access the group priority array
}
}
// insert usergroup mapping (new groups)
if (isset($newgroups)) {
foreach ($newgroups as $newgroup) {
if (trim($newgroup) != "") {
$sql = "INSERT INTO ".$configValues['CONFIG_DB_TBL_RADUSERGROUP']." (UserName,GroupName,priority) ".
" VALUES ('".$dbSocket->escapeSimple($username)."', '".$dbSocket->escapeSimple($newgroup)."',0) ";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
}
}
}
addPlanProfile($dbSocket, $username, $planName, $oldplanName);
/*
$sql = "SELECT * FROM ".$configValues['CONFIG_DB_TBL_RADCHECK']." WHERE UserName='".
$dbSocket->escapeSimple($username)."'";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
if ($res->numRows() == 0) {
if (trim($username) != "" and trim($password) != "") {
// we need to perform the secure method escapeSimple on $dbPassword early because as seen below
// we manipulate the string and manually add to it the '' which screw up the query if added in $sql
$password = $dbSocket->escapeSimple($password);
switch($configValues['CONFIG_DB_PASSWORD_ENCRYPTION']) {
case "cleartext":
$dbPassword = "'$password'";
break;
case "crypt":
$dbPassword = "ENCRYPT('$password')";
break;
case "md5":
$dbPassword = "MD5('$password')";
break;
default:
$dbPassword = "'$password'";
}
// at this stage $dbPassword contains the password string encapsulated by '' and either uses
// a function to encrypt it like ENCRYPT or it doesn't, it's based on the configuration
// but here we provide another stage, for Crypt-Password and MD5-Password it's obvious
// that the password need be encrypted so even if this option is not in the configuration
// we enforce it.
// we first check if the password attribute is to be encrypted at all
if (preg_match("/crypt/i", $passwordtype)) {
// if we don't find the encrypt function even though we identified
// a Crypt-Password attribute
if (!(preg_match("/encrypt/i",$dbPassword))) {
$dbPassword = "ENCRYPT('$password')";
}
// we now perform the same check but for an MD5-Password attribute
} elseif (preg_match("/md5/i", $passwordtype)) {
// if we don't find the md5 function even though we identified
// a MD5-Password attribute
if (!(preg_match("/md5/i",$dbPassword))) {
$dbPassword = "MD5('$password')";
}
}
// insert username/password
$sql = "INSERT INTO ".$configValues['CONFIG_DB_TBL_RADCHECK']." (id,Username,Attribute,op,Value) ".
" VALUES (0, '".$dbSocket->escapeSimple($username)."', '".$dbSocket->escapeSimple($passwordtype).
"', ':=', $dbPassword)";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
// addPlanProfile($dbSocket, $username, $planName);
$successMsg = "Added to database new user: <b> $username </b>";
$logAction .= "Successfully added new user [$username] on page: ";
} else {
$failureMsg = "username or password are empty";
$logAction .= "Failed adding (possible empty user/pass) new user [$username] on page: ";
}
} else {
$failureMsg = "user already exist in database: <b> $username </b>";
$logAction .= "Failed adding new user already existing in database [$username] on page: ";
}
*/
} // if username
}
$edit_username = $dbSocket->escapeSimple($username);
/* fill-in password field for username */
$sql = "SELECT Value FROM ".$configValues['CONFIG_DB_TBL_RADCHECK']." WHERE UserName='".
$dbSocket->escapeSimple($username)."' AND Attribute like '%Password'";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
$row = $res->fetchRow();
$user_password = $row[0];
/* fill-in all the user info details */
$sql = "SELECT firstname, lastname, email, department, company, workphone, homephone, mobilephone, address, city, state, zip, notes, ".
" changeuserinfo, creationdate, creationby, updatedate, updateby FROM ".
$configValues['CONFIG_DB_TBL_DALOUSERINFO'].
" WHERE UserName='".
$dbSocket->escapeSimple($username)."'";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
$row = $res->fetchRow();
$ui_firstname = $row[0];
$ui_lastname = $row[1];
$ui_email = $row[2];
$ui_department = $row[3];
$ui_company = $row[4];
$ui_workphone = $row[5];
$ui_homephone = $row[6];
$ui_mobilephone = $row[7];
$ui_address = $row[8];
$ui_city = $row[9];
$ui_state = $row[10];
$ui_zip = $row[11];
$ui_notes = $row[12];
$ui_changeuserinfo = $row[13];
$ui_creationdate = $row[14];
$ui_creationby = $row[15];
$ui_updatedate = $row[16];
/* fill-in all the user bill info details */
$sql = "SELECT ".
" planName, contactperson, company, email, phone, ".
" address, city, state, zip, ".
" paymentmethod, cash, creditcardname, creditcardnumber, creditcardverification, creditcardtype, creditcardexp, ".
" notes, changeuserbillinfo, ".
" lead, coupon, ordertaker, billstatus, lastbill, nextbill, postalinvoice, faxinvoice, emailinvoice, ".
" creationdate, creationby, updatedate, updateby FROM ".
$configValues['CONFIG_DB_TBL_DALOUSERBILLINFO'].
" WHERE UserName='".
$dbSocket->escapeSimple($username)."'";
$res = $dbSocket->query($sql);
$logDebugSQL .= $sql . "\n";
$row = $res->fetchRow(DB_FETCHMODE_ASSOC);
$bi_contactperson = $row['contactperson'];
$bi_planname = $row['planName'];
$bi_company = $row['company'];
$bi_email = $row['email'];
$bi_phone = $row['phone'];
$bi_address = $row['address'];
$bi_city = $row['city'];
$bi_state = $row['state'];
$bi_zip = $row['zip'];
$bi_paymentmethod = $row['paymentmethod'];
$bi_cash = $row['cash'];
$bi_creditcardname = $row['creditcardname'];
$bi_creditcardnumber = $row['creditcardnumber'];
$bi_creditcardverification = $row['creditcardverification'];
$bi_creditcardtype = $row['creditcardtype'];
$bi_creditcardexp = $row['creditcardexp'];
$bi_notes = $row['notes'];
$bi_lead = $row['lead'];
$bi_coupon = $row['coupon'];
$bi_ordertaker = $row['ordertaker'];
$bi_billstatus = $row['billstatus'];
$bi_lastbill = $row['lastbill'];
$bi_nextbill = $row['nextbill'];
$bi_postalinvoice = $row['postalinvoice'];
$bi_faxinvoice = $row['faxinvoice'];
$bi_emailinvoice = $row['emailinvoice'];
$bi_changeuserbillinfo = $row['changeuserbillinfo'];
$ui_creationdate = $row['creationdate'];
$ui_creationby = $row['creationby'];
$ui_updatedate = $row['updatedate'];
$ui_updateby = $row['updateby'];
include 'library/closedb.php';
include_once('library/config_read.php');
$log = "visited page: ";
if ($configValues['CONFIG_IFACE_PASSWORD_HIDDEN'] == "yes")
$hiddenPassword = "type=\"password\"";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>daloRADIUS</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="css/1.css" type="text/css" media="screen,projection" />
</head>
<script src="library/javascript/pages_common.js" type="text/javascript"></script>
<script src="library/javascript/productive_funcs.js" type="text/javascript"></script>
<script type="text/javascript" src="library/javascript/ajax.js"></script>
<script type="text/javascript" src="library/javascript/dynamic_attributes.js"></script>
<script type="text/javascript" src="library/javascript/ajaxGeneric.js"></script>
<?php
include_once ("library/tabber/tab-layout.php");
?>
<?php
include ("menu-bill-pos.php");
?>
<div id="contentnorightbar">
<h2 id="Intro"><a href="#" onclick="javascript:toggleShowDiv('helpPage')"><?php echo $l['Intro']['billposnew.php'] ?>
<h144>+</h144></a></h2>
<div id="helpPage" style="display:none;visibility:visible" >
<?php echo $l['helpPage']['billposnew'] ?>
<br/>
</div>
<?php
include_once('include/management/actionMessages.php');
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<div class="tabber">
<div class="tabbertab" title="<?php echo $l['title']['AccountInfo']; ?>">
<fieldset>
<h302> <?php echo $l['title']['AccountInfo']; ?> </h302>
<ul>
<div id='UserContainer'>
<li class='fieldset'>
<label for='username' class='form'><?php echo $l['all']['Username']?></label>
<input name='username' type='hidden' value='<?php if (isset($username)) echo $username ?>' />
<input name='username' type='text' id='username' value='<?php if (isset($username)) echo $username ?>' disabled tabindex=100 />
<img src='images/icons/comment.png' alt='Tip' border='0' onClick="javascript:toggleShowDiv('usernameTooltip')" />
<div id='usernameTooltip' style='display:none;visibility:visible' class='ToolTip'>
<img src='images/icons/comment.png' alt='Tip' border='0' />
<?php echo $l['Tooltip']['usernameTooltip'] ?>
</div>
</li>
<li class='fieldset'>
<label for='password' class='form'><?php echo $l['all']['Password']?></label>
<input name='password' type='text' id='password' value='<?php if (isset($user_password)) echo $user_password ?>'
<?php if (isset($hiddenPassword)) echo $hiddenPassword ?> disabled tabindex=101 />
<img src='images/icons/comment.png' alt='Tip' border='0' onClick="javascript:toggleShowDiv('passwordTooltip')" />
<div id='passwordTooltip' style='display:none;visibility:visible' class='ToolTip'>
<img src='images/icons/comment.png' alt='Tip' border='0' />
<?php echo $l['Tooltip']['passwordTooltip'] ?>
</div>
</li>
</div>
<li class='fieldset'>
<label for='planName' class='form'><?php echo $l['all']['PlanName'] ?></label>
<input name='oldplanName' type='hidden' value='<?php if (isset($bi_planname)) echo $bi_planname ?>' />
<?php
include 'include/management/populate_selectbox.php';
populate_plans("$bi_planname","planName","form");
?>
<img src='images/icons/comment.png' alt='Tip' border='0' onClick="javascript:toggleShowDiv('planNameTooltip')" />
<div id='planNameTooltip' style='display:none;visibility:visible' class='ToolTip'>
<img src='images/icons/comment.png' alt='Tip' border='0' />
<?php echo $l['Tooltip']['planNameTooltip'] ?>
</div>
</li>
<li class='fieldset'>
<br/>
<hr><br/>
<input type='submit' name='submit' value='<?php echo $l['buttons']['apply'] ?>' tabindex=10000 class='button' />
</li>
</ul>
</fieldset>
</div>
<div class="tabbertab" title="<?php echo $l['title']['UserInfo']; ?>">
<?php
$customApplyButton = "<input type='submit' name='submit' value=".$l['buttons']['apply']." class='button' />";
include_once('include/management/userinfo.php');
?>
</div>
<div class="tabbertab" title="<?php echo $l['title']['BillingInfo']; ?>">
<?php
$customApplyButton = "<input type='submit' name='submit' value=".$l['buttons']['apply']." class='button' />";
include_once('include/management/userbillinfo.php');
?>
</div>
<div class="tabbertab" title="<?php echo $l['title']['Profiles']; ?>">
<?php
include 'library/opendb.php';
$groupTerminology = "Profile";
$groupTerminologyPriority = "ProfilePriority";
include_once('include/management/groups.php');
include 'library/closedb.php';
?>
</ul>
<br/>
<h301> Assign New Profiles </h301>
<br/>
<ul>
<li class='fieldset'>
<li class='fieldset'>
<label for='profile' class='form'><?php echo $l['all']['Profile']?></label>
<?php
include_once 'include/management/populate_selectbox.php';
populate_groups("Select Profile","newgroups[]");
?>
<a class='tablenovisit' href='#'
onClick="javascript:ajaxGeneric('include/management/dynamic_groups.php','getGroups','divContainerProfiles',genericCounter('divCounter')+'&elemName=newgroups[]');">Add</a>
<img src='images/icons/comment.png' alt='Tip' border='0' onClick="javascript:toggleShowDiv('groupTooltip')" />
<div id='divContainerProfiles'>
</div>
<div id='groupTooltip' style='display:none;visibility:visible' class='ToolTip'>
<img src='images/icons/comment.png' alt='Tip' border='0' />
<?php echo $l['Tooltip']['groupTooltip'] ?>
</div>
</li>
<br/><br/>
<br/>
<hr><br/>
<input type='submit' name='submit' value='<?php echo $l['buttons']['apply'] ?>' class='button' />
</li>
</ul>
</fieldset>
<br/>
</div>
</div>
</form>
<?php
include_once('include/management/userReports.php');
userSubscriptionAnalysis($username, 1); // userSubscriptionAnalysis with argument set to 1 for drawing the table
userConnectionStatus($username, 1); // userConnectionStatus (same as above)
?>
<?php
include('include/config/logging.php');
?>
</div>
<div id="footer">
<?php
include 'page-footer.php';
?>
</div>
</div>
</div>
</body>
</html>