diff --git a/airtime_mvc/application/configs/ACL.php b/airtime_mvc/application/configs/ACL.php
index 842778065..ff65a9192 100644
--- a/airtime_mvc/application/configs/ACL.php
+++ b/airtime_mvc/application/configs/ACL.php
@@ -7,13 +7,15 @@ $ccAcl = new Zend_Acl();
$ccAcl->addRole(new Zend_Acl_Role('G'))
->addRole(new Zend_Acl_Role('H'), 'G')
->addRole(new Zend_Acl_Role('P'), 'H')
- ->addRole(new Zend_Acl_Role('A'), 'P');
+ ->addRole(new Zend_Acl_Role('A'), 'P')
+ ->addRole(new Zend_Acl_Role('S'), 'A');
$ccAcl->add(new Zend_Acl_Resource('library'))
->add(new Zend_Acl_Resource('index'))
->add(new Zend_Acl_Resource('user'))
->add(new Zend_Acl_Resource('error'))
->add(new Zend_Acl_Resource('login'))
+ ->add(new Zend_Acl_Resource('whmcs-login'))
->add(new Zend_Acl_Resource('playlist'))
->add(new Zend_Acl_Resource('plupload'))
->add(new Zend_Acl_Resource('schedule'))
@@ -29,11 +31,13 @@ $ccAcl->add(new Zend_Acl_Resource('library'))
->add(new Zend_Acl_Resource('audiopreview'))
->add(new Zend_Acl_Resource('webstream'))
->add(new Zend_Acl_Resource('locale'))
- ->add(new Zend_Acl_Resource('upgrade'));
+ ->add(new Zend_Acl_Resource('upgrade'))
+ ->add(new Zend_Acl_Resource('billing'));
/** Creating permissions */
$ccAcl->allow('G', 'index')
->allow('G', 'login')
+ ->allow('G', 'whmcs-login')
->allow('G', 'error')
->allow('G', 'user', 'edit-user')
->allow('G', 'showbuilder')
@@ -54,7 +58,8 @@ $ccAcl->allow('G', 'index')
->allow('A', 'listenerstat')
->allow('A', 'user')
->allow('A', 'systemstatus')
- ->allow('A', 'preference');
+ ->allow('A', 'preference')
+ ->allow('S', 'billing');
$aclPlugin = new Zend_Controller_Plugin_Acl($ccAcl);
diff --git a/airtime_mvc/application/configs/constants.php b/airtime_mvc/application/configs/constants.php
index 34f8cab41..69ce78d19 100644
--- a/airtime_mvc/application/configs/constants.php
+++ b/airtime_mvc/application/configs/constants.php
@@ -41,6 +41,7 @@ define('UI_MDATA_VALUE_FORMAT_STREAM' , 'live stream');
//User types
define('UTYPE_HOST' , 'H');
define('UTYPE_ADMIN' , 'A');
+define('UTYPE_SUPERADMIN' , 'S');
define('UTYPE_GUEST' , 'G');
define('UTYPE_PROGRAM_MANAGER' , 'P');
@@ -63,3 +64,9 @@ define('UI_BLOCK_SESSNAME', 'BLOCK');*/
define('SOUNDCLOUD_NOT_UPLOADED_YET' , -1);
define('SOUNDCLOUD_PROGRESS' , -2);
define('SOUNDCLOUD_ERROR' , -3);
+
+
+//WHMCS integration
+define("WHMCS_API_URL", "https://account.sourcefabric.com/includes/api.php");
+define("SUBDOMAIN_WHMCS_CUSTOM_FIELD_NAME", "Choose your domain");
+
diff --git a/airtime_mvc/application/configs/navigation.php b/airtime_mvc/application/configs/navigation.php
index f3149f146..5b7e4e049 100644
--- a/airtime_mvc/application/configs/navigation.php
+++ b/airtime_mvc/application/configs/navigation.php
@@ -134,6 +134,34 @@ $pages = array(
'resource' => 'dashboard'
)
)
+ ),
+ array(
+ 'label' => _('Billing'),
+ 'uri' => '#',
+ 'resource' => 'billing',
+ 'pages' => array(
+ array(
+ 'label' => _('Account Details'),
+ 'module' => 'default',
+ 'controller' => 'billing',
+ 'action' => 'client',
+ 'resource' => 'billing'
+ ),
+ array(
+ 'label' => _('Account Plans'),
+ 'module' => 'default',
+ 'controller' => 'billing',
+ 'action' => 'upgrade',
+ 'resource' => 'billing'
+ ),
+ array(
+ 'label' => _('View Invoices'),
+ 'module' => 'default',
+ 'controller' => 'billing',
+ 'action' => 'invoices',
+ 'resource' => 'billing'
+ )
+ )
)
);
diff --git a/airtime_mvc/application/controllers/BillingController.php b/airtime_mvc/application/controllers/BillingController.php
new file mode 100644
index 000000000..696c69319
--- /dev/null
+++ b/airtime_mvc/application/controllers/BillingController.php
@@ -0,0 +1,558 @@
+_helper->getHelper('AjaxContext');
+ $ajaxContext->addActionContext('vat-validator', 'json')
+ ->addActionContext('is-country-in-eu', 'json')
+ ->initContext();
+ }
+
+ public function indexAction()
+ {
+
+ }
+
+ public function upgradeAction()
+ {
+ $CC_CONFIG = Config::getConfig();
+ $baseUrl = Application_Common_OsPath::getBaseDir();
+ $this->view->headLink()->appendStylesheet($baseUrl.'css/billing.css?'.$CC_CONFIG['airtime_version']);
+ BillingController::ensureClientIdIsValid();
+
+ $request = $this->getRequest();
+ $form = new Application_Form_BillingUpgradeDowngrade();
+ if ($request->isPost()) {
+
+ /*
+ * TODO: determine if VAT shoould be charged on the invoice or not.
+ * We'll need to check if a VAT number was supplied in the form and if so,
+ * validate it somehow. We'll also need to make sure the country given is
+ * in the EU
+ */
+
+ $formData = $request->getPost();
+ if ($form->isValid($formData)) {
+ $credentials = self::getAPICredentials();
+
+ if (in_array("7", $formData["customfields"])) {
+ $apply_vat = BillingController::checkIfVatShouldBeApplied($formData["customfields"]["7"], $formData["country"]);
+ } else {
+ $apply_vat = false;
+ }
+
+ $postfields = array();
+ $postfields["username"] = $credentials["username"];
+ $postfields["password"] = md5($credentials["password"]);
+ $postfields["action"] = "upgradeproduct";
+ $postfields["clientid"] = Application_Model_Preference::GetClientId();
+
+ $postfields["serviceid"] = self::getClientInstanceId();
+ $postfields["type"] = "product";
+ $postfields["newproductid"] = $formData["newproductid"];
+ $postfields["newproductbillingcycle"] = $formData["newproductbillingcycle"];
+ $postfields["paymentmethod"] = $formData["paymentmethod"];
+ $postfields["responsetype"] = "json";
+
+ $upgrade_query_string = "";
+ foreach ($postfields AS $k=>$v) $upgrade_query_string .= "$k=".urlencode($v)."&";
+
+ //update client info
+
+ $clientfields = array();
+ $clientfields["username"] = $credentials["username"];
+ $clientfields["password"] = md5($credentials["password"]);
+ $clientfields["action"] = "updateclient";
+ $clientfields["clientid"] = Application_Model_Preference::GetClientId();
+ $clientfields["customfields"] = base64_encode(serialize($formData["customfields"]));
+ unset($formData["customfields"]);
+ $clientfields["responsetype"] = "json";
+ unset($formData["newproductid"]);
+ unset($formData["newproductbillingcycle"]);
+ unset($formData["paymentmethod"]);
+ unset($formData["action"]);
+ $clientfields = array_merge($clientfields, $formData);
+ unset($clientfields["password2verify"]);
+ unset($clientfields["submit"]);
+ $client_query_string = "";
+ foreach ($clientfields AS $k=>$v) $client_query_string .= "$k=".urlencode($v)."&";
+
+ $result = $this->makeRequest($credentials["url"], $client_query_string);
+ Logging::info($result);
+ if ($result["result"] == "error") {
+ $this->setErrorMessage();
+ $this->view->form = $form;
+ } else {
+ $result = $this->makeRequest($credentials["url"], $upgrade_query_string);
+ if ($result["result"] == "error") {
+ Logging::info($_SERVER['HTTP_HOST']." - Account upgrade failed. - ".$result["message"]);
+ $this->setErrorMessage();
+ $this->view->form = $form;
+ } else {
+ if ($apply_vat) {
+ $this->addVatToInvoice($result["invoiceid"]);
+ }
+ self::viewInvoice($result["invoiceid"]);
+ }
+ }
+ } else {
+ $this->view->form = $form;
+ }
+ } else {
+ $this->view->form = $form;
+ }
+ }
+
+
+ public function isCountryInEuAction()
+ {
+ // Disable the view and the layout
+ $this->view->layout()->disableLayout();
+ $this->_helper->viewRenderer->setNoRender(true);
+
+ $request = $this->getRequest();
+ if (!$request->isPost()) {
+ throw new Exception("Must POST data to isCountryInEuAction.");
+ }
+ $formData = $request->getPost();
+
+ //Set the return JSON value
+ $this->_helper->json(array("result"=>BillingController::isCountryInEU($formData["country"])));
+ }
+
+ public function vatValidatorAction()
+ {
+ // Disable the view and the layout
+ $this->view->layout()->disableLayout();
+ $this->_helper->viewRenderer->setNoRender(true);
+
+ $request = $this->getRequest();
+ if (!$request->isPost()) {
+ throw new Exception("Must POST data to vatValidatorAction.");
+ }
+ $formData = $request->getPost();
+
+ $vatNumber = trim($formData["vatnumber"]);
+ if (empty($vatNumber)) {
+ $this->_helper->json(array("result"=>false));
+ }
+
+ //Set the return JSON value
+ $this->_helper->json(array("result"=>BillingController::checkIfVatShouldBeApplied($vatNumber, $formData["country"])));
+ }
+
+ /**
+ * @return True if VAT should be applied to the order, false otherwise.
+ */
+ private static function checkIfVatShouldBeApplied($vatNumber, $countryCode)
+ {
+ if ($countryCode === 'UK') {
+ $countryCode = 'GB'; //VIES database has it as GB
+ }
+ //We don't charge you VAT if you're not in the EU
+ if (!BillingController::isCountryInEU($countryCode))
+ {
+ return false;
+ }
+
+ //So by here, we know you're in the EU.
+
+ //No VAT number? Then we charge you VAT.
+ if (empty($vatNumber)) {
+ return true;
+ }
+ //Check if VAT number is valid
+ return BillingController::validateVATNumber($vatNumber, $countryCode);
+ }
+
+ private static function isCountryInEU($countryCode)
+ {
+ $euCountryCodes = array('BE', 'BG', 'CZ', 'DK', 'DE', 'EE', 'IE', 'EL', 'ES', 'FR',
+ 'HR', 'IT', 'CY', 'LV', 'LT', 'LU', 'HU', 'MT', 'NL', 'AT',
+ 'PL', 'PT', 'RO', 'SI', 'SK', 'FI', 'SE', 'UK', 'GB');
+
+ if (!in_array($countryCode, $euCountryCodes)) {
+ return false;
+ }
+ return true;
+ }
+
+ /**
+ * Check if an EU VAT number is valid, using the EU VIES validation web API.
+ *
+ * @param string $vatNumber - A VAT identifier (number), with or without the two letter country code at the
+ * start (either one works) .
+ * @param string $countryCode - A two letter country code
+ * @return boolean true if the VAT number is valid, false otherwise.
+ */
+ private static function validateVATNumber($vatNumber, $countryCode)
+ {
+ $vatNumber = str_replace(array(' ', '.', '-', ',', ', '), '', trim($vatNumber));
+
+ //If the first two letters are a country code, use that as the country code and remove those letters.
+ $firstTwoCharacters = substr($vatNumber, 0, 2);
+ if (preg_match("/[a-zA-Z][a-zA-Z]/", $firstTwoCharacters) === 1) {
+ $countryCode = strtoupper($firstTwoCharacters); //The country code from the VAT number overrides your country.
+ $vatNumber = substr($vatNumber, 2);
+ }
+ $client = new SoapClient("http://ec.europa.eu/taxation_customs/vies/checkVatService.wsdl");
+
+ if($client){
+ $params = array('countryCode' => $countryCode, 'vatNumber' => $vatNumber);
+ try{
+ $r = $client->checkVat($params);
+ if($r->valid == true){
+ // VAT-ID is valid
+ return true;
+ } else {
+ // VAT-ID is NOT valid
+ return false;
+ }
+ } catch(SoapFault $e) {
+ Logging::error('VIES EU VAT validation error: '.$e->faultstring);
+ if ($e->faultstring == "INVALID_INPUT") {
+ return false;
+ }
+ //If there was another error with the VAT validation service, we allow
+ //the VAT number to pass. (eg. SERVER_BUSY, MS_UNAVAILABLE, TIMEOUT, SERVICE_UNAVAILABLE)
+ return true;
+ }
+ } else {
+ // Connection to host not possible, europe.eu down?
+ Logging::error('VIES EU VAT validation error: Host unreachable');
+ //If there was an error with the VAT validation service, we allow
+ //the VAT number to pass.
+ return true;
+ }
+ return false;
+ }
+
+
+ private function addVatToInvoice($invoice_id)
+ {
+ $credentials = self::getAPICredentials();
+
+ //First we need to get the invoice details: sub total, and total
+ //so we can calcuate the amount of VAT to add
+ $invoicefields = array();
+ $invoicefields["username"] = $credentials["username"];
+ $invoicefields["password"] = md5($credentials["password"]);
+ $invoicefields["action"] = "getinvoice";
+ $invoicefields["invoiceid"] = $invoice_id;
+ $invoicefields["responsetype"] = "json";
+
+ $invoice_query_string = "";
+ foreach ($invoicefields as $k=>$v) $invoice_query_string .= "$k=".urlencode($v)."&";
+
+ //TODO: error checking
+ $result = $this->makeRequest($credentials["url"], $invoice_query_string);
+
+ $vat_amount = $result["subtotal"] * (VAT_RATE/100);
+ $invoice_total = $result["total"] + $vat_amount;
+
+ //Second, update the invoice with the VAT amount and updated total
+ $postfields = array();
+ $postfields["username"] = $credentials["username"];
+ $postfields["password"] = md5($credentials["password"]);
+ $postfields["action"] = "updateinvoice";
+ $postfields["invoiceid"] = $invoice_id;
+ $postfields["tax"] = "$vat_amount";
+ $postfields["taxrate"] = strval(VAT_RATE);
+ $postfields["total"] = "$invoice_total";
+ $postfields["responsetype"] = "json";
+
+ $query_string = "";
+ foreach ($postfields as $k=>$v) $query_string .= "$k=".urlencode($v)."&";
+
+ //TODO: error checking
+ $result = $this->makeRequest($credentials["url"], $query_string);
+ }
+
+ private function setErrorMessage($msg=null)
+ {
+ if (!is_null($msg)) {
+ $this->view->errorMessage = $msg;
+ } else {
+ $this->view->errorMessage = "An error occurred and we could not update your account. Please contact support for help.";
+ }
+ }
+
+ private function setSuccessMessage($msg=null)
+ {
+ if (!is_null($msg)) {
+ $this->view->successMessage = $msg;
+ } else {
+ $this->view->successMessage = "Your account has been updated.";
+ }
+ }
+
+ private static function getAPICredentials()
+ {
+ return array(
+ "username" => $_SERVER["WHMCS_USERNAME"],
+ "password" => $_SERVER["WHMCS_PASSWORD"],
+ "url" => "https://account.sourcefabric.com/includes/api.php?accesskey=".$_SERVER["WHMCS_ACCESS_KEY"],
+ );
+ }
+
+ private static function viewInvoice($invoice_id)
+ {
+ $whmcsurl = "https://account.sourcefabric.com/dologin.php";
+ $autoauthkey = $_SERVER["WHMCS_AUTOAUTH_KEY"];
+ $timestamp = time(); //whmcs timezone?
+ $client = self::getClientDetails();
+ $email = $client["email"];
+ $hash = sha1($email.$timestamp.$autoauthkey);
+ $goto = "viewinvoice.php?id=".$invoice_id;
+ header("Location: ".$whmcsurl."?email=$email×tamp=$timestamp&hash=$hash&goto=$goto");
+ }
+
+ public function clientAction()
+ {
+ $CC_CONFIG = Config::getConfig();
+ $baseUrl = Application_Common_OsPath::getBaseDir();
+ $this->view->headLink()->appendStylesheet($baseUrl.'css/billing.css?'.$CC_CONFIG['airtime_version']);
+
+ $request = $this->getRequest();
+ $form = new Application_Form_BillingClient();
+ BillingController::ensureClientIdIsValid();
+ if ($request->isPost()) {
+ $formData = $request->getPost();
+ if ($form->isValid($formData)) {
+
+ $credentials = self::getAPICredentials();
+
+ $postfields = array();
+ $postfields["username"] = $credentials["username"];
+ $postfields["password"] = md5($credentials["password"]);
+ $postfields["action"] = "updateclient";
+
+ $postfields["customfields"] = base64_encode(serialize($formData["customfields"]));
+ unset($formData["customfields"]);
+
+ $postfields["clientid"] = Application_Model_Preference::GetClientId();
+ $postfields["responsetype"] = "json";
+ $postfields = array_merge($postfields, $formData);
+ unset($postfields["password2verify"]);
+ unset($postfields["submit"]);
+
+ $query_string = "";
+ foreach ($postfields AS $k=>$v) $query_string .= "$k=".urlencode($v)."&";
+
+ $result = $this->makeRequest($credentials["url"], $query_string);
+
+ if ($result["result"] == "error") {
+ $this->setErrorMessage();
+ } else {
+ $form = new Application_Form_BillingClient();
+ $this->setSuccessMessage();
+ }
+
+ $this->view->form = $form;
+ } else {
+ $this->view->form = $form;
+ }
+ } else {
+ $this->view->form = $form;
+ }
+ }
+
+ public function invoicesAction()
+ {
+ $CC_CONFIG = Config::getConfig();
+ $baseUrl = Application_Common_OsPath::getBaseDir();
+ $this->view->headLink()->appendStylesheet($baseUrl.'css/billing.css?'.$CC_CONFIG['airtime_version']);
+
+ BillingController::ensureClientIdIsValid();
+ $credentials = self::getAPICredentials();
+
+ $postfields = array();
+ $postfields["username"] = $credentials["username"];
+ $postfields["password"] = md5($credentials["password"]);
+ $postfields["action"] = "getinvoices";
+ $postfields["responsetype"] = "json";
+ $postfields["userid"] = Application_Model_Preference::GetClientId();
+
+ $query_string = "";
+ foreach ($postfields AS $k=>$v) $query_string .= "$k=".urlencode($v)."&";
+
+ $result = self::makeRequest($credentials["url"], $query_string);
+
+ $this->view->invoices = $result["invoices"]["invoice"];
+ }
+
+ public function invoiceAction()
+ {
+ BillingController::ensureClientIdIsValid();
+ $request = $this->getRequest();
+ $invoice_id = $request->getParam('invoiceid');
+ self::viewInvoice($invoice_id);
+ }
+
+ /** Get the Airtime instance ID of the instance the customer is currently viewing. */
+ private static function getClientInstanceId()
+ {
+ $currentProduct = BillingController::getClientCurrentAirtimeProduct();
+ return $currentProduct["id"];
+ }
+
+ public static function getProducts()
+ {
+ //Making this static to cache the products during a single HTTP request.
+ //This saves us roundtrips to WHMCS if getProducts() is called multiple times.
+ static $result = array();
+ if (!empty($result))
+ {
+ return $result["products"]["product"];
+ }
+
+ $credentials = self::getAPICredentials();
+
+ $postfields = array();
+ $postfields["username"] = $credentials["username"];
+ $postfields["password"] = md5($credentials["password"]);
+ $postfields["action"] = "getproducts";
+ $postfields["responsetype"] = "json";
+ //gid is the Airtime product group id on whmcs
+ $postfields["gid"] = "15";
+
+ $query_string = "";
+ foreach ($postfields AS $k=>$v) $query_string .= "$k=".urlencode($v)."&";
+
+ $result = self::makeRequest($credentials["url"], $query_string);
+ return $result["products"]["product"];
+ }
+
+ public static function getProductPricesAndTypes()
+ {
+ $products = BillingController::getProducts();
+
+ foreach ($products as $k => $p) {
+ $productPrices[$p["name"]] = array(
+ "monthly" => $p["pricing"]["USD"]["monthly"],
+ "annually" => $p["pricing"]["USD"]["annually"]
+ );
+ $productTypes[$p["pid"]] = $p["name"] . " ($" . $productPrices[$p['name']]['monthly'] . "/mo)";
+ }
+ return array($productPrices, $productTypes);
+ }
+
+ /** Get the plan (or product in WHMCS lingo) that the customer is currently on.
+ * @return An associative array containing the fields for the product
+ * */
+ public static function getClientCurrentAirtimeProduct()
+ {
+ static $airtimeProduct = null;
+ //Ghetto caching to avoid multiple round trips to WHMCS
+ if ($airtimeProduct) {
+ return $airtimeProduct;
+ }
+ $credentials = self::getAPICredentials();
+
+ $postfields = array();
+ $postfields["username"] = $credentials["username"];
+ $postfields["password"] = md5($credentials["password"]);
+ $postfields["action"] = "getclientsproducts";
+ $postfields["responsetype"] = "json";
+ $postfields["clientid"] = Application_Model_Preference::GetClientId();
+
+ $query_string = "";
+ foreach ($postfields AS $k=>$v) $query_string .= "$k=".urlencode($v)."&";
+
+ $result = self::makeRequest($credentials["url"], $query_string);
+
+ //XXX: Debugging / local testing
+ if ($_SERVER['SERVER_NAME'] == "airtime.localhost") {
+ $_SERVER['SERVER_NAME'] = "bananas.airtime.pro";
+ }
+
+ //This code must run on airtime.pro for it to work... it's trying to match
+ //the server's hostname with the client subdomain. Once it finds a match
+ //between the product and the server's hostname/subdomain, then it
+ //returns the ID of that product (aka. the service ID of an Airtime instance)
+ foreach ($result["products"] as $product)
+ {
+ if (strpos($product[0]["groupname"], "Airtime") === FALSE)
+ {
+ //Ignore non-Airtime products
+ continue;
+ }
+ else
+ {
+ if ($product[0]["status"] === "Active") {
+ $airtimeProduct = $product[0];
+ $subdomain = '';
+
+ foreach ($airtimeProduct['customfields']['customfield'] as $customField) {
+ if ($customField['name'] === SUBDOMAIN_WHMCS_CUSTOM_FIELD_NAME) {
+ $subdomain = $customField['value'];
+ if (($subdomain . ".airtime.pro") === $_SERVER['SERVER_NAME']) {
+ return $airtimeProduct;
+ }
+ }
+ }
+ }
+ }
+ }
+ throw new Exception("Unable to match subdomain to a service ID");
+ }
+
+ public static function getClientDetails()
+ {
+ try {
+ $credentials = self::getAPICredentials();
+
+ $postfields = array();
+ $postfields["username"] = $credentials["username"];
+ $postfields["password"] = md5($credentials["password"]);
+ $postfields["action"] = "getclientsdetails";
+ $postfields["stats"] = true;
+ $postfields["clientid"] = Application_Model_Preference::GetClientId();
+ $postfields["responsetype"] = "json";
+
+ $query_string = "";
+ foreach ($postfields AS $k=>$v) $query_string .= "$k=".urlencode($v)."&";
+
+ $arr = self::makeRequest($credentials["url"], $query_string);
+ return $arr["client"];
+ } catch (Exception $e) {
+ Logging::info($e->getMessage());
+ }
+ }
+
+ private static function makeRequest($url, $query_string) {
+ try {
+ $ch = curl_init();
+ curl_setopt($ch, CURLOPT_URL, $url);
+ curl_setopt($ch, CURLOPT_POST, 1);
+ curl_setopt($ch, CURLOPT_TIMEOUT, 5); //Aggressive 5 second timeout
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $query_string);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+ $jsondata = curl_exec($ch);
+ if (curl_error($ch)) {
+ //die("Connection Error: ".curl_errno($ch).' - '.curl_error($ch));
+ throw new Exception("WHMCS server down or invalid request.");
+ }
+ curl_close($ch);
+
+ return json_decode($jsondata, true);
+ } catch (Exception $e) {
+ Logging::info($e->getMessage());
+ }
+ }
+
+ private static function ensureClientIdIsValid()
+ {
+ if (Application_Model_Preference::GetClientId() == null)
+ {
+ throw new Exception("Invalid client ID: " . Application_Model_Preference::GetClientId());
+ }
+ }
+}
\ No newline at end of file
diff --git a/airtime_mvc/application/controllers/LibraryController.php b/airtime_mvc/application/controllers/LibraryController.php
index 41ab24eaa..42699e9bc 100644
--- a/airtime_mvc/application/controllers/LibraryController.php
+++ b/airtime_mvc/application/controllers/LibraryController.php
@@ -83,7 +83,7 @@ class LibraryController extends Zend_Controller_Action
$obj = new $objInfo['className']($obj_sess->id);
$userInfo = Zend_Auth::getInstance()->getStorage()->read();
$user = new Application_Model_User($userInfo->id);
- $isAdminOrPM = $user->isUserType(array(UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER));
+ $isAdminOrPM = $user->isUserType(array(UTYPE_SUPERADMIN, UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER));
if ($isAdminOrPM || $obj->getCreatorId() == $userInfo->id) {
$this->view->obj = $obj;
@@ -186,7 +186,7 @@ class LibraryController extends Zend_Controller_Action
//Open a jPlayer window and play the audio clip.
$menu["play"] = array("name"=> _("Preview"), "icon" => "play", "disabled" => false);
- $isAdminOrPM = $user->isUserType(array(UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER));
+ $isAdminOrPM = $user->isUserType(array(UTYPE_SUPERADMIN, UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER));
$obj_sess = new Zend_Session_Namespace(UI_PLAYLISTCONTROLLER_OBJ_SESSNAME);
@@ -302,7 +302,7 @@ class LibraryController extends Zend_Controller_Action
$mediaItems = $this->_getParam('media', null);
$user = Application_Model_User::getCurrentUser();
- //$isAdminOrPM = $user->isUserType(array(UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER));
+ //$isAdminOrPM = $user->isUserType(array(UTYPE_SUPERADMIN, UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER));
$files = array();
$playlists = array();
@@ -418,7 +418,7 @@ class LibraryController extends Zend_Controller_Action
public function editFileMdAction()
{
$user = Application_Model_User::getCurrentUser();
- $isAdminOrPM = $user->isUserType(array(UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER));
+ $isAdminOrPM = $user->isUserType(array(UTYPE_SUPERADMIN, UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER));
$request = $this->getRequest();
diff --git a/airtime_mvc/application/controllers/LoginController.php b/airtime_mvc/application/controllers/LoginController.php
index 84af7f954..9899139d5 100644
--- a/airtime_mvc/application/controllers/LoginController.php
+++ b/airtime_mvc/application/controllers/LoginController.php
@@ -1,5 +1,7 @@
getRequest();
+ //Allow AJAX requests from www.airtime.pro. We use this to automatically login users
+ //after they sign up from the microsite.
+ //Chrome sends the Origin header for all requests, so we whitelist the webserver's hostname as well.
+ $response = $this->getResponse()->setHeader('Access-Control-Allow-Origin', '*');
+ $origin = $request->getHeader('Origin');
+ if (($origin != "") &&
+ (!in_array($origin,
+ array("http://www.airtime.pro",
+ "https://www.airtime.pro",
+ "http://" . $_SERVER['SERVER_NAME'],
+ "https://" . $_SERVER['SERVER_NAME']
+ ))
+ ))
+ {
+ //Don't allow CORS from other domains to prevent XSS.
+ throw new Zend_Controller_Action_Exception('Forbidden', 403);
+ }
+
Application_Model_Locale::configureLocalization($request->getcookie('airtime_locale', 'en_CA'));
$auth = Zend_Auth::getInstance();
@@ -71,12 +91,23 @@ class LoginController extends Zend_Controller_Action
$this->_redirect('Showbuilder');
} else {
-
- $message = _("Wrong username or password provided. Please try again.");
- Application_Model_Subjects::increaseLoginAttempts($username);
- Application_Model_LoginAttempts::increaseAttempts($_SERVER['REMOTE_ADDR']);
- $form = new Application_Form_Login();
- $error = true;
+ $email = $form->getValue('username');
+ $authAdapter = new WHMCS_Auth_Adapter("admin", $email, $password);
+ $auth = Zend_Auth::getInstance();
+ $result = $auth->authenticate($authAdapter);
+ if ($result->isValid()) {
+ //set the user locale in case user changed it in when logging in
+ Application_Model_Preference::SetUserLocale($locale);
+
+ $this->_redirect('Showbuilder');
+ }
+ else {
+ $message = _("Wrong username or password provided. Please try again.");
+ Application_Model_Subjects::increaseLoginAttempts($username);
+ Application_Model_LoginAttempts::increaseAttempts($_SERVER['REMOTE_ADDR']);
+ $form = new Application_Form_Login();
+ $error = true;
+ }
}
}
}
diff --git a/airtime_mvc/application/controllers/ScheduleController.php b/airtime_mvc/application/controllers/ScheduleController.php
index f3d61d867..d41cd37a6 100644
--- a/airtime_mvc/application/controllers/ScheduleController.php
+++ b/airtime_mvc/application/controllers/ScheduleController.php
@@ -104,7 +104,7 @@ class ScheduleController extends Zend_Controller_Action
$this->createShowFormAction(true);
$user = Application_Model_User::getCurrentUser();
- if ($user->isUserType(array(UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER))) {
+ if ($user->isUserType(array(UTYPE_SUPERADMIN, UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER))) {
$this->view->preloadShowForm = true;
}
@@ -133,7 +133,7 @@ class ScheduleController extends Zend_Controller_Action
{
$userInfo = Zend_Auth::getInstance()->getStorage()->read();
$user = new Application_Model_User($userInfo->id);
- $editable = $user->isUserType(array(UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER));
+ $editable = $user->isUserType(array(UTYPE_SUPERADMIN, UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER));
$calendar_interval = Application_Model_Preference::GetCalendarTimeScale();
Logging::info($calendar_interval);
@@ -209,7 +209,7 @@ class ScheduleController extends Zend_Controller_Action
$userInfo = Zend_Auth::getInstance()->getStorage()->read();
$user = new Application_Model_User($userInfo->id);
- if ($user->isUserType(array(UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER))) {
+ if ($user->isUserType(array(UTYPE_SUPERADMIN, UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER))) {
try {
$show = new Application_Model_Show($showId);
} catch (Exception $e) {
@@ -654,7 +654,7 @@ class ScheduleController extends Zend_Controller_Action
$user = Application_Model_User::getCurrentUser();
- if ($user->isUserType(array(UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER))) {
+ if ($user->isUserType(array(UTYPE_SUPERADMIN, UTYPE_ADMIN, UTYPE_PROGRAM_MANAGER))) {
$id = $this->_getParam('id');
try {
diff --git a/airtime_mvc/application/controllers/UpgradeController.php b/airtime_mvc/application/controllers/UpgradeController.php
index 2df3636ff..30067ece7 100644
--- a/airtime_mvc/application/controllers/UpgradeController.php
+++ b/airtime_mvc/application/controllers/UpgradeController.php
@@ -1,71 +1,51 @@
view->layout()->disableLayout();
$this->_helper->viewRenderer->setNoRender(true);
if (!$this->verifyAuth()) {
return;
}
+
+ $upgraders = array();
+ array_push($upgraders, new AirtimeUpgrader253());
+ array_push($upgraders, new AirtimeUpgrader254());
- if (!$this->verifyAirtimeVersion()) {
- return;
- }
-
- $con = Propel::getConnection();
- $con->beginTransaction();
- try {
- //Disable Airtime UI
- //create a temporary maintenance notification file
- //when this file is on the server, zend framework redirects all
- //requests to the maintenance page and sets a 503 response code
-
- $maintenanceFile = isset($_SERVER['AIRTIME_BASE']) ? $_SERVER['AIRTIME_BASE']."maintenance.txt" : "/tmp/maintenance.txt";
- $file = fopen($maintenanceFile, 'w');
- fclose($file);
-
- //Begin upgrade
+ $didWePerformAnUpgrade = false;
+ try
+ {
+ for ($i = 0; $i < count($upgraders); $i++)
+ {
+ $upgrader = $upgraders[$i];
+ if ($upgrader->checkIfUpgradeSupported())
+ {
+ $upgrader->upgrade(); //This will throw an exception if the upgrade fails.
+ $didWePerformAnUpgrade = true;
+ $this->getResponse()
+ ->setHttpResponseCode(200)
+ ->appendBody("Upgrade to Airtime " . $upgrader->getNewVersion() . " OK
+
Billing Account Details
+errorMessage)) {?>
+
errorMessage ?>
+successMessage)) {?>
+
successMessage ?>
+
+
+form ?>
+
+
Invoices
+
and look for the \"Checkout\" button.")?>
+
+
+
+
+
+
+
+ Hobbyist
+ Starter
+ Plus
+ Premium
+
+
+ 1 Stream
+
+ 2 Streams
+
+ 2 Streams
+
+ 3 Streams
+
+
+
+ 64kbps Stream Quality
+
+ 64kbps and 128kbps Stream Quality
+
+ 64kbps and 196kbps Stream Quality
+
+ 64kbps, 128kbps, and 196kbps Stream Quality
+
+
+
+ 5 Listeners
+
+ 40 Listeners per stream
+
+ 100 Listeners per stream
+
+ 500 Listeners per stream
+
+
+
+ 2GB Storage
+
+ 5GB Storage
+
+ 30GB Storage
+
+ 150GB Storage
+
+
+
+ Ticket, Email, Forum Support
+
+ Live Chat, Ticket, Email, Forum Support
+
+ Live Chat, Ticket, Email, Forum Support
+
+ Live Chat, Ticket, Email, Forum Support
+
+
+
+
+
+ Save 15% if paid annually
+
+ Save 15% if paid annually
+
+ Save 15% if paid annually
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Current Plan:
+
+
+
+
Choose a plan:
+
+
diff --git a/airtime_mvc/application/views/scripts/user/add-user.phtml b/airtime_mvc/application/views/scripts/user/add-user.phtml
index a85744a46..b58607a89 100644
--- a/airtime_mvc/application/views/scripts/user/add-user.phtml
+++ b/airtime_mvc/application/views/scripts/user/add-user.phtml
@@ -26,6 +26,9 @@
+
+ Billing Settings."), "/billing/client");?>
+
successMessage ?>
diff --git a/airtime_mvc/public/css/billing.css b/airtime_mvc/public/css/billing.css
new file mode 100644
index 000000000..06edbec0b
--- /dev/null
+++ b/airtime_mvc/public/css/billing.css
@@ -0,0 +1,226 @@
+@CHARSET "UTF-8";
+
+.billing-panel
+{
+ width: 400px;
+ margin: 0 auto;
+ margin-bottom: 30px;
+}
+
+.billing-panel h3
+{
+ color: #222;
+}
+
+.billing-panel h4
+{
+ font-size: 1.25em;
+ margin: 0px;
+ color: #333;
+ font-weight: normal;
+}
+
+#upgrade-downgrade
+{
+ border: 0px solid #000;
+ margin: 0 auto;
+ color: #000;
+}
+
+#upgrade-downgrade label
+{
+ color: rgb(28,28,28);
+}
+#upgrade-downgrade label.disabled
+{
+ color: rgb(108,108,108);
+}
+
+#upgrade-downgrade dl
+{
+ width: 300px;
+}
+
+#upgrade-downgrade dt, #upgrade-downgrade dd
+{
+ margin: 0px;
+}
+
+#upgrade-downgrade dd
+{
+ margin-bottom: 10px;
+}
+
+.pricing-grid table
+{
+ border-spacing: 0px;
+ border-collapse: separate;
+ border: 1px solid #777;
+ width: 600px;
+ margin-left: -100px;
+ /*background-color: #555;*/
+ table-layout: fixed;
+ margin-top: 20px;
+ margin-bottom: 20px;
+ box-shadow: 0px 5px 5px rgba(0,0,0,0.5);
+}
+
+.pricing-grid td, .pricing-grid th
+{
+ border-bottom: 1px solid #999;
+ border-right: 1px solid #bbb;
+ background-color: #ccc;
+ padding: 10px;
+}
+
+.pricing-grid th
+{
+ border-top-left-radius: 5px;
+ border-top-right-radius: 5px;
+ border: 0px;
+}
+
+
+.pricing-grid tr.price td
+{
+ text-align: right;
+ background-color: #ddd;
+ font-weight: bold;
+}
+
+#current_plan
+{
+ text-align: center;
+}
+
+#plantype
+{
+ float: left;
+}
+
+#billingcycle
+{
+ float: left;
+ margin-left: 30px;
+}
+
+#billingcycle_disclaimer
+{
+ float: left;
+ margin-left: 30px;
+ width: 200px;
+}
+
+#vat_disclaimer
+{
+ text-align: right;
+ font-size: 0.9em;
+ margin-bottom: 30px;
+}
+
+#vat_disclaimer2
+{
+ float:right;
+ width: 200px;
+}
+
+#subtotal_box, #total_box
+{
+ position: relative;
+ text-align: right;
+ margin-top: 30px;
+ margin-bottom: 10px;
+ border: 1px solid #777;
+ background: #ccc;
+ padding: 5px;
+}
+#total_box
+{
+ margin-top: 10px;
+}
+
+#total
+{
+ border-bottom: 3px double;
+}
+
+#savings
+{
+ /*line-height: 30px;*/
+ position: absolute;
+ bottom: 5px;
+ left: 5px;
+}
+
+#paymentmethod
+{
+}
+
+.billing_col1, .billing_col2
+{
+ float: left;
+ margin-right: 10px;
+}
+
+.billing_checkbox
+{
+ float: left;
+ margin-right: 5px;
+ margin-bottom: 10px;
+}
+
+#upgrade-downgrade input[type=submit]
+{
+ float: right;
+}
+
+#invoices_table
+{
+ margin: 0 auto;
+ border-spacing: 0px;
+ border-collapse: separate;
+ border: 1px solid #777;
+ /*background-color: #555;*/
+ table-layout: fixed;
+ margin-top: 20px;
+ margin-bottom: 35px;
+ background: #ccc;
+}
+
+#invoices_table tbody tr th
+{
+ border: 0px;
+}
+
+#invoices_table .header
+{
+ box-shadow: 0px 2px 2px rgba(0,0,0,0.5);
+}
+
+#invoices_table tr
+{
+ border: 1px solid #555;
+}
+
+#invoices_table .unpaid
+{
+ color: #ff0000;
+}
+
+/** This form is the separate one on the Billing Account Details page (BillingClient.php) */
+#clientdetails_form dt {
+ float: left;
+ clear: both;
+ width: 50%;
+ margin-bottom: 10px;
+}
+#clientdetails_form dd {
+ float: left;
+ margin-left: 0px;
+ margin-bottom: 10px;
+}
+#clientdetails_form .right-align
+{
+ /*text-align: right;*/
+ width: 100%;
+}
\ No newline at end of file
diff --git a/airtime_mvc/public/index.php b/airtime_mvc/public/index.php
index 3d53b9e22..38f607f33 100644
--- a/airtime_mvc/public/index.php
+++ b/airtime_mvc/public/index.php
@@ -43,6 +43,10 @@ if (file_exists('/usr/share/php/libzend-framework-php')) {
set_include_path('/usr/share/php/libzend-framework-php' . PATH_SEPARATOR . get_include_path());
}
+//Upgrade directory
+set_include_path(APPLICATION_PATH . '/upgrade/' . PATH_SEPARATOR . get_include_path());
+
+
/** Zend_Application */
require_once 'Zend/Application.php';
$application = new Zend_Application(
diff --git a/airtime_mvc/public/js/airtime/schedule/full-calendar-functions.js b/airtime_mvc/public/js/airtime/schedule/full-calendar-functions.js
index a178159ca..01b1096d5 100644
--- a/airtime_mvc/public/js/airtime/schedule/full-calendar-functions.js
+++ b/airtime_mvc/public/js/airtime/schedule/full-calendar-functions.js
@@ -35,7 +35,7 @@ function makeTimeStamp(date){
function dayClick(date, allDay, jsEvent, view){
// The show from will be preloaded if the user is admin or program manager.
// Hence, if the user if DJ then it won't open anything.
- if(userType == "A" || userType == "P"){
+ if(userType == "S" || userType == "A" || userType == "P"){
var now, today, selected, chosenDate, chosenTime;
now = adjustDateToServerDate(new Date(), serverTimezoneOffset);
@@ -163,7 +163,7 @@ function viewDisplay( view ) {
if(($("#add-show-form").length == 1) && ($("#add-show-form").css('display')=='none') && ($('.fc-header-left > span').length == 5)) {
//userType is defined in bootstrap.php, and is derived from the currently logged in user.
- if(userType == "A" || userType == "P"){
+ if(userType == "S" || userType == "A" || userType == "P"){
makeAddShowButton();
}
}
diff --git a/airtime_mvc/public/js/airtime/user/user.js b/airtime_mvc/public/js/airtime/user/user.js
index 71f9eed6e..f3a414b66 100644
--- a/airtime_mvc/public/js/airtime/user/user.js
+++ b/airtime_mvc/public/js/airtime/user/user.js
@@ -4,6 +4,17 @@ function populateForm(entries){
$('.errors').remove();
$('.success').remove();
+ if (entries.type === 'S')
+ {
+ $("#user_details").hide();
+ $("#user_details_superadmin_message").show();
+ $('#type').attr('disabled', '1');
+ } else {
+ $("#user_details").show();
+ $("#user_details_superadmin_message").hide();
+ $('#type').removeAttr('disabled');
+ }
+
$('#user_id').val(entries.id);
$('#login').val(entries.login);
$('#first_name').val(entries.first_name);
@@ -57,6 +68,10 @@ function rowCallback( nRow, aData, iDisplayIndex ){
} else if ( aData['type'] == "P" )
{
$('td:eq(3)', nRow).html( $.i18n._('Program Manager') );
+ } else if ( aData['type'] == "S" )
+ {
+ $('td:eq(3)', nRow).html( $.i18n._('Super Admin') );
+ $('td:eq(4)', nRow).html(""); //Disable deleting the super admin
}
return nRow;
@@ -183,7 +198,7 @@ $(document).ready(function() {
var newUser = {login:"", first_name:"", last_name:"", type:"G", id:""};
- $('#add_user_button').live('click', function(){populateForm(newUser)});
+ $('#add_user_button').live('click', function(){populateForm(newUser);});
$('#save_user').live('click', function(){
var data = $('#user_form').serialize();