func adminSupportOpen(w http.ResponseWriter, r *http.Request, session *lobster.Session, frameParams lobster.FrameParams) {
userId, err := strconv.Atoi(mux.Vars(r)["id"])
if err != nil {
lobster.RedirectMessage(w, r, "/admin/support", L.FormattedError("invalid_user"))
return
}
user := lobster.UserDetails(userId)
if user == nil {
lobster.RedirectMessage(w, r, "/admin/support", L.FormattedError("user_not_found"))
return
}
if r.Method == "POST" {
form := new(AdminSupportOpenForm)
err := decoder.Decode(form, r.PostForm)
if err != nil {
http.Redirect(w, r, fmt.Sprintf("/admin/support/open/%d", userId), 303)
return
}
ticketId, err := ticketOpen(form.UserId, form.Name, form.Message, true)
if err != nil {
lobster.RedirectMessage(w, r, fmt.Sprintf("/admin/support/open/%d", userId), L.FormatError(err))
} else {
http.Redirect(w, r, fmt.Sprintf("/admin/support/%d", ticketId), 303)
}
return
}
params := new(AdminSupportOpenParams)
params.Frame = frameParams
params.User = user
params.Token = lobster.CSRFGenerate(session)
lobster.RenderTemplate(w, "admin", "support_open", params)
}
func (this *WHMCS) handleConnector(w http.ResponseWriter, r *http.Request) {
r.ParseForm()
if lobster.ExtractIP(r.RemoteAddr) != this.ip || r.PostForm.Get("secret") != this.secret {
w.WriteHeader(403)
return
}
switch r.PostForm.Get("action") {
case "register":
email := r.PostForm.Get("email")
userId, err := lobster.UserCreate(email, utils.Uid(16), email)
if err != nil {
log.Printf("Failed to register account via WHMCS: %s (email=%s)", err.Error(), email)
http.Error(w, err.Error(), 400)
} else {
log.Printf("Registered account via WHMCS (email=%s)", email)
w.Write([]byte(fmt.Sprintf("%d", userId)))
}
case "credit":
userId, err := strconv.Atoi(r.PostForm.Get("user_id"))
if err != nil {
http.Error(w, err.Error(), 400)
return
}
amount, err := strconv.ParseFloat(r.PostForm.Get("amount"), 64)
if err != nil {
http.Error(w, err.Error(), 400)
return
}
userDetails := lobster.UserDetails(int(userId))
if userDetails == nil {
http.Error(w, "no such user", 400)
return
}
lobster.UserApplyCredit(userId, int64(amount*lobster.BILLING_PRECISION), "Credit via WHMCS")
w.Write([]byte("ok"))
case "token":
userId, err := strconv.Atoi(r.PostForm.Get("user_id"))
if err != nil {
http.Error(w, err.Error(), 400)
return
}
token := utils.Uid(TOKEN_LENGTH)
db := lobster.GetDatabase()
db.Exec("DELETE FROM whmcs_tokens WHERE time < DATE_SUB(NOW(), INTERVAL 1 MINUTE)")
db.Exec("INSERT INTO whmcs_tokens (user_id, token) VALUES (?, ?)", userId, token)
w.Write([]byte(token))
default:
http.Error(w, "unknown action", 400)
}
}
func (sp *StripePayment) form(w http.ResponseWriter, r *http.Request, session *lobster.Session, frameParams lobster.FrameParams) {
cents, _ := strconv.ParseInt(r.URL.Query().Get("cents"), 10, 64)
user := lobster.UserDetails(session.UserId)
cfg := lobster.GetConfig()
params := &StripeTemplateParams{
Frame: frameParams,
Token: lobster.CSRFGenerate(session),
Key: sp.publishableKey,
Cents: cents,
Currency: cfg.Billing.Currency,
Amount: float64(cents) / 100,
Email: user.Email,
}
lobster.RenderTemplate(w, "panel", "stripe", params)
}
func ticketOpen(userId int, name string, message string, staff bool) (int, error) {
if name == "" || message == "" {
return 0, L.Error("subject_message_empty")
} else if len(message) > 16384 {
return 0, L.Errorf("message_too_long", "15,000")
}
user := lobster.UserDetails(userId)
if !staff && (user == nil || user.Status == "new") {
return 0, L.Errorf("ticket_for_support", cfg.Default.AdminEmail)
}
result := db.Exec("INSERT INTO tickets (user_id, name, status, modify_time) VALUES (?, ?, 'open', NOW())", userId, name)
ticketId := result.LastInsertId()
db.Exec("INSERT INTO ticket_messages (ticket_id, staff, message) VALUES (?, ?, ?)", ticketId, staff, message)
if staff {
lobster.MailWrap(userId, "ticketOpen", TicketUpdateEmail{Id: ticketId, Subject: name, Message: message}, false)
} else {
lobster.MailWrap(-1, "ticketOpen", TicketUpdateEmail{Id: ticketId, Subject: name, Message: message}, false)
}
log.Printf("Ticket opened for user %d: %s", userId, name)
return ticketId, nil
}