restrictaddfunds.php
<?php
if (!defined("WHMCS"))
die("This file cannot be accessed directly");
use WHMCS\Database\Capsule;
use WHMCS\View\Menu\Item as MenuItem;
function restrict_access_to_add_funds($vars) {
if (filter_var($_GET['action'], FILTER_SANITIZE_STRING) == 'addfunds') {
// Get PDO for the database queries
$pdo = Capsule::connection()->getPdo();
if ($vars['clientsdetails']['customfields']) {
$customfields = $vars['clientsdetails']['customfields'];
foreach ($customfields as $key => $customfield) {
##### Start Database Query #####
try {
$customfieldsquery = $pdo->query("SELECT fieldname FROM tblcustomfields WHERE id = " . $pdo->quote($customfield['id']));
while($row = $customfieldsquery->fetch(PDO::FETCH_ASSOC)) {
if ($row['fieldname'] == 'Enable Add Funds') {
$addfunds = $customfield['value'];
}
}
} catch(PDOException $e) {
echo 'ERROR: ' . $e->getMessage();
}
}
if ($addfunds !== 'on') {
header("Location: clientarea.php");
exit();
}
}
}
}
function restrict_add_funds_link(MenuItem $primaryNavbar) {
$client = Menu::context('client');
// Get PDO for the database queries
$pdo = Capsule::connection()->getPdo();
try {
$clientquery = $pdo->query("SELECT tblcustomfields.fieldname AS customfieldname, tblcustomfieldsvalues.value AS customfieldvalue FROM tblcustomfields INNER JOIN tblcustomfieldsvalues ON tblcustomfields.id = tblcustomfieldsvalues.fieldid WHERE tblcustomfieldsvalues.relid = " . $pdo->quote($client->id));
while($row = $clientquery->fetch(PDO::FETCH_ASSOC)) {
if (trim($row['customfieldname']) == "Enable Add Funds") {
$addfunds = $row['customfieldvalue'];
}
}
} catch(PDOException $e) {
echo 'ERROR: ' . $e->getMessage();
}
if ($addfunds !== 'on') {
if (!is_null($primaryNavbar->getChild('Billing'))) {
$primaryNavbar->getChild('Billing')->removeChild('Add Funds');
}
}
}
function add_funds_sidebar(MenuItem $primarySidebar) {
$filename = APP::getCurrentFileName();
$client = Menu::context("client");
$clientid = intval( $client->id );
$action = $_GET['action'];
$allowed = array('invoices', 'quotes', 'masspay', 'addfunds');
/* prevents balance display to unauth'd users */
if ($filename!=='clientarea' || $clientid===0 || strpos($_SERVER['REQUEST_URI'], 'verificationId') !== false || is_null($client)) {
return;
}
// Get PDO for the database queries
$pdo = Capsule::connection()->getPdo();
try {
$clientquery = $pdo->query("SELECT tblcustomfields.fieldname AS customfieldname, tblcustomfieldsvalues.value AS customfieldvalue FROM tblcustomfields INNER JOIN tblcustomfieldsvalues ON tblcustomfields.id = tblcustomfieldsvalues.fieldid WHERE tblcustomfieldsvalues.relid = " . $pdo->quote($client->id));
while($row = $clientquery->fetch(PDO::FETCH_ASSOC)) {
if (trim($row['customfieldname']) == "Enable Add Funds") {
$addfunds = $row['customfieldvalue'];
}
}
} catch(PDOException $e) {
echo 'ERROR: ' . $e->getMessage();
}
/* uncomment this to hide the sidebar if the client has no balance */
if ($client->credit <= 0.00 && $addfunds !== 'on' && filter_var($_GET['action'], FILTER_SANITIZE_STRING) !== 'addfunds') { return; }
$primarySidebar->addChild('Client-Balance', array(
'label' => Lang::trans('availcreditbal'),
'uri' => '#',
'order' => '1',
'icon' => 'fa fa-credit-card'
));
# Get Currency
$getCurrency = getCurrency($clientid);
$balanceDisplay = formatCurrency($client->credit, $getCurrency);
# Retrieve the panel we just created.
$balancePanel = $primarySidebar->getChild('Client-Balance');
// Move the panel to the end of the sorting order so it's always displayed
// as the last panel in the sidebar.
$balancePanel->moveToBack();
$balancePanel->setOrder(0);
# Add Balance.
if ($addfunds == 'on' && filter_var($_GET['action'], FILTER_SANITIZE_STRING) !== 'addfunds') {
$balancePanel->addChild('balance-amount', array(
'uri' => 'clientarea.php?action=addfunds',
'label' => '<h4 style="text-align:center;">'.$balanceDisplay.'</h4>',
'order' => 1
));
$balancePanel->setFooterHtml(
'<a href="clientarea.php?action=addfunds" class="btn btn-success btn-sm btn-block">
<i class="fa fa-plus"></i> Add Funds </a>'
);
}else{
$balancePanel->addChild('balance-amount', array(
'label' => '<h4 style="text-align:center;">'.$balanceDisplay.'</h4>',
'order' => 1
));
}
}
add_hook("ClientAreaPageAddFunds", 0, "restrict_access_to_add_funds");
add_hook("ClientAreaPrimaryNavbar", 0, "restrict_add_funds_link");
add_hook("ClientAreaSecondarySidebar", 0, "add_funds_sidebar");
?>
if (!defined("WHMCS"))
die("This file cannot be accessed directly");
use WHMCS\Database\Capsule;
use WHMCS\View\Menu\Item as MenuItem;
function restrict_access_to_add_funds($vars) {
if (filter_var($_GET['action'], FILTER_SANITIZE_STRING) == 'addfunds') {
// Get PDO for the database queries
$pdo = Capsule::connection()->getPdo();
if ($vars['clientsdetails']['customfields']) {
$customfields = $vars['clientsdetails']['customfields'];
foreach ($customfields as $key => $customfield) {
##### Start Database Query #####
try {
$customfieldsquery = $pdo->query("SELECT fieldname FROM tblcustomfields WHERE id = " . $pdo->quote($customfield['id']));
while($row = $customfieldsquery->fetch(PDO::FETCH_ASSOC)) {
if ($row['fieldname'] == 'Enable Add Funds') {
$addfunds = $customfield['value'];
}
}
} catch(PDOException $e) {
echo 'ERROR: ' . $e->getMessage();
}
}
if ($addfunds !== 'on') {
header("Location: clientarea.php");
exit();
}
}
}
}
function restrict_add_funds_link(MenuItem $primaryNavbar) {
$client = Menu::context('client');
// Get PDO for the database queries
$pdo = Capsule::connection()->getPdo();
try {
$clientquery = $pdo->query("SELECT tblcustomfields.fieldname AS customfieldname, tblcustomfieldsvalues.value AS customfieldvalue FROM tblcustomfields INNER JOIN tblcustomfieldsvalues ON tblcustomfields.id = tblcustomfieldsvalues.fieldid WHERE tblcustomfieldsvalues.relid = " . $pdo->quote($client->id));
while($row = $clientquery->fetch(PDO::FETCH_ASSOC)) {
if (trim($row['customfieldname']) == "Enable Add Funds") {
$addfunds = $row['customfieldvalue'];
}
}
} catch(PDOException $e) {
echo 'ERROR: ' . $e->getMessage();
}
if ($addfunds !== 'on') {
if (!is_null($primaryNavbar->getChild('Billing'))) {
$primaryNavbar->getChild('Billing')->removeChild('Add Funds');
}
}
}
function add_funds_sidebar(MenuItem $primarySidebar) {
$filename = APP::getCurrentFileName();
$client = Menu::context("client");
$clientid = intval( $client->id );
$action = $_GET['action'];
$allowed = array('invoices', 'quotes', 'masspay', 'addfunds');
/* prevents balance display to unauth'd users */
if ($filename!=='clientarea' || $clientid===0 || strpos($_SERVER['REQUEST_URI'], 'verificationId') !== false || is_null($client)) {
return;
}
// Get PDO for the database queries
$pdo = Capsule::connection()->getPdo();
try {
$clientquery = $pdo->query("SELECT tblcustomfields.fieldname AS customfieldname, tblcustomfieldsvalues.value AS customfieldvalue FROM tblcustomfields INNER JOIN tblcustomfieldsvalues ON tblcustomfields.id = tblcustomfieldsvalues.fieldid WHERE tblcustomfieldsvalues.relid = " . $pdo->quote($client->id));
while($row = $clientquery->fetch(PDO::FETCH_ASSOC)) {
if (trim($row['customfieldname']) == "Enable Add Funds") {
$addfunds = $row['customfieldvalue'];
}
}
} catch(PDOException $e) {
echo 'ERROR: ' . $e->getMessage();
}
/* uncomment this to hide the sidebar if the client has no balance */
if ($client->credit <= 0.00 && $addfunds !== 'on' && filter_var($_GET['action'], FILTER_SANITIZE_STRING) !== 'addfunds') { return; }
$primarySidebar->addChild('Client-Balance', array(
'label' => Lang::trans('availcreditbal'),
'uri' => '#',
'order' => '1',
'icon' => 'fa fa-credit-card'
));
# Get Currency
$getCurrency = getCurrency($clientid);
$balanceDisplay = formatCurrency($client->credit, $getCurrency);
# Retrieve the panel we just created.
$balancePanel = $primarySidebar->getChild('Client-Balance');
// Move the panel to the end of the sorting order so it's always displayed
// as the last panel in the sidebar.
$balancePanel->moveToBack();
$balancePanel->setOrder(0);
# Add Balance.
if ($addfunds == 'on' && filter_var($_GET['action'], FILTER_SANITIZE_STRING) !== 'addfunds') {
$balancePanel->addChild('balance-amount', array(
'uri' => 'clientarea.php?action=addfunds',
'label' => '<h4 style="text-align:center;">'.$balanceDisplay.'</h4>',
'order' => 1
));
$balancePanel->setFooterHtml(
'<a href="clientarea.php?action=addfunds" class="btn btn-success btn-sm btn-block">
<i class="fa fa-plus"></i> Add Funds </a>'
);
}else{
$balancePanel->addChild('balance-amount', array(
'label' => '<h4 style="text-align:center;">'.$balanceDisplay.'</h4>',
'order' => 1
));
}
}
add_hook("ClientAreaPageAddFunds", 0, "restrict_access_to_add_funds");
add_hook("ClientAreaPrimaryNavbar", 0, "restrict_add_funds_link");
add_hook("ClientAreaSecondarySidebar", 0, "add_funds_sidebar");
?>