add ClientArea module

README.md

@@ -13,7 +13,7 @@ A simple Content Management System for Reseller of MyOwnFreeHost
 - [x] Change language
 
 
-### member module
+### ClientArea module
 
 - [x] Account registration
 - [x] Account verification

assets/css/clientarea.css

@@ -0,0 +1,13 @@
+.mx-auto {
+    margin-left: auto !important;
+    margin-right: auto !important;
+    float: none;
+}
+
+#imageUpload {
+    display: none;
+}
+
+.img-avatar {
+    max-height: 200px;
+}

assets/js/clientarea.js

@@ -0,0 +1,5 @@
+$("#uploadNewImage").click(function () {
+    $("#imageBox").hide();
+    $("#imageUpload").show();
+
+});

clientarea.php

@@ -0,0 +1,30 @@
+<?php
+
+session_start();
+define('IN_SYS', true);
+
+$ROOT = __DIR__;
+
+// include_once "{$ROOT}/lib/language.php";
+include_once "{$ROOT}/clientarea/data/config.php";
+include_once "{$ROOT}/clientarea/library/email.class.php";
+include_once "{$ROOT}/clientarea/library/functions.php";
+
+$section = empty($_GET["s"]) ? "main" : $_GET["s"];
+$section_page = "{$ROOT}/clientarea/views/{$section}.php";
+if (!is_file($section_page)) {
+    exit('Page Not Found!');
+}
+
+$objDB = objDB();
+$user = get_userinfo();
+
+$controller = "{$ROOT}/clientarea/controllers/{$section}.php";
+if (is_file($controller)) {
+    include_once $controller;
+}
+
+require_once "clientarea/views/header.php";
+require_once "clientarea/views/navbar.php";
+require_once $section_page;
+require_once "clientarea/views/footer.php";

clientarea/controllers/account_deactivation.php

@@ -0,0 +1,25 @@
+<?php
+
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+if (isset($_POST["deactivate"])) {
+    $deactivate = filter_input(INPUT_POST, "deactivate", FILTER_SANITIZE_STRING);
+    if ($deactivate == "Yes") {
+        $user = $_SESSION["user"];
+        $stmt = $objDB->prepare(
+            "UPDATE users SET is_active = 0 WHERE id = ?"
+        );
+        $stmt->bind_param("i", $user->id);
+        if ($stmt->execute()) {
+            setMsg("msg_notify", "Your account has been deactivated successfully. Request support to activate your account.");
+            unset($_SESSION["user"]);
+            redirect("clientarea", "login");
+        }
+    }
+} else {
+    redirect("clientarea", "details");
+}

clientarea/controllers/account_verify.php

@@ -0,0 +1,22 @@
+<?php
+
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+if (isset($_GET["code"])) {
+    $code = filter_input(INPUT_GET, "code", FILTER_SANITIZE_STRING);
+    if (checkUserByCode($code)) {
+        verifyUserAccount($code);
+        setMsg("msg_notify", "Your account has been activated, you can login your account.");
+        redirect("clientarea", "login");
+        exit();
+    } else {
+        setMsg("msg_notify", "Invalid activation code", "warning");
+    }
+} else {
+    setMsg("msg_notify", "Activation code not exists", "warning");
+}
+redirect("clientarea", "register");

clientarea/controllers/change_password.php

@@ -0,0 +1,57 @@
+<?php
+
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+if (!isUserLoggedIn()) {
+    setMsg("msg_notify", "You need to login before accessing the Change Password page.", "warning");
+    redirect("clientarea", "login");
+}
+
+$err = getMsg("errors");
+$data = getMsg("form_data");
+
+if (isset($_POST["change_password"])) {
+    $errors = array();
+    $old_password = filter_input(INPUT_POST, "old_password", FILTER_SANITIZE_STRING);
+    $password = filter_input(INPUT_POST, "password", FILTER_SANITIZE_STRING);
+    $confirm_password = filter_input(INPUT_POST, "confirm_password", FILTER_SANITIZE_STRING);
+    $user = $_SESSION["user"];
+
+    if (strlen($old_password) > 20 || strlen($old_password) < 5) {
+        $errors["old_password_err"] = "Old Password min limit is 5 & max is 20 characters";
+    } elseif (!password_verify($old_password, $user->password)) {
+        $errors["old_password_err"] = "Old password incorrect please enter valid password";
+    }
+
+    if (strlen($password) > 20 || strlen($password) < 5) {
+        $errors["password_err"] = "Password min limit is 5 & max is 20 characters";
+    }
+
+    if ($password != $confirm_password || empty($confirm_password)) {
+        $errors["confirm_password_err"] = "Password does not match or empty";
+    }
+
+    if (!count($errors)) {
+        $stmt = $objDB->prepare("UPDATE users SET password = ? WHERE id = ?");
+        $stmt->bind_param("si", password_hash($password, PASSWORD_DEFAULT), $user->id);
+
+        if ($stmt->execute()) {
+            setMsg("msg_notify", "Your account password has been updated successfully.");
+            unset($_SESSION["user"]);
+            redirect("clientarea", "login");
+            exit();
+        }
+    } else {
+        $data = [
+            "old_password" => $old_password,
+            "password" => $password,
+            "confirm_password" => $confirm_password,
+        ];
+        setMsg("form_data", $data);
+        setMsg("errors", $errors);
+    }
+}

clientarea/controllers/details.php

@@ -0,0 +1,18 @@
+<?php
+
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+if (!isUserLoggedIn()) {
+    setMsg("msg_notify", "You need to login before accessing the Account Details page.", "warning");
+    redirect("clientarea", "login");
+}
+
+$err = getMsg("errors");
+$data = getMsg("form_data");
+
+$userAvatar = (!empty($user->image)) ? '/clientarea/images/' . $user->image : "http://via.placeholder.com/150x150";
+$userRegDate = cTime($user->created_at);

clientarea/controllers/edit_details.php

@@ -0,0 +1,82 @@
+<?php
+
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+if (!isUserLoggedIn()) {
+    setMsg("msg_notify", "You need to login before accessing the Edit Account Details page.", "warning");
+    redirect("clientarea", "login");
+}
+
+$err = getMsg("errors");
+$data = getMsg("form_data");
+$userAvatar = (!empty($user->image)) ? '/clientarea/images/' . $user->image : "http://via.placeholder.com/150x150";
+
+if (isset($_POST["edit"])) {
+
+    $errors = array();
+
+    $name = filter_input(INPUT_POST, "name", FILTER_SANITIZE_STRING);
+    $username = filter_input(INPUT_POST, "username", FILTER_SANITIZE_STRING);
+    $email = filter_input(INPUT_POST, "email", FILTER_SANITIZE_EMAIL);
+    $website = filter_input(INPUT_POST, "website", FILTER_SANITIZE_URL);
+    $image = isset($_FILES["image"]) ? $_FILES["image"] : "";
+
+    $user = $_SESSION["user"];
+
+    if (strlen($name) > 50 || strlen($name) < 6) {
+        $errors["name_err"] = "Name min limit is 6 & max is 50 characters";
+    }
+
+    if (strlen($username) > 15 || strlen($username) < 5) {
+        $errors["username_err"] = "Username min limit is 5 & max is 15 characters";
+    }
+
+    if (!isemail($email)) {
+        $errors["email_err"] = "The email address is invalid.";
+    }
+
+    if (empty($website)) {
+        $errors["website_err"] = "Invalid entry";
+    }
+
+    if ($image["error"] != 4) {
+        if (!is_dir(APPROOT . "/images")) {
+            mkdir(APPROOT . "/images");
+        }
+
+        if ($image["error"] == 4) {
+            $errors["image_err"] = "Please, upload file";
+        } elseif ($image["type"] != "image/png" && $image["type"] != "image/jpeg") {
+            $errors["image_err"] = "Only, png/jpeg image is allowed";
+        }
+
+        $image_info = pathinfo($image["name"]);
+        extract($image_info);
+        $image_convention = $filename . time() . ".$extension";
+
+        move_uploaded_file($image["tmp_name"], APPROOT . "/images/" . $image_convention);
+    } else {
+        $image_convention = $user->image;
+    }
+
+    if (!count($errors)) {
+        $stmt = $objDB->prepare(
+            "UPDATE users SET name = ?, email = ?, username=?, website=?, image=? WHERE id=?"
+        );
+        $stmt->bind_param("sssssi", $name, $email, $username, $website, $image_convention, $user->id);
+
+        if ($stmt->execute()) {
+            setMsg("msg_notify", "Your account has been updated successfully.");
+        }
+
+        $_SESSION["user"] = getUserById($user->id);
+        redirect("clientarea", "details");
+    } else {
+        setMsg("errors", $errors);
+        redirect("clientarea", "edit_details");
+    }
+}

clientarea/controllers/emails.php

@@ -0,0 +1,33 @@
+<?php
+
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+$err = getMsg("errors");
+$data = getMsg("form_data");
+
+$emails = [
+    "total" => 12,
+    "pages" => 4,
+    "page" => 1,
+    "list" => [
+        [
+            "id" => "3453822",
+            "date" => "Saturday, August 11th, 2018 (04:50)",
+            "subject" => "Invoice Payment Confirmation"
+        ],
+        [
+            "id" => "3453821",
+            "date" => "Friday, August 10th, 2018 (12:00)",
+            "subject" => "Customer Invoice"
+        ],
+        [
+            "id" => "3453820",
+            "date" => "Tuesday, April 3rd, 2018 (00:51)",
+            "subject" => "Your password has been reset"
+        ]
+    ]
+];

clientarea/controllers/forget_password.php

@@ -0,0 +1,53 @@
+<?php
+
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+if (isUserLoggedIn()) {
+    setMsg("msg_notify", "You can change your password on the Change Password page.", "warning");
+    redirect("clientarea", "change_password");
+}
+
+$err = getMsg("errors");
+$data = getMsg("form_data");
+
+if (isset($_POST["reset_request"])) {
+    $errors = array();
+    $email = filter_input(INPUT_POST, "email", FILTER_SANITIZE_EMAIL);
+    if (empty($email)) {
+        $errors["email_err"] = "The email address is empty.";
+    } elseif (!isemail($email)) {
+        $errors["email_err"] = "The email address is invalid.";
+    } elseif (!checkUserByEmail($email)) {
+        $errors["email_err"] = "The email address not found in system.";
+    }
+    if (count($errors)) {
+        $data = [
+            "email" => $email,
+        ];
+        setMsg("form_data", $data);
+        setMsg("errors", $errors);
+        redirect("clientarea", "forget_password");
+    } else {
+        $code = md5(crypt(rand(), "aa"));
+        $stmt = $objDB->prepare(
+            "UPDATE users SET is_active = 0, reset_code=? WHERE email=?"
+        );
+        $stmt->bind_param("ss", $code, $email);
+        if ($stmt->execute()) {
+            setMsg("msg_notify", "You made a password request, please check email to reset your password.", "success");
+            $message = "Hi! You requested password reset, . You need to click here to <a href='" . setURL('clientarea', 'reset_password') . "&reset_code=$code'>reset your password.</a>";
+            echo $message;
+            send_mail([
+                "to" => $email,
+                "message" => $message,
+                "subject" => "Reset Password Requested"
+            ]);
+        } else {
+            setMsg("msg_notify", "reset password request, Please try again later.", "warning");
+        }
+    }
+}

clientarea/controllers/index.php

@@ -0,0 +1,2 @@
+<?php
+header("Location: ../../clientarea.php");

clientarea/controllers/login.php

@@ -0,0 +1,60 @@
+<?php
+
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+if (isUserLoggedIn()) {
+    setMsg("msg_notify", "You have already logged in.", "warning");
+    redirect("clientarea", "details");
+}
+
+$err = getMsg("errors");
+$data = getMsg("form_data");
+
+if (isset($_POST["login"])) {
+    $errors = array();
+    $username = trim(filter_input(INPUT_POST, "username", FILTER_SANITIZE_STRING));
+    $password = trim(filter_input(INPUT_POST, "password", FILTER_SANITIZE_STRING));
+    $remember = isset($_POST["remember-me"]) ? "Yes" : "";
+    if (strlen($username) > 15 || strlen($username) < 5) {
+        $errors["username_err"] = "Username min limit is 5 & max is 15 characters";
+    } elseif (!checkUserByUsername($username)) {
+        $errors["username_err"] = "Username not exists";
+    } elseif (!checkUserActivation($username)) {
+        $errors["username_err"] = 'Your account is not verified, click <a href="' . SetRouter('clientarea', 'request-account-activate') . '">here</a> to verify.';
+    }
+
+    if (strlen($password) > 20 || strlen($password) < 5) {
+        $errors["password_err"] = "Password min limit is 5 & max is 20 characters";
+    }
+    if (!count($errors)) {
+        $stmt = $objDB->prepare("SELECT * FROM users WHERE username=?");
+        $stmt->bind_param("s", $username);
+        $stmt->execute();
+        $result = $stmt->get_result();
+        $user = $result->fetch_object();
+        if ($result->num_rows == 1) {
+            if (password_verify($password, $user->password)) {
+                if ($remember == "Yes") {
+                    setcookie("user", serialize($user), time() + (86400 * 30), "/");
+                } else {
+                    $_SESSION["user"] = $user;
+                }
+                redirect("clientarea", "details");
+            } else {
+                setMsg("msg_notify", "Account not found, please enter correct credentials", "warning");
+            }
+        }
+    } else {
+        $data = [
+            "username" => $username,
+            "password" => $password,
+        ];
+        setMsg("form_data", $data);
+        setMsg("errors", $errors);
+        redirect("clientarea", "login");
+    }
+}

clientarea/controllers/logout.php

@@ -0,0 +1,23 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+if (isUserLoggedIn()) {
+
+    if (isset($_COOKIE["user"])) {
+        setcookie("user", "", time() - (86400 * 30), "/");
+    }
+
+    if (isset($_SESSION["user"])) {
+        unset($_SESSION["user"]);
+    }
+
+    setMsg("msg_notify", "Your account has been successfully logged out.", "success");
+    redirect("clientarea", "login");
+} else {
+    setMsg("msg_notify", "You have not logged in yet.", "warning");
+    redirect("clientarea", "login");
+}

clientarea/controllers/register.php

@@ -0,0 +1,84 @@
+<?php
+
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+if (isUserLoggedIn()) {
+    setMsg("msg_notify", "You need to logout before register for a new account.", "warning");
+    redirect("clientarea", "details");
+}
+
+$err = getMsg("errors");
+$data = getMsg("form_data");
+
+if (isset($_POST["register"])) {
+    $errors = array();
+    $name = filter_input(INPUT_POST, "name", FILTER_SANITIZE_STRING);
+    $username = filter_input(INPUT_POST, "username", FILTER_SANITIZE_STRING);
+    $email = filter_input(INPUT_POST, "email", FILTER_SANITIZE_EMAIL);
+    $website = filter_input(INPUT_POST, "website", FILTER_SANITIZE_URL);
+    $password = filter_input(INPUT_POST, "password", FILTER_SANITIZE_STRING);
+    $confirm_password = filter_input(INPUT_POST, "confirm_password", FILTER_SANITIZE_STRING);
+
+    if (strlen($name) > 50 || strlen($name) < 6) {
+        $errors["name_err"] = "Name min limit is 6 & max is 50 characters";
+    }
+
+    if (strlen($username) > 15 || strlen($username) < 5) {
+        $errors["username_err"] = "Username min limit is 5 & max is 15 characters";
+    } elseif (checkUserByUsername($username)) {
+        $errors["username_err"] = "Username already exists";
+    }
+
+    if (!isemail($email)) {
+        $errors["email_err"] = "The email address is invalid.";
+    } elseif (checkUserByEmail($email)) {
+        $errors["email_err"] = "The email address already exists in system.";
+    }
+
+    if (empty($website)) {
+        $errors["website_err"] = "Invalid entry";
+    }
+
+    if (strlen($password) > 20 || strlen($password) < 5) {
+        $errors["password_err"] = "Password min limit is 5 & max is 20 characters";
+    }
+
+    if ($password != $confirm_password || empty($confirm_password)) {
+        $errors["confirm_password_err"] = "Password does not match or empty";
+    }
+
+    if (!count($errors)) {
+        $password = password_hash($password, PASSWORD_DEFAULT);
+        $code = md5(crypt(rand(), "aa"));
+        $stmt = $objDB->prepare(
+            "INSERT INTO users(name, email, username, password, website, created_at, reset_code)
+            VALUES(?, ?, ?, ?, ?, ?, ?)"
+        );
+        $stmt->bind_param("sssssis", $name, $email, $username, $password, $website, time(), $code);
+        if ($stmt->execute()) {
+            setMsg("msg_notify", "Your account has been created successfully.Please, check your email to verify.", "warning");
+            $message = "Hi! You requested an account on our website, in order to use this account. You need to click here to <a href='" . setURL('clientarea', 'account_verify') . "&code=$code'>Verify</a> it.";
+            send_mail([
+                "to" => $email,
+                "message" => $message,
+                "subject" => "Account Verficiation"
+            ]);
+            redirect("clientarea", "login");
+        }
+    } else {
+        $data = [
+            "name" => $name,
+            "username" => $username,
+            "email" => $email,
+            "website" => $website,
+            "password" => $password,
+            "confirm_password" => $confirm_password,
+        ];
+        setMsg("form_data", $data);
+        setMsg("errors", $errors);
+        redirect("clientarea", "register");
+    }
+}

clientarea/controllers/request-account-activate.php

@@ -0,0 +1,43 @@
+<?php
+
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+$err = getMsg("errors");
+$data = getMsg("form_data");
+
+if (isset($_POST["request-activate-account"])) {
+    $errors = array();
+    $email = filter_input(INPUT_POST, "email", FILTER_SANITIZE_EMAIL);
+    if (!isemail($email)) {
+        $errors["email_err"] = "The email address is invalid.";
+    } elseif (!checkUserByEmail($email)) {
+        $errors["email_err"] = "The email address not found in system.";
+    }
+
+    if (!count($errors)) {
+        $code = md5(crypt(rand(), "aa"));
+        $stmt = $objDB->prepare(
+            "UPDATE users SET reset_code=? WHERE email=?"
+        );
+        $stmt->bind_param("ss", $code, $email);
+        if ($stmt->execute()) {
+            setMsg("msg_notify", "Please check your email to verify your account", "warning");
+            $message = "Hi! You requested account verification. You need to click here to <a href='" . setURL('clientarea', 'account_verify') . "&code=$code'>activate your account.</a>";
+            send_mail([
+                "to" => $email,
+                "message" => $message,
+                "subject" => "Account Verification Request",
+            ]);
+        }
+    } else {
+        $data = [
+            "email" => $email,
+        ];
+        setMsg("form_data", $data);
+        setMsg("errors", $errors);
+    }
+}

clientarea/controllers/reset_password.php

@@ -0,0 +1,63 @@
+<?php
+
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+$err = getMsg("errors");
+$data = getMsg("form_data");
+$reset_code = "";
+
+if (isset($_GET["reset_code"]) && !empty($_GET["reset_code"])) {
+    $code = filter_input(INPUT_GET, "reset_code", FILTER_SANITIZE_STRING);
+    if (checkUserByCode($code)) {
+        $reset_code = $code;
+    } else {
+        setMsg("msg_notify", "The reset code is invalid.", "warning");
+        redirect("clientarea", "login");
+    }
+} else {
+    setMsg("msg_notify", "The reset code is empty.", "warning");
+    redirect("clientarea", "login");
+}
+
+if (isset($_POST["reset_password"])) {
+    $errors = array();
+    $reset_code = filter_input(INPUT_POST, "reset_code", FILTER_SANITIZE_STRING);
+    $password = filter_input(INPUT_POST, "new-password", FILTER_SANITIZE_STRING);
+    $confirm_password = filter_input(INPUT_POST, "confirm-password", FILTER_SANITIZE_STRING);
+    if (strlen($reset_code) != 32) {
+        $errors["code_err"] = "The reset code is invalid.";
+    }
+    if (empty($password)) {
+        $errors["password_err"] = "The password is empty.";
+    } elseif (strlen($password) > 20 || strlen($password) < 5) {
+        $errors["password_err"] = "Password min limit is 5 & max is 20 characters";
+    }
+    if (empty($confirm_password)) {
+        $errors["confirm_password_err"] = "The password is empty.";
+    } elseif ($password != $confirm_password) {
+        $errors["confirm_password_err"] = "The password does not match.";
+    }
+    if (!count($errors)) {
+        $password = password_hash($password, PASSWORD_DEFAULT);
+        $stmt = $objDB->prepare(
+            "UPDATE users SET reset_code= '', is_active=1, password=? WHERE reset_code=?"
+        );
+        $stmt->bind_param("ss", $password, $reset_code);
+        if ($stmt->execute()) {
+            setMsg("msg_notify", "Your account password has been reset, you can login now.");
+            redirect("clientarea", "login");
+        }
+    } else {
+        $data = [
+            "password" => $password,
+            "confirm_password" => $confirm_password,
+        ];
+        setMsg("form_data", $data);
+        setMsg("errors", $errors);
+        redirect("clientarea", "reset_password", ["reset_code" => $reset_code]);
+    }
+}

clientarea/controllers/tickets.php

@@ -0,0 +1,39 @@
+<?php
+
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+$err = getMsg("errors");
+$data = getMsg("form_data");
+
+$tickets = [
+    "total" => 10,
+    "pages" => 4,
+    "page" => 1,
+    "list" => [
+        [
+            "date" => "Saturday, August 11th, 2018 (04:50)",
+            "department" => "Saturday, August 11th, 2018 (04:50)",
+            "subject" => "Invoice Payment Confirmation",
+            "status" => "",
+            "lastupdated" => ""
+        ],
+        [
+            "date" => "Friday, August 10th, 2018 (12:00)",
+            "department" => "Friday, August 10th, 2018 (12:00)",
+            "subject" => "Customer Invoice",
+            "status" => "",
+            "lastupdated" => ""
+        ],
+        [
+            "date" => "Tuesday, April 3rd, 2018 (00:51)",
+            "department" => "Tuesday, April 3rd, 2018 (00:51)",
+            "subject" => "Your password has been reset",
+            "status" => "",
+            "lastupdated" => ""
+        ]
+    ]
+];

clientarea/data/config.php

@@ -0,0 +1,26 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+
+define("URLROOT", "http://crogroup.cn");
+define("APPROOT", dirname(__FILE__));
+define("DB_HOST", "bv2g0ksp.hk1027lan.dnstoo.com:3306");
+define("DB_USER", "gcop2h_f");
+define("DB_PASSWORD", "gdwst6ob");
+define("DB_NAME", "gcop2h");
+define("SMTP_SERVER", "smtp.u-id.cn");
+define("SMTP_PORT", 25);
+define("SMTP_MAILADDR", "croidc@u-id.cn");
+define("SMTP_USERNAME", "croidc@u-id.cn");
+define("SMTP_PASSWORD", "cro@IDC521");
+
+$static_release = '1559728996134';
+$brandName = "UIISC";
+$siteURL = "http://crogroup.cn";
+$iFastNetAff = 19474;
+$CopyRightYear = "2013 - " . date("Y");
+$author = 'Crogram Inc.';
+$description = "uiisc, freewebhost, webhost, Crogram, iFastNet";

clientarea/data/demo.sql

@@ -0,0 +1,60 @@
+
+SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
+SET AUTOCOMMIT = 0;
+START TRANSACTION;
+SET time_zone = "+00:00";
+
+
+CREATE TABLE IF NOT EXISTS `users` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `name` varchar(255) NOT NULL,
+  `email` varchar(255) NOT NULL,
+  `username` varchar(255) NOT NULL,
+  `password` varchar(255) NOT NULL,
+  `website` varchar(255) NOT NULL,
+  `image` varchar(255) NOT NULL,
+  `created_at` int(11) NOT NULL,
+  `reset_code` char(32) NOT NULL,
+  `is_active` tinyint(4) NOT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=100;
+
+
+INSERT INTO `users` (`id`, `name`, `email`, `username`, `password`, `website`, `image`, `created_at`, `reset_code`, `is_active`) VALUES
+(1, 'Administrator', 'support@uiisc.com', 'admin', '$2y$10$g6SsReRUJDV0IANO7ZBamOGNQ7sE7zayFiXOC6sgU0lPjxq1b4yuu', 'http://uiisc.com', '5de69dbb55cc3623871b98adc74628081558340869.png', 1550143252, '', 1)
+
+
+CREATE TABLE IF NOT EXISTS `emails` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `date` varchar(255) NOT NULL,
+  `subject` varchar(255) NOT NULL,
+  `body` varchar(255) NOT NULL,
+  `user_id` int(11) NOT NULL,
+  `is_active` tinyint(4) NOT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=100;
+
+
+CREATE TABLE IF NOT EXISTS `tickets` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `date` varchar(255) NOT NULL,
+  `department` varchar(255) NOT NULL,
+  `subject` varchar(255) NOT NULL,
+  `status` tinyint(4) NOT NULL,
+  `lastupdated` varchar(255) NOT NULL,
+  `user_id` int(11) NOT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=100;
+
+
+CREATE TABLE IF NOT EXISTS `products` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `date` varchar(255) NOT NULL,
+  `department` varchar(255) NOT NULL,
+  `subject` varchar(255) NOT NULL,
+  `status` tinyint(4) NOT NULL,
+  `lastupdated` varchar(255) NOT NULL,
+  `user_id` int(11) NOT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=MyISAM DEFAULT CHARSET=utf8;
+

clientarea/index.php

@@ -0,0 +1,2 @@
+<?php
+header("Location: ../clientarea.php");

clientarea/library/email.class.php

@@ -0,0 +1,251 @@
+<?php
+
+// http://www.daixiaorui.com/read/16.html
+
+class MailSMTP
+{
+    public $smtp_port;
+    public $time_out;
+    public $host_name;
+    public $log_file;
+    public $relay_host;
+    public $debug;
+    public $auth;
+    public $user;
+    public $pass;
+    public $sock;
+
+    public function __construct($relay_host = "", $smtp_port = 25, $auth = false, $user, $pass)
+    {
+        $this->debug = false;
+        $this->smtp_port = $smtp_port;
+        $this->relay_host = $relay_host;
+        $this->time_out = 30; // is used in fsockopen()
+        $this->auth = $auth; // auth
+        $this->user = $user;
+        $this->pass = $pass;
+        $this->host_name = "localhost"; //is used in HELO command
+        $this->log_file = "";
+        $this->sock = false;
+    }
+
+    public function sendmail($to, $totitle = "", $from, $fromtitle = "", $subject = "", $body = "", $mailtype, $cc = "", $bcc = "", $additional_headers = "")
+    {
+        $mail_from = $this->get_address($this->strip_comment($from));
+        $body = preg_replace("/(^|(\r\n))(\.)/", "\1.\3", $body);
+        $header = "MIME-Version:1.0\r\n";
+        if ($mailtype == "HTML") {
+            $header .= 'Content-Type: text/html; charset="utf-8"' . "\r\n";
+        }
+        if (!empty($totitle)) {
+            $header .= "To: =?utf-8?B?" . base64_encode($totitle) . "?= <{$to}>\r\n";
+        } else {
+            $header .= "To: {$to} <{$to}>\r\n";
+        }
+        if (!empty($cc)) {
+            $header .= "Cc: {$cc}\r\n";
+        }
+        if (!empty($fromtitle)) {
+            $header .= "From: =?utf-8?B?" . base64_encode($fromtitle) . "?= <{$from}>\r\n";
+        } else {
+            $header .= "From: {$from} <{$from}>\r\n";
+        }
+        $header .= "Subject: =?utf-8?B?" . base64_encode($subject) . "?=\r\n";
+        $header .= $additional_headers;
+        $header .= "Date: " . date("r") . "\r\n";
+        $header .= "X-Mailer: By UIISC (PHP/" . phpversion() . ")\r\n";
+        list($msec, $sec) = explode(" ", microtime());
+        $header .= "Message-ID: <" . date("YmdHis", $sec) . "." . ($msec * 1000000) . "." . $mail_from . ">\r\n";
+        $TO = explode(",", $this->strip_comment($to));
+        if ($cc != "") {
+            $TO = array_merge($TO, explode(",", $this->strip_comment($cc)));
+        }
+        if ($bcc != "") {
+            $TO = array_merge($TO, explode(",", $this->strip_comment($bcc)));
+        }
+        $sent = true;
+        foreach ($TO as $rcpt_to) {
+            $rcpt_to = $this->get_address($rcpt_to);
+            if (!$this->smtp_sockopen($rcpt_to)) {
+                $this->log_write("Error: Cannot send email to " . $rcpt_to . "\n");
+                $sent = false;
+                continue;
+            }
+            if ($this->smtp_send($this->host_name, $mail_from, $rcpt_to, $header, $body)) {
+                $this->log_write("E-mail has been sent to <" . $rcpt_to . ">\n");
+            } else {
+                $this->log_write("Error: Cannot send email to <" . $rcpt_to . ">\n");
+                $sent = false;
+            }
+            fclose($this->sock);
+            $this->log_write("Disconnected from remote host\n");
+        }
+        return $sent;
+    }
+
+    /* Private Functions */
+    public function smtp_send($helo, $from, $to, $header, $body = "")
+    {
+        if (!$this->smtp_putcmd("HELO", $helo)) {
+            return $this->smtp_error("sending HELO command");
+        }
+        if ($this->auth) {
+            if (!$this->smtp_putcmd("AUTH LOGIN", base64_encode($this->user))) {
+                return $this->smtp_error("sending HELO command");
+            }
+            if (!$this->smtp_putcmd("", base64_encode($this->pass))) {
+                return $this->smtp_error("sending HELO command");
+            }
+        }
+        if (!$this->smtp_putcmd("MAIL", "FROM:<" . $from . ">")) {
+            return $this->smtp_error("sending MAIL FROM command");
+        }
+        if (!$this->smtp_putcmd("RCPT", "TO:<" . $to . ">")) {
+            return $this->smtp_error("sending RCPT TO command");
+        }
+        if (!$this->smtp_putcmd("DATA")) {
+            return $this->smtp_error("sending DATA command");
+        }
+        if (!$this->smtp_message($header, $body)) {
+            return $this->smtp_error("sending message");
+        }
+        if (!$this->smtp_eom()) {
+            return $this->smtp_error("sending <CR><LF>.<CR><LF> [EOM]");
+        }
+        if (!$this->smtp_putcmd("QUIT")) {
+            return $this->smtp_error("sending QUIT command");
+        }
+        return true;
+    }
+
+    public function smtp_sockopen($address)
+    {
+        if ($this->relay_host == "") {
+            return $this->smtp_sockopen_mx($address);
+        } else {
+            return $this->smtp_sockopen_relay();
+        }
+    }
+
+    public function smtp_sockopen_relay()
+    {
+        $this->log_write("Trying to " . $this->relay_host . ":" . $this->smtp_port . "\n");
+        $this->sock = @fsockopen($this->relay_host, $this->smtp_port, $errno, $errstr, $this->time_out);
+        if (!($this->sock && $this->smtp_ok())) {
+            $this->log_write("Error: Cannot connenct to relay host " . $this->relay_host . "\n");
+            $this->log_write("Error: " . $errstr . " (" . $errno . ")\n");
+            return false;
+        }
+        $this->log_write("Connected to relay host " . $this->relay_host . "\n");
+        return true;
+    }
+
+    public function smtp_sockopen_mx($address)
+    {
+        $domain = ereg_replace("^.+@([^@]+)$", "\1", $address);
+        if (!@getmxrr($domain, $MXHOSTS)) {
+            $this->log_write("Error: Cannot resolve MX \"" . $domain . "\"\n");
+            return false;
+        }
+        foreach ($MXHOSTS as $host) {
+            $this->log_write("Trying to " . $host . ":" . $this->smtp_port . "\n");
+            $this->sock = @fsockopen($host, $this->smtp_port, $errno, $errstr, $this->time_out);
+            if (!($this->sock && $this->smtp_ok())) {
+                $this->log_write("Warning: Cannot connect to mx host " . $host . "\n");
+                $this->log_write("Error: " . $errstr . " (" . $errno . ")\n");
+                continue;
+            }
+            $this->log_write("Connected to mx host " . $host . "\n");
+            return true;
+        }
+        $this->log_write("Error: Cannot connect to any mx hosts (" . implode(", ", $MXHOSTS) . ")\n");
+        return false;
+    }
+
+    public function smtp_message($header, $body)
+    {
+        fputs($this->sock, $header . "\r\n" . $body);
+        $this->smtp_debug("> " . str_replace("\r\n", "\n" . "> ", $header . "\n> " . $body . "\n> "));
+        return true;
+    }
+
+    public function smtp_eom()
+    {
+        fputs($this->sock, "\r\n.\r\n");
+        $this->smtp_debug(". [EOM]\n");
+        return $this->smtp_ok();
+    }
+
+    public function smtp_ok()
+    {
+        $response = str_replace("\r\n", "", fgets($this->sock, 512));
+        $this->smtp_debug($response . "\n");
+        if (!preg_match("/^[23]/", $response)) {
+            fputs($this->sock, "QUIT\r\n");
+            fgets($this->sock, 512);
+            $this->log_write("Error: Remote host returned \"" . $response . "\"\n");
+            return false;
+        }
+        return true;
+    }
+
+    public function smtp_putcmd($cmd, $arg = "")
+    {
+        if ($arg != "") {
+            if ($cmd == "") {
+                $cmd = $arg;
+            } else {
+                $cmd = $cmd . " " . $arg;
+            }
+        }
+        fputs($this->sock, $cmd . "\r\n");
+        $this->smtp_debug("> " . $cmd . "\n");
+        return $this->smtp_ok();
+    }
+
+    public function smtp_error($string)
+    {
+        $this->log_write("Error: Error occurred while " . $string . ".\n");
+        return false;
+    }
+
+    public function log_write($message)
+    {
+        $this->smtp_debug($message);
+        if ($this->log_file == "") {
+            return true;
+        }
+        $message = date("M d H:i:s ") . get_current_user() . "[" . getmypid() . "]: " . $message;
+        if (!@file_exists($this->log_file) || !($fp = @fopen($this->log_file, "a"))) {
+            $this->smtp_debug("Warning: Cannot open log file \"" . $this->log_file . "\"\n");
+            return false;
+        }
+        flock($fp, LOCK_EX);
+        fputs($fp, $message);
+        fclose($fp);
+        return true;
+    }
+
+    public function strip_comment($address)
+    {
+        $comment = "/\([^()]*\)/";
+        while (preg_match($comment, $address)) {
+            $address = ereg_replace($comment, "", $address);
+        }
+        return $address;
+    }
+
+    public function get_address($address)
+    {
+        $address = preg_replace("/([ \t\r\n])+/", "", $address);
+        $address = preg_replace("/^.*<(.+)>.*$/", "\1", $address);
+        return $address;
+    }
+
+    public function smtp_debug($message)
+    {
+        if ($this->debug) {
+            echo $message;
+        }
+    }
+}

clientarea/library/functions.php

@@ -0,0 +1,217 @@
+<?php
+
+function objDB()
+{
+    $objDB = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
+    if ($objDB->connect_error) {
+        die("Connection not established");
+    }
+    return $objDB;
+}
+
+function upload_image($image)
+{
+
+    if (!is_dir(APPROOT . "/images")) {
+        mkdir(APPROOT . "/images");
+    }
+
+    if ($image["error"] == 4) {
+        die("image file not uploaded");
+    }
+
+    if ($image["type"] != "image/png") {
+        die("Only, png image files are allowed");
+    }
+
+    $image_info = pathinfo($image["name"]);
+    extract($image_info);
+    $image_convention = $filename . time() . ".$extension";
+
+    if (move_uploaded_file($image["tmp_name"], APPROOT . "/images/" . $imageConvention)) {
+        return $image_convention;
+    } else {
+        return false;
+    }
+}
+
+function cTime($timestamp)
+{
+    return date("Y-m-d H:i:s", $timestamp);
+}
+
+function checkUserByEmail($email)
+{
+
+    $objDB = objDB();
+    $stmt = $objDB->prepare(
+        "SELECT * FROM users WHERE email=?"
+    );
+
+    $stmt->bind_param("s", $email);
+    $stmt->execute();
+    $stmt->store_result();
+    return $stmt->num_rows;
+}
+
+function checkUserByUsername($username)
+{
+
+    $objDB = objDB();
+    $stmt = $objDB->prepare(
+        "SELECT * FROM users WHERE username=?"
+    );
+    $stmt->bind_param("s", $username);
+    $stmt->execute();
+    $stmt->store_result();
+    return $stmt->num_rows;
+}
+
+function checkUserActivation($username)
+{
+
+    $objDB = objDB();
+    $stmt = $objDB->prepare(
+        "SELECT * FROM users WHERE username=? AND is_active=1"
+    );
+    $stmt->bind_param("s", $username);
+    $stmt->execute();
+    $stmt->store_result();
+    return $stmt->num_rows;
+}
+
+function setMsg($name, $value, $class = "success")
+{
+    if (is_array($value)) {
+        $_SESSION[$name] = $value;
+    } else {
+        $_SESSION[$name] = "<div class='alert alert-$class text-center'>$value</div>";
+    }
+}
+
+function getMsg($name)
+{
+    if (isset($_SESSION[$name])) {
+        $session = $_SESSION[$name];
+        unset($_SESSION[$name]);
+        return $session;
+    }
+}
+
+function getUserById($user_id)
+{
+
+    $objDB = objDB();
+    $stmt = $objDB->prepare(
+        "SELECT * FROM users WHERE id=?"
+    );
+    $stmt->bind_param("i", $user_id);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    return $result->fetch_object();
+}
+
+function verifyUserAccount($code)
+{
+
+    $objDB = objDB();
+    $stmt = $objDB->prepare(
+        "UPDATE users SET is_active = 1 , reset_code = '' WHERE reset_code = ?"
+    );
+    $stmt->bind_param("s", $code);
+    $stmt->execute();
+    $stmt->store_result();
+    return $stmt->affected_rows;
+}
+
+function checkUserByCode($code)
+{
+    $objDB = objDB();
+    $stmt = $objDB->prepare(
+        "SELECT * FROM users WHERE reset_code = ?"
+    );
+    $stmt->bind_param("s", $code);
+    $stmt->execute();
+    $stmt->store_result();
+    return $stmt->num_rows;
+}
+
+function isUserLoggedIn()
+{
+    if (isset($_SESSION["user"]) || isset($_COOKIE["user"])) {
+        return true;
+    } else {
+        return false;
+    }
+}
+
+function get_userinfo()
+{
+    return isUserLoggedIn() ? isset($_COOKIE["user"]) ? unserialize($_COOKIE["user"]) : $_SESSION["user"] : "";
+}
+
+function send_mail($detail = array())
+{
+    if (!empty($detail["to"]) && !empty($detail["message"]) && !empty($detail["subject"])) {
+        $to = $detail["to"];
+        $totitle = isset($detail["totitle"]) ? $detail["totitle"] : "";
+        $from = SMTP_MAILADDR;
+        $fromtitle = isset($detail["fromtitle"]) ? $detail["fromtitle"] : "";
+        $subject = $detail["subject"];
+        $body = $detail["message"];
+        $mailtype = "HTML"; // HTML/TXT
+
+        $smtp = new MailSMTP(SMTP_SERVER, SMTP_PORT, true, SMTP_USERNAME, SMTP_PASSWORD);
+        $smtp->debug = false;
+        $res = $smtp->sendmail($to, $totitle, $from, $fromtitle, $subject, $body, $mailtype);
+        if (!$res) {
+            return false;
+        } else {
+            return true;
+        }
+    } else {
+        die("Your Mail Handler requires four main paramters");
+    }
+}
+
+/**
+ * redirect to functions URL
+ */
+function redirect($module, $section = "", $param = [])
+{
+    $url = $param ? setRouter($module, $section) . "&" . http_build_query($param) : setRouter($module, $section);
+    // $param = $param ? http_build_query($param) : "";
+    // $url = $section ? setRouter($module, $section) . "&" . $param : setRouter($module) . "?" . $param;
+    header("Location: {$url}");
+    exit;
+}
+
+/** make router URL
+ * @param mixed $module
+ * @param mixed $section
+ * @return string
+ */
+function setRouter($module, $section = "")
+{
+    return empty($section) ? "{$module}.php" : "{$module}.php?s=$section";
+}
+
+/** make a full path http URL
+ * @param mixed $module
+ * @param mixed $section
+ * @return string
+ */
+function setURL($module, $section = "")
+{
+    return empty($section) ? URLROOT . "/{$module}.php" : URLROOT . "/{$module}.php?s=$section";
+}
+
+/** Determine if a variable is an email address
+ * 
+ * @param string $email
+ * @return bool
+ */
+function isemail($email = "")
+{
+    return preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,})$/", $email);
+}

clientarea/views/account_deactivation.php

@@ -0,0 +1,25 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <div class="row">
+        <div class="col-md-6 mx-auto">
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Account Deactivation</h3>
+                </div>
+                <div class="panel-body">
+                    <?php echo getMsg("msg_notify"); ?>
+                </div>
+                <div class="panel-footer text-right">
+                    <a href="<?php echo setRouter('clientarea', 'login'); ?>">Go Back to Login</a>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

clientarea/views/account_verify.php

@@ -0,0 +1,25 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <div class="row">
+        <div class="col-md-6 mx-auto">
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Account Verify</h3>
+                </div>
+                <div class="panel-body">
+                    <?php echo getMsg("msg_notify"); ?>
+                </div>
+                <div class="panel-footer text-right">
+                    <a href="<?php echo setRouter('clientarea', 'login'); ?>">Go Back to Login</a>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

clientarea/views/change_password.php

@@ -0,0 +1,46 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <div class="row">
+        <div class="col-md-6 mx-auto">
+            <?php echo getMsg("msg_notify"); ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Change Password</h3>
+                </div>
+                <div class="panel-body">
+                    <p>Please fill in credentials to Change Password.</p>
+                    <form action="" method="POST">
+                        <div class="form-group">
+                            <label for="current-password">Current Password: <sup>*</sup></label>
+                            <input type="password" name="old_password" id="current-password" value="<?php echo ($data['old_password']); ?>" class="form-control <?php echo (isset($err['old_password_err'])) ? 'is-invalid' : ''; ?>" autocomplete="current-password">
+                            <span class="text-warning"><?php echo isset($err["old_password_err"]) ? $err["old_password_err"] : ""; ?></span>
+                        </div>
+                        <div class="form-group">
+                            <label for="new-password">New Password: <sup>*</sup></label>
+                            <input type="password" name="password" id="new-password" value="<?php echo ($data['password']); ?>" class="form-control <?php echo (isset($err['password_err'])) ? 'is-invalid' : ''; ?>" autocomplete="new-password">
+                            <span class="text-warning"><?php echo isset($err["password_err"]) ? $err["password_err"] : ""; ?></span>
+                        </div>
+                        <div class="form-group">
+                            <label for="confirm-password">Confirm Password: <sup>*</sup></label>
+                            <input type="password" name="confirm_password" id="confirm-password" value="<?php echo ($data['confirm_password']); ?>" class="form-control <?php echo (isset($err['confirm_password_err'])) ? 'is-invalid' : ''; ?>" autocomplete="new-password">
+                            <span class="text-warning"><?php echo isset($err["confirm_password_err"]) ? $err["confirm_password_err"] : ""; ?></span>
+                        </div>
+                        <div class="form-group">
+                            <input type="submit" name="change_password" value="Change Password" class="btn btn-default">
+                        </div>
+                    </form>
+                </div>
+                <div class="panel-footer text-right">
+                    <a href="<?php echo setRouter('clientarea', 'details'); ?>">Go Back to Details</a>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

clientarea/views/details.php

@@ -0,0 +1,71 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <div class="row">
+        <div class="col-md-6 mx-auto">
+            <?php echo (getMsg("msg_notify")); ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Account Details</h3>
+                </div>
+                <div class="panel-body">
+                    <div class="text-center">
+                        <img src="<?php echo $userAvatar; ?>" class="img-avatar img-responsive img-responsive img-circle img-thumbnail">
+                    </div>
+                    <hr>
+                    <div class="detail-text">
+                        <label for="name"><strong>Name:</strong></label>
+                        <span class="text-data"><?php echo ($user->name); ?></span>
+                    </div>
+                    <div class="detail-text">
+                        <label for="name"><strong>Email:</strong></label>
+                        <span class="text-data"><?php echo ($user->email); ?></span>
+                    </div>
+                    <div class="detail-text">
+                        <label for="name"><strong>Username:</strong></label>
+                        <span class="text-data"><?php echo ($user->username); ?></span>
+                    </div>
+                    <div class="detail-text">
+                        <label for="name"><strong>Website:</strong></label>
+                        <span class="text-data"><?php echo ($user->website); ?></span>
+                    </div>
+                    <hr />
+                    <div class="detail-text">
+                        <label for="name"><strong>Registration Date:</strong></label>
+                        <span class="text-data"><?php echo $userRegDate; ?></span>
+                    </div>
+                </div>
+                <div class="panel-footer">
+                    <a href="" data-toggle="modal" data-target="#deactivate-account"><i class="glyphicon glyphicon-off"></i></a>
+                    <a href="<?php echo setRouter('clientarea', 'edit_details'); ?>" class="pull-right"><i class="glyphicon glyphicon-edit"></i></a>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<div id="deactivate-account" class="modal fade" role="dialog" aria-labelledby="myModalLabel">
+    <div class="modal-dialog" role="document">
+        <div class="modal-content">
+            <div class="modal-header">
+                <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
+                <h4 class="modal-title" id="myModalLabel">Deactivate Account</h4>
+            </div>
+            <div class="modal-body text-center">
+                <p>Do you really want to deactivate your account?</p>
+            </div>
+            <div class="modal-footer">
+                <form action="<?php echo setRouter('clientarea', 'account_deactivation'); ?>" method="POST">
+                    <input type="submit" value="Yes" class="btn btn-danger" name="deactivate">
+                    <button type="button" class="btn btn-default" data-dismiss="modal"">Cancel</button>
+                </form>
+            </div>
+        </div>
+    </div>
+</div>

clientarea/views/edit_details.php

@@ -0,0 +1,60 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <div class="row">
+        <div class="col-md-6 mx-auto">
+            <?php echo getMsg("msg_notify"); ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Edit Account Details</h3>
+                </div>
+                <div class="panel-body">
+                    <form action="" method="POST" enctype="multipart/form-data">
+                        <div class="form-group">
+                            <label for="name">Name: <sup>*</sup></label>
+                            <input type="name" name="name" value="<?php echo ($user->name); ?>" class="form-control <?php echo (isset($err['name_err'])) ? 'is-invalid' : ''; ?>">
+                            <span class="text-warning"><?php echo ($err["name_err"]); ?></span>
+                        </div>
+                        <div class="form-group">
+                            <label for="username">Username: <sup>*</sup></label>
+                            <input type="text" name="username" value="<?php echo ($user->username); ?>" class="form-control <?php echo (isset($err['username_err'])) ? 'is-invalid' : ''; ?>">
+                            <span class="text-warning"><?php echo ($err["username_err"]); ?></span>
+                        </div>
+                        <div class="form-group">
+                            <label for="email">Email: <sup>*</sup></label>
+                            <input type="email" name="email" value="<?php echo ($user->email); ?>" class="form-control <?php echo (isset($err['email_err'])) ? 'is-invalid' : ''; ?>">
+                            <span class="text-warning"><?php echo ($err["email_err"]); ?></span>
+                        </div>
+                        <div class="form-group">
+                            <label for="url">Your Website URL: <sup>*</sup></label>
+                            <input type="text" name="website" value="<?php echo ($user->website); ?>" class="form-control <?php echo (isset($err['website_err'])) ? 'is-invalid' : ''; ?>">
+                            <span class="text-warning"><?php echo ($err["website_err"]); ?></span>
+                        </div>
+                        <div class="form-group" id="imageBox">
+                            <img src="<?php echo $userAvatar; ?>" alt="" class="img-avatar img-responsive img-responsive img-circle img-thumbnail">
+                            <a href="#" class="" id="uploadNewImage">Click here to upload</a>
+                        </div>
+                        <div class="form-group" id="imageUpload">
+                            <label for="url">Upload Image: <sup>*</sup></label>
+                            <input type="file" name="image" class="form-control <?php echo (isset($err['image_err'])) ? 'is-invalid' : ''; ?>">
+                            <span class="text-warning"><?php echo ($err["image_err"]); ?></span>
+                        </div>
+                        <div class="form-group">
+                            <input type="submit" name="edit" value="Update Now" class="btn btn-default">
+                        </div>
+                    </form>
+                </div>
+                <div class="panel-footer text-right">
+                    <a href="<?php echo setRouter('clientarea', 'change_password');?>">Wanna Change Password ?</a>
+                    <a href="<?php echo setRouter('clientarea', 'details');?>">Go Back to Details</a>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

clientarea/views/emails.php

@@ -0,0 +1,55 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <div class="row">
+        <div class="col-md-12">
+            <?php echo (getMsg("msg_notify")); ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Email History</h3>
+                </div>
+                <div class="panel-body">
+                    <div class="table-responsive">
+                        <table class="table table-bordered table-striped table-hover">
+                            <thead>
+                                <tr>
+                                    <th style="width: 100px;">ID</th>
+                                    <th>Date Sent</th>
+                                    <th>Message Subject</th>
+                                    <th style="width: 100px;">Operate</th>
+                                </tr>
+                            </thead>
+                            <tbody>
+                                <?php if ($emails["total"]) {
+                                    foreach ($emails["list"] as $key => $value) { ?>
+                                        <tr>
+                                            <th style="width: 100px;"><?php echo $value["id"]; ?></th>
+                                            <td><?php echo $value["date"]; ?></td>
+                                            <td><?php echo $value["subject"]; ?></td>
+                                            <td style="width: 100px;">
+                                                <button class="btn btn-info btn-xs" type="submit">View Message</button>
+                                            </td>
+                                        </tr>
+                                    <?php }
+                            } else { ?>
+                                    <tr>
+                                        <td colspan="4" class="text-center">No Records Found</td>
+                                    </tr>
+                                <?php } ?>
+                            </tbody>
+                        </table>
+                    </div>
+                </div>
+                <div class="panel-footer">
+                    <span><?php echo $emails["total"]; ?> Records Found, Page <?php echo $emails["page"]; ?> of <?php echo $emails["pages"]; ?></span>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

clientarea/views/footer.php

@@ -0,0 +1,32 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<footer class="footer navbar navbar-default navbar-fixed-bottom">
+    <div class="container">
+        <div class="navbar-inner navbar-content-center" style="padding-top:15px;">
+            <ul class="navbar-left list-inline text-center text-muted credit">
+                <li>
+                    <span class="co">&copy;&nbsp;<?php echo $CopyRightYear; ?>&nbsp;<a href="index.php">UIISC</a>&nbsp;</span>
+                    <span class="co">&nbsp;Powered by <a href="https://crogram.com" target="blank">Crogram</a>&nbsp;</span>
+                    <span class="co">&nbsp;Partnered with <a href="https://ifastnet.com/" name="jump-ifastnet" target="blank">iFastNet</a>&nbsp;</span>
+                </li>
+            </ul>
+            <ul class="legal navbar-right list-inline text-center">
+                <li><a href="#">About</a></li>
+            </ul>
+        </div>
+    </div>
+</footer>
+
+<script src="assets/jquery/jquery.min.js"></script>
+<script src="assets/bootstrap/js/bootstrap.min.js"></script>
+<script src="assets/js/clientarea.js"></script>
+
+</body>
+
+</html>

clientarea/views/forget_password.php

@@ -0,0 +1,37 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <div class="row">
+        <div class="col-md-6 mx-auto">
+            <?php echo getMsg("msg_notify"); ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Forget Password</h3>
+                </div>
+                <div class="panel-body">
+                    <p>If you have forgotten your password, you can reset it here. When you fill in your registered email address, you will be sent instructions on how to reset your password.</p>
+                    <p>Please fill in credentials to get a link to reset password.</p>
+                    <form action="" method="POST">
+                        <div class="form-group">
+                            <label for="email">Email Address: <sup>*</sup></label>
+                            <input type="email" name="email" value="<?php echo ($data['email']); ?>" class="form-control <?php echo (isset($err['email_err'])) ? 'is-invalid' : ''; ?>">
+                            <span class="text-warning"><?php echo isset($err["email_err"]) ? $err["email_err"] : ""; ?></span>
+                        </div>
+                        <div class="form-group">
+                            <input type="submit" name="reset_request" value="Send Reset Link" class="btn btn-default">
+                        </div>
+                    </form>
+                </div>
+                <div class="panel-footer text-right">
+                    <a href="<?php echo setRouter('clientarea', 'login'); ?>">Go Back to Login</a>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

clientarea/views/header.php

@@ -0,0 +1,29 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="utf-8" />
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0, user-scalable=no">
+    <meta name="description" content="<?php echo $description; ?>">
+    <meta name="author" content="<?php echo $author; ?>">
+    <title>Client Area</title>
+    <link href="favicon.ico?_=<?php echo $static_release; ?>" type="image/x-icon" rel="icon" />
+    <link href="favicon.ico?_=<?php echo $static_release; ?>" type="image/x-icon" rel="shortcut icon" />
+    <link rel="stylesheet" href="assets/bootstrap/css/bootstrap.min.css">
+    <link rel="stylesheet" href="assets/css/style.css?_=<?php echo $static_release; ?>">
+    <link rel="stylesheet" href="assets/css/clientarea.css?_=<?php echo $static_release; ?>">
+    <!--[if lt IE 9]>
+    <script src="assets/html5shiv/html5shiv.min.js"></script>
+    <script src="assets/respond/respond.min.js"></script>
+    <![endif]-->
+</head>
+
+<body>

clientarea/views/index.php

@@ -0,0 +1,2 @@
+<?php
+header("Location: ../../clientarea.php");

clientarea/views/login.php

@@ -0,0 +1,43 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <div class="row">
+        <div class="col-md-6 mx-auto">
+            <?php echo getMsg("msg_notify"); ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Login</h3>
+                </div>
+                <div class="panel-body">
+                    <p>Please fill in credentials to log in.</p>
+                    <form action="" method="POST">
+                        <div class="form-group">
+                            <label for="username">Username: <sup>*</sup></label>
+                            <input type="text" name="username" id="username" value="<?php echo ($data['username']); ?>" class="form-control <?php echo (isset($err['username_err'])) ? 'is-invalid' : ''; ?>">
+                            <span class="text-warning"><?php echo isset($err["username_err"]) ? $err["username_err"] : ""; ?></span>
+                        </div>
+                        <div class="form-group">
+                            <label for="password">Password: <sup>*</sup></label>
+                            <input type="password" name="password" id="password" value="<?php echo ($data['password']); ?>" class="form-control <?php echo (isset($err['password_err'])) ? 'is-invalid' : ''; ?>">
+                            <span class="text-warning"><?php echo isset($err["password_err"]) ? $err["password_err"] : ""; ?></span>
+                        </div>
+                        <div class="form-group">
+                            <button type="submit" name="login" class="btn btn-default">Login</button>
+                            <label class="form-check-label text-primary"><input type="checkbox" class="form-check-input" name="remember-me"> Remember Me</label>
+                        </div>
+                    </form>
+                </div>
+                <div class="panel-footer">
+                    <a href="<?php echo setRouter('clientarea', 'forget_password');?>" class="btn btn-link">Forget Passsword?</a>
+                    <a href="<?php echo setRouter('clientarea', 'register');?>" class="btn btn-link">No account? Register</a>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

clientarea/views/logout.php

@@ -0,0 +1,26 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+<div class="container">
+    <div class="row">
+        <div class="col-md-6 mx-auto">
+            <?php echo getMsg("msg_notify"); ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Logout</h3>
+                </div>
+                <div class="panel-body">
+                    <p>What do you want to do.</p>
+                    <p>
+                        <a href="<?php echo setRouter('clientarea', 'login'); ?>" class="btn btn-default">Login</a>
+                        <a href="<?php echo setRouter('clientarea', 'register'); ?>" class="btn btn-default">Register</a>
+                    </p>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

clientarea/views/main.php

@@ -0,0 +1,52 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <p><h1>Client Area</h1></p>
+    <div class="row">
+        <div class="col-md-12">
+            <?php echo getMsg("msg_notify"); ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Client Area</h3>
+                </div>
+                <div class="panel-body">
+                    <p>Please fill in credentials to log in.</p>
+                </div>
+                <div class="panel-footer">
+                    <a href="<?php echo setRouter('clientarea', 'forget_password'); ?>" class="btn btn-link">Forget Passsword?</a>
+                    <a href="<?php echo setRouter('clientarea', 'register'); ?>" class="btn btn-link">No account? Register</a>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<div class="container">
+    <div class="text-center">
+        <h1>Project Client Area Features</h1>
+        <p class="lead">Create the complete login and register form</p>
+    </div>
+    <div class="row">
+        <div class="col-md-6">
+            <ul class="list-group text-center">
+                <li class="list-group-item"><a href="clientarea.php?s=login">Login</a> / <a href="clientarea.php?s=register">Register</a></li>
+                <li class="list-group-item"><a href="clientarea.php?s=details">Account Details</a></li>
+                <li class="list-group-item"><a href="clientarea.php?s=forget_password">Forget</a> / <a href="clientarea.php?s=reset_password">Reset</a> Password</li>
+                <li class="list-group-item">Remember me Option</li>
+            </ul>
+        </div>
+        <div class="col-md-6 ">
+            <ul class="list-group text-center">
+                <li class="list-group-item">Deactivate Account</li>
+                <li class="list-group-item">Email Verification</li>
+                <li class="list-group-item"><a href="clientarea.php?s=request-account-activate">Account Verification</a></li>
+            </ul>
+        </div>
+    </div>
+</div>

clientarea/views/navbar.php

@@ -0,0 +1,75 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <nav class="navbar navbar-default">
+        <div class="container-fluid">
+            <div class="navbar-header">
+                <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar" aria-expanded="false" aria-controls="navbar">
+                    <span class="sr-only">Toggle navigation</span>
+                    <span class="icon-bar"></span>
+                    <span class="icon-bar"></span>
+                    <span class="icon-bar"></span>
+                </button>
+                <a class="navbar-brand" href="<?php echo $siteURL; ?>"><?php echo $brandName; ?></a>
+            </div>
+            <div id="navbar" class="navbar-collapse collapse">
+                <ul class="nav navbar-nav">
+                    <li><a href="<?php echo setRouter('clientarea'); ?>">Home</a>
+                    <li class="dropdown"><a href="#" class="dropdown-toggle" data-toggle="dropdown">Service&nbsp;<span class="caret"></span></a>
+                        <ul class="dropdown-menu">
+                            <li><a href="#">My Services</a></li>
+                            <li role="separator" class="divider"></li>
+                            <li><a href="#">Order New Services</a></li>
+                            <li><a href="#">View Available Addons</a></li>
+                        </ul>
+                    </li>
+                    <li class="dropdown">
+                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">Billing&nbsp;<b class="caret"></b></a>
+                        <ul class="dropdown-menu">
+                            <li><a href="#">My Invoices</a></li>
+                            <li><a href="#">Add Funds</a></li>
+                            <li><a href="#">Mass Payment</a></li>
+                            <li><a href="#">Refunds</a></li>
+                        </ul>
+                    </li>
+                    <li class="dropdown"><a class="dropdown-toggle" data-toggle="dropdown" href="#">Support&nbsp;<b class="caret"></b></a>
+                        <ul class="dropdown-menu">
+                            <li><a href="<?php echo setRouter('clientarea', 'tickets'); ?>">Tickets</a></li>
+                            <li><a href="#">Knowledgebase</a></li>
+                        </ul>
+                    </li>
+                </ul>
+                <ul class="nav navbar-nav navbar-right">
+                    <li class="dropdown">
+                        <?php if (isUserLoggedIn()) { ?>
+                            <a href="#" class="dropdown-toggle" data-toggle="dropdown">Hello,&nbsp;<?php echo ($user->name); ?>&nbsp;<span class="caret"></span></a>
+                            <ul class="dropdown-menu">
+                                <li><a href="<?php echo setRouter('clientarea', 'details'); ?>">Account Details</a></li>
+                                <li><a href="<?php echo setRouter('clientarea', 'edit_details'); ?>">Edit Account Details</a></li>
+                                <li><a href="<?php echo setRouter('clientarea', 'emails'); ?>">Email History</a></li>
+                                <li><a href="<?php echo setRouter('clientarea', 'change_password'); ?>">Change password</a></li>
+                                <li role="separator" class="divider"></li>
+                                <li><a href="<?php echo setRouter('clientarea', 'logout'); ?>">Logout</a></li>
+                            </ul>
+                        <?php } else { ?>
+                            <a href="#" class="dropdown-toggle" data-toggle="dropdown">Client Area&nbsp;<span class="caret"></span></a>
+                            <ul class="dropdown-menu">
+                                <li><a href="<?php echo setRouter('clientarea', 'login'); ?>">Login</a></li>
+                                <li><a href="<?php echo setRouter('clientarea', 'register'); ?>">Register </a></li>
+                                <li role="separator" class="divider"></li>
+                                <li><a href="<?php echo setRouter('clientarea', 'forget_password'); ?>">Forget Passsword</a></li>
+                            </ul>
+                        <?php } ?>
+
+                    </li>
+                </ul>
+            </div>
+        </div>
+    </nav>
+</div>

clientarea/views/register.php

@@ -0,0 +1,61 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <div class="row">
+        <div class="col-md-6 mx-auto">
+            <?php echo getMsg("msg_notify"); ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Account Register</h3>
+                </div>
+                <div class="panel-body">
+                    <p>Please fill in credentials to Sign Up.</p>
+                    <form action="" method="POST">
+                        <div class="form-group">
+                            <label for="name">Name: <sup>*</sup></label>
+                            <input type="name" name="name" value="<?php echo ($data['name']); ?>" class="form-control <?php echo (isset($err['name_err'])) ? 'is-invalid' : ''; ?>" autocomplete="off">
+                            <span class="text-warning"><?php echo ($err["name_err"]); ?></span>
+                        </div>
+                        <div class="form-group">
+                            <label for="username">Username: <sup>*</sup></label>
+                            <input type="text" name="username" value="<?php echo ($data['username']); ?>" class="form-control <?php echo (isset($err['username_err'])) ? 'is-invalid' : ''; ?>" autocomplete="off">
+                            <span class="text-warning"><?php echo ($err["username_err"]); ?></span>
+                        </div>
+                        <div class="form-group">
+                            <label for="email">Email: <sup>*</sup></label>
+                            <input type="email" name="email" value="<?php echo ($data['email']); ?>" class="form-control <?php echo (isset($err['email_err'])) ? 'is-invalid' : ''; ?>" autocomplete="off">
+                            <span class="text-warning"><?php echo ($err['email_err']); ?></span>
+                        </div>
+                        <div class="form-group">
+                            <label for="url">Your Website URL: <sup>*</sup></label>
+                            <input type="text" name="website" value="<?php echo ($data['website']); ?>" class="form-control <?php echo (isset($err['website_err'])) ? 'is-invalid' : ''; ?>" autocomplete="off">
+                            <span class="text-warning"><?php echo ($err['website_err']); ?></span>
+                        </div>
+                        <div class="form-group">
+                            <label for="password">Password: <sup>*</sup></label>
+                            <input type="password" name="password" value="<?php echo ($data['password']); ?>" class="form-control <?php echo (isset($err['password_err'])) ? 'is-invalid' : ''; ?>" autocomplete="off">
+                            <span class="text-warning"><?php echo ($err['password_err']); ?></span>
+                        </div>
+                        <div class="form-group">
+                            <label for="confirm_password">Confirm Password: <sup>*</sup></label>
+                            <input type="password" name="confirm_password" value="<?php echo ($data['confirm_password']); ?>" class="form-control <?php echo (isset($err['confirm_password_err'])) ? 'is-invalid' : ''; ?>" autocomplete="off">
+                            <span class="text-warning"><?php echo ($err['confirm_password_err']); ?></span>
+                        </div>
+                        <div class="form-group">
+                            <input type="submit" name="register" value="Register" class="btn btn-default">
+                        </div>
+                    </form>
+                </div>
+                <div class="panel-footer text-right">
+                    <a href="<?php echo setRouter('clientarea', 'login'); ?>">Have account ? Login</a>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

clientarea/views/request-account-activate.php

@@ -0,0 +1,35 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <div class="row">
+        <div class="col-md-6 mx-auto">
+            <?php echo getMsg("msg_notify"); ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Activate Account Request</h3>
+                </div>
+                <div class="panel-body">
+                    <form action="" method="POST">
+                        <div class="form-group">
+                            <label for="email">Email: <sup>*</sup></label>
+                            <input type="email" name="email" value="<?php echo ($data['email']); ?>" class="form-control <?php echo (isset($err['email_err'])) ? 'is-invalid' : ''; ?>">
+                            <span class="text-warning"><?php echo ($err['email_err']); ?></span>
+                        </div>
+                        <div class="form-group">
+                            <input type="submit" name="request-activate-account" value="Send Reset Link" class="btn btn-default">
+                        </div>
+                    </form>
+                </div>
+                <div class="panel-footer text-right">
+                    <a href="<?php echo setRouter('clientarea', 'login'); ?>">Go Back to Login</a>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

clientarea/views/reset_password.php

@@ -0,0 +1,43 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <div class="row">
+        <div class="col-md-6 mx-auto">
+            <?php echo getMsg("msg_notify"); ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <h3 class="panel-title">Reset Password</h3>
+                </div>
+                <div class="panel-body">
+                    <p>Please fill in credentials to Reset Password.</p>
+                    <form action="" method="POST">
+                        <div class="form-group">
+                            <label for="reset_code">Reset code: <sup>*</sup></label>
+                            <input type="text" name="reset_code" id="reset_code" value="<?php echo ($reset_code); ?>" class="form-control" readonly>
+                            <span class="text-warning"><?php echo isset($err["code_err"]) ? $err["code_err"] : ""; ?></span>
+                        </div>
+                        <div class="form-group">
+                            <label for="new-password">New Password: <sup>*</sup></label>
+                            <input type="password" name="new-password" id="new-password" autocomplete="new-password" value="<?php echo ($data['password']); ?>" class="form-control <?php echo (isset($err['password_err'])) ? 'is-invalid' : ''; ?>">
+                            <span class="text-warning"><?php echo isset($err["password_err"]) ? $err["password_err"] : ""; ?></span>
+                        </div>
+                        <div class="form-group">
+                            <label for="confirm-password">Confirm Password: <sup>*</sup></label>
+                            <input type="password" name="confirm-password" id="confirm-password" autocomplete="confirm-password" value="<?php echo ($data['confirm_password']); ?>" class="form-control <?php echo (isset($err['confirm_password_err'])) ? 'is-invalid' : ''; ?>">
+                            <span class="text-warning"><?php echo isset($err["confirm_password_err"]) ? $err["confirm_password_err"] : ""; ?></span>
+                        </div>
+                        <div class="form-group">
+                            <input type="submit" name="reset_password" value="Reset Password" class="btn btn-default">
+                        </div>
+                    </form>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>

clientarea/views/tickets.php

@@ -0,0 +1,56 @@
+<?php
+if (!defined('IN_SYS')) {
+    // exit('禁止访问');
+    header("Location: ../../clientarea.php");
+    exit;
+}
+?>
+
+<div class="container">
+    <div class="row">
+        <div class="col-md-12">
+            <?php echo (getMsg("msg_notify")); ?>
+            <div class="panel panel-default">
+                <div class="panel-heading">
+                    <span class="panel-title">Support Tickets</span>
+                    <a class="btn btn-default btn-xs pull-right" href="<?php echo setRouter('clientarea', 'tickets'); ?>">New Ticket</a>
+                </div>
+                <div class="panel-body">
+                    <div class="table-responsive">
+                        <table class="table table-bordered table-striped table-hover">
+                            <thead>
+                                <tr>
+                                    <th>Date</th>
+                                    <th>Department</th>
+                                    <th>Subject</th>
+                                    <th>Status</th>
+                                    <th>Last Updated</th>
+                                </tr>
+                            </thead>
+                            <tbody>
+                                <?php if ($tickets["total"]) {
+                                    foreach ($tickets["list"] as $key => $value) { ?>
+                                        <tr>
+                                            <th><?php echo $value["date"]; ?></th>
+                                            <td><?php echo $value["department"]; ?></td>
+                                            <td><?php echo $value["subject"]; ?></td>
+                                            <td><?php echo $value["status"]; ?></td>
+                                            <td><?php echo $value["lastupdated"]; ?></td>
+                                        </tr>
+                                    <?php }
+                            } else { ?>
+                                    <tr>
+                                        <td colspan="5" class="text-center">No Records Found</td>
+                                    </tr>
+                                <?php } ?>
+                            </tbody>
+                        </table>
+                    </div>
+                </div>
+                <div class="panel-footer">
+                    <span><?php echo $tickets["total"]; ?> Records Found, Page <?php echo $tickets["page"]; ?> of <?php echo $tickets["pages"]; ?></span>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>