/lists/admin/send_core.php
PHP | 1667 lines | 1305 code | 160 blank | 202 comment | 334 complexity | 8b5ffd7655c26cfd483f3722fe5d2740 MD5 | raw file
Possible License(s): Apache-2.0, LGPL-3.0, LGPL-2.1, GPL-3.0, BSD-3-Clause, GPL-2.0
Large files files are truncated, but you can click here to view the full file
- <?php
- // 2004-1-7 This function really isn't quite ready for register globals.
- require_once dirname(__FILE__).'/accesscheck.php';
- #initialisation###############
- // Verify that FCKeditor is available
- if (USEFCK && file_exists("./FCKeditor/fckeditor.php")) {
- include("./FCKeditor/fckeditor.php") ;
- // Create the editor object here so we can check to see if *it* wants us to use it (this
- // does a browser check, etc.
- $oFCKeditor = new FCKeditor('message') ;
- $usefck = $oFCKeditor->IsCompatible();
- unset($oFCKeditor); // This object is *very* short-lived. Thankfully, it's also light-weight
- } else {
- $usefck = 0;
- }
- // Verify that TinyMCE is available
- $useTinyMCE = 0;
- if (USETINYMCEMESG && file_exists(TINYMCEPATH)) {
- $useTinyMCE = 1;
- }
- include_once dirname(__FILE__). "/date.php";
- $errormsg = '';
- $rss_content = '';
- $done = 0;
- $messageid = 0;
- $duplicate_atribute = 0; # not actually used it seems @@@ check
- $embargo = new date("embargo");
- $embargo->useTime = true;
- $repeatuntil = new date("repeatuntil");
- $repeatuntil->useTime = true;
- if (empty($_GET['id'])) {
- $_GET['id'] = '';
- }
- $baseurl = PageURL2($_GET["page"].'&id='.$_GET["id"]);
- echo '<script language="Javascript" src="js/jslib.js" type="text/javascript"></script><hr><p>';
- // load some variables in a register globals-safe fashion
- if (isset($_POST['send'])) {
- $send = $_POST["send"]; // Only get this from the POST variable (not session or anywhere else)
- } else {
- $send = '';
- }
- if (isset($_POST['prepare'])) {
- $prepare = $_POST["prepare"];
- } else {
- $prepare = '';
- }
- if (isset($_GET['id'])) {
- $id = sprintf('%d',$_GET["id"]); // Only get this from the GET variable
- } else {
- $id = 0;
- }
- if (isset($_POST['save'])) {
- $save = $_POST["save"]; // Save button pressed?
- } else {
- $save = '';
- }
- if (isset($_POST['sendtest'])) {
- $sendtest = $_POST["sendtest"];
- } else {
- $sendtest = '';
- }
- if (!isset($_GET['tab'])) $_GET['tab'] = '';
- if (!$id) {
- $defaulttemplate = getConfig('defaultmessagetemplate');
- Sql_Query(sprintf('insert into %s (subject,status,entered,sendformat,embargo,repeatuntil,owner,template,tofield,replyto)
- values("(no subject)","draft",now(),"HTML",now(),now(),%d,%d,"","")',$GLOBALS["tables"]["message"],$_SESSION["logindetails"]["id"],$defaulttemplate));
- $id = Sql_Insert_id();
- # 0008720: Using -p send from the commandline doesn't seem to work
- if(!$GLOBALS["commandline"]){
- Redirect($_GET["page"]."&id=$id");
- exit;
- }
- }
- if (isset($_GET['deleterule']) && $_GET["deleterule"]) {
- Sql_Query(sprintf('delete from %s where name = "criterion%d" and id = %d',$GLOBALS["tables"]["messagedata"],$_GET["deleterule"],$_GET["id"]));
- Redirect($_GET["page"]."&id=$id&tab=".$_GET["tab"]);
- }
- ob_end_flush();
- #load database data###########################
- // If we were passed an ID in the get, and we *weren't* posted a send, then
- // initialize the variables from the database.
- #if (((!$send) && (!$save) && (!$sendtest)) && ($id)) {
- if ($id) {
- // Load message attributes / values
- require $GLOBALS["coderoot"] . "structure.php"; // This gets the database structures into DBStruct
- $result = Sql_query("SELECT * FROM {$tables["message"]} where id = $id $ownership");
- if (!Sql_Affected_Rows()) {
- print $GLOBALS['I18N']->get("noaccess");
- $done = 1;
- return;
- }
- foreach (array('message', 'msgsubject') as $key) {
- if (isset($_POST[$key])) {
- $_POST[$key] = stripslashes($_POST[$key]);
- }
- }
- while ($msg = Sql_fetch_array($result)) {
- foreach ($DBstruct["message"] as $field => $rec) {
- if (!isset($_POST[$field])) {
- # print "Db: $field = $msg[$field]<br/>";
- $_POST[$field] = $msg[$field];
- }
- }
- }
- if (!isset($_POST['targetlist']) || !is_array($_POST["targetlist"])) {
- $_POST["targetlist"] = array();
- // Load lists that were targetted with message...
- $result = Sql_Query("select $tables[list].name,$tables[list].id from $tables[listmessage],$tables[list] where $tables[listmessage].messageid = $id and $tables[listmessage].listid = $tables[list].id");
- while ($lst = Sql_fetch_array($result)) {
- $_POST["targetlist"][$lst["id"]] = 1;
- }
- }
- // A bit of additional cleanup
- if (!isset($_POST["from"]))
- $_POST["from"] = $_POST["fromfield"]; // Database field name doesn't match form fieldname...
- if (!isset($_POST["forwardsubject"])) {
- $_POST["forwardsubject"] = "";
- }
- else $_POST["forwardsubject"] = sprintf("%s", $_POST["forwardsubject"]);
- if (!isset($_POST["forwardmessage"])) {
- $_POST["forwardmessage"] = "";
- }
- else $_POST["forwardmessage"] = sprintf("%s", $_POST["forwardmessage"]);
- if (!isset($_POST["forwardfooter"])) {
- $_POST["forwardfooter"] = "";
- }
- else $_POST["forwardfooter"] = sprintf("%s", $_POST["forwardfooter"]);
- if (!isset($_POST["msgsubject"])) {
- $_POST["msgsubject"] = sprintf("%s",$_POST["subject"]);
- } else {
- $_POST['subject'] = sprintf("%s",$_POST['msgsubject']);
- }
- if ((!isset($_POST["year"]) || !is_array($_POST["year"])) && $_POST["embargo"] && $_POST["embargo"] != "0000-00-00 00:00:00") {
- $embargo->setDateTime($_POST["embargo"]);
- }
- if ((!isset($_POST["year"]) || !is_array($_POST["year"])) && $_POST["repeatuntil"] && $_POST["repeatuntil"] != "0000-00-00 00:00:00") {
- $repeatuntil->setDateTime($_POST["repeatuntil"]);
- }
- # not sure why this is here, but it breaks things when tables are used in the
- # message, so for now disable it.
- if (0) {#$usefck) {
- $_POST["message"] = nl2br($_POST["message"]);
- }
- // Load the criteria settings...
- }
- // If we've got magic quotes on, then we need to get rid of the slashes - either
- // from the database or from the previous $_POST
- #if (get_magic_quotes_gpc()) {
- // $_POST["msgsubject"] = stripslashes($_POST["msgsubject"]);
- #0013076: different content when forwarding 'to a friend'
- $_POST["forwardsubject"] = stripslashes($_POST["forwardsubject"]);
- $_POST["from"] = stripslashes($_POST["from"]);
- $_POST["tofield"] = stripslashes($_POST["tofield"]);
- $_POST["replyto"] = stripslashes($_POST["replyto"]);
- // $_POST["message"] = stripslashes($_POST["message"]);
- #0013076: different content when forwarding 'to a friend'
- $_POST["forwardmessage"] = stripslashes($_POST["forwardmessage"]);
- $_POST["textmessage"] = stripslashes($_POST["textmessage"]);
- $_POST["footer"] = stripslashes($_POST["footer"]);
- #0013076: different content when forwarding 'to a friend'
- $_POST["forwardfooter"] = stripslashes($_POST["forwardfooter"]);
- #}
- #input checking#######################
- $duplicate_attribute = 0;
- # check the criterias, one attribute can only exist once
- if ($send) {
- $used_attributes = array();
- for ($i=1;$i<=NUMCRITERIAS;$i++) {
- if (isset($_POST["use"][$i])) {
- $attribute = $_POST["criteria"][$i];
- if (!in_array($attribute,$used_attributes))
- array_push($used_attributes,$attribute);
- else
- $duplicate_attribute = 1;
- }
- }
- }
- if (!isset($id)) { $id = $_POST["id"]; }; // Pull in the id value from the post if it wasnt in the get
- #if ($_POST["htmlformatted"] == "auto")
- $htmlformatted = strip_tags($_POST["message"]) != $_POST["message"];
- #else
- # $htmlformatted = $_POST["htmlformatted"];
- # sanitise the header fields, what else do we need to check on?
- if (preg_match("/\n|\r/",$_POST["from"])) {
- $from = "";
- } else {
- $from = $_POST["from"];
- }
- if (preg_match("/\n|\r/",$_POST["msgsubject"])) {
- $subject = "";
- } else {
- $subject = $_POST["msgsubject"];
- }
- if (preg_match("/\n|\r/",$_POST["forwardsubject"])) {
- $forwardsubject = "";
- } else {
- $forwardsubject = $_POST["forwardsubject"];
- }
- if (preg_match("/\n|\r/",$_POST["forwardmessage"])) {
- $forwardmessage = "";
- } else {
- $forwardmessage = $_POST["forwardmessage"];
- }
- if (preg_match("/\n|\r/",$_POST["forwardfooter"])) {
- $forwardfooter = "";
- } else {
- $forwardfooter = $_POST["forwardfooter"];
- }
- $message = $_POST["message"];
- // If the variable isn't filled in, then the input fields don't default to the
- // values selected. Need to fill it in so a post will correctly display.
- if ((isset($_POST['year']) && is_array($_POST["year"])) || $_POST["embargo"] || $_POST["embargo"] == "0000-00-00 00:00:00") {
- $_POST["embargo"] = $embargo->getDate() ." ".$embargo->getTime().':00';
- }
- if ((isset($_POST['year']) && is_array($_POST["year"])) || !$_POST["repeatuntil"] || $_POST["repeatuntil"] == "0000-00-00 00:00:00") {
- $_POST["repeatuntil"] = $repeatuntil->getDate() ." ".$repeatuntil->getTime().':00';
- }
- if (!isset($_SESSION["fckeditor_height"])) {
- $_SESSION["fckeditor_height"] = getConfig("fckeditor_height");
- }
- if (isset($_POST['expand']) && $_POST["expand"]) {
- // request to expand editor area
- // $defaultheight = getConfig("fckeditor_height");
- // SaveConfig("fckeditor_height",$curheight+100,1);
- $_SESSION["fckeditor_height"] += 100;
- }
- if (isset($_REQUEST['prepare'])) {
- $prepare = $_REQUEST['prepare'];
- } else {
- $prepare = '';
- }
- #actions and store in database#######################
- if ($send || $sendtest || $prepare || $save) {
- if ($save || $sendtest) {
- // We're just saving, not sending.
- if (!isset($_POST['status']) || $_POST["status"] == "") {
- // No status - move to draft state
- $status = "draft";
- } else {
- // Keep the status the same
- $status = $_POST["status"];
- }
- } elseif ($send) {
- // We're sending - change state to "send-it" status!
- if (is_array($_POST["targetlist"]) && sizeof($_POST["targetlist"]) && $subject && $from && $message && !$duplicate_attribute) {
- $status = "submitted";
- } else {
- if (USE_PREPARE) {
- $status = "prepared";
- } else {
- $status = "draft";
- }
- }
- }
- if (ENABLE_RSS && $_POST["rsstemplate"]) {
- # mark previous RSS templates with this frequency and owner as sent
- # this should actually be much more complex than this:
- # templates should be allowed by list and therefore a subset of lists, but
- # for now we leave it like this
- # the trouble is that this may duplicate RSS messages to users, because
- # it can cause multiple template for lists. The user_rss should handle that, but it is
- # not guaranteed which message will be used.
- # Sql_Query(sprintf('update %s set status = "sent" where rsstemplate = "%s" and owner = %d',
- # $tables["message"],$_POST["rsstemplate"],$_SESSION["logindetails"]["id"]));
- # with RSS message we enforce repeat
- switch ($_POST["rsstemplate"]) {
- case "weekly": $_POST["repeatinterval"] = 10080; break;
- case "monthly": $_POST["repeatinterval"] = 40320; break;
- case "daily":
- default: $_POST["repeatinterval"] = 1440; break;
- }
- $_POST["repeatuntil"] = date("Y-m-d H:i:00",mktime(0,0,0,date("m"),date("d"),date("Y")+1));
- }
- if (!$htmlformatted && strip_tags($_POST["message"]) != $_POST["message"])
- $errormsg = '<span class="error">'.$GLOBALS['I18N']->get("htmlusedwarning").'</span>';
- $query = sprintf('update %s set '.
- 'subject = "%s", '.
- 'fromfield = "%s", '.
- 'tofield = "%s", '.
- 'replyto = "%s", '.
- 'embargo = "%s", '.
- 'repeatinterval = %d, '.
- 'repeatuntil = "%s", '.
- 'message = "%s", '.
- 'textmessage = "%s", '.
- 'footer = "%s", '.
- 'status = "%s", '.
- 'htmlformatted = %d, '.
- 'sendformat = "%s", '.
- 'template = %d, '.
- 'rsstemplate = "%s" '.
- 'where id = %d',
- $tables["message"],
- addslashes($subject),
- addslashes($from),
- addslashes($_POST["tofield"]),
- addslashes($_POST["replyto"]),
- $_POST["embargo"],
- $_POST["repeatinterval"],
- $_POST["repeatuntil"],
- addslashes($_POST["message"]),
- addslashes($_POST["textmessage"]),
- addslashes($_POST["footer"]),
- $status,
- $htmlformatted,
- $_POST["sendformat"],
- $_POST["template"],
- $_POST["rsstemplate"],
- $id);
- # print $query;
- $result = Sql_query($query);
- $messageid = $id;
- # print "Message ID: $id";
- # exit;
- if (!$GLOBALS["has_pear_http_request"] && preg_match("/\[URL:/i",$_POST["message"])) {
- print Warn($GLOBALS['I18N']->get('warnnopearhttprequest'));
- }
- // More "Insert only" stuff here (no need to change it on an edit!)
- if (isset($_POST["targetlist"]) && is_array($_POST["targetlist"])) {
- Sql_query("delete from {$tables["listmessage"]} where messageid = $messageid");
- if ( (isset($_POST["targetlist"]["all"]) && $_POST["targetlist"]["all"] == "on") ||
- (isset($_POST["targetlist"]["allactive"]) && $_POST["targetlist"]["allactive"] == "on")
- )
- {
- $res = Sql_query("select * from $tables[list] $subselect");
- while($row = Sql_fetch_array($res)) {
- $listid = $row["id"];
- if ($row["active"] || $_POST["targetlist"]["all"] == "on") {
- $result = Sql_query("insert ignore into $tables[listmessage] (messageid,listid,entered) values($messageid,$listid,now())");
- }
- }
- } else {
- foreach($_POST["targetlist"] as $listid => $val) {
- $result = Sql_query("insert ignore into $tables[listmessage] (messageid,listid,entered) values($messageid,$listid,now())");
- }
- }
- } else {
- # mark this message as listmessage for list 0
- $result = Sql_query("insert ignore into $tables[listmessage] (messageid,listid,entered) values($messageid,0,now())");
- }
- if (USE_LIST_EXCLUDE) {
- if (isset($_POST["excludelist"]) && is_array($_POST["excludelist"])) {
- $exclude = join(",",$_POST["excludelist"]);
- Sql_Query(sprintf('replace into %s (name,id,data) values("excludelist",%d,"%s")',$tables["messagedata"],$messageid,$exclude));
- } else {
- Sql_Query(sprintf('replace into %s (name,id,data) values("excludelist",%d,"%s")',$tables["messagedata"],$messageid,0));
- }
- }
- #0013076: different content when forwarding 'to a friend'
- if (FORWARD_ALTERNATIVE_CONTENT && $_GET['tab'] == 'Forward') {
- foreach( array('forwardsubject', 'forwardmessage', 'forwardfooter') as $var) {
- Sql_Query(sprintf('replace into %s (name,id,data) values("%s",%d,"%s")',
- $tables["messagedata"], $var, $messageid, addslashes($_REQUEST[$var])));
- }
- }
- # we want to create a join on tables as follows, in order to find users who have their attributes to the values chosen
- # (independent of their list membership).
- # select
- # table1.userid from user_attribute as table1
- # left join user_attribute as table2 on table1.userid = table2.userid
- # left join user_attribute as table3 on table1.userid = table3.userid
- # ...
- # where
- # table1.attributeid = 2 and table1.value in (1,2,3,4)
- # and table2.attributeid = 1 and table2.value in (3,15)
- # and table3.attributeid = 3 and table3.value in (4,5,6)
- # ...
- # check the criterias, create the selection query
- $used_tables = array();
- for ($i=1;$i<=NUMCRITERIAS;$i++) {
- if (isset($_POST["use"][$i])) {
- $attribute = $_POST["criteria"][$i];
- $type = $_POST["attrtype"][$attribute];
- switch($type) {
- case "checkboxgroup":
- $values = "attr$attribute$i";
- $or_clause = '';
- if (isset($where_clause)) {
- $where_clause .= " and ";
- $select_clause .= " left join $tables[user_attribute] as table$i on table$first.userid = table$i.userid ";
- } else {
- $select_clause = "table$i.userid from $tables[user_attribute] as table$i ";
- $first = $i;
- }
- $where_clause .= "table$i.attributeid = $attribute and (";
- if (is_array($_POST[$values])) {
- foreach ($_POST[$values] as $val) {
- if ($or_clause != '') {
- $or_clause .= " or ";
- }
- $or_clause .= "find_in_set('$val',table$i.value) > 0";
- }
- }
- $where_clause .= $or_clause . ")";
- break;
- case "checkbox":
- $values = "attr$attribute$i";
- $value = $_POST[$values][0];
- if (isset($where_clause)) {
- $where_clause .= " and ";
- $select_clause .= " left join $tables[user_attribute] as table$i on table$first.userid = table$i.userid ";
- } else {
- $select_clause = "table$i.userid from $tables[user_attribute] as table$i ";
- $first = $i;
- }
- $where_clause .= "table$i.attributeid = $attribute and ";
- if ($value) {
- $where_clause .= "( length(table$i.value) and table$i.value != \"off\" and table$i.value != \"0\") ";
- } else {
- $where_clause .= "( table$i.value = \"\" or table$i.value = \"0\" or table$i.value = \"off\") ";
- }
- break;
- default:
- $values = "attr$attribute$i";
- if (isset($where_clause)) {
- $where_clause .= " and ";
- $select_clause .= " left join $tables[user_attribute] as table$i on table$first.userid = table$i.userid ";
- } else {
- $select_clause = "table$i.userid from $tables[user_attribute] as table$i ";
- $first = $i;
- }
- $where_clause .= "table$i.attributeid = $attribute and table$i.value in (";
- $list = array();
- if (is_array($_POST[$values])) {
- while (list($key,$val) = each ($_POST[$values]))
- array_push($list,$val);
- }
- $where_clause .= join(", ",$list) . ")";
- }
- }
- }
- # if no selection was made, use all
- if (!isset($where_clause)) {
- $count_query = "";
- # $count_query = addslashes("select distinct userid from $tables[user_attribute]");
- } else {
- $count_query = addslashes("select $select_clause where $where_clause");
- Sql_query("update $tables[message] set userselection = \"$count_query\" where id = $messageid");
- }
- # commented, because this could take too long
- # Sql_Query($count_query);
- # $num = Sql_Affected_rows();
- # new criteria system, add one by one:
- if (isset($_POST["criteria_attribute"]) && $_POST["criteria_attribute"]) {
- $operator = $_POST["criteria_operator"];
- if (is_array($_POST["criteria_values"])) {
- $values = join(", ",$_POST["criteria_values"]);
- $values = cleanCommaList($values);
- } else {
- $values = $_POST["criteria_values"];
- }
- foreach ($_POST["attribute_names"] as $key => $val) {
- $att_names[$key] = $val;
- }
- $newcriterion = array(
- "attribute" => sprintf('%d',$_POST["criteria_attribute"]),
- "attribute_name" => $att_names[$_POST["criteria_attribute"]],
- "operator" => $operator,
- "values" => $values,
- );
- # find out what number we are
- $numarr = Sql_Fetch_Row_Query(sprintf('select data from %s where id = %d and name = "numcriteria"',
- $tables["messagedata"],$messageid));
- $num = sprintf('%d',$numarr[0]+1);
- # store this one
- # print $att_names[$_POST["criteria_attribute"]];
- # print $_POST["attribute_names[".$_POST["criteria_attribute"]."]"];
- print "<p>".$GLOBALS['I18N']->get("adding")." ".$newcriterion["attribute_name"]." ".$newcriterion["operator"]." ".$newcriterion["values"]."</p>";
- Sql_Query(sprintf('insert into %s (name,id,data) values("criterion%d",%d,"%s")',
- $tables["messagedata"],$num,$messageid,delimited($newcriterion)));
- # increase number
- Sql_Query(sprintf('replace into %s (name,id,data) values("numcriteria",%d,"%s")',
- $tables["messagedata"],$messageid,$num));
- # save overall operator
- }
- if (isset($_POST["criteria_match"])) {
- Sql_Query(sprintf('replace into %s (name,id,data) values("criteria_overall_operator",%d,"%s")',
- $tables["messagedata"],$messageid,$_POST["criteria_match"]));
- }
- if (isset($_POST['notify_start']) && $_POST['notify_start']) {
- Sql_Query(sprintf('replace into %s set name = "notify_start",id = %d,data = "%s"',
- $GLOBALS['tables']['messagedata'],$id,$_POST['notify_start']));
- }
- if (isset($_POST['notify_end']) && $_POST['notify_end']) {
- Sql_Query(sprintf('replace into %s set name = "notify_end",id = %d,data = "%s"',
- $GLOBALS['tables']['messagedata'],$id,$_POST['notify_end']));
- }
- if (ALLOW_ATTACHMENTS && isset($_FILES) && is_array($_FILES) && sizeof($_FILES) > 0) {
- for ($att_cnt = 1;$att_cnt <= NUMATTACHMENTS;$att_cnt++) {
- $fieldname = "attachment".$att_cnt;
- $tmpfile = $_FILES[$fieldname]['tmp_name'];
- $remotename = $_FILES[$fieldname]["name"];
- $type = $_FILES[$fieldname]["type"];
- $newtmpfile = $remotename.time();
- move_uploaded_file($tmpfile, $GLOBALS['tmpdir'].'/'. $newtmpfile);
- if (is_file($GLOBALS['tmpdir'].'/'.$newtmpfile) && filesize($GLOBALS['tmpdir'].'/'.$newtmpfile)) {
- $tmpfile = $GLOBALS['tmpdir'].'/'.$newtmpfile;
- }
- if (strlen($_POST[$type]) > 255)
- print Warn($GLOBALS['I18N']->get("longmimetype"));
- $description = $_POST[$fieldname."_description"];
- if ($tmpfile && filesize($tmpfile) && $tmpfile != "none") {
- list($name,$ext) = explode(".",basename($remotename));
- # create a temporary file to make sure to use a unique file name to store with
- $newfile = tempnam($GLOBALS["attachment_repository"],$name);
- $newfile .= ".".$ext;
- $newfile = basename($newfile);
- $file_size = filesize($tmpfile);
- $fd = fopen( $tmpfile, "r" );
- $contents = fread( $fd, filesize( $tmpfile ) );
- fclose( $fd );
- if ($file_size) {
- # this may seem odd, but it allows for a remote (ftp) repository
- # also, "copy" does not work across filesystems
- $fd = fopen($GLOBALS["attachment_repository"]."/".$newfile, "w" );
- fwrite( $fd, $contents );
- fclose( $fd );
- Sql_query(sprintf('insert into %s (filename,remotefile,mimetype,description,size) values("%s","%s","%s","%s",%d)',
- $tables["attachment"],
- basename($newfile),$remotename,$type,$description,$file_size)
- );
- $attachmentid = Sql_Insert_id();
- Sql_query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)',
- $tables["message_attachment"],$messageid,$attachmentid));
- if (is_file($tmpfile)) {
- unlink($tmpfile);
- }
- # do a final check
- if (filesize($GLOBALS["attachment_repository"]."/".$newfile))
- print Info($GLOBALS['I18N']->get("addingattachment")." ".$att_cnt . " .. ok");
- else
- print Info($GLOBALS['I18N']->get("addingattachment")." ".$att_cnt." .. failed");
- } else {
- print Warn($GLOBALS['I18N']->get("uploadfailed"));
- }
- } elseif ($_POST["localattachment".$att_cnt]) {
- $type = findMime(basename($_POST["localattachment".$att_cnt]));
- Sql_query(sprintf('insert into %s (remotefile,mimetype,description,size) values("%s","%s","%s",%d)',
- $tables["attachment"],
- $_POST["localattachment".$att_cnt],$type,$description,filesize($_POST["localattachment".$att_cnt]))
- );
- $attachmentid = Sql_Insert_id();
- Sql_query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)',
- $tables["message_attachment"],$messageid,$attachmentid));
- print Info($GLOBALS['I18N']->get("addingattachment")." ".$att_cnt. " mime: $type");
- }
- }
- }
- if ($_POST["id"]) {
- print "<h3>".$GLOBALS['I18N']->get("saved")."</H3><br/>";
- } else {
- $id = $messageid; // New ID - need to set it for later use (test email).
- print "<h3>".$GLOBALS['I18N']->get("added")."</H3><br/>";
- }
- // If we're sending the message, just return now to the calling script
- # we only need to check that everything is there, once we actually want to send
- if ($send && $subject && $from && $message && !$duplicate_atribute && sizeof($_POST["targetlist"])) {
- if ($status == "submitted") {
- print "<h3>".$GLOBALS['I18N']->get("queued")."</h3>";
- print '<p>'.PageLink2("processqueue",$GLOBALS['I18N']->get("processqueue")).'</p>';
- }
- $done = 1;
- return;
- } elseif ($send || $sendtest) {
- $errormessage = "";
- if ($subject != stripslashes($_POST["subject"])) {
- $errormessage = $GLOBALS['I18N']->get("errorsubject");
- } elseif ($from != $_POST["from"]) {
- $errormessage = $GLOBALS['I18N']->get("errorfrom");
- } elseif (!$from) {
- $errormessage = $GLOBALS['I18N']->get("enterfrom");
- } elseif (!$message) {
- $errormessage = $GLOBALS['I18N']->get("entermessage");
- } elseif (!$subject) {
- $errormessage = $GLOBALS['I18N']->get("entersubject");
- } elseif ($duplicate_attribute) {
- $errormessage = $GLOBALS['I18N']->get("duplicateattribute");
- } elseif ($send && !is_array($_POST["targetlist"])) {
- $errormessage = $GLOBALS['I18N']->get("selectlist");
- }
- echo "<font color=red size=+2>$errormessage</font><br>\n";
- }
- // OK, the message has been saved, now check to see if we need to send a test message
- if ($sendtest) {
- echo "<HR>";
- // Let's send test messages to everyone that was specified in the
- if ($_POST["testtarget"] == "") {
- print "<font color=red size=+2>".$GLOBALS['I18N']->get("notargetemail")."</font><br>";
- }
- if (isset($cached))
- unset($cached[$id]);
- include "sendemaillib.php";
- // OK, let's get to sending!
- $emailaddresses = split('[/,,/;]', $_POST["testtarget"]);
- foreach ($emailaddresses as $address) {
- $address = trim($address);
- $result = Sql_query(sprintf('select id,email,uniqid,htmlemail,rssfrequency,confirmed from %s where email = "%s"',$tables["user"],$address));
- if ($user = Sql_fetch_array($result)) {
- if ( FORWARD_ALTERNATIVE_CONTENT && $_GET['tab'] == 'Forward') {
- if (SEND_ONE_TESTMAIL) {
- $success = sendEmail($id, $address, $user["uniqid"], $user['htmlemail'], array(), array($address) );
- } else {
- $success = sendEmail($id, $address, $user["uniqid"], 1, array(), array($address) ) && sendEmail($id, $address, $user["uniqid"], 0, array(), array($address));
- }
- } else {
- if (SEND_ONE_TESTMAIL) {
- $success = sendEmail($id, $address, $user["uniqid"], $user['htmlemail']);
- } else {
- $success = sendEmail($id, $address, $user["uniqid"], 1) && sendEmail($id, $address, $user["uniqid"], 0);
- }
- }
- print $GLOBALS['I18N']->get("sentemailto").": $address ";
- if (!$success) {
- print $GLOBALS['I18N']->get('failed');
- } else {
- print $GLOBALS['I18N']->get('success');
- }
- print '<br/>';
- } else {
- print "<font color=red>".$GLOBALS['I18N']->get("emailnotfound").": $address</font><br>";
- }
- }
- echo "<HR>";
- }
- } elseif (isset($_POST["deleteattachments"]) && is_array($_POST["deleteattachments"]) && $id) {
- if (ALLOW_ATTACHMENTS) {
- // Delete Attachment button hit...
- $deleteattachments = $_POST["deleteattachments"];
- foreach($deleteattachments as $attid)
- {
- $result = Sql_Query(sprintf("Delete from %s where id = %d and messageid = %d",
- $tables["message_attachment"],
- $attid,
- $id));
- print Info($GLOBALS['I18N']->get("removedattachment")." ".$att_cnt);
- // NOTE THAT THIS DOESN'T ACTUALLY DELETE THE ATTACHMENT FROM THE DATABASE, OR
- // FROM THE FILE SYSTEM - IT ONLY REMOVES THE MESSAGE / ATTACHMENT LINK. THIS
- // SHOULD PROBABLY BE CORRECTED, BUT I (Pete Ness) AM NOT SURE WHAT OTHER IMPACTS
- // THIS MAY HAVE.
- // (My thoughts on this are to check for any orphaned attachment records and if
- // there are any, to remove it from the disk and then delete it from the database).
- }
- }
- }
- # load all message data
- $messagedata = loadMessageData($id);
- #0013076: different content when forwarding 'to a friend'
- if (FORWARD_ALTERNATIVE_CONTENT) {
- foreach( array('forwardsubject', 'forwardmessage', 'forwardfooter') as $var) {
- if (isset($_REQUEST[$var])) {
- ${$var} = stripslashes($_REQUEST[$var]);
- } else {
- ${$var} = stripslashes($messagedata[$var]);
- }
- }
- if (!$forwardfooter)
- $forwardfooter = getConfig("forwardfooter");
- }
- ##############################
- # Stacked attributes, processing and calculation
- ##############################
- if (STACKED_ATTRIBUTE_SELECTION) {
- # read criteria and parse it into a user query
- $num = sprintf('%d',isset($messagedata['numcriteria']) ? $messagedata['numcriteria']: 0);
- # print '<br/>'.$num . " criteria already defined";
- $ls = new WebblerListing($GLOBALS['I18N']->get("existingcriteria"));
- $used_attributes = array();
- $delete_base = sprintf('%s&id=%d&tab=%s',$_GET["page"],$_GET["id"],$_GET["tab"]);
- $tc = 0; # table counter
- if (!isset($messagedata['criteria_overall_operator'])) {
- $messagedata['criteria_overall_operator'] = '';
- }
- $mainoperator = $messagedata['criteria_overall_operator'] == "all"? ' and ':' or ';
- $subqueries = array();
- for ($i = 1; $i<=$num;$i++) {
- $crit_data = parseDelimitedData($messagedata[sprintf('criterion%d',$i)]);
- if ($crit_data["attribute"]) {
- array_push($used_attributes,$crit_data["attribute"]);
- $ls->addElement('<!--'.$crit_data["attribute"].'-->'.$crit_data["attribute_name"]);
- $ls->addColumn('<!--'.$crit_data["attribute"].'-->'.$crit_data["attribute_name"],$GLOBALS['I18N']->get('operator'),$GLOBALS['I18N']->get($crit_data["operator"]));
- $ls->addColumn('<!--'.$crit_data["attribute"].'-->'.$crit_data["attribute_name"],$GLOBALS['I18N']->get('values'),$crit_data["values"]);
- $ls->addColumn('<!--'.$crit_data["attribute"].'-->'.$crit_data["attribute_name"],$GLOBALS['I18N']->get('remove'),PageLink2($delete_base."&deleterule=".$i,$GLOBALS['I18N']->get("remove")));
- if (isset($_POST["criteria"][$i])) {
- $attribute = $_POST["criteria"][$i];
- } else {
- $attribute = '';
- }
- ## fix 6063
- # $crit_data["values"] = str_replace(" ,", "",$crit_data["values"]);
- $crit_data['values'] = cleanCommaList($crit_data["values"]);
- # hmm, rather get is some other way, this is a bit unnecessary
- $type = Sql_Fetch_Row_Query("select type from {$tables["attribute"]} where id = ".$crit_data["attribute"]);
- $operator = $where_clause = $select_clause = "";
- switch($type[0]) {
- case "checkboxgroup":
- $or_clause = '';
- if ($tc) {
- $where_clause .= " $mainoperator ";
- $select_clause .= " left join $tables[user_attribute] as table$tc on table0.userid = table$tc.userid ";
- } else {
- $select_clause = "table$tc.userid from $tables[user_attribute] as table$tc ";
- }
- $where_clause .= " ( table$tc.attributeid = ".$crit_data["attribute"]." and (";
- if ($crit_data["operator"] == "is") {
- $operator = ' or ';
- $compare = ' > ';
- } else {
- $operator = ' and ';
- $compare = ' < ';
- }
- foreach (explode(",",$crit_data["values"]) as $val) {
- if ($or_clause != '') {
- $or_clause .= " $operator ";
- }
- $or_clause .= "find_in_set('$val',table$tc.value) $compare 0";
- }
- $where_clause .= $or_clause . ") ) ";
- $subqueries[$i]['query'] = sprintf('select userid from %s as table%d where attributeid = %d
- and ( %s )',$GLOBALS['tables']['user_attribute'],$tc,$crit_data['attribute'],$or_clause);
- break;
- case "checkbox":
- $value = $crit_data["values"][0];
- if ($tc) {
- $where_clause .= " $mainoperator ";
- $select_clause .= " left join $tables[user_attribute] as table$tc on table0.userid = table$tc.userid ";
- } else {
- $select_clause = "table$tc.userid from $tables[user_attribute] as table$tc";
- }
- $where_clause .= " ( table$tc.attributeid = ".$crit_data["attribute"]." and ";
- if ($crit_data["operator"] == "isnot") {
- $where_clause .= ' not ';
- }
- $valueselect = '';
- if ($value) {
- $valueselect = " length(table$tc.value) and table$tc.value != \"off\" and table$tc.value != \"0\" ";
- } else {
- $valueselect = " table$tc.value = \"\" or table$tc.value = \"0\" or table$tc.value = \"off\" ";
- }
- $where_clause .= '( '.$valueselect . ') ) ';
- $subqueries[$i]['query'] = sprintf('select userid from %s as table%d where attributeid = %d
- and ( %s )',$GLOBALS['tables']['user_attribute'],$tc,$crit_data['attribute'],$valueselect);
- break;
- case "date":
- $date_value = parseDate($crit_data["values"]);
- if (!$date_value) {
- break;
- }
- if (isset($where_clause)) {
- $where_clause .= " $mainoperator ";
- $select_clause .= " left join $tables[user_attribute] as table$tc on table0.userid = table$tc.userid ";
- } else {
- $select_clause = " table$tc.userid from $tables[user_attribute] as table$tc ";
- }
- $where_clause .= ' ( table'.$tc.'.attributeid = '.$crit_data["attribute"].' and table'.$tc.'.value != "" and table'.$tc.'.value ';
- $dateoperator = '';
- switch ($crit_data["operator"]) {
- case "is":
- $where_clause .= ' = "'.$date_value . '" )';$dateoperator = '=';break;
- case "isnot":
- $where_clause .= ' != "'.$date_value . '" )';$dateoperator = '!=';break;
- case "isbefore":
- $where_clause .= ' <= "'.$date_value . '" )';$dateoperator = '<=';break;
- case "isafter":
- $where_clause .= ' >= "'.$date_value . '" )';$dateoperator = '>=';break;
- }
- # $where_clause .= " )";
- $subqueries[$i]['query'] = sprintf('select userid from %s where attributeid = %d and value != "" and value %s "%s" ',$GLOBALS['tables']['user_attribute'],
- $crit_data['attribute'],
- $dateoperator,
- $date_value);
- break;
- default:
- if (isset($where_clause)) {
- $where_clause .= " $mainoperator ";
- $select_clause .= " left join $tables[user_attribute] as table$tc on table0.userid = table$tc.userid ";
- } else {
- $select_clause = " table$tc.userid from $tables[user_attribute] as table$tc ";
- }
- $where_clause .= " ( table$tc.attributeid = ".$crit_data["attribute"]." and table$tc.value ";
- if ($crit_data["operator"] == "isnot") {
- $where_clause .= ' not in (';
- } else {
- $where_clause .= ' in (';
- }
- $where_clause .= cleanCommaList($crit_data["values"]) . ") )";
- $subqueries[$i]['query'] = sprintf('select userid from %s
- where attributeid = %d and
- value %s in (%s) ',$GLOBALS['tables']['user_attribute'],
- $crit_data['attribute'],
- $crit_data["operator"] == "isnot" ? 'not' :'',
- $crit_data["values"]);
- }
- $tc++;
- }
- }
- $existing_criteria = '';
- if (sizeof($subqueries)) {
- # $count_query = "select distinct $select_clause where $where_clause";
- # $count_query = addslashes($count_query);
- if (!empty($_GET["calculate"])) {
- ob_end_flush();
- # print "<h1>$count_query</h1>";
- print "<p>".$GLOBALS['I18N']->get("calculating")." ...";
- flush();
- }
- foreach ($subqueries as $qid => $querydetails) {
- $req = Sql_Query($querydetails['query']);
- $subqueries[$qid]['results'] = array();
- while ($row = Sql_Fetch_Row($req)) {
- array_push($subqueries[$qid]['results'],$row[0]);
- }
- }
- $first = array_shift($subqueries);
- $userids = $first['results'];
- foreach ($subqueries as $subquery) {
- if ($messagedata['criteria_overall_operator'] == 'all') {
- $userids = array_intersect($userids,$subquery['results']);
- } else {
- $userids = array_merge($userids,$subquery['results']);
- }
- }
- $userids = array_unique($userids);
- $num_users = sizeof($userids);
- $count_query = sprintf('select * from %s where id in (%s)',$GLOBALS['tables']['user'],join(', ',$userids));
- if (!empty($_GET["calculate"])) {
- printf('.. '.$GLOBALS['I18N']->get('%d users apply'),$num_users).'</p>';
- }
- if ($messageid) {
- Sql_query(sprintf('update %s set userselection = "%s" where id = %d',
- $tables["message"],addslashes($count_query),$messageid));
- }
- if (!isset($_GET['calculate'])) {
- $ls->addButton($GLOBALS['I18N']->get("calculate"),$baseurl.'&tab='.$_GET["tab"].'&calculate=1');
- } else {
- $ls->addButton($GLOBALS['I18N']->get("reload"),$baseurl.'&tab='.$_GET["tab"]);
- }
- $existing_criteria = $ls->display();
- } else {
- if ($messageid) {
- Sql_query(sprintf('update %s set userselection = "" where id = %d',
- $tables["message"],$messageid));
- }
- }
- } // end of define STACKED_ATTRIBUTES
- ##############################
- # Stacked attributes, end
- ##############################
- // Pull in $footer variable from post
- if (isset($_POST["footer"]))
- $footer = $_POST["footer"];
- // If $id wasn't passed in (if it was passed, then $_POST should have
- // the database value in it already, and if it's empty, then we should
- // leave it empty) and $footer is blank, load the default.
- if (!$footer)
- $footer = getConfig("messagefooter");
- echo $errormsg;
- if (!$done) {
- if (ALLOW_ATTACHMENTS) {
- $enctype = 'enctype="multipart/form-data"';
- } else {
- $enctype = '';
- }
- #$baseurl = sprintf('./?page=%s&id=%d',$_GET["page"],$_GET["id"]);
- if ($_GET["id"]) {
- $tabs = new WebblerTabs();
- $tabs->addTab($GLOBALS['I18N']->get("Content"),"$baseurl&tab=Content");
- if (FORWARD_ALTERNATIVE_CONTENT) {
- $tabs->addTab($GLOBALS['I18N']->get("Forward"),"$baseurl&tab=Forward");
- }
- $tabs->addTab($GLOBALS['I18N']->get("Format"),"$baseurl&tab=Format");
- if (ALLOW_ATTACHMENTS) {
- $tabs->addTab($GLOBALS['I18N']->get("Attach"),"$baseurl&tab=Attach");
- }
- $tabs->addTab($GLOBALS['I18N']->get("Scheduling"),"$baseurl&tab=Scheduling");
- # if (USE_RSS) {
- # $tabs->addTab("RSS","$baseurl&tab=RSS");
- # }
- $tabs->addTab($GLOBALS['I18N']->get("Criteria"),"$baseurl&tab=Criteria");
- $tabs->addTab($GLOBALS['I18N']->get("Lists"),"$baseurl&tab=Lists");
- # $tabs->addTab("Review and Send","$baseurl&tab=Review");
- $tabs->addTab($GLOBALS['I18N']->get("Misc"),"$baseurl&tab=Misc");
- if ($_GET["tab"]) {
- $tabs->setCurrent($GLOBALS['I18N']->get($_GET["tab"]));
- } else {
- $tabs->setCurrent($GLOBALS['I18N']->get("Content"));
- }
- if (defined("WARN_SAVECHANGES")) {
- $tabs->addLinkCode(' onClick="return savechanges();" ');
- }
- print $tabs->display();
- }
- ?>
- <p></p>
- <script language="Javascript">
- // some debugging stuff to see what happens
- function checkForm() {
- return true;
- for (var i=0;i<document.sendmessageform.elements.length;i++) {
- alert(document.sendmessageform.elements[i].name+" "+document.sendmessageform.elements[i].value);
- }
- return true;
- }
- // detection of unsaved changes,
- var browser = navigator.appName.substring ( 0, 9 );
- var changed = 0; function haschanged() {changed = 1; }
- function savechanges() { if (changed) { if (confirm("<?php echo str_replace('"','"',reverse_htmlentities($GLOBALS['I18N']->get("unsavedchanges")))?>")) return true; else return false; return false;}}
- //'
- var event_number = 0;if (browser=="Microsoft") { document.onkeydown=haschanged; document.onchange=haschanged;} else if (browser=="Netscape") { document.captureEvents(Event.KEYDOWN); document.captureEvents(Event.CHANGE); document.onkeydown=haschanged;document.onchange=haschanged;}
- function submitform() { document.sendmessageform.submit() }
- </script>
- <?php
- print formStart($enctype . ' name="sendmessageform"');
- #print '<form method="post" enctype="multipart/form-data" name="sendmessageform" onSubmit="return checkForm()">';
- print '<input type=hidden name="workaround_fck_bug" value="1">';
- if ($_GET["page"] == "preparemessage")
- print Help("preparemessage",$GLOBALS['I18N']->get("whatisprepare"));
- if (!defined("IN_WEBBLER")) {
- if (!$from && is_object($GLOBALS["admin_auth"]) && $GLOBALS['require_login']) {
- $adminemail = $GLOBALS["admin_auth"]->adminEmail($_SESSION["logindetails"]["id"]);
- if ($adminemail && USE_ADMIN_DETAILS_FOR_MESSAGES) {
- $from = $GLOBALS["admin_auth"]->adminName($_SESSION["logindetails"]["id"]).' '.$adminemail;
- } else {
- $from = getConfig("message_from_name") . ' '.getConfig("message_from_address");
- }
- }
- }
- $formatting_content = '<table>';
-
- #0013076: different content when forwarding 'to a friend'
- // value="'.htmlentities($subject,ENT_QUOTES,'UTF-8').'" size=40></td></tr> --> previous code in line 1032
- // value="'.htmlentities($from,ENT_QUOTES,'UTF-8').'" size=40></td></tr> --> previous code in line 1038
- $tmp = '<table>';
- $maincontent = $tmp;
- $forwardcontent = $tmp;
- $scheduling_content = '<table>';
- // custom code - start
- $utf8_subject = $subject;
- $utf8_from = $from;
- if (strcasecmp($GLOBALS['strCharSet'], 'utf-8') <> 0 && function_exists('iconv')) {
- $utf8_subject = iconv($GLOBALS['strCharSet'],'UTF-8',$utf8_subject);
- $utf8_from = iconv($GLOBALS['strCharSet'],'UTF-8',$utf8_from);
- }
- $maincontent .= '
- <tr><td>'.Help("subject").' '.$GLOBALS['I18N']->get("Subject").':</td>
- <td><input type=text name="msgsubject"
- value="'.htmlentities($utf8_subject,ENT_QUOTES,'UTF-8').'" size=40></td></tr>
- <tr>
- <td colspan=2>
- </td></tr>
- <tr><td>'.Help("from").' '.$GLOBALS['I18N']->get("fromline").':</td>
- <td><input type=text name=from
- value="'.htmlentities($utf8_from,ENT_QUOTES,'UTF-8').'" size=40></td></tr>
- <tr><td colspan=2>
- </td></tr>';
- // custom code - end
- #0013076: different content when forwarding 'to a friend'
- $forwardcontent .= $GLOBALS['I18N']->get("When a user forwards to a friend," .
- " the friend will receive this message instead of the one on the content tab.").
- '<tr><td>'.Help("subject").' '.$GLOBALS['I18N']->get("Subject").':</td>
- <td><input type=text name="forwardsubject"
- value="'.htmlentities($forwardsubject,ENT_QUOTES,'UTF-8').'" size=40></td></tr>
- <tr>
- <td colspan=2>
- </td></tr>
- <td colspan=2>
- </td></tr>';
- $scheduling_content .= '
- <tr><td>'.Help("embargo").' '.$GLOBALS['I18N']->get("embargoeduntil").':</td>
- <td>'.$embargo->showInput("embargo","",$_POST["embargo"]).'</td></tr>
- </td></tr>';
- if (USE_REPETITION) {
- $repeatinterval = $_POST["repeatinterval"];
- $scheduling_content .= '
- <tr><td>'.Help("repetition").' '.$GLOBALS['I18N']->get("repeatevery").':</td><td>
- <select name="repeatinterval">
- <option value="0"';
- if ($repeatinterval == 0) { $scheduling_content .= " SELECTED"; }
- $scheduling_content .= '>-- '.$GLOBALS['I18N']->get("norepetition").'</option>
- <option value="60"';
- if ($repeatinterval == 60) { $scheduling_content .= " SELECTED"; }
- $scheduling_content .= '>'.$GLOBALS['I18N']->get("hour").'</option>
- <option value="1440"';
- if ($repeatinterval == 1440) { $scheduling_content .= " SELECTED"; }
- $scheduling_content .= '>'.$GLOBALS['I18N']->get("day").'</option>
- <option value="10080"';
- if ($repeatinterval == 10080) { $scheduling_content .= " SELECTED"; }
- $scheduling_content .= '>'.$GLOBALS['I18N']->get("week").'</option>
- </select>
- </td></tr>
- </td></tr>
- <tr><td> '.$GLOBALS['I18N']->get("repeatuntil").':</td><td>'.$repeatuntil->showInput("repeatuntil","",$_POST["repeatuntil"]).'</td></tr>
- </td></tr>';
- }
- /*
- $formatting_content .= '
- <tr><td colspan=2>'.Help("format").' '.$GLOBALS['I18N']->get("format").': <b>'.$GLOBALS['I18N']->get("autodetect").'</b>
- <input type=radio name="htmlformatted" value="auto" ';
- $formatting_content .= !isset($htmlformatted) || $htmlformatted == "auto"?"checked":"";
- $formatting_content .= '>
- <b>'.$GLOBALS['I18N']->get("html").'</b> <input type=radio name="htmlformatted" value="1" ';
- $formatting_content .= $htmlformatted == "1" ?"checked":"";
- $formatting_content .= '>
- <b>'.$GLOBALS['I18N']->get("text").'</b> <input type=radio name="htmlformatted" value="0" ';
- $formatting_content .= $htmlformatted == "0" ?"checked":"";
- $formatting_content .= '></td></tr>';
- */
- $formatting_content .= '<input type=hidden name="htmlformatted" value="auto">';
- $formatting_content .= '
- <tr><td colspan=2>'.Help("sendformat").' '.$GLOBALS['I18N']->get("sendas").':
- '.$GLOBALS['I18N']->get("html").' <input type=radio name="sendformat" value="HTML" ';
- $formatting_content .= $_POST["sendformat"]=="HTML"?"checked":"";
- $formatting_content .= '>
- '.$GLOBALS['I18N']->get("text").' <input type=radio name="sendformat" value="text" ';
- $formatting_content .= $_POST["sendformat"]=="text"?"checked":"";
- $formatting_content .= '>
- ';
- if (USE_PDF) {
- $formatting_content .= $GLOBALS['I18N']->get("pdf").' <input type=radio name="sendformat" value="PDF" ';
- $formatting_content .= $_POST["sendformat"]=="PDF"?"checked":"";
- $formatting_content .= '>';
- }
- // 0009687: Confusing use of the word "Both", indicating one email with both text and html and not two emails
- // $formatting_content .= $GLOBALS['I18N']->get("textandhtml").' <input type=radio name="sendformat" value="text and HTML" ';
- // $formatting_content .= $_POST["sendformat"]=="text and HTML" || !isset($_POST["sendformat"]) ?"checked":"";
- // $formatting_content .= '>';
- if (USE_PDF) {
- $formatting_content .= $GLOBALS['I18N']->get("textandpdf").' <input type=radio name="sendformat" value="text and PDF" ';
- $formatting_content .= $_POST["sendformat"]=="text and PDF" ?"checked":"";
- $formatting_content .= ' >';
- }
- $formatting_content .= '</td></tr>';
- $req = Sql_Query("select id,title from {$tables["template"]} order by listorder");
- if (Sql_affected_Rows()) {
- $formatting_content .= '<tr><td>'.Help("usetemplate").' '.$GLOBALS['I18N']->get("usetemplate").': </td>
- <td><select name="template"><option value=0>-- '.$GLOBALS['I18N']->get("selectone").'</option>';
- $req = Sql_Query("select id,title from {$tables["template"]} order by listorder");
- while ($row = Sql_Fetch_Array($req)) {
- $formatting_content .= sprintf('<option value="%d" %s>%s</option>',$row["id"], $row["id"]==$_POST["template"]?'SELECTED':'',$row["title"]);
- }
- $formatting_content .= '</select></td></tr>';
- }
- if (ENABLE_RSS) {
- $rss_content .= '<tr><td colspan=2>'.$GLOBALS['I18N']->get("rssintro").'
- </td></tr>';
- $rss_content .= '<tr><td colspan=2><input type=radio name="rsstemplate" value="none">'.$GLOBALS['I18N']->get("none").' ';
- foreach ($rssfrequencies as $key => $val) {
- $rss_content .= sprintf('<input type=radio name="rsstemplate" value="%s" %s>%s ',$key,$_POST["rsstemplate"] == $key ? "checked":"",$val);
- }
- $rss_content .= '</td></tr>';
- }
- #0013076: different content when forwarding 'to a friend'
- $tmp = '<tr><td colspan=2>'.Help("message").' '.$GLOBALS['I18N']->get("message").'. </td></tr>
- <tr><td colspan=2>';
- $maincontent .= $tmp;
- $forwardcontent .= $tmp;
- if ($usefck) {
- $oFCKeditor = new FCKeditor('message') ;
- $oFCKeditor->BasePath = './FCKeditor/';
- //$oFCKeditor->ToolbarSet = 'Accessibility' ;
- $oFCKeditor->ToolbarSet = 'Default' ;
- // $oFCKeditor->Value = stripslashes($_POST["message"]);
- $oFCKeditor->Value = $_POST["message"];
- $w = getConfig("fckeditor_width");
- $h = getConfig("fckeditor_height");
- if ($_SESSION["fckeditor_height"]) {
- $h = sprintf('%d',$_SESSION["fckeditor_height"]);
- }
- # version 1.4
- # $maincontent .= $oFCKeditor->ReturnFCKeditor( 'message', $w.'px', $h.'px' ) ;
- # for version 2.0
- if ($h < 400) {
- $h = 400;
- }
- $oFCKeditor->Height = $h;
- $oFCKeditor->Width = $w;
- $maincontent .= $oFCKeditor->CreateHtml() ;
- $maincontent .= '</td></tr>';
- $maincontent .= '<script language="Javascript" type="text/javascript">
- function expand() {
- document.sendmessageform.expand.value = 1;
- document.sendmessageform.save.value = 1
- document.sendmessageform.submit();
- }
- </script>';
- $maincontent .= '<tr><td colspan=2 align=right><a href="javascript:expand();" class="button">'.$GLOBALS['I18N']->get("expand").'</a></td></tr>';
- } elseif ($useTinyMCE) {
- $tinyMCE_path = TINYMCEPATH;
- $tinyMCE_lang = TINYMCELANG;
- $tinyMCE_theme = TINYMCETHEME;
- $tinyMCE_opts = TINYMCEOPTS;
- $maincontent .= "<script language='javascript' type='text/javascript' src='{$tinyMCE_path}'></script>\n"
- ."<script language='javascript' type='text/javascript'>\n"
- ." tinyMCE.init({\n"
- ." mode : 'exact',\n"
- ." elements : 'message',\n"
- ." language : '{$tinyMCE_lang}',\n"
- ." theme : '{$tinyMCE_theme}'\n"
- ." {$tinyMCE_opts}\n"
- ." });\n"
- ."</script>\n"
- ."<textarea name='message' id='message' cols='65' rows='20'>{$_POST['message']}</textarea>";
-
- } else {
- $maincontent .= '<textarea name=message cols=65 rows=20>'.htmlspecialchars($_POST["message"]).'</textarea>';
- }
- #0013076: different content when forwarding 'to a friend'
- $forwardcontent .= '<textarea name=forwardmessage cols=65 rows=20>'.htmlspecialchars($forwardmessage).'</textarea>';
- #0013076: different content when forwarding 'to a friend'
- $tmp = '
- </td></tr>
- ';
- $maincontent .= $tmp;
- $forwardcontent .= $tmp;
- if (USE_MANUAL_TEXT_PART) {
- $maincontent .= '<tr><td colspan=2>
- '.$GLOBALS['I18N']->get("plaintextversion").'
- </td></tr>
- <tr><td colspan=2>
- <textarea name=textmessage cols=65 rows=20>'.$_POST["textmessage"].'</textarea>
- </td></tr>';
- }
- #0013076: different content when forwarding 'to a friend'
- $maincontent .= '<tr><td colspan=2>'.$GLOBALS['I18N']->get("messagefooter").'. <br/>
- '.$GLOBALS['I18N']->get("messagefooterexplanation").'<br/>'.
- $GLOBALS['I18N']->get("use […
Large files files are truncated, but you can click here to view the full file