/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc
Copyright (C) 2005 James Grant
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
?>
require_once("../common.inc.php");
require_once("../user.inc.php");
user_auth_required('committee', 'admin');
function launchQueue() {
if(!file_exists("../data/logs")) {
mkdir("../data/logs");
}
exec("php -q send_emailqueue.php >>../data/logs/emailqueue.log 2>&1 &");
}
/* dialog_choose
* select: comm_dialog_choose_select(emails_id)
* cancel: comm_dialog_choose_cancel() */
switch($_GET['action']) {
case 'dialog_choose_load':
$emails_id = intval($_GET['emails_id']);
$q = mysql_query("SELECT * FROM emails WHERE id='$emails_id'");
$e = mysql_fetch_assoc($q);
?>
=i18n('Name')?>:
=$e['name']?>
=i18n('Subject')?>:
=$e['subject']?>
=i18n('From Address')?>:
=$e['from']?>
=$e['bodyhtml']?>
exit;
case 'dialog_choose':
?>
=i18n("Select a Communication")?>:
exit;
case 'email_save':
$id = intval($_POST['emails_id']);
$name = mysql_real_escape_string(stripslashes($_POST['name']));
$description = mysql_real_escape_string(stripslashes($_POST['description']));
$from = mysql_real_escape_string(stripslashes($_POST['from']));
$subject = mysql_real_escape_string(stripslashes($_POST['subject']));
$bodyhtml = mysql_real_escape_string(stripslashes($_POST['bodyhtml']));
$type = mysql_real_escape_string($_POST['type']);
$key = mysql_real_escape_string($_POST['key']);
$fcid = mysql_real_escape_string($_POST['fcid']);
if($id == 0) {
if($key && $name) {
mysql_query("INSERT INTO emails(type,val) VALUES('$type','$key')");
echo mysql_error();
$id = mysql_insert_id();
} else {
error_("Email Key and Name are required");
exit;
}
}
/* Allow the fundraising campaigns id to be NULL, it'll never be 0 */
$fcstr = ($fcid == 0) ? 'NULL' : "'$fcid'";
//first, replace an
with
$body=str_replace(""," ",$bodyhtml);
//now replace any with newlines
$body=eregi_replace(' ',chr(13).chr(10),$body);
//and strip the rest of the tags
$body=strip_tags($body);
//and replace
$body=str_replace(" "," ",$body);
mysql_query("UPDATE emails SET
name='$name',
description='$description',
`from`='$from',
subject='$subject',
body='$body',
bodyhtml='$bodyhtml',
fundraising_campaigns_id=$fcstr
WHERE id='$id'");
echo mysql_error();
happy_("Email Saved");
exit;
case 'dialog_edit':
if(array_key_exists('id', $_GET)) {
$id = intval($_GET['id']);
$cloneid = 0;
} else if(array_key_exists('cloneid', $_GET)) {
$id = intval($_GET['cloneid']);
$clone_id = $id;
} else {
/* new email, set defaults which may be specified */
$id = 0;
$key = htmlspecialchars($_GET['key']);
if(array_key_exists('fundraising_campaigns_id', $_GET)) {
$fcid = intval( $_GET['fundraising_campaigns_id']);
$type = 'fundraising';
$q=mysql_query("SELECT * FROM fundraising_campaigns WHERE id='$fcid'");
$fc=mysql_fetch_object($q);
$name=i18n("%1 communication for %2",array(ucfirst($key),$fc->name));
} else {
$fcid = 0;
$type = (array_key_exists('type',$_GET)) ? $_GET['type'] : 'user';
}
$from=$_SESSION['name']." <".$_SESSION['email'].">";
}
if($id) {
$q = mysql_query("SELECT * FROM emails WHERE id='$id'");
if(mysql_num_rows($q) != 1) {
echo "Ambiguous edit";
exit;
}
$e = mysql_fetch_assoc($q);
/* If we're supposed to clone it, load it then zero out the
* id so we make a new record on save, and override the key */
if($clone_id) {
$e['id'] = 0;
$e['val'] = $_GET['key'];
$e['fundraising_campaigns_id'] = $_GET['fundraising_campaigns_id'];
}
$emails_id = $e['id'];
$name = htmlspecialchars($e['name']);
$key = htmlspecialchars($e['val']);
$description = htmlspecialchars($e['description']);
$from = htmlspecialchars($e['from']);
if(!$from && $config['fairmanageremail']) $from="Fair Manager <".$config['fairmanageremail'].">";
$subject = htmlspecialchars($e['subject']);
$body = $e['body'];
$bodyhtml = $e['bodyhtml'];
$fcid = intval($e['fundraising_campaigns_id']);
if($bodyhtml == '') $bodyhtml = nl2br($body);
}
?>
exit;
case 'dialog_send':
?>
$fcid=intval($_GET['fundraising_campaigns_id']);
$emailid=intval($_GET['emails_id']);
$fcq=mysql_query("SELECT * FROM fundraising_campaigns WHERE id='$fcid'");
$fc=mysql_fetch_object($fcq);
$emailq=mysql_query("SELECT * FROM emails WHERE id='$emailid'");
$email=mysql_fetch_object($emailq);
?>
exit;
//dialog_sender is used to send a one-off communication based on a given template to a given user
//receives 'uid' and an optional 'template'
case 'dialog_sender':
$u=user_load_by_uid(intval($_GET['uid']));
if($_GET['template']) {
$emailq=mysql_query("SELECT * FROM emails WHERE `val`='".mysql_real_escape_string($_GET['template'])."'");
$e=mysql_fetch_assoc($emailq);
}
else
$e=null;
$from=htmlspecialchars($_SESSION['name']." <".$_SESSION['email'].">");
$to=htmlspecialchars($u['emailrecipient']);
$subject = htmlspecialchars($e['subject']);
//useless but we might as well have it
$name = htmlspecialchars($e['name']);
$key = htmlspecialchars($e['val']);
$description = htmlspecialchars($e['description']);
//do the replacements from the template now, so what the person see's is what gets sent.
$body = communication_replace_vars($e['body'],$u);
$bodyhtml = communication_replace_vars($e['bodyhtml'],$u);
//if there's no html,. grab the html from the non-html version
if($bodyhtml == '') $bodyhtml = nl2br($body);
?>
exit;
case "email_send":
email_send_new($_POST['to'],$_POST['from'],$_POST['subject'],$_POST['body'],$_POST['bodyhtml']);
happy_("Email Successfully Sent");
exit;
case "email_get_list":
$q=mysql_query("SELECT * FROM emails ORDER BY type,name");
echo "
";
//only user emails can be deleted, system ones are required and cannot be removed
if($r->type=="user") {
echo " ";
echo "id\">";
echo " ";
echo "id\">".i18n("Send")."";
}
echo "
\n";
echo "
";
}
echo "
";
exit;
}
include "communication.inc.php";
if($_GET['action']=="sendqueue") {
$fcid=intval($_POST['fundraising_campaigns_id']);
$emailid=intval($_POST['emails_id']);
$fcq=mysql_query("SELECT * FROM fundraising_campaigns WHERE id='$fcid'");
$fc=mysql_fetch_object($fcq);
$emailq=mysql_query("SELECT * FROM emails WHERE id='$emailid'");
$email=mysql_fetch_object($emailq);
$recipq=mysql_query("SELECT * FROM fundraising_campaigns_users_link
WHERE fundraising_campaigns_id='$fcid'");
echo mysql_error();
$numtotal=mysql_num_rows($recipq);
mysql_query("INSERT INTO emailqueue (val,name,users_uid,`from`,subject,body,bodyhtml,`type`,fundraising_campaigns_id,started,finished,numtotal,numsent) VALUES (
'".mysql_real_escape_string($email->val)."',
'".mysql_real_escape_string($email->name)."',
'".$_SESSION['users_uid']."',
'".mysql_real_escape_string($email->from)."',
'".mysql_real_escape_string($email->subject)."',
'".mysql_real_escape_string($email->body)."',
'".mysql_real_escape_string($email->bodyhtml)."',
'".mysql_real_escape_string($email->type)."',
$fcid,
NOW(),
NULL,
$numtotal,
0)");
$emailqueueid=mysql_insert_id();
echo mysql_error();
while($r=mysql_fetch_object($recipq)) {
$u=user_load_by_uid($r->users_uid);
$replacements=array(
"FAIRNAME"=>$config['fairname'],
"SALUTATION"=>$u['salutation'],
"FIRSTNAME"=>$u['firstname'],
"LASTNAME"=>$u['lastname'],
"NAME"=>$u['firstname']." ".$u['lastname'],
"EMAIL"=>$u['email'],
"ORGANIZATION"=>$u['sponsor']['organization']
);
if($u['firstname'] && $u['lastname'])
$toname=$u['firstname']." ".$u['lastname'];
else if($u['firstname'])
$toname=$u['firstname'];
else if($u['lastname'])
$toname=$u['lastname'];
$toemail=$u['email'];
if($toemail) {
mysql_query("INSERT INTO emailqueue_recipients (emailqueue_id,toemail,toname,replacements,sent) VALUES (
'$emailqueueid',
'".mysql_real_escape_string($toemail)."',
'".mysql_real_escape_string($toname)."',
'".json_encode($replacements)."',
NULL)");
echo mysql_error();
}
mysql_query("UPDATE emails SET lastsent=NOW() WHERE id='$emailid'");
}
echo "ok";
launchQueue();
exit;
}
send_header("Communication",
array('Committee Main' => 'committee_main.php',
'Administration' => 'admin/index.php'),
"communication"
);
echo " ";
if($_GET['action']=="delete" && $_GET['delete']) {
mysql_query("DELETE FROM emails WHERE id='".$_GET['delete']."' AND `type`='user'");
echo happy("Email successfully deleted");
}
if($_GET['action']=="send" && $_GET['send']) {
$q=mysql_query("SELECT * FROM emails WHERE id='".$_GET['send']."'");
$r=mysql_fetch_object($q);
echo i18n("Please confirm you would like to send the following email, and choose who to send it to");
echo " ";
echo " ";
echo "