Hệ thống quản lý phòng khám trực tuyến bằng PHP
1 <?php
2 $currDir = dirname(__FILE__);
3 require("{$currDir}/incCommon.php");
4 $GLOBALS['page_title'] = $Translation['send mail'];
5 include("{$currDir}/incHeader.php");
6
7 // check configured sender
8 if(!isEmail($adminConfig['senderEmail'])){
9 echo Notification::show(array(
10 'message' => $Translation["can not send mail"],
11 'class' => 'danger',
12 'dismiss_seconds' => 3600
13 ));
14 include("{$currDir}/incFooter.php");
15 }
16
17 // determine and validate recipients
18 $memberID = new Request('memberID', 'strtolower');
19 $groupID = intval($_REQUEST['groupID']);
20 $sendToAll = intval($_REQUEST['sendToAll']);
21 $showDebug = $_REQUEST['showDebug'] ? true : false;
22
23 $isGroup = ($memberID->raw != '' ? false : true);
24
25 $recipient = ($sendToAll ? $Translation['all groups'] : ($isGroup ? sqlValue("select name from membership_groups where groupID='$groupID'") : sqlValue("select memberID from membership_users where lcase(memberID)='{$memberID->sql}'")));
26 if(!$recipient){
27 echo Notification::show(array(
28 'message' => $Translation['no recipient'],
29 'class' => 'danger',
30 'dismiss_seconds' => 3600
31 ));
32 include("{$currDir}/incFooter.php");
33 }
34
35 if(isset($_POST['saveChanges'])){
36 if(!csrf_token(true)){
37 echo Notification::show(array(
38 'message' => $Translation['csrf token expired or invalid'],
39 'class' => 'warning',
40 'dismiss_seconds' => 3600
41 ));
42 include("{$currDir}/incFooter.php");
43 }
44
45 // validate and sanitize mail subject and message
46 $msr = new Request('mailSubject');
47 $mmr = new Request('mailMessage');
48 $mailSubject = strip_tags($msr->raw);
49 $mailMessage = strip_tags($mmr->raw);
50
51 $isGroup = ($memberID->raw != '' ? false : true);
52 $recipient = ($sendToAll ? $Translation["all groups"] : ($isGroup ? sqlValue("select name from membership_groups where groupID='$groupID'") : sqlValue("select lcase(memberID) from membership_users where lcase(memberID)='{$memberID->sql}'")));
53 if(!$recipient){
54 echo Notification::show(array(
55 'message' => $Translation["no recipient"],
56 'class' => 'danger',
57 'dismiss_seconds' => 3600
58 ));
59 include("{$currDir}/incFooter.php");
60 }
61
62 // create a recipients array
63 $to = array();
64 if($sendToAll){
65 $res = sql("select email from membership_users", $eo);
66 }elseif($isGroup){
67 $res = sql("select email from membership_users where groupID='{$groupID}'", $eo);
68 }else{
69 $res = sql("select email from membership_users where lcase(memberID)='{$memberID->sql}'", $eo);
70 }
71 while($row = db_fetch_row($res)){
72 if(!isEmail($row[0])) continue;
73 $to[] = $row[0];
74 }
75
76 // check that there is at least 1 recipient
77 if(count($to) < 1){
78 echo Notification::show(array(
79 'message' => $Translation['no recipient found'],
80 'class' => 'danger',
81 'dismiss_seconds' => 3600
82 ));
83 include("{$currDir}/incFooter.php");
84 }
85
86 // save mail queue
87 $queueFile = md5(microtime());
88 $currDir = dirname(__FILE__);
89 if(!($fp = fopen("{$currDir}/{$queueFile}.php", 'w'))){
90 echo Notification::show(array(
91 'message' => str_replace('<CURRDIR>', $currDir, $Translation['mail queue not saved']),
92 'class' => 'danger',
93 'dismiss_seconds' => 3600
94 ));
95 include("{$currDir}/incFooter.php");
96 }
97
98 fwrite($fp, '<' . "?php\n");
99 foreach($to as $recip){
100 fwrite($fp, "\t\$to[] = '{$recip}';\n");
101 }
102 fwrite($fp, "\t\$mailSubject = \"" . addcslashes($mailSubject, "\r\n\t\"\\\$") . "\";\n");
103 fwrite($fp, "\t\$mailMessage = \"" . addcslashes($mailMessage, "\r\n\t\"\\\$") . "\";\n");
104 fwrite($fp, '?' . '>');
105 fclose($fp);
106
107 // showDebug checked? save to session (for use in pageSender.php, then will be reset)
108 $_SESSION["debug_{$queueFile}"] = false;
109 if($showDebug) $_SESSION["debug_{$queueFile}"] = true;
110
111 // redirect to mail queue processor
112 $simulate = isset($_REQUEST['simulate']) ? '&simulate=1' : '';
113 redirect("admin/pageSender.php?queue={$queueFile}{$simulate}");
114 include("{$currDir}/incFooter.php");
115 }
116
117 if($sendToAll){
118 echo Notification::show(array(
119 'message' => "<b>{$Translation['attention']}</b><br>{$Translation['send mail to all members']}",
120 'class' => 'warning',
121 'dismiss_days' => 3,
122 'id' => 'send_mail_to_all_users'
123 ));
124 }
125 ?>
126
127 <div class="page-header"><h1><?php echo $Translation['send mail']; ?></h1></div>
128
129 <form method="post" action="pageMail.php" class="form-horizontal">
130 <?php echo csrf_token(); ?>
131 <input type="hidden" name="memberID" value="<?php echo $memberID->attr; ?>">
132 <input type="hidden" name="groupID" value="<?php echo $groupID; ?>">
133 <input type="hidden" name="sendToAll" value="<?php echo $sendToAll; ?>">
134 <?php if(isset($_REQUEST['simulate'])){ ?>
135 <input type="hidden" name="simulate" value="1">
136 <?php } ?>
137
138 <div class="form-group">
139 <label class="col-sm-4 col-md-3 col-lg-2 col-lg-offset-2 control-label"><?php echo $Translation["from"]; ?></label>
140 <div class="col-sm-8 col-md-9 col-lg-6">
141 <p class="form-control-static">
142 <?php echo "{$adminConfig['senderName']} <{$adminConfig['senderEmail']}>"; ?>
143 <div>
144 <a href="pageSettings.php#mail-settings" class="btn btn-default">
145 <i class="glyphicon glyphicon-pencil"></i>
146 <?php echo $Translation['configure mail settings']; ?>
147 </a>
148 </div>
149 </p>
150 </div>
151 </div>
152
153 <div class="form-group">
154 <label class="col-sm-4 col-md-3 col-lg-2 col-lg-offset-2 control-label"><?php echo $Translation['to']; ?></label>
155 <div class="col-sm-8 col-md-9 col-lg-6">
156 <p class="form-control-static">
157 <?php
158 $to_link = "pageEditMember.php?memberID={$memberID->url}";
159 if($sendToAll)
160 $to_link = "pageViewMembers.php";
161 if(!$sendToAll && $isGroup)
162 $to_link = "pageViewMembers.php?groupID={$groupID}";
163 ?>
164 <a href="<?php echo $to_link; ?>">
165 <i class="glyphicon glyphicon-user text-info"></i>
166 <?php echo $recipient; ?>
167 </a>
168 <div class="btn-group">
169 <a href="pageViewGroups.php" class="btn btn-default"><?php echo $Translation['send email to all members']; ?></a>
170 <a href="pageViewMembers.php" class="btn btn-default"><?php echo $Translation['send email to member']; ?></a>
171 </div>
172 </p>
173 </div>
174 </div>
175
176 <div class="form-group">
177 <label for="mailSubject" class="col-sm-4 col-md-3 col-lg-2 col-lg-offset-2 control-label"><?php echo $Translation["subject"]; ?></label>
178 <div class="col-sm-8 col-md-9 col-lg-6">
179 <input class="form-control" name="mailSubject" id="mailSubject" autofocus>
180 </div>
181 </div>
182
183 <div class="form-group">
184 <label for="mailMessage" class="col-sm-4 col-md-3 col-lg-2 col-lg-offset-2 control-label"><?php echo $Translation["message"]; ?></label>
185 <div class="col-sm-8 col-md-9 col-lg-6">
186 <textarea rows="10" class="form-control" name="mailMessage" id="mailMessage"></textarea>
187 </div>
188 </div>
189
190 <?php if($adminConfig['mail_function'] == 'smtp'){ ?>
191 <div class="checkbox">
192 <div class="col-sm-offset-4 col-md-offset-3 col-lg-offset-4 col-sm-8 col-md-9 col-lg-6">
193 <label for="showDebug">
194 <input type="checkbox" name="showDebug" value="1" id="showDebug">
195 <?php echo $Translation['display debugging info']; ?>
196 <span class="help-block"><?php echo $Translation['debugging info hint']; ?></span>
197 </label>
198 </div>
199 </div>
200 <?php } ?>
201
202 <div class="form-group">
203 <div class="col-sm-4 col-sm-offset-4 col-md-6 col-md-offset-3 col-lg-4 col-lg-offset-4">
204 <button name="saveChanges" type="submit" class="btn btn-primary btn-lg btn-block"><i class="glyphicon glyphicon-envelope"></i> <?php echo $Translation["send message"]; ?></button>
205 </div>
206 </div>
207 </form>
208
209 <script>
210 $j(function(){
211 $j('form').submit(function(){
212 return jsShowWait();
213 });
214 })
215 </script>
216
217 <?php
218 include("{$currDir}/incFooter.php");
219 ?>