}
} else {
$_SESSION['dialog']['info'][] = _('Mandatory fields must not be empty');
}
header("Location: " . _u('index.php?app=main&inc=feature_schedule&route=manage&op=dst_add&schedule_id=' . $schedule_id));
exit;
} else {
auth_block();
}
break;
case "dst_del":
$id = $_REQUEST['id'];
// destination ID
$schedule_id = $_REQUEST['schedule_id'];
// schedule ID
if ($id && $schedule_id && dba_isexists(_DB_PREF_ . "_featureSchedule", array('uid' => $user_config['uid'], 'id' => $schedule_id), 'AND')) {
$db_query = "DELETE FROM " . _DB_PREF_ . "_featureSchedule_dst WHERE schedule_id='{$schedule_id}' AND id='{$id}'";
if (@dba_affected_rows($db_query)) {
$_SESSION['dialog']['info'][] = _('Destination has been deleted');
} else {
$_SESSION['dialog']['info'][] = _('Fail to delete destination');
}
} else {
auth_block();
}
header("Location: " . _u('index.php?app=main&inc=feature_schedule&route=manage&op=list&id=' . $schedule_id));
exit;
break;
case "dst_edit":
$id = $_REQUEST['id'];
// destination ID
$acl_disallowed = (int) $_REQUEST['acl_disallowed'];
$url = trim($_POST['url']);
if ($id) {
$db_query = "\n\t\t\t\tUPDATE " . _DB_PREF_ . "_tblACL SET c_timestamp='" . mktime() . "',acl_subuser='******',url='" . $url . "',flag_disallowed='" . $acl_disallowed . "'\n\t\t\t\tWHERE id='" . $id . "'";
if ($new_id = @dba_affected_rows($db_query)) {
$_SESSION['dialog']['info'][] = _('ACL been edited');
} else {
$_SESSION['dialog']['info'][] = _('Fail to edit ACL');
}
} else {
$_SESSION['dialog']['info'][] = _('Mandatory fields must not be empty');
}
header("Location: " . _u('index.php?app=main&inc=core_acl&op=edit&id=' . $id));
exit;
break;
case "del":
$id = $_REQUEST['id'];
if ($id && dba_isexists(_DB_PREF_ . "_tblACL", array('id' => $id), 'AND')) {
$db_query = "UPDATE " . _DB_PREF_ . "_tblACL SET c_timestamp='" . mktime() . "', flag_deleted='1' WHERE id='{$id}'";
if (@dba_affected_rows($db_query)) {
$_SESSION['dialog']['info'][] = _('ACL has been deleted');
} else {
$_SESSION['dialog']['info'][] = _('Fail to delete ACL');
}
} else {
auth_block();
}
header("Location: " . _u('index.php?app=main&inc=core_acl&op=acl_list'));
exit;
break;
}
exit;
}
break;
case "import_yes":
@set_time_limit(0);
$num = $_POST['number_of_row'];
$session_import = $_POST['session_import'];
$data = $_SESSION['tmp'][$session_import];
foreach ($data as $d) {
$name = trim($d[0]);
$destination = trim($d[1]);
$schedule = trim($d[2]);
if ($name && $destination && $schedule) {
$schedule = core_adjust_datetime($schedule);
// add destiantions, replace existing entry with the same name
if (dba_isexists(_DB_PREF_ . '_featureSchedule_dst', array('schedule_id' => $schedule_id, 'name' => $name), 'AND')) {
// update
$items = array('c_timestamp' => mktime(), 'schedule' => $schedule, 'scheduled' => '0000-00-00 00:00:00');
$conditions = array('schedule_id' => $schedule_id, 'name' => $name, 'destination' => $destination);
dba_update(_DB_PREF_ . '_featureSchedule_dst', $items, $conditions);
} else {
// insert
$items = array('schedule_id' => $schedule_id, 'schedule' => $schedule, 'scheduled' => '0000-00-00 00:00:00', 'name' => $name, 'destination' => $destination);
dba_add(_DB_PREF_ . '_featureSchedule_dst', $items);
}
}
}
$_SESSION['dialog']['info'][] = _('Entries in CSV file have been imported');
header("Location: " . _u('index.php?app=main&inc=feature_schedule&route=import&op=list&schedule_id=' . $schedule_id));
exit;
break;
function sendsmsd($single_queue = '', $chunk = 0)
{
global $core_config;
if ($single_queue) {
$queue_sql = "AND queue_code='" . $single_queue . "'";
// _log("single queue queue_code:".$single_queue, 2, "sendsmsd");
}
$db_query = "SELECT * FROM " . _DB_PREF_ . "_tblSMSOutgoing_queue WHERE flag='3' " . $queue_sql;
// _log("q: ".$db_query, 3, "sendsmsd");
$db_result = dba_query($db_query);
while ($db_row = dba_fetch_array($db_result)) {
$c_queue_id = $db_row['id'];
$c_queue_code = $db_row['queue_code'];
$c_sender_id = addslashes(trim($db_row['sender_id']));
$c_footer = addslashes(trim(htmlspecialchars_decode($db_row['footer'])));
$c_message = addslashes(trim(htmlspecialchars_decode($db_row['message'])));
$c_uid = $db_row['uid'];
$c_gpid = $db_row['gpid'];
$c_sms_type = $db_row['sms_type'];
$c_unicode = $db_row['unicode'];
// queue size
$c_queue_count = $db_row['queue_count'];
// total number of SMS per queue
$c_sms_count = $db_row['sms_count'];
// SMS count per destination
$c_sms_size = ceil($c_sms_count / $c_queue_count);
$c_schedule = $db_row['datetime_scheduled'];
$c_smsc = $db_row['smsc'];
$c_current = core_get_datetime();
$continue = FALSE;
// check delivery datetime
// _log("delivery datetime qeueue:" . $c_queue_code . " scheduled:" . core_display_datetime($c_schedule) . " current:" . core_display_datetime($c_current), 3, "sendsmsd");
if (strtotime($c_current) >= strtotime($c_schedule)) {
$continue = TRUE;
// next, check throttle limit (number of sent SMS per hour)
if (sendsms_throttle_isoverlimit(0)) {
$continue = FALSE;
}
}
// process queue
if ($continue) {
_log("start processing queue_code:" . $c_queue_code . " chunk:" . $chunk . " queue_count:" . $c_queue_count . " sms_count:" . $c_sms_count . " scheduled:" . core_display_datetime($c_schedule) . " uid:" . $c_uid . " gpid:" . $c_gpid . " sender_id:" . $c_sender_id, 2, "sendsmsd");
$counter = 0;
$db_query2 = "SELECT * FROM " . _DB_PREF_ . "_tblSMSOutgoing_queue_dst WHERE queue_id='{$c_queue_id}' AND chunk='" . $chunk . "' AND flag='0'";
$db_result2 = dba_query($db_query2);
while ($db_row2 = dba_fetch_array($db_result2)) {
// make sure the queue is still there
// if the queue_code with flag=3 is not exists then break, stop sendqueue
if (!dba_isexists(_DB_PREF_ . "_tblSMSOutgoing_queue", array('flag' => 3, 'queue_code' => $c_queue_code), 'AND')) {
break;
}
$counter++;
// queue_dst ID is SMS Log ID
$c_smslog_id = $db_row2['id'];
$c_dst = $db_row2['dst'];
$c_flag = 2;
$c_ok = false;
_log("sending queue_code:" . $c_queue_code . " smslog_id:" . $c_smslog_id . " to:" . $c_dst . " sms_count:" . $c_sms_count . " counter:" . $counter, 2, "sendsmsd");
$ret = sendsms_process($c_smslog_id, $c_sender_id, $c_footer, $c_dst, $c_message, $c_uid, $c_gpid, $c_sms_type, $c_unicode, $c_queue_code, $c_smsc);
$c_dst = $ret['to'];
if ($ret['status']) {
$c_ok = true;
$c_flag = 1;
// add to throttle counter
sendsms_throttle_count(0, $c_sms_size);
}
_log("result queue_code:" . $c_queue_code . " to:" . $c_dst . " flag:" . $c_flag . " smslog_id:" . $c_smslog_id, 2, "sendsmsd");
$db_query3 = "UPDATE " . _DB_PREF_ . "_tblSMSOutgoing_queue_dst SET flag='{$c_flag}' WHERE id='{$c_smslog_id}'";
$db_result3 = dba_query($db_query3);
$ok[] = $c_ok;
$to[] = $c_dst;
$smslog_id[] = $c_smslog_id;
$queue[] = $c_queue_code;
$counts[] = $c_sms_count;
// check throttle limit (number of sent SMS per hour)
if (sendsms_throttle_isoverlimit(0)) {
break;
}
}
$db_query = "SELECT count(*) AS count FROM " . _DB_PREF_ . "_tblSMSOutgoing_queue_dst WHERE queue_id='{$c_queue_id}' AND NOT flag ='0'";
$db_result = dba_query($db_query);
$db_row = dba_fetch_array($db_result);
// destinations processed
$dst_processed = (int) ($db_row['count'] ? $db_row['count'] : 0);
// number of SMS processed
$sms_processed = $dst_processed * $c_sms_size;
// check whether SMS processed is >= stated SMS count in queue
// if YES then processing queue is finished
if ($sms_processed >= $c_sms_count) {
$dt = core_get_datetime();
$db_query5 = "UPDATE " . _DB_PREF_ . "_tblSMSOutgoing_queue SET flag='1', datetime_update='" . $dt . "' WHERE id='{$c_queue_id}'";
if ($db_result5 = dba_affected_rows($db_query5)) {
_log("finish processing queue_code:" . $c_queue_code . " uid:" . $c_uid . " sender_id:" . $c_sender_id . " queue_count:" . $c_queue_count . " sms_count:" . $c_sms_count, 2, "sendsmsd");
} else {
_log("fail to finalize process queue_code:" . $c_queue_code . " uid:" . $c_uid . " sender_id:" . $c_sender_id . " queue_count:" . $c_queue_count . " sms_count:" . $c_sms_count . " sms_processed:" . $sms_processed, 2, "sendsmsd");
}
} else {
_log("partially processing queue_code:" . $c_queue_code . " uid:" . $c_uid . " sender_id:" . $c_sender_id . " queue_count:" . $c_queue_count . " sms_count:" . $c_sms_count . " sms_processed:" . $sms_processed . " counter:" . $counter, 2, "sendsmsd");
}
}
}
return array($ok, $to, $smslog_id, $queue, $counts);
}
/**
* Validate data for user registration
*
* @param array $data
* User data
* @param boolean $flag_edit
* TRUE when edit action (currently not inuse)
* @return array $ret('error_string', 'status')
*/
function user_add_validate($data = array(), $flag_edit = FALSE)
{
global $core_config;
$ret['status'] = true;
if (is_array($data)) {
foreach ($data as $key => $val) {
$data[$key] = trim($val);
}
// password should be at least 4 characters
if ($data['password'] && strlen($data['password']) < 4) {
$ret['error_string'] = _('Password should be at least 4 characters');
$ret['status'] = false;
}
// username should be at least 3 characters and maximum $username_length
$username_length = $core_config['main']['username_length'] ? $core_config['main']['username_length'] : 30;
if ($ret['status'] && $data['username'] && (strlen($data['username']) < 3 || strlen($data['username']) > $username_length)) {
$ret['error_string'] = sprintf(_('Username must be at least 3 characters and maximum %d characters'), $username_length) . " (" . $data['username'] . ")";
$ret['status'] = false;
}
// username only can contain alphanumeric, dot and dash
if ($ret['status'] && $data['username'] && !preg_match('/([A-Za-z0-9\\.\\-])/', $data['username'])) {
$ret['error_string'] = _('Valid characters for username are alphabets, numbers, dot or dash') . " (" . $data['username'] . ")";
$ret['status'] = false;
}
// name must be exists
if ($ret['status'] && !$data['name']) {
$ret['error_string'] = _('Account name is mandatory');
$ret['status'] = false;
}
// email must be in valid format
if ($ret['status'] && !preg_match('/^(.+)@(.+)\\.(.+)$/', $data['email']) && !$core_config['main']['enhance_privacy_subuser']) {
if ($data['email']) {
$ret['error_string'] = _('Your email format is invalid') . " (" . $data['email'] . ")";
} else {
$ret['error_string'] = _('Email address is mandatory');
}
$ret['status'] = false;
}
// mobile must be in valid format, but check this only when filled
if ($ret['status'] && $data['mobile'] && !preg_match('/([0-9\\+\\- ])/', $data['mobile'])) {
$ret['error_string'] = _('Your mobile format is invalid') . " (" . $data['mobile'] . ")";
$ret['status'] = false;
}
// check if username is exists
if ($ret['status'] && $data['username'] && dba_isexists(_DB_PREF_ . '_tblUser', array('flag_deleted' => 0, 'username' => $data['username']), 'AND')) {
if (!$flag_edit) {
$ret['error_string'] = _('Account already exists') . " (" . _('username') . ": " . $data['username'] . ")";
$ret['status'] = false;
}
}
$existing = user_getdatabyusername($data['username']);
// check if email is exists
if ($ret['status'] && $data['email'] && dba_isexists(_DB_PREF_ . '_tblUser', array('flag_deleted' => 0, 'email' => $data['email']), 'AND')) {
if ($data['email'] != $existing['email']) {
$ret['error_string'] = _('Account with this email already exists') . " (" . _('email') . ": " . $data['email'] . ")";
$ret['status'] = false;
}
}
// check mobile, must check for duplication only when filled
if ($ret['status'] && $data['mobile']) {
if (dba_isexists(_DB_PREF_ . '_tblUser', array('flag_deleted' => 0, 'mobile' => $data['mobile']), 'AND')) {
if ($data['mobile'] != $existing['mobile']) {
$ret['error_string'] = _('Account with this mobile already exists') . " (" . _('mobile') . ": " . $data['mobile'] . ")";
$ret['status'] = false;
}
}
}
}
return $ret;
}
* (at your option) any later version.
*
* playSMS is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with playSMS. If not, see <http://www.gnu.org/licenses/>.
*/
defined('_SECURE_') or die('Forbidden');
// Schedule ID
$schedule_id = $_REQUEST['schedule_id'];
// validate, if not exists the block
$conditions = array('uid' => $user_config['uid'], 'id' => $schedule_id, 'flag_deleted' => 0);
if (!dba_isexists(_DB_PREF_ . '_featureSchedule', $conditions)) {
auth_block();
}
switch (_OP_) {
case "list":
$extras = array('ORDER BY' => 'schedule, name, destination');
$conditions = array('schedule_id' => $schedule_id);
$list = dba_search(_DB_PREF_ . '_featureSchedule_dst', '*', $conditions, '', $extras);
$data[0] = array(_('Name'), _('Destination'), _('Schedule'));
for ($i = 0; $i < count($list); $i++) {
$j = $i + 1;
if ($j > $plugin_config['schedule']['export_row_limit']) {
break;
}
$data[$j] = array($list[$i]['name'], $list[$i]['destination'], core_display_datetime($list[$i]['schedule']));
}
$content = "\n\t\t\t<h2>" . _('Phonebook') . "</h2>\n\t\t\t<h3>" . _('Add contact') . "</h3>\n\t\t\t<form action=\"index.php?app=main&inc=feature_phonebook&op=actions&go=add\" name=fm_addphone method=POST>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<table class=playsms-table>\n\t\t\t<tbody>\n\t\t\t<tr><td class=label-sizer>" . _('Group') . "</td><td><select name=gpids[] multiple>{$list_of_group}</select></td></tr>\n\t\t\t<tr><td>" . _('Name') . "</td><td><input type=text name=name></td></tr>\n\t\t\t<tr><td>" . _('Mobile') . "</td><td><input type=text name=mobile value=\"" . $phone . "\"></td></tr>\n\t\t\t<tr><td>" . _('Email') . "</td><td><input type=text name=email></td></tr>\n\t\t\t</tbody>\n\t\t\t</table>\n\t\t\t<p><input type=submit class=button value=\"" . _('Save') . "\"></p>\n\t\t\t</form>\n\t\t\t" . _back('index.php?app=main&inc=feature_phonebook&op=phonebook_list');
if ($err = $_SESSION['error_string']) {
_p("<div class=error_string>{$err}</div>");
}
_p($content);
break;
case "phonebook_edit":
$uid = $user_config['uid'];
$pid = $_REQUEST['pid'];
$list = dba_search(_DB_PREF_ . '_featurePhonebook', 'name, mobile, email', array('id' => $pid, 'uid' => $uid));
$db_query = "SELECT * FROM " . _DB_PREF_ . "_featurePhonebook_group WHERE uid='{$uid}'";
$db_result = dba_query($db_query);
while ($db_row = dba_fetch_array($db_result)) {
$selected = '';
$conditions = array('gpid' => $db_row['id'], 'pid' => $pid);
if (dba_isexists(_DB_PREF_ . '_featurePhonebook_group_contacts', $conditions, 'AND')) {
$selected = 'selected';
}
$list_of_group .= "<option value=" . $db_row['id'] . " {$selected}>" . $db_row['name'] . " - " . _('code') . ": " . $db_row['code'] . "</option>";
}
$content = "\n\t\t\t<h2>" . _('Phonebook') . "</h2>\n\t\t\t<h3>" . _('Edit contact') . "</h3>\n\t\t\t<form action=\"index.php?app=main&inc=feature_phonebook&op=actions&go=edit\" name=fm_addphone method=POST>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<input type=hidden name=pid value=\"" . $pid . "\">\n\t\t\t<table class=playsms-table>\n\t\t\t<tbody>\n\t\t\t<tr><td width=100>" . _('Group') . "</td><td><select name=gpids[] multiple>{$list_of_group}</select></td></tr>\n\t\t\t<tr><td>" . _('Name') . "</td><td><input type=text name=name value=\"" . $list[0]['name'] . "\"></td></tr>\n\t\t\t<tr><td>" . _('Mobile') . "</td><td><input type=text name=mobile value=\"" . $list[0]['mobile'] . "\"></td></tr>\n\t\t\t<tr><td>" . _('Email') . "</td><td><input type=text name=email value=\"" . $list[0]['email'] . "\"></td></tr>\n\t\t\t</tbody>\n\t\t\t</table>\n\t\t\t<p><input type=submit class=button value=\"" . _('Save') . "\"></p>\n\t\t\t</form>\n\t\t\t" . _back('index.php?app=main&inc=feature_phonebook&op=phonebook_list');
if ($err = $_SESSION['error_string']) {
_p("<div class=error_string>{$err}</div>");
}
_p($content);
break;
case "actions":
$nav = themes_nav_session();
$search = themes_search_session();
$go = $_REQUEST['go'];
switch ($go) {
