$db->query("UPDATE " . $DATABASE . ".courses \n\t\t\t SET description = " . $db->quote($_POST["editDesc"]) . " WHERE id = " . $db->quote($_GET["id"])); } //send an email to the course or section if (!empty($_POST["type"])) { if (empty($_POST["subject"]) || empty($_POST["text"])) { echo "You forgot to specify a subject or message"; } else { $students; //send an email to the class if ($_POST["type"] == 0) { $students = $db->select("SELECT DISTINCT users.email FROM " . $DATABASE . ".users \n\t\t\t\t\t JOIN " . $DATABASE . ".registrations reg ON reg.user_id = users.id\n\t\t\t\t\t JOIN " . $DATABASE . ".courses co ON reg.course_id = co.id\n\t\t\t\t\t WHERE reg.status = 1 AND\n\t\t\t\t\t co.id = " . $db->quote($_GET["id"])); } else { //send an email to a section $students = $db->select("SELECT DISTINCT users.email FROM " . $DATABASE . ".users \n\t\t\t\t\t JOIN " . $DATABASE . ".registrations reg ON reg.user_id = users.id\n\t\t\t\t\t JOIN " . $DATABASE . ".courses co ON reg.course_id = co.id\n\t\t\t\t\t JOIN " . $DATABASE . ".sections sec ON reg.course_section\n\t\t\t\t\t WHERE co.id = " . $db->quote($_GET["id"]) . " AND \n\t\t\t\t\t reg.status = 1 AND\n\t\t\t\t\t sec.id = " . $db->quote($_POST["type"])); } emailUsers($students, $_POST["subject"], $_POST["text"]); } } //disable course if (!empty($_POST["course-toggle"])) { $active = $db->select("SELECT courses.status\n\t\t\t FROM " . $DATABASE . ".courses\n\t\t\t WHERE id = " . $db->quote($_GET["id"]))[0]["status"]; if ($active === "1") { $active = 2; } else { $active = 1; } $db->query("UPDATE " . $DATABASE . ".courses\n\t\t\t SET status = " . $db->quote($active) . " \n\t\t\t WHERE id = " . $db->quote($_GET["id"])); header("Refresh:0"); } die; }
function email($type, $options) { global $data, $check, $config; $safe_type = safesql($type, "text"); $email = $data->select_fetch_one_row("emails", "WHERE type={$safe_type}"); $postuname = $check['uname']; $website = $config['troopname']; switch ($type) { case "newitem": switch ($options[0]) { case 'article': $title = $options[1]['title']; $type = "article"; $link = $config['siteaddress'] . "index.php?page=patrolarticle&action=view&id={$options[1]['ID']}"; $extract = truncate(strip_tags($options[1]['detail']), 100); break; case 'poll': $title = $options[1]['question']; $type = "poll"; $link = $config['siteaddress'] . "index.php?page=polls&id={$options[1]['id']}"; $extract = "None"; break; case 'event': $title = $options[1]['summary']; $type = "event"; $startdate = strftime("%Y-%m-%d", $options[1]['startdate']); $starttime = strftime("%H:%M", $options[1]['startdate']); $enddate = strftime("%Y-%m-%d", $options[1]['enddate']); $endtime = strftime("%H:%M", $options[1]['enddate']); $dateDetails = "Start Date: {$startdate}\r\nStart Time: {$starttime}\r\nEnd Date: {$enddate}\r\nEnd Time: {$endtime}"; $date = getdate($options[1]['startdate']); $month = $date['mon']; $year = $date['year']; $link = $options[1]['detail'] ? $config['siteaddress'] . "index.php?page=calender&id={$options[1]['id']}" : $config['siteaddress'] . "index.php?page=calender&view=month&month={$month}&year={$year}"; $extract = $options[1]['detail'] ? $dateDetails . "\r\n\r\n" . truncate(strip_tags($options[1]['detail']), 100) : $dateDetails; break; case 'album': $title = $options[1]['album_name']; $type = "album"; $link = $config['siteaddress'] . "index.php?page=photos&album={$options[1]['ID']}"; $extract = "None"; break; case 'download': $title = $options[1]['name']; $type = "download"; $link = $config['siteaddress'] . "index.php?page=downloads&id={$options[1]['id']}&action=down&catid={$options[1]['cat']}"; $extract = truncate(strip_tags($options[1]['descs']), 100); break; case 'news': $title = $options[1]['title']; $type = "news item"; $link = $config['siteaddress'] . "index.php?page=news&id={$options[1]['id']}"; $extract = truncate(strip_tags($options[1]['news']), 100); break; } break; } $cmscoutTags = array("!#postuname#!", "!#title#!", "!#type#!", "!#link#!", "!#extract#!", "!#website#!"); $replacements = array($postuname, $title, $type, $link, $extract, $website); $emailContent = str_replace($cmscoutTags, $replacements, $email['email']); emailUsers($email['subject'], $emailContent, $type); }