Beispiel #1
0
        $db->query("UPDATE " . $DATABASE . ".courses \n\t\t\t              SET description = " . $db->quote($_POST["editDesc"]) . " WHERE id = " . $db->quote($_GET["id"]));
    }
    //send an email to the course or section
    if (!empty($_POST["type"])) {
        if (empty($_POST["subject"]) || empty($_POST["text"])) {
            echo "You forgot to specify a subject or message";
        } else {
            $students;
            //send an email to the class
            if ($_POST["type"] == 0) {
                $students = $db->select("SELECT DISTINCT users.email FROM " . $DATABASE . ".users \n\t\t\t\t\t                           JOIN " . $DATABASE . ".registrations reg ON reg.user_id = users.id\n\t\t\t\t\t                           JOIN " . $DATABASE . ".courses co ON reg.course_id = co.id\n\t\t\t\t\t                           WHERE reg.status = 1 AND\n\t\t\t\t\t                           co.id = " . $db->quote($_GET["id"]));
            } else {
                //send an email to a section
                $students = $db->select("SELECT DISTINCT users.email FROM " . $DATABASE . ".users \n\t\t\t\t\t                           JOIN " . $DATABASE . ".registrations reg ON reg.user_id = users.id\n\t\t\t\t\t                           JOIN " . $DATABASE . ".courses co ON reg.course_id = co.id\n\t\t\t\t\t                           JOIN " . $DATABASE . ".sections sec ON reg.course_section\n\t\t\t\t\t                           WHERE co.id = " . $db->quote($_GET["id"]) . " AND \n\t\t\t\t\t                           reg.status = 1 AND\n\t\t\t\t\t                           sec.id = " . $db->quote($_POST["type"]));
            }
            emailUsers($students, $_POST["subject"], $_POST["text"]);
        }
    }
    //disable course
    if (!empty($_POST["course-toggle"])) {
        $active = $db->select("SELECT courses.status\n\t\t\t                       FROM " . $DATABASE . ".courses\n\t\t\t                       WHERE id = " . $db->quote($_GET["id"]))[0]["status"];
        if ($active === "1") {
            $active = 2;
        } else {
            $active = 1;
        }
        $db->query("UPDATE " . $DATABASE . ".courses\n\t\t\t              SET status = " . $db->quote($active) . " \n\t\t\t              WHERE id = " . $db->quote($_GET["id"]));
        header("Refresh:0");
    }
    die;
}
Beispiel #2
0
function email($type, $options)
{
    global $data, $check, $config;
    $safe_type = safesql($type, "text");
    $email = $data->select_fetch_one_row("emails", "WHERE type={$safe_type}");
    $postuname = $check['uname'];
    $website = $config['troopname'];
    switch ($type) {
        case "newitem":
            switch ($options[0]) {
                case 'article':
                    $title = $options[1]['title'];
                    $type = "article";
                    $link = $config['siteaddress'] . "index.php?page=patrolarticle&action=view&id={$options[1]['ID']}";
                    $extract = truncate(strip_tags($options[1]['detail']), 100);
                    break;
                case 'poll':
                    $title = $options[1]['question'];
                    $type = "poll";
                    $link = $config['siteaddress'] . "index.php?page=polls&id={$options[1]['id']}";
                    $extract = "None";
                    break;
                case 'event':
                    $title = $options[1]['summary'];
                    $type = "event";
                    $startdate = strftime("%Y-%m-%d", $options[1]['startdate']);
                    $starttime = strftime("%H:%M", $options[1]['startdate']);
                    $enddate = strftime("%Y-%m-%d", $options[1]['enddate']);
                    $endtime = strftime("%H:%M", $options[1]['enddate']);
                    $dateDetails = "Start Date: {$startdate}\r\nStart Time: {$starttime}\r\nEnd Date: {$enddate}\r\nEnd Time: {$endtime}";
                    $date = getdate($options[1]['startdate']);
                    $month = $date['mon'];
                    $year = $date['year'];
                    $link = $options[1]['detail'] ? $config['siteaddress'] . "index.php?page=calender&id={$options[1]['id']}" : $config['siteaddress'] . "index.php?page=calender&view=month&month={$month}&year={$year}";
                    $extract = $options[1]['detail'] ? $dateDetails . "\r\n\r\n" . truncate(strip_tags($options[1]['detail']), 100) : $dateDetails;
                    break;
                case 'album':
                    $title = $options[1]['album_name'];
                    $type = "album";
                    $link = $config['siteaddress'] . "index.php?page=photos&album={$options[1]['ID']}";
                    $extract = "None";
                    break;
                case 'download':
                    $title = $options[1]['name'];
                    $type = "download";
                    $link = $config['siteaddress'] . "index.php?page=downloads&id={$options[1]['id']}&action=down&catid={$options[1]['cat']}";
                    $extract = truncate(strip_tags($options[1]['descs']), 100);
                    break;
                case 'news':
                    $title = $options[1]['title'];
                    $type = "news item";
                    $link = $config['siteaddress'] . "index.php?page=news&id={$options[1]['id']}";
                    $extract = truncate(strip_tags($options[1]['news']), 100);
                    break;
            }
            break;
    }
    $cmscoutTags = array("!#postuname#!", "!#title#!", "!#type#!", "!#link#!", "!#extract#!", "!#website#!");
    $replacements = array($postuname, $title, $type, $link, $extract, $website);
    $emailContent = str_replace($cmscoutTags, $replacements, $email['email']);
    emailUsers($email['subject'], $emailContent, $type);
}