$removed = TRUE;
}
}
break;
}
$search = themes_search_session();
$nav = themes_nav_session();
if ($removed) {
$_SESSION['dialog']['info'][] = _('Mobile numbers have been deleted');
}
$ref = $search['url'] . '&search_keyword=' . $search['keyword'] . '&search_category=' . $search['category'] . '&page=' . $nav['page'] . '&nav=' . $nav['nav'];
header("Location: " . _u($ref));
exit;
break;
case "stoplist_add":
$content = _dialog() . "\n\t\t\t<h2>" . _('Manage stoplist') . "</h2>\n\t\t\t<h3>" . _('Add blocked mobile numbers') . " " . _hint(_('Multiple mobile numbers must be comma-separated')) . "</h3>\n\t\t\t<form action='index.php?app=main&inc=feature_stoplist&op=stoplist_add_yes' method='post'>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<table class=playsms-table>\n\t\t\t<tr>\n\t\t\t\t<td class=label-sizer>" . _mandatory(_('Mobile numbers')) . "</td>\n\t\t\t\t<td><input type=text name='add_mobile' required> " . _hint(_('Comma separated values for multiple mobile numbers')) . "\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t\t</table>\n\t\t\t<p><input type='submit' class='button' value='" . _('Save') . "'></p>\n\t\t\t</form>\n\t\t\t" . _back('index.php?app=main&inc=feature_stoplist&op=stoplist_list');
_p($content);
break;
case "stoplist_add_yes":
$add_mobile = $_POST['add_mobile'];
if ($add_mobile) {
$mobiles = explode(',', str_replace(' ', '', $add_mobile));
foreach ($mobiles as $mobile) {
blacklist_mobile_add($user_config['uid'], $mobile);
}
$_SESSION['dialog']['info'][] = _('Mobile numbers have been blocked');
} else {
$_SESSION['dialog']['danger'][] = _('You must fill all fields');
}
header("Location: " . _u('index.php?app=main&inc=feature_stoplist&op=stoplist_add'));
exit;
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with playSMS. If not, see <http://www.gnu.org/licenses/>.
*/
defined('_SECURE_') or die('Forbidden');
if (!auth_isvalid()) {
auth_block();
}
switch (_OP_) {
case "mailsms_user":
$items_global = registry_search(0, 'features', 'mailsms');
$items = registry_search($user_config['uid'], 'features', 'mailsms_user');
// option enable
$option_enable = _options(array(_('yes') => 1, _('no') => 0), $items['features']['mailsms_user']['enable']);
$tpl = array('name' => 'mailsms_user', 'vars' => array('DIALOG_DISPLAY' => _dialog(), 'FORM_TITLE' => _('My email to SMS'), 'ACTION_URL' => _u('index.php?app=main&inc=feature_mailsms&route=mailsms_user&op=mailsms_user_save'), 'HTTP_PATH_THEMES' => _HTTP_PATH_THEMES_, 'HINT_PASSWORD' => _hint(_('Fill the password field to change password')), 'Email to SMS address' => _('Email to SMS address'), 'PIN for email to SMS' => _mandatory(_('PIN for email to SMS'))), 'injects' => array('option_enable', 'items_global', 'items'));
_p(tpl_apply($tpl));
break;
case "mailsms_user_save":
$continue = FALSE;
$pin = core_sanitize_alphanumeric(substr(trim($_REQUEST['pin']), 0, 40));
if ($pin) {
$continue = TRUE;
} else {
$_SESSION['dialog']['info'][] = _('PIN is empty');
$_SESSION['dialog']['info'][] = _('Fail to save email to SMS PIN');
}
if ($continue) {
$items = array('pin' => $pin);
registry_update($user_config['uid'], 'features', 'mailsms_user', $items);
$items_global = registry_search(0, 'features', 'mailsms');
case "outgoing_add":
if ($err = $_SESSION['error_string']) {
$content = "<div class=error_string>{$err}</div>";
}
$select_users = themes_select_users_single('add_uid');
$select_smsc = "<select name=add_smsc>";
unset($smsc_list);
$list = gateway_getall_smsc();
foreach ($list as $c_smsc) {
$smsc_list[] = $c_smsc['name'];
}
foreach ($smsc_list as $smsc_name) {
$select_smsc .= "<option>" . $smsc_name . "</option>";
}
$select_smsc .= "</select>";
$content .= "\n\t\t\t<h2>" . _('Route outgoing SMS') . "</h2>\n\t\t\t<h3>" . _('Add route') . "</h3>\n\t\t\t<form action='index.php?app=main&inc=feature_outgoing&op=outgoing_add_yes' method='post'>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<table class=playsms-table>\n\t\t\t<tr>\n\t\t\t\t<td class=label-sizer>" . _('User') . "</td><td>" . $select_users . "</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=label-sizer>" . _mandatory(_('Destination name')) . "</td><td><input type='text' maxlength='30' name='add_dst' value=\"{$add_dst}\" required></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=label-sizer>" . _mandatory(_('Prefix')) . "</td><td><input type='text' maxlength=8 name='add_prefix' value=\"{$add_prefix}\" required> " . _hint(_('Maximum 8 digits numeric only')) . "</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=label-sizer>" . _('SMSC') . "</td><td>" . $select_smsc . "</td>\n\t\t\t</tr>\n\t\t\t</table>\n\t\t\t<input type='submit' class='button' value='" . _('Save') . "'>\n\t\t\t</form>\n\t\t\t" . _back('index.php?app=main&inc=feature_outgoing&op=outgoing_list');
_p($content);
break;
case "outgoing_add_yes":
$add_uid = $_REQUEST['add_uid'];
if ($add_uid) {
$add_username = user_uid2username($add_uid);
if (!$add_username) {
$add_uid = 0;
}
}
$add_dst = $_POST['add_dst'];
$add_prefix = $_POST['add_prefix'];
$add_prefix = core_sanitize_numeric($add_prefix);
$add_prefix = (string) substr($add_prefix, 0, 8);
$add_smsc = $_POST['add_smsc'] ? $_POST['add_smsc'] : 'blocked';
if (!auth_isadmin()) {
auth_block();
}
$db_query = "SELECT * FROM " . _DB_PREF_ . "_featureAutorespond WHERE id='{$id}' AND flag_deleted='0'";
$db_result = dba_query($db_query);
$db_row = dba_fetch_array($db_result);
$edit_service_name = _lastpost('edit_service_name') ? _lastpost('edit_service_name') : $db_row['service_name'];
$edit_regex = _lastpost('edit_regex') ? _lastpost('edit_regex') : $db_row['regex'];
$edit_message = _lastpost('edit_message') ? _lastpost('edit_message') : $db_row['message'];
$edit_uid = $db_row['uid'];
$edit_sms_receiver = $db_row['sms_receiver'];
$edit_smsc = $db_row['smsc'];
if (auth_isadmin()) {
$select_reply_smsc = "<tr><td>" . _('SMSC') . "</td><td>" . gateway_select_smsc('edit_smsc', $edit_smsc) . "</td></tr>";
}
$content .= _dialog() . "\n\t\t\t<h2>" . _('Manage autorespond') . "</h2>\n\t\t\t<h3>" . _('Edit SMS autorespond') . "</h3>\n\t\t\t<form action=index.php?app=main&inc=feature_autorespond&op=autorespond_edit_yes method=post>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<input type=hidden name=id value={$id}>\n\t\t\t<table class=playsms-table>\n\t\t\t\t<tbody>\n\t\t\t\t<tr>\n\t\t\t\t\t<td class=label-sizer>" . _mandatory(_('Service')) . "</td><td><input type=text size=30 maxlength=255 name=edit_service_name value=\"" . $edit_service_name . "\"></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _mandatory(_('Regex')) . "</td><td><input type=text size=140 maxlength=140 name=edit_regex value=\"" . $edit_regex . "\"> " . _hint(_('Regular expression to match with incoming SMS')) . "</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _mandatory(_('Respond message')) . "</td><td><input type=text name=edit_message value=\"" . $edit_message . "\"></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _mandatory(_('User')) . "</td><td>" . themes_select_users_single('edit_uid', $edit_uid) . "</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _('Receiver number') . "</td><td><input type=text size=30 maxlength=20 name=edit_sms_receiver value=\"" . $edit_sms_receiver . "\"></td>\n\t\t\t\t</tr>\n\t\t\t\t" . $select_reply_smsc . "\n\t\t\t\t</tbody>\n\t\t\t</table>\n\t\t\t<p><input type=submit class=button value=\"" . _('Save') . "\">\n\t\t\t</form>\n\t\t\t" . _back('index.php?app=main&inc=feature_autorespond&op=autorespond_list');
_p($content);
break;
case "autorespond_edit_yes":
if (!auth_isadmin()) {
auth_block();
}
$edit_service_name = trim($_POST['edit_service_name']);
$edit_regex = trim($_POST['edit_regex']);
$edit_message = trim($_POST['edit_message']);
$edit_uid = (int) $_POST['edit_uid'];
$edit_sms_receiver = trim($_POST['edit_sms_receiver']);
$edit_smsc = trim($_POST['edit_smsc']);
if ($id && $edit_service_name && $edit_regex && $edit_message && $edit_uid) {
$db_query = "UPDATE " . _DB_PREF_ . "_featureAutorespond SET last_update='" . core_get_datetime() . "',service_name='{$edit_service_name}',regex='{$edit_regex}',message='{$edit_message}',uid='{$edit_uid}',sms_receiver='{$edit_sms_receiver}',smsc='{$edit_smsc}' WHERE id='{$id}' AND flag_deleted='0'";
if (@dba_affected_rows($db_query)) {
$schedule_id = $_REQUEST['schedule_id'];
// schedule ID
$db_query = "SELECT * FROM " . _DB_PREF_ . "_featureSchedule WHERE uid='" . $user_config['uid'] . "' AND id='{$schedule_id}' AND flag_deleted='0'";
$db_result = dba_query($db_query);
$db_row = dba_fetch_array($db_result);
$schedule_name = $db_row['name'];
$schedule_message = $db_row['message'];
if ($id && $schedule_id && $schedule_name && $schedule_message) {
$db_query = "SELECT * FROM " . _DB_PREF_ . "_featureSchedule_dst WHERE schedule_id='{$schedule_id}' AND id='{$id}'";
$db_result = dba_query($db_query);
$db_row = dba_fetch_array($db_result);
$schedule = $db_row['schedule'];
$schedule = $schedule ? core_display_datetime($schedule) : '0000-00-00 00:00:00';
$name = $db_row['name'];
$destination = $db_row['destination'];
$content = _dialog() . "\n\t\t\t\t<h2>" . _('Schedule messages') . "</h2>\n\t\t\t\t<h3>" . _('Manage schedule') . "</h3>\n\t\t\t\t<h4>" . _('Edit destination') . "</h4>\n\t\t\t\t<form action=index.php?app=main&inc=feature_schedule&route=manage&op=dst_edit_yes method=post>\n\t\t\t\t" . _CSRF_FORM_ . "\n\t\t\t\t<input type=hidden name=schedule_id value='" . $schedule_id . "'>\n\t\t\t\t<input type=hidden name=id value='" . $id . "'>\n\t\t\t\t<table class=playsms-table cellpadding=1 cellspacing=2 border=0>\n\t\t\t\t<tr>\n\t\t\t\t\t<td class=label-sizer>" . _('Schedule name') . "</td><td>" . $schedule_name . "</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _('Scheduled message') . "</td><td>" . $schedule_message . "</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _mandatory(_('Name')) . "</td><td><input type=text maxlength=250 name=name value='" . $name . "'></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _mandatory(_('Destination')) . "</td><td><input type=text maxlength=20 name=destination value='" . $destination . "'> " . _hint(_('Separate by comma for multiple destinations')) . "</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _mandatory(_('Schedule')) . "</td><td><input type=text maxlength=19 name=schedule value='" . $schedule . "'> " . _hint(_('Format YYYY-MM-DD hh:mm')) . "</td>\n\t\t\t\t</tr>\n\t\t\t\t</table>\n\t\t\t\t<p><input type=submit class=button value=\"" . _('Save') . "\">\n\t\t\t\t</form>\n\t\t\t\t" . _back('index.php?app=main&inc=feature_schedule&route=manage&op=list&id=' . $schedule_id);
} else {
auth_block();
}
_p($content);
break;
case "dst_edit_yes":
$id = $_REQUEST['id'];
// destination ID
$schedule_id = $_REQUEST['schedule_id'];
// schedule ID
$db_query = "SELECT * FROM " . _DB_PREF_ . "_featureSchedule WHERE uid='" . $user_config['uid'] . "' AND id='{$schedule_id}' AND flag_deleted='0'";
$db_result = dba_query($db_query);
$db_row = dba_fetch_array($db_result);
$schedule_name = $db_row['name'];
$schedule_message = $db_row['message'];
case "phonebook_edit":
$uid = $user_config['uid'];
$pid = $_REQUEST['pid'];
$list = dba_search(_DB_PREF_ . '_featurePhonebook', '*', array('id' => $pid, 'uid' => $uid));
$db_query = "SELECT * FROM " . _DB_PREF_ . "_featurePhonebook_group WHERE uid='{$uid}'";
$db_result = dba_query($db_query);
$list_of_group = "<option value=0>-- " . _('No group') . " --</option>";
while ($db_row = dba_fetch_array($db_result)) {
$selected = '';
$conditions = array('gpid' => $db_row['id'], 'pid' => $pid);
if (dba_isexists(_DB_PREF_ . '_featurePhonebook_group_contacts', $conditions, 'AND')) {
$selected = 'selected';
}
$list_of_group .= "<option value=" . $db_row['id'] . " {$selected}>" . $db_row['name'] . " - " . _('code') . ": " . $db_row['code'] . "</option>";
}
$content = "\n\t\t\t<h2>" . _('Phonebook') . "</h2>\n\t\t\t<h3>" . _('Edit contact') . "</h3>\n\t\t\t<form action=\"index.php?app=main&inc=feature_phonebook&op=actions&go=edit\" name=fm_addphone method=POST>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<input type=hidden name=pid value=\"" . $pid . "\">\n\t\t\t<table class=playsms-table>\n\t\t\t<tbody>\n\t\t\t<tr><td class=label-sizer>" . _('Group') . "</td><td><select name=gpids[] multiple>{$list_of_group}</select></td></tr>\n\t\t\t<tr><td>" . _mandatory(_('Name')) . "</td><td><input type=text name=name value=\"" . $list[0]['name'] . "\"></td></tr>\n\t\t\t<tr><td>" . _mandatory(_('Mobile')) . "</td><td><input type=text name=mobile maxlength=20 value=\"" . $list[0]['mobile'] . "\"></td></tr>\n\t\t\t<tr><td>" . _('Email') . "</td><td><input type=text name=email value=\"" . $list[0]['email'] . "\"></td></tr>\n\t\t\t<tr><td>" . _('Tags') . "</td><td><input type=text name=tags value=\"" . $list[0]['tags'] . "\"> " . _hint(_('Multiple entries separated by space')) . "</td></tr>\n\t\t\t</tbody>\n\t\t\t</table>\n\t\t\t<p><input type=submit class=button value=\"" . _('Save') . "\"></p>\n\t\t\t</form>\n\t\t\t" . _back('index.php?app=main&inc=feature_phonebook&op=phonebook_list');
if ($err = TRUE) {
_p(_dialog());
}
_p($content);
break;
case "actions":
$nav = themes_nav_session();
$search = themes_search_session();
$go = $_REQUEST['go'];
switch ($go) {
case 'export':
$fields = 'DISTINCT A.id AS pid, A.uid AS uid, A.name AS name, A.mobile AS mobile, A.email AS email, B.code AS code, A.tags AS tags';
$join = 'LEFT JOIN ' . _DB_PREF_ . '_featurePhonebook_group_contacts AS C ON A.id=C.pid ';
$join .= 'LEFT JOIN ' . _DB_PREF_ . '_featurePhonebook_group AS B ON B.id=C.gpid';
$conditions = array('( A.uid' => $user_config['uid'] . "' OR B.id in (\n\t\t\t\t\t\tSELECT B.id AS id FROM " . _DB_PREF_ . "_featurePhonebook AS A\n\t\t\t\t\t\t" . $join . "\n\t\t\t\t\t\tWHERE A.mobile LIKE '%" . core_mobile_matcher_format($user_config['mobile']) . "'\n\t\t\t\t\t\tAND B.flag_sender='1'\n\t\t\t\t\t\t) OR ( A.uid <>'" . $user_config['uid'] . "' AND B.flag_sender>'1' ) ) AND '1'='1");
$i = 0;
while ($db_row = dba_fetch_array($db_result)) {
$status_active = "<a href=\"" . _u('index.php?app=main&inc=feature_schedule&op=status&id=' . $db_row['id'] . '&status=0') . "\"><span class=status_enabled /></a>";
$status_inactive = "<a href=\"" . _u('index.php?app=main&inc=feature_schedule&op=status&id=' . $db_row['id'] . '&status=1') . "\"><span class=status_disabled /></a>";
$status = $db_row['flag_active'] == 1 ? $status_active : $status_inactive;
$action = "<a href=\"" . _u('index.php?app=main&inc=feature_schedule&route=manage&op=list&id=' . $db_row['id']) . "\">" . $icon_config['manage'] . "</a> ";
$action .= "<a href=\"" . _u('index.php?app=main&inc=feature_schedule&route=edit&op=list&id=' . $db_row['id']) . "\">" . $icon_config['edit'] . "</a> ";
$action .= "<a href=\"javascript: ConfirmURL('" . _('Are you sure you want to delete SMS schedule ?') . " (" . _('Schedule ID') . ": " . $db_row['id'] . ")','" . _u('index.php?app=main&inc=feature_schedule&op=del&id=' . $db_row['id']) . "')\">" . $icon_config['delete'] . "</a>";
$i++;
$content .= "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>" . $db_row['id'] . "</td>\n\t\t\t\t\t\t<td>" . $db_row['name'] . "</td>\n\t\t\t\t\t\t<td>" . $db_row['message'] . "</td>\n\t\t\t\t\t\t<td>" . $status . "</td>\n\t\t\t\t\t\t<td>" . $action . "</td>\n\t\t\t\t\t</tr>";
}
$content .= "\n\t\t\t</tbody>\n\t\t\t</table>\n\t\t\t</div>\n\t\t\t" . _button('index.php?app=main&inc=feature_schedule&op=add', _('Add SMS schedule'));
_p($content);
break;
case "add":
$content = _dialog() . "\n\t\t\t<h2>" . _('Schedule messages') . "</h2>\n\t\t\t<h3>" . _('Add SMS schedule') . "</h3>\n\t\t\t<form action=index.php?app=main&inc=feature_schedule&op=add_yes method=post>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<table class=playsms-table cellpadding=1 cellspacing=2 border=0>\n\t\t\t<tr>\n\t\t\t\t<td class=label-sizer>" . _mandatory(_('Schedule name')) . "</td><td><input type=text maxlength=100 name=name></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td>" . _mandatory(_('Scheduled message')) . "</td><td><input type=text name=message></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td>" . _('Schedule rule') . "</td><td>" . _select('schedule_rule', $plugin_config['schedule']['rules']) . "</td>\n\t\t\t</tr>\n\t\t\t</table>\n\t\t\t<p><input type=submit class=button value=\"" . _('Save') . "\">\n\t\t\t</form>\n\t\t\t" . _back('index.php?app=main&inc=feature_schedule&op=list');
_p($content);
break;
case "add_yes":
$name = $_POST['name'];
$message = $_POST['message'];
$schedule_rule = (int) $_POST['schedule_rule'];
if ($name && $message) {
// flag_active : 1 active, 2 inactive, 0 considered inactive
// flag_deleted : 1 deleted, other values considered non-deleted
$db_query = "\n\t\t\t\tINSERT INTO " . _DB_PREF_ . "_featureSchedule (c_timestamp,uid,name,message,schedule_rule,flag_active,flag_deleted)\n\t\t\t\tVALUES (" . mktime() . ",'" . $user_config['uid'] . "','{$name}','{$message}','{$schedule_rule}','2','0')";
if ($new_uid = @dba_insert_id($db_query)) {
$_SESSION['dialog']['info'][] = _('New SMS schedule been added');
} else {
$_SESSION['dialog']['info'][] = _('Fail to add new SMS schedule');
}
$db_query = "SELECT custom_keyword FROM " . _DB_PREF_ . "_featureCustom WHERE custom_id='{$custom_id}'";
$db_result = dba_query($db_query);
$db_row = dba_fetch_array($db_result);
if ($db_row['custom_keyword']) {
$db_query = "DELETE FROM " . _DB_PREF_ . "_featureCustom WHERE custom_id='{$custom_id}'";
if (@dba_affected_rows($db_query)) {
$_SESSION['dialog']['info'][] = _('SMS custom has been deleted');
} else {
$_SESSION['dialog']['danger'][] = _('Fail to delete SMS custom');
}
}
header("Location: " . _u('index.php?app=main&inc=feature_sms_custom&op=sms_custom_list'));
exit;
break;
case "sms_custom_add":
$content .= _dialog() . "\n\t\t\t<h2>" . _('Manage custom') . "</h2>\n\t\t\t<h3>" . _('Add SMS custom') . "</h3>\n\t\t\t<form action=index.php?app=main&inc=feature_sms_custom&op=sms_custom_add_yes method=post>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<table class=playsms-table>\n\t\t\t\t<tbody>\n\t\t\t\t<tr>\n\t\t\t\t\t<td class=label-sizer>" . _mandatory(_('Service name')) . "</td><td><input type=text size=30 maxlength=255 name=add_service_name value=\"" . _lastpost('add_service_name') . "\"></td>\n\t\t\t\t</tr>\n\t\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _mandatory(_('SMS custom keywords')) . "</td><td><input type=text size=30 maxlength=255 name=add_custom_keyword value=\"" . _lastpost('add_custom_keyword') . "\"> " . _hint('Multiple keywords seperated by space') . "</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _('Receiver number') . "</td><td><input type=text size=30 maxlength=20 name=add_sms_receiver value=\"" . _lastpost('add_sms_receiver') . "\"></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td colspan=2>" . _('Pass these parameters to custom URL field') . "</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td colspan=2>\n\t\t\t\t\t\t" . _('Pass these parameters to custom URL field') . "\n\t\t\t\t\t\t<ul>\n\t\t\t\t\t\t\t<li>{SERVICENAME} " . _('will be replaced by service name') . "</li>\n\t\t\t\t\t\t\t<li>{SMSDATETIME} " . _('will be replaced by SMS incoming date/time') . "</li>\n\t\t\t\t\t\t\t<li>{SMSSENDER} " . _('will be replaced by sender number') . "</li>\n\t\t\t\t\t\t\t<li>{SMSRECEIVER} " . _('will be replaced by receiver number') . "</li>\n\t\t\t\t\t\t\t<li>{CUSTOMKEYWORD} " . _('will be replaced by custom keyword') . "</li>\n\t\t\t\t\t\t\t<li>{CUSTOMPARAM} " . _('will be replaced by custom parameter passed to server from SMS') . "</li>\n\t\t\t\t\t\t\t<li>{CUSTOMRAW} " . _('will be replaced by SMS raw message') . "</li>\n\t\t\t\t\t\t</ul>\n\t\t\t\t\t\t" . _('Example of SMS custom URL') . "\n\t\t\t\t\t\t<ul>\n\t\t\t\t\t\t\t<li>" . htmlspecialchars('http://someserver.somedomain/handler.php?service={SERVICENAME}&datetime={SMSDATETIME}&sender={SMSSENDER}&receiver={SMSRECEIVER}&keyword={CUSTOMKEYWORD}¶m={CUSTOMPARAM}&raw={CUSTOMRAW}') . "</li>\n\t\t\t\t\t\t</ul>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _mandatory(_('SMS custom URL')) . "</td><td><input type=text maxlength=255 name=add_custom_url value=\"" . _lastpost('add_custom_url') . "\"></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _('Make return as reply') . "</td><td><input type=checkbox name=add_custom_return_as_reply></td>\n\t\t\t\t</tr>\n\t\t\t\t</tbody>\n\t\t\t</table>\n\t\t\t<p><input type=submit class=button value=\"" . _('Save') . "\">\n\t\t\t</form>\n\t\t\t" . _back('index.php?app=main&inc=feature_sms_custom&op=sms_custom_list');
_p($content);
break;
case "sms_custom_add_yes":
$add_service_name = trim($_POST['add_service_name']);
$add_sms_receiver = trim($_POST['add_sms_receiver']);
$add_custom_return_as_reply = $_POST['add_custom_return_as_reply'] == 'on' ? '1' : '0';
$add_custom_url = $_POST['add_custom_url'];
$add_custom_keyword = strtoupper($_POST['add_custom_keyword']);
$c_keywords = explode(' ', $add_custom_keyword);
foreach ($c_keywords as $keyword) {
if ($keyword) {
if (keyword_isavail($keyword, $add_sms_receiver)) {
$keywords .= core_sanitize_alphanumeric($keyword) . ' ';
} else {
$_SESSION['dialog']['danger'][] = sprintf(_('Keyword %s is not available'), $keyword);
$db_query = "SELECT * FROM " . _DB_PREF_ . "_featureAutoreply WHERE autoreply_id='{$autoreply_id}'";
$db_result = dba_query($db_query);
$db_row = dba_fetch_array($db_result);
$autoreply_keyword = $db_row['autoreply_keyword'];
$content .= "\n\t\t\t<h2>" . _('Manage autoreply') . "</h2>\n\t\t\t<h3>" . _('Edit SMS autoreply scenario') . "</h3>\n\t\t\t<form action=index.php?app=main&inc=feature_sms_autoreply&op=sms_autoreply_scenario_edit_yes method=post>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<input type=hidden name=autoreply_id value=\"{$autoreply_id}\">\n\t\t\t<input type=hidden name=autoreply_scenario_id value=\"{$autoreply_scenario_id}\">\n\t\t\t<table class=playsms-table>\n\t\t\t\t<tbody>\n\t\t\t\t<tr>\n\t\t\t\t\t<td class=label-sizer>" . _('SMS autoreply keyword') . "</td><td>" . $autoreply_keyword . "</td>\n\t\t\t\t</tr>";
$db_query = "SELECT * FROM " . _DB_PREF_ . "_featureAutoreply_scenario WHERE autoreply_id='{$autoreply_id}' AND autoreply_scenario_id='{$autoreply_scenario_id}'";
$db_result = dba_query($db_query);
$db_row = dba_fetch_array($db_result);
for ($i = 1; $i <= 7; $i++) {
${"edit_autoreply_scenario_param" . $i} = $db_row['autoreply_scenario_param' . $i];
}
for ($i = 1; $i <= 7; $i++) {
$content .= "\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _('SMS autoreply scenario parameter') . " {$i}</td><td><input type=text size=10 maxlength=20 name=edit_autoreply_scenario_param{$i} value=\"" . ${"edit_autoreply_scenario_param" . $i} . "\"> " . _hint(_('This field is not mandatory')) . "</td>\n\t\t\t\t</tr>";
}
$edit_autoreply_scenario_result = $db_row['autoreply_scenario_result'];
$content .= "\n\t\t\t<tr>\n\t\t\t\t<td>" . _mandatory(_('SMS autoreply scenario reply')) . "</td><td><input type=text name=edit_autoreply_scenario_result value=\"{$edit_autoreply_scenario_result}\"></td>\n\t\t\t</tr>\n\t\t\t</table>\n\t\t\t<p><input type=submit class=button value=\"" . _('Save') . "\"></p>\n\t\t\t</form>\n\t\t\t<p>" . _back('index.php?app=main&inc=feature_sms_autoreply&op=sms_autoreply_manage&autoreply_id=' . $autoreply_id);
if ($err = TRUE) {
_p(_dialog());
}
_p($content);
break;
case "sms_autoreply_scenario_edit_yes":
$autoreply_scenario_id = $_POST['autoreply_scenario_id'];
$edit_autoreply_scenario_result = $_POST['edit_autoreply_scenario_result'];
for ($i = 1; $i <= 7; $i++) {
${"edit_autoreply_scenario_param" . $i} = trim(strtoupper($_POST['edit_autoreply_scenario_param' . $i]));
}
if ($edit_autoreply_scenario_result) {
for ($i = 1; $i <= 7; $i++) {
$autoreply_scenario_param_list .= "autoreply_scenario_param" . $i . "='" . ${"edit_autoreply_scenario_param" . $i} . "',";
}
auth_block();
}
switch (_OP_) {
case "email2sms":
$items = registry_search($user_config['uid'], 'features', 'email2sms');
// option enable
$option_enable = _options(array(_('yes') => 1, _('no') => 0), $items['features']['email2sms']['enable']);
// option check email sender
$option_check_sender = _options(array(_('yes') => 1, _('no') => 0), $items['features']['email2sms']['check_sender']);
// option protocol
$option_protocol = _options(array('IMAP' => 'imap', 'POP3' => 'pop3'), $items['features']['email2sms']['protocol']);
// option ssl
$option_ssl = _options(array(_('yes') => 1, _('no') => 0), $items['features']['email2sms']['ssl']);
// option cert
$option_novalidate_cert = _options(array(_('yes') => 1, _('no') => 0), $items['features']['email2sms']['novalidate_cert']);
$tpl = array('name' => 'email2sms', 'vars' => array('DIALOG_DISPLAY' => _dialog(), 'FORM_TITLE' => _('Manage email to SMS'), 'ACTION_URL' => _u('index.php?app=main&inc=feature_email2sms&op=email2sms_save'), 'HTTP_PATH_THEMES' => _HTTP_PATH_THEMES_, 'HINT_PASSWORD' => _hint(_('Fill the password field to change password')), 'PIN for email to SMS' => _mandatory(_('PIN for email to SMS')), 'Enable email to SMS' => _('Enable email to SMS'), 'Check email sender' => _('Check email sender'), 'Email protocol' => _('Email protocol'), 'Use SSL' => _('Use SSL'), 'No validate cert option' => _('No validate cert option'), 'Mail server address' => _('Mail server address'), 'Mail server port' => _('Mail server port'), 'Mailbox username' => _('Mailbox username'), 'Mailbox password' => _('Mailbox password'), 'PORT_DEFAULT' => '443', 'PORT_DEFAULT_SSL' => '993'), 'injects' => array('select_users', 'option_enable', 'option_check_sender', 'option_protocol', 'option_ssl', 'option_novalidate_cert', 'items'));
_p(tpl_apply($tpl));
break;
case "email2sms_save":
$continue = FALSE;
$pin = core_sanitize_alphanumeric(substr($_REQUEST['pin'], 0, 40));
if ($pin) {
$continue = TRUE;
} else {
$_SESSION['dialog']['info'][] = _('PIN is empty');
$_SESSION['dialog']['info'][] = _('Fail to save email to SMS configuration');
}
if ($continue) {
$items = array('pin' => $pin, 'enable' => $_REQUEST['enable'], 'check_sender' => $_REQUEST['check_sender'], 'protocol' => $_REQUEST['protocol'], 'ssl' => $_REQUEST['ssl'], 'novalidate_cert' => $_REQUEST['novalidate_cert'], 'port' => $_REQUEST['port'], 'server' => $_REQUEST['server'], 'username' => $_REQUEST['username'], 'hash' => md5($_REQUEST['username'] . $_REQUEST['server'] . $_REQUEST['port']));
if ($_REQUEST['password']) {
$items['password'] = $_REQUEST['password'];
$language = $core_config['languagelist'][$i];
$c_language_title = $plugin_config[$language]['title'];
if ($c_language_title) {
$lang_list[$c_language_title] = $language;
}
}
if (is_array($lang_list)) {
foreach ($lang_list as $key => $val) {
if ($val == core_lang_get()) {
$selected = "selected";
}
$option_language_module .= "<option value=\"" . $val . "\" {$selected}>" . $key . "</option>";
$selected = "";
}
}
$content .= "\n\t\t<h2>" . _('Manage subuser') . "</h2>\n\t\t<h3>" . _('Add subuser') . "</h3>\n\t\t<form action='index.php?app=main&inc=core_user&route=subuser_mgmnt&op=subuser_add_yes' method=POST>\n\t\t" . _CSRF_FORM_ . "\n\t\t<table class=playsms-table>\n\t\t<tbody>\n\t\t<tr>\n\t\t\t<td>" . _mandatory(_('Username')) . "</td><td><input type='text' maxlength='30' name='add_username' value=\"{$add_username}\"></td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _mandatory(_('Password')) . "</td><td><input type='password' maxlength='30' name='add_password' value=\"{$add_password}\"></td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _mandatory(_('Full name')) . "</td><td><input type='text' maxlength='100' name='add_name' value=\"{$add_name}\"></td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _mandatory(_('Email')) . "</td><td><input type='text' maxlength='250' name='add_email' value=\"{$add_email}\"></td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _('Mobile') . "</td><td><input type='text' size='16' maxlength='16' name='add_mobile' value=\"{$add_mobile}\"> " . _hint(_('Max. 16 numeric or 11 alphanumeric characters')) . "</td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _('SMS footer') . "</td><td><input type='text' maxlength='30' name='add_footer' value=\"{$add_footer}\"> " . _hint(_('Max. 30 alphanumeric characters')) . "</td>\n\t\t</tr>\t \t \t \n\t\t<tr>\n\t\t\t<td>" . _('Timezone') . "</td><td><input type='text' size='5' maxlength='5' name='add_datetime_timezone' value=\"{$add_datetime_timezone}\"> " . _hint(_('Eg: +0700 for Jakarta/Bangkok timezone')) . "</td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _('Active language') . "</td><td><select name='add_language_module'>{$option_language_module}</select></td>\n\t\t</tr>\n\t\t</tbody>\n\t\t</table>\n\t\t<p><input type='submit' class='button' value='" . _('Save') . "'></p>\n\t\t</form>\n\t\t" . _back('index.php?app=main&inc=core_user&route=subuser_mgmnt&op=subuser_list');
_p($content);
break;
case "subuser_add_yes":
$add['email'] = $_POST['add_email'];
$add['username'] = $_POST['add_username'];
$add['password'] = $_POST['add_password'];
$add['mobile'] = $_POST['add_mobile'];
$add['name'] = $_POST['add_name'];
$add['footer'] = $_POST['add_footer'];
$add['datetime_timezone'] = $_POST['add_datetime_timezone'];
$add['language_module'] = $_POST['add_language_module'];
// subuser settings
$add['parent_uid'] = $user_config['uid'];
$add['status'] = 4;
// set credit to 0 by default
case 'delete':
foreach ($items as $item) {
$conditions = array('id' => $item);
dba_remove(_DB_PREF_ . '_featureFirewall', $conditions);
}
break;
}
$search = themes_search_session();
$nav = themes_nav_session();
$_SESSION['error_string'] = _('IP addreses has been deleted');
$ref = $search['url'] . '&search_keyword=' . $search['keyword'] . '&search_category=' . $search['category'] . '&page=' . $nav['page'] . '&nav=' . $nav['nav'];
header("Location: " . _u($ref));
exit;
break;
case "firewall_add":
$content = _err_display() . "\n\t\t\t<h2>" . _('Manage firewall') . "</h2>\n\t\t\t<h3>" . _('Add blocked IP addresses') . " " . _hint(_('Multiple IP addresses must be comma seperated')) . "</h3>\n\t\t\t<form action='index.php?app=main&inc=feature_firewall&op=firewall_add_yes' method='post'>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<table class=playsms-table>\n\t\t\t<tr>\n\t\t\t\t<td class=label-sizer>" . _mandatory(_('Select username')) . "</td>\n\t\t\t\t<td>" . themes_select_users_single('add_username') . "</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td class=label-sizer>" . _mandatory(_('IP addresses')) . "</td>\n\t\t\t\t<td><textarea name='add_ip_address' required></textarea></td>\n\t\t\t</tr>\n\t\t\t</table>\n\t\t\t<p><input type='submit' class='button' value='" . _('Save') . "'></p>\n\t\t\t</form>\n\t\t\t" . _back('index.php?app=main&inc=feature_firewall&op=firewall_list');
_p($content);
break;
case "firewall_add_yes":
$add_username = user_uid2username($_POST['add_username']);
$add_ip_address = $_POST['add_ip_address'];
if ($add_username && $add_ip_address) {
foreach (explode(',', str_replace(' ', '', $add_ip_address)) as $ip) {
blacklist_addip($add_username, $ip);
}
$_SESSION['error_string'] = _('IP addresses have been blocked');
} else {
$_SESSION['error_string'] = _('You must fill all fields');
}
header("Location: " . _u('index.php?app=main&inc=feature_firewall&op=firewall_add'));
exit;
*/
defined('_SECURE_') or die('Forbidden');
if (!auth_isvalid()) {
auth_block();
}
switch (_OP_) {
case "list":
$id = $_REQUEST['id'];
$db_query = "SELECT * FROM " . _DB_PREF_ . "_featureSchedule WHERE uid='" . $user_config['uid'] . "' AND id='{$id}' AND flag_deleted='0'";
$db_result = dba_query($db_query);
$db_row = dba_fetch_array($db_result);
$name = $db_row['name'];
$message = $db_row['message'];
$schedule_rule = $db_row['schedule_rule'];
if ($id && $name && $message) {
$content = _dialog() . "\n\t\t\t<h2>" . _('Schedule messages') . "</h2>\n\t\t\t<h3>" . _('Edit schedule') . "</h3>\n\t\t\t<form action=index.php?app=main&inc=feature_schedule&route=edit&op=edit_yes method=post>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<input type=hidden name=id value='{$id}'>\n\t\t\t<table class=playsms-table>\n\t\t\t<tr>\n\t\t\t\t<td class=label-sizer>" . _('Schedule ID') . "</td><td>" . $id . "</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td>" . _mandatory(_('Schedule name')) . "</td><td><input type=text maxlength=100 name=name value=\"" . $name . "\"></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td>" . _mandatory(_('Scheduled message')) . "</td><td><input type=text name=message value=\"" . $message . "\"></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td>" . _('Schedule rule') . "</td><td>" . _select('schedule_rule', $plugin_config['schedule']['rules'], $schedule_rule) . "</td>\n\t\t\t</tr>\n\t\t\t</table>\n\t\t\t<p><input type=submit class=button value=\"" . _('Save') . "\">\n\t\t\t</form>\n\t\t\t" . _back('index.php?app=main&inc=feature_schedule&op=list');
} else {
auth_block();
}
_p($content);
break;
case "edit_yes":
$id = $_POST['id'];
$name = $_POST['name'];
$message = $_POST['message'];
$schedule_rule = (int) $_POST['schedule_rule'];
if ($id && $name && $message) {
$db_query = "\n\t\t\t\tUPDATE " . _DB_PREF_ . "_featureSchedule\n\t\t\t\tSET c_timestamp='" . mktime() . "',name='{$name}',message='{$message}', schedule_rule='{$schedule_rule}'\n\t\t\t\tWHERE uid='" . $user_config['uid'] . "' AND id='{$id}' AND flag_deleted='0'";
if (@dba_affected_rows($db_query)) {
$_SESSION['dialog']['info'][] = _('SMS schedule been saved');
} else {
$form_title = _('Manage account');
if ($is_parent) {
$button_delete = "<input type=button class=button value='" . _('Delete') . "' onClick=\"javascript: ConfirmURL('" . _('Are you sure you want to delete subuser ?') . " (" . _('username') . ": " . $c_username . ")','index.php?app=main&inc=core_user&route=subuser_mgmnt&op=subuser_del" . $url_uname . "')\">";
$button_back = _back('index.php?app=main&inc=core_user&route=subuser_mgmnt&op=subuser_list');
} else {
$button_delete = "<input type=button class=button value='" . _('Delete') . "' onClick=\"javascript: ConfirmURL('" . _('Are you sure you want to delete user ?') . " (" . _('username') . ": " . $c_username . ")','index.php?app=main&inc=core_user&route=user_mgmnt&op=user_del" . $url_uname . "&view=" . $view . "')\">";
$button_back = _back('index.php?app=main&inc=core_user&route=user_mgmnt&op=user_list&view=' . $view);
}
} else {
$form_title = _('Preferences');
}
// error string
if ($err = TRUE) {
$error_content = _dialog();
}
$tpl = array('name' => 'user_pref', 'vars' => array('Account status' => _('Account status'), 'Parent account' => _('Parent account') . " (" . _('for subuser only') . ")", 'Login information' => _('Login information'), 'Username' => _('Username'), 'Password' => _('Password'), 'Re-type password' => _('Re-type password'), 'Personal information' => _('Personal information'), 'Name' => _mandatory(_('Name')), 'Email' => _mandatory(_('Email')), 'Mobile' => _('Mobile'), 'Address' => _('Address'), 'City' => _('City'), 'State or Province' => _('State or Province'), 'Country' => _('Country'), 'Zipcode' => _('Zipcode'), 'Save' => _('Save'), 'HINT_STATUS' => _hint(_('Cannot change status when user have subusers')), 'HINT_PARENT' => _hint(_('Parent account is mandatory for subusers only. If no value is given then the subuser will be automatically assigned to user admin')), 'STATUS' => _('User'), 'DIALOG_DISPLAY' => $error_content, 'FORM_TITLE' => $form_title, 'BUTTON_DELETE' => $button_delete, 'BUTTON_BACK' => $button_back, 'URL_UNAME' => $url_uname, 'VIEW' => $view, 'select_status' => $select_status, 'select_parents' => $select_parents, 'c_username' => $c_username, 'name' => $name, 'email' => $email, 'mobile' => $mobile, 'address' => $address, 'city' => $city, 'state' => $state, 'option_country' => $option_country, 'zipcode' => $zipcode), 'ifs' => array('edit_status' => $allow_edit_status, 'edit_parent' => $allow_edit_parent, 'edit_status_hint' => $show_status_hint, 'show_personal_information' => $show_personal_information));
_p(tpl_apply($tpl));
break;
case "user_pref_save":
$continue = TRUE;
$fields = array('name', 'email', 'mobile', 'address', 'city', 'state', 'country', 'password', 'zipcode');
if ($allow_edit_status) {
_log('saving username:'******' status:' . $_POST['up_status'], 3, 'user_pref');
$fields[] = 'status';
}
if ($allow_edit_parent) {
_log('saving username:'******' parent_uid:' . $_POST['up_parent_uid'], 3, 'user_pref');
$fields[] = 'parent_uid';
}
for ($i = 0; $i < count($fields); $i++) {
if ($c_data = trim($_POST['up_' . $fields[$i]])) {
*/
defined('_SECURE_') or die('Forbidden');
if (!auth_isadmin()) {
auth_block();
}
include $core_config['apps_path']['plug'] . "/gateway/uplink/config.php";
switch (_OP_) {
case "manage":
if ($plugin_config['uplink']['try_disable_footer']) {
$selected['yes'] = 'selected';
} else {
$selected['no'] = 'selected';
}
$option_try_disable_footer = "<option value=\"1\" " . $selected['yes'] . ">" . _('yes') . "</option>";
$option_try_disable_footer .= "<option value=\"0\" " . $selected['no'] . ">" . _('no') . "</option>";
$content = _dialog() . "\n\t\t\t<h2>" . _('Manage uplink') . "</h2>\n\t\t\t<form action=index.php?app=main&inc=gateway_uplink&op=manage_save method=post>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<table class=playsms-table>\n\t\t\t\t<tbody>\n\t\t\t\t<tr>\n\t\t\t\t\t<td class=label-sizer>" . _('Gateway name') . "</td><td>uplink</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _mandatory(_('Master URL')) . "</td><td><input type=text maxlength=250 name=up_master value=\"" . $plugin_config['uplink']['master'] . "\"></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _('Additional URL parameter') . "</td><td><input type=text maxlength=250 name=up_additional_param value=\"" . $plugin_config['uplink']['additional_param'] . "\"></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _mandatory(_('Webservice username')) . "</td><td><input type=text maxlength=30 name=up_username value=\"" . $plugin_config['uplink']['username'] . "\"></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _mandatory(_('Webservice token')) . "</td><td><input type=text maxlength=32 name=up_token value=\"" . $plugin_config['uplink']['token'] . "\"></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _('Try to disable SMS footer on master') . "</td><td><select name=up_try_disable_footer>" . $option_try_disable_footer . "</select></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _('Module sender ID') . "</td><td><input type=text maxlength=16 name=up_module_sender value=\"" . $plugin_config['uplink']['module_sender'] . "\"> " . _hint(_('Max. 16 numeric or 11 alphanumeric char. empty to disable')) . "</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . _('Module timezone') . "</td><td><input type=text size=5 maxlength=5 name=up_datetime_timezone value=\"" . $plugin_config['uplink']['datetime_timezone'] . "\"> " . _hint(_('Eg: +0700 for Jakarta/Bangkok timezone')) . "</td>\n\t\t\t\t</tr>\n\t\t\t\t</tbody>\n\t\t\t</table>\n\t\t\t<p><input type=submit class=button value=\"" . _('Save') . "\">\n\t\t\t</form>" . _back('index.php?app=main&inc=core_gateway&op=gateway_list');
_p($content);
break;
case "manage_save":
$up_master = $_POST['up_master'];
$up_additional_param = $_POST['up_additional_param'];
$up_username = $_POST['up_username'];
$up_token = $_POST['up_token'];
$up_module_sender = $_POST['up_module_sender'];
$up_datetime_timezone = $_POST['up_datetime_timezone'];
$up_try_disable_footer = $_POST['up_try_disable_footer'];
if ($up_master && $up_username && $up_token) {
$db_query = "\n\t\t\t\tUPDATE " . _DB_PREF_ . "_gatewayUplink_config\n\t\t\t\tSET c_timestamp='" . mktime() . "',\n\t\t\t\tcfg_master='{$up_master}',\n\t\t\t\tcfg_additional_param='{$up_additional_param}',\n\t\t\t\tcfg_username='******',\n\t\t\t\tcfg_token='{$up_token}',\n\t\t\t\tcfg_module_sender='{$up_module_sender}',\n\t\t\t\tcfg_datetime_timezone='{$up_datetime_timezone}',\n\t\t\t\tcfg_try_disable_footer='{$up_try_disable_footer}'";
if (@dba_affected_rows($db_query)) {
$_SESSION['dialog']['info'][] = _('Gateway module configurations has been saved');
} else {
if ($nav['url']) {
$ref = $nav['url'] . '&search_keyword=' . $search['keyword'] . '&page=' . $nav['page'] . '&nav=' . $nav['nav'];
} else {
$ref = 'index.php?app=main&inc=core_sender_id&op=sender_id_list';
}
$items['id'] = $_REQUEST['id'];
$items['uid'] = $uid;
$items['sender_id'] = $data_sender_id[0]['registry_key'];
$items['description'] = sender_id_description($uid, $data_sender_id[0]['registry_key']);
if (auth_isadmin()) {
$select_approve = _yesno('approved', $data_sender_id[0]['registry_value']);
$select_users = user_getfieldbyuid($uid, 'name') . ' (' . user_uid2username($uid) . ')';
}
$default_sender_id = sender_id_default_get($uid);
$select_default = _yesno('default', strtoupper($data_sender_id[0]['registry_key']) == strtoupper($default_sender_id) ? 1 : 0);
$tpl = array('name' => 'sender_id_add', 'vars' => array('DIALOG_DISPLAY' => _dialog(), 'FORM_TITLE' => _('Manage sender ID'), 'FORM_SUBTITLE' => _('Edit sender ID'), 'ACTION_URL' => _u('index.php?app=main&inc=core_sender_id&op=sender_id_edit_yes'), 'BUTTON_BACK' => _back($ref), 'HTTP_PATH_THEMES' => _HTTP_PATH_THEMES_, 'HINT_DEFAULT' => _hint(_('Only when the sender ID is approved')), 'input_tag' => 'readonly', 'Sender ID' => _mandatory(_('Sender ID')), 'Description' => _('Description'), 'User' => _('User'), 'Approve sender ID' => _('Approve sender ID'), 'Set as default' => _('Set as default')), 'ifs' => array('isadmin' => auth_isadmin()), 'injects' => array('select_default', 'select_approve', 'select_users', 'items', 'icon_config', 'core_config'));
_p(tpl_apply($tpl));
break;
case "sender_id_edit_yes":
if (sender_id_update($uid, $c_sender_id, $c_sender_id_description, $_REQUEST['default'], $_REQUEST['approved'])) {
$_SESSION['dialog']['info'][] = _('Sender ID description has been updated') . ' (' . _('Sender ID') . ': ' . $c_sender_id . ')';
} else {
$_SESSION['dialog']['info'][] = _('Fail to update due to invalid sender ID') . ' (' . _('Sender ID') . ': ' . $c_sender_id . ')';
}
header("Location: " . _u('index.php?app=main&inc=core_sender_id&op=sender_id_edit&id=' . $_REQUEST['id']));
exit;
break;
case "toggle_status":
$search = array('id' => $_REQUEST['id'], 'registry_family' => 'sender_id');
foreach (registry_search_record($search) as $row) {
$status = $row['registry_value'] == 0 ? 1 : 0;
*
* You should have received a copy of the GNU General Public License
* along with playSMS. If not, see <http://www.gnu.org/licenses/>.
*/
defined('_SECURE_') or die('Forbidden');
if (!auth_isadmin()) {
auth_block();
}
switch (_OP_) {
case 'add_smsc':
$c_gateway = $_REQUEST['gateway'];
$dv = $plugin_config[$c_gateway]['_smsc_config_'] ? $plugin_config[$c_gateway]['_smsc_config_'] : array();
foreach ($dv as $key => $val) {
$dynamic_variables[] = array('key' => $key, 'title' => $val);
}
$tpl = array('name' => 'gateway_add_smsc', 'vars' => array('FORM_TITLE' => _('Add SMSC'), 'ACTION_URL' => 'index.php?app=main&inc=core_gateway&op=add_smsc_save', 'GATEWAY' => $c_gateway, 'BACK' => _back('index.php?app=main&inc=core_gateway&op=gateway_list'), 'Gateway' => _('Gateway'), 'SMSC name' => _mandatory(_('SMSC name')), 'Save' => _('Save')), 'loops' => array('dynamic_variables' => $dynamic_variables));
$content = tpl_apply($tpl);
break;
case 'add_smsc_save':
$c_gateway = gateway_valid_name($_REQUEST['gateway']);
// do not add dev and blocked
$continue = FALSE;
if (!($c_gateway == 'dev' || $c_gateway == 'blocked')) {
$continue = TRUE;
}
$c_name = core_sanitize_alphanumeric(strtolower($_REQUEST['name']));
if (!$c_name) {
$c_name = mktime();
}
$smsc = gateway_get_smscbyname($c_name);
if ($smsc['name']) {
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with playSMS. If not, see <http://www.gnu.org/licenses/>.
*/
defined('_SECURE_') or die('Forbidden');
if (!auth_isadmin()) {
auth_block();
}
include $core_config['apps_path']['plug'] . "/gateway/generic/config.php";
switch (_OP_) {
case "manage":
if ($err = TRUE) {
$error_content = _dialog();
}
$tpl = array('name' => 'generic', 'vars' => array('DIALOG_DISPLAY' => $error_content, 'Manage generic' => _('Manage generic'), 'Gateway name' => _('Gateway name'), 'Generic send SMS URL' => _mandatory(_('Generic send SMS URL')), 'Callback URL' => _('Callback URL'), 'API username' => _mandatory(_('API username')), 'API password' => _('API password'), 'Module sender ID' => _('Module sender ID'), 'Module timezone' => _('Module timezone'), 'Save' => _('Save'), 'Notes' => _('Notes'), 'HINT_CALLBACK_URL' => _hint(_('Empty callback URL to set default')), 'HINT_FILL_PASSWORD' => _hint(_('Fill to change the API password')), 'HINT_MODULE_SENDER' => _hint(_('Max. 16 numeric or 11 alphanumeric char. empty to disable')), 'HINT_TIMEZONE' => _hint(_('Eg: +0700 for Jakarta/Bangkok timezone')), 'CALLBACK_URL_IS' => _('Your current callback URL is'), 'CALLBACK_URL_ACCESSIBLE' => _('Your callback URL should be accessible from Generic'), 'GENERIC_PUSH_DLR' => _('Generic will push DLR and incoming SMS to your callback URL'), 'BUTTON_BACK' => _back('index.php?app=main&inc=core_gateway&op=gateway_list'), 'status_active' => $status_active, 'generic_param_url' => $plugin_config['generic']['url'], 'generic_param_callback_url' => $plugin_config['generic']['callback_url'], 'generic_param_api_username' => $plugin_config['generic']['api_username'], 'generic_param_module_sender' => $plugin_config['generic']['module_sender'], 'generic_param_datetime_timezone' => $plugin_config['generic']['datetime_timezone']));
_p(tpl_apply($tpl));
break;
case "manage_save":
$up_url = $_REQUEST['up_url'] ? $_REQUEST['up_url'] : $plugin_config['generic']['default_url'];
$up_callback_url = $_REQUEST['up_callback_url'] ? $_REQUEST['up_callback_url'] : $plugin_config['generic']['default_callback_url'];
$up_api_username = $_REQUEST['up_api_username'];
$up_api_password = $_REQUEST['up_api_password'];
$up_module_sender = $_REQUEST['up_module_sender'];
$up_datetime_timezone = $_REQUEST['up_datetime_timezone'];
if ($up_url && $up_api_username) {
$items = array('url' => $up_url, 'callback_url' => $up_callback_url, 'api_username' => $up_api_username, 'module_sender' => $up_module_sender, 'datetime_timezone' => $up_datetime_timezone);
if ($up_api_password) {
$items['api_password'] = $up_api_password;
}
if (registry_update(0, 'gateway', 'generic', $items)) {
$select_parents = themes_select_account_level_single(3, 'add_parent_uid', $default_parent_uid);
if ($view == 'admin') {
$selected_admin = 'selected';
} else {
if ($view == 'users') {
$selected_users = 'selected';
} else {
if ($view == 'subusers') {
$selected_subusers = 'selected';
}
}
}
$option_status = "\n\t\t\t<option value='2' " . $selected_admin . ">" . _('Administrator') . "</option>\n\t\t\t<option value='3' " . $selected_users . ">" . _('User') . "</option>\n\t\t\t<option value='4' " . $selected_subusers . ">" . _('Subuser') . "</option>\n\t\t";
// get access control list
$option_acl = _select('add_acl_id', array_flip(acl_getall()));
$content .= "\n\t\t<h2>" . _('Manage account') . "</h2>\n\t\t<h3>" . _('Add account') . "</h3>\n\t\t<form action='index.php?app=main&inc=core_user&route=user_mgmnt&op=user_add_yes&view=" . $view . "' method=POST>\n\t\t" . _CSRF_FORM_ . "\n\t\t<table class=playsms-table>\n\t\t<tbody>\n\t\t<tr>\n\t\t\t<td class=label-sizer>" . _('Account status') . "</td><td><select name='add_status'>{$option_status}</select></td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _('Access Control List') . "</td><td>" . $option_acl . "</td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _('Parent account') . " (" . _('for subuser only') . ") </td><td>" . $select_parents . " " . _hint(_('Parent account is mandatory for subusers only. If no value is given then the subuser will be automatically assigned to user admin')) . "</td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _mandatory(_('Username')) . "</td><td><input type='text' maxlength='30' name='add_username' value=\"{$add_username}\"></td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _mandatory(_('Password')) . "</td><td><input type='password' maxlength='30' name='add_password' value=\"{$add_password}\"></td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _mandatory(_('Full name')) . "</td><td><input type='text' maxlength='100' name='add_name' value=\"{$add_name}\"></td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _mandatory(_('Email')) . "</td><td><input type='text' maxlength='250' name='add_email' value=\"{$add_email}\"></td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _('Mobile') . "</td><td><input type='text' size='16' maxlength='16' name='add_mobile' value=\"{$add_mobile}\"> " . _hint(_('Max. 16 numeric or 11 alphanumeric characters')) . "</td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _('SMS footer') . "</td><td><input type='text' maxlength='30' name='add_footer' value=\"{$add_footer}\"> " . _hint(_('Max. 30 alphanumeric characters')) . "</td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _('Timezone') . "</td><td><input type='text' size='5' maxlength='5' name='add_datetime_timezone' value=\"{$add_datetime_timezone}\"> " . _hint(_('Eg: +0700 for Jakarta/Bangkok timezone')) . "</td>\n\t\t</tr>\n\t\t<tr>\n\t\t\t<td>" . _('Active language') . "</td><td><select name='add_language_module'>{$option_language_module}</select></td>\n\t\t</tr>\n\t\t</tbody>\n\t\t</table>\n\t\t<p><input type='submit' class='button' value='" . _('Save') . "'></p>\n\t\t</form>\n\t\t" . _back('index.php?app=main&inc=core_user&route=user_mgmnt&op=user_list&view=' . $view);
_p($content);
break;
case "user_add_yes":
$add['email'] = $_POST['add_email'];
$add['status'] = $_POST['add_status'];
$add['acl_id'] = (int) $_POST['add_acl_id'];
$add['username'] = $_POST['add_username'];
$add['password'] = $_POST['add_password'];
$add['mobile'] = $_POST['add_mobile'];
$add['name'] = $_POST['add_name'];
$add['footer'] = $_POST['add_footer'];
$add['datetime_timezone'] = $_POST['add_datetime_timezone'];
$add['language_module'] = $_POST['add_language_module'];
// subuser's parent uid, by default its uid=1
if ($_POST['add_parent_uid']) {
$content = _dialog() . "\n\t\t\t<h2>" . _('Manage ACL') . "</h2>\n\t\t\t<p>" . _button('index.php?app=main&inc=core_acl&op=add', _('Add ACL')) . "\n\t\t\t<div class=table-responsive>\n\t\t\t<table class=playsms-table-list>\n\t\t\t<thead><tr>\n\t\t\t\t<th width=10%>" . _('ID') . "</th>\n\t\t\t\t<th width=40%>" . _('Name') . "</th>\n\t\t\t\t<th width=40%>" . _('Subuser ACL') . "</th>\n\t\t\t\t<th width=10%>" . _('Action') . "</th>\n\t\t\t</tr></thead>\n\t\t\t<tbody>";
$db_query = "SELECT * FROM " . _DB_PREF_ . "_tblACL WHERE flag_deleted='0' ORDER BY name";
$db_result = dba_query($db_query);
$i = 0;
while ($db_row = dba_fetch_array($db_result)) {
$action = "<a href=\"" . _u('index.php?app=main&inc=core_acl&route=view&op=user_list&id=' . $db_row['id']) . "\">" . $icon_config['view'] . "</a> ";
$action .= "<a href=\"" . _u('index.php?app=main&inc=core_acl&op=edit&id=' . $db_row['id']) . "\">" . $icon_config['edit'] . "</a> ";
$action .= "<a href=\"javascript: ConfirmURL('" . _('Are you sure you want to delete ACL ?') . " (" . _('ACL ID') . ": " . $db_row['id'] . ")','" . _u('index.php?app=main&inc=core_acl&op=del&id=' . $db_row['id']) . "')\">" . $icon_config['delete'] . "</a>";
$i++;
$content .= "\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>" . $db_row['id'] . "</td>\n\t\t\t\t\t\t<td>" . trim(strtoupper($db_row['name'])) . "</td>\n\t\t\t\t\t\t<td>" . trim(strtoupper($db_row['acl_subuser'])) . "</td>\n\t\t\t\t\t\t<td>" . $action . "</td>\n\t\t\t\t\t</tr>";
}
$content .= "\n\t\t\t</tbody>\n\t\t\t</table>\n\t\t\t</div>\n\t\t\t" . _button('index.php?app=main&inc=core_acl&op=add', _('Add ACL'));
_p($content);
break;
case "add":
$content = _dialog() . "\n\t\t\t<h2>" . _('Manage ACL') . "</h2>\n\t\t\t<h3>" . _('Add ACL') . "</h3>\n\t\t\t<form action=index.php?app=main&inc=core_acl&op=add_yes method=post>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<table class=playsms-table cellpadding=1 cellspacing=2 border=0>\n\t\t\t<tr>\n\t\t\t\t<td class=label-sizer>" . _mandatory(_('Name')) . "</td><td><input type=text maxlength=100 name=name></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td>" . _('Subuser ACL') . "</td><td><input type=text name=acl_subuser> " . _hint(_('Comma separated for multiple entries')) . "</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td>" . _('Disallowed URLs') . "</td><td>" . _yesno('acl_disallowed', FALSE) . " " . _hint(_('Decide if this ACL is containing disallowed URLs rather than allowed URLs')) . "</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td>" . _('URLs') . "</td><td><textarea rows=5 name=url></textarea><br />" . _hint(_('Comma separated for multiple entries')) . "</td>\n\t\t\t</tr>\n\t\t\t</table>\n\t\t\t<p><input type=submit class=button value=\"" . _('Save') . "\">\n\t\t\t</form>\n\t\t\t" . _back('index.php?app=main&inc=core_acl&op=acl_list');
_p($content);
break;
case "add_yes":
$name = trim(strtoupper($_POST['name']));
$acl_subusers = explode(',', trim(strtoupper($_POST['acl_subuser'])));
foreach ($acl_subusers as $item) {
$acl_subuser .= ' ' . trim(strtoupper($item)) . ',';
}
$acl_subuser = trim(substr($acl_subuser, 0, -1));
$acl_disallowed = (int) $_REQUEST['acl_disallowed'];
$url = trim($_POST['url']);
if ($name) {
$db_query = "\n\t\t\t\tINSERT INTO " . _DB_PREF_ . "_tblACL (c_timestamp,name,acl_subuser,url,flag_disallowed,flag_deleted)\n\t\t\t\tVALUES ('" . mktime() . "','" . $name . "','" . $acl_subuser . "','" . $url . "'," . $acl_disallowed . ",'0')";
if ($new_id = @dba_insert_id($db_query)) {
$_SESSION['dialog']['info'][] = _('New ACL been added');
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with playSMS. If not, see <http://www.gnu.org/licenses/>.
*/
defined('_SECURE_') or die('Forbidden');
if (!auth_isadmin()) {
auth_block();
}
include $core_config['apps_path']['plug'] . "/gateway/twilio/config.php";
switch (_OP_) {
case "manage":
if ($err = TRUE) {
$content = _dialog();
}
$content .= "\n\t\t\t<h2>" . _('Manage twilio') . "</h2>\n\t\t\t<form action=index.php?app=main&inc=gateway_twilio&op=manage_save method=post>\n\t\t\t" . _CSRF_FORM_ . "\n\t\t\t<table class=playsms-table cellpadding=1 cellspacing=2 border=0>\n\t\t\t\t<tbody>\n\t\t\t\t<tr><td class=label-sizer>" . _('Gateway name') . "</td><td>twilio</td></tr>\n\t\t\t\t<tr><td>" . _('Twilio URL') . "</td><td>" . $plugin_config['twilio']['url'] . "</td></tr>\n\t\t\t\t<tr><td>" . _('Callback URL') . "</td><td><input type=text maxlength=250 name=up_callback_url value=\"" . $plugin_config['twilio']['callback_url'] . "\"></td></tr>\n\t\t\t\t<tr><td>" . _mandatory(_('Account SID')) . "</td><td><input type=text maxlength=40 name=up_account_sid value=\"" . $plugin_config['twilio']['account_sid'] . "\"></td></tr>\n\t\t\t\t<tr><td>" . _('Auth Token') . "</td><td><input type=password maxlength=40 name=up_auth_token value=\"\"> " . _hint(_('Fill to change the Auth Token')) . "</td></tr>\n\t\t\t\t<tr><td>" . _('Module sender ID') . "</td><td><input type=text maxlength=16 name=up_module_sender value=\"" . $plugin_config['twilio']['module_sender'] . "\"> " . _hint(_('Max. 16 numeric or 11 alphanumeric char. empty to disable')) . "</td></tr>\n\t\t\t\t<tr><td>" . _('Module timezone') . "</td><td><input type=text size=5 maxlength=5 name=up_global_timezone value=\"" . $plugin_config['twilio']['datetime_timezone'] . "\"> " . _hint(_('Eg: +0700 for Jakarta/Bangkok timezone')) . "</td></tr>\n\t\t\t\t</tbody>\n\t\t\t</table>\n\t\t\t<p><input type=submit class=button value=\"" . _('Save') . "\">\n\t\t\t</form>\n\t\t\t<br />\n\t\t\t" . _('Notes') . ":<br />\n\t\t\t- " . _('Your callback URL should be accessible from twilio') . "<br />\n\t\t\t- " . _('twilio will push DLR and incoming SMS to your callback URL') . "<br />\n\t\t\t- " . _('twilio is a bulk SMS provider') . ", <a href=\"http://www.twilio.com\" target=\"_blank\">" . _('free credits are available for testing purposes') . "</a><br />";
$content .= _back('index.php?app=main&inc=core_gateway&op=gateway_list');
_p($content);
break;
case "manage_save":
$up_callback_url = $_POST['up_callback_url'];
$up_account_sid = $_POST['up_account_sid'];
$up_auth_token = $_POST['up_auth_token'];
$up_module_sender = $_POST['up_module_sender'];
$up_global_timezone = $_POST['up_global_timezone'];
if ($up_account_sid) {
if ($up_auth_token) {
$auth_token_change = "cfg_auth_token='{$up_auth_token}',";
}
$db_query = "\n\t\t\t\tUPDATE " . _DB_PREF_ . "_gatewayTwilio_config\n\t\t\t\tSET c_timestamp='" . mktime() . "',\n\t\t\t\tcfg_callback_url='{$up_callback_url}',\n\t\t\t\tcfg_account_sid='{$up_account_sid}',\n\t\t\t\t" . $auth_token_change . "\n\t\t\t\tcfg_module_sender='{$up_module_sender}',\n\t\t\t\tcfg_datetime_timezone='{$up_global_timezone}'";
if (@dba_affected_rows($db_query)) {
