public function sendMessage($sendData)
{
$from = array('name' => Config::get('senderName'), 'email' => Config::get('senderEmail'));
$to = Config::get('contactEmail');
$replyTo = array('name' => $sendData['name'], 'email' => $sendData['email']);
$subject = 'Contact';
$body = View::render('content/email/vContactTpl', $sendData, TRUE);
if (mailSend($from, $to, $replyTo, $subject, $body)) {
Form::reset();
return array('success' => TRUE, 'result' => 'Your message has been sent.');
} else {
return array('success' => FALSE, 'result' => 'An error occurred while sending.');
}
}
function createInviteCode($email)
{
grammafone_connect();
$code = '';
$letters = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z');
$seed = array_rand($letters, 10);
foreach ($seed as $letter) {
$code .= $letters[$letter];
}
$code .= $email;
$code = md5(md5($code));
$query = "INSERT INTO grammafone_invites VALUES (NULL,\"{$email}\",NOW(),\"{$code}\")";
if (mysql_query($query)) {
$msg = "{$email},\n\nYou have been invited to join an GrammaFone Music Server. Click the link below to begin your registration process.\n\n";
$msg .= "{$GLOBALS['http_url']}{$GLOBALS['uri_path']}/register.php?invite={$code}";
if (mailSend($email, 'Invitation to Join an GrammaFone Server', $msg)) {
return 1;
}
return 0;
}
}
/**
* Send lost password activation email request. If the email address does not exist, do nothing
*/
function rpass_activate()
{
global $db, $_pre, $_mail;
$email = $_POST['rpass_email'];
if (!checkEmail($email)) {
system_messages(0, 'Email address invalid!');
return;
}
$query = "SELECT * FROM {$_pre}users WHERE email='{$email}' LIMIT 1";
$db->setQuery($query);
if ($db->foundRows > 0) {
$row = $db->fetch_assoc();
//Is the owner of this email address banned...?
if ($row['activated'] == -1) {
system_messages(2, 'Your account has been blocked by the administrators, you cannot activate it!', 'true');
return;
}
//Send activation email now first we need to generate another key before sending and another password
$key = md5(time());
$pass = random_string();
$enc_pass = encrypt_password($pass);
$query = "UPDATE {$_pre}users SET activation_key='{$key}' WHERE email='{$email}'";
$db->setQuery($query);
require_once 'lib' . DS . 'mail' . DS . 'mail.php';
$subject = 'CodeZone account new password request';
$message = "{$row['nick_name']},\nYou or someone claiming to be you has requested a new password for the CodeZone account using this email address ({$email}). To reset your password, please click on the link below or cut and paste in your browser's location bar.\n Link: http://{$_SERVER['HTTP_HOST']}{$_SERVER['SCRIPT_NAME']}?a=register&do=rpass_make_active&r=" . base64_encode($row['registration_no']) . "&k={$key}&p=" . base64_encode($enc_pass) . "\nOnce you click on the link, you will login with the following details:\nLogin Name (Registration No): {$row['registration_no']}\nPassword: {$pass}\nPlease change your password once you log in for security purposes. If you are having any problems then do not hesitate to contact the admin at {$_mail}.\n\nWishing you all the best at CodeZone\n\nAdmin";
mailSend(array($email), $subject, $message);
system_messages(1, 'An activation link has been sent to your email addresss', 'true');
} else {
//Even if the email address does not exist, we notify the user that it has been sent. Maybe it's somebody just trying the system
system_messages(1, 'Activation email has been sent');
}
}
function mailDeleteSubmit($user_id, $assn_json, $note)
{
global $CFG, $PDOX;
if (!isset($CFG->maildomain) || $CFG->maildomain === false) {
return false;
}
$LTI = LTIX::requireData();
$user_row = loadUserInfoBypass($user_id);
if ($user_row === false) {
return false;
}
$to = $user_row['email'];
if (strlen($to) < 1 || strpos($to, '@') === false) {
return false;
}
$name = $user_row['displayname'];
$token = computeMailCheck($user_id);
$subject = 'From ' . $CFG->servicename . ', Your Peer Graded Entry Has Been Reset';
$E = "\n";
if (isset($CFG->maileol)) {
$E = $CFG->maileol;
}
$message = "This is an automated message. Your peer-graded entry has been reset.{$E}{$E}";
if (isset($LTI['context_title'])) {
$message .= 'Course Title: ' . $LTI['context_title'] . $E;
}
if (isset($LTI['link_title'])) {
$message .= 'Assignment: ' . $LTI['link_title'] . $E;
}
if (isset($LTI['user_displayname'])) {
$message .= 'Staff member doing reset: ' . $LTI['user_displayname'] . $E;
}
$fixnote = trim($note);
if (strlen($fixnote) > 0) {
if ($E != "\n") {
$fixnote = str_replace("\n", $E, $fixnote);
}
$message .= "Notes regarding this action:" . $E . $fixnote . $E;
}
$message .= "{$E}You may now re-submit your peer-graded assignment.{$E}";
$stmt = $PDOX->queryDie("INSERT INTO {$CFG->dbprefix}mail_sent\n (context_id, link_id, user_to, user_from, subject, body, created_at)\n VALUES ( :CID, :LID, :UTO, :UFR, :SUB, :BOD, NOW() )", array(":CID" => $LTI['context_id'], ":LID" => $LTI['link_id'], ":UTO" => $user_id, ":UFR" => $LTI['user_id'], ":SUB" => $subject, ":BOD" => $message));
// echo $to, $subject, $message, $user_id, $token;
$retval = mailSend($to, $subject, $message, $user_id, $token);
return $retval;
}
return;
}
$query = "SELECT * FROM {$_pre}{$match_data['match_table_name']} WHERE registration_no='{$registration_no}'";
$db->setQuery($query);
//Is this user already registered?
if ($db->foundRows > 0) {
system_messages(0, 'You are already registered for this match!');
return;
}
//Now we can safely register this user (fun..)
$query = "INSERT INTO {$_pre}{$match_data['match_table_name']} (registration_no,nick_name) VALUES ('{$registration_no}','{$nick_name}')";
$db->setQuery($query);
//Update profile table that is, match_count column and add the user to user_match_log table
$query = "SELECT match_count FROM " . $_pre . "profile WHERE registration_no='{$registration_no}'";
$db->setQuery($query);
$data = $db->fetch_assoc();
$new_match_count = $data['match_count'] + 1;
//$matches_participated=(strlen($data['matches_participated'])==0)?$match_data['id'].'---'.$match_data['title']:$data['matches_participated'].'*****'.$match_data['id'].'---'.$match_data['title'];
$query = "UPDATE " . $_pre . "profile SET match_count={$new_match_count} WHERE registration_no='{$registration_no}'";
$db->setQuery($query);
$query = "INSERT INTO {$_pre}user_match_log (registration_no,match_id,title,match_date,register_date) VALUES ('{$registration_no}',{$match_data['id']},'{$match_data['title']}',{$match_data['start_time']}," . time() . ")";
$db->setQuery($query);
//Mail confirmation to user
require_once 'lib' . DS . 'mail' . DS . 'mail.php';
$subject = 'Match Registration Confirmation';
$message = "{$_SESSION['user_row_data']['nick_name']},\nYou have been successfuly registered to participate in the CodeZone match {$match_data['title']} scheduled to take place on the " . time_stamp_to_readable($match_data['start_time']) . ".\nMore details on this match can be found here http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}?a=schedule .\nWishing you all the best!\n\nCodeZone Admin";
mailSend(array($_SESSION['user_row_data']['email']), $subject, $message);
//Echo success message
echo "<p><span class='notify_success'>You have been successfully registered. A confirmation email will be sent to your account shortly</span></p>";
echo "<a href='index.php'>Go to home page</a>";
}
$PDOX->queryDie("INSERT INTO {$CFG->dbprefix}lti_key \n (key_sha256, key_key, secret, user_id, created_at, updated_at)\n VALUES ( :k256, :key, :secret, :uid, NOW(), NOW() )", array('k256' => $key_sha256, 'key' => $oauth_consumer_key, 'secret' => $oauth_secret, 'uid' => $user_id));
$message .= "\n\nKey: {$oauth_consumer_key}\n";
$message .= "\nSecret: {$oauth_secret}\n";
$message .= "\nInstructions for using your LTI 1.x key are at\n\n";
$message .= $CFG->wwwroot . "/docs/LAUNCHING.md\n\n";
error_log("New LTI 1.x Key Inserted: {$oauth_consumer_key} User: "******"\nThe URL for LTI 2.x Registration is at\n\n";
$message .= $CFG->wwwroot . "/lti/register.php\n\n";
error_log("LTI 2.x Key Approved request_id=" . $_REQUEST['request_id'] . " User: "******"UPDATE {$CFG->dbprefix}key_request SET state=1 WHERE request_id = :rid", array('rid' => $_REQUEST['request_id']));
if ($subject) {
error_log("Email sent to {$to}, Subject: {$subject}");
$retval = mailSend($to, $subject, $message, $user_id, $token);
}
$_SESSION['success'] = 'Request approved';
header('Location: ' . $from_location);
return;
}
/*
if ( isset($_POST['doApprove']) && isset($_POST['request_id']) ) {
if ( $lti_version == 2 ) {
$row = $PDOX->query(
"UPDATE {$CFG->dbprefix}key_request SET state=1"
}
}
*/
/**
* Save user details
*/
function save_user_details()
{
global $db, $_mail, $_pre, $valreg, $_allow_user_reg;
//Is user registration allowed...?
if ($_allow_user_reg == 0) {
echo "{'warning':'User registration has been disabled. Please contact the administrator'}";
return;
}
//Do validation and add user
list($full_names, $registration_no, $nick_name, $pass1, $pass2, $email, $unused1, $unused2) = assoc_to_indexed($_POST);
$error = '';
if (strlen($full_names) < 6) {
$error = $error . 'Full name invalid, ';
}
if (strlen($registration_no) > 20 || strlen($registration_no) < 3) {
//Use regex!
$error .= 'Registration Number invalid, ';
}
if (!checkAlphanumPlus($nick_name) || strlen($nick_name) < 2) {
$error = $error . 'Nick name invalid or is too short, nick name needs to be at least 5 characters in length and should contain only alphanumeric characters, a full stop or an underscore, ';
}
if ($pass1 != $pass2) {
$error .= 'Passwords do not match, ';
}
if (strlen($pass1) < 5) {
$error .= 'Password too short, password must be at least 5 characters in length, ';
}
if (!checkEmail($email)) {
$error = $error . 'Email address invalid, ';
}
if (strlen($error) > 0) {
$error = substr($error, 0, strlen($error) - 2);
echo "{'error': '{$error}'}";
return;
} else {
//Check if the registration no provided exists in users table
$query = "SELECT * FROM " . $_pre . "users WHERE registration_no='{$registration_no}'";
$db->setQuery($query);
if ($db->foundRows > 0) {
echo "{'error':'The registration number you provided is already in use'}";
return;
}
//Check if the nick name provided exists
$query = "SELECT * FROM {$_pre}users WHERE nick_name='{$nick_name}' AND registration_no!='{$registration_no}'";
$db->setQuery($query);
if ($db->foundRows > 0) {
echo "{'error':'The nick name you provided is already in use'}";
return;
}
//Check if the email address provided exists
$query = "SELECT * FROM " . $_pre . "users WHERE email='{$email}'";
$db->setQuery($query);
if ($db->foundRows > 0) {
echo "{'error':'The email account you provided is already in use'}";
return;
}
//Check if the given account has been updated ie activated == 2
$query = "SELECT * FROM " . $_pre . "users WHERE registration_no='{$registration_no}' AND activated=2";
$db->setQuery($query);
if ($db->foundRows > 0) {
echo "{'warning':'Your account has been created but not yet activated, please activate it'}";
return;
}
//Check if the given accout has been activated
$query = "SELECT * FROM " . $_pre . "users WHERE registration_no='{$registration_no}' AND activated=1";
$db->setQuery($query);
if ($db->foundRows > 0) {
echo "{'error':'What the heck...? Your account is active, please login or if you are not the owner of the registration number you just provided, provide yours!'}";
return;
}
$password = encrypt_password($pass1);
$full_names = strtolower($full_names);
$registration_no = strtoupper($registration_no);
$user_type = 'registered';
$key = md5(time());
$query = "INSERT INTO {$_pre}users (full_names,registration_no,user_type,nick_name,password,email,register_date,last_visit_date,activated,activation_key) VALUES ('{$full_names}','{$registration_no}','{$user_type}','{$nick_name}','{$password}','{$email}',NOW(),NOW(),2,'{$key}')";
$db->setQuery($query);
//Create a row in profiles table for this user
$query = "INSERT INTO " . $_pre . "profile (registration_no) VALUE ('{$registration_no}')";
$db->setQuery($query);
//Send mail to provided account number
require_once '..' . DS . 'lib' . DS . 'mail' . DS . 'mail.php';
$subject = 'Your CodeZone account has been created';
$message = "{$nick_name},\nYour CodeZone account has been created. To complete the registration, please click on the link below or cut and paste in your browser's location bar to activate your account.\n Link: http://{$_SERVER['HTTP_HOST']}/index.php?a=activate&r=" . base64_encode($registration_no) . "&k={$key}\nYour details are as follows:\nLogin Name (Registration No): {$registration_no}\nPassword: {$pass1}\nPlease change your password once you log in for security purposes. If you are having any problems then do not hesitate to contact the admin at {$_mail}.\n\nWishing you all the best at CodeZone";
mailSend(array($email), $subject, $message);
echo "{'success':'Your account has been created. An activation link has been sent to the email address you provided'}";
}
}
/**
* Send Mail
*/
function sendMail()
{
global $db, $_pre;
$mail_subject = $_POST['mail_subject'];
$emails = array();
if ($_POST['toggle_send_to'] == 'to_group') {
$group = $_POST['mail_to_g'];
if ($group != 'all') {
$g_type = "user_type='{$group}'";
} else {
$g_type = "user_type='registered' OR user_type='su'";
}
$query = "SELECT email FROM {$_pre}users WHERE {$g_type}";
$db->setQuery($query);
while ($row = $db->fetch_assoc()) {
if ($row['email'] != '') {
$emails[] = $row['email'];
}
}
} else {
$recepients = $_POST['mail_to_i'];
preg_match_all("/\\b\\w+\\@\\w+[\\.\\w+]+\\b/", $recepients, $output);
foreach ($output[0] as $email) {
$emails[] = strtolower($email);
}
}
if (count($emails) < 1) {
system_messages(0, 'Group has no members or no email address supplied');
system_messages(2, 'Only valid email addresses are accepted!');
return;
}
$body = $_POST['mail_body'];
require_once 'lib' . DS . 'mail' . DS . 'mail.php';
//Mail function
mailSend($emails, $mail_subject, $body);
system_messages(1, 'Mail sent to ' . count($emails) . ' recepient(s)');
}
