function post()
{
authenticate(1);
$description = sanitize($_POST['description'], "markdown");
$questionid = sanitize($_POST['questionid'], "int");
$sql = "SELECT * FROM questions WHERE id = '" . escape($questionid) . "'";
$query = mysql_query($sql);
$result = mysql_fetch_array($query);
if (strlen($description) < 15 || $result['id'] == '' || $result['id'] == 0) {
header("Location: " . BASE_PATH . "/questions/view/{$questionid}/{$result['slug']}");
exit;
}
$sql = "INSERT INTO answers (questionid,description,created,updated,userid,accepted,votes) VALUES ('" . escape($questionid) . "','" . escape($description) . "',NOW(),NOW(),'" . escape($_SESSION['userid']) . "','0','0')";
$query = mysql_query($sql);
$sql = "UPDATE questions SET updated = NOW(), answers=answers+1 WHERE id = '" . escape($result['id']) . "'";
$query = mysql_query($sql);
$url = "" . $_SERVER['SERVER_NAME'] . "{$basePath}/questions/view/{$questionid}/{$result['slug']}";
if ($result['notify'] == 1) {
sendNotificationEmail($result['userid'], $result['title'], $url);
}
header("Location: " . BASE_PATH . "/questions/view/{$questionid}/{$result['slug']}");
}
$q_phone = "CALL spCreatePhoneNumber('{$r_userID}', '{$ptype}', '{$phone}', 1 )";
mysqli_query($dbc, $q_phone);
complete_procedure($dbc);
}
if (!empty($_POST['checkeditor'])) {
$q_role = "Call spUserAddRole ({$r_userID}, 3);";
mysqli_query($dbc, $q_role);
complete_procedure($dbc);
}
if (!empty($_POST['checkreviewer'])) {
$q_role = "Call spUserAddRole ({$r_userID}, 2);";
mysqli_query($dbc, $q_role);
complete_procedure($dbc);
}
// Send welcome E-mail for verification
sendNotificationEmail($dbc, $r_userID, $password);
echo '<p>You have successfully created the user.</p><p><br /></p>';
} else {
// If it did not run OK.
// DB error message:
$errors[] = 'System error, failed to create account: ' . mysqli_error($dbc);
}
// End of if ($r) IF.
mysqli_close($dbc);
// Close the database connection.
//quit the script:
exit;
}
}
?>
<!-- create the form-->
$query = "\r\n SELECT *\r\n FROM " . $event_tools_db_prefix . "eventtools_clinics_with_tags \r\n WHERE clinic_presenter_email != ''\r\n ";
// WHERE clinic_presenter_email = '*****@*****.**'
// WHERE clinic_presenter_email != ''
// GROUP BY clinic_presenter_email
if ($where != NONE) {
$query = $query . ' WHERE ' . $where . ' ';
}
$query = $query . "\r\n ;\r\n";
$result = mysql_query($query);
$num = mysql_numrows($result);
$i = 0;
$lastmajorkey = "";
$part1 = "\r\nX2011 West, the 2011 NMRA National Convention is less than 2 months away. According to our records, we have you down as presenting one or more clinics in Sacramento.\r\n\r\nPlease take a moment to review the following web page to confirm your participation:\r\n";
$part2 = "\r\nCheck the page to confirm your schedule, and make any special requests. Be sure to click the submit button at the bottom of the page to ensure your information is sent along.\r\n\r\nIf you received this in error, or have ANY questions, feel fee to email us at clinics@x2011west.org\r\n\r\nSincerely,\r\n\r\nDave Falkenburg and Anthony Thompson\r\nX2011West Clinics\r\n";
while ($i < $num) {
if ($lastmajorkey != mysql_result($result, $i, "id")) {
$lastmajorkey = mysql_result($result, $i, "id");
echo "<br>sending to " . mysql_result($result, $i, "clinic_presenter_email") . ' id ' . mysql_result($result, $i, "id") . ' key ' . (1445 + 12 * mysql_result($result, $i, "id"));
$to = mysql_result($result, $i, "clinic_presenter_email");
$subject = "X2011 Clinic Confirmation";
$url = "http://x2011west.org/eventtools/confirm_clinics.php?key=" . (1445 + 12 * mysql_result($result, $i, "id"));
$body = $part1 . $url . $part2;
sendNotificationEmail($to, $subject, $body);
}
$i++;
}
mysql_close();
echo "</clinics>\n";
?>
$subID = $_REQUEST['submission_id'];
// we deal with notification lists at the
// parent level. Check if this submission
// is not a parent.
$parentID = -1;
if (!isParent($subID)) {
// not parent, get the parent
$parentID = getParent($subID);
}
$notificationList = json_decode(str_replace("\\", "", $_POST['notification_list']), true);
$sendNotificationEmail = $_REQUEST['notify'] == "true";
foreach ($notificationList as $email) {
addToNotificationList($parentID == -1 ? $subID : $parentID, $email);
}
if ($sendNotificationEmail) {
sendNotificationEmail($subID, $parentID);
}
break;
case "delete_from_notification_list":
$subID = $_REQUEST['submission_id'];
// we deal with notification lists at the
// parent level. Check if this submission
// is not a parent.
if (!isParent($subID)) {
// not parent, get the parent
$subID = getParent($subID);
}
$email = $_REQUEST['email'];
delFromNotificationList($subID, $email);
break;
}
<?php
require_once 'mail.func.php';
switch ($action[1]) {
case 'feedback':
$subject = '【用户反馈】CloudCalc';
$body = '<h3>用户: ' . getRequest('basic')['name'] . '</h3>' . '<h3>联系方式:' . getRequest('basic')['contact'] . '</h3>' . '<hr>' . '反馈内容:' . '<br>' . '<pre>' . getRequest('feedback') . '</pre>';
// echo $subject;
// echo $body;
if (sendNotificationEmail($subject, $body)) {
handle('0000');
} else {
handle(ERROR_SYSTEM . '00');
}
break;
case 'plugin':
$subject = '【插件提交】CloudCala';
$body = '<h3>用户: ' . getRequest('basic')['name'] . '</h3>' . '<h3>联系方式:' . getRequest('basic')['contact'] . '</h3>' . '<hr>' . '提交用户:' . getRequest('plugin')['username'] . '<br>' . '插件名字:' . getRequest('plugin')['name'] . '<br>' . '插件作者:' . getRequest('plugin')['author'] . '<br>' . '插件Git地址:' . getRequest('plugin')['git'] . '<br>';
// echo $subject;
// echo $body;
if (sendNotificationEmail($subject, $body)) {
handle('0000');
} else {
handle(ERROR_SYSTEM . '00');
}
break;
default:
ERROR(ERROR_INPUT . '02', 'Request Error.');
break;
}
