function confirm() { global $_GET, $_POST, $db; if ($_POST['audience_selected']) { $this->query_name = $_POST['audience_selected']; if (is_array($_POST['audience_selected'])) { $this->query_name = $_POST['audience_selected']['text']; } } $query_array = get_audience_sql_query_with_language($this->query_name, 'newsletters'); $mail = $db->Execute($query_array['query_string']); $mail_sent_to = $query_array['query_name']; $customers_languages_id = $query_array['customers_languages_id']; $confirm_string = '<table border="0" cellspacing="0" cellpadding="2">' . "\n" . ' <tr>' . "\n" . ' <td class="main"><b>' . $mail_sent_to . '</b><br /><font color="#ff0000"><b>' . sprintf(TEXT_COUNT_CUSTOMERS, $mail->RecordCount()) . '</b></font></td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td>' . zen_draw_separator('pixel_trans.gif', '1', '10') . '</td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td class="main"><b>' . $this->title . '</b></td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td>' . zen_draw_separator('pixel_trans.gif', '1', '10') . '<hr /></td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td>' . nl2br($this->content_html) . '</td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td><hr>' . zen_draw_separator('pixel_trans.gif', '1', '10') . '</td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td class="main"><tt>' . nl2br($this->content) . '</tt><hr /></td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td>' . zen_draw_separator('pixel_trans.gif', '1', '10') . '</td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . '<form name="ready_to_send" action="' . zen_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $_GET['nID'] . '&action=confirm_send') . '" method="post" >' . ' <td align="right"> ' . zen_draw_hidden_field('audience_selected', $this->query_name) . zen_draw_hidden_field('customer_language', zen_get_language_code($customers_languages_id)) . zen_draw_hidden_field('admin_language', zen_get_language_code($_SESSION['languages_id'])) . zen_image_submit('button_send_mail.gif', IMAGE_SEND_EMAIL) . '<a href="' . zen_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $_GET['nID']) . '">' . zen_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a></td>' . "\n" . '</form>' . ' </tr>' . "\n" . '</table>'; return $confirm_string; }
function confirm() { global $_GET, $_POST, $db; $audience = array(); $customers_languages_id = $_SESSION['languages_id']; if (isset($_GET['global']) && $_GET['global'] == 'true') { if (isset($_GET['languages_id']) && $_GET['languages_id'] > 0) { $customers_languages_id = (int) $_GET['languages_id']; } $products = $db->Execute("select distinct pn.customers_id\r\n from " . TABLE_PRODUCTS_NOTIFICATIONS . " pn\r\n , " . TABLE_CUSTOMERS . " c\r\n where pn.customers_id = c.customers_id\r\n and c.customers_languages_id = '" . $customers_languages_id . "'"); while (!$products->EOF) { $audience[$products->fields['customers_id']] = '1'; $products->MoveNext(); } $customers = $db->Execute("select ci.customers_info_id\r\n from " . TABLE_CUSTOMERS_INFO . " ci\r\n , " . TABLE_CUSTOMERS . " c\r\n where global_product_notifications = '1'\r\n and ci.customers_info_id = c.customers_id\r\n and c.customers_languages_id = '" . $customers_languages_id . "'"); while (!$customers->EOF) { $audience[$customers->fields['customers_info_id']] = '1'; $customers->MoveNext(); } } else { $chosen = $_POST['chosen']; if (isset($_POST['languages_id']) && $_POST['languages_id'] > 0) { $customers_languages_id = (int) $_POST['languages_id']; } $ids = implode(',', $chosen); $products = $db->Execute("select distinct pn.customers_id\r\n from " . TABLE_PRODUCTS_NOTIFICATIONS . " pn\r\n , " . TABLE_CUSTOMERS . " c\r\n where pn.products_id in (" . $ids . ")\r\n and pn.customers_id = c.customers_id\r\n and c.customers_languages_id = '" . $customers_languages_id . "'"); while (!$products->EOF) { $audience[$products->fields['customers_id']] = '1'; $products->MoveNext(); } $customers = $db->Execute("select ci.customers_info_id\r\n from " . TABLE_CUSTOMERS_INFO . " ci\r\n , " . TABLE_CUSTOMERS . " c\r\n where global_product_notifications = '1'\r\n and ci.customers_info_id = c.customers_id\r\n and c.customers_languages_id = '" . $customers_languages_id . "'"); while (!$customers->EOF) { $audience[$customers->fields['customers_info_id']] = '1'; $customers->MoveNext(); } } $confirm_string = '<table border="0" cellspacing="0" cellpadding="2">' . "\n" . ' <tr>' . "\n" . ' <td class="main"><b>' . TEXT_CUSTOMERS_LANGUAGE . zen_get_language_name($customers_languages_id) . '</b><br /><font color="#ff0000"><b>' . sprintf(TEXT_COUNT_CUSTOMERS, sizeof($audience)) . '</b></font></td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td>' . zen_draw_separator('pixel_trans.gif', '1', '10') . '</td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td class="main"><b>' . $this->title . '</b></td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td>' . zen_draw_separator('pixel_trans.gif', '1', '10') . '<hr /></td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td class="main">' . nl2br($this->content_html) . '</td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td><hr>' . zen_draw_separator('pixel_trans.gif', '1', '10') . '</td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td class="main"><tt>' . nl2br($this->content) . '</tt><hr /></td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . "\n" . ' <td>' . zen_draw_separator('pixel_trans.gif', '1', '10') . '</td>' . "\n" . ' </tr>' . "\n" . ' <tr>' . zen_draw_form('confirm', FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $_GET['nID'] . '&action=confirm_send') . "\n" . ' <td align="right">'; if (sizeof($audience) > 0) { if (isset($_GET['global']) && $_GET['global'] == 'true') { $confirm_string .= zen_draw_hidden_field('global', 'true'); } else { for ($i = 0, $n = sizeof($chosen); $i < $n; $i++) { $confirm_string .= zen_draw_hidden_field('chosen[]', $chosen[$i]); } } $confirm_string .= zen_draw_hidden_field('customer_language', zen_get_language_code($customers_languages_id)); $confirm_string .= zen_draw_hidden_field('admin_language', zen_get_language_code($_SESSION['languages_id'])); $confirm_string .= zen_image_submit('button_send.gif', IMAGE_SEND) . ' '; } $confirm_string .= '<a href="' . zen_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $_GET['nID'] . '&action=send') . '">' . zen_image_button('button_back.gif', IMAGE_BACK) . '</a> <a href="' . zen_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'] . '&nID=' . $_GET['nID']) . '">' . zen_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a></td>' . "\n" . ' </form></tr>' . "\n" . '</table>'; return $confirm_string; }
?> <td> <?php /* Re-Post all POST'ed variables */ reset($_POST); while (list($key, $value) = each($_POST)) { if (!is_array($_POST[$key])) { // echo zen_draw_hidden_field($key, htmlspecialchars(stripslashes($value))); echo zen_draw_hidden_field($key, stripslashes($value)); } } echo zen_draw_hidden_field('upload_file', stripslashes($upload_file_name)); echo zen_draw_hidden_field('attachment_file', $attachment_file); echo zen_draw_hidden_field('attachment_filetype', $attachment_filetype); echo zen_draw_hidden_field('customer_language', zen_get_language_code($customers_languages_id)); echo zen_draw_hidden_field('admin_language', zen_get_language_code($_SESSION['languages_id'])); ?> <table border="0" width="100%" cellpadding="0" cellspacing="2"> <tr> <td><?php echo zen_image_submit('button_back.gif', IMAGE_BACK, 'name="back"'); ?> </td> <td align="right"><?php echo '<a href="' . zen_href_link(FILENAME_MAIL) . '">' . zen_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a> ' . zen_image_submit('button_send_mail.gif', IMAGE_SEND_EMAIL); ?> </td> </tr> </table></td> </tr> </table></td>
function get_audience_sql_query_with_language($selected_entry, $query_category = 'email') { // This is used to take the query_name selected in the drop-down menu or singular customer email address and // generate the SQL Select query to be used to build the list of email addresses to be sent to // it only returns a query name and query string (SQL SELECT statement) // the query string is then used in a $db->Execute() command for later parsing and emailing. global $db; $query_name = ''; $queries_list = $db->Execute("select query_name, query_string from " . TABLE_QUERY_BUILDER . " " . "where query_category like '%" . $query_category . "%'"); // "where query_category = '" . $query_category . "'"); list($selected_entry, $language) = spliti(',', $selected_entry); $languages_query_string = ''; if ($language != '') { list($keyname, $customers_languages_id) = spliti(':', $language); $customer_language = zen_get_language_code($customers_languages_id); $languages_query_string = "customers_languages_id = '" . (int) $customers_languages_id . "'"; if ($customer_language == DEFAULT_LANGUAGE) { $languages_query_string = "(" . $languages_query_string . " or customers_languages_id = '0')"; } } while (!$queries_list->EOF) { if ($selected_entry == $queries_list->fields['query_name']) { $query_string = $queries_list->fields['query_string']; $query_name = $queries_list->fields['query_name']; if (preg_match('/TABLE_CUSTOMERS/', $query_string) && $languages_query_string != '') { $query_string = preg_replace('/where/i', 'where ' . $languages_query_string . ' and', $query_string); $query_name .= ' (' . zen_get_language_name($customers_languages_id) . ')'; } if (preg_match('/TABLE_CUSTOMERS c/', $query_string) && $languages_query_string != '') { $query_string = preg_replace('/customers_languages_id/', 'c.customers_languages_id', $query_string); } $query_string = parsed_query_string($query_string); //echo 'GET_AUD_EM_ADDR_QRY:<br />query_name='.$query_name.'<br />query_string='.$query_string; } $queries_list->MoveNext(); } //if no match found against queries listed in database, then $selected_entry must be an email address if ($query_name == '' && $query_category == 'email') { $cust_email_address = zen_db_prepare_input($selected_entry); $query_name = $cust_email_address; $query_string = "select customers_firstname, customers_lastname, customers_email_address, customers_languages_id\n from " . TABLE_CUSTOMERS . "\n where customers_email_address = '" . zen_db_input($cust_email_address) . "'"; $mail = $db->Execute($query_string); $customers_languages_id = $mail->fields['customers_languages_id']; $query_name .= ' (' . zen_get_language_name($customers_languages_id) . ')'; } //send back a 1-row array containing the query_name and the SQL query_string return array('query_name' => $query_name, 'query_string' => $query_string, 'customers_languages_id' => $customers_languages_id); }
} } return $directory_array; } $select_lang_array = array(); $languages = zen_get_languages(); if (sizeof($languages) > 1) { for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $test_directory = DIR_WS_LANGUAGES . $languages[$i]['directory']; $test_file = DIR_WS_LANGUAGES . $languages[$i]['directory'] . '.php'; if (file_exists($test_file) and file_exists($test_directory)) { $select_lang_array[] = array('id' => $languages[$i]['code'], 'text' => $languages[$i]['name']); } } } $selected_lang = isset($_GET['selected_lang']) ? $_GET['selected_lang'] : zen_get_language_code($_SESSION['languages_id']); $selected_lang_id = zen_get_languages_id_by_code($selected_lang); $edit_language = isset($selected_lang_id) ? zen_get_language_name($selected_lang_id) : $_SESSION['language']; $action = isset($_GET['action']) ? $_GET['action'] : ''; $za_who = $_GET['za_lookup']; if ($action == 'new_page') { $page = $_GET['define_it']; $check_directory = array(); $check_directory[] = DIR_FS_CATALOG . DIR_WS_LANGUAGES . $edit_language . '/html_includes/'; $directory_files = zen_display_files(); $za_lookup = array(); for ($i = 0, $n = sizeof($directory_files); $i < $n; $i++) { $za_lookup[] = array('id' => $i, 'text' => $directory_files[$i]); } // This will cause it to look for 'define_conditions.php' $_GET['filename'] = $za_lookup[$page]['text'];
die('Illegal Access'); } $restore_language_pages = array(); $filename = basename($_SERVER['SCRIPT_NAME']); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($filename == FILENAME_MAIL . '.php') { if ($_GET['action'] == 'send_email_to_user' && isset($_POST['customers_email_address']) && !isset($_POST['back_x'])) { $_GET['language'] = $_POST['customer_language']; } } elseif ($filename == FILENAME_NEWSLETTERS . '.php') { if ($_GET['action'] == 'confirm_send') { $_GET['language'] = $_POST['customer_language']; } } } $restore_language_pages[] = FILENAME_ORDERS . '.php'; $restore_language_pages[] = 'invoice.php'; $restore_language_pages[] = 'packingslip.php'; if ($filename == FILENAME_ORDERS . '.php' && $_GET['oID'] > 0 && ($_GET['action'] == 'edit' || $_GET['action'] == 'update_order') || ($filename == 'invoice.php' || $filename == 'packingslip.php') && $_GET['oID'] > 0) { if ($orders_language_id = zen_get_orders_language_id($_GET['oID'])) { $admin_language = zen_get_language_code($_SESSION['languages_id']); $_GET['language'] = zen_get_language_code($orders_language_id); } } $restore_language_pages[] = FILENAME_CUSTOMERS . '.php'; if ($filename == FILENAME_CUSTOMERS . '.php' && $_GET['cID'] > 0 && ($_GET['action'] == 'edit' || $_GET['action'] == 'update')) { if ($customers_language_id = zen_get_customers_language_id($_GET['cID'])) { $admin_language = zen_get_language_code($_SESSION['languages_id']); $_GET['language'] = zen_get_language_code($customers_language_id); } }