/** * Returns an array of hashes. Each hash contains the contents of the email_template_recipients table; i.e. * the raw information about a particular recipient. For convenience, this function also determines the * actual name and email of the recipients, returned in "final_name" and "final_email" keys. Also, it returns a * "final_recipient" containing the complete recipient string, like: * * Tom Jones <*****@*****.**> * * If the name doesn't exist, that key just returns the email address. ASSUMPTION: All clients and administrator * MUST have a first name, last name and email address. For form email fields, the final recipient just contains * the title of the email field (the display value). * * This is obviously used for display purposes only, whereas that value for the other recipient types is used both * for display purposes & in the actual email construction. This seemed an adequate approach because this function * will never be able to know the individual submission content so it can't construct it properly. * * The returned results are ordered by (a) recipient type (main, cc then bcc), then (b) recipient user type * (admin, client, form_email_field then custom) * * @param integer $email_id * @return array an array of hashes */ function ft_get_email_template_recipients($form_id, $email_id) { global $g_table_prefix, $LANG; // now add any recipients for this email template $recipient_query = mysql_query("\r\n SELECT etr.*, a.first_name, a.last_name, a.email\r\n FROM {$g_table_prefix}email_template_recipients etr\r\n LEFT JOIN {$g_table_prefix}accounts a ON a.account_id = etr.account_id\r\n WHERE etr.email_template_id = {$email_id}\r\n ORDER BY etr.recipient_type, etr.recipient_user_type\r\n "); $recipients = array(); while ($recipient_info = mysql_fetch_assoc($recipient_query)) { // construct and append the extra keys (final_name, final_email and final_recipient) switch ($recipient_info["recipient_user_type"]) { case "admin": $admin_info = ft_get_admin_info(); $recipient_info["final_name"] = "{$admin_info["first_name"]} {$admin_info["last_name"]}"; $recipient_info["final_email"] = $admin_info["email"]; $recipient_info["final_recipient"] = "{$recipient_info["final_name"]} <{$recipient_info["final_email"]}>"; break; case "client": $client_info = ft_get_account_info($recipient_info["account_id"]); $recipient_info["final_name"] = "{$client_info["first_name"]} {$client_info["last_name"]}"; $recipient_info["final_email"] = $client_info["email"]; $recipient_info["final_recipient"] = "{$recipient_info["final_name"]} <{$recipient_info["final_email"]}>"; break; case "form_email_field": $form_email_field_info = ft_get_form_email_field_info($recipient_info["form_email_id"]); $email_field_id = $form_email_field_info["email_field_id"]; $recipient_info["final_recipient"] = ft_get_field_title_by_field_id($email_field_id); break; case "custom": $recipient_info["final_name"] = $recipient_info["custom_recipient_name"]; $recipient_info["final_email"] = $recipient_info["custom_recipient_email"]; if (!empty($recipient_info["final_name"])) { $recipient_info["final_recipient"] = "{$recipient_info["final_name"]} <{$recipient_info["final_email"]}>"; } else { $recipient_info["final_recipient"] = $recipient_info["final_email"]; } break; } $recipients[] = $recipient_info; } return $recipients; }
/** * Used by the "forget password?" page to have a client's login information sent to them. * * @param array $info the $_POST containing a "username" key. That value is used to find the user * account information to email them. * @return array [0]: true/false (success / failure) * [1]: message string */ function ft_send_password($info) { global $g_root_url, $g_root_dir, $g_table_prefix, $LANG; $info = ft_sanitize($info); extract(ft_process_hook_calls("start", compact("info"), array("info")), EXTR_OVERWRITE); $success = true; $message = $LANG["notify_login_info_emailed"]; if (!isset($info["username"]) || empty($info["username"])) { $success = false; $message = $LANG["validation_no_username_or_js"]; return array($success, $message); } $username = $info["username"]; $query = mysql_query("\r\n SELECT *\r\n FROM {$g_table_prefix}accounts\r\n WHERE username = '******'\r\n "); // not found if (!mysql_num_rows($query)) { $success = false; $message = $LANG["validation_account_not_recognized_info"]; return array($success, $message); } $account_info = mysql_fetch_assoc($query); $email = $account_info["email"]; // one final check: confirm the email is defined & valid if (empty($email) || !ft_is_valid_email($email)) { $success = false; $message = $LANG["validation_email_not_found_or_invalid"]; return array($success, $message); } $account_id = $account_info["account_id"]; $username = $account_info["username"]; $new_password = ft_generate_password(); $encrypted_password = md5(md5($new_password)); // update the database with the new password (encrypted). As of 2.1.0 there's a second field to store the // temporary generated password, leaving the original password intact. This prevents a situation arising when // someone other than the admin / client uses the "Forget Password" feature and invalidates a valid, known password. // Any time the user successfully logs in, mysql_query("\r\n UPDATE {$g_table_prefix}accounts\r\n SET temp_reset_password = '******'\r\n WHERE account_id = {$account_id}\r\n "); // now build and sent the email // 1. build the email content $placeholders = array("login_url" => "{$g_root_url}/?id={$account_id}", "email" => $email, "username" => $username, "new_password" => $new_password); $smarty_template_email_content = file_get_contents("{$g_root_dir}/global/emails/forget_password.tpl"); $email_content = ft_eval_smarty_string($smarty_template_email_content, $placeholders); // 2. build the email subject line $placeholders = array("program_name" => ft_get_settings("program_name")); $smarty_template_email_subject = file_get_contents("{$g_root_dir}/global/emails/forget_password_subject.tpl"); $email_subject = trim(ft_eval_smarty_string($smarty_template_email_subject, $placeholders)); // if Swift Mailer is enabled, send the emails with that. In case there's a problem sending the message with // Swift, it falls back the default mail() function. $swift_mail_error = false; $swift_mail_enabled = ft_check_module_enabled("swift_mailer"); if ($swift_mail_enabled) { $sm_settings = ft_get_module_settings("", "swift_mailer"); if ($sm_settings["swiftmailer_enabled"] == "yes") { ft_include_module("swift_mailer"); // get the admin info. We'll use that info for the "from" and "reply-to" values. Note // that we DON'T use that info for the regular mail() function. This is because retrieving // the password is important functionality and we don't want to cause problems that could // prevent the email being sent. Many servers don't all the 4th headers parameter of the mail() // function $admin_info = ft_get_admin_info(); $admin_email = $admin_info["email"]; $email_info = array(); $email_info["to"] = array(); $email_info["to"][] = array("email" => $email); $email_info["from"] = array(); $email_info["from"]["email"] = $admin_email; $email_info["subject"] = $email_subject; $email_info["text_content"] = $email_content; list($success, $sm_message) = swift_send_email($email_info); // if the email couldn't be sent, display the appropriate error message. Otherwise // the default success message is used if (!$success) { $swift_mail_error = true; $message = $sm_message; } } } // if there was an error sending with Swift, or if it wasn't installed, send it by mail() if (!$swift_mail_enabled || $swift_mail_error) { // send email [note: the double quotes around the email recipient and content are intentional: some systems fail without it] if (!@mail("{$email}", $email_subject, $email_content)) { $success = false; $message = $LANG["notify_email_not_sent"]; return array($success, $message); } } extract(ft_process_hook_calls("end", compact("success", "message", "info"), array("success", "message")), EXTR_OVERWRITE); return array($success, $message); }
<?php $email_id = ft_load_field("email_id", "email_id", ""); if (isset($request["update_email_template"])) { list($g_success, $g_message) = ft_update_email_template($email_id, $request); } $form_info = ft_get_form($form_id); $form_fields = ft_get_form_fields($form_id); $columns = ft_get_form_column_names($form_id); $template_info = ft_get_email_template($email_id); $event_trigger_arr = explode(",", $template_info["email_event_trigger"]); $template_info["email_event_trigger"] = $event_trigger_arr; $clients = $form_info["client_info"]; $admin_info = ft_get_admin_info(); $edit_email_tab = isset($_SESSION["ft"]["inner_tabs"]["edit_email_template"]) ? $_SESSION["ft"]["inner_tabs"]["edit_email_template"] : 1; if (isset($request["edit_email_template"])) { $edit_email_tab = $request["edit_email_template"]; } $form_has_file_upload_field = ft_check_form_has_file_upload_field($form_id); $file_field_text = $form_has_file_upload_field ? $LANG["text_file_field_placeholders_info"] : ""; // values for the test email subpage $num_submissions = ft_get_submission_count($form_id); $test_email_format = ft_load_field("test_email_format", "test_email_format"); $test_email_recipient = ft_load_field("test_email_recipient", "test_email_recipient", $admin_info["email"]); $test_email_data_source = ft_load_field("test_email_data_source", "test_email_data_source", "random_submission"); $test_email_submission_id = ft_load_field("test_email_submission_id", "test_email_submission_id", ""); $views = ft_get_views($form_id); $filtered_views = array(); $selected_edit_submission_views = array(); $selected_when_sent_views = array(); foreach ($views["results"] as $view) {
/** * Generates the placeholders for a particular form submission. This is used in the email templates, and here and there * for providing placeholder functionality to fields (like the "Edit Submission Label" textfield for a form, where they can * enter placeholders populated here). * * This returns ALL available placeholders for a form, regardless of View. * * @param integer $form_id * @param integer $submission_id * @param array $client_info a hash of information about the appropriate user (optional) * @return array a hash of placeholders and their replacement values (e.g. $arr["FORMURL"] => 17) */ function ft_get_submission_placeholders($form_id, $submission_id, $client_info = "") { global $g_root_url; $placeholders = array(); $settings = ft_get_settings(); $form_info = ft_get_form($form_id); $submission_info = ft_get_submission($form_id, $submission_id); $admin_info = ft_get_admin_info(); $file_field_type_ids = ft_get_file_field_type_ids(); $field_types = ft_get_field_types(true); // now loop through the info stored for this particular submission and for this particular field, // add the custom submission responses to the placeholder hash $form_field_params = array("include_field_type_info" => true, "include_field_settings" => true, "evaluate_dynamic_settings" => true); $form_fields = ft_get_form_fields($form_id, $form_field_params); foreach ($submission_info as $field_info) { $field_id = $field_info["field_id"]; $field_name = $field_info["field_name"]; $field_type_id = $field_info["field_type_id"]; if ($field_info["is_system_field"] == "no") { $placeholders["QUESTION_{$field_name}"] = $field_info["field_title"]; } if (in_array($field_type_id, $file_field_type_ids)) { $field_settings = ft_get_field_settings($field_id); $placeholders["FILENAME_{$field_name}"] = $field_info["content"]; $placeholders["FILEURL_{$field_name}"] = "{$field_settings["folder_url"]}/{$field_info["content"]}"; } else { $detailed_field_info = array(); foreach ($form_fields as $curr_field_info) { if ($curr_field_info["field_id"] != $field_id) { continue; } $detailed_field_info = $curr_field_info; break; } $params = array("form_id" => $form_id, "submission_id" => $submission_id, "value" => $field_info["content"], "field_info" => $detailed_field_info, "field_types" => $field_types, "settings" => $settings, "context" => "email_template"); $value = ft_generate_viewable_field($params); $placeholders["ANSWER_{$field_name}"] = $value; // for backward compatibility if ($field_name == "core__submission_date") { $placeholders["SUBMISSIONDATE"] = $value; } else { if ($field_name == "core__last_modified") { $placeholders["LASTMODIFIEDDATE"] = $value; } else { if ($field_name == "core__ip_address") { $placeholders["IPADDRESS"] = $value; } } } } } // other misc placeholders $placeholders["ADMINEMAIL"] = $admin_info["email"]; $placeholders["FORMNAME"] = $form_info["form_name"]; $placeholders["FORMURL"] = $form_info["form_url"]; $placeholders["SUBMISSIONID"] = $submission_id; $placeholders["LOGINURL"] = $g_root_url . "/index.php"; if (!empty($client_info)) { $placeholders["EMAIL"] = $client_info["email"]; $placeholders["FIRSTNAME"] = $client_info["first_name"]; $placeholders["LASTNAME"] = $client_info["last_name"]; $placeholders["COMPANYNAME"] = $client_info["company_name"]; } extract(ft_process_hook_calls("end", compact("placeholders"), array("placeholders")), EXTR_OVERWRITE); return $placeholders; }