/** * Shows a form to edit a forum mailing and its recipients. * * What it does: * - Called by ?action=admin;area=news;sa=mailingcompose. * - Requires the send_mail permission. * - Form is submitted to ?action=admin;area=news;sa=mailingsend. * * @uses ManageNews template, email_members_compose sub-template. */ public function action_mailingcompose() { global $txt, $context; // Setup the template! $context['page_title'] = $txt['admin_newsletters']; $context['sub_template'] = 'email_members_compose'; $context['subject'] = !empty($_POST['subject']) ? $_POST['subject'] : $context['forum_name'] . ': ' . htmlspecialchars($txt['subject'], ENT_COMPAT, 'UTF-8'); $context['message'] = !empty($_POST['message']) ? $_POST['message'] : htmlspecialchars($txt['message'] . "\n\n" . replaceBasicActionUrl($txt['regards_team']) . "\n\n" . '{$board_url}', ENT_COMPAT, 'UTF-8'); // Needed for the WYSIWYG editor. require_once SUBSDIR . '/Editor.subs.php'; // Now create the editor. $editorOptions = array('id' => 'message', 'value' => $context['message'], 'height' => '250px', 'width' => '100%', 'labels' => array('post_button' => $txt['sendtopic_send']), 'preview_type' => 2); create_control_richedit($editorOptions); if (isset($context['preview'])) { require_once SUBSDIR . '/Mail.subs.php'; $context['recipients']['members'] = !empty($_POST['members']) ? explode(',', $_POST['members']) : array(); $context['recipients']['exclude_members'] = !empty($_POST['exclude_members']) ? explode(',', $_POST['exclude_members']) : array(); $context['recipients']['groups'] = !empty($_POST['groups']) ? explode(',', $_POST['groups']) : array(); $context['recipients']['exclude_groups'] = !empty($_POST['exclude_groups']) ? explode(',', $_POST['exclude_groups']) : array(); $context['recipients']['emails'] = !empty($_POST['emails']) ? explode(';', $_POST['emails']) : array(); $context['email_force'] = !empty($_POST['email_force']) ? 1 : 0; $context['total_emails'] = !empty($_POST['total_emails']) ? (int) $_POST['total_emails'] : 0; $context['max_id_member'] = !empty($_POST['max_id_member']) ? (int) $_POST['max_id_member'] : 0; $context['send_pm'] = !empty($_POST['send_pm']) ? 1 : 0; $context['send_html'] = !empty($_POST['send_html']) ? '1' : '0'; return prepareMailingForPreview(); } // Start by finding any members! $toClean = array(); if (!empty($_POST['members'])) { $toClean[] = 'members'; } if (!empty($_POST['exclude_members'])) { $toClean[] = 'exclude_members'; } if (!empty($toClean)) { require_once SUBSDIR . '/Auth.subs.php'; foreach ($toClean as $type) { // Remove the quotes. $_POST[$type] = strtr((string) $_POST[$type], array('\\"' => '"')); preg_match_all('~"([^"]+)"~', $_POST[$type], $matches); $_POST[$type] = array_unique(array_merge($matches[1], explode(',', preg_replace('~"[^"]+"~', '', $_POST[$type])))); foreach ($_POST[$type] as $index => $member) { if (strlen(trim($member)) > 0) { $_POST[$type][$index] = Util::htmlspecialchars(Util::strtolower(trim($member))); } else { unset($_POST[$type][$index]); } } // Find the members $_POST[$type] = implode(',', array_keys(findMembers($_POST[$type]))); } } if (isset($_POST['member_list']) && is_array($_POST['member_list'])) { $members = array(); foreach ($_POST['member_list'] as $member_id) { $members[] = (int) $member_id; } $_POST['members'] = implode(',', $members); } if (isset($_POST['exclude_member_list']) && is_array($_POST['exclude_member_list'])) { $members = array(); foreach ($_POST['exclude_member_list'] as $member_id) { $members[] = (int) $member_id; } $_POST['exclude_members'] = implode(',', $members); } // Clean the other vars. $this->action_mailingsend(true); // We need a couple strings from the email template file loadLanguage('EmailTemplates'); require_once SUBSDIR . '/News.subs.php'; // Get a list of all full banned users. Use their Username and email to find them. // Only get the ones that can't login to turn off notification. $context['recipients']['exclude_members'] = excludeBannedMembers(); // Did they select moderators - if so add them as specific members... if (!empty($context['recipients']['groups']) && in_array(3, $context['recipients']['groups']) || !empty($context['recipients']['exclude_groups']) && in_array(3, $context['recipients']['exclude_groups'])) { $mods = getModerators(); foreach ($mods as $row) { if (in_array(3, $context['recipients'])) { $context['recipients']['exclude_members'][] = $row; } else { $context['recipients']['members'][] = $row; } } } require_once SUBSDIR . '/Members.subs.php'; // For progress bar! $context['total_emails'] = count($context['recipients']['emails']); $context['max_id_member'] = maxMemberID(); // Clean up the arrays. $context['recipients']['members'] = array_unique($context['recipients']['members']); $context['recipients']['exclude_members'] = array_unique($context['recipients']['exclude_members']); }
$servername = "okenso.com"; $username = "******"; $password = "******"; $dbname = "dev"; $conn = new mysqli($servername, $username, $password, $dbname); if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); } $error = false; $error_message = ""; $data = json_decode(file_get_contents('php://input'), true); $user = $data["username"]; $channelname = $data["channelname"]; $channelowner = $data["channelowner"]; if (isAdmin($conn, $user) || isOwner($conn, $user, $channelname, $channelowner) || isModerator($conn, $user, $channelname, $channelowner)) { $moderators = getModerators($conn, $channelname, $channelowner); $viewers = getViewers($conn, $channelname, $channelowner); $banned = getBanned($conn, $channelname, $channelowner); $public = isPublic($conn, $channelname, $channelowner); } else { $error = true; $error_message = "You do not have permission access settings for this channel"; } $conn->close(); $response = array('error' => $error, 'error_message' => $error_message, 'moderators' => $moderators, 'viewers' => $viewers, 'banned' => $banned, 'public' => $public); echo json_encode($response); function getModerators($conn, $channelname, $channelowner) { $stmt = $conn->prepare("SELECT cm_username FROM channelmods WHERE cm_chname=? AND cm_chowner=?"); $stmt->bind_param("ss", $channelname, $channelowner); $stmt->execute();