function sendWatchEmails($id)
{
global $DBPrefix, $system;
$query = "SELECT name, email, item_watch, id FROM " . $DBPrefix . "users WHERE item_watch LIKE '% " . $id . " %'";
$res = mysql_query($query);
$system->check_mysql($res, $query, __LINE__, __FILE__);
while ($watchusers = mysql_fetch_array($res)) {
$keys = explode(' ', $watchusers['item_watch']);
// If keyword matches with opened auction title or/and desc send user a mail
if (in_array($id, $keys)) {
$emailer = new email_handler();
$emailer->assign_vars(array('URL' => $system->SETTINGS['siteurl'] . 'item.php?mode=1&id=' . $id, 'TITLE' => $Auction['title'], 'NAME' => $watchusers['name']));
$emailer->email_uid = $watchusers['id'];
$emailer->email_sender($watchusers['email'], 'auctionend_watchmail.inc.php', $system->SETTINGS['sitename'] . ' - ' . $MSG['471']);
}
}
}
function sendWatchEmails($id)
{
global $DBPrefix, $system, $db;
$query = "SELECT name, email, item_watch, id FROM " . $DBPrefix . "users WHERE item_watch LIKE :item_watch";
$params = array();
$params[] = array(':item_watch', '% ' . $id . ' %', 'str');
$db->query($query, $params);
while ($watchusers = $db->fetch()) {
$keys = explode(' ', $watchusers['item_watch']);
// If keyword matches with opened auction title or/and desc send user a mail
if (in_array($id, $keys)) {
$emailer = new email_handler();
$emailer->assign_vars(array('URL' => $system->SETTINGS['siteurl'] . 'item.php?mode=1&id=' . $id, 'TITLE' => htmlspecialchars($Auction['title']), 'NAME' => $watchusers['name']));
$emailer->email_uid = $watchusers['id'];
$emailer->email_sender($watchusers['email'], 'auctionend_watchmail.inc.php', $system->SETTINGS['sitename'] . ' - ' . $MSG['471']);
}
}
}
<?php
/***************************************************************************
* copyright : (C) 2008 - 2016 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
$emailer = new email_handler();
$emailer->assign_vars(array('SITE_URL' => $system->SETTINGS['siteurl'], 'SITENAME' => $system->SETTINGS['sitename'], 'A_ID' => $auction_id, 'A_TITLE' => $title, 'A_TYPE' => $atype == 1 ? $MSG['642'] : $MSG['641'], 'A_PICURL' => $pict_url != '' ? UPLOAD_FOLDER . $auction_id . '/' . $pict_url : 'images/email_alerts/default_item_img.jpg', 'A_MINBID' => $system->print_money($minimum_bid, false), 'A_RESERVE' => $system->print_money($reserve_price, false), 'A_BNPRICE' => $system->print_money($buy_now_price, false), 'A_ENDS' => $dt->printDateTz($a_ends), 'C_NAME' => $user->user_data['name']));
$emailer->email_uid = $user->user_data['id'];
$subject = $system->SETTINGS['sitename'] . ' ' . $MSG['auction_awaiting_approval'] . ': ' . $title . ' (' . $auction_id . ')';
$emailer->email_sender($user->user_data['email'], 'auction_pending_moderation.php', $subject);
$params[] = array(':user_id', $user->user_data['id'], 'int');
$db->query($query, $params);
$sent_to = array();
while ($row = $db->fetch()) {
if (isset($match)) {
unset($match);
}
$w_title = explode(' ', strtolower($_SESSION['SELL_title']));
$w_descr = explode(' ', strtolower(str_replace(array('<br>', "\n"), '', strip_tags($_SESSION['SELL_description']))));
$w_nick = strtolower($user->user_data['nick']);
$key = explode(' ', $row['auc_watch']);
if (is_array($key) && count($key) > 0) {
foreach ($key as $k => $v) {
$v = trim(strtolower($v));
if ((in_array($v, $w_title) || in_array($v, $w_descr) || $v == $w_nick) && !in_array($row['id'], $sent_to)) {
$emailer = new email_handler();
$emailer->assign_vars(array('URL' => $system->SETTINGS['siteurl'] . 'item.php?id=' . $_SESSION['SELL_auction_id'], 'SITENAME' => $system->SETTINGS['sitename'], 'TITLE' => $_SESSION['SELL_title'], 'REALNAME' => $row['name'], 'KWORD' => $row['auc_watch']));
$emailer->email_uid = $row['id'];
$emailer->email_sender($row['email'], 'auction_watchmail.inc.php', $system->SETTINGS['sitename'] . ' ' . $MSG['471']);
$sent_to[] = $row['id'];
}
}
}
}
if ($user->user_data['startemailmode'] == 'yes') {
include $include_path . 'email_auction_confirmation.php';
}
if ($system->SETTINGS['bn_only'] == 'y' && $system->SETTINGS['bn_only_disable'] == 'y' && $system->SETTINGS['bn_only_percent'] < 100) {
$query = "SELECT COUNT(*) as count FROM " . $DBPrefix . "auctions\n\t\t\t\t\t\t\tWHERE closed = 0 AND suspended = 0 AND user = :user_id";
$params = array();
$params[] = array(':user_id', $user->user_data['id'], 'int');
* copyright : (C) 2008 - 2015 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
// Check if the e-mail has to be sent or not
$query = "SELECT endemailmode FROM " . $DBPrefix . "users WHERE id = :seller_id";
$params = array();
$params[] = array(':seller_id', $Seller['id'], 'int');
$db->query($query, $params);
$emailmode = $db->result('endemailmode');
$qty_current = $Auction['initial_quantity'] == $Auction['quantity'] ? $Auction['initial_quantity'] : $Auction['quantity'];
$qty_sold = $Auction['initial_quantity'] - $qty_current;
$qty_left = $Auction['quantity'];
$report_text = $Winner['nick'] . ' - <a href="mailto:' . $Winner['email'] . '">' . $Winner['email'] . '</a>';
$report_text .= '<br>' . $MSG['30_0086'] . $Winner['address'] . ', ' . $Winner['city'] . ', ' . $Winner['prov'] . ', ' . $Winner['zip'] . ', ' . $Winner['country'];
if ($emailmode == 'one') {
$emailer = new email_handler();
$emailer->assign_vars(array('S_NAME' => $Seller['name'], 'A_URL' => $system->SETTINGS['siteurl'] . 'item.php?id=' . $Auction['id'], 'A_PICURL' => $Auction['pict_url'] != '' ? $uploaded_path . $Auction['id'] . '/' . $Auction['pict_url'] : 'images/email_alerts/default_item_img.jpg', 'A_TITLE' => $Auction['title'], 'A_CURRENTBID' => $system->print_money($Auction['buy_now']), 'A_QTY_SOLD' => $qty_sold, 'A_QTY_LEFT' => $qty_left, 'A_QTY_THIS_SALE' => $qty, 'A_ENDS' => $ends_string, 'B_REPORT' => $report_text, 'SITE_URL' => $system->SETTINGS['siteurl'], 'SITENAME' => $system->SETTINGS['sitename']));
$emailer->email_uid = $Seller['id'];
$subject = $system->SETTINGS['sitename'] . ' Some items have been sold in ' . $Auction['title'];
$emailer->email_sender($Seller['email'], 'email_seller_partial_winner.inc.php', $subject);
}
$USER = $db->result();
$emailer = new email_handler();
$emailer->assign_vars(array('SITENAME' => $system->SETTINGS['sitename'], 'SITEURL' => $system->SETTINGS['siteurl'], 'ADMINMAIL' => $system->SETTINGS['adminmail'], 'CONFIRMURL' => $system->SETTINGS['siteurl'] . 'confirm.php?id=' . $USER['id'] . '&hash=' . md5($MD5_PREFIX . $USER['nick']), 'C_NAME' => $USER['name']));
$emailer->email_uid = $USER['id'];
$emailer->email_sender($USER['email'], 'usermail.inc.php', $system->SETTINGS['sitename'] . ' ' . $MSG['098']);
$ERR = $MSG['059'];
}
}
if (isset($_GET['payreminder']) && isset($_GET['id']) && is_numeric($_GET['id'])) {
$query = "SELECT id, name, email, balance FROM " . $DBPrefix . "users WHERE id = :user_id";
$params = array();
$params[] = array(':user_id', $_GET['id'], 'int');
$db->query($query, $params);
if ($db->numrows() > 0) {
$USER = $db->result();
$emailer = new email_handler();
$emailer->assign_vars(array('SITENAME' => $system->SETTINGS['sitename'], 'LINK' => $system->SETTINGS['siteurl'] . 'outstanding.php', 'C_NAME' => $USER['name'], 'BALANCE' => $USER['balance']));
$emailer->email_uid = $USER['id'];
$emailer->email_sender($USER['email'], 'payment_reminder.inc.php', $system->SETTINGS['sitename'] . ' ' . $MSG['766']);
$ERR = $MSG['765'];
}
}
if (isset($_GET['usersfilter'])) {
$_SESSION['usersfilter'] = $_GET['usersfilter'];
switch ($_GET['usersfilter']) {
case 'all':
unset($_SESSION['usersfilter']);
unset($Q);
break;
case 'active':
$Q = 0;
function check_balance()
{
global $system, $DBPrefix, $MSG, $db;
// check if user needs to be suspended
if ($system->SETTINGS['fee_type'] == 1 && $this->logged_in && $this->user_data['suspended'] != 7 && $system->SETTINGS['fee_disable_acc'] == 'y') {
if ($system->SETTINGS['fee_max_debt'] <= -1 * $this->user_data['balance']) {
$query = "UPDATE " . $DBPrefix . "users SET suspended = 7 WHERE id = :user_id";
$params = array();
$params[] = array(':user_id', $this->user_data['id'], 'int');
$db->query($query, $params);
// send email
$emailer = new email_handler();
$emailer->assign_vars(array('SITENAME' => $system->SETTINGS['sitename'], 'NAME' => $this->user_data['name'], 'BALANCE' => $system->print_money($this->user_data['balance']), 'OUTSTANDING' => $system->SETTINGS['siteurl'] . 'outstanding.php'));
$emailer->email_uid = $this->user_data['id'];
$emailer->email_sender($this->user_data['email'], 'suspended_balance.inc.php', $system->SETTINGS['sitename'] . ' - ' . $MSG['753']);
}
}
}
<?php
/***************************************************************************
* copyright : (C) 2008 - 2015 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
// Check if the e-mail has to be sent or not
$query = "SELECT endemailmode FROM " . $DBPrefix . "users WHERE id = :seller_id";
$params = array();
$params[] = array(':seller_id', $Seller['id'], 'int');
$db->query($query, $params);
$emailmode = $db->result('endemailmode');
if ($emailmode == 'one') {
$emailer = new email_handler();
$emailer->assign_vars(array('S_NAME' => $Seller['name'], 'A_URL' => $system->SETTINGS['siteurl'] . 'item.php?id=' . $Auction['id'], 'A_PICURL' => $Auction['pict_url'] != '' ? $uploaded_path . $Auction['id'] . '/' . $Auction['pict_url'] : 'images/email_alerts/default_item_img.jpg', 'A_TITLE' => $Auction['title'], 'A_CURRENTBID' => $system->print_money($Auction['current_bid']), 'A_QTY' => $Auction['quantity'], 'A_ENDS' => $ends_string, 'B_REPORT' => $report_text, 'SITE_URL' => $system->SETTINGS['siteurl'], 'SITENAME' => $system->SETTINGS['sitename']));
$emailer->email_uid = $Seller['id'];
$subject = $system->SETTINGS['sitename'] . ' ' . $MSG['079'] . ' ' . $MSG['907'] . ' ' . $system->uncleanvars($Auction['title']);
$emailer->email_sender($Seller['email'], 'endauction_winner.inc.php', $subject);
}
<?php
/***************************************************************************
* copyright : (C) 2008 - 2015 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
$emailer = new email_handler();
$emailer->assign_vars(array('SITENAME' => $system->SETTINGS['sitename'], 'SITEURL' => $system->SETTINGS['siteurl'], 'ADMINMAIL' => $system->SETTINGS['adminmail'], 'CONFIRMURL' => $system->SETTINGS['siteurl'] . 'confirm.php?id=' . $TPL_id_hidden . '&hash=' . md5($MD5_PREFIX . $TPL_nick_hidden), 'C_NAME' => $TPL_name_hidden));
$emailer->email_uid = $TPL_id_hidden;
$emailer->email_sender($TPL_email_hidden, 'usermail.inc.php', $system->SETTINGS['sitename'] . ' ' . $MSG['098']);
<?php
/***************************************************************************
* copyright : (C) 2008 - 2016 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
$emailer = new email_handler();
$emailer->assign_vars(array('SITE_URL' => $system->SETTINGS['siteurl'], 'SITENAME' => $system->SETTINGS['sitename'], 'ADMINMAIL' => $system->SETTINGS['adminmail'], 'REPORT' => $report, 'REPORT_WINNER' => isset($report_winner) ? $MSG['communative_report_winner_yes'] : $MSG['communative_report_winner_no'], 'S_NAME' => $row['name']));
$emailer->email_uid = $row['id'];
$emailer->email_sender($row['email'], 'endauction_cumulative.inc.php', $MSG['25_0199']);
<?php
/***************************************************************************
* copyright : (C) 2008 - 2015 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
//echo "got here ". $Winner['name'];
$item_title = $system->uncleanvars($Auction['title']);
$emailer = new email_handler();
$emailer->assign_vars(array('W_NAME' => $Winner['name'], 'A_PICURL' => $Auction['pict_url'] != '' ? $uploaded_path . $Auction['id'] . '/' . $Auction['pict_url'] : 'images/email_alerts/default_item_img.jpg', 'A_URL' => $system->SETTINGS['siteurl'] . 'item.php?id=' . $Auction['id'], 'A_TITLE' => $Auction['title'], 'A_CURRENTBID' => $system->print_money($Auction['buy_now']), 'A_QUANTITY' => $qty, 'A_ENDS' => $ends_string, 'S_NICK' => $Seller['nick'], 'S_EMAIL' => $Seller['email'], 'SITE_URL' => $system->SETTINGS['siteurl'], 'SITENAME' => $system->SETTINGS['sitename']));
$emailer->email_uid = $Winner['id'];
$emailer->email_sender($Winner['email'], 'endauction_multi_item_win.inc.php', $system->SETTINGS['sitename'] . 'You Won ' . $item_title);
<?php
/***************************************************************************
* copyright : (C) 2008 - 2014 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
$item_title = $system->uncleanvars($Auction['title']);
$emailer = new email_handler();
$emailer->assign_vars(array('W_NAME' => $Winner['name'], 'A_PICURL' => $Auction['pict_url'] != '' ? $uploaded_path . $Auction['id'] . '/' . $Auction['pict_url'] : 'images/email_alerts/default_item_img.jpg', 'A_URL' => $system->SETTINGS['siteurl'] . 'item.php?id=' . $Auction['id'], 'A_TITLE' => $item_title, 'A_CURRENTBID' => $system->print_money($Auction['current_bid'], true, false), 'A_ENDS' => $ends_string, 'S_NICK' => $Seller['nick'], 'S_EMAIL' => $Seller['email'], 'SITE_URL' => $system->SETTINGS['siteurl'], 'SITENAME' => $system->SETTINGS['sitename']));
$emailer->email_uid = $Winner['id'];
$emailer->email_sender($Winner['email'], 'endauction_youwin_nodutch.inc.php', $system->SETTINGS['sitename'] . $MSG['909'] . ': ' . $item_title);
$ERR = $ERR_622;
} else {
$query = "SELECT title FROM " . $DBPrefix . "auctions WHERE id = :auction_id";
$params = array();
$params[] = array(':auction_id', $auction_id, 'int');
$db->query($query, $params);
if ($db->numrows() == 0) {
$ERR = $ERR_622;
} else {
$item_title = $db->result('title');
$item_title = $system->uncleanvars($item_title);
$from_email = $system->SETTINGS['users_email'] == 'n' ? $user->user_data['email'] : $system->SETTINGS['adminmail'];
// Send e-mail message
$subject = $MSG['335'] . ' ' . $system->SETTINGS['sitename'] . ' ' . $MSG['336'] . ' ' . $item_title;
$message = $MSG['084'] . ' ' . $MSG['240'] . ': ' . $from_email . "\n\n" . $_POST['TPL_text'];
$emailer = new email_handler();
$emailer->email_uid = $user_id;
$emailer->email_basic($subject, $email, nl2br($message), $user->user_data['name'] . '<' . $from_email . '>');
//send the email :D
// send a copy to their mesasge box
$nowmessage = nl2br($system->cleanvars($message));
$query = "INSERT INTO " . $DBPrefix . "messages (sentto, sentfrom, sentat, message, subject)\n\t\t\t\t\tVALUES (:id, :user_id, :times, :nowmessage, :msg)";
$params = array();
$params[] = array(':id', $user_id, 'int');
$params[] = array(':user_id', $user->user_data['id'], 'int');
$params[] = array(':times', time(), 'int');
$params[] = array(':nowmessage', $nowmessage, 'str');
$params[] = array(':msg', $system->cleanvars(sprintf($MSG['651'], $item_title)), 'str');
$db->query($query, $params);
$sent = true;
}
<?php
/***************************************************************************
* copyright : (C) 2008 - 2016 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
$emailer = new email_handler();
$emailer->assign_vars(array('C_ID' => addslashes($TPL_id_hidden), 'C_NAME' => addslashes($TPL_name_hidden), 'C_NICK' => addslashes($TPL_nick_hidden), 'C_ADDRESS' => addslashes($_POST['TPL_address']), 'C_CITY' => addslashes($_POST['TPL_city']), 'C_PROV' => addslashes($_POST['TPL_prov']), 'C_ZIP' => addslashes($_POST['TPL_zip']), 'C_COUNTRY' => addslashes($_POST['TPL_country']), 'C_PHONE' => addslashes($_POST['TPL_phone']), 'C_EMAIL' => addslashes($_POST['TPL_email']), 'C_PASSWORD' => addslashes($TPL_password_hidden), 'SITENAME' => $system->SETTINGS['sitename'], 'SITEURL' => $system->SETTINGS['siteurl'], 'ADMINEMAIL' => $system->SETTINGS['adminmail'], 'CONFIRMATION_PAGE' => $system->SETTINGS['siteurl'] . 'confirm.php?id=' . $TPL_id_hidden . '&hash=' . md5($MD5_PREFIX . $TPL_nick_hidden), 'LOGO' => $system->SETTINGS['siteurl'] . 'uploaded/logo/' . $system->SETTINGS['logo']));
$emailer->email_uid = $TPL_id_hidden;
$emailer->email_sender(array($TPL_email_hidden, $system->SETTINGS['adminmail']), 'user_needapproval.inc.php', $system->SETTINGS['sitename'] . ' ' . $MSG['098']);
<?php
/***************************************************************************
* copyright : (C) 2008 - 2014 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
if (strlen(strip_tags($Auction['description'])) > 60) {
$description = substr(strip_tags($Auction['description']), 0, 50) . '...';
} else {
$description = $Auction['description'];
}
$emailer = new email_handler();
$emailer->assign_vars(array('W_NAME' => $Winner['name'], 'W_WANTED' => $Winner['wanted'], 'W_GOT' => $Winner['quantity'], 'A_URL' => $system->SETTINGS['siteurl'] . 'item.php?id=' . $Auction['id'], 'A_TITLE' => $system->uncleanvars($Auction['title']), 'A_DESCRIPTION' => $description, 'A_CURRENTBID' => $system->print_money($WINNERS_BID[$Winner['current_bid']], true, false), 'A_ENDS' => $ends_string, 'S_NICK' => $Seller['nick'], 'S_EMAIL' => $Seller['email'], 'S_PAYMENT' => $Seller['payment_details'], 'SITE_URL' => $system->SETTINGS['siteurl'], 'SITENAME' => $system->SETTINGS['sitename'], 'ADMINEMAIL' => $system->SETTINGS['adminmail']));
$emailer->email_uid = $Winner['id'];
$emailer->email_sender($Winner['email'], 'endauction_youwin.inc.php', $MSG['909']);
$params[] = array(':user_id', $Auction['user'], 'int');
$db->query($query, $params);
$query = "INSERT INTO " . $DBPrefix . "useraccounts (user_id, auc_id, date, finalval, total, paid) VALUES\n\t\t\t\t\t\t\t(:user_id, :auc_id, :time, :finalval, :total, 1)";
$params = array();
$params[] = array(':user_id', $Auction['user'], 'int');
$params[] = array(':auc_id', $id, 'int');
$params[] = array(':time', $NOW, 'int');
$params[] = array(':finalval', $fee_value, 'int');
$params[] = array(':total', $fee_value, 'int');
$db->query($query, $params);
} else {
$query = "UPDATE " . $DBPrefix . "users SET suspended = 5 WHERE id = :user_id";
$params = array();
$params[] = array(':user_id', $Auction['user'], 'int');
$db->query($query, $params);
$emailer = new email_handler();
$emailer->assign_vars(array('ID' => $Auction['id'], 'TITLE' => $system->uncleanvars($Auction['title']), 'NAME' => $Seller['name'], 'LINK' => $system->SETTINGS['siteurl'] . 'pay.php?a=7&auction_id=' . $Auction['id']));
$emailer->email_uid = $Auction['user'];
$emailer->email_sender($Seller['email'], 'final_value_fee.inc.php', $system->SETTINGS['sitename'] . ' - ' . $MSG['523']);
$ff_paid = 0;
}
}
$query = "INSERT INTO " . $DBPrefix . "winners\n\t\t\t\t\t(auction, seller, winner, bid, closingdate, feedback_win, feedback_sel, qty, paid, bf_paid, ff_paid, shipped) VALUES\n\t\t\t\t\t(:auc_id, :seller_id, :winner_id, :buy_now, :time, 0, 0, :quantity, 0, :bf_paid, :ff_paid, 0)";
$params = array();
$params[] = array(':auc_id', $id, 'int');
$params[] = array(':seller_id', $Auction['user'], 'int');
$params[] = array(':winner_id', $Winner['id'], 'int');
$params[] = array(':buy_now', $Auction['buy_now'], 'float');
$params[] = array(':time', $NOW, 'int');
$params[] = array(':quantity', $qty, 'int');
$params[] = array(':bf_paid', $bf_paid, 'float');
<?php
/***************************************************************************
* copyright : (C) 2008 - 2015 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
$emailer = new email_handler();
$emailer->assign_vars(array('SITE_URL' => $system->SETTINGS['siteurl'], 'SITENAME' => $system->SETTINGS['sitename'], 'ADMINMAIL' => $system->SETTINGS['adminmail'], 'REPORT' => $report, 'S_NAME' => $row['name']));
$emailer->email_uid = $row['id'];
$emailer->email_sender($row['email'], 'endauction_cumulative.inc.php', $MSG['25_0199']);
<?php
/***************************************************************************
* copyright : (C) 2008 - 2015 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
$item_title = $system->uncleanvars($item_title);
$emailer = new email_handler();
$emailer->assign_vars(array('SITE_URL' => $system->SETTINGS['siteurl'], 'SITENAME' => $system->SETTINGS['sitename'], 'C_NAME' => $OldWinner_name, 'C_BID' => $OldWinner_bid, 'N_BID' => $new_bid, 'A_TITLE' => $item_title, 'A_ENDS' => $ends_string, 'A_PICURL' => $pict_url_plain != '' ? $uploaded_path . $item_id . '/' . $pict_url_plain : 'images/email_alerts/default_item_img.jpg', 'A_URL' => $system->SETTINGS['siteurl'] . 'item.php?id=' . $item_id));
$emailer->email_uid = $OldWinner_id;
$emailer->email_sender($OldWinner_email, 'no_longer_winner.inc.php', $system->SETTINGS['sitename'] . ' ' . $MSG['906'] . ': ' . $item_title);
<?php
/***************************************************************************
* copyright : (C) 2008 - 2015 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
if ($user->user_data['startemailmode'] == 'yes') {
$emailer = new email_handler();
$emailer->assign_vars(array('SITE_URL' => $system->SETTINGS['siteurl'], 'SITENAME' => $system->SETTINGS['sitename'], 'A_ID' => $auction_id, 'A_TITLE' => $title, 'A_TYPE' => $atype == 1 ? $MSG['642'] : $MSG['641'], 'A_PICURL' => $pict_url != '' ? $uploaded_path . $auction_id . '/' . $pict_url : 'images/email_alerts/default_item_img.jpg', 'A_MINBID' => $system->print_money($minimum_bid), 'A_RESERVE' => $system->print_money($reserve_price), 'A_BNPRICE' => $system->print_money($buy_now_price), 'A_ENDS' => ArrangeDateNoCorrection($a_ends + $system->tdiff), 'C_NAME' => $user->user_data['name']));
$emailer->email_uid = $user->user_data['id'];
$subject = $system->SETTINGS['sitename'] . ' ' . $MSG['099'] . ': ' . $title . ' (' . $auction_id . ')';
$emailer->email_sender($user->user_data['email'], 'auctionmail.inc.php', $subject);
}
$nowmessage = nl2br($message);
if (!$email) {
$userarray = $db->result();
// check use mailbox insnt full
$query = "SELECT * FROM " . $DBPrefix . "messages WHERE sentto = :user_id";
$params = array();
$params[] = array(':user_id', $userarray['id'], 'int');
$db->query($query, $params);
if ($db->numrows() >= $mailbox_space) {
$_SESSION['message'] = sprintf($MSG['443'], $sendto);
header('location: mail.php');
exit;
}
} else {
// send the email
$emailer = new email_handler();
$from_email = $system->SETTINGS['users_email'] == 'n' ? $user->user_data['email'] : $system->SETTINGS['adminmail'];
$emailer->email_basic($subject, $sendto, $nowmessage, $from_email);
}
// send message
$id_type = $email ? 'fromemail' : 'sentto';
$query = "INSERT INTO " . $DBPrefix . "messages (" . $id_type . ", sentfrom, message, subject, reply_of, question)\n\t\t\tVALUES (:to_ids, :sender_id, :nowmessages, :subjects, :reply_of_hash, :question_hash)";
$params = array();
$params[] = array(':to_ids', $email ? $sendto : $userarray['id'], 'bool');
$params[] = array(':sender_id', $user->user_data['id'], 'int');
$params[] = array(':nowmessages', $nowmessage, 'str');
$params[] = array(':subjects', $subject, 'str');
$params[] = array(':reply_of_hash', $_SESSION['reply_of' . $_POST['hash']], 'int');
$params[] = array(':question_hash', $_SESSION['question' . $_POST['hash']], 'int');
$db->query($query, $params);
// Track IP
if ($system->SETTINGS['wordsfilter'] == 'y') {
$cleaned_question = $system->filter($cleaned_question);
}
// Check errors
if (isset($_POST['action']) && (!isset($_POST['sender_name']) || !isset($_POST['sender_email']) || empty($seller_nick) || empty($seller_email))) {
$TPL_error_text = $ERR_032;
}
if (empty($cleaned_question)) {
$TPL_error_text = $ERR_031;
}
if (isset($_POST['action']) && (!preg_match('/^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+([\\.][a-z0-9-]+)+$/i', $_POST['sender_email']) || !preg_match('/^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+([\\.][a-z0-9-]+)+$/i', $seller_email))) {
$TPL_error_text = $ERR_008;
}
if (empty($TPL_error_text)) {
$mes = $MSG['337'] . ': <i>' . $seller_nick . '</i><br><br>';
$emailer = new email_handler();
$emailer->assign_vars(array('SENDER_NAME' => $_POST['sender_name'], 'SENDER_QUESTION' => $cleaned_question, 'SENDER_EMAIL' => $_POST['sender_email'], 'SITENAME' => $system->SETTINGS['sitename'], 'SITEURL' => $system->SETTINGS['siteurl'], 'AID' => $auction_id, 'TITLE' => $item_title, 'SELLER_NICK' => $seller_nick));
$item_title = $system->uncleanvars($item_title);
$subject = $MSG['335'] . ' ' . $system->SETTINGS['sitename'] . ' ' . $MSG['336'] . ' ' . $item_title;
$from_id = !$user->logged_in ? $_POST['sender_email'] : $user->user_data['id'];
$id_type = !$user->logged_in ? 'fromemail' : 'sentfrom';
$emailer->email_uid = $seller_id;
$emailer->email_sender($seller_email, 'send_email.inc.php', $subject);
$query = "INSERT INTO " . $DBPrefix . "messages (sentto, " . $id_type . ", sentat, message, subject, question)\n\t\t\tVALUES (:seller_id, :from_id, :timer, :question, :title, :auc_id)";
$params = array();
$params[] = array(':seller_id', $seller_id, 'int');
$params[] = array(':from_id', $from_id, 'int');
$params[] = array(':timer', time(), 'int');
$params[] = array(':question', $cleaned_question, 'str');
$params[] = array(':title', $system->cleanvars(sprintf($MSG['651'], $item_title)), 'str');
$params[] = array(':auc_id', $auction_id, 'int');
<?php
/***************************************************************************
* copyright : (C) 2008 - 2014 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
$emailer = new email_handler();
$emailer->assign_vars(array('SITE_URL' => $system->SETTINGS['siteurl'], 'SITENAME' => $system->SETTINGS['sitename'], 'C_NAME' => $USER['name']));
$emailer->userlang = $language;
$emailer->email_sender(array($USER['email'], $system->SETTINGS['adminmail']), 'user_approved.inc.php', $system->SETTINGS['sitename'] . ' ' . $MSG['095']);
// Update counters table with the new bid
// Send notification if users keyword matches (Item Watch)
$query = "SELECT id, email, name, item_watch FROM " . $DBPrefix . "users WHERE item_watch != '' AND item_watch IS NOT NULL AND id != :user_id";
$params = array();
$params[] = array(':user_id', $bidder_id, 'int');
$db->query($query, $params);
$fetch = $db->fetchall();
foreach ($fetch as $row) {
// If keyword matches with opened auction title or/and desc send user a mail
if (strstr($row['item_watch'], strval($id)) !== false) {
// Get data about the auction
$query = "SELECT title, current_bid FROM " . $DBPrefix . "auctions WHERE id = :auc_id";
$params = array();
$params[] = array(':auc_id', $id, 'int');
$db->query($query, $params);
$emailer = new email_handler();
$emailer->assign_vars(array('REALNAME' => $row['name'], 'TITLE' => mysql_result($res, 0, 'title'), 'BID' => $system->print_money(mysql_result($res, 0, 'current_bid'), false), 'AUCTION_URL' => $system->SETTINGS['siteurl'] . 'item.php?id=' . $id));
$emailer->email_uid = $row['id'];
$emailer->email_sender($row['email'], 'item_watch.inc.php', $system->SETTINGS['sitename'] . ' - ' . $MSG['472']);
}
}
// End of Item watch
if ($send_email) {
$month = date('m', $c + $system->tdiff);
$ends_string = $MSG['MON_0' . $month] . ' ' . date('d, Y H:i', $c + $system->tdiff);
$new_bid = $system->print_money($next_bid);
// Send e-mail message
include $include_path . 'email_outbid.php';
}
if (defined('TrackUserIPs')) {
// log auction bid IP
}
$idcheck[] = $row['id'];
}
}
$data[] = $auctions_count;
// get auctions sold item
$query = "SELECT COUNT(DISTINCT a.id) AS total FROM " . $DBPrefix . "winners a\n\t\tLEFT JOIN " . $DBPrefix . "auctions b ON (a.auction = b.id)\n\t\tWHERE b.closed = 1 AND a.seller = :sellers AND a.is_read = 0";
$params = array();
$params[] = array(':sellers', $secid, 'int');
$db->query($query, $params);
$data[] = $db->result('total');
return $data;
}
// Send buyer's request to the administrator
if (isset($_POST['requesttoadmin'])) {
$emailer = new email_handler();
$emailer->assign_vars(array('NAME' => $user->user_data['name'], 'NICK' => $user->user_data['nick'], 'EMAIL' => $user->user_data['email'], 'ID' => $user->user_data['id']));
$emailer->email_sender($system->SETTINGS['adminmail'], 'buyer_request.inc.php', $MSG['820']);
$_SESSION['TMP_MSG'] = $MSG['25_0142'];
}
$cptab = isset($_GET['cptab']) ? $_GET['cptab'] : '';
switch ($cptab) {
default:
case 'summary':
$_SESSION['cptab'] = 'summary';
break;
case 'account':
$_SESSION['cptab'] = 'account';
break;
case 'selling':
$_SESSION['cptab'] = 'selling';
if (isset($_POST['action']) && $_POST['action'] == 'ok') {
if (isset($_POST['TPL_username']) && isset($_POST['TPL_email'])) {
$query = "SELECT email, id, name FROM " . $DBPrefix . "users WHERE nick = :username AND email = :email LIMIT 1";
$params = array();
$params[] = array(':username', $system->cleanvars($_POST['TPL_username']), 'str');
$params[] = array(':email', $system->cleanvars($_POST['TPL_email']), 'str');
$db->query($query, $params);
if ($db->numrows() > 0) {
// Generate a new random password and mail it to the user
$user_data = $db->result();
$email = $user_data['email'];
$id = $user_data['id'];
$name = $user_data['name'];
$newpass = generatePassword();
// send message
$emailer = new email_handler();
$emailer->assign_vars(array('REALNAME' => $name, 'NEWPASS' => $newpass, 'SITENAME' => $system->SETTINGS['sitename']));
$emailer->email_uid = $id;
$emailer->email_sender($email, 'newpasswd.inc.php', $MSG['024']);
// Update database
$query = "UPDATE " . $DBPrefix . "users SET password = :password WHERE id = :user_id";
// hash password
include $include_path . 'PasswordHash.php';
$phpass = new PasswordHash(8, false);
$params = array();
$params[] = array(':password', $phpass->HashPassword($newpass), 'str');
$params[] = array(':user_id', $id, 'int');
$db->query($query, $params);
} else {
$ERR = $ERR_076;
}
$INFO = $MSG['email_settings_updated'];
}
}
$selectsetting = isset($system->SETTINGS['mail_protocol']) ? $system->SETTINGS['mail_protocol'] : '0';
loadblock($MSG['1119'], '', generateSelect('mail_protocol', $mail_protocol));
loadblock($MSG['1120'], '<span class="non_smtp para">' . $MSG['1121'], 'text', 'mail_parameter', $system->SETTINGS['mail_parameter']);
loadblock($MSG['1133'] . '<span class="smtp"></span>' . $MSG['1141'], '', '', '', '', array(), true);
loadblock($MSG['1128'], '<span class="smtp"></span>', 'yesno', 'smtp_authentication', $system->SETTINGS['smtp_authentication'], array($MSG['yes'], $MSG['no']));
$selectsetting = isset($system->SETTINGS['smtp_security']) ? $system->SETTINGS['smtp_security'] : 'none';
loadblock($MSG['1127'], '<span class="smtp"></span>', generateSelect('smtp_security', $smtp_secure_options));
loadblock($MSG['1126'], '<span class="smtp"></span>', 'text', 'smtp_port', $system->SETTINGS['smtp_port']);
loadblock($MSG['1124'], '<span class="smtp"></span>', 'text', 'smtp_username', $system->SETTINGS['smtp_username']);
loadblock($MSG['1125'], '<span class="smtp"></span>', 'text', 'smtp_password', $system->SETTINGS['smtp_password']);
loadblock($MSG['1122'], '<span class="smtp"></span>', 'text', 'smtp_host', $system->SETTINGS['smtp_host']);
loadblock($MSG['1129'], sprintf($MSG['1130'], $system->SETTINGS['adminmail']), 'text', 'alert_emails', $system->SETTINGS['alert_emails']);
$mail_info2 = '';
// send test email
if (isset($_GET['test_email'])) {
$user_name = filter_var($_POST["user_name"], FILTER_SANITIZE_STRING);
$to_email = filter_var($_POST["user_email"], FILTER_SANITIZE_EMAIL);
$subject = filter_var($_POST["subject"], FILTER_SANITIZE_STRING);
$message = filter_var($_POST["message"], FILTER_SANITIZE_STRING);
$emailer = new email_handler();
$emailer->email_basic($subject, $to_email, $message);
die;
}
$template->assign_vars(array('SITEURL' => $system->SETTINGS['siteurl'], 'TYPENAME' => $MSG['524'], 'PAGENAME' => $MSG['1131'], 'MAIL_PROTOCOL' => $mail_protocol[$system->SETTINGS['mail_protocol']], 'SMTP_AUTH' => $system->SETTINGS['smtp_authentication'], 'SMTP_SEC' => $system->SETTINGS['smtp_security'], 'SMTP_PORT' => !empty($system->SETTINGS['smtp_port']) && is_numeric($system->SETTINGS['smtp_port']) ? $system->SETTINGS['smtp_port'] : 25, 'SMTP_USER' => $system->SETTINGS['smtp_username'], 'SMTP_PASS' => $system->SETTINGS['smtp_password'], 'SMTP_HOST' => $system->SETTINGS['smtp_host'], 'ALERT_EMAILS' => $system->SETTINGS['alert_emails'], 'ADMIN_EMAIL' => $system->SETTINGS['adminmail']));
include 'header.php';
$template->set_filenames(array('body' => 'emailsettings.tpl'));
$template->display('body');
include 'footer.php';
$TPL_error_text = $ERR_008;
}
if ($system->SETTINGS['spam_sendtofriend'] == 2) {
$resp = recaptcha_check_answer($system->SETTINGS['recaptcha_private'], $_POST['g-recaptcha-response']);
if (!$resp) {
$TPL_error_text = $MSG['752'];
}
} elseif ($system->SETTINGS['spam_sendtofriend'] == 1) {
if (!$resp->check($_POST['captcha_code'])) {
$TPL_error_text = $MSG['752'];
}
}
if (!empty($TPL_error_text)) {
$emailsent = 1;
} else {
$emailsent = 0;
$emailer = new email_handler();
$emailer->assign_vars(array('S_NAME' => $_POST['sender_name'], 'S_EMAIL' => $_POST['sender_email'], 'S_COMMENT' => $_POST['sender_comment'], 'F_NAME' => $_POST['friend_name'], 'TITLE' => $TPL_item_title, 'URL' => $system->SETTINGS['siteurl'] . 'item.php?id=' . $id, 'SITENAME' => $system->SETTINGS['sitename'], 'SITEURL' => $system->SETTINGS['siteurl'], 'ADMINEMAIL' => $system->SETTINGS['adminmail']));
$emailer->email_sender($_POST['friend_email'], 'friendmail.inc.php', $MSG['905']);
}
}
if ($system->SETTINGS['spam_sendtofriend'] == 2) {
$capcha_text = recaptcha_get_html($system->SETTINGS['recaptcha_public']);
} elseif ($system->SETTINGS['spam_sendtofriend'] == 1) {
$capcha_text = $spam_html;
}
$template->assign_vars(array('ERROR' => $TPL_error_text, 'ID' => intval($_REQUEST['id']), 'CAPTCHATYPE' => $system->SETTINGS['spam_sendtofriend'], 'CAPCHA' => isset($capcha_text) ? $capcha_text : '', 'TITLE' => $TPL_item_title, 'FRIEND_NAME' => isset($_POST['friend_name']) ? $system->cleanvars($_POST['friend_name']) : '', 'FRIEND_EMAIL' => isset($_POST['friend_email']) ? $system->cleanvars($_POST['friend_email']) : '', 'YOUR_NAME' => $user->logged_in ? $system->cleanvars($user->user_data['name']) : '', 'YOUR_EMAIL' => $user->logged_in ? $system->cleanvars($user->user_data['email']) : '', 'COMMENT' => isset($_POST['sender_comment']) ? $system->cleanvars($_POST['sender_comment']) : '', 'EMAILSENT' => $emailsent));
include 'header.php';
$template->set_filenames(array('body' => 'friend.tpl'));
$template->display('body');
include 'footer.php';
<?php
/***************************************************************************
* copyright : (C) 2008 - 2016 WeBid
* site : http://www.webidsupport.com/
***************************************************************************/
/***************************************************************************
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. Although none of the code may be
* sold. If you have been sold this script, get a refund.
***************************************************************************/
if (!defined('InWeBid')) {
exit;
}
// Check if the e-mail has to be sent or not
$query = "SELECT endemailmode FROM " . $DBPrefix . "users WHERE id = :seller_id";
$params = array();
$params[] = array(':seller_id', $Seller['id'], 'int');
$db->query($query, $params);
$emailmode = $db->result('endemailmode');
if ($emailmode == 'one') {
$emailer = new email_handler();
$emailer->assign_vars(array('S_NAME' => $Seller['name'], 'S_NICK' => $Seller['nick'], 'S_EMAIL' => $Seller['email'], 'A_TITLE' => $system->uncleanvars($Auction['title']), 'A_ID' => $Auction['id'], 'A_END' => $ends_string, 'A_URL' => $system->SETTINGS['siteurl'] . 'item.php?id=' . $Auction['id'], 'SITE_URL' => $system->SETTINGS['siteurl'], 'A_PICURL' => $Auction['pict_url'] != '' ? $system->SETTINGS['siteurl'] . $uploaded_path . $Auction['id'] . '/' . $Auction['pict_url'] : $system->SETTINGS['siteurl'] . 'images/email_alerts/default_item_img.jpg', 'SITENAME' => $system->SETTINGS['sitename']));
$emailer->email_uid = $Seller['id'];
$emailer->email_sender($Seller['email'], 'endauction_nowinner.inc.php', $system->SETTINGS['sitename'] . ' ' . $MSG['112']);
}
function alert_auction_watchers($id, $title, $description)
{
global $user, $DBPrefix, $db;
// Send notification if users keyword matches (Auction Watch)
$query = "SELECT auc_watch, email, nick, name, id FROM " . $DBPrefix . "users WHERE auc_watch != '' AND id != :user_id";
$params = array();
$params[] = array(':user_id', $user->user_data['id'], 'int');
$db->query($query, $params);
$sent_to = array();
while ($row = $db->fetch()) {
$w_title = explode(' ', strtolower($title));
$w_descr = explode(' ', strtolower(str_replace(array('<br>', "\n"), '', strip_tags($description))));
$w_nick = strtolower($user->user_data['nick']);
$key = explode(' ', $row['auc_watch']);
if (is_array($key) && count($key) > 0) {
foreach ($key as $k => $v) {
$v = trim(strtolower($v));
if ((in_array($v, $w_title) || in_array($v, $w_descr) || $v == $w_nick) && !in_array($row['id'], $sent_to)) {
$emailer = new email_handler();
$emailer->assign_vars(array('URL' => $system->SETTINGS['siteurl'] . 'item.php?id=' . $id, 'SITENAME' => $system->SETTINGS['sitename'], 'TITLE' => $title, 'REALNAME' => $row['name'], 'KWORD' => $row['auc_watch']));
$emailer->email_uid = $row['id'];
$emailer->email_sender($row['email'], 'auction_watchmail.inc.php', $system->SETTINGS['sitename'] . ' ' . $MSG['471']);
$sent_to[] = $row['id'];
}
}
}
}
}
