function ExportEmail($EmailContent)
{
global $gTmpImages, $Language;
$sSender = @$_GET["sender"];
$sRecipient = @$_GET["recipient"];
$sCc = @$_GET["cc"];
$sBcc = @$_GET["bcc"];
$sContentType = @$_GET["contenttype"];
// Subject
$sSubject = ew_StripSlashes(@$_GET["subject"]);
$sEmailSubject = $sSubject;
// Message
$sContent = ew_StripSlashes(@$_GET["message"]);
$sEmailMessage = $sContent;
// Check sender
if ($sSender == "") {
return "<p class=\"text-error\">" . $Language->Phrase("EnterSenderEmail") . "</p>";
}
if (!ew_CheckEmail($sSender)) {
return "<p class=\"text-error\">" . $Language->Phrase("EnterProperSenderEmail") . "</p>";
}
// Check recipient
if (!ew_CheckEmailList($sRecipient, EW_MAX_EMAIL_RECIPIENT)) {
return "<p class=\"text-error\">" . $Language->Phrase("EnterProperRecipientEmail") . "</p>";
}
// Check cc
if (!ew_CheckEmailList($sCc, EW_MAX_EMAIL_RECIPIENT)) {
return "<p class=\"text-error\">" . $Language->Phrase("EnterProperCcEmail") . "</p>";
}
// Check bcc
if (!ew_CheckEmailList($sBcc, EW_MAX_EMAIL_RECIPIENT)) {
return "<p class=\"text-error\">" . $Language->Phrase("EnterProperBccEmail") . "</p>";
}
// Check email sent count
if (!isset($_SESSION[EW_EXPORT_EMAIL_COUNTER])) {
$_SESSION[EW_EXPORT_EMAIL_COUNTER] = 0;
}
if (intval($_SESSION[EW_EXPORT_EMAIL_COUNTER]) > EW_MAX_EMAIL_SENT_COUNT) {
return "<p class=\"text-error\">" . $Language->Phrase("ExceedMaxEmailExport") . "</p>";
}
// Send email
$Email = new cEmail();
$Email->Sender = $sSender;
// Sender
$Email->Recipient = $sRecipient;
// Recipient
$Email->Cc = $sCc;
// Cc
$Email->Bcc = $sBcc;
// Bcc
$Email->Subject = $sEmailSubject;
// Subject
$Email->Format = $sContentType == "url" ? "text" : "html";
$Email->Charset = EW_EMAIL_CHARSET;
if ($sEmailMessage != "") {
$sEmailMessage = ew_RemoveXSS($sEmailMessage);
$sEmailMessage .= $sContentType == "url" ? "\r\n\r\n" : "<br><br>";
}
if ($sContentType == "url") {
$sUrl = ew_ConvertFullUrl(ew_CurrentPage() . "?" . $this->ExportQueryString());
$sEmailMessage .= $sUrl;
// Send URL only
} else {
foreach ($gTmpImages as $tmpimage) {
$Email->AddEmbeddedImage($tmpimage);
}
$sEmailMessage .= $EmailContent;
// Send HTML
}
$Email->Content = $sEmailMessage;
// Content
$EventArgs = array();
$bEmailSent = FALSE;
if ($this->Email_Sending($Email, $EventArgs)) {
$bEmailSent = $Email->Send();
}
// Check email sent status
if ($bEmailSent) {
// Update email sent count
$_SESSION[EW_EXPORT_EMAIL_COUNTER]++;
// Sent email success
return "<p class=\"text-success\">" . $Language->Phrase("SendEmailSuccess") . "</p>";
// Set up success message
} else {
// Sent email failure
return "<p class=\"text-error\">" . $Email->SendErrDescription . "</p>";
}
}
function ew_QuotedValue($Value, $FldType)
{
if (is_null($Value)) {
return "NULL";
}
switch ($FldType) {
case EW_DATATYPE_STRING:
case EW_DATATYPE_MEMO:
case EW_DATATYPE_TIME:
if (EW_REMOVE_XSS) {
return "'" . ew_AdjustSql(ew_RemoveXSS($Value)) . "'";
} else {
return "'" . ew_AdjustSql($Value) . "'";
}
case EW_DATATYPE_XML:
return "'" . ew_AdjustSql($Value) . "'";
case EW_DATATYPE_BLOB:
return "'" . ew_AdjustSql($Value) . "'";
case EW_DATATYPE_DATE:
return "'" . ew_AdjustSql($Value) . "'";
case EW_DATATYPE_GUID:
return "'" . $Value . "'";
case EW_DATATYPE_BOOLEAN:
return "'" . $Value . "'";
// 'Y'|'N' or 'y'|'n' or '1'|'0' or 't'|'f'
// 'Y'|'N' or 'y'|'n' or '1'|'0' or 't'|'f'
default:
return $Value;
}
}
function AutoLogin()
{
$AutoLogin = FALSE;
if (@$_COOKIE[EW_PROJECT_NAME]['AutoLogin'] == "autologin") {
$usr = ew_Decrypt(@$_COOKIE[EW_PROJECT_NAME]['Username']);
$pwd = ew_Decrypt(@$_COOKIE[EW_PROJECT_NAME]['Password']);
$AutoLogin = $this->ValidateUser($usr, $pwd, TRUE, FALSE);
}
if (!$AutoLogin && EW_ALLOW_LOGIN_BY_URL && isset($_GET["username"])) {
$usr = ew_RemoveXSS(ew_StripSlashes($_GET["username"]));
$pwd = ew_RemoveXSS(ew_StripSlashes(@$_GET["password"]));
$enc = !empty($_GET["encrypted"]);
$AutoLogin = $this->ValidateUser($usr, $pwd, TRUE, $enc);
}
if (!$AutoLogin && EW_ALLOW_LOGIN_BY_SESSION && isset($_SESSION[EW_PROJECT_NAME . "_Username"])) {
$usr = $_SESSION[EW_PROJECT_NAME . "_Username"];
$pwd = @$_SESSION[EW_PROJECT_NAME . "_Password"];
$enc = !empty($_SESSION[EW_PROJECT_NAME . "_Encrypted"]);
$AutoLogin = $this->ValidateUser($usr, $pwd, TRUE, $enc);
}
return $AutoLogin;
}
function Page_Main()
{
global $Security, $Language, $UserProfile, $gsFormError;
global $Breadcrumb;
$url = substr(ew_CurrentUrl(), strrpos(ew_CurrentUrl(), "/") + 1);
$Breadcrumb = new cBreadcrumb();
$Breadcrumb->Add("login", "LoginPage", $url, "", "", TRUE);
$sPassword = "";
$sLastUrl = $Security->LastUrl();
// Get last URL
if ($sLastUrl == "") {
$sLastUrl = "index.php";
}
// If session expired, show session expired message
if (@$_GET["expired"] == "1") {
$this->setFailureMessage($Language->Phrase("SessionExpired"));
}
if (IsLoggingIn()) {
$this->Username = @$_SESSION[EW_SESSION_USER_PROFILE_USER_NAME];
$sPassword = @$_SESSION[EW_SESSION_USER_PROFILE_PASSWORD];
$this->LoginType = @$_SESSION[EW_SESSION_USER_PROFILE_LOGIN_TYPE];
$bValidPwd = $Security->ValidateUser($this->Username, $sPassword, FALSE);
if ($bValidPwd) {
$_SESSION[EW_SESSION_USER_PROFILE_USER_NAME] = "";
$_SESSION[EW_SESSION_USER_PROFILE_PASSWORD] = "";
$_SESSION[EW_SESSION_USER_PROFILE_LOGIN_TYPE] = "";
}
} else {
if (!$Security->IsLoggedIn()) {
$Security->AutoLogin();
}
$Security->LoadUserLevel();
// Load user level
$this->Username = "";
// Initialize
$encrypted = FALSE;
if (isset($_POST["username"])) {
$this->Username = ew_RemoveXSS(ew_StripSlashes($_POST["username"]));
$sPassword = ew_RemoveXSS(ew_StripSlashes(@$_POST["password"]));
$this->LoginType = strtolower(ew_RemoveXSS(@$_POST["type"]));
} else {
if (EW_ALLOW_LOGIN_BY_URL && isset($_GET["username"])) {
$this->Username = ew_RemoveXSS(ew_StripSlashes($_GET["username"]));
$sPassword = ew_RemoveXSS(ew_StripSlashes(@$_GET["password"]));
$this->LoginType = strtolower(ew_RemoveXSS(@$_GET["type"]));
$encrypted = !empty($_GET["encrypted"]);
}
}
if ($this->Username != "") {
$bValidate = $this->ValidateForm($this->Username, $sPassword);
if (!$bValidate) {
$this->setFailureMessage($gsFormError);
}
$_SESSION[EW_SESSION_USER_LOGIN_TYPE] = $this->LoginType;
// Save user login type
$_SESSION[EW_SESSION_USER_PROFILE_USER_NAME] = $this->Username;
// Save login user name
$_SESSION[EW_SESSION_USER_PROFILE_LOGIN_TYPE] = $this->LoginType;
// Save login type
// Max login attempt checking
if ($UserProfile->ExceedLoginRetry($this->Username)) {
$bValidate = FALSE;
$this->setFailureMessage(str_replace("%t", EW_USER_PROFILE_RETRY_LOCKOUT, $Language->Phrase("ExceedMaxRetry")));
}
} else {
if ($Security->IsLoggedIn()) {
if ($this->getFailureMessage() == "") {
$this->Page_Terminate($sLastUrl);
}
// Return to last accessed page
}
$bValidate = FALSE;
// Restore settings
if (@$_COOKIE[EW_PROJECT_NAME]['Checksum'] == strval(crc32(md5(EW_RANDOM_KEY)))) {
$this->Username = ew_Decrypt(@$_COOKIE[EW_PROJECT_NAME]['Username']);
}
if (@$_COOKIE[EW_PROJECT_NAME]['AutoLogin'] == "autologin") {
$this->LoginType = "a";
} elseif (@$_COOKIE[EW_PROJECT_NAME]['AutoLogin'] == "rememberusername") {
$this->LoginType = "u";
} else {
$this->LoginType = "";
}
}
$bValidPwd = FALSE;
if ($bValidate) {
// Call Logging In event
$bValidate = $this->User_LoggingIn($this->Username, $sPassword);
if ($bValidate) {
$bValidPwd = $Security->ValidateUser($this->Username, $sPassword, FALSE, $encrypted);
// Manual login
if (!$bValidPwd) {
if ($this->getFailureMessage() == "") {
$this->setFailureMessage($Language->Phrase("InvalidUidPwd"));
}
// Invalid user id/password
}
} else {
if ($this->getFailureMessage() == "") {
$this->setFailureMessage($Language->Phrase("LoginCancelled"));
}
// Login cancelled
}
}
}
if ($bValidPwd) {
// Write cookies
if ($this->LoginType == "a") {
// Auto login
setcookie(EW_PROJECT_NAME . '[AutoLogin]', "autologin", EW_COOKIE_EXPIRY_TIME);
// Set autologin cookie
setcookie(EW_PROJECT_NAME . '[Username]', ew_Encrypt($this->Username), EW_COOKIE_EXPIRY_TIME);
// Set user name cookie
setcookie(EW_PROJECT_NAME . '[Password]', ew_Encrypt($sPassword), EW_COOKIE_EXPIRY_TIME);
// Set password cookie
setcookie(EW_PROJECT_NAME . '[Checksum]', crc32(md5(EW_RANDOM_KEY)), EW_COOKIE_EXPIRY_TIME);
} elseif ($this->LoginType == "u") {
// Remember user name
setcookie(EW_PROJECT_NAME . '[AutoLogin]', "rememberusername", EW_COOKIE_EXPIRY_TIME);
// Set remember user name cookie
setcookie(EW_PROJECT_NAME . '[Username]', ew_Encrypt($this->Username), EW_COOKIE_EXPIRY_TIME);
// Set user name cookie
setcookie(EW_PROJECT_NAME . '[Checksum]', crc32(md5(EW_RANDOM_KEY)), EW_COOKIE_EXPIRY_TIME);
} else {
setcookie(EW_PROJECT_NAME . '[AutoLogin]', "", EW_COOKIE_EXPIRY_TIME);
// Clear auto login cookie
}
$this->WriteAuditTrailOnLogin($this->Username);
// Call loggedin event
$this->User_LoggedIn($this->Username);
$this->Page_Terminate($sLastUrl);
// Return to last accessed URL
} elseif ($this->Username != "" && $sPassword != "") {
// Call user login error event
$this->User_LoginError($this->Username, $sPassword);
}
}
function Page_Main()
{
global $Security, $Language, $UserProfile, $gsFormError;
global $Breadcrumb;
$Breadcrumb = new cBreadcrumb();
$Breadcrumb->Add("login", "<span id=\"ewPageCaption\">" . $Language->Phrase("LoginPage") . "</span>", ew_CurrentUrl());
$sPassword = "";
$sLastUrl = $Security->LastUrl();
// Get last URL
if ($sLastUrl == "") {
$sLastUrl = "index.php";
}
if (IsLoggingIn()) {
$this->Username = @$_SESSION[EW_SESSION_USER_PROFILE_USER_NAME];
$sPassword = @$_SESSION[EW_SESSION_USER_PROFILE_PASSWORD];
$this->LoginType = @$_SESSION[EW_SESSION_USER_PROFILE_LOGIN_TYPE];
$bValidPwd = $Security->ValidateUser($this->Username, $sPassword, FALSE);
if ($bValidPwd) {
$_SESSION[EW_SESSION_USER_PROFILE_USER_NAME] = "";
$_SESSION[EW_SESSION_USER_PROFILE_PASSWORD] = "";
$_SESSION[EW_SESSION_USER_PROFILE_LOGIN_TYPE] = "";
}
} else {
if (!$Security->IsLoggedIn()) {
$Security->AutoLogin();
}
$this->Username = "";
// Initialize
if (@$_POST["username"] != "") {
// Setup variables
$this->Username = ew_RemoveXSS(ew_StripSlashes(@$_POST["username"]));
$sPassword = ew_RemoveXSS(ew_StripSlashes(@$_POST["password"]));
$this->LoginType = strtolower(ew_RemoveXSS(@$_POST["type"]));
}
if ($this->Username != "") {
$bValidate = $this->ValidateForm($this->Username, $sPassword);
if (!$bValidate) {
$this->setFailureMessage($gsFormError);
}
$_SESSION[EW_SESSION_USER_PROFILE_USER_NAME] = $this->Username;
// Save login user name
$_SESSION[EW_SESSION_USER_PROFILE_LOGIN_TYPE] = $this->LoginType;
// Save login type
} else {
if ($Security->IsLoggedIn()) {
if ($this->getFailureMessage() == "") {
$this->Page_Terminate($sLastUrl);
}
// Return to last accessed page
}
$bValidate = FALSE;
// Restore settings
if (@$_COOKIE[EW_PROJECT_NAME]['Checksum'] == strval(crc32(md5(EW_RANDOM_KEY)))) {
$this->Username = ew_Decrypt(@$_COOKIE[EW_PROJECT_NAME]['Username']);
}
if (@$_COOKIE[EW_PROJECT_NAME]['AutoLogin'] == "autologin") {
$this->LoginType = "a";
} elseif (@$_COOKIE[EW_PROJECT_NAME]['AutoLogin'] == "rememberusername") {
$this->LoginType = "u";
} else {
$this->LoginType = "";
}
}
$bValidPwd = FALSE;
if ($bValidate) {
// Call Logging In event
$bValidate = $this->User_LoggingIn($this->Username, $sPassword);
if ($bValidate) {
$bValidPwd = $Security->ValidateUser($this->Username, $sPassword, FALSE);
// Manual login
if (!$bValidPwd) {
if ($this->getFailureMessage() == "") {
$this->setFailureMessage($Language->Phrase("InvalidUidPwd"));
}
// Invalid user id/password
}
} else {
if ($this->getFailureMessage() == "") {
$this->setFailureMessage($Language->Phrase("LoginCancelled"));
}
// Login cancelled
}
}
}
if ($bValidPwd) {
// Write cookies
if ($this->LoginType == "a") {
// Auto login
setcookie(EW_PROJECT_NAME . '[AutoLogin]', "autologin", EW_COOKIE_EXPIRY_TIME);
// Set autologin cookie
setcookie(EW_PROJECT_NAME . '[Username]', ew_Encrypt($this->Username), EW_COOKIE_EXPIRY_TIME);
// Set user name cookie
setcookie(EW_PROJECT_NAME . '[Password]', ew_Encrypt($sPassword), EW_COOKIE_EXPIRY_TIME);
// Set password cookie
setcookie(EW_PROJECT_NAME . '[Checksum]', crc32(md5(EW_RANDOM_KEY)), EW_COOKIE_EXPIRY_TIME);
} elseif ($this->LoginType == "u") {
// Remember user name
setcookie(EW_PROJECT_NAME . '[AutoLogin]', "rememberusername", EW_COOKIE_EXPIRY_TIME);
// Set remember user name cookie
setcookie(EW_PROJECT_NAME . '[Username]', ew_Encrypt($this->Username), EW_COOKIE_EXPIRY_TIME);
// Set user name cookie
setcookie(EW_PROJECT_NAME . '[Checksum]', crc32(md5(EW_RANDOM_KEY)), EW_COOKIE_EXPIRY_TIME);
} else {
setcookie(EW_PROJECT_NAME . '[AutoLogin]', "", EW_COOKIE_EXPIRY_TIME);
// Clear auto login cookie
}
// Call loggedin event
$this->User_LoggedIn($this->Username);
$this->Page_Terminate($sLastUrl);
// Return to last accessed URL
} elseif ($this->Username != "" && $sPassword != "") {
// Call user login error event
$this->User_LoginError($this->Username, $sPassword);
}
}
function ew_QuotedValue($Value, $FldType)
{
if (is_null($Value)) {
return "NULL";
}
switch ($FldType) {
case EW_DATATYPE_STRING:
case EW_DATATYPE_MEMO:
case EW_DATATYPE_TIME:
if (EW_REMOVE_XSS) {
return "'" . ew_AdjustSql(ew_RemoveXSS($Value)) . "'";
} else {
return "'" . ew_AdjustSql($Value) . "'";
}
case EW_DATATYPE_BLOB:
return "'" . ew_AdjustSql($Value) . "'";
case EW_DATATYPE_DATE:
return EW_IS_MSACCESS ? "#" . ew_AdjustSql($Value) . "#" : "'" . ew_AdjustSql($Value) . "'";
case EW_DATATYPE_GUID:
if (EW_IS_MSACCESS) {
if (strlen($Value) == 38) {
return "{guid " . $Value . "}";
} elseif (strlen($Value) == 36) {
return "{guid {" . $Value . "}}";
}
} else {
return "'" . $Value . "'";
}
case EW_DATATYPE_BOOLEAN:
// enum('Y'/'N') or enum('1'/'0')
return "'" . $Value . "'";
default:
return $Value;
}
}
