function nuEmail($pPDForPHP, $pEmailTo, $pSubject, $pMessage, $hashData)
{
//-- Emails a PDF,PHP generated file or plain email (Requires hashdata of form to generate file from)
if ($hashData == '') {
$hashData = nuHashData();
}
$session = $hashData['session_id'];
$sql = "SELECT * FROM zzzsys_session INNER JOIN zzzsys_user ON sss_zzzsys_user_id = zzzsys_user_id WHERE zzzsys_session_id = '{$session}'";
$t = nuRunQuery($sql);
$r = db_fetch_object($t);
if ($r != null) {
$fromname = $r->sus_name;
$fromaddress = $r->sus_email;
} else {
$setup = $GLOBALS['nuSetup'];
//-- Read SMTP AUTH Settings from zzsys_setup table
$fromname = trim($setup->set_smtp_from_name);
$fromaddress = trim($setup->set_smtp_from_address);
}
$filelist = array();
if ($hashData['nu_pdf_code'] != '') {
nuV('code', $pPDForPHP);
nuV('call_type', 'printpdf');
nuV('filename', $hashData['nu_email_file_name']);
$hashData['parent_record_id'] = $hashData['nu_pdf_code'];
$tmp_nu_file = nuPDForPHPParameters($hashData);
$finfo = finfo_open(FILEINFO_MIME_TYPE);
//-- check to see if the file being sent is a PDF file
if (finfo_file($finfo, $tmp_nu_file) != 'application/pdf') {
nuDisplayError(file_get_contents($tmp_nu_file, true));
finfo_close($finfo);
return;
}
} else {
if ($hashData['nu_php_code'] != '') {
//-- Run PHP Code
$s = "SELECT zzzsys_php_id, slp_php FROM zzzsys_php WHERE slp_code = '{$pPDForPHP}'";
$t = nuRunQuery($s);
$r = db_fetch_object($t);
$r->slp_php = nuGetSafePHP('slp_php', $r->zzzsys_php_id, $r->slp_php);
$php = nuReplaceHashes($r->slp_php, $hashData);
eval($php);
return;
}
}
if ($hashData['nu_pdf_code'] != '') {
//-- File to attach, send with file
$filelist[$hashData['nu_email_file_name']] = $tmp_nu_file;
}
/*
if(!nuEmailValidateAddress($pEmailTo)) { //-- check to see if to field email is valid
nuDisplayError("To Email validation failed");
return;
}
*/
return nuSendEmail($pEmailTo, $fromaddress, $fromname, $pMessage, $pSubject, $filelist);
}
function nuValidateUser($session, $hashData)
{
nuLogUser($session);
//-- records user activity
$timeout = time() - 60 * $GLOBALS['nuSetup']->set_time_out_minutes;
nuRunQuery("DELETE FROM zzzsys_session WHERE sss_timeout < ? ", array($timeout));
if (nuErrorFound()) {
return;
}
$t = nuRunQuery("SELECT * FROM zzzsys_session WHERE zzzsys_session_id = ? ", array($session));
if (nuErrorFound()) {
return;
}
$r = db_fetch_object($t);
$time = time();
$user = $r->sss_zzzsys_user_id;
if ($user == '') {
return 'You are not currently logged in';
//-- access to nothing
}
nuRunQuery("UPDATE zzzsys_session SET sss_timeout = {$time} WHERE zzzsys_session_id = ? ", array($r->zzzsys_session_id));
nuV('nu_timeout', $time);
if (nuErrorFound()) {
return;
}
if ($user == 'globeadmin') {
return '';
}
//-- access to everything
$formID = nuV('form_id');
$recordID = nuV('record_id');
if (!in_array($formID, $_SESSION['nu_form_access'])) {
nuHomeBug();
$t = nuRunQuery("SELECT CONCAT(sfo_name, ' - ', sfo_title) FROM zzzsys_form WHERE zzzsys_form_id = '{$formID}'");
$r = db_fetch_row($t);
nuDisplayError("You do not have access to this form (" . $r[0] . "). \r Please contact your system administrator");
return;
}
//===================save, new, clone and delete============================
if (nuV('call_type') == 'saveform') {
//-- new button also calls nuSaveForm()
$sql = "SELECT * FROM zzzsys_form WHERE zzzsys_form_id = '{$formID}'";
$t = nuRunQuery($sql);
$r = db_fetch_object($t);
if ($_SESSION['nu_access_' . $formID]['save'] == '1') {
return "'Save' not allowed on this form for this user. \n Please contact your system administrator";
}
}
if (nuV('call_type') == 'deleteform') {
$sql = "SELECT * FROM zzzsys_form WHERE zzzsys_form_id = '{$formID}'";
$t = nuRunQuery($sql);
$r = db_fetch_object($t);
if ($_SESSION['nu_access_' . $formID]['delete'] == '1') {
return "'Delete' not allowed on this form for this user. \n Please contact your system administrator";
}
}
if (nuV('call_type') == 'cloneform') {
$sql = "SELECT * FROM zzzsys_form WHERE zzzsys_form_id = '{$formID}'";
$t = nuRunQuery($sql);
$r = db_fetch_object($t);
if ($_SESSION['nu_access_' . $formID]['clone'] == '1') {
return "'Clone' not allowed on this form for this user. \n Please contact your system administrator";
}
}
return '';
}