} $account_statement.=' </table>'; $mail_html=str_replace('{account_statement}', $db->string_escape($account_statement), $mail_html); $mail_plain=str_replace('{account_statement}', $db->string_escape($account_statement_plain), $mail_plain); } if(!isset($_POST['_preview'])){ $query2='INSERT INTO mail_queue SET '.$mysql_fields.', admins_id='.($_SESSION['admin']['adminid']+0).', time_to_send="'.date('Y-m-d H:i:s', CUSTOMTIME).'", create_time="'.date('Y-m-d H:i:s', CUSTOMTIME).'", mail_to="'.$db->string_escape($row['user_email']).'", mail_to_names="'.$row['user_firstname'].' '.$row['user_lastname'].'", mail_html="'.$mail_html.'", mail_plain="'.$mail_plain.'"'; $db->rq($query2); $MailID=$db->last_id(); $query = 'SELECT * FROM mail_queue WHERE mail_queue_id='.($MailID+0).' AND is_sent=0'; $res = $db->rq($query); $row = $db->fetch($res); } // Settings $settingsModel = new App\Model\Settings($db, 'mail_settings'); $settings = $settingsModel->getAll(); $transport = $settings['mail_transport']; /* $smtp_host = $settings['mail_' . $transport . '_host']; $smtp_port = $settings['mail_' . $transport . '_port']; $smtp_user = $settings['mail_' . $transport . '_user'];
stocks_name="'.$db->string_escape($_POST['names']).'", stocks_links="'.$db->string_escape($_POST['link']).'", checking = "'.$db->string_escape($_POST['checking']).'" WHERE stocks_id='.($_POST['stockid']+0).''; $db->rq($query); addLog('Back-end','Stocks',''.$db->string_escape($_POST['names']).' ('.$_POST['symbol'].')',''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','Stock edited'); }else{ $detRef=hexdec(substr(uniqid(''), 0, 10))-81208208208; $query='INSERT INTO stocks SET stocks_symbol="'.$_POST['symbol'].'", stocks_name="'.$db->string_escape($_POST['names']).'", stocks_links="'.$db->string_escape($_POST['link']).'", checking = "'.$db->string_escape($_POST['checking']).'"'; $db->rq($query); $today = date('Y-m-d', CUSTOMTIME); $query='INSERT INTO stock_details SET details_ref="'.$detRef.'", stocks_id="'.$db->last_id().'", value="'.str_replace(',', '', $_POST['value']).'", date="'.$today.'"'; $db->rq($query); addLog('Back-end','Stocks',''.$db->string_escape($_POST['names']).' ('.$_POST['symbol'].')',''.$_SESSION['admin']['name'].' ('.$_SESSION['admin']['refnum'].')','New Stock added'); } $db->close(); header('Location: stocks.php'); exit(); } if (isset($_POST['_form_submit']) && isset($_POST['_new_value'])){ $db=new DBConnection(); $detRef=hexdec(substr(uniqid(''), 0, 10))-81208208208; if($_POST['trade_ref']) { $query='DELETE FROM stock_details WHERE details_ref="'.$_POST['trade_ref'].'"';