exit; } if ($_POST['action'] == 'get_testimony_from_buffer') { $employee = new Employee($_POST['id']); $branch = $employee->get_branch(); $member = 'team.' . strtolower($branch[0]['country_code']) . '@yellowelevator.com'; $query = "SELECT testimony FROM privileged_referral_buffers WHERE \n member = '" . $member . "' AND \n referee = '" . $_POST['referee'] . "' AND \n job = " . $_POST['job']; $mysqli = Database::connect(); if ($result = $mysqli->query($query)) { header('Content-type: text/xml'); echo $xml_dom->get_xml_from_array(array('testimony' => htmlspecialchars_decode(desanitize($result[0]['testimony'])))); exit; } echo "ko"; exit; } if ($_POST['action'] == 'get_recommender_name') { $recommender = new Recommender($_POST['id']); echo htmlspecialchars_decode(stripslashes(desanitize($recommender->get_name()))); exit; } if ($_POST['action'] == 'present_token') { $mysqli = Database::connect(); $query = "INSERT INTO recommender_tokens SET \n `referral` = " . $_POST['referral'] . ", \n `recommender` = '" . $_POST['id'] . "', \n `presented_on` = '" . $_POST['date'] . "', \n `token` = '" . $_POST['token'] . "'"; if (!$mysqli->execute($query)) { echo 'ko'; } else { echo 'ok'; } exit; }
} $industries = array(); foreach ($result as $row) { $industries[] = array($row['industry']); } header('Content-type: text/xml'); echo $xml_dom->get_xml_from_array(array('industries' => array('industry' => $industries))); exit; } if ($_POST['action'] == 'send_email_to_list') { $message = sanitize($_POST['message']); $subject = sanitize($_POST['subject']); $recommender_email_addrs = explode(',', $_POST['emails']); $mysqli = Database::connect(); $query = "SELECT email_addr, CONCAT(firstname, ' ', lastname) AS employee \n FROM employees WHERE id = " . $_POST['id'] . " LIMIT 1"; $result = $mysqli->query($query); $headers = 'From: ' . $result[0]['employee'] . ' <' . $result[0]['email_addr'] . '>' . "\n"; foreach ($recommender_email_addrs as $recommender_email_addr) { $recommender = new Recommender($recommender_email_addr); $message = str_replace('%recommender%', htmlspecialchars_decode(desanitize($recommender->get_name())), $message); $message = str_replace('%recommender_email_address%', $recommender->id(), $message); mail($recommender->id(), $subject, $message, $headers); // $handle = fopen('/tmp/email_to_'. $recommender->id(). '.txt', 'w'); // fwrite($handle, 'Subject: '. $subject. "\n\n"); // fwrite($handle, 'Header: '. $headers. "\n\n"); // fwrite($handle, $message); // fclose($handle); } echo '0'; exit; }