/**
* Returns an array of hashes. Each hash contains the contents of the email_template_recipients table; i.e.
* the raw information about a particular recipient. For convenience, this function also determines the
* actual name and email of the recipients, returned in "final_name" and "final_email" keys. Also, it returns a
* "final_recipient" containing the complete recipient string, like:
*
* Tom Jones <*****@*****.**>
*
* If the name doesn't exist, that key just returns the email address. ASSUMPTION: All clients and administrator
* MUST have a first name, last name and email address. For form email fields, the final recipient just contains
* the title of the email field (the display value).
*
* This is obviously used for display purposes only, whereas that value for the other recipient types is used both
* for display purposes & in the actual email construction. This seemed an adequate approach because this function
* will never be able to know the individual submission content so it can't construct it properly.
*
* The returned results are ordered by (a) recipient type (main, cc then bcc), then (b) recipient user type
* (admin, client, form_email_field then custom)
*
* @param integer $email_id
* @return array an array of hashes
*/
function ft_get_email_template_recipients($form_id, $email_id)
{
global $g_table_prefix, $LANG;
// now add any recipients for this email template
$recipient_query = mysql_query("\r\n SELECT etr.*, a.first_name, a.last_name, a.email\r\n FROM {$g_table_prefix}email_template_recipients etr\r\n LEFT JOIN {$g_table_prefix}accounts a ON a.account_id = etr.account_id\r\n WHERE etr.email_template_id = {$email_id}\r\n ORDER BY etr.recipient_type, etr.recipient_user_type\r\n ");
$recipients = array();
while ($recipient_info = mysql_fetch_assoc($recipient_query)) {
// construct and append the extra keys (final_name, final_email and final_recipient)
switch ($recipient_info["recipient_user_type"]) {
case "admin":
$admin_info = ft_get_admin_info();
$recipient_info["final_name"] = "{$admin_info["first_name"]} {$admin_info["last_name"]}";
$recipient_info["final_email"] = $admin_info["email"];
$recipient_info["final_recipient"] = "{$recipient_info["final_name"]} <{$recipient_info["final_email"]}>";
break;
case "client":
$client_info = ft_get_account_info($recipient_info["account_id"]);
$recipient_info["final_name"] = "{$client_info["first_name"]} {$client_info["last_name"]}";
$recipient_info["final_email"] = $client_info["email"];
$recipient_info["final_recipient"] = "{$recipient_info["final_name"]} <{$recipient_info["final_email"]}>";
break;
case "form_email_field":
$form_email_field_info = ft_get_form_email_field_info($recipient_info["form_email_id"]);
$email_field_id = $form_email_field_info["email_field_id"];
$recipient_info["final_recipient"] = ft_get_field_title_by_field_id($email_field_id);
break;
case "custom":
$recipient_info["final_name"] = $recipient_info["custom_recipient_name"];
$recipient_info["final_email"] = $recipient_info["custom_recipient_email"];
if (!empty($recipient_info["final_name"])) {
$recipient_info["final_recipient"] = "{$recipient_info["final_name"]} <{$recipient_info["final_email"]}>";
} else {
$recipient_info["final_recipient"] = $recipient_info["final_email"];
}
break;
}
$recipients[] = $recipient_info;
}
return $recipients;
}
/**
* Used by the "forget password?" page to have a client's login information sent to them.
*
* @param array $info the $_POST containing a "username" key. That value is used to find the user
* account information to email them.
* @return array [0]: true/false (success / failure)
* [1]: message string
*/
function ft_send_password($info)
{
global $g_root_url, $g_root_dir, $g_table_prefix, $LANG;
$info = ft_sanitize($info);
extract(ft_process_hook_calls("start", compact("info"), array("info")), EXTR_OVERWRITE);
$success = true;
$message = $LANG["notify_login_info_emailed"];
if (!isset($info["username"]) || empty($info["username"])) {
$success = false;
$message = $LANG["validation_no_username_or_js"];
return array($success, $message);
}
$username = $info["username"];
$query = mysql_query("\r\n SELECT *\r\n FROM {$g_table_prefix}accounts\r\n WHERE username = '******'\r\n ");
// not found
if (!mysql_num_rows($query)) {
$success = false;
$message = $LANG["validation_account_not_recognized_info"];
return array($success, $message);
}
$account_info = mysql_fetch_assoc($query);
$email = $account_info["email"];
// one final check: confirm the email is defined & valid
if (empty($email) || !ft_is_valid_email($email)) {
$success = false;
$message = $LANG["validation_email_not_found_or_invalid"];
return array($success, $message);
}
$account_id = $account_info["account_id"];
$username = $account_info["username"];
$new_password = ft_generate_password();
$encrypted_password = md5(md5($new_password));
// update the database with the new password (encrypted). As of 2.1.0 there's a second field to store the
// temporary generated password, leaving the original password intact. This prevents a situation arising when
// someone other than the admin / client uses the "Forget Password" feature and invalidates a valid, known password.
// Any time the user successfully logs in,
mysql_query("\r\n UPDATE {$g_table_prefix}accounts\r\n SET temp_reset_password = '******'\r\n WHERE account_id = {$account_id}\r\n ");
// now build and sent the email
// 1. build the email content
$placeholders = array("login_url" => "{$g_root_url}/?id={$account_id}", "email" => $email, "username" => $username, "new_password" => $new_password);
$smarty_template_email_content = file_get_contents("{$g_root_dir}/global/emails/forget_password.tpl");
$email_content = ft_eval_smarty_string($smarty_template_email_content, $placeholders);
// 2. build the email subject line
$placeholders = array("program_name" => ft_get_settings("program_name"));
$smarty_template_email_subject = file_get_contents("{$g_root_dir}/global/emails/forget_password_subject.tpl");
$email_subject = trim(ft_eval_smarty_string($smarty_template_email_subject, $placeholders));
// if Swift Mailer is enabled, send the emails with that. In case there's a problem sending the message with
// Swift, it falls back the default mail() function.
$swift_mail_error = false;
$swift_mail_enabled = ft_check_module_enabled("swift_mailer");
if ($swift_mail_enabled) {
$sm_settings = ft_get_module_settings("", "swift_mailer");
if ($sm_settings["swiftmailer_enabled"] == "yes") {
ft_include_module("swift_mailer");
// get the admin info. We'll use that info for the "from" and "reply-to" values. Note
// that we DON'T use that info for the regular mail() function. This is because retrieving
// the password is important functionality and we don't want to cause problems that could
// prevent the email being sent. Many servers don't all the 4th headers parameter of the mail()
// function
$admin_info = ft_get_admin_info();
$admin_email = $admin_info["email"];
$email_info = array();
$email_info["to"] = array();
$email_info["to"][] = array("email" => $email);
$email_info["from"] = array();
$email_info["from"]["email"] = $admin_email;
$email_info["subject"] = $email_subject;
$email_info["text_content"] = $email_content;
list($success, $sm_message) = swift_send_email($email_info);
// if the email couldn't be sent, display the appropriate error message. Otherwise
// the default success message is used
if (!$success) {
$swift_mail_error = true;
$message = $sm_message;
}
}
}
// if there was an error sending with Swift, or if it wasn't installed, send it by mail()
if (!$swift_mail_enabled || $swift_mail_error) {
// send email [note: the double quotes around the email recipient and content are intentional: some systems fail without it]
if (!@mail("{$email}", $email_subject, $email_content)) {
$success = false;
$message = $LANG["notify_email_not_sent"];
return array($success, $message);
}
}
extract(ft_process_hook_calls("end", compact("success", "message", "info"), array("success", "message")), EXTR_OVERWRITE);
return array($success, $message);
}
<?php
$email_id = ft_load_field("email_id", "email_id", "");
if (isset($request["update_email_template"])) {
list($g_success, $g_message) = ft_update_email_template($email_id, $request);
}
$form_info = ft_get_form($form_id);
$form_fields = ft_get_form_fields($form_id);
$columns = ft_get_form_column_names($form_id);
$template_info = ft_get_email_template($email_id);
$event_trigger_arr = explode(",", $template_info["email_event_trigger"]);
$template_info["email_event_trigger"] = $event_trigger_arr;
$clients = $form_info["client_info"];
$admin_info = ft_get_admin_info();
$edit_email_tab = isset($_SESSION["ft"]["inner_tabs"]["edit_email_template"]) ? $_SESSION["ft"]["inner_tabs"]["edit_email_template"] : 1;
if (isset($request["edit_email_template"])) {
$edit_email_tab = $request["edit_email_template"];
}
$form_has_file_upload_field = ft_check_form_has_file_upload_field($form_id);
$file_field_text = $form_has_file_upload_field ? $LANG["text_file_field_placeholders_info"] : "";
// values for the test email subpage
$num_submissions = ft_get_submission_count($form_id);
$test_email_format = ft_load_field("test_email_format", "test_email_format");
$test_email_recipient = ft_load_field("test_email_recipient", "test_email_recipient", $admin_info["email"]);
$test_email_data_source = ft_load_field("test_email_data_source", "test_email_data_source", "random_submission");
$test_email_submission_id = ft_load_field("test_email_submission_id", "test_email_submission_id", "");
$views = ft_get_views($form_id);
$filtered_views = array();
$selected_edit_submission_views = array();
$selected_when_sent_views = array();
foreach ($views["results"] as $view) {
/**
* Generates the placeholders for a particular form submission. This is used in the email templates, and here and there
* for providing placeholder functionality to fields (like the "Edit Submission Label" textfield for a form, where they can
* enter placeholders populated here).
*
* This returns ALL available placeholders for a form, regardless of View.
*
* @param integer $form_id
* @param integer $submission_id
* @param array $client_info a hash of information about the appropriate user (optional)
* @return array a hash of placeholders and their replacement values (e.g. $arr["FORMURL"] => 17)
*/
function ft_get_submission_placeholders($form_id, $submission_id, $client_info = "")
{
global $g_root_url;
$placeholders = array();
$settings = ft_get_settings();
$form_info = ft_get_form($form_id);
$submission_info = ft_get_submission($form_id, $submission_id);
$admin_info = ft_get_admin_info();
$file_field_type_ids = ft_get_file_field_type_ids();
$field_types = ft_get_field_types(true);
// now loop through the info stored for this particular submission and for this particular field,
// add the custom submission responses to the placeholder hash
$form_field_params = array("include_field_type_info" => true, "include_field_settings" => true, "evaluate_dynamic_settings" => true);
$form_fields = ft_get_form_fields($form_id, $form_field_params);
foreach ($submission_info as $field_info) {
$field_id = $field_info["field_id"];
$field_name = $field_info["field_name"];
$field_type_id = $field_info["field_type_id"];
if ($field_info["is_system_field"] == "no") {
$placeholders["QUESTION_{$field_name}"] = $field_info["field_title"];
}
if (in_array($field_type_id, $file_field_type_ids)) {
$field_settings = ft_get_field_settings($field_id);
$placeholders["FILENAME_{$field_name}"] = $field_info["content"];
$placeholders["FILEURL_{$field_name}"] = "{$field_settings["folder_url"]}/{$field_info["content"]}";
} else {
$detailed_field_info = array();
foreach ($form_fields as $curr_field_info) {
if ($curr_field_info["field_id"] != $field_id) {
continue;
}
$detailed_field_info = $curr_field_info;
break;
}
$params = array("form_id" => $form_id, "submission_id" => $submission_id, "value" => $field_info["content"], "field_info" => $detailed_field_info, "field_types" => $field_types, "settings" => $settings, "context" => "email_template");
$value = ft_generate_viewable_field($params);
$placeholders["ANSWER_{$field_name}"] = $value;
// for backward compatibility
if ($field_name == "core__submission_date") {
$placeholders["SUBMISSIONDATE"] = $value;
} else {
if ($field_name == "core__last_modified") {
$placeholders["LASTMODIFIEDDATE"] = $value;
} else {
if ($field_name == "core__ip_address") {
$placeholders["IPADDRESS"] = $value;
}
}
}
}
}
// other misc placeholders
$placeholders["ADMINEMAIL"] = $admin_info["email"];
$placeholders["FORMNAME"] = $form_info["form_name"];
$placeholders["FORMURL"] = $form_info["form_url"];
$placeholders["SUBMISSIONID"] = $submission_id;
$placeholders["LOGINURL"] = $g_root_url . "/index.php";
if (!empty($client_info)) {
$placeholders["EMAIL"] = $client_info["email"];
$placeholders["FIRSTNAME"] = $client_info["first_name"];
$placeholders["LASTNAME"] = $client_info["last_name"];
$placeholders["COMPANYNAME"] = $client_info["company_name"];
}
extract(ft_process_hook_calls("end", compact("placeholders"), array("placeholders")), EXTR_OVERWRITE);
return $placeholders;
}
