public function delete() { $options = WebApp::post('options') === NULL ? array() : strgetcsv(WebApp::post('options')); if (count($options) == 0) { return new ActionResult($this, '/admin/core/option_view', 0, 'No option(s) were selected!', B_T_FAIL); } foreach ($options as $option) { $validated = GUMP::is_valid(array('opt' => $option), array('opt' => 'integer')); if ($validated !== true) { return new ActionResult($this, '/admin/core/option_view', 0, 'No option(s) were selected!', B_T_FAIL); } } $delete = $this->mySQL_w->prepare("DELETE FROM `core_options` WHERE `id`=?"); $affected_rows = 0; foreach ($options as $id) { $delete->bind_param('i', $id); $delete->execute(); $delete->store_result(); $affected_rows += $delete->affected_rows; } if ($affected_rows == count($options)) { $this->parent->parent->logEvent($this::name_space, 'Deleted options: ' . csvgetstr($options)); return new ActionResult($this, '/admin/core/option_view', 1, 'Successfully deleted selected option(s)!', B_T_SUCCESS); } else { $this->parent->parent->logEvent($this::name_space, 'Deleted some options: ' . csvgetstr($options)); return new ActionResult($this, '/admin/core/option_view', 1, 'Successfully deleted ' . $affected_rows . '/' . count($options) . ' selected option(s)!<br /><small>Possible cause: <code>Unknown</code></small>', B_T_WARNING); } }
public function clear_status_msg() { $msg_id = WebApp::get('msg_id'); if ($msg_id === NULL) { $msg_id = WebApp::post('msg_id'); } if ($msg_id === NULL) { $this->parent->parent->debug($this::name_space . ': MSG ID was not provided!'); return new ActionResult($this, '/', 0, 'Failed to clear status message. No ID found.', B_T_FAIL); } $msg_id = trim(str_replace('alert_', '', $msg_id)); $msg_id = base64_decode($msg_id); Session::del('status_msg', $msg_id); $this->parent->parent->debug($this::name_space . ': MSG ID "' . $msg_id . '" was ' . (Session::get('status_msg', $msg_id) === NULL ? '' : 'not ') . 'cleared'); return new ActionResult($this, '/', 0, 'Cleared status message.', B_T_SUCCESS); }
function add() { $title = WebApp::post('title') === NULL ? '' : WebApp::post('title'); $p_from = WebApp::post('p_from') === '' ? NULL : getSQLDate(WebApp::post('p_from')); $p_to = WebApp::post('p_to') === '' ? NULL : getSQLDate(WebApp::post('p_to')); $article = WebApp::post('article') === NULL ? '' : WebApp::post('article'); $user = $this->parent->parent->user->getUserID(); $group = $this->parent->parent->user->getGroup(); $aid = removeSpecialChars($title); $article_add = $this->mySQL_w->prepare("INSERT INTO `news_articles` (`title`,`aid`,`user`,`group`,`article`,`date_p`,`publish_f`,`publish_u`) VALUES(?,?,?,?,?,NOW(),?,?)"); if ($article_add == false) { return new ActionResult($this, '/admin/news/article_add', 0, 'Failed to save article.<br />Error: <code>Query failed</code>', B_T_FAIL); } $article_add->bind_param('ssiisss', $title, $aid, $user, $group, $article, $p_from, $p_to); $article_add->execute(); $article_add->store_result(); if ($article_add->affected_rows == 1) { $this->parent->parent->logEvent($this::name_space, 'Added article ' . $title); return new ActionResult($this, '/admin/news/article_view', 1, 'Successfully saved article!', B_T_SUCCESS); } else { $this->parent->parent->logEvent($this::name_space, 'Failed to add article ' . $title); return new ActionResult($this, '/admin/news/article_add', 0, 'Failed to add article.<br />Error: <code>' . $this->mySQL_w->error . '</code>', B_T_FAIL); } }
public function save() { if (WebApp::post('mysql_r_pass') === '') { WebApp::post('mysql_r_pass', $this->parent->parent->config->config['mysql']['r']['pass']); } if (WebApp::post('mysql_w_pass') === '') { WebApp::post('mysql_r_pass', $this->parent->parent->config->config['mysql']['w']['pass']); } $gump = new GUMP(); $gump->validation_rules(array('core_errors' => 'required|boolean', 'core_maintenance' => 'required|boolean', 'core_debug' => 'required|boolean', 'core_https_a' => 'required|boolean', 'core_https_f' => 'required|boolean', 'core_cdn' => 'required', 'mysql_db' => 'required', 'mysql_r_user' => 'required', 'mysql_r_host' => 'required', 'mysql_r_port' => 'required|integer', 'mysql_w_user' => 'required', 'mysql_w_host' => 'required', 'mysql_w_port' => 'required|integer', 'reCAPTCHA_pub' => 'required|alpha_dash', 'reCAPTCHA_priv' => 'required|alpha_dash')); $gump->filter_rules(array('core_cdn' => 'trim|urlencode')); $valid_data = $gump->run($_POST); if ($valid_data === false) { return new ActionResult($this, '/admin/core/config_edit', 0, 'Failed to save config!<br />Error: <code>Please check you have completed all fields as instructed.</code>', B_T_FAIL); } $configFile = fopen(__LIBDIR__ . '/config.inc.php', 'w'); if (fwrite($configFile, $this->getFile($valid_data))) { fclose($configFile); return new ActionResult($this, '/admin/core/config_view', 1, 'Succeesfully saved config!', B_T_SUCCESS); } else { fclose($configFile); return new ActionResult($this, '/admin/core/config_edit', 0, 'Failed to save config!', B_T_SFAIL); } }
public function backup() { if (!$this->accessAdminPage(3)) { return new ActionResult($this, '/admin/modules/', 1, 'You are not allowed to do that', B_T_FAIL); } $backups = WebApp::post('backups') === NULL ? array() : strgetcsv(WebApp::post('backups')); if (count($backups) == 0) { $backups = WebApp::get('m') === NULL ? array() : array(WebApp::get('m')); } if (count($backups) == 0) { return new ActionResult($this, '/admin/modules/backup', 0, 'No module(s) were selected!', B_T_FAIL); } foreach ($backups as $backup) { $validated = GUMP::is_valid(array('bk' => $backup), array('bk' => 'integer')); if ($validated !== true) { return new ActionResult($this, '/admin/modules/backup', 0, 'No module(s) were selected!', B_T_FAIL); } } $location = __BACKUP__ . DIRECTORY_SEPARATOR . date(DATET_BKUP) . DIRECTORY_SEPARATOR; require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'resources' . DIRECTORY_SEPARATOR . 'backup.php'; $result = array(); foreach ($backups as $module) { $backup = new Backup($this->parent); if (!$backup->setLocation($location)) { return new CronResult($this, false, 'Failed to create backup dir: ' . DIRECTORY_SEPARATOR . 'backup' . str_replace(__BACKUP__, '', $location . $module)); } if (!$backup->setID($module)) { return new CronResult($this, false, 'Failed to setID for ' . $module); } $results[$module] = $backup->backup(); unset($backup); } $msg = ''; $status = true; foreach ($results as $ns => $data) { $msg .= '"' . $ns . '": ' . $data['msg'] . PHP_EOL; if (!$data['s']) { $status = false; } } if ($status) { $msg = 'Backup was completed for selected module(s)!'; $type = B_T_SUCCESS; } else { $msg = 'Backup was completed but failed for some/all module(s). Details as follows:' . PHP_EOL . $msg; $type = B_T_WARNING; } $this->parent->parent->logEvent($this::name_space, 'Back up modules: ' . csvgetstr($backups)); return new ActionResult($this, '/admin/modules/backup', 1, $msg, $type); }
function edit_details() { $userid = WebApp::post('userid') === NULL ? '' : WebApp::post('userid'); $f_name = WebApp::post('f_name') === NULL ? '' : WebApp::post('f_name'); $s_name = WebApp::post('s_name') === NULL ? '' : WebApp::post('s_name'); $username = WebApp::post('username') === NULL ? '' : WebApp::post('username'); //$old_email = (WebApp::post('old_email')===NULL)? '' :WebApp::post('old_email'); //$email = (WebApp::post('email')===NULL)? '' :WebApp::post('email'); if ($userid != $this->parent->parent->user->getUserID()) { return new ActionResult($this, '/user/profile/details', 0, 'Failed save details.<br />Error: <code>User IDs don\'t match</code>', B_T_FAIL); } if ($f_name == '' || $s_name == '') { return new ActionResult($this, '/admin/user/user_edit', 0, 'Failed to edit user.<br />Error: <code>Name must not be empty</code>', B_T_FAIL); } $update = $this->mySQL_w->prepare("UPDATE `core_users` SET `f_name`=?,`s_name`=? WHERE `id`=?"); if ($update === false) { return new ActionResult($this, '/user/profile/details', 0, 'Failed save details!', B_T_FAIL); } $update->bind_param('ssi', $f_name, $s_name, $userid); $update->execute(); $update->store_result(); if ($update->affected_rows == 0) { return new ActionResult($this, '/user/profile/details', 0, 'Nothing to change', B_T_INFO); } /*if($old_email != $email){ return $this->genActivation($email, 'email', array('f'=>'/user/activate', 's'=>'/user/activate')); }else{*/ return new ActionResult($this, '/user/profile', 1, 'Saved details!', B_T_SUCCESS); //} }
/** * Installer::preInstall() * * @return */ public function preInstall() { // Get the details from post $mode = WebApp::post('method'); // Check which mode we are operating in if ($mode == 'zip') { // Get the zip file $file = $this->parent->parent->files('zip_file'); // Deal with upload errors switch ($file) { // Failed to upload (we couldn't find it) case _ACTION_FAIL_1: $this->parent->parent->debug($this::name_space . ': Module package failed to upload.'); Session::set($this::name_space, 'msg', 'Module package failed to upload.'); $this->parent->parent->addHeader('Location', '/admin/modules/install/'); return new ActionResult($this, '/admin/modules/install', 0, 'Module package failed to upload.', B_T_FAIL); break; // No file was uploaded // No file was uploaded case _ACTION_FAIL_2: $this->parent->parent->debug($this::name_space . ': No module package was uploaded to install!'); Session::set($this::name_space, 'msg', 'No module package was uploaded to install!'); $this->parent->parent->addHeader('Location', '/admin/modules/install/'); return new ActionResult($this, '/admin/modules/install', 0, 'No module package was uploaded to install!', B_T_FAIL); break; // Upload was too large // Upload was too large case _ACTION_FAIL_3: $this->parent->parent->debug($this::name_space . ': Module was larger than the max upload size'); Session::set($this::name_space, 'msg', 'Module was larger than the max upload size!'); $this->parent->parent->addHeader('Location', '/admin/modules/install/'); return new ActionResult($this, '/admin/modules/install', 0, 'Module was larger than the max upload size!', B_T_FAIL); break; // File wasn't in whitelist/was in blacklist // File wasn't in whitelist/was in blacklist case _ACTION_FAIL_4: $this->parent->parent->debug($this::name_space . ': Incorrect module format!'); Session::set($this::name_space, 'msg', 'Incorrect module format!'); $this->parent->parent->addHeader('Location', '/admin/modules/install/'); return new ActionResult($this, '/admin/modules/install', 0, 'Incorrect module format!', B_T_FAIL); break; // For some reason we couldn't move the uploaded file from the system temp dir to our temp dir // For some reason we couldn't move the uploaded file from the system temp dir to our temp dir case _ACTION_FAIL_5: $this->parent->parent->debug($this::name_space . ': Could not access module package.'); Session::set($this::name_space, 'msg', 'Could not access module package!'); $this->parent->parent->addHeader('Location', '/admin/modules/install/'); return new ActionResult($this, '/admin/modules/install', 0, 'Could not access module package.', B_T_FAIL); break; // Something else went wrong with the uplaod - probably left for future php updates // Something else went wrong with the uplaod - probably left for future php updates case _ACTION_UNSPEC: $this->parent->parent->debug($this::name_space . ': Something went wrong with the upload, try again'); Session::set($this::name_space, 'msg', 'Something went wrong with the upload, try again!'); $this->parent->parent->addHeader('Location', '/admin/modules/install/'); return new ActionResult($this, '/admin/modules/install', 0, 'Something went wrong with the upload, try again', B_T_FAIL); break; // There were no erros so we can continue // There were no erros so we can continue default: // Extract the zip file $file = $this->extractZip($file); // Use the temp dir (from the extraction) if ($file !== false) { // Generate a reference hash $hash = ranString(4); // Set the session reference Session::set($this::name_space, 'install_from' . $hash, $file); //Navigate to the instal page $this->parent->parent->addHeader('Location', '/admin/modules/install/' . $hash); // We still need to return an ActionResult object to the controller, otherwise it'll get its knickers in a twist return new ActionResult($this, '/admin/modules/install/' . $hash, 1, '', B_T_INFO); } else { // The uploaded file wasn't a zip, so give the user a message to see when they navigate Session::set($this::name_space, 'msg', 'Failed to extract zip file!'); $this->parent->parent->addHeader('Location', '/admin/modules/install/'); // Yet again we need to return an ActionResult object as stated above ^^ return new ActionResult($this, '/admin/modules/install/', 0, 'Failed to extract zip file!', B_T_FAIL); } } // We are installing from a directory, so we can skip the zip stuff and get straight to busines } elseif ($mode == 'dir') { // Get the full directory path $file = __EXECDIR__ . WebApp::post('directory'); // Generate a reference hash $hash = ranString(4); // Set the install sesion stuff Session::set($this::name_space, 'install_from' . $hash, $file); // Navigate to the install page $this->parent->parent->addHeader('Location', '/admin/modules/install/' . $hash); // Yup, we are returning an ActionResult again... are you getting the message yet? return new ActionResult($this, '/admin/modules/install/' . $hash, 1, 'Installing module…', B_T_SUCCESS); } }
function disable() { $groups = WebApp::post('groups') === NULL ? array() : strgetcsv(WebApp::post('groups')); if (count($groups) == 0) { $groups = WebApp::get('g') === NULL ? array() : strgetcsv(WebApp::get('g')); } if (count($groups) == 0) { return new ActionResult($this, '/admin/user/group_view', 0, 'No group(s) were selected!', B_T_FAIL); } $update_query = $this->mySQL_w->prepare("UPDATE `core_groups` SET `en`=0 WHERE `GID`=?"); foreach ($groups as $GID) { if ($this->inGroup($GID, false, false)) { $this->parent->parent->logEvent($this::name_space, 'Tried to disable own group'); return new ActionResult($this, '/admin/user/group_view', 0, 'Failed to disable group!<br />Error: <code>Cannot disable a group that you are a member of</code>', B_T_FAIL); } if ($GID < 1000 && !$this->inGroup(1)) { $this->parent->parent->logEvent($this::name_space, 'Tried to disable core group'); return new ActionResult($this, '/admin/user/group_view', 0, 'Failed to disable group!<br />Error: <code>Cannot disable a core group</code>', B_T_FAIL); } } $affected_rows = 0; foreach ($groups as $GID) { $update_query->bind_param('i', $GID); $update_query->execute(); $update_query->store_result(); $affected_rows += $update_query->affected_rows; } if ($affected_rows == count($groups)) { $this->parent->parent->logEvent($this::name_space, 'Disabled groups ' . csvgetstr($groups)); return new ActionResult($this, '/admin/user/group_view', 1, 'Successfully disabled selected group(s)!', B_T_SUCCESS); } else { $this->parent->parent->logEvent($this::name_space, 'Disabled some of groups ' . csvgetstr($groups)); return new ActionResult($this, '/admin/user/group_view', 1, 'Successfully disabled ' . $affected_rows . '/' . count($groups) . ' selected group(s)!<br /><small>Possible cause: <code>Group was already disabled</code></small>', B_T_WARNING); } }
public function session_lock() { if (!$this->accessAdminPage(20)) { return new ActionResult($this, '/admin/user/user_view', 0, 'You are not allowed to do that', B_T_FAIL); } if (WebApp::get('m') === 'm') { $sessID = WebApp::post('sessions') === NULL ? array() : strgetcsv(WebApp::post('sessions')); if (count($sessID) === 0) { return new ActionResult($this, '/admin/user/user_view', 0, 'Session IDs cannot be blank!', B_T_FAIL); } } else { $sessID = WebApp::get('cat4'); if ($sessID === NULL || $sessID == '') { return new ActionResult($this, '/admin/user/user_view', 0, 'Session\'s ID cannot be blank!', B_T_FAIL); } $sessID = array($sessID); } $destroy_query = $this->mySQL_w->prepare("UPDATE `core_sessions` SET `auth`=1 WHERE `id`=?"); $affected_rows = 0; foreach ($sessID as $ID) { $destroy_query->bind_param('i', $ID); $destroy_query->execute(); $destroy_query->store_result(); $affected_rows = +$destroy_query->affected_rows; } if ($affected_rows == count($sessID)) { $this->parent->parent->logEvent($this::name_space, 'Locked session(s)'); return new ActionResult($this, Server::get('HTTP_Referer'), 1, 'Session(s) were locked!', B_T_SUCCESS); } elseif ($affected_rows == 0) { $this->parent->parent->logEvent($this::name_space, 'Failed to lock session(s)'); return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to lock any sessions!', B_T_FAIL); } else { $this->parent->parent->logEvent($this::name_space, 'Locked some sessions, but failed to lock the rest!'); return new ActionResult($this, Server::get('HTTP_Referer'), 1, 'Some sessions were locked!', B_T_WARNING); } }
function delete() { $locations = WebApp::post('locations') === NULL ? array() : strgetcsv(WebApp::post('locations')); if (count($locations) == 0) { return new ActionResult($this, '/admin/location', 0, 'No locations(s) were selected!', B_T_FAIL, array('form' => array('pwd' => ''))); } $check_query = $this->mySQL_w->prepare("SELECT `ID` FROM `location` WHERE `ID`=?"); if ($check_query === false) { return new ActionResult($this, '/admin/location', 0, 'Failed to delete location(s)!<br />Error: <code>Check query failed</code>', B_T_FAIL); } foreach ($locations as $ID) { $check_query->bind_param('i', $ID); $check_query->execute(); $check_query->store_result(); if ($check_query->num_rows != 1) { return new ActionResult($this, '/admin/location', 1, 'Failed to delete location(s)!<br />Error: <code>Location doesn\'t exist</code>', B_T_INFO); } } $check_query->free_result(); $delete_query = $this->mySQL_w->prepare("DELETE FROM `location` WHERE `id`=?"); if ($delete_query === false) { return new ActionResult($this, '/admin/location', 0, 'Failed delete location(s)!<br />Error: <code>Update query failed</code>', B_T_FAIL); } $affected_rows = 0; foreach ($locations as $ID) { $delete_query->bind_param('i', $ID); $delete_query->execute(); $delete_query->store_result(); $affected_rows += $delete_query->affected_rows; } if ($affected_rows == count($locations)) { $this->parent->parent->logEvent($this::name_space, 'Deleted ' . csvgetstr($locations)); return new ActionResult($this, '/admin/location', 1, 'Successfully deleted selected location(s)!', B_T_SUCCESS); } else { $this->parent->parent->logEvent($this::name_space, 'Deleted some of ' . csvgetstr($locations)); return new ActionResult($this, '/admin/location', 1, 'Successfully deleted ' . $affected_rows . '/' . count($locations) . ' selected location(s)!<br /><small>Possible cause: <code>Location with that ID may not exist</code></small>', B_T_WARNING); } }
/** * Updater::preUpdate() * * @return */ public function preUpdate() { $conf = WebApp::post('conf'); $module = WebApp::post('mod'); $page = WebApp::post('page'); $mode = WebApp::post('method'); if ($conf != 1) { Session::set($this::name_space, 'msg', 'You haven\'t confirmed this action!'); $this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module); return new ActionResult($this, '/admin/modules/update/' . $module, 0, '', B_T_FAIL); } // Check which mode we are operating in if ($mode == 'zip') { // Get the ZIP file $file = $this->parent->parent->files('zip_file'); // Deal with upload errors switch ($file) { // Failed to upload (we couldn't find it) case _ACTION_FAIL_1: $this->parent->parent->debug($this::name_space . ': Module package failed to upload.'); Session::set($this::name_space, 'msg', 'Module package failed to upload.'); $this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module); return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'Module package failed to upload.', B_T_FAIL); break; // No file was uploaded // No file was uploaded case _ACTION_FAIL_2: $this->parent->parent->debug($this::name_space . ': No module package was uploaded to update!'); Session::set($this::name_space, 'msg', 'No module package was uploaded to update!'); $this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module); return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'No module package was uploaded to update!', B_T_FAIL); break; // Uploade was too large // Uploade was too large case _ACTION_FAIL_3: $this->parent->parent->debug($this::name_space . ': Module was larger than the max upload size'); Session::set($this::name_space, 'msg', 'Module was larger than the max upload size!'); $this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module); return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'Module was larger than the max upload size!', B_T_FAIL); break; // File wasn't in whitelist/was in blacklist // File wasn't in whitelist/was in blacklist case _ACTION_FAIL_4: $this->parent->parent->debug($this::name_space . ': Incorrect module format!'); $this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module); return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'Incorrect module format!', B_T_FAIL); break; // For some reason we couldn't move the uploaded file from the system temp dir into our temp dir (__EXECDIR__/temp) // For some reason we couldn't move the uploaded file from the system temp dir into our temp dir (__EXECDIR__/temp) case _ACTION_FAIL_5: $this->parent->parent->debug($this::name_space . ': Could not access module package.'); Session::set($this::name_space, 'msg', 'Could not access module package!'); $this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module); return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'Could not access module package.', B_T_FAIL); break; // Something else went wrong with the upload - probably left for future php updates // Something else went wrong with the upload - probably left for future php updates case _ACTION_UNSPEC: $this->parent->parent->debug($this::name_space . ': Something went wrong with the upload, try again'); Session::set($this::name_space, 'msg', 'Something went wrong with the upload, try again!'); $this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module); return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'Something went wrong with the upload, try again', B_T_FAIL); break; // There were no errors so we can continue // There were no errors so we can continue default: // Extract the zip file $file = $this->extractZip($file); // Use the temp dir (from the extraction) if ($file === false) { // The uploaded wasn't a zip, so give the user a message to say so Session::set($this::name_space, 'msg', 'Failed to extract zip file!'); // Now we send them back to the update page so they can select the correct file (hopefully) $this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module); return new ActionResult($this, '/admin/modules/update/' . $module, 0, 'Failed to extract zip file!', B_T_FAIL); } // Create a random reference hash $hash = ranString(4); // Set the session variables Session::set($this::name_space, 'update_from_' . $hash . '_dir', $file); Session::set($this::name_space, 'update_from_' . $hash . '_ns', $module); Session::set($this::name_space, 'update_from_' . $hash . '_page', $page); // Navigate to the new page $this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module . '/' . $hash); // We still need to return what we are doing to the controller (don't remove... took ages to work out why it crashed here!) return new ActionResult($this, '/admin/modules/update/' . $module . '/' . $hash, 1, '', B_T_SUCCESS); } // We are updating from a directory so we can bypass the zip extraction bits and bobs } elseif ($mode == 'dir') { // Get the full directory path $file = __EXECDIR__ . WebApp::post('directory'); // Create a random reference hash $hash = ranString(4); // Set the session variables Session::set($this::name_space, 'update_from_' . $hash . '_dir', $file); Session::set($this::name_space, 'update_from_' . $hash . '_ns', $module); Session::set($this::name_space, 'update_from_' . $hash . '_page', $page); // Navigate to the new page $this->parent->parent->addHeader('Location', '/admin/modules/update/' . $module . '/' . $hash); // We still need to return what we are doing to the controller [don't remove... yup, same mistake twice :-)] return new ActionResult($this, '/admin/modules/update/' . $module . '/' . $hash, 1, '', B_T_SUCCESS); } }
public function send() { if (!$this->accessAdminPage(0)) { return new ActionResult($this, '/admin/email', 0, 'You are not allowed to send emails!', B_T_FAIL); } $check = $this->checknames(); if ($check->status == 0) { return $check; } else { Session::del('status_msg', $check->id); } $to = WebApp::post('to'); $subject = WebApp::post('subject'); $message = WebApp::post('message'); $mail = new Emailer(); $mail->setFrom($this->parent->parent->user->getUsername() . '@biggleswadesc.org', $this->parent->parent->user->getFullName()); $mail->Subject = $subject; $mail->msgHTML($message); $mail->AltBody = 'To view the message, please use an HTML compatible email viewer!'; $to = strgetcsv(WebApp::post('to')); // Fetches emails from usernames $user_query = $this->mySQL_r->prepare("SELECT CONCAT(`f_name`, ' ', `s_name`), `email` FROM `core_users` WHERE `username`=?"); // Fetches names and emails from p_group names $p_group_query = $this->mySQL_r->prepare("SELECT CONCAT(`f_name`, ' ', `s_name`),`email` FROM `core_users`\nINNER JOIN `core_groups` ON `p_group`=`GID` AND `core_groups`.`name`=? AND `type`='p'"); // Fetches names and emails from s_group names through link table (core_sgroup) $s_group_query = $this->mySQL_r->prepare("SELECT CONCAT(`f_name`, ' ', `s_name`),`email` FROM `core_users`\nINNER JOIN `core_groups` ON `core_groups`.`name`=? AND `type`='s'\nINNER JOIN `core_sgroup` ON `core_sgroup`.`user`=`core_users`.`id` AND `core_groups`.`GID`=`core_sgroup`.`group`"); $email_addresses = array(); foreach ($to as $name) { $name = trim($name); if (filter_var($name, FILTER_VALIDATE_EMAIL)) { $email_addresses[$name] = $name; } else { // Check if name is user $user_query->bind_param('s', $name); $user_query->bind_result($fullName, $email); $user_query->execute(); $user_query->store_result(); if ($user_query->num_rows == 1) { $this->parent->parent->debug($this::name_space . ': Address is for user'); // deal with user $user_query->fetch(); $email_addresses[$email] = $fullName; $user_query->free_result(); $user_query->reset(); } else { // Check if name is pgroup $user_query->free_result(); $p_group_query->bind_param('s', $name); $p_group_query->bind_result($fullName, $email); $p_group_query->execute(); $p_group_query->store_result(); if ($p_group_query->num_rows != 0) { while ($p_group_query->fetch()) { $email_addresses[$email] = $fullName; } $p_group_query->free_result(); $p_group_query->reset(); } else { $p_group_query->free_result(); $p_group_query->reset(); // Check sgroup $s_group_query->bind_param('s', $name); $s_group_query->bind_result($fullName, $email); $s_group_query->execute(); $s_group_query->store_result(); if ($s_group_query->num_rows != 0) { // Deal with sgroup while ($s_group_query->fetch()) { $email_addresses[$email] = $fullName; } } $s_group_query->free_result(); $s_group_query->reset(); } } } } $failed = array(); foreach ($email_addresses as $email => $name) { $mail->addAddress($email, $name); if (!$mail->send()) { $failed[] = $email; $this->parent->parent->debug($this::name_space . ': Did not send mail to ' . $email); $this->parent->parent->debug('Reason: ' . $mail->ErrorInfo); } else { $this->parent->parent->debug($this::name_space . ': Sent mail to ' . $email); } $mail->clearAddresses(); } if (count($failed) == 0) { return new ActionResult($this, '/admin/email', 1, 'Email was successfully sent!', B_T_SUCCESS); } else { return new ActionResult($this, '/admin/email', 0, 'Email was sent to except:<code>' . implode(', ', $failed) . '</code>', B_T_WARNING); } }