function prepare_message_review($dbh, $req_id)
{
$_SESSION['requestid'] = $req_id;
/* In order to display the message review screen, we need to first get the request record. Then the
* account ID is used to log into the Bronto API to extract other message-oriented information.
*/
$reqinfo = db_load_request($dbh, $req_id);
if ($reqinfo != null) {
$acctid = $reqinfo['account_id'];
$login_info = bronto_agency_login($acctid);
if ($login_info) {
$bapi = $login_info['binding'];
$session_id = $login_info['sessionID'];
$_SESSION['session_id'] = $session_id;
$username = $_SESSION['username'];
$rc = db_save_session($dbh, $session_id, $username, $acctid);
if ($rc == false) {
display_warnbox("Unable to save session information (id=" . $session_id . ",user="******")");
}
print_message_review_form($bapi, $session_id, $reqinfo);
if (db_update_request_status($dbh, $req_id, "UNDER_REVIEW") == false) {
display_warnbox("Unable to update request status.");
}
} else {
display_errorbox("Unable to contact the Bronto API server.");
print_requestid_form($req_id);
}
} else {
display_errorbox("Request ID " . $req_id . " is invalid.");
print_requestid_form($req_id);
}
}
function process_login($login_info, $username, $password, $sitename)
{
if (is_array($login_info)) {
// if an array is returned, then login was successful
$bapi = $login_info['binding'];
$sessionID = $login_info['sessionID'];
$accountID = $login_info['accountID'];
$isAgency = $login_info['isAgency'];
if ($isAgency == true) {
print_agency_login_form($username, $password, $sitename, "", $sessionID, $login_info['accounts']);
} else {
$dbh = open_db();
if ($dbh) {
$rc = db_save_user($dbh, $username, $password, 'BRONTO', 'REQUESTER', $sitename);
if ($rc == false) {
display_warnbox("Unable to save user information (user="******",sitename=" . $sitename . ")");
}
$rc = db_save_session($dbh, $sessionID, $username, $accountID);
if ($rc == false) {
display_warnbox("Unable to save session information (id=" . $sessionID . ",user="******")");
}
if (db_update_user_last_login($dbh, $username) == false) {
echo "Unable to record login date/time.";
}
// Confirm that user information is available.
$userinfo = db_get_user($dbh, $username);
if (empty($userinfo['firstname']) || empty($userinfo['lastname']) || empty($userinfo['email'])) {
print_user_info_form($sessionID, $userinfo);
} else {
if (print_message_select_form($bapi, $sessionID) == false) {
display_errorbox("Unable to connect to Bronto API.");
print_request_login_form($username, $password, $sitename);
}
}
} else {
display_errorbox("Unable to connect to database.");
print_request_login_form($username, $password, $sitename);
}
}
} else {
if ($login_info === false) {
// if "false" was returned, then login was unsuccessful (incorrect username, password, or sitename)
display_errorbox("Invalid username, password, or sitename.");
} else {
// otherwise, "null" is returned, meaning no connectivity to Bronto API
display_errorbox("Unable to connect to the Bronto API server.");
}
print_request_login_form($username, $password, $sitename);
}
}
function send_email_message($from_addr, $from_name, $to_addr, $to_name, $cc_addrs, $subject, $body)
{
$smtp_host = DEFAULT_SMTP_HOST;
$smtp_port = DEFAULT_SMTP_PORT;
$smtp_user = DEFAULT_SMTP_USER;
$smtp_pass = DEFAULT_SMTP_PASS;
$cfg_rec = get_config_params();
if ($cfg_rec) {
$smtp_host = $cfg_rec['smtp_host'];
$smtp_port = $cfg_rec['smtp_port'];
$smtp_user = $cfg_rec['smtp_username'];
$smtp_pass = $cfg_rec['smtp_password'];
}
$mailer = new PHPMailer(true);
// turn on exceptions to avoid echoed output
try {
$mailer->IsSMTP();
$mailer->Host = $smtp_host;
$mailer->Port = $smtp_port;
$mailer->SMTPAuth = empty($smtp_user) && empty($smtp_pass) ? false : true;
$mailer->Username = $smtp_user;
$mailer->Password = $smtp_pass;
$mailer->SetFrom($from_addr, $from_name, 1);
$mailer->AddAddress($to_addr, $to_name);
if ($cc_addrs) {
foreach ($cc_addrs as $cc_addr) {
$mailer->AddCC($cc_addr);
}
}
$mailer->Subject = $subject;
$mailer->Body = $body;
return $mailer->Send();
} catch (phpmailerException $ex) {
display_errorbox("Unable to send request to " . $to_addr . "<br/>Error: " . $mailer->ErrorInfo);
return false;
}
}
function db_update_request_status_user($p_dbh, $req_uuid, $status, $revnotes = null, $user = null)
{
if ($status == "INCOMPLETE" || $status == "AWAITING_REVIEW") {
$time_field = "created_on";
} else {
if ($status == "UNDER_REVIEW") {
$time_field = "reviewed_on";
} else {
if ($status == "APPROVED" || $status == "REJECTED") {
$time_field = "closed_on";
} else {
display_errorbox("Invalid status [" . $status . "] was provided.");
return false;
}
}
}
//$q = "update request set status=?, review_notes=?, $time_field=NOW(), updated_on=NOW() where uuid=?"; //AB
$q = "update request set status=?, review_notes=?, {$time_field}=NOW(), updated_on=NOW(), reviewer=? where uuid=?";
try {
$dbh = $p_dbh == null ? open_db() : $p_dbh;
$dbh->beginTransaction();
$sth = $dbh->prepare($q);
$vals = array($status, $revnotes, $user, $req_uuid);
$sth->execute($vals);
$dbh->commit();
$dbh = null;
return true;
} catch (PDOException $ex) {
echo "PDO Error: " . $ex->getMessage();
if ($dbh) {
$dbh->rollBack();
$dbh = null;
}
return false;
}
}