Пример #1
0
function hesk_dbFormatEmail($email, $field = 'email')
{
    global $hesk_settings;
    $email = hesk_dbLike($email);
    if ($hesk_settings['multi_eml']) {
        return " (`" . hesk_dbEscape($field) . "` LIKE '" . hesk_dbEscape($email) . "' OR `" . hesk_dbEscape($field) . "` LIKE '%," . hesk_dbEscape($email) . "' OR `" . hesk_dbEscape($field) . "` LIKE '" . hesk_dbEscape($email) . ",%' OR `" . hesk_dbEscape($field) . "` LIKE '%," . hesk_dbEscape($email) . ",%') ";
    } else {
        return " `" . hesk_dbEscape($field) . "` LIKE '" . hesk_dbEscape($email) . "' ";
    }
}
Пример #2
0
function rename_cat()
{
    global $hesk_settings, $hesklang;
    /* A security check */
    hesk_token_check('POST');
    $_SERVER['PHP_SELF'] = 'manage_categories.php?catid=' . intval(hesk_POST('catid'));
    $catid = hesk_isNumber(hesk_POST('catid'), $hesklang['choose_cat_ren'], $_SERVER['PHP_SELF']);
    $_SESSION['selcat'] = $catid;
    $_SESSION['selcat2'] = $catid;
    $catname = hesk_input(hesk_POST('name'), $hesklang['cat_ren_name'], $_SERVER['PHP_SELF']);
    $_SESSION['catname2'] = $catname;
    $res = hesk_dbQuery("SELECT `id` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` WHERE `name` LIKE '" . hesk_dbEscape(hesk_dbLike($catname)) . "' LIMIT 1");
    if (hesk_dbNumRows($res) != 0) {
        $old = hesk_dbFetchAssoc($res);
        if ($old['id'] == $catid) {
            hesk_process_messages($hesklang['noch'], $_SERVER['PHP_SELF'], 'NOTICE');
        } else {
            hesk_process_messages($hesklang['cndupl'], $_SERVER['PHP_SELF']);
        }
    }
    hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "categories` SET `name`='" . hesk_dbEscape($catname) . "' WHERE `id`='" . intval($catid) . "' LIMIT 1");
    unset($_SESSION['selcat']);
    unset($_SESSION['catname2']);
    hesk_process_messages($hesklang['cat_renamed_to'] . ' <i>' . stripslashes($catname) . '</i>', $_SERVER['PHP_SELF'], 'SUCCESS');
}
Пример #3
0
function hesk_isEmailLoop($email, $message_hash)
{
    global $hesk_settings, $hesklang, $hesk_db_link;
    // If $hesk_settings['loop_hits'] is set to 0 this function is disabled
    if (!$hesk_settings['loop_hits']) {
        return false;
    }
    // Escape wildcards in email
    $email_like = hesk_dbEscape(hesk_dbLike($email));
    // Delete expired DB entries
    hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pipe_loops` WHERE `dt` < (NOW() - INTERVAL " . intval($hesk_settings['loop_time']) . " SECOND) ");
    // Check current entry
    $res = hesk_dbQuery("SELECT `hits`, `message_hash` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pipe_loops` WHERE `email` LIKE '{$email_like}' LIMIT 1");
    // Any active entry*
    if (hesk_dbNumRows($res)) {
        list($num, $md5) = hesk_dbFetchRow($res);
        $num++;
        // Number of emails in a time period reached?
        if ($num >= $hesk_settings['loop_hits']) {
            return true;
        }
        // Message exactly the same as in previous email?
        if ($message_hash == $md5) {
            return true;
        }
        // Update DB entry
        hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pipe_loops` SET `hits` = `hits` + 1, `message_hash` = '" . hesk_dbEscape($message_hash) . "' WHERE `email` LIKE '{$email_like}' LIMIT 1");
    } else {
        // First instance, insert a new database row
        hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "pipe_loops` (`email`, `message_hash`) VALUES ('" . hesk_dbEscape($email) . "', '" . hesk_dbEscape($message_hash) . "')");
    }
    // No loop rule trigered
    return false;
}