function send_email_to_customer($customer, $template = 'reminder')
{
#TODO create the data array
$data = array('domain' => $customer->domain);
#print "sending mail to " . $customer->contact_email;
return sendTemplateEmail($customer->contact_email, $template, $data);
}
function sl_send_invitation($invitor, $invitor_nn, $invitor_id, $invitee, $company_name, $company_id, $asAdmin)
{
$ctxt = "";
if ($company_id && !empty($company_name)) {
$ctxt = " {$company_name} on";
}
$subject = "SendLove: Company join request from " . $invitee;
$asAdmin = $asAdmin ? "1" : "0";
$page = "confirmation.php";
$token = urlencode(sha1(SALT . "{$company_id}/{$invitor_id}/{$asAdmin}"));
$sqlView = "SELECT company_id, company_admin FROM " . USERS . " WHERE username = '******'";
$resView = mysql_query($sqlView);
$invite_row = mysql_fetch_array($resView);
// available templates
// invite_admin - invite user to be administrator
// invite_user - invite regular user
// invite_switch - invite user to switch companies
$inviteType = '';
if (!$invite_row || $invite_row['company_id'] == 0 || $invite_row['company_id'] == $company_id && !$invite_row['company_admin'] && $asAdmin) {
/* The user is:
* a) not a LoveMachine user, or
* b) is not affiliated with another company, or
* c) affiliated with the same company but is being invited as an admin.
*/
$invite = 1;
if (!$invite_row) {
$page = "signup.php";
}
if ($asAdmin) {
$inviteType = 'admin';
} else {
$inviteType = 'user';
}
} else {
if ($invite_row['company_id'] != $company_id) {
/* The user is affiliated with another company */
$invite = 2;
$inviteType = 'switch';
} else {
/* The user is already affiliated with the company */
return false;
}
}
$joinUrl = SECURE_SERVER_URL . "{$page}?invite={$invite}&cid={$company_id}&iid={$invitor_id}&admin={$asAdmin}&token={$token}";
return sendTemplateEmail($invitee, 'invite_' . $inviteType, array('invitor_nickname' => $invitor_nn, 'invitor_email' => $invitor, 'company_name' => $company_name, 'url' => $joinUrl));
}
// Copyright (c) 2010, LoveMachine Inc.
// All Rights Reserved.
// http://www.lovemachineinc.com
require_once 'class/frontend.class.php';
$front = Frontend::getInstance();
$msg = '';
if (!empty($_POST['submit'])) {
if (!empty($_POST['password'])) {
$vars = array('username' => $_POST['username'], 'token' => $_POST['token'], 'password' => $_POST['password']);
// send the request
ob_start();
CURLHandler::Post(LOGIN_APP_URL . 'changepassword', $vars);
$result = json_decode(ob_get_contents());
ob_end_clean();
if ($result->success == true) {
sendTemplateEmail($_POST['username'], 'changed_pass', array('app_name' => APP_NAME));
header('Location: login.php');
} else {
$msg = 'The link to reset your password has expired or is invalid. <a href="forgot.php">Please try again.</a>';
}
} else {
$msg = "Please enter a password!";
}
}
if (empty($_REQUEST['token'])) {
// no required information specified, redirect user
header('Location: login.php');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US" >
function sendWeeklyUpdates()
{
$time = time() - 28800;
// removing 8 hours for PDT
$date = getdate($time);
$sql = 'SELECT `id` FROM `' . COMPANY . '` WHERE `weekly_updates` = 1;';
$result = mysql_query($sql);
if ($result && mysql_num_rows($result) > 0) {
while ($row = mysql_fetch_array($result)) {
$sql = 'SELECT `weekday`, `hour`, `minute` FROM `' . EMAILUPDATES . '` WHERE `company_id` = "' . (int) $row['id'] . '";';
$resDate = mysql_query($sql);
$rowDate = mysql_fetch_assoc($resDate);
mysql_free_result($resDate);
// continue if we don't send today
if ((int) $rowDate['weekday'] != $date['wday']) {
continue;
}
// continue if we don't send in this hour
if ((int) $rowDate['hour'] != $date['hours']) {
continue;
}
// continue if minute is in the future
if ((int) $rowDate['minute'] > $date['minutes'] || $date['minutes'] - (int) $rowDate['minute'] >= 15) {
continue;
}
$lastWeek = date('Y-m-d H:i:s', strtotime('- 1 week', $time));
$sql = 'SELECT `giver`, `receiver`, `why` FROM `' . LOVE . '` WHERE `company_id` = "' . (int) $row['id'] . '" AND `private` = 0 AND `at` > "' . $lastWeek . '";';
$resLove = mysql_query($sql);
$tblStyle = 'font-family: Lucida Sans Unicode, Lucida Grande, Sans-Serif;font-size: 12px;width: 700px;text-align: left;border-collapse: collapse;margin: 20px;';
$tblHStyle = 'font-size: 14px;font-weight: normal;color: #039;padding: 10px 8px;';
$tblCStyle = 'color: #669;padding: 8px;';
$tblOStyle = 'background: #e8edff;';
$counter = 0;
$tbl = '<table border="0" style="' . $tblStyle . '">' . "\n";
$tbl .= '<thead>' . "\n";
$tbl .= '<tr>' . "\n";
$tbl .= '<th style="' . $tblHStyle . '">Giver</th>' . "\n";
$tbl .= '<th style="' . $tblHStyle . '">Receiver</th>' . "\n";
$tbl .= '<th style="' . $tblHStyle . '">Message</th>' . "\n";
$tbl .= '</tr>' . "\n";
$tbl .= '</thead>' . "\n";
$tbl .= '<tbody>' . "\n";
while ($rowLove = mysql_fetch_array($resLove)) {
$counter++;
$tbl .= '<tr>' . "\n";
$tbl .= '<td style="' . $tblCStyle . ($counter % 2 ? $tblOStyle : '') . '">' . htmlentities($rowLove['giver']) . '</td>' . "\n";
$tbl .= '<td style="' . $tblCStyle . ($counter % 2 ? $tblOStyle : '') . '">' . htmlentities($rowLove['receiver']) . '</td>' . "\n";
$tbl .= '<td style="' . $tblCStyle . ($counter % 2 ? $tblOStyle : '') . '">' . htmlentities($rowLove['why']) . '</td>' . "\n";
$tbl .= '</tr>' . "\n";
}
$tbl .= '</tbody>' . "\n";
$tbl .= '</table>' . "\n";
mysql_free_result($resLove);
$receivers = array();
$sql = 'SELECT `username` FROM `' . USERS . '` WHERE `company_id` = "' . (int) $row['id'] . '";';
$resReceivers = mysql_query($sql);
while ($rowReceivers = mysql_fetch_array($resReceivers)) {
$receivers[] = $rowReceivers['username'];
}
mysql_free_result($resReceivers);
sendTemplateEmail($receivers, 'weeklyupdates', array('app_name' => APP_NAME, 'table' => $tbl));
}
mysql_free_result($result);
}
}
function endReviewPeriod($reset, $conversion_rate, $signature)
{
$email_template = $conversion_rate ? 'end-period-conversion' : 'end-period';
$template_data = array('date' => date("F j, Y"), 'signature' => $signature);
foreach (Rewarder::getCurrentReceivers() as $receiver) {
$user_template_data = $template_data;
$user_template_data['points'] = $receiver['received_points'];
$user_template_data['people'] = $receiver['givers'];
if ($conversion_rate) {
$user_template_data['worth'] = $conversion_rate;
$user_template_data['total_earnings'] = $receiver['received_points'] * $conversion_rate;
}
sendTemplateEmail($receiver['username'], $email_template, $user_template_data);
}
// makes changes to the database finishing the rewarder
Rewarder::markPaidAll();
// reseting all rewarder balances to 0
if ($reset) {
$sql = "UPDATE " . REVIEW_USERS . " SET `rewarder_points` = 0";
mysql_unbuffered_query($sql);
}
}
public function resetUserPassword()
{
if (!isset($_REQUEST["user_id"])) {
$this->getResponse()->getError()->setError("No user id set.");
} else {
if (!isset($_SESSION["userid"])) {
$this->getResponse()->getError()->setError("You are not logged in.");
} else {
$user_id = (int) $_REQUEST["user_id"];
$admin_id = (int) $_SESSION["userid"];
$token = uniqid();
$this->saveToken($token);
$this->params["user_id"] = $user_id;
$this->params["admin_id"] = $admin_id;
$this->params["token"] = $token;
ob_start();
// send the request
CURLHandler::Post(LOGIN_APP_URL . 'adminresettoken', $this->params, false, true);
$result = ob_get_contents();
ob_end_clean();
$result = json_decode($result);
if ($result->error == 1) {
$this->getResponse()->getError()->setError($result->message);
} else {
if ($this->checkToken($result->token) && $token == $result->token) {
$this->updateToken($result->token);
$resetUrl = SECURE_SERVER_URL . 'resetpass.php?un=' . base64_encode($result->username) . '&token=' . $result->confirm_string;
$resetUrl = '<a href="' . $resetUrl . '" title="Password Recovery">' . $resetUrl . '</a>';
sendTemplateEmail($result->username, 'recovery', array('url' => $resetUrl));
$this->getResponse()->addParams($result);
} else {
$this->getResponse()->getError()->setError("Invalid Token aka Malicious attempt.");
}
}
}
}
}
function changeUserBalance()
{
$user = new User();
$user->findUserById($_REQUEST['user_id']);
$currentPoints = $user->getRewarder_points();
$addPoints = $_REQUEST['points'];
$newPoints = $currentPoints + intval($addPoints);
$user->setRewarder_points($newPoints);
$user->save();
$reason = $_REQUEST['reason'];
$worklist_id = isset($_REQUEST['worklist_id']) ? intval($_REQUEST['worklist_id']) : 0;
$fee_id = isset($_REQUEST['fee_id']) ? intval($_REQUEST['fee_id']) : 0;
mysql_unbuffered_query("INSERT INTO `" . REVIEW_REWARDER_LOG . "` (`user_id`, `worklist_id`, `fee_id`, `rewarder_points`) VALUES ('" . $user->getId() . "', '{$worklist_id}', '{$fee_id}', '" . intval($addPoints) . "')");
if (intval($addPoints) > 0) {
sendTemplateEmail($user->getUsername(), 'increase-balance', array('points' => $addPoints, 'total-points' => $newPoints, 'reason' => $reason));
} else {
sendTemplateEmail($user->getUsername(), 'decrease-balance', array('points' => -$addPoints, 'total-points' => $newPoints, 'reason' => $reason));
}
$rsp['status'] = SL_OK;
respond($rsp);
}
function changeCampaignStatus($idsList, $new_validated_status, $instance)
{
$filter = "";
$periodFilter = PERIODS . ".`id` in ({$idsList}) ";
if ($new_validated_status == 'C') {
$infoForMail = "Campaigns are in the paypal card";
$filter = " AND budget_validated = 'R' ";
// set to No if the previous status was Request (cancel)
} else {
if ($new_validated_status == 'R') {
// set to Request Running if the previous status was In Cart
$infoForMail = "Paypal payment request has been sent, waiting for acknowledgement from Paypal.";
$filter = " AND budget_validated = 'C' ";
} else {
if ($new_validated_status == 'Y') {
// set to Yes if the previous status was Request (accepted)
$infoForMail = "Paypal payment accepted.";
$filter = " AND budget_validated = 'R' ";
} else {
$filter = " AND 1 = 0 ";
}
}
}
$sql = "UPDATE {$instance}." . PERIODS . ",{$instance}." . USER_REVIEWS . " SET `budget_validated` = '{$new_validated_status}' WHERE " . USER_REVIEWS . ".period_id = " . PERIODS . ".id AND {$periodFilter} {$filter}";
$ret = mysql_unbuffered_query($sql);
if ($ret) {
sendTemplateEmail($_SESSION['checkoutCampaign']['managerEmails'], 'changeInCampaign', array('changeInfo' => "New paypal status is : " . $new_validated_status . " , " . $infoForMail, 'periodInfo' => urldecode($_SESSION['checkoutCampaign']['infoCampaigns'])));
return array('result' => "update new_validated_status", "count" => mysql_affected_rows());
} else {
return array('error' => 'error SQL in changeCampaignStatus' . mysql_error());
}
}
// All Rights Reserved.
// http://www.lovemachineinc.com
require_once "class/frontend.class.php";
require_once "send_email.php";
$front = Frontend::getInstance();
if (!empty($_POST['username'])) {
ob_start();
// send the request
CURLHandler::Post(LOGIN_APP_URL . 'resettoken', array('username' => $_POST['username'], 'app' => 'lovemachine', 'key' => API_KEY));
$result = ob_get_contents();
ob_end_clean();
$result = json_decode($result);
if ($result->success == true) {
$resetUrl = SECURE_SERVER_URL . 'resetpass.php?un=' . base64_encode($_POST['username']) . '&token=' . $result->token;
$resetUrl = '<a href="' . $resetUrl . '" title="Password Recovery">' . $resetUrl . '</a>';
sendTemplateEmail($_POST['username'], 'recovery', array('url' => $resetUrl));
$msg = '<p class="LV_valid">Login information will be sent if the email address ' . $_POST['username'] . ' is registered.</p>';
} else {
$msg = '<p class="LV_invalid">Sorry, unable to send password reset information. Try again or contact an administrator.</p>';
}
}
/*********************************** HTML layout begins here *************************************/
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US" xml:lang="en-US" >
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>SendLove | Reset Password</title>
<link rel="stylesheet" href="css/jquery-ui.css" type="text/css" media="all" />
<link href="css/login.css" rel="stylesheet" type="text/css" />
public function payCampaign($period_id)
{
// Calculate the total of redeemed
$sql = "UPDATE " . REVIEW_REWARDER . "," . PERIODS . " SET paid_amount = (rewarded_percentage * budget / 100), paid=5 WHERE " . REVIEW_REWARDER . ".`period_id` = " . PERIODS . ".`id` AND " . REVIEW_REWARDER . ".`period_id` = {$period_id} ";
$ret = mysql_unbuffered_query($sql);
if ($ret) {
sendTemplateEmail($this->user_email, 'publishedCampaign', array('export_data' => $this->exportRedeemByCampaignContent($period_id, "\n")));
$this->campaignChangeNotification("The recognition period has been published.", $period_id);
return array('result' => "Campaign paid! ");
} else {
return array('error' => 'error SQL in payCampaign' . mysql_error() . " SQL: " . $sql);
}
}
public function tryToRegisterUser()
{
$username = isset($_REQUEST["username"]) ? trim($_REQUEST["username"]) : "";
$password = isset($_REQUEST["password"]) ? $_REQUEST["password"] : "";
$cpassword = isset($_REQUEST["confirmpassword"]) ? $_REQUEST["confirmpassword"] : "";
if (empty($username)) {
$this->getError()->setError("Username cannot be empty.");
} else {
if (empty($password)) {
$this->getError()->setError("Password cannot be empty.");
} else {
if (strcmp($password, $cpassword) != 0) {
$this->getError()->setError("Passwords do not match.");
} else {
$params = array("username" => $username, "password" => $password, "action" => "signup", "confirm_string" => uniqid());
if (isset($_REQUEST["nickname"])) {
$params["nickname"] = $_REQUEST["nickname"];
}
ob_start();
// send the request
CURLHandler::Post(SERVER_URL . 'loginApi.php', $params, false, true);
$result = ob_get_contents();
ob_end_clean();
$ret = json_decode($result);
if ($ret->error == 1) {
$this->getError()->setError($ret->message);
return $this->getError()->getErrorFlag();
} else {
$cid = isset($_REQUEST["company"]) ? $_REQUEST["company"] : 0;
$phone = isset($_REQUEST["phone"]) ? $_REQUEST["phone"] : NULL;
$country = isset($_REQUEST["country"]) ? $_REQUEST["country"] : NULL;
$provider = isset($_REQUEST["provider"]) ? $_REQUEST["provider"] : NULL;
$this->getUser()->newUser($ret->id, $ret->username, $ret->nickname, $cid, $phone, $country, $provider);
$confirmUrl = SECURE_SERVER_URL . "confirmation.php?cs=" . $ret->confirm_string . "&str=" . base64_encode($username);
sendTemplateEmail($username, 'confirmation', array('url' => $confirmUrl));
return false;
}
}
}
}
return $this->getError()->getErrorFlag();
}
sl_send_phone_confirm_sms($_SESSION['userid'], $phone, $country, $provider, $confirm_code);
// check if user has confirmed his number before even if we update something else
// fixes appearing of sms field on updating other info
} elseif (empty($user_row['confirm_phone'])) {
$smsConfirmed = true;
}
}
}
if ($front->getError()->getErrorFlag() == 1) {
foreach ($front->getError()->getErrorMessage() as $message) {
$messages[] = $message;
}
}
$changes = array();
if (!empty($messages)) {
$to = $_SESSION['username'];
$changes = '';
foreach ($messages as $msg) {
$changes .= " {$msg}<br/>";
}
if (LOVE_SETTINGS_UPDATE_EMAIL) {
if (!$front->getError()->getErrorFlag()) {
sendTemplateEmail($to, 'changed_settings', array('app_name' => APP_NAME, 'changes' => $changes));
}
}
}
if (!$front->getError()->getErrorFlag()) {
echo json_encode(array('error' => 0, 'message' => $changes, 'redirect' => false, 'smsConfirmed' => $smsConfirmed));
} else {
echo json_encode(array('error' => 1, 'message' => $front->getError()->getErrorMessage(), 'redirect' => false));
}
