$recipient = $result[0]['email'];
$sender = $objSettings->GetParameter('admin_email');
$email_text = '<b>Dear Customer!</b><br />
Thank you for purchasing from our site!
Your order has been placed in our system.
Current status: PENDING.<br />
Payments from PayPal using an eCheck (electronic funds transfer from your bank account) will be
credited to your account when your bank clears the transaction. Your PayPal account will show
an estimated clearing date for the transaction. Once the transaction is cleared, the purchased
products will be credited to your account in a few minutes.<br /><br />
If you don\'t see any changes on your account during 72 hours,
please contact us to: ' . $sender;
////////////////////////////////////////////////////////////
send_email_wo_template($recipient, $sender, 'Order placed (eCheck payment in progress - ' . $objSiteDescription->GetParameter('header_text') . ')', $email_text);
////////////////////////////////////////////////////////////
}
break;
case 'Completed':
// 2 order completed
$sql = 'SELECT id, order_number, currency, customer_id, advertise_plan_id, listings_amount, order_price, vat_fee, total_price
FROM ' . TABLE_ORDERS . '
WHERE order_number = \'' . $order_number . '\' AND status = 0';
$result = database_query($sql, DATA_AND_ROWS, FIRST_ROW_ONLY);
if ($result[1] > 0) {
write_log($sql);
// check for possible problem or hack attack
if ($total <= 1 || abs($total - $result[0]['total_price']) > 1) {
$ip_address = isset($_SERVER['HTTP_X_FORWARD_FOR']) && $_SERVER['HTTP_X_FORWARD_FOR'] ? $_SERVER['HTTP_X_FORWARD_FOR'] : $_SERVER['REMOTE_ADDR'];
$message = 'From IP: ' . $ip_address . "<br />\n";
/**
* Send invoice to customer
* @param $rid
*/
public function SendInvoice($rid)
{
if (strtolower(SITE_MODE) == 'demo') {
$this->error = _OPERATION_BLOCKED;
return false;
}
global $objSettings;
$sql = 'SELECT
c.email,
c.preferred_language
FROM ' . TABLE_ORDERS . ' o
INNER JOIN ' . TABLE_CUSTOMERS . ' c ON o.customer_id = c.id
WHERE 1=1 OR o.id = ' . (int) $rid;
$result = database_query($sql, DATA_AND_ROWS, FIRST_ROW_ONLY);
if ($result[1] > 0) {
$recipient = $result[0]['email'];
$preferred_language = $result[0]['preferred_language'];
$sender = $objSettings->GetParameter('admin_email');
$subject = _INVOICE . ' #' . $rid;
$body = $this->DrawOrderInvoice($rid, true, false);
//$body = str_replace('<br />', '', $body);
send_email_wo_template($recipient, $sender, $subject, $body, $preferred_language);
return true;
}
$this->error = _EMAILS_SENT_ERROR;
return false;
}
/**
* Sends mass mail
*/
public function SendMassMail()
{
global $objSettings;
$template_name = isset($_POST['template_name']) ? prepare_input($_POST['template_name']) : '';
$email_from = isset($_POST['email_from']) ? prepare_input($_POST['email_from']) : '';
$email_to_req = isset($_POST['email_to']) ? prepare_input($_POST['email_to']) : '';
$subject = isset($_POST['subject']) ? prepare_input($_POST['subject']) : '';
$message = isset($_POST['message']) ? prepare_input($_POST['message']) : '';
$package_size = isset($_POST['package_size']) ? prepare_input($_POST['package_size']) : '';
$duration = isset($_POST['duration']) ? (int) $_POST['duration'] : '5';
$send_copy_to_admin = isset($_POST['send_copy_to_admin']) ? prepare_input($_POST['send_copy_to_admin']) : '';
$admin_email = $objSettings->GetParameter('admin_email');
$email_session_code = Session::Get('email_random_code');
$email_post_code = isset($_POST['email_random_code']) ? prepare_input($_POST['email_random_code']) : '';
$msg = '';
$emails_total = '0';
$emails_sent = '0';
if (strtolower(SITE_MODE) == 'demo') {
draw_important_message(_OPERATION_BLOCKED);
return false;
}
if ($email_post_code != '' && $email_session_code == $email_post_code) {
$this->error = true;
draw_message(_OPERATION_WAS_ALREADY_COMPLETED);
return false;
}
// handle emails sending
if ($subject != '' && $message != '') {
$message = str_ireplace('{YEAR}', date('Y'), $message);
$message = str_ireplace('{WEB SITE}', $_SERVER['SERVER_NAME'], $message);
$message = str_ireplace('{BASE URL}', APPHP_BASE, $message);
$email_to_parts = explode('|', $email_to_req);
$email_to = isset($email_to_parts[0]) ? $email_to_parts[0] : '';
$email_to_subtype = isset($email_to_parts[1]) ? $email_to_parts[1] : '';
if ($email_to_subtype == 'all') {
$member_where_clause = '';
} else {
if ($email_to_subtype == 'uncategorized') {
$member_where_clause = 'group_id=0 AND';
} else {
if ($email_to_subtype != '') {
$member_where_clause = 'group_id=' . $email_to_subtype . ' AND';
} else {
$member_where_clause = '';
}
}
}
if ($email_to == 'test') {
$emails_total = '1';
if (send_email_wo_template($admin_email, $admin_email, $subject, $message)) {
$emails_sent = '1';
}
} else {
$result = database_query('SELECT COUNT(*) as cnt FROM ' . $this->TABLE_NAME . ' WHERE is_active = 1 AND ' . $member_where_clause . ' email_notifications = 1 AND email != \'\'', DATA_ONLY, FIRST_ROW_ONLY);
$members_emails_total = $result['cnt'];
$result = database_query('SELECT COUNT(*) as cnt FROM ' . TABLE_ACCOUNTS . ' WHERE is_active = 1 AND email != \'\'', DATA_ONLY, FIRST_ROW_ONLY);
$admins_emails_total = $result['cnt'];
$result = database_query('SELECT COUNT(*) as cnt FROM ' . TABLE_NEWS_SUBSCRIBED . ' WHERE email != \'\'', DATA_ONLY, FIRST_ROW_ONLY);
$newsletter_email_total = $result['cnt'];
if ($email_to == 'members') {
$emails_total = $members_emails_total;
} else {
if ($email_to == 'admins') {
$emails_total = $admins_emails_total;
} else {
if ($email_to == 'all') {
$emails_total = $members_emails_total + $admins_emails_total;
} else {
if ($email_to == 'newsletter_subscribers') {
$emails_total = $newsletter_email_total;
}
}
}
}
if ($email_to == 'members' || $email_to == 'all') {
$sql = 'SELECT id, first_name, last_name, email, user_name
FROM ' . $this->TABLE_NAME . '
WHERE is_active = 1 AND ' . $member_where_clause . ' email_notifications = 1 AND email != \'\'
ORDER BY id ASC';
$result = database_query($sql, DATA_AND_ROWS, ALL_ROWS);
for ($i = 0; $i < $result[1]; $i++) {
$body_middle = str_ireplace('{FIRST NAME}', $result[0][$i]['first_name'], $message);
$body_middle = str_ireplace('{LAST NAME}', $result[0][$i]['last_name'], $body_middle);
$body_middle = str_ireplace('{USER NAME}', $result[0][$i]['user_name'], $body_middle);
$body_middle = str_ireplace('{USER EMAIL}', $result[0][$i]['email'], $body_middle);
if (send_email_wo_template($result[0][$i]['email'], $admin_email, $subject, $body_middle)) {
$emails_sent++;
}
}
}
if ($email_to == 'admins' || $email_to == 'all') {
$sql = 'SELECT id, first_name, last_name, email, user_name
FROM ' . TABLE_ACCOUNTS . '
WHERE is_active = 1 AND email != \'\'
ORDER BY id ASC';
$result = database_query($sql, DATA_AND_ROWS, ALL_ROWS);
for ($i = 0; $i < $result[1]; $i++) {
$body_middle = str_ireplace('{FIRST NAME}', $result[0][$i]['first_name'], $message);
$body_middle = str_ireplace('{LAST NAME}', $result[0][$i]['last_name'], $body_middle);
$body_middle = str_ireplace('{USER NAME}', $result[0][$i]['user_name'], $body_middle);
$body_middle = str_ireplace('{USER EMAIL}', $result[0][$i]['email'], $body_middle);
if (send_email_wo_template($result[0][$i]['email'], $admin_email, $subject, $body_middle)) {
$emails_sent++;
}
}
}
if ($email_to == 'newsletter_subscribers') {
$sql = 'SELECT email FROM ' . TABLE_NEWS_SUBSCRIBED . ' WHERE email != \'\' ORDER BY id ASC';
$result = database_query($sql, DATA_AND_ROWS, ALL_ROWS);
for ($i = 0; $i < $result[1]; $i++) {
$body_middle = $message;
if (send_email_wo_template($result[0][$i]['email'], $admin_email, $subject, $body_middle)) {
$emails_sent++;
}
}
}
if ($send_copy_to_admin == '1') {
send_email_wo_template($admin_email, $admin_email, $subject . ' (admin copy)', $message);
}
}
if ($emails_sent) {
Session::Set('email_random_code', $email_post_code);
$msg = str_replace('_SENT_', $emails_sent, _EMAILS_SUCCESSFULLY_SENT);
$msg = str_replace('_TOTAL_', $emails_total, $msg);
$this->error = false;
draw_success_message($msg);
} else {
$this->error = true;
draw_important_message(_EMAILS_SENT_ERROR);
}
} else {
draw_important_message(_EMAIL_FIELDS_EMPTY_ALERT);
}
}
/**
* Draws Contact Us form
* @param $draw
*/
public function DrawContactUsForm($draw = true)
{
global $objSettings, $objSiteDescription, $objLogin;
$align_left = Application::Get('defined_left');
$align_right = Application::Get('defined_right');
if (!Modules::IsModuleInstalled('contact_us')) {
return '';
}
$output = '';
$from_email = $objSettings->GetParameter('admin_email');
$admin_email = ModulesSettings::Get('contact_us', 'email');
$delay_length = ModulesSettings::Get('contact_us', 'delay_length');
$is_send_delay = ModulesSettings::Get('contact_us', 'is_send_delay');
$image_verification = ModulesSettings::Get('contact_us', 'image_verification_allow');
$focus_element = '';
// post fields
$task = isset($_POST['task']) ? prepare_input($_POST['task']) : '';
$first_name = isset($_POST['first_name']) ? prepare_input($_POST['first_name']) : '';
$last_name = isset($_POST['last_name']) ? prepare_input($_POST['last_name']) : '';
$email = isset($_POST['email']) ? prepare_input($_POST['email']) : '';
$phone = isset($_POST['phone']) ? prepare_input($_POST['phone']) : '';
$subject = isset($_POST['subject']) ? prepare_input($_POST['subject']) : '';
$message = isset($_POST['message']) ? prepare_input($_POST['message']) : '';
$captcha_code = isset($_POST['captcha_code']) ? prepare_input($_POST['captcha_code']) : '';
$msg = '';
$contact_mail_sent = (bool) Session::Get('contact_mail_sent');
$contact_mail_sent_time = Session::Get('contact_mail_sent_time');
if ($image_verification == 'yes') {
include_once 'modules/captcha/securimage.php';
$objImg = new Securimage();
}
if ($task == 'contact') {
$time_elapsed = time_diff(date('Y-m-d H:i:s'), $contact_mail_sent_time);
if ($contact_mail_sent && $is_send_delay == 'yes' && $time_elapsed < $delay_length) {
$msg = draw_message(str_replace('_WAIT_', $delay_length - $time_elapsed, _CONTACT_US_ALREADY_SENT), false);
} else {
if ($first_name == '') {
$msg = draw_important_message(_FIRST_NAME_EMPTY_ALERT, false);
$focus_element = 'first_name';
} else {
if ($last_name == '') {
$msg = draw_important_message(_LAST_NAME_EMPTY_ALERT, false);
$focus_element = 'last_name';
} else {
if ($email == '') {
$msg = draw_important_message(_EMAIL_EMPTY_ALERT, false);
$focus_element = 'email';
} else {
if ($email != '' && !check_email_address($email)) {
$msg = draw_important_message(_EMAIL_VALID_ALERT, false);
$focus_element = 'email';
} else {
if ($subject == '') {
$msg = draw_important_message(_SUBJECT_EMPTY_ALERT, false);
$focus_element = 'subject';
#}else if($phone == ''){
# $msg = draw_important_message(str_replace('_FIELD_', _PHONE, _FIELD_CANNOT_BE_EMPTY), false);
# $focus_element = 'phone';
} else {
if ($message == '') {
$msg = draw_important_message(_MESSAGE_EMPTY_ALERT, false);
$focus_element = 'message';
} else {
if (strlen($message) > 1024) {
$msg = draw_important_message(str_replace(array('_FIELD_', '_LENGTH_'), array('<b>' . _MESSAGE . '</b>', 1024), _FIELD_LENGTH_EXCEEDED), false);
$focus_element = 'message';
} else {
if ($image_verification == 'yes' && !$objImg->check($captcha_code)) {
$msg = draw_important_message(_WRONG_CODE_ALERT, false);
$focus_element = 'captcha_code';
}
}
}
}
}
}
}
}
// deny all operations in demo version
if (strtolower(SITE_MODE) == 'demo') {
$msg = draw_important_message(_OPERATION_BLOCKED, false);
}
if ($msg == '') {
////////////////////////////////////////////////////////////
send_email_wo_template($admin_email, $from_email, 'Question from visitor (via Contact Us - ' . $objSiteDescription->GetParameter('header_text') . ')', _FIRST_NAME . ': ' . str_replace('\\', '', $first_name) . '<br />' . _LAST_NAME . ': ' . str_replace('\\', '', $last_name) . '<br />' . _EMAIL_ADDRESS . ': ' . str_replace('\\', '', $email) . '<br />' . _PHONE . ': ' . str_replace('\\', '', $phone) . '<br />' . _SUBJECT . ': ' . str_replace('\\', '', $subject) . '<br />' . _MESSAGE . ': ' . str_replace('\\', '', $message));
////////////////////////////////////////////////////////////
$msg = draw_success_message(_CONTACT_US_EMAIL_SENT, false);
Session::Set('contact_mail_sent', true);
Session::Set('contact_mail_sent_time', date('Y-m-d H:i:s'));
$first_name = $last_name = $email = $phone = $subject = $message = '';
}
}
}
$output .= ($msg != '' ? $msg . '<br />' : '') . '
<form method="post" name="frmContactUs" id="frmContactUs">
' . draw_hidden_field('task', 'contact', false) . '
' . draw_token_field(false) . '
<table class="tblContactUs" border="0" width="99%">
<tbody>
<tr>
<td width="25%" align="' . $align_right . '">' . _FIRST_NAME . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="first_name" name="first_name" size="34" maxlength="40" value="' . decode_text($first_name) . '" autocomplete="off" /></td>
</tr>
<tr>
<td align="' . $align_right . '">' . _LAST_NAME . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="last_name" name="last_name" size="34" maxlength="40" value="' . decode_text($last_name) . '" autocomplete="off" /></td>
</tr>
<tr>
<td align="' . $align_right . '">' . _EMAIL_ADDRESS . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="email" name="email" size="34" maxlength="70" value="' . decode_text($email) . '" autocomplete="off" /></td>
</tr>
<tr>
<td align="' . $align_right . '">' . _PHONE . ':</td>
<td></td>
<td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="phone" name="phone" size="22" maxlength="40" value="' . decode_text($phone) . '" autocomplete="off" /></td>
</tr>
<tr>
<td align="' . $align_right . '">' . _SUBJECT . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="subject" name="subject" style="width:385px;" maxlength="128" value="' . decode_text($subject) . '" autocomplete="off" /></td>
</tr>
<tr valign="top">
<td align="' . $align_right . '">' . _MESSAGE . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . $align_left . '">
<textarea id="message" name="message" style="width:385px;" maxlength="1024" rows="8">' . $message . '</textarea>
</td>
</tr>
<tr>
<td colspan="2"></td>
<td>';
if ($image_verification == 'yes') {
$output .= '<table border="0">
<tr>
<td>
<img id="captcha_image" src="' . APPHP_BASE . 'modules/captcha/securimage_show.php?sid=' . md5(uniqid(time())) . '" />
</td>
<td width="30px" align="center">
<img style="cursor:pointer; padding:0px; margin:0px;" id="captcha_image_reload"
src="modules/captcha/images/refresh.gif" style="cursor:pointer;"
onclick="document.getElementById(\'captcha_image\').src = \'modules/captcha/securimage_show.php?sid=\' + Math.random(); appSetFocus(\'captcha_code\'); return false;" title="' . _REFRESH . '" alt="' . _REFRESH . '" /><br />
<a href="modules/captcha/securimage_play.php"><img border="0" style="padding:0px; margin:0px;" id="captcha_image_play" src="modules/captcha/images/audio_icon.gif" title="' . _PLAY . '" alt="' . _PLAY . '" /></a>
</td>
<td align="left">
' . _TYPE_CHARS . '<br />
<input type="text" name="captcha_code" id="captcha_code" style="width:175px;margin-top:5px;" value="" maxlength="20" autocomplete="off" />
</td>
</tr>
</table>';
}
$output .= '</td>
</tr>
<tr><td height="25" nowrap colspan="3"></td></tr>
<tr>
<td colspan="3" align="center">
<input type="submit" ' . ($objLogin->IsLoggedInAsAdmin() ? 'disabled' : '') . ' class="form_button" name="btnSubmitPD" id="btnSubmitPD" value="' . _SEND . '" />
</td>
</tr>
<tr><td height="25" nowrap colspan="3"></td></tr>
</table>
</form>';
if ($focus_element != '') {
$output .= '<script type="text/javascript">appSetFocus(\'' . $focus_element . '\');</script>';
}
if ($draw) {
echo $output;
} else {
return $output;
}
}
