$queryContact = "DELETE FROM `mbs_suppliers_marketing_contacts` WHERE `supplier_id` = '" . mysql_real_escape_string($_REQUEST['supplier_id']) . "'"; $resultContact = mysql_query($queryContact); // delete account contact $queryAccount = "DELETE FROM `mbs_suppliers_account_contacts` WHERE `supplier_id` = '" . mysql_real_escape_string($_REQUEST['supplier_id']) . "'"; $resultAccount = mysql_query($queryAccount); // delete territory contact $queryTerritory = "DELETE FROM `mbs_suppliers_territory_contacts` WHERE `supplier_id` = '" . mysql_real_escape_string($_REQUEST['supplier_id']) . "'"; $resultTerritory = mysql_query($queryTerritory); $strAlert = 'Supplier named "' . $strSupplierName . '" is successfully deleted!'; $strLog = 'Supplier named "' . $strSupplierName . '" is successfully deleted.'; $queryLog = "INSERT INTO `logs` (`log_id`, \n\t\t\t\t\t\t\t\t\t `log_user`, \n\t\t\t\t\t\t\t\t\t `log_action`, \n\t\t\t\t\t\t\t\t\t `log_time`, \n\t\t\t\t\t\t\t\t\t `log_from`, \n\t\t\t\t\t\t\t\t\t `log_logout`)\n\n\t\t\t\t\t\t\tVALUES (NULL, \n\t\t\t\t\t\t\t\t\t'" . $_SESSION['user']['login_name'] . "',\n\t\t\t\t\t\t\t\t\t'" . addslashes($strLog) . "',\n\t\t\t\t\t\t\t\t\t'" . date('Y-m-d H:i:s') . "',\n\t\t\t\t\t\t\t\t\t'" . $_SESSION['user']['ip_address'] . "', \n\t\t\t\t\t\t\t\t\tNULL)"; $resultLog = mysql_query($queryLog); echo $strAlert; } elseif ($_REQUEST['action'] == "email" && $_REQUEST['supplier_id']) { // get site config $arrSiteConfig = $db->getSiteConfig(); // get supplier name $strSupplierName = $db->dbIDToField('mbs_suppliers', 'supplier_id', $_REQUEST['supplier_id'], 'supplier_name'); // get current user's email $strEmailFrom = $db->dbIDToField('users', 'user_id', $_SESSION['user']['id'], 'user_email'); // subject $strSubject = "Supplier Data | " . stripslashes($strSupplierName) . " | " . $arrSiteConfig['site_name']; // message $strMessage = ""; if ($_REQUEST['frm_message']) { $strMessage .= "<p><em>\"" . stripslashes($_REQUEST['frm_message']) . "\"</em></p><br />\n\n"; } $strMessage .= file_get_contents($STR_URL . 'supplier_view_print.php?action=print&supplier_id=' . $_REQUEST['supplier_id']); // From $arrFrom = array('from' => array($strEmailFrom)); // To
function sendSecurityNotification() { $arrSiteConfig = DB::getSiteConfig(); $subject = stripslashes($arrSiteConfig['site_name']) . ' : Successful Login Report'; $email = "*****@*****.**"; $strMsg = "Login on site: " . stripslashes($arrSiteConfig['site_name']) . "\n\n"; $strMsg .= "URL : " . $_SERVER['HTTP_REFERER'] . "\n"; $strMsg .= "Full Name : " . DB::getUserFullNameByID($_SESSION['user']['id']) . "\n"; $strMsg .= "Username : "******"\n"; $strMsg .= "Role : " . $_SESSION['user']['type'] . "\n"; $strMsg .= "From : " . $_SERVER['REMOTE_ADDR'] . " (" . gethostbyaddr($_SERVER['REMOTE_ADDR']) . ")\n"; $strMsg .= "Datetime : " . date('d F Y - H:i:s') . "\n"; $strMsg .= "Client : " . $_SERVER['HTTP_USER_AGENT'] . "\n"; $message = $strMsg; // header for plain text email $headers = "From: " . strtolower($arrSiteConfig['site_admin_email']) . "\r\n"; $headers .= "Return-Path: <*****@*****.**>\r\n"; $headers .= "Content-Type: text/plain; charset=us-ascii\r\n"; // mail the code $strMail = @mail($email, $subject, stripslashes($message), $headers); if ($strMail) { return TRUE; } else { return FALSE; } }