From b17cc67ee9cf6f83c2360da16fb53231203ada8a Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Wed, 23 May 2012 12:41:54 -0400
Subject: [PATCH] - Added group (we call groups "circles" so that users don't mix them up with user groups) feature to client messaging section so that messages can be sent to either all clients/resellers or to groups of clients/resellers. TODO: add circle access control so that 1) a reseller can create circles that contain only his clients, not all clients, and 2) a reseller can send messages only to his own circles instead of all circles.

---
 interface/web/client/client_message.php |   39 ++++++++++++++++++++++++++++++++-------
 1 files changed, 32 insertions(+), 7 deletions(-)

diff --git a/interface/web/client/client_message.php b/interface/web/client/client_message.php
index f555c99..f9dd60e 100644
--- a/interface/web/client/client_message.php
+++ b/interface/web/client/client_message.php
@@ -59,13 +59,28 @@
 	
 	//* Send message
 	if($error == '') {
-		//* Select all clients and resellers
-		if($_SESSION["s"]["user"]["typ"] == 'admin'){
-			$sql = "SELECT * FROM client WHERE email != ''";
+		if(intval($_POST['recipient']) > 0){
+			$circle = $app->db->queryOneRecord("SELECT client_ids FROM client_circle WHERE active = 'y' AND circle_id = ".intval($_POST['recipient']));
+			if(isset($circle['client_ids']) && $circle['client_ids'] != ''){
+				$tmp_client_ids = explode(',',$circle['client_ids']);
+				$where = array();
+				foreach($tmp_client_ids as $tmp_client_id){
+					$where[] = 'client_id = '.$tmp_client_id;
+				}
+				if(!empty($where)) $where_clause = ' AND ('.implode(' OR ', $where).')';
+				$sql = "SELECT * FROM client WHERE email != ''".$where_clause;
+			} else {
+				$sql = "SELECT * FROM client WHERE 0";
+			}
 		} else {
-			$client_id = intval($_SESSION['s']['user']['client_id']);
-			if($client_id == 0) die('Invalid Client ID.');
-			$sql = "SELECT * FROM client WHERE email != '' AND parent_client_id = '$client_id'";
+			//* Select all clients and resellers
+			if($_SESSION["s"]["user"]["typ"] == 'admin'){
+				$sql = "SELECT * FROM client WHERE email != ''";
+			} else {
+				$client_id = intval($_SESSION['s']['user']['client_id']);
+				if($client_id == 0) die('Invalid Client ID.');
+				$sql = "SELECT * FROM client WHERE email != '' AND parent_client_id = '$client_id'";
+			}
 		}
 		
 		//* Get clients
@@ -73,7 +88,6 @@
 		if(is_array($clients)) {
 			$msg = $wb['email_sent_to_txt'].' ';
 			foreach($clients as $client) {
-				
 				//* Parse cleint details into message
 				$message = $_POST['message'];
 				foreach($client as $key => $val) {
@@ -94,6 +108,17 @@
 	}
 }
 
+// Recipient Drop-Down
+$recipient = '<option value="0">'.$wb['all_clients_resellers_txt'].'</option>';
+$sql = "SELECT * FROM client_circle WHERE active = 'y'";
+$circles = $app->db->queryAllRecords($sql);
+if(is_array($circles) && !empty($circles)){
+	foreach($circles as $circle){
+		$recipient .= '<option value="'.$circle['circle_id'].'">'.$circle['circle_name'].'</option>';
+	}
+}
+$app->tpl->setVar('recipient',$recipient);
+
 if($_SESSION["s"]["user"]["typ"] == 'admin'){
 	$app->tpl->setVar('form_legend_txt',$wb['form_legend_admin_txt']);
 } else {

--
Gitblit v1.9.1