auth->check_module_permissions('client'); //* This function is not available in demo mode if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.'); $app->uses('tpl,tform'); $app->tpl->newTemplate('form.tpl.htm'); $app->tpl->setInclude('content_tpl', 'templates/client_message.htm'); //* load language file $lng_file = 'lib/lang/'.$_SESSION['s']['language'].'_client_message.lng'; include($lng_file); $app->tpl->setVar($wb); $msg = ''; $error = ''; //* Save data if(isset($_POST) && count($_POST) > 1) { //* Check values if(!preg_match("/^\w+[\w\.\-\+]*\w{0,}@\w+[\w.-]*\w+\.[a-zA-Z0-9\-]{2,30}$/i", $_POST['sender'])) $error .= $wb['sender_invalid_error'].'
'; if(empty($_POST['subject'])) $error .= $wb['subject_invalid_error'].'
'; if(empty($_POST['message'])) $error .= $wb['message_invalid_error'].'
'; //* Send message if($error == '') { if($app->functions->intval($_POST['recipient']) > 0){ $circle = $app->db->queryOneRecord("SELECT client_ids FROM client_circle WHERE active = 'y' AND circle_id = ".$app->functions->intval($_POST['recipient'])." AND ".$app->tform->getAuthSQL('r')); if(isset($circle['client_ids']) && $circle['client_ids'] != ''){ $tmp_client_ids = explode(',',$circle['client_ids']); $where = array(); foreach($tmp_client_ids as $tmp_client_id){ $where[] = 'client_id = '.$tmp_client_id; } if(!empty($where)) $where_clause = ' AND ('.implode(' OR ', $where).')'; $sql = "SELECT * FROM client WHERE email != ''".$where_clause; } else { $sql = "SELECT * FROM client WHERE 0"; } } else { //* Select all clients and resellers if($_SESSION["s"]["user"]["typ"] == 'admin'){ $sql = "SELECT * FROM client WHERE email != ''"; } else { $client_id = $app->functions->intval($_SESSION['s']['user']['client_id']); if($client_id == 0) die('Invalid Client ID.'); $sql = "SELECT * FROM client WHERE email != '' AND parent_client_id = '$client_id'"; } } //* Get clients $clients = $app->db->queryAllRecords($sql); if(is_array($clients)) { $msg = $wb['email_sent_to_txt'].' '; foreach($clients as $client) { //* Parse client details into message $message = $_POST['message']; foreach($client as $key => $val) { if($key != 'password'){ $message = str_replace('{'.$key.'}', $val, $message); } else { $message = str_replace('{'.$key.'}', '---', $message); } } //* Send the email $app->functions->mail($client['email'], $_POST['subject'], $message, $_POST['sender']); $msg .= $client['email'].', '; } $msg = substr($msg,0,-2); } } else { $app->tpl->setVar('sender',$_POST['sender']); $app->tpl->setVar('subject',$_POST['subject']); $app->tpl->setVar('message',$_POST['message']); } } else { // pre-fill Sender field with reseller's email address if($_SESSION["s"]["user"]["typ"] != 'admin'){ $client_id = $app->functions->intval($_SESSION['s']['user']['client_id']); if($client_id > 0){ $sql = "SELECT email FROM client WHERE client_id = ".$client_id; $client = $app->db->queryOneRecord($sql); if($client['email'] != '') $app->tpl->setVar('sender',$client['email']); } } } // Recipient Drop-Down $recipient = 'functions->intval($_POST['recipient']) == 0 ? ' selected="selected"' : '').'>'.($_SESSION["s"]["user"]["typ"] == 'admin'? $wb['all_clients_resellers_txt'] : $wb['all_clients_txt']).''; $sql = "SELECT * FROM client_circle WHERE active = 'y' AND ".$app->tform->getAuthSQL('r'); $circles = $app->db->queryAllRecords($sql); if(is_array($circles) && !empty($circles)){ foreach($circles as $circle){ $recipient .= 'functions->intval($_POST['recipient']) == $circle['circle_id'] ? ' selected="selected"' : '').'>'.$circle['circle_name'].''; } } $app->tpl->setVar('recipient',$recipient); if($_SESSION["s"]["user"]["typ"] == 'admin'){ $app->tpl->setVar('form_legend_txt',$wb['form_legend_admin_txt']); } else { $app->tpl->setVar('form_legend_txt',$wb['form_legend_client_txt']); } //message variables $message_variables = ''; $sql = "SHOW COLUMNS FROM client WHERE Field NOT IN ('client_id', 'sys_userid', 'sys_groupid', 'sys_perm_user', 'sys_perm_group', 'sys_perm_other', 'password', 'parent_client_id', 'id_rsa', 'ssh_rsa', 'created_at', 'default_mailserver', 'default_webserver', 'web_php_options', 'ssh_chroot', 'default_dnsserver', 'default_dbserver', 'template_master', 'template_additional') AND Field NOT LIKE 'limit_%'"; $field_names = $app->db->queryAllRecords($sql); if(!empty($field_names) && is_array($field_names)){ foreach($field_names as $field_name){ if($field_name['Field'] != '') $message_variables .= '{'.$field_name['Field'].'} '; } } $app->tpl->setVar('message_variables',trim($message_variables)); $app->tpl->setVar('okmsg',$msg); $app->tpl->setVar('error',$error); $app->tpl_defaults(); $app->tpl->pparse(); ?>