Security line in all includes changed
[mailer.git] / inc / modules / admin / what-admins_mails.php
1 <?php
2 /************************************************************************
3  * MXChange v0.2.1                                    Start: 08/14/2004 *
4  * ================                             Last change: 10/22/2004 *
5  *                                                                      *
6  * -------------------------------------------------------------------- *
7  * File              : what-admins_mails.php                            *
8  * -------------------------------------------------------------------- *
9  * Short description : Control which admin shall receive which mail     *
10  * -------------------------------------------------------------------- *
11  * Kurzbeschreibung  : Stellen Sie ein, welcher Admin welche Mail erh.  *
12  * -------------------------------------------------------------------- *
13  *                                                                      *
14  * -------------------------------------------------------------------- *
15  * Copyright (c) 2003 - 2008 by Roland Haeder                           *
16  * For more information visit: http://www.mxchange.org                  *
17  *                                                                      *
18  * This program is free software; you can redistribute it and/or modify *
19  * it under the terms of the GNU General Public License as published by *
20  * the Free Software Foundation; either version 2 of the License, or    *
21  * (at your option) any later version.                                  *
22  *                                                                      *
23  * This program is distributed in the hope that it will be useful,      *
24  * but WITHOUT ANY WARRANTY; without even the implied warranty of       *
25  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        *
26  * GNU General Public License for more details.                         *
27  *                                                                      *
28  * You should have received a copy of the GNU General Public License    *
29  * along with this program; if not, write to the Free Software          *
30  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,               *
31  * MA  02110-1301  USA                                                  *
32  ************************************************************************/
33
34 // Some security stuff...
35 if ((!defined('__SECURITY')) || (!IS_ADMIN())) {
36         $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
37         require($INC);
38 }
39
40 // Add description as navigation point
41 ADD_DESCR("admin", basename(__FILE__));
42
43 if (isset($_POST['edit']))
44 {
45         // Check if entires are checked
46         $SEL = SELECTION_COUNT($_POST['sel']);
47         if ($SEL > 0)
48         {
49                 // Add option for userlog
50                 $cacheArray['admins'] = ADD_OPTION_LINES("admins", "id", "login", "", "email");
51                 $SW = 2; $rowNameS = "";
52                 foreach ($_POST['sel'] as $template => $sel)
53                 {
54                         // First of all load data from DB
55                         $result = SQL_QUERY_ESC("SELECT admin_id, id FROM "._MYSQL_PREFIX."_admins_mails WHERE mail_template='%s' ORDER BY id",
56                          array($template), __FILE__, __LINE__);
57                         $OUT = ""; $aid = 0; $aid2 = 0;
58                         while (list($aid, $id) = SQL_FETCHROW($result))
59                         {
60                                 $OUT .= "<SELECT name=\"admin_id[".$id."]\" size=\"1\" class=\"admin_select\">
61 <OPTION value=\"0\"";
62                                 if ($aid == "0") $OUT .= " selected default";
63                                 $OUT .=">".ADMINS_ALL_ADMINS."</OPTION>\n";
64                                 if (EXT_IS_ACTIVE("userlog"))
65                                 {
66                                         $OUT .= "<OPTION value=\"-1\"";
67                                         if ($aid == "-1") $OUT .= " selected default";
68                                         $OUT .= ">".ADMINS_TO_USERLOG."</OPTION>\n";
69                                 }
70                                 $OUT .= ADD_OPTION_LINES("admins", "id", "login", $aid, "email");
71                                 $OUT .= "</SELECT><br />\n";
72                                 $aid2 = $aid; $id2 = $id;
73                         }
74
75                         // Free memory
76                         SQL_FREERESULT($result);
77
78                         $content = array(
79                                 'sw'      => $SW,
80                                 'id'      => $id,
81                                 'id2'     => $id2,
82                                 'tpl'     => $template,
83                                 'admins'  => $cacheArray['admins']
84                         );
85
86                         if ($aid2 > 0)
87                         {
88                                 // Add form for an additional admin
89                                 $OUT .= LOAD_TEMPLATE("admin_admins_mails_edit_form", true, $content);
90                         }
91                         // Save full rendered content
92                         $content['content'] = $OUT;
93
94                         // Start outputing line
95                         $rowNameS .= LOAD_TEMPLATE("admin_admins_mails_edit_row", true, $content);
96                         $SW = 3 - $SW;
97                 }
98                 define('__ADMINS_ROWS', $rowNameS);
99
100                 // Edit checked entries
101                 LOAD_TEMPLATE("admin_admins_mails_edit");
102         }
103          else
104         {
105                 // Nothing selected
106                 LOAD_TEMPLATE("admin_settings_saved", false, ADMINS_NO_MAIL_CHECKED);
107         }
108 }
109  else
110 {
111         // Load all assigned mails
112         $result = SQL_QUERY("SELECT DISTINCT m.id, m.admin_id, a.login, m.mail_template
113 FROM "._MYSQL_PREFIX."_admins_mails AS m
114 LEFT JOIN "._MYSQL_PREFIX."_admins AS a
115 ON m.admin_id=a.id
116 WHERE (m.admin_id=a.id OR m.admin_id < 1) AND m.mail_template != ''
117 ORDER BY m.admin_id, m.mail_template", __FILE__, __LINE__);
118
119         if (SQL_NUMROWS($result) > 0)
120         {
121                 // Shall I change entries?
122                 if (isset($_POST['change']))
123                 {
124                         // Ok, update database
125                         foreach ($_POST['admin_id'] as $id => $aid)
126                         {
127                                 // Secure IDs
128                                 $id  = bigintval($id);
129                                 $aid = bigintval($aid);
130
131                                 // Update entry
132                                 $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins_mails SET admin_id=%s WHERE id=%s ORDER BY id LIMIT 1",
133                                  array($aid, $id), __FILE__, __LINE__);
134
135                                 if (($aid < 1) && (!empty($_POST['template'][$id])))
136                                 {
137                                         // Remove any other admin entries
138                                         $result = SQL_QUERY_ESC("DELETE LOW_PRIORITY FROM "._MYSQL_PREFIX."_admins_mails WHERE mail_template='%s' AND id != '%s'",
139                                          array($_POST['template'][$id], $id), __FILE__, __LINE__);
140                                 }
141                                 if ($_POST['admin_new'][$_POST['template'][$id]] > 0)
142                                 {
143                                         // Add new admin
144                                         $result = SQL_QUERY_ESC("INSERT INTO "._MYSQL_PREFIX."_admins_mails (admin_id, mail_template) VALUES ('%s', '%s')",
145                                          array($aid, $_POST['template'][$id]), __FILE__, __LINE__);
146                                 }
147                         }
148
149                         // Query again...
150                         $result = SQL_QUERY("SELECT DISTINCT m.id, m.admin_id, a.login, m.mail_template FROM "._MYSQL_PREFIX."_admins_mails AS m, "._MYSQL_PREFIX."_admins AS a WHERE m.admin_id=a.id OR m.admin_id < 1 ORDER BY m.admin_id", __FILE__, __LINE__);
151                 }
152
153                 // List found entries
154                 $SW = 2; $OUT = "";
155                 while(list($id, $aid, $admin, $templ) = SQL_FETCHROW($result))
156                 {
157                         if ($aid > 0)
158                         {
159                                 // Admin assigned
160                                 $admin_link = "<A href=\"".URL."/modules.php?module=admin&amp;what=admins_contct&amp;admin=".$aid."\">".$admin."</A>";
161                         }
162                          elseif ($aid == 0)
163                         {
164                                 // All admins
165                                 $admin_link = "<I>".ADMINS_ALL_ADMINS."</I>";
166                         }
167                          elseif (($aid == -1) && (EXT_IS_ACTIVE("usrlog")))
168                         {
169                                 // To userlog
170                                 $admin_link = "<I>".ADMINS_TO_USERLOG."</I>";
171                         }
172                         $content = array(
173                                 'sw'   => $SW,
174                                 'tpl'  => $templ,
175                                 'alnk' => $admin_link
176                         );
177
178                         // Load row template
179                         $OUT .= LOAD_TEMPLATE("admin_admins_mails_list_row", true, $content);
180                         $SW = 3 - $SW;
181                 }
182
183                 // Free result
184                 SQL_FREERESULT($result);
185                 define('__MAILS_ROWS', $OUT);
186
187                 // Load template
188                 LOAD_TEMPLATE("admin_admins_mails_list");
189         }
190          else
191         {
192                 // No entries found
193                 LOAD_TEMPLATE("admin_settings_saved", false, ADMINS_MAILS_NO_ENTRIES);
194         }
195 }
196 //
197 ?>