| | |
|---|
| | | |
|---|
| | | //* Save data |
|---|
| | | if(isset($_POST) && count($_POST) > 1) { |
|---|
| | | |
|---|
| | | |
|---|
| | | //* CSRF Check |
|---|
| | | $app->auth->csrf_token_check(); |
|---|
| | | |
|---|
| | | //* Check values |
|---|
| | | if(!preg_match("/^\w+[\w\.\-\+]*\w{0,}@\w+[\w.-]*\w+\.[a-zA-Z0-9\-]{2,30}$/i", $_POST['sender'])) $error .= $wb['sender_invalid_error'].'<br />'; |
|---|
| | | if(empty($_POST['subject'])) $error .= $wb['subject_invalid_error'].'<br />'; |
|---|
| | |
|---|
| | | $tmp_client_ids = explode(',', $circle['client_ids']); |
|---|
| | | $where = array(); |
|---|
| | | foreach($tmp_client_ids as $tmp_client_id){ |
|---|
| | | $where[] = 'client_id = '.$tmp_client_id; |
|---|
| | | $where[] = 'client_id = '.$app->functions->intval($tmp_client_id); |
|---|
| | | } |
|---|
| | | if(!empty($where)) $where_clause = ' AND ('.implode(' OR ', $where).')'; |
|---|
| | | $sql = "SELECT * FROM client WHERE email != ''".$where_clause; |
|---|
| | |
|---|
| | | |
|---|
| | | //message variables |
|---|
| | | $message_variables = ''; |
|---|
| | | $sql = "SHOW COLUMNS FROM client WHERE Field NOT IN ('client_id', 'sys_userid', 'sys_groupid', 'sys_perm_user', 'sys_perm_group', 'sys_perm_other', 'password', 'parent_client_id', 'id_rsa', 'ssh_rsa', 'created_at', 'default_mailserver', 'default_webserver', 'web_php_options', 'ssh_chroot', 'default_dnsserver', 'default_dbserver', 'template_master', 'template_additional') AND Field NOT LIKE 'limit_%'"; |
|---|
| | | $sql = "SHOW COLUMNS FROM client WHERE Field NOT IN ('client_id', 'sys_userid', 'sys_groupid', 'sys_perm_user', 'sys_perm_group', 'sys_perm_other', 'password', 'parent_client_id', 'id_rsa', 'ssh_rsa', 'created_at', 'default_mailserver', 'default_webserver', 'web_php_options', 'ssh_chroot', 'default_dnsserver', 'default_dbserver', 'template_master', 'template_additional', 'force_suexec', 'default_slave_dnsserver', 'usertheme', 'locked', 'canceled', 'can_use_api', 'tmp_data', 'customer_no_template', 'customer_no_start', 'customer_no_counter', 'added_date', 'added_by') AND Field NOT LIKE 'limit_%'"; |
|---|
| | | $field_names = $app->db->queryAllRecords($sql); |
|---|
| | | if(!empty($field_names) && is_array($field_names)){ |
|---|
| | | foreach($field_names as $field_name){ |
|---|
| | |
|---|
| | | } |
|---|
| | | $app->tpl->setVar('message_variables', trim($message_variables)); |
|---|
| | | |
|---|
| | | //* SET csrf token |
|---|
| | | $csrf_token = $app->auth->csrf_token_get('client_message'); |
|---|
| | | $app->tpl->setVar('_csrf_id',$csrf_token['csrf_id']); |
|---|
| | | $app->tpl->setVar('_csrf_key',$csrf_token['csrf_key']); |
|---|
| | | |
|---|
| | | $app->tpl->setVar('okmsg', $msg); |
|---|
| | | $app->tpl->setVar('error', $error); |
|---|
| | | |
|---|
