From 7d52e00a51450bc4a080d4e21b7dda02c0a65191 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 14 Nov 2013 05:42:06 -0500
Subject: [PATCH] Fixed list sorting

---
 interface/web/client/client_message.php |   81 +++++++++++++++++++++++++++++++++++-----
 1 files changed, 71 insertions(+), 10 deletions(-)

diff --git a/interface/web/client/client_message.php b/interface/web/client/client_message.php
index f555c99..73c43bb 100644
--- a/interface/web/client/client_message.php
+++ b/interface/web/client/client_message.php
@@ -36,7 +36,7 @@
 //* This function is not available in demo mode
 if($conf['demo_mode'] == true) $app->error('This function is disabled in demo mode.');
 
-$app->uses('tpl');
+$app->uses('tpl,tform');
 
 $app->tpl->newTemplate('form.tpl.htm');
 $app->tpl->setInclude('content_tpl', 'templates/client_message.htm');
@@ -59,13 +59,28 @@
 	
 	//* Send message
 	if($error == '') {
-		//* Select all clients and resellers
-		if($_SESSION["s"]["user"]["typ"] == 'admin'){
-			$sql = "SELECT * FROM client WHERE email != ''";
+		if($app->functions->intval($_POST['recipient']) > 0){
+			$circle = $app->db->queryOneRecord("SELECT client_ids FROM client_circle WHERE active = 'y' AND circle_id = ".$app->functions->intval($_POST['recipient'])." AND ".$app->tform->getAuthSQL('r'));
+			if(isset($circle['client_ids']) && $circle['client_ids'] != ''){
+				$tmp_client_ids = explode(',',$circle['client_ids']);
+				$where = array();
+				foreach($tmp_client_ids as $tmp_client_id){
+					$where[] = 'client_id = '.$tmp_client_id;
+				}
+				if(!empty($where)) $where_clause = ' AND ('.implode(' OR ', $where).')';
+				$sql = "SELECT * FROM client WHERE email != ''".$where_clause;
+			} else {
+				$sql = "SELECT * FROM client WHERE 0";
+			}
 		} else {
-			$client_id = intval($_SESSION['s']['user']['client_id']);
-			if($client_id == 0) die('Invalid Client ID.');
-			$sql = "SELECT * FROM client WHERE email != '' AND parent_client_id = '$client_id'";
+			//* Select all clients and resellers
+			if($_SESSION["s"]["user"]["typ"] == 'admin'){
+				$sql = "SELECT * FROM client WHERE email != ''";
+			} else {
+				$client_id = $app->functions->intval($_SESSION['s']['user']['client_id']);
+				if($client_id == 0) die('Invalid Client ID.');
+				$sql = "SELECT * FROM client WHERE email != '' AND parent_client_id = '$client_id'";
+			}
 		}
 		
 		//* Get clients
@@ -73,11 +88,19 @@
 		if(is_array($clients)) {
 			$msg = $wb['email_sent_to_txt'].' ';
 			foreach($clients as $client) {
-				
-				//* Parse cleint details into message
+				//* Parse client details into message
 				$message = $_POST['message'];
 				foreach($client as $key => $val) {
-					$message = str_replace('{'.$key.'}', $val, $message);
+					switch ($key) {
+						case 'password':
+							$message = str_replace('{'.$key.'}', '---', $message);
+							break;
+						case 'gender':
+							$message = str_replace('{salutation}', $wb['gender_'.$val.'_txt'], $message);
+							break;
+						default:
+							$message = str_replace('{'.$key.'}', $val, $message);
+					}
 				}
 				
 				//* Send the email
@@ -92,7 +115,28 @@
 		$app->tpl->setVar('subject',$_POST['subject']);
 		$app->tpl->setVar('message',$_POST['message']);
 	}
+} else {
+	// pre-fill Sender field with reseller's email address
+	if($_SESSION["s"]["user"]["typ"] != 'admin'){
+		$client_id = $app->functions->intval($_SESSION['s']['user']['client_id']);
+		if($client_id > 0){
+			$sql = "SELECT email FROM client WHERE client_id = ".$client_id;
+			$client = $app->db->queryOneRecord($sql);
+			if($client['email'] != '') $app->tpl->setVar('sender',$client['email']);
+		}
+	}
 }
+
+// Recipient Drop-Down
+$recipient = '<option value="0"'.($app->functions->intval($_POST['recipient']) == 0 ? ' selected="selected"' : '').'>'.($_SESSION["s"]["user"]["typ"] == 'admin'? $wb['all_clients_resellers_txt'] : $wb['all_clients_txt']).'</option>';
+$sql = "SELECT * FROM client_circle WHERE active = 'y' AND ".$app->tform->getAuthSQL('r');
+$circles = $app->db->queryAllRecords($sql);
+if(is_array($circles) && !empty($circles)){
+	foreach($circles as $circle){
+		$recipient .= '<option value="'.$circle['circle_id'].'"'.($app->functions->intval($_POST['recipient']) == $circle['circle_id'] ? ' selected="selected"' : '').'>'.$circle['circle_name'].'</option>';
+	}
+}
+$app->tpl->setVar('recipient',$recipient);
 
 if($_SESSION["s"]["user"]["typ"] == 'admin'){
 	$app->tpl->setVar('form_legend_txt',$wb['form_legend_admin_txt']);
@@ -100,6 +144,23 @@
 	$app->tpl->setVar('form_legend_txt',$wb['form_legend_client_txt']);
 }
 
+//message variables
+$message_variables = '';
+$sql = "SHOW COLUMNS FROM client WHERE Field NOT IN ('client_id', 'sys_userid', 'sys_groupid', 'sys_perm_user', 'sys_perm_group', 'sys_perm_other', 'password', 'parent_client_id', 'id_rsa', 'ssh_rsa', 'created_at', 'default_mailserver', 'default_webserver', 'web_php_options', 'ssh_chroot', 'default_dnsserver', 'default_dbserver', 'template_master', 'template_additional') AND Field NOT LIKE 'limit_%'";
+$field_names = $app->db->queryAllRecords($sql);
+if(!empty($field_names) && is_array($field_names)){
+	foreach($field_names as $field_name){
+		if($field_name['Field'] != ''){
+			if($field_name['Field'] == 'gender'){
+				$message_variables .= '<a href="javascript:void(0);" class="addPlaceholder">{salutation}</a> ';
+			} else {
+				$message_variables .= '<a href="javascript:void(0);" class="addPlaceholder">{'.$field_name['Field'].'}</a> ';
+			}
+		}
+	}
+}
+$app->tpl->setVar('message_variables',trim($message_variables));
+
 $app->tpl->setVar('okmsg',$msg);
 $app->tpl->setVar('error',$error);
 

--
Gitblit v1.9.1