<?php
/**************************************************************************
* *
* *
* Solution: eBlog *
* Release: 1.7 *
* File: admin/mail.php *
* By: Emuci inc. *
* Website: http://www.emuci.com *
* Copyright: (C) 2010 Emcui inc. *
* *
* *
**************************************************************************
* *
* *
* This script is NOT freeware and is subjected to Emuci terms of use *
* located in the docs folder. *
* *
* *
*************************************************************************/
include 'global.php';
$action = $_GET['action'];
$sp = $_GET['start'];
$id = $_GET['id'];
$limit = $_GET['limit'];
$refresh = $_GET['refresh'];
$todo = "";
if(empty($action))
{
$action = "inbox";
}
if($_SESSION['permission'] == 1){
// 1: List all emails
if($action == "inbox"){
$thisPageNav = " <img src=\"../images/icons/prev_$blog_dir.gif\"> <a href=\"mail.php\"><font face=\"tahoma\" style=\"font-size: 10pt;\">$lang_admin_link_6</font></a>";
$quicklinks = "<table width=\"100%\" border=\"0\" cellspacing=\"5\" cellpadding=\"1\">
<tr><td valign =\"top\" width=\"22\"><img src=\"../images/icons/icon_bullet.gif\"></td>
<td><a href=\"mail.php\"><font style=\"font-size: 0.7em;\" face=\"Tahoma\">$lang_admin_eBlogMail1</font></a></td>
</tr>
<tr><td valign =\"top\" width=\"22\"><img src=\"../images/icons/icon_bullet.gif\"></td>
<td><a href=\"mail.php?action=Send\" title=\"$lang_admin_eBlogMail2\" rel=\"gb_page_center[640, 500]\"><font style=\"font-size: 0.7em;\" face=\"Tahoma\">$lang_admin_eBlogMail2</font></a></td>
</tr>
<tr><td valign =\"top\" width=\"22\"><img src=\"../images/icons/icon_bullet.gif\"></td>
<td><a href=\"mail.php?action=Add\" title=\"$lang_admin_eBlogMail3\" rel=\"gb_page_center[640, 170]\"><font style=\"font-size: 0.7em;\" face=\"Tahoma\">$lang_admin_eBlogMail3</font></a></td>
</tr>
<tr><td valign =\"top\" width=\"22\"><img src=\"../images/icons/icon_bullet.gif\"></td>
<td><a href=\"mail.php?action=Import\" title=\"$lang_admin_eBlogMail4\" rel=\"gb_page_center[640, 300]\"><font style=\"font-size: 0.7em;\" face=\"Tahoma\">$lang_admin_eBlogMail4</font></a></td>
</tr>
<tr><td valign =\"top\" width=\"22\"><img src=\"../images/icons/icon_bullet.gif\"></td>
<td><a href=\"mail.php?action=Export\" title=\"$lang_admin_eBlogMail5\" rel=\"gb_page_center[640, 300]\"><font style=\"font-size: 0.7em;\" face=\"Tahoma\">$lang_admin_eBlogMail5</font></a></td>
</tr>
<tr><td valign =\"top\" width=\"22\"><img src=\"../images/icons/icon_bullet.gif\"></td>
<td><a href=\"mail.php?action=List\" title=\"$lang_admin_eBlogMail6\" rel=\"gb_page_center[640, 400]\"><font style=\"font-size: 0.7em;\" face=\"Tahoma\">$lang_admin_eBlogMail6</font></a></td>
</tr>
</table>";
$inbox =
"
<script language=\"javascript\">
function rusure(toDelete, sp){
question = confirm(\"$lang_admin_confirmDeleteMessage\")
if (question !=\"0\"){
top.location = \"mail.php?action=DeleteMessage&id=\" + toDelete + \"&start=\" + sp;
}
}
function goPrev(spoint){
link = \"mail.php?start=\" + spoint;
window.location = link;
}
function goNext(spoint){
link = \"mail.php?start=\" + spoint;
window.location = link;
}
</script>
<table bordercolor=\"#727272\" style=\"border-collapse: collapse\" width=\"100%\" cellSpacing=\"0\" cellPadding=\"4\" border=\"1\">
<tr background=\"../images/icons/disc_bar.gif\">
<td width=\"30\" align=\"center\" background=\"../images/icons/disc_bar.gif\"><font style=\"font-size: 0.8em;\" face=\"Tahoma\" color=\"#ffffff\">$lang_admin_id</font></td>
<td width=\"20\" align=\"center\" background=\"../images/icons/disc_bar.gif\"><font style=\"font-size: 0.8em;\" face=\"Tahoma\" color=\"#ffffff\">$lang_admin_status</font></td>
<td align=\"center\" background=\"../images/icons/disc_bar.gif\"><font style=\"font-size: 0.8em;\" face=\"Tahoma\" color=\"#ffffff\">$lang_admin_title</font></td>
<td width=\"120\" background=\"../images/icons/disc_bar.gif\" align=\"center\"><font style=\"font-size: 0.8em;\" face=\"Tahoma\" color=\"#ffffff\">$lang_admin_from</font></td>
<td width=\"120\" background=\"../images/icons/disc_bar.gif\" align=\"center\"><font style=\"font-size: 0.8em;\" face=\"Tahoma\" color=\"#ffffff\">$lang_admin_date</font></td>
<td width=\"20\" background=\"../images/icons/disc_bar.gif\" align=\"center\"><font style=\"font-size: 0.8em;\" face=\"Tahoma\" color=\"#ffffff\">$lang_admin_actions</font></td>
</tr>
";
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$result = mysql_query("SELECT * FROM eblog_messages", $conn);
$totalEntries = mysql_num_rows($result);
if(empty($sp))
{
$sp = 0;
}
$end = $sp + 50;
if($end > $totalEntries)
$end = $totalEntries;
$query = "SELECT * FROM eblog_messages ORDER BY id DESC";
$counter = 0;
$result = mysql_query($query);
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
if(($counter >= $sp)&&($counter < $end))
{
$rowID = $row['id'];
$rowTitle = $row['title'];
$rowFrom = $row['sender'];
$rowDate = $row['date'];
$rowStat = $row['statusID'];
$chunks = explode("-",$rowDate);
$toGet = $chunks[1];$rowDate = $chunks[0] . " " . $MonthsArray[$toGet] . " " . $chunks[2];
$reminder = $counter%2;
if($reminder == 0)
{
$bgColor = "#f2f2f2";
}
else
{
$bgColor = "#dadada";
}
if(strlen($rowTitle) > 40){
$rowTitle = substr($rowTitle, 0, 37).'...';
}
if(strlen($rowFrom) > 18){
$rowFrom = substr($rowFrom, 0, 15).'...';
}
if($rowStat == 1)
{
$mailIcon = "../images/icons/icon_newMail.gif";
$mailStatus = $lang_admin_unread;
}
else{
$mailIcon = "../images/icons/icon_oldMail.gif";
$mailStatus = $lang_admin_read;
}
$inbox = $inbox . "
<tr bgcolor=\"$bgColor\">
<td width=\"30\" align=\"center\"><font face=\"tahoma\" size=\"2\">$rowID</font></td>
<td width=\"20\" align=\"center\"><img src=\"$mailIcon\" title=\"$mailStatus\"></td>
<td><a href=\"mail.php?action=Show&id=$rowID&sp=$sp\" title=\"$rowTitle\" rel=\"gb_page_center[640, 500]\"><font face=\"tahoma\" size=\"2\">$rowTitle</font></a></td>
<td width=\"120\" align=\"center\"><font style=\"font-size: 0.8em;\" face=\"Tahoma\">$rowFrom</font></td>
<td width=\"120\" align=\"center\"><font face=\"tahoma\" size=\"2\">$rowDate</font></td>
<td width=\"20\" align=\"center\"><a href=\"#\" onClick=\"rusure($rowID, $sp); return false;\"><img src=\"../images/icons/icon_remove.gif\" title=\"$lang_admin_delete\" border=\"0\"></a></td>
</tr>";
}
$counter++;
}
if($counter < 1)
{
$inbox = $inbox . "<tr bgColor=\"f2f2f2\"><td colspan=\"6\"><font face=\"tahoma\" size=\"2\">$lang_admin_noMessages</font></td></tr>";
}
$inbox = $inbox . "</table>";
if($totalEntries > 50)
{
$pr = $sp + 50;
if($pr > $totalEntries){
$disabled1 = "disabled";
}
$nx = $sp - 50;
if($nx < 0){
$disabled2 = "disabled";
}
$inbox = $inbox . "
<br>
<table width=\"100%\" border=\"0\">
<tr>
<td><input type=\"button\" value=\"$lang_admin_older\" onClick=\"goPrev($pr);\" $disabled1></td>
<td width=\"100%\"> </td>
<td><input type=\"button\" value=\"$lang_admin_newer\" onClick=\"goNext($nx);\" $disabled2></td>
</tr>
</table>
";
}
mysql_close($conn);
$static_value = array ($blog_dir, $blog_windows_encoding, $lang_admin_adminPanel, $JAVA_ALERTS, $blog_slogan, $lang_admin_showHomePage, $lang_admin_link_1, $lang_admin_link_2, $lang_admin_link_3, $lang_admin_link_4, $lang_admin_link_5, $lang_admin_link_6, $lang_admin_link_7, $lang_admin_sync, $lang_admin_search,
$lang_admin_quickLinks,$quicklinks,$lang_admin_readDocumentation,
$lang_admin_notifications, $notifications, $lang_admin_resolve,
$lang_admin_kc, $kc, $lang_admin_ReadTheAgreement,
$lang_admin_footer1,$lang_admin_footer1_1,$lang_admin_footer1_2,$lang_admin_footer1_3,
$lang_admin_footer2,$lang_admin_footer2_1,$lang_admin_footer2_2,$lang_admin_footer2_3,$lang_admin_footer2_4,
$lang_admin_footer3,$lang_admin_footer3_1,$lang_admin_footer3_2,
$lang_admin_footerRights,
$lang_admin_home, $thisPageNav,
$lang_admin_mail_title1, $inbox
);
$static_name = array ("{blog_dir}","{blog_windows_encoding}", "{title_name}", "{JAVA_ALERTS}", "{blog_slogan}", "{lang_admin_showHomePage}", "{lang_admin_link_1}", "{lang_admin_link_2}", "{lang_admin_link_3}", "{lang_admin_link_4}", "{lang_admin_link_5}", "{lang_admin_link_6}", "{lang_admin_link_7}", "{lang_admin_sync}", "{lang_admin_search}",
"{lang_admin_quickLinks}","{quicklinks}","{lang_admin_readDocumentation}",
"{lang_admin_notifications}", "{notifications}", "{lang_admin_resolve}",
"{lang_admin_kc}", "{kc}", "{lang_admin_ReadTheAgreement}",
"{lang_admin_footer1}","{lang_admin_footer1_1}","{lang_admin_footer1_2}","{lang_admin_footer1_3}",
"{lang_admin_footer2}","{lang_admin_footer2_1}","{lang_admin_footer2_2}","{lang_admin_footer2_3}","{lang_admin_footer2_4}",
"{lang_admin_footer3}","{lang_admin_footer3_1}","{lang_admin_footer3_2}",
"{blog_rights}",
"{lang_admin_home}", "{thisPageNav}",
"{lang_admin_mail_title1}", "{inbox}"
);
$header = $new_template->load_template ("../templates/$defaultTemplate/admin/header.html");
$home = $new_template->load_template ("../templates/$defaultTemplate/admin/mail.html");
$footer = $new_template->load_template ("../templates/$defaultTemplate/admin/footer.html");
$template = $new_template->replace_static($static_name, $static_value, $header.$home.$footer);
echo $template;
}
// 2: Add new contact
else if($action == "Add"){
echo "
<html dir=\"$blog_dir\">
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=$blog_windows_encoding\">
<script language=\"javascript\">
function checkForm(form){
if(form.name.value == \"\"){
alert( \"$lang_erorr_code129\" );
form.name.focus();
return false;
}
if(form.email.value == \"\"){
alert( \"$lang_erorr_code130\" );
form.email.focus();
return false;
}
if((form.email.value.indexOf(\".\") < 1) || (form.email.value.indexOf(\"@\") < 1))
{
alert( \"$lang_erorr_code131\" );
form.email.focus();
return false;
}
return true;
}
</script>
<form method=\"post\" action=\"mail.php?action=Save\" onsubmit=\"return checkForm(this);\">
<table bordercolor=\"#727272\" style=\"border-collapse: collapse\" width=\"100%\" cellSpacing=\"0\" cellPadding=\"5\" border=\"1\">
<tr bgcolor=\"#f2f2f2\">
<td width=\"100\">
<font face=\"tahoma\" size=\"2\">$lang_admin_name:</font>
</td>
<td>
<input type=\"text\" name=\"name\" size=\"75\" style=\"font-family: Tahoma; font-size: 12px; color: #000000; border: 1px solid #000000;\" MAXLENGTH=\"70\">
</td>
</tr>
<tr bgcolor=\"#dadada\">
<td width=\"100\">
<font face=\"tahoma\" size=\"2\">$lang_admin_email:</font>
</td>
<td>
<input type=\"text\" name=\"email\" size=\"75\" style=\"font-family: Tahoma; font-size: 12px; color: #000000; border: 1px solid #000000;\" MAXLENGTH=\"70\">
</td>
</tr>
</table>
<br>
<center><input type=\"submit\" value=\"$lang_admin_add\"></center>
</form>
</html>
";
}
// 3: Save new contact
else if($action == "Save"){
$name = $_POST['name'];
$email= trim($_POST['email']);
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$newID = 0;
$query = "SELECT id FROM eblog_contacts ORDER BY id ASC";
$result = mysql_query($query);
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
$newID = $row['id'];
}
$newID++;
mysql_query("INSERT INTO eblog_contacts VALUES ('$newID', '$name', '$email')");
mysql_close($conn);
echo "<meta http-equiv=\"refresh\" content=\"0;url=mail.php?action=ConfirmAdd\">";
}
// 4: confirm adding a new contact
else if($action == "ConfirmAdd"){
echo "
<html dir=\"$blog_dir\">
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=$blog_windows_encoding\">
<div align=\"center\">
<br>
<table>
<tr>
<td width=\"16\">
<img src=\"../images/icons/icon_complete.gif\">
</td>
<td>
<font face=\"tahoma\" size=\"2\">
$lang_admin_addContacCompleted
</font>
</td>
</tr>
</table>
<center>
<a href=\"mail.php?action=Add\"><font face=\"tahoma\" size=\"2\" color=\"#912F69\">$lang_admin_addMore</font></a>
</center>
<div>
</html>
";
}
// 5: Edit a given contact
else if($action == "Edit"){
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$result = mysql_query("SELECT name, email FROM eblog_contacts WHERE id = '$id'");
$row = mysql_fetch_row($result);
$name = $row[0];
$email = $row[1];
echo "
<html dir=\"$blog_dir\">
<script language=\"javascript\">
function checkForm(form){
if(form.name.value == \"\"){
alert( \"$lang_erorr_code129\" );
form.name.focus();
return false;
}
if(form.email.value == \"\"){
alert( \"$lang_erorr_code130\" );
form.email.focus();
return false;
}
if((form.email.value.indexOf(\".\") < 2) || (form.email.value.indexOf(\"@\") < 1))
{
alert( \"$lang_erorr_code131\" );
form.email.focus();
return false;
}
return true;
}
</script>
<br><br><br><br>
<form method=\"post\" action=\"mail.php?action=Update&id=$id\" onsubmit=\"return checkForm(this);\">
<table bordercolor=\"#727272\" style=\"border-collapse: collapse\" width=\"100%\" cellSpacing=\"0\" cellPadding=\"5\" border=\"1\">
<tr bgcolor=\"#f2f2f2\">
<td width=\"100\">
<font face=\"tahoma\" size=\"2\">$lang_admin_name:</font>
</td>
<td>
<input type=\"text\" name=\"name\" size=\"75\" style=\"font-family: Tahoma; font-size: 12px; color: #000000; border: 1px solid #000000;\" MAXLENGTH=\"70\" value=\"$name\">
</td>
</tr>
<tr bgcolor=\"#dadada\">
<td width=\"100\">
<font face=\"tahoma\" size=\"2\">$lang_admin_email:</font>
</td>
<td>
<input type=\"text\" name=\"email\" size=\"75\" style=\"font-family: Tahoma; font-size: 12px; color: #000000; border: 1px solid #000000;\" MAXLENGTH=\"70\" value=\"$email\">
</td>
</tr>
</table>
<br>
<center><input type=\"submit\" value=\"$lang_admin_update\"> <input type=\"button\" value=\"$lang_erorr_goBack2\" onclick=\"window.location='mail.php?action=List';\"></center>
</form>
</html>
";
mysql_close($conn);
}
// 6: update contact
else if($action == "Update"){
$name = $_POST['name'];
$email= trim($_POST['email']);
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$query = "UPDATE eblog_contacts SET `name` = '$name' WHERE `id` = '$id'";
mysql_query($query);
$query = "UPDATE eblog_contacts SET `email` = '$email' WHERE `id` = '$id'";
mysql_query($query);
mysql_close($conn);
echo "<meta http-equiv=\"refresh\" content=\"0;url=mail.php?action=List\">";
}
// 7: Delete given contact
else if($action == "Delete"){
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
mysql_query("DELETE FROM eblog_contacts WHERE id=$id");
mysql_close($conn);
echo "<meta http-equiv=\"refresh\" content=\"0;url=mail.php?action=List\">";
}
// 8: Import contacts
else if($action == "Import"){
echo "
<html dir=\"$blog_dir\">
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=$blog_windows_encoding\">
<script language=\"javascript\">
function checkForm(form){
if(form.emails.value == \"\"){
alert( \"$lang_erorr_code132\" );
form.emails.focus();
return false;
}
return true;
}
</script>
<form method=\"post\" action=\"mail.php?action=Inject\" onsubmit=\"return checkForm(this);\">
<table bordercolor=\"#727272\" style=\"border-collapse: collapse\" width=\"100%\" cellSpacing=\"0\" cellPadding=\"5\" border=\"1\">
<tr bgcolor=\"#dadada\">
<td width=\"130\" valign=\"top\">
<font face=\"tahoma\" size=\"2\">$lang_admin_seprateEmailsWith:</font>
</td>
<td>
<input type=\"text\" name=\"email\" size=\"65\" style=\"font-family: Tahoma; font-size: 12px; color: #000000; border: 1px solid #000000;\" MAXLENGTH=\"65\" value=\",\" disabled>
</td>
</tr>
<tr bgcolor=\"#f2f2f2\">
<td width=\"130\">
<font face=\"tahoma\" size=\"2\">$lang_admin_listOfEmails:</font>
</td>
<td>
<textarea name=\"emails\" cols=\"62\" rows=\"10\" style=\"font-family: Tahoma; font-size: 12px; color: #000000; border: 1px solid #000000; resize: none; \"></textarea>
<br>
<font face=\"tahoma\" size=\"1\">$lang_admin_example: hide@address.com, hide@address.com,</font>
</td>
</tr>
</table>
<br>
<center><input type=\"submit\" value=\"$lang_admin_import\"></center>
</form>
</html>
";
}
// 9: Inject email address to the contact list
else if($action == "Inject"){
$emails = htmlspecialchars($_POST['emails']);
$list = explode(",", $emails);
$size = count($list);
$counter = 0;
$valid = 0;
$invalid = 0;
$showList = "<b><font face=\"tahoma\" size=\"2\" color=\"#912F69\">". $lang_admin_emailAddedNotice . ":<br></b></font><font face=\"tahoma\" size=\"2\" color=\"#000000\">";
$invalidList = "<br><b><font face=\"tahoma\" size=\"2\" color=\"#912F69\">". $lang_admin_emailFailedNotice . ":<br></b></font>";
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$newID = 0;
$query = "SELECT id FROM eblog_contacts ORDER BY id ASC";
$result = mysql_query($query);
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
$newID = $row['id'];
}
$newID++;
while($counter < $size)
{
$newEmail = trim($list[$counter]);
if ($newEmail != "" && preg_match("/([\w\.\-]+)(\@[\w\.\-]+)(\.[a-z]{2,4})+/i", $newEmail)){
$showList = $showList . "<table width=\"100%\"><tr><td width=\"16\"><img src=\"../images/icons/icon_complete.gif\" border=\"0\"></td><td><font face=\"tahoma\" size=\"2\" color=\"#000000\">" . $newEmail . "</font></td></tr></table>";
mysql_query("INSERT INTO eblog_contacts VALUES ('$newID', '$newEmail', '$newEmail')");
$valid++;
}
else
{
$invalidList = $invalidList . "<table width=\"100%\"><tr><td width=\"16\"><img src=\"../images/icons/icon_remove.gif\" border=\"0\"></td><td><font face=\"tahoma\" size=\"2\" color=\"#000000\">" . $newEmail . "</font></td></tr></table>";
$invalid++;
}
$counter++;
$newID++;
}
mysql_close($conn);
$showList = $showList . "</font>";
$invalidList = $invalidList . "</font>";
if($valid < 1)
{
$showList = "<center><font face=\"tahoma\" size=\"2\"><br><br><br><br><br><br>". $lang_admin_noEmailAdded . "</font><br><a href=\"mail.php?action=Import\"><font face=\"tahoma\" size=\"2\" color=\"#912F69\">". $lang_admin_clickToTryAgain . "</font></a></center>";
}
echo $showList;
if(($valid > 1)&&($invalid > 1))
{
echo $invalidList;
}
}
// 10: Export contact list
else if($action == "Export"){
$emailsLists = "";
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$result = mysql_query("SELECT email FROM eblog_contacts ORDER BY email ASC");
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$emailsLists = $emailsLists . $row["email"].","."\r\n";
}
mysql_close($conn);
echo "
<html dir=\"$blog_dir\">
<form method=\"post\" action=\"mail.php?action=Download\">
<table bordercolor=\"#727272\" style=\"border-collapse: collapse\" width=\"100%\" cellSpacing=\"0\" cellPadding=\"5\" border=\"1\">
<tr bgcolor=\"#f2f2f2\">
<td width=\"130\">
<font face=\"tahoma\" size=\"2\">$lang_admin_listOfEmails:</font>
</td>
<td>
<textarea name=\"emails\" cols=\"68\" rows=\"10\" style=\"font-family: Tahoma; font-size: 12px; color: #000000; border: 1px solid #000000; resize: none; \" readonly>$emailsLists</textarea>
</td>
</tr>
<tr bgcolor=\"#dadada\">
<td width=\"130\" valign=\"top\">
<font face=\"tahoma\" size=\"2\">$lang_admin_exportMethod:</font>
</td>
<td>
<input type=\"radio\" value=\"$lang_admin_txtFile\" checked> <font face=\"tahoma\" size=\"2\">$lang_admin_txtFile</font><br>
</td>
</tr>
</table>
<br>
<center><input type=\"submit\" value=\"$lang_admin_export\"></center>
</form>
</html>
";
}
// 11: Download file
else if($action == "Download"){
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"eBlog_contacts.txt\"");
$data = $_POST['emails'];
echo $data;
}
// 12: List all contacts
else if($action == "List"){
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$result = mysql_query("SELECT * FROM eblog_contacts", $conn);
$totalContacts = mysql_num_rows($result);
$max = 100;
if(empty($sp))
$sp = 0;
if($totalContacts == 0)
$sp = 0;
if($sp >= 0)
$sp2 = $sp+1;
else
$sp2 = 0;
$end = $sp +$max;
if($end > $totalContacts)
$end = $totalContacts;
$contact_list = "";
$page_header = "
<html dir=\"$blog_dir\">
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=$blog_windows_encoding\">
<script language=\"javascript\">
function rusure(toDelete){
question = confirm(\"$lang_admin_confirmDeleteContact\")
if (question !=\"0\"){
window.location = \"mail.php?action=Delete&id=\" + toDelete;
}
}
function goPrev(spoint){
link = \"mail.php?action=List&start=\" + spoint;
window.location = link;
}
function goNext(spoint){
link = \"mail.php?action=List&start=\" + spoint;
window.location = link;
}
</script>
";
$contact_list = $contact_list . "<table bordercolor=\"#727272\" style=\"border-collapse: collapse\" width=\"100%\" cellSpacing=\"0\" cellPadding=\"2\" border=\"1\">";
$query = "SELECT * FROM eblog_contacts ORDER BY id ASC";
$result = mysql_query($query);
$counter = 0;
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
$reminder = $counter%2;
if($reminder == 0)
$bgColor = "#f2f2f2";
else
$bgColor = "#dadada";
$id = $row['id'];
$name = $row['name'];
$email = $row['email'];
if(($counter >= $sp)&&($counter < $end)){
$contact_list = $contact_list . "<tr bgcolor=\"$bgColor\"><td><table width=\"100%\" border=\"0\"><tr><td width=\"16\" align=\"center\"><img src=\"../images/icons/icon_contact.gif\"></td><td width=\"40\"><font face=\"tahoma\" size=\"2\">$id:</font></td><td><font face=\"tahoma\" size=\"2\">$name</font></td><td width=\"250\"><font face=\"tahoma\" size=\"2\">$email</font></td><td width=\"40\"><a href=\"mail.php?action=Edit&id=$id\"><image border=\"0\" title=\"$lang_admin_edit\" src=\"../images/icons/icon_fix.gif\"></a> <a href=\"#\" onClick=\"rusure($id); return false;\"><img border=\"0\" src=\"../images/icons/icon_remove.gif\" title=\"$lang_admin_delete\"></a></td></tr></table></td></tr>";
}
$counter++;
}
if($counter < 1)
{
$contact_list = $contact_list . "<tr bgcolor=\"f2f2f2\"><td><font face=\"tahoma\" size=\"2\">$lang_admin_noContacts</font></td></tr>";
}
echo "</table>";
$pr = $sp - $max;
if($pr < 0){
$disable1 = "disabled";
}
$nx = $sp + $max;
if($nx >= $totalContacts){
$disable2 = "disabled";
}
if($totalContacts < $max){
$disable1 = "disabled";
$disable2 = "disabled";
}
if($counter < 1)
$sp2 = 0;
$page_header = $page_header . "
<table width=\"100%\" border=\"0\">
<tr>
<td><input type=\"button\" value=\"$lang_admin_older\" onClick=\"goPrev($pr);\" $disable1></td>
<td width=\"100%\"> <table width=\"100%\"><tr><td height=\"30\" align=\"center\"><font face=\"tahoma\" size=\"2\" color=\"#912F69\">$lang_admin_showing $sp2 $lang_admin_to $end $lang_admin_outOf $totalContacts</font></td></tr></table></td>
<td><input type=\"button\" value=\"$lang_admin_newer\" onClick=\"goNext($nx);\" $disable2></td>
</tr>
</table>
";
$contact_list = $contact_list . "</html>";
echo $page_header;
echo $contact_list;
mysql_close($conn);
}
// 13: Send Email
else if($action == "Send"){
$processPage = "mail.php?action=Mail";
$todo = "printNow";
}
// 14: Forward email
else if($action == "ForwardMessage"){
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$result = mysql_query("SELECT * FROM eblog_messages WHERE id = '$id'");
$row = mysql_fetch_row($result);
$rowID = $row[0];
$rowSender = $row[1];
$rowReceiver = $row[2];
$rowTitle = "FW: " . $row[3];
$rowDate = $row[4];
$chunks = explode("-",$rowDate);
$toGet = $chunks[1];$rowDate = $chunks[0] . " " . $MonthsArray[$toGet] . " " . $chunks[2];
$rowContent = $row[5];
$rowStatusID = $row[6];
$FORM_DATA_TO = "";
$FORM_DATA_TITLE = $rowTitle;
$FORM_DATA_CONTENT = $rowContent;
$processPage = "mail.php?action=Mail&id=$id";
$todo = "printNow";
mysql_close($conn);
}
// 15: Replay Email
else if($action == "ReplayMessage"){
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$result = mysql_query("SELECT * FROM eblog_messages WHERE id = '$id'");
$row = mysql_fetch_row($result);
$rowID = $row[0];
$rowSender = $row[1];
$rowReceiver = $row[2];
$rowTitle = "RE: " . $row[3];
$rowDate = $row[4];
$chunks = explode("-",$rowDate);
$toGet = $chunks[1];$rowDate = $chunks[0] . " " . $MonthsArray[$toGet] . " " . $chunks[2];
$rowContent = $row[5];
$rowStatusID = $row[6];
$SenderEmail = $row[7];
$FORM_DATA_TO = $SenderEmail;
$FORM_DATA_TITLE = $rowTitle;
$FORM_DATA_CONTENT = $rowContent;
$processPage = "mail.php?action=Mail&id=$id";
$todo = "printNow";
mysql_close($conn);
}
// 16: process sending an email
else if($action == "Mail"){
$to = $_POST['receiver'];
$title = $_POST['title'];
$group = $_POST['group'];
$message = $_POST['content'];
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$toArray = array();
if(($group == "1")||($to == "hide@address.com"))
{
$query = "SELECT email FROM eblog_contacts";
$result = mysql_query($query);
$counter = 0;
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
$toArray[$counter] = $row['email'];
$counter++;
}
}
else
{
$toArray[0] = $to;
}
$counter = 0;
$limit = count($toArray);
$AllRows = "";
$from = $admin_email;
//$subject_encoded="=?UTF-8?B?".base64_encode($title)."?=\n";
$subject_encoded= $title;
$toWhom = 0;
// mail everyone
while($counter < $limit)
{
$to = $toArray[$counter];
$headers = "Content-type: text/html; charset=$blog_windows_encoding\r\n";
$headers .= "From: ".$from."\r\n" ."X-Mailer: php";
$reminder = $counter%2;
if($reminder == 0)
$bgColor = "#f2f2f2";
else
$bgColor = "#dadada";
if (@mail($to, $subject_encoded, $message, $headers)) {
$AllRows = $AllRows . "<tr bgcolor=\"$bgColor\"><td><table><tr><td width=\"16\"><img src=\"../images/icons/icon_complete.gif\" border=\"0\"></td><td width=\"100%\"><font face=\"tahoma\" size=\"2\">" . $to . "</font></td><td width=\"50\"><font face=\"tahoma\" size=\"2\">$lang_admin_done</font></td></tr></table></td></tr>";
$toWhom++;
}
else {
$AllRows = $AllRows . "<tr bgcolor=\"$bgColor\"><td><table><tr><td width=\"16\"><img src=\"../images/icons/icon_remove.gif\" border=\"0\"></td><td width=\"100%\"><font face=\"tahoma\" size=\"2\">" . $to . "</font></td><td width=\"50\"><font face=\"tahoma\" size=\"2\">$lang_admin_failed</font></td></tr></table></td></tr>";
}
$counter++;
}
mysql_close($conn);
if($toWhom < 1)
$AllRows = $lang_admin_noEmailAdded;
echo "
<html dir=\"$blog_dir\">
<center>
<table bordercolor=\"#727272\" style=\"border-collapse: collapse\" width=\"100%\" cellSpacing=\"0\" cellPadding=\"2\" border=\"1\">
$AllRows
</table>
</center>
</html>
";
}
// 17: show given email
else if($action == "Show"){
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$query = "UPDATE eblog_messages SET `statusID` = '0' WHERE `id` = '$id'";
mysql_query($query);
$result = mysql_query("SELECT * FROM eblog_messages WHERE id = '$id'");
$row = mysql_fetch_row($result);
$rowID = $row[0];
$rowSender = $row[1];
$rowReceiver = $row[2];
$rowTitle = $row[3];
$rowDate = $row[4];
$chunks = explode("-",$rowDate);
$toGet = $chunks[1];$rowDate = $chunks[0] . " " . $MonthsArray[$toGet] . " " . $chunks[2];
$rowContent = $row[5];
$rowStatusID = $row[6];
mysql_close($conn);
echo "
<html dir=\"$blog_dir\">
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=$blog_windows_encoding\">
<body text=\"#000000\" link=\"#7d7d7c\" alink=\"7d7d7c\" vlink=\"7d7d7c\">
<table bordercolor=\"#727272\" style=\"border-collapse: collapse\" width=\"100%\" cellSpacing=\"0\" cellPadding=\"2\" border=\"1\">
<tr bgcolor=\"#dadada\">
<td>
<table width=\"100%\" border=\"0\" cellpadding=\"3\">
<tr>
<td width=\"40\">
<a href=\"mail.php?action=ReplayMessage&id=$id\">
<font face=\"tahoma\" size=\"2\">
$lang_admin_replay
</font>
</a>
</td><td width=\"20\">
<font face=\"tahoma\" size=\"2\"> | </font>
</td>
<td width=\"40\">
<a href=\"mail.php?action=ForwardMessage&id=$id\">
<font face=\"tahoma\" size=\"2\">
$lang_admin_forward
</font>
</a>
</td><td width=\"20\">
<font face=\"tahoma\" size=\"2\"> | </font>
</td>
<td width=\"40\">
<a href=\"mail.php?action=RemoveMessage&id=$id\">
<font face=\"tahoma\" size=\"2\">
$lang_admin_delete
</font>
</a>
</td>
<td width=\"100%\">
</td>
</tr>
</table>
</td>
</tr>
</table>
<br>
<table bordercolor=\"#727272\" style=\"border-collapse: collapse\" width=\"100%\" cellSpacing=\"0\" cellPadding=\"5\" border=\"1\">
<tr bgcolor=\"#f2f2f2\">
<td>
<font face=\"tahoma\" size=\"2\">$lang_admin_date: $rowDate</font>
</td>
</tr>
<tr bgcolor=\"#dadada\">
<td>
<font face=\"tahoma\" size=\"2\">$lang_admin_from: $rowSender</font>
</td>
</tr>
<tr bgcolor=\"#f2f2f2\">
<td>
<font face=\"tahoma\" size=\"2\">$lang_admin_to: $rowReceiver</font>
</td>
</tr>
<tr bgcolor=\"#dadada\">
<td>
<font face=\"tahoma\" size=\"2\">$lang_admin_title: $rowTitle</font>
</td>
</tr>
<tr bgcolor=\"#f2f2f2\">
<td>
<center><textarea name=\"emails\" style=\"font-family: Tahoma; width:100%; height:250px; font-size: 12px; color: #000000; border: 1px solid #000000; resize:none;\" readonly>$rowContent</textarea></center>
</td>
</tr>
</table>
</body>
</html>
";
}
// 18: Delete message and stay in child window
else if($action == "DeleteMessage"){
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
mysql_query("DELETE FROM eblog_messages WHERE id=$id");
mysql_close($conn);
echo "<meta http-equiv=\"refresh\" content=\"0;url=mail.php?start=$sp\">";
}
// 19: Delete Message & refresh parent window
else if($action == "RemoveMessage"){
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
mysql_query("DELETE FROM eblog_messages WHERE id=$id");
mysql_close($conn);
echo "<meta http-equiv=\"refresh\" content=\"0;url=mail.php?action=refresh\">";
}
// 20: force parent window to refresh
else if($action == "refresh"){
echo "
<script type=\"text/javascript\">
top.parent.location = \"mail.php\";
</script>
";
}
// 21: else, go home
else
{
echo "<meta http-equiv=\"refresh\" content=\"0;url=index.php\">";
}
}
else{
echo "<meta http-equiv=\"refresh\" content=\"0;url=index.php\">";
}
// Show the mail form when needed
if($todo == "printNow")
{
$local_JAVASCRIPT = "
<link rel=\"stylesheet\" href=\"js/jquery.wysiwyg.css\" type=\"text/css\" />
<script type=\"text/javascript\" src=\"js/jquery-1.3.2.js\"></script>
<script type=\"text/javascript\" src=\"js/jquery.wysiwyg.js\"></script>
<script type=\"text/javascript\">
if (typeof window.event != 'undefined')
document.onkeydown = function()
{
if (event.srcElement.tagName.toUpperCase() != 'INPUT')
return (event.keyCode != 8);
}
else
document.onkeypress = function(e)
{
if (e.target.nodeName.toUpperCase() != 'INPUT')
return (e.keyCode != 8);
}
</script>
<script type=\"text/javascript\">
$(function()
{
$('#wysiwyg').wysiwyg();
});
</script>
<script type=\"text/javascript\">
function checkform ( form )
{
if(form.receiver.value == \"\"){
alert( \"$lang_erorr_code133\" );
form.receiver.focus();
return false ;
}
if (form.title.value == \"\") {
alert( \"$lang_erorr_code134\" );
form.title.focus();
return false ;
}
if (form.content.value == \"\") {
alert( \"$lang_erorr_code135\" );
form.content.focus();
return false ;
}
if((form.receiver.value.indexOf(\".\") < 1) || (form.receiver.value.indexOf(\"@\") < 1))
{
alert( \"$lang_erorr_code136\" );
form.receiver.focus();
return false;
}
return true ;
}
function Disable() {
frmKey.receiver.value=\"hide@address.com\";
frmKey.receiver.disabled=true;
}
function Enable(){
frmKey.receiver.disabled=false;
frmKey.receiver.value=\"\";
}
function confirmDeleteComment() {
if (confirm(\"$lang_admin_confirmDeleteComment\")) {
return true;
} else {
return false;
}
}
function confirmDeleteTopic(data) {
if (confirm(\"$lang_admin_confirmDeleteTopic\")) {
var toLink = \"advance.php?action=DeleteTopic&ID=\" + data;
window.location = toLink;
return true;
} else {
return false;
}
}
function changeto(highlightcolor){
source=event.srcElement
if (source.tagName==\"TR\"||source.tagName==\"TABLE\")
return
while(source.tagName!=\"TR\")
source=source.parentElement
if (source.style.backgroundColor!=highlightcolor&&source.id!=\"ignore\")
source.style.backgroundColor=highlightcolor
}
function changeback(originalcolor){
if (event.fromElement.contains(event.toElement)||source.contains(event.toElement)||source.id==\"ignore\")
return
if (event.toElement!=source)
source.style.background=originalcolor
}
</script>
";
$mail_form = "
<html dir=\"$blog_dir\">
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=$blog_windows_encoding\">
<head>
$local_JAVASCRIPT
</head>
<body onload=\"thisForm=document.frmKey;\">
<form action=\"$processPage\" method=\"post\" enctype=\"multipart/form-data\" onsubmit=\"return checkform(this);\" id=\"frmTest\" name=\"frmKey\">
<br>
<div align=\"center\">
<table border=1 width=\"100%\" bordercolor=\"#000000\" style=\"border-collapse: collapse\" cellspacing=\"0\" cellpadding=\"7\">
<tr bgcolor=#f2f2f2>
<td valign=\"top\"><font face=\"Tahoma\" size=\"2\">$lang_admin_to:</font></td>
<td valign=\"top\">
<input type=\"text\" name=\"receiver\" value=\"$FORM_DATA_TO\" size=\"33\" style=\"font-family: Tahoma; width:100%; font-size: 12px; color: #000000; border: 1px solid #000000;\">
</td>
</tr>
<tr bgcolor=#dadada>
<td valign=\"top\"><font face=\"Tahoma\" size=\"2\">$lang_admin_groupMail:</font></td>
<td valign=\"top\">
<input type=\"radio\" name=\"group\" value=\"1\" onClick=\"Disable()\"><font face=\"Tahoma\" size=\"2\">$lang_admin_yes</font>
<input type=\"radio\" name=\"group\" value=\"0\" onClick=\"Enable()\" checked><font face=\"Tahoma\" size=\"2\">$lang_admin_no</font>
</td>
</tr>
<tr bgcolor=#f2f2f2>
<td valign=\"top\"><font face=\"Tahoma\" size=\"2\">$lang_admin_title:</font></td>
<td valign=\"top\">
<input type=\"text\" name=\"title\" value=\"$FORM_DATA_TITLE\" size=\"33\" style=\"font-family: Tahoma; width:100%; font-size: 12px; color: #000000; border: 1px solid #000000;\"></td>
</tr>
</table>
</div>
<br>
<div align=\"center\">
<table border=1 bordercolor=black bgcolor=#f2f2f2 cellpadding=\"4\" style=\"margin-left: auto; margin-right: auto; BORDER-COLLAPSE: collapse;\" width=\"100%\"><tr><td>
<table dir=\"$blog_dir\" border=0 width=\"100%\" style=\"margin-left: auto; margin-right: auto;\">
<tr>
<td valign=\"top\">
<center><textarea name=\"content\" id=\"wysiwyg\" style=\"font-family: Tahoma; outline:none; width:590px; height:220px; font-size: 12px; color: #000000; border: 1px solid #000000; resize: none;\">$FORM_DATA_CONTENT</textarea></center></td>
</tr>
</table>
</td></tr></table></div>
<div align=\"center\">
<br>
<input type=\"submit\" name=\"submit\" value=\"$lang_admin_send\"> <input type=\"button\" onclick=\"window.location='mail.php?action=Show&id=$id&sp=0';\" value=\"$lang_erorr_goBack2\">
</div>
</form>
</body>
</html>
";
echo $mail_form;
}
?>