<?php
/******************************************************************************
************** Simple SMS Site Software *********************************
************** SSSSv1.0*****************************************************
************** by (aq) limited http://aql.com *******************************
************** All Rights Reserved ******************************************
************** Please read COPYRIGHT file prior to modification********
********************************************************************************/
class sendSMS {
// sends message and returns result
function curl_send($url, $data, $secure_send="")
{
$connected = False;
$array_servers = array("gw1", "gw11", "gw2", "gw22"); // primary and backup gateways
foreach ($array_servers as $current_server)
{
$ch = curl_init(); // initialise curl handle
if ($secure_send == "yes") {
$send_url = "https://$current_server$url";
}
else {
$send_url = "http://$current_server$url";
}
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,0);
//the above line is used because the SSL cert will not always match the gateway name
curl_setopt($ch, CURLOPT_URL,$send_url); // set url to post to
curl_setopt($ch, CURLOPT_POST, 1); //want to use HTTP POST not GET
curl_setopt($ch, CURLOPT_POSTFIELDS, $data); //the data to post
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); // return response into a variable
//send whole request
$result = curl_exec($ch);
curl_close($ch);
if ($result !== False)
{
?>
<p align="center">
<?
$connected = True;
echo "Server $current_server successfully contacted \n";
echo $result;
switch ($result)
{
// message was sent ok
case (preg_match ("/^AQSMS-OK/", $result)?$result:!$result):
case (preg_match ("/^GW-OK/", $result)?$result:!$result): // matches wap push ok confirmation
echo " Message sent \n";
break;
// message failure statements
case "AQSMS-AUTHERROR":
case "GW-AUTH_ERROR":
echo " The username and password supplied were incorrect \n";
break;
case "AQSMS-NOAUTHDETAILS":
case "GW-NO_AUTH_DETAILS":
echo " The username and password were not supplied \n";
break;
case "AQSMS-NOCREDIT":
case "GW-NO_CREDIT":
echo " There is not enough credit on your account to complete the request \n";
break;
case "AQSMS-NOMSG":
case "GW-NO_DESTINATION":
echo " No message/destination number was supplied \n";
break;
case "GW-NO_WAPNAME":
echo " No WAP push name was supplied \n";
break;
case "GW-NO_WAPURL":
echo " No WAP URL was supplied \n";
break;
case "GW-INVALID_DESTINATION":
case "AQSMS-INVALID_DESTINATION":
echo " Destination number is invalid \n";
break;
case (preg_match ("/^GW-ERROR/", $result)?$result:!$result):
echo " Message failed \n";
break;
case "GW-MSGERROR":
echo " There was an error encoding the push message. Please check the wap url / wap name \n";
break;
case "GW-ACC_UPGRADE_NEEDED":
echo " To use wap push, you account needs to be upgraded to the UK premium route \n";
break;
case "GW-QUEUE_ERROR":
echo " There was a queue error, please contact support with the message details \n";
break;
case (preg_match ("/^AQSMS-CREDIT/", $result)?$result:!$result):
echo " credits remaining \n";
break;
default:
echo " Server $current_server unreachable, message(s) not sent";
} // end switch
return true;
break; // break out of for loop
}// end if
else echo "Server $current_server is unreachable \n";
?>
<br>
<?
} // end for
if ($connected == False)
{
echo "All aql servers are unreachable \n";
}
?>
</p>
<?
} // end curl_send()
// sends an sms message
function send_message($number="", $message="", $orig="", $flash="", $username, $password, $dlrurl, $secure_send, $max_concat)
{
$multi = false; // multiple recipients?
$concat_gw = false; // concatenated message?
$validated = true; // check string contains no illegal characters
$chars = array();
for ($i = 0; $i < strlen($number); $i++) // check for illegal characters
{
if (!ereg("[A-Za-z0-9]", $number[$i]))
{
if (ereg(",", $number[$i]))
{
$multi = true;
}
else
{
$validated = false;
$chars[] = $number[$i];
}
}
}
if (strlen($message) > 160) {
$concat_gw = true;
}
// choose gateway
if ($multi) {
if ($concat_gw) {
$url = ".aql.com/sms/postmsg-concat-multiple.php"; // multi - concatenated
}
else {
$url = ".aql.com/sms/postmsg-multiple.php"; // multi - single
}
}
else {
if ($concat_gw) {
$url = ".aql.com/sms/postmsg-concat.php"; // single - concatenated
}
else {
$url = ".aql.com/sms/postmsg.php"; // single - single
}
}
$max_concat = urlencode($max_concat);
$dlrurl = urlencode($dlrurl); // encode variables
$password = urlencode($password);
$username = urlencode($username);
$number = urlencode($number);
$message = urlencode($message);
$orig = urlencode($orig);
$flash = urlencode($flash);
$refer = urlencode("smssite");
if ($validated)
{
// concatenate all encoded variables
$data = "to_num=$number&message=$message&flash=$flash&orig=$orig&username=$username&password=$password&dlrurl=$dlrurl&refer=$refer&maxconcat=$max_concat";
$success = $this->curl_send($url, $data, $secure_send); // run curl function & send message
if ($success) return true;
}
else
{
$contents = implode(" ", $chars);
?>
<p align="center">The number entered contains illegal characters: <? echo $contents;?><p>
<?
}
} // end send_message()
// sends a wap push
function send_wap_push ($number="", $wap_name="", $wap_url="", $orig="", $username, $password, $dlrurl,$secure_send)
{
$password = urlencode($password); // encode variables
$username = urlencode($username);
$number = urlencode($number);
$wap_name = urlencode($wap_name);
$orig = urlencode($orig);
$wap_url = urlencode($wap_url);
$refer = urlencode("smssite");
// set url to wap push gateway
$url = ".aql.com/sms/gw-wap-si.php";
// concatenate all encoded variables
$data = "destination=$number&wapurl=$wap_url&wapname=$wap_name&originator=$orig&username=$username&password=$password&dlrurl=$dlrurl&refer=$refer";
$success = $this->curl_send($url, $data,$secure_send); // run curl function & send message
if ($success) return true;
} // end send_wap_push()
// returns users credit level
function check_credit ($username, $password,$secure_send)
{
// set gateway
$url = ".aql.com/sms/postmsg.php";
// set data string
$data = "username=$username&password=$password&cmd=credit&refer=smssite";
$success = $this->curl_send($url, $data,$secure_send); // run curl function
if ($success) return true;
} // end check_credit()
}
session_start();
include("inc/header.inc.php");
include("inc/options.inc.php");
if ($access == "forbidden") {
include("inc/restricted.inc.php");
}
elseif ($access == "locked") {
include("inc/restricted.inc.php");
}
else {
$messageobj = new sendSMS(); // create new instance of class
$local_user = $_SESSION['user'];
$wapAdd = $_SESSION['wap'];
$orig = $_SESSION['orig'];
$contents = $_SESSION['contents'];
$flashing = $_SESSION['flash'];
$recipients = $_SESSION['sendto'];
$type = $_SESSION['type'];
$reports = $_SESSION['reps'];
$secure = $_SESSION['security'];
$no_of_creds = $_SESSION['required_creds'];
$query = mysql_query("SELECT name,value FROM config");
while ($row = mysql_fetch_array($query))
$config[$row['name']] = $row['value'];
if ($config['allow_concat'] == 'yes') {
$maxconcat = $config['max_concats'];
}
if ($secure == "1") {
$secure_send = "yes";
}
if ($reports != 1) {
$dlrurl = "";
}
if ($flashing == "1")
$flash = 'yes';
else
$flash = 'no';
if ($type == 'CreditCheck') { // check credit
$query = "INSERT INTO sent_messages VALUES ('','$local_user','','','Credit check','','',now())";
mysql_query($query); // insert in database
$messageobj->check_credit($aqluser,$aqlpass,$secure_send);
}
else {
$no_of_numbers = 1;
for ($i = 0; $i < strlen($recipients); $i++) // check for commas
{
if (ereg(",", $recipients[$i]))
{
$no_of_numbers += 1;
}
}
$query = "SELECT credits FROM users WHERE username='$local_user'"; // get current credit level
$result = mysql_query($query);
$row = mysql_fetch_row($result);
if ($row[0] == '-1') {
$new_creds = $row[0];
}
else {
$new_creds = $row[0] - ($no_of_numbers * $no_of_creds); // new credit level
}
if ($row[0] == '-1' or $new_creds >= 0) {
if ($type == 'SMS') { // send sms message
$query = "INSERT INTO sent_messages VALUES ('','$local_user','','$orig','SMS','$flash','$contents',now())";
mysql_query($query); // insert in database
$reference = mysql_insert_id(); // get new records' id
$query = "UPDATE `users` SET `credits` = '$new_creds' WHERE `username` = '$local_user' LIMIT 1"; // update credit level
$result = mysql_query($query);
if ($dlrurl !== "")
$dlrurl.=$reference;
$messageobj->send_message($recipients,$contents,$orig,$flashing,$aqluser,$aqlpass,$dlrurl,$secure_send,$maxconcat); // send
} // endif
if ($type == 'WapPush') { // send wap push
$query = "INSERT INTO sent_messages VALUES ('','$local_user','$wapAdd','$orig','WAP PUSH','no','$contents',now())";
mysql_query($query); // insert in database
$reference = mysql_insert_id(); // get new records' id
$query = "UPDATE `users` SET `credits` = '$new_creds' WHERE `username` = '$local_user' LIMIT 1"; // update credit level
$result = mysql_query($query);
if ($dlrurl !== "")
$dlrurl.=$reference;
$messageobj->send_wap_push($recipients,$contents,$wapAdd,$orig,$aqluser,$aqlpass,$dlrurl,$secure_send);
} // end if
} // end if
else {
echo "You do not have enough credits to fulfil this request, please top up and try again";
}
}
}
include("inc/footer.inc.php");
?>