insert_message.php

通达OA部分源代码

<?
include_once "logincheck.php";
include_once "myconnect.php";
include_once "date_time_format.php";
include_once "check_msg_function.php";

$tid=$_REQUEST["id"];
$fid=$_SESSION["sbbleads_userid"];

$to_mem=mysql_fetch_array(mysql_query("select * from sbbleads_members where sb_id=$tid"));
$from_mem=mysql_fetch_array(mysql_query("select * from sbbleads_members where sb_id=$fid"));

$block_country=mysql_fetch_array(mysql_query(" select * from sbbleads_blocked_countries where sb_uid=$tid and sb_blocked_id=".$from_mem["sb_country"]));
$rst=mysql_fetch_array(mysql_query(" select * from sbbleads_blocked where sb_uid=$tid and sb_blocked_id=$fid"));
if(($rst)||($block_country))
{
$errmsg="The recipient (".$to_mem["sb_username"].") has blocked you, unable to deliver your message.";
}
else
{
			if (!get_magic_quotes_gpc()) {
			$message=str_replace('$', '\$',addslashes($_REQUEST["message"]));
			$subject=str_replace('$', '\$',addslashes($_REQUEST["subject"]));
			}
			else
			{
			$message=str_replace('$', '\$',$_REQUEST["message"]);
			$subject=str_replace('$', '\$',$_REQUEST["subject"]);
			}
			$message=check_msg($message,1);
			$subject=check_msg($subject,1);
mysql_query("update	sbbleads_stats set sb_msg_cnt=sb_msg_cnt+1 ");		
mysql_query ("Insert into `sbbleads_messages` ( sb_fid , sb_tid , sb_message , sb_subject , sb_msg_read,sb_f_del,sb_t_del,  sb_onstamp) VALUES ( $fid,$tid,'$message'," ."'$subject'" .",'No','No','No','" .date("YmdHis",time())."')");


///////////////////////MAIL TO MEMBER////////////////
			  
/////////////getting null char
if(mysql_affected_rows()>0)
{
	
		$sbrow_con=mysql_fetch_array(mysql_query("select * from sbbleads_config"));
		$sb_null_char=$sbrow_con["sb_null_char"];
		$sb_site_root=$sbrow_con["sb_site_root"];
		$login_url=$sb_site_root."/signin.php";

	//Gets member info
	$sql = "SELECT max(sb_id) FROM sbbleads_messages" ;
	$rs_query=mysql_query($sql);
	$rs=mysql_fetch_array($rs_query);
	$id=$rs[0];
	
	$rs0=mysql_fetch_array(mysql_query("select *,UNIX_TIMESTAMP(sb_onstamp) as ondate  from sbbleads_messages where sb_id=" .$id));
	$rs1=mysql_fetch_array(mysql_query("select * from sbbleads_members where sb_id=" .$rs0["sb_tid"]));
	$rs2=mysql_fetch_array(mysql_query("select * from sbbleads_members where sb_id=" .$rs0["sb_fid"]));
	$ondate=sb_date($rs0["ondate"]);
	
	//Reads email to be sent
	$sql = "SELECT * FROM sbbleads_mails where sb_mailid=23" ;
	$rs_query=mysql_query($sql);
	
	if ( $rs=mysql_fetch_array($rs_query)  )
	  {
		 if($rs["sb_status"]=="yes")	
		  {
					 $from =$rs["sb_fromid"];
					 $to = $rs1["sb_email"];
					 $subject =$rs["sb_subject"];
			
			 $body=str_replace("%email%", $sb_null_char,str_replace("%password%",$sb_null_char,str_replace("%lname%", $rs1["sb_lastname"],str_replace("%fname%", $rs1["sb_firstname"],str_replace("%username%",$rs1["sb_username"], $rs["sb_mail"]) )))); 
				
			$body=str_replace("%signup_url%",$sb_null_char,str_replace("%login_url%",$login_url,$body));

		 $body=str_replace("%message_text%",$rs0["sb_message"],str_replace("%message_title%",$rs0["sb_subject"],str_replace("%sender_username%",$rs2["sb_username"],str_replace("%message_date%",$ondate,$body))));
			  
			  $header="From:" . $from . "\r\n" ."Reply-To:". $from  ;
			 if(isset($rs["sb_html_format"])&&($rs["sb_html_format"]=="yes"))
			{
			$header .= "\r\nMIME-Version: 1.0";
			$header .= "\r\nContent-type: text/html; charset=iso-8859-1\r\n";
		//	$body=str_replace("\n","<br>",$body);
			}

// 	echo "--from:-$from----to:-$to---sub:-$subject----head:-$header----";
// 	echo "<pre>$body</pre>";
//	die();

				if( $rs["sb_status"]=='yes')
					 mail($to,$subject,$body,$header);

		  }// end if status is on

		 
	  }
	$errmsg="Your message has been sent to ".$to_mem["sb_username"];
	//////////////////////////////////////////////////////////
	}
}// if affectedrows >0
//echo "this ".$_REQUEST["sb_type"];
//die();

/*if(isset($_REQUEST["sb_type"]) && ($_REQUEST["sb_type"]>='1') && ($_REQUEST["sb_type"]<='4'))
{
	switch($_REQUEST["sb_type"])
	{
		case 1:
			header("Location: view_offer.php?id=".$_REQUEST["sb_id"]."&msg=".urlencode($msg));
			break;
		case 2:
			header("Location: view_offer_buy.php?id=".$_REQUEST["sb_id"]."&msg=".urlencode($msg));
			break;
		case 3:
			header("Location: view_product.php?id=".$_REQUEST["sb_id"]."&msg=".urlencode($msg));
			break;
		case 4:
			header("Location: view_profile.php?id=".$_REQUEST["sb_id"]."&msg=".urlencode($msg));
			break;
	}
	die();
}
else
{
//echo "Location:"."userhome.php?id=$fid&msg=".urlencode($msg);*/

header("Location:"."insert_message_confirm.php?tid=$tid&sb_id=".$_REQUEST["sb_id"]."&sb_type=".$_REQUEST["sb_type"]."&errmsg=".urlencode($errmsg));
die();
?>