<?php
@session_start();
@error_reporting(7);
@ini_set('display_errors', true);
@ini_set('html_errors', false);
define('DATALIFEENGINE', true);
define( 'ROOT_DIR', substr( dirname( __FILE__ ), 0, -12 ) );
define( 'SYSTEM_DIR', ROOT_DIR . '/system' );
include SYSTEM_DIR.'/data/config.php';
require_once SYSTEM_DIR.'/classes/mysql.php';
require_once SYSTEM_DIR.'/data/dbconfig.php';
require_once ROOT_DIR.'/language/'.$config['langs'].'/website.lng';
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];
require_once SYSTEM_DIR.'/modules/functions.php';
$user_group = $cache->get ( "usergroup" );
if (! $user_group) {
$user_group = array ();
$db->query ( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row () ) {
$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$user_group[$row['id']][$key] = $value;
}}
$cache->set ( "usergroup", $user_group );
$db->free ();
}
require_once SYSTEM_DIR.'/modules/sitelogin.php';
if (!$is_logged OR $member_id['user_group'] != 1) die ("error");
$startfrom = intval($_POST['startfrom']);
if ($_POST['empfanger'] != "all") $empfanger = intval($_POST['empfanger']);
$type = $_POST['type'];
$a_mail = intval($_POST['a_mail']);
$limit = intval($_POST['limit']);
$step = 0;
$title = convert_unicode($_POST['title'], $config['charset']);
$message = convert_unicode($_POST['message'], $config['charset']);
$find = array ('/data:/i', '/about:/i', '/vbscript:/i', '/onclick/i', '/onload/i', '/onunload/i', '/onabort/i', '/onerror/i', '/onblur/i', '/onchange/i', '/onfocus/i', '/onreset/i', '/onsubmit/i', '/ondblclick/i', '/onkeydown/i', '/onkeypress/i', '/onkeyup/i', '/onmousedown/i', '/onmouseup/i', '/onmouseover/i', '/onmouseout/i', '/onselect/i', '/javascript/i', '/javascript/i' );
$replace = array ("data:", "about:", "vbscript<b></b>:", "onclick", "onload", "onunload", "onabort", "onerror", "onblur", "onchange", "onfocus", "onreset", "onsubmit", "ondblclick", "onkeydown", "onkeypress", "onkeyup", "onmousedown", "onmouseup", "onmouseover", "onmouseout", "onselect", "javascript" );
$message = preg_replace( $find, $replace, $message );
$message = preg_replace( "#<iframe#i", "<iframe", $message );
$message = preg_replace( "#<script#i", "<script", $message );
$message = str_replace( "<?", "<?", $message );
$message = str_replace( "?>", "?>", $message );
if (!$title OR !$message OR !$limit) die ("error");
if ($type == "pm") {
$time = time()+($config['date_adjust']*60);
$title = $db->safesql($title);
$message = $db->safesql($message);
if ($empfanger != "all")
$result = $db->query("SELECT user_id, name, fullname FROM " . USERPREFIX . "_users where user_group = '$empfanger' LIMIT ".$startfrom.",".$limit);
else
$result = $db->query("SELECT user_id, name, fullname FROM " . USERPREFIX . "_users LIMIT ".$startfrom.",".$limit);
while($row = $db->get_row($result))
{
if ( $row['fullname'] )
$message_send = str_replace("{%user%}", $row['fullname'], $message);
else
$message_send = str_replace("{%user%}", $row['name'], $message);
$db->query("INSERT INTO " . USERPREFIX . "_pm (subj, text, user, user_from, date, pm_read, folder) values ('$title', '$message_send', '$row[user_id]', '$member_id[name]', '$time', 'no', 'inbox')");
$db->query("UPDATE " . USERPREFIX . "_users set pm_all=pm_all+1, pm_unread=pm_unread+1 where user_id='$row[user_id]'");
$step++;
}
$db->free($result);
}
elseif ($type == "email") {
$message = stripslashes( $message );
$title = stripslashes( $title );
$message = <<<HTML
<html><title>{$title}</title>
<meta content="text/html; charset={$config['charset']}" http-equiv=Content-Type>
<style type="text/css">
html,body{
font-size: 11px;
font-family: verdana;
}
a:active,
a:visited,
a:link {
color: #4b719e;
text-decoration:none;
}
a:hover {
color: #4b719e;
text-decoration: underline;
}
</style>
<body>
{$message}
</body>
</html>
HTML;
include_once SYSTEM_DIR.'/classes/mail.class.php';
$mail = new dle_mail ($config, true);
$where = array();
if ($empfanger != "all") $where[] = "user_group = '{$empfanger}'";
if ($a_mail) $where[] = "allow_mail = '1'";
if (count($where)) $where = " WHERE ".implode (" AND ", $where);
else $where = "";
if ($config['mail_bcc']) {
$limit = $limit * 6;
$i = 0;
$h_mail = array();
$bcc = array();
$db->query("SELECT email FROM " . USERPREFIX . "_users".$where." LIMIT ".$startfrom.",".$limit);
$db->close();
while($row = $db->get_row())
{
if ($i == 0) { $h_mail[$t] = $row['email'];}
else {$bcc[$t][] = $row['email'];}
$i++;
if ($i == 6) {
$i=0;
$t++;
}
$step++;
}
$db->free();
foreach ($h_mail as $key => $email) {
$mail->bcc = $bcc[$key];
$message_send = str_replace("{%user%}", $lang['nl_info_2'], $message);
$mail->send ($email, $title, $message_send);
}
}
else
{
$db->query("SELECT email, name, fullname FROM " . USERPREFIX . "_users".$where." LIMIT ".$startfrom.",".$limit);
$db->close();
while($row = $db->get_row())
{
if ( $row['fullname'] )
$message_send = str_replace("{%user%}", $row['fullname'], $message);
else
$message_send = str_replace("{%user%}", $row['name'], $message);
$mail->send ($row['email'], $title, $message_send);
$step++;
}
$db->free();
}
}
else
{
die ("error");
}
$count = $startfrom + $step;
$buffer = "{\"status\": \"ok\",\"count\": {$count}}";
@header( "Content-type: text/html; charset=" . $config['charset'] );
echo $buffer;
?>