From 8b4beacf0eafe9b41069748f72bdb80b1ceb7071 Mon Sep 17 00:00:00 2001 From: o-psi Date: Tue, 19 Dec 2023 22:36:51 +0000 Subject: [PATCH 1/6] Update MailQueue to use function --- cron.php | 23 +++++++++++- cron_ticket_email_parser.php | 24 +++++++++--- functions.php | 16 ++++++++ portal/portal_post.php | 13 ++++++- post/contact.php | 11 +++++- post/invoice.php | 55 ++++++++++++++++++++++----- post/quote.php | 13 +++++-- post/ticket.php | 73 ++++++++++++++++++++++++++---------- temp.php | 26 ++++++++++--- 9 files changed, 204 insertions(+), 50 deletions(-) diff --git a/cron.php b/cron.php index 9df90de5..016364d6 100644 --- a/cron.php +++ b/cron.php @@ -297,6 +297,7 @@ if (mysqli_num_rows($sql_scheduled_tickets) > 0) { $ticket_subject = $row['ticket_subject']; $ticket_details = $row['ticket_details']; // Output on settings_mail_queue.php is sanitized through HTML Purifier + $data = []; // Notify client by email their ticket has been raised, if general notifications are turned on & there is a valid contact email if (!empty($config_smtp_host) && $config_ticket_client_general_notifications == 1 && filter_var($contact_email, FILTER_VALIDATE_EMAIL)) { @@ -304,7 +305,15 @@ if (mysqli_num_rows($sql_scheduled_tickets) > 0) { $email_subject = mysqli_real_escape_string($mysqli, "Ticket created - [$ticket_prefix$ticket_number] - $ticket_subject (scheduled)"); $email_body = mysqli_real_escape_string($mysqli, "##- Please type your reply above this line -##

Hello, $contact_name

A ticket regarding \"$ticket_subject\" has been automatically created for you.

--------------------------------
$details--------------------------------

Ticket: $ticket_prefix$ticket_number
Subject: $ticket_subject
Status: Open
Portal: https://$config_base_url/portal/ticket.php?id=$id

~
$company_name
Support Department
$config_ticket_from_email
$company_phone"); - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$contact_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_ticket_from_email_escaped', email_from_name = '$config_ticket_from_name_escaped', email_subject = '$email_subject', email_content = '$email_body'"); + $email = [ + 'recipient' => $contact_email_escaped, + 'recipient_name' => $contact_name_escaped, + 'subject' => $email_subject, + 'body' => $email_body + ]; + + $data[] = $email; + } @@ -314,9 +323,19 @@ if (mysqli_num_rows($sql_scheduled_tickets) > 0) { $email_subject = mysqli_real_escape_string($mysqli, "ITFlow - New Scheduled Ticket - $client_name: $ticket_subject"); $email_body = mysqli_real_escape_string($mysqli, "Hello,

This is a notification that a new scheduled ticket has been raised in ITFlow.
Ticket: $ticket_prefix$ticket_number
Client: $client_name
Priority: $priority
Link: https://$config_base_url/ticket.php?ticket_id=$id

--------------------------------

$ticket_subject
$ticket_details"); - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$config_ticket_new_ticket_notification_email', email_recipient_name = 'ITFlow Agents', email_from = '$config_ticket_from_email', email_from_name = '$config_ticket_from_name', email_subject = '$email_subject', email_content = '$email_body'"); + $email = [ + 'recipient' => $config_ticket_new_ticket_notification_email, + 'recipient_name' => $config_ticket_from_name_escaped, + 'subject' => $email_subject, + 'body' => $email_body + ]; + + $data[] = $email; } + // Add to the mail queue + addToMailQueue($mysqli, $data); + // Set the next run date if ($frequency == "weekly") { diff --git a/cron_ticket_email_parser.php b/cron_ticket_email_parser.php index cc7d78ab..a821d939 100644 --- a/cron_ticket_email_parser.php +++ b/cron_ticket_email_parser.php @@ -157,21 +157,23 @@ function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date } - + $data = []; // E-mail client notification that ticket has been created if ($config_ticket_client_general_notifications == 1) { // Insert email into queue (first, escape vars) $contact_email_escaped = sanitizeInput($contact_email); $contact_name_escaped = sanitizeInput($contact_name); - $config_ticket_from_email_escaped = sanitizeInput($config_ticket_from_email); - $config_ticket_from_name_escaped = sanitizeInput($config_ticket_from_name); $subject_escaped = mysqli_escape_string($mysqli, "Ticket created - [$config_ticket_prefix$ticket_number] - $subject"); $body_escaped = mysqli_escape_string($mysqli, "##- Please type your reply above this line -##

Hello, $contact_name

Thank you for your email. A ticket regarding \"$subject\" has been automatically created for you.

Ticket: $config_ticket_prefix$ticket_number
Subject: $subject
Status: Open
https://$config_base_url/portal/ticket.php?id=$id

~
$company_name
Support Department
$config_ticket_from_email
$company_phone"); - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$contact_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_ticket_from_email_escaped', email_from_name = '$config_ticket_from_name_escaped', email_subject = '$subject_escaped', email_content = '$body_escaped'"); - + $data[] = [ + 'recipient' => $contact_email_escaped, + 'recipient_name' => $contact_name_escaped, + 'subject' => $subject_escaped, + 'body' => $body_escaped + ]; } // Notify agent DL of the new ticket, if populated with a valid email @@ -188,9 +190,16 @@ function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date $email_subject = mysqli_escape_string($mysqli, "ITFlow - New Ticket - $client_name: $subject"); $email_body = "Hello,

This is a notification that a new ticket has been raised in ITFlow.
Client: $client_name
Priority: Low (email parsed)
Link: https://$config_base_url/ticket.php?ticket_id=$id

--------------------------------

$subject
$details"; - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$config_ticket_new_ticket_notification_email', email_recipient_name = 'ITFlow Agents', email_from = '$config_ticket_from_email', email_from_name = '$config_ticket_from_name', email_subject = '$email_subject', email_content = '$email_body'"); + $data[] = [ + 'recipient' => $config_ticket_new_ticket_notification_email, + 'recipient_name' => $config_ticket_from_name, + 'subject' => $email_subject, + 'body' => $email_body + ]; } + addToMailQueue($mysqli, $data); + return true; } @@ -310,6 +319,9 @@ function addReply($from_email, $date, $subject, $ticket_number, $message, $attac } + // E-mail techs assigned to the ticket to notify them of the reply + $ticket_assigned_to = mysqli_query($mysqli, "SELECT ticket_assigned_to FROM tickets WHERE ticket_id = $ticket_id LIMIT 1"); + // Update Ticket Last Response Field & set ticket to open as client has replied mysqli_query($mysqli, "UPDATE tickets SET ticket_status = 'Client-Replied' WHERE ticket_id = $ticket_id AND ticket_client_id = $client_id LIMIT 1"); diff --git a/functions.php b/functions.php index b471d80b..c2e8d372 100644 --- a/functions.php +++ b/functions.php @@ -871,4 +871,20 @@ function calculateAccountBalance($mysqli, $account_id) { } return $balance; +} + +function addToMailQueue($mysqli, $data) { + $config_invoice_from_email = strval(getSettingValue($mysqli, 'config_invoice_from_email')); + $config_invoice_from_name = strval(getSettingValue($mysqli, 'config_invoice_from_name')); + + foreach ($data as $email) { + $recipient = $email['email']; + $recipient_name = $email['name']; + $subject = $email['subject']; + $body = $email['body']; + + mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$recipient', email_recipient_name = '$recipient_name', email_from = '$config_invoice_from_email', email_from_name = '$config_invoice_from_name', email_subject = '$subject', email_content = '$body'"); + } + + return true; } \ No newline at end of file diff --git a/portal/portal_post.php b/portal/portal_post.php index 40dac547..b09bdfc0 100644 --- a/portal/portal_post.php +++ b/portal/portal_post.php @@ -50,8 +50,17 @@ if (isset($_POST['add_ticket'])) { $email_subject = "ITFlow - New Ticket - $client_name: $subject"; $email_body = "Hello,

This is a notification that a new ticket has been raised in ITFlow.
Client: $client_name
Priority: $priority
Link: https://$config_base_url/ticket.php?ticket_id=$id

$subject
$details"; - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$config_ticket_new_ticket_notification_email', email_recipient_name = 'ITFlow Agents', email_from = '$config_ticket_from_email', email_from_name = '$config_ticket_from_name', email_subject = '$email_subject', email_content = '$email_body'"); - } + // Queue Mail + $data = [ + [ + 'recipient' => $config_ticket_new_ticket_notification_email, + 'recipient_name' => $config_ticket_from_name, + 'subject' => $email_subject, + 'body' => $email_body, + ] + ]; + addToMailQueue($mysqli, $data); + } // Logging mysqli_query($mysqli, "INSERT INTO logs SET log_type = 'Ticket', log_action = 'Create', log_description = 'Client contact $session_contact_name created ticket $subject', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id"); diff --git a/post/contact.php b/post/contact.php index f750e916..a01fa4d7 100644 --- a/post/contact.php +++ b/post/contact.php @@ -119,8 +119,15 @@ if (isset($_POST['edit_contact'])) { $body = mysqli_real_escape_string($mysqli, "Hello, $contact_name

$session_company_name has created a support portal account for you.

Username: $email
Password: $password_info

Login URL: https://$config_base_url/portal/

~
$session_company_name
Support Department
$config_ticket_from_email"); // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$email', email_recipient_name = '$name', email_from = '$config_ticket_from_email_escaped', email_from_name = '$config_ticket_from_name_escaped', email_subject = '$subject', email_content = '$body'"); - + $data = [ + [ + 'recipient' => $email, + 'recipient_name' => $contact_name, + 'subject' => $subject, + 'body' => $body, + ] + ]; + addToMailQueue($mysqli, $data); // Get Email ID for reference $email_id = mysqli_insert_id($mysqli); diff --git a/post/invoice.php b/post/invoice.php index 46983c13..2b2c8a57 100644 --- a/post/invoice.php +++ b/post/invoice.php @@ -663,6 +663,8 @@ if (isset($_POST['add_payment'])) { //Calculate the Invoice balance $invoice_balance = $invoice_amount - $total_payments_amount; + $email_data = []; + //Determine if invoice has been paid then set the status accordingly if ($invoice_balance == 0) { @@ -674,7 +676,14 @@ if (isset($_POST['add_payment'])) { $body = mysqli_real_escape_string($mysqli, "Hello $contact_name,

We have received your payment in the amount of " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . " for invoice $invoice_prefix$invoice_number. Please keep this email as a receipt for your records.

Amount: " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . "
Balance: " . numfmt_format_currency($currency_format, $invoice_balance, $invoice_currency_code) . "

Thank you for your business!


~
$company_name
Billing Department
$config_invoice_from_email
$company_phone"); // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$contact_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_invoice_from_email_escaped', email_from_name = '$config_invoice_from_name_escaped', email_subject = '$subject', email_content = '$body'"); + $email = [ + 'recipient' => $contact_email_escaped, + 'recipient_name' => $contact_name_escaped, + 'subject' => $subject, + 'body' => $body + ]; + + $email_data = $email; // Get Email ID for reference $email_id = mysqli_insert_id($mysqli); @@ -698,7 +707,14 @@ if (isset($_POST['add_payment'])) { $body = mysqli_real_escape_string($mysqli, "Hello $contact_name,

We have recieved partial payment in the amount of " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . " and it has been applied to invoice $invoice_prefix$invoice_number. Please keep this email as a receipt for your records.

Amount: " . numfmt_format_currency($currency_format, $amount, $invoice_currency_code) . "
Balance: " . numfmt_format_currency($currency_format, $invoice_balance, $invoice_currency_code) . "

Thank you for your business!


~
$company_name
Billing Department
$config_invoice_from_email
$company_phone"); // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$contact_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_invoice_from_email_escaped', email_from_name = '$config_invoice_from_name_escaped', email_subject = '$subject', email_content = '$body'"); + $email = [ + 'recipient' => $contact_email_escaped, + 'recipient_name' => $contact_name_escaped, + 'subject' => $subject, + 'body' => $body + ]; + + $email_data = $email; // Get Email ID for reference $email_id = mysqli_insert_id($mysqli); @@ -713,6 +729,11 @@ if (isset($_POST['add_payment'])) { } + // Add emails to queue + if (!empty($email)) { + addToMailQueue($mysqli, $email); + } + //Update Invoice Status mysqli_query($mysqli,"UPDATE invoices SET invoice_status = '$invoice_status' WHERE invoice_id = $invoice_id"); @@ -840,7 +861,16 @@ if (isset($_GET['email_invoice'])) { } // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$contact_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_invoice_from_email_escaped', email_from_name = '$config_invoice_from_name_escaped', email_subject = '$subject', email_content = '$body'"); + $data = [ + [ + 'email' => $contact_email_escaped, + 'name' => $contact_name_escaped, + 'subject' => $subject, + 'body' => $body + ] + ]; + + addToMailQueue($mysqli, $data); // Get Email ID for reference $email_id = mysqli_insert_id($mysqli); @@ -865,21 +895,28 @@ if (isset($_GET['email_invoice'])) { AND contact_email != '' AND contact_client_id = $client_id" ); + + $data = []; + while ($billing_contact = mysqli_fetch_array($sql_billing_contacts)) { $billing_contact_name = sanitizeInput($billing_contact['contact_name']); $billing_contact_email = sanitizeInput($billing_contact['contact_email']); - // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$billing_contact_email', email_recipient_name = '$billing_contact_name', email_from = '$config_invoice_from_email', email_from_name = '$config_invoice_from_name', email_subject = '$subject', email_content = '$body'"); - - // Get Email ID for reference - $email_id = mysqli_insert_id($mysqli); + $data = [ + [ + 'email' => $billing_contact_email, + 'name' => $billing_contact_name, + 'subject' => $subject, + 'body' => $body + ] + ]; // Logging mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Invoice', log_action = 'Email', log_description = 'Invoice $invoice_prefix_escaped$invoice_number queued to $billing_contact_email Email ID: $email_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_client_id = $client_id, log_user_id = $session_user_id, log_entity_id = $invoice_id"); - } + addToMailQueue($mysqli, $data); + header("Location: " . $_SERVER["HTTP_REFERER"]); } diff --git a/post/quote.php b/post/quote.php index 93060051..2b9761d3 100644 --- a/post/quote.php +++ b/post/quote.php @@ -395,10 +395,15 @@ if (isset($_GET['email_quote'])) { $body = mysqli_escape_string($mysqli, "Hello $contact_name,

Thank you for your inquiry, we are pleased to provide you with the following estimate.


$quote_scope
Total Cost: " . numfmt_format_currency($currency_format, $quote_amount, $quote_currency_code) . "


View and accept your estimate online here


~
$company_name
Sales
$config_quote_from_email
$company_phone"); // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$contact_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_quote_from_email_escaped', email_from_name = '$config_quote_from_name_escaped', email_subject = '$subject', email_content = '$body'"); - - // Get Email ID for reference - $email_id = mysqli_insert_id($mysqli); + $data = [ + [ + 'recipient' => $contact_email_escaped, + 'recipient_name' => $contact_name_escaped, + 'subject' => $subject, + 'body' => $body, + ] + ]; + addToMailQueue($mysqli, $data); // Logging mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Emailed Quote!', history_quote_id = $quote_id"); diff --git a/post/ticket.php b/post/ticket.php index 37f26109..0840e1e0 100644 --- a/post/ticket.php +++ b/post/ticket.php @@ -112,10 +112,13 @@ if (isset($_POST['add_ticket'])) { // Email Ticket Contact // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$contact_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_ticket_from_email_escaped', email_from_name = '$config_ticket_from_name_escaped', email_subject = '$subject_escaped', email_content = '$body_escaped'"); - - // Get Email ID for reference - $email_id = mysqli_insert_id($mysqli); + $data = []; + $data[] = [ + 'recipient' => $contact_email_escaped, + 'recipient_name' => $contact_name_escaped, + 'subject' => $subject_escaped, + 'body' => $body_escaped, + ]; // Also Email all the watchers $sql_watchers = mysqli_query($mysqli, "SELECT watcher_email FROM ticket_watchers WHERE watcher_ticket_id = $ticket_id"); @@ -124,8 +127,14 @@ if (isset($_POST['add_ticket'])) { $watcher_email_escaped = sanitizeInput($row['watcher_email']); // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$watcher_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_ticket_from_email_escaped', email_from_name = '$config_ticket_from_name_escaped', email_subject = '$subject_escaped', email_content = '$body_escaped'"); + $data[] = [ + 'recipient' => $watcher_email_escaped, + 'recipient_name' => $watcher_email_escaped, + 'subject' => $subject_escaped, + 'body' => $body_escaped, + ]; } + addToMailQueue($mysqli, $data); } } @@ -401,10 +410,15 @@ if (isset($_POST['assign_ticket'])) { // Email Ticket Agent // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$agent_email_escaped', email_recipient_name = '$agent_name_escaped', email_from = '$config_ticket_from_email_escaped', email_from_name = '$config_ticket_from_name_escaped', email_subject = '$subject_escaped', email_content = '$body_escaped'"); - - // Get Email ID for reference - $email_id = mysqli_insert_id($mysqli); + $data = [ + [ + 'recipient' => $agent_email_escaped, + 'recipient_name' => $agent_name_escaped, + 'subject' => $subject_escaped, + 'body' => $body_escaped, + ] + ]; + addToMailQueue($mysqli, $data); } } @@ -545,12 +559,16 @@ if (isset($_POST['add_ticket_reply'])) { } + $data = []; + // Email Ticket Contact // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$contact_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_ticket_from_email_escaped', email_from_name = '$config_ticket_from_name_escaped', email_subject = '$subject_escaped', email_content = '$body_escaped'"); - - // Get Email ID for reference - $email_id = mysqli_insert_id($mysqli); + $data[] = [ + 'recipient' => $contact_email_escaped, + 'recipient_name' => $contact_name_escaped, + 'subject' => $subject_escaped, + 'body' => $body_escaped, + ]; // Also Email all the watchers $sql_watchers = mysqli_query($mysqli, "SELECT watcher_email FROM ticket_watchers WHERE watcher_ticket_id = $ticket_id"); @@ -559,9 +577,14 @@ if (isset($_POST['add_ticket_reply'])) { $watcher_email_escaped = sanitizeInput($row['watcher_email']); // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$watcher_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_ticket_from_email_escaped', email_from_name = '$config_ticket_from_name_escaped', email_subject = '$subject_escaped', email_content = '$body_escaped'"); + $data[] = [ + 'recipient' => $watcher_email_escaped, + 'recipient_name' => $watcher_email_escaped, + 'subject' => $subject_escaped, + 'body' => $body_escaped, + ]; } - + addToMailQueue($mysqli, $data); } } //End Mail IF @@ -754,15 +777,20 @@ if (isset($_GET['close_ticket'])) { // Check email valid if (filter_var($contact_email_escaped, FILTER_VALIDATE_EMAIL)) { + $data = []; + $subject_escaped = mysqli_escape_string($mysqli, "Ticket closed - [$ticket_prefix$ticket_number] - $ticket_subject | (do not reply)"); $body_escaped = mysqli_escape_string($mysqli, "Hello, $contact_name

Your ticket regarding \"$ticket_subject\" has been closed.

We hope the issue was resolved to your satisfaction. If you need further assistance, please raise a new ticket using the below details. Please do not reply to this email.

Ticket: $ticket_prefix$ticket_number
Subject: $ticket_subject
Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id

~
$session_company_name
Support Department
$config_ticket_from_email
$company_phone"); // Email Ticket Contact // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$contact_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_ticket_from_email_escaped', email_from_name = '$config_ticket_from_name_escaped', email_subject = '$subject_escaped', email_content = '$body_escaped'"); - // Get Email ID for reference - $email_queue_id = mysqli_insert_id($mysqli); + $data[] = [ + 'recipient' => $contact_email_escaped, + 'recipient_name' => $contact_name_escaped, + 'subject' => $subject_escaped, + 'body' => $body_escaped, + ]; // Also Email all the watchers $sql_watchers = mysqli_query($mysqli, "SELECT watcher_email FROM ticket_watchers WHERE watcher_ticket_id = $ticket_id"); @@ -771,9 +799,16 @@ if (isset($_GET['close_ticket'])) { $watcher_email_escaped = sanitizeInput($row['watcher_email']); // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$watcher_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_ticket_from_email_escaped', email_from_name = '$config_ticket_from_name_escaped', email_subject = '$subject_escaped', email_content = '$body_escaped'"); + $data[] = [ + 'recipient' => $watcher_email_escaped, + 'recipient_name' => $watcher_email_escaped, + 'subject' => $subject_escaped, + 'body' => $body_escaped, + ]; } + addToMailQueue($mysqli, $data); + } } diff --git a/temp.php b/temp.php index 04785c17..70c895ed 100644 --- a/temp.php +++ b/temp.php @@ -62,13 +62,19 @@ if(isset($_GET['email_invoice'])){ } // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$contact_email_escaped', email_recipient_name = '$contact_name_escaped', email_from = '$config_invoice_from_email_escaped', email_from_name = '$config_invoice_from_name_escaped', email_subject = '$subject', email_content = '$body'"); + $data = [ + [ + 'recipient' => $contact_email_escaped, + 'recipient_name' => $contact_name_escaped, + 'subject' => $subject, + 'body' => $body, + ] + ]; + addToMailQueue($mysqli, $data); - // Get Email ID for reference - $email_id = mysqli_insert_id($mysqli); $_SESSION['alert_message'] = "Invoice has been sent"; - mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Invoice sent to the mail queue ID: $email_id', history_invoice_id = $invoice_id"); + mysqli_query($mysqli,"INSERT INTO history SET history_status = 'Sent', history_description = 'Invoice sent to the mail queue.', history_invoice_id = $invoice_id"); // Don't change the status to sent if the status is anything but draft if($invoice_status == 'Draft'){ @@ -92,8 +98,16 @@ if(isset($_GET['email_invoice'])){ $billing_contact_email = sanitizeInput($billing_contact['contact_email']); // Queue Mail - mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$billing_contact_email', email_recipient_name = '$billing_contact_name', email_from = '$config_invoice_from_email', email_from_name = '$config_invoice_from_name', email_subject = '$subject', email_content = '$body'"); - + $data = [ + [ + 'recipient' => $billing_contact_email, + 'recipient_name' => $billing_contact_name, + 'subject' => $subject, + 'body' => $body, + ] + ]; + addToMailQueue($mysqli, $data); + // Get Email ID for reference $email_id = mysqli_insert_id($mysqli); From 70a9120147ee72b518f34141f320e3db728fccbd Mon Sep 17 00:00:00 2001 From: o-psi Date: Tue, 19 Dec 2023 22:39:25 +0000 Subject: [PATCH 2/6] Add notification for ticket replies --- cron_ticket_email_parser.php | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/cron_ticket_email_parser.php b/cron_ticket_email_parser.php index a821d939..4b4451d6 100644 --- a/cron_ticket_email_parser.php +++ b/cron_ticket_email_parser.php @@ -322,6 +322,41 @@ function addReply($from_email, $date, $subject, $ticket_number, $message, $attac // E-mail techs assigned to the ticket to notify them of the reply $ticket_assigned_to = mysqli_query($mysqli, "SELECT ticket_assigned_to FROM tickets WHERE ticket_id = $ticket_id LIMIT 1"); + if ($ticket_assigned_to) { + + $row = mysqli_fetch_array($ticket_assigned_to); + $ticket_assigned_to = $row['ticket_assigned_to']; + + if ($ticket_assigned_to) { + + // Get tech details + $tech_sql = mysqli_query($mysqli, "SELECT user_email, user_name FROM users WHERE user_id = $ticket_assigned_to LIMIT 1"); + $tech_row = mysqli_fetch_array($tech_sql); + $tech_email = $tech_row['user_email']; + $tech_name = $tech_row['user_name']; + + // Insert email into queue (first, escape vars) + $tech_email_escaped = sanitizeInput($tech_email); + $tech_name_escaped = sanitizeInput($tech_name); + + $subject_escaped = mysqli_escape_string($mysqli, "Ticket updated - [$config_ticket_prefix$ticket_number] - $subject"); + $body_escaped = mysqli_escape_string($mysqli, "##- Please type your reply above this line -##

Hello, $tech_name

A new reply has been added to the ticket \"$subject\".

Ticket: $config_ticket_prefix$ticket_number
Subject: $subject
Status: Open
https://$config_base_url/portal/ticket.php?id=$ticket_id

~
$company_name
Support Department
$config_ticket_from_email
$company_phone"); + + $data = [ + [ + 'recipient' => $tech_email_escaped, + 'recipient_name' => $tech_name_escaped, + 'subject' => $subject_escaped, + 'body' => $body_escaped + ] + ]; + + addToMailQueue($mysqli, $data); + + } + + } + // Update Ticket Last Response Field & set ticket to open as client has replied mysqli_query($mysqli, "UPDATE tickets SET ticket_status = 'Client-Replied' WHERE ticket_id = $ticket_id AND ticket_client_id = $client_id LIMIT 1"); From 98f731b4d4b6dfea4b31fa616672b22efa8d1f7e Mon Sep 17 00:00:00 2001 From: o-psi Date: Tue, 19 Dec 2023 23:02:05 +0000 Subject: [PATCH 3/6] Remove any "Send Single Email" declarations except in mail queue. All emails go through the mail queue, using the addToMailQueue() function. --- ajax.php | 14 +++++--- cron.php | 69 ++++++++++++++++++------------------ cron_ticket_email_parser.php | 25 ++++++------- guest_pay_invoice_stripe.php | 22 +++++------- login.php | 45 ++++++++++------------- portal/login_reset.php | 45 ++++++++++------------- post/event.php | 27 +++++++++----- post/invoice.php | 14 +++++--- post/profile.php | 26 +++++++++----- post/setting.php | 17 +++++---- post/user.php | 13 ++++--- 11 files changed, 168 insertions(+), 149 deletions(-) diff --git a/ajax.php b/ajax.php index 991883f9..9071cbea 100644 --- a/ajax.php +++ b/ajax.php @@ -312,10 +312,16 @@ if (isset($_GET['share_generate_link'])) { } $body = "Hello,

$session_name from $session_company_name sent you a time sensitive secure link regarding '$item_name'.

The link will expire in $item_expires_friendly and may only be viewed $item_view_limit times, before the link is destroyed.

Click here to access your secure content

~
$session_company_name
Support Department
$config_ticket_from_email"; - $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, - $config_mail_from_email, $config_mail_from_name, - $item_email, $item_email, - $subject, $body); + $data = [ + [ + 'recipient' => $item_email, + 'recipient_name' => $item_email, + 'subject' => $subject, + 'body' => $body, + ] + ]; + + $mail = addToMailQueue($mysqli, $data); if ($mail !== true) { mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $item_email'"); diff --git a/cron.php b/cron.php index 016364d6..cd8e7875 100644 --- a/cron.php +++ b/cron.php @@ -426,10 +426,15 @@ if ($config_ticket_autoclose == 1) { $subject = "Ticket pending closure - [$ticket_prefix$ticket_number] - $ticket_subject"; $body = "##- Please type your reply above this line -##

Hello, $contact_name

This is an automatic friendly reminder that your ticket regarding \"$ticket_subject\" will be closed, unless you respond.

--------------------------------
$ticket_reply--------------------------------

If your issue is resolved, you can ignore this email - the ticket will automatically close. If you need further assistance, please respond to this email.

Ticket: $ticket_prefix$ticket_number
Subject: $ticket_subject
Status: $ticket_status
Portal: https://$config_base_url/portal/ticket.php?id=$ticket_id

~
$company_name
Support Department
$config_ticket_from_email
$company_phone"; - $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, - $config_ticket_from_email, $config_ticket_from_name, - $contact_email, $contact_name, - $subject, $body); + $data = [ + [ + 'recipient' => $contact_email, + 'recipient_name' => $contact_name, + 'subject' => $subject, + 'body' => $body + ] + ]; + $mail = addToMailQueue($mysqli, $data); if ($mail !== true) { mysqli_query($mysqli,"INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $contact_email'"); @@ -502,19 +507,14 @@ if ($config_send_invoice_reminders == 1) {

Kindly review the invoice details mentioned below.

Invoice: $invoice_prefix$invoice_number
Issue Date: $invoice_date
Total: " . numfmt_format_currency($currency_format, $invoice_amount, $invoice_currency_code) . "
Due Date: $invoice_due


To view your invoice click here


~
$company_name
Billing Department
$config_invoice_from_email
$company_phone"; - $mail = sendSingleEmail( - $config_smtp_host, - $config_smtp_username, - $config_smtp_password, - $config_smtp_encryption, - $config_smtp_port, - $config_invoice_from_email, - $config_invoice_from_name, - $contact_email, - $contact_name, - $subject, - $body - ); + $mail = addToMailQueue($mysqli, [ + [ + 'recipient' => $contact_email, + 'recipient_name' => $contact_name, + 'subject' => $subject, + 'body' => $body + ] + ]); if ($mail === true) { mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Emailed Overdue Invoice', history_invoice_id = $invoice_id"); @@ -622,19 +622,14 @@ while ($row = mysqli_fetch_array($sql_recurring)) { $subject = "Invoice $invoice_prefix$invoice_number"; $body = "Hello $contact_name,

Kindly review the invoice details mentioned below.

Invoice: $invoice_prefix$invoice_number
Issue Date: $invoice_date
Total: " . numfmt_format_currency($currency_format, $invoice_amount, $recurring_currency_code) . "
Due Date: $invoice_due


To view your invoice click here


~
$company_name
Billing Department
$config_invoice_from_email
$company_phone"; - $mail = sendSingleEmail( - $config_smtp_host, - $config_smtp_username, - $config_smtp_password, - $config_smtp_encryption, - $config_smtp_port, - $config_invoice_from_email, - $config_invoice_from_name, - $contact_email, - $contact_name, - $subject, - $body - ); + $mail = addToMailQueue($mysqli, [ + [ + 'recipient' => $contact_email, + 'recipient_name' => $contact_name, + 'subject' => $subject, + 'body' => $body + ] + ]); if ($mail === true) { mysqli_query($mysqli, "INSERT INTO history SET history_status = 'Sent', history_description = 'Cron Emailed Invoice!', history_invoice_id = $new_invoice_id"); @@ -660,10 +655,16 @@ while ($row = mysqli_fetch_array($sql_recurring)) { $billing_contact_name = $billing_contact['contact_name']; $billing_contact_email = $billing_contact['contact_email']; - sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, - $config_invoice_from_email, $config_invoice_from_name, - $billing_contact_email, $billing_contact_name, - $subject, $body); + $data = [ + [ + 'recipient' => $billing_contact_email, + 'recipient_name' => $billing_contact_name, + 'subject' => $subject, + 'body' => $body + ] + ]; + + addToMailQueue($mysqli, $data); } } //End if Autosend is on diff --git a/cron_ticket_email_parser.php b/cron_ticket_email_parser.php index 4b4451d6..9a46b0e9 100644 --- a/cron_ticket_email_parser.php +++ b/cron_ticket_email_parser.php @@ -240,20 +240,17 @@ function addReply($from_email, $date, $subject, $ticket_number, $message, $attac $email_subject = "Action required: This ticket is already closed"; $email_body = "Hi there,

You've tried to reply to a ticket that is closed - we won't see your response.

Please raise a new ticket by sending a fresh e-mail to our support address.

~
$company_name
Support Department
$config_ticket_from_email
$company_phone"; - - sendSingleEmail( - $config_smtp_host, - $config_smtp_username, - $config_smtp_password, - $config_smtp_encryption, - $config_smtp_port, - $config_ticket_from_email, - $config_ticket_from_name, - $from_email, - $from_email, - $email_subject, - $email_body - ); + + $data = [ + [ + 'recipient' => $from_email, + 'recipient_name' => $from_email, + 'subject' => $email_subject, + 'body' => $email_body + ] + ]; + + addToMailQueue($mysqli, $data); return false; } diff --git a/guest_pay_invoice_stripe.php b/guest_pay_invoice_stripe.php index c909ac8d..37a9bc28 100644 --- a/guest_pay_invoice_stripe.php +++ b/guest_pay_invoice_stripe.php @@ -344,19 +344,15 @@ if (isset($_GET['invoice_id'], $_GET['url_key']) && !isset($_GET['payment_intent $subject = "Payment Received - Invoice $invoice_prefix$invoice_number"; $body = "Hello $contact_name,

We have received your payment in the amount of " . $pi_currency . $pi_amount_paid . " for invoice $invoice_prefix$invoice_number. Please keep this email as a receipt for your records.

Amount: " . numfmt_format_currency($currency_format, $pi_amount_paid, $invoice_currency_code) . "
Balance: " . numfmt_format_currency($currency_format, '0', $invoice_currency_code) . "

Thank you for your business!


~
$company_name
Billing Department
$config_invoice_from_email
$company_phone"; - $mail = sendSingleEmail( - $config_smtp_host, - $config_smtp_username, - $config_smtp_password, - $config_smtp_encryption, - $config_smtp_port, - $config_invoice_from_email, - $config_invoice_from_name, - $contact_email, - $contact_name, - $subject, - $body - ); + $data = [ + [ + 'recipient' => $contact_email, + 'recipient_name' => $contact_name, + 'subject' => $subject, + 'body' => $body, + ] + ]; + $mail = addToMailQueue($mysqli, $data); // Email Logging if ($mail === true) { diff --git a/login.php b/login.php index 305110ff..86d985ef 100644 --- a/login.php +++ b/login.php @@ -145,19 +145,15 @@ if (isset($_POST['login'])) { $subject = "$config_app_name new login for $user_name"; $body = "Hi $user_name,

A recent successful login to your $config_app_name account was considered a little unusual. If this was you, you can safely ignore this email!

IP Address: $ip
User Agent: $user_agent

If you did not perform this login, your credentials may be compromised.

Thanks,
ITFlow"; - $mail = sendSingleEmail( - $config_smtp_host, - $config_smtp_username, - $config_smtp_password, - $config_smtp_encryption, - $config_smtp_port, - $config_mail_from_email, - $config_mail_from_name, - $user_email, - $user_name, - $subject, - $body - ); + $data = [ + [ + 'recipient' => $user_email, + 'recipient_name' => $user_name, + 'subject' => $subject, + 'body' => $body + ] + ]; + addToMailQueue($mysqli, $data); } @@ -222,20 +218,15 @@ if (isset($_POST['login'])) { if (!empty($config_smtp_host)) { $subject = "Important: $config_app_name failed 2FA login attempt for $user_name"; $body = "Hi $user_name,

A recent login to your $config_app_name account was unsuccessful due to an incorrect 2FA code. If you did not attempt this login, your credentials may be compromised.

Thanks,
ITFlow"; - - $mail = sendSingleEmail( - $config_smtp_host, - $config_smtp_username, - $config_smtp_password, - $config_smtp_encryption, - $config_smtp_port, - $config_mail_from_email, - $config_mail_from_name, - $user_email, - $user_name, - $subject, - $body - ); + $data = [ + [ + 'recipient' => $user_email, + 'recipient_name' => $user_name, + 'subject' => $subject, + 'body' => $body + ] + ]; + $mail = addToMailQueue($mysqli, $data); } // HTML feedback for incorrect 2FA code diff --git a/portal/login_reset.php b/portal/login_reset.php index 33a2939c..31a1b26f 100644 --- a/portal/login_reset.php +++ b/portal/login_reset.php @@ -71,19 +71,15 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $subject = "Password reset for $company_name ITFlow Portal"; $body = "Hello, $name

Someone (probably you) has requested a new password for your account on $company_name's ITFlow Client Portal.

Please click here to reset your password.

Alternatively, copy and paste this URL into your browser:
$url

If you didn't request this change, you can safely ignore this email.

~
$company_name
Support Department
$config_mail_from_email"; - $mail = sendSingleEmail( - $config_smtp_host, - $config_smtp_username, - $config_smtp_password, - $config_smtp_encryption, - $config_smtp_port, - $config_mail_from_email, - $config_mail_from_name, - $email, - $name, - $subject, - $body - ); + $data = [ + [ + 'recipient' => $email, + 'recipient_name' => $name, + 'subject' => $subject, + 'body' => $body + ] + ]; + $mail = addToMailQueue($mysqli, $data); // Error handling if ($mail !== true) { @@ -130,19 +126,16 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") { $body = "Hello, $name

Your password for your account on $company_name's ITFlow Client Portal was successfully reset. You should be all set!

If you didn't reset your password, please get in touch ASAP.

~
$company_name
Support Department
$config_mail_from_email"; - $mail = sendSingleEmail( - $config_smtp_host, - $config_smtp_username, - $config_smtp_password, - $config_smtp_encryption, - $config_smtp_port, - $config_mail_from_email, - $config_mail_from_name, - $email, - $name, - $subject, - $body - ); + $data = [ + [ + 'recipient' => $email, + 'recipient_name' => $name, + 'subject' => $subject, + 'body' => $body + ] + ]; + + $mail = addToMailQueue($mysqli, $data); // Error handling if ($mail !== true) { diff --git a/post/event.php b/post/event.php index 9310d449..1494bea5 100644 --- a/post/event.php +++ b/post/event.php @@ -61,10 +61,15 @@ if (isset($_POST['add_event'])) { $subject = "New Calendar Event"; $body = "Hello $contact_name,

A calendar event has been scheduled: $title at $start


~
$company_name
$company_phone"; - $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, - $config_mail_from_email, $config_mail_from_name, - $contact_email, $contact_name, - $subject, $body); + $data = [ + [ + 'recipient' => $contact_email, + 'recipient_name' => $contact_name, + 'subject' => $subject, + 'body' => $body + ] + ]; + $mail = addToMailQueue($mysqli, $data); // Logging for email (success/fail) if ($mail === true) { @@ -120,11 +125,15 @@ if (isset($_POST['edit_event'])) { $subject = "Calendar Event Rescheduled"; $body = "Hello $contact_name,

A calendar event has been rescheduled: $title at $start


~
$company_name
$company_phone"; - $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, - $config_mail_from_email, $config_mail_from_name, - $contact_email, $contact_name, - $subject, $body); - + $data = [ + [ + 'recipient' => $contact_email, + 'recipient_name' => $contact_name, + 'subject' => $subject, + 'body' => $body + ] + ]; + $mail = addToMailQueue($mysqli, $data); // Logging for email (success/fail) if ($mail === true) { mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Calendar_Event', log_action = 'Email', log_description = '$session_name Emailed modified event $title to $client_name email $client_email', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_user_id = $session_user_id"); diff --git a/post/invoice.php b/post/invoice.php index 2b2c8a57..56446773 100644 --- a/post/invoice.php +++ b/post/invoice.php @@ -1030,10 +1030,16 @@ if (isset($_GET['force_recurring'])) { $subject = "Invoice $invoice_prefix$invoice_number"; $body = "Hello $contact_name,

Please view the details of the invoice below.

Invoice: $invoice_prefix$invoice_number
Issue Date: $invoice_date
Total: $$invoice_amount
Due Date: $invoice_due


To view your invoice click here


~
$company_name
$company_phone"; - $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, - $config_invoice_from_email, $config_invoice_from_name, - $contact_email, $contact_name, - $subject, $body); + + $data = [ + [ + 'email' => $contact_email, + 'name' => $contact_name, + 'subject' => $subject, + 'body' => $body + ] + ]; + $mail = addToMailQueue($mysqli, $data); if ($mail === true) { // Add send history diff --git a/post/profile.php b/post/profile.php index 30fdc87e..c557e88b 100644 --- a/post/profile.php +++ b/post/profile.php @@ -41,10 +41,15 @@ if (isset($_POST['edit_profile'])) { $subject = "$config_app_name account update confirmation for $name"; $body = "Hi $name,

Your $config_app_name account has been updated, details below:

$details

If you did not perform this change, contact your $config_app_name administrator immediately.

Thanks,
ITFlow
$session_company_name"; - $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, - $config_mail_from_email, $config_mail_from_name, - $user_old_email, $name, - $subject, $body); + $data = [ + [ + 'recipient' => $user_old_email, + 'recipient_name' => $name, + 'subject' => $subject, + 'body' => $body + ] + ]; + $mail = addToMailQueue($mysqli, $data); } // Check to see if a file is attached @@ -166,10 +171,15 @@ if(isset($_POST['disable_2fa'])){ $subject = "$config_app_name account update confirmation for $session_name"; $body = "Hi $session_name,

Your $config_app_name account has been updated, details below:

2FA was disabled.

If you did not perform this change, contact your $config_app_name administrator immediately.

Thanks,
ITFlow
$session_company_name"; - $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, - $config_mail_from_email, $config_mail_from_name, - $session_email, $session_name, - $subject, $body); + $data = [ + [ + 'recipient' => $session_email, + 'recipient_name' => $session_name, + 'subject' => $subject, + 'body' => $body + ] + ]; + $mail = addToMailQueue($mysqli, $data); } $_SESSION['alert_type'] = "error"; diff --git a/post/setting.php b/post/setting.php index 7e41ffe4..451aab94 100644 --- a/post/setting.php +++ b/post/setting.php @@ -153,13 +153,18 @@ if (isset($_POST['test_email_smtp'])) { validateAdminRole(); $email_from = sanitizeInput($_POST['email_from']); $email_to = sanitizeInput($_POST['email_to']); - $subject = "Hi'ya there Chap"; - $body = "Hello there Chap ;) Don't worry this won't hurt a bit, it's just a test"; + $subject = "Test email from ITFlow"; + $body = "This is a test email from ITFlow. If you are reading this, it worked!"; - $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, - $email_from, $config_mail_from_name, - $email_to, $email_to, - $subject, $body); + $data = [ + [ + 'recipient' => $email_to, + 'recipient_name' => 'Chap', + 'subject' => $subject, + 'body' => $body + ] + ]; + $mail = addToMailQueue($mysqli, $data); if ($mail === true) { $_SESSION['alert_message'] = "Test email sent successfully"; diff --git a/post/user.php b/post/user.php index f0b1cf0c..553fe740 100644 --- a/post/user.php +++ b/post/user.php @@ -53,10 +53,15 @@ if (isset($_POST['add_user'])) { $subject = "Your new $session_company_name ITFlow account"; $body = "Hello, $name

An ITFlow account has been setup for you. Please change your password upon login.

Username: $email
Password: $_POST[password]
Login URL: https://$config_base_url/login.php?key=$config_login_key_secret

~
$session_company_name
Support Department
$config_ticket_from_email"; - $mail = sendSingleEmail($config_smtp_host, $config_smtp_username, $config_smtp_password, $config_smtp_encryption, $config_smtp_port, - $config_ticket_from_email, $config_ticket_from_name, - $email, $name, - $subject, $body); + $data = [ + [ + 'recipient' => $email, + 'recipient_name' => $name, + 'subject' => $subject, + 'body' => $body + ] + ]; + $mail = addToMailQueue($mysqli, $data); if ($mail !== true) { mysqli_query($mysqli, "INSERT INTO notifications SET notification_type = 'Mail', notification = 'Failed to send email to $email'"); From 4e142b26e9afadafd60473cc03c9029769d8f908 Mon Sep 17 00:00:00 2001 From: o-psi Date: Tue, 19 Dec 2023 23:05:56 +0000 Subject: [PATCH 4/6] Missing "}" after confict resolution --- functions.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/functions.php b/functions.php index b88b3d07..1753be25 100644 --- a/functions.php +++ b/functions.php @@ -889,6 +889,8 @@ function addToMailQueue($mysqli, $data) { return true; +} + function calculateInvoiceBalance($mysqli, $invoice_id) { $sql_invoice = mysqli_query($mysqli, "SELECT * FROM invoices WHERE invoice_id = $invoice_id"); $row = mysqli_fetch_array($sql_invoice); From 999c8ddb40ebf6aef534407f246ae7246989eb6d Mon Sep 17 00:00:00 2001 From: o-psi Date: Tue, 19 Dec 2023 23:11:50 +0000 Subject: [PATCH 5/6] Add sanitations Forgot to add in the sanitations. --- functions.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/functions.php b/functions.php index 1753be25..a607e679 100644 --- a/functions.php +++ b/functions.php @@ -879,10 +879,10 @@ function addToMailQueue($mysqli, $data) { $config_invoice_from_name = strval(getSettingValue($mysqli, 'config_invoice_from_name')); foreach ($data as $email) { - $recipient = $email['email']; - $recipient_name = $email['name']; - $subject = $email['subject']; - $body = $email['body']; + $recipient = strval($email['email']); + $recipient_name = strval($email['name']); + $subject = strval($email['subject']); + $body = strval($email['body']); mysqli_query($mysqli, "INSERT INTO email_queue SET email_recipient = '$recipient', email_recipient_name = '$recipient_name', email_from = '$config_invoice_from_email', email_from_name = '$config_invoice_from_name', email_subject = '$subject', email_content = '$body'"); } From 86d836f3d3a01f106ec07b98d566646ef1e9accb Mon Sep 17 00:00:00 2001 From: o-psi Date: Tue, 19 Dec 2023 23:18:11 +0000 Subject: [PATCH 6/6] Add vscode to .gitignore --- .gitignore | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 197f541a..2ce103d8 100644 --- a/.gitignore +++ b/.gitignore @@ -19,4 +19,5 @@ plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/HTML/* plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/URI/* !plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/URI/.gitkeep plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/CSS/* -!plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/CSS/.gitkeep \ No newline at end of file +!plugins/htmlpurifier/standalone/HTMLPurifier/DefinitionCache/Serializer/CSS/.gitkeep +.vscode/settings.json