Bootswatch, Summernote, and Captcheck mods for Mods for HESK (mods-for-hesk.com). In use at support.netsyms.com.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

mail.php 27KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709
  1. <?php
  2. /**
  3. *
  4. * This file is part of HESK - PHP Help Desk Software.
  5. *
  6. * (c) Copyright Klemen Stirn. All rights reserved.
  7. * https://www.hesk.com
  8. *
  9. * For the full copyright and license agreement information visit
  10. * https://www.hesk.com/eula.php
  11. *
  12. */
  13. define('IN_SCRIPT', 1);
  14. define('HESK_PATH', '../');
  15. define('PAGE_TITLE', 'ADMIN_MAIL');
  16. define('MFH_PAGE_LAYOUT', 'TOP_AND_SIDE');
  17. /* Get all the required files and functions */
  18. require(HESK_PATH . 'hesk_settings.inc.php');
  19. require(HESK_PATH . 'inc/common.inc.php');
  20. require(HESK_PATH . 'inc/admin_functions.inc.php');
  21. require(HESK_PATH . 'inc/mail_functions.inc.php');
  22. hesk_load_database_functions();
  23. hesk_session_start();
  24. hesk_dbConnect();
  25. require(HESK_PATH . 'inc/email_functions.inc.php');
  26. hesk_isLoggedIn();
  27. $modsForHesk_settings = mfh_getSettings();
  28. /* List of staff */
  29. $admins = array();
  30. $res = hesk_dbQuery("SELECT `id`,`name` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `active` = '1' ORDER BY `name` ASC");
  31. while ($row = hesk_dbFetchAssoc($res)) {
  32. $admins[$row['id']] = $row['name'];
  33. }
  34. /* What folder are we in? */
  35. $hesk_settings['mailtmp']['inbox'] = '<a href="mail.php"><i class="fa fa-fw fa-download"></i>' . $hesklang['inbox'] . '</a>';
  36. $hesk_settings['mailtmp']['outbox'] = '<a href="mail.php?folder=outbox"><i class="fa fa-fw fa-upload"></i>' . $hesklang['outbox'] . '</a>';
  37. $hesk_settings['mailtmp']['new'] = '<a href="mail.php?a=new"><i class="fa fa-fw fa-pencil-square-o"></i>' . $hesklang['m_new'] . '</a>';
  38. /* Get action */
  39. if ($action = hesk_REQUEST('a')) {
  40. if (defined('HESK_DEMO') && $action != 'new' && $action != 'read') {
  41. hesk_process_messages($hesklang['ddemo'], 'mail.php', 'NOTICE');
  42. }
  43. }
  44. /* Sub-page specific settings */
  45. $inbox_active = '';
  46. $outbox_active = '';
  47. $new_active = '';
  48. if (isset($_GET['folder']) && hesk_GET('folder') == 'outbox') {
  49. $outbox_active = ' class="active"';
  50. $hesk_settings['mailtmp']['this'] = 'from';
  51. $hesk_settings['mailtmp']['other'] = 'to';
  52. $hesk_settings['mailtmp']['m_from'] = $hesklang['m_to'];
  53. $hesk_settings['mailtmp']['folder'] = 'outbox';
  54. } elseif ($action == 'new') {
  55. $new_active = ' class="active"';
  56. $_SESSION['hide']['list'] = 1;
  57. /* Do we have a recipient selected? */
  58. if (!isset($_SESSION['mail']['to']) && isset($_GET['id'])) {
  59. $_SESSION['mail']['to'] = intval(hesk_GET('id'));
  60. }
  61. } else {
  62. $inbox_active = ' class="active"';
  63. $hesk_settings['mailtmp']['this'] = 'to';
  64. $hesk_settings['mailtmp']['other'] = 'from';
  65. $hesk_settings['mailtmp']['m_from'] = $hesklang['m_from'];
  66. if ($action != 'read') {
  67. $hesk_settings['mailtmp']['folder'] = '';
  68. }
  69. }
  70. /* What should we do? */
  71. switch ($action) {
  72. case 'send':
  73. mail_send();
  74. break;
  75. case 'mark_read':
  76. mail_mark_read();
  77. break;
  78. case 'mark_unread':
  79. mail_mark_unread();
  80. break;
  81. case 'delete':
  82. mail_delete();
  83. break;
  84. }
  85. /* Print header */
  86. require_once(HESK_PATH . 'inc/headerAdmin.inc.php');
  87. /* Print main manage users page */
  88. require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
  89. ?>
  90. <script language="javascript" type="text/javascript"><!--
  91. function confirm_delete() {
  92. if (confirm('<?php echo addslashes($hesklang['delete_saved']); ?>')) {
  93. return true;
  94. }
  95. else {
  96. return false;
  97. }
  98. }
  99. //-->
  100. </script>
  101. <aside class="main-sidebar">
  102. <section class="sidebar" style="height: auto">
  103. <ul class="sidebar-menu">
  104. <li class="header text-uppercase"><?php echo $hesklang['navigation']; ?></li>
  105. <li<?php echo $inbox_active; ?>>
  106. <?php echo $hesk_settings['mailtmp']['inbox']; ?>
  107. </li>
  108. <li<?php echo $outbox_active; ?>>
  109. <?php echo $hesk_settings['mailtmp']['outbox']; ?>
  110. </li>
  111. <li<?php echo $new_active; ?>>
  112. <?php echo $hesk_settings['mailtmp']['new']; ?>
  113. </li>
  114. </ul>
  115. </section>
  116. </aside>
  117. <div class="content-wrapper">
  118. <section class="content">
  119. <div class="row">
  120. <div class="col-md-12">
  121. <?php
  122. hesk_handle_messages();
  123. /* Show a message? */
  124. if ($action == 'read') {
  125. show_message();
  126. }
  127. if (!isset($_SESSION['hide']['list'])):
  128. ?>
  129. <div class="box">
  130. <div class="box-header with-border">
  131. <h1 class="box-title">
  132. <?php echo $hesklang['m_h']; ?>
  133. </h1>
  134. <div class="box-tools pull-right">
  135. <button type="button" class="btn btn-box-tool" data-widget="collapse">
  136. <i class="fa fa-minus"></i>
  137. </button>
  138. </div>
  139. </div>
  140. <div class="box-body">
  141. <?php mail_list_messages(); ?>
  142. </div>
  143. </div>
  144. <?php endif; ?>
  145. <?php
  146. /* Show new message form */
  147. show_new_form();
  148. /* Clean unneeded session variables */
  149. hesk_cleanSessionVars('hide');
  150. hesk_cleanSessionVars('mail');
  151. ?>
  152. </div>
  153. </div>
  154. </section>
  155. </div>
  156. <?php
  157. require_once(HESK_PATH . 'inc/footer.inc.php');
  158. exit();
  159. /*** START FUNCTIONS ***/
  160. function mail_delete()
  161. {
  162. global $hesk_settings, $hesklang;
  163. /* A security check */
  164. hesk_token_check();
  165. $ids = mail_get_ids();
  166. if ($ids) {
  167. foreach ($ids as $id) {
  168. /* If both correspondents deleted the mail remove it from database, otherwise mark as deleted by this user */
  169. hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `deletedby`='" . intval($_SESSION['id']) . "' WHERE `id`='" . intval($id) . "' AND (`to`='" . intval($_SESSION['id']) . "' OR `from`='" . intval($_SESSION['id']) . "') AND `deletedby`=0");
  170. if (hesk_dbAffectedRows() != 1) {
  171. hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `id`='" . intval($id) . "' AND (`to`='" . intval($_SESSION['id']) . "' OR `from`='" . intval($_SESSION['id']) . "') AND `deletedby`!=0");
  172. }
  173. }
  174. hesk_process_messages($hesklang['smdl'], 'NOREDIRECT', 'SUCCESS');
  175. }
  176. return true;
  177. } // END mail_mark_unread()
  178. function mail_mark_unread()
  179. {
  180. global $hesk_settings, $hesklang;
  181. /* A security check */
  182. hesk_token_check();
  183. $ids = mail_get_ids();
  184. if ($ids) {
  185. foreach ($ids as $id) {
  186. hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `read`='0' WHERE `id`='" . intval($id) . "' AND `to`='" . intval($_SESSION['id']) . "'");
  187. }
  188. hesk_process_messages($hesklang['smmu'], 'NOREDIRECT', 'SUCCESS');
  189. }
  190. return true;
  191. } // END mail_mark_unread()
  192. function mail_mark_read()
  193. {
  194. global $hesk_settings, $hesklang;
  195. /* A security check */
  196. hesk_token_check('POST');
  197. $ids = mail_get_ids();
  198. if ($ids) {
  199. foreach ($ids as $id) {
  200. hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` SET `read`='1' WHERE `id`='" . intval($id) . "' AND `to`='" . intval($_SESSION['id']) . "'");
  201. }
  202. hesk_process_messages($hesklang['smmr'], 'NOREDIRECT', 'SUCCESS');
  203. }
  204. return true;
  205. } // END mail_mark_read()
  206. function mail_get_ids()
  207. {
  208. global $hesk_settings, $hesklang;
  209. // Mail id as a query parameter?
  210. if ($id = hesk_GET('id', false)) {
  211. return array($id);
  212. } // Mail id as a post array?
  213. elseif (isset($_POST['id']) && is_array($_POST['id'])) {
  214. return array_map('intval', $_POST['id']);
  215. } // No valid ID parameter
  216. else {
  217. hesk_process_messages($hesklang['nms'], 'NOREDIRECT', 'NOTICE');
  218. return false;
  219. }
  220. } // END mail_get_ids()
  221. function mail_send()
  222. {
  223. global $hesk_settings, $hesklang, $modsForHesk_settings;
  224. /* A security check */
  225. hesk_token_check('POST');
  226. $hesk_error_buffer = '';
  227. /* Recipient */
  228. $_SESSION['mail']['to'] = intval(hesk_POST('to'));
  229. /* Valid recipient? */
  230. if (empty($_SESSION['mail']['to'])) {
  231. $hesk_error_buffer .= '<li>' . $hesklang['m_rec'] . '</li>';
  232. } elseif ($_SESSION['mail']['to'] == $_SESSION['id']) {
  233. $hesk_error_buffer .= '<li>' . $hesklang['m_inr'] . '</li>';
  234. } else {
  235. $res = hesk_dbQuery("SELECT `name`,`email`,`notify_pm` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "users` WHERE `id`='" . intval($_SESSION['mail']['to']) . "' LIMIT 1");
  236. $num = hesk_dbNumRows($res);
  237. if (!$num) {
  238. $hesk_error_buffer .= '<li>' . $hesklang['m_inr'] . '</li>';
  239. } else {
  240. $pm_recipient = hesk_dbFetchAssoc($res);
  241. }
  242. }
  243. /* Subject */
  244. $_SESSION['mail']['subject'] = hesk_input(hesk_POST('subject')) or $hesk_error_buffer .= '<li>' . $hesklang['m_esu'] . '</li>';
  245. /* Message */
  246. $_SESSION['mail']['message'] = hesk_input(hesk_POST('message')) or $hesk_error_buffer .= '<li>' . $hesklang['enter_message'] . '</li>';
  247. // Attach signature to the message?
  248. if (!empty($_POST['signature'])) {
  249. $_SESSION['mail']['message'] .= "\n\n" . addslashes($_SESSION['signature']) . "\n";
  250. }
  251. /* Any errors? */
  252. if (strlen($hesk_error_buffer)) {
  253. $_SESSION['hide']['list'] = 1;
  254. $hesk_error_buffer = $hesklang['rfm'] . '<br /><br /><ul>' . $hesk_error_buffer . '</ul>';
  255. hesk_process_messages($hesk_error_buffer, 'NOREDIRECT');
  256. } else {
  257. $_SESSION['mail']['message'] = hesk_makeURL($_SESSION['mail']['message']);
  258. $_SESSION['mail']['message'] = nl2br($_SESSION['mail']['message']);
  259. hesk_dbQuery("INSERT INTO `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` (`from`,`to`,`subject`,`message`,`dt`,`read`) VALUES ('" . intval($_SESSION['id']) . "','" . intval($_SESSION['mail']['to']) . "','" . hesk_dbEscape($_SESSION['mail']['subject']) . "','" . hesk_dbEscape($_SESSION['mail']['message']) . "',NOW(),'0')");
  260. /* Notify receiver via e-mail? */
  261. if (isset($pm_recipient) && $pm_recipient['notify_pm']) {
  262. $pm_id = hesk_dbInsertID();
  263. $pm = array(
  264. 'name' => hesk_msgToPlain(addslashes($_SESSION['name']), 1, 1),
  265. 'subject' => hesk_msgToPlain($_SESSION['mail']['subject'], 1, 1),
  266. 'message' => hesk_msgToPlain($_SESSION['mail']['message'], 1, 1),
  267. 'id' => $pm_id,
  268. );
  269. /* Format email subject and message for recipient */
  270. $subject = hesk_getEmailSubject('new_pm', $pm, 0);
  271. $message = hesk_getEmailMessage('new_pm', $pm, $modsForHesk_settings, 1, 0);
  272. $htmlMessage = hesk_getHtmlMessage('new_pm', $pm, $modsForHesk_settings, 1, 0);
  273. $hasMessage = hesk_doesTemplateHaveTag('new_pm', '%%MESSAGE%%', $modsForHesk_settings);
  274. /* Send e-mail */
  275. hesk_mail($pm_recipient['email'], $subject, $message, $htmlMessage, $modsForHesk_settings, array(), array(), $hasMessage);
  276. }
  277. unset($_SESSION['mail']);
  278. hesk_process_messages($hesklang['m_pms'], './mail.php', 'SUCCESS');
  279. }
  280. } // END mail_send()
  281. function show_message()
  282. {
  283. global $hesk_settings, $hesklang, $admins;
  284. $id = intval( hesk_GET('id') );
  285. /* Get the message details */
  286. $res = hesk_dbQuery("SELECT * FROM `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` WHERE `id`='".intval($id)."' AND `deletedby`!='".intval($_SESSION['id'])."' LIMIT 1");
  287. $num = hesk_dbNumRows($res);
  288. if ($num)
  289. {
  290. $pm = hesk_dbFetchAssoc($res);
  291. /* Allowed to read the message? */
  292. if ($pm['to'] == $_SESSION['id'])
  293. {
  294. if (!isset($_SESSION['mail']['subject']))
  295. {
  296. $_SESSION['mail']['subject'] = $hesklang['m_re'] . ' ' . $pm['subject'];
  297. }
  298. if (!isset($_SESSION['mail']['to']))
  299. {
  300. $_SESSION['mail']['to'] = $pm['from'];
  301. }
  302. }
  303. elseif ($pm['from'] == $_SESSION['id'])
  304. {
  305. if (!isset($_SESSION['mail']['subject']))
  306. {
  307. $_SESSION['mail']['subject'] = $hesklang['m_fwd'] . ' ' . $pm['subject'];
  308. }
  309. if (!isset($_SESSION['mail']['to']))
  310. {
  311. $_SESSION['mail']['to'] = $pm['to'];
  312. }
  313. $hesk_settings['mailtmp']['this'] = 'from';
  314. $hesk_settings['mailtmp']['other'] = 'to';
  315. $hesk_settings['mailtmp']['m_from'] = $hesklang['m_to'];
  316. $hesk_settings['mailtmp']['outbox'] = '<b>'.$hesklang['outbox'].'</b>';
  317. $hesk_settings['mailtmp']['inbox'] = '<a href="mail.php">'.$hesklang['inbox'].'</a>';
  318. $hesk_settings['mailtmp']['outbox'] = '<a href="mail.php?folder=outbox">'.$hesklang['outbox'].'</a>';
  319. }
  320. else
  321. {
  322. hesk_process_message($hesklang['m_ena'],'mail.php');
  323. }
  324. /* Mark as read */
  325. if ($hesk_settings['mailtmp']['this'] == 'to' && !$pm['read'])
  326. {
  327. hesk_dbQuery("UPDATE `".hesk_dbEscape($hesk_settings['db_pfix'])."mail` SET `read`='1' WHERE `id`='".intval($id)."'");
  328. }
  329. $pm['name'] = isset($admins[$pm[$hesk_settings['mailtmp']['other']]]) ? '<a href="mail.php?a=new&amp;id='.$pm[$hesk_settings['mailtmp']['other']].'">'.$admins[$pm[$hesk_settings['mailtmp']['other']]].'</a>' : (($pm['from'] == 9999) ? '<a href="https://www.hesk.com" target="_blank">HESK.com</a>' : $hesklang['e_udel']);
  330. $pm['dt'] = hesk_dateToString($pm['dt'],0,1,0,true);
  331. ?>
  332. <div class="box">
  333. <div class="box-header with-border">
  334. <h1 class="box-title">
  335. <?php echo $hesklang['private_message_header']; ?>
  336. </h1>
  337. <div class="box-tools pull-right">
  338. <button type="button" class="btn btn-box-tool" data-widget="collapse">
  339. <i class="fa fa-minus"></i>
  340. </button>
  341. </div>
  342. </div>
  343. <div class="box-body">
  344. <div class="callout callout-info">
  345. <div class="row">
  346. <div class="col-md-4 col-sm-6">
  347. <b><?php echo $hesk_settings['mailtmp']['m_from']; ?></b>
  348. <?php echo $pm['name']; ?>
  349. </div>
  350. <div class="col-md-4 col-sm-6">
  351. <b><?php echo $hesklang['date_colon']; ?></b>
  352. <?php echo $pm['dt']; ?>
  353. </div>
  354. <div class="col-md-4 col-sm-6">
  355. <b><?php echo $hesklang['m_sub']; ?></b>
  356. <?php echo $pm['subject']; ?>
  357. </div>
  358. </div>
  359. </div>
  360. <table border="0" cellspacing="0" cellpadding="0" width="100%">
  361. <tr>
  362. <td class="text-right" style="vertical-align:top;">
  363. </td>
  364. </tr>
  365. </table>
  366. <p><?php echo $pm['message']; ?></p>
  367. </div>
  368. <div class="box-footer">
  369. <div class="pull-right">
  370. <?php
  371. $folder = '&amp;folder=outbox';
  372. if ($pm['to'] == $_SESSION['id'])
  373. {
  374. echo '<a name="MAU '.$pm['subject'].'" class="btn btn-default" href="mail.php?a=mark_unread&amp;id='.$id.'&amp;token='.hesk_token_echo(0).'"><i class="fa fa-envelope-o icon-link"></i> '.$hesklang['mau'].'</a> ';
  375. $folder = '';
  376. }
  377. echo '<a name="Delete '.$pm['subject'].'" class="btn btn-danger" href="mail.php?a=delete&amp;id='.$id.'&amp;token='.hesk_token_echo(0).$folder.'" onclick="return hesk_confirmExecute(\''.hesk_makeJsString($hesklang['delm']).'?\');"><i class="fa fa-times icon-link"></i> '.$hesklang['delm'].'</a>';
  378. ?>
  379. </div>
  380. </div>
  381. </div>
  382. <?php
  383. } // END if $num
  384. $_SESSION['hide']['list'] = 1;
  385. } // END show_message()
  386. function mail_list_messages()
  387. {
  388. global $hesk_settings, $hesklang, $admins;
  389. $href = 'mail.php';
  390. $query = '';
  391. if ($hesk_settings['mailtmp']['folder'] == 'outbox') {
  392. $query .= 'folder=outbox&amp;';
  393. }
  394. $query .= 'page=';
  395. $maxresults = 30;
  396. $tmp = intval(hesk_GET('page', 1));
  397. $page = ($tmp > 1) ? $tmp : 1;
  398. /* List of private messages */
  399. $res = hesk_dbQuery("SELECT COUNT(*) FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `" . hesk_dbEscape($hesk_settings['mailtmp']['this']) . "`='" . intval($_SESSION['id']) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "'");
  400. $total = hesk_dbResult($res, 0, 0);
  401. if ($total > 0) {
  402. $pages = ceil($total / $maxresults) or $pages = 1;
  403. if ($page > $pages) {
  404. $page = $pages;
  405. }
  406. $limit_down = ($page * $maxresults) - $maxresults;
  407. $prev_page = ($page - 1 <= 0) ? 0 : $page - 1;
  408. $next_page = ($page + 1 > $pages) ? 0 : $page + 1;
  409. if ($pages > 1) {
  410. echo $hesklang['pg'] . ': ';
  411. /* List pages */
  412. if ($pages >= 7) {
  413. if ($page > 2) {
  414. echo '<a href="' . $href . '?' . $query . '1"><b>&laquo;</b></a> &nbsp; ';
  415. }
  416. if ($prev_page) {
  417. echo '<a href="' . $href . '?' . $query . $prev_page . '"><b>&lsaquo;</b></a> &nbsp; ';
  418. }
  419. }
  420. for ($i = 1; $i <= $pages; $i++) {
  421. if ($i <= ($page + 5) && $i >= ($page - 5)) {
  422. if ($i == $page) {
  423. echo ' <b>' . $i . '</b> ';
  424. } else {
  425. echo ' <a href="' . $href . '?' . $query . $i . '">' . $i . '</a> ';
  426. }
  427. }
  428. }
  429. if ($pages >= 7) {
  430. if ($next_page) {
  431. echo ' &nbsp; <a href="' . $href . '?' . $query . $next_page . '"><b>&rsaquo;</b></a> ';
  432. }
  433. if ($page < ($pages - 1)) {
  434. echo ' &nbsp; <a href="' . $href . '?' . $query . $pages . '"><b>&raquo;</b></a>';
  435. }
  436. }
  437. echo '<br />&nbsp;';
  438. } // end PAGES > 1
  439. // Get messages from the database
  440. $res = hesk_dbQuery("SELECT `id`, `from`, `to`, `subject`, `dt`, `read` FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "mail` WHERE `" . hesk_dbEscape($hesk_settings['mailtmp']['this']) . "`='" . intval($_SESSION['id']) . "' AND `deletedby`!='" . intval($_SESSION['id']) . "' ORDER BY `id` DESC LIMIT " . intval($limit_down) . " , " . intval($maxresults) . " ");
  441. ?>
  442. <form action="mail.php<?php if ($hesk_settings['mailtmp']['folder'] == 'outbox') {
  443. echo '?folder=outbox';
  444. } ?>" name="form1" method="post">
  445. <div align="center">
  446. <table class="table table-striped">
  447. <thead>
  448. <tr>
  449. <th><input type="checkbox" name="checkall" value="2" onclick="hesk_changeAll(this)"/></th>
  450. <th><?php echo $hesklang['m_sub']; ?></th>
  451. <th><?php echo $hesk_settings['mailtmp']['m_from']; ?></th>
  452. <th><?php echo $hesklang['date_colon']; ?></th>
  453. </tr>
  454. </thead>
  455. <tbody>
  456. <?php
  457. $i = 0;
  458. while ($pm = hesk_dbFetchAssoc($res)) {
  459. if ($i) {
  460. $i = 0;
  461. } else {
  462. $i = 1;
  463. }
  464. $pm['subject'] = '<a href="mail.php?a=read&amp;id=' . $pm['id'] . '">' . $pm['subject'] . '</a>';
  465. if ($hesk_settings['mailtmp']['this'] == 'to' && !$pm['read']) {
  466. $pm['subject'] = '<b>' . $pm['subject'] . '</b>';
  467. }
  468. $pm['name'] = isset($admins[$pm[$hesk_settings['mailtmp']['other']]]) ? '<a href="mail.php?a=new&amp;id=' . $pm[$hesk_settings['mailtmp']['other']] . '">' . $admins[$pm[$hesk_settings['mailtmp']['other']]] . '</a>' : (($pm['from'] == 9999) ? '<a href="https://www.hesk.com" target="_blank">HESK.com</a>' : $hesklang['e_udel']);
  469. $pm['dt'] = hesk_dateToString($pm['dt'], 0, 0, 0, true)
  470. ?>
  471. <tr>
  472. <td><input type="checkbox" name="id[]" id="<?php echo $pm['id']; ?>" value="<?php echo $pm['id']; ?>" />&nbsp;</td>
  473. <td><?php echo $pm['subject']; ?></td>
  474. <td><?php echo $pm['name']; ?></td>
  475. <td><?php echo $pm['dt']; ?></td>
  476. </tr>
  477. <?php
  478. } // End while
  479. ?>
  480. </table>
  481. </div>
  482. <div class="form-group">
  483. <div class="col-sm-6">
  484. <select class="form-control" name="a">
  485. <?php
  486. if ($hesk_settings['mailtmp']['this'] == 'to') {
  487. ?>
  488. <option value="mark_read" selected="selected"><?php echo $hesklang['mo1']; ?></option>
  489. <option value="mark_unread"><?php echo $hesklang['mo2']; ?></option>
  490. <?php
  491. }
  492. ?>
  493. <option value="delete"><?php echo $hesklang['mo3']; ?></option>
  494. </select>
  495. </div>
  496. <div class="col-sm-3">
  497. <input type="hidden" name="token" value="<?php hesk_token_echo(); ?>"/>
  498. <input type="submit" value="<?php echo $hesklang['execute']; ?>"
  499. onclick="Javascript:if (document.form1.a.value=='delete') return hesk_confirmExecute('<?php echo hesk_makeJsString($hesklang['mo3']); ?>?');"
  500. class="btn btn-default"/>
  501. </div>
  502. </div>
  503. </form>
  504. <p>&nbsp;</p>
  505. <?php
  506. } // END if total > 0
  507. else {
  508. echo '<i>' . $hesklang['npm'] . '</i> <p>&nbsp;</p>';
  509. }
  510. } // END mail_list_messages()
  511. function show_new_form()
  512. {
  513. global $hesk_settings, $hesklang, $admins;
  514. ?>
  515. <form action="mail.php" method="post" name="form2" class="form-horizontal" role="form" data-toggle="validator">
  516. <div class="box">
  517. <div class="box-header with-border">
  518. <h1 class="box-title">
  519. <?php echo $hesklang['new_mail']; ?>
  520. </h1>
  521. <div class="box-tools pull-right">
  522. <button type="button" class="btn btn-box-tool" data-widget="collapse">
  523. <i class="fa fa-minus"></i>
  524. </button>
  525. </div>
  526. </div>
  527. <div class="box-body">
  528. <div class="form-group">
  529. <label for="to" class="col-sm-3 control-label"><?php echo $hesklang['m_to']; ?></label>
  530. <div class="col-sm-9">
  531. <select class="form-control" name="to" type="number"
  532. data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>" required>
  533. <option value="" selected="selected"><?php echo $hesklang['select']; ?></option>
  534. <?php
  535. foreach ($admins as $k => $v) {
  536. if ($k != $_SESSION['id']) {
  537. if (isset($_SESSION['mail']) && $k == $_SESSION['mail']['to']) {
  538. echo '<option value="' . $k . '" selected="selected">' . $v . '</option>';
  539. } else {
  540. echo '<option value="' . $k . '">' . $v . '</option>';
  541. }
  542. }
  543. }
  544. ?>
  545. </select>
  546. <div class="help-block with-errors"></div>
  547. </div>
  548. </div>
  549. <div class="form-group">
  550. <label for="subject" class="col-sm-3 control-label"><?php echo $hesklang['m_sub']; ?></label>
  551. <div class="col-sm-9">
  552. <input type="text" class="form-control" placeholder="<?php echo htmlspecialchars($hesklang['subject']); ?>"
  553. name="subject" size="40" maxlength="50"
  554. <?php
  555. if (isset($_SESSION['mail']['subject'])) {
  556. echo ' value="' . stripslashes($_SESSION['mail']['subject']) . '" ';
  557. }
  558. ?> data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>" required>
  559. <div class="help-block with-errors"></div>
  560. </div>
  561. </div>
  562. <div class="form-group">
  563. <label for="message" class="col-sm-3 control-label"><?php echo $hesklang['message']; ?>:</label>
  564. <div class="col-sm-9">
  565. <textarea name="message" class="form-control" data-error="<?php echo htmlspecialchars($hesklang['this_field_is_required']); ?>"
  566. placeholder="<?php echo htmlspecialchars($hesklang['message']); ?>" rows="15" cols="70" required><?php
  567. if (isset($_SESSION['mail']['message'])) {
  568. echo stripslashes($_SESSION['mail']['message']);
  569. }
  570. ?></textarea>
  571. <div class="help-block with-errors"></div>
  572. </div>
  573. </div>
  574. <div class="form-group">
  575. <div class="col-sm-9 col-sm-offset-3">
  576. <div class="checkbox">
  577. <label>
  578. <input type="checkbox" name="signature" value="1" checked>
  579. <?php echo $hesklang['attach_sign']; ?>
  580. </label> (<a href="profile.php"><?php echo $hesklang['profile_settings']; ?></a>)
  581. </div>
  582. </div>
  583. </div>
  584. <div class="form-group">
  585. <div class="col-sm-9 col-sm-offset-3">
  586. <input type="hidden" name="token" value="<?php hesk_token_echo(); ?>"/>
  587. <input type="hidden" name="a" value="send"/>
  588. <input type="submit" value="<?php echo $hesklang['m_send']; ?>" class="btn btn-default"/>
  589. </div>
  590. </div>
  591. </div>
  592. </div>
  593. </form>
  594. <?php
  595. } // END show_new_form()
  596. ?>