chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixed - show image for email sent from announcement tool - partial DT#5666

Browse Source
skala
Cristian Fasanando 16 years ago
parent 0edae40cc4
commit 084e2cb4e3
3 changed files with 36 additions and 22 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 12
      main/announcements/announcements.inc.php
  2. 31
      main/announcements/announcements.php
  3. 15
      main/inc/lib/mail.lib.inc.php

12
main/announcements/announcements.inc.php
Unescape View File

@ -792,8 +792,8 @@ function store_advalvas_item($emailTitle, $newContent, $order, $to, $file_commen
$tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
// filter data
$emailTitle = Database::escape_string(Security::remove_XSS($emailTitle));
$newContent = Database::escape_string(Security::remove_XSS($newContent,COURSEMANAGERLOWSECURITY));
$emailTitle = Database::escape_string($emailTitle);
$newContent = Database::escape_string($newContent);
$order = intval($order);
// store in the table announcement
@ -848,8 +848,8 @@ function store_advalvas_group_item($emailTitle,$newContent, $order, $to, $to_use
$tbl_item_property = Database::get_course_table(TABLE_ITEM_PROPERTY);
$newContent=stripslashes($newContent);
$emailTitle = Database::escape_string(Security::remove_XSS($emailTitle));
$newContent = Database::escape_string(Security::remove_XSS($newContent,COURSEMANAGERLOWSECURITY));
$emailTitle = Database::escape_string($emailTitle);
$newContent = Database::escape_string($newContent,COURSEMANAGERLOWSECURITY);
$order = intval($order);
// store in the table announcement
@ -911,8 +911,8 @@ function edit_advalvas_item($id,$emailTitle,$newContent,$to, $file_comment='')
global $tbl_item_property;
$newContent=stripslashes($newContent);
$emailTitle = Database::escape_string(Security::remove_XSS($emailTitle));
$newContent = Database::escape_string(Security::remove_XSS($newContent,COURSEMANAGERLOWSECURITY));
$emailTitle = Database::escape_string($emailTitle);
$newContent = Database::escape_string($newContent,COURSEMANAGERLOWSECURITY);
$order = intval($order);
// store the modifications in the table announcement

31
main/announcements/announcements.php
Unescape View File

@ -135,8 +135,8 @@ require_once($lib.'fileUpload.lib.php');
-----------------------------------------------------------
*/
$safe_emailTitle = Security::remove_XSS($_POST['emailTitle']);
$safe_newContent = Security::remove_XSS($_POST['newContent']);
$safe_emailTitle = $_POST['emailTitle'];
$safe_newContent = $_POST['newContent'];
if (!empty($_POST['To']))
{
@ -718,16 +718,23 @@ if (api_is_allowed_to_edit(false,true) OR (api_get_course_setting('allow_user_ed
//set the charset and use it for the encoding of the email - small fix, not really clean (should check the content encoding origin first)
//here we use the encoding used for the webpage where the text is encoded (ISO-8859-1 in this case)
//$to_email_address =$_POST['emailsAdd'];
//$mail_body;
$headers = array();
if (empty($charset)) { $charset='ISO-8859-1';}
$headers['Content-Type'] = 'text/html';
$headers['charset'] = $charset;
$mailid=$myrow["email"];
$newmail = api_mail_html(api_get_person_name($myrow["lastname"], $myrow["firstname"], null, PERSON_NAME_EMAIL_ADDRESS), $myrow["email"], stripslashes($emailSubject), $mail_body, api_get_person_name($_SESSION['_user']['lastName'], $_SESSION['_user']['firstName'], null, PERSON_NAME_EMAIL_ADDRESS), $_SESSION['_user']['mail'],$headers);
$recipient_name = api_get_person_name($myrow["lastname"], $myrow["firstname"], null, PERSON_NAME_EMAIL_ADDRESS);
$mailid = $myrow["email"];
$sender_name = api_get_person_name($_SESSION['_user']['lastName'], $_SESSION['_user']['firstName'], null, PERSON_NAME_EMAIL_ADDRESS);
$sender_email = $_SESSION['_user']['mail'];
$data_file = array();
if (!empty($_FILES['user_upload'])) {
$courseDir = $_course['path'].'/upload/announcements/';
$sys_course_path = api_get_path(SYS_COURSE_PATH);
$sql = 'SELECT path, filename FROM '.$tbl_announcement_attachment.'
WHERE announcement_id = "'.$insert_id.'"';
$result = Database::query($sql, __FILE__, __LINE__);
$row = Database::fetch_array($result);
$data_file = array('path' => $sys_course_path.$courseDir.$row['path'],
'filename' => $row['filename']);
}
api_mail_html($recipient_name, $mailid, stripslashes($emailSubject), $mail_body, $sender_name, $sender_email, null, $data_file);
}
$sql_date="SELECT * FROM $db_name WHERE survey_id='$surveyid'";

15
main/inc/lib/mail.lib.inc.php
Unescape View File

@ -110,11 +110,13 @@ function api_mail($recipient_name, $recipient_email, $subject, $message, $sender
* @param string sender name
* @param string sender e-mail
* @param array extra headers in form $headers = array($name => $value) to allow parsing
* @param array data file (path and filename)
* @return returns true if mail was sent
* @see class.phpmailer.php
*/
function api_mail_html($recipient_name, $recipient_email, $subject, $message, $sender_name="", $sender_email="", $extra_headers=null) {
function api_mail_html($recipient_name, $recipient_email, $subject, $message, $sender_name = "", $sender_email = "", $extra_headers = null, $data_file = array()) {
global $regexp;
global $platform_email;
@ -164,9 +166,14 @@ function api_mail_html($recipient_name, $recipient_email, $subject, $message, $s
{
$mail->FromName = $platform_email['SMTP_FROM_NAME'];
}
$mail->Subject = $subject;
$mail->AltBody = strip_tags(str_replace('<br />',"\n",$message));
$mail->Body = '<html><head></head><body>'.$message.'</body></html>';
$mail->Subject = $subject;
$mail->AltBody = strip_tags(str_replace('<br />',"\n", api_html_entity_decode($message)));
$mail->Body = '<html><head></head><body>'.$message.'</body></html>';
// attachment ...
if (!empty($data_file)) {
$mail->AddAttachment($data_file['path'], $data_file['filename']);
}
//only valid address
if(is_array($recipient_email))
{

Write Preview
Loading…
Cancel
Save