New Email » '; printHeader("Chair Email Templates", 1); require_once 'email.inc'; clearstatcache(); function oc_templateForm($tid, $name, $subject, $body) { print '

'; printFooter(); exit; } $name = ''; // new template name if (isset($_GET['ocaction']) && ($_GET['ocaction'] == 'edit') && isset($_GET['tid']) && isset($templateAR[$_GET['tid']])) { $r = ocsql_query("SELECT `name`, `subject`, `body` FROM `" . OCC_TABLE_TEMPLATE . "` WHERE `type`='email' AND `templateid`='" . safeSQLstr($_GET['tid']) . "'") or err('Unable to retrieve template'); if (ocsql_num_rows($r) == 1) { $l = ocsql_fetch_assoc($r); oc_templateForm($_GET['tid'], $l['name'], $l['subject'], $l['body']); } else { print '

Template not found

'; } } elseif (isset($_POST['ocaction'])) { switch($_POST['ocaction']) { case 'Add Template': $name = (isset($_POST['name']) ? trim($_POST['name']) : ''); $templateid = 'custom' . time(); if (!preg_match("/^[\w -]+$/", $name)) { print '

Template name must not be blank, and only contain
letters, numbers, hyphen, underscore, and space

'; } elseif ( in_array($name, $templateAR) ) { print '

A template with that name already exists

'; } elseif ( ! ocsql_query("INSERT INTO `" . OCC_TABLE_TEMPLATE . "` SET `templateid`='" . safeSQLstr($templateid) . "', `type`='email', `module`='OC', `name`='" . safeSQLstr($name) . "', `subject`='', `body`='', `updated`='" . safeSQLstr(date('Y-m-d')) . "'") ) { print '

Unable to add template; perhaps you double-clicked? Check below.

'; } else { print '

Template added

'; $templateAR[$templateid] = $name; asort($templateAR); $name = ''; } break; case 'Delete Templates': if (isset($_POST['templates']) && is_array($_POST['templates'])) { $count = 0; foreach ($_POST['templates'] as $tid) { if (isset($templateAR[$tid])) { if (ocsql_query("DELETE FROM `" . OCC_TABLE_TEMPLATE . "` WHERE `type`='email' AND `templateid`='" . safeSQLstr($tid) . "' LIMIT 1")) { unset($templateAR[$tid]); $count++; } } } print '

Deleted ' . $count . ' template' . (($count!=1) ? 's' : '') . '

'; } break; case 'Save Template': $templatename = (isset($_POST['templatename']) ? trim($_POST['templatename']) : ''); $templateid = (isset($_POST['templateid']) ? trim($_POST['templateid']) : ''); $subject = (isset($_POST['subject']) ? trim($_POST['subject']) : ''); $body = (isset($_POST['body']) ? trim($_POST['body']) : ''); $err = ''; if ( ! preg_match("/^[\w-]+$/", $templateid) || ! isset($templateAR[$templateid]) ) { warn('Template ID invalid'); } elseif (!preg_match("/^[\w -]+$/", $templatename)) { $err = 'Template name invalid'; } elseif (preg_match("/[\r\n]/", $subject)) { $err = 'Subject invalid'; } else { $q = "UPDATE `" . OCC_TABLE_TEMPLATE . "` SET `name`='" . safeSQLstr($templatename) . "', `subject`='" . safeSQLstr($subject) . "', `body`='" . safeSQLstr($body) . "', `updated`='" . safeSQLstr(date("Y-m-d")) . "' WHERE `templateid`='" . safeSQLstr($templateid) . "' LIMIT 1"; if ( ! ocsql_query($q) ) { $err = 'Unable to add/update database'; } } if (empty($err)) { print '

Template saved

'; } else { print '

' . $err . '

'; } oc_templateForm($templateid, $templatename, $subject, $body); break; default: warn('Request unknown'); exit; } } print ' '; printFooter(); ?>

Template Name:	letters, numbers, hyphen, underscore, and space
Subject:
Message:
' . safeHTMLstr($body) . ' Variables available for use in a message are based on the recipient group selected when sending the message. View a list of groups and variables.