PHP Classes

File: www/ajax/email.php

Recommend this page to a friend!
  Classes of Adnane EL Mouttaki   Covoiturage Libre   www/ajax/email.php   Download  
File: www/ajax/email.php
Role: Example script
Content type: text/plain
Description: Example script
Class: Covoiturage Libre
Web application for managing a carpoling site
Author: By
Last change:
Date: 6 years ago
Size: 2,844 bytes
 

Contents

Class file image Download
<?php
// anti-CSRF token
session_start();

if (isset(
$_POST) && !empty($_POST)) {
    if (!isset(
$_POST['token']) || !isset($_SESSION['cvtokenm'])) {
        echo
1;
        die();
    }
    if (
$_POST['token'] !== $_SESSION['cvtokenm']) {
        echo
1;
        die();
    }
}

require_once(
"../ScriptLibrary/form_functions.php");
$myToken = getTokenM();

require_once(
'../Connections/bddcovoiturette.php');
require_once(
'../ScriptLibrary/class.phpmailer.php');

if (!
function_exists("GetSQLValueString")) {
    function
GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
    {
      if (
PHP_VERSION < 6) {
       
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
      }
   
     
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
   
   
      return
$theValue;
    }
}


if (isset(
$_POST['c'])) {

$colname_RSannonce = $_POST['c'];
mysql_select_db($database_bddcovoiturette, $bddcovoiturette);
$query_RSannonce = sprintf("SELECT * FROM trajets WHERE CODE_CREATION = '%s'", GetSQLValueString($colname_RSannonce, "text"));
$RSannonce = mysql_query($query_RSannonce, $bddcovoiturette) or die(mysql_error());
$row_RSannonce = mysql_fetch_assoc($RSannonce);
$totalRows_RSannonce = mysql_num_rows($RSannonce);

switch(
$_POST['dep']){
    case
'pri':
   
$depart=$row_RSannonce['DEPART'];
    break;
   
    case
'eta1':
   
$depart=$row_RSannonce['ETAPE1'];
    break;
   
    case
'eta2':
   
$depart=$row_RSannonce['ETAPE2'];
    break;
   
    case
'eta3':
   
$depart=$row_RSannonce['ETAPE3'];
    break;
}
switch(
$_POST['arr']){
    case
'pri':
   
$arrivee=$row_RSannonce['ARRIVEE'];
    break;
   
    case
'eta1':
   
$arrivee=$row_RSannonce['ETAPE1'];
    break;
   
    case
'eta2':
   
$arrivee=$row_RSannonce['ETAPE2'];
    break;
   
    case
'eta3':
   
$arrivee=$row_RSannonce['ETAPE3'];
    break;
}

$to = $row_RSannonce['EMAIL'];
$from = GetSQLValueString($_POST['email'], "text");
$from_name = GetSQLValueString($_POST['nom'], "text");
$objet = "Covoiturage-libre.fr - Nouveau message";
   
$message = '
    <html>
     <body>
      <table width="750" border="0" cellpadding="0" cellspacing="0">
  <tr>
    <td width="260" valign="top"><img src="http://www.covoiturage-libre.fr/images/logo-email.jpg" alt="" width="250" height="200" /></td>
    <td valign="top">
    <font face="arial" size="2" color="#444444">
    <p>Trajet <strong>'
.$depart.'</strong> -> <strong>'.$arrivee.'</strong></p>
    <p>Un message vous a ?t? envoy? de la part de '
. utf8_decode($from_name) .' ('.$from.') : </p>
    '
.nl2br(utf8_decode($_POST['msg'])).'</font></td>
  </tr>
</table>
     </body>
    </html>'
;

$mail = new PHPMailer();
$mail->From = $from;
$mail->FromName = $from_name;
$mail->Subject =$objet;
$mail->AddAddress($to);
$mail->MsgHTML($message);
if (
$mail->Send()) {
   
$erreur = $myToken;
} else {
   
$erreur = 1;
}

mysql_free_result($RSannonce);

echo
$erreur;
}
?>