array('country', 'email', 'message', 'name'), 'inquiry' => array('country', 'email', 'message', 'name', 'subject'), 'triage' => array('country', 'email', 'message', 'name'), 'warranty' => array('country', 'email', 'message', 'name'), 'wanted' => array('country', 'email', 'message', 'name'), ); // maybe should unset $posted["attention"] before assigning value unset($posted['attention']); if (array_key_exists($action_type, $required)) { foreach ($required[$action_type] as $k) { if (!array_key_exists($k, $action_array) || '' == $action_array[$k]) { $valid = false; $posted['attention'][] = $k; } elseif (strpbrk($action_array[$k], '<>[]{}"') !== false) { if (in_array($k, array('name'))) { $valid = false; $posted['attention'][] = $k; } } } } if (function_exists('spamcheck')) { $_REQUEST['email'] = $action_array['email']; $spamcheck = spamcheck(); if (SPAMCHECK_OK !== $spamcheck) { $valid = false; } if (SPAMCHECK_REFERER == $spamcheck) { $posted['attention'][] = 'HTTP_REFERER'; } elseif (SPAMCHECK_RATELIMIT == $spamcheck) { $posted['attention'][] = 'RATE_LIMIT'; } elseif (SPAMCHECK_HONEYPOT == $spamcheck) { $posted['attention'][] = 'honeypot'; } elseif (SPAMCHECK_REMOTE_ADDR == $spamcheck) { $posted['attention'][] = 'REMOTE_ADDR'; } elseif (SPAMCHECK_EMAIL == $spamcheck) { $posted['attention'][] = 'email'; } elseif (SPAMCHECK_RECAPTCHA == $spamcheck) { $posted['attention'][] = 'recaptcha'; $posted['attention'][] = 'verify'; } if (count($posted['attention'])) { //$valid = false; } } if(isset($posted['inquiry']['message']) && !empty($posted['inquiry']['message']) && preg_match('/http|www/i',$posted['inquiry']['message'])) { $valid = false; } if(isset($posted['inquiry']['subject']) && !empty($posted['inquiry']['subject']) && preg_match('/http|www/i',$posted['inquiry']['subject'])) { $valid = false; } if(isset($posted['inquiry']['name']) && !empty($posted['inquiry']['name']) && preg_match('/http|www/i',$posted['inquiry']['name'])) { $valid = false; } if (!isset($_SESSION['remove_spam'])) { $valid = false; } if (!$valid) { $posted['action'] = 'bad_send_' . $action_type; redirect('?' . http_build_query($posted)); die(); } /** * Create or load a matching member */ $member_id = $_GLOBALS['member']['id']; if (moduleLoad('member')) { if (0 == $member_id) { $row = $DB->query_first(sprintf( "SELECT `member_id` FROM `highwaygroup`.`new_members` WHERE `email_address` = %s LIMIT 1", formatSQLString($action_array['email']) ), MYSQLI_ASSOC); if (is_null($row)) { $member_id = 0; } else { $member_id = intval($row['member_id']); } } if (0 == $member_id) { /** * Create a matching member * * @var mixed[] $member */ include __DIR__ . '/build_member.inc.php'; //$member["id"] = $member["member_id"] = $member_id = memberToDatabase($member); $insert = array(); foreach (getTableColumns('`highwaygroup`.`new_members`') as $k) { if (array_key_exists($k, $member)) { $insert['`' . $k . '`'] = formatSQLString($member[$k]); } } if (count($insert)) { $DB->query('INSERT INTO `highwaygroup`.`new_members` (' . implode(', ', array_keys($insert)) . ') VALUES (' . implode(', ', array_values($insert)) . ')'); $member['id'] = $member['member_id'] = $member_id = $DB->insert_id(); } } $_GLOBALS['member'] = memberFromDatabase($member_id); } /** * Subscribe member to selected newsletters */ if (array_key_exists('newsletter', $action_array) && is_array($action_array['newsletter'])) { foreach ($action_array['newsletter'] as $v) { memberMailingListSignup($_GLOBALS['member'], $_GLOBALS['site_settings']['site_id'], $v); } } /** * Create a matching invoice * * @var mixed[] $invoice * @var mixed[] $invoice_products * @var mixed[] $invoice_charges * @var mixed[] $invoice_courier_quotes */ include __DIR__ . '/build_inquiry.inc.php'; /** * Save invoice to database and fetch invoice_id */ $invoice['invoice_id'] = $invoice_id = invoiceToDatabase($invoice); foreach ($invoice_charges as $k => $v) { $invoice_charges[$k]['invoice_id'] = $invoice_id; } invoiceChargesToDatabase($invoice_id, $invoice_charges); foreach ($invoice_courier_quotes as $k => $v) { $invoice_courier_quotes[$k]['invoice_id'] = $invoice_id; } invoiceCourierQuotesToDatabase($invoice_id, $invoice_courier_quotes); foreach ($invoice_products as $k => $v) { $invoice_products[$k]['invoice_id'] = $invoice_id; } invoiceProductsToDatabase($invoice_id, $invoice_products); $invoice_template_vars = invoiceTemplateVars($invoice, $invoice_products, $invoice_charges); /** * If it's a chat request, check if available staff and forward to waiting room */ if ('triage' == $action_type) { $row = $DB->query_first(sprintf( 'SELECT `staff_id` FROM `highwaygroup`.`chat_staff` WHERE `site_id` = %d AND `modified` > %d', $_GLOBALS['site_settings']['site_id'], $_SERVER['REQUEST_TIME'] - 300 )); if ($row['staff_id']) { $DB->query(sprintf( 'INSERT INTO `highwaygroup`.`chats` (`invoice_id`, `subject`, `created`, `modified`) VALUES (%d, %s, NOW(), NOW())', $invoice['invoice_id'], formatSQLString((array_key_exists('subject', $action_array) && '' != $action_array['subject']) ? $action_array['subject'] : substr($action_array['message'], 0, 255)) )); $chat_id = $DB->insert_id(); $rand_num = mt_rand(0, 2147483647); $DB->query(sprintf( 'INSERT INTO `highwaygroup`.`chat_subscribers` (`rand_num`, `chat_id`, `handle`, `created`, `modified`) VALUES (%d, %d, %s, NOW(), NOW())', $rand_num, $chat_id, formatSQLString($action_array['name']) )); $subscriber_id = $DB->insert_id(); $DB->query(sprintf( 'INSERT INTO `highwaygroup`.`chat_transcript` (`chat_id`, `subscriber_id`, `message`, `created`, `modified`) VALUES (%d, %d, %s, NOW(), NOW())', $chat_id, $subscriber_id, formatSQLString($action_array['message']) )); $url = array( 'chat_id' => $chat_id, 'subscriber_id' => $subscriber_id, 'rand_num' => $rand_num, ); //redirect(rtrim("/contact/waiting.html?" . http_build_query($url), "?")); redirect(rtrim('/livesupport/waiting.html?' . http_build_query($url), '?')); die(); } } $template_engine = new Template(); $template_engine->set_vars($invoice_template_vars); $email_template_list = invoiceEmailTemplatesList(); $mailer = new PHPMailer(); $mailer->From = $_GLOBALS['site_settings']['email_sales']; $mailer->FromName = $_GLOBALS['site_settings']['site_name']; $mailer->Sender = 'no-reply@highwaygroup.net'; /** * Send staff notification for new invoice */ if (function_exists('notifyActionMade')) { notifyActionMade(NOTIFY_INQUIRY_CREATED, $invoice['site_id'], $invoice_template_vars); } $email_template = $email_template_list[INVOICE_EMAIL_CONTACT]; if (is_null($email_template)) { $email_template = array(); } foreach ($email_template as $k => $v) { $template_engine->set_contents($v); $email_template[$k] = $template_engine->apply(); } $mailer->CharSet = 'utf-8'; $mailer->isHTML(true); $mailer->AddAddress($invoice['bill_email'], $invoice['bill_name']); //$mailer->AddBcc($_GLOBALS['site_settings']['email_sales']); $mailer->addBCC('backup@highwaygroup.net'); if (function_exists('notifyActionRecipients')) { foreach (notifyActionRecipients(NOTIFY_GENERIC, $invoice['site_id']) as $email_address => $email_name) { $mailer->addBCC($email_address, $email_name); } } /* if (function_exists('notifyOptionsFromDatabase') && function_exists('staffFromDatabase')) { foreach (notifyOptionsFromDatabase() as $row) { if ($row['site_id'] == $_GLOBALS['site_settings']['site_id'] && NOTIFY_GENERIC == $row['action_id']) { $staff = staffFromDatabase($row['staff_id']); if ('y' == $staff['active']) { $staff_email = staffEmailFromDatabase($row['staff_id'], $_GLOBALS['site_settings']['site_id']); if ('' != $staff_email) { $staff['email'] = $staff_email; } $mailer->AddBcc($staff['email'], $invoice['bill_name']); } } } } */ $mailer->AddCustomHeader(sprintf('X-Invoice-ID: %08x%08x', $invoice_id, $_GLOBALS['member']['id'])); $mailer->Subject = $email_template['template_subject']; $mailer->Body = $email_template['template_text']; $mailer->AltBody = generateAlternateText($email_template['template_text']); if ($mailer->Send()) { $addresses = array(); foreach ($mailer->getToAddresses() as $v) { $addresses[] = $mailer->AddrFormat($v); } invoiceHistoryToDatabase($invoice_id, array( 'invoice_id' => $invoice_id, 'message_type_id' => INVOICE_MESSAGE_INQUIRY_SENT, 'message_date' => substr(formatSQLDateTime($_SERVER['REQUEST_TIME']), 1, -1), 'message_sender' => $mailer->AddrFormat(array($mailer->From, $mailer->FromName)), 'message_sentto' => implode(', ', $addresses), 'message_title' => $mailer->Subject, 'message_notes' => $mailer->Body, 'message_raw' => $mailer->CreateHeader() . $mailer->CreateBody(), )); /* if (function_exists("notifyActionMade")) { notifyActionMade(NOTIFY_GENERIC, $_GLOBALS['site_settings']['site_id'], array_merge($email_template->vars, array( "[EMAIL_SUBJECT]" => $email_template['template_subject'], "[EMAIL_BODY]" => $email_template['template_text'], )), true); } */ } $mailer->ClearAllRecipients(); $mailer->ClearCustomHeaders(); unset($mailer); $url = array( 'invoice_id' => $invoice['invoice_id'], 'rand_num' => $invoice['rand_num'], ); redirect(rtrim('/contact/contact_done.html?' . http_build_query($url), '?')); die(); } include_once __DIR__ . '/header.inc.php'; if (22 == $_GLOBALS['site_settings']['site_id']) { ?>
0) && (!is_file($test2) || filesize($test2) > 0)); if ($test3) { ?>