dbutils = new DbUtils(); } function handleCommand($command) { if ($command == 'sendMail') { $this->sendMail($_POST['role'],$_POST['topic'],$_POST['email'],$_POST['tel'],$_POST['allowSendRights'],$_POST['content']); } else { echo "Kommando nicht unterstuetzt."; } } function isUserAlreadyLoggedInForPhp() { if(session_id() == '') { session_start(); } if (!isset($_SESSION['angemeldet']) || !$_SESSION['angemeldet']) { return false; } else { return true; } } private function getFromEmail() { $pdo = $this->dbutils->openDbAndReturnPdo(); $email=""; $sql = "SELECT setting FROM %config% where name='email'"; $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $row =$stmt->fetchObject(); if ($row != null) { $email = $row->setting; } return $email; } function spamcheck($field) { // Sanitize e-mail address $field=filter_var($field, FILTER_SANITIZE_EMAIL); // Validate e-mail address if(filter_var($field, FILTER_VALIDATE_EMAIL)) { return TRUE; } else { return FALSE; } } function sqlresult($pdo,$sql,$sqlval) { $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $row =$stmt->fetchObject(); if ($row != null) { return($row->$sqlval); } else { return 0; } } function getdbinfo() { $pdo = $this->dbutils->openDbAndReturnPdo(); $info = "\n\nWaiting print jobs:\n"; // workprintjobswaiting $foodjobs = $this->sqlresult($pdo,"select count(id) as number from %printjobs% where type=1","number"); $drinkjobs = $this->sqlresult($pdo,"select count(id) as number from %printjobs% where type=2","number"); $payjobs = $this->sqlresult($pdo,"select count(id) as number from %printjobs% where type=3","number"); $info .= "Speisebons: $foodjobs\n"; $info .= "Getränkebons: $drinkjobs\n"; $info .= "Kassenbons: $payjobs\n\n"; // db sizes $info .= $this->getDatabaseSizes($pdo); return $info; } function getDatabaseSizes($pdo) { $sql = 'SELECT table_schema "Data Base Name", sum( data_length + index_length ) / 1024 / 1024 "Data Base Size in MB", sum( data_free )/ 1024 / 1024 "Free Space in MB" FROM information_schema.TABLES GROUP BY table_schema'; $pdo = $this->dbutils->openDbAndReturnPdo(); $stmt = $pdo->prepare($this->dbutils->resolveTablenamesInSqlString($sql)); $stmt->execute(); $result = $stmt->fetchAll(); $dbInfo = "DB-info:\n"; foreach($result as $row) { $dbInfo .= "Database '$row[0]', db size in MB: $row[1], free space in MB: $row[2]\n"; } $dbInfo .= "used DB '" . MYSQL_DB . "'\n\n"; return $dbInfo; } function sendMail($role,$topic,$email,$tel,$allowSendRights,$content) { if (!$this->spamcheck($email)) { echo json_encode("Falsche Emailadresse eingegeben!"); return; } $headers = "MIME-Version: 1.0\n"; $headers .= "Content-type: text/plain; charset=iso-8859-1\n"; $rights = "Keine Rechteinformation"; $from = $this->getFromEmail(); if ($this->spamcheck($from)) { $headers .= "To: feedback@ordersprinter.de\n"; $headers .= "From: $from\n"; $headers .= "Cc: $email\n"; if ($this->isUserAlreadyLoggedInForPhp()) { if ($allowSendRights) { $rights = "Userid = " . $_SESSION['userid'] . "\n"; $rights .= "Username = " . $_SESSION['currentuser'] . "\n"; $rights .= "isAdmin = " . ($_SESSION['is_admin'] ? "ja" : "nein") . "\n"; $rights .= "right_waiter = " . ($_SESSION['right_waiter'] ? "ja" : "nein") . "\n"; $rights .= "right_kitchen = " . ($_SESSION['right_kitchen'] ? "ja" : "nein") . "\n"; $rights .= "right_bar = " . ($_SESSION['right_bar'] ? "ja" : "nein") . "\n"; $rights .= "right_supply = " . ($_SESSION['right_supply'] ? "ja" : "nein") . "\n"; $rights .= "right_paydesk = " . ($_SESSION['right_paydesk'] ? "ja" : "nein") . "\n"; $rights .= "right_statistics = " . ($_SESSION['right_statistics'] ? "ja" : "nein") . "\n"; $rights .= "right_bill = " . ($_SESSION['right_bill'] ? "ja" : "nein") . "\n"; $rights .= "right_products = " . ($_SESSION['right_products'] ? "ja" : "nein") . "\n"; $rights .= "right_manager = " . ($_SESSION['right_manager'] ? "ja" : "nein"); $rights .= $this->getdbinfo(); } $server = $_SERVER['HTTP_USER_AGENT']; $msg = "Rolle: $role\nEmail: $email\nTel.: $tel\nRechte: $rights\nServer:$server\n\nNachtricht:\n$content"; $msg = wordwrap($msg, 70); // Verarbeitet \r\n's zuerst, so dass sie nicht doppelt konvertiert werden $msg = str_replace("\n", "\r\n", $msg); if (mail("feedback@ordersprinter.de", $topic, $msg, $headers, "-f $from")) { echo json_encode("OK"); } else { echo json_encode("Fehler: Mail konnte nicht verschickt werden! Stimmt die PHP-Konfiguration auf dem Server?"); } } else { echo json_encode("Fehler: Benutzer nicht eingeloggt!"); } } else { echo json_encode("Mailkonfiguration von OrderSprinter fehlerhaft!"); } } } ?>