From 6afb656d0348383f99c247ba1a906f24d45b5e8f Mon Sep 17 00:00:00 2001 From: Ahmed Genedy Date: Wed, 27 Dec 2023 00:09:03 +0000 Subject: [PATCH] Upgrade codebase to AppGini 23.17 --- app/admin/getUsers.php | 2 +- app/admin/incFunctions.php | 305 +- app/admin/incHeader.php | 45 +- app/admin/index.php | 10 +- app/admin/pageInstallPlugin.php | 550 ++ app/admin/pageServerStatus.php | 4 +- app/admin/pageViewGroups.php | 21 +- app/ajax_combo.php | 4 +- app/applicants_and_tenants_autofill.php | 2 +- app/applicants_and_tenants_dml.php | 2 +- app/applicants_and_tenants_view.php | 2 +- app/applications_leases_autofill.php | 2 +- app/applications_leases_dml.php | 2 +- app/applications_leases_view.php | 2 +- app/common.js | 141 +- app/datalist.php | 102 +- app/defaultFilters.php | 19 +- app/defaultLang.php | 17 + app/definitions.php | 2 +- app/dynamic.css | 45 +- ...employment_and_income_history_autofill.php | 2 +- app/employment_and_income_history_dml.php | 2 +- app/employment_and_income_history_view.php | 2 +- app/footer.php | 2 +- app/header.php | 46 +- app/incCommon.php | 327 +- app/language.php | 17 + app/lib.php | 4 +- app/parent-children.php | 350 +- app/properties_autofill.php | 2 +- app/properties_dml.php | 2 +- app/properties_view.php | 2 +- app/property_photos_autofill.php | 2 +- app/property_photos_dml.php | 2 +- app/property_photos_view.php | 2 +- app/references_autofill.php | 2 +- app/references_dml.php | 2 +- app/references_view.php | 2 +- app/rental_owners_autofill.php | 2 +- app/rental_owners_dml.php | 2 +- app/rental_owners_view.php | 2 +- app/residence_and_rental_history_autofill.php | 2 +- app/residence_and_rental_history_dml.php | 2 +- app/residence_and_rental_history_view.php | 2 +- .../lib/PHPMailer/PHPMailer/Exception.php | 40 + .../lib/PHPMailer/PHPMailer/PHPMailer.php | 5126 +++++++++++++++++ .../lib/PHPMailer/PHPMailer/SMTP.php | 1466 +++++ app/resources/lib/Request.php | 13 + app/resources/lib/WindowMessages.php | 214 + .../moment/moment-with-locales.min.js | 3 +- app/settings-manager.php | 3 +- .../applicants_and_tenants_templateTVS.html | 24 +- .../applications_leases_templateTVS.html | 26 +- ...oyment_and_income_history_templateTVS.html | 16 +- app/templates/properties_templateTVS.html | 18 +- .../property_photos_templateTVS.html | 6 +- app/templates/references_templateTVS.html | 6 +- app/templates/rental_owners_templateTVS.html | 26 +- ...idence_and_rental_history_templateTVS.html | 16 +- app/templates/unit_photos_templateTVS.html | 6 +- app/templates/units_templateTVS.html | 26 +- app/unit_photos_autofill.php | 2 +- app/unit_photos_dml.php | 2 +- app/unit_photos_view.php | 2 +- app/units_autofill.php | 2 +- app/units_dml.php | 2 +- app/units_view.php | 2 +- orpm.axp | 2 +- 68 files changed, 8592 insertions(+), 518 deletions(-) create mode 100644 app/admin/pageInstallPlugin.php create mode 100644 app/resources/lib/PHPMailer/PHPMailer/Exception.php create mode 100644 app/resources/lib/PHPMailer/PHPMailer/PHPMailer.php create mode 100644 app/resources/lib/PHPMailer/PHPMailer/SMTP.php create mode 100644 app/resources/lib/WindowMessages.php diff --git a/app/admin/getUsers.php b/app/admin/getUsers.php index 2c0c47d..2ea6847 100644 --- a/app/admin/getUsers.php +++ b/app/admin/getUsers.php @@ -1,5 +1,5 @@ escaped_str */ if(!strlen($string)) return ''; + if(is_numeric($string)) return db_escape($string); // don't cache numbers to avoid cases like '3.5' being equivelant to '3' in array indexes if(!db_link()) sql("SELECT 1+1", $eo); @@ -656,7 +657,7 @@ function curl_insert_handler($table, $data) { $payload = $data; $payload['insert_x'] = 1; - $url = (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . config('host') . '/' . application_uri("{$table}_view.php"); + $url = application_url("{$table}_view.php"); $token = jwt_token(); $options = [ CURLOPT_URL => $url, @@ -758,6 +759,10 @@ function errorMsg($msg) { ######################################################################## function redirect($url, $absolute = false) { $fullURL = ($absolute ? $url : application_url($url)); + + // append browser window id to url (check if it should be preceded by ? or &) + $fullURL .= (strpos($fullURL, '?') === false ? '?' : '&') . WindowMessages::windowIdQuery(); + if(!headers_sent()) header("Location: {$fullURL}"); echo ""; @@ -889,9 +894,13 @@ function setupMembership() { 'pageRebuildFields.php', 'pageSettings.php', 'ajax_check_login.php', - 'ajax-update-calculated-fields.php', + 'parent-children.php', ])) return; + // abort if current page is ajax + if(is_ajax()) return; + if(strpos(basename($_SERVER['PHP_SELF']), 'ajax-') === 0) return; + // run once per session, but force proceeding if not all mem tables created $res = sql("show tables like 'membership_%'", $eo); $num_mem_tables = db_num_rows($res); @@ -1803,6 +1812,107 @@ function get_table_fields($tn = null) { return isset($schema[$tn]) ? $schema[$tn] : []; } + ######################################################################## + function updateField($tn, $fn, $dataType, $notNull = false, $default = null, $extra = null) { + $sqlNull = $notNull ? 'NOT NULL' : 'NULL'; + $sqlDefault = $default === null ? '' : "DEFAULT '" . makeSafe($default) . "'"; + $sqlExtra = $extra === null ? '' : $extra; + + // get current field definition + $col = false; + $eo = ['silentErrors' => true]; + $res = sql("SHOW COLUMNS FROM `{$tn}` LIKE '{$fn}'", $eo); + if($res) $col = db_fetch_assoc($res); + + // if field does not exist, create it + if(!$col) { + sql("ALTER TABLE `{$tn}` ADD COLUMN `{$fn}` {$dataType} {$sqlNull} {$sqlDefault} {$sqlExtra}", $eo); + return; + } + + // if field exists, alter it if needed + if( + strtolower($col['Type']) != strtolower($dataType) || + (strtolower($col['Null']) == 'yes' && $notNull) || + (strtolower($col['Null']) == 'no' && !$notNull) || + (strtolower($col['Default']) != strtolower($default)) || + (strtolower($col['Extra']) != strtolower($extra)) + ) { + sql("ALTER TABLE `{$tn}` CHANGE COLUMN `{$fn}` `{$fn}` {$dataType} {$sqlNull} {$sqlDefault} {$sqlExtra}", $eo); + } + } + + ######################################################################## + function addIndex($tn, $fields, $unique = false) { + // if $fields is a string, convert it to an array + if(!is_array($fields)) $fields = [$fields]; + + // reshape fields so that key is field name and value is index length or null for full length + $fields2 = []; + foreach($fields as $k => $v) { + if(is_numeric($k)) { + $fields2[$v] = null; // $v is field name and index length is full length + continue; + } + + $fields2[$k] = $v; // $k is field name and $v is index length + } + unset($fields); $fields = $fields2; + + // prepare index name and sql + $index_name = implode('_', array_keys($fields)); + $sql = "ALTER TABLE `{$tn}` ADD " . ($unique ? 'UNIQUE ' : '') . "INDEX `{$index_name}` ("; + foreach($fields as $field => $length) + $sql .= "`$field`" . ($length === null ? '' : "($length)") . ','; + $sql = rtrim($sql, ',') . ')'; + + // get current indexes + $eo = ['silentErrors' => true]; + $res = sql("SHOW INDEXES FROM `{$tn}`", $eo); + $indexes = []; + while($row = db_fetch_assoc($res)) + $indexes[$row['Key_name']][$row['Seq_in_index']] = $row; + + // if index does not exist, create it + if(!isset($indexes[$index_name])) { + sql($sql, $eo); + return; + } + + // if index exists, alter it if needed + $index = $indexes[$index_name]; + $index_changed = false; + $index_fields = []; + foreach($index as $seq_in_index => $info) + $index_fields[$seq_in_index] = $info['Column_name']; + + if(count($index_fields) != count($fields)) $index_changed = true; + foreach($fields as $field => $length) { + // check if field exists in index + $seq_in_index = array_search($field, $index_fields); + if($seq_in_index === false) { + $index_changed = true; + break; + } + + // check if field length is different + if($length !== null && $length != $index[$seq_in_index]['Sub_part']) { + $index_changed = true; + break; + } + + // check index uniqueness + if(($unique && $index[$seq_in_index]['Non_unique'] == 1) || (!$unique && $index[$seq_in_index]['Non_unique'] == 0)) { + $index_changed = true; + break; + } + } + if(!$index_changed) return; + + sql("ALTER TABLE `{$tn}` DROP INDEX `{$index_name}`", $eo); + sql($sql, $eo); + } + ######################################################################## function update_membership_groups() { $tn = 'membership_groups'; @@ -1820,9 +1930,9 @@ function update_membership_groups() { ) CHARSET " . mysql_charset, $eo); - sql("ALTER TABLE `{$tn}` CHANGE COLUMN `name` `name` VARCHAR(100) NOT NULL", $eo); - sql("ALTER TABLE `{$tn}` ADD UNIQUE INDEX `name` (`name`)", $eo); - sql("ALTER TABLE `{$tn}` ADD COLUMN `allowCSVImport` TINYINT NOT NULL DEFAULT '0'", $eo); + updateField($tn, 'name', 'VARCHAR(100)', true); + addIndex($tn, 'name', true); + updateField($tn, 'allowCSVImport', 'TINYINT', true, '0'); } ######################################################################## function update_membership_users() { @@ -1853,14 +1963,14 @@ function update_membership_users() { ) CHARSET " . mysql_charset, $eo); - sql("ALTER TABLE `{$tn}` ADD COLUMN `pass_reset_key` VARCHAR(100)", $eo); - sql("ALTER TABLE `{$tn}` ADD COLUMN `pass_reset_expiry` INT UNSIGNED", $eo); - sql("ALTER TABLE `{$tn}` CHANGE COLUMN `passMD5` `passMD5` VARCHAR(255)", $eo); - sql("ALTER TABLE `{$tn}` CHANGE COLUMN `memberID` `memberID` VARCHAR(100) NOT NULL", $eo); - sql("ALTER TABLE `{$tn}` ADD INDEX `groupID` (`groupID`)", $eo); - sql("ALTER TABLE `{$tn}` ADD COLUMN `flags` TEXT", $eo); - sql("ALTER TABLE `{$tn}` ADD COLUMN `allowCSVImport` TINYINT NOT NULL DEFAULT '0'", $eo); - sql("ALTER TABLE `{$tn}` ADD COLUMN `data` LONGTEXT", $eo); + updateField($tn, 'pass_reset_key', 'VARCHAR(100)'); + updateField($tn, 'pass_reset_expiry', 'INT UNSIGNED'); + updateField($tn, 'passMD5', 'VARCHAR(255)'); + updateField($tn, 'memberID', 'VARCHAR(100)', true); + addIndex($tn, 'groupID'); + updateField($tn, 'flags', 'TEXT'); + updateField($tn, 'allowCSVImport', 'TINYINT', true, '0'); + updateField($tn, 'data', 'LONGTEXT'); } ######################################################################## function update_membership_userrecords() { @@ -1885,12 +1995,12 @@ function update_membership_userrecords() { ) CHARSET " . mysql_charset, $eo); - sql("ALTER TABLE `{$tn}` ADD UNIQUE INDEX `tableName_pkValue` (`tableName`, `pkValue`(100))", $eo); - sql("ALTER TABLE `{$tn}` ADD INDEX `pkValue` (`pkValue`)", $eo); - sql("ALTER TABLE `{$tn}` ADD INDEX `tableName` (`tableName`)", $eo); - sql("ALTER TABLE `{$tn}` ADD INDEX `memberID` (`memberID`)", $eo); - sql("ALTER TABLE `{$tn}` ADD INDEX `groupID` (`groupID`)", $eo); - sql("ALTER TABLE `{$tn}` CHANGE COLUMN `memberID` `memberID` VARCHAR(100)", $eo); + addIndex($tn, ['tableName' => null, 'pkValue' => 100], true); + addIndex($tn, 'pkValue'); + addIndex($tn, 'tableName'); + addIndex($tn, 'memberID'); + addIndex($tn, 'groupID'); + updateField($tn, 'memberID', 'VARCHAR(100)'); } ######################################################################## function update_membership_grouppermissions() { @@ -1910,7 +2020,7 @@ function update_membership_grouppermissions() { ) CHARSET " . mysql_charset, $eo); - sql("ALTER TABLE `{$tn}` ADD UNIQUE INDEX `groupID_tableName` (`groupID`, `tableName`)", $eo); + addIndex($tn, ['groupID', 'tableName'], true); } ######################################################################## function update_membership_userpermissions() { @@ -1930,8 +2040,8 @@ function update_membership_userpermissions() { ) CHARSET " . mysql_charset, $eo); - sql("ALTER TABLE `{$tn}` CHANGE COLUMN `memberID` `memberID` VARCHAR(100) NOT NULL", $eo); - sql("ALTER TABLE `{$tn}` ADD UNIQUE INDEX `memberID_tableName` (`memberID`, `tableName`)", $eo); + updateField($tn, 'memberID', 'VARCHAR(100)', true); + addIndex($tn, ['memberID', 'tableName'], true); } ######################################################################## function update_membership_usersessions() { @@ -1951,6 +2061,22 @@ function update_membership_usersessions() { $eo); } ######################################################################## + function update_membership_cache() { + $tn = 'membership_cache'; + $eo = ['silentErrors' => true, 'noErrorQueryLog' => true]; + + sql( + "CREATE TABLE IF NOT EXISTS `membership_cache` ( + `request` VARCHAR(100) NOT NULL, + `request_ts` INT, + `response` LONGTEXT, + PRIMARY KEY (`request`) + ) CHARSET " . mysql_charset, + $eo); + + updateField($tn, 'response', 'LONGTEXT'); + } + ######################################################################## function thisOr($this_val, $or = ' ') { return ($this_val != '' ? $this_val : $or); } @@ -2069,8 +2195,15 @@ function normalize_path($path) { ######################################################################## function application_url($page = '', $s = false) { if($s === false) $s = $_SERVER; - $ssl = (!empty($s['HTTPS']) && strtolower($s['HTTPS']) != 'off'); + + $ssl = ( + (!empty($s['HTTPS']) && strtolower($s['HTTPS']) != 'off') + // detect reverse proxy SSL + || (!empty($s['HTTP_X_FORWARDED_PROTO']) && strtolower($s['HTTP_X_FORWARDED_PROTO']) == 'https') + || (!empty($s['HTTP_X_FORWARDED_SSL']) && strtolower($s['HTTP_X_FORWARDED_SSL']) == 'on') + ); $http = ($ssl ? 'https:' : 'http:'); + $port = $s['SERVER_PORT']; $port = ($port == '80' || $port == '443' || !$port) ? '' : ':' . $port; // HTTP_HOST already includes server port if not standard, but SERVER_NAME doesn't @@ -2387,12 +2520,7 @@ function sendmail($mail) { $cfg = config('adminConfig'); $smtp = ($cfg['mail_function'] == 'smtp'); - if(!class_exists('PHPMailer', false)) { - include_once(__DIR__ . '/../resources/PHPMailer/class.phpmailer.php'); - if($smtp) include_once(__DIR__ . '/../resources/PHPMailer/class.smtp.php'); - } - - $pm = new PHPMailer; + $pm = new PHPMailer\PHPMailer\PHPMailer; $pm->CharSet = datalist_db_encoding; if($smtp) { @@ -3236,3 +3364,122 @@ function denyAccess($msg = null) { function is_xhr() { return (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'); } + + /** + * @brief send a json response to the client and terminate + * + * @param [in] $dataOrMsg mixed, either an array of data to send, or a string error message + * @param [in] $isError bool, true if $dataOrMsg is an error message, false if it's data + * @param [in] $errorStatusCode int, HTTP status code to send + * + * @details if $isError is true, $dataOrMsg is assumed to be an error message and $errorStatusCode is sent as the HTTP status code + * example error response: `{"status":"error","message":"Access denied"}` + * if $isError is false, $dataOrMsg is assumed to be data and $errorStatusCode is ignored + * example success response: `{"status":"success","data":{"id":1,"name":"John Doe"}}` + */ + function json_response($dataOrMsg, $isError = false, $errorStatusCode = 400) { + @header('Content-type: application/json'); + + if($isError) { + @header($_SERVER['SERVER_PROTOCOL'] . ' ' . $errorStatusCode . ' Internal Server Error'); + @header('Status: ' . $errorStatusCode . ' Bad Request'); + + die(json_encode([ + 'status' => 'error', + 'message' => $dataOrMsg, + ])); + } + + die(json_encode([ + 'status' => 'success', + 'data' => $dataOrMsg, + ])); + } + + /** + * @brief Check if a string is alphanumeric. + * We're defining it here in case it's not defined by some PHP installations. + * It's reuired by PHPMailer. + * + * @param [in] $str string to check + * @return bool, true if $str is alphanumeric, false otherwise + */ + if(!function_exists('ctype_alnum')) { + function ctype_alnum($str) { + return preg_match('/^[a-zA-Z0-9]+$/', $str); + } + } + + /** + * Perform an HTTP request and return the response, including headers and body, with support to cookies + * + * @param string $url URL to request + * @param array $payload payload to send with the request + * @param array $headers headers to send with the request, in the format ['header' => 'value'] + * @param string $type request type, either 'GET' or 'POST' + * @param string $cookieJar path to a file to read/store cookies in + * + * @return array response, including `'headers'` and `'body'`, or error info if request failed + */ + function httpRequest($url, $payload = [], $headers = [], $type = 'GET', $cookieJar = null) { + // prep raw headers + if(!isset($headers['User-Agent'])) $headers['User-Agent'] = $_SERVER['HTTP_USER_AGENT']; + if(!isset($headers['Accept'])) $headers['Accept'] = $_SERVER['HTTP_ACCEPT']; + $rawHeaders = []; + foreach($headers as $k => $v) $rawHeaders[] = "$k: $v"; + + $payloadQuery = http_build_query($payload); + + // for GET requests, append payload to url + if($type == 'GET' && strlen($payloadQuery)) $url .= "?$payloadQuery"; + + $respHeaders = []; + $ch = curl_init(); + $options = [ + CURLOPT_URL => $url, + CURLOPT_POST => ($type == 'POST'), + CURLOPT_POSTFIELDS => ($type == 'POST' && strlen($payloadQuery) ? $payloadQuery : null), + CURLOPT_HEADER => false, + CURLOPT_HEADERFUNCTION => function($curl, $header) use (&$respHeaders) { + list($k, $v) = explode(': ', $header); + $respHeaders[trim($k)] = trim($v); + return strlen($header); + }, + CURLOPT_HTTPHEADER => $rawHeaders, + CURLOPT_FOLLOWLOCATION => true, + CURLOPT_RETURNTRANSFER => true, + ]; + + /* if this is a localhost request, no need to verify SSL */ + if(preg_match('/^https?:\/\/(localhost|127\.0\.0\.1)/i', $url)) { + $options[CURLOPT_SSL_VERIFYPEER] = false; + $options[CURLOPT_SSL_VERIFYHOST] = false; + } + + if($cookieJar) { + $options[CURLOPT_COOKIEJAR] = $cookieJar; + $options[CURLOPT_COOKIEFILE] = $cookieJar; + } + + if(defined('CURLOPT_TCP_FASTOPEN')) $options[CURLOPT_TCP_FASTOPEN] = true; + if(defined('CURLOPT_UNRESTRICTED_AUTH')) $options[CURLOPT_UNRESTRICTED_AUTH] = true; + + curl_setopt_array($ch, $options); + + $respBody = curl_exec($ch); + + if($respBody === false) return [ + 'error' => curl_error($ch), + 'info' => curl_getinfo($ch), + ]; + + curl_close($ch); + + // wait for 0.05 seconds after launching request + usleep(50000); + + return [ + 'headers' => $respHeaders, + 'body' => $respBody, + ]; + } diff --git a/app/admin/incHeader.php b/app/admin/incHeader.php index 3de3a70..012a29c 100644 --- a/app/admin/incHeader.php +++ b/app/admin/incHeader.php @@ -218,21 +218,36 @@ function hideDialogs() { - -
  • - - -
    • - +
  • + + +
    • diff --git a/app/admin/index.php b/app/admin/index.php index f0c763d..b63cc73 100644 --- a/app/admin/index.php +++ b/app/admin/index.php @@ -2,7 +2,13 @@ error_reporting(E_ERROR | E_PARSE); $host = $_SERVER['HTTP_HOST']; $uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\'); - $http = (strtolower($_SERVER['HTTPS']) == 'on' ? 'https:' : 'http:'); + $ssl = ( + (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) != 'off') + // detect reverse proxy SSL + || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https') + || (!empty($_SERVER['HTTP_X_FORWARDED_SSL']) && strtolower($_SERVER['HTTP_X_FORWARDED_SSL']) == 'on') + ); + $http = ($ssl ? 'https://' : 'http://'); - header("Location: {$http}//{$host}{$uri}/pageHome.php"); + header("Location: {$http}{$host}{$uri}/pageHome.php"); exit; diff --git a/app/admin/pageInstallPlugin.php b/app/admin/pageInstallPlugin.php new file mode 100644 index 0000000..5cb50b2 --- /dev/null +++ b/app/admin/pageInstallPlugin.php @@ -0,0 +1,550 @@ + display the HTML page + 2. Ajax POST request containing `email` and `orderNum` => perform order login, process response HTML to extract download links, parse plugin names from links, and send list of plugin names as JSON response + 3. Ajax POST request containing `installPlugin` which is a plugin name => install the plugin and send JSON response indicating success or failure with reason + 4. Ajax POST request containing `installPlugin` which is a plugin name and `confirmReinstall` => install the plugin, overwriting pre-installed files, and send JSON response indicating success or failure with reason + */ + + // if this is a GET request, display the HTML page + if($_SERVER['REQUEST_METHOD'] == 'GET') + showPage(); // exits after displaying the page + + // validate csrf token + if(!csrf_token(true)) + if(is_ajax()) + die(json_response($Translation['csrf token expired or invalid'], true)); + else + die($Translation['csrf token expired or invalid']); + + // if we have an email and order number, handle order login logic + if(Request::val('email') && Request::val('orderNum')) + die(handleOrderLogin()); + + // if we have a plugin name, handle plugin installation logic + if(Request::val('installPlugin')) + die(handlePluginInstall()); + + // if we get here, we have an invalid request + die('Invalid request'); + + // function to display the HTML page + function showPage() { + global $Translation; + $missing = missingDependencies(); + + include(__DIR__ . '/incHeader.php'); + ?> +

    + + +

    + + +
    +

    + +

    +
      + +
      • + +
    +
    + + + +
    + + +
    +
    +

    + + + + +

    +
    + +
    + + +
    +
    +

    + + + + +

    +
    + +
    + + +
    +
    +

    + + + + +

    +
    + +
    + +
    + + + + + + + class_exists('ZipArchive'), + // cURL is required for making HTTP requests + 'cURL extension not enabled' => function_exists('curl_init'), + // 'plugins' folder is writable + 'Plugins folder not writable' => is_writable($pluginsFolder), + ]; + + // if all dependencies are met, return false + if(!in_array(false, $dependencies, true)) + return false; + + // return missing dependencies + return array_keys(array_filter($dependencies, function($v) { return !$v; })); + } + + // function to handle order login logic + function handleOrderLogin() { + global $Translation; + + // get the email and order number + $email = Request::val('email'); + $order = Request::val('orderNum'); + + // validate the email + if(!isEmail($email)) + die(json_response($Translation['invalid email'], true)); + + // validate the order number (alpha-numeric and hyphens only, 5-20 characters) + if(!preg_match('/^[a-z0-9\-]{5,20}$/i', $order)) + die(json_response($Translation['invalid order number'], true)); + + // POST the email and order number to the order login page + // first, set referer header to https://bigprof.com/appgini/download-plugins + $headers = ['Referer' => 'https://bigprof.com/appgini/download-plugins']; + $resp = httpRequest('https://bigprof.com/appgini/download-plugins', compact('email', 'order'), $headers, 'POST'); + if(empty($resp['body'])) + echo json_response($Translation['invalid order login'], true); + + // use regex to find .download-link lines, get next tag (could be on same or next line), get href attribute value + $regex = '/
    .*?<\/div>/s'; + preg_match_all($regex, $resp['body'], $matches); + $links = []; + foreach ($matches[0] as $match) { + $regex = '/ $pluginName, 'url' => $link, 'installed' => $installed, 'installDate' => $installDate, 'slug' => $slug]; + } + + // if no plugins found, return error + if(!count($plugins)) + die(json_response($Translation['no plugins available'], true)); + + // return list of plugins + die(json_response($plugins)); + } + + // function to handle plugin installation logic + function handlePluginInstall() { + global $Translation; + + // get the plugin name and url + $pluginSlug = Request::val('installPlugin'); + $pluginUrl = 'https://bigprof.com' . Request::val('pluginUrl'); + + // validate the plugin name (alpha-numeric and hyphens only, 5-20 characters) + if(!preg_match('/^[a-z0-9\-_]{5,20}$/i', $pluginSlug)) + die(json_response($Translation['plugin install failed'] . ' LINE# ' . __LINE__, true)); + + // validate the plugin url + if(!filter_var($pluginUrl, FILTER_VALIDATE_URL)) + die(json_response($Translation['plugin install failed'] . ' LINE# ' . __LINE__, true)); + + // create a tmp folder if it doesn't exist + if(!is_dir(APP_DIR . '/tmp')) + @mkdir(APP_DIR . '/tmp', 0777); + + // add .htaccess file to tmp folder to prevent directory access + if(!is_file(APP_DIR . '/tmp/.htaccess')) + file_put_contents(APP_DIR . '/tmp/.htaccess', 'deny from all'); + + // download the plugin zip file + if(!copy($pluginUrl, APP_DIR . "/tmp/{$pluginSlug}.zip")) + die(json_response($Translation['plugin install failed'] . ' LINE# ' . __LINE__, true)); + + $errorLog = []; + $res = unzip(APP_DIR . "/tmp/{$pluginSlug}.zip", APP_DIR, $errorLog); + + // delete the zip file + @unlink(APP_DIR . "/tmp/{$pluginSlug}.zip"); + + // if unzip failed, return error + // TODO: include errorLog + if(!$res) + die(json_response($Translation['plugin install failed'] . ' LINE# ' . __LINE__, true)); + + // return success + die(json_response($Translation['plugin installed successfully'])); + } + + function unzip($zipFilePath, $outputPath, &$errorLog) { + $errorLog = []; + + // Check if zip extraction is supported by PHP + if(!class_exists('ZipArchive')) { + $errorLog[] = 'ZipArchive class not found'; + return false; + } + + // Check if the output path is writable + if(!is_writable($outputPath)) { + $errorLog[] = 'Output path not writable'; + return false; + } + + // Create a new instance of ZipArchive + $zip = new ZipArchive; + + // Open the zip file + if(!$zip->open($zipFilePath) === true) { + $errorLog[] = 'Unable to open zip file'; + return false; + } + + // Extract each file from the archive, and if newer than existing file (or no existing file), overwrite it + for($i = 0; $i < $zip->numFiles; $i++) { + $filename = $zip->getNameIndex($i); + $extractedFile = rtrim($outputPath, '/') . '/' . $filename; + + // Check if extracted file is newer than existing file (or no existing file) + if(is_file($extractedFile) && filemtime($extractedFile) >= $zip->statIndex($i)['mtime']) { + $errorLog[] = "File {$filename} already exists, skipping ..."; + continue; + } + + // Create the directories if necessary + $dir = dirname($extractedFile); + if(!is_dir($dir)) + @mkdir($dir, 0777, true); + + // Extract the file if dir exists + if(!is_dir($dir)) { + $dirError = "Unable to create subdirectory {$dir}"; + // if errorLog doesn't already contain this error, add it + if(!in_array($dirError, $errorLog)) + $errorLog[] = $dirError; + continue; + } + + if(!$zip->extractTo($outputPath, [$filename])) + $errorLog[] = "Unable to extract file {$filename}"; + } + + // Close the zip file + $zip->close(); + + return true; + } diff --git a/app/admin/pageServerStatus.php b/app/admin/pageServerStatus.php index 2389745..4a7bca9 100644 --- a/app/admin/pageServerStatus.php +++ b/app/admin/pageServerStatus.php @@ -1,6 +1,6 @@ + 1 ? $page - 1 : false; + $nextPage = $page < ceil($numMembers / $adminConfig['membersPerPage']) ? $page + 1 : false; + ?>
    - + + + ','','' ); - $replaceValues = array ( $start+1 , $start+db_num_rows($res) , $numGroups ); - echo str_replace ( $originalValues , $replaceValues , $Translation['displaying groups'] ); + $originalValues = ['', '', '']; + $replaceValues = [$start + 1, $start + db_num_rows($res), $numGroups]; + echo str_replace($originalValues, $replaceValues, $Translation['displaying groups']); ?> - + + +
    @@ -150,7 +159,7 @@ - +
    diff --git a/app/ajax_combo.php b/app/ajax_combo.php index f7f6e31..82d539d 100644 --- a/app/ajax_combo.php +++ b/app/ajax_combo.php @@ -1,5 +1,5 @@ true]; $res = sql($combo->Query, $eo); - while($row = db_fetch_row($res)) { + if($res) while($row = db_fetch_row($res)) { if(empty($prepared_data) && $page == 1 && !$search_id && !$field['not_null']) { $prepared_data[] = ['id' => empty_lookup_value, 'text' => to_utf8("<{$Translation['none']}>")]; } diff --git a/app/applicants_and_tenants_autofill.php b/app/applicants_and_tenants_autofill.php index 34b3e4f..06c5dbc 100644 --- a/app/applicants_and_tenants_autofill.php +++ b/app/applicants_and_tenants_autofill.php @@ -1,5 +1,5 @@ AppGini.calculatedFields.init()); + + // trigger AppGini.updateChildrenCount() on clicking .update-children-count + $j(document).on('click', '.update-children-count', function() { + AppGini.updateChildrenCount(false); // update only once -- no rescheduling + }) + + AppGini.once({ + condition: () => AppGini.Translate !== undefined, + action: () => moment.locale(AppGini.Translate._map['datetimepicker locale']) + }) + + // if upload toolbox is empty, hide it + $j('.upload-toolbox').toggleClass('hidden', !$j('.upload-toolbox').children().not('.hidden').length) }); /* show/hide TV action buttons based on whether records are selected or not */ @@ -2412,3 +2444,106 @@ AppGini.createCSSClass = (className, sourceElmClass, sourceElmProps = [], additi // remove the hidden element document.body.removeChild(hiddenElm); } + +/** + * Detect and update child info elements in the current page. + * @param {boolean} scheduleNextCall If true, schedule next call to this function. + */ +AppGini.updateChildrenCount = (scheduleNextCall = true) => { + if(!$j('.count-children').length) return; + + AppGini._childrenCount = AppGini._childrenCount || {}; + + // if there are no visible .count-children elements, schedule next call and return + if(!$j('.count-children:visible').length && scheduleNextCall) { + setTimeout(AppGini.updateChildrenCount, 1000); + return; + } + + // TVP? + if($j('#current_view').val() == 'TVP' && !AppGini._childRecordsInfoAdaptedToTVP) { + // show only the count, no link, no add new + $j('.child-records-info').not('th').html('
    '); + AppGini._childRecordsInfoAdaptedToTVP = true; + } + + // for each .count-children element, get the nearest parent .child-records-info + const countEls = {}; + $j('.count-children').each(function() { + const countEl = $j(this); + const parentEl = countEl.closest('.child-records-info'); + const childTable = parentEl.data('table'); + const childLookupField = parentEl.data('lookup-field'); + const id = parentEl.data('id'); + + if(!childTable || !childLookupField || !id) return; + + countEls[childTable] = countEls[childTable] || {}; + countEls[childTable][childLookupField] = countEls[childTable][childLookupField] || []; + countEls[childTable][childLookupField].push(id); + }); + + if(Object.keys(countEls).length == 0) return; + + // disable .update-children-count buttons + $j('.update-children-count').prop('disabled', true); + + // issue an ajax request for each child table > lookup field + let countsChanged = false; + const requests = []; + const startTimestamp = AppGini.unixTimestamp().msec; + for(const ChildTable in countEls) { + for(const ChildLookupField in countEls[ChildTable]) { + const childInfoContainers = $j(`.child-records-info[data-table=${ChildTable}][data-lookup-field=${ChildLookupField}]`); + + requests.push($j.ajax({ + url: `${AppGini.config.url.replace(/\/$/, '')}/parent-children.php`, + data: { + ChildTable, + ChildLookupField, + IDs: countEls[ChildTable][ChildLookupField], + Operation: 'get-count' + }, + type: 'POST', + success: function(resp) { + if(resp.status != 'success') return; + + // resp.data is an object with keys = IDs and values = count + for(const id in resp.data.counts) { + const currentCell = childInfoContainers.filter(`[data-id=${id}]`).find('.count-children') + if(currentCell.length == 0) continue; + + if(AppGini._childrenCount[ChildTable]?.[ChildLookupField]?.[id] != resp.data.counts[id]) { + countsChanged = true; + currentCell.text(resp.data.counts[id]); + + // highlight changed cell for 1 sec + currentCell.addClass('bg-warning'); + setTimeout(() => currentCell.removeClass('bg-warning'), 1000); + } + + AppGini._childrenCount[ChildTable] = AppGini._childrenCount[ChildTable] || {}; + AppGini._childrenCount[ChildTable][ChildLookupField] = AppGini._childrenCount[ChildTable][ChildLookupField] || {}; + AppGini._childrenCount[ChildTable][ChildLookupField][id] = resp.data.counts[id]; + + } + } + })); + } + } + + // when all requests are done, schedule next call + $j.when(...requests).done(function() { + // trigger childrenCountChanged event if counts changed + if(countsChanged) + $j(document).trigger('childrenCountChanged'); + + // enable .update-children-count buttons + $j('.update-children-count').prop('disabled', false); + + // if elapsed time is > 2 seconds, wait 1 minute before next call, else wait 10 seconds + const elapsed = AppGini.unixTimestamp().msec - startTimestamp; + if(scheduleNextCall) + setTimeout(AppGini.updateChildrenCount, elapsed > 2000 ? 60000 : 10000); + }); +} diff --git a/app/datalist.php b/app/datalist.php index 375e4ce..204387c 100644 --- a/app/datalist.php +++ b/app/datalist.php @@ -296,6 +296,9 @@ function Render() { $url .= '&SelectedID=' . urlencode($SelectedID); } + // append browser window id to url + $url .= (strpos($url, '?') === false ? '?' : '&') . WindowMessages::windowIdQuery(); + @header('Location: ' . $url); $this->HTML .= ""; @@ -357,6 +360,10 @@ function Render() { $filtersGET = substr($filtersGET, 1); // remove initial & $redirectUrl = $this->ScriptFileName . '?SelectedID=' . urlencode($SelectedID) . '&' . $filtersGET . '&' . $update_status; + + // append browser window id to url + $redirectUrl .= (strpos($redirectUrl, '?') === false ? '?' : '&') . WindowMessages::windowIdQuery(); + @header("Location: $redirectUrl"); $this->HTML .= ''; return; @@ -709,7 +716,7 @@ function Render() { if($current_view == 'DV' && !$Embedded) { $this->HTML .= '
    '; $this->HTML .= '

    '; - $this->HTML .= ' ' . $this->TableTitle . ''; + $this->HTML .= ' ' . $this->TableTitle . ''; /* show add new button if user can insert and there is a selected record */ if($SelectedID && $this->Permissions['insert'] && $this->SeparateDV && $this->AllowInsert) { $this->HTML .= ' '; @@ -800,7 +807,7 @@ function Render() { $this->HTML .= '

    '; $this->HTML .= '
    '; $this->HTML .= '
    '; - $this->HTML .= ' ' . $this->TableTitle . ''; + $this->HTML .= ' ' . $this->TableTitle . ''; /* show add new button if user can insert and there is a selected record */ if($SelectedID && $this->Permissions['insert'] && !$this->SeparateDV && $this->AllowInsert) { $this->HTML .= ' '; @@ -881,9 +888,11 @@ function Render() { $forceHeaderWidth = false; if($rowTemplate == '' || $this->ShowTableHeader) { for($i = 0; $i < count($this->ColCaption); $i++) { + $sort1 = $sort2 = $filterHint = $extraAttributes = $extraHint = ''; + $extraClasses = "{$this->TableName}-{$this->ColFieldName[$i]}"; + /* Sorting icon and link */ - $sort1 = $sort2 = $filterHint = ''; - if($this->AllowSorting == 1) { + if($this->AllowSorting == 1 && $this->ColNumber[$i] != -1) { if($current_view != 'TVP') { $sort1 = "ScriptFileName}?SortDirection=asc&SortField=".($this->ColNumber[$i])."\" onClick=\"$resetSelection document.myform.NoDV.value=1; document.myform.SortDirection.value='asc'; document.myform.SortField.value = '".($this->ColNumber[$i])."'; document.myform.submit(); return false;\" class=\"TableHeader\">"; $sort2 = ""; @@ -898,7 +907,7 @@ function Render() { } /* Filtering icon and hint */ - if($this->AllowFilters && is_array($this->FilterField)) { + if($this->AllowFilters && is_array($this->FilterField) && $this->ColNumber[$i] != -1) { // check to see if there is any filter applied on the current field if(isset($this->ccffv[$i]) && in_array($this->ccffv[$i], $this->FilterField)) { // render filter icon @@ -906,7 +915,18 @@ function Render() { } } - $this->HTML .= "\tTableName}-{$this->ColFieldName[$i]}\" " . ($forceHeaderWidth ? ' style="width: ' . ($this->ColWidth[$i] ? $this->ColWidth[$i] : 100) . 'px;"' : '') . ">{$sort1}{$this->ColCaption[$i]}{$sort2}{$filterHint}\n"; + /* handle child info column header */ + if($this->ColNumber[$i] == -1) { + [$childTable, $lookupField] = @explode('.', trim($this->ColFieldName[$i], '%')); + $extraClasses = "child-{$childTable}-{$lookupField} child-records-info"; + $extraAttributes = " data-table=\"{$childTable}\" data-lookup-field=\"{$lookupField}\""; + $extraHint = ' '; + } + + $this->HTML .= "\t{$sort1}{$this->ColCaption[$i]}{$sort2}{$filterHint}{$extraHint}\n"; } } elseif($current_view != 'TVP') { // Display a Sort by drop down @@ -916,6 +936,7 @@ function Render() { if($this->AllowSorting == 1) { $sortCombo = new Combo; for($i = 0; $i < count($this->ColCaption); $i++) { + if($this->ColNumber[$i] == -1) continue; // skip child info columns $sortCombo->ListItem[] = $this->ColCaption[$i]; $sortCombo->ListData[] = $this->ColNumber[$i]; } @@ -1139,6 +1160,8 @@ function Render() { } $this->HTML .= '
    '; // end of div.table_view + + $this->HTML .= $this->hideInaccessibleChildrenFromTV(); } /* that marks the end of the TV table */ } @@ -1445,6 +1468,8 @@ function tv_tools() { if(col_class === undefined) return true; if(val !== undefined && val !== true && val !== false) val = true; + col_class = col_class.split(/\s+/).shift(); // take only first class + var cn = 'columns-' + location.pathname.split(/\//).pop().split(/\./).shift(); // cookie name var c = JSON.parse(localStorage.getItem(cn)) || {}; @@ -1502,7 +1527,7 @@ function tv_tools() { /* ignore the record selector and sum columns */ if(th.find('#select_all_records').length > 0 || th.hasClass('sum')) return; - var col_class = th.attr('class'); + var col_class = th.attr('class').split(/\s+/).shift(); // take only first class var label = $j.trim(th.text()); /* Add a toggler for the column in the #toggle-columns section */ @@ -1843,5 +1868,68 @@ private function isValidFilter($index) { ); } + private function hideInaccessibleChildrenFromTV() { + $childTables = getChildTables($this->TableName); + + // we only need insert and view permissions + $jsChildTables = []; + foreach($childTables as $tn => $lufs) { // lufs = lookup fields + $perm = getTablePermissions($tn); + + foreach($lufs as $lfn => $lf) { + $jsChildTables[$tn][$lfn] = [ + // TODO: combine these with AppGini options from $this + 'insert' => !empty($perm['insert']), + 'view' => !empty($perm['view']), + 'label' => $lf['tab-label'], + ]; + } + } + + ob_start(); ?> + + TableName)['view']; + + if(!$isAnonymous && $viewPerm > 1) { ?>
    @@ -231,12 +234,14 @@
    -
    - -
    + +
    + +
    +

    'There is also a command-line tool for updating calculated fields. This is very handy if you want to automate the process of updating calculated fields, for instance by adding a cron job to run the command-line tool periodically. For help on using the command-line tool, please run the following command in your terminal:', 'start updating' => 'Start updating', 'captcha label' => 'Please enter the characters you see in the image', + + // Added in 23.17 + 'Explore more plugins' => 'Explore more plugins', + 'Install a plugin' => 'Install a plugin', + 'invalid order number' => 'Invalid order number', + 'invalid order login' => 'Could not find an order with the specified order number and email address.', + 'order number' => 'Order Number', + 'view available plugins' => 'View available plugins', + 'plugin check instructions' => 'Please enter your email address and order number below to check for available plugins.', + 'no plugins available' => 'No plugins available for this order number.', + 'install selected plugins' => 'Install selected plugins', + 'select plugins to install' => 'Select plugins to install', + 'plugins install progress' => 'Install progress', + 'already installed' => 'already installed on %s (check to re-install)', + 'plugin install failed' => 'Plugin installation failed!', + 'plugin installed successfully' => 'Plugin installed successfully! Click to launch.', + 'missing dependencies' => 'Errors or missing dependecies found', ]; diff --git a/app/definitions.php b/app/definitions.php index 25097bd..ac5127f 100644 --- a/app/definitions.php +++ b/app/definitions.php @@ -3,7 +3,7 @@ @define('SESSION_NAME', 'Rental_property_manager'); @define('APP_TITLE', 'Rental Property Manager'); @define('APP_DIR', __DIR__); - @define('APP_VERSION', '23.14'); + @define('APP_VERSION', '23.17'); @define('maxSortBy', 4); @define('empty_lookup_value', '{empty_value}'); @define('MULTIPLE_SUPER_ADMINS', false); diff --git a/app/dynamic.css b/app/dynamic.css index 73a1304..9ffde58 100644 --- a/app/dynamic.css +++ b/app/dynamic.css @@ -209,6 +209,7 @@ td.units-description { white-space: normal !important; max-width: 80px !importan /* tv tools button widths */ .tv-tools .btn { width: 5em; } +#spm_notification { direction: ltr !important; } /* compact theme styles */ .container.theme-compact, .container-fluid.theme-compact { line-height: 1.6; font-size: 0.857em; } @@ -381,8 +382,12 @@ th:focus { outline: thin dotted; } +.nav .dropdown-menu img { + max-height: 1.25em; +} + .profile-menu li img { - height: 1.5em; + height: 1.5em !important; vertical-align: text-bottom; margin-left: -.4em; } @@ -404,7 +409,7 @@ th:focus { /* fix nicedit components' dimensions */ .has-nicedit > div { width: 100% !important; } .has-nicedit .nicEdit-main { width: 99% !important; } -.nicEdit-main { min-height: 6em; /* overflow: auto !important; */ } +.nicEdit-main { min-height: 6em !important; /* overflow: auto !important; */ } /* hide empty email links */ a[href="mailto:"] { display: none; } @@ -417,6 +422,7 @@ a[href="mailto:"] { display: none; } } .lookup-flex > .select2-container { flex-grow: 1; + width: auto !important; } .lookup-flex > .view_parent, .lookup-flex > .add_new_parent { @@ -432,7 +438,7 @@ a[href="mailto:"] { display: none; } flex-grow: 1; } .date-flex > .btn { - flex-basis: 2.85em; + flex-basis: 3em; } .date-flex > select.form-control { width: auto; display: unset; @@ -468,3 +474,36 @@ a[href="mailto:"] { display: none; } margin-right: 5px; margin-left: 0; } + +/* child record info in tv */ +.child-records-info > a { + display: inline-block; +} +.child-records-info > a.children-count { + text-align: right; + width: calc(100% - 3em); +} +dd.child-records-info > a.children-count { + max-width: 6em; +} +.child-records-info > a.new-child { + text-align: center; + width: 2.5em; +} +.update-children-count { + height: .8em; +} + +/* prevent right-aligned fields in non-default TV layouts from being too wide */ +.container:not(.theme-rtl) .dl-horizontal dd.text-right, +.container:not(.theme-rtl) .dl-horizontal dd > div.text-right { + max-width: 8em; +} +.theme-rtl .dl-horizontal dd.text-left, +.theme-rtl .dl-horizontal dd > div.text-left { + max-width: 8em; +} +.theme-rtl .child-records-info { + direction: ltr; + text-align: right; +} diff --git a/app/employment_and_income_history_autofill.php b/app/employment_and_income_history_autofill.php index 2e7457e..1838980 100644 --- a/app/employment_and_income_history_autofill.php +++ b/app/employment_and_income_history_autofill.php @@ -1,5 +1,5 @@
    diff --git a/app/header.php b/app/header.php index a65344a..438d7a7 100644 --- a/app/header.php +++ b/app/header.php @@ -42,17 +42,55 @@ return iconv(datalist_db_encoding, 'UTF-8', $str); }, $translationUTF8); - $imgFolder = rtrim(config('adminConfig')['baseUploadPath'], '\\/') . '/'; + $jsAppConfig = [ + 'imgFolder' => rtrim(config('adminConfig')['baseUploadPath'], '\\/') . '/', + 'url' => application_url(), + 'uri' => application_uri(), + ]; ?> var AppGini = AppGini || {}; /* translation strings */ AppGini.Translate = { _map: , - _encoding: '' + _encoding: '', + apply: () => { + // find elements with data-translate attribute that don't have .translated class + const contentEls = document.querySelectorAll('[data-translate]:not(.translated)'); + + // find elements with data-title attribute that don't have .translated class + const titleEls = document.querySelectorAll('[data-title]:not(.translated)'); + + // abort if no elements found + if(!contentEls.length && !titleEls.length) return; + + // translate content of elements that have data-translate attribute + contentEls.forEach(el => { + const key = el.getAttribute('data-translate'); + if(!key) return; + + const translation = AppGini.Translate._map[key]; + if(!translation) return; + + el.innerHTML = translation; + el.classList.add('translated'); + }); + + // translate title of elements that have data-title attribute + titleEls.forEach(el => { + const key = el.getAttribute('data-title'); + if(!key) return; + + const translation = AppGini.Translate._map[key]; + if(!translation) return; + + el.setAttribute('title', translation); + el.classList.add('translated'); + }); + }, } - AppGini.imgFolder = ; + AppGini.config = @@ -71,6 +109,8 @@
    + + '; if($back_url) { echo ' ' . $Translation['< back'] . ''; + // in embedded mode, close modal window + } elseif(Request::val('Embedded')) { + echo ''; } else { echo ' ' . $Translation['< back'] . ''; } @@ -809,6 +812,9 @@ function get_embed($provider, $url, $max_width = '', $max_height = '', $retrieve 'googlemap' => ['oembed' => '', 'regex' => '/^http.*\.google\..*maps/i'], ]; + if(!$max_height) $max_height = 360; + if(!$max_width) $max_width = 480; + if(!isset($providers[$provider])) { return '
    ' . $Translation['invalid provider'] . '
    '; } @@ -870,18 +876,10 @@ function get_embed_googlemap($url, $max_width = '', $max_height = '', $retrieve function request_cache($request, $force_fetch = false) { $max_cache_lifetime = 7 * 86400; /* max cache lifetime in seconds before refreshing from source */ - /* membership_cache table exists? if not, create it */ - static $cache_table_exists = false; - if(!$cache_table_exists && !$force_fetch) { - $te = sqlValue("show tables like 'membership_cache'"); - if(!$te) { - if(!sql("CREATE TABLE `membership_cache` (`request` VARCHAR(100) NOT NULL, `request_ts` INT, `response` TEXT NOT NULL, PRIMARY KEY (`request`))", $eo)) { - /* table can't be created, so force fetching request */ - return request_cache($request, true); - } - } - $cache_table_exists = true; - } + // force fetching request if no cache table exists + $cache_table_exists = sqlValue("show tables like 'membership_cache'"); + if(!$cache_table_exists) + return request_cache($request, true); /* retrieve response from cache if exists */ if(!$force_fetch) { @@ -1132,3 +1130,306 @@ function quick_search_html($search_term, $label, $separate_dv = true) { ######################################################### + function getLookupFields($skipPermissions = false, $filterByPermission = 'view') { + $pcConfig = [ + 'applicants_and_tenants' => [ + ], + 'applications_leases' => [ + 'tenants' => [ + 'parent-table' => 'applicants_and_tenants', + 'parent-primary-key' => 'id', + 'child-primary-key' => 'id', + 'child-primary-key-index' => 0, + 'tab-label' => 'Applications/Leases ', + 'auto-close' => false, + 'table-icon' => 'resources/table_icons/curriculum_vitae.png', + 'display-refresh' => true, + 'display-add-new' => true, + 'forced-where' => '', + 'display-fields' => [1 => 'Applicant/ Tenant', 2 => 'Application status', 3 => 'Property', 4 => 'Unit applied for', 5 => 'Lease type', 6 => 'Total number of occupants', 7 => 'Lease period from', 8 => 'to', 11 => 'Rental amount', 12 => 'Security deposit', 14 => 'Emergency contact', 17 => 'Applicant agrees'], + 'display-field-names' => [1 => 'tenants', 2 => 'status', 3 => 'property', 4 => 'unit', 5 => 'type', 6 => 'total_number_of_occupants', 7 => 'start_date', 8 => 'end_date', 11 => 'rent', 12 => 'security_deposit', 14 => 'emergency_contact', 17 => 'agreement'], + 'sortable-fields' => [0 => '`applications_leases`.`id`', 1 => 2, 2 => 3, 3 => '`properties1`.`property_name`', 4 => '`units1`.`unit_number`', 5 => 6, 6 => 7, 7 => '`applications_leases`.`start_date`', 8 => '`applications_leases`.`end_date`', 9 => 10, 10 => '`applications_leases`.`next_due_date`', 11 => '`applications_leases`.`rent`', 12 => '`applications_leases`.`security_deposit`', 13 => '`applications_leases`.`security_deposit_date`', 14 => 15, 15 => 16, 16 => 17, 17 => 18], + 'records-per-page' => 10, + 'default-sort-by' => false, + 'default-sort-direction' => 'asc', + 'open-detail-view-on-click' => true, + 'display-page-selector' => true, + 'show-page-progress' => true, + 'template' => 'children-applications_leases', + 'template-printable' => 'children-applications_leases-printable', + 'query' => "SELECT `applications_leases`.`id` as 'id', IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') as 'tenants', `applications_leases`.`status` as 'status', IF( CHAR_LENGTH(`properties1`.`property_name`), CONCAT_WS('', `properties1`.`property_name`), '') as 'property', IF( CHAR_LENGTH(`units1`.`unit_number`), CONCAT_WS('', `units1`.`unit_number`), '') as 'unit', `applications_leases`.`type` as 'type', `applications_leases`.`total_number_of_occupants` as 'total_number_of_occupants', if(`applications_leases`.`start_date`,date_format(`applications_leases`.`start_date`,'%m/%d/%Y'),'') as 'start_date', if(`applications_leases`.`end_date`,date_format(`applications_leases`.`end_date`,'%m/%d/%Y'),'') as 'end_date', `applications_leases`.`recurring_charges_frequency` as 'recurring_charges_frequency', if(`applications_leases`.`next_due_date`,date_format(`applications_leases`.`next_due_date`,'%m/%d/%Y'),'') as 'next_due_date', CONCAT('$', FORMAT(`applications_leases`.`rent`, 2)) as 'rent', CONCAT('$', FORMAT(`applications_leases`.`security_deposit`, 2)) as 'security_deposit', if(`applications_leases`.`security_deposit_date`,date_format(`applications_leases`.`security_deposit_date`,'%m/%d/%Y'),'') as 'security_deposit_date', `applications_leases`.`emergency_contact` as 'emergency_contact', `applications_leases`.`co_signer_details` as 'co_signer_details', `applications_leases`.`notes` as 'notes', concat('') as 'agreement' FROM `applications_leases` LEFT JOIN `applicants_and_tenants` as applicants_and_tenants1 ON `applicants_and_tenants1`.`id`=`applications_leases`.`tenants` LEFT JOIN `properties` as properties1 ON `properties1`.`id`=`applications_leases`.`property` LEFT JOIN `units` as units1 ON `units1`.`id`=`applications_leases`.`unit` " + ], + 'property' => [ + 'parent-table' => 'properties', + 'parent-primary-key' => 'id', + 'child-primary-key' => 'id', + 'child-primary-key-index' => 0, + 'tab-label' => 'Applications/leases ', + 'auto-close' => false, + 'table-icon' => 'resources/table_icons/curriculum_vitae.png', + 'display-refresh' => true, + 'display-add-new' => true, + 'forced-where' => '', + 'display-fields' => [1 => 'Applicant/ Tenant', 2 => 'Application status', 3 => 'Property', 4 => 'Unit applied for', 5 => 'Lease type', 6 => 'Total number of occupants', 7 => 'Lease period from', 8 => 'to', 11 => 'Rental amount', 12 => 'Security deposit', 14 => 'Emergency contact', 17 => 'Applicant agrees'], + 'display-field-names' => [1 => 'tenants', 2 => 'status', 3 => 'property', 4 => 'unit', 5 => 'type', 6 => 'total_number_of_occupants', 7 => 'start_date', 8 => 'end_date', 11 => 'rent', 12 => 'security_deposit', 14 => 'emergency_contact', 17 => 'agreement'], + 'sortable-fields' => [0 => '`applications_leases`.`id`', 1 => 2, 2 => 3, 3 => '`properties1`.`property_name`', 4 => '`units1`.`unit_number`', 5 => 6, 6 => 7, 7 => '`applications_leases`.`start_date`', 8 => '`applications_leases`.`end_date`', 9 => 10, 10 => '`applications_leases`.`next_due_date`', 11 => '`applications_leases`.`rent`', 12 => '`applications_leases`.`security_deposit`', 13 => '`applications_leases`.`security_deposit_date`', 14 => 15, 15 => 16, 16 => 17, 17 => 18], + 'records-per-page' => 10, + 'default-sort-by' => false, + 'default-sort-direction' => 'asc', + 'open-detail-view-on-click' => true, + 'display-page-selector' => true, + 'show-page-progress' => true, + 'template' => 'children-applications_leases', + 'template-printable' => 'children-applications_leases-printable', + 'query' => "SELECT `applications_leases`.`id` as 'id', IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') as 'tenants', `applications_leases`.`status` as 'status', IF( CHAR_LENGTH(`properties1`.`property_name`), CONCAT_WS('', `properties1`.`property_name`), '') as 'property', IF( CHAR_LENGTH(`units1`.`unit_number`), CONCAT_WS('', `units1`.`unit_number`), '') as 'unit', `applications_leases`.`type` as 'type', `applications_leases`.`total_number_of_occupants` as 'total_number_of_occupants', if(`applications_leases`.`start_date`,date_format(`applications_leases`.`start_date`,'%m/%d/%Y'),'') as 'start_date', if(`applications_leases`.`end_date`,date_format(`applications_leases`.`end_date`,'%m/%d/%Y'),'') as 'end_date', `applications_leases`.`recurring_charges_frequency` as 'recurring_charges_frequency', if(`applications_leases`.`next_due_date`,date_format(`applications_leases`.`next_due_date`,'%m/%d/%Y'),'') as 'next_due_date', CONCAT('$', FORMAT(`applications_leases`.`rent`, 2)) as 'rent', CONCAT('$', FORMAT(`applications_leases`.`security_deposit`, 2)) as 'security_deposit', if(`applications_leases`.`security_deposit_date`,date_format(`applications_leases`.`security_deposit_date`,'%m/%d/%Y'),'') as 'security_deposit_date', `applications_leases`.`emergency_contact` as 'emergency_contact', `applications_leases`.`co_signer_details` as 'co_signer_details', `applications_leases`.`notes` as 'notes', concat('') as 'agreement' FROM `applications_leases` LEFT JOIN `applicants_and_tenants` as applicants_and_tenants1 ON `applicants_and_tenants1`.`id`=`applications_leases`.`tenants` LEFT JOIN `properties` as properties1 ON `properties1`.`id`=`applications_leases`.`property` LEFT JOIN `units` as units1 ON `units1`.`id`=`applications_leases`.`unit` " + ], + 'unit' => [ + 'parent-table' => 'units', + 'parent-primary-key' => 'id', + 'child-primary-key' => 'id', + 'child-primary-key-index' => 0, + 'tab-label' => 'Applications/Leases ', + 'auto-close' => false, + 'table-icon' => 'resources/table_icons/curriculum_vitae.png', + 'display-refresh' => true, + 'display-add-new' => true, + 'forced-where' => '', + 'display-fields' => [1 => 'Applicant/ Tenant', 2 => 'Application status', 3 => 'Property', 4 => 'Unit applied for', 5 => 'Lease type', 6 => 'Total number of occupants', 7 => 'Lease period from', 8 => 'to', 11 => 'Rental amount', 12 => 'Security deposit', 14 => 'Emergency contact', 17 => 'Applicant agrees'], + 'display-field-names' => [1 => 'tenants', 2 => 'status', 3 => 'property', 4 => 'unit', 5 => 'type', 6 => 'total_number_of_occupants', 7 => 'start_date', 8 => 'end_date', 11 => 'rent', 12 => 'security_deposit', 14 => 'emergency_contact', 17 => 'agreement'], + 'sortable-fields' => [0 => '`applications_leases`.`id`', 1 => 2, 2 => 3, 3 => '`properties1`.`property_name`', 4 => '`units1`.`unit_number`', 5 => 6, 6 => 7, 7 => '`applications_leases`.`start_date`', 8 => '`applications_leases`.`end_date`', 9 => 10, 10 => '`applications_leases`.`next_due_date`', 11 => '`applications_leases`.`rent`', 12 => '`applications_leases`.`security_deposit`', 13 => '`applications_leases`.`security_deposit_date`', 14 => 15, 15 => 16, 16 => 17, 17 => 18], + 'records-per-page' => 10, + 'default-sort-by' => false, + 'default-sort-direction' => 'asc', + 'open-detail-view-on-click' => true, + 'display-page-selector' => true, + 'show-page-progress' => true, + 'template' => 'children-applications_leases', + 'template-printable' => 'children-applications_leases-printable', + 'query' => "SELECT `applications_leases`.`id` as 'id', IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') as 'tenants', `applications_leases`.`status` as 'status', IF( CHAR_LENGTH(`properties1`.`property_name`), CONCAT_WS('', `properties1`.`property_name`), '') as 'property', IF( CHAR_LENGTH(`units1`.`unit_number`), CONCAT_WS('', `units1`.`unit_number`), '') as 'unit', `applications_leases`.`type` as 'type', `applications_leases`.`total_number_of_occupants` as 'total_number_of_occupants', if(`applications_leases`.`start_date`,date_format(`applications_leases`.`start_date`,'%m/%d/%Y'),'') as 'start_date', if(`applications_leases`.`end_date`,date_format(`applications_leases`.`end_date`,'%m/%d/%Y'),'') as 'end_date', `applications_leases`.`recurring_charges_frequency` as 'recurring_charges_frequency', if(`applications_leases`.`next_due_date`,date_format(`applications_leases`.`next_due_date`,'%m/%d/%Y'),'') as 'next_due_date', CONCAT('$', FORMAT(`applications_leases`.`rent`, 2)) as 'rent', CONCAT('$', FORMAT(`applications_leases`.`security_deposit`, 2)) as 'security_deposit', if(`applications_leases`.`security_deposit_date`,date_format(`applications_leases`.`security_deposit_date`,'%m/%d/%Y'),'') as 'security_deposit_date', `applications_leases`.`emergency_contact` as 'emergency_contact', `applications_leases`.`co_signer_details` as 'co_signer_details', `applications_leases`.`notes` as 'notes', concat('') as 'agreement' FROM `applications_leases` LEFT JOIN `applicants_and_tenants` as applicants_and_tenants1 ON `applicants_and_tenants1`.`id`=`applications_leases`.`tenants` LEFT JOIN `properties` as properties1 ON `properties1`.`id`=`applications_leases`.`property` LEFT JOIN `units` as units1 ON `units1`.`id`=`applications_leases`.`unit` " + ], + ], + 'residence_and_rental_history' => [ + 'tenant' => [ + 'parent-table' => 'applicants_and_tenants', + 'parent-primary-key' => 'id', + 'child-primary-key' => 'id', + 'child-primary-key-index' => 0, + 'tab-label' => 'Residence and rental history ', + 'auto-close' => false, + 'table-icon' => 'resources/table_icons/document_comment_above.png', + 'display-refresh' => true, + 'display-add-new' => true, + 'forced-where' => '', + 'display-fields' => [2 => 'Address', 3 => 'Landlord/manager name', 4 => 'Landlord/manager phone', 5 => 'Monthly rent', 6 => 'Duration of residency from', 7 => 'to', 8 => 'Reason for leaving'], + 'display-field-names' => [2 => 'address', 3 => 'landlord_or_manager_name', 4 => 'landlord_or_manager_phone', 5 => 'monthly_rent', 6 => 'duration_of_residency_from', 7 => 'to', 8 => 'reason_for_leaving'], + 'sortable-fields' => [0 => '`residence_and_rental_history`.`id`', 1 => 2, 2 => 3, 3 => 4, 4 => 5, 5 => '`residence_and_rental_history`.`monthly_rent`', 6 => '`residence_and_rental_history`.`duration_of_residency_from`', 7 => '`residence_and_rental_history`.`to`', 8 => 9, 9 => 10], + 'records-per-page' => 10, + 'default-sort-by' => false, + 'default-sort-direction' => 'asc', + 'open-detail-view-on-click' => true, + 'display-page-selector' => true, + 'show-page-progress' => true, + 'template' => 'children-residence_and_rental_history', + 'template-printable' => 'children-residence_and_rental_history-printable', + 'query' => "SELECT `residence_and_rental_history`.`id` as 'id', IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') as 'tenant', `residence_and_rental_history`.`address` as 'address', `residence_and_rental_history`.`landlord_or_manager_name` as 'landlord_or_manager_name', `residence_and_rental_history`.`landlord_or_manager_phone` as 'landlord_or_manager_phone', CONCAT('$', FORMAT(`residence_and_rental_history`.`monthly_rent`, 2)) as 'monthly_rent', if(`residence_and_rental_history`.`duration_of_residency_from`,date_format(`residence_and_rental_history`.`duration_of_residency_from`,'%m/%d/%Y'),'') as 'duration_of_residency_from', if(`residence_and_rental_history`.`to`,date_format(`residence_and_rental_history`.`to`,'%m/%d/%Y'),'') as 'to', `residence_and_rental_history`.`reason_for_leaving` as 'reason_for_leaving', `residence_and_rental_history`.`notes` as 'notes' FROM `residence_and_rental_history` LEFT JOIN `applicants_and_tenants` as applicants_and_tenants1 ON `applicants_and_tenants1`.`id`=`residence_and_rental_history`.`tenant` " + ], + ], + 'employment_and_income_history' => [ + 'tenant' => [ + 'parent-table' => 'applicants_and_tenants', + 'parent-primary-key' => 'id', + 'child-primary-key' => 'id', + 'child-primary-key-index' => 0, + 'tab-label' => 'Employment and income history ', + 'auto-close' => false, + 'table-icon' => 'resources/table_icons/cash_stack.png', + 'display-refresh' => true, + 'display-add-new' => true, + 'forced-where' => '', + 'display-fields' => [2 => 'Employer name', 3 => 'City', 4 => 'Employer phone', 5 => 'employed from', 6 => 'Employed till', 7 => 'Occupation', 8 => 'Notes'], + 'display-field-names' => [2 => 'employer_name', 3 => 'city', 4 => 'employer_phone', 5 => 'employed_from', 6 => 'employed_till', 7 => 'occupation', 8 => 'notes'], + 'sortable-fields' => [0 => '`employment_and_income_history`.`id`', 1 => 2, 2 => 3, 3 => 4, 4 => 5, 5 => '`employment_and_income_history`.`employed_from`', 6 => '`employment_and_income_history`.`employed_till`', 7 => 8, 8 => 9], + 'records-per-page' => 10, + 'default-sort-by' => false, + 'default-sort-direction' => 'asc', + 'open-detail-view-on-click' => true, + 'display-page-selector' => true, + 'show-page-progress' => true, + 'template' => 'children-employment_and_income_history', + 'template-printable' => 'children-employment_and_income_history-printable', + 'query' => "SELECT `employment_and_income_history`.`id` as 'id', IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') as 'tenant', `employment_and_income_history`.`employer_name` as 'employer_name', `employment_and_income_history`.`city` as 'city', CONCAT_WS('-', LEFT(`employment_and_income_history`.`employer_phone`,3), MID(`employment_and_income_history`.`employer_phone`,4,3), RIGHT(`employment_and_income_history`.`employer_phone`,4)) as 'employer_phone', if(`employment_and_income_history`.`employed_from`,date_format(`employment_and_income_history`.`employed_from`,'%m/%d/%Y'),'') as 'employed_from', if(`employment_and_income_history`.`employed_till`,date_format(`employment_and_income_history`.`employed_till`,'%m/%d/%Y'),'') as 'employed_till', `employment_and_income_history`.`occupation` as 'occupation', `employment_and_income_history`.`notes` as 'notes' FROM `employment_and_income_history` LEFT JOIN `applicants_and_tenants` as applicants_and_tenants1 ON `applicants_and_tenants1`.`id`=`employment_and_income_history`.`tenant` " + ], + ], + 'references' => [ + 'tenant' => [ + 'parent-table' => 'applicants_and_tenants', + 'parent-primary-key' => 'id', + 'child-primary-key' => 'id', + 'child-primary-key-index' => 0, + 'tab-label' => 'References ', + 'auto-close' => false, + 'table-icon' => 'resources/table_icons/application_from_storage.png', + 'display-refresh' => true, + 'display-add-new' => true, + 'forced-where' => '', + 'display-fields' => [2 => 'Reference name', 3 => 'Reference phone'], + 'display-field-names' => [2 => 'reference_name', 3 => 'phone'], + 'sortable-fields' => [0 => '`references`.`id`', 1 => 2, 2 => 3, 3 => 4], + 'records-per-page' => 10, + 'default-sort-by' => false, + 'default-sort-direction' => 'asc', + 'open-detail-view-on-click' => true, + 'display-page-selector' => true, + 'show-page-progress' => true, + 'template' => 'children-references', + 'template-printable' => 'children-references-printable', + 'query' => "SELECT `references`.`id` as 'id', IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') as 'tenant', `references`.`reference_name` as 'reference_name', CONCAT_WS('-', LEFT(`references`.`phone`,3), MID(`references`.`phone`,4,3), RIGHT(`references`.`phone`,4)) as 'phone' FROM `references` LEFT JOIN `applicants_and_tenants` as applicants_and_tenants1 ON `applicants_and_tenants1`.`id`=`references`.`tenant` " + ], + ], + 'rental_owners' => [ + ], + 'properties' => [ + 'owner' => [ + 'parent-table' => 'rental_owners', + 'parent-primary-key' => 'id', + 'child-primary-key' => 'id', + 'child-primary-key-index' => 0, + 'tab-label' => 'Properties ', + 'auto-close' => false, + 'table-icon' => 'resources/table_icons/application_home.png', + 'display-refresh' => true, + 'display-add-new' => true, + 'forced-where' => '', + 'display-fields' => [1 => 'Property Name', 2 => 'Cover photo', 3 => 'Type', 4 => 'Number of units', 5 => 'Owner', 6 => 'Operating account', 7 => 'Property reserve', 10 => 'Street', 11 => 'City', 12 => 'State', 13 => 'ZIP'], + 'display-field-names' => [1 => 'property_name', 2 => 'photo', 3 => 'type', 4 => 'number_of_units', 5 => 'owner', 6 => 'operating_account', 7 => 'property_reserve', 10 => 'street', 11 => 'City', 12 => 'State', 13 => 'ZIP'], + 'sortable-fields' => [0 => '`properties`.`id`', 1 => 2, 2 => 3, 3 => 4, 4 => '`properties`.`number_of_units`', 5 => 6, 6 => 7, 7 => '`properties`.`property_reserve`', 8 => 9, 9 => 10, 10 => 11, 11 => 12, 12 => 13, 13 => '`properties`.`ZIP`'], + 'records-per-page' => 10, + 'default-sort-by' => 0, + 'default-sort-direction' => 'desc', + 'open-detail-view-on-click' => true, + 'display-page-selector' => true, + 'show-page-progress' => true, + 'template' => 'children-properties', + 'template-printable' => 'children-properties-printable', + 'query' => "SELECT `properties`.`id` as 'id', `properties`.`property_name` as 'property_name', `properties`.`photo` as 'photo', `properties`.`type` as 'type', `properties`.`number_of_units` as 'number_of_units', IF( CHAR_LENGTH(`rental_owners1`.`first_name`) || CHAR_LENGTH(`rental_owners1`.`last_name`), CONCAT_WS('', `rental_owners1`.`first_name`, ' ', `rental_owners1`.`last_name`), '') as 'owner', `properties`.`operating_account` as 'operating_account', CONCAT('$', FORMAT(`properties`.`property_reserve`, 2)) as 'property_reserve', `properties`.`lease_term` as 'lease_term', `properties`.`country` as 'country', `properties`.`street` as 'street', `properties`.`City` as 'City', `properties`.`State` as 'State', `properties`.`ZIP` as 'ZIP' FROM `properties` LEFT JOIN `rental_owners` as rental_owners1 ON `rental_owners1`.`id`=`properties`.`owner` " + ], + ], + 'property_photos' => [ + 'property' => [ + 'parent-table' => 'properties', + 'parent-primary-key' => 'id', + 'child-primary-key' => 'id', + 'child-primary-key-index' => 0, + 'tab-label' => 'Property photos ', + 'auto-close' => false, + 'table-icon' => 'resources/table_icons/camera_link.png', + 'display-refresh' => true, + 'display-add-new' => true, + 'forced-where' => '', + 'display-fields' => [2 => 'Photo', 3 => 'Description'], + 'display-field-names' => [2 => 'photo', 3 => 'description'], + 'sortable-fields' => [0 => '`property_photos`.`id`', 1 => '`properties1`.`property_name`', 2 => 3, 3 => 4], + 'records-per-page' => 10, + 'default-sort-by' => false, + 'default-sort-direction' => 'asc', + 'open-detail-view-on-click' => true, + 'display-page-selector' => true, + 'show-page-progress' => true, + 'template' => 'children-property_photos', + 'template-printable' => 'children-property_photos-printable', + 'query' => "SELECT `property_photos`.`id` as 'id', IF( CHAR_LENGTH(`properties1`.`property_name`), CONCAT_WS('', `properties1`.`property_name`), '') as 'property', `property_photos`.`photo` as 'photo', `property_photos`.`description` as 'description' FROM `property_photos` LEFT JOIN `properties` as properties1 ON `properties1`.`id`=`property_photos`.`property` " + ], + ], + 'units' => [ + 'property' => [ + 'parent-table' => 'properties', + 'parent-primary-key' => 'id', + 'child-primary-key' => 'id', + 'child-primary-key-index' => 0, + 'tab-label' => 'Units ', + 'auto-close' => false, + 'table-icon' => 'resources/table_icons/change_password.png', + 'display-refresh' => true, + 'display-add-new' => true, + 'forced-where' => '', + 'display-fields' => [1 => 'Property', 2 => 'Unit', 3 => 'Cover photo', 4 => 'Status', 5 => 'Area (sq. feet)', 7 => 'Street', 8 => 'City', 9 => 'State', 11 => 'Rooms', 12 => 'Bathroom', 13 => 'Features', 15 => 'Rental amount'], + 'display-field-names' => [1 => 'property', 2 => 'unit_number', 3 => 'photo', 4 => 'status', 5 => 'size', 7 => 'street', 8 => 'city', 9 => 'state', 11 => 'rooms', 12 => 'bathroom', 13 => 'features', 15 => 'rental_amount'], + 'sortable-fields' => [0 => '`units`.`id`', 1 => '`properties1`.`property_name`', 2 => 3, 3 => 4, 4 => 5, 5 => 6, 6 => '`properties1`.`country`', 7 => '`properties1`.`street`', 8 => '`properties1`.`City`', 9 => '`properties1`.`State`', 10 => '`properties1`.`ZIP`', 11 => 12, 12 => '`units`.`bathroom`', 13 => 14, 14 => '`units`.`market_rent`', 15 => '`units`.`rental_amount`', 16 => '`units`.`deposit_amount`', 17 => 18], + 'records-per-page' => 10, + 'default-sort-by' => 1, + 'default-sort-direction' => 'asc', + 'open-detail-view-on-click' => true, + 'display-page-selector' => true, + 'show-page-progress' => true, + 'template' => 'children-units', + 'template-printable' => 'children-units-printable', + 'query' => "SELECT `units`.`id` as 'id', IF( CHAR_LENGTH(`properties1`.`property_name`), CONCAT_WS('', `properties1`.`property_name`), '') as 'property', `units`.`unit_number` as 'unit_number', `units`.`photo` as 'photo', `units`.`status` as 'status', `units`.`size` as 'size', IF( CHAR_LENGTH(`properties1`.`country`), CONCAT_WS('', `properties1`.`country`), '') as 'country', IF( CHAR_LENGTH(`properties1`.`street`), CONCAT_WS('', `properties1`.`street`), '') as 'street', IF( CHAR_LENGTH(`properties1`.`City`), CONCAT_WS('', `properties1`.`City`), '') as 'city', IF( CHAR_LENGTH(`properties1`.`State`), CONCAT_WS('', `properties1`.`State`), '') as 'state', IF( CHAR_LENGTH(`properties1`.`ZIP`), CONCAT_WS('', `properties1`.`ZIP`), '') as 'postal_code', `units`.`rooms` as 'rooms', `units`.`bathroom` as 'bathroom', `units`.`features` as 'features', FORMAT(`units`.`market_rent`, 0) as 'market_rent', CONCAT('$', FORMAT(`units`.`rental_amount`, 2)) as 'rental_amount', CONCAT('$', FORMAT(`units`.`deposit_amount`, 2)) as 'deposit_amount', `units`.`description` as 'description' FROM `units` LEFT JOIN `properties` as properties1 ON `properties1`.`id`=`units`.`property` " + ], + ], + 'unit_photos' => [ + 'unit' => [ + 'parent-table' => 'units', + 'parent-primary-key' => 'id', + 'child-primary-key' => 'id', + 'child-primary-key-index' => 0, + 'tab-label' => 'Unit photos ', + 'auto-close' => false, + 'table-icon' => 'resources/table_icons/camera_link.png', + 'display-refresh' => true, + 'display-add-new' => true, + 'forced-where' => '', + 'display-fields' => [2 => 'Photo', 3 => 'Description'], + 'display-field-names' => [2 => 'photo', 3 => 'description'], + 'sortable-fields' => [0 => '`unit_photos`.`id`', 1 => 2, 2 => 3, 3 => 4], + 'records-per-page' => 10, + 'default-sort-by' => false, + 'default-sort-direction' => 'asc', + 'open-detail-view-on-click' => true, + 'display-page-selector' => true, + 'show-page-progress' => true, + 'template' => 'children-unit_photos', + 'template-printable' => 'children-unit_photos-printable', + 'query' => "SELECT `unit_photos`.`id` as 'id', IF( CHAR_LENGTH(`properties1`.`property_name`) || CHAR_LENGTH(`units1`.`unit_number`), CONCAT_WS('', `properties1`.`property_name`, ' - unit# ', `units1`.`unit_number`), '') as 'unit', `unit_photos`.`photo` as 'photo', `unit_photos`.`description` as 'description' FROM `unit_photos` LEFT JOIN `units` as units1 ON `units1`.`id`=`unit_photos`.`unit` LEFT JOIN `properties` as properties1 ON `properties1`.`id`=`units1`.`property` " + ], + ], + ]; + + if($skipPermissions) return $pcConfig; + + if(!in_array($filterByPermission, ['access', 'insert', 'edit', 'delete'])) $filterByPermission = 'view'; + + /** + * dynamic configuration based on current user's permissions + * $userPCConfig array is populated only with parent tables where the user has access to + * at least one child table + */ + $userPCConfig = []; + foreach($pcConfig as $tn => $lookupFields) { + $perm = getTablePermissions($tn); + if(!$perm[$filterByPermission]) continue; + + foreach($lookupFields as $fn => $ChildConfig) { + $permParent = getTablePermissions($ChildConfig['parent-table']); + if(!$permParent[$filterByPermission]) continue; + + $userPCConfig[$tn][$fn] = $pcConfig[$tn][$fn]; + // show add new only if configured above AND the user has insert permission + $userPCConfig[$tn][$fn]['display-add-new'] = ($perm['insert'] && $pcConfig[$tn][$fn]['display-add-new']); + } + } + + return $userPCConfig; + } + + ######################################################### + + function getChildTables($parentTable, $skipPermissions = false, $filterByPermission = 'view') { + $pcConfig = getLookupFields($skipPermissions, $filterByPermission); + $childTables = []; + foreach($pcConfig as $tn => $lookupFields) + foreach($lookupFields as $fn => $ChildConfig) + if($ChildConfig['parent-table'] == $parentTable) + $childTables[$tn][$fn] = $ChildConfig; + + return $childTables; + } diff --git a/app/language.php b/app/language.php index 287cf1f..e4d9552 100644 --- a/app/language.php +++ b/app/language.php @@ -857,4 +857,21 @@ 'cli tool for updating calculated fields' => 'There is also a command-line tool for updating calculated fields. This is very handy if you want to automate the process of updating calculated fields, for instance by adding a cron job to run the command-line tool periodically. For help on using the command-line tool, please run the following command in your terminal:', 'start updating' => 'Start updating', 'captcha label' => 'Please enter the characters you see in the image', + + // Added in 23.17 + 'Explore more plugins' => 'Explore more plugins', + 'Install a plugin' => 'Install a plugin', + 'invalid order number' => 'Invalid order number', + 'invalid order login' => 'Could not find an order with the specified order number and email address.', + 'order number' => 'Order Number', + 'view available plugins' => 'View available plugins', + 'plugin check instructions' => 'Please enter your email address and order number below to check for available plugins.', + 'no plugins available' => 'No plugins available for this order number.', + 'install selected plugins' => 'Install selected plugins', + 'select plugins to install' => 'Select plugins to install', + 'plugins install progress' => 'Install progress', + 'already installed' => 'already installed on %s (check to re-install)', + 'plugin install failed' => 'Plugin installation failed!', + 'plugin installed successfully' => 'Plugin installed successfully! Click to launch.', + 'missing dependencies' => 'Errors or missing dependecies found', ]; \ No newline at end of file diff --git a/app/lib.php b/app/lib.php index 15fa42c..04fd1a5 100644 --- a/app/lib.php +++ b/app/lib.php @@ -1,5 +1,5 @@ [ - ], - 'applications_leases' => [ - 'tenants' => [ - 'parent-table' => 'applicants_and_tenants', - 'parent-primary-key' => 'id', - 'child-primary-key' => 'id', - 'child-primary-key-index' => 0, - 'tab-label' => 'Applications/Leases ', - 'auto-close' => false, - 'table-icon' => 'resources/table_icons/curriculum_vitae.png', - 'display-refresh' => true, - 'display-add-new' => true, - 'forced-where' => '', - 'display-fields' => [1 => 'Applicant/ Tenant', 2 => 'Application status', 3 => 'Property', 4 => 'Unit applied for', 5 => 'Lease type', 6 => 'Total number of occupants', 7 => 'Lease period from', 8 => 'to', 11 => 'Rental amount', 12 => 'Security deposit', 14 => 'Emergency contact', 17 => 'Applicant agrees'], - 'display-field-names' => [1 => 'tenants', 2 => 'status', 3 => 'property', 4 => 'unit', 5 => 'type', 6 => 'total_number_of_occupants', 7 => 'start_date', 8 => 'end_date', 11 => 'rent', 12 => 'security_deposit', 14 => 'emergency_contact', 17 => 'agreement'], - 'sortable-fields' => [0 => '`applications_leases`.`id`', 1 => 2, 2 => 3, 3 => '`properties1`.`property_name`', 4 => '`units1`.`unit_number`', 5 => 6, 6 => 7, 7 => '`applications_leases`.`start_date`', 8 => '`applications_leases`.`end_date`', 9 => 10, 10 => '`applications_leases`.`next_due_date`', 11 => '`applications_leases`.`rent`', 12 => '`applications_leases`.`security_deposit`', 13 => '`applications_leases`.`security_deposit_date`', 14 => 15, 15 => 16, 16 => 17, 17 => 18], - 'records-per-page' => 10, - 'default-sort-by' => false, - 'default-sort-direction' => 'asc', - 'open-detail-view-on-click' => true, - 'display-page-selector' => true, - 'show-page-progress' => true, - 'template' => 'children-applications_leases', - 'template-printable' => 'children-applications_leases-printable', - 'query' => "SELECT `applications_leases`.`id` as 'id', IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') as 'tenants', `applications_leases`.`status` as 'status', IF( CHAR_LENGTH(`properties1`.`property_name`), CONCAT_WS('', `properties1`.`property_name`), '') as 'property', IF( CHAR_LENGTH(`units1`.`unit_number`), CONCAT_WS('', `units1`.`unit_number`), '') as 'unit', `applications_leases`.`type` as 'type', `applications_leases`.`total_number_of_occupants` as 'total_number_of_occupants', if(`applications_leases`.`start_date`,date_format(`applications_leases`.`start_date`,'%m/%d/%Y'),'') as 'start_date', if(`applications_leases`.`end_date`,date_format(`applications_leases`.`end_date`,'%m/%d/%Y'),'') as 'end_date', `applications_leases`.`recurring_charges_frequency` as 'recurring_charges_frequency', if(`applications_leases`.`next_due_date`,date_format(`applications_leases`.`next_due_date`,'%m/%d/%Y'),'') as 'next_due_date', CONCAT('$', FORMAT(`applications_leases`.`rent`, 2)) as 'rent', CONCAT('$', FORMAT(`applications_leases`.`security_deposit`, 2)) as 'security_deposit', if(`applications_leases`.`security_deposit_date`,date_format(`applications_leases`.`security_deposit_date`,'%m/%d/%Y'),'') as 'security_deposit_date', `applications_leases`.`emergency_contact` as 'emergency_contact', `applications_leases`.`co_signer_details` as 'co_signer_details', `applications_leases`.`notes` as 'notes', concat('') as 'agreement' FROM `applications_leases` LEFT JOIN `applicants_and_tenants` as applicants_and_tenants1 ON `applicants_and_tenants1`.`id`=`applications_leases`.`tenants` LEFT JOIN `properties` as properties1 ON `properties1`.`id`=`applications_leases`.`property` LEFT JOIN `units` as units1 ON `units1`.`id`=`applications_leases`.`unit` " - ], - 'property' => [ - 'parent-table' => 'properties', - 'parent-primary-key' => 'id', - 'child-primary-key' => 'id', - 'child-primary-key-index' => 0, - 'tab-label' => 'Applications/leases ', - 'auto-close' => false, - 'table-icon' => 'resources/table_icons/curriculum_vitae.png', - 'display-refresh' => true, - 'display-add-new' => true, - 'forced-where' => '', - 'display-fields' => [1 => 'Applicant/ Tenant', 2 => 'Application status', 3 => 'Property', 4 => 'Unit applied for', 5 => 'Lease type', 6 => 'Total number of occupants', 7 => 'Lease period from', 8 => 'to', 11 => 'Rental amount', 12 => 'Security deposit', 14 => 'Emergency contact', 17 => 'Applicant agrees'], - 'display-field-names' => [1 => 'tenants', 2 => 'status', 3 => 'property', 4 => 'unit', 5 => 'type', 6 => 'total_number_of_occupants', 7 => 'start_date', 8 => 'end_date', 11 => 'rent', 12 => 'security_deposit', 14 => 'emergency_contact', 17 => 'agreement'], - 'sortable-fields' => [0 => '`applications_leases`.`id`', 1 => 2, 2 => 3, 3 => '`properties1`.`property_name`', 4 => '`units1`.`unit_number`', 5 => 6, 6 => 7, 7 => '`applications_leases`.`start_date`', 8 => '`applications_leases`.`end_date`', 9 => 10, 10 => '`applications_leases`.`next_due_date`', 11 => '`applications_leases`.`rent`', 12 => '`applications_leases`.`security_deposit`', 13 => '`applications_leases`.`security_deposit_date`', 14 => 15, 15 => 16, 16 => 17, 17 => 18], - 'records-per-page' => 10, - 'default-sort-by' => false, - 'default-sort-direction' => 'asc', - 'open-detail-view-on-click' => true, - 'display-page-selector' => true, - 'show-page-progress' => true, - 'template' => 'children-applications_leases', - 'template-printable' => 'children-applications_leases-printable', - 'query' => "SELECT `applications_leases`.`id` as 'id', IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') as 'tenants', `applications_leases`.`status` as 'status', IF( CHAR_LENGTH(`properties1`.`property_name`), CONCAT_WS('', `properties1`.`property_name`), '') as 'property', IF( CHAR_LENGTH(`units1`.`unit_number`), CONCAT_WS('', `units1`.`unit_number`), '') as 'unit', `applications_leases`.`type` as 'type', `applications_leases`.`total_number_of_occupants` as 'total_number_of_occupants', if(`applications_leases`.`start_date`,date_format(`applications_leases`.`start_date`,'%m/%d/%Y'),'') as 'start_date', if(`applications_leases`.`end_date`,date_format(`applications_leases`.`end_date`,'%m/%d/%Y'),'') as 'end_date', `applications_leases`.`recurring_charges_frequency` as 'recurring_charges_frequency', if(`applications_leases`.`next_due_date`,date_format(`applications_leases`.`next_due_date`,'%m/%d/%Y'),'') as 'next_due_date', CONCAT('$', FORMAT(`applications_leases`.`rent`, 2)) as 'rent', CONCAT('$', FORMAT(`applications_leases`.`security_deposit`, 2)) as 'security_deposit', if(`applications_leases`.`security_deposit_date`,date_format(`applications_leases`.`security_deposit_date`,'%m/%d/%Y'),'') as 'security_deposit_date', `applications_leases`.`emergency_contact` as 'emergency_contact', `applications_leases`.`co_signer_details` as 'co_signer_details', `applications_leases`.`notes` as 'notes', concat('') as 'agreement' FROM `applications_leases` LEFT JOIN `applicants_and_tenants` as applicants_and_tenants1 ON `applicants_and_tenants1`.`id`=`applications_leases`.`tenants` LEFT JOIN `properties` as properties1 ON `properties1`.`id`=`applications_leases`.`property` LEFT JOIN `units` as units1 ON `units1`.`id`=`applications_leases`.`unit` " - ], - 'unit' => [ - 'parent-table' => 'units', - 'parent-primary-key' => 'id', - 'child-primary-key' => 'id', - 'child-primary-key-index' => 0, - 'tab-label' => 'Applications/Leases ', - 'auto-close' => false, - 'table-icon' => 'resources/table_icons/curriculum_vitae.png', - 'display-refresh' => true, - 'display-add-new' => true, - 'forced-where' => '', - 'display-fields' => [1 => 'Applicant/ Tenant', 2 => 'Application status', 3 => 'Property', 4 => 'Unit applied for', 5 => 'Lease type', 6 => 'Total number of occupants', 7 => 'Lease period from', 8 => 'to', 11 => 'Rental amount', 12 => 'Security deposit', 14 => 'Emergency contact', 17 => 'Applicant agrees'], - 'display-field-names' => [1 => 'tenants', 2 => 'status', 3 => 'property', 4 => 'unit', 5 => 'type', 6 => 'total_number_of_occupants', 7 => 'start_date', 8 => 'end_date', 11 => 'rent', 12 => 'security_deposit', 14 => 'emergency_contact', 17 => 'agreement'], - 'sortable-fields' => [0 => '`applications_leases`.`id`', 1 => 2, 2 => 3, 3 => '`properties1`.`property_name`', 4 => '`units1`.`unit_number`', 5 => 6, 6 => 7, 7 => '`applications_leases`.`start_date`', 8 => '`applications_leases`.`end_date`', 9 => 10, 10 => '`applications_leases`.`next_due_date`', 11 => '`applications_leases`.`rent`', 12 => '`applications_leases`.`security_deposit`', 13 => '`applications_leases`.`security_deposit_date`', 14 => 15, 15 => 16, 16 => 17, 17 => 18], - 'records-per-page' => 10, - 'default-sort-by' => false, - 'default-sort-direction' => 'asc', - 'open-detail-view-on-click' => true, - 'display-page-selector' => true, - 'show-page-progress' => true, - 'template' => 'children-applications_leases', - 'template-printable' => 'children-applications_leases-printable', - 'query' => "SELECT `applications_leases`.`id` as 'id', IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') as 'tenants', `applications_leases`.`status` as 'status', IF( CHAR_LENGTH(`properties1`.`property_name`), CONCAT_WS('', `properties1`.`property_name`), '') as 'property', IF( CHAR_LENGTH(`units1`.`unit_number`), CONCAT_WS('', `units1`.`unit_number`), '') as 'unit', `applications_leases`.`type` as 'type', `applications_leases`.`total_number_of_occupants` as 'total_number_of_occupants', if(`applications_leases`.`start_date`,date_format(`applications_leases`.`start_date`,'%m/%d/%Y'),'') as 'start_date', if(`applications_leases`.`end_date`,date_format(`applications_leases`.`end_date`,'%m/%d/%Y'),'') as 'end_date', `applications_leases`.`recurring_charges_frequency` as 'recurring_charges_frequency', if(`applications_leases`.`next_due_date`,date_format(`applications_leases`.`next_due_date`,'%m/%d/%Y'),'') as 'next_due_date', CONCAT('$', FORMAT(`applications_leases`.`rent`, 2)) as 'rent', CONCAT('$', FORMAT(`applications_leases`.`security_deposit`, 2)) as 'security_deposit', if(`applications_leases`.`security_deposit_date`,date_format(`applications_leases`.`security_deposit_date`,'%m/%d/%Y'),'') as 'security_deposit_date', `applications_leases`.`emergency_contact` as 'emergency_contact', `applications_leases`.`co_signer_details` as 'co_signer_details', `applications_leases`.`notes` as 'notes', concat('') as 'agreement' FROM `applications_leases` LEFT JOIN `applicants_and_tenants` as applicants_and_tenants1 ON `applicants_and_tenants1`.`id`=`applications_leases`.`tenants` LEFT JOIN `properties` as properties1 ON `properties1`.`id`=`applications_leases`.`property` LEFT JOIN `units` as units1 ON `units1`.`id`=`applications_leases`.`unit` " - ], - ], - 'residence_and_rental_history' => [ - 'tenant' => [ - 'parent-table' => 'applicants_and_tenants', - 'parent-primary-key' => 'id', - 'child-primary-key' => 'id', - 'child-primary-key-index' => 0, - 'tab-label' => 'Residence and rental history ', - 'auto-close' => false, - 'table-icon' => 'resources/table_icons/document_comment_above.png', - 'display-refresh' => true, - 'display-add-new' => true, - 'forced-where' => '', - 'display-fields' => [2 => 'Address', 3 => 'Landlord/manager name', 4 => 'Landlord/manager phone', 5 => 'Monthly rent', 6 => 'Duration of residency from', 7 => 'to', 8 => 'Reason for leaving'], - 'display-field-names' => [2 => 'address', 3 => 'landlord_or_manager_name', 4 => 'landlord_or_manager_phone', 5 => 'monthly_rent', 6 => 'duration_of_residency_from', 7 => 'to', 8 => 'reason_for_leaving'], - 'sortable-fields' => [0 => '`residence_and_rental_history`.`id`', 1 => 2, 2 => 3, 3 => 4, 4 => 5, 5 => '`residence_and_rental_history`.`monthly_rent`', 6 => '`residence_and_rental_history`.`duration_of_residency_from`', 7 => '`residence_and_rental_history`.`to`', 8 => 9, 9 => 10], - 'records-per-page' => 10, - 'default-sort-by' => false, - 'default-sort-direction' => 'asc', - 'open-detail-view-on-click' => true, - 'display-page-selector' => true, - 'show-page-progress' => true, - 'template' => 'children-residence_and_rental_history', - 'template-printable' => 'children-residence_and_rental_history-printable', - 'query' => "SELECT `residence_and_rental_history`.`id` as 'id', IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') as 'tenant', `residence_and_rental_history`.`address` as 'address', `residence_and_rental_history`.`landlord_or_manager_name` as 'landlord_or_manager_name', `residence_and_rental_history`.`landlord_or_manager_phone` as 'landlord_or_manager_phone', CONCAT('$', FORMAT(`residence_and_rental_history`.`monthly_rent`, 2)) as 'monthly_rent', if(`residence_and_rental_history`.`duration_of_residency_from`,date_format(`residence_and_rental_history`.`duration_of_residency_from`,'%m/%d/%Y'),'') as 'duration_of_residency_from', if(`residence_and_rental_history`.`to`,date_format(`residence_and_rental_history`.`to`,'%m/%d/%Y'),'') as 'to', `residence_and_rental_history`.`reason_for_leaving` as 'reason_for_leaving', `residence_and_rental_history`.`notes` as 'notes' FROM `residence_and_rental_history` LEFT JOIN `applicants_and_tenants` as applicants_and_tenants1 ON `applicants_and_tenants1`.`id`=`residence_and_rental_history`.`tenant` " - ], - ], - 'employment_and_income_history' => [ - 'tenant' => [ - 'parent-table' => 'applicants_and_tenants', - 'parent-primary-key' => 'id', - 'child-primary-key' => 'id', - 'child-primary-key-index' => 0, - 'tab-label' => 'Employment and income history ', - 'auto-close' => false, - 'table-icon' => 'resources/table_icons/cash_stack.png', - 'display-refresh' => true, - 'display-add-new' => true, - 'forced-where' => '', - 'display-fields' => [2 => 'Employer name', 3 => 'City', 4 => 'Employer phone', 5 => 'employed from', 6 => 'Employed till', 7 => 'Occupation', 8 => 'Notes'], - 'display-field-names' => [2 => 'employer_name', 3 => 'city', 4 => 'employer_phone', 5 => 'employed_from', 6 => 'employed_till', 7 => 'occupation', 8 => 'notes'], - 'sortable-fields' => [0 => '`employment_and_income_history`.`id`', 1 => 2, 2 => 3, 3 => 4, 4 => 5, 5 => '`employment_and_income_history`.`employed_from`', 6 => '`employment_and_income_history`.`employed_till`', 7 => 8, 8 => 9], - 'records-per-page' => 10, - 'default-sort-by' => false, - 'default-sort-direction' => 'asc', - 'open-detail-view-on-click' => true, - 'display-page-selector' => true, - 'show-page-progress' => true, - 'template' => 'children-employment_and_income_history', - 'template-printable' => 'children-employment_and_income_history-printable', - 'query' => "SELECT `employment_and_income_history`.`id` as 'id', IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') as 'tenant', `employment_and_income_history`.`employer_name` as 'employer_name', `employment_and_income_history`.`city` as 'city', CONCAT_WS('-', LEFT(`employment_and_income_history`.`employer_phone`,3), MID(`employment_and_income_history`.`employer_phone`,4,3), RIGHT(`employment_and_income_history`.`employer_phone`,4)) as 'employer_phone', if(`employment_and_income_history`.`employed_from`,date_format(`employment_and_income_history`.`employed_from`,'%m/%d/%Y'),'') as 'employed_from', if(`employment_and_income_history`.`employed_till`,date_format(`employment_and_income_history`.`employed_till`,'%m/%d/%Y'),'') as 'employed_till', `employment_and_income_history`.`occupation` as 'occupation', `employment_and_income_history`.`notes` as 'notes' FROM `employment_and_income_history` LEFT JOIN `applicants_and_tenants` as applicants_and_tenants1 ON `applicants_and_tenants1`.`id`=`employment_and_income_history`.`tenant` " - ], - ], - 'references' => [ - 'tenant' => [ - 'parent-table' => 'applicants_and_tenants', - 'parent-primary-key' => 'id', - 'child-primary-key' => 'id', - 'child-primary-key-index' => 0, - 'tab-label' => 'References ', - 'auto-close' => false, - 'table-icon' => 'resources/table_icons/application_from_storage.png', - 'display-refresh' => true, - 'display-add-new' => true, - 'forced-where' => '', - 'display-fields' => [2 => 'Reference name', 3 => 'Reference phone'], - 'display-field-names' => [2 => 'reference_name', 3 => 'phone'], - 'sortable-fields' => [0 => '`references`.`id`', 1 => 2, 2 => 3, 3 => 4], - 'records-per-page' => 10, - 'default-sort-by' => false, - 'default-sort-direction' => 'asc', - 'open-detail-view-on-click' => true, - 'display-page-selector' => true, - 'show-page-progress' => true, - 'template' => 'children-references', - 'template-printable' => 'children-references-printable', - 'query' => "SELECT `references`.`id` as 'id', IF( CHAR_LENGTH(`applicants_and_tenants1`.`first_name`) || CHAR_LENGTH(`applicants_and_tenants1`.`last_name`), CONCAT_WS('', `applicants_and_tenants1`.`first_name`, ' ', `applicants_and_tenants1`.`last_name`), '') as 'tenant', `references`.`reference_name` as 'reference_name', CONCAT_WS('-', LEFT(`references`.`phone`,3), MID(`references`.`phone`,4,3), RIGHT(`references`.`phone`,4)) as 'phone' FROM `references` LEFT JOIN `applicants_and_tenants` as applicants_and_tenants1 ON `applicants_and_tenants1`.`id`=`references`.`tenant` " - ], - ], - 'rental_owners' => [ - ], - 'properties' => [ - 'owner' => [ - 'parent-table' => 'rental_owners', - 'parent-primary-key' => 'id', - 'child-primary-key' => 'id', - 'child-primary-key-index' => 0, - 'tab-label' => 'Properties ', - 'auto-close' => false, - 'table-icon' => 'resources/table_icons/application_home.png', - 'display-refresh' => true, - 'display-add-new' => true, - 'forced-where' => '', - 'display-fields' => [1 => 'Property Name', 2 => 'Cover photo', 3 => 'Type', 4 => 'Number of units', 5 => 'Owner', 6 => 'Operating account', 7 => 'Property reserve', 10 => 'Street', 11 => 'City', 12 => 'State', 13 => 'ZIP'], - 'display-field-names' => [1 => 'property_name', 2 => 'photo', 3 => 'type', 4 => 'number_of_units', 5 => 'owner', 6 => 'operating_account', 7 => 'property_reserve', 10 => 'street', 11 => 'City', 12 => 'State', 13 => 'ZIP'], - 'sortable-fields' => [0 => '`properties`.`id`', 1 => 2, 2 => 3, 3 => 4, 4 => '`properties`.`number_of_units`', 5 => 6, 6 => 7, 7 => '`properties`.`property_reserve`', 8 => 9, 9 => 10, 10 => 11, 11 => 12, 12 => 13, 13 => '`properties`.`ZIP`'], - 'records-per-page' => 10, - 'default-sort-by' => 0, - 'default-sort-direction' => 'desc', - 'open-detail-view-on-click' => true, - 'display-page-selector' => true, - 'show-page-progress' => true, - 'template' => 'children-properties', - 'template-printable' => 'children-properties-printable', - 'query' => "SELECT `properties`.`id` as 'id', `properties`.`property_name` as 'property_name', `properties`.`photo` as 'photo', `properties`.`type` as 'type', `properties`.`number_of_units` as 'number_of_units', IF( CHAR_LENGTH(`rental_owners1`.`first_name`) || CHAR_LENGTH(`rental_owners1`.`last_name`), CONCAT_WS('', `rental_owners1`.`first_name`, ' ', `rental_owners1`.`last_name`), '') as 'owner', `properties`.`operating_account` as 'operating_account', CONCAT('$', FORMAT(`properties`.`property_reserve`, 2)) as 'property_reserve', `properties`.`lease_term` as 'lease_term', `properties`.`country` as 'country', `properties`.`street` as 'street', `properties`.`City` as 'City', `properties`.`State` as 'State', `properties`.`ZIP` as 'ZIP' FROM `properties` LEFT JOIN `rental_owners` as rental_owners1 ON `rental_owners1`.`id`=`properties`.`owner` " - ], - ], - 'property_photos' => [ - 'property' => [ - 'parent-table' => 'properties', - 'parent-primary-key' => 'id', - 'child-primary-key' => 'id', - 'child-primary-key-index' => 0, - 'tab-label' => 'Property photos ', - 'auto-close' => false, - 'table-icon' => 'resources/table_icons/camera_link.png', - 'display-refresh' => true, - 'display-add-new' => true, - 'forced-where' => '', - 'display-fields' => [2 => 'Photo', 3 => 'Description'], - 'display-field-names' => [2 => 'photo', 3 => 'description'], - 'sortable-fields' => [0 => '`property_photos`.`id`', 1 => '`properties1`.`property_name`', 2 => 3, 3 => 4], - 'records-per-page' => 10, - 'default-sort-by' => false, - 'default-sort-direction' => 'asc', - 'open-detail-view-on-click' => true, - 'display-page-selector' => true, - 'show-page-progress' => true, - 'template' => 'children-property_photos', - 'template-printable' => 'children-property_photos-printable', - 'query' => "SELECT `property_photos`.`id` as 'id', IF( CHAR_LENGTH(`properties1`.`property_name`), CONCAT_WS('', `properties1`.`property_name`), '') as 'property', `property_photos`.`photo` as 'photo', `property_photos`.`description` as 'description' FROM `property_photos` LEFT JOIN `properties` as properties1 ON `properties1`.`id`=`property_photos`.`property` " - ], - ], - 'units' => [ - 'property' => [ - 'parent-table' => 'properties', - 'parent-primary-key' => 'id', - 'child-primary-key' => 'id', - 'child-primary-key-index' => 0, - 'tab-label' => 'Units ', - 'auto-close' => false, - 'table-icon' => 'resources/table_icons/change_password.png', - 'display-refresh' => true, - 'display-add-new' => true, - 'forced-where' => '', - 'display-fields' => [1 => 'Property', 2 => 'Unit', 3 => 'Cover photo', 4 => 'Status', 5 => 'Area (sq. feet)', 7 => 'Street', 8 => 'City', 9 => 'State', 11 => 'Rooms', 12 => 'Bathroom', 13 => 'Features', 15 => 'Rental amount'], - 'display-field-names' => [1 => 'property', 2 => 'unit_number', 3 => 'photo', 4 => 'status', 5 => 'size', 7 => 'street', 8 => 'city', 9 => 'state', 11 => 'rooms', 12 => 'bathroom', 13 => 'features', 15 => 'rental_amount'], - 'sortable-fields' => [0 => '`units`.`id`', 1 => '`properties1`.`property_name`', 2 => 3, 3 => 4, 4 => 5, 5 => 6, 6 => '`properties1`.`country`', 7 => '`properties1`.`street`', 8 => '`properties1`.`City`', 9 => '`properties1`.`State`', 10 => '`properties1`.`ZIP`', 11 => 12, 12 => '`units`.`bathroom`', 13 => 14, 14 => '`units`.`market_rent`', 15 => '`units`.`rental_amount`', 16 => '`units`.`deposit_amount`', 17 => 18], - 'records-per-page' => 10, - 'default-sort-by' => 1, - 'default-sort-direction' => 'asc', - 'open-detail-view-on-click' => true, - 'display-page-selector' => true, - 'show-page-progress' => true, - 'template' => 'children-units', - 'template-printable' => 'children-units-printable', - 'query' => "SELECT `units`.`id` as 'id', IF( CHAR_LENGTH(`properties1`.`property_name`), CONCAT_WS('', `properties1`.`property_name`), '') as 'property', `units`.`unit_number` as 'unit_number', `units`.`photo` as 'photo', `units`.`status` as 'status', `units`.`size` as 'size', IF( CHAR_LENGTH(`properties1`.`country`), CONCAT_WS('', `properties1`.`country`), '') as 'country', IF( CHAR_LENGTH(`properties1`.`street`), CONCAT_WS('', `properties1`.`street`), '') as 'street', IF( CHAR_LENGTH(`properties1`.`City`), CONCAT_WS('', `properties1`.`City`), '') as 'city', IF( CHAR_LENGTH(`properties1`.`State`), CONCAT_WS('', `properties1`.`State`), '') as 'state', IF( CHAR_LENGTH(`properties1`.`ZIP`), CONCAT_WS('', `properties1`.`ZIP`), '') as 'postal_code', `units`.`rooms` as 'rooms', `units`.`bathroom` as 'bathroom', `units`.`features` as 'features', FORMAT(`units`.`market_rent`, 0) as 'market_rent', CONCAT('$', FORMAT(`units`.`rental_amount`, 2)) as 'rental_amount', CONCAT('$', FORMAT(`units`.`deposit_amount`, 2)) as 'deposit_amount', `units`.`description` as 'description' FROM `units` LEFT JOIN `properties` as properties1 ON `properties1`.`id`=`units`.`property` " - ], - ], - 'unit_photos' => [ - 'unit' => [ - 'parent-table' => 'units', - 'parent-primary-key' => 'id', - 'child-primary-key' => 'id', - 'child-primary-key-index' => 0, - 'tab-label' => 'Unit photos ', - 'auto-close' => false, - 'table-icon' => 'resources/table_icons/camera_link.png', - 'display-refresh' => true, - 'display-add-new' => true, - 'forced-where' => '', - 'display-fields' => [2 => 'Photo', 3 => 'Description'], - 'display-field-names' => [2 => 'photo', 3 => 'description'], - 'sortable-fields' => [0 => '`unit_photos`.`id`', 1 => 2, 2 => 3, 3 => 4], - 'records-per-page' => 10, - 'default-sort-by' => false, - 'default-sort-direction' => 'asc', - 'open-detail-view-on-click' => true, - 'display-page-selector' => true, - 'show-page-progress' => true, - 'template' => 'children-unit_photos', - 'template-printable' => 'children-unit_photos-printable', - 'query' => "SELECT `unit_photos`.`id` as 'id', IF( CHAR_LENGTH(`properties1`.`property_name`) || CHAR_LENGTH(`units1`.`unit_number`), CONCAT_WS('', `properties1`.`property_name`, ' - unit# ', `units1`.`unit_number`), '') as 'unit', `unit_photos`.`photo` as 'photo', `unit_photos`.`description` as 'description' FROM `unit_photos` LEFT JOIN `units` as units1 ON `units1`.`id`=`unit_photos`.`unit` LEFT JOIN `properties` as properties1 ON `properties1`.`id`=`units1`.`property` " - ], - ], - ]; - - /*************************************/ - /* End of configuration */ - + /* Parent/children config array has moved to incCommon.php#getLookupFields() */ include_once(__DIR__ . '/lib.php'); @header('Content-Type: text/html; charset=' . datalist_db_encoding); handle_maintenance(); - /** - * dynamic configuration based on current user's permissions - * $userPCConfig array is populated only with parent tables where the user has access to - * at least one child table - */ - $userPCConfig = []; - foreach($pcConfig as $pcChildTable => $ChildrenLookups) { - $permChild = getTablePermissions($pcChildTable); - if(!$permChild['view']) continue; - - foreach($ChildrenLookups as $ChildLookupField => $ChildConfig) { - $permParent = getTablePermissions($ChildConfig['parent-table']); - if(!$permParent['view']) continue; - - $userPCConfig[$pcChildTable][$ChildLookupField] = $pcConfig[$pcChildTable][$ChildLookupField]; - // show add new only if configured above AND the user has insert permission - $userPCConfig[$pcChildTable][$ChildLookupField]['display-add-new'] = ($permChild['insert'] && $pcConfig[$pcChildTable][$ChildLookupField]['display-add-new']); - } - } + $userPCConfig = getLookupFields(); /* Receive, UTF-convert, and validate parameters */ $ParentTable = Request::val('ParentTable'); // needed only with operation=show-children, will be validated in the processing code @@ -329,9 +43,9 @@ $SortDirection = strtolower(Request::val('SortDirection')); if(!in_array($SortDirection, ['asc', 'desc'])) $SortDirection = $currentConfig['default-sort-direction']; - $Operation = strtolower(Request::val('Operation')); - if(!in_array($Operation, ['get-records', 'show-children', 'get-records-printable', 'show-children-printable'])) - $Operation = 'get-records'; + $Operation = Request::oneOf('Operation', ['get-records', 'show-children', 'get-records-printable', 'show-children-printable', 'get-count'], 'get-records'); + + $eo = ['silentErrors' => true]; /* process requested operation */ switch($Operation) { @@ -467,6 +181,41 @@ $ChildTable, 'ChildLookupField' => $ChildLookupField, 'counts' => []]; + while($row = db_fetch_row($res)) { + $data['counts'][$row[0]] = intval($row[1]); + } + + json_response($data); // this returns the count and exits + break; + /************************************************/ case 'get-records-printable': default: /* default is 'get-records' */ @@ -475,17 +224,12 @@ $currentConfig['records-per-page'] = 2000; } + $permSQL = permissions_sql($ChildTable); + // build the user permissions limiter - $permissionsWhere = $permissionsJoin = ''; - $permChild = getTablePermissions($ChildTable); - if($permChild['view'] == 1) { // user can view only his own records - $permissionsWhere = "`$ChildTable`.`{$currentConfig['child-primary-key']}`=`membership_userrecords`.`pkValue` AND `membership_userrecords`.`tableName`='$ChildTable' AND LCASE(`membership_userrecords`.`memberID`)='" . getLoggedMemberID() . "'"; - } elseif($permChild['view'] == 2) { // user can view only his group's records - $permissionsWhere = "`$ChildTable`.`{$currentConfig['child-primary-key']}`=`membership_userrecords`.`pkValue` AND `membership_userrecords`.`tableName`='$ChildTable' AND `membership_userrecords`.`groupID`='" . getLoggedGroupID() . "'"; - } elseif($permChild['view'] == 3) { // user can view all records - /* that's the only case remaining ... no need to modify the query in this case */ - } - $permissionsJoin = ($permissionsWhere ? ", `membership_userrecords`" : ''); + $permissionsWhere = $permSQL['where'] ?? ''; + $permissionsJoin = $permSQL['from'] ?? ''; + if($permissionsJoin) $permissionsJoin = ", $permissionsJoin"; // build the count query $forcedWhere = $currentConfig['forced-where']; @@ -495,7 +239,7 @@ ($permissionsWhere ? "( $permissionsWhere )" : "( 1=1 )") . " AND " . ($forcedWhere ? "( $forcedWhere )" : "( 2=2 )") . " AND " . "`$ChildTable`.`$ChildLookupField`='" . makeSafe($SelectedID) . "'"; - $totalMatches = sqlValue($query); + $totalMatches = intval(sqlValue($query)); // make sure $Page is <= max pages $maxPage = ceil($totalMatches / $currentConfig['records-per-page']); diff --git a/app/properties_autofill.php b/app/properties_autofill.php index 6e7bd17..fd01e6b 100644 --- a/app/properties_autofill.php +++ b/app/properties_autofill.php @@ -1,5 +1,5 @@ + * @author Jim Jagielski (jimjag) + * @author Andy Prevost (codeworxtech) + * @author Brent R. Matzelle (original founder) + * @copyright 2012 - 2020 Marcus Bointon + * @copyright 2010 - 2012 Jim Jagielski + * @copyright 2004 - 2009 Andy Prevost + * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License + * @note This program is distributed in the hope that it will be useful - WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. + */ + +namespace PHPMailer\PHPMailer; + +/** + * PHPMailer exception handler. + * + * @author Marcus Bointon + */ +class Exception extends \Exception +{ + /** + * Prettify error message output. + * + * @return string + */ + public function errorMessage() + { + return '' . htmlspecialchars($this->getMessage(), ENT_COMPAT | ENT_HTML401) . "
    \n"; + } +} diff --git a/app/resources/lib/PHPMailer/PHPMailer/PHPMailer.php b/app/resources/lib/PHPMailer/PHPMailer/PHPMailer.php new file mode 100644 index 0000000..5077efc --- /dev/null +++ b/app/resources/lib/PHPMailer/PHPMailer/PHPMailer.php @@ -0,0 +1,5126 @@ + + * @author Jim Jagielski (jimjag) + * @author Andy Prevost (codeworxtech) + * @author Brent R. Matzelle (original founder) + * @copyright 2012 - 2020 Marcus Bointon + * @copyright 2010 - 2012 Jim Jagielski + * @copyright 2004 - 2009 Andy Prevost + * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License + * @note This program is distributed in the hope that it will be useful - WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. + */ + +namespace PHPMailer\PHPMailer; + +/** + * PHPMailer - PHP email creation and transport class. + * + * @author Marcus Bointon (Synchro/coolbru) + * @author Jim Jagielski (jimjag) + * @author Andy Prevost (codeworxtech) + * @author Brent R. Matzelle (original founder) + */ +class PHPMailer +{ + const CHARSET_ASCII = 'us-ascii'; + const CHARSET_ISO88591 = 'iso-8859-1'; + const CHARSET_UTF8 = 'utf-8'; + + const CONTENT_TYPE_PLAINTEXT = 'text/plain'; + const CONTENT_TYPE_TEXT_CALENDAR = 'text/calendar'; + const CONTENT_TYPE_TEXT_HTML = 'text/html'; + const CONTENT_TYPE_MULTIPART_ALTERNATIVE = 'multipart/alternative'; + const CONTENT_TYPE_MULTIPART_MIXED = 'multipart/mixed'; + const CONTENT_TYPE_MULTIPART_RELATED = 'multipart/related'; + + const ENCODING_7BIT = '7bit'; + const ENCODING_8BIT = '8bit'; + const ENCODING_BASE64 = 'base64'; + const ENCODING_BINARY = 'binary'; + const ENCODING_QUOTED_PRINTABLE = 'quoted-printable'; + + const ENCRYPTION_STARTTLS = 'tls'; + const ENCRYPTION_SMTPS = 'ssl'; + + const ICAL_METHOD_REQUEST = 'REQUEST'; + const ICAL_METHOD_PUBLISH = 'PUBLISH'; + const ICAL_METHOD_REPLY = 'REPLY'; + const ICAL_METHOD_ADD = 'ADD'; + const ICAL_METHOD_CANCEL = 'CANCEL'; + const ICAL_METHOD_REFRESH = 'REFRESH'; + const ICAL_METHOD_COUNTER = 'COUNTER'; + const ICAL_METHOD_DECLINECOUNTER = 'DECLINECOUNTER'; + + /** + * Email priority. + * Options: null (default), 1 = High, 3 = Normal, 5 = low. + * When null, the header is not set at all. + * + * @var int|null + */ + public $Priority; + + /** + * The character set of the message. + * + * @var string + */ + public $CharSet = self::CHARSET_ISO88591; + + /** + * The MIME Content-type of the message. + * + * @var string + */ + public $ContentType = self::CONTENT_TYPE_PLAINTEXT; + + /** + * The message encoding. + * Options: "8bit", "7bit", "binary", "base64", and "quoted-printable". + * + * @var string + */ + public $Encoding = self::ENCODING_8BIT; + + /** + * Holds the most recent mailer error message. + * + * @var string + */ + public $ErrorInfo = ''; + + /** + * The From email address for the message. + * + * @var string + */ + public $From = ''; + + /** + * The From name of the message. + * + * @var string + */ + public $FromName = ''; + + /** + * The envelope sender of the message. + * This will usually be turned into a Return-Path header by the receiver, + * and is the address that bounces will be sent to. + * If not empty, will be passed via `-f` to sendmail or as the 'MAIL FROM' value over SMTP. + * + * @var string + */ + public $Sender = ''; + + /** + * The Subject of the message. + * + * @var string + */ + public $Subject = ''; + + /** + * An HTML or plain text message body. + * If HTML then call isHTML(true). + * + * @var string + */ + public $Body = ''; + + /** + * The plain-text message body. + * This body can be read by mail clients that do not have HTML email + * capability such as mutt & Eudora. + * Clients that can read HTML will view the normal Body. + * + * @var string + */ + public $AltBody = ''; + + /** + * An iCal message part body. + * Only supported in simple alt or alt_inline message types + * To generate iCal event structures, use classes like EasyPeasyICS or iCalcreator. + * + * @see http://sprain.ch/blog/downloads/php-class-easypeasyics-create-ical-files-with-php/ + * @see http://kigkonsult.se/iCalcreator/ + * + * @var string + */ + public $Ical = ''; + + /** + * Value-array of "method" in Contenttype header "text/calendar" + * + * @var string[] + */ + protected static $IcalMethods = [ + self::ICAL_METHOD_REQUEST, + self::ICAL_METHOD_PUBLISH, + self::ICAL_METHOD_REPLY, + self::ICAL_METHOD_ADD, + self::ICAL_METHOD_CANCEL, + self::ICAL_METHOD_REFRESH, + self::ICAL_METHOD_COUNTER, + self::ICAL_METHOD_DECLINECOUNTER, + ]; + + /** + * The complete compiled MIME message body. + * + * @var string + */ + protected $MIMEBody = ''; + + /** + * The complete compiled MIME message headers. + * + * @var string + */ + protected $MIMEHeader = ''; + + /** + * Extra headers that createHeader() doesn't fold in. + * + * @var string + */ + protected $mailHeader = ''; + + /** + * Word-wrap the message body to this number of chars. + * Set to 0 to not wrap. A useful value here is 78, for RFC2822 section 2.1.1 compliance. + * + * @see static::STD_LINE_LENGTH + * + * @var int + */ + public $WordWrap = 0; + + /** + * Which method to use to send mail. + * Options: "mail", "sendmail", or "smtp". + * + * @var string + */ + public $Mailer = 'mail'; + + /** + * The path to the sendmail program. + * + * @var string + */ + public $Sendmail = '/usr/sbin/sendmail'; + + /** + * Whether mail() uses a fully sendmail-compatible MTA. + * One which supports sendmail's "-oi -f" options. + * + * @var bool + */ + public $UseSendmailOptions = true; + + /** + * The email address that a reading confirmation should be sent to, also known as read receipt. + * + * @var string + */ + public $ConfirmReadingTo = ''; + + /** + * The hostname to use in the Message-ID header and as default HELO string. + * If empty, PHPMailer attempts to find one with, in order, + * $_SERVER['SERVER_NAME'], gethostname(), php_uname('n'), or the value + * 'localhost.localdomain'. + * + * @see PHPMailer::$Helo + * + * @var string + */ + public $Hostname = ''; + + /** + * An ID to be used in the Message-ID header. + * If empty, a unique id will be generated. + * You can set your own, but it must be in the format "", + * as defined in RFC5322 section 3.6.4 or it will be ignored. + * + * @see https://tools.ietf.org/html/rfc5322#section-3.6.4 + * + * @var string + */ + public $MessageID = ''; + + /** + * The message Date to be used in the Date header. + * If empty, the current date will be added. + * + * @var string + */ + public $MessageDate = ''; + + /** + * SMTP hosts. + * Either a single hostname or multiple semicolon-delimited hostnames. + * You can also specify a different port + * for each host by using this format: [hostname:port] + * (e.g. "smtp1.example.com:25;smtp2.example.com"). + * You can also specify encryption type, for example: + * (e.g. "tls://smtp1.example.com:587;ssl://smtp2.example.com:465"). + * Hosts will be tried in order. + * + * @var string + */ + public $Host = 'localhost'; + + /** + * The default SMTP server port. + * + * @var int + */ + public $Port = 25; + + /** + * The SMTP HELO/EHLO name used for the SMTP connection. + * Default is $Hostname. If $Hostname is empty, PHPMailer attempts to find + * one with the same method described above for $Hostname. + * + * @see PHPMailer::$Hostname + * + * @var string + */ + public $Helo = ''; + + /** + * What kind of encryption to use on the SMTP connection. + * Options: '', static::ENCRYPTION_STARTTLS, or static::ENCRYPTION_SMTPS. + * + * @var string + */ + public $SMTPSecure = ''; + + /** + * Whether to enable TLS encryption automatically if a server supports it, + * even if `SMTPSecure` is not set to 'tls'. + * Be aware that in PHP >= 5.6 this requires that the server's certificates are valid. + * + * @var bool + */ + public $SMTPAutoTLS = true; + + /** + * Whether to use SMTP authentication. + * Uses the Username and Password properties. + * + * @see PHPMailer::$Username + * @see PHPMailer::$Password + * + * @var bool + */ + public $SMTPAuth = false; + + /** + * Options array passed to stream_context_create when connecting via SMTP. + * + * @var array + */ + public $SMTPOptions = []; + + /** + * SMTP username. + * + * @var string + */ + public $Username = ''; + + /** + * SMTP password. + * + * @var string + */ + public $Password = ''; + + /** + * SMTP authentication type. Options are CRAM-MD5, LOGIN, PLAIN, XOAUTH2. + * If not specified, the first one from that list that the server supports will be selected. + * + * @var string + */ + public $AuthType = ''; + + /** + * An implementation of the PHPMailer OAuthTokenProvider interface. + * + * @var OAuthTokenProvider + */ + protected $oauth; + + /** + * The SMTP server timeout in seconds. + * Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2. + * + * @var int + */ + public $Timeout = 300; + + /** + * Comma separated list of DSN notifications + * 'NEVER' under no circumstances a DSN must be returned to the sender. + * If you use NEVER all other notifications will be ignored. + * 'SUCCESS' will notify you when your mail has arrived at its destination. + * 'FAILURE' will arrive if an error occurred during delivery. + * 'DELAY' will notify you if there is an unusual delay in delivery, but the actual + * delivery's outcome (success or failure) is not yet decided. + * + * @see https://tools.ietf.org/html/rfc3461 See section 4.1 for more information about NOTIFY + */ + public $dsn = ''; + + /** + * SMTP class debug output mode. + * Debug output level. + * Options: + * @see SMTP::DEBUG_OFF: No output + * @see SMTP::DEBUG_CLIENT: Client messages + * @see SMTP::DEBUG_SERVER: Client and server messages + * @see SMTP::DEBUG_CONNECTION: As SERVER plus connection status + * @see SMTP::DEBUG_LOWLEVEL: Noisy, low-level data output, rarely needed + * + * @see SMTP::$do_debug + * + * @var int + */ + public $SMTPDebug = 0; + + /** + * How to handle debug output. + * Options: + * * `echo` Output plain-text as-is, appropriate for CLI + * * `html` Output escaped, line breaks converted to `
    `, appropriate for browser output + * * `error_log` Output to error log as configured in php.ini + * By default PHPMailer will use `echo` if run from a `cli` or `cli-server` SAPI, `html` otherwise. + * Alternatively, you can provide a callable expecting two params: a message string and the debug level: + * + * ```php + * $mail->Debugoutput = function($str, $level) {echo "debug level $level; message: $str";}; + * ``` + * + * Alternatively, you can pass in an instance of a PSR-3 compatible logger, though only `debug` + * level output is used: + * + * ```php + * $mail->Debugoutput = new myPsr3Logger; + * ``` + * + * @see SMTP::$Debugoutput + * + * @var string|callable|\Psr\Log\LoggerInterface + */ + public $Debugoutput = 'echo'; + + /** + * Whether to keep the SMTP connection open after each message. + * If this is set to true then the connection will remain open after a send, + * and closing the connection will require an explicit call to smtpClose(). + * It's a good idea to use this if you are sending multiple messages as it reduces overhead. + * See the mailing list example for how to use it. + * + * @var bool + */ + public $SMTPKeepAlive = false; + + /** + * Whether to split multiple to addresses into multiple messages + * or send them all in one message. + * Only supported in `mail` and `sendmail` transports, not in SMTP. + * + * @var bool + * + * @deprecated 6.0.0 PHPMailer isn't a mailing list manager! + */ + public $SingleTo = false; + + /** + * Storage for addresses when SingleTo is enabled. + * + * @var array + */ + protected $SingleToArray = []; + + /** + * Whether to generate VERP addresses on send. + * Only applicable when sending via SMTP. + * + * @see https://en.wikipedia.org/wiki/Variable_envelope_return_path + * @see http://www.postfix.org/VERP_README.html Postfix VERP info + * + * @var bool + */ + public $do_verp = false; + + /** + * Whether to allow sending messages with an empty body. + * + * @var bool + */ + public $AllowEmpty = false; + + /** + * DKIM selector. + * + * @var string + */ + public $DKIM_selector = ''; + + /** + * DKIM Identity. + * Usually the email address used as the source of the email. + * + * @var string + */ + public $DKIM_identity = ''; + + /** + * DKIM passphrase. + * Used if your key is encrypted. + * + * @var string + */ + public $DKIM_passphrase = ''; + + /** + * DKIM signing domain name. + * + * @example 'example.com' + * + * @var string + */ + public $DKIM_domain = ''; + + /** + * DKIM Copy header field values for diagnostic use. + * + * @var bool + */ + public $DKIM_copyHeaderFields = true; + + /** + * DKIM Extra signing headers. + * + * @example ['List-Unsubscribe', 'List-Help'] + * + * @var array + */ + public $DKIM_extraHeaders = []; + + /** + * DKIM private key file path. + * + * @var string + */ + public $DKIM_private = ''; + + /** + * DKIM private key string. + * + * If set, takes precedence over `$DKIM_private`. + * + * @var string + */ + public $DKIM_private_string = ''; + + /** + * Callback Action function name. + * + * The function that handles the result of the send email action. + * It is called out by send() for each email sent. + * + * Value can be any php callable: http://www.php.net/is_callable + * + * Parameters: + * bool $result result of the send action + * array $to email addresses of the recipients + * array $cc cc email addresses + * array $bcc bcc email addresses + * string $subject the subject + * string $body the email body + * string $from email address of sender + * string $extra extra information of possible use + * "smtp_transaction_id' => last smtp transaction id + * + * @var string + */ + public $action_function = ''; + + /** + * What to put in the X-Mailer header. + * Options: An empty string for PHPMailer default, whitespace/null for none, or a string to use. + * + * @var string|null + */ + public $XMailer = ''; + + /** + * Which validator to use by default when validating email addresses. + * May be a callable to inject your own validator, but there are several built-in validators. + * The default validator uses PHP's FILTER_VALIDATE_EMAIL filter_var option. + * + * @see PHPMailer::validateAddress() + * + * @var string|callable + */ + public static $validator = 'php'; + + /** + * An instance of the SMTP sender class. + * + * @var SMTP + */ + protected $smtp; + + /** + * The array of 'to' names and addresses. + * + * @var array + */ + protected $to = []; + + /** + * The array of 'cc' names and addresses. + * + * @var array + */ + protected $cc = []; + + /** + * The array of 'bcc' names and addresses. + * + * @var array + */ + protected $bcc = []; + + /** + * The array of reply-to names and addresses. + * + * @var array + */ + protected $ReplyTo = []; + + /** + * An array of all kinds of addresses. + * Includes all of $to, $cc, $bcc. + * + * @see PHPMailer::$to + * @see PHPMailer::$cc + * @see PHPMailer::$bcc + * + * @var array + */ + protected $all_recipients = []; + + /** + * An array of names and addresses queued for validation. + * In send(), valid and non duplicate entries are moved to $all_recipients + * and one of $to, $cc, or $bcc. + * This array is used only for addresses with IDN. + * + * @see PHPMailer::$to + * @see PHPMailer::$cc + * @see PHPMailer::$bcc + * @see PHPMailer::$all_recipients + * + * @var array + */ + protected $RecipientsQueue = []; + + /** + * An array of reply-to names and addresses queued for validation. + * In send(), valid and non duplicate entries are moved to $ReplyTo. + * This array is used only for addresses with IDN. + * + * @see PHPMailer::$ReplyTo + * + * @var array + */ + protected $ReplyToQueue = []; + + /** + * The array of attachments. + * + * @var array + */ + protected $attachment = []; + + /** + * The array of custom headers. + * + * @var array + */ + protected $CustomHeader = []; + + /** + * The most recent Message-ID (including angular brackets). + * + * @var string + */ + protected $lastMessageID = ''; + + /** + * The message's MIME type. + * + * @var string + */ + protected $message_type = ''; + + /** + * The array of MIME boundary strings. + * + * @var array + */ + protected $boundary = []; + + /** + * The array of available text strings for the current language. + * + * @var array + */ + protected $language = []; + + /** + * The number of errors encountered. + * + * @var int + */ + protected $error_count = 0; + + /** + * The S/MIME certificate file path. + * + * @var string + */ + protected $sign_cert_file = ''; + + /** + * The S/MIME key file path. + * + * @var string + */ + protected $sign_key_file = ''; + + /** + * The optional S/MIME extra certificates ("CA Chain") file path. + * + * @var string + */ + protected $sign_extracerts_file = ''; + + /** + * The S/MIME password for the key. + * Used only if the key is encrypted. + * + * @var string + */ + protected $sign_key_pass = ''; + + /** + * Whether to throw exceptions for errors. + * + * @var bool + */ + protected $exceptions = false; + + /** + * Unique ID used for message ID and boundaries. + * + * @var string + */ + protected $uniqueid = ''; + + /** + * The PHPMailer Version number. + * + * @var string + */ + const VERSION = '6.8.1'; + + /** + * Error severity: message only, continue processing. + * + * @var int + */ + const STOP_MESSAGE = 0; + + /** + * Error severity: message, likely ok to continue processing. + * + * @var int + */ + const STOP_CONTINUE = 1; + + /** + * Error severity: message, plus full stop, critical error reached. + * + * @var int + */ + const STOP_CRITICAL = 2; + + /** + * The SMTP standard CRLF line break. + * If you want to change line break format, change static::$LE, not this. + */ + const CRLF = "\r\n"; + + /** + * "Folding White Space" a white space string used for line folding. + */ + const FWS = ' '; + + /** + * SMTP RFC standard line ending; Carriage Return, Line Feed. + * + * @var string + */ + protected static $LE = self::CRLF; + + /** + * The maximum line length supported by mail(). + * + * Background: mail() will sometimes corrupt messages + * with headers longer than 65 chars, see #818. + * + * @var int + */ + const MAIL_MAX_LINE_LENGTH = 63; + + /** + * The maximum line length allowed by RFC 2822 section 2.1.1. + * + * @var int + */ + const MAX_LINE_LENGTH = 998; + + /** + * The lower maximum line length allowed by RFC 2822 section 2.1.1. + * This length does NOT include the line break + * 76 means that lines will be 77 or 78 chars depending on whether + * the line break format is LF or CRLF; both are valid. + * + * @var int + */ + const STD_LINE_LENGTH = 76; + + /** + * Constructor. + * + * @param bool $exceptions Should we throw external exceptions? + */ + public function __construct($exceptions = null) + { + if (null !== $exceptions) { + $this->exceptions = (bool) $exceptions; + } + //Pick an appropriate debug output format automatically + $this->Debugoutput = (strpos(PHP_SAPI, 'cli') !== false ? 'echo' : 'html'); + } + + /** + * Destructor. + */ + public function __destruct() + { + //Close any open SMTP connection nicely + $this->smtpClose(); + } + + /** + * Call mail() in a safe_mode-aware fashion. + * Also, unless sendmail_path points to sendmail (or something that + * claims to be sendmail), don't pass params (not a perfect fix, + * but it will do). + * + * @param string $to To + * @param string $subject Subject + * @param string $body Message Body + * @param string $header Additional Header(s) + * @param string|null $params Params + * + * @return bool + */ + private function mailPassthru($to, $subject, $body, $header, $params) + { + //Check overloading of mail function to avoid double-encoding + if ((int)ini_get('mbstring.func_overload') & 1) { + $subject = $this->secureHeader($subject); + } else { + $subject = $this->encodeHeader($this->secureHeader($subject)); + } + //Calling mail() with null params breaks + $this->edebug('Sending with mail()'); + $this->edebug('Sendmail path: ' . ini_get('sendmail_path')); + $this->edebug("Envelope sender: {$this->Sender}"); + $this->edebug("To: {$to}"); + $this->edebug("Subject: {$subject}"); + $this->edebug("Headers: {$header}"); + if (!$this->UseSendmailOptions || null === $params) { + $result = @mail($to, $subject, $body, $header); + } else { + $this->edebug("Additional params: {$params}"); + $result = @mail($to, $subject, $body, $header, $params); + } + $this->edebug('Result: ' . ($result ? 'true' : 'false')); + return $result; + } + + /** + * Output debugging info via a user-defined method. + * Only generates output if debug output is enabled. + * + * @see PHPMailer::$Debugoutput + * @see PHPMailer::$SMTPDebug + * + * @param string $str + */ + protected function edebug($str) + { + if ($this->SMTPDebug <= 0) { + return; + } + //Is this a PSR-3 logger? + if ($this->Debugoutput instanceof \Psr\Log\LoggerInterface) { + $this->Debugoutput->debug($str); + + return; + } + //Avoid clash with built-in function names + if (is_callable($this->Debugoutput) && !in_array($this->Debugoutput, ['error_log', 'html', 'echo'])) { + call_user_func($this->Debugoutput, $str, $this->SMTPDebug); + + return; + } + switch ($this->Debugoutput) { + case 'error_log': + //Don't output, just log + /** @noinspection ForgottenDebugOutputInspection */ + error_log($str); + break; + case 'html': + //Cleans up output a bit for a better looking, HTML-safe output + echo htmlentities( + preg_replace('/[\r\n]+/', '', $str), + ENT_QUOTES, + 'UTF-8' + ), "
    \n"; + break; + case 'echo': + default: + //Normalize line breaks + $str = preg_replace('/\r\n|\r/m', "\n", $str); + echo gmdate('Y-m-d H:i:s'), + "\t", + //Trim trailing space + trim( + //Indent for readability, except for trailing break + str_replace( + "\n", + "\n \t ", + trim($str) + ) + ), + "\n"; + } + } + + /** + * Sets message type to HTML or plain. + * + * @param bool $isHtml True for HTML mode + */ + public function isHTML($isHtml = true) + { + if ($isHtml) { + $this->ContentType = static::CONTENT_TYPE_TEXT_HTML; + } else { + $this->ContentType = static::CONTENT_TYPE_PLAINTEXT; + } + } + + /** + * Send messages using SMTP. + */ + public function isSMTP() + { + $this->Mailer = 'smtp'; + } + + /** + * Send messages using PHP's mail() function. + */ + public function isMail() + { + $this->Mailer = 'mail'; + } + + /** + * Send messages using $Sendmail. + */ + public function isSendmail() + { + $ini_sendmail_path = ini_get('sendmail_path'); + + if (false === stripos($ini_sendmail_path, 'sendmail')) { + $this->Sendmail = '/usr/sbin/sendmail'; + } else { + $this->Sendmail = $ini_sendmail_path; + } + $this->Mailer = 'sendmail'; + } + + /** + * Send messages using qmail. + */ + public function isQmail() + { + $ini_sendmail_path = ini_get('sendmail_path'); + + if (false === stripos($ini_sendmail_path, 'qmail')) { + $this->Sendmail = '/var/qmail/bin/qmail-inject'; + } else { + $this->Sendmail = $ini_sendmail_path; + } + $this->Mailer = 'qmail'; + } + + /** + * Add a "To" address. + * + * @param string $address The email address to send to + * @param string $name + * + * @throws Exception + * + * @return bool true on success, false if address already used or invalid in some way + */ + public function addAddress($address, $name = '') + { + return $this->addOrEnqueueAnAddress('to', $address, $name); + } + + /** + * Add a "CC" address. + * + * @param string $address The email address to send to + * @param string $name + * + * @throws Exception + * + * @return bool true on success, false if address already used or invalid in some way + */ + public function addCC($address, $name = '') + { + return $this->addOrEnqueueAnAddress('cc', $address, $name); + } + + /** + * Add a "BCC" address. + * + * @param string $address The email address to send to + * @param string $name + * + * @throws Exception + * + * @return bool true on success, false if address already used or invalid in some way + */ + public function addBCC($address, $name = '') + { + return $this->addOrEnqueueAnAddress('bcc', $address, $name); + } + + /** + * Add a "Reply-To" address. + * + * @param string $address The email address to reply to + * @param string $name + * + * @throws Exception + * + * @return bool true on success, false if address already used or invalid in some way + */ + public function addReplyTo($address, $name = '') + { + return $this->addOrEnqueueAnAddress('Reply-To', $address, $name); + } + + /** + * Add an address to one of the recipient arrays or to the ReplyTo array. Because PHPMailer + * can't validate addresses with an IDN without knowing the PHPMailer::$CharSet (that can still + * be modified after calling this function), addition of such addresses is delayed until send(). + * Addresses that have been added already return false, but do not throw exceptions. + * + * @param string $kind One of 'to', 'cc', 'bcc', or 'ReplyTo' + * @param string $address The email address + * @param string $name An optional username associated with the address + * + * @throws Exception + * + * @return bool true on success, false if address already used or invalid in some way + */ + protected function addOrEnqueueAnAddress($kind, $address, $name) + { + $pos = false; + if ($address !== null) { + $address = trim($address); + $pos = strrpos($address, '@'); + } + if (false === $pos) { + //At-sign is missing. + $error_message = sprintf( + '%s (%s): %s', + $this->lang('invalid_address'), + $kind, + $address + ); + $this->setError($error_message); + $this->edebug($error_message); + if ($this->exceptions) { + throw new Exception($error_message); + } + + return false; + } + if ($name !== null && is_string($name)) { + $name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim + } else { + $name = ''; + } + $params = [$kind, $address, $name]; + //Enqueue addresses with IDN until we know the PHPMailer::$CharSet. + //Domain is assumed to be whatever is after the last @ symbol in the address + if (static::idnSupported() && $this->has8bitChars(substr($address, ++$pos))) { + if ('Reply-To' !== $kind) { + if (!array_key_exists($address, $this->RecipientsQueue)) { + $this->RecipientsQueue[$address] = $params; + + return true; + } + } elseif (!array_key_exists($address, $this->ReplyToQueue)) { + $this->ReplyToQueue[$address] = $params; + + return true; + } + + return false; + } + + //Immediately add standard addresses without IDN. + return call_user_func_array([$this, 'addAnAddress'], $params); + } + + /** + * Set the boundaries to use for delimiting MIME parts. + * If you override this, ensure you set all 3 boundaries to unique values. + * The default boundaries include a "=_" sequence which cannot occur in quoted-printable bodies, + * as suggested by https://www.rfc-editor.org/rfc/rfc2045#section-6.7 + * + * @return void + */ + public function setBoundaries() + { + $this->uniqueid = $this->generateId(); + $this->boundary[1] = 'b1=_' . $this->uniqueid; + $this->boundary[2] = 'b2=_' . $this->uniqueid; + $this->boundary[3] = 'b3=_' . $this->uniqueid; + } + + /** + * Add an address to one of the recipient arrays or to the ReplyTo array. + * Addresses that have been added already return false, but do not throw exceptions. + * + * @param string $kind One of 'to', 'cc', 'bcc', or 'ReplyTo' + * @param string $address The email address to send, resp. to reply to + * @param string $name + * + * @throws Exception + * + * @return bool true on success, false if address already used or invalid in some way + */ + protected function addAnAddress($kind, $address, $name = '') + { + if (!in_array($kind, ['to', 'cc', 'bcc', 'Reply-To'])) { + $error_message = sprintf( + '%s: %s', + $this->lang('Invalid recipient kind'), + $kind + ); + $this->setError($error_message); + $this->edebug($error_message); + if ($this->exceptions) { + throw new Exception($error_message); + } + + return false; + } + if (!static::validateAddress($address)) { + $error_message = sprintf( + '%s (%s): %s', + $this->lang('invalid_address'), + $kind, + $address + ); + $this->setError($error_message); + $this->edebug($error_message); + if ($this->exceptions) { + throw new Exception($error_message); + } + + return false; + } + if ('Reply-To' !== $kind) { + if (!array_key_exists(strtolower($address), $this->all_recipients)) { + $this->{$kind}[] = [$address, $name]; + $this->all_recipients[strtolower($address)] = true; + + return true; + } + } elseif (!array_key_exists(strtolower($address), $this->ReplyTo)) { + $this->ReplyTo[strtolower($address)] = [$address, $name]; + + return true; + } + + return false; + } + + /** + * Parse and validate a string containing one or more RFC822-style comma-separated email addresses + * of the form "display name
    " into an array of name/address pairs. + * Uses the imap_rfc822_parse_adrlist function if the IMAP extension is available. + * Note that quotes in the name part are removed. + * + * @see http://www.andrew.cmu.edu/user/agreen1/testing/mrbs/web/Mail/RFC822.php A more careful implementation + * + * @param string $addrstr The address list string + * @param bool $useimap Whether to use the IMAP extension to parse the list + * @param string $charset The charset to use when decoding the address list string. + * + * @return array + */ + public static function parseAddresses($addrstr, $useimap = true, $charset = self::CHARSET_ISO88591) + { + $addresses = []; + if ($useimap && function_exists('imap_rfc822_parse_adrlist')) { + //Use this built-in parser if it's available + $list = imap_rfc822_parse_adrlist($addrstr, ''); + // Clear any potential IMAP errors to get rid of notices being thrown at end of script. + imap_errors(); + foreach ($list as $address) { + if ( + '.SYNTAX-ERROR.' !== $address->host && + static::validateAddress($address->mailbox . '@' . $address->host) + ) { + //Decode the name part if it's present and encoded + if ( + property_exists($address, 'personal') && + //Check for a Mbstring constant rather than using extension_loaded, which is sometimes disabled + defined('MB_CASE_UPPER') && + preg_match('/^=\?.*\?=$/s', $address->personal) + ) { + $origCharset = mb_internal_encoding(); + mb_internal_encoding($charset); + //Undo any RFC2047-encoded spaces-as-underscores + $address->personal = str_replace('_', '=20', $address->personal); + //Decode the name + $address->personal = mb_decode_mimeheader($address->personal); + mb_internal_encoding($origCharset); + } + + $addresses[] = [ + 'name' => (property_exists($address, 'personal') ? $address->personal : ''), + 'address' => $address->mailbox . '@' . $address->host, + ]; + } + } + } else { + //Use this simpler parser + $list = explode(',', $addrstr); + foreach ($list as $address) { + $address = trim($address); + //Is there a separate name part? + if (strpos($address, '<') === false) { + //No separate name, just use the whole thing + if (static::validateAddress($address)) { + $addresses[] = [ + 'name' => '', + 'address' => $address, + ]; + } + } else { + list($name, $email) = explode('<', $address); + $email = trim(str_replace('>', '', $email)); + $name = trim($name); + if (static::validateAddress($email)) { + //Check for a Mbstring constant rather than using extension_loaded, which is sometimes disabled + //If this name is encoded, decode it + if (defined('MB_CASE_UPPER') && preg_match('/^=\?.*\?=$/s', $name)) { + $origCharset = mb_internal_encoding(); + mb_internal_encoding($charset); + //Undo any RFC2047-encoded spaces-as-underscores + $name = str_replace('_', '=20', $name); + //Decode the name + $name = mb_decode_mimeheader($name); + mb_internal_encoding($origCharset); + } + $addresses[] = [ + //Remove any surrounding quotes and spaces from the name + 'name' => trim($name, '\'" '), + 'address' => $email, + ]; + } + } + } + } + + return $addresses; + } + + /** + * Set the From and FromName properties. + * + * @param string $address + * @param string $name + * @param bool $auto Whether to also set the Sender address, defaults to true + * + * @throws Exception + * + * @return bool + */ + public function setFrom($address, $name = '', $auto = true) + { + $address = trim((string)$address); + $name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim + //Don't validate now addresses with IDN. Will be done in send(). + $pos = strrpos($address, '@'); + if ( + (false === $pos) + || ((!$this->has8bitChars(substr($address, ++$pos)) || !static::idnSupported()) + && !static::validateAddress($address)) + ) { + $error_message = sprintf( + '%s (From): %s', + $this->lang('invalid_address'), + $address + ); + $this->setError($error_message); + $this->edebug($error_message); + if ($this->exceptions) { + throw new Exception($error_message); + } + + return false; + } + $this->From = $address; + $this->FromName = $name; + if ($auto && empty($this->Sender)) { + $this->Sender = $address; + } + + return true; + } + + /** + * Return the Message-ID header of the last email. + * Technically this is the value from the last time the headers were created, + * but it's also the message ID of the last sent message except in + * pathological cases. + * + * @return string + */ + public function getLastMessageID() + { + return $this->lastMessageID; + } + + /** + * Check that a string looks like an email address. + * Validation patterns supported: + * * `auto` Pick best pattern automatically; + * * `pcre8` Use the squiloople.com pattern, requires PCRE > 8.0; + * * `pcre` Use old PCRE implementation; + * * `php` Use PHP built-in FILTER_VALIDATE_EMAIL; + * * `html5` Use the pattern given by the HTML5 spec for 'email' type form input elements. + * * `noregex` Don't use a regex: super fast, really dumb. + * Alternatively you may pass in a callable to inject your own validator, for example: + * + * ```php + * PHPMailer::validateAddress('user@example.com', function($address) { + * return (strpos($address, '@') !== false); + * }); + * ``` + * + * You can also set the PHPMailer::$validator static to a callable, allowing built-in methods to use your validator. + * + * @param string $address The email address to check + * @param string|callable $patternselect Which pattern to use + * + * @return bool + */ + public static function validateAddress($address, $patternselect = null) + { + if (null === $patternselect) { + $patternselect = static::$validator; + } + //Don't allow strings as callables, see SECURITY.md and CVE-2021-3603 + if (is_callable($patternselect) && !is_string($patternselect)) { + return call_user_func($patternselect, $address); + } + //Reject line breaks in addresses; it's valid RFC5322, but not RFC5321 + if (strpos($address, "\n") !== false || strpos($address, "\r") !== false) { + return false; + } + switch ($patternselect) { + case 'pcre': //Kept for BC + case 'pcre8': + /* + * A more complex and more permissive version of the RFC5322 regex on which FILTER_VALIDATE_EMAIL + * is based. + * In addition to the addresses allowed by filter_var, also permits: + * * dotless domains: `a@b` + * * comments: `1234 @ local(blah) .machine .example` + * * quoted elements: `'"test blah"@example.org'` + * * numeric TLDs: `a@b.123` + * * unbracketed IPv4 literals: `a@192.168.0.1` + * * IPv6 literals: 'first.last@[IPv6:a1::]' + * Not all of these will necessarily work for sending! + * + * @see http://squiloople.com/2009/12/20/email-address-validation/ + * @copyright 2009-2010 Michael Rushton + * Feel free to use and redistribute this code. But please keep this copyright notice. + */ + return (bool) preg_match( + '/^(?!(?>(?1)"?(?>\\\[ -~]|[^"])"?(?1)){255,})(?!(?>(?1)"?(?>\\\[ -~]|[^"])"?(?1)){65,}@)' . + '((?>(?>(?>((?>(?>(?>\x0D\x0A)?[\t ])+|(?>[\t ]*\x0D\x0A)?[\t ]+)?)(\((?>(?2)' . + '(?>[\x01-\x08\x0B\x0C\x0E-\'*-\[\]-\x7F]|\\\[\x00-\x7F]|(?3)))*(?2)\)))+(?2))|(?2))?)' . + '([!#-\'*+\/-9=?^-~-]+|"(?>(?2)(?>[\x01-\x08\x0B\x0C\x0E-!#-\[\]-\x7F]|\\\[\x00-\x7F]))*' . + '(?2)")(?>(?1)\.(?1)(?4))*(?1)@(?!(?1)[a-z0-9-]{64,})(?1)(?>([a-z0-9](?>[a-z0-9-]*[a-z0-9])?)' . + '(?>(?1)\.(?!(?1)[a-z0-9-]{64,})(?1)(?5)){0,126}|\[(?:(?>IPv6:(?>([a-f0-9]{1,4})(?>:(?6)){7}' . + '|(?!(?:.*[a-f0-9][:\]]){8,})((?6)(?>:(?6)){0,6})?::(?7)?))|(?>(?>IPv6:(?>(?6)(?>:(?6)){5}:' . + '|(?!(?:.*[a-f0-9]:){6,})(?8)?::(?>((?6)(?>:(?6)){0,4}):)?))?(25[0-5]|2[0-4][0-9]|1[0-9]{2}' . + '|[1-9]?[0-9])(?>\.(?9)){3}))\])(?1)$/isD', + $address + ); + case 'html5': + /* + * This is the pattern used in the HTML5 spec for validation of 'email' type form input elements. + * + * @see https://html.spec.whatwg.org/#e-mail-state-(type=email) + */ + return (bool) preg_match( + '/^[a-zA-Z0-9.!#$%&\'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}' . + '[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/sD', + $address + ); + case 'php': + default: + return filter_var($address, FILTER_VALIDATE_EMAIL) !== false; + } + } + + /** + * Tells whether IDNs (Internationalized Domain Names) are supported or not. This requires the + * `intl` and `mbstring` PHP extensions. + * + * @return bool `true` if required functions for IDN support are present + */ + public static function idnSupported() + { + return function_exists('idn_to_ascii') && function_exists('mb_convert_encoding'); + } + + /** + * Converts IDN in given email address to its ASCII form, also known as punycode, if possible. + * Important: Address must be passed in same encoding as currently set in PHPMailer::$CharSet. + * This function silently returns unmodified address if: + * - No conversion is necessary (i.e. domain name is not an IDN, or is already in ASCII form) + * - Conversion to punycode is impossible (e.g. required PHP functions are not available) + * or fails for any reason (e.g. domain contains characters not allowed in an IDN). + * + * @see PHPMailer::$CharSet + * + * @param string $address The email address to convert + * + * @return string The encoded address in ASCII form + */ + public function punyencodeAddress($address) + { + //Verify we have required functions, CharSet, and at-sign. + $pos = strrpos($address, '@'); + if ( + !empty($this->CharSet) && + false !== $pos && + static::idnSupported() + ) { + $domain = substr($address, ++$pos); + //Verify CharSet string is a valid one, and domain properly encoded in this CharSet. + if ($this->has8bitChars($domain) && @mb_check_encoding($domain, $this->CharSet)) { + //Convert the domain from whatever charset it's in to UTF-8 + $domain = mb_convert_encoding($domain, self::CHARSET_UTF8, $this->CharSet); + //Ignore IDE complaints about this line - method signature changed in PHP 5.4 + $errorcode = 0; + if (defined('INTL_IDNA_VARIANT_UTS46')) { + //Use the current punycode standard (appeared in PHP 7.2) + $punycode = idn_to_ascii( + $domain, + \IDNA_DEFAULT | \IDNA_USE_STD3_RULES | \IDNA_CHECK_BIDI | + \IDNA_CHECK_CONTEXTJ | \IDNA_NONTRANSITIONAL_TO_ASCII, + \INTL_IDNA_VARIANT_UTS46 + ); + } elseif (defined('INTL_IDNA_VARIANT_2003')) { + //Fall back to this old, deprecated/removed encoding + $punycode = idn_to_ascii($domain, $errorcode, \INTL_IDNA_VARIANT_2003); + } else { + //Fall back to a default we don't know about + $punycode = idn_to_ascii($domain, $errorcode); + } + if (false !== $punycode) { + return substr($address, 0, $pos) . $punycode; + } + } + } + + return $address; + } + + /** + * Create a message and send it. + * Uses the sending method specified by $Mailer. + * + * @throws Exception + * + * @return bool false on error - See the ErrorInfo property for details of the error + */ + public function send() + { + try { + if (!$this->preSend()) { + return false; + } + + return $this->postSend(); + } catch (Exception $exc) { + $this->mailHeader = ''; + $this->setError($exc->getMessage()); + if ($this->exceptions) { + throw $exc; + } + + return false; + } + } + + /** + * Prepare a message for sending. + * + * @throws Exception + * + * @return bool + */ + public function preSend() + { + if ( + 'smtp' === $this->Mailer + || ('mail' === $this->Mailer && (\PHP_VERSION_ID >= 80000 || stripos(PHP_OS, 'WIN') === 0)) + ) { + //SMTP mandates RFC-compliant line endings + //and it's also used with mail() on Windows + static::setLE(self::CRLF); + } else { + //Maintain backward compatibility with legacy Linux command line mailers + static::setLE(PHP_EOL); + } + //Check for buggy PHP versions that add a header with an incorrect line break + if ( + 'mail' === $this->Mailer + && ((\PHP_VERSION_ID >= 70000 && \PHP_VERSION_ID < 70017) + || (\PHP_VERSION_ID >= 70100 && \PHP_VERSION_ID < 70103)) + && ini_get('mail.add_x_header') === '1' + && stripos(PHP_OS, 'WIN') === 0 + ) { + trigger_error($this->lang('buggy_php'), E_USER_WARNING); + } + + try { + $this->error_count = 0; //Reset errors + $this->mailHeader = ''; + + //Dequeue recipient and Reply-To addresses with IDN + foreach (array_merge($this->RecipientsQueue, $this->ReplyToQueue) as $params) { + $params[1] = $this->punyencodeAddress($params[1]); + call_user_func_array([$this, 'addAnAddress'], $params); + } + if (count($this->to) + count($this->cc) + count($this->bcc) < 1) { + throw new Exception($this->lang('provide_address'), self::STOP_CRITICAL); + } + + //Validate From, Sender, and ConfirmReadingTo addresses + foreach (['From', 'Sender', 'ConfirmReadingTo'] as $address_kind) { + $this->{$address_kind} = trim($this->{$address_kind}); + if (empty($this->{$address_kind})) { + continue; + } + $this->{$address_kind} = $this->punyencodeAddress($this->{$address_kind}); + if (!static::validateAddress($this->{$address_kind})) { + $error_message = sprintf( + '%s (%s): %s', + $this->lang('invalid_address'), + $address_kind, + $this->{$address_kind} + ); + $this->setError($error_message); + $this->edebug($error_message); + if ($this->exceptions) { + throw new Exception($error_message); + } + + return false; + } + } + + //Set whether the message is multipart/alternative + if ($this->alternativeExists()) { + $this->ContentType = static::CONTENT_TYPE_MULTIPART_ALTERNATIVE; + } + + $this->setMessageType(); + //Refuse to send an empty message unless we are specifically allowing it + if (!$this->AllowEmpty && empty($this->Body)) { + throw new Exception($this->lang('empty_message'), self::STOP_CRITICAL); + } + + //Trim subject consistently + $this->Subject = trim($this->Subject); + //Create body before headers in case body makes changes to headers (e.g. altering transfer encoding) + $this->MIMEHeader = ''; + $this->MIMEBody = $this->createBody(); + //createBody may have added some headers, so retain them + $tempheaders = $this->MIMEHeader; + $this->MIMEHeader = $this->createHeader(); + $this->MIMEHeader .= $tempheaders; + + //To capture the complete message when using mail(), create + //an extra header list which createHeader() doesn't fold in + if ('mail' === $this->Mailer) { + if (count($this->to) > 0) { + $this->mailHeader .= $this->addrAppend('To', $this->to); + } else { + $this->mailHeader .= $this->headerLine('To', 'undisclosed-recipients:;'); + } + $this->mailHeader .= $this->headerLine( + 'Subject', + $this->encodeHeader($this->secureHeader($this->Subject)) + ); + } + + //Sign with DKIM if enabled + if ( + !empty($this->DKIM_domain) + && !empty($this->DKIM_selector) + && (!empty($this->DKIM_private_string) + || (!empty($this->DKIM_private) + && static::isPermittedPath($this->DKIM_private) + && file_exists($this->DKIM_private) + ) + ) + ) { + $header_dkim = $this->DKIM_Add( + $this->MIMEHeader . $this->mailHeader, + $this->encodeHeader($this->secureHeader($this->Subject)), + $this->MIMEBody + ); + $this->MIMEHeader = static::stripTrailingWSP($this->MIMEHeader) . static::$LE . + static::normalizeBreaks($header_dkim) . static::$LE; + } + + return true; + } catch (Exception $exc) { + $this->setError($exc->getMessage()); + if ($this->exceptions) { + throw $exc; + } + + return false; + } + } + + /** + * Actually send a message via the selected mechanism. + * + * @throws Exception + * + * @return bool + */ + public function postSend() + { + try { + //Choose the mailer and send through it + switch ($this->Mailer) { + case 'sendmail': + case 'qmail': + return $this->sendmailSend($this->MIMEHeader, $this->MIMEBody); + case 'smtp': + return $this->smtpSend($this->MIMEHeader, $this->MIMEBody); + case 'mail': + return $this->mailSend($this->MIMEHeader, $this->MIMEBody); + default: + $sendMethod = $this->Mailer . 'Send'; + if (method_exists($this, $sendMethod)) { + return $this->{$sendMethod}($this->MIMEHeader, $this->MIMEBody); + } + + return $this->mailSend($this->MIMEHeader, $this->MIMEBody); + } + } catch (Exception $exc) { + $this->setError($exc->getMessage()); + $this->edebug($exc->getMessage()); + if ($this->Mailer === 'smtp' && $this->SMTPKeepAlive == true && $this->smtp->connected()) { + $this->smtp->reset(); + } + if ($this->exceptions) { + throw $exc; + } + } + + return false; + } + + /** + * Send mail using the $Sendmail program. + * + * @see PHPMailer::$Sendmail + * + * @param string $header The message headers + * @param string $body The message body + * + * @throws Exception + * + * @return bool + */ + protected function sendmailSend($header, $body) + { + if ($this->Mailer === 'qmail') { + $this->edebug('Sending with qmail'); + } else { + $this->edebug('Sending with sendmail'); + } + $header = static::stripTrailingWSP($header) . static::$LE . static::$LE; + //This sets the SMTP envelope sender which gets turned into a return-path header by the receiver + //A space after `-f` is optional, but there is a long history of its presence + //causing problems, so we don't use one + //Exim docs: http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html + //Sendmail docs: http://www.sendmail.org/~ca/email/man/sendmail.html + //Qmail docs: http://www.qmail.org/man/man8/qmail-inject.html + //Example problem: https://www.drupal.org/node/1057954 + + //PHP 5.6 workaround + $sendmail_from_value = ini_get('sendmail_from'); + if (empty($this->Sender) && !empty($sendmail_from_value)) { + //PHP config has a sender address we can use + $this->Sender = ini_get('sendmail_from'); + } + //CVE-2016-10033, CVE-2016-10045: Don't pass -f if characters will be escaped. + if (!empty($this->Sender) && static::validateAddress($this->Sender) && self::isShellSafe($this->Sender)) { + if ($this->Mailer === 'qmail') { + $sendmailFmt = '%s -f%s'; + } else { + $sendmailFmt = '%s -oi -f%s -t'; + } + } else { + //allow sendmail to choose a default envelope sender. It may + //seem preferable to force it to use the From header as with + //SMTP, but that introduces new problems (see + //), and + //it has historically worked this way. + $sendmailFmt = '%s -oi -t'; + } + + $sendmail = sprintf($sendmailFmt, escapeshellcmd($this->Sendmail), $this->Sender); + $this->edebug('Sendmail path: ' . $this->Sendmail); + $this->edebug('Sendmail command: ' . $sendmail); + $this->edebug('Envelope sender: ' . $this->Sender); + $this->edebug("Headers: {$header}"); + + if ($this->SingleTo) { + foreach ($this->SingleToArray as $toAddr) { + $mail = @popen($sendmail, 'w'); + if (!$mail) { + throw new Exception($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL); + } + $this->edebug("To: {$toAddr}"); + fwrite($mail, 'To: ' . $toAddr . "\n"); + fwrite($mail, $header); + fwrite($mail, $body); + $result = pclose($mail); + $addrinfo = static::parseAddresses($toAddr, true, $this->CharSet); + $this->doCallback( + ($result === 0), + [[$addrinfo['address'], $addrinfo['name']]], + $this->cc, + $this->bcc, + $this->Subject, + $body, + $this->From, + [] + ); + $this->edebug("Result: " . ($result === 0 ? 'true' : 'false')); + if (0 !== $result) { + throw new Exception($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL); + } + } + } else { + $mail = @popen($sendmail, 'w'); + if (!$mail) { + throw new Exception($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL); + } + fwrite($mail, $header); + fwrite($mail, $body); + $result = pclose($mail); + $this->doCallback( + ($result === 0), + $this->to, + $this->cc, + $this->bcc, + $this->Subject, + $body, + $this->From, + [] + ); + $this->edebug("Result: " . ($result === 0 ? 'true' : 'false')); + if (0 !== $result) { + throw new Exception($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL); + } + } + + return true; + } + + /** + * Fix CVE-2016-10033 and CVE-2016-10045 by disallowing potentially unsafe shell characters. + * Note that escapeshellarg and escapeshellcmd are inadequate for our purposes, especially on Windows. + * + * @see https://github.com/PHPMailer/PHPMailer/issues/924 CVE-2016-10045 bug report + * + * @param string $string The string to be validated + * + * @return bool + */ + protected static function isShellSafe($string) + { + //It's not possible to use shell commands safely (which includes the mail() function) without escapeshellarg, + //but some hosting providers disable it, creating a security problem that we don't want to have to deal with, + //so we don't. + if (!function_exists('escapeshellarg') || !function_exists('escapeshellcmd')) { + return false; + } + + if ( + escapeshellcmd($string) !== $string + || !in_array(escapeshellarg($string), ["'$string'", "\"$string\""]) + ) { + return false; + } + + $length = strlen($string); + + for ($i = 0; $i < $length; ++$i) { + $c = $string[$i]; + + //All other characters have a special meaning in at least one common shell, including = and +. + //Full stop (.) has a special meaning in cmd.exe, but its impact should be negligible here. + //Note that this does permit non-Latin alphanumeric characters based on the current locale. + if (!ctype_alnum($c) && strpos('@_-.', $c) === false) { + return false; + } + } + + return true; + } + + /** + * Check whether a file path is of a permitted type. + * Used to reject URLs and phar files from functions that access local file paths, + * such as addAttachment. + * + * @param string $path A relative or absolute path to a file + * + * @return bool + */ + protected static function isPermittedPath($path) + { + //Matches scheme definition from https://tools.ietf.org/html/rfc3986#section-3.1 + return !preg_match('#^[a-z][a-z\d+.-]*://#i', $path); + } + + /** + * Check whether a file path is safe, accessible, and readable. + * + * @param string $path A relative or absolute path to a file + * + * @return bool + */ + protected static function fileIsAccessible($path) + { + if (!static::isPermittedPath($path)) { + return false; + } + $readable = is_file($path); + //If not a UNC path (expected to start with \\), check read permission, see #2069 + if (strpos($path, '\\\\') !== 0) { + $readable = $readable && is_readable($path); + } + return $readable; + } + + /** + * Send mail using the PHP mail() function. + * + * @see http://www.php.net/manual/en/book.mail.php + * + * @param string $header The message headers + * @param string $body The message body + * + * @throws Exception + * + * @return bool + */ + protected function mailSend($header, $body) + { + $header = static::stripTrailingWSP($header) . static::$LE . static::$LE; + + $toArr = []; + foreach ($this->to as $toaddr) { + $toArr[] = $this->addrFormat($toaddr); + } + $to = trim(implode(', ', $toArr)); + + //If there are no To-addresses (e.g. when sending only to BCC-addresses) + //the following should be added to get a correct DKIM-signature. + //Compare with $this->preSend() + if ($to === '') { + $to = 'undisclosed-recipients:;'; + } + + $params = null; + //This sets the SMTP envelope sender which gets turned into a return-path header by the receiver + //A space after `-f` is optional, but there is a long history of its presence + //causing problems, so we don't use one + //Exim docs: http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html + //Sendmail docs: http://www.sendmail.org/~ca/email/man/sendmail.html + //Qmail docs: http://www.qmail.org/man/man8/qmail-inject.html + //Example problem: https://www.drupal.org/node/1057954 + //CVE-2016-10033, CVE-2016-10045: Don't pass -f if characters will be escaped. + + //PHP 5.6 workaround + $sendmail_from_value = ini_get('sendmail_from'); + if (empty($this->Sender) && !empty($sendmail_from_value)) { + //PHP config has a sender address we can use + $this->Sender = ini_get('sendmail_from'); + } + if (!empty($this->Sender) && static::validateAddress($this->Sender)) { + if (self::isShellSafe($this->Sender)) { + $params = sprintf('-f%s', $this->Sender); + } + $old_from = ini_get('sendmail_from'); + ini_set('sendmail_from', $this->Sender); + } + $result = false; + if ($this->SingleTo && count($toArr) > 1) { + foreach ($toArr as $toAddr) { + $result = $this->mailPassthru($toAddr, $this->Subject, $body, $header, $params); + $addrinfo = static::parseAddresses($toAddr, true, $this->CharSet); + $this->doCallback( + $result, + [[$addrinfo['address'], $addrinfo['name']]], + $this->cc, + $this->bcc, + $this->Subject, + $body, + $this->From, + [] + ); + } + } else { + $result = $this->mailPassthru($to, $this->Subject, $body, $header, $params); + $this->doCallback($result, $this->to, $this->cc, $this->bcc, $this->Subject, $body, $this->From, []); + } + if (isset($old_from)) { + ini_set('sendmail_from', $old_from); + } + if (!$result) { + throw new Exception($this->lang('instantiate'), self::STOP_CRITICAL); + } + + return true; + } + + /** + * Get an instance to use for SMTP operations. + * Override this function to load your own SMTP implementation, + * or set one with setSMTPInstance. + * + * @return SMTP + */ + public function getSMTPInstance() + { + if (!is_object($this->smtp)) { + $this->smtp = new SMTP(); + } + + return $this->smtp; + } + + /** + * Provide an instance to use for SMTP operations. + * + * @return SMTP + */ + public function setSMTPInstance(SMTP $smtp) + { + $this->smtp = $smtp; + + return $this->smtp; + } + + /** + * Send mail via SMTP. + * Returns false if there is a bad MAIL FROM, RCPT, or DATA input. + * + * @see PHPMailer::setSMTPInstance() to use a different class. + * + * @uses \PHPMailer\PHPMailer\SMTP + * + * @param string $header The message headers + * @param string $body The message body + * + * @throws Exception + * + * @return bool + */ + protected function smtpSend($header, $body) + { + $header = static::stripTrailingWSP($header) . static::$LE . static::$LE; + $bad_rcpt = []; + if (!$this->smtpConnect($this->SMTPOptions)) { + throw new Exception($this->lang('smtp_connect_failed'), self::STOP_CRITICAL); + } + //Sender already validated in preSend() + if ('' === $this->Sender) { + $smtp_from = $this->From; + } else { + $smtp_from = $this->Sender; + } + if (!$this->smtp->mail($smtp_from)) { + $this->setError($this->lang('from_failed') . $smtp_from . ' : ' . implode(',', $this->smtp->getError())); + throw new Exception($this->ErrorInfo, self::STOP_CRITICAL); + } + + $callbacks = []; + //Attempt to send to all recipients + foreach ([$this->to, $this->cc, $this->bcc] as $togroup) { + foreach ($togroup as $to) { + if (!$this->smtp->recipient($to[0], $this->dsn)) { + $error = $this->smtp->getError(); + $bad_rcpt[] = ['to' => $to[0], 'error' => $error['detail']]; + $isSent = false; + } else { + $isSent = true; + } + + $callbacks[] = ['issent' => $isSent, 'to' => $to[0], 'name' => $to[1]]; + } + } + + //Only send the DATA command if we have viable recipients + if ((count($this->all_recipients) > count($bad_rcpt)) && !$this->smtp->data($header . $body)) { + throw new Exception($this->lang('data_not_accepted'), self::STOP_CRITICAL); + } + + $smtp_transaction_id = $this->smtp->getLastTransactionID(); + + if ($this->SMTPKeepAlive) { + $this->smtp->reset(); + } else { + $this->smtp->quit(); + $this->smtp->close(); + } + + foreach ($callbacks as $cb) { + $this->doCallback( + $cb['issent'], + [[$cb['to'], $cb['name']]], + [], + [], + $this->Subject, + $body, + $this->From, + ['smtp_transaction_id' => $smtp_transaction_id] + ); + } + + //Create error message for any bad addresses + if (count($bad_rcpt) > 0) { + $errstr = ''; + foreach ($bad_rcpt as $bad) { + $errstr .= $bad['to'] . ': ' . $bad['error']; + } + throw new Exception($this->lang('recipients_failed') . $errstr, self::STOP_CONTINUE); + } + + return true; + } + + /** + * Initiate a connection to an SMTP server. + * Returns false if the operation failed. + * + * @param array $options An array of options compatible with stream_context_create() + * + * @throws Exception + * + * @uses \PHPMailer\PHPMailer\SMTP + * + * @return bool + */ + public function smtpConnect($options = null) + { + if (null === $this->smtp) { + $this->smtp = $this->getSMTPInstance(); + } + + //If no options are provided, use whatever is set in the instance + if (null === $options) { + $options = $this->SMTPOptions; + } + + //Already connected? + if ($this->smtp->connected()) { + return true; + } + + $this->smtp->setTimeout($this->Timeout); + $this->smtp->setDebugLevel($this->SMTPDebug); + $this->smtp->setDebugOutput($this->Debugoutput); + $this->smtp->setVerp($this->do_verp); + if ($this->Host === null) { + $this->Host = 'localhost'; + } + $hosts = explode(';', $this->Host); + $lastexception = null; + + foreach ($hosts as $hostentry) { + $hostinfo = []; + if ( + !preg_match( + '/^(?:(ssl|tls):\/\/)?(.+?)(?::(\d+))?$/', + trim($hostentry), + $hostinfo + ) + ) { + $this->edebug($this->lang('invalid_hostentry') . ' ' . trim($hostentry)); + //Not a valid host entry + continue; + } + //$hostinfo[1]: optional ssl or tls prefix + //$hostinfo[2]: the hostname + //$hostinfo[3]: optional port number + //The host string prefix can temporarily override the current setting for SMTPSecure + //If it's not specified, the default value is used + + //Check the host name is a valid name or IP address before trying to use it + if (!static::isValidHost($hostinfo[2])) { + $this->edebug($this->lang('invalid_host') . ' ' . $hostinfo[2]); + continue; + } + $prefix = ''; + $secure = $this->SMTPSecure; + $tls = (static::ENCRYPTION_STARTTLS === $this->SMTPSecure); + if ('ssl' === $hostinfo[1] || ('' === $hostinfo[1] && static::ENCRYPTION_SMTPS === $this->SMTPSecure)) { + $prefix = 'ssl://'; + $tls = false; //Can't have SSL and TLS at the same time + $secure = static::ENCRYPTION_SMTPS; + } elseif ('tls' === $hostinfo[1]) { + $tls = true; + //TLS doesn't use a prefix + $secure = static::ENCRYPTION_STARTTLS; + } + //Do we need the OpenSSL extension? + $sslext = defined('OPENSSL_ALGO_SHA256'); + if (static::ENCRYPTION_STARTTLS === $secure || static::ENCRYPTION_SMTPS === $secure) { + //Check for an OpenSSL constant rather than using extension_loaded, which is sometimes disabled + if (!$sslext) { + throw new Exception($this->lang('extension_missing') . 'openssl', self::STOP_CRITICAL); + } + } + $host = $hostinfo[2]; + $port = $this->Port; + if ( + array_key_exists(3, $hostinfo) && + is_numeric($hostinfo[3]) && + $hostinfo[3] > 0 && + $hostinfo[3] < 65536 + ) { + $port = (int) $hostinfo[3]; + } + if ($this->smtp->connect($prefix . $host, $port, $this->Timeout, $options)) { + try { + if ($this->Helo) { + $hello = $this->Helo; + } else { + $hello = $this->serverHostname(); + } + $this->smtp->hello($hello); + //Automatically enable TLS encryption if: + //* it's not disabled + //* we have openssl extension + //* we are not already using SSL + //* the server offers STARTTLS + if ($this->SMTPAutoTLS && $sslext && 'ssl' !== $secure && $this->smtp->getServerExt('STARTTLS')) { + $tls = true; + } + if ($tls) { + if (!$this->smtp->startTLS()) { + $message = $this->getSmtpErrorMessage('connect_host'); + throw new Exception($message); + } + //We must resend EHLO after TLS negotiation + $this->smtp->hello($hello); + } + if ( + $this->SMTPAuth && !$this->smtp->authenticate( + $this->Username, + $this->Password, + $this->AuthType, + $this->oauth + ) + ) { + throw new Exception($this->lang('authenticate')); + } + + return true; + } catch (Exception $exc) { + $lastexception = $exc; + $this->edebug($exc->getMessage()); + //We must have connected, but then failed TLS or Auth, so close connection nicely + $this->smtp->quit(); + } + } + } + //If we get here, all connection attempts have failed, so close connection hard + $this->smtp->close(); + //As we've caught all exceptions, just report whatever the last one was + if ($this->exceptions && null !== $lastexception) { + throw $lastexception; + } + if ($this->exceptions) { + // no exception was thrown, likely $this->smtp->connect() failed + $message = $this->getSmtpErrorMessage('connect_host'); + throw new Exception($message); + } + + return false; + } + + /** + * Close the active SMTP session if one exists. + */ + public function smtpClose() + { + if ((null !== $this->smtp) && $this->smtp->connected()) { + $this->smtp->quit(); + $this->smtp->close(); + } + } + + /** + * Set the language for error messages. + * The default language is English. + * + * @param string $langcode ISO 639-1 2-character language code (e.g. French is "fr") + * Optionally, the language code can be enhanced with a 4-character + * script annotation and/or a 2-character country annotation. + * @param string $lang_path Path to the language file directory, with trailing separator (slash) + * Do not set this from user input! + * + * @return bool Returns true if the requested language was loaded, false otherwise. + */ + public function setLanguage($langcode = 'en', $lang_path = '') + { + //Backwards compatibility for renamed language codes + $renamed_langcodes = [ + 'br' => 'pt_br', + 'cz' => 'cs', + 'dk' => 'da', + 'no' => 'nb', + 'se' => 'sv', + 'rs' => 'sr', + 'tg' => 'tl', + 'am' => 'hy', + ]; + + if (array_key_exists($langcode, $renamed_langcodes)) { + $langcode = $renamed_langcodes[$langcode]; + } + + //Define full set of translatable strings in English + $PHPMAILER_LANG = [ + 'authenticate' => 'SMTP Error: Could not authenticate.', + 'buggy_php' => 'Your version of PHP is affected by a bug that may result in corrupted messages.' . + ' To fix it, switch to sending using SMTP, disable the mail.add_x_header option in' . + ' your php.ini, switch to MacOS or Linux, or upgrade your PHP to version 7.0.17+ or 7.1.3+.', + 'connect_host' => 'SMTP Error: Could not connect to SMTP host.', + 'data_not_accepted' => 'SMTP Error: data not accepted.', + 'empty_message' => 'Message body empty', + 'encoding' => 'Unknown encoding: ', + 'execute' => 'Could not execute: ', + 'extension_missing' => 'Extension missing: ', + 'file_access' => 'Could not access file: ', + 'file_open' => 'File Error: Could not open file: ', + 'from_failed' => 'The following From address failed: ', + 'instantiate' => 'Could not instantiate mail function.', + 'invalid_address' => 'Invalid address: ', + 'invalid_header' => 'Invalid header name or value', + 'invalid_hostentry' => 'Invalid hostentry: ', + 'invalid_host' => 'Invalid host: ', + 'mailer_not_supported' => ' mailer is not supported.', + 'provide_address' => 'You must provide at least one recipient email address.', + 'recipients_failed' => 'SMTP Error: The following recipients failed: ', + 'signing' => 'Signing Error: ', + 'smtp_code' => 'SMTP code: ', + 'smtp_code_ex' => 'Additional SMTP info: ', + 'smtp_connect_failed' => 'SMTP connect() failed.', + 'smtp_detail' => 'Detail: ', + 'smtp_error' => 'SMTP server error: ', + 'variable_set' => 'Cannot set or reset variable: ', + ]; + if (empty($lang_path)) { + //Calculate an absolute path so it can work if CWD is not here + $lang_path = dirname(__DIR__) . DIRECTORY_SEPARATOR . 'language' . DIRECTORY_SEPARATOR; + } + + //Validate $langcode + $foundlang = true; + $langcode = strtolower($langcode); + if ( + !preg_match('/^(?P[a-z]{2})(?P