Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Allow {$name} in e-mail

git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@1077 7c3ca157-0c34-0410-bff1-cbf682f78f5c
  • Loading branch information...
commit bbd3a3c0147770f1e5eceb32c412caeb9ddb4d46 1 parent 9ef7666
jakubvrana authored
Showing with 11 additions and 3 deletions.
  1. +11 −3 editor/include/adminer.inc.php
14 editor/include/adminer.inc.php
View
@@ -255,13 +255,21 @@ function selectEmailProcess($where) {
$sent = 0;
if ($_POST["all"] || $_POST["check"]) {
$field = idf_escape($_POST["email_field"]);
- $result = $dbh->query("SELECT DISTINCT $field FROM " . idf_escape($_GET["select"])
+ $subject = $_POST["email_subject"];
+ $message = $_POST["email_message"];
+ preg_match_all('~\\{\\$([a-z0-9_]+)\\}~i', "$subject.$message", $matches); // allows {$name} in subject or message
+ $result = $dbh->query("SELECT DISTINCT $field, " . implode(", ", array_map('idf_escape', array_unique($matches[1]))) . " FROM " . idf_escape($_GET["select"])
. " WHERE $field IS NOT NULL AND $field != ''"
. ($where ? " AND " . implode(" AND ", $where) : "")
. ($_POST["all"] ? "" : " AND ((" . implode(") OR (", array_map('where_check', (array) $_POST["check"])) . "))")
);
- while ($row = $result->fetch_row()) {
- if (is_email($row[0]) && mail($row[0], email_header($_POST["email_subject"]), $_POST["email_message"],
+ while ($row = $result->fetch_assoc()) {
+ $replace = array();
+ foreach ($matches[1] as $val) {
+ $replace['{$' . "$val}"] = $row[$val]; //! substitute foreign keys
+ }
+ $email = $row[$_POST["email_field"]];
+ if (is_email($email) && mail($email, email_header(strtr($subject, $replace)), strtr($message, $replace),
"MIME-Version: 1.0\nContent-Type: text/plain; charset=utf-8\nContent-Transfer-Encoding: 8bit"
. (is_email($_POST["email_from"]) ? "\nFrom: $_POST[email_from]" : "") //! should allow address with a name but simple application of email_header() adds the default server domain
)) {
Please sign in to comment.
Something went wrong with that request. Please try again.