James Rose */ //includes files require_once dirname(__DIR__, 2) . "/resources/require.php"; require_once "resources/check_auth.php"; if (permission_exists('sms_add') || permission_exists('sms_edit')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text; $text = $language->get(); //set the action as an add or an update if (isset($_REQUEST["id"])) { $action = "update"; $sms_uuid = check_str($_REQUEST["id"]); $sql = "select * from v_sms_destinations "; $sql .= "where sms_destination_uuid = '" . $_REQUEST["id"] . "' "; $sql .= "and domain_uuid = '" . $_SESSION['domain_uuid'] . "' LIMIT 1"; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $sms_destinations = $prep_statement->fetchAll(PDO::FETCH_NAMED); foreach ($sms_destinations as $row) { $destination = check_str($row["destination"]); $carrier = check_str($row["carrier"]); $description = check_str($row["description"]); $enabled = check_str($row["enabled"]); $sms_destination_uuid = $row['sms_destination_uuid']; $chatplan_detail_data = $row['chatplan_detail_data']; $email = $row['email']; } unset ($prep_statement); } else { $action = "add"; } //get the http values and set them as php variables if (count($_POST) > 0 && $action != "update") { //get the values from the HTTP POST and save them as PHP variables $destination = str_replace(' ','-',check_str($_POST["destination"])); $carrier = check_str($_POST["carrier"]); $description = check_str($_POST["description"]); $enabled = check_str($_POST["enabled"]); $sms_destination_uuid = uuid(); $chatplan_detail_data = check_str($_POST["chatplan_detail_data"]); $email = check_str($_POST["email"]); if ($action == "add") { $sql_insert = "insert into v_sms_destinations "; $sql_insert .= "("; $sql_insert .= "sms_destination_uuid, "; $sql_insert .= "carrier, "; $sql_insert .= "domain_uuid, "; $sql_insert .= "destination, "; $sql_insert .= "enabled, "; $sql_insert .= "description, "; $sql_insert .= "chatplan_detail_data, "; $sql_insert .= "email "; $sql_insert .= ")"; $sql_insert .= "values "; $sql_insert .= "("; $sql_insert .= ":sms_destination_uuid, "; $sql_insert .= ":carrier, "; $sql_insert .= ":domain_uuid, "; $sql_insert .= ":destination, "; $sql_insert .= ":enabled, "; $sql_insert .= ":description, "; $sql_insert .= ":chatplan_detail_data, "; $sql_insert .= ":email "; $sql_insert .= ")"; $prep_statement = $db->prepare(check_sql($sql_insert)); $prep_statement->execute(array(':sms_destination_uuid' => $sms_destination_uuid, ':carrier' => $carrier, 'domain_uuid' => $_SESSION['domain_uuid'], ':destination' => $destination, ':enabled' => $enabled, ':description' => $description, ':chatplan_detail_data' => $chatplan_detail_data, ':email' => $email)); $prep_statement->execute(); unset ($prep_statement); header( 'Location: sms.php') ; } } elseif (count($_POST) > 0 && $action == "update") { $destination = str_replace(' ','-',check_str($_POST["destination"])); $carrier = check_str($_POST["carrier"]); $description = check_str($_POST["description"]); $enabled = check_str($_POST["enabled"]); $chatplan_detail_data = check_str($_POST["chatplan_detail_data"]); $email = check_str($_POST["email"]); $sql_insert = "update v_sms_destinations set"; $sql_insert .= " "; $sql_insert .= "carrier = :carrier, "; $sql_insert .= "destination = :destination, "; $sql_insert .= "enabled = :enabled, "; $sql_insert .= "description = :description, "; $sql_insert .= "chatplan_detail_data = :chatplan_detail_data, "; $sql_insert .= "email = :email "; $sql_insert .= "where sms_destination_uuid = :sms_destination_uuid and domain_uuid = :domain_uuid"; $prep_statement = $db->prepare(check_sql($sql_insert)); $prep_statement->execute(array(':carrier' => $carrier, ':destination' => $destination, ':enabled' => $enabled, ':description' => $description, ':chatplan_detail_data' => $chatplan_detail_data, ':email' => $email, ':sms_destination_uuid' => $sms_destination_uuid, ':domain_uuid' => $_SESSION['domain_uuid'])); $prep_statement->execute(); error_log($sql_insert); unset ($prep_statement); header( 'Location: sms.php') ; } //include the header require_once "resources/header.php"; require_once "resources/paging.php"; echo "
\n"; echo "\n"; echo "\n"; if ($action == "add") { echo "\n"; } if ($action == "update") { echo "\n"; } echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; if (permission_exists('sms_enabled')) { echo "\n"; echo "\n"; echo "\n"; echo "\n"; } echo "\n"; echo "\n"; echo "\n"; echo "\n"; if ($action == "update") { echo " \n"; echo " "; } echo "
".$text['header-sms-add']."".$text['header-sms-edit']."\n"; echo " \n"; echo " \n"; echo "

\n"; echo "
\n"; echo " ".$text['label-destination']."\n"; echo "\n"; echo " \n"; echo "
\n"; echo $text['description-destination']."\n"; echo "
\n"; echo " ".$text['label-carrier']."\n"; echo "\n"; if (count($_SESSION['sms']['carriers']) > 0) { echo "
\n"; } echo $text['description-carrier']."\n"; echo "
\n"; echo " ".$text['label-chatplan_detail_data']."\n"; echo "\n"; echo " \n"; echo "
\n"; echo $text['description-chatplan_detail_data']."\n"; echo "
\n"; echo " ".$text['label-sms_email']."\n"; echo "\n"; echo " \n"; echo "
\n"; echo $text['description-sms_email']."\n"; echo "
\n"; echo " ".$text['label-enabled']."\n"; echo "\n"; echo " \n"; echo "
\n"; echo $text['description-enabled']."\n"; echo "
\n"; echo " ".$text['label-description']."\n"; echo "\n"; echo " \n"; echo "
\n"; echo $text['description-description']."\n"; echo "
\n"; echo "
\n"; echo "\n"; //show the footer require_once "resources/footer.php"; ?>