<?php
require_once($ROOTDIR.'admin/functions/general.php');

	function ReplaceCustomField($field=array(), $MemberID=0, $Format='', $BasicEmail='', $ListID=0) {
		if (empty($field)) return $BasicEmail;

		global $TABLEPREFIX;
		$qry = "SELECT * FROM " . $TABLEPREFIX . "list_field_values WHERE ";
		if ($ListID > 0) $qry .= "ListID='" . addslashes($ListID) . "' AND ";
		$qry .= "FieldID='".addslashes($field['FieldID'])."' AND UserID='".addslashes($MemberID)."'";

		$custom_field_results = mysql_query($qry);
		$mv = mysql_fetch_assoc($custom_field_results);
		$mv['Value'] = stripslashes($mv['Value']);
		mysql_free_result($custom_field_results);

		if (!$mv['Value']) return str_replace('%FIELD:'  .$field['FieldID'] . '%', '', $BasicEmail);

		switch($field['FieldType']) {
			case 'checkbox':
				if($mv['Value']=='CHECKED')
				{
					$mv['Value']='Yes';
				}
				else
				{
					$mv['Value']='No';
				}
			break;

			case 'dropdown':
				$opts=explode(';',$field['AllValues']);
				foreach($opts as $opt)
				{
					$elements=explode('->',$opt);
					$name = $elements[0];
					$val = (isset($elements[1])) ? $elements[1] : '';

					if($name==$mv['Value'])
					{
							$mv['Value']=$val;
					}
				}
			break;

			case 'longtext':
				if ($Format=='HTML')
				{
					$mv['Value']=nl2br($mv['Value']);
				}
			break;

			case 'multicheckbox':
				$myvals = explode(':', $mv['Value']);
				$mv['Value'] = '';
				$fieldvals=explode(';',$field['AllValues']);
				foreach($fieldvals as $fieldval){
					if (!$fieldval) continue;
						list($sys,$lab)=explode('->',$fieldval);
						if (in_array($sys, $myvals)) $mv['Value'] .= $lab . ', ';
				}
				$mv['Value'] = substr($mv['Value'], 0, -2);

			break;

			case 'datebox':
				$order = explode(',', $field['AllValues']);
				list($day, $month, $year) = explode(':', $mv['Value']);
				$mv['Value'] = '';
				foreach($order as $o) {
					if (!in_array($o, array('month', 'day', 'year'))) continue;
					$mv['Value'] .= $$o . '/';
				}
				$mv['Value'] = substr($mv['Value'], 0, -1);
		}

		$BasicEmail = str_replace('%FIELD:'  .$field['FieldID'] . '%', $mv['Value'], $BasicEmail);
		return $BasicEmail;
	}

	function ReplaceCustomImages($image=array(), $Format='', $BasicEmail='') {
		if (empty($image)) return $BasicEmail;

		global $ROOTURL;
		if($Format=='HTML') {
			$tv = '<img src="'.$ROOTURL.'temp/images/'.$image['ImageID'].".".$image['ImageType'].'">';
		} else {
			$tv = $ROOTURL.'temp/images/'.$image['ImageID'].'.'.$image['ImageType'];
		}

		$protocol = substr($ROOTURL, 0, strpos($ROOTURL, ':'));
		$tv = str_replace($protocol.':/', $protocol.'://', str_replace('//', '/', $tv));
		$BasicEmail=str_replace('%IMAGE:'.$image['ImageID'].'%',$tv,$BasicEmail);

		return $BasicEmail;
	}

	function EmailBody($ComposedID, $MemberID, $Format, $EmailBody="", $member_details=array(), $ListID=0, $type='Send')
	{
		GLOBAL $ROOTURL;
		GLOBAL $CURRENTADMIN;
		global $TABLEPREFIX;

		if($EmailBody)
		{
			$email=$EmailBody;
			$BasicEmail = ($Format == 'HTML') ? $email : str_replace("\r\n", "\n", $email);
		}
		else
		{
			$composed_result = mysql_query("SELECT * FROM " . $TABLEPREFIX . "composed_emails WHERE ComposedID='".addslashes($ComposedID)."'");
			$email=mysql_fetch_assoc($composed_result);
			mysql_free_result($composed_result);

			$BasicEmail = ($Format == 'HTML') ? $email['HTMLBody'] : str_replace("\r\n", "\n", $email['TextBody']);
		}

		$BasicEmail = wordwrap(stripslashes($BasicEmail), 500);

		preg_match_all('/%FIELD:(.*?)%/', $BasicEmail, $custom_fields_to_replace);
		$custom_fields_to_replace = $custom_fields_to_replace[1];
		if (empty($custom_fields_to_replace)) $custom_fields_to_replace = array('0');

		$listfields = array();
		//list fields!
		$list_fields_query = "SELECT * FROM " . $TABLEPREFIX . "list_fields WHERE FieldID IN (" . implode(',', $custom_fields_to_replace) . ")";

		$list_fields=mysql_query($list_fields_query);
		while($f=mysql_fetch_assoc($list_fields))
		{
			$BasicEmail = ReplaceCustomField($f, $MemberID, $Format, $BasicEmail, $ListID);
		}
		mysql_free_result($list_fields);

		if (empty($member_details)) {
			//basic tags!
			$member_result = mysql_query("SELECT * FROM " . $TABLEPREFIX . "members WHERE MemberID='".addslashes($MemberID)."'");
			$mem=mysql_fetch_assoc($member_result);
			mysql_free_result($member_result);
		} else {
			$mem = $member_details;
		}

		$mem['Email'] = stripslashes($mem['Email']);
		$mem['ConfirmCode'] = stripslashes($mem['ConfirmCode']);

		$BasicEmail=str_replace('%BASIC:EMAIL%',$mem['Email'],$BasicEmail);

		$c = ($mem['Confirmed'] == 1) ? 'Confirmed' : 'Unconfirmed';
		$BasicEmail = str_replace('%BASIC:CONFIRMATION%',$c,$BasicEmail);

		$c = ($mem['Status'] == 1) ? 'Active' : 'Inactive';
		$BasicEmail=str_replace('%BASIC:STATUS%',$c,$BasicEmail);

		$c = ($mem['Format'] == 1) ? 'Text' : 'HTML';
		$BasicEmail=str_replace('%BASIC:FORMAT%',$c,$BasicEmail);

		$BasicEmail=str_replace('%BASIC:SUBDATE%',DisplayDate($mem['SubscribeDate']),$BasicEmail);

		$archive_url = $ROOTURL.'users/view_archive.php?Mem=' . $mem['MemberID'] . '&'.$type.'=' . $ComposedID . '&List=' . $ListID;

		preg_match_all('/%BASIC:MODIFYDETAILS_(.*?)%/', $BasicEmail, $modify_form_to_include);

		$modify_url = $ROOTURL.'users/modify_details.php?Mem=' . $mem['MemberID'] . '&'.$type.'=' . $ComposedID . '&List=' . $ListID . '&Conf=' . $mem['ConfirmCode'];

		foreach($modify_form_to_include[1] as $formid) {
			$mod_url = $modify_url . '&Form=' . $formid;
			if ($Format == 'HTML') {
				$BasicEmail = preg_replace('/<a href="%basic:modifydetails_' . $formid . '%">/i', '<a href="' . $mod_url . '">', $BasicEmail);
				$BasicEmail = str_replace('%BASIC:MODIFYDETAILS_' . $formid . '%', '<a href="' . $mod_url . '">' . $mod_url . '</a>', $BasicEmail);
			} else {
				$BasicEmail = str_replace('%BASIC:MODIFYDETAILS_' . $formid . '%', $mod_url, $BasicEmail);
			}
		}

		$confirm_url = $ROOTURL . "users/confirm.php?Email=" . $mem['Email'] . "&ConfirmCode=" . $mem['ConfirmCode'];

		$unsub_url = $ROOTURL . 'users/unsub.php?Mem=' . $MemberID . '&ConfirmCode=' . $mem['ConfirmCode'];

		if($Format == 'HTML') {
			$BasicEmail = preg_replace('/<a href="%basic:unsublink%">/i', '<a href="' . $unsub_url . '">', $BasicEmail);
			$BasicEmail=str_replace("%BASIC:UNSUBLINK%", '<a href="' . $unsub_url . '">' . $unsub_url . '</a>', $BasicEmail);

			$BasicEmail = preg_replace('/<a href="%basic:confirmlink%">/i', '<a href="' . $confirm_url . '">', $BasicEmail);
			$BasicEmail=str_replace("%BASIC:CONFIRMLINK%", '<a href="' . $confirm_url . '">' . $confirm_url . '</a>', $BasicEmail);

			$BasicEmail = preg_replace('/<a href="%basic:archivelink%">/i', '<a href="' . $archive_url . '">', $BasicEmail);
			$BasicEmail = str_replace('%BASIC:ARCHIVELINK%', '<a href="' . $archive_url . '">' . $archive_url . '</a>', $BasicEmail);
		} else {
			$BasicEmail=str_replace("%BASIC:UNSUBLINK%", $unsub_url, $BasicEmail);
			$BasicEmail=str_replace("%BASIC:CONFIRMLINK%", $confirm_url, $BasicEmail);
			$BasicEmail = str_replace('%BASIC:ARCHIVELINK%', $archive_url, $BasicEmail);
		}

		$listname = '';
		if ($ListID > 0) {
			$listname = @mysql_result(mysql_query("SELECT ListName FROM " . $TABLEPREFIX . "lists WHERE ListID='" . addslashes($ListID) . "'"), 0, 0);
		}
		$BasicEmail = str_replace('%BASIC:LISTNAME%', $listname, $BasicEmail);

		return $BasicEmail;
	}

	function add_hidden_image($body, $imgsrc) {
		if (preg_match('%</body>%i', $body)) {
			$body = preg_replace('%</body>%i',
					$imgsrc . '</body>',
					$body
			);
		} else {
			if (!preg_match('%</html>%i', $body)) {
				$body .= "\n\n" . $imgsrc . '</body></html>';
			} else {
				$body = preg_replace('%</html>%i',
					$imgsrc . '</body></html>',
					$body
				);
			}
		}
		return $body;
	}


	function CreateEmail($SendID, $MemberID, $Format, $send_details=array(), $email=array(), $type='Send', $member=array())
	{
		GLOBAL $ROOTURL;
		GLOBAL $TABLEPREFIX;

		if (empty($send_details)) {
			$send_result = mysql_query("SELECT * FROM " . $TABLEPREFIX . "sends WHERE SendID='".addslashes($SendID)."'");
			$send=mysql_fetch_assoc($send_result);
			mysql_free_result($send_result);
		} else {
			$send = $send_details;
		}

		if (empty($member)) {
			$member_result = mysql_query("SELECT * FROM " . $TABLEPREFIX . "members WHERE MemberID='".addslashes($MemberID)."'");
			$member=mysql_fetch_assoc($member_result);
			mysql_free_result($member_result);
		}

		$member['Email'] = stripslashes($member['Email']);
		$member['ConfirmCode'] = stripslashes($member['ConfirmCode']);

		if ($member['ConfirmCode'] == '') {
			$code = md5(uniqid('', true) . time());
			$member['ConfirmCode'] = $code;
			$qry = "UPDATE " . $TABLEPREFIX . "members SET confirmcode='" . addslashes($code) . "' WHERE memberid='" . addslashes($member['MemberID']) . "'";
			mysql_query($qry);
		}

		if (empty($email)) {
			$email_result = mysql_query("SELECT * FROM " . $TABLEPREFIX . "composed_emails WHERE ComposedID='".addslashes($send['ComposedID'])."'");
			$email=mysql_fetch_assoc($email_result);

			mysql_free_result($email_result);
		}

		$text_email_footer = "";
		$html_email_footer = "";

		$EmailBody = '';

		$AttachmentIDs = (is_array($email['AttachmentIDs'])) ? $email['AttachmentIDs'] : explode(':', $email['AttachmentIDs']);

		$semi_rand = md5(time());
		$mime_boundary = "==MULTIPART_BOUNDARY_$semi_rand";
		$mime_boundary_header = chr(34) . $mime_boundary . chr(34);

		$hidden_imgsrc = '<img src="'.$ROOTURL.'users/sendopen.php?MemberID='.$MemberID.'&SendID='.$SendID.'&Type='.$type.'" width="1" height="1">';

		if ($Format == 1 || $Format == 0) {
			//textbased

			$content_type = "Content-Type: text/plain\n";
			$text_msg = EmailBody($email['ComposedID'], $MemberID, 'TEXT', $email['TextBody'], $member, $send['ListID'], $type);

			if (!$text_msg) return false;

			$text_msg = stripslashes($text_msg);

			$text_msg .= $text_email_footer;

			if (empty($AttachmentIDs) || $AttachmentIDs[0] == '') {
				$email_msg = $text_msg;
			}
			if (!empty($AttachmentIDs) && $AttachmentIDs[0] != '') {
				$email_msg  = "--" . $mime_boundary . "\n";
				$email_msg .= "Content-Type: text/plain; charset=\"iso-8859-1\"";
				$email_msg .= "Content-Transfer-Encoding: 7bit\n";
				$email_msg .= "\n" . $text_msg . "\n\n";
			}
		}

		if ($Format == 2) {
			// html

			$content_type = "Content-Type: text/html; charset=\"iso-8859-1\"\nContent-Transfer-Encoding: 7bit\n";

			$html_msg = EmailBody($email['ComposedID'], $MemberID, 'HTML', $email['HTMLBody'], $member, $send['ListID'], $type);

			if (!$html_msg) return false;

			$html_msg = stripslashes($html_msg);

			$html_msg = add_hidden_image($html_msg, $html_email_footer);

			if ($send['TrackOpens']) {
				$html_msg = add_hidden_image($html_msg, $hidden_imgsrc);
			}

			if (empty($AttachmentIDs) || $AttachmentIDs[0] == '') {
				$email_msg = $html_msg;
			}
			if (!empty($AttachmentIDs) && $AttachmentIDs[0] != '') {
				$email_msg  = "--" . $mime_boundary . "\n";
				$email_msg .= "Content-Type: text/html; charset=\"iso-8859-1\"";
				$email_msg .= "Content-Transfer-Encoding: 7bit\n";
				$email_msg .= "\n" . $html_msg . "\n\n";
			}
		}

		 if ($Format == 3) {
			//format==3
			//multipart version

			$content_type = "Content-Type: multipart/alternative;\n";

			$html_msg = EmailBody($email['ComposedID'], $MemberID, 'HTML', $email['HTMLBody'], $member, $send['ListID'], $type);

			if ($send['TrackOpens']) {
				$html_msg = add_hidden_image($html_msg, $hidden_imgsrc);
			}

			$html_msg = stripslashes($html_msg);

			$html_msg = add_hidden_image($html_msg, $html_email_footer);

			$text_msg = EmailBody($email['ComposedID'], $MemberID, 'TEXT', $email['TextBody'], $member, $send['ListID'], $type);

			$text_msg = stripslashes($text_msg);

			$text_msg .= $text_email_footer;

			if (!$html_msg && !$text_msg) return false;

			$email_msg = '';
			$old_boundary = $mime_boundary;

			if (!empty($AttachmentIDs) && $AttachmentIDs[0] != '') {
				$secondary_boundary = md5(uniqid('ss') . time());
				$mime_boundary = $secondary_boundary;
				$email_msg .= '--' . $old_boundary . "\n";
				$email_msg .= 'Content-Type: multipart/alternative;' . "\n";
				$email_msg .= "\t" . 'boundary="' . $mime_boundary . '"' . "\n\n";
			}

			if ($text_msg) {
				$email_msg .= "--$mime_boundary\n";
				$email_msg .= "Content-Type: text/plain; charset=\"iso-8859-1\"\n";
				$email_msg .= "Content-Transfer-Encoding: 7bit\n\n";
				$email_msg .= "$text_msg";
			}

			if ($text_msg && $html_msg) $email_msg .= "\n\n";

			if ($html_msg) {
				$email_msg .= "--$mime_boundary\n";
				$email_msg .= "Content-Type: text/html; charset=\"iso-8859-1\"\n";
				$email_msg .= "Content-Transfer-Encoding: 7bit\n\n";
				$email_msg .= "$html_msg";
			}

			$email_msg .= "\n\n";

			if (isset($secondary_boundary)) $email_msg .= '--' . $secondary_boundary . '--';

			$mime_boundary = $old_boundary;
		}

		if ($send['TrackLinks']) {
			$links_to_replace = array();
			$templinkid = 0;

			while(preg_match('%<a(.+)href\s*=\s*?(["\']*http[^"\' >]+["\']*)(.*)</a>%i', $email_msg, $matches)) {
				$url = $matches[2];
				$templinkid++;
				$newlink = '%%LINK[' . $templinkid . ']%%';
				$replacement = str_replace($url, $newlink, $matches[0]);
				$email_msg = substr_replace($email_msg, $replacement, strpos($email_msg, $matches[0]), strlen($matches[0]));
				$links_to_replace[$templinkid] = $url;
			}

			/*
				Text link tracking
				This is disabled - but we'll keep it in here in case anybody wants to use it.
			while (preg_match('%(http[^ \n\r]*)%is', $email_msg, $matches)) {
					$url = $matches[0];
					$templinkid++;
					$newlink = '%%LINK[' . $templinkid . ']%%';
					$replacement = str_replace($url, $newlink, $matches[0]);
					$email_msg = substr_replace($email_msg, $replacement, strpos($email_msg, $matches[0]), strlen($matches[0]));
					$links_to_replace[$templinkid] = $url;
			}
			*/

			foreach($links_to_replace as $templinkid => $link) {
				// things like unsubscribe links, modify-details links should be left alone.
				// so if it's based on the ROOTURL, just replace it back.
				if (preg_match('%' . $ROOTURL . '%', $link)) {
					$email_msg = str_replace('%%LINK[' . $templinkid . ']%%', $link, $email_msg);
					continue;
				}
				$link = str_replace('&amp;', '&', $link);

				$add_double_quotes = false;
				$add_single_quotes = false;

				$firstchar = substr($link, 0, 1);
				if ($firstchar == '"') {
					$add_double_quotes = true;
				}
				if ($firstchar == "'") {
					$add_single_quotes = true;
				}

				$linkid = CheckLink($link, $email['ComposedID'], $type);

				$full_link = '';
				if ($add_double_quotes) $full_link .= '"';
				if ($add_single_quotes) $full_link .= "'";
				$full_link .= $ROOTURL . 'users/link.php?LinkID='.$linkid.'&UserID='.$MemberID;
				$full_link .= '&Newsletter='.$email['ComposedID'].'&List='.$send['ListID'].'&LinkType='.$type;

				if ($add_double_quotes) $full_link .= '"';
				if ($add_single_quotes) $full_link .= "'";

				if ($linkid) {
					$email_msg = str_replace('%%LINK[' . $templinkid . ']%%', $full_link, $email_msg);
				}
			}
		}

		$EmailBody .= $email_msg . "\n\n";

		if (!empty($AttachmentIDs) && $AttachmentIDs[0] != '') {
			$content_type = "Content-Type: multipart/mixed;";
			$EmailBody .= "\n\n" . add_attachments($AttachmentIDs, $mime_boundary);
			$EmailBody .= "--" . $mime_boundary . "--";
		}

		$Headers  = "From: ";
		if (isset($send['SendName'])) {
			$Headers .= "\"" . $send['SendName'] . "\"<" . $send['SendFrom'] . ">";
		} else {
			$Headers .= $send['SendFrom'];
		}

		$Headers .= "\n";
		$Headers .= "Reply-To: " . $send['ReplyTo'] . "\n";
		$Headers .= "Return-Path: " . $send['ReturnPath'] . "\n";
		$Headers .= "MIME-Version: 1.0\n";
		$Headers .= "X-Mailer-ListID: " . $send['ListID'] . "\n";
		$Headers .= $content_type;

		if ($Format == 3 || (!empty($AttachmentIDs) && $AttachmentIDs[0] != '')) {
			$Headers .= "     boundary=" . $mime_boundary_header;
		}

		$Email['Headers']=$Headers;
		$Email['Subject']=EmailBody(0, $MemberID, $Format, $email['Subject'], $member);

		// replace . with .. to fix stylesheet issue
		$EmailBody = eregi_replace('[[:space:]]\.', '..', $EmailBody);

		$Email['Body']=$EmailBody;

		$bad_in_email = array(' ', ',', '"', '\'', ';');
		$member['Email'] = str_replace($bad_in_email, '', $member['Email']);

		$Email['Email']=$member['Email'];
		$Email['ReturnPath'] = $send['ReturnPath'];

		return $Email;
	}

	function CheckLink($url='', $id=0, $type='send') {
		if (!$url) return false;

		$url = str_replace('"', '', $url);
		$url = str_replace("'", '', $url);

		global $TABLEPREFIX, $CURRENTADMIN;
		$qry = "SELECT LinkID FROM " . $TABLEPREFIX . "links WHERE URL='" . addslashes($url) . "' AND ComposedID='" . addslashes($id) . "' AND LinkType='" . addslashes($type) . "'";
		$result = mysql_query($qry);
		if (mysql_num_rows($result) > 0) {
			$linkid = mysql_result($result, 0, 0);
		} else {
			$qry = "INSERT INTO " . $TABLEPREFIX . "links (URL, ComposedID, LinkType, AdminID) VALUES('" . addslashes($url) . "', '" . addslashes($id) . "', '" . addslashes($type) . "', '" . addslashes($CURRENTADMIN['AdminID']) . "')";
			mysql_query($qry);
			$linkid = mysql_insert_id();
		}
		mysql_free_result($result);
		return $linkid;
	}

?>