asked on
<?php
session_start();
ob_start(); // ensures anything dumped out will be caught
require('db.php');
if(isset($_POST['new']) && $_POST['new']==1 && $errors =='')
{
$mm_date = date("Y-m-d H:i:s");
$body =$_REQUEST['body'];
$body = stripslashes($body);
$subject =$_REQUEST['subject'];
//send the email
// if ($_SESSION['username']<>'admin') {
$query = "SELECT email from users where username='".$_SESSION['username']."'";
$resultemail = mysql_query($query) or die ( mysql_error());
$rowemail = mysql_fetch_row($resultemail);
$too = $rowemail[0];
$from = $rowemail[0];
$username = $_SESSION['username'];
//send the email
$to .= implode(", ", $_SESSION['emails']);
$ffrom = "-f" . $from;
$ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
$messageopen = "
<html>
<head>
<title>HTML email</title>
</head>
<body>
";
$messageclose = "
</body>
</html>
";
$body = $messageopen.$body.$messageclose;
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
$headers .= "From: $from \r\n";
$headers .= 'BCC: '. implode(",", $_SESSION['emails']) . "\r\n";
$headers .= "Reply-To: $from \r\n";
$headers .= "Return-Path: <bounced@fxxxxxxxxxx.com> /r/n";
mail($too, $subject, $body, $headers, $ffrom);
while (ob_get_status())
{
ob_end_clean();
}
$body = str_replace("'","`",$body);
$ins_query="INSERT INTO mmerge(`mmdate`, `mmuser`, `mmsubject`, `mmbody`, `mmto`) VALUES ('$mm_date', '$username', '$subject', '$body', '$to')";
mysql_query($ins_query) or die(mysql_error());
header('Location: dashboard.php');
exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<link rel="stylesheet" href="wymeditor/wymeditor/skins/default/skin.css">
<link rel="stylesheet" href="css/simplestyle.css" />
<title>Mailmerge</title>
</head>
<body>
<div class="ieform">
<p><a href="http://www.wymeditor.org/">WYMeditor</a> is a web-based XHTML WYSIWYM editor.</p>
<form name="form" method="post" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>">
<input type="hidden" name="new" value="1" />
<input type="text" name="subject" placeholder="Enter Subject*" size="30" required value="<?php echo $subject;?>" />
<br>
<textarea name ="body" id="body" class="wymeditor"><p>Hello, World!</p></textarea>
<input type="submit" class="wymupdate" value="Submit" />
</form>
<br>
</div>
<script src="js/jquery.js"></script>
<script src="wymeditor/wymeditor/jquery.wymeditor.js"></script>
<script type="text/javascript">
$(document).ready(function() {
$('#body').wymeditor();
});
</script>
</body>
</html>