diff options
| -rw-r--r-- | admin.php | 1 | ||||
| -rw-r--r-- | config.php.example | 2 | ||||
| -rw-r--r-- | publishannouncement.php | 95 |
3 files changed, 98 insertions, 0 deletions
@@ -161,6 +161,7 @@ function getorderbyid($id) { <h3><a href="/manageorders.php">Manage orders</a></h2> <h3><a href="/managetickets.php">Manage tickets</a></h2> <h3><a href="/manageinvoices.php">Manage invoices</a></h2> + <h3><a href="/publishannouncement.php">Publish announcement</a></h2> </div> </div> </main> diff --git a/config.php.example b/config.php.example index b476a5d..ef5d0d1 100644 --- a/config.php.example +++ b/config.php.example @@ -13,6 +13,8 @@ define('MAIL_USER', 'user'); define('MAIL_PASSWORD', 'password'); define('MAIL_FROM', 'system@example.com'); +define('MAIL_ANNOUNCE_ADDRESS', 'announce@example.com'); + define('DOMAIN', 'dash.example.com'); /* Attempt to connect to MySQL database */ diff --git a/publishannouncement.php b/publishannouncement.php new file mode 100644 index 0000000..76c934a --- /dev/null +++ b/publishannouncement.php @@ -0,0 +1,95 @@ +<?php + +session_start(); + +if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){ + header("location: /login.php"); + exit; +} + +$username = $_SESSION["username"]; +$type = $_SESSION["type"]; +$id = $_SESSION["id"]; + +if ($type != "admin") die("Permission denied."); + +require_once "config.php"; + +// Get users +$sql = "SELECT id, username, type, email FROM users"; +$stmt = mysqli_prepare($link, $sql); +mysqli_stmt_execute($stmt); +$result = mysqli_stmt_get_result($stmt); +$users = $result->fetch_all(MYSQLI_ASSOC); + +/* + * Announce to + * - mailing list (hereby the announcement archive at lists.arf20.com) + * - discord webhook + * - irc (bridged) announcement notice + * - NNTP? + * - phpBB? + * - another, custom, archive ARFNET-ly + */ + +// POST actions +if ($_SERVER["REQUEST_METHOD"] == "POST") { + /* Send email */ + $mailer->addAddress(MAIL_ANNOUNCE_ADDRESS); + $mailer->addReplyTo(getuserbyid($id)["email"]); + $mailer->Subject = "[ARFNET Announcement] ".$_POST["subject"]; + $mailer->Body = $_POST["body"]; + + if (!$mailer->send()) { + echo 'Mailer Error [ask arf20]: ' . $mailer->ErrorInfo; + } else header("location: ".$_SERVER['SCRIPT_NAME']); +} + + +function getuserbyid($id) { + global $users; + foreach ($users as $user) { + if ($user["id"] == $id) { + return $user; + } + } +} + +?> + +<!doctype html> +<html> + <head> + <meta charset="UTF-8"> + <link rel="stylesheet" type="text/css" href="/style.css"> + <title>ARFNET CSTIMS</title> + </head> + <body> + <header><a href="https://arf20.com/"> + <img src="arfnet_logo.png" width="64"><span class="title"><strong>ARFNET</strong></span> + </a></header> + <hr> + <main> + <div class="row"> + <div class="col8"> + <h2 class="center">ARFNET Client Service Ticket and Invoice Management System</h2> + <h3><?php echo strtoupper($type[0]).substr($type, 1); ?> panel</h3> + <h3>Publish announcement</h3> + <form action="<?php echo $_SERVER["SCRIPT_NAME"]; ?>" method="post"> + <label><b>Subject</b></label><br> + <input type="text" name="subject"><br> + <br><label><b>Body</b></label><br> + <textarea name="body" rows="10" cols="80"></textarea><br> + <br><input type="submit" value="Publish"> + </form> + </div> + <div class="col2"> + <h3>Logged as <?php echo $username; ?></h3> + <h3><a href="/logout.php">Logout</a></h2> + <h3><a href="/admin.php">Back to admin panel</a></h2> + </div> + </div> + </main> + </body> +</html> + |