From fce9baddf09ceff31e768aa52d332f2bd30181f0 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Wed, 15 Jan 2014 17:21:13 +0100
Subject: [PATCH] New: Add substitution key into emailing module to include
 securitykey used for paypal links into email.

---
 htdocs/comm/mailing/fiche.php      | 14 ++++++++++++--
 scripts/emailings/mailing-send.php | 30 ++++++++++++++++++------------
 2 files changed, 30 insertions(+), 14 deletions(-)

diff --git a/htdocs/comm/mailing/fiche.php b/htdocs/comm/mailing/fiche.php
index 3510df7339e..dfd88d42cbd 100644
--- a/htdocs/comm/mailing/fiche.php
+++ b/htdocs/comm/mailing/fiche.php
@@ -71,6 +71,11 @@ $object->substitutionarray=array(
 	'__UNSUBSCRIBE__' => 'TagUnsubscribe'
 	//,'__PERSONALIZED__' => 'Personalized'	// Hidden because not used yet
 );
+if (! empty($conf->paypal->enabled) && ! empty($conf->global->PAYPAL_SECURITY_TOKEN))
+{
+	$object->substitutionarray['__SECUREKEYPAYPAL__']='SecureKeyPaypal';
+	if (! empty($conf->global->PAYPAL_SECURITY_TOKEN_UNIQUE)) $object->substitutionarray['__SECUREKEYPAYPAL_MEMBER__']='SecureKeyPaypalUniquePerMember';
+}
 
 $object->substitutionarrayfortest=array(
     '__ID__' => 'TESTIdRecord',
@@ -86,7 +91,7 @@ $object->substitutionarrayfortest=array(
 	'__SIGNATURE__' => (($user->signature && empty($conf->global->MAIN_MAIL_DO_NOT_USE_SIGN))?$user->signature:''),
     '__CHECK_READ__' => 'TagCheckMail',
 	'__UNSUBSCRIBE__' => 'TagUnsubscribe'
-//,'__PERSONALIZED__' => 'TESTPersonalized'	// Not used yet
+	//,'__PERSONALIZED__' => 'TESTPersonalized'	// Not used yet
 );
 
 
@@ -222,7 +227,12 @@ if ($action == 'sendallconfirmed' && $confirm == 'yes')
 							'__OTHER4__' => $other4,
 							'__OTHER5__' => $other5
 					);
-
+					if (! empty($conf->paypal->enabled) && ! empty($conf->global->PAYPAL_SECURITY_TOKEN))
+					{
+						$substitutionarray['__SECUREKEYPAYPAL__']=dol_hash($conf->global->PAYPAL_SECURITY_TOKEN, 2);
+						if (empty($conf->global->PAYPAL_SECURITY_TOKEN_UNIQUE)) $substitutionarray['__SECUREKEYPAYPAL_MEMBER__']=dol_hash($conf->global->PAYPAL_SECURITY_TOKEN, 2);
+						else $substitutionarray['__SECUREKEYPAYPAL_MEMBER__']=dol_hash($conf->global->PAYPAL_SECURITY_TOKEN . 'membersubscription' . $obj->source_id, 2);
+					}
 					$substitutionisok=true;
                     complete_substitutions_array($substitutionarray, $langs);
 					$newsubject=make_substitutions($subject,$substitutionarray);
diff --git a/scripts/emailings/mailing-send.php b/scripts/emailings/mailing-send.php
index c6fffdcc59f..4742cf59b18 100755
--- a/scripts/emailings/mailing-send.php
+++ b/scripts/emailings/mailing-send.php
@@ -145,19 +145,25 @@ if ($resql)
 						$other4=$other[3];
 						$other5=$other[4];
 						$substitutionarray=array(
-						'__ID__' => $obj->source_id,
-						'__EMAIL__' => $obj->email,
-						'__CHECK_READ__' => '<img src="'.DOL_MAIN_URL_ROOT.'/public/emailing/mailing-read.php?tag='.$obj2->tag.'&securitykey='.urlencode($conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY).'" width="1" height="1" style="width:1px;height:1px" border="0"/>',
-						'__UNSUBSCRIBE__' => '<a href="'.DOL_MAIN_URL_ROOT.'/public/emailing/mailing-unsubscribe.php?tag='.$obj2->tag.'&unsuscrib=1&securitykey='.urlencode($conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY).'" target="_blank">'.$langs->trans("MailUnsubcribe").'</a>',
-						'__MAILTOEMAIL__' => '<a href="mailto:'.$obj2->email.'">'.$obj2->email.'</a>',
-						'__LASTNAME__' => $obj2->lastname,
-						'__FIRSTNAME__' => $obj2->firstname,
-						'__OTHER1__' => $other1,
-						'__OTHER2__' => $other2,
-						'__OTHER3__' => $other3,
-						'__OTHER4__' => $other4,
-						'__OTHER5__' => $other5
+							'__ID__' => $obj->source_id,
+							'__EMAIL__' => $obj->email,
+							'__CHECK_READ__' => '<img src="'.DOL_MAIN_URL_ROOT.'/public/emailing/mailing-read.php?tag='.$obj2->tag.'&securitykey='.urlencode($conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY).'" width="1" height="1" style="width:1px;height:1px" border="0"/>',
+							'__UNSUBSCRIBE__' => '<a href="'.DOL_MAIN_URL_ROOT.'/public/emailing/mailing-unsubscribe.php?tag='.$obj2->tag.'&unsuscrib=1&securitykey='.urlencode($conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY).'" target="_blank">'.$langs->trans("MailUnsubcribe").'</a>',
+							'__MAILTOEMAIL__' => '<a href="mailto:'.$obj2->email.'">'.$obj2->email.'</a>',
+							'__LASTNAME__' => $obj2->lastname,
+							'__FIRSTNAME__' => $obj2->firstname,
+							'__OTHER1__' => $other1,
+							'__OTHER2__' => $other2,
+							'__OTHER3__' => $other3,
+							'__OTHER4__' => $other4,
+							'__OTHER5__' => $other5
 						);
+						if (! empty($conf->paypal->enabled) && ! empty($conf->global->PAYPAL_SECURITY_TOKEN))
+						{
+							$substitutionarray['__SECUREKEYPAYPAL__']=dol_hash($conf->global->PAYPAL_SECURITY_TOKEN, 2);
+							if (empty($conf->global->PAYPAL_SECURITY_TOKEN_UNIQUE)) $substitutionarray['__SECUREKEYPAYPAL_MEMBER__']=dol_hash($conf->global->PAYPAL_SECURITY_TOKEN, 2);
+							else $substitutionarray['__SECUREKEYPAYPAL_MEMBER__']=dol_hash($conf->global->PAYPAL_SECURITY_TOKEN . 'membersubscription' . $obj->source_id, 2);
+						}
 
 						complete_substitutions_array($substitutionarray,$langs);
 						$newsubject=make_substitutions($subject,$substitutionarray);
-- 
GitLab