"; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; //echo ""; //echo ""; //echo ""; }///end of function add_msg_form function retrieve_id($recipient_email) { global $sequential; $link_id = db_connect("usr_web22_1"); if(!$link_id) die(sql_error()); $stopLoop=0; while((list(,$ea_sequence)=each($sequential)) && ($stopLoop==0)) { if($ea_sequence=="BC"){$servProdb="service_providers"; $clients_db="clients";} else if($ea_sequence=="AB"){$servProdb="service_providers_ab"; $clients_db="clients_ab";} else if($ea_sequence=="SK"){$servProdb="service_providers_sk"; $clients_db="clients_sk";} else if($ea_sequence=="MB"){$servProdb="service_providers_mb"; $clients_db="clients_mb";} else if($ea_sequence=="ON"){$servProdb="service_providers_on"; $clients_db="clients_on";} else if($ea_sequence=="QC"){$servProdb="service_providers_qc"; $clients_db="clients_qc";} else if($ea_sequence=="NB"){$servProdb="service_providers_nb"; $clients_db="clients_nb";} else if($ea_sequence=="NS"){$servProdb="service_providers_ns"; $clients_db="clients_ns";} else if($ea_sequence=="PE"){$servProdb="service_providers_pe"; $clients_db="clients_pe";} else if($ea_sequence=="NL"){$servProdb="service_providers_nl"; $clients_db="clients_nl";} else if($ea_sequence=="YK"){$servProdb="service_providers_yk"; $clients_db="clients_yk";} else if($ea_sequence=="NW"){$servProdb="service_providers_nw"; $clients_db="clients_nw";} else if($ea_sequence=="NV"){$servProdb="service_providers_nv"; $clients_db="clients_nv";} else {} $retrieve_query="SELECT third_id FROM thirdparty WHERE email='$recipient_email'"; $retrieve_result=mysql_query($retrieve_query); $checkretrieve=mysql_num_rows($retrieve_result); if (!empty($checkretrieve)) { $toreturnarray=mysql_fetch_row($retrieve_result); $toreturn1=$toreturnarray[0]; if(empty($toreturn1)) { $toreturn = "nonebody"; } else { $toreturn=$toreturn1; $stopLoop=1;} } else { $retrieve_query2="SELECT Pro_id FROM $servProdb WHERE Proemail='$recipient_email'"; $retrieve_result2=mysql_query($retrieve_query2); $checkretrieve=mysql_num_rows($retrieve_result2); if (!empty($checkretrieve)) { $toreturnarray=mysql_fetch_row($retrieve_result2); $toreturn1=$toreturnarray[0]; if(empty($toreturn1)) { $toreturn = "nonebody"; } else { $toreturn=$toreturn1; $stopLoop=1;} } else { $retrieve_query3="SELECT CL_id FROM $clients_db WHERE CLemail='$recipient_email'"; $retrieve_result3=mysql_query($retrieve_query3); $toreturnarray=mysql_fetch_row($retrieve_result3); $toreturn1=$toreturnarray[0]; if(empty($toreturn1)) { $toreturn = "nonebody"; } else { $toreturn=$toreturn1; $stopLoop=1;} } } } return $toreturn; } function add_msg() { global $sequential, $temp_email_input_CON, $mcrypt_key; $link_id = db_connect("usr_web22_1"); if(!$link_id) die(sql_error()); $temp_prov=$_GET['recipProv']; $temp_sender=$_POST['sender_id2']; $temp_email_input=$temp_email_input_CON; $temp_email_input=ereg_replace(";","", $temp_email_input); $temp_subj=$_POST['subject_input']; $temp_subj=ereg_replace(";","", $temp_subj); $temp_msg_input=$_POST['msg_input']; $temp_recipient=retrieve_id($temp_email_input); $todaytime=time(); $temp_time=strftime('%Y-%m-%d %H:%M:%S', $todaytime); $mcrypt_module = mcrypt_module_open('rijndael-256', '', 'cbc', ''); $mcrypt_iv=get_iv(); mcrypt_generic_init($mcrypt_module, $mcrypt_key, $mcrypt_iv); $temp_msg_input=base64_encode(mcrypt_generic($mcrypt_module, $temp_msg_input)); $temp_subj=base64_encode(mcrypt_generic($mcrypt_module, $temp_subj)); mcrypt_generic_deinit($mcrypt_module); $mcrypt_iv64=base64_encode($mcrypt_iv); $am_query="INSERT INTO secret_msg (msg_key, email, sender_id, recipient_id, subject, secret_msg, time_msg, updatetime, msg_iv) VALUES(NULL,'$temp_email_input', '$temp_sender', '$temp_recipient','$temp_subj','$temp_msg_input','$temp_time',NULL, '$mcrypt_iv64')"; $result_iq=mysql_query($am_query); if(!$result_iq) error_message(sql_error()); ///get msg_key $newmsg=mysql_insert_id($link_id); if (!$newmsg) error_message("no newmsg"); ///mail to recipient $mail_header = "From: admin@zappointments.com\n"; $mail_header .= "Reply-to: admin@zappointments.com\n"; $mail_header .= "MIME-Version: 1.0\r\n"; $mail_header .= "Content-type: text/html"; $mail_subject="Confidential message at zappointments.com"; $mail_address=$temp_email_input; $mail_body = ""; $mail_body .= "You have a confidential message waiting for you at www.zappointments.com. \n The message will be available for 30 days.\n"; $mail_body .= ""; mail($mail_address, $mail_subject, $mail_body, $mail_header); } ////////////BODY BODY BODY BODY//////////// session_start(); global $PHP_SELF; echo ""; ?> "; if ($_POST['action_msg']=="added_msg") { if($_GET['recipProv']=="BC"){$sequential[]="BC"; $sequential[]="AB"; $sequential[]="SK";$sequential[]="MB"; $sequential[]="ON";$sequential[]="QC"; $sequential[]="NB";$sequential[]="NS"; $sequential[]="PE";$sequential[]="NL"; $sequential[]="YK";$sequential[]="NW";$sequential[]="NV"; } else if($_GET['recipProv']=="AB"){$sequential[]="AB"; $sequential[]="BC"; $sequential[]="SK";$sequential[]="MB"; $sequential[]="ON";$sequential[]="QC"; $sequential[]="NB";$sequential[]="NS"; $sequential[]="PE";$sequential[]="NL"; $sequential[]="YK";$sequential[]="NW";$sequential[]="NV"; } else if($_GET['recipProv']=="SK"){$sequential[]="SK"; $sequential[]="AB"; $sequential[]="MB";$sequential[]="BC"; $sequential[]="ON";$sequential[]="QC"; $sequential[]="NB";$sequential[]="NS"; $sequential[]="PE";$sequential[]="NL"; $sequential[]="YK";$sequential[]="NW";$sequential[]="NV"; } else if($_GET['recipProv']=="MB"){$sequential[]="MB"; $sequential[]="SK"; $sequential[]="ON";$sequential[]="AB"; $sequential[]="BC";$sequential[]="QC"; $sequential[]="NB";$sequential[]="NS"; $sequential[]="PE";$sequential[]="NL"; $sequential[]="YK";$sequential[]="NW";$sequential[]="NV"; } else if($_GET['recipProv']=="ON"){$sequential[]="ON";$sequential[]="QC"; $sequential[]="MB";$sequential[]="SK"; $sequential[]="AB"; $sequential[]="BC"; $sequential[]="NB";$sequential[]="NS"; $sequential[]="PE";$sequential[]="NL"; $sequential[]="YK";$sequential[]="NW";$sequential[]="NV"; } else if($_GET['recipProv']=="QC"){$sequential[]="QC";$sequential[]="ON"; $sequential[]="NB";$sequential[]="NS"; $sequential[]="PE";$sequential[]="NL"; $sequential[]="SK";$sequential[]="MB"; $sequential[]="AB"; $sequential[]="BC"; $sequential[]="YK";$sequential[]="NW";$sequential[]="NV"; } else if($_GET['recipProv']=="NB"){$sequential[]="NB";$sequential[]="NS"; $sequential[]="PE";$sequential[]="NL"; $sequential[]="QC";$sequential[]="ON"; $sequential[]="BC"; $sequential[]="AB"; $sequential[]="MB";$sequential[]="SK"; $sequential[]="YK";$sequential[]="NW";$sequential[]="NV"; } else if($_GET['recipProv']=="NS"){$sequential[]="NS";$sequential[]="NB"; $sequential[]="PE";$sequential[]="NL"; $sequential[]="QC";$sequential[]="ON"; $sequential[]="BC"; $sequential[]="AB"; $sequential[]="MB";$sequential[]="SK"; $sequential[]="YK";$sequential[]="NW";$sequential[]="NV"; } else if($_GET['recipProv']=="PE"){$sequential[]="PE";$sequential[]="NL"; $sequential[]="NS";$sequential[]="NB"; $sequential[]="QC";$sequential[]="ON"; $sequential[]="BC"; $sequential[]="AB"; $sequential[]="MB";$sequential[]="SK"; $sequential[]="YK";$sequential[]="NW";$sequential[]="NV"; } else if($_GET['recipProv']=="NL"){$sequential[]="NL";$sequential[]="PE"; $sequential[]="NS";$sequential[]="NB"; $sequential[]="QC";$sequential[]="ON"; $sequential[]="BC"; $sequential[]="AB"; $sequential[]="MB";$sequential[]="SK"; $sequential[]="YK";$sequential[]="NW";$sequential[]="NV"; } else if($_GET['recipProv']=="YK" || $_GET['recipProv']=="NW" || $_GET['recipProv']=="NV") {$sequential[]="YK";$sequential[]="NW";$sequential[]="NV"; $sequential[]="ON";$sequential[]="BC"; $sequential[]="AB"; $sequential[]="QC"; $sequential[]="MB";$sequential[]="SK"; $sequential[]="NL";$sequential[]="PE"; $sequential[]="NS";$sequential[]="NB"; } else {$sequential[]="ON";$sequential[]="BC"; $sequential[]="AB"; $sequential[]="QC"; $sequential[]="MB";$sequential[]="SK"; $sequential[]="NL";$sequential[]="PE"; $sequential[]="NS";$sequential[]="NB"; $sequential[]="YK";$sequential[]="NW";$sequential[]="NV"; } $temp_email_input_CON=$_POST['email_input']; $temp_email_input_CON=str_replace("ATNOSPAM","@", $temp_email_input_CON); if(ereg("^([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$", $temp_email_input_CON)) { add_msg(); echo "

Your message has been sent!

"; echo "

"; echo $temp_recipient; echo "

click the image below to return to zappointments.com home page
"; echo ""; echo "

"; echo ""; echo "

"; } else {error_message("enter a valid email address for the recipient");} } else { if( ( (!empty($_SESSION['userProid'])) OR (!empty($_SESSION['user3id1'])) ) OR (!empty($_SESSION['userCLid'])) ) { add_msg_form(); } else {echo "You cannot send a secure message unless you are logged in.
"; echo "If you are a service provider, log in here
"; echo "If you are a client/patient, log in here
"; echo "If you are a third party payor, log in here
"; echo "If you are not yet registered, go back to the main page here. Registration is free for third parties and for clients/patients!
"; } } //////////////////////END echo "";

Your ID	"; echo $display_id; echo "
email of recipient	"; echo "
subject of message	"; echo "
secret message	Type your confidential message here. If you are logged in your id will show in the top line marked \"Your ID\". If there is no id in the top line, please include a return address in the text of your message."; echo "
"; echo ""; echo "
recipient zappointments id	"; //echo "