ShaYmez
/
FreeSTAR-Status-Engine
mirror of https://github.com/ShaYmez/FreeSTAR-Status-Engine.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add new classes 

This implements the following new classes

- mailer.php Class to handle smtp/mail related tasks. This implements
  support for PHPMailer()

- notification.php Class to handle notification to subscribers.

- subscriber.php Class to handle the self-managment of subscribers.

- subscriptions.php Class to handle subscription to services for
  subscribers.
This commit is contained in:
Thomas Nilsen 2018-11-25 17:18:09 +01:00
parent d504b0a4cc
commit 82e3dcb11e
4 changed files with 736 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

175
classes/mailer.php Normal file
View File

@ -0,0 +1,175 @@
<?php
/**
* Class that encapsulates everything that can be done with email
*/
use PHPMailer\PHPMailer\PHPMailer; // Inclusion of namespace will not cause any issue even if PHPMailer is not used
use PHPMailer\PHPMailer\Exception;
// TODO Any other way to handle this include? Should we just do the include form each index.php?
if (file_exists("libs/php_idn/idna.php")) {
require_once("libs/php_idn/idna.php");
} else {
// Include for Admin section
require_once("../libs/php_idn/idna.php");
}
class Mailer {
public function __construct(){
}
/**
* Generic function to submit mail messages via mail og PHPmailer()
* @param String $to Email address to which mail should be sent
* @param String $message Body of email
* @param boolean $html Set to true if we are sending HTML Mailer
* @return boolean True if success
*/
public function send_mail($to, $subject, $message, $html = true) {
// TODO -Handle $to as an array in order to send to muliple recipients without having
// to call the entire send_mail function over and over..
$content_type = ($html) ? 'text/html' : 'text/plain';
// Convert IDN/punycode domain to ascii
// TODO Handle IDN in left hand side of email address
if ( $this->is_utf8($to) ) {
$elements = explode('@', $to);
$domainpart = EncodePunycodeIDN(array_pop($elements)); // Convert domain part to ascii
$to = $elements[0] . '@' . $domainpart; // Reassemble tge full email address
syslog(1,"email: " .$to);
}
// Send using PHP mailer if it is enabled
if ( PHP_MAILER ) {
require_once(PHP_MAILER_PATH .'/Exception.php'); /* Exception class. */
require_once(PHP_MAILER_PATH .'/PHPMailer.php'); /* The main PHPMailer class. */
if ( PHP_MAILER_SMTP ) {
require_once(PHP_MAILER_PATH .'/SMTP.php'); /* SMTP class, needed if you want to use SMTP. */
}
$phpmail = new PHPMailer(false);
$phpmail->setFrom(MAILER_ADDRESS, MAILER_NAME);
$phpmail->addReplyTo(MAILER_ADDRESS, MAILER_NAME);
//$phpmail->Debugoutput = error_log;
// Define SMTP parameters if enabled
if ( PHP_MAILER_SMTP ) {
$phpmail->isSMTP();
$phpmail->Host = PHP_MAILER_HOST;
$phpmail->Port = PHP_MAILER_PORT;
$phpmail->SMTPSecure = PHP_MAILER_SECURE;
//$phpmail->SMTPDebug = 2; // Enable for debugging
// Handle authentication for SMTP if enabled
if ( !empty(PHP_MAILER_USER) ) {
$phpmail->SMTPAuth = true;
$phpmail->Username = PHP_MAILER_USER;
$phpmail->Password = PHP_MAILER_PASS;
}
}
$phpmail->addAddress($to);
$phpmail->Subject = $subject;
// Send HMTL mail
if ( $html ) {
$phpmail->msgHtml($message);
$phpmail->AltBody = $this->convert_html_to_plain_txt($message, false);
} else {
$phpmail->Body = $message; // Send plain text
}
$phpmail->isHtml($html); // use htmlmail if enabled
if ( ! $phpmail->send() ) {
// TODO Log error message $phpmail->ErrorInfo;
return false;
}
return true;
} else {
// Use standard PHP mail() function
$headers = "Content-Type: $content_type; \"charset=utf-8\" ".PHP_EOL;
$headers .= "MIME-Version: 1.0 ".PHP_EOL;
$headers .= "From: ".MAILER_NAME.' <'.MAILER_ADDRESS.'>'.PHP_EOL;
$headers .= "Reply-To: ".MAILER_NAME.' <'.MAILER_ADDRESS.'>'.PHP_EOL;
mail($to, $subject, $message, $headers);
// TODO log error message if mail fails
return true;
}
}
/**
* Tries to verify the domain using dns request against an MX record of the domain part
* of the passed email address. The code also handles IDN/Punycode formatted addresses which
* contains utf8 characters.
* Original code from https://stackoverflow.com/questions/19261987/how-to-check-if-an-email-address-is-real-or-valid-using-php/19262381
* @param String $email Email address to check
* @return boolean True if MX record exits, false if otherwise
*/
public function verify_domain($email){
// TODO - Handle idn/punycode domain names without being dependent on PHP native libs.
$domain = explode('@', $email);
$domain = EncodePunycodeIDN(array_pop($domain).'.'); // Add dot at end of domain to avoid local domain lookups
syslog(1,$domain);
return checkdnsrr($domain, 'MX');
}
/**
* Check if string contains non-english characters (detect IDN/Punycode enabled domains)
* Original code from: https://stackoverflow.com/questions/13120475/detect-non-english-chars-in-a-string
* @param String $str String to check for extended characters
* @return boolean True if extended characters, false otherwise
*/
public function is_utf8($str)
{
if (strlen($str) == strlen(utf8_decode($str))) {
return false;
} else {
return true;
}
}
/**
* Takes the input from an HTML email and convert it to plain text
* This is commonly used when sending HTML emails as a backup for email clients who can only view, or who choose to only view,
* Original code from https://github.com/DukeOfMarshall/PHP---JSON-Email-Verification/blob/master/EmailVerify.class.php
* plain text emails
* @param string $content The body part of the email to convert to plain text.
* @param boolean $remove_links Set to true if links should be removed from email
* @return String pain text version
*/
public function convert_html_to_plain_txt($content, $remove_links=false){
// TODO does not handle unsubscribe/manage subscription text very well.
// Replace HTML line breaks with text line breaks
$plain_text = str_ireplace(array("<br>","<br />"), "\n\r", $content);
// Remove the content between the tags that wouldn't normally get removed with the strip_tags function
$plain_text = preg_replace(array('@<head[^>]*?>.*?</head>@siu',
'@<style[^>]*?>.*?</style>@siu',
'@<script[^>]*?.*?</script>@siu',
'@<noscript[^>]*?.*?</noscript>@siu',
), "", $plain_text); // Remove everything from between the tags that doesn't get removed with strip_tags function
// If the user has chosen to preserve the addresses from links
if(!$remove_links){
$plain_text = strip_tags(preg_replace('/<a href="(.*)">/', ' $1 ', $plain_text));
}
// Remove HTML spaces
$plain_text = str_replace("&nbsp;", "", $plain_text);
// Replace multiple line breaks with a single line break
$plain_text = preg_replace("/(\s){3,}/","\r\n\r\n",trim($plain_text));
return $plain_text;
}
}

139
classes/notification.php Normal file
View File

@ -0,0 +1,139 @@
<?php
/**
* Class that encapsulates everything that can be done with notifications
*/
class Notification
{
public $status_id = null;
public $servicenames = "";
public $serviceids = "";
public $type = 0;
public $time = 0;
public $text = "";
public $title = "";
public $status = "";
/**
* Generate an array of servicenames and service IDs affected by a given incident
* @param int $statsus_id The incident to query
* @return boolean
*/
public function get_service_details($status_id)
{
global $mysqli;
if (! empty($status_id)) {
// Fetch services names for use in email
$stmt = $mysqli->prepare("SELECT services.id, services.name FROM services INNER JOIN services_status on services.id = services_status.service_id WHERE services_status.status_id = ?");
$stmt->bind_param("i", $status_id);
$stmt->execute();
$query = $stmt->get_result();
$arrServicesNames = array();
$arrServicesId = array();
while ($result = $query->fetch_assoc()) {
$arrServicesNames[] = $result['name'];
$arrServicesId[] = (int) $result['id'];
}
$this->status_id = $status_id;
$this->servicenames = implode(",", $arrServicesNames);
$this->serviceids = implode(",", $arrServicesId);
return true;
} else {
return false;
}
}
/**
* Loop over the list of subscribers to notify depending on impacted service(s) and
* call the differnet notification handles.
* @return void
*/
public function notify_subscribers()
{
global $mysqli;
// Fetch list of unique subscribers for given service
// Direct inclusion of variable withour using prepare justified by the fact that
// this->serviceids are not user submitted
$sql = "SELECT DISTINCT subscriberIDFK FROM services_subscriber WHERE serviceIDFK IN (" . $this->serviceids . ")";
$query = $mysqli->query($sql);
while ($subscriber = $query->fetch_assoc()) {
// Fetch list of subscriber details for already found subscriber IDs
$stmt = $mysqli->prepare("SELECT typeID, userID, firstname, token FROM subscribers WHERE subscriberID = ? AND active=1");
$stmt->bind_param("i", $subscriber['subscriberIDFK']);
$stmt->execute();
$subscriberQuery = $stmt->get_result();
while ($subscriberData = $subscriberQuery->fetch_assoc()) {
$typeID = $subscriberData['typeID']; // Telegram = 1, email = 2
$userID = $subscriberData['userID'];
$firstname = $subscriberData['firstname'];
$token = $subscriberData['token'];
// Handle telegram
if ($typeID == 1) {
$this->submit_telegram($userID, $firstname, $token);
}
// Handle email
if ($typeID == 2) {
$this->submit_email($userID, $token);
}
}
}
}
/**
* Sends Telegram notification message using their web api.
* @param string $userID The Telegram userid to send to
* @param string $firstname The users firstname
* @param string $uthkey Token used for managing subscription
* @return void
*/
public function submit_telegram($userID, $firstname, $token)
{
// TODO Handle limitations (Max 30 different subscribers per second)
// TODO Error handling
$msg = _("Hi %s!\nThere is a status update for service(s): %s\nThe new status is: %s\nTitle: %s\n\n%s\n\n<a href='%s'>View online</a>");
$msg = sprintf($msg, $firstname, $this->servicenames, $this->status, $this->title, $this->text, WEB_URL);
$tg_message = urlencode($msg);
$response = json_decode(file_get_contents("https://api.telegram.org/bot" . TG_BOT_API_TOKEN . "/sendMessage?chat_id=" . $userID . "&parse_mode=HTML&text=" . $tg_message), true);
}
/**
* Sends email notifications to a subscriber.
* Function depends on Parsedown and Mailer class being loaded.
* @param String $userID The email address to send to
* @param String $uthkey Users token for managing subscription
* @return void
*/
public function submit_email($userID, $token)
{
// TODO Error handling
$Parsedown = new Parsedown();
$mailer = new Mailer();
$str_mail = file_get_contents("../libs/templates/email_status_update.html");
$str_mail = str_replace("%name%", NAME, $str_mail);
// $smtp_mail = str_replace("%email%", $userID, $smtp_mail);
$str_mail = str_replace("%url%", WEB_URL, $str_mail);
$str_mail = str_replace("%service%", $this->servicenames, $str_mail);
$str_mail = str_replace("%status%", $this->status, $str_mail);
$str_mail = str_replace("%time%", date("c", $this->time), $str_mail);
$str_mail = str_replace("%comment%", $Parsedown->setBreaksEnabled(true)->text($this->text), $str_mail);
$str_mail = str_replace("%token%", $token, $str_mail);
$str_mail = str_replace("%service_status_update_from%", _("Service status update from"), $str_mail);
$str_mail = str_replace("%services_impacted%", _("Service(s) Impacted"), $str_mail);
$str_mail = str_replace("%status_label%", _("Status"), $str_mail);
$str_mail = str_replace("%time_label%", _("Time"), $str_mail);
$str_mail = str_replace("%manage_subscription%", _("Manage subscription"), $str_mail);
$str_mail = str_replace("%unsubscribe%", _("Unsubscribe"), $str_mail);
$str_mail = str_replace("%powered_by%", _("Powered by"), $str_mail);
$subject = _('Status update from') . ' - ' . NAME . ' [ ' . $this->status . ' ]';
$mailer->send_mail($userID, $subject, $str_mail);
}
}

328
classes/subscriber.php Normal file
View File

@ -0,0 +1,328 @@
<?php
/**
* Subscriber class
*
*/
Class Subscriber
{
public $id = null;
public $firstname = null;
public $lastname = null;
public $userID = ""; // Holds email, telegram id etc
public $token = null;
public $active = 0;
public $typeID = null; // Holds subscription type ID
function __construct() {
$this->firstname = null;
$this->lastname = null;
$this->userID = "";
$this->token = null;
$this->active = 0;
$this->typeID = null;
}
/**
* Gets authentcation token for specified subscriberID
* @param Integer $subscriberID - specifies which subscriber we are looking up
* @param Integer $typeID - specifies which type of subscription we are refering (1 = telegram, 2 = email)
* @return String $token - 32 bytes HEX string
*/
public function get_token($subscriberID, $typeID)
{
global $mysqli;
$stmt = $mysqli->prepare("SELECT token FROM subscribers WHERE subscriberID = ? and typeID=? and active = 1 LIMIT 1");
$stmt->bind_param("ii", $subscriberID, $typeID);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$row = $result->fetch_assoc();
$this->token = $row['token'];
//$this->get_subscriber_by_token($this->token);
return $row['token'];
}
return false;
}
public function get_subscriber_by_token($token)
{
global $mysqli;
$stmt = $mysqli->prepare("SELECT subscriberID FROM subscribers WHERE token=? and typeID=?");
$stmt->bind_param("si", $token, $this->typeID);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$row = $result->fetch_assoc();
$this->id = $row['subscriberID'];
$this->populate(); //
return true;
}
return false;
}
public function get_subscriber_by_userid($create = false)
{
global $mysqli;
$stmt = $mysqli->prepare("SELECT subscriberID FROM subscribers WHERE userID LIKE ? AND typeID = ? LIMIT 1");
$stmt->bind_param("si", $this->userID, $this->typeID );
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$row = $result->fetch_assoc();
$this->id = $row['subscriberID'];
$this->populate();
return $row['subscriberID'];
} else {
// User is not registered in DB, so add if $create = true
if ( $create ) {
$subscriber_id = $this->add($this->typeID, $this->userID, $this->active, $this->firstname, $this->lastname);
return $subscriber_id;
}
return false;
}
}
public function populate()
{
global $mysqli;
$stmt = $mysqli->prepare("SELECT typeID, userID, firstname, lastname, token, active FROM subscribers WHERE subscriberID = ?");
$stmt->bind_param("i", $this->id);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$row = $result->fetch_assoc();
$this->userID = $row['userID'];
$this->typeID = $row['typeID'];
$this->firstname = $row['firstname'];
$this->lastname = $row['lastname'];
$this->token = $row['token'];
$this->active = $row['active'];
return true;
}
return false;
}
public function add($typeID, $userID, $active = null, $firstname = null, $lastname = null)
{
global $mysqli;
$expireTime = strtotime("+2 hours");
$updateTime = strtotime("now");
$token = $this->generate_token();
syslog(1,"token". $token);
$stmt = $mysqli->prepare("INSERT INTO subscribers (typeID, userID, firstname, lastname, token, active, expires, create_time) VALUES (?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param("issssiii", $typeID, $userID, $firstname, $lastname, $token, $active, $expireTime, $updateTime);
$stmt->execute();
$query = $stmt->get_result();
$this->id = $mysqli->insert_id;
$this->typeID = $typeID;
$this->userID = $userID;
$this->token = $token;
$this->firstname = $firstname;
$this->lastname = $lastname;
$this->active = $active;
return $this->id;
}
public function update($subscriberID)
{
global $mysqli;
$updateTime = strtotime("now");
$stmt = $mysqli->prepare("UPDATE subscribers SET update_time = ? WHERE subscriberID=?");
$stmt->bind_param("ii", $updateTime, $subscriberId);
$stmt->execute();
return true;
}
public function activate($subscriberID)
{
global $mysqli;
$updateTime = strtotime("now");
$stmt = $mysqli->prepare("UPDATE subscribers SET update_time = ?, expires = ? WHERE subscriberID = ?");
$tmp = null;
$stmt->bind_param("iii", $updateTime, $tmp, $subscriberId);
$stmt->execute();
return true;
}
public function delete($id)
{
global $mysqli;
$stmt = $mysqli->prepare("DELETE FROM services_subscriber WHERE subscriberIDFK = ?");
$stmt->bind_param("i", $this->id);
$stmt->execute();
$query = $stmt->get_result();
$stmt = $mysqli->prepare("DELETE FROM subscribers WHERE subscriberID = ?");
$stmt->bind_param("i", $this->id);
$stmt->execute();
$query = $stmt->get_result();
}
public function check_userid_exist()
{
global $mysqli;
$stmt = $mysqli->prepare("SELECT subscriberID, userID, token, active FROM subscribers WHERE typeID=? AND userID=? LIMIT 1");
$stmt->bind_param("is", $this->typeID, $this->userID);
$stmt->execute();
$result = $stmt->get_result();
if($result->num_rows > 0) {
$row = $result->fetch_assoc();
$this->id = $row['subscriberID'];
$this->populate();
return true;
}
return false;
}
public function is_active_subscriber($token)
{
global $mysqli;
$stmt = $mysqli->prepare("SELECT subscriberID, token, userID, active, expires FROM subscribers WHERE token LIKE ? LIMIT 1");
$stmt->bind_param("s", $token );
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$row = $result->fetch_assoc();
} else {
// No data found, fail gently...
return false;
}
// If account is not already active, check if we are within timeframe of exipre +2h
// and active if so, otherwise,delete account and return falsev
if ( $row['active'] <> 1 ) {
// Calculate time range for when subscription need to be validated
$time_end = $row['expires'];
$time_start = $time_end - (3600*2); // TODO - make this interval configurable via a config option
$time_now = time();
if ( ($time_now > $time_start) && ($time_now < $time_end) ) {
// Timefram is within range, active user..
$stmt2 = $mysqli->prepare("UPDATE subscribers SET active=1, expires=null WHERE subscriberID = ?");
$stmt2->bind_param("i", $row['subscriberID']);
$stmt2->execute();
$result = $stmt2->get_result();
$this->active = 1;
$this->id = $row['subscriberID'];
$this->userID = $row['userID'];
$this->token = $row['token'];
return true;
} else {
// Timeframe outside of given scope -> delete account
$stmt2 = $mysqli->prepare("DELETE FROM subscribers WHERE subscriberID = ?");
$stmt2->bind_param("i", $row['subscriberID']);
$stmt2->execute();
$result = $stmt2->get_result();
$this->active = 0;
return false;
}
}
// if we get here, account should already be active
$this->active = 1;
$this->id = $row['subscriberID'];
$this->userID = $row['userID'];
$this->token = $row['token'];
return true;
}
/**
* Generate a new 64 byte token (32 bytes converted from bin2hex = 64 bytes)
* @return string token
*/
public function generate_token()
{
global $mysqli;
if ( function_exists('openssl_random_pseudo_bytes') ) {
$token = openssl_random_pseudo_bytes(32); //Generate a random string.
$token = bin2hex($token); //Convert the binary data into hexadecimal representation.
} else {
// Use alternative token generator if openssl isn't available...
$token = make_alt_token(32, 32);
}
// Make sure token doesn't already exist in db
$stmt = $mysqli->prepare("SELECT subscriberID FROM subscribers WHERE token LIKE ?");
echo $mysqli->error;
$stmt->bind_param("s", $token);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0 ) {
// token already exists, call self again
$token = $this->generate_token();
}
return $token;
}
/**
* Alternative token generator if openssl_random_pseudo_bytes is not available
* Original code by jsheets at shadonet dot com from http://php.net/manual/en/function.mt-rand.php
* @params int min_length Minimum length of token
* @params int max_length Maximum length of token
* @return String token
*/
public function make_alt_token($min_length = 32, $max_length = 64)
{
$key = '';
// build range and shuffle range using ASCII table
for ($i=0; $i<=255; $i++) {
$range[] = chr($i);
}
// shuffle our range 3 times
for ($i=0; $i<=3; $i++) {
shuffle($range);
}
// loop for random number generation
for ($i = 0; $i < mt_rand($min_length, $max_length); $i++) {
$key .= $range[mt_rand(0, count($range)-1)];
}
$return = bin2hex($key);
if (!empty($return)) {
return $return;
} else {
return 0;
}
}
public function set_logged_in()
{
$_SESSION['subscriber_valid'] = true;
$_SESSION['subscriber_id'] = $this->id;
$_SESSION['subscriber_userid'] = $this->userID;
$_SESSION['subscriber_typeid'] = $this->typeID; //email
$_SESSION['subscriber_token'] = $this->token;
}
public function set_logged_off()
{
unset($_SESSION['subscriber_valid']);
unset($_SESSION['subscriber_userid']);
unset($_SESSION['subscriber_typeid']);
unset($_SESSION['subscriber_id']);
unset($_SESSION['subscriber_token']);
}
}

94
classes/subscriptions.php Normal file
View File

@ -0,0 +1,94 @@
<?php
/**
* Subscriptions class
*
*/
Class Subscriptions
{
public function add($userID, $service)
{
global $mysqli;
$stmt = $mysqli->prepare("INSERT INTO services_subscriber (subscriberIDFK, serviceIDFK) VALUES (?, ?)");
$stmt->bind_param("ii", $userID, $service);
$stmt->execute();
$query = $stmt->get_result();
}
public function remove($userID, $service)
{
global $mysqli;
$stmt = $mysqli->prepare("DELETE FROM services_subscriber WHERE subscriberIDFK = ? AND serviceIDFK = ?");
$stmt->bind_param("ii", $userID, $service);
$stmt->execute();
$query = $stmt->get_result();
}
function render_subscribed_services($typeID, $subscriberID, $userID, $token)
{
global $mysqli;
$stmt = $mysqli->prepare("SELECT services.id, services.name, subscribers.subscriberID, subscribers.userID, subscribers.token
FROM services
LEFT JOIN services_subscriber ON services_subscriber.serviceIDFK = services.id
LEFT JOIN subscribers ON services_subscriber.subscriberIDFK = subscribers.subscriberID
WHERE subscribers.typeID = ? AND subscribers.subscriberID = ?");
$stmt->bind_param("ii", $typeID, $subscriberID);
$stmt->execute();
$query = $stmt->get_result();
$timestamp = time();
$strNotifyType = _('E-mail Notification subscription');
if ( $typeID == 1 ) { $strNotifyType = _('Telegram Notification subscription'); }
?>
<div class="row">
<div class="col-xs-12 col-lg-offset-2 col-lg-8">
<div class="text-center">
<h3><?php echo $strNotifyType; ?></h3>
<p><?php echo _("Manage notification subscription for"); echo "&nbsp". $userID; ?></p>
<a onclick="if (confirm('<?php echo _("Are you sure you want to cancel you subscription?");?>')){return true;}else{event.stopPropagation(); event.preventDefault();};" class="confirmation" href="index.php?do=unsubscribe&amp;type=<?php echo $typeID;?>&amp;token=<?php echo $token;?>"><button class="btn btn-danger"><?php echo _("Cancel Subscription");?></button></a>
</div>
</div>
</div>
<?php
echo '<h1>' . _("Your subscriptions") . "</h1>";
echo '<div class="list-group">';
$subs = array(); // Will be used to hold IDs of services already selected
if ($query->num_rows){
while($result = $query->fetch_assoc())
{
echo '<a href="'.WEB_URL.'/subscriptions.php?remove=' . $result['id'] .'" class="list-group-item"><span class="glyphicon glyphicon-remove text-danger"></span>&nbsp;' . $result['name'] . '</a>';
$subs[] = $result['id'];
}
} else {
echo '<div class="container"><summary>'._("You do not currently subscribe to any services. Please add services from the list below.").'</summary></div>';
}
echo "</div>";
echo '<h1>' . _("Add new subscription") . '</h1>';
// Prepare to query for unselect services. If none are selected, query for all
$subsExp = null;
if (count($subs) > 0 ) {
$subsExp = 'NOT IN ('. implode(",", $subs) .')';
}
$query = $mysqli->query("SELECT services.id, services.name from services WHERE services.id $subsExp");
echo '<div class="list-group">';
if ($query->num_rows){
while($result = $query->fetch_assoc()){
echo '<a href="'.WEB_URL.'/subscriptions.php?add=' . $result['id'] . '" class="list-group-item list-group-item-action"><span class="glyphicon glyphicon-plus text-success"></span>&nbsp;' . $result['name'] . '</a>';
}
} else {
echo '<div class="container"><summary>'._("No further services available for subscriptions.").'</summary></div>';
}
echo '</div>';
}
}