function forum_mail($to, $subject, $message, $reply_to_email = '', $reply_to_name = '') { global $forum_config, $lang_common; // Default sender address $from_name = sprintf($lang_common['Forum mailer'], $forum_config['o_board_title']); $from_email = $forum_config['o_webmaster_email']; ($hook = get_hook('em_fn_forum_mail_start')) ? eval($hook) : null; // Do a little spring cleaning $to = forum_trim(preg_replace('#[\\n\\r]+#s', '', $to)); $subject = forum_trim(preg_replace('#[\\n\\r]+#s', '', $subject)); $from_email = forum_trim(preg_replace('#[\\n\\r:]+#s', '', $from_email)); $from_name = forum_trim(preg_replace('#[\\n\\r:]+#s', '', str_replace('"', '', $from_name))); $reply_to_email = forum_trim(preg_replace('#[\\n\\r:]+#s', '', $reply_to_email)); $reply_to_name = forum_trim(preg_replace('#[\\n\\r:]+#s', '', str_replace('"', '', $reply_to_name))); // Set up some headers to take advantage of UTF-8 $from = "=?UTF-8?B?" . base64_encode($from_name) . "?=" . ' <' . $from_email . '>'; $subject = "=?UTF-8?B?" . base64_encode($subject) . "?="; $headers = 'From: ' . $from . "\r\n" . 'Date: ' . gmdate('r') . "\r\n" . 'MIME-Version: 1.0' . "\r\n" . 'Content-transfer-encoding: 8bit' . "\r\n" . 'Content-type: text/plain; charset=utf-8' . "\r\n" . 'X-Mailer: PunBB Mailer'; // If we specified a reply-to email, we deal with it here if (!empty($reply_to_email)) { $reply_to = "=?UTF-8?B?" . base64_encode($reply_to_name) . "?=" . ' <' . $reply_to_email . '>'; $headers .= "\r\n" . 'Reply-To: ' . $reply_to; } // Make sure all linebreaks are CRLF in message (and strip out any NULL bytes) $message = str_replace(array("\n", ""), array("\r\n", ''), forum_linebreaks($message)); ($hook = get_hook('em_fn_forum_mail_pre_send')) ? eval($hook) : null; if ($forum_config['o_smtp_host'] != '') { smtp_mail($to, $subject, $message, $headers); } else { // Change the linebreaks used in the headers according to OS if (strtoupper(substr(PHP_OS, 0, 3)) == 'MAC') { $headers = str_replace("\r\n", "\r", $headers); } else { if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN') { $headers = str_replace("\r\n", "\n", $headers); } } mail($to, $subject, $message, $headers); } }
if (!isset($form['rules']) || $form['rules'] != '1') { $form['rules'] = '0'; } if ($form['rules_message'] != '') { $form['rules_message'] = forum_linebreaks($form['rules_message']); } else { $form['rules_message'] = $lang_admin_settings['Rules default']; } break; case 'maintenance': ($hook = get_hook('aop_maintenance_validation')) ? eval($hook) : null; if (!isset($form['maintenance']) || $form['maintenance'] != '1') { $form['maintenance'] = '0'; } if ($form['maintenance_message'] != '') { $form['maintenance_message'] = forum_linebreaks($form['maintenance_message']); } else { $form['maintenance_message'] = $lang_admin_settings['Maintenance message default']; } break; default: ($hook = get_hook('aop_new_section_validation')) ? eval($hook) : null; break; } ($hook = get_hook('aop_pre_update_configuration')) ? eval($hook) : null; foreach ($form as $key => $input) { // Only update permission values that have changed if (array_key_exists('p_' . $key, $forum_config) && $forum_config['p_' . $key] != $input) { $query = array('UPDATE' => 'config', 'SET' => 'conf_value=' . intval($input), 'WHERE' => 'conf_name=\'p_' . $forum_db->escape($key) . '\''); ($hook = get_hook('aop_qr_update_permission_conf')) ? eval($hook) : null; $forum_db->query_build($query) or error(__FILE__, __LINE__);
if ($can_edit_subject) { $subject = forum_trim($_POST['req_subject']); if ($subject == '') { $errors[] = $lang_post['No subject']; } else { if (utf8_strlen($subject) > 70) { $errors[] = $lang_post['Too long subject']; } else { if ($forum_config['p_subject_all_caps'] == '0' && utf8_strtoupper($subject) == $subject && !$forum_page['is_admmod']) { $subject = utf8_ucwords(utf8_strtolower($subject)); } } } } // Clean up message from POST $message = forum_linebreaks(forum_trim($_POST['req_message'])); if (strlen($message) > FORUM_MAX_POSTSIZE_BYTES) { $errors[] = sprintf($lang_post['Too long message'], forum_number_format(strlen($message)), forum_number_format(FORUM_MAX_POSTSIZE_BYTES)); } else { if ($forum_config['p_message_all_caps'] == '0' && utf8_strtoupper($message) == $message && !$forum_page['is_admmod']) { $message = utf8_ucwords(utf8_strtolower($message)); } } // Validate BBCode syntax if ($forum_config['p_message_bbcode'] == '1' || $forum_config['o_make_links'] == '1') { if (!defined('FORUM_PARSER_LOADED')) { require FORUM_ROOT . 'include/parser.php'; } $message = preparse_bbcode($message, $errors); } if ($message == '') {
} ($hook = get_hook('afo_edit_forum_selected')) ? eval($hook) : null; // Fetch forum info $query = array('SELECT' => 'f.id, f.forum_name, f.forum_desc, f.redirect_url, f.num_topics, f.sort_by, f.cat_id', 'FROM' => 'forums AS f', 'WHERE' => 'f.id=' . $forum_id); ($hook = get_hook('afo_edit_forum_qr_get_forum_details')) ? eval($hook) : null; $result = $forum_db->query_build($query) or error(__FILE__, __LINE__); if (!$forum_db->num_rows($result)) { message($lang_common['Bad request']); } $cur_forum = $forum_db->fetch_assoc($result); // Update group permissions for $forum_id if (isset($_POST['save'])) { ($hook = get_hook('afo_save_forum_form_submitted')) ? eval($hook) : null; // Start with the forum details $forum_name = forum_trim($_POST['forum_name']); $forum_desc = forum_linebreaks(forum_trim($_POST['forum_desc'])); $cat_id = intval($_POST['cat_id']); $sort_by = intval($_POST['sort_by']); $redirect_url = isset($_POST['redirect_url']) && $cur_forum['num_topics'] == 0 ? forum_trim($_POST['redirect_url']) : null; if ($forum_name == '') { message($lang_admin_forums['Must enter forum message']); } if ($cat_id < 1) { message($lang_common['Bad request']); } $forum_desc = $forum_desc != '' ? '\'' . $forum_db->escape($forum_desc) . '\'' : 'NULL'; $redirect_url = $redirect_url != '' ? '\'' . $forum_db->escape($redirect_url) . '\'' : 'NULL'; $query = array('UPDATE' => 'forums', 'SET' => 'forum_name=\'' . $forum_db->escape($forum_name) . '\', forum_desc=' . $forum_desc . ', redirect_url=' . $redirect_url . ', sort_by=' . $sort_by . ', cat_id=' . $cat_id, 'WHERE' => 'id=' . $forum_id); ($hook = get_hook('afo_save_forum_qr_update_forum')) ? eval($hook) : null; $forum_db->query_build($query) or error(__FILE__, __LINE__); // Now let's deal with the permissions
} // Make sure we got a valid style string if (isset($form['style'])) { $form['style'] = preg_replace('#[\\.\\\\/]#', '', $form['style']); if (!file_exists(FORUM_ROOT . 'style/' . $form['style'] . '/' . $form['style'] . '.php')) { message($lang_common['Bad request']); } } break; case 'signature': if ($forum_config['o_signatures'] == '0') { message($lang_profile['Signatures disabled']); } ($hook = get_hook('pf_change_details_signature_validation')) ? eval($hook) : null; // Clean up signature from POST $form['signature'] = forum_linebreaks(forum_trim($_POST['signature'])); // Validate signature if (utf8_strlen($form['signature']) > $forum_config['p_sig_length']) { $errors[] = sprintf($lang_profile['Sig too long'], forum_number_format($forum_config['p_sig_length']), forum_number_format(utf8_strlen($form['signature']) - $forum_config['p_sig_length'])); } if (substr_count($form['signature'], "\n") > $forum_config['p_sig_lines'] - 1) { $errors[] = sprintf($lang_profile['Sig too many lines'], forum_number_format($forum_config['p_sig_lines'])); } if ($form['signature'] != '' && $forum_config['p_sig_all_caps'] == '0' && check_is_all_caps($form['signature']) && !$forum_user['is_admmod']) { $form['signature'] = utf8_ucwords(utf8_strtolower($form['signature'])); } // Validate BBCode syntax if ($forum_config['p_sig_bbcode'] == '1' || $forum_config['o_make_links'] == '1') { if (!defined('FORUM_PARSER_LOADED')) { require FORUM_ROOT . 'include/parser.php'; }
private function prepare_message(&$errors) { if (!isset($_POST['req_message'])) { message(App::$lang_common['Bad request']); } $message = forum_linebreaks(forum_trim($_POST['req_message'])); if ($message == '') { $errors[] = App::$lang['No message']; } else { if (strlen($message) > App::$forum_config['o_reputation_maxmessage']) { $errors[] = sprintf(App::$lang['Too long message'], App::$forum_config['o_reputation_maxmessage']); } } if (App::$forum_config['p_message_bbcode'] == '1' || App::$forum_config['o_make_links'] == '1') { if (!defined('FORUM_PARSER_LOADED')) { require FORUM_ROOT . 'include/parser.php'; } $message = preparse_bbcode($message, $errors); } return $message; }
function pun_pm_save_message($body, $subject, $receiver_username, &$message_id) { global $lang_pun_pm, $forum_user, $forum_db, $forum_url, $forum_config, $forum_flash; if (!isset($_POST['csrf_token']) || $_POST['csrf_token'] !== generate_form_token(forum_link($forum_url['pun_pm_send']))) { csrf_confirm_form(); } $errors = array(); ($hook = get_hook('pun_pm_fn_save_message_pre_validation')) ? eval($hook) : null; $receiver_id = pun_pm_get_receiver_id($receiver_username, $errors); // Clean up body from POST $body = forum_linebreaks($body); if (strlen($body) > FORUM_MAX_POSTSIZE_BYTES) { $errors[] = sprintf($lang_pun_pm['Too long message'], forum_number_format(strlen($body)), forum_number_format(FORUM_MAX_POSTSIZE_BYTES)); } else { if ($forum_config['p_message_all_caps'] == '0' && utf8_strtoupper($body) == $body && !$forum_page['is_admmod']) { $body = utf8_ucwords(utf8_strtolower($body)); } } // Validate BBCode syntax if ($forum_config['p_message_bbcode'] == '1' || $forum_config['o_make_links'] == '1') { global $smilies; if (!defined('FORUM_PARSER_LOADED')) { require FORUM_ROOT . 'include/parser.php'; } $body = preparse_bbcode($body, $errors); } // Verify for errors if ($body == '' && $subject == '' && $receiver_username == '') { $errors[] = $lang_pun_pm['Empty all fields']; } ($hook = get_hook('pun_pm_fn_save_message_pre_errors_check')) ? eval($hook) : null; if (count($errors)) { return $errors; } $now = time(); if ($message_id !== false) { // Edit message $query = array('UPDATE' => 'pun_pm_messages', 'SET' => 'status = \'draft\', receiver_id = ' . $receiver_id . ', lastedited_at = ' . $now . ', subject = \'' . $forum_db->escape($subject) . '\', body=\'' . $forum_db->escape($body) . '\'', 'WHERE' => 'id = ' . $message_id . ' AND sender_id = ' . $forum_user['id'] . ' AND (status = \'draft\' OR status = \'sent\')'); ($hook = get_hook('pun_pm_fn_save_message_pre_edit_query')) ? eval($hook) : null; $result = $forum_db->query_build($query) or error(__FILE__, __LINE__); if ($forum_db->affected_rows() != 1) { $message_id = false; $errors[] = $lang_pun_pm['Invalid message save']; return $errors; } } else { // Save new message // Verify outbox count if (!pun_pm_outbox_enough_space($forum_user['id'])) { $errors[] = sprintf($lang_pun_pm['Outbox full'], $forum_config['o_pun_pm_outbox_size']); return $errors; } // Save to DB $query = array('INSERT' => 'sender_id, receiver_id, lastedited_at, read_at, status, subject, body', 'INTO' => 'pun_pm_messages', 'VALUES' => $forum_user['id'] . ', ' . $receiver_id . ', ' . $now . ', 0, \'draft\', \'' . $forum_db->escape($subject) . '\', \'' . $forum_db->escape($body) . '\''); ($hook = get_hook('pun_pm_fn_save_message_pre_new_save_query')) ? eval($hook) : null; $result = $forum_db->query_build($query) or error(__FILE__, __LINE__); } $forum_flash->add_info($lang_pun_pm['Message saved']); ($hook = get_hook('pun_pm_fn_save_message_pre_redirect')) ? eval($hook) : null; redirect(forum_link($forum_url['pun_pm_outbox']), $lang_pun_pm['Message saved']); }
} ($hook = get_hook('mi_report_selected')) ? eval($hook) : null; // User pressed the cancel button if (isset($_POST['cancel'])) { redirect(forum_link($forum_url['post'], $post_id), $lang_common['Cancel redirect']); } if (isset($_POST['form_sent'])) { ($hook = get_hook('mi_report_form_submitted')) ? eval($hook) : null; // Start with a clean slate $errors = array(); // Flood protection if ($forum_user['last_email_sent'] != '' && time() - $forum_user['last_email_sent'] < $forum_user['g_email_flood'] && time() - $forum_user['last_email_sent'] >= 0) { message(sprintf($lang_misc['Report flood'], $forum_user['g_email_flood'])); } // Clean up reason from POST $reason = forum_linebreaks(forum_trim($_POST['req_reason'])); if ($reason == '') { message($lang_misc['No reason']); } if (strlen($reason) > FORUM_MAX_POSTSIZE_BYTES) { $errors[] = sprintf($lang_misc['Too long reason'], forum_number_format(strlen($reason)), forum_number_format(FORUM_MAX_POSTSIZE_BYTES)); } if (empty($errors)) { // Get some info about the topic we're reporting $query = array('SELECT' => 't.id, t.subject, t.forum_id', 'FROM' => 'posts AS p', 'JOINS' => array(array('INNER JOIN' => 'topics AS t', 'ON' => 't.id=p.topic_id')), 'WHERE' => 'p.id=' . $post_id); ($hook = get_hook('mi_report_qr_get_topic_data')) ? eval($hook) : null; $result = $forum_db->query_build($query) or error(__FILE__, __LINE__); $topic_info = $forum_db->fetch_assoc($result); if (!$topic_info) { message($lang_common['Bad request']); }
($hook = get_hook('om_warnings_edit_type_selected')) ? eval($hook) : null; // Fetch warning type $query = array('SELECT' => 'o.id, o.warn_name, o.warn_desc, o.points, o.expire, o.restriction', 'FROM' => 'om_warnings_types AS o', 'WHERE' => 'o.id=' . $type_id); ($hook = get_hook('om_warnings_edit_type_qr_get_type')) ? eval($hook) : null; $result = $forum_db->query_build($query) or error(__FILE__, __LINE__); $cur_warning = $forum_db->fetch_assoc($result); // Warning type doesn't exist if (is_null($cur_warning) || $cur_warning === false) { message($lang_common['Bad request']); } // Update warning type if (isset($_POST['save'])) { ($hook = get_hook('om_warnings_edit_type_form_submitted')) ? eval($hook) : null; // Copy values to variables $warn_name = forum_trim($_POST['warn_name']); $warn_desc = forum_linebreaks(forum_trim($_POST['warn_desc'])); $points = intval($_POST['points']); $expire = intval($_POST['expire']); $restriction = !empty($_POST['restriction']) && $_POST['restriction'] != 'none' ? forum_trim($_POST['restriction']) : null; ($hook = get_hook('om_warnings_add_type_form_submitted')) ? eval($hook) : null; // Check invalid values if ($warn_name == '') { message($lang_om_warnings['Must enter warning name']); } if ($points < 0) { message($lang_om_warnings['Must be integer']); } if ($expire < 0) { $expire = 0; } if (!is_null($restriction) && !array_key_exists($restriction, om_warnings_get_restrictions())) {
function startescrow_send_message($body, $subject, $receiver_username, $amount, &$message_id) { global $lang_escrows, $forum_user, $forum_db, $forum_url, $forum_config, $forum_flash; $errors = array(); $receiver_id = startescrow_get_receiver_id($receiver_username, $errors); if ($receiver_id == 'NULL' && empty($errors)) { $errors[] = $lang_escrows['Empty receiver']; } // Clean up body from POST $body = forum_linebreaks($body); if ($body == '') { $errors[] = $lang_escrows['Empty body']; } elseif (strlen($body) > FORUM_MAX_POSTSIZE_BYTES) { $errors[] = sprintf($lang_escrows['Too long message'], forum_number_format(strlen($body)), forum_number_format(FORUM_MAX_POSTSIZE_BYTES)); } elseif ($forum_config['p_message_all_caps'] == '0' && utf8_strtoupper($body) == $body && !$forum_page['is_admmod']) { $body = utf8_ucwords(utf8_strtolower($body)); } // Validate BBCode syntax if ($forum_config['p_message_bbcode'] == '1' || $forum_config['o_make_links'] == '1') { global $smilies; if (!defined('FORUM_PARSER_LOADED')) { require FORUM_ROOT . 'include/parser.php'; } $body = preparse_bbcode($body, $errors); } // Sending message to the buyer $btcaddress = get_free_btcaddress($errors); //book the address if (count($errors)) { return $errors; } $now = time(); // Send new message // Save to DB $query = array('INSERT' => 'sender_id, receiver_id, status, lastedited_at, read_at, subject, body', 'INTO' => 'pun_pm_messages', 'VALUES' => $forum_user['id'] . ', ' . $receiver_id . ', \'sent\', ' . $now . ', 0, \'' . $forum_db->escape($subject) . '\', \'' . $forum_db->escape($body) . '\''); $result = $forum_db->query_build($query) or error(__FILE__, __LINE__); $endtime = $now + $forum_config['o_empty_escrow_duration'] * 3600; $endtime = date('Y-m-d H:i:s ', $endtime); // Send message to the buyer $body = sprintf($lang_escrows['Escrow buyer message'], $endtime, $amount, $btcaddress); // Save to DB $query = array('INSERT' => 'receiver_id, sender_id, status, lastedited_at, read_at, subject, body', 'INTO' => 'pun_pm_messages', 'VALUES' => $forum_user['id'] . ', ' . $receiver_id . ', \'sent\', ' . $now . ', 0, \'' . $forum_db->escape($subject) . '\', \'' . $forum_db->escape($body) . '\''); $result = $forum_db->query_build($query) or error(__FILE__, __LINE__); // ########### Add to escrows table $query = array('INSERT' => 'time, buyerid, sellerid, amount, subject, status, recivedtime, btcaddress', 'INTO' => 'escrows', 'VALUES' => $now . ', ' . $forum_user['id'] . ', ' . $receiver_id . ', ' . $amount . ', \'' . $forum_db->escape($subject) . '\', 0, 0, \'' . $btcaddress . '\''); $result = $forum_db->query_build($query) or error(__FILE__, __LINE__); startescrow_clear_cache($receiver_id); // Clear cached 'New messages' in the user table $forum_flash->add_info($lang_escrows['Escrow started']); redirect(forum_link($forum_url['pun_pm_inbox']), $lang_escrows['Message sent']); }