function renderPreviewList()
{
    $options = array('date_min' => getDateTimeFieldValue('time_start'), 'date_max' => getDateTimeFieldValue('time_end'));
    ### author
    if (intval(get('person'))) {
        $options['modified_by'] = get('person');
    }
    ### Object types
    $types = array();
    if (get('type_task') || get('type_topic')) {
        $types[] = ITEM_TASK;
    }
    if (get('type_comment')) {
        $types[] = ITEM_COMMENT;
    }
    $options['type'] = $types;
    $items = DbProjectItem::getAll($options);
    echo "<ol>";
    foreach ($items as $item) {
        if ($item->type == ITEM_COMMENT) {
            $comment = Comment::getById($item->id);
            if (get('only_spam_comments') && !isSpam($comment->name . " " . $comment->description)) {
                continue;
            }
            renderRemovalPreviewComment($comment);
        }
        if ($item->type == ITEM_TASK) {
            $task = Task::getById($item->id);
            renderRemovalPreviewTask($task);
        }
    }
    echo "</ol>";
}
#$msg = preg_replace("/[^\r]\n/","\r\n",$msg);
$ok = true;
$errors = array();
if (!isValidEmailAddress($from_email)) {
    $ok = false;
    $errors['from_email'] = 'Please specify a valid email address';
}
if (!isValidRealName($from_name)) {
    $ok = false;
    $errors['from_name'] = 'Only letters A-Z, a-z, hyphens and apostrophes allowed';
}
if (strlen($msg) == 0) {
    $ok = false;
    $errors['msg'] = "Please enter a message to send";
}
if (isSpam($msg)) {
    $ok = false;
    $errors['msg'] = "Sorry, this looks like spam";
}
if (!$ok) {
    die("ERROR: " . implode('. ', $errors));
}
$smarty->assign_by_ref('msg', $msg);
$smarty->assign_by_ref('contactmail', $CONF['abuse_email']);
$enc_from_name = mb_encode_mimeheader($from_name, $CONF['mail_charset'], $CONF['mail_transferencoding']);
$smarty->assign('http_host', "{$_SERVER['HTTP_HOST']} on behalf of {$domain}");
$body = $smarty->fetch('email_usermsg.tpl');
$subject = "{$from_name} contacting you via {$domain}";
$encsubject = mb_encode_mimeheader($CONF['mail_subjectprefix'] . $subject, $CONF['mail_charset'], $CONF['mail_transferencoding']);
$ip = getRemoteIP();
$hostname = trim(`hostname -f`);
Beispiel #3
0
             onSend($to, $from, $message);
             echo json_encode(array("message" => "Message sent!", "status" => "OK"));
         } else {
             echo json_encode(array("message" => "Spam", "status" => "ERROR"));
         }
     } else {
         if ($ident == "C") {
             $message = str_replace("&amp;", "&", $message);
             $message = str_replace("&sect;", "?", $message);
             $parts = explode(";", $message);
             $message = $parts[0];
             $attachments = "";
             for ($i = 1; $i < count($parts); $i++) {
                 $attachments .= $parts[$i] . ";";
             }
             if (!isSpam($to, $from, $message)) {
                 if (!$debug) {
                     mysql_query("INSERT INTO `mail` (`to`, `from`, `message`, `unread`, `complex`, `attachments`, `sent`, `sent_from`, `pluginname`) VALUES ('{$to}', '{$from}', '{$message}', '1', '1', '{$attachments}', '{$now}', '{$ip}', '{$pluginname}')") or die(mysql_error());
                 }
                 onComplexSend($to, $from, $message);
                 echo json_encode(array("message" => "Message sent!", "status" => "OK"));
             } else {
                 echo json_encode(array("message" => "Spam", "status" => "ERROR"));
             }
         } else {
             echo json_encode(array("message" => "Unknown ident", "status" => "ERROR"));
         }
     }
 } else {
     echo json_encode(array("message" => "User does not exist", "status" => "ERROR", "missingUsername" => $to));
 }
Beispiel #4
0
 function do_comment($id)
 {
     $entry = $this->get('Entry', $id);
     if (isPost()) {
         $comment = new Comment();
         $comment->name = param('name');
         $comment->email = param('email');
         $comment->body = param('body');
         $comment->action = param('action');
         if (isSpam(null, null, $comment->body)) {
             $this->show_error('Yuck, that didn\'t taste very good!');
         }
         // Gather up relationships to save
         $rels = array($entry);
         if ($this->currentUser) {
             $rels[] = $this->currentUser;
         }
         // Save the entry
         $comment->save($rels);
     }
     redirect(url_to($entry, 'show'));
 }
Beispiel #5
0
function validateNotSpam($str)
{
    global $PH;
    global $auth;
    if (confGet('REJECT_SPAM_CONTENT') && $auth->cur_user->id == confGet('ANONYMOUS_USER') && isSpam($str)) {
        log_message(sprintf("rejected spam comment from %s with %s", getServerVar('REMOTE_ADDR'), getSpamProbability($str)), LOG_MESSAGE_HACKING_ALERT);
        $PH->abortWarning(__("Comment has been rejected, because it looks like spam."));
    }
}
function validateNotSpam($field_names, $error_message)
{
    global $form, $validation;
    if (is_array($field_names)) {
        //field_names is already an array
        foreach ($field_names as $name) {
            validateNotSpam($name, $error_message);
        }
    } elseif (strpos($field_names, ',') !== false) {
        //field_names is comma-delimited
        $field_names = explode(',', $field_names);
        foreach ($field_names as $name) {
            validateNotSpam(trim($name), $error_message);
        }
    } elseif ($field_names != '') {
        //assume field_names is one field
        if (isSpam($field_names)) {
            $validation[$field_names] = filterErrorMessage($field_names, $error_message);
        }
    }
}