Beispiel #1
0
function uddeIMsaveRAWmessage($fromid, $toid, $replyid, $message, $date, $config, $cryptmode=0, $pass="") {
	$database = uddeIMgetDatabase();

	$themode = 0;
	if ($cryptmode==1) {
		$themode = 1;
		$cm = uddeIMencrypt($message,$config->cryptkey,CRYPT_MODE_BASE64);
		$sql  = "INSERT INTO #__uddeim (fromid, toid, replyid, message, datum, cryptmode, crypthash) VALUES (".
				(int)$fromid.", ".(int)$toid.", ".(int)$replyid.", '".$cm."', ".$date.", 1, '".md5($config->cryptkey)."')";
	} elseif ($cryptmode==2) {
		$themode = 2;
		$thepass=$pass;
		if (!$thepass) {	// no password entered, then fallback to obfuscating
			$themode = 1;
			$thepass=$config->cryptkey;
		}
		$cm = uddeIMencrypt($message,$thepass,CRYPT_MODE_BASE64);
		$sql  = "INSERT INTO #__uddeim (fromid, toid, replyid, message, datum, cryptmode, crypthash) VALUES (".
				(int)$fromid.", ".(int)$toid.", ".(int)$replyid.", '".$cm."', ".$date.", ".$themode.", '".md5($thepass)."')";
	} elseif ($cryptmode==3) {
		$themode = 3;
		$cm = uddeIMencrypt($message,"",CRYPT_MODE_STOREBASE64);
		$sql  = "INSERT INTO #__uddeim (fromid, toid, replyid, message, datum, cryptmode) VALUES (".
				(int)$fromid.", ".(int)$toid.", ".(int)$replyid.", '".$cm."', ".$date.", 3)";
	} elseif ($cryptmode==4) {
		$themode = 4;
		$thepass=$pass;
		$cipher = CRYPT_MODE_3DESBASE64;
		if (!$thepass) {	// no password entered, then fallback to obfuscating
			$themode = 1;
			$thepass=$config->cryptkey;
			$cipher = CRYPT_MODE_BASE64;
		}
		$cm = uddeIMencrypt($message,$thepass,$cipher);
		$sql  = "INSERT INTO #__uddeim (fromid, toid, replyid, message, datum, cryptmode, crypthash) VALUES (".
				(int)$fromid.", ".(int)$toid.", ".(int)$replyid.", '".$cm."', ".$date.", ".$themode.", '".md5($thepass)."')";
	} else {
		$sql  = "INSERT INTO #__uddeim (fromid, toid, replyid, message, datum) VALUES (".
				(int)$fromid.", ".(int)$toid.", ".(int)$replyid.", '".$message."', ".$date.")";
	}
	$database->setQuery($sql);
	if (!$database->query()) {
		die("SQL error when attempting to save a message" . $database->stderr(true));
	}
	$insID = $database->insertid();
	return $insID;
}
 /**
  * Sends a PMS message
  *
  *  @param  int      $toUserId         UserId of receiver
  *  @param  int      $fromUserId       UserId of sender
  *  @param  string   $subject          Subject of PMS message
  *  @param  string   $message          Body of PMS message
  *  @param  boolean  $systemGenerated  False: real user-to-user message; True: system-Generated by an action from user $fromid (if non-null)
  *  @return boolean                    True: PM sent successfully; False: PM failed to send
  */
 public function sendUserPMS($toUserId, $fromUserId, $subject, $message, $systemGenerated = false)
 {
     global $_PLUGINS;
     if (!$this->isInstalled()) {
         return false;
     }
     $toUserId = (int) $toUserId;
     $fromUserId = (int) $fromUserId;
     if (!$toUserId) {
         $_PLUGINS->_setErrorMSG(CBTxt::T('SEND_PMS_MISSING_TO_USER', 'Private message failed to send! Error: Missing to user'));
         return false;
     }
     if ($subject) {
         $message = "[b]" . $subject . "[/b]\n\n" . $message;
     }
     $message = $this->htmlToBBCode($message);
     if (!$message) {
         $_PLUGINS->_setErrorMSG(CBTxt::T('SEND_PMS_MISSING_MESSAGE', 'Private message failed to send! Error: Missing message'));
         return false;
     }
     $cryptMode = $this->uddeIMConfig->get('cryptmode', 0, GetterInterface::INT);
     $cryptKey = $this->uddeIMConfig->get('cryptkey', 'uddeIMcryptkey', GetterInterface::STRING);
     $pm = new cbmypmsproTable();
     if ($systemGenerated || !$fromUserId) {
         $fromSystem = $this->uddeIMConfig->get('sysm_username', 'System', GetterInterface::STRING);
         if ($fromUserId) {
             $fromSystem = uddeIMgetNameFromID($fromUserId, $this->uddeIMConfigRAW);
         }
         $pm->set('disablereply', 1);
         $pm->set('systemflag', 1);
         $pm->set('systemmessage', $fromSystem);
     }
     $pm->set('fromid', (int) $fromUserId);
     $pm->set('toid', (int) $toUserId);
     $pm->set('datum', uddetime($this->uddeIMConfig->get('timezone', 0, GetterInterface::INT)));
     if (in_array($cryptMode, array(1, 2, 4))) {
         $pm->set('message', uddeIMencrypt($message, $cryptKey, CRYPT_MODE_BASE64));
         $pm->set('cryptmode', 1);
         $pm->set('crypthash', md5($cryptKey));
     } elseif ($cryptMode == 3) {
         $pm->set('message', uddeIMencrypt($message, '', CRYPT_MODE_STOREBASE64));
         $pm->set('cryptmode', 1);
         $pm->set('crypthash', md5($cryptKey));
     } else {
         $pm->set('message', $message);
     }
     if (uddeIMgetEMNmoderated($pm->get('fromid'))) {
         $pm->set('delayed', 1);
     }
     if (!$pm->store()) {
         $_PLUGINS->_setErrorMSG(CBTxt::T('SEND_PMS_FAILED_ERROR', 'Private message failed to send! Error: [error]', array('[error]' => $pm->getError())));
         return false;
     }
     $this->sendNotification($pm, $message);
     return true;
 }
Beispiel #3
0
	function sendNewSysMessage($fromid, $recipients, $message, $systemmsg=0, $validfor=0, $sendnotification=0, $forceembedded=0) {
		$database = uddeIMgetDatabase();

		if ($systemmsg) {		// system message
			$sendername = $this->config->sysm_username;
			$savesysflag = addslashes($sendername); 			// system message
			$savedisablereply = 1; 								// and users can't reply to them
			$emn_fromid = 0;									// for email notifications set userid 0
		} else {
			$sendername = uddeIMgetNameFromID($fromid, $this->config);
			$savesysflag = addslashes($sendername);
			$savedisablereply = 0;
			$emn_fromid = $fromid;
		}

		$savedatum = uddetime($this->config->timezone);
		if ($validfor>0) {
			$now = uddetime($this->config->timezone);
			$validuntil = $now+($validfor*3600);
		} else {
			$validuntil = 0;
		}

		if ($this->config->cryptmode>=1) {	// because of encoding do not use slashes
			$savemessage = strip_tags($message);
		} else {
			$savemessage = addslashes(strip_tags($message));   // original 0.6+
		}

		getAdditonalGroups($add_special, $add_admin, $config);
		if (uddeIMcheckJversion()>=2) {		// J1.6
			if ($recipients=="all") {
				$sql="SELECT id FROM #__users WHERE block=0";
			} elseif($recipients=="online") {
				$sql="SELECT a.id, b.userid FROM #__users AS a, #__session AS b WHERE block=0 AND a.id=b.userid";
			} elseif($recipients=="special") {
				$sql="SELECT DISTINCT u.id FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
							INNER JOIN #__usergroups AS g ON um.group_id=g.id 
							WHERE u.block=0 AND g.id IN (3,4,5,6,7,8".$add_admin.$add_special.")";
			} elseif($recipients=="admins") {
				$sql="SELECT DISTINCT u.id FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
							INNER JOIN #__usergroups AS g ON um.group_id=g.id 
							WHERE u.block=0 AND g.id IN (7,8".$add_admin.")";
			} else {
				$sql="SELECT DISTINCT u.id FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) 
							INNER JOIN #__usergroups AS g ON um.group_id=g.id 
							WHERE u.block=0 AND g.id=".(int)$recipients;
			}
		} else {
			if ($recipients=="all") {
				$sql="SELECT id FROM #__users WHERE block=0";
			} elseif($recipients=="online") {
				$sql="SELECT a.id, b.userid FROM #__users AS a, #__session AS b WHERE block=0 AND a.id=b.userid";
			} elseif($recipients=="special") {
				$sql="SELECT id FROM #__users WHERE block=0 AND gid IN (19,20,21,23,24,25".$add_admin.")";
			} elseif($recipients=="admins") {
				$sql="SELECT id FROM #__users WHERE block=0 AND gid IN (24,25".$add_admin.")";
			} else {
				$sql="SELECT id FROM #__users WHERE block=0 AND gid=".(int)$recipients;
			}
		}
		$database->setQuery($sql);
		$receivers=$database->loadObjectList();

		if (!count($receivers)) {
			return 1;
		}

		foreach($receivers as $receiver) {
			$toid = $receiver->id;

			$themode = 0;
			if ($this->config->cryptmode==1 || $this->config->cryptmode==2 || $this->config->cryptmode==4) {
				$themode = 1;
				$cm = uddeIMencrypt($savemessage,$this->config->cryptkey,CRYPT_MODE_BASE64);
				$sql="INSERT INTO #__uddeim (fromid, toid, message, datum, expires, systemmessage, systemflag, disablereply, totrashoutbox, totrashdateoutbox, cryptmode, crypthash) VALUES (".(int)$fromid.", ".(int)$toid.", '".$cm."', ".$savedatum.", ".$validuntil.", '".$savesysflag."', 1,".$savedisablereply.", 1, ".$savedatum.",1,'".md5($this->config->cryptkey)."')";
			} elseif ($this->config->cryptmode==3) {
				$themode = 3;
				$cm = uddeIMencrypt($savemessage,"",CRYPT_MODE_STOREBASE64);
				$sql="INSERT INTO #__uddeim (fromid, toid, message, datum, expires, systemmessage, systemflag, disablereply, totrashoutbox, totrashdateoutbox, cryptmode) VALUES (".(int)$fromid.", ".(int)$toid.", '".$cm."', ".$savedatum.", ".$validuntil.", '".$savesysflag."', 1,".$savedisablereply.", 1, ".$savedatum.",3)";
			} else {
				$sql="INSERT INTO #__uddeim (fromid, toid, message, datum, expires, systemmessage, systemflag, disablereply, totrashoutbox, totrashdateoutbox) VALUES (".(int)$fromid.", ".(int)$toid.", '".$savemessage."', ".$savedatum.", ".$validuntil.", '".$savesysflag."', 1,".$savedisablereply.", 1,".$savedatum.")";
			}
			$database->setQuery($sql);
			if (!$database->query()) {
				die("SQL error when attempting to save a message" . $database->stderr(true));
			}
			$insID = $database->insertid();

			if ($sendnotification) {
				// Check if E-Mail notification or popups are enabled by default, if so create a record for the receiver.
				if ($this->config->notifydefault>0 || $this->config->popupdefault>0 || $this->config->pubfrontenddefault>0 || $this->config->autoresponder>0 || $this->config->autoforward>0) {
					if (!uddeIMexistsEMN($toid))
						uddeIMinsertEMNdefaults($toid, $this->config);
				}
			}

			// ##################################################################################################
			// email notification
			// ##################################################################################################

			if ($sendnotification) {
				$currentlyonline = uddeIMisOnline($toid);

				if ($this->config->cryptmode>=1) {
					$email = stripslashes($savemessage);
				} else {
					$email = stripslashes(stripslashes($savemessage));
				}

				$type = 0;
				if ($forceembedded)
					$type = 2;
				if ($this->config->allowemailnotify==1) {
					$ison = uddeIMgetEMNstatus($toid);
					if (($ison==1) || ($ison==2 && !$currentlyonline) || $ison==10 || ($ison==20 && !$currentlyonline)) {
						uddeIMdispatchEMN($insID, $item_id, $themode, $emn_fromid, $toid, $email, $type, $this->config);
					}
				} elseif($this->config->allowemailnotify==2) {
					$gid = uddeIMgetGID((int)$toid);
					if (uddeIMisAdmin($gid) || uddeIMisAdmin2($gid, $this->config)) {
						$ison = uddeIMgetEMNstatus($toid);
						if (($ison==1) || ($ison==2 && !$currentlyonline) || $ison==10 || ($ison==20 && !$currentlyonline)) {
							uddeIMdispatchEMN($insID, $item_id, $themode, $emn_fromid, $toid, $email, $type, $this->config);
						}
					}
				}
			}
		}
		return 0;
	}
Beispiel #4
0
	function _sendPMSuddeimMSG($udde_toid,$udde_fromid,$to,$from,$sub,$msg) {
		global $_CB_database, $_CB_framework; 

		$params = $this->params;
		$pmsType = $params->get('pmsType', '1');
        $udde_sysm = "System";
        $config_realnames = "0";
        $config_cryptmode = 0;
        $config_cryptkey = 'uddeIMcryptkey';
        
		if ($pmsType==4) { // uddeIM 1.0+
			require_once( $_CB_framework->getCfg('absolute_path') . "/components/com_uddeim/crypt.class.php");
			
			if(file_exists( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/config.class.php")) {
				include_once( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/config.class.php");
			}
			$config = new uddeimconfigclass();
			if(isset($config->sysm_username)) {
				$udde_sysm = $config->sysm_username;		
			}
			if (isset($config->realnames)) {
				$config_realnames = $config->realnames;
			}
			if (isset($config->cryptmode)) {
				$config_cryptmode = $config->cryptmode;
			}
            if (file_exists( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_crypt.php" )) {
				require_once ( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_crypt.php" );
			}
			if (isset($config->cryptkey)) {
				$config_cryptkey = $config->cryptkey;
			}
		} else {
			if(file_exists( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_config.php")) {
				include_once( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_config.php");
			}
			if(isset($config_sysm_username)) {
				$udde_sysm = $config_sysm_username;
			}
		}		
		// format the message
		if($sub) { // is actually impossible
			$udde_msg = "[b]".$sub."[/b]\n\n".$msg;
		} else {
			$udde_msg = $msg;
		}
		
		// strip any bb code that might be present, but only in 0.4
		if($pmsType==3) {
			require_once ( $_CB_framework->getCfg('absolute_path') . '/components/com_uddeim/bbparser.php' );
			$udde_msg=bbcode_strip($udde_msg);
		}
		
		// now strip the remaining html tags
		$udde_msg = strip_tags($udde_msg);
				
		// escape dangerous stuff
		// not necessary, already escaped before this internal function gets called
		
		// get current time but recognize time offset
		$currentTime=time();
		$udde_time=$this->_pmsUddeGetTime($currentTime);
		
		// set the udde systemmessage username to the virtual sender
		
		$udde_sysm=$from;

		if ($config_cryptmode==1) {
            if (function_exists('uddeIMencrypt')) { // this added for uddeIM 1.4+
                $cm = uddeIMencrypt($udde_msg,$config_cryptkey,CRYPT_MODE_BASE64);
            } else {
   			    $cm = Encrypt($udde_msg,$config_cryptkey,CRYPT_MODE_BASE64);
            }
   			$sql="INSERT INTO #__uddeim (fromid, toid, message, datum, cryptmode, crypthash) VALUES (".$udde_fromid.", ".$udde_toid.", '".$cm."', ".$udde_time.",1,'".md5($config_cryptkey)."')";
   		} else {
   			$sql="INSERT INTO #__uddeim (fromid, toid, message, datum) VALUES (".$udde_fromid.", ".$udde_toid.", '".$udde_msg."', ".$udde_time.")";
		}
			
		// now insert the message  
		if($udde_fromid && $udde_toid) {
			$_CB_database->SetQuery($sql);
			if (!$_CB_database->query()) {
				die("SQL error" . $_CB_database->stderr(true));
			}
		}

		$udde_msgid = $_CB_database->insertid();

		// E-Mail notification code
		$udde_sysm="";
		$this->_pmsUddeNotify($udde_msgid, $udde_fromid, $udde_toid, $udde_msg, $udde_sysm);
		
	}
Beispiel #5
0
function uddeIMpublicSaveMessage($fromname, $fromemail, $to_name, $to_id, $pmessage, $item_id, $sendeform_showallusers, $backto, $config) {
	$mosConfig_sitename = uddeIMgetSitename();
	$pathtosite  = uddeIMgetPath('live_site');
	$database = uddeIMgetDatabase();

	$to_name = stripslashes($to_name);

	$to_name_bak = $to_name;		// save all already typed in names

	if(!$to_id && !$to_name && $sendeform_showallusers!=2) {
		// write the uddeim menu
		uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 5, $config);
		return;
	}

	if($sendeform_showallusers) {	// =2, click on button / =1, keep on showing
		// write the uddeim menu
		uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 1, $config);
		return;
	}

	// do not allow multiple recipients from public frontend
	$to_name = trim($to_name);
	$fromname = trim($fromname);
	$fromemail = trim($fromemail);

	if(!$fromname) {
		// write the uddeim menu
		uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 12, $config);
		return;
	}

	// When there is an email address this must be valid
	if ($fromemail && !preg_match("/\b[a-z0-9!#$%&'*+\/=?^_`{|}-]+(?:\.[a-z0-9!#$%&'*+\/=?^_`{|}-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+(?:[A-Z]{2}|com|org|net|gov|mil|biz|info|mobi|name|aero|jobs|museum)\b/i", $fromemail)) {
		// write the uddeim menu
		uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 13, $config);
		return;
	}

	// Check if an email address is required
	if (!$fromemail && $config->pubemail) {
		// write the uddeim menu
		uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 13, $config);
		return;
	}

	$to_id = uddeIMgetIDfromNamePublic($to_name, $config, true);	// add "AND block=0"
	// BUGBUG: Maybe it is a good idea to do the query vice versa (so I could add a query for "realname"s here)
	if (!$to_id) { // no user with this name found, so try again with username (maybe we do the query twice (see query above, but who cares)
		if ($config->pubrealnames) {
			$to_id = uddeIMgetIDfromUsername($to_name, true);		// add "AND block=0"
		}
	}

	if(!$to_id) { // no user with this username found
		// display to form again so that the user can correct his/her fault
		// the wrong name is displayed in brackets (add brackets only once)
		if (substr($to_name,0,1)!="(") {
			$to_name = str_replace($to_name, "(".$to_name.")", $to_name_bak);
		}
		// write the uddeim menu
		uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 3, $config);
		return;
	}

	// now check banning
	$is_banned = uddeIMisBanned($to_id, $config);
	if ($is_banned) {
		if (substr($to_name,0,1)!="(") {
			$to_name = str_replace($to_name, "(".$to_name.")", $to_name_bak);
		}
		// write the uddeim menu
		uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 17, $config);
		return;
	}

	// now check group blocking
	$is_group_blocked = uddeIMisRecipientBlockedPublic($to_id, $config);
	if ($is_group_blocked) {
		if (substr($to_name,0,1)!="(") {
			$to_name = str_replace($to_name, "(".$to_name.")", $to_name_bak);
		}
		uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 10, $config);
		return;
	}

	if(!$pmessage) {
		// write the uddeim menu
		$to_name = $to_name_bak;
		uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 4, $config);
		return;
	}

	// check if user allows public access (this check must be done after group blocking, because the admin can block a certain group and the user cannot longer decide if he allows the public frontend or not)
	$ispublic = uddeIMgetEMNpublic($to_id);
	if (!$ispublic) {		// user does not allow public messages
		uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 8, $config);
		return;
	}
			
	// CAPTCHA (first check for all other errors and then the CAPTCHA)
	if ($config->usecaptcha>=1) {		// CAPTCHA is enabled for public frontend
		if ($config->captchatype==0) {
			if (class_exists('JFactory')) {
				// CAPTCHA15
				$session = JFactory::getSession();
				$_SESSION['security_code'] = $session->get('security_code');	// so I do not need to modify saveMessage code
			} else {
				// CAPTCHA10
				session_start();
			}

			if( $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] ) ) {
				// CAPTCHA is correct, so unset security code
				if (class_exists('JFactory')) {
					$session = JFactory::getSession();
					$session->set('security_code', null);
				} else {
					unset($_SESSION['security_code']);
				}
			} else {
				// wrong captcha, so write the uddeim menu
				$to_name = $to_name_bak;
				uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 7, $config);
				return;
			}
		} else {
			$pathtouser  = uddeIMgetPath('user');
			require_once($pathtouser."/recaptchalib.php");
		    $resp = recaptcha_check_answer ($config->recaptchaprv,
		                                      $_SERVER["REMOTE_ADDR"],
		                                      $_POST["recaptcha_challenge_field"],
		                                      $_POST["recaptcha_response_field"]);
		    if (!$resp->is_valid) {
				$to_name = $to_name_bak;
				uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 7, $config);
				return;
				//        die ("The reCAPTCHA wasn't entered correctly. Go back and try it again. (reCAPTCHA said: " . $resp->error . ")");
		    }
		}
	}

	if (!uddeIMcheckCSRF($config)) {
		$to_name = $to_name_bak;
		uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 15, $config);
		return;
	}

	$savedatum  = uddetime($config->timezone);
	$savetoid   = $to_id;
	$savefromid = 0;			// This is '0' in public frontend

	// CRYPT
	if ($config->cryptmode>=1) {	// because of encoding do not use slashes
		$savemessage=strip_tags($pmessage);
	} else {
		$savemessage=addslashes(strip_tags($pmessage));   // original 0.6+
	}

	// strip bbcodes
	if (!$config->allowbb) {
		$savemessage=uddeIMbbcode_strip($savemessage);
	}

	// set message max length
	if ($config->maxlength>0) { // because if 0 do not use any maxlength
		$savemessage=substr($savemessage, 0, $config->maxlength);
	}

	$fromname=addslashes(strip_tags($fromname));
	$fromemail=addslashes(strip_tags($fromemail));

	$delayed = 0;
	if ($config->modpubusers)
		$delayed = 1;
	
	// we have all we need, now save it
	// no replyid can be set here, since public users cannot reply to a message, replyid = 0
	// CRYPT
	if ($config->cryptmode==1 || $config->cryptmode==2 || $config->cryptmode==4) {		// do not allow individual encryption
		$cm = uddeIMencrypt($savemessage,$config->cryptkey,CRYPT_MODE_BASE64);
		$sql="INSERT INTO #__uddeim (`delayed`, publicname, publicemail, fromid, toid, message, datum, totrashoutbox, totrashdateoutbox, cryptmode, crypthash) VALUES (".(int)$delayed.", '".$fromname."', '".$fromemail."', ".(int)$savefromid.", ".(int)$savetoid.", '".$cm."', ".$savedatum.",1,".$savedatum.",1,'".md5($config->cryptkey)."')";
	} elseif ($config->cryptmode==3) {
		$cm = uddeIMencrypt($savemessage,"",CRYPT_MODE_STOREBASE64);
		$sql="INSERT INTO #__uddeim (`delayed`, publicname, publicemail, fromid, toid, message, datum, totrashoutbox, totrashdateoutbox, cryptmode) VALUES (".(int)$delayed.", '".$fromname."', '".$fromemail."', ".(int)$savefromid.", ".(int)$savetoid.", '".$cm."', ".$savedatum.",1,".$savedatum.",3)";
	} else {
		$sql="INSERT INTO #__uddeim (`delayed`, publicname, publicemail, fromid, toid, message, datum, totrashoutbox, totrashdateoutbox) VALUES (".(int)$delayed.", '".$fromname."', '".$fromemail."', ".(int)$savefromid.", ".(int)$savetoid.", '".$savemessage."', ".$savedatum.",1,".$savedatum.")";
	}
	$database->setQuery($sql);
	if (!$database->query()) {
		die("SQL error when attempting to save a message" . $database->stderr(true));
	}
	$insID = $database->insertid();

	// When public users are moderated, delay the message
	// if (uddeIMgetEMNmoderated($savefromid) ) { // && uddeIMisReggedOnly($my_gid)) {
	// 	uddeIMupdateDelayed($savefromid, $insID, 1);
	// }

	// Check if E-Mail notification or popups are enabled by default, if so create a record for the receiver.
	// Note: Not necessary for "copy to myself" sind the record for the current user has been set at the very beginning...
	if ($config->notifydefault>0 || $config->popupdefault>0 || $config->pubfrontenddefault>0 || $config->autoresponder>0 || $config->autoforward>0) {
		if (!uddeIMexistsEMN($savetoid))
			uddeIMinsertEMNdefaults($savetoid, $config);
	}

	$rec_gid = uddeIMgetGID((int)$savetoid);

	
	// ##################################################################################################
	// autoforward code
	// ##################################################################################################
	if ($config->autoforward==1 || ($config->autoforward==2 && (uddeIMisAdmin($rec_gid) || uddeIMisAdmin2($rec_gid, $config)))) {
		$ison = uddeIMgetEMNautoforward($savetoid);						// recipient has autoforward enabled
		if ($ison==1) {
			$autoforwardid = uddeIMgetEMNautoforwardid($savetoid);	// new recipient
			$forwardheader="

[i]("._UDDEIM_THISISAFORWARD.uddeIMgetNameFromID($savetoid, $config).")[/i]";
			$savemessagecopy = $savemessage.$forwardheader;
			$themode = 0;
			if ($config->cryptmode==1) {
				$themode = 1;
				$cm = uddeIMencrypt($savemessagecopy,$config->cryptkey,CRYPT_MODE_BASE64);
				$sql  = "INSERT INTO #__uddeim (fromid, toid, message, datum, cryptmode, crypthash) VALUES (".(int)$savefromid.", ".(int)$autoforwardid.", '".$cm."', ".$savedatum.",1,'".md5($config->cryptkey)."')";
			} elseif ($config->cryptmode==2) {
				$themode = 2;
				$thepass=$cryptpass;
				if (!$thepass) {	// no password entered, then fallback to obfuscating
					$themode = 1;
					$thepass=$config->cryptkey;
				}
				$cm = uddeIMencrypt($savemessagecopy,$thepass,CRYPT_MODE_BASE64);
				$sql  = "INSERT INTO #__uddeim (fromid, toid, message, datum, cryptmode, crypthash) VALUES (".(int)$savefromid.", ".(int)$autoforwardid.", '".$cm."', ".$savedatum.",".$themode.",'".md5($thepass)."')";
			} elseif ($config->cryptmode==3) {
				$themode = 3;
				$cm = uddeIMencrypt($savemessagecopy,"",CRYPT_MODE_STOREBASE64);
				$sql  = "INSERT INTO #__uddeim (fromid, toid, message, datum, cryptmode) VALUES (".(int)$savefromid.", ".(int)$autoforwardid.", '".$cm."', ".$savedatum.",3)";
			} elseif ($config->cryptmode==4) {
				$themode = 4;
				$thepass=$cryptpass;
				if (!$thepass) {	// no password entered, then fallback to obfuscating
					$themode = 1;
					$thepass=$config->cryptkey;
				}
				$cm = uddeIMencrypt($savemessagecopy,$thepass,CRYPT_MODE_3DESBASE64);
				$sql  = "INSERT INTO #__uddeim (fromid, toid, message, datum, cryptmode, crypthash) VALUES (".(int)$savefromid.", ".(int)$autoforwardid.", '".$cm."', ".$savedatum.",".$themode.",'".md5($thepass)."')";
			} else {
				$sql  = "INSERT INTO #__uddeim (fromid, toid, message, datum) VALUES (".(int)$savefromid.", ".(int)$autoforwardid.", '".$savemessage."', ".$savedatum.")";
			}
			$database->setQuery($sql);
			if (!$database->query()) {
				die("SQL error when attempting to save a message" . $database->stderr(true));
			}
			$insIDforward = $database->insertid();
		}
	}

	// ##################################################################################################
	// autoresponder
	// ##################################################################################################
	if ($config->autoresponder==1 || ($config->autoresponder==2 && (uddeIMisAdmin($rec_gid) || uddeIMisAdmin2($rec_gid, $config)))) {
		$ison = uddeIMgetEMNautoresponder($savetoid);
		if ($ison==1)  {
			// $sql="INSERT INTO #__uddeim (fromid, toid, message, datum, totrashoutbox, totrashdateoutbox) VALUES (".(int)$savetoid.", ".(int)$savefromid.", '". _UDDEIM_AUTORESPONDER_DEFAULT ."', ".$savedatum.", 1,".uddetime($config->timezone).")";

// BUGBUG: An autoresponder message is send via email but no message in the outbox is created.
// This is not a bug since in my opinion it does not make sense to store autoresponder messages AND the received message.

			if($config->emailtrafficenabled && $fromemail) {

				$autorespondertext = uddeIMgetEMNautorespondertext($savetoid);

				$var_fromname = uddeIMgetNameFromID($savetoid, $config);
				if (!$var_fromname)
					$var_fromname=$config->sysm_username;

				$var_body = _UDDEIM_EMN_BODY_PUBLICWITHMESSAGE;
				$var_body = str_replace("%livesite%", $pathtosite, $var_body);
				$var_body = str_replace("%user%", $var_fromname, $var_body);
				$var_body = str_replace("%site%", $mosConfig_sitename, $var_body);
				$var_body = str_replace("%you%", $fromname, $var_body);
				$autorespondertext = str_replace(chr(13).chr(10), "\n", $autorespondertext);
				$var_body = str_replace("%pmessage%", $autorespondertext, $var_body);

				$subject = _UDDEIM_EMN_SUBJECT;
				$subject = str_replace("%livesite%", $pathtosite, $subject);
				$subject = str_replace("%site%", $mosConfig_sitename, $subject);
				$subject = str_replace("%you%", $fromname, $subject);
				$subject = str_replace("%user%", $var_fromname, $subject);

				$replyto = $fromemail;
				$replytoname = "";

				if(uddeIMsendmail($config->emn_sendername, $config->emn_sendermail, $var_toname, $fromemail, $subject, $var_body, $replyto, $replytoname, "", $config)) {
					// maybe a code here that the email cound not have been sent
				}
			}
		}
	}

	// ##################################################################################################
	// email notification
	// ##################################################################################################

	// is the receiver currently online?
	$currentlyonline = uddeIMisOnline($savetoid);

	if ($config->cryptmode>=1) {
		$email=stripslashes($savemessage);
	} else {
		$email=stripslashes(stripslashes($savemessage));	// without encoding remove the safety slashes
	}

	if($config->allowemailnotify==1) {
		$ison = uddeIMgetEMNstatus($savetoid);
		if (($ison==1) || ($ison==2 && !$currentlyonline) || ($ison==10) || ($ison==20 && !$currentlyonline))  {
			uddeIMpublicDispatchEMN($insID, $fromname, $savetoid, $email, 0, $config);
			// 0 stands for normal (not forgetmenot)
		}
	} elseif($config->allowemailnotify==2) {
		$my_gid = uddeIMgetGID((int)$savetoid);
		if (uddeIMisAdmin($my_gid) || uddeIMisAdmin2($my_gid, $config)) {
			$ison = uddeIMgetEMNstatus($savetoid);
			if (($ison==1) || ($ison==2 && !$currentlyonline) || ($ison==10) || ($ison==20 && !$currentlyonline))  {
				uddeIMpublicDispatchEMN($insID, $fromname, $savetoid, $email, 0, $config);
				// 0 stands for normal (not forgetmenot)
			}
		}
	}

	$mosmsg="";		// _UDDEIM_MESSAGE_SENT
	uddeJSEFredirect("index.php?option=com_uddeim&task=publicsent&Itemid=".$item_id, $mosmsg);
}
Beispiel #6
0
function uddeIMreportSpam($myself, $item_id, $messageid, $recip, $ret, $limit, $limitstart, $config) {
	$db = uddeIMgetDatabase();

	// read message $messageid
	$displaymessages = uddeIMselectInboxMessage($myself, $messageid, $config);
	if (count($displaymessages)<1) {
		echo _UDDEIM_MESSAGENOACCESS;
		return;
	}
	if (!uddeIMgetSpamStatus($messageid)) {

		// and append to #__uddeim_spam
		foreach($displaymessages as $displaymessage) {
			if ($displaymessage->cryptmode==2 || $displaymessage->cryptmode==4)
				$cm = "Cannot display - Message is encrypted.";
			else
				$cm = uddeIMgetMessage($displaymessage->message, "", $displaymessage->cryptmode, $displaymessage->crypthash, $config->cryptkey);
			$dm = nl2br(htmlspecialchars(stripslashes($cm), ENT_QUOTES, $config->charset));
			$dm = str_replace("&amp;#", "&#", $dm);
			$dm = str_replace("&amp;&lt;/br&gt;", "</br>", $dm);

			$dm = uddeIMencrypt($dm,"",CRYPT_MODE_STOREBASE64);

			$sql  = "INSERT INTO #__uddeim_spam (mid, datum, reported, fromid, toid, message) VALUES (".
					(int)$displaymessage->id.", ".
					(int)$displaymessage->datum.", ".
					(int)uddetime($config->timezone).", ".
					(int)$displaymessage->fromid.", ".
					(int)$displaymessage->toid.", ".
					$db->Quote($dm).")";
			$db->setQuery($sql);
			if (!$db->query())
				die("SQL error when attempting to save a report" . $db->stderr(true));
		}
		uddeIMnotifySpam($myself, $item_id, $displaymessage->fromid, $displaymessage->toid, $config);
	}

	$addlink = "";
	if ($recip)
		$addlink = "&recip=".(int)$recip;
	
	$task = "inbox";
	if ($ret=="postboxuser")
		$task = "postboxuser";
		
	if(!$limit && !$limitstart) {
		$redirecturl="index.php?option=com_uddeim&task=".$task."&Itemid=".$item_id.$addlink;
	} else {
		$redirecturl="index.php?option=com_uddeim&task=".$task."&Itemid=".$item_id.$addlink."&limit=".$limit."&limitstart=".$limitstart;
	}
	uddeJSEFredirect($redirecturl);
}