private function getValues()
{
global $config;
$mailer = new \gp\tool\Emailer();
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
$show = $config;
} else {
$show = $_POST;
}
if (empty($show['recaptcha_language'])) {
$show['recaptcha_language'] = 'inherit';
}
if (empty($show['from_address'])) {
$show['from_address'] = $mailer->From_Address();
}
if (empty($show['from_name'])) {
$show['from_name'] = $mailer->From_Name();
}
if (empty($show['mail_method'])) {
$show['mail_method'] = $mailer->Mail_Method();
}
//suhosin will stop the script if a POST value contains a real path like /usr/sbin/sendmail
//if( empty($show['sendmail_path']) ){
// $show['sendmail_path'] = $mailer->Sendmail_Path();
//}
return $show;
}
/**
* Error Handling
* Display the error and a debug_backtrace if gpdebug is not false
* If gpdebug is an email address, send the error message to the address
* @return false Always returns false so the standard PHP error handler is also used
*
*/
function showError($errno, $errmsg, $filename, $linenum, $vars)
{
global $wbErrorBuffer, $addon_current_id, $page, $addon_current_version, $config, $addonFolderName;
static $reported = array();
$report_error = true;
$errortype = array(E_ERROR => 'Fatal Error', E_WARNING => 'Warning', E_PARSE => 'Parsing Error', E_NOTICE => 'Notice', E_CORE_ERROR => 'Core Error', E_CORE_WARNING => 'Core Warning', E_COMPILE_ERROR => 'Compile Error', E_COMPILE_WARNING => 'Compile Warning', E_USER_ERROR => 'User Error', E_USER_WARNING => 'User Warning', E_USER_NOTICE => 'User Notice', E_STRICT => 'Strict Notice', E_RECOVERABLE_ERROR => 'Recoverable Error', E_DEPRECATED => 'Deprecated', E_USER_DEPRECATED => 'User Deprecated');
// for functions prepended with @ symbol to suppress errors
$error_reporting = error_reporting();
if ($error_reporting === 0) {
$report_error = false;
//make sure the error is logged
//error_log('PHP '.$errortype[$errno].': '.$errmsg.' in '.$filename.' on line '.$linenum);
if (gpdebug === false) {
return false;
}
return false;
}
// since we supported php 4.3+, there may be a lot of strict errors
if ($errno === E_STRICT) {
return;
}
//get the backtrace and function where the error was thrown
$backtrace = debug_backtrace();
//remove showError() from backtrace
if (strtolower($backtrace[0]['function']) == 'showerror') {
$backtrace = array_slice($backtrace, 1, 5);
} else {
$backtrace = array_slice($backtrace, 0, 5);
}
//record one error per function and only record the error once per request
if (isset($backtrace[0]['function'])) {
$uniq = $filename . $backtrace[0]['function'];
} else {
$uniq = $filename . $linenum;
}
if (isset($reported[$uniq])) {
return false;
}
$reported[$uniq] = true;
//disable showError after 20 errors
if (count($reported) >= 1) {
restore_error_handler();
}
if (gpdebug === false) {
if (!$report_error) {
return false;
}
//if it's an addon error, only report if the addon was installed remotely
if (isset($addonFolderName) && $addonFolderName) {
if (!isset($config['addons'][$addonFolderName]['remote_install'])) {
return false;
}
//if it's a core error, it should be in the include folder
} elseif (strpos($filename, '/include/') === false) {
return false;
}
//record the error
$i = count($wbErrorBuffer);
$args['en' . $i] = $errno;
$args['el' . $i] = $linenum;
$args['em' . $i] = substr($errmsg, 0, 255);
$args['ef' . $i] = $filename;
//filename length checked later
if (isset($addon_current_id)) {
$args['ea' . $i] = $addon_current_id;
}
if (isset($addon_current_version) && $addon_current_version) {
$args['ev' . $i] = $addon_current_version;
}
if (is_object($page) && !empty($page->title)) {
$args['ep' . $i] = $page->title;
}
$wbErrorBuffer[$uniq] = $args;
return false;
}
$mess = '';
$mess .= '<fieldset style="padding:1em">';
$mess .= '<legend>' . $errortype[$errno] . ' (' . $errno . ')</legend> ' . $errmsg;
$mess .= '<br/> <b>in:</b> ' . $filename;
$mess .= '<br/> <b>on line:</b> ' . $linenum;
if (isset($_SERVER['REQUEST_URI'])) {
$mess .= '<br/> <b>Request:</b> ' . $_SERVER['REQUEST_URI'];
}
if (isset($_SERVER['REQUEST_METHOD'])) {
$mess .= '<br/> <b>Method:</b> ' . $_SERVER['REQUEST_METHOD'];
}
//mysql.. for some addons
if (function_exists('mysql_errno') && mysql_errno()) {
$mess .= '<br/> Mysql Error (' . mysql_errno() . ')' . mysql_error();
}
//attempting to entire all data can result in a blank screen
foreach ($backtrace as $i => $trace) {
foreach ($trace as $tk => $tv) {
if (is_array($tv)) {
$backtrace[$i][$tk] = 'array(' . count($tv) . ')';
} elseif (is_object($tv)) {
$backtrace[$i][$tk] = 'object ' . get_class($tv);
}
}
}
$mess .= '<div><a href="javascript:void(0)" onclick="var st = this.nextSibling.style; if( st.display==\'block\'){ st.display=\'none\' }else{st.display=\'block\'};return false;">Show Backtrace</a>';
$mess .= '<div class="nodisplay">';
$mess .= pre($backtrace);
$mess .= '</div></div>';
$mess .= '</p></fieldset>';
if (gpdebug === true) {
message($mess);
} elseif (class_exists('\\gp\\tool\\Emailer') && $report_error) {
$mailer = new \gp\tool\Emailer();
$mailer->SendEmail(gpdebug, 'debug ', $mess);
}
return false;
}
public function SendMessage()
{
global $langmessage, $config;
$headers = array();
$_POST += array('subject' => '', 'contact_nonce' => '', 'message' => '');
if (empty($_POST['message'])) {
msg($langmessage['OOPS'] . '(Invalid Message)');
return;
}
//check nonce
if (!\gp\tool::verify_nonce('contact_post', $_POST['contact_nonce'], true)) {
msg($langmessage['OOPS'] . '(Invalid Nonce)');
return;
}
if (!empty($_POST['contact_void'])) {
msg($langmessage['OOPS'] . '(Robot Detected)');
return;
}
//captcha
if (!\gp\tool\Recaptcha::Check()) {
return;
}
if (!\gp\tool\Plugins::Filter('contact_form_check', array(true))) {
return;
}
$mailer = new \gp\tool\Emailer();
//subject
$_POST['subject'] = strip_tags($_POST['subject']);
//message
$tags = '<p><div><span><font><b><i><tt><em><i><a><strong><blockquote>';
$message = nl2br(strip_tags($_POST['message'], $tags));
//reply name
if (!empty($_POST['email'])) {
//check format
if (!$this->ValidEmail($_POST['email'])) {
msg($langmessage['invalid_email']);
return false;
}
$replyName = str_replace(array("\r", "\n"), array(' '), $_POST['name']);
$replyName = strip_tags($replyName);
$replyName = htmlspecialchars($replyName);
$mailer->AddReplyTo($_POST['email'], $replyName);
if (\gp\tool::ConfigValue('from_use_user', false)) {
$mailer->SetFrom($_POST['email'], $replyName);
}
}
//check for required values
$require_email =& $config['require_email'];
if (strpos($require_email, 'email') !== false) {
if (empty($_POST['email'])) {
$field = \gp\tool\Output::SelectText('your_email');
msg($langmessage['OOPS_REQUIRED'], $field);
return false;
}
}
if (strpos($require_email, 'none') === false) {
if (empty($_POST['subject'])) {
$field = \gp\tool\Output::SelectText('subject');
msg($langmessage['OOPS_REQUIRED'], $field);
return false;
}
if (empty($message)) {
$field = \gp\tool\Output::SelectText('message');
msg($langmessage['OOPS_REQUIRED'], $field);
return false;
}
}
if ($mailer->SendEmail($config['toemail'], $_POST['subject'], $message)) {
msg($langmessage['message_sent']);
return true;
}
msg($langmessage['OOPS'] . ' (Send Failed)');
return false;
}
public function SendPassword()
{
global $langmessage, $config;
$users = \gp\tool\Files::Get('_site/users');
$username = $_POST['username'];
if (!isset($users[$username])) {
message($langmessage['OOPS']);
return false;
}
$userinfo = $users[$username];
if (empty($userinfo['email'])) {
message($langmessage['no_email_provided']);
return false;
}
$passwordChars = str_repeat('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', 3);
$newpass = str_shuffle($passwordChars);
$newpass = substr($newpass, 0, 8);
$pass_hash = \gp\tool\Session::PassAlgo($userinfo);
$users[$username]['newpass'] = \gp\tool::hash($newpass, $pass_hash);
if (!\gp\tool\Files::SaveData('_site/users', 'users', $users)) {
message($langmessage['OOPS']);
return false;
}
if (isset($_SERVER['HTTP_HOST'])) {
$server = $_SERVER['HTTP_HOST'];
} else {
$server = $_SERVER['SERVER_NAME'];
}
$link = \gp\tool::AbsoluteLink('Admin', $langmessage['login']);
$message = sprintf($langmessage['passwordremindertext'], $server, $link, $username, $newpass);
//send email
$mailer = new \gp\tool\Emailer();
if ($mailer->SendEmail($userinfo['email'], $langmessage['new_password'], $message)) {
list($namepart, $sitepart) = explode('@', $userinfo['email']);
$showemail = substr($namepart, 0, 3) . '...@' . $sitepart;
message(sprintf($langmessage['password_sent'], $username, $showemail));
return true;
}
message($langmessage['OOPS'] . ' (Email not sent)');
return false;
}
