function init(&$udm, $plugin_instance = null) { parent::init($udm, $plugin_instance); if (isset($_GET['email']) && email_is_valid($_GET['email']) && !$this->udm->uid) { $this->udm->setData(array('Email' => $_GET['email'])); } //do nothing if the user is using PHPlist if ($udm->getPlugin('PHPlist', 'Save')) { return true; } //otherwise initialize a blast module $init_blaster_method = 'init' . AMP_MODULE_BLAST; if (AMP_MODULE_BLAST && method_exists($this, $init_blaster_method)) { $this->{$init_blaster_method}($udm, $plugin_instance); } }
} if (!email_is_valid($to)) { echo '<p style="color: red;">You must set-up a valid (to) email address before this contact page will work.</p>'; } if (isset($_POST['contact_submitted'])) { $return = "\r"; $youremail = trim(htmlspecialchars($_POST['your_email'])); $yourname = stripslashes(strip_tags($_POST['your_name'])); $yourmessage = stripslashes(strip_tags($_POST['your_message'])); $contact_name = "Name: " . $yourname; $message_text = "Message: " . $yourmessage; $user_answer = trim(htmlspecialchars($_POST['user_answer'])); $answer = trim(htmlspecialchars($_POST['answer'])); $message = $contact_name . $return . $message_text; $headers = "From: " . $youremail; if (email_is_valid($youremail) && !eregi("\r", $youremail) && !eregi("\n", $youremail) && $yourname != "" && $yourmessage != "" && substr(md5($user_answer), 5, 10) === $answer) { mail($to, $subject, $message, $headers); $yourname = ''; $youremail = ''; $yourmessage = ''; echo '<p style="color: blue;">' . $contact_submitted . '</p>'; } else { echo '<p style="color: red;">Please enter your name, a valid email address, your message and the answer to the simple maths question before sending your message.</p>'; } } $number_1 = rand(1, 9); $number_2 = rand(1, 9); $answer = substr(md5($number_1 + $number_2), 5, 10); ?> <form id="contact" action="contact.php" method="post"> <div class="form_settings">
/** * Allows the validation of a custom field value without setting it * or needing a bug to exist. * @param integer $p_field_id Custom field identifier. * @param string $p_value Custom field value. * @return boolean * @access public */ function custom_field_validate($p_field_id, $p_value) { custom_field_ensure_exists($p_field_id); $t_query = 'SELECT name, type, possible_values, valid_regexp, access_level_rw, length_min, length_max, default_value FROM {custom_field} WHERE id=' . db_param(); $t_result = db_query($t_query, array($p_field_id)); $t_row = db_fetch_array($t_result); $t_name = $t_row['name']; $t_type = $t_row['type']; $t_possible_values = $t_row['possible_values']; $t_valid_regexp = $t_row['valid_regexp']; $t_length_min = $t_row['length_min']; $t_length_max = $t_row['length_max']; $t_default_value = $t_row['default_value']; $t_valid = true; $t_length = utf8_strlen($p_value); switch ($t_type) { case CUSTOM_FIELD_TYPE_STRING: # Empty fields are valid if ($t_length == 0) { break; } # Regular expression string validation if (!is_blank($t_valid_regexp)) { $t_valid &= preg_match('/' . $t_valid_regexp . '/', $p_value); } # Check the length of the string $t_valid &= 0 == $t_length_min || $t_length >= $t_length_min; $t_valid &= 0 == $t_length_max || $t_length <= $t_length_max; break; case CUSTOM_FIELD_TYPE_NUMERIC: # Empty fields are valid if ($t_length == 0) { break; } $t_valid &= is_numeric($p_value); # Check the length of the number $t_valid &= 0 == $t_length_min || $t_length >= $t_length_min; $t_valid &= 0 == $t_length_max || $t_length <= $t_length_max; break; case CUSTOM_FIELD_TYPE_FLOAT: # Empty fields are valid if ($t_length == 0) { break; } # Allow both integer and float numbers $t_valid &= is_numeric($p_value) || is_float($p_value); # Check the length of the number $t_valid &= 0 == $t_length_min || $t_length >= $t_length_min; $t_valid &= 0 == $t_length_max || $t_length <= $t_length_max; break; case CUSTOM_FIELD_TYPE_DATE: # gpc_get_cf for date returns the value from strtotime # For 32 bit systems, supported range will be 13 Dec 1901 20:45:54 UTC to 19 Jan 2038 03:14:07 UTC $t_valid &= $p_value !== false; break; case CUSTOM_FIELD_TYPE_CHECKBOX: case CUSTOM_FIELD_TYPE_MULTILIST: # Checkbox fields can hold a null value (when no checkboxes are ticked) if ($p_value === '') { break; } # If checkbox field value is not null then we need to validate it $t_values = explode('|', $p_value); $t_possible_values = custom_field_prepare_possible_values($t_row['possible_values']); $t_possible_values = explode('|', $t_possible_values); $t_invalid_values = array_diff($t_values, $t_possible_values); $t_valid &= count($t_invalid_values) == 0; break; case CUSTOM_FIELD_TYPE_ENUM: case CUSTOM_FIELD_TYPE_LIST: case CUSTOM_FIELD_TYPE_RADIO: # List fields can be empty (when they are not shown on the # form, or shown with no default values and never clicked) if (is_blank($p_value)) { break; } # If list field value is not empty then we need to validate it $t_possible_values = custom_field_prepare_possible_values($t_row['possible_values']); $t_values_arr = explode('|', $t_possible_values); $t_valid &= in_array($p_value, $t_values_arr); break; case CUSTOM_FIELD_TYPE_EMAIL: if ($p_value !== '') { $t_valid &= email_is_valid($p_value); } break; default: break; } return (bool) $t_valid; }
/** * Given a login username provided by the user via the web UI or our API, * get the user id. The login username can be a username or an email address. * The email address will work as long there is a single enabled account with * such address and it is not blank. * * @param string $p_login_name The login name. * @return integer|boolean user id or false. */ function auth_get_user_id_from_login_name($p_login_name) { $t_user_id = user_get_id_by_name($p_login_name); # If user is not found by name, check by email as long as there is only # a single match. if ($t_user_id === false && !is_blank($p_login_name) && config_get_global('email_login_enabled') && email_is_valid($p_login_name)) { $t_user_ids_by_email = user_get_enabled_ids_by_email($p_login_name); if (count($t_user_ids_by_email) == 1) { $t_user_id = $t_user_ids_by_email[0]; } } return $t_user_id; }
/** * Check if the email address is valid * trigger an ERROR if it isn't * @param string $p_email * @return null */ function email_ensure_valid($p_email) { if (!email_is_valid($p_email)) { trigger_error(ERROR_EMAIL_INVALID, ERROR); } }
function addemail($email, $listid) { if (email_is_valid($email)) { $emailid = emailcheck($email); if ($emailid) { echo $emailid; if (subcheck($emailid, $listid) != true) { subadd($emailid, $listid); } } else { $emailid = emailadd($email); emailprop($emailid); subadd($emailid, $listid); } } }
private function validate_email_address($p_email_address) { // Lets see if the email address is valid and maybe we already have a cached result if (isset($this->_validated_email_list[$p_email_address])) { $t_valid = $this->_validated_email_list[$p_email_address]; } else { $t_valid = email_is_valid($p_email_address) && ($this->_mail_disposable_email_checker === OFF || !email_is_disposable($p_email_address)); $this->_validated_email_list[$p_email_address] = $t_valid; } return $t_valid; }
function do_list_invalid_subscribers() { global $dbcon; $list = $_SESSION['list']; ## get mailing list ## $sql = "SELECT DISTINCT email.id, email.email "; $sql .= "FROM subscription, email "; $sql .= "WHERE email.id=subscription.userid "; if ($list != 9000) { $sql .= "AND subscription.listid={$list} "; } $result = $dbcon->Execute("{$sql}") or die($dbcon->ErrorMsg()); if ($result->RecordCount() == 0) { echo "No records returned"; } set_time_limit(0); echo "Invalid email addresses:<p>"; while (!$result->EOF) { if (!email_is_valid($result->Fields("email"))) { echo $result->Fields("id") . ' -- "' . $result->Fields("email") . '"<br>'; } $result->MoveNext(); } }
$fields_with_max_lengths = array("first_name" => 30, "last_name" => 30, "username" => 20, "email" => 30, "password" => 16); foreach ($fields_with_max_lengths as $field => $max) { $value = trim($_POST[$field]); if (!value_within_range($value, 1, $max)) { $error_messages[$field] = ucfirst($field) . " is too long."; } } $fields_required = array("first_name", "last_name", "username", "email", "password"); foreach ($fields_required as $field) { $value = trim($_POST[$field]); if (!has_presence($value)) { $error_messages[$field] = ucfirst($field) . " is required."; } } $email = trim($_POST["email"]); if (!email_is_valid($email)) { $error_messages["email"] = "Please enter a valid email address."; } // If there are no errors, proceed with the update. if (empty($error_messages)) { $_POST = array_map('addslashes', $_POST); $_POST = array_map('htmlentities', $_POST); $user_id = $id; $first_name = $_POST['first_name']; $last_name = $_POST['last_name']; $username = $_POST['username']; $email = $_POST['email']; $password = $_POST['password']; $user_type = $_POST['user_type']; $query = "UPDATE user SET "; $query .= "first_name = '{$first_name}', ";
//creates a user account //get variables $email1 = strtolower(set_post('email1', '')); $email2 = strtolower(set_post('email2', '')); $password1 = set_post('password1', ''); $password2 = set_post('password2', ''); //check if form submitted if (!isset($_POST['email1']) || !isset($_POST['email2']) || !isset($_POST['password1']) || !isset($_POST['password2'])) { return false; } //variables not set yet //error checking $terror = false; //if an error occurred if (!email_is_valid($email1) || !email_is_valid($email2)) { notices_set('Invalid email address', 'error'); $terror = true; } if ($email1 != $email2) { notices_set('Emails do not match', 'error'); $terror = true; } if (!password_is_valid($password1) || !password_is_valid($password2)) { notices_set('Invalid password - Passwords must be at least ' . REQ_PASSWORD_LENGTH, 'error'); $terror = true; } if ($password1 != $password2) { notices_set('Passwords do not match', 'error'); $terror = true; }
function do_login($username, $password) { //logs a user in //get variables $user = strtolower(sql_filter($username)); $password = sql_filter($password); //check if email or username login $tstring = " email='{$user}' "; if (!email_is_valid($user)) { $tstring = " username='******' "; } //hash password $sql = sql_query(" SELECT hash_token FROM `users` WHERE {$tstring} LIMIT 1 "); //get users unique hash token if (sql_count($sql) <= 0) { //no user found notices_set('Email or username not found, please try again.', 'error'); return false; } $data = sql_fetch($sql); //get user data $password = password_encrypt($password, $data['hash_token']); //use users hash token to create password //check login info $sql = sql_query(" SELECT * FROM `users` WHERE {$tstring} AND password='******' LIMIT 1 "); if (sql_count($sql) <= 0) { //wrong login info notices_set('Invalid password, please try again or request a password reset.', 'error'); return false; } $data = sql_fetch($sql); //get users info //set session info if (isset($_SESSION['notices'])) { $tnotices = $_SESSION['notices']; } //store current notices clear_session(); //clear old session session_start(); //start new session session_regenerate_id(); //create new session id //save session id and last login sql_query(" UPDATE `users` SET session_id='" . session_id() . "', last_login=NOW() WHERE id='{$data['id']}' LIMIT 1 "); //set session variables $_SESSION['id'] = $data['id']; //save users id $_SESSION['email'] = $data['email']; //save users email $_SESSION['notices'] = $tnotices; //pass last notices //set notices if (isset($data['confirm'])) { if (date('Y-m-d') > date('Y-m-d', strtotime($data['joined']))) { //over a day old since joined notices_set('Your email is not verified. We have sent you an email to verify your account. <a href="verify_resend?e=' . $email . '">Click here to send ' . $email . ' another confirmation code »</a>', 'alert'); } else { //just joined - don't tell them to reverify notices_set('Your email is not verified. We have sent you an email to verify your account.', 'alert'); } } //done return true; }
/** * Allows the validation of a custom field value without setting it * or needing a bug to exist. * @param int $p_field_id custom field id * @param string $p_value custom field value * @return bool * @access public */ function custom_field_validate($p_field_id, $p_value) { $c_field_id = db_prepare_int($p_field_id); custom_field_ensure_exists($p_field_id); $t_custom_field_table = db_get_table('custom_field'); $query = "SELECT name, type, possible_values, valid_regexp,\n\t\t\t\t \t\t access_level_rw, length_min, length_max, default_value\n\t\t\t\t FROM {$t_custom_field_table}\n\t\t\t\t WHERE id=" . db_param(); $result = db_query_bound($query, array($c_field_id)); $row = db_fetch_array($result); $t_name = $row['name']; $t_type = $row['type']; $t_possible_values = $row['possible_values']; $t_valid_regexp = $row['valid_regexp']; $t_length_min = $row['length_min']; $t_length_max = $row['length_max']; $t_default_value = $row['default_value']; $t_valid = true; $t_length = utf8_strlen($p_value); switch ($t_type) { case CUSTOM_FIELD_TYPE_STRING: # Regular expression string validation if (!is_blank($t_valid_regexp) && !is_blank($p_value)) { $t_valid &= preg_match("/{$t_valid_regexp}/", $p_value); } # Check the length of the string $t_valid &= 0 == $t_length_min || $t_length >= $t_length_min; $t_valid &= 0 == $t_length_max || $t_length <= $t_length_max; break; case CUSTOM_FIELD_TYPE_NUMERIC: $t_valid &= $t_length == 0 || is_numeric($p_value); break; case CUSTOM_FIELD_TYPE_FLOAT: # Allow both integer and float numbers $t_valid &= $t_length == 0 || is_numeric($p_value) || is_float($p_value); break; case CUSTOM_FIELD_TYPE_DATE: # gpc_get_cf for date returns the value from strftime # Either false (php >= 5.1) or -1 (php < 5.1) for failure $t_valid &= $p_value == null || $p_value !== false && $p_value > 0; break; case CUSTOM_FIELD_TYPE_CHECKBOX: # Checkbox fields can hold a null value (when no checkboxes are ticked) if ($p_value === '') { break; } # If checkbox field value is not null then we need to validate it... (note: no "break" statement here!) # If checkbox field value is not null then we need to validate it... (note: no "break" statement here!) case CUSTOM_FIELD_TYPE_MULTILIST: $t_values = explode('|', $p_value); $t_possible_values = custom_field_prepare_possible_values($row['possible_values']); $t_possible_values = explode('|', $t_possible_values); $t_invalid_values = array_diff($t_values, $t_possible_values); $t_valid &= count($t_invalid_values) == 0; break; case CUSTOM_FIELD_TYPE_ENUM: case CUSTOM_FIELD_TYPE_LIST: case CUSTOM_FIELD_TYPE_RADIO: $t_possible_values = custom_field_prepare_possible_values($row['possible_values']); $t_values_arr = explode('|', $t_possible_values); $t_valid &= in_array($p_value, $t_values_arr); break; case CUSTOM_FIELD_TYPE_EMAIL: if ($p_value !== '') { $t_valid &= email_is_valid($p_value); } break; default: break; } return (bool) $t_valid; }
<?php function email_is_valid($email) { return preg_match('/[^\\@]+\\@.+\\.[^\\.]{2,}/m', $email); } function is_ajax() { return strtolower(@$_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest'; } define('MCAPI_KEY', ''); define('MCAPI_LIST_ID', ''); $response = array('ok' => false, 'message' => 'No email found.'); if (isset($_POST['email']) && email_is_valid($_POST['email'])) { $email = $_REQUEST['email']; require_once 'wp-includes/MCAPI.class.php'; $mcapi = new MCAPI(MCAPI_KEY); $answer = $mcapi->listSubscribe(MCAPI_LIST_ID, $email, array('FNAME' => '', 'LNAME' => '', 'INTERESTS' => '')); if ($mcapi->errorCode) { $response['message'] = $mcapi->errorMessage; } else { $response['message'] = 'Thank you!'; $response['ok'] = true; } } else { $response['message'] = 'Please provide a valid email.'; } if (is_ajax()) { echo json_encode($response); exit; } else {
$system .= "<br>"; } $system .= $msg; } } if ($_POST['action'] == "edit") { $agilemantis_pb->id = $_POST['id']; $agilemantis_pb->name = $_POST['pbl_name']; $pb_name_old = $_POST['pbl_name_old']; $agilemantis_pb->email = $_POST['pbl_email']; $agilemantis_pb->user_id = $_POST['pbl_user_id']; $agilemantis_pb->description = $_POST['pbl_description']; if (empty($agilemantis_pb->name)) { $system = plugin_lang_get('edit_product_backlog_error_922600'); } else { if (empty($_POST['pbl_email']) || email_is_valid($agilemantis_pb->email) == false) { $system = plugin_lang_get('edit_product_backlog_error_923600'); } else { $isNewPBOk = !$_POST['id'] && $agilemantis_pb->isNameUnique(); // New PB with unique name? $isExistingPbOk = $_POST['id'] > 0 & ($agilemantis_pb->name != $pb_name_old && $agilemantis_pb->isNameUnique() || $agilemantis_pb->name == $pb_name_old); // PB name didn't change, Ok! if ($isNewPBOk || $isExistingPbOk) { if (!$agilemantis_pb->editProductBacklog()) { $system = plugin_lang_get('edit_product_backlog_error_982601'); } else { if ($_POST['pbl_email'] != $_POST['pbl_email_old']) { $t_team_user_id = $agilemantis_pb->getTeamUserId($agilemantis_pb->id); user_set_field($t_team_user_id, 'email', $_POST['pbl_email']); } $agilemantis_pb->updatePBCustomFieldStrings($pb_name_old, $agilemantis_pb->name);
function senddelemail($pemail) { global $board, $dbcon, $Web_url, $modinid; $getuid = $dbcon->Execute("Select id, uniqueid from {$board} where pemail = " . $dbcon->qstr($pemail)); $uid = $getuid->Fields("uniqueid"); $messagetext = "To remove your listing simply visit this page " . $Web_url . $board . "_signin.php?deluid={$uid}"; if (email_is_valid($pemail)) { mail($pemail, "remove your {$board} posting", "{$messagetext}", "From:" . AMPSystem_Email::sanitize($MM_email_from)); echo "An e-mail has been sent to you with instructions on how to remove yourself from the board."; } else { echo "Your email is invalid or not in our system<br><br>"; deleteform(); } }
function send_messages() { ignore_user_abort(1); set_time_limit(0); flush(); $message = $this->build_message(); if ($this->type == 'Email-Admin') { $sql = "Select distinct u.Email, m.message_ID from messages_to_contacts m, blast_system_users u where m.system_user_ID= u.id and m.status = 'New' and m.blast_ID =" . $this->blast_ID; } else { $sql = "Select distinct u.Email, m.message_ID from messages_to_contacts m, userdata u where m.user_ID= u.id and m.status = 'New' and m.blast_ID =" . $this->blast_ID; } $R = $this->dbcon->Execute($sql) or die($sql . $this->dbcon->ErrorMsg()); $this->set_message_blast_status('Loaded', 'New'); $this->set_blast_status("Sending Messages"); $this->set_start_time(); $good = 0; $bad = 0; $total = 0; while (!$R->EOF) { if (email_is_valid($R->Fields("Email"))) { $this->set_message_status($R->Fields("message_ID"), "Sending"); // cutomize the email message for this user $message_output = $this->encode_blast_email($message['htmlmessage'], $message['textmessage'], $R->Fields("message_ID")); $mail = new html_mime_mail(array("Reply-To: " . $message['reply_to_address'], "X-Mailer: AMP v3.5", "X-MessageId: " . $R->Fields("message_ID"))); // cutomize the email message for this user if ($message['sendformat'] == 'HTML' or $message['sendformat'] == 'HTML and Text') { $mail->add_html($message_output['html'], $message_output['text']); } else { if ($message['sendformat'] == 'Text') { $mail->add_text($message_output['text']); } } $mail->build_message(); if ($mail->send("", $R->Fields("Email"), $message['from_name'], $message['from_email'], $message['subject'])) { $good++; $this->set_message_status($R->Fields("message_ID"), "Done"); } else { $bad++; $this->set_message_status($R->Fields("message_ID"), "Server Failure"); } } else { $bad++; $this->set_message_status($R->Fields("message_ID"), "Bad Address"); } $total++; $R->MoveNext(); } $response = "{$good} messages sent, {$bad} messages failed to send in {$total} attempts.<br>"; $this->set_blast_status("Complete"); $this->set_start_time(); return $response; }
<?php //send a password reset request to a user //check if form submitted if (!isset($_POST['email'])) { return false; } //variables not set yet //get variables $email = set_post('email', ''); if (empty($email) || !email_is_valid($email)) { notices_set('Invalid email.', 'error'); return false; } //check if it is valid $sql = sql_query(" SELECT id FROM `users` WHERE email='{$email}' LIMIT 1 "); if (sql_count($sql) <= 0) { notices_set('Invalid email.', 'error'); return false; } $data = sql_fetch($sql); //create code $confirm = confirm_token_create($email); //delete all tokens for that email sql_query(" DELETE FROM `password_reset` WHERE user='******'id']}' LIMIT 1 "); //insert sql_query(" INSERT INTO `password_reset` (user, token) VALUES('{$data['id']}' , '{$confirm}') \n\t\t\tON DUPLICATE KEY UPDATE token='{$confirm}' "); //send email email_send('password_reset', 'Planling Password Reset', array($email => $email), array('{{%LINK%}}' => 'http://' . MAIN_URL . '/password?e=' . $email . '&t=' . $confirm)); //set message notices_set('Instructions on how to reset your password has been sent to <strong>' . $email . '</strong>.', 'success');
function e_addemail($email, $listid) { if (email_is_valid($email)) { $emailid = e_emailcheck($email); if ($emailid) { echo $emailid; if (e_subcheck($emailid, $listid) != true) { e_subadd($emailid, $listid); } } else { $emailid = e_emailadd($email); //emailprop($emailid); e_subadd($emailid, $listid); } } // end valid }