function forum_mail($to, $subject, $message, $reply_to_email = '', $reply_to_name = '')
{
global $forum_config, $lang_common;
// Default sender address
$from_name = sprintf($lang_common['Forum mailer'], $forum_config['o_board_title']);
$from_email = $forum_config['o_webmaster_email'];
($hook = get_hook('em_fn_forum_mail_start')) ? eval($hook) : null;
// Do a little spring cleaning
$to = forum_trim(preg_replace('#[\\n\\r]+#s', '', $to));
$subject = forum_trim(preg_replace('#[\\n\\r]+#s', '', $subject));
$from_email = forum_trim(preg_replace('#[\\n\\r:]+#s', '', $from_email));
$from_name = forum_trim(preg_replace('#[\\n\\r:]+#s', '', str_replace('"', '', $from_name)));
$reply_to_email = forum_trim(preg_replace('#[\\n\\r:]+#s', '', $reply_to_email));
$reply_to_name = forum_trim(preg_replace('#[\\n\\r:]+#s', '', str_replace('"', '', $reply_to_name)));
// Set up some headers to take advantage of UTF-8
$from = "=?UTF-8?B?" . base64_encode($from_name) . "?=" . ' <' . $from_email . '>';
$subject = "=?UTF-8?B?" . base64_encode($subject) . "?=";
$headers = 'From: ' . $from . "\r\n" . 'Date: ' . gmdate('r') . "\r\n" . 'MIME-Version: 1.0' . "\r\n" . 'Content-transfer-encoding: 8bit' . "\r\n" . 'Content-type: text/plain; charset=utf-8' . "\r\n" . 'X-Mailer: PunBB Mailer';
// If we specified a reply-to email, we deal with it here
if (!empty($reply_to_email)) {
$reply_to = "=?UTF-8?B?" . base64_encode($reply_to_name) . "?=" . ' <' . $reply_to_email . '>';
$headers .= "\r\n" . 'Reply-To: ' . $reply_to;
}
// Make sure all linebreaks are CRLF in message (and strip out any NULL bytes)
$message = str_replace(array("\n", ""), array("\r\n", ''), forum_linebreaks($message));
($hook = get_hook('em_fn_forum_mail_pre_send')) ? eval($hook) : null;
if ($forum_config['o_smtp_host'] != '') {
smtp_mail($to, $subject, $message, $headers);
} else {
// Change the linebreaks used in the headers according to OS
if (strtoupper(substr(PHP_OS, 0, 3)) == 'MAC') {
$headers = str_replace("\r\n", "\r", $headers);
} else {
if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN') {
$headers = str_replace("\r\n", "\n", $headers);
}
}
mail($to, $subject, $message, $headers);
}
}
if (!isset($form['rules']) || $form['rules'] != '1') {
$form['rules'] = '0';
}
if ($form['rules_message'] != '') {
$form['rules_message'] = forum_linebreaks($form['rules_message']);
} else {
$form['rules_message'] = $lang_admin_settings['Rules default'];
}
break;
case 'maintenance':
($hook = get_hook('aop_maintenance_validation')) ? eval($hook) : null;
if (!isset($form['maintenance']) || $form['maintenance'] != '1') {
$form['maintenance'] = '0';
}
if ($form['maintenance_message'] != '') {
$form['maintenance_message'] = forum_linebreaks($form['maintenance_message']);
} else {
$form['maintenance_message'] = $lang_admin_settings['Maintenance message default'];
}
break;
default:
($hook = get_hook('aop_new_section_validation')) ? eval($hook) : null;
break;
}
($hook = get_hook('aop_pre_update_configuration')) ? eval($hook) : null;
foreach ($form as $key => $input) {
// Only update permission values that have changed
if (array_key_exists('p_' . $key, $forum_config) && $forum_config['p_' . $key] != $input) {
$query = array('UPDATE' => 'config', 'SET' => 'conf_value=' . intval($input), 'WHERE' => 'conf_name=\'p_' . $forum_db->escape($key) . '\'');
($hook = get_hook('aop_qr_update_permission_conf')) ? eval($hook) : null;
$forum_db->query_build($query) or error(__FILE__, __LINE__);
if ($can_edit_subject) {
$subject = forum_trim($_POST['req_subject']);
if ($subject == '') {
$errors[] = $lang_post['No subject'];
} else {
if (utf8_strlen($subject) > 70) {
$errors[] = $lang_post['Too long subject'];
} else {
if ($forum_config['p_subject_all_caps'] == '0' && utf8_strtoupper($subject) == $subject && !$forum_page['is_admmod']) {
$subject = utf8_ucwords(utf8_strtolower($subject));
}
}
}
}
// Clean up message from POST
$message = forum_linebreaks(forum_trim($_POST['req_message']));
if (strlen($message) > FORUM_MAX_POSTSIZE_BYTES) {
$errors[] = sprintf($lang_post['Too long message'], forum_number_format(strlen($message)), forum_number_format(FORUM_MAX_POSTSIZE_BYTES));
} else {
if ($forum_config['p_message_all_caps'] == '0' && utf8_strtoupper($message) == $message && !$forum_page['is_admmod']) {
$message = utf8_ucwords(utf8_strtolower($message));
}
}
// Validate BBCode syntax
if ($forum_config['p_message_bbcode'] == '1' || $forum_config['o_make_links'] == '1') {
if (!defined('FORUM_PARSER_LOADED')) {
require FORUM_ROOT . 'include/parser.php';
}
$message = preparse_bbcode($message, $errors);
}
if ($message == '') {
}
($hook = get_hook('afo_edit_forum_selected')) ? eval($hook) : null;
// Fetch forum info
$query = array('SELECT' => 'f.id, f.forum_name, f.forum_desc, f.redirect_url, f.num_topics, f.sort_by, f.cat_id', 'FROM' => 'forums AS f', 'WHERE' => 'f.id=' . $forum_id);
($hook = get_hook('afo_edit_forum_qr_get_forum_details')) ? eval($hook) : null;
$result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
if (!$forum_db->num_rows($result)) {
message($lang_common['Bad request']);
}
$cur_forum = $forum_db->fetch_assoc($result);
// Update group permissions for $forum_id
if (isset($_POST['save'])) {
($hook = get_hook('afo_save_forum_form_submitted')) ? eval($hook) : null;
// Start with the forum details
$forum_name = forum_trim($_POST['forum_name']);
$forum_desc = forum_linebreaks(forum_trim($_POST['forum_desc']));
$cat_id = intval($_POST['cat_id']);
$sort_by = intval($_POST['sort_by']);
$redirect_url = isset($_POST['redirect_url']) && $cur_forum['num_topics'] == 0 ? forum_trim($_POST['redirect_url']) : null;
if ($forum_name == '') {
message($lang_admin_forums['Must enter forum message']);
}
if ($cat_id < 1) {
message($lang_common['Bad request']);
}
$forum_desc = $forum_desc != '' ? '\'' . $forum_db->escape($forum_desc) . '\'' : 'NULL';
$redirect_url = $redirect_url != '' ? '\'' . $forum_db->escape($redirect_url) . '\'' : 'NULL';
$query = array('UPDATE' => 'forums', 'SET' => 'forum_name=\'' . $forum_db->escape($forum_name) . '\', forum_desc=' . $forum_desc . ', redirect_url=' . $redirect_url . ', sort_by=' . $sort_by . ', cat_id=' . $cat_id, 'WHERE' => 'id=' . $forum_id);
($hook = get_hook('afo_save_forum_qr_update_forum')) ? eval($hook) : null;
$forum_db->query_build($query) or error(__FILE__, __LINE__);
// Now let's deal with the permissions
}
// Make sure we got a valid style string
if (isset($form['style'])) {
$form['style'] = preg_replace('#[\\.\\\\/]#', '', $form['style']);
if (!file_exists(FORUM_ROOT . 'style/' . $form['style'] . '/' . $form['style'] . '.php')) {
message($lang_common['Bad request']);
}
}
break;
case 'signature':
if ($forum_config['o_signatures'] == '0') {
message($lang_profile['Signatures disabled']);
}
($hook = get_hook('pf_change_details_signature_validation')) ? eval($hook) : null;
// Clean up signature from POST
$form['signature'] = forum_linebreaks(forum_trim($_POST['signature']));
// Validate signature
if (utf8_strlen($form['signature']) > $forum_config['p_sig_length']) {
$errors[] = sprintf($lang_profile['Sig too long'], forum_number_format($forum_config['p_sig_length']), forum_number_format(utf8_strlen($form['signature']) - $forum_config['p_sig_length']));
}
if (substr_count($form['signature'], "\n") > $forum_config['p_sig_lines'] - 1) {
$errors[] = sprintf($lang_profile['Sig too many lines'], forum_number_format($forum_config['p_sig_lines']));
}
if ($form['signature'] != '' && $forum_config['p_sig_all_caps'] == '0' && check_is_all_caps($form['signature']) && !$forum_user['is_admmod']) {
$form['signature'] = utf8_ucwords(utf8_strtolower($form['signature']));
}
// Validate BBCode syntax
if ($forum_config['p_sig_bbcode'] == '1' || $forum_config['o_make_links'] == '1') {
if (!defined('FORUM_PARSER_LOADED')) {
require FORUM_ROOT . 'include/parser.php';
}
private function prepare_message(&$errors)
{
if (!isset($_POST['req_message'])) {
message(App::$lang_common['Bad request']);
}
$message = forum_linebreaks(forum_trim($_POST['req_message']));
if ($message == '') {
$errors[] = App::$lang['No message'];
} else {
if (strlen($message) > App::$forum_config['o_reputation_maxmessage']) {
$errors[] = sprintf(App::$lang['Too long message'], App::$forum_config['o_reputation_maxmessage']);
}
}
if (App::$forum_config['p_message_bbcode'] == '1' || App::$forum_config['o_make_links'] == '1') {
if (!defined('FORUM_PARSER_LOADED')) {
require FORUM_ROOT . 'include/parser.php';
}
$message = preparse_bbcode($message, $errors);
}
return $message;
}
function pun_pm_save_message($body, $subject, $receiver_username, &$message_id)
{
global $lang_pun_pm, $forum_user, $forum_db, $forum_url, $forum_config, $forum_flash;
if (!isset($_POST['csrf_token']) || $_POST['csrf_token'] !== generate_form_token(forum_link($forum_url['pun_pm_send']))) {
csrf_confirm_form();
}
$errors = array();
($hook = get_hook('pun_pm_fn_save_message_pre_validation')) ? eval($hook) : null;
$receiver_id = pun_pm_get_receiver_id($receiver_username, $errors);
// Clean up body from POST
$body = forum_linebreaks($body);
if (strlen($body) > FORUM_MAX_POSTSIZE_BYTES) {
$errors[] = sprintf($lang_pun_pm['Too long message'], forum_number_format(strlen($body)), forum_number_format(FORUM_MAX_POSTSIZE_BYTES));
} else {
if ($forum_config['p_message_all_caps'] == '0' && utf8_strtoupper($body) == $body && !$forum_page['is_admmod']) {
$body = utf8_ucwords(utf8_strtolower($body));
}
}
// Validate BBCode syntax
if ($forum_config['p_message_bbcode'] == '1' || $forum_config['o_make_links'] == '1') {
global $smilies;
if (!defined('FORUM_PARSER_LOADED')) {
require FORUM_ROOT . 'include/parser.php';
}
$body = preparse_bbcode($body, $errors);
}
// Verify for errors
if ($body == '' && $subject == '' && $receiver_username == '') {
$errors[] = $lang_pun_pm['Empty all fields'];
}
($hook = get_hook('pun_pm_fn_save_message_pre_errors_check')) ? eval($hook) : null;
if (count($errors)) {
return $errors;
}
$now = time();
if ($message_id !== false) {
// Edit message
$query = array('UPDATE' => 'pun_pm_messages', 'SET' => 'status = \'draft\', receiver_id = ' . $receiver_id . ', lastedited_at = ' . $now . ', subject = \'' . $forum_db->escape($subject) . '\', body=\'' . $forum_db->escape($body) . '\'', 'WHERE' => 'id = ' . $message_id . ' AND sender_id = ' . $forum_user['id'] . ' AND (status = \'draft\' OR status = \'sent\')');
($hook = get_hook('pun_pm_fn_save_message_pre_edit_query')) ? eval($hook) : null;
$result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
if ($forum_db->affected_rows() != 1) {
$message_id = false;
$errors[] = $lang_pun_pm['Invalid message save'];
return $errors;
}
} else {
// Save new message
// Verify outbox count
if (!pun_pm_outbox_enough_space($forum_user['id'])) {
$errors[] = sprintf($lang_pun_pm['Outbox full'], $forum_config['o_pun_pm_outbox_size']);
return $errors;
}
// Save to DB
$query = array('INSERT' => 'sender_id, receiver_id, lastedited_at, read_at, status, subject, body', 'INTO' => 'pun_pm_messages', 'VALUES' => $forum_user['id'] . ', ' . $receiver_id . ', ' . $now . ', 0, \'draft\', \'' . $forum_db->escape($subject) . '\', \'' . $forum_db->escape($body) . '\'');
($hook = get_hook('pun_pm_fn_save_message_pre_new_save_query')) ? eval($hook) : null;
$result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
}
$forum_flash->add_info($lang_pun_pm['Message saved']);
($hook = get_hook('pun_pm_fn_save_message_pre_redirect')) ? eval($hook) : null;
redirect(forum_link($forum_url['pun_pm_outbox']), $lang_pun_pm['Message saved']);
}
}
($hook = get_hook('mi_report_selected')) ? eval($hook) : null;
// User pressed the cancel button
if (isset($_POST['cancel'])) {
redirect(forum_link($forum_url['post'], $post_id), $lang_common['Cancel redirect']);
}
if (isset($_POST['form_sent'])) {
($hook = get_hook('mi_report_form_submitted')) ? eval($hook) : null;
// Start with a clean slate
$errors = array();
// Flood protection
if ($forum_user['last_email_sent'] != '' && time() - $forum_user['last_email_sent'] < $forum_user['g_email_flood'] && time() - $forum_user['last_email_sent'] >= 0) {
message(sprintf($lang_misc['Report flood'], $forum_user['g_email_flood']));
}
// Clean up reason from POST
$reason = forum_linebreaks(forum_trim($_POST['req_reason']));
if ($reason == '') {
message($lang_misc['No reason']);
}
if (strlen($reason) > FORUM_MAX_POSTSIZE_BYTES) {
$errors[] = sprintf($lang_misc['Too long reason'], forum_number_format(strlen($reason)), forum_number_format(FORUM_MAX_POSTSIZE_BYTES));
}
if (empty($errors)) {
// Get some info about the topic we're reporting
$query = array('SELECT' => 't.id, t.subject, t.forum_id', 'FROM' => 'posts AS p', 'JOINS' => array(array('INNER JOIN' => 'topics AS t', 'ON' => 't.id=p.topic_id')), 'WHERE' => 'p.id=' . $post_id);
($hook = get_hook('mi_report_qr_get_topic_data')) ? eval($hook) : null;
$result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
$topic_info = $forum_db->fetch_assoc($result);
if (!$topic_info) {
message($lang_common['Bad request']);
}
($hook = get_hook('om_warnings_edit_type_selected')) ? eval($hook) : null;
// Fetch warning type
$query = array('SELECT' => 'o.id, o.warn_name, o.warn_desc, o.points, o.expire, o.restriction', 'FROM' => 'om_warnings_types AS o', 'WHERE' => 'o.id=' . $type_id);
($hook = get_hook('om_warnings_edit_type_qr_get_type')) ? eval($hook) : null;
$result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
$cur_warning = $forum_db->fetch_assoc($result);
// Warning type doesn't exist
if (is_null($cur_warning) || $cur_warning === false) {
message($lang_common['Bad request']);
}
// Update warning type
if (isset($_POST['save'])) {
($hook = get_hook('om_warnings_edit_type_form_submitted')) ? eval($hook) : null;
// Copy values to variables
$warn_name = forum_trim($_POST['warn_name']);
$warn_desc = forum_linebreaks(forum_trim($_POST['warn_desc']));
$points = intval($_POST['points']);
$expire = intval($_POST['expire']);
$restriction = !empty($_POST['restriction']) && $_POST['restriction'] != 'none' ? forum_trim($_POST['restriction']) : null;
($hook = get_hook('om_warnings_add_type_form_submitted')) ? eval($hook) : null;
// Check invalid values
if ($warn_name == '') {
message($lang_om_warnings['Must enter warning name']);
}
if ($points < 0) {
message($lang_om_warnings['Must be integer']);
}
if ($expire < 0) {
$expire = 0;
}
if (!is_null($restriction) && !array_key_exists($restriction, om_warnings_get_restrictions())) {
function startescrow_send_message($body, $subject, $receiver_username, $amount, &$message_id)
{
global $lang_escrows, $forum_user, $forum_db, $forum_url, $forum_config, $forum_flash;
$errors = array();
$receiver_id = startescrow_get_receiver_id($receiver_username, $errors);
if ($receiver_id == 'NULL' && empty($errors)) {
$errors[] = $lang_escrows['Empty receiver'];
}
// Clean up body from POST
$body = forum_linebreaks($body);
if ($body == '') {
$errors[] = $lang_escrows['Empty body'];
} elseif (strlen($body) > FORUM_MAX_POSTSIZE_BYTES) {
$errors[] = sprintf($lang_escrows['Too long message'], forum_number_format(strlen($body)), forum_number_format(FORUM_MAX_POSTSIZE_BYTES));
} elseif ($forum_config['p_message_all_caps'] == '0' && utf8_strtoupper($body) == $body && !$forum_page['is_admmod']) {
$body = utf8_ucwords(utf8_strtolower($body));
}
// Validate BBCode syntax
if ($forum_config['p_message_bbcode'] == '1' || $forum_config['o_make_links'] == '1') {
global $smilies;
if (!defined('FORUM_PARSER_LOADED')) {
require FORUM_ROOT . 'include/parser.php';
}
$body = preparse_bbcode($body, $errors);
}
// Sending message to the buyer
$btcaddress = get_free_btcaddress($errors);
//book the address
if (count($errors)) {
return $errors;
}
$now = time();
// Send new message
// Save to DB
$query = array('INSERT' => 'sender_id, receiver_id, status, lastedited_at, read_at, subject, body', 'INTO' => 'pun_pm_messages', 'VALUES' => $forum_user['id'] . ', ' . $receiver_id . ', \'sent\', ' . $now . ', 0, \'' . $forum_db->escape($subject) . '\', \'' . $forum_db->escape($body) . '\'');
$result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
$endtime = $now + $forum_config['o_empty_escrow_duration'] * 3600;
$endtime = date('Y-m-d H:i:s ', $endtime);
// Send message to the buyer
$body = sprintf($lang_escrows['Escrow buyer message'], $endtime, $amount, $btcaddress);
// Save to DB
$query = array('INSERT' => 'receiver_id, sender_id, status, lastedited_at, read_at, subject, body', 'INTO' => 'pun_pm_messages', 'VALUES' => $forum_user['id'] . ', ' . $receiver_id . ', \'sent\', ' . $now . ', 0, \'' . $forum_db->escape($subject) . '\', \'' . $forum_db->escape($body) . '\'');
$result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
// ########### Add to escrows table
$query = array('INSERT' => 'time, buyerid, sellerid, amount, subject, status, recivedtime, btcaddress', 'INTO' => 'escrows', 'VALUES' => $now . ', ' . $forum_user['id'] . ', ' . $receiver_id . ', ' . $amount . ', \'' . $forum_db->escape($subject) . '\', 0, 0, \'' . $btcaddress . '\'');
$result = $forum_db->query_build($query) or error(__FILE__, __LINE__);
startescrow_clear_cache($receiver_id);
// Clear cached 'New messages' in the user table
$forum_flash->add_info($lang_escrows['Escrow started']);
redirect(forum_link($forum_url['pun_pm_inbox']), $lang_escrows['Message sent']);
}
