function subscribe($lang)
{
global $sitekey, $system_languages;
$with_locale = count($system_languages) > 1;
// true, false
$with_captcha = true;
$action = 'init';
if (isset($_POST['subscribe_send'])) {
$action = 'subscribe';
}
$confirmed = $code = $token = false;
$user_mail = user_profile('mail');
$user_locale = user_profile('locale');
if (!$user_locale) {
$user_locale = $lang;
}
$unsubscribe_page = false;
switch ($action) {
case 'init':
if ($sitekey) {
$unsubscribe_page = url('newsletterunsubscribe', $lang);
}
break;
case 'subscribe':
if (isset($_POST['subscribe_mail'])) {
$user_mail = strtolower(strflat(readarg($_POST['subscribe_mail'])));
}
if ($with_locale) {
if (isset($_POST['subscribe_locale'])) {
$user_locale = readarg($_POST['subscribe_locale']);
}
}
if (isset($_POST['subscribe_confirmed'])) {
$confirmed = readarg($_POST['subscribe_confirmed']) == 'on' ? true : false;
}
if (isset($_POST['subscribe_code'])) {
$code = readarg($_POST['subscribe_code']);
}
if (isset($_POST['subscribe_token'])) {
$token = readarg($_POST['subscribe_token']);
}
break;
default:
break;
}
$missing_code = false;
$bad_code = false;
$bad_token = false;
$missing_mail = false;
$bad_mail = false;
$duplicated_mail = false;
$missing_locale = false;
$bad_locale = false;
$missing_confirmation = false;
$email_registered = false;
$internal_error = false;
$contact_page = false;
switch ($action) {
case 'subscribe':
if (!isset($_SESSION['subscribe_token']) or $token != $_SESSION['subscribe_token']) {
$bad_token = true;
}
if ($with_captcha) {
if (!$code) {
$missing_code = true;
break;
}
$captcha = isset($_SESSION['captcha']['subscribe']) ? $_SESSION['captcha']['subscribe'] : false;
if (!$captcha or $captcha != strtoupper($code)) {
$bad_code = true;
break;
}
}
if (!$user_mail) {
$missing_mail = true;
} else {
if (!validate_mail($user_mail) or !is_mail_allowed($user_mail)) {
$bad_mail = true;
} else {
if (newsletter_get_user($user_mail)) {
$duplicated_mail = true;
}
}
}
if ($with_locale) {
if (!$user_locale) {
$missing_locale = true;
} else {
if (!validate_locale($user_locale)) {
$bad_locale = true;
}
}
}
if (!$confirmed) {
$missing_confirmation = true;
}
break;
default:
break;
}
switch ($action) {
case 'subscribe':
if ($bad_token or $missing_code or $bad_code or $missing_mail or $bad_mail or $duplicated_mail or $missing_locale or $bad_locale or $missing_confirmation) {
break;
}
$r = newsletter_create_user($user_mail, $user_locale);
if (!$r) {
$internal_error = true;
break;
}
require_once 'serveripaddress.php';
require_once 'emailme.php';
global $sitename;
$ip = server_ip_address();
$timestamp = strftime('%Y-%m-%d %H:%M:%S', time());
$subject = 'subscribe' . '@' . $sitename;
$msg = $ip . ' ' . $timestamp . ' ' . $lang . ' ' . $user_mail;
@emailme($subject, $msg);
$email_registered = true;
$confirmed = false;
break;
default:
break;
}
if ($internal_error) {
$contact_page = url('contact', $lang);
}
$_SESSION['subscribe_token'] = $token = token_id();
$errors = compact('missing_mail', 'bad_mail', 'missing_locale', 'bad_locale', 'duplicated_mail', 'missing_confirmation', 'missing_code', 'bad_code', 'internal_error', 'contact_page');
$infos = compact('email_registered');
$output = view('subscribe', $lang, compact('token', 'with_captcha', 'user_mail', 'with_locale', 'user_locale', 'confirmed', 'unsubscribe_page', 'errors', 'infos'));
return $output;
}
function remindme($lang)
{
$with_name = true;
$with_captcha = true;
$action = 'init';
if (isset($_POST['remindme_send'])) {
$action = 'remindme';
}
$login = $confirmed = $code = $token = false;
if (!empty($_SESSION['login'])) {
$login = $_SESSION['login'];
} else {
if (!empty($_SESSION['user']['name'])) {
$login = $_SESSION['user']['name'];
} else {
if (!empty($_SESSION['user']['mail'])) {
$login = $_SESSION['user']['mail'];
}
}
}
switch ($action) {
case 'remindme':
if (isset($_POST['remindme_login'])) {
$login = strtolower(strflat(readarg($_POST['remindme_login'])));
}
if (isset($_POST['remindme_confirmed'])) {
$confirmed = readarg($_POST['remindme_confirmed']) == 'on' ? true : false;
}
if (isset($_POST['remindme_code'])) {
$code = readarg($_POST['remindme_code']);
}
if (isset($_POST['remindme_token'])) {
$token = readarg($_POST['remindme_token']);
}
break;
default:
break;
}
$missing_code = false;
$bad_code = false;
$bad_token = false;
$missing_login = false;
$bad_login = false;
$missing_confirmation = false;
$email_sent = false;
$user_page = false;
$internal_error = false;
$contact_page = false;
switch ($action) {
case 'remindme':
if (!isset($_SESSION['remindme_token']) or $token != $_SESSION['remindme_token']) {
$bad_token = true;
}
if ($with_captcha) {
if (!$code) {
$missing_code = true;
break;
}
$captcha = isset($_SESSION['captcha']['remindme']) ? $_SESSION['captcha']['remindme'] : false;
if (!$captcha or $captcha != strtoupper($code)) {
$bad_code = true;
break;
}
}
if (!$login) {
$missing_login = true;
} else {
if ((!validate_user_name($login) or !is_user_name_allowed($login)) and (!validate_mail($login) or !is_mail_allowed($login))) {
$bad_login = true;
}
}
if (!$confirmed) {
$missing_confirmation = true;
}
break;
default:
break;
}
switch ($action) {
case 'remindme':
if ($bad_token or $missing_code or $bad_code or $missing_login or $bad_login or $missing_confirmation) {
break;
}
require_once 'models/user.inc';
$user_id = user_find($login);
if (!$user_id) {
$bad_login = true;
require_once 'log.php';
write_log('password.err', substr($login, 0, 40));
break;
}
$user = user_get($user_id);
if (!$user) {
$internal_error = true;
break;
}
if (!$user['user_active'] or $user['user_banned']) {
$bad_login = true;
break;
}
require_once 'newpassword.php';
$newpassword = newpassword();
if (!user_set_newpassword($user_id, $newpassword)) {
$internal_error = true;
break;
}
require_once 'emailcrypto.php';
global $sitename, $webmaster;
$to = $user['user_mail'];
$subject = translate('email:new_password_subject', $lang);
$msg = translate('email:new_password_text', $lang) . "\n\n" . translate('email:salutations', $lang);
if (!emailcrypto($msg, $newpassword, $to, $subject, $webmaster)) {
$internal_error = true;
} else {
$email_sent = $to;
}
$confirmed = false;
break;
default:
break;
}
if ($internal_error) {
$contact_page = url('contact', $lang);
} else {
if ($email_sent) {
$user_page = url('user', $lang);
}
}
$_SESSION['remindme_token'] = $token = token_id();
$errors = compact('missing_login', 'bad_login', 'missing_confirmation', 'missing_code', 'bad_code', 'internal_error', 'contact_page');
$infos = compact('email_sent', 'user_page');
$output = view('remindme', $lang, compact('token', 'with_captcha', 'with_name', 'login', 'confirmed', 'errors', 'infos'));
return $output;
}
function unsubscribe($lang)
{
$with_captcha = true;
$action = 'init';
if (isset($_POST['unsubscribe_send'])) {
$action = 'unsubscribe';
}
$confirmed = $code = $token = false;
$user_mail = user_profile('mail');
$subscribe_page = false;
switch ($action) {
case 'init':
$subscribe_page = url('newslettersubscribe', $lang);
break;
case 'unsubscribe':
if (isset($_POST['unsubscribe_mail'])) {
$user_mail = strtolower(strflat(readarg($_POST['unsubscribe_mail'])));
}
if (isset($_POST['unsubscribe_confirmed'])) {
$confirmed = readarg($_POST['unsubscribe_confirmed']) == 'on' ? true : false;
}
if (isset($_POST['unsubscribe_code'])) {
$code = readarg($_POST['unsubscribe_code']);
}
if (isset($_POST['unsubscribe_token'])) {
$token = readarg($_POST['unsubscribe_token']);
}
break;
default:
break;
}
$missing_code = false;
$bad_code = false;
$bad_token = false;
$missing_mail = false;
$bad_mail = false;
$unknown_mail = false;
$missing_confirmation = false;
$mail_unsubscribed = false;
$internal_error = false;
$contact_page = false;
switch ($action) {
case 'unsubscribe':
if (!isset($_SESSION['unsubscribe_token']) or $token != $_SESSION['unsubscribe_token']) {
$bad_token = true;
}
if ($with_captcha) {
if (!$code) {
$missing_code = true;
break;
}
$captcha = isset($_SESSION['captcha']['unsubscribe']) ? $_SESSION['captcha']['unsubscribe'] : false;
if (!$captcha or $captcha != strtoupper($code)) {
$bad_code = true;
break;
}
}
if (!$user_mail) {
$missing_mail = true;
} else {
if (!validate_mail($user_mail) or !is_mail_allowed($user_mail)) {
$bad_mail = true;
} else {
if (!newsletter_get_user($user_mail)) {
$unknown_mail = true;
}
}
}
if (!$confirmed) {
$missing_confirmation = true;
}
break;
default:
break;
}
switch ($action) {
case 'unsubscribe':
if ($bad_token or $missing_code or $bad_code or $missing_mail or $bad_mail or $unknown_mail or $missing_confirmation) {
break;
}
require_once 'urlencodeaction.php';
$id = 1;
// confirmnewsletterunsubscribe, see saction
$param = $user_mail;
$s64 = urlencodeaction($id, $param);
if (!$s64) {
$internal_error = true;
break;
}
$saction_page = url('saction', $lang);
if (!$saction_page) {
$internal_error = true;
break;
}
global $base_url;
$url = $base_url . $saction_page . '/' . $s64;
require_once 'emailtext.php';
$to = $user_mail;
$subject = translate('newsletter:unregister_subject', $lang);
$f = translate('newsletter:unregister_text', $lang);
$s = sprintf($f, $url);
$msg = $s . "\n\n" . translate('email:salutations', $lang);
emailtext($msg, $to, $subject, false);
$mail_unsubscribed = $user_mail;
$confirmed = false;
break;
default:
break;
}
if ($internal_error) {
$contact_page = url('contact', $lang);
}
$_SESSION['unsubscribe_token'] = $token = token_id();
$errors = compact('missing_mail', 'bad_mail', 'unknown_mail', 'missing_confirmation', 'missing_code', 'bad_code', 'internal_error', 'contact_page');
$infos = compact('mail_unsubscribed');
$output = view('unsubscribe', $lang, compact('token', 'with_captcha', 'user_mail', 'confirmed', 'subscribe_page', 'errors', 'infos'));
return $output;
}
