function sendMail() { global $database, $my, $acl, $adminLanguage; global $mosConfig_sitename, $mosConfig_debug; global $mosConfig_mailfrom, $mosConfig_fromname; $n = 0; $message_body = mosGetParam($_POST, 'mm_message', ''); $message_body = stripslashes($message_body); $subject = mosGetParam($_POST, 'mm_subject', ''); $gou = mosGetParam($_POST, 'mm_group', NULL); $recurse = mosGetParam($_POST, 'mm_recurse', 'NO_RECURSE'); if (!$message_body || !$subject || $gou === null) { mosRedirect("index2.php?option=com_massmail&mosmsg=" . $adminLanguage->A_COMP_MASS_FILL); } // get users in the group out of the acl $to = $acl->get_group_objects($gou, 'ARO', $recurse); $rows = array(); if (count($to['users']) || $gou === '0') { // Get sending email address $database->setQuery("SELECT email FROM #__users WHERE id='{$my->id}'"); $my->email = $database->loadResult(); // Get all users email and group except for senders $database->setQuery("SELECT email FROM #__users" . "\n WHERE id != '{$my->id}'" . ($gou !== '0' ? " AND id IN (" . implode(',', $to['users']) . ")" : "")); $rows = $database->loadObjectList(); // Build e-mail message format $message_header = sprintf(_MASSMAIL_MESSAGE, $mosConfig_sitename); $message = $message_header . $message_body; $subject = $mosConfig_sitename . ' / ' . stripslashes($subject); //Send email foreach ($rows as $row) { mosMail($mosConfig_mailfrom, $mosConfig_fromname, $row->email, $subject, $message); } } mosRedirect("index2.php", $adminLanguage->A_COMP_MASS_SENT . " " . count($rows) . " " . $adminLanguage->A_COMP_MASS_USERS); }
function sendmail() { global $mosConfig_usecaptcha; $captcha_success = 0; if ($mosConfig_usecaptcha == '1') { session_name('mos_captcha'); session_start(); $spamstop = mosGetParam($_POST, 'spamstop', ''); if (isset($_SESSION['code']) && $_SESSION['code'] != "" && $_SESSION['code'] == $spamstop) { $captcha_success = 1; // success } else { $captcha_success = 2; // fail } } if ($captcha_success != '2') { $contact = new mosContact(); $contact->load($this->con_id); $default = mamboCore::get('mosConfig_sitename') . ' ' . T_('Enquiry'); $email = mosGetParam($_POST, 'email', ''); $text = mosGetParam($_POST, 'text', ''); $name = mosGetParam($_POST, 'name', ''); $subject = mosGetParam($_POST, 'subject', $default); $email_copy = mosGetParam($_POST, 'email_copy', 0); if (!$email or !$text or !$this->is_email($email) or $this->has_emailheaders($text) or $this->has_newlines($email) or $this->has_newlines($name) or $this->has_newlines($subject) or !isset($_SERVER['HTTP_USER_AGENT']) or $_SERVER['REQUEST_METHOD'] != 'POST') { echo "<script>alert (\"" . T_('Please make sure the form is complete and valid.') . "\"); window.history.go(-1);</script>"; exit(0); } $prefix = sprintf(T_('This is an enquiry e-mail via %s from:'), mamboCore::get('mosConfig_live_site')); $text = $prefix . "\n" . $name . ' <' . $email . '>' . "\n\n" . $text; mosMail($email, $name, $contact->email_to, mamboCore::get('mosConfig_fromname') . ': ' . $subject, $text); if ($email_copy) { $copy_text = sprintf(T_('The following is a copy of the message you sent to %s via %s '), $contact->name, mamboCore::get('mosConfig_sitename')); $copy_text = $copy_text . "\n\n" . $text . ''; $copy_subject = sprintf(T_('Copy of: %s'), $subject); mosMail(mamboCore::get('mosConfig_mailfrom'), mamboCore::get('mosConfig_fromname'), $email, $copy_subject, $copy_text); } ?> <script> alert( "<?php echo T_('Thank you for your e-mail ') . $name; ?> " ); document.location.href='<?php echo sefRelToAbs('index.php?option=com_contact&Itemid=' . $this->Itemid); ?> '; </script> <?php } else { echo "<SCRIPT> alert('Incorrect Security Code'); window.history.go(-1);</SCRIPT>"; } }
function sendMail() { global $database, $my, $acl; global $mosConfig_sitename; global $mosConfig_mailfrom, $mosConfig_fromname; josSpoofCheck(); $mode = intval(mosGetParam($_POST, 'mm_mode', 0)); $subject = strval(mosGetParam($_POST, 'mm_subject', '')); $gou = mosGetParam($_POST, 'mm_group', NULL); $recurse = strval(mosGetParam($_POST, 'mm_recurse', 'NO_RECURSE')); // pulls message inoformation either in text or html format if ($mode) { $message_body = $_POST['mm_message']; } else { // automatically removes html formatting $message_body = strval(mosGetParam($_POST, 'mm_message', '')); } $message_body = stripslashes($message_body); if (!$message_body || !$subject || $gou === null) { mosRedirect('index2.php?option=com_massmail&mosmsg=Please fill in the form correctly'); } // get users in the group out of the acl $to = $acl->get_group_objects($gou, 'ARO', $recurse); $rows = array(); if (count($to['users']) || $gou === '0') { // Get sending email address $query = "SELECT email" . "\n FROM #__users" . "\n WHERE id = " . (int) $my->id; $database->setQuery($query); $my->email = $database->loadResult(); mosArrayToInts($to['users']); $user_ids = 'id=' . implode(' OR id=', $to['users']); // Get all users email and group except for senders $query = "SELECT email" . "\n FROM #__users" . "\n WHERE id != " . (int) $my->id . ($gou !== '0' ? " AND ( {$user_ids} )" : ''); $database->setQuery($query); $rows = $database->loadObjectList(); // Build e-mail message format $message_header = sprintf(_MASSMAIL_MESSAGE, html_entity_decode($mosConfig_sitename, ENT_QUOTES)); $message = $message_header . $message_body; $subject = html_entity_decode($mosConfig_sitename, ENT_QUOTES) . ' / ' . stripslashes($subject); //Send email foreach ($rows as $row) { mosMail($mosConfig_mailfrom, $mosConfig_fromname, $row->email, $subject, $message, $mode); } } $msg = 'E-mail sent to ' . count($rows) . ' users'; mosRedirect('index2.php?option=com_massmail', $msg); }
function sendMail() { global $database, $my, $acl; global $mosConfig_sitename; global $mosConfig_mailfrom, $mosConfig_fromname; $mode = mosGetParam($_POST, 'mm_mode', 0); $subject = mosGetParam($_POST, 'mm_subject', ''); $gou = mosGetParam($_POST, 'mm_group', NULL); $recurse = mosGetParam($_POST, 'mm_recurse', 'NO_RECURSE'); $inc_blocked = mosGetParam($_POST, 'inc_blocked', 0); // pulls message inoformation either in text or html format if ($mode) { $message_body = $_POST['mm_message']; } else { // automatically removes html formatting $message_body = mosGetParam($_POST, 'mm_message', ''); } $message_body = stripslashes($message_body); if (!$message_body || !$subject || $gou === null) { $msg = T_('Please fill in the form correctly'); mosRedirect('index2.php?option=com_massmail&mosmsg=' . $msg); } // get users in the group out of the acl $to = $acl->get_group_objects($gou, 'ARO', $recurse); $rows = array(); if (count($to['users']) || $gou === '0') { // Get sending email address $query = "SELECT email FROM #__users WHERE id='{$my->id}'"; $database->setQuery($query); $my->email = $database->loadResult(); // Get all users email and group except for senders $query = "SELECT email FROM #__users" . "\n WHERE id != '{$my->id}'" . ($inc_blocked !== '0' ? " AND block = 0 " : '') . ($gou !== '0' ? " AND id IN (" . implode(',', $to['users']) . ")" : ''); $database->setQuery($query); $rows = $database->loadObjectList(); // Build e-mail message format $message_header = sprintf(T_("This is an email from '%s'\n\nMessage:\n"), $mosConfig_sitename); $message = $message_header . $message_body; $subject = $mosConfig_sitename . ' / ' . stripslashes($subject); //Send email foreach ($rows as $row) { mosMail($mosConfig_mailfrom, $mosConfig_fromname, $row->email, $subject, $message, $mode); } } $msg = sprintf(Tn_('E-mail sent to %d user.', 'E-mail sent to %d users.', count($rows)), count($rows)); mosRedirect('index2.php?option=com_massmail', $msg); }
function send($from_id = null, $to_id = null, $subject = null, $message = null) { global $database, $mosConfig_mailfrom, $mosConfig_fromname; if (is_object($this)) { $from_id = $from_id ? $from_id : $this->user_id_from; $to_id = $to_id ? $to_id : $this->user_id_to; $subject = $subject ? $subject : $this->subject; $message = $message ? $message : $this->message; } $query = "SELECT cfg_name, cfg_value" . "\n FROM #__messages_cfg" . "\n WHERE user_id = " . (int) $to_id; $database->setQuery($query); $config = $database->loadObjectList('cfg_name'); $locked = @$config['lock']->cfg_value; $domail = @$config['mail_on_new']->cfg_value; if (!$locked) { $this->user_id_from = $from_id; $this->user_id_to = $to_id; $this->subject = $subject; $this->message = $message; $this->date_time = date('Y-m-d H:i:s'); if ($this->store()) { if ($domail) { $query = "SELECT email" . "\n FROM #__users" . "\n WHERE id = " . (int) $to_id; $database->setQuery($query); $recipient = $database->loadResult(); $subject = _NEW_MESSAGE; $msg = _NEW_MESSAGE; mosMail($mosConfig_mailfrom, $mosConfig_fromname, $recipient, $subject, $msg); } return true; } } else { if (is_object($this)) { $this->_error = _MESSAGE_FAILED; } } return false; }
function send($from_id = null, $to_id = null, $subject = null, $message = null) { global $database; global $mosConfig_site_name; if (is_object($this)) { $from_id = $from_id ? $from_id : $this->user_id_from; $to_id = $to_id ? $to_id : $this->user_id_to; $subject = $subject ? $subject : $this->subject; $message = $message ? $message : $this->message; } $database->setQuery("SELECT cfg_name, cfg_value" . "\nFROM #__messages_cfg" . "\nWHERE user_id='{$to_id}'"); $config = $database->loadObjectList('cfg_name'); $locked = @$config['lock']->cfg_value; $domail = @$config['mail_on_new']->cfg_value; if (!$locked) { $this->user_id_from = $from_id; $this->user_id_to = $to_id; $this->subject = $subject; $this->message = $message; $this->date_time = date("Y-m-d H:i:s"); if ($this->store()) { if ($domail) { $database->setQuery("SELECT email FROM #__users WHERE id='{$to_id}'"); $recipient = $database->loadResult(); $subject = T_('A new private message has arrived'); $msg = T_('A new private message has arrived'); mosMail($mosConfig_mailfrom, $mosConfig_fromname, $recipient, $subject, $msg); } return true; } } else { if (is_object($this)) { $this->_error = T_('The user has locked their mailbox. Message failed.'); } } return false; }
/** * Shows the email form for a given content item. */ function emailContentSend($uid) { global $database, $mainframe; global $mosConfig_live_site, $mosConfig_sitename; global $mosConfig_mailfrom, $mosConfig_fromname; $_Itemid = $mainframe->getItemid($uid, 0, 0); $email = trim(mosGetParam($_POST, 'email', '')); $yourname = trim(mosGetParam($_POST, 'yourname', '')); $youremail = trim(mosGetParam($_POST, 'youremail', '')); $subject_default = sprintf(T_('Item sent by %s'), $yourname); $subject = trim(mosGetParam($_POST, 'subject', $subject_default)); session_start(); $form_check = mosGetParam($_POST, 'form_check', ''); if (empty($_SESSION['_form_check_']['com_content']) || $form_check != $_SESSION['_form_check_']['com_content']) { // the form hasn't been generated by the server on this session exit; } if (!$email || !$youremail || is_email($email) == false || is_email($youremail) == false) { echo "<script>alert (\"" . T_('You must enter valid e-mail addresses for both yourself and your recipient.') . "\"); window.history.go(-1);</script>"; exit(0); } $template = ''; $database->setQuery("SELECT template FROM #__templates_menu WHERE client_id='0' AND menuid='0'"); $template = $database->loadResult(); // link sent in email $link = sefRelToAbs($mosConfig_live_site . '/index.php?option=com_content&task=view&id=' . $uid . '&Itemid=' . $_Itemid); // message text $msg = sprintf(T_(' The following page from the \\"%s\\" website has been sent to you by %s ( %s ).\\n\\nYou can access it at the following url:\\n%s'), $mosConfig_sitename, $yourname, $youremail, $link); // mail function mosMail($mosConfig_mailfrom, $mosConfig_fromname, $email, $subject, $msg); HTML_content::emailSent($email, $template); }
/** * Shows the email form for a given content item. */ function emailContentSend($uid) { global $database, $mainframe; global $mosConfig_live_site, $mosConfig_sitename; global $mosConfig_mailfrom, $mosConfig_fromname; $_Itemid = $mainframe->getItemid($uid, 0, 0); $email = trim(mosGetParam($_POST, 'email', '')); $yourname = trim(mosGetParam($_POST, 'yourname', '')); $youremail = trim(mosGetParam($_POST, 'youremail', '')); $subject_default = _EMAIL_INFO . " {$yourname}"; $subject = trim(mosGetParam($_POST, 'subject', $subject_default)); if (!$email || !$youremail || is_email($email) == false || is_email($youremail) == false) { echo "<script>alert (\"" . _EMAIL_ERR_NOINFO . "\"); window.history.go(-1);</script>"; exit(0); } $template = ''; $database->setQuery("SELECT template FROM #__templates_menu WHERE client_id='0' AND menuid='0'"); $template = $database->loadResult(); // link sent in email $link = sefRelToAbs($mosConfig_live_site . '/index.php?option=com_content&task=view&id=' . $uid . '&Itemid=' . $_Itemid); // message text $msg = sprintf(_EMAIL_MSG, $mosConfig_sitename, $yourname, $youremail, $link); // mail function mosMail($mosConfig_mailfrom, $mosConfig_fromname, $email, $subject, $msg); HTML_content::emailSent($email, $template); }
/** * Shows the email form for a given content item. * @param int The content item id */ function emailContentSend($uid, $gid) { global $database, $mainframe; global $mosConfig_live_site, $mosConfig_sitename, $mosConfig_hideEmail; $id = intval(mosGetParam($_REQUEST, 'id', 0)); if ($id) { $query = 'SELECT attribs FROM #__content WHERE `id`=' . $id; $database->setQuery($query); $params = new mosParameters($database->loadResult()); } else { $params = new mosParameters(''); } $paramEmail = intval($params->get('email', 0)); if ($mosConfig_hideEmail && !$paramEmail) { echo _NOT_AUTH; return; } // simple spoof check security josSpoofCheck(1); // check for session cookie // Session Cookie `name` $sessionCookieName = mosMainFrame::sessionCookieName(); // Get Session Cookie `value` $sessioncookie = mosGetParam($_COOKIE, $sessionCookieName, null); if (!(strlen($sessioncookie) == 32 || $sessioncookie == '-')) { mosErrorAlert(_NOT_AUTH); } $itemid = intval(mosGetParam($_POST, 'itemid', 0)); $now = _CURRENT_SERVER_TIME; $nullDate = $database->getNullDate(); // query to check for state and access levels $query = "SELECT a.*, cc.name AS category, s.name AS section, s.published AS sec_pub, cc.published AS cat_pub," . "\n s.access AS sec_access, cc.access AS cat_access, s.id AS sec_id, cc.id as cat_id" . "\n FROM #__content AS a" . "\n LEFT JOIN #__categories AS cc ON cc.id = a.catid" . "\n LEFT JOIN #__sections AS s ON s.id = cc.section AND s.scope = 'content'" . "\n WHERE a.id = " . (int) $uid . "\n AND a.state = 1" . "\n AND a.access <= " . (int) $gid . "\n AND ( a.publish_up = " . $database->Quote($nullDate) . " OR a.publish_up <= " . $database->Quote($now) . " )" . "\n AND ( a.publish_down = " . $database->Quote($nullDate) . " OR a.publish_down >= " . $database->Quote($now) . " )"; $database->setQuery($query); $row = NULL; if ($database->loadObject($row)) { /* * check whether category is published */ if (!$row->cat_pub && $row->catid) { mosNotAuth(); return; } /* * check whether section is published */ if (!$row->sec_pub && $row->sectionid) { mosNotAuth(); return; } /* * check whether category access level allows access */ if ($row->cat_access > $gid && $row->catid) { mosNotAuth(); return; } /* * check whether section access level allows access */ if ($row->sec_access > $gid && $row->sectionid) { mosNotAuth(); return; } $email = strval(mosGetParam($_POST, 'email', '')); $yourname = strval(mosGetParam($_POST, 'yourname', '')); $youremail = strval(mosGetParam($_POST, 'youremail', '')); $subject = strval(mosGetParam($_POST, 'subject', '')); if (empty($subject)) { $subject = _EMAIL_INFO . ' ' . $yourname; } if ($uid < 1 || !$email || !$youremail || JosIsValidEmail($email) == false || JosIsValidEmail($youremail) == false) { mosErrorAlert(_EMAIL_ERR_NOINFO); } $query = "SELECT template" . "\n FROM #__templates_menu" . "\n WHERE client_id = 0" . "\n AND menuid = 0"; $database->setQuery($query); $template = $database->loadResult(); // determine Itemid for Item if ($itemid) { $_itemid = '&Itemid=' . $itemid; } else { $itemid = $mainframe->getItemid($uid, 0, 0); $_itemid = '&Itemid=' . $itemid; } // link sent in email $link = sefRelToAbs('index.php?option=com_content&task=view&id=' . $uid . $_itemid); // message text $msg = sprintf(_EMAIL_MSG, html_entity_decode($mosConfig_sitename, ENT_QUOTES), $yourname, $youremail, $link); // mail function $success = mosMail($youremail, $yourname, $email, $subject, $msg); if (!$success) { mosErrorAlert(_EMAIL_ERR_NOINFO); } HTML_content::emailSent($email, $template); } else { mosNotAuth(); return; } }
/** * comments for registered users */ function reviewBook($options, $catid) { PHP_booklibrary::addTitleAndMetaTags(); global $mainframe, $database, $my, $Itemid, $acl; global $booklibrary_configuration, $mosConfig_absolute_path; /* , $catid */ global $mosConfig_mailfrom, $session; if (!isset($my->id)) { //for 1.6 $my->id = 0; } if (!$GLOBALS['reviews_show'] || !checkAccessBL($GLOBALS['reviews_registrationlevel'], 'RECURSE', userGID_BL($my->id), $acl)) { echo _BOOKLIBRARY_NOT_AUTHORIZED; return; } $review = new mosBookLibrary_review($database); $review->date = date("Y-m-d H:i:s"); $review->fk_userid = $my->id; //********************* begin compare to key *************************** //********************** end compare to key ***************************** //********************** BEGIN review approve *************************** if ($booklibrary_configuration['approve_review']['show'] == '1') { $review->published = 1; } else { $review->published = 0; } if ($booklibrary_configuration['approve_review']['show']) { if (checkAccessBL($booklibrary_configuration['approve_review']['registrationlevel'], 'RECURSE', userGID_BL($my->id), $acl)) { $review->published = 1; } else { $review->published = 0; } } else { $review->published = 0; } //********************** END review approve *************************** if (!$review->bind($_POST)) { echo "<script> alert('" . addslashes($book->getError()) . "'); window.history.go(-1); </script>\n"; exit; } if (!$review->check()) { echo "<script> alert('" . addslashes($book->getError()) . "'); window.history.go(-1); </script>\n"; exit; } if (!$review->store()) { echo "<script> alert('" . addslashes($book->getError()) . "'); window.history.go(-1); </script>\n"; exit; } $review->updateRatingBook(); //*************** begin add send mail for admin ****************** if (version_compare(JVERSION, '3.0', 'lt')) { $menu = new JTableMenu($database); // for 1.6 $menu->load($Itemid); $params = new mosParameters($menu->params); } else { $menu = new JTableMenu($database); $menu->load($Itemid); $params = new JRegistry(); $params->loadString($menu->params); } if (!isset($my->id)) { //for 1.6 $my->id = 0; } if ($GLOBALS['review_added_email_show'] && trim($GLOBALS['review_email_address']) != "") { $params->def('show_email', 1); if (checkAccessBL($GLOBALS['review_added_email_registrationlevel'], 'RECURSE', userGID_BL($my->id), $acl)) { $params->def('show_input_email', 1); } } if ($params->get('show_input_email')) { $mail_to = explode(",", $GLOBALS['review_email_address']); // select book title $zapros = "SELECT title FROM #__booklibrary WHERE id = '" . intval($_POST['fk_bookid']) . "';"; $database->setQuery($zapros); $book_title = $database->loadObjectList(); echo $database->getErrorMsg(); $userid = $my->id; //select new review $zapros = "SELECT * FROM #__booklibrary_review WHERE date = '" . $review->date . "';"; $database->setQuery($zapros); $item_review = $database->loadObjectList(); echo $database->getErrorMsg(); $zapros = "SELECT name, email FROM #__users WHERE id=" . $userid . ";"; $database->setQuery($zapros); $item_user = $database->loadObjectList(); echo $database->getErrorMsg(); $rating = $item_review[0]->rating / 2; $query = "SELECT * FROM #__booklibrary WHERE id='" . $_REQUEST['fk_bookid'] . "'"; $database->setQuery($query); $book_name = $database->loadAssoc(); $username = isset($item_user[0]->name) ? $item_user[0]->name : "anonymous"; $message = _BOOKLIBRARY_EMAIL_NOTIFICATION_REVIEW; $message = str_replace("{username}", $username, $message); $message = str_replace("{book_title}", $book_name['title'], $message); $message = str_replace("{label title comment}", _BOOKLIBRARY_LABEL_TITLE_COMMENT, $message); $message = str_replace("{title}", $_REQUEST['title'], $message); $message = str_replace("{label rating}", _BOOKLIBRARY_LABEL_RATING, $message); $message = str_replace("{rating}", $_REQUEST['rating'], $message); $message = str_replace("{label label title review comment}", _BOOKLIBRARY_LABEL_TITLE_REVIEW_COMMENT, $message); $message = str_replace("{comment}", $_REQUEST['comment'], $message); if ($userid == 0) { mosMail($mosConfig_mailfrom, 'anonymous', $mail_to, 'New book review added', $message, true); } else { mosMail($mosConfig_mailfrom, $item_user[0]->name, $mail_to, 'New book review added', $message, true); } } mosRedirect("index.php?option=com_booklibrary&task=view&catid=" . $catid . "&id={$review->fk_bookid}&Itemid={$Itemid}"); }
/** * Sends mail to admin */ function mosSendAdminMail($adminName, $adminEmail, $email, $type, $title, $author) { global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_live_site; $subject = _MAIL_SUB . " '{$type}'"; $message = _MAIL_MSG; eval("\$message = \"{$message}\";"); mosMail($mosConfig_mailfrom, $mosConfig_fromname, $adminEmail, $subject, $message); }
/** * Mail function (uses phpMailer) * * @param string $from From e-mail address * @param string $fromName From name * @param mixed $recipient Recipient e-mail address(es) * @param string $subject E-mail subject * @param string $body Message body * @param boolean $mode false = plain text, true = HTML * @param mixed $cc CC e-mail address(es) * @param mixed $bcc BCC e-mail address(es) * @param mixed $attachment Attachment file name(s) * @param mixed $replyTo Reply to email address(es) * @param mixed $replyToName Reply to name(s) * @return boolean True on success */ function send($from, $fromName, $recipient, $subject, $body, $mode = 0, $cc = NULL, $bcc = NULL, $attachment = NULL, $replyTo = NULL, $replyToName = NULL) { if (JCOMMENTS_JVERSION == '1.5') { return JUTility::sendMail($from, $fromName, $recipient, $subject, $body, $mode, $cc, $bcc, $attachment, $replyTo, $replyToName); } return mosMail($from, $fromName, $recipient, $subject, $body, $mode, $cc, $bcc, $attachment, $replyTo, $replyToName); }
function saveRegistration($option) { global $database, $my, $acl; global $mosConfig_sitename, $mosConfig_live_site, $mosConfig_useractivation, $mosConfig_allowUserRegistration; global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_mailfrom, $mosConfig_fromname; if ($mosConfig_allowUserRegistration == "0") { mosNotAuth(); return; } $row = new mosUser($database); if (!$row->bind($_POST, "usertype")) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } mosMakeHtmlSafe($row); $row->id = 0; $row->usertype = ''; $row->gid = $acl->get_group_id('Registered', 'ARO'); if ($mosConfig_useractivation == "1") { $row->activation = md5(mosMakePassword()); $row->block = "1"; } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $pwd = $row->password; $row->password = md5($row->password); $row->registerDate = date("Y-m-d H:i:s"); if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } //// Begin UserExtended include "administrator/components/com_user_extended/user_extended.class.php"; $rowExtended = new mosUser_Extended($database); if (!$rowExtended->bind($_POST)) { echo "<script> alert('" . $rowExtended->getError() . "'); window.history.go(-1); </script>\n"; exit; } if (!$rowExtended->check()) { echo "<script> alert('" . $rowExtended->getError() . "'); window.history.go(-1); </script>\n"; exit; } if (!$rowExtended->storeExtended($row->id)) { echo "<script> alert('" . $rowExtended->getError() . "'); window.history.go(-1); </script>\n"; exit; } //// End UserExtended $row->checkin(); $name = $row->name; $email = $row->email; $username = $row->username; $subject = sprintf(_SEND_SUB, $name, $mosConfig_sitename); $subject = html_entity_decode($subject, ENT_QUOTES); if ($mosConfig_useractivation == "1") { $message = sprintf(_USEND_MSG_ACTIVATE, $name, $mosConfig_sitename, $mosConfig_live_site . "/index.php?option=com_registration&task=activate&activation=" . $row->activation, $mosConfig_live_site, $username, $pwd); } else { $message = sprintf(_USEND_MSG, $name, $mosConfig_sitename, $mosConfig_live_site); } $message = html_entity_decode($message, ENT_QUOTES); // Send email to user if ($mosConfig_mailfrom != "" && $mosConfig_fromname != "") { $adminName2 = $mosConfig_fromname; $adminEmail2 = $mosConfig_mailfrom; } else { $database->setQuery("SELECT name, email FROM #__users" . "\n WHERE usertype='superadministrator'"); $rows = $database->loadObjectList(); $row2 = $rows[0]; $adminName2 = $row2->name; $adminEmail2 = $row2->email; } mosMail($adminEmail2, $adminName2, $email, $subject, $message); // Send notification to all administrators $subject2 = sprintf(_SEND_SUB, $name, $mosConfig_sitename); $message2 = sprintf(_ASEND_MSG, $adminName2, $mosConfig_sitename, $row->name, $email, $username); $subject2 = html_entity_decode($subject2, ENT_QUOTES); $message2 = html_entity_decode($message2, ENT_QUOTES); // get superadministrators id $admins = $acl->get_group_objects(25, 'ARO'); foreach ($admins['users'] as $id) { $database->setQuery("SELECT email, sendEmail FROM #__users" . "\n WHERE id='{$id}'"); $rows = $database->loadObjectList(); $row = $rows[0]; if ($row->sendEmail) { mosMail($adminEmail2, $adminName2, $row->email, $subject2, $message2); } } if ($mosConfig_useractivation == "1") { echo _REG_COMPLETE_ACTIVATE; } else { echo _REG_COMPLETE; } }
function sendmail($con_id, $option) { global $mainframe, $database, $Itemid; global $mosConfig_sitename, $mosConfig_live_site, $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_db; // simple spoof check security josSpoofCheck(1); $query = "SELECT *" . "\n FROM #__contact_details" . "\n WHERE id = " . (int) $con_id; $database->setQuery($query); $contact = $database->loadObjectList(); if (count($contact) > 0) { $default = $mosConfig_sitename . ' ' . _ENQUIRY; $email = strval(mosGetParam($_POST, 'email', '')); $text = strval(mosGetParam($_POST, 'text', '')); $name = strval(mosGetParam($_POST, 'name', '')); $subject = strval(mosGetParam($_POST, 'subject', $default)); $email_copy = strval(mosGetParam($_POST, 'email_copy', 0)); $menu = $mainframe->get('menu'); $mparams = new mosParameters($menu->params); $bannedEmail = $mparams->get('bannedEmail', ''); $bannedSubject = $mparams->get('bannedSubject', ''); $bannedText = $mparams->get('bannedText', ''); $sessionCheck = $mparams->get('sessionCheck', 1); // check for session cookie if ($sessionCheck) { // Session Cookie `name` $sessionCookieName = mosMainFrame::sessionCookieName(); // Get Session Cookie `value` $sessioncookie = mosGetParam($_COOKIE, $sessionCookieName, null); if (!(strlen($sessioncookie) == 32 || $sessioncookie == '-')) { mosErrorAlert(_NOT_AUTH); } } // Prevent form submission if one of the banned text is discovered in the email field if ($bannedEmail) { $bannedEmail = explode(';', $bannedEmail); foreach ($bannedEmail as $value) { if (stristr($email, $value)) { mosErrorAlert(_NOT_AUTH); } } } // Prevent form submission if one of the banned text is discovered in the subject field if ($bannedSubject) { $bannedSubject = explode(';', $bannedSubject); foreach ($bannedSubject as $value) { if (stristr($subject, $value)) { mosErrorAlert(_NOT_AUTH); } } } // Prevent form submission if one of the banned text is discovered in the text field if ($bannedText) { $bannedText = explode(';', $bannedText); foreach ($bannedText as $value) { if (stristr($text, $value)) { mosErrorAlert(_NOT_AUTH); } } } // test to ensure that only one email address is entered $check = explode('@', $email); if (strpos($email, ';') || strpos($email, ',') || strpos($email, ' ') || count($check) > 2) { mosErrorAlert(_CONTACT_MORE_THAN); } if (!$email || !$text || JosIsValidEmail($email) == false) { mosErrorAlert(_CONTACT_FORM_NC); } $prefix = sprintf(_ENQUIRY_TEXT, $mosConfig_live_site); $text = $prefix . "\n" . $name . ' <' . $email . '>' . "\n\n" . stripslashes($text); $success = mosMail($email, $name, $contact[0]->email_to, $mosConfig_fromname . ': ' . $subject, $text); if (!$success) { mosErrorAlert(_CONTACT_FORM_NC); } // parameter check $params = new mosParameters($contact[0]->params); $emailcopyCheck = $params->get('email_copy', 0); // check whether email copy function activated if ($email_copy && $emailcopyCheck) { $copy_text = sprintf(_COPY_TEXT, $contact[0]->name, $mosConfig_sitename); $copy_text = $copy_text . "\n\n" . $text . ''; $copy_subject = _COPY_SUBJECT . $subject; $success = mosMail($mosConfig_mailfrom, $mosConfig_fromname, $email, $copy_subject, $copy_text); if (!$success) { mosErrorAlert(_CONTACT_FORM_NC); } } $link = sefRelToAbs('index.php?option=com_contact&task=view&contact_id=' . $contact[0]->id . '&Itemid=' . $Itemid); mosRedirect($link, _THANK_MESSAGE); } }
function saveUser($task) { global $database, $my, $acl; global $mosConfig_live_site, $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_sitename; josSpoofCheck(); $userIdPosted = mosGetParam($_POST, 'id'); if ($userIdPosted) { $msg = checkUserPermissions(array($userIdPosted), 'save', in_array($my->gid, array(24, 25))); if ($msg) { echo "<script type=\"text/javascript\"> alert('" . $msg . "'); window.history.go(-1);</script>\n"; exit; } } $row = new mosUser($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->name = trim($row->name); $row->email = trim($row->email); $row->username = trim($row->username); // sanitise fields $row->id = (int) $row->id; // sanitise gid field $row->gid = (int) $row->gid; $isNew = !$row->id; $pwd = ''; // MD5 hash convert passwords if ($isNew) { // new user stuff if ($row->password == '') { $pwd = mosMakePassword(); $salt = mosMakePassword(16); $crypt = md5($pwd . $salt); $row->password = $crypt . ':' . $salt; } else { $pwd = trim($row->password); $salt = mosMakePassword(16); $crypt = md5($pwd . $salt); $row->password = $crypt . ':' . $salt; } $row->registerDate = date('Y-m-d H:i:s'); } else { $original = new mosUser($database); $original->load((int) $row->id); // existing user stuff if ($row->password == '') { // password set to null if empty $row->password = null; } else { $row->password = trim($row->password); $salt = mosMakePassword(16); $crypt = md5($row->password . $salt); $row->password = $crypt . ':' . $salt; } // if group has been changed and where original group was a Super Admin if ($row->gid != $original->gid) { if ($original->gid == 25) { // count number of active super admins $query = "SELECT COUNT( id )" . "\n FROM #__users" . "\n WHERE gid = 25" . "\n AND block = 0"; $database->setQuery($query); $count = $database->loadResult(); if ($count <= 1) { // disallow change if only one Super Admin exists echo "<script> alert('You cannot change this users Group as it is the only active Super Administrator for your site'); window.history.go(-1); </script>\n"; exit; } } $user_group = strtolower($acl->get_group_name($original->gid, 'ARO')); if ($user_group == 'super administrator' && $my->gid != 25) { // disallow change of super-Admin by non-super admin echo "<script> alert('You cannot change this users Group as you are not a Super Administrator for your site'); window.history.go(-1); </script>\n"; exit; } else { if ($my->gid == 24 && $original->gid == 24) { // disallow change of super-Admin by non-super admin echo "<script> alert('You cannot change the Group of another Administrator as you are not a Super Administrator for your site'); window.history.go(-1); </script>\n"; exit; } } // ensure user can't add group higher than themselves done below } } /* // if user is made a Super Admin group and user is NOT a Super Admin if ( $row->gid == 25 && $my->gid != 25 ) { // disallow creation of Super Admin by non Super Admin users echo "<script> alert('You cannot create a user with this user Group level, only Super Administrators have this ability'); window.history.go(-1); </script>\n"; exit(); } */ // Security check to avoid creating/editing user to higher level than himself: response to artf4529. if (!in_array($row->gid, getGIDSChildren($my->gid))) { // disallow creation of Super Admin by non Super Admin users echo "<script> alert('You cannot create a user with this user Group level, only Super Administrators have this ability'); window.history.go(-1); </script>\n"; exit; } // save usertype to usertype column $query = "SELECT name" . "\n FROM #__core_acl_aro_groups" . "\n WHERE group_id = " . (int) $row->gid; $database->setQuery($query); $usertype = $database->loadResult(); $row->usertype = $usertype; // save params $params = mosGetParam($_POST, 'params', ''); if (is_array($params)) { $txt = array(); foreach ($params as $k => $v) { $txt[] = "{$k}={$v}"; } $row->params = implode("\n", $txt); } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->checkin(); // updates the current users param settings if ($my->id == $row->id) { //session_start(); $_SESSION['session_user_params'] = $row->params; session_write_close(); } // update the ACL if (!$isNew) { $query = "SELECT aro_id" . "\n FROM #__core_acl_aro" . "\n WHERE value = " . (int) $row->id; $database->setQuery($query); $aro_id = $database->loadResult(); $query = "UPDATE #__core_acl_groups_aro_map" . "\n SET group_id = " . (int) $row->gid . "\n WHERE aro_id = " . (int) $aro_id; $database->setQuery($query); $database->query() or die($database->stderr()); } // for new users, email username and password if ($isNew) { $query = "SELECT email" . "\n FROM #__users" . "\n WHERE id = " . (int) $my->id; $database->setQuery($query); $adminEmail = $database->loadResult(); $subject = _NEW_USER_MESSAGE_SUBJECT; $message = sprintf(_NEW_USER_MESSAGE, $row->name, $mosConfig_sitename, $mosConfig_live_site, $row->username, $pwd); if ($mosConfig_mailfrom != "" && $mosConfig_fromname != "") { $adminName = $mosConfig_fromname; $adminEmail = $mosConfig_mailfrom; } else { $query = "SELECT name, email" . "\n FROM #__users" . "\n WHERE gid = 25"; $database->setQuery($query); $admins = $database->loadObjectList(); $admin = $admins[0]; $adminName = $admin->name; $adminEmail = $admin->email; } mosMail($adminEmail, $adminName, $row->email, $subject, $message); } if (!$isNew) { // if group has been changed if ($original->gid != $row->gid) { // delete user acounts active sessions logoutUser($row->id, 'com_users', 'change'); } } switch ($task) { case 'apply': $msg = 'Successfully Saved changes to User: '******'index2.php?option=com_users&task=editA&hidemainmenu=1&id=' . $row->id, $msg); break; case 'save': default: $msg = 'Successfully Saved User: '******'index2.php?option=com_users', $msg); break; } }
function sendmail($con_id, $option) { global $database, $Itemid; global $mosConfig_sitename, $mosConfig_mailfrom, $mosConfig_fromname; $database->setQuery("SELECT email_to FROM #__contact_details WHERE id='{$con_id}'"); $email_to = $database->loadResult(); $default = $mosConfig_sitename . ' ' . _ENQUIRY; $email = trim(mosGetParam($_POST, 'email', '')); $text = trim(mosGetParam($_POST, 'text', '')); $name = trim(mosGetParam($_POST, 'name', '')); $subject = trim(mosGetParam($_POST, 'subject', $default)); $email_copy = mosGetParam($_POST, 'email_copy', 0); if (!$email || !$text || is_email($email) == false) { echo "<script>alert (\"" . _CONTACT_FORM_NC . "\"); window.history.go(-1);</script>"; exit(0); } $text = _ENQUIRY_TEXT . ' ' . $name . ' (' . $email . ')' . "\r \n" . stripslashes($text); mosMail($mosConfig_mailfrom, $mosConfig_fromname, $email_to, $subject, $text); if ($email_copy) { $copy_text = sprintf(_COPY_TEXT, $mosConfig_sitename); $copy_text = $copy_text . "\n\n" . $text . ''; $copy_subject = _COPY_SUBJECT . $subject; mosMail($mosConfig_mailfrom, $mosConfig_fromname, $email, $copy_subject, $copy_text); } ?> <script> alert( "<?php echo _THANK_MESSAGE; ?> " ); document.location.href='<?php echo sefRelToAbs("index.php?option={$option}&Itemid={$Itemid}"); ?> '; </script> <?php }
function saveUser($option) { global $database, $my; global $mosConfig_live_site, $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_sitename; $row = new mosUser($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $isNew = !$row->id; $pwd = ''; if ($isNew) { // new user stuff if ($row->password == '') { $pwd = mosMakePassword(); $row->password = md5($pwd); } else { $pwd = $row->password; $row->password = md5($row->password); } $row->registerDate = date('Y-m-d H:i:s'); } else { // existing user stuff if ($row->password == '') { // password set to null if empty $row->password = null; } else { $row->password = md5($row->password); } } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n"; exit; } if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n"; exit; } // update the ACL if ($isNew) { } else { $query = "SELECT aro_id FROM #__core_acl_aro WHERE value='{$row->id}'"; $database->setQuery($query); $aro_id = $database->loadResult(); $query = "UPDATE #__core_acl_groups_aro_map" . "\n SET group_id = '{$row->gid}'" . "\n WHERE aro_id = '{$aro_id}'"; $database->setQuery($query); $database->query() or die($database->stderr()); } $row->checkin(); if ($isNew) { $query = "SELECT email FROM #__users WHERE id={$my->id}"; $database->setQuery($query); $adminEmail = $database->loadResult(); $subject = _NEW_USER_MESSAGE_SUBJECT; $message = sprintf(_NEW_USER_MESSAGE, $row->name, $mosConfig_sitename, $mosConfig_live_site, $row->username, $pwd); if ($mosConfig_mailfrom != "" && $mosConfig_fromname != "") { $adminName = $mosConfig_fromname; $adminEmail = $mosConfig_mailfrom; } else { $query = "SELECT name, email FROM #__users WHERE usertype='superadministrator'"; $database->setQuery($query); $rows = $database->loadObjectList(); $row = $rows[0]; $adminName = $row->name; $adminEmail = $row->email; } mosMail($adminEmail, $adminName, $row->email, $subject, $message); } $limit = intval(mosGetParam($_REQUEST, 'limit', 10)); $limitstart = intval(mosGetParam($_REQUEST, 'limitstart', 0)); mosRedirect('index2.php?option=' . $option); }
if ($captcha_success != '2') { # if registered users only if (!$allow_anonymous_entries and !$is_user) { $link = sefRelToAbs("index.php?option=content&task=view&id={$articleid}"); echo "<SCRIPT>alert('Please register to add comments'); document.location.href='" . $link . "';</SCRIPT>"; } else { $comments = strip_tags($comments); $comments = mysql_escape_string(strip_tags($comments)); $startdate = date("Y-m-d H:i:s"); $ip = getenv('REMOTE_ADDR'); $query = "INSERT INTO #__comment SET articleid='{$articleid}', ip='{$ip}', name='{$mcname}', comments='{$comments}', startdate='{$startdate}', published='{$auto_publish_comments}';"; $database->setQuery($query); $database->query(); if ($notify_new_entries == "1") { // messaging for new items require_once $mosConfig_absolute_path . "/includes/mambofunc.php"; $message = "A new comment has been added\n\n" . $comments; if ($auto_publish_comments == "0") { $message = $message . "\n\nYou have chosen not to auto publish new comments. Therefore you need to log in and publish new posts to make them visible."; } mosMail($mosConfig_mailfrom, $mosConfig_mailfrom, $mosConfig_mailfrom, "A new comment has been submitted", $message); } $msg = 'Thanks. Your comment has been successfully saved. '; if ($auto_publish_comments == "0") { $msg = $msg . "The Administrator will review and publish your comment shortly."; } mosRedirect("index.php?option=com_content&task=view&id=" . $articleid . "&Itemid=" . $mcitemid . "&limit=" . $limit . "&limitstart=" . $limitstart, $msg); } } else { echo "<SCRIPT> alert('Incorrect Security Code');\t\t\tdocument.location='index.php?option=com_content&task=view&id={$articleid}&Itemid={$mcitemid}&limit={$limit}&limitstart={$limitstart}&comments={$comments}';</SCRIPT>"; }
/** * Saves the record on an edit form submit * @param database A database connector object */ function saveWeblink($option) { global $database, $my, $mosConfig_absolute_path, $mosConfig_mailfrom; if ($my->gid < 1) { mosNotAuth(); return; } $row = new mosWeblink($database); if (!$row->bind($_POST, "approved published")) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // sanitize $row->id = intval($row->id); $isNew = $row->id < 1; $row->date = date("Y-m-d H:i:s"); $row->title = $database->getEscaped($row->title); $row->catid = $database->getEscaped($row->catid); if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->checkin(); // messaging for new items require_once $mosConfig_absolute_path . '/components/com_messages/messages.class.php'; $query = "SELECT id,email FROM #__users WHERE sendEmail = '1'"; $database->setQuery($query); $rows = $database->loadObjectList(); foreach ($rows as $user) { // admin message $msg = new mosMessage($database); $msg->send($my->id, $user->id, T_("New Item"), sprintf(T_('A new WebLink has been submitted by [ %s ] titled [ %s ] '), $my->username, $row->title)); // email message mosMail($mosConfig_mailfrom, $mosConfig_mailfrom, $user->email, "A new Web Link has been submitted", 'A new WebLink has been submitted by [' . $my->username . '] titled [' . $row->title . ']. Please login to view and approve it.'); } $msg = $isNew ? T_('Thanks for your submission; it will be reviewed before being posted to the site.') : ''; $Itemid = mosGetParam($_POST, 'Returnid', ''); mosRedirect('index.php?Itemid=' . $Itemid, $msg); }
/** * Mail function (uses phpMailer) * * @param string $from From e-mail address * @param string $fromName From name * @param mixed $recipient Recipient e-mail address(es) * @param string $subject E-mail subject * @param string $body Message body * @param bool|int $mode false = plain text, true = HTML * @param mixed $cc CC e-mail address(es) * @param mixed $bcc BCC e-mail address(es) * @param mixed $attachment Attachment file name(s) * @param mixed $replyTo Reply to email address(es) * @param mixed $replyToName Reply to name(s) * @return boolean True on success */ public static function send($from, $fromName, $recipient, $subject, $body, $mode = 0, $cc = NULL, $bcc = NULL, $attachment = NULL, $replyTo = NULL, $replyToName = NULL) { if (JCOMMENTS_JVERSION == '1.5') { return JUTility::sendMail($from, $fromName, $recipient, $subject, $body, $mode, $cc, $bcc, $attachment, $replyTo, $replyToName); } else { if (JCOMMENTS_JVERSION == '1.7') { $mailer = JFactory::getMailer(); return $mailer->sendMail($from, $fromName, $recipient, $subject, $body, $mode, $cc, $bcc, $attachment, $replyTo, $replyToName); } } return mosMail($from, $fromName, $recipient, $subject, $body, $mode, $cc, $bcc, $attachment, $replyTo, $replyToName); }
function writeLogs($list, $log_simple, $log_detailed) { if (ACA_CMSTYPE) { $database =& JFactory::getDBO(); } else { global $database; } //endif if ($GLOBALS[ACA . 'send_log_simple']) { $send = $log_simple; } else { $send = $log_detailed; } if (lisType::sendLogs($list->list_type)) { $database->setQuery("SELECT * FROM `#__users` WHERE `gid` = 25 LIMIT 1"); if (ACA_CMSTYPE) { // joomla 15 $admin = $database->loadObject(); $owner = subscribers::getSubscriberInfoFromUserId($list->owner); if ($GLOBALS[ACA . 'send_log'] == 1) { if (!empty($owner->email)) { JUTility::sendMail($admin->email, $admin->username, $owner->email, 'Acajoom mailing report', $send); } else { JUTility::sendMail($admin->email, $admin->username, $admin->email, 'Acajoom mailing report', $send); } } else { if ($GLOBALS[ACA . 'send_log_closed'] == 1 && connection_aborted()) { if (!empty($owner->email)) { JUTility::sendMail($admin->email, $admin->username, $owner->email, 'Acajoom mailing report', $send); } else { JUTility::sendMail($admin->email, $admin->username, $admin->email, 'Acajoom mailing report', $send); } } } } else { //joomla 1x $database->loadObject($admin); $owner = subscribers::getSubscriberInfoFromUserId($list->owner); if ($GLOBALS[ACA . 'send_log'] == 1) { if (!empty($owner->email)) { mosMail($admin->email, $admin->username, $owner->email, 'Acajoom mailing report', $send); } else { mosMail($admin->email, $admin->username, $admin->email, 'Acajoom mailing report', $send); } } else { if ($GLOBALS[ACA . 'send_log_closed'] == 1 && connection_aborted()) { if (!empty($owner->email)) { mosMail($admin->email, $admin->username, $owner->email, 'Acajoom mailing report', $send); } else { mosMail($admin->email, $admin->username, $admin->email, 'Acajoom mailing report', $send); } } } } //endif } if ($GLOBALS[ACA . 'save_log']) { if ($GLOBALS[ACA . 'save_log_simple']) { @file_put_contents(ACA_JPATH_ROOT_NO_ADMIN . $GLOBALS[ACA . 'save_log_file'], $log_simple, FILE_APPEND); } else { @file_put_contents(ACA_JPATH_ROOT_NO_ADMIN . $GLOBALS[ACA . 'save_log_file'], $log_detailed, FILE_APPEND); } } }
function writeLogs($list, $log_simple, $log_detailed) { global $database; if ($GLOBALS[ACA . 'send_log_simple']) { $send = $log_simple; } else { $send = $log_detailed; } if (lisType::sendLogs($list->list_type)) { $database->setQuery("SELECT * FROM `#__users` WHERE `gid` = 25 LIMIT 1"); $database->loadObject($admin); if ($GLOBALS[ACA . 'send_log'] == 1) { $owner = subscribers::getSubscriberIdFromUserId($list->owner, false); if (!empty($owner->email)) { mosMail($admin->email, $admin->username, $owner->email, 'Acajoom mailing report', $send); } else { mosMail($admin->email, $admin->username, $admin->email, 'Acajoom mailing report', $send); } } else { if ($GLOBALS[ACA . 'send_log_closed'] == 1 && connection_aborted()) { if (!empty($owner->email)) { mosMail($admin->email, $admin->username, $owner->email, 'Acajoom mailing report', $send); } else { mosMail($admin->email, $admin->username, $admin->email, 'Acajoom mailing report', $send); } } } } if ($GLOBALS[ACA . 'save_log']) { if ($GLOBALS[ACA . 'save_log_simple']) { @file_put_contents($GLOBALS['mosConfig_absolute_path'] . $GLOBALS[ACA . 'save_log_file'], $log_simple, FILE_APPEND); } else { @file_put_contents($GLOBALS['mosConfig_absolute_path'] . $GLOBALS[ACA . 'save_log_file'], $log_detailed, FILE_APPEND); } } }
function saveRegistration() { global $database, $acl; global $mosConfig_sitename, $mosConfig_live_site, $mosConfig_useractivation, $mosConfig_allowUserRegistration; global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_mailfrom, $mosConfig_fromname; if ($mosConfig_allowUserRegistration == 0) { mosNotAuth(); return; } // simple spoof check security josSpoofCheck(); $row = new mosUser($database); if (!$row->bind($_POST, 'usertype')) { mosErrorAlert($row->getError()); } $row->name = trim($row->name); $row->email = trim($row->email); $row->username = trim($row->username); $row->password = trim($row->password); mosMakeHtmlSafe($row); $row->id = 0; $row->usertype = ''; $row->gid = $acl->get_group_id('Registered', 'ARO'); if ($mosConfig_useractivation == 1) { $row->activation = md5(mosMakePassword()); $row->block = '1'; } if (!$row->check()) { echo "<script> alert('" . html_entity_decode($row->getError()) . "'); window.history.go(-1); </script>\n"; exit; } $pwd = $row->password; $salt = mosMakePassword(16); $crypt = md5($row->password . $salt); $row->password = $crypt . ':' . $salt; $row->registerDate = date('Y-m-d H:i:s'); if (!$row->store()) { echo "<script> alert('" . html_entity_decode($row->getError()) . "'); window.history.go(-1); </script>\n"; exit; } $row->checkin(); $name = trim($row->name); $email = trim($row->email); $username = trim($row->username); $subject = sprintf(_SEND_SUB, $name, $mosConfig_sitename); $subject = html_entity_decode($subject, ENT_QUOTES); if ($mosConfig_useractivation == 1) { $message = sprintf(_USEND_MSG_ACTIVATE, $name, $mosConfig_sitename, $mosConfig_live_site . "/index.php?option=com_registration&task=activate&activation=" . $row->activation, $mosConfig_live_site, $username, $pwd); } else { $message = sprintf(_USEND_MSG, $name, $mosConfig_sitename, $mosConfig_live_site); } $message = html_entity_decode($message, ENT_QUOTES); // check if Global Config `mailfrom` and `fromname` values exist if ($mosConfig_mailfrom != '' && $mosConfig_fromname != '') { $adminName2 = $mosConfig_fromname; $adminEmail2 = $mosConfig_mailfrom; } else { // use email address and name of first superadmin for use in email sent to user $query = "SELECT name, email" . "\n FROM #__users" . "\n WHERE LOWER( usertype ) = 'superadministrator'" . "\n OR LOWER( usertype ) = 'super administrator'"; $database->setQuery($query); $rows = $database->loadObjectList(); $row2 = $rows[0]; $adminName2 = $row2->name; $adminEmail2 = $row2->email; } // Send email to user mosMail($adminEmail2, $adminName2, $email, $subject, $message); // Send notification to all administrators $subject2 = sprintf(_SEND_SUB, $name, $mosConfig_sitename); $message2 = sprintf(_ASEND_MSG, $adminName2, $mosConfig_sitename, $row->name, $email, $username); $subject2 = html_entity_decode($subject2, ENT_QUOTES); $message2 = html_entity_decode($message2, ENT_QUOTES); // get email addresses of all admins and superadmins set to recieve system emails $query = "SELECT email, sendEmail" . "\n FROM #__users" . "\n WHERE ( gid = 24 OR gid = 25 )" . "\n AND sendEmail = 1" . "\n AND block = 0"; $database->setQuery($query); $admins = $database->loadObjectList(); foreach ($admins as $admin) { // send email to admin & super admin set to recieve system emails mosMail($adminEmail2, $adminName2, $admin->email, $subject2, $message2); } if ($mosConfig_useractivation == 1) { echo _REG_COMPLETE_ACTIVATE; } else { echo _REG_COMPLETE; } }
function sendEmail($gid) { DOCMAN_token::check() or die('Invalid Token'); // this is a generic mass mail sender to groups members. // From frontend you will find a email to group function specific for a document. global $database, $my, $mosConfig_sitename; global $mosConfig_mailfrom, $mosConfig_fromname; $this_index = 'index2.php?option=com_docman§ion=groups'; $message = mosGetParam($_POST, "mm_message", ''); $subject = mosGetParam($_POST, "mm_subject", ''); $leadin = mosGetParam($_POST, "mm_leadin", ''); if (!$message || !$subject) { mosRedirect($this_index . '&task=emailgroup&gid=' . $gid, _DML_FILL_FORM); } $usertmp = trim(strtolower($my->usertype)); if ($usertmp != "super administrator" && $usertmp != "superadministrator" && $usertmp != "manager") { mosRedirect("index2.php", _DML_ONLY_ADMIN_EMAIL); } // Get the 'TO' list of addresses $database->setQuery("SELECT * " . "\n FROM #__docman_groups " . "\n WHERE groups_id=" . (int) $gid); $email_group = $database->loadObjectList(); $database->setQuery("SELECT id,name,username,email " . "\n FROM #__users" . "\n WHERE id in ( " . $email_group[0]->groups_members . ")" . "\n AND email !=''"); $listofusers = $database->loadObjectList(); if (!count($listofusers)) { mosRedirect($this_index, _DML_NO_TARGET_EMAIL . " " . $email_groups[0]->name); } // Get 'FROM' sending email address (Use default) if (!$mosConfig_mailfrom) { $database->setQuery("SELECT email " . "\n FROM #__users " . "\n WHERE id=" . $my->id); $my->email = $database->loadResult(); echo $database->getErrorMsg(); $mosConfig_mailfrom = $my->email; } // Build e-mail message format $message = ($leadin ? stripslashes($leadin) . "\r\n\r\n" : '') . stripslashes($message); $subject = stripslashes($subject); // ------- Obsolete: ...kept for historical purposes.... // $headers = "MIME-Version: 1.0\r\n" // . "From: " .$mosConfig_sitename." <".$my->email.">\r\n" // . "Reply-To: ".$mosConfig_sitename." <".$my->email.">\r\n" // . "X-Priority: 3\r\n" // . "X-MSMail-Priority: Low\r\n" // . "X-Mailer: DOCman\r\n" // ; // mail($emailtosend->email, $subject, $message, $headers); // TO: SUBJECT: (message) Headers // ------------ Send email using standard mosMail function foreach ($listofusers as $emailtosend) { mosMail($mosConfig_mailfrom, $mosConfig_fromname, $emailtosend->email, $subject, $message); } mosRedirect($this_index, _DML_EMAIL_SENT_TO . " " . count($listofusers) . " " . _DML_USERS); }
/** * Add a comment to the medium. * * @param string $uname * @param string $comment * @return void * @access public */ function addComment($uname, $comment) { global $database, $zoom, $Itemid, $catid, $key, $mainframe, $mosConfig_live_site; $comment = str_replace("'", "'", $comment); if (!$zoom->EditMon->isEdited($this->_id, 'comment')) { $uname = $zoom->cleanString($uname); $comment = $zoom->cleanString($comment); if (strlen($comment) > $zoom->_CONFIG['cmtLength']) { $comment = substr($comment, 0, $zoom->_CONFIG['cmtLength'] - 4) . "..."; } $database->setQuery("INSERT INTO #__zoom_comments (imgid,cmtname,cmtcontent,cmtdate) VALUES ('" . $this->_id . "','" . $zoom->escapeString($uname) . "','" . $zoom->escapeString($comment) . "', NOW() )"); $database->query(); $zoom->EditMon->setEditMon($this->_id, 'comment'); $subject = "New comments added!"; $body = "Name: " . $uname . "\n\nComment: " . $comment . "\n\nLink: " . sefReltoAbs($mosConfig_live_site . "/index.php?option=com_zoom&Itemid=" . $Itemid . "&page=view&catid=" . $catid . "&key=" . $key); $database->setQuery("SELECT b.email AS email FROM #__zoomfiles a, #__users b WHERE a.imgid=" . $this->_id . " AND a.uid=b.id"); $result = $database->loadResult(); $sentmail = mosMail('', '', $result, $subject, $body); echo "<script language=\"JavaScript\" type=\"text/JavaScript\"> alert('" . html_entity_decode(_ZOOM_ALERT_COMMENTOK) . "'); </script>"; } else { echo "<script language=\"JavaScript\" type=\"text/JavaScript\"> alert('" . html_entity_decode(_ZOOM_ALERT_COMMENTERROR) . "'); </script>"; } // reload/ refill comments array... $this->getComments(); }
function sendMail($mail) { $app =& JFactory::getApplication(); $sent = mosMail($app->getCfg('mailfrom'), $app->getCfg('fromname'), $mail->mail_address, $mail->mail_subject, $mail->mail_body); if (!$sent) { $query = "UPDATE #__lms_notifications SET sent=-1 WHERE id={$mail->id}"; } else { $query = "UPDATE #__lms_notifications SET sent=1 WHERE id={$mail->id}"; } $this->db->setQuery($query); $this->db->query(); }
function saveMessage($option) { global $database, $mainframe, $my, $mosConfig_absolute_path; global $mosConfig_mailfrom, $mosConfig_fromname; require_once $mosConfig_absolute_path . "/includes/mambofunc.php"; $row = new mosMessage($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } require_once mamboCore::get('mosConfig_absolute_path') . '/includes/phpInputFilter/class.inputfilter.php'; $iFilter = new InputFilter(null, null, 1, 1); $row->subject = trim($iFilter->process($row->subject)); $row->message = trim($iFilter->process($row->message)); if (!$row->send()) { mosRedirect("index2.php?option=com_messages&mosmsg=" . $row->getError()); } $msg = $row->subject . ' - ' . $row->message; $sql = "SELECT a.id, a.name, a.email" . "\nFROM #__users AS a" . "\nWHERE a.sendEmail = '1'" . "\nAND a.id = '" . $row->user_id_to . "'"; $database->setQuery($sql); $rows = $database->loadObjectList(); if ($rows) { foreach ($rows as $row) { $recipient = $row->email; $subject = "New private message from " . $row->name; mosMail($mosConfig_mailfrom, $mosConfig_fromname, $recipient, $subject, $msg); } } mosRedirect("index2.php?option=com_messages"); }
function saveRegistration($option) { global $database, $my, $acl; global $mosConfig_sitename, $mosConfig_live_site, $mosConfig_useractivation, $mosConfig_allowUserRegistration; global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_mailfrom, $mosConfig_fromname; if ($mosConfig_allowUserRegistration == '0') { mosNotAuth(); return; } $row = new mosUser($database); if (!$row->bind($_POST, 'usertype')) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } mosMakeHtmlSafe($row); $row->id = 0; $row->usertype = 'Registered'; $row->gid = $acl->get_group_id('Registered', 'ARO'); if ($mosConfig_useractivation == '1') { $row->activation = md5(mosMakePassword()); $row->block = '1'; } if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $pwd = $row->password; $row->password = md5($row->password); $row->registerDate = date("Y-m-d H:i:s"); if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->checkin(); $name = $row->name; $email = $row->email; $username = $row->username; $subject = sprintf(T_('Account details for %s at %s'), $name, $mosConfig_sitename); $subject = html_entity_decode($subject, ENT_QUOTES); $mambothandler =& mosMambotHandler::getInstance(); $mambothandler->loadBotGroup('authenticator'); if ($mosConfig_useractivation == "1") { $message = sprintf(T_('Hello %s, Thank you for registering at %s. Your account has been created but, as a precaution, it must be activated by you before you can use it. To activate the account click on the following link or copy and paste it in your browser: %s After activation you may login to %s using the following username and password: Username - %s Password - %s'), $name, $mosConfig_sitename, $mosConfig_live_site . "/index.php?option=com_registration&task=activate&activation=" . $row->activation, $mosConfig_live_site, $username, $pwd); $loginfo = new mosLoginDetails($username, $pwd); $mambothandler->trigger('userRegister', array($loginfo)); } else { $message = sprintf(T_("Hello %s,\n\nThank you for registering at %s.\n\nYou may now login to %s using the username and password you registered with."), $name, $mosConfig_sitename, $mosConfig_live_site); $loginfo = new mosLoginDetails($username, $pwd); $mambothandler->trigger('userRegister', array($loginfo)); $mambothandler->trigger('userActivate', array($loginfo)); } $message = html_entity_decode($message, ENT_QUOTES); // Send email to user if ($mosConfig_mailfrom != "" && $mosConfig_fromname != "") { $adminName2 = $mosConfig_fromname; $adminEmail2 = $mosConfig_mailfrom; } else { $database->setQuery("SELECT name, email FROM #__users" . "\n WHERE usertype='super administrator'"); $rows = $database->loadObjectList(); $row2 = $rows[0]; $adminName2 = $row2->name; $adminEmail2 = $row2->email; } mosMail($adminEmail2, $adminName2, $email, $subject, $message); // Send notification to all administrators $subject2 = sprintf(T_('Account details for %s at %s'), $name, $mosConfig_sitename); $message2 = sprintf(T_('Hello %s, A new user has registered at %s. This email contains their details: Name - %s e-mail - %s Username - %s Please do not respond to this message as it is automatically generated and is for information purposes only'), $adminName2, $mosConfig_sitename, $row->name, $email, $username); $subject2 = html_entity_decode($subject2, ENT_QUOTES); $message2 = html_entity_decode($message2, ENT_QUOTES); // get superadministrators id $admins = $acl->get_group_objects(25, 'ARO'); foreach ($admins['users'] as $id) { $database->setQuery("SELECT email, sendEmail FROM #__users" . "\n WHERE id='{$id}'"); $rows = $database->loadObjectList(); $row = $rows[0]; if ($row->sendEmail) { mosMail($adminEmail2, $adminName2, $row->email, $subject2, $message2); } } if ($mosConfig_useractivation == "1") { echo '<div class="componentheading">' . T_('Registration Complete') . '</div><br />'; echo T_('Your account has been created and an activation link has been sent to the e-mail address you entered. Note that you must activate the account by clicking on the activation link before you can login.'); } else { echo '<div class="componentheading">' . T_('Registration Complete') . '</div><br />'; echo T_('You may now login.'); } }
function saveUser($option, $task) { global $database, $my, $acl; global $mosConfig_live_site, $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_sitename; $row = new mosUser($database); if (!$row->bind($_POST)) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // sanitize $row->id = intval($row->id); $row->gid = intval($row->gid); $isNew = !$row->id; $pwd = ''; // disallow super administrator blocking self $super_gid = $acl->get_group_id('super administrator'); if ($row->id == $my->id && $my->gid == $super_gid) { $row->block = 0; } // MD5 hash convert passwords if ($isNew) { // new user stuff if ($row->password == '') { $pwd = mosMakePassword(); $row->password = md5($pwd); } else { $pwd = $row->password; $row->password = md5($row->password); } $row->registerDate = date('Y-m-d H:i:s'); } else { // existing user stuff if ($row->password == '') { // password set to null if empty $row->password = null; } else { $pwd = $row->password; $row->password = md5($pwd); } } // save usertype to usetype column $query = "SELECT name" . "\n FROM #__core_acl_aro_groups" . "\n WHERE group_id = {$row->gid}"; $database->setQuery($query); $usertype = $database->loadResult(); $row->usertype = $usertype; if (!$row->check()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n"; exit; } if (!$row->store()) { echo "<script> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n"; exit; } $row->checkin(); $loginfo = new mosLoginDetails($row->username, $pwd); $mambothandler =& mosMambotHandler::getInstance(); $mambothandler->loadBotGroup('authenticator'); // update the ACL if (!$isNew) { if ($pwd) { $mambothandler->trigger('userChange', array($loginfo)); } if ($row->block) { $mambothandler->trigger('userBlock', array($loginfo)); } else { $mambothandler->trigger('userUnblock', array($loginfo)); } $query = "SELECT aro_id FROM #__core_acl_aro WHERE value='{$row->id}'"; $database->setQuery($query); $aro_id = $database->loadResult(); $query = "UPDATE #__core_acl_groups_aro_map" . "\n SET group_id = '{$row->gid}'" . "\n WHERE aro_id = '{$aro_id}'"; $database->setQuery($query); $database->query() or die($database->stderr()); } // for new users, email username and password if ($isNew) { $mambothandler->trigger('userRegister', array($loginfo)); $mambothandler->trigger('userActivate', array($loginfo)); if ($row->block) { $mambothandler->trigger('userBlock', array($loginfo)); } $query = "SELECT email FROM #__users WHERE id={$my->id}"; $database->setQuery($query); $adminEmail = $database->loadResult(); $subject = T_('New User Details'); $message = sprintf(T_('Hello %s, You have been added as a user to %s by an Administrator. This email contains your username and password to log into the %s Username - %s Password - %s Please do not respond to this message as it is automatically generated and is for information purposes only'), $row->name, $mosConfig_sitename, $mosConfig_live_site, $row->username, $pwd); if ($mosConfig_mailfrom != "" && $mosConfig_fromname != "") { $adminName = $mosConfig_fromname; $adminEmail = $mosConfig_mailfrom; } else { $query = "SELECT name, email FROM #__users WHERE usertype='super administrator'"; $database->setQuery($query); $rows = $database->loadObjectList(); $row = $rows[0]; $adminName = $row->name; $adminEmail = $row->email; } mosMail($adminEmail, $adminName, $row->email, $subject, $message); } switch ($task) { case 'apply': $msg = sprintf(T_('Successfully Saved changes to User: %s'), $row->name); mosRedirect('index2.php?option=com_users&task=editA&hidemainmenu=1&id=' . $row->id, $msg); case 'save': default: $msg = sprintf(T_('Successfully Saved User: %s'), $row->name); mosRedirect('index2.php?option=com_users', $msg); break; } }
/** * Send the ecard(-link) to the friend the user entered. * * @return boolean * @access public */ function send() { global $mosConfig_live_site, $mosConfig_host, $Itemid, $_SERVER; $messageUrl = sefRelToAbs($mosConfig_live_site . "/index.php?option=com_zoom&Itemid=" . $Itemid . "&page=ecard&task=viewcard&ecdid=" . $this->_id); $subject = _ZOOM_ECARD_SUBJ . " " . $this->_from_name; $msg = "{$this->_to_name},\n\n"; $msg .= $this->_from_name . " " . _ZOOM_ECARD_MSG1 . " " . $mosConfig_live_site . "\n\n"; $msg .= html_entity_decode(_ZOOM_ECARD_MSG2) . "\n\n"; $msg .= "URL: {$messageUrl}\n\n"; $msg .= html_entity_decode(_ZOOM_ECARD_MSG3) . "\n"; $msg .= "\n\n\n\n\n"; $msg .= "------------------------------------------------------------------------------------------------------------------\n"; $msg .= "| zOOm Media Gallery! - a multi-gallery component\n"; $msg .= "| copyright (C) 2004-2006 by Mike de Boer, http://www.zoomfactory.org\n"; $msg .= "------------------------------------------------------------------------------------------------------------------"; $from = $mosConfig_live_site; if (mosMail($this->_from_email, $this->_from_name, $this->_to_email, $subject, $msg)) { return true; } else { return false; } }