if (!$mail->send()) {
echo 'Message could not be sent.';
echo 'Mailer Error: ' . $mail->ErrorInfo;
} else {
echo 'Message has been sent';
}
}
function render_template($tmpl)
{
if ($tmpl != 'default') {
$str = file_get_contents($tmpl);
$obj = json_decode($str, true);
if (!isset($obj['template'])) {
die("Шаблон поврежден. Неудается прочитать");
}
$overload = str_replace(["\r", "\n"], "\n", $obj['template']);
global $title;
$title = $obj['title'];
}
ob_start();
include 'template.php';
$rendered = ob_get_contents();
ob_end_clean();
return $rendered;
}
$html = render_template($_GET['template']);
if (!isset($title)) {
$title = "Посмотрите правде в глаза – ваше производство скоро вымрет.";
}
smtp_send($_GET['to'], $title, $html);
function rescue_item($user_id, $mail_id, $resend = false)
{
global $dbh, $logger;
$sth = $dbh->prepare("SELECT sender_email, contents, " . "envelope_to, maia_mail_recipients.type " . "FROM maia_mail, maia_mail_recipients " . "WHERE maia_mail.id = maia_mail_recipients.mail_id " . "AND maia_mail_recipients.recipient_id = ? " . "AND maia_mail_recipients.mail_id = ?");
$res = $sth->execute(array($user_id, $mail_id));
if (PEAR::isError($sth)) {
die($sth->getMessage());
}
if ($row = $res->fetchrow()) {
$sender_email = $row["sender_email"];
$body = $row["contents"];
$type = $row["type"];
if (extension_loaded('mcrypt')) {
if (text_is_encrypted($body)) {
$key = get_encryption_key();
$body = decrypt_text($key, $body);
}
}
if (is_a_domain_default_user($user_id)) {
// System default user (@.) or domain-class user (e.g. @domain)
$my_email_address = $row["envelope_to"];
} else {
// Regular user (e.g. user@domain)
$rlist = explode(" ", trim($row["envelope_to"]));
$sth2 = $dbh->prepare("SELECT email FROM users " . "WHERE maia_user_id = ? " . "AND email = ?");
$my_email_address = "";
foreach ($rlist as $rmail) {
$res2 = $sth2->execute(array($user_id, $rmail));
if (PEAR::isError($sth2)) {
die($sth2->getMessage());
}
if ($row2 = $res2->fetchrow()) {
$my_email_address = $row2["email"];
break;
}
}
$sth2->free();
}
if (!empty($my_email_address)) {
if ($resend || $type != 'P') {
// don't send if it is a labeled fp
$smtp_result = smtp_send($sender_email, $my_email_address, $body);
} else {
$smtp_result = "200 no delivery needed";
}
if (($succeeded = strncmp($smtp_result, "2", 1) == 0) || $type == 'P') {
if (!$resend) {
if ($type == 'S' || $type == 'P') {
record_mail_stats($user_id, $mail_id, "fp");
if (get_user_value($user_id, "auto_whitelist") == "Y") {
add_address_to_wb_list($user_id, $sender_email, "W");
}
}
set_item_confirmations('G', $user_id, $mail_id);
}
} else {
$logger->err("rescue attempt failed! " . $smtp_result);
}
} else {
$smtp_result = $lang['text_rescue_error'] . "(EmptyAddress)";
// code really shouldn't be here.
}
} else {
$smtp_result = $lang['text_rescue_error'] . "(MessageNotFound)";
// code really shouldn't be here.
}
$sth->free();
$logger->info($smtp_result);
return $smtp_result;
}
function send_email($p, &$error = null, $mail_type = null)
{
if (empty($mail_type) and function_exists('send_email_type')) {
$mail_type = send_email_type();
}
if (function_exists('send_email_subject')) {
$p['subject'] = send_email_subject($p);
}
$n = 0;
if (!isset($p['emails']) or !is_array_full(array_keys($p['emails']))) {
$error = 'You must send emails to the emailer as an array, even for single email addresses. If you don't know what this means, contact your website manager.';
return false;
}
// this bit is only needed until we've updated all other sites to use new email assoc format
$first = reset($p['emails']);
if (make_email($first)) {
$temp = array();
foreach ($p['emails'] as $name => $email) {
$temp[$email] = $name;
}
$p['emails'] = $temp;
unset($temp);
}
//
if (!defined('EMAIL_SEND')) {
if (!isset($p['headers'])) {
$headers = mail_headers();
}
foreach ($p['emails'] as $email => $name) {
log_email($name . ' <' . $email . '>', $p['subject'], $p['message'], $headers);
$n++;
}
} else {
switch ($mail_type) {
case 'func':
$func = send_email_func();
if (!$func($p, $error)) {
return false;
}
break;
case 'gmail':
if (!gmail_send($p, $error)) {
return false;
}
break;
case 'sendgrid':
if (!sendgrid_send($p, $error)) {
return false;
}
break;
case 'smtp':
if (!smtp_send($p, $error)) {
return false;
}
break;
case 'sendmail':
default:
if (!is_array_full($p['emails'])) {
$error = 'You must send emails to the emailer as an array, even for single email addresses. If you don't know what this means, contact your website manager.';
return false;
}
if (!isset($p['headers'])) {
$p['headers'] = mail_headers();
}
foreach ($p['emails'] as $email => $name) {
if (@mail($email, $p['subject'], $p['message'], $p['headers'])) {
$n++;
} else {
$errors[] = $email;
}
}
if (!empty($errors)) {
$error = 'The email message could not be sent to the following addresses.</p><ul><li>' . implode('</li><li>', $errors) . '</li></ul><p>';
return false;
}
break;
}
}
return true;
}
$title = mysql_escape_string(htmlentities(trim($_POST['title'])));
$caption = mysql_escape_string(nl2br(htmlentities(trim($_POST['caption']))));
$category = get_category_by_category_id($_POST['category_id'], $db_read);
if (validate_title($title) == false) {
show_error_redirect_back("Invalid title. Titles have to be 0-{$max_length_title} characters.");
}
if (validate_comment($caption) == false) {
show_error_redirect_back("Invalid caption. Captions have to be 0-{$max_length_comment} characters.");
}
# Make sure he's uploading to his own category
$result = try_mysql_query("SELECT * FROM categories WHERE user_id='" . $me['user_id'] . "' AND category_id='" . $category['category_id'] . "'", $db_read);
if (mysql_num_rows($result) == 0) {
show_error_redirect_back("Invalid category.");
}
mysql_free_result($result);
# Insert the new picture
try_mysql_query("INSERT INTO pictures (category_id, title, filename, caption, date_added) VALUES ('" . $category['category_id'] . "', '{$title}', '{$image_filename}', '{$caption}', NOW())", $db_write);
$picture_id = mysql_insert_id($db_write);
# Update the las modified category (used for the default selection in the category combo)
try_mysql_query("UPDATE users SET last_category='" . $category['category_id'] . "' WHERE user_id='" . $me['user_id'] . "'", $db_write);
# Update the last modified time for the private user/category
try_mysql_query("UPDATE users SET last_updated=NOW() WHERE user_id='" . $me['user_id'] . "'", $db_write);
try_mysql_query("UPDATE categories SET last_updated=NOW() WHERE category_id='" . $category['category_id'] . "'", $db_write);
# Set the last modified time for the public user/category
if ($category['private'] != '1') {
try_mysql_query("UPDATE users SET last_updated_public=NOW() WHERE user_id='" . $me['user_id'] . "'", $db_write);
try_mysql_query("UPDATE categories SET last_updated_public=NOW() WHERE category_id='" . $category['category_id'] . "'", $db_write);
}
$user_ids = get_emails_notify_pictures($db_read);
smtp_send($user_ids, "OSPAP - New Picture", "New picture notification", "A new picture has been posted in " . $me['username'] . "'s category, " . $category['name'] . "! Here is a link to it:\n\n" . get_full_path_to("show_picture.php?picture_id=" . $picture_id) . "\n\nTitle: {$title}\n\nCaption:\n{$caption}\n\nNote: this is an automatic email, please don't reply.");
show_message_redirect("Picture successfully uploaded", "show_category.php?category_id=" . $category['category_id']);
list($password, $digest) = generate_random_password();
$sth = $dbh->prepare("UPDATE maia_users SET password = ? WHERE id = ?");
$sth->execute(array($digest, $new_user_id));
if (PEAR::isError($sth)) {
die($sth->getMessage());
}
$sth->free();
$fh = fopen($newuser_template_file, "r");
if ($fh) {
$body = fread($fh, filesize($newuser_template_file));
fclose($fh);
$body = preg_replace("/%%ADMINEMAIL%%/", $admin_email, $body);
$body = preg_replace("/%%LOGIN%%/", $username, $body);
$body = preg_replace("/%%PASSWORD%%/", $password, $body);
$body = preg_replace("/%%LOGINURL%%/", $reminder_login_url, $body);
$result = smtp_send($admin_email, $new_email, $body);
if (strncmp($result, "2", 1) != 0) {
$smarty->assign("error", $result);
}
} else {
$smarty->assign("error", "Unable to open newuser.tpl template file: Please check you path and permissions.");
}
} else {
$smarty->assign("submitted", false);
$sth = $dbh->prepare("SELECT admin_email, " . "reminder_login_url, " . "newuser_template_file, " . "smtp_server, " . "smtp_port " . "FROM maia_config WHERE id = 0");
$res = $sth->execute();
if (PEAR::isError($sth)) {
die($sth->getMessage());
}
if ($row = $res->fetchrow()) {
$admin_email = $row["admin_email"];
public static function attemptRecover($strName)
{
$objUser = clsUser::getByName($strName);
if ($objUser == null) {
return 'forgot_unknown';
}
if ($objUser->get('email') == '') {
return 'forgot_noemail';
}
$strNewPassword = '';
for ($i = 0; $i < 20; $i++) {
$strNewPassword .= substr('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', rand(0, 61), 1);
}
$objUser->set('temp_password', md5($strNewPassword));
$objUser->set('temp_password_date', date('Y-m-d H:i:s', time()));
$objUser->save();
$strMessage = "Your password for " . SITE_NAME . " has been reset to:\r\n\r\n";
$strMessage .= $strNewPassword . "\r\n\r\n";
$strMessage .= "This password will expire soon, so be sure to change it.\r\n";
return smtp_send(array($objUser->get('email')), SITE_NAME, SITE_NAME . ": Forgot Password", $strMessage);
}
# post_comment.php
# Post a comment on an image.
#
header('Pragma: no-cache');
require 'shared.php';
# Make a connection to the database
$db_read = get_db_read();
$db_write = get_db_write();
if (!$me) {
show_error_redirect_back("Please log in first");
}
if (isset($_POST['picture_id']) == false) {
show_error_redirect_back("Couldn't find picture id");
}
if (isset($_POST['comment']) == false) {
show_error_redirect_back("Couldn't find comment");
}
$comment = mysql_escape_string(nl2br(htmlentities(trim($_POST['comment']))));
$picture_id = $_POST['picture_id'];
if (validate_comment($comment) == false) {
show_error_redirect_back("Invalid comment. Comments have to be 0-{$max_length_comment} characters.");
}
if (is_numeric($picture_id) == false) {
show_error_redirect_back("Invalid category.");
}
try_mysql_query("INSERT INTO comments (user_id, picture_id, text, date_added) VALUES ('" . $me['user_id'] . "', '{$picture_id}', '{$comment}', NOW())", $db_write);
$user = get_user_from_picture_id($picture_id, $db_read);
if ($user['notify_comments'] == '1') {
smtp_send(array($user['email']), "OSPAP - New Comment", "New Comment Notification", "A new comment has been posted for one of your pictures! It was posted by " . $me['username'] . " and can be viewed here:\n" . get_full_path_to("show_picture.php?picture_id={$picture_id}") . "\n\nNote: this is an automatic email, please don't reply.");
}
show_message_redirect("Comment added", "show_picture.php?picture_id={$picture_id}#comments");
function subscribe($param)
{
global $sender;
if (preg_match('/\\@hebcal.com$/', $param["em"])) {
form($param, "Sorry, can't use a <strong>hebcal.com</strong> email address.");
}
if ($param["geo"] == "zip") {
if (!$param["zip"]) {
form($param, "Please enter your zip code for candle lighting times.");
}
if (!preg_match('/^\\d{5}$/', $param["zip"])) {
form($param, "Sorry, <strong>" . htmlspecialchars($param["zip"]) . "</strong> does\n" . "not appear to be a 5-digit zip code.");
}
list($city, $state, $tzid, $latitude, $longitude, $lat_deg, $lat_min, $long_deg, $long_min) = hebcal_get_zipcode_fields($param["zip"]);
if (!$state) {
form($param, "Sorry, can't find\n" . "<strong>" . htmlspecialchars($param["zip"]) . "</strong> in the zip code database.\n", "<ul><li>Please try a nearby zip code</li></ul>");
}
$city_descr = "{$city}, {$state} " . $param["zip"];
unset($param["city"]);
unset($param["geonameid"]);
} elseif ($param["geo"] == "geoname") {
if (!$param["geonameid"]) {
form($param, "Please search for your city for candle lighting times.");
}
if (!preg_match('/^\\d+$/', $param["geonameid"])) {
form($param, "Sorry, <strong>" . htmlspecialchars($param["geonameid"]) . "</strong> does\n" . "not appear to be a valid geonameid.");
}
list($name, $asciiname, $country, $admin1, $latitude, $longitude, $tzid) = hebcal_get_geoname($param["geonameid"]);
if (!isset($tzid)) {
form($param, "Sorry, <strong>" . htmlspecialchars($param["geonameid"]) . "</strong> is\n" . "not a recoginized geonameid.");
}
$city_descr = geoname_city_descr($name, $admin1, $country);
unset($param["zip"]);
unset($param["city"]);
} else {
$param["geo"] = "geoname";
form($param, "Sorry, missing location (zip, geonameid) field.");
}
// check for old sub
if (isset($param["prev"]) && $param["prev"] != $param["em"]) {
$info = get_sub_info($param["prev"], false);
if (isset($info["status"]) && $info["status"] == "active") {
sql_unsub($param["prev"]);
}
}
// check if email address already verified
$info = get_sub_info($param["em"], false);
if (isset($info["status"]) && $info["status"] == "active") {
write_sub_info($param);
$from_name = "Hebcal";
$from_addr = "*****@*****.**";
$reply_to = "*****@*****.**";
$subject = "Your subscription is updated";
global $remoteAddr;
$ip = $remoteAddr;
$unsub_addr = "shabbat-unsubscribe+" . $info["id"] . "@hebcal.com";
$headers = array("From" => "\"{$from_name}\" <{$from_addr}>", "To" => $param["em"], "Reply-To" => $reply_to, "List-Unsubscribe" => "<mailto:{$unsub_addr}>", "MIME-Version" => "1.0", "Content-Type" => "text/html; charset=UTF-8", "X-Sender" => $sender, "X-Mailer" => "hebcal web", "Message-ID" => "<Hebcal.Web." . time() . "." . posix_getpid() . "@hebcal.com>", "X-Originating-IP" => "[{$ip}]", "Subject" => $subject);
$body = <<<EOD
<div dir="ltr">
<div>Hello,</div>
<div><br></div>
<div>We have updated your weekly Shabbat candle lighting time
subscription for {$city_descr}.</div>
<div><br></div>
<div>Regards,
<br>hebcal.com</div>
<div><br></div>
<div>To unsubscribe from this list, send an email to:
<br><a href="mailto:shabbat-unsubscribe@hebcal.com">shabbat-unsubscribe@hebcal.com</a></div>
</div>
EOD;
$err = smtp_send(get_return_path($param["em"]), $param["em"], $headers, $body);
$html_email = htmlentities($param["em"]);
$html = <<<EOD
<div class="alert alert-success">
<strong>Success!</strong> Your subsciption information has been updated.
<p>Email: <strong>{$html_email}</strong>
<br>Location: {$city_descr}</p>
</div>
EOD;
echo $html;
return true;
}
if (isset($info["status"]) && $info["status"] == "pending" && isset($info["id"])) {
$old_encoded = $info["id"];
} else {
$old_encoded = null;
}
$encoded = write_staging_info($param, $old_encoded);
$from_name = "Hebcal";
$from_addr = "*****@*****.**";
$subject = "Please confirm your request to subscribe to hebcal";
global $remoteAddr;
$ip = $remoteAddr;
$headers = array("From" => "\"{$from_name}\" <{$from_addr}>", "To" => $param["em"], "MIME-Version" => "1.0", "Content-Type" => "text/html; charset=UTF-8", "X-Sender" => $sender, "X-Mailer" => "hebcal web", "Message-ID" => "<Hebcal.Web." . time() . "." . posix_getpid() . "@hebcal.com>", "X-Originating-IP" => "[{$ip}]", "Subject" => $subject);
$url_prefix = "https://" . $_SERVER["HTTP_HOST"];
$body = <<<EOD
<div dir="ltr">
<div>Hello,</div>
<div><br></div>
<div>We have received your request to receive weekly Shabbat
candle lighting time information from hebcal.com for
{$city_descr}.</div>
<div><br></div>
<div>Please confirm your request by clicking on this link:</div>
<div><br></div>
<div><a href="{$url_prefix}/email/verify.php?{$encoded}">{$url_prefix}/email/verify.php?{$encoded}</a></div>
<div><br></div>
<div>If you did not request (or do not want) weekly Shabbat
candle lighting time information, please accept our
apologies and ignore this message.</div>
<div><br></div>
<div>Regards,
<br>hebcal.com</div>
<div><br></div>
<div>[{$remoteAddr}]</div>
</div>
EOD;
$err = smtp_send(get_return_path($param["em"]), $param["em"], $headers, $body);
$html_email = htmlentities($param["em"]);
if ($err === true) {
$html = <<<EOD
<div class="alert alert-success">
<strong>Thank you!</strong>
A confirmation message has been sent
to <strong>{$html_email}</strong> for {$city_descr}.<br>
Click the link within that message to confirm your subscription.
</div>
<p>If you do not receive this acknowledgment message within an hour
or two, then the most likely problem is that you made a typo
in your email address. If you do not get the confirmation message,
please return to the subscription page and try again, taking care
to avoid typos.</p>
EOD;
} else {
$html = <<<EOD
<div class="alert alert-danger">
<h4>Server Error</h4>
Sorry, we are temporarily unable to send email
to <strong>{$html_email}</strong>.
</div>
<p>Please try again in a few minutes.</p>
<p>If the problem persists, please send email to
<a href="mailto:webmaster@hebcal.com">webmaster@hebcal.com</a>.</p>
EOD;
}
echo $html;
}
$url_prefix = "https://" . $_SERVER["HTTP_HOST"];
$unsub_url = $url_prefix . "/email/?e=" . urlencode(base64_encode($info["em"]));
$unsub_addr = "shabbat-unsubscribe+" . $info["id"] . "@hebcal.com";
$headers = array("From" => "\"{$from_name}\" <{$from_addr}>", "To" => $info["em"], "Reply-To" => $reply_to, "List-Unsubscribe" => "<mailto:{$unsub_addr}>", "MIME-Version" => "1.0", "Content-Type" => "text/plain", "X-Mailer" => "hebcal web", "Message-ID" => "<Hebcal.Web." . time() . "." . posix_getpid() . "@hebcal.com>", "X-Originating-IP" => "[{$ip}]", "Subject" => $subject);
$body = <<<EOD
Hello,
Your subscription request for hebcal is complete.
Regards,
hebcal.com
To modify your subscription or to unsubscribe completely, visit:
{$unsub_url}
EOD;
$err = smtp_send(get_return_path($info["em"]), $info["em"], $headers, $body);
echo html_header_bootstrap3("Email Subscription Confirmed");
?>
<div class="row">
<div class="col-sm-12">
<p class="lead">Confirm your subscription to weekly Shabbat
candle lighting times and Torah portion by email.</p>
<div class="alert alert-success">
<strong>Thank you!</strong> Your subscription is now active.
A confirmation message has been sent
to <strong><?php
echo htmlentities($info["em"]);
?>
</strong>.
</div>
</div><!-- .col-sm-12 -->
