// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA use WT\Auth; use WT\Log; use WT\User; define('WT_SCRIPT_NAME', 'message.php'); require './includes/session.php'; // Some variables are initialised from GET (so we can set initial values in URLs), // but are submitted in POST so we can have long body text. $subject = WT_Filter::post('subject', null, WT_Filter::get('subject')); $body = WT_Filter::post('body'); $from_name = WT_Filter::post('from_name'); $from_email = WT_Filter::post('from_email'); $action = WT_Filter::post('action', 'compose|send', 'compose'); $to = WT_Filter::post('to', null, WT_Filter::get('to')); $method = WT_Filter::post('method', 'messaging|messaging2|messaging3|mailto|none', WT_Filter::get('method', 'messaging|messaging2|messaging3|mailto|none', 'messaging2')); $url = WT_Filter::postUrl('url', WT_Filter::getUrl('url')); $controller = new WT_Controller_Simple(); $controller->setPageTitle(WT_I18N::translate('webtrees message')); $to_user = User::findByIdentifier($to); // Only admins can send broadcast messages if ((!$to_user || $to == 'all' || $to == 'last_6mo' || $to == 'never_logged') && !Auth::isAdmin()) { // TODO, what if we have a user called "all" or "last_6mo" or "never_logged" ??? WT_FlashMessages::addMessage(WT_I18N::translate('Message was not sent')); $controller->pageHeader(); $controller->addInlineJavascript('window.opener.location.reload(); window.close();'); exit; } $errors = ''; // Is this message from a member or a visitor? if (WT_USER_ID) { $from = WT_USER_NAME;