$sAddonName = basename(__DIR__); require WB_PATH . '/modules/' . $sAddonName . '/languages/EN.php'; if (file_exists(WB_PATH . '/modules/' . $sAddonName . '/languages/' . LANGUAGE . '.php')) { require WB_PATH . '/modules/' . $sAddonName . '/languages/' . LANGUAGE . '.php'; } // This code removes any <?php tags and adds slashes $friendly = array('<', '>', '?php'); $raw = array('<', '>', ''); //$header = CleanInput('header'); $header = $admin->StripCodeFromText($admin->get_post('header'), true); //$field_loop = CleanInput('field_loop'); $field_loop = $admin->StripCodeFromText($admin->get_post('field_loop'), true); $footer = $admin->StripCodeFromText($admin->get_post('footer'), true); //$email_to = CleanInput('email_to'); $email_to = $admin->StripCodeFromText($admin->get_post('email_to'), true); $email_to = $admin->StripCodeFromText($email_to != '' ? $email_to : emailAdmin()); $email_from = SERVER_EMAIL; //$use_captcha =CleanInput('use_captcha'); $use_captcha = $admin->StripCodeFromText($admin->get_post('use_captcha'), true); if (isset($_POST['email_fromname_field']) && $_POST['email_fromname_field'] != '') { $email_fromname = $admin->StripCodeFromText($admin->get_post('email_fromname_field'), true); } else { $email_fromname = $admin->StripCodeFromText($admin->get_post('email_fromname'), true); } $email_fromname = $email_fromname != '' ? $email_fromname : WBMAILER_DEFAULT_SENDERNAME; $email_subject = $admin->StripCodeFromText($admin->get_post('email_subject'), true); $success_page = $admin->StripCodeFromText($admin->get_post('success_page'), true); $success_email_to = $admin->StripCodeFromText($admin->get_post('success_email_to'), true); $success_email_from = SERVER_EMAIL; $success_email_fromname = $admin->StripCodeFromText($admin->get_post('success_email_fromname'), true); $success_email_fromname = $success_email_fromname != '' ? $success_email_fromname : $email_fromname;
function emailAdmin() { global $database, $admin; $retval = $admin->get_email(); if ($admin->get_user_id() != '1') { $sql = 'SELECT `email` FROM `' . TABLE_PREFIX . 'users` ' . 'WHERE `user_id`=\'1\' '; $retval = $database->get_one($sql); } return $retval; } } // Get Settings from DB $aSettings[' $sql = 'SELECT * FROM `' . TABLE_PREFIX . 'mod_form_settings` ' . 'WHERE `section_id` = ' . (int) $section_id . ''; if ($oSetting = $database->query($sql)) { $aSettings = $oSetting->fetchRow(MYSQLI_ASSOC); $aSettings['email_to'] = $aSettings['email_to'] != '' ? $aSettings['email_to'] : emailAdmin(); $aSettings['email_subject'] = $aSettings['email_subject'] != '' ? $aSettings['email_subject'] : ''; $aSettings['success_email_subject'] = $aSettings['success_email_subject'] != '' ? $aSettings['success_email_subject'] : ''; $aSettings['success_email_from'] = $admin->add_slashes(SERVER_EMAIL); $aSettings['success_email_fromname'] = $aSettings['success_email_fromname'] != '' ? $aSettings['success_email_fromname'] : WBMAILER_DEFAULT_SENDERNAME; $aSettings['success_email_subject'] = $aSettings['success_email_subject'] != '' ? $aSettings['success_email_subject'] : ''; } // Set raw html <'s and >'s to be replace by friendly html code $raw = array('<', '>'); $friendly = array('<', '>'); /* // check if backend.css file needs to be included into the <body></body> of modify.php if(!method_exists($admin, 'register_backend_modfiles') && file_exists(WB_PATH ."/modules/form/backend.css")) { echo '<style type="text/css">'; include(WB_PATH .'/modules/form/backend.css'); echo "\n</style>\n";
exit($TEXT['UNDER_CONSTRUCTION']); } } $email_body = ''; // Create blank "required" array $required = array(); // Captcha if ($use_captcha) { if (isset($_POST['captcha']) and $_POST['captcha'] != '') { // Check for a mismatch get email user_id if (!isset($_POST['captcha']) or !isset($_SESSION['captcha']) or $_POST['captcha'] != $_SESSION['captcha']) { $replace = array('webmaster_email' => emailAdmin()); $captcha_error = replace_vars($MOD_FORM['INCORRECT_CAPTCHA'], $replace); } } else { $replace = array('webmaster_email' => emailAdmin()); $captcha_error = replace_vars($MOD_FORM['INCORRECT_CAPTCHA'], $replace); } } if (isset($_SESSION['captcha'])) { unset($_SESSION['captcha']); } // Loop through fields and add to message body // Get list of fields $sql = 'SELECT * FROM `' . TABLE_PREFIX . 'mod_form_fields` '; $sql .= 'WHERE `section_id` = ' . (int) $section_id . ' '; $sql .= 'ORDER BY position ASC'; if ($query_fields = $database->query($sql)) { if ($query_fields->numRows() > 0) { while ($field = $query_fields->fetchRow(MYSQL_ASSOC)) { // Add to message body
global $database, $admin; $retval = $admin->get_email(); if ($admin->get_user_id() != '1') { $sql = 'SELECT `email` FROM `' . TABLE_PREFIX . 'users` '; $sql .= 'WHERE `user_id`=\'1\' '; $retval = $database->get_one($sql); } return $retval; } } // Get Settings from DB $sql = 'SELECT * FROM ' . TABLE_PREFIX . 'mod_form_settings '; $sql .= 'WHERE `section_id` = ' . (int) $section_id . ''; if ($query_content = $database->query($sql)) { $setting = $query_content->fetchRow(MYSQL_ASSOC); $setting['email_to'] = $setting['email_to'] != '' ? $setting['email_to'] : emailAdmin(); $setting['email_subject'] = $setting['email_subject'] != '' ? $setting['email_subject'] : ''; $setting['success_email_subject'] = $setting['success_email_subject'] != '' ? $setting['success_email_subject'] : ''; $setting['success_email_from'] = $admin->add_slashes(SERVER_EMAIL); $setting['success_email_fromname'] = $setting['success_email_fromname'] != '' ? $setting['success_email_fromname'] : WBMAILER_DEFAULT_SENDERNAME; $setting['success_email_subject'] = $setting['success_email_subject'] != '' ? $setting['success_email_subject'] : ''; } // Set raw html <'s and >'s to be replace by friendly html code $raw = array('<', '>'); $friendly = array('<', '>'); /* // check if backend.css file needs to be included into the <body></body> of modify.php if(!method_exists($admin, 'register_backend_modfiles') && file_exists(WB_PATH ."/modules/form/backend.css")) { echo '<style type="text/css">'; include(WB_PATH .'/modules/form/backend.css'); echo "\n</style>\n";
$retval = $database->get_one($sql); } return $retval; } } // load module language file $lang = dirname(__FILE__) . '/languages/' . LANGUAGE . '.php'; require_once !file_exists($lang) ? dirname(__FILE__) . '/languages/EN.php' : $lang; // This code removes any <?php tags and adds slashes $friendly = array('<', '>', '?php'); $raw = array('<', '>', ''); $header = $admin->add_slashes($_POST['header']); $field_loop = $admin->add_slashes($_POST['field_loop']); $footer = $admin->add_slashes($_POST['footer']); $email_to = $admin->add_slashes($_POST['email_to']); $email_to = $email_to != '' ? $email_to : emailAdmin(); $email_from = $admin->add_slashes(SERVER_EMAIL); $use_captcha = $admin->add_slashes($_POST['use_captcha']); /* if( isset($_POST['email_from_field']) && ($_POST['email_from_field'] != '')) { $email_from = $admin->add_slashes($_POST['email_from_field']); } else { $email_from = $admin->add_slashes($_POST['email_from']); } */ if (isset($_POST['email_fromname_field']) && $_POST['email_fromname_field'] != '') { $email_fromname = $admin->add_slashes($_POST['email_fromname_field']); } else { $email_fromname = $admin->add_slashes($_POST['email_fromname']); } $email_subject = $admin->add_slashes($_POST['email_subject']);
<?php //contact us in home page //import general functions require "functions.php"; //check input variables exist if (isEmpty(@$_POST['name'])) { throw new GeneralException('Please enter your name.', 010); } else { if (isEmpty(@$_POST['from'])) { throw new GeneralException('Please enter your email.', 011); } else { if (isEmpty(@$_POST['subject'])) { throw new GeneralException('Please enter a subject.', 012); } else { if (isEmpty(@$_POST['msg'])) { throw new GeneralException('Please enter a message.', 013); } } } } //read variables from register user form $name = $_POST['name']; $email = $_POST['from']; $subject = $_POST['subject']; $msg = $_POST['msg']; //send an email to the admin from the user, when upload to server needs to be changed emailAdmin($email, $name, $subject, $msg); //return sent to client returnValue("sent.");
public function resetPassword($username) { if (!empty($username)) { if ($uid = getUID($username)) { $query = sprintf("SELECT time FROM tokens WHERE affects = %d AND type = %d", $this->sql->sanitize($uid), $this->sql->sanitize(USER_RESETPW)); $this->sql->query($query, SQL_FIRST); if (NULL == $this->sql->error) { if (!empty($this->sql->record[0])) { $this->error = "A reset request for this user has already been sent."; return FALSE; } $passwordHash = $this->crypto->genPassword(); $passwordHash = explode(':::::', $passwordHash); if ("" != ($email = $this->get($uid, USER_EMAIL))) { $token = $this->crypto->genUniqueID(); $query = sprintf("INSERT INTO tokens (id, type, time, affects) values ('%s', %d, %d, %d", $this->sql->sanitize($token), $this->sql->sanitize(USER_RESETPW), $this->sql->sanitize(time()), $this->sql->sanitize($uid)); $this->sql->query($query); if (NULL == $this->sql->error) { $envelope = array('dest' => $email, 'subject' => 'Your password has been reset.', 'message' => 'To retrieve your new password and disable your old' . 'passwords, please visit the following link: ' . WEBSITE_URL . '?module=auth&action=confirm&id=' . $token); if (emailAdmin($envelope)) { return TRUE; } else { $this->error = "There was a problem sending the confirmation e-mail."; return FALSE; } } } else { $this->error = "There is no e-mail assoiated with that user."; return FALSE; } } $this->error = "Query error."; return FALSE; } else { $this->error = "Invalid username."; return FALSE; } } else { $this->error = "You must enter a username."; return FALSE; } }