function uddeIMsaveRAWmessage($fromid, $toid, $replyid, $message, $date, $config, $cryptmode=0, $pass="") { $database = uddeIMgetDatabase(); $themode = 0; if ($cryptmode==1) { $themode = 1; $cm = uddeIMencrypt($message,$config->cryptkey,CRYPT_MODE_BASE64); $sql = "INSERT INTO #__uddeim (fromid, toid, replyid, message, datum, cryptmode, crypthash) VALUES (". (int)$fromid.", ".(int)$toid.", ".(int)$replyid.", '".$cm."', ".$date.", 1, '".md5($config->cryptkey)."')"; } elseif ($cryptmode==2) { $themode = 2; $thepass=$pass; if (!$thepass) { // no password entered, then fallback to obfuscating $themode = 1; $thepass=$config->cryptkey; } $cm = uddeIMencrypt($message,$thepass,CRYPT_MODE_BASE64); $sql = "INSERT INTO #__uddeim (fromid, toid, replyid, message, datum, cryptmode, crypthash) VALUES (". (int)$fromid.", ".(int)$toid.", ".(int)$replyid.", '".$cm."', ".$date.", ".$themode.", '".md5($thepass)."')"; } elseif ($cryptmode==3) { $themode = 3; $cm = uddeIMencrypt($message,"",CRYPT_MODE_STOREBASE64); $sql = "INSERT INTO #__uddeim (fromid, toid, replyid, message, datum, cryptmode) VALUES (". (int)$fromid.", ".(int)$toid.", ".(int)$replyid.", '".$cm."', ".$date.", 3)"; } elseif ($cryptmode==4) { $themode = 4; $thepass=$pass; $cipher = CRYPT_MODE_3DESBASE64; if (!$thepass) { // no password entered, then fallback to obfuscating $themode = 1; $thepass=$config->cryptkey; $cipher = CRYPT_MODE_BASE64; } $cm = uddeIMencrypt($message,$thepass,$cipher); $sql = "INSERT INTO #__uddeim (fromid, toid, replyid, message, datum, cryptmode, crypthash) VALUES (". (int)$fromid.", ".(int)$toid.", ".(int)$replyid.", '".$cm."', ".$date.", ".$themode.", '".md5($thepass)."')"; } else { $sql = "INSERT INTO #__uddeim (fromid, toid, replyid, message, datum) VALUES (". (int)$fromid.", ".(int)$toid.", ".(int)$replyid.", '".$message."', ".$date.")"; } $database->setQuery($sql); if (!$database->query()) { die("SQL error when attempting to save a message" . $database->stderr(true)); } $insID = $database->insertid(); return $insID; }
/** * Sends a PMS message * * @param int $toUserId UserId of receiver * @param int $fromUserId UserId of sender * @param string $subject Subject of PMS message * @param string $message Body of PMS message * @param boolean $systemGenerated False: real user-to-user message; True: system-Generated by an action from user $fromid (if non-null) * @return boolean True: PM sent successfully; False: PM failed to send */ public function sendUserPMS($toUserId, $fromUserId, $subject, $message, $systemGenerated = false) { global $_PLUGINS; if (!$this->isInstalled()) { return false; } $toUserId = (int) $toUserId; $fromUserId = (int) $fromUserId; if (!$toUserId) { $_PLUGINS->_setErrorMSG(CBTxt::T('SEND_PMS_MISSING_TO_USER', 'Private message failed to send! Error: Missing to user')); return false; } if ($subject) { $message = "[b]" . $subject . "[/b]\n\n" . $message; } $message = $this->htmlToBBCode($message); if (!$message) { $_PLUGINS->_setErrorMSG(CBTxt::T('SEND_PMS_MISSING_MESSAGE', 'Private message failed to send! Error: Missing message')); return false; } $cryptMode = $this->uddeIMConfig->get('cryptmode', 0, GetterInterface::INT); $cryptKey = $this->uddeIMConfig->get('cryptkey', 'uddeIMcryptkey', GetterInterface::STRING); $pm = new cbmypmsproTable(); if ($systemGenerated || !$fromUserId) { $fromSystem = $this->uddeIMConfig->get('sysm_username', 'System', GetterInterface::STRING); if ($fromUserId) { $fromSystem = uddeIMgetNameFromID($fromUserId, $this->uddeIMConfigRAW); } $pm->set('disablereply', 1); $pm->set('systemflag', 1); $pm->set('systemmessage', $fromSystem); } $pm->set('fromid', (int) $fromUserId); $pm->set('toid', (int) $toUserId); $pm->set('datum', uddetime($this->uddeIMConfig->get('timezone', 0, GetterInterface::INT))); if (in_array($cryptMode, array(1, 2, 4))) { $pm->set('message', uddeIMencrypt($message, $cryptKey, CRYPT_MODE_BASE64)); $pm->set('cryptmode', 1); $pm->set('crypthash', md5($cryptKey)); } elseif ($cryptMode == 3) { $pm->set('message', uddeIMencrypt($message, '', CRYPT_MODE_STOREBASE64)); $pm->set('cryptmode', 1); $pm->set('crypthash', md5($cryptKey)); } else { $pm->set('message', $message); } if (uddeIMgetEMNmoderated($pm->get('fromid'))) { $pm->set('delayed', 1); } if (!$pm->store()) { $_PLUGINS->_setErrorMSG(CBTxt::T('SEND_PMS_FAILED_ERROR', 'Private message failed to send! Error: [error]', array('[error]' => $pm->getError()))); return false; } $this->sendNotification($pm, $message); return true; }
function sendNewSysMessage($fromid, $recipients, $message, $systemmsg=0, $validfor=0, $sendnotification=0, $forceembedded=0) { $database = uddeIMgetDatabase(); if ($systemmsg) { // system message $sendername = $this->config->sysm_username; $savesysflag = addslashes($sendername); // system message $savedisablereply = 1; // and users can't reply to them $emn_fromid = 0; // for email notifications set userid 0 } else { $sendername = uddeIMgetNameFromID($fromid, $this->config); $savesysflag = addslashes($sendername); $savedisablereply = 0; $emn_fromid = $fromid; } $savedatum = uddetime($this->config->timezone); if ($validfor>0) { $now = uddetime($this->config->timezone); $validuntil = $now+($validfor*3600); } else { $validuntil = 0; } if ($this->config->cryptmode>=1) { // because of encoding do not use slashes $savemessage = strip_tags($message); } else { $savemessage = addslashes(strip_tags($message)); // original 0.6+ } getAdditonalGroups($add_special, $add_admin, $config); if (uddeIMcheckJversion()>=2) { // J1.6 if ($recipients=="all") { $sql="SELECT id FROM #__users WHERE block=0"; } elseif($recipients=="online") { $sql="SELECT a.id, b.userid FROM #__users AS a, #__session AS b WHERE block=0 AND a.id=b.userid"; } elseif($recipients=="special") { $sql="SELECT DISTINCT u.id FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) INNER JOIN #__usergroups AS g ON um.group_id=g.id WHERE u.block=0 AND g.id IN (3,4,5,6,7,8".$add_admin.$add_special.")"; } elseif($recipients=="admins") { $sql="SELECT DISTINCT u.id FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) INNER JOIN #__usergroups AS g ON um.group_id=g.id WHERE u.block=0 AND g.id IN (7,8".$add_admin.")"; } else { $sql="SELECT DISTINCT u.id FROM (#__users AS u INNER JOIN #__user_usergroup_map AS um ON u.id=um.user_id) INNER JOIN #__usergroups AS g ON um.group_id=g.id WHERE u.block=0 AND g.id=".(int)$recipients; } } else { if ($recipients=="all") { $sql="SELECT id FROM #__users WHERE block=0"; } elseif($recipients=="online") { $sql="SELECT a.id, b.userid FROM #__users AS a, #__session AS b WHERE block=0 AND a.id=b.userid"; } elseif($recipients=="special") { $sql="SELECT id FROM #__users WHERE block=0 AND gid IN (19,20,21,23,24,25".$add_admin.")"; } elseif($recipients=="admins") { $sql="SELECT id FROM #__users WHERE block=0 AND gid IN (24,25".$add_admin.")"; } else { $sql="SELECT id FROM #__users WHERE block=0 AND gid=".(int)$recipients; } } $database->setQuery($sql); $receivers=$database->loadObjectList(); if (!count($receivers)) { return 1; } foreach($receivers as $receiver) { $toid = $receiver->id; $themode = 0; if ($this->config->cryptmode==1 || $this->config->cryptmode==2 || $this->config->cryptmode==4) { $themode = 1; $cm = uddeIMencrypt($savemessage,$this->config->cryptkey,CRYPT_MODE_BASE64); $sql="INSERT INTO #__uddeim (fromid, toid, message, datum, expires, systemmessage, systemflag, disablereply, totrashoutbox, totrashdateoutbox, cryptmode, crypthash) VALUES (".(int)$fromid.", ".(int)$toid.", '".$cm."', ".$savedatum.", ".$validuntil.", '".$savesysflag."', 1,".$savedisablereply.", 1, ".$savedatum.",1,'".md5($this->config->cryptkey)."')"; } elseif ($this->config->cryptmode==3) { $themode = 3; $cm = uddeIMencrypt($savemessage,"",CRYPT_MODE_STOREBASE64); $sql="INSERT INTO #__uddeim (fromid, toid, message, datum, expires, systemmessage, systemflag, disablereply, totrashoutbox, totrashdateoutbox, cryptmode) VALUES (".(int)$fromid.", ".(int)$toid.", '".$cm."', ".$savedatum.", ".$validuntil.", '".$savesysflag."', 1,".$savedisablereply.", 1, ".$savedatum.",3)"; } else { $sql="INSERT INTO #__uddeim (fromid, toid, message, datum, expires, systemmessage, systemflag, disablereply, totrashoutbox, totrashdateoutbox) VALUES (".(int)$fromid.", ".(int)$toid.", '".$savemessage."', ".$savedatum.", ".$validuntil.", '".$savesysflag."', 1,".$savedisablereply.", 1,".$savedatum.")"; } $database->setQuery($sql); if (!$database->query()) { die("SQL error when attempting to save a message" . $database->stderr(true)); } $insID = $database->insertid(); if ($sendnotification) { // Check if E-Mail notification or popups are enabled by default, if so create a record for the receiver. if ($this->config->notifydefault>0 || $this->config->popupdefault>0 || $this->config->pubfrontenddefault>0 || $this->config->autoresponder>0 || $this->config->autoforward>0) { if (!uddeIMexistsEMN($toid)) uddeIMinsertEMNdefaults($toid, $this->config); } } // ################################################################################################## // email notification // ################################################################################################## if ($sendnotification) { $currentlyonline = uddeIMisOnline($toid); if ($this->config->cryptmode>=1) { $email = stripslashes($savemessage); } else { $email = stripslashes(stripslashes($savemessage)); } $type = 0; if ($forceembedded) $type = 2; if ($this->config->allowemailnotify==1) { $ison = uddeIMgetEMNstatus($toid); if (($ison==1) || ($ison==2 && !$currentlyonline) || $ison==10 || ($ison==20 && !$currentlyonline)) { uddeIMdispatchEMN($insID, $item_id, $themode, $emn_fromid, $toid, $email, $type, $this->config); } } elseif($this->config->allowemailnotify==2) { $gid = uddeIMgetGID((int)$toid); if (uddeIMisAdmin($gid) || uddeIMisAdmin2($gid, $this->config)) { $ison = uddeIMgetEMNstatus($toid); if (($ison==1) || ($ison==2 && !$currentlyonline) || $ison==10 || ($ison==20 && !$currentlyonline)) { uddeIMdispatchEMN($insID, $item_id, $themode, $emn_fromid, $toid, $email, $type, $this->config); } } } } } return 0; }
function _sendPMSuddeimMSG($udde_toid,$udde_fromid,$to,$from,$sub,$msg) { global $_CB_database, $_CB_framework; $params = $this->params; $pmsType = $params->get('pmsType', '1'); $udde_sysm = "System"; $config_realnames = "0"; $config_cryptmode = 0; $config_cryptkey = 'uddeIMcryptkey'; if ($pmsType==4) { // uddeIM 1.0+ require_once( $_CB_framework->getCfg('absolute_path') . "/components/com_uddeim/crypt.class.php"); if(file_exists( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/config.class.php")) { include_once( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/config.class.php"); } $config = new uddeimconfigclass(); if(isset($config->sysm_username)) { $udde_sysm = $config->sysm_username; } if (isset($config->realnames)) { $config_realnames = $config->realnames; } if (isset($config->cryptmode)) { $config_cryptmode = $config->cryptmode; } if (file_exists( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_crypt.php" )) { require_once ( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_crypt.php" ); } if (isset($config->cryptkey)) { $config_cryptkey = $config->cryptkey; } } else { if(file_exists( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_config.php")) { include_once( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_config.php"); } if(isset($config_sysm_username)) { $udde_sysm = $config_sysm_username; } } // format the message if($sub) { // is actually impossible $udde_msg = "[b]".$sub."[/b]\n\n".$msg; } else { $udde_msg = $msg; } // strip any bb code that might be present, but only in 0.4 if($pmsType==3) { require_once ( $_CB_framework->getCfg('absolute_path') . '/components/com_uddeim/bbparser.php' ); $udde_msg=bbcode_strip($udde_msg); } // now strip the remaining html tags $udde_msg = strip_tags($udde_msg); // escape dangerous stuff // not necessary, already escaped before this internal function gets called // get current time but recognize time offset $currentTime=time(); $udde_time=$this->_pmsUddeGetTime($currentTime); // set the udde systemmessage username to the virtual sender $udde_sysm=$from; if ($config_cryptmode==1) { if (function_exists('uddeIMencrypt')) { // this added for uddeIM 1.4+ $cm = uddeIMencrypt($udde_msg,$config_cryptkey,CRYPT_MODE_BASE64); } else { $cm = Encrypt($udde_msg,$config_cryptkey,CRYPT_MODE_BASE64); } $sql="INSERT INTO #__uddeim (fromid, toid, message, datum, cryptmode, crypthash) VALUES (".$udde_fromid.", ".$udde_toid.", '".$cm."', ".$udde_time.",1,'".md5($config_cryptkey)."')"; } else { $sql="INSERT INTO #__uddeim (fromid, toid, message, datum) VALUES (".$udde_fromid.", ".$udde_toid.", '".$udde_msg."', ".$udde_time.")"; } // now insert the message if($udde_fromid && $udde_toid) { $_CB_database->SetQuery($sql); if (!$_CB_database->query()) { die("SQL error" . $_CB_database->stderr(true)); } } $udde_msgid = $_CB_database->insertid(); // E-Mail notification code $udde_sysm=""; $this->_pmsUddeNotify($udde_msgid, $udde_fromid, $udde_toid, $udde_msg, $udde_sysm); }
function uddeIMpublicSaveMessage($fromname, $fromemail, $to_name, $to_id, $pmessage, $item_id, $sendeform_showallusers, $backto, $config) { $mosConfig_sitename = uddeIMgetSitename(); $pathtosite = uddeIMgetPath('live_site'); $database = uddeIMgetDatabase(); $to_name = stripslashes($to_name); $to_name_bak = $to_name; // save all already typed in names if(!$to_id && !$to_name && $sendeform_showallusers!=2) { // write the uddeim menu uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 5, $config); return; } if($sendeform_showallusers) { // =2, click on button / =1, keep on showing // write the uddeim menu uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 1, $config); return; } // do not allow multiple recipients from public frontend $to_name = trim($to_name); $fromname = trim($fromname); $fromemail = trim($fromemail); if(!$fromname) { // write the uddeim menu uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 12, $config); return; } // When there is an email address this must be valid if ($fromemail && !preg_match("/\b[a-z0-9!#$%&'*+\/=?^_`{|}-]+(?:\.[a-z0-9!#$%&'*+\/=?^_`{|}-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+(?:[A-Z]{2}|com|org|net|gov|mil|biz|info|mobi|name|aero|jobs|museum)\b/i", $fromemail)) { // write the uddeim menu uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 13, $config); return; } // Check if an email address is required if (!$fromemail && $config->pubemail) { // write the uddeim menu uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 13, $config); return; } $to_id = uddeIMgetIDfromNamePublic($to_name, $config, true); // add "AND block=0" // BUGBUG: Maybe it is a good idea to do the query vice versa (so I could add a query for "realname"s here) if (!$to_id) { // no user with this name found, so try again with username (maybe we do the query twice (see query above, but who cares) if ($config->pubrealnames) { $to_id = uddeIMgetIDfromUsername($to_name, true); // add "AND block=0" } } if(!$to_id) { // no user with this username found // display to form again so that the user can correct his/her fault // the wrong name is displayed in brackets (add brackets only once) if (substr($to_name,0,1)!="(") { $to_name = str_replace($to_name, "(".$to_name.")", $to_name_bak); } // write the uddeim menu uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 3, $config); return; } // now check banning $is_banned = uddeIMisBanned($to_id, $config); if ($is_banned) { if (substr($to_name,0,1)!="(") { $to_name = str_replace($to_name, "(".$to_name.")", $to_name_bak); } // write the uddeim menu uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 17, $config); return; } // now check group blocking $is_group_blocked = uddeIMisRecipientBlockedPublic($to_id, $config); if ($is_group_blocked) { if (substr($to_name,0,1)!="(") { $to_name = str_replace($to_name, "(".$to_name.")", $to_name_bak); } uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 10, $config); return; } if(!$pmessage) { // write the uddeim menu $to_name = $to_name_bak; uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 4, $config); return; } // check if user allows public access (this check must be done after group blocking, because the admin can block a certain group and the user cannot longer decide if he allows the public frontend or not) $ispublic = uddeIMgetEMNpublic($to_id); if (!$ispublic) { // user does not allow public messages uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 8, $config); return; } // CAPTCHA (first check for all other errors and then the CAPTCHA) if ($config->usecaptcha>=1) { // CAPTCHA is enabled for public frontend if ($config->captchatype==0) { if (class_exists('JFactory')) { // CAPTCHA15 $session = JFactory::getSession(); $_SESSION['security_code'] = $session->get('security_code'); // so I do not need to modify saveMessage code } else { // CAPTCHA10 session_start(); } if( $_SESSION['security_code'] == $_POST['security_code'] && !empty($_SESSION['security_code'] ) ) { // CAPTCHA is correct, so unset security code if (class_exists('JFactory')) { $session = JFactory::getSession(); $session->set('security_code', null); } else { unset($_SESSION['security_code']); } } else { // wrong captcha, so write the uddeim menu $to_name = $to_name_bak; uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 7, $config); return; } } else { $pathtouser = uddeIMgetPath('user'); require_once($pathtouser."/recaptchalib.php"); $resp = recaptcha_check_answer ($config->recaptchaprv, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { $to_name = $to_name_bak; uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 7, $config); return; // die ("The reCAPTCHA wasn't entered correctly. Go back and try it again. (reCAPTCHA said: " . $resp->error . ")"); } } } if (!uddeIMcheckCSRF($config)) { $to_name = $to_name_bak; uddeIMpublicMenuWriteform($item_id, $fromname, $fromemail, $to_name, $pmessage, 15, $config); return; } $savedatum = uddetime($config->timezone); $savetoid = $to_id; $savefromid = 0; // This is '0' in public frontend // CRYPT if ($config->cryptmode>=1) { // because of encoding do not use slashes $savemessage=strip_tags($pmessage); } else { $savemessage=addslashes(strip_tags($pmessage)); // original 0.6+ } // strip bbcodes if (!$config->allowbb) { $savemessage=uddeIMbbcode_strip($savemessage); } // set message max length if ($config->maxlength>0) { // because if 0 do not use any maxlength $savemessage=substr($savemessage, 0, $config->maxlength); } $fromname=addslashes(strip_tags($fromname)); $fromemail=addslashes(strip_tags($fromemail)); $delayed = 0; if ($config->modpubusers) $delayed = 1; // we have all we need, now save it // no replyid can be set here, since public users cannot reply to a message, replyid = 0 // CRYPT if ($config->cryptmode==1 || $config->cryptmode==2 || $config->cryptmode==4) { // do not allow individual encryption $cm = uddeIMencrypt($savemessage,$config->cryptkey,CRYPT_MODE_BASE64); $sql="INSERT INTO #__uddeim (`delayed`, publicname, publicemail, fromid, toid, message, datum, totrashoutbox, totrashdateoutbox, cryptmode, crypthash) VALUES (".(int)$delayed.", '".$fromname."', '".$fromemail."', ".(int)$savefromid.", ".(int)$savetoid.", '".$cm."', ".$savedatum.",1,".$savedatum.",1,'".md5($config->cryptkey)."')"; } elseif ($config->cryptmode==3) { $cm = uddeIMencrypt($savemessage,"",CRYPT_MODE_STOREBASE64); $sql="INSERT INTO #__uddeim (`delayed`, publicname, publicemail, fromid, toid, message, datum, totrashoutbox, totrashdateoutbox, cryptmode) VALUES (".(int)$delayed.", '".$fromname."', '".$fromemail."', ".(int)$savefromid.", ".(int)$savetoid.", '".$cm."', ".$savedatum.",1,".$savedatum.",3)"; } else { $sql="INSERT INTO #__uddeim (`delayed`, publicname, publicemail, fromid, toid, message, datum, totrashoutbox, totrashdateoutbox) VALUES (".(int)$delayed.", '".$fromname."', '".$fromemail."', ".(int)$savefromid.", ".(int)$savetoid.", '".$savemessage."', ".$savedatum.",1,".$savedatum.")"; } $database->setQuery($sql); if (!$database->query()) { die("SQL error when attempting to save a message" . $database->stderr(true)); } $insID = $database->insertid(); // When public users are moderated, delay the message // if (uddeIMgetEMNmoderated($savefromid) ) { // && uddeIMisReggedOnly($my_gid)) { // uddeIMupdateDelayed($savefromid, $insID, 1); // } // Check if E-Mail notification or popups are enabled by default, if so create a record for the receiver. // Note: Not necessary for "copy to myself" sind the record for the current user has been set at the very beginning... if ($config->notifydefault>0 || $config->popupdefault>0 || $config->pubfrontenddefault>0 || $config->autoresponder>0 || $config->autoforward>0) { if (!uddeIMexistsEMN($savetoid)) uddeIMinsertEMNdefaults($savetoid, $config); } $rec_gid = uddeIMgetGID((int)$savetoid); // ################################################################################################## // autoforward code // ################################################################################################## if ($config->autoforward==1 || ($config->autoforward==2 && (uddeIMisAdmin($rec_gid) || uddeIMisAdmin2($rec_gid, $config)))) { $ison = uddeIMgetEMNautoforward($savetoid); // recipient has autoforward enabled if ($ison==1) { $autoforwardid = uddeIMgetEMNautoforwardid($savetoid); // new recipient $forwardheader=" [i]("._UDDEIM_THISISAFORWARD.uddeIMgetNameFromID($savetoid, $config).")[/i]"; $savemessagecopy = $savemessage.$forwardheader; $themode = 0; if ($config->cryptmode==1) { $themode = 1; $cm = uddeIMencrypt($savemessagecopy,$config->cryptkey,CRYPT_MODE_BASE64); $sql = "INSERT INTO #__uddeim (fromid, toid, message, datum, cryptmode, crypthash) VALUES (".(int)$savefromid.", ".(int)$autoforwardid.", '".$cm."', ".$savedatum.",1,'".md5($config->cryptkey)."')"; } elseif ($config->cryptmode==2) { $themode = 2; $thepass=$cryptpass; if (!$thepass) { // no password entered, then fallback to obfuscating $themode = 1; $thepass=$config->cryptkey; } $cm = uddeIMencrypt($savemessagecopy,$thepass,CRYPT_MODE_BASE64); $sql = "INSERT INTO #__uddeim (fromid, toid, message, datum, cryptmode, crypthash) VALUES (".(int)$savefromid.", ".(int)$autoforwardid.", '".$cm."', ".$savedatum.",".$themode.",'".md5($thepass)."')"; } elseif ($config->cryptmode==3) { $themode = 3; $cm = uddeIMencrypt($savemessagecopy,"",CRYPT_MODE_STOREBASE64); $sql = "INSERT INTO #__uddeim (fromid, toid, message, datum, cryptmode) VALUES (".(int)$savefromid.", ".(int)$autoforwardid.", '".$cm."', ".$savedatum.",3)"; } elseif ($config->cryptmode==4) { $themode = 4; $thepass=$cryptpass; if (!$thepass) { // no password entered, then fallback to obfuscating $themode = 1; $thepass=$config->cryptkey; } $cm = uddeIMencrypt($savemessagecopy,$thepass,CRYPT_MODE_3DESBASE64); $sql = "INSERT INTO #__uddeim (fromid, toid, message, datum, cryptmode, crypthash) VALUES (".(int)$savefromid.", ".(int)$autoforwardid.", '".$cm."', ".$savedatum.",".$themode.",'".md5($thepass)."')"; } else { $sql = "INSERT INTO #__uddeim (fromid, toid, message, datum) VALUES (".(int)$savefromid.", ".(int)$autoforwardid.", '".$savemessage."', ".$savedatum.")"; } $database->setQuery($sql); if (!$database->query()) { die("SQL error when attempting to save a message" . $database->stderr(true)); } $insIDforward = $database->insertid(); } } // ################################################################################################## // autoresponder // ################################################################################################## if ($config->autoresponder==1 || ($config->autoresponder==2 && (uddeIMisAdmin($rec_gid) || uddeIMisAdmin2($rec_gid, $config)))) { $ison = uddeIMgetEMNautoresponder($savetoid); if ($ison==1) { // $sql="INSERT INTO #__uddeim (fromid, toid, message, datum, totrashoutbox, totrashdateoutbox) VALUES (".(int)$savetoid.", ".(int)$savefromid.", '". _UDDEIM_AUTORESPONDER_DEFAULT ."', ".$savedatum.", 1,".uddetime($config->timezone).")"; // BUGBUG: An autoresponder message is send via email but no message in the outbox is created. // This is not a bug since in my opinion it does not make sense to store autoresponder messages AND the received message. if($config->emailtrafficenabled && $fromemail) { $autorespondertext = uddeIMgetEMNautorespondertext($savetoid); $var_fromname = uddeIMgetNameFromID($savetoid, $config); if (!$var_fromname) $var_fromname=$config->sysm_username; $var_body = _UDDEIM_EMN_BODY_PUBLICWITHMESSAGE; $var_body = str_replace("%livesite%", $pathtosite, $var_body); $var_body = str_replace("%user%", $var_fromname, $var_body); $var_body = str_replace("%site%", $mosConfig_sitename, $var_body); $var_body = str_replace("%you%", $fromname, $var_body); $autorespondertext = str_replace(chr(13).chr(10), "\n", $autorespondertext); $var_body = str_replace("%pmessage%", $autorespondertext, $var_body); $subject = _UDDEIM_EMN_SUBJECT; $subject = str_replace("%livesite%", $pathtosite, $subject); $subject = str_replace("%site%", $mosConfig_sitename, $subject); $subject = str_replace("%you%", $fromname, $subject); $subject = str_replace("%user%", $var_fromname, $subject); $replyto = $fromemail; $replytoname = ""; if(uddeIMsendmail($config->emn_sendername, $config->emn_sendermail, $var_toname, $fromemail, $subject, $var_body, $replyto, $replytoname, "", $config)) { // maybe a code here that the email cound not have been sent } } } } // ################################################################################################## // email notification // ################################################################################################## // is the receiver currently online? $currentlyonline = uddeIMisOnline($savetoid); if ($config->cryptmode>=1) { $email=stripslashes($savemessage); } else { $email=stripslashes(stripslashes($savemessage)); // without encoding remove the safety slashes } if($config->allowemailnotify==1) { $ison = uddeIMgetEMNstatus($savetoid); if (($ison==1) || ($ison==2 && !$currentlyonline) || ($ison==10) || ($ison==20 && !$currentlyonline)) { uddeIMpublicDispatchEMN($insID, $fromname, $savetoid, $email, 0, $config); // 0 stands for normal (not forgetmenot) } } elseif($config->allowemailnotify==2) { $my_gid = uddeIMgetGID((int)$savetoid); if (uddeIMisAdmin($my_gid) || uddeIMisAdmin2($my_gid, $config)) { $ison = uddeIMgetEMNstatus($savetoid); if (($ison==1) || ($ison==2 && !$currentlyonline) || ($ison==10) || ($ison==20 && !$currentlyonline)) { uddeIMpublicDispatchEMN($insID, $fromname, $savetoid, $email, 0, $config); // 0 stands for normal (not forgetmenot) } } } $mosmsg=""; // _UDDEIM_MESSAGE_SENT uddeJSEFredirect("index.php?option=com_uddeim&task=publicsent&Itemid=".$item_id, $mosmsg); }
function uddeIMreportSpam($myself, $item_id, $messageid, $recip, $ret, $limit, $limitstart, $config) { $db = uddeIMgetDatabase(); // read message $messageid $displaymessages = uddeIMselectInboxMessage($myself, $messageid, $config); if (count($displaymessages)<1) { echo _UDDEIM_MESSAGENOACCESS; return; } if (!uddeIMgetSpamStatus($messageid)) { // and append to #__uddeim_spam foreach($displaymessages as $displaymessage) { if ($displaymessage->cryptmode==2 || $displaymessage->cryptmode==4) $cm = "Cannot display - Message is encrypted."; else $cm = uddeIMgetMessage($displaymessage->message, "", $displaymessage->cryptmode, $displaymessage->crypthash, $config->cryptkey); $dm = nl2br(htmlspecialchars(stripslashes($cm), ENT_QUOTES, $config->charset)); $dm = str_replace("&#", "&#", $dm); $dm = str_replace("&</br>", "</br>", $dm); $dm = uddeIMencrypt($dm,"",CRYPT_MODE_STOREBASE64); $sql = "INSERT INTO #__uddeim_spam (mid, datum, reported, fromid, toid, message) VALUES (". (int)$displaymessage->id.", ". (int)$displaymessage->datum.", ". (int)uddetime($config->timezone).", ". (int)$displaymessage->fromid.", ". (int)$displaymessage->toid.", ". $db->Quote($dm).")"; $db->setQuery($sql); if (!$db->query()) die("SQL error when attempting to save a report" . $db->stderr(true)); } uddeIMnotifySpam($myself, $item_id, $displaymessage->fromid, $displaymessage->toid, $config); } $addlink = ""; if ($recip) $addlink = "&recip=".(int)$recip; $task = "inbox"; if ($ret=="postboxuser") $task = "postboxuser"; if(!$limit && !$limitstart) { $redirecturl="index.php?option=com_uddeim&task=".$task."&Itemid=".$item_id.$addlink; } else { $redirecturl="index.php?option=com_uddeim&task=".$task."&Itemid=".$item_id.$addlink."&limit=".$limit."&limitstart=".$limitstart; } uddeJSEFredirect($redirecturl); }