/** * Takes a user supplied e-mail address, looks * it up in the database to find the username * and then e-mails the username to the e-mail * address given. * * @since 1.5 * @param string E-mail address * @return bool True on success/false on failure */ function remindUsername($email) { jimport('joomla.mail.helper'); global $mainframe; // Validate the e-mail address if (!JMailHelper::isEmailAddress($email)) { $message = JText::_('INVALID_EMAIL_ADDRESS'); $this->setError($message); UserHelper::showMessage(ERROR, $message); return false; } $db =& JFactory::getDBO(); $db->setQuery('SELECT username FROM #__users WHERE email = ' . $db->Quote($email), 0, 1); // Get the username if (!($username = $db->loadResult())) { $message = JText::_('COULD_NOT_FIND_EMAIL'); $this->setError($message); UserHelper::showMessage(ERROR, $message); return false; } // Push the email address into the session $mainframe->setUserState($this->_namespace . 'email', $email); // Send the reminder email if (!$this->_sendReminderMail($email, $username)) { return false; } return true; }
/** * * Get data * @param Array $pk */ public function prepareDisplayedData($pk) { $data = null; $params = $this->getState('params'); // Get some data from the models $state = $this->getState(); $items = $this->getItems(); $pagination = $this->getPagination(); for ($i = 0, $n = count($items); $i < $n; $i++) { $item =& $items[$i]; $item->slug = $item->alias ? $item->id . ':' . $item->alias : $item->id; $temp = new JRegistry(); $temp->loadString($item->params); $item->params = clone $params; $item->params->merge($temp); if ($item->params->get('show_email', 0) == 1) { $item->email_to = trim($item->email_to); if (!empty($item->email_to) && JMailHelper::isEmailAddress($item->email_to)) { $item->email_to = $item->email_to; } else { $item->email_to = ''; } } } $JSNConfig = JSNFactory::getConfig(); $JSNConfig->megreMenuParams($pk['Itemid'], $params, 'com_contact'); $JSNConfig->megreGlobalParams('com_contact', $params, true); $maxLevel = $params->get('maxLevel', -1); $data->maxLevel = $maxLevel; $data->state = $state; $data->items = $items; $data->params = $params; $data->pagination = $pagination; return $data; }
function changeEmail() { // Initialise the App variables $app = JFactory::getApplication(); if ($app->isAdmin()) { $json = array(); $model = $this->getThisModel(); // Assign the get Id to the Variable $email_id = $app->input->getString('email'); $new_email = $app->input->getString('new_email'); if (empty($new_email) && !JMailHelper::isEmailAddress($new_email)) { $json = array('msg' => JText::_('Invalid Email Address'), 'msgType' => 'warning'); } else { //incase an account already exists ? if ($app->input->getString('task') == 'changeEmail') { $json = array('msg' => JText::_('J2STORE_EMAIL_UPDATE_NO_WARNING'), 'msgType' => 'message'); $json = $this->validateEmailexists($new_email); } elseif ($app->input->getString('task') == 'confirmchangeEmail') { $json = array('redirect' => JUri::base() . 'index.php?option=com_j2store&view=customer&task=viewOrder&email_id=' . $new_email, 'msg' => JText::_('J2STORE_SUCCESS_SAVING_EMAIL'), 'msgType' => 'message'); if (!$model->savenewEmail()) { $json = array('msg' => JText::_('J2STORE_ERROR_SAVING_EMAIL'), 'msgType' => 'warning'); } } } echo json_encode($json); $app->close(); } }
/** * Verifies the validity of a username/e-mail address * combination and creates a token to verify the request * was initiated by the account owner. The token is * sent to the account owner by e-mail * * @since 1.5 * @param string Username string * @param string E-mail address * @return bool True on success/false on failure */ function requestReset($email) { jimport('joomla.mail.helper'); jimport('joomla.user.helper'); $db =& JFactory::getDBO(); // Make sure the e-mail address is valid if (!JMailHelper::isEmailAddress($email)) { $this->setError(JText::_('INVALID_EMAIL_ADDRESS')); return false; } // Build a query to find the user $query = 'SELECT id FROM #__users' . ' WHERE email = ' . $db->Quote($email) . ' AND block = 0'; $db->setQuery($query); // Check the results if (!($id = $db->loadResult())) { $this->setError(JText::_('COULD_NOT_FIND_USER')); return false; } // Generate a new token $token = JUtility::getHash(JUserHelper::genRandomPassword()); $salt = JUserHelper::getSalt('crypt-md5'); $hashedToken = md5($token . $salt) . ':' . $salt; $query = 'UPDATE #__users' . ' SET activation = ' . $db->Quote($hashedToken) . ' WHERE id = ' . (int) $id . ' AND block = 0'; $db->setQuery($query); // Save the token if (!$db->query()) { $this->setError(JText::_('DATABASE_ERROR')); return false; } // Send the token to the user via e-mail if (!$this->_sendConfirmationMail($email, $token)) { return false; } return true; }
static function validate_email_list(&$email_list, $allow_blank = true) { $email_list = str_replace(' ', '', $email_list); // remove spaces $email_list = trim($email_list, ','); // trim off any spare commas if ($email_list == '') { if ($allow_blank) { $ret = ''; return $ret; } else { $ret = JText::_('COM_FLEXICONTACT_REQUIRED'); return $ret; } } $email_list = strtolower($email_list); // make all lower case for array_unique() call $email_addresses = explode(',', $email_list); // make it an array $email_addresses = array_unique($email_addresses); // remove any duplicates $email_list = implode(',', $email_addresses); // recreate the original email list to return jimport('joomla.mail.helper'); foreach ($email_addresses as $address) { if (!JMailHelper::isEmailAddress($address)) { return '(' . $address . ')'; } } return ''; }
public function validateUser() { try { $email = JRequest::getVar('email', '', 'post', 'string'); if (!JMailHelper::isEmailAddress($email)) { throw new Exception(JText::_('COM_AAWS_EMAIL_BAD_FORMAT')); } $db = JFactory::getDBO(); $query = $db->getQuery(true); // Se valida unicamente mediante el correo, y se retorna el nombre de usuario para hacer el login $query->select('id, name, username')->from('#__users')->where('email = ' . $db->Quote($email)); $db->setQuery($query); $result = $db->loadObject(); if ($result != null && $result->id != 0) { $answer = array('message' => JText::sprintf('COM_AAWS_USER_IDENTIFIED', $result->name), 'username' => $result->username, 'type' => 'info'); } else { $answer = array('message' => '', 'type' => 'info'); } echo json_encode($answer); } catch (Exception $e) { echo json_encode(array('message' => $e->getMessage(), 'type' => 'error')); } $app = JFactory::getApplication(); $app->close(); }
function validemail($emailid) { if (!JMailHelper::isEmailAddress($emailid)) { return false; } else { return true; } }
/** * Display the view * * @return mixed False on error, null otherwise. */ function display($tpl = null) { $comName = JRequest::getCmd('option'); $document =& JFactory::getDocument(); $app = JFactory::getApplication(); $params = $app->getParams(); //Check whether category access level allows access. $user = JFactory::getUser(); $groups = $user->getAuthorisedViewLevels(); //Load resources $document->addStyleSheet($this->baseurl . "/media/{$comName}/css/styles.css"); //Get some data from the models $state = $this->get('State'); $items = $this->get('Items'); $category = $this->get('Category'); $children = $this->get('Children'); $parent = $this->get('Parent'); $pagination = $this->get('Pagination'); //Check for errors. if (count($errors = $this->get('Errors'))) { JError::raiseWarning(500, implode("\n", $errors)); return false; } //Prepare the data //Compute the contact slug for ($i = 0, $n = count($items); $i < $n; $i++) { $item =& $items[$i]; $item->slug = $item->alias ? $item->id . ':' . $item->alias : $item->id; $temp = new JRegistry(); $temp->loadJSON($item->params); $item->params = clone $params; $item->params->merge($temp); if ($item->params->get('show_email', 0) == 1) { $item->email_to = trim($item->email_to); if (!empty($item->email_to) && JMailHelper::isEmailAddress($item->email_to)) { $item->email_to = JHtml::_('email.cloak', $item->email_to); } else { $item->email_to = ''; } } } //Escape strings for HTML output $this->pageclass_sfx = htmlspecialchars($params->get('pageclass_sfx')); $maxLevel = $params->get('maxLevel', -1); $this->assignRef('maxLevel', $maxLevel); $this->assignRef('state', $state); $this->assignRef('items', $items); $this->assignRef('category', $category); $this->assignRef('children', $children); $this->assignRef('params', $params); $this->assignRef('parent', $parent); $this->assignRef('pagination', $pagination); //define some few document params $this->_prepareDocument(); //Display the view parent::display($tpl); }
/** * do the plugin action * @return number of records updated */ function process(&$data) { $app = JFactory::getApplication(); jimport('joomla.mail.helper'); $params = $this->getParams(); $msg = $params->get('message'); $to = $params->get('to'); $w = new FabrikWorker(); $MailFrom = $app->getCfg('mailfrom'); $FromName = $app->getCfg('fromname'); $subject = $params->get('subject', 'Fabrik cron job'); $eval = $params->get('cronemail-eval'); $condition = $params->get('cronemail_condition', ''); $updates = array(); foreach ($data as $group) { if (is_array($group)) { foreach ($group as $row) { if (!empty($condition)) { $this_condition = $w->parseMessageForPlaceHolder($condition, $row); if (eval($this_condition === false)) { continue; } } $row = JArrayHelper::fromObject($row); $thisto = $w->parseMessageForPlaceHolder($to, $row); if (JMailHelper::isEmailAddress($thisto)) { $thismsg = $w->parseMessageForPlaceHolder($msg, $row); if ($eval) { $thismsg = eval($thismsg); } $thissubject = $w->parseMessageForPlaceHolder($subject, $row); $res = JUTility::sendMail( $MailFrom, $FromName, $thisto, $thissubject, $thismsg, true); } $updates[] = $row['__pk_val']; } } } $field = $params->get('cronemail-updatefield'); if (!empty( $updates) && trim($field ) != '') { //do any update found $listModel = JModel::getInstance('list', 'FabrikFEModel'); $listModel->setId($params->get('table')); $table = $listModel->getTable(); $connection = $params->get('connection'); $field = $params->get('cronemail-updatefield'); $value = $params->get('cronemail-updatefield-value'); $field = str_replace("___", ".", $field); $query = "UPDATE $table->db_table_name set $field = " . $fabrikDb->Quote($value) . " WHERE $table->db_primary_key IN (" . implode(',', $updates) . ")"; $fabrikDb = $listModel->getDb(); $fabrikDb->setQuery($query); $fabrikDb->query(); } return count($updates); }
/** * * Get data * * @param Array $pk */ public function prepareDisplayedData($pk) { $data = null; jimport('joomla.application.categories'); $this->setState('category.id', $pk['id']); $params = $this->getState('params'); // Get some data from the models $state = $this->getState(); $items = $this->getItems(); $category = $this->getCategory(); $children = $this->getChildren(); $parent = $this->getParent(); $pagination = $this->getPagination(); // Check for errors. if ($category == false) { echo JText::_('JGLOBAL_CATEGORY_NOT_FOUND'); } if ($parent == false) { echo JText::_('JGLOBAL_CATEGORY_NOT_FOUND'); } // Prepare the data. // Compute the contact slug. for ($i = 0, $n = count($items); $i < $n; $i++) { $item =& $items[$i]; $item->slug = $item->alias ? $item->id . ':' . $item->alias : $item->id; $temp = new JRegistry(); $temp->loadString($item->params); $item->params = clone $params; $item->params->merge($temp); if ($item->params->get('show_email', 0) == 1) { $item->email_to = trim($item->email_to); if (!empty($item->email_to) && JMailHelper::isEmailAddress($item->email_to)) { $item->email_to = JHtml::_('email.cloak', $item->email_to); } else { $item->email_to = ''; } } } // Setup the category parameters. $cparams = $category->getParams(); $category->params = clone $params; $category->params->merge($cparams); $JSNConfig = JSNFactory::getConfig(); $JSNConfig->megreMenuParams($pk['Itemid'], $params, 'com_contact'); $JSNConfig->megreGlobalParams('com_contact', $params, true); $children = array($category->id => $children); $maxLevel = $params->get('maxLevel', -1); $data->maxLevel = $maxLevel; $data->state = $state; $data->items = $items; $data->category = $category; $data->children = $children; $data->params = $params; $data->parent = $parent; $data->pagination = $pagination; return $data; }
/** * Sends a new share to a user. * * @since 1.0 * @access public */ public function send() { FD::checkToken(); $token = JRequest::getString('token', ''); $recipients = JRequest::getVar('recipients', array()); $content = JRequest::getVar('content', ''); // Get the current view. $view = $this->getCurrentView(); // Cleaning if (is_string($recipients)) { $recipients = explode(',', FD::string()->escape($recipients)); } if (is_array($recipients)) { foreach ($recipients as &$recipient) { $recipient = FD::string()->escape($recipient); if (!JMailHelper::isEmailAddress($recipient)) { return $view->call(__FUNCTION__, false, JText::_('COM_EASYSOCIAL_SHARING_EMAIL_INVALID_RECIPIENT')); } } } $content = FD::string()->escape($content); // Check for valid data if (empty($recipients)) { return $view->call(__FUNCTION__, false, JText::_('COM_EASYSOCIAL_SHARING_EMAIL_NO_RECIPIENTS')); } if (empty($token)) { return $view->call(__FUNCTION__, false, JText::_('COM_EASYSOCIAL_SHARING_EMAIL_INVALID_TOKEN')); } $session = JFactory::getSession(); $config = FD::config(); $limit = $config->get('sharing.email.limit', 0); $now = FD::date()->toUnix(); $time = $session->get('easysocial.sharing.email.time'); $count = $session->get('easysocial.sharing.email.count'); if (is_null($time)) { $session->set('easysocial.sharing.email.time', $now); $time = $now; } if (is_null($count)) { $session->set('easysocial.sharing.email.count', 0); } $diff = $now - $time; if ($diff <= 3600) { if ($limit > 0 && $count >= $limit) { return $view->call(__FUNCTION__, false, JText::_('COM_EASYSOCIAL_SHARING_EMAIL_SHARING_LIMIT_MAXED')); } $count++; $session->set('easysocial.sharing.email.count', $count); } else { $session->set('easysocial.sharing.email.time', $now); $session->set('easysocial.sharing.email.count', 1); } $library = FD::get('Sharing'); $library->sendLink($recipients, $token, $content); $view->call(__FUNCTION__, true); }
/** * @see plugins/tienda/payment_paypalpro/library/plgTiendaPayment_Paypalpro_Processor#validateData() */ function validateData() { /* * perform initial checks */ if (!count($this->_data)) { $this->setError(JText::_('COM_TIENDA_PAYPALPRO_NO_DATA_IS_PROVIDED')); return false; } if (!JRequest::checkToken()) { $this->setError(JText::_('COM_TIENDA_INVALID_TOKEN')); return false; } // if (!$this->getSubscrTypeObj()) { // $this->setError(JText::_('COM_TIENDA_PAYPALPRO_MESSAGE_INVALID_ITEM_TYPE')); // return false; // } if (!$this->_getParam('api_username') || !$this->_getParam('api_password') || !$this->_getParam('api_signature')) { $this->setError(JText::_('COM_TIENDA_PAYPALPRO_MESSAGE_MERCHANT_CREDENTIALS_ARE_INVALID')); return false; } /* * do form verification to make sure information is both present and valid */ // check required fields foreach ($this->_required as $required_field) { if (empty($this->_data[$required_field])) { $this->setError(JText::_('COM_TIENDA_PAYPALPRO_MESSAGE_FILL_IN_REQUIRED_FIELDS')); return false; } } // check some specific fields if (JString::strlen($this->_data['state']) != 2) { $this->setError(JText::_('COM_TIENDA_PAYPALPRO_MESSAGE_STATE_INVALID')); return false; } $user = JFactory::getUser(); if (!$user->id) { // require email address for guest users jimport('joomla.mail.helper'); if (empty($this->_data['email']) || !JMailHelper::isEmailAddress($this->_data['email'])) { $this->setError(JText::_('COM_TIENDA_PAYPALPRO_MESSAGE_EMAIL_ADDRESS_REQUIRED')); return false; } if (TiendaHelperUser::emailExists($this->_data['email'])) { $this->setError(JText::_('COM_TIENDA_PAYPALPRO_MESSAGE_EMAIL_EXISTS')); return false; } } if (JString::strlen($this->_data['cardexp_month']) != 2 || JString::strlen($this->_data['cardexp_year']) != 4) { $this->setError(JText::_('COM_TIENDA_PAYPALPRO_MESSAGE_EXPIRATION_DATE_INVALID=')); return false; } return true; }
/** * Display the view * * @return mixed False on error, null otherwise. */ public function display($tpl = null) { $app = JFactory::getApplication(); $params = $app->getParams(); // Get some data from the models $state = $this->get('State'); $items = $this->get('Items'); $category = $this->get('Category'); $children = $this->get('Children'); $parent = $this->get('Parent'); $pagination = $this->get('Pagination'); // Check for errors. if (count($errors = $this->get('Errors'))) { JError::raiseWarning(500, implode("\n", $errors)); return false; } // Check whether category access level allows access. $user = JFactory::getUser(); $groups = $user->getAuthorisedViewLevels(); // Prepare the data. // Compute the contact slug. for ($i = 0, $n = count($items); $i < $n; $i++) { $item =& $items[$i]; $item->slug = $item->alias ? $item->id . ':' . $item->alias : $item->id; $temp = new JRegistry(); $temp->loadString($item->params); $item->params = clone $params; $item->params->merge($temp); if ($item->params->get('show_email', 0) == 1) { $item->email_to = trim($item->email_to); if (!empty($item->email_to) && JMailHelper::isEmailAddress($item->email_to)) { $item->email_to = JHtml::_('email.cloak', $item->email_to); } else { $item->email_to = ''; } } } // Escape strings for HTML output $this->pageclass_sfx = htmlspecialchars($params->get('pageclass_sfx')); $maxLevel = $params->get('maxLevel', -1); $this->maxLevel =& $maxLevel; $this->state =& $state; $this->items =& $items; $this->category =& $category; $this->children =& $children; $this->params =& $params; $this->parent =& $parent; $this->pagination =& $pagination; $this->_prepareDocument(); parent::display($tpl); }
function submitinfo() { jimport('joomla.mail.helper'); $app =& JFactory::getApplication(); $params = JComponentHelper::getParams('com_redevent'); if (!$params->get('enable_moreinfo', 1)) { echo Jtext::_('COM_REDEVENT_MOREINFO_ERROR_DISABLED_BY_ADMIN'); $app->close(403); } $xref = JRequest::getInt('xref'); $email = JRequest::getVar('email'); $model = $this->getModel('details'); $details = $model->getDetails(); if ($xref && $email && JMailHelper::isEmailAddress($email)) { $mailer =& JFactory::getMailer(); $mailer->IsHTML(true); $mailer->setSubject(JText::sprintf('COM_REDEVENT_MOREINFO_MAIL_SUBJECT', $details->full_title)); $mailer->AddAddress($app->getCfg('mailfrom'), $app->getCfg('sitename')); $mailer->AddReplyTo(array($email, JRequest::getVar('name'))); $data = array(); if ($d = JRequest::getVar('name')) { $data[] = array(Jtext::_('COM_REDEVENT_MOREINFO_LABEL_NAME'), $d); } if ($d = JRequest::getVar('email')) { $data[] = array(Jtext::_('COM_REDEVENT_MOREINFO_LABEL_EMAIL'), $d); } if ($d = JRequest::getVar('company')) { $data[] = array(Jtext::_('COM_REDEVENT_MOREINFO_LABEL_COMPANY'), $d); } if ($d = JRequest::getVar('phonenumber')) { $data[] = array(Jtext::_('COM_REDEVENT_MOREINFO_LABEL_PHONENUMBER'), $d); } if ($d = JRequest::getVar('comments')) { $data[] = array(Jtext::_('COM_REDEVENT_MOREINFO_LABEL_COMMENTS'), str_replace("\n", "<br/>", $d)); } $table = '<table>'; foreach ($data as $d) { $table .= '<tr><td>' . $d[0] . '</td><td>' . $d[1] . '</td></tr>'; } $table .= '</table>'; $link = JRoute::_(JURI::base() . RedeventHelperRoute::getDetailsRoute($details->did, $details->xslug)); $link = JHTML::link($link, $details->full_title); $body = JText::sprintf('COM_REDEVENT_MOREINFO_MAIL_BODY', $link, $table); $mailer->setBody($body); $mailer->send(); } // confirm sending JRequest::setVar('view', 'moreinfo'); Jrequest::setVar('layout', 'final'); $this->display(); }
public function check() { // get fieldtype $q = ' SELECT fieldtype FROM #__rwf_fields WHERE id = ' . $this->_db->Quote($this->field_id); $this->_db->setQuery($q, 0, 1); $fieldtype = $this->_db->loadResult(); if ($fieldtype == 'recipients') { jimport('joomla.mail.helper'); if (!JMailHelper::isEmailAddress($this->value)) { $this->setError(JText::_('COM_REDFORM_INVALID_EMAIL_FORMAT')); return false; } } return true; }
function check() { if (JFilterInput::checkAttribute(array('href', $this->website))) { $this->setError(JText::_('Please provide a valid URL')); return false; } // check for http on website if (strlen($this->website) > 0 && !(eregi('http://', $this->website) || eregi('https://', $this->website) || eregi('ftp://', $this->website))) { $this->website = 'http://' . $this->website; } if (!JMailHelper::isEmailAddress($this->emailid)) { $this->setError(JText::_('Please provide a valid EmailID for company.')); return false; } return true; }
function sendMail(&$email) { JRequest::checkToken() or die('Invalid Token'); // First, make sure the form was posted from a browser. // For basic web-forms, we don't care about anything // other than requests from a browser: if (!isset($_SERVER['HTTP_USER_AGENT'])) { JError::raiseError(500, JText::_('JERROR_ALERTNOAUTHOR')); } // Make sure the form was indeed POST'ed: // (requires your html form to use: action="post") if (!$_SERVER['REQUEST_METHOD'] == 'POST') { JError::raiseError(500, JText::_('JERROR_ALERTNOAUTHOR')); } // Attempt to defend against header injections: $badStrings = array('Content-Type:', 'MIME-Version:', 'Content-Transfer-Encoding:', 'bcc:', 'cc:'); // Loop through each POST'ed value and test if it contains // one of the $badStrings: foreach ($_POST as $k => $v) { foreach ($badStrings as $v2) { if (JString::strpos($v, $v2) !== false) { JError::raiseError(500, JText::_('JERROR_ALERTNOAUTHOR')); } } } // Made it past spammer test, free up some memory // and continue rest of script: unset($k, $v, $v2, $badStrings); $email = JRequest::getVar('email', ''); $yourname = JRequest::getVar('yourname', ''); $youremail = JRequest::getVar('youremail', ''); $subject_default = JText::sprintf('Email from', $yourname); $subject = JRequest::getVar('subject', $subject_default); jimport('joomla.mail.helper'); if (!$email || !$youremail || JMailHelper::isEmailAddress($email) == false || JMailHelper::isEmailAddress($youremail) == false) { JError::raiseError(500, JText::_('EMAIL_ERR_NOINFO')); } $config = JFactory::getConfig(); $sitename = $config->getValue('sitename'); // link sent in email $link = JRequest::getVar('referrer'); // message text $msg = JText::sprintf('COM_FABRIK_EMAIL_MSG', $sitename, $yourname, $youremail, $link); // mail function JUTility::sendMail($youremail, $yourname, $email, $subject, $msg); }
function _getEmailsToSend() { if (empty($this->_emails)) { jimport('joomla.mail.helper'); $params =& $this->_getParams(); $emails = trim($params->get('alerts_mail_destination'), ", \r\n"); $emails = explode(',', $emails); $validEmails = array(); foreach ($emails as $k => $v) { $v = trim($v, ", \r\n"); if (JMailHelper::isEmailAddress($v)) { $validEmails[] = $v; } } $this->_emails = $validEmails; } return $this->_emails; }
/** * @brief Verifica que los datos sean validos */ public function check() { // Check if the order already exists mams.827 // Se valida que el correo sea valido if (isset($this->email) && $this->email != '') { if (!JMailHelper::isEmailAddress($this->email)) { $this->setError(JText::_('ASOM_EMAIL_ERROR')); return false; } } // Se valida el valor total de la orden, el cual debe coincidir con el detalle de la misma /*if($this->total != ($this->fare + $this->taxes + $this->fare_ta + $this->taxes_ta)) { $this->setError(JText::_('ASOM_TOTAL_ERROR')); return false; }*/ $mivalor = $this->fare + $this->taxes + $this->fare_ta + $this->taxes_ta; if ((int) $this->total != (int) $mivalor) { $this->setError(JText::_('ASOM_TOTAL_ERROR')); return false; } // Si es una orden nueva y el campo estado esta vacio se coloca el por defecto if ($this->id == 0 && $this->status == null) { $db = $this->getDBO(); $query = $db->getQuery(true); $query->select('id'); $query->from('#__aom_statuses'); $query->where('default_status = 1'); $db->setQuery($query); $status = $db->loadResult(); if ($status == '') { $this->setError(JText::_('ASOM_DEFAULT_STATUS')); return false; } $this->status = $status; } // Se coloca la fecha del sistema if ($this->id == 0) { $date = JFactory::getDate(); $this->fecsis = $date->toSql(); } return true; }
/** * @param JMail $mail * @param array $receivers * * @return boolean */ public static function send(JMail $mail, array $receivers) { $config = KunenaFactory::getConfig(); if (!empty($config->email_recipient_count)) { $email_recipient_count = $config->email_recipient_count; } else { $email_recipient_count = 1; } $email_recipient_privacy = $config->get('email_recipient_privacy', 'bcc'); // If we hide email addresses from other users, we need to add TO address to prevent email from becoming spam. if ($email_recipient_count > 1 && $email_recipient_privacy == 'bcc' && JMailHelper::isEmailAddress($config->get('email_visible_address'))) { $mail->AddAddress($config->email_visible_address, JMailHelper::cleanAddress($config->board_title)); // Also make sure that email receiver limits are not violated (TO + CC + BCC = limit). if ($email_recipient_count > 9) { $email_recipient_count--; } } $chunks = array_chunk($receivers, $email_recipient_count); $success = true; foreach ($chunks as $emails) { if ($email_recipient_count == 1 || $email_recipient_privacy == 'to') { echo 'TO '; $mail->ClearAddresses(); $mail->addRecipient($emails); } elseif ($email_recipient_privacy == 'cc') { echo 'CC '; $mail->ClearCCs(); $mail->addCC($emails); } else { echo 'BCC '; $mail->ClearBCCs(); $mail->addBCC($emails); } try { $mail->Send(); } catch (Exception $e) { $success = false; JLog::add($e->getMessage(), JLog::ERROR, 'kunena'); } } return $success; }
/** * Overloaded check function * * @access public * @return boolean * @see JTable::check * @since 1.5 */ function check() { // check for valid client name if (trim($this->name == '')) { $this->setError(JText::_('BNR_CLIENT_NAME')); return false; } // check for valid client contact if (trim($this->contact == '')) { $this->setError(JText::_('BNR_CONTACT')); return false; } // check for valid client email jimport('joomla.mail.helper'); if (!JMailHelper::isEmailAddress($this->email)) { $this->setError(JText::_('BNR_VALID_EMAIL')); return false; } return true; }
public function validate($values, $options = array()) { // fail if user hasn't checked terms & condition if ($this->defines->get('require_terms', '0') && empty($values["terms-conditions"])) { $this->setError(JText::_('COM_CITRUSCART_PLEASE_CHECK_THE_TERMS_CONDITIONS')); } // fail if no user->id and email address fails validation jimport('joomla.mail.helper'); if ($values["user_id"] < 1 && !JMailHelper::isEmailAddress($values['email_address'])) { $this->setError(JText::_('COM_CITRUSCART_PLEASE_ENTER_CORRECT_EMAIL')); } // fail if registering new user but one of passwords is empty if ($values["user_id"] < 1 && $values["checkout_method"] == 'register' && (empty($values["register-new-password"]) || empty($values["register-new-password2"]))) { $this->setError(JText::_('COM_CITRUSCART_PASSWORD_INVALID')); } // fail if registering new user but passwords don't match if ($values["user_id"] < 1 && $values["checkout_method"] == 'register' && $values["register-new-password"] != $values["register-new-password2"]) { $this->setError(JText::_('COM_CITRUSCART_PASSWORDS_DO_NOT_MATCH')); } // fail if registering new user but account exists for email address provided $userHelper = new CitruscartHelperUser(); if ($values["user_id"] < 1 && $values["checkout_method"] == 'register' && $userHelper->emailExists($values['email_address'])) { $this->setError(JText::_('COM_CITRUSCART_EMAIL_ALREADY_EXIST')); } // fail if user logged in and guest/register method selected if ($values["user_id"] > 0 && ($values["checkout_method"] == 'register' || $values["checkout_method"] == 'guest')) { $this->setError(JText::_('COM_CITRUSCART_CANNOT_REGISTER_OR_GUEST_CHECKOUT_WHEN_LOGGED_IN')); } // fail if password doesn't validate and validation is enabled if ($this->defines->get('password_php_validate', '0')) { Citruscart::load('CitruscartHelperUser', 'helpers.user'); $userHelper = new CitruscartHelperUser(); $validate_pass = $userHelper->validatePassword($values['register-new-password']); if (!$validate_pass[0]) { foreach ($validate_pass[1] as $error) { $this->setError($error); } } } return $this->check(); }
/** * Execute and display a template script. * * @param string $tpl The name of the template file to parse; automatically searches through the template paths. * * @return mixed A string if successful, otherwise an Error object. */ public function display($tpl = null) { parent::commonCategoryDisplay(); // Prepare the data. // Compute the contact slug. foreach ($this->items as $item) { $item->slug = $item->alias ? $item->id . ':' . $item->alias : $item->id; $temp = new Registry($item->params); $item->params = clone $this->params; $item->params->merge($temp); if ($item->params->get('show_email_headings', 0) == 1) { $item->email_to = trim($item->email_to); if (!empty($item->email_to) && JMailHelper::isEmailAddress($item->email_to)) { $item->email_to = JHtml::_('email.cloak', $item->email_to); } else { $item->email_to = ''; } } } return parent::display($tpl); }
public static function sendMail($from, $fromname, $recipient, $subject, $body, $mode = 0, $cc = null, $bcc = null, $attachment = null, $replyto = null, $replytoname = null) { $mailer = JFactory::getMailer(); if (RSMembershipHelper::getConfig('footer_enable')) { $replacements = array('{sitename}' => JFactory::getConfig()->get('sitename'), '{siteurl}' => JURI::root()); $body .= str_replace(array_keys($replacements), array_values($replacements), RSMembershipHelper::getConfig('footer_content')); } // Handle multiple emails if (strpos($recipient, ',') !== false) { jimport('joomla.mail.helper'); $emails = explode(',', $recipient); $recipient = array(); foreach ($emails as $email) { $email = trim($email); if (JMailHelper::isEmailAddress($email)) { $recipient[] = $email; } } } return $mailer->sendMail($from, $fromname, $recipient, $subject, $body, $mode, $cc, $bcc, $attachment, $replyto, $replytoname); }
function check() { jimport('joomla.mail.helper'); if (trim($this->f_name) == '') { $this->setError(_JSHOP_REGWARN_NAME); return false; } if (trim($this->email == "") || !JMailHelper::isEmailAddress($this->email)) { $this->setError(_JSHOP_REGWARN_MAIL); return false; } if ($this->user_id) { $query = "SELECT id FROM #__jshopping_vendors WHERE `user_id`='" . $this->_db->escape($this->user_id) . "' AND id != '" . (int) $this->id . "'"; $this->_db->setQuery($query); $xid = intval($this->_db->loadResult()); if ($xid) { $this->setError(sprintf(_JSHOP_ERROR_SET_VENDOR_TO_MANAGER, $this->user_id)); return false; } } return true; }
function repeat_emails($params, &$formModel) { jimport('joomla.mail.helper'); $article_id = '70'; $email_element_name = 'fab_sponsors___sponsor_email'; $sponsorship_prefix = 'fab_sponsorship___'; $sponsorship_pk = $sponsorship_prefix . 'id'; $sponsors_join_id = 58; $email_from_addr = "*****@*****.**"; $email_from_name = "Hugh Messenger"; $email_subject = "Hi {fab_sponsors___sponsor_name}"; $user = JFactory::getUser(); $config = JFactory::getConfig(); $db = JFactory::getDbo(); $w = new FabrikWorker(); $content = repeat_emails_get_article($article_id); $sponsorship_data = array(); foreach ($formModel->_formDataWithTableName as $key => $value) { if (strstr($key, $sponsorship_prefix)) { $sponsorship_data[$key] = $value; } } $sponsorship_data[$sponsorship_pk] = $formModel->_formData[$sponsorship_pk]; $sponsorship_data[$sponsorship_pk_raw] = $formModel->_formData[$sponsorship_pk]; foreach ($formModel->_formData['join'][$sponsors_join_id][$email_element_name] as $key => $email) { $sponsor_data = array(); foreach ($formModel->_formData['join'][$sponsors_join_id] as $sponsor_key => $sponsor_val) { $sponsor_data[$sponsor_key] = $formModel->_formData['join'][$sponsors_join_id][$sponsor_key][$key]; } $email_data = array_merge($sponsorship_data, $sponsor_data); $this_content = $w->parseMessageForPlaceHolder($content, $email_data); $this_subject = $w->parseMessageForPlaceHolder($email_subject, $email_data); if (JMailHelper::isEmailAddress($email)) { $res = JUtility::sendMail($email_from_addr, $email_from_name, $email, $this_subject, $this_content, true); } } }
/** * Validation and filtering * * @return boolean True if satisfactory * * @since 11.1 */ public function check() { // Validate user information if (trim($this->name) == '') { $this->setError(JText::_('JLIB_DATABASE_ERROR_PLEASE_ENTER_YOUR_NAME')); return false; } if (trim($this->username) == '') { $this->setError(JText::_('JLIB_DATABASE_ERROR_PLEASE_ENTER_A_USER_NAME')); return false; } if (preg_match("#[<>\"'%;()&]#i", $this->username) || strlen(utf8_decode($this->username)) < 2) { $this->setError(JText::sprintf('JLIB_DATABASE_ERROR_VALID_AZ09', 2)); return false; } if (trim($this->email) == "" || !JMailHelper::isEmailAddress($this->email)) { $this->setError(JText::_('JLIB_DATABASE_ERROR_VALID_MAIL')); return false; } // Set the registration timestamp if ($this->registerDate == null || $this->registerDate == $this->_db->getNullDate()) { $this->registerDate = JFactory::getDate()->toSql(); } // check for existing username $query = $this->_db->getQuery(true); $query->select($this->_db->quoteName('id')); $query->from($this->_db->quoteName('#__users')); $query->where($this->_db->quoteName('username') . ' = ' . $this->_db->quote($this->username)); $query->where($this->_db->quoteName('id') . ' != ' . (int) $this->id); $this->_db->setQuery($query); $xid = intval($this->_db->loadResult()); if ($xid && $xid != intval($this->id)) { $this->setError(JText::_('JLIB_DATABASE_ERROR_USERNAME_INUSE')); return false; } // check for existing email $query->clear(); $query->select($this->_db->quoteName('id')); $query->from($this->_db->quoteName('#__users')); $query->where($this->_db->quoteName('email') . ' = ' . $this->_db->quote($this->email)); $query->where($this->_db->quoteName('id') . ' != ' . (int) $this->id); $this->_db->setQuery($query); $xid = intval($this->_db->loadResult()); if ($xid && $xid != intval($this->id)) { $this->setError(JText::_('JLIB_DATABASE_ERROR_EMAIL_INUSE')); return false; } // check for root_user != username $config = JFactory::getConfig(); $rootUser = $config->get('root_user'); if (!is_numeric($rootUser)) { $query->clear(); $query->select($this->_db->quoteName('id')); $query->from($this->_db->quoteName('#__users')); $query->where($this->_db->quoteName('username') . ' = ' . $this->_db->quote($rootUser)); $this->_db->setQuery($query); $xid = intval($this->_db->loadResult()); if ($rootUser == $this->username && (!$xid || $xid && $xid != intval($this->id)) || $xid && $xid == intval($this->id) && $rootUser != $this->username) { $this->setError(JText::_('JLIB_DATABASE_ERROR_USERNAME_CANNOT_CHANGE')); return false; } } return true; }
function validate_fields($config_data, &$response_array) { $valid = true; foreach ($this->data as $field_id => $field_value) { if (substr($field_id, 0, 5) != 'field') { // we only look at user defined fields here continue; } $field_index = intval(substr($field_id, 5, 3)); // field id's are 'fieldnnn' or 'fieldnnnmm' for multiple checkboxes $field =& $config_data->all_fields[$field_index]; // point to the field configuration $error_id = sprintf('fcp_err%03d', $field_index); if (FCP_trace::tracing()) { if (strlen($field_id) == 8) { $trace_field_id = $field_id; } else { $trace_field_id = substr($field_id, 0, 8) . '-' . substr($field_id, 8); } // multiple checkbox FCP_trace::trace(" validating {$trace_field_id} ({$field->prompt}) => [{$field_value}]"); } // don't validate hidden fields if (!$field->visible) { continue; } // valid unless found otherwise $response = array(); $response['f_valid'] = $field_id; $response['e_valid'] = $error_id; // if the field is mandatory and empty, that's the only error we will report for this field if ($field->mandatory and empty($field_value)) { $response = array(); $response['f_error'] = $field_id; $response['e_error'] = $error_id; $response[$error_id] = $this->make_error($config_data, JText::_('COM_FLEXICONTACT_REQUIRED')); $valid = false; $response_array[] = $response; continue; } // if the field is mandatory and not empty, we must clear its error if ($field->mandatory and !empty($field_value)) { $response_array[] = $response; } // if the field is not mandatory and is empty, we must not validate it and we must clear its error if (!$field->mandatory and empty($field_value)) { $response_array[] = $response; continue; } // checkboxes and radio buttons don't need to be validated if (in_array($field->field_type, array(LAFC_FIELD_CHECKBOX_L, LAFC_FIELD_CHECKBOX_H, LAFC_FIELD_CHECKBOX_R, LAFC_FIELD_CHECKBOX_M, LAFC_FIELD_RADIO_V, LAFC_FIELD_RADIO_H))) { continue; } // now the field type specific validation switch ($field->field_type) { case LAFC_FIELD_SUBJECT: $bad_subject_chars = "|<>`"; // characters we don't allow if (strpbrk($field_value, $bad_subject_chars) === false) { break; } $response = array(); $response['f_error'] = $field_id; $response['e_error'] = $error_id; $response[$error_id] = $this->make_error($config_data, JText::_('COM_FLEXICONTACT_INVALID')); $valid = false; break; case LAFC_FIELD_FROM_ADDRESS: jimport('joomla.mail.helper'); if (JMailHelper::isEmailAddress($field_value)) { break; } $response = array(); $response['f_error'] = $field_id; $response['e_error'] = $error_id; $response[$error_id] = $this->make_error($config_data, JText::_('COM_FLEXICONTACT_BAD_EMAIL')); $valid = false; break; case LAFC_FIELD_TEXT_NUMERIC: if (FCP_Common::is_posint($field_value)) { break; } $response = array(); $response['f_error'] = $field_id; $response['e_error'] = $error_id; $response[$error_id] = $this->make_error($config_data, JText::_('COM_FLEXICONTACT_INVALID')); $valid = false; break; case LAFC_FIELD_DATE: $yyyy_mm_dd = self::reformat_date($field_value, $config_data->date_format); if (!self::validate_date($yyyy_mm_dd)) { $date_string = self::get_date_string($config_data->date_format); $response = array(); $response['f_error'] = $field_id; $response['e_error'] = $error_id; $response[$error_id] = $this->make_error($config_data, JText::_('COM_FLEXICONTACT_INVALID') . ' (' . $date_string . ')'); $valid = false; break; } switch ($field->validation_type) { case VALTYPE_PAST: FCP_trace::trace(" must be in the past"); $today = date('Y-m-d'); if ($yyyy_mm_dd > $today) { $response = array(); $response['f_error'] = $field_id; $response['e_error'] = $error_id; $response[$error_id] = $this->make_error($config_data, JText::_('COM_FLEXICONTACT_DATE_PAST')); $valid = false; FCP_trace::trace(" - invalid, not in the past"); } break; case VALTYPE_FUTURE: FCP_trace::trace(" must be in the future"); $today = date('Y-m-d'); if ($yyyy_mm_dd < $today) { $response = array(); $response['f_error'] = $field_id; $response['e_error'] = $error_id; $response[$error_id] = $this->make_error($config_data, JText::_('COM_FLEXICONTACT_DATE_FUTURE')); $valid = false; FCP_trace::trace(" - invalid, not in the future"); } break; case VALTYPE_GREATER: FCP_trace::trace(" must be greater than the previous field"); if ($field_index == 0) { break; } // no previous field - forget it $previous_field_index = $field_index - 1; // previous field index $previous_field_config =& $config_data->all_fields[$previous_field_index]; if ($previous_field_config->field_type != LAFC_FIELD_DATE) { break; } // not a date field - forget it $previous_field_id = sprintf('field%03d', $previous_field_index); // form the ID of the previous field FCP_trace::trace(" previous field ID:" . $previous_field_id); if (!isset($this->data[$previous_field_id])) { break; } // no value - forget it $previous_field_value = $this->data[$previous_field_id]; $previous_field_yyyy_mm_dd = self::reformat_date($previous_field_value, $config_data->date_format); $previous_field_prompt = $previous_field_config->prompt; FCP_trace::trace(" previous field [" . $previous_field_prompt . '] value: ' . $previous_field_value . ' (current field value: ' . $yyyy_mm_dd . ')'); if ($yyyy_mm_dd <= $previous_field_yyyy_mm_dd) { $response = array(); $response['f_error'] = $field_id; $response['e_error'] = $error_id; $response[$error_id] = $this->make_error($config_data, JText::sprintf('COM_FLEXICONTACT_DATE_GREATER', $previous_field_prompt)); $valid = false; FCP_trace::trace(" - invalid, not greater than previous field"); } break; } break; case LAFC_FIELD_ADVANCED: if (!empty($field->regex)) { FCP_trace::trace(" validate regex: " . $field->regex); if (@preg_match($field->regex, $field_value) == 0) { $response = array(); $response['f_error'] = $field_id; $response['e_error'] = $error_id; if ($field->error_msg == '') { $response[$error_id] = $this->make_error($config_data, JText::_('COM_FLEXICONTACT_INVALID')); } else { $response[$error_id] = $this->make_error($config_data, $field->error_msg); } $valid = false; } } if (!empty($field->sql)) { $escaped_value = $this->_db->escape($field_value); $query = str_replace('%VALUE%', $escaped_value, $field->sql); $result = $this->ladb_loadResult($query); FCP_trace::trace(" validate sql: " . $query); FCP_trace::trace(" sql result: " . $result); if ($result === false) { FCP_trace::trace(" " . $this->ladb_error_text); } if ($result == 0) { $response = array(); $response['f_error'] = $field_id; $response['e_error'] = $error_id; if ($field->error_msg == '') { $response[$error_id] = $this->make_error($config_data, JText::_('COM_FLEXICONTACT_INVALID')); } else { $response[$error_id] = $this->make_error($config_data, $field->error_msg); } $valid = false; } } break; case LAFC_FIELD_ATTACHMENT: FCP_trace::trace(" validate file: " . $field_value); // it's ok, we won't get here if the filename is blank (the field size variable would not be set) ... $file_size_variable_name = sprintf('filesize%03d', $field_index); $jinput = JFactory::getApplication()->input; $file_size = $jinput->get($file_size_variable_name, '0', 'STRING'); $file_extension = pathinfo($field_value, PATHINFO_EXTENSION); FCP_trace::trace(" file_size: " . $file_size . ", extension = " . $file_extension); $white_list_array = explode(',', $config_data->white_list); if (!in_array(strtolower($file_extension), $white_list_array)) { $error_message = JText::sprintf('COM_FLEXICONTACT_FILES_ALLOWED', $config_data->white_list); $response = array(); $response['f_error'] = $field_id; $response['e_error'] = $error_id; $response[$error_id] = $this->make_error($config_data, $error_message); $valid = false; } if ($file_size > $config_data->max_file_size * 1024) { $error_message = JText::sprintf('COM_FLEXICONTACT_FILE_TOO_BIG', $config_data->max_file_size); $response = array(); $response['f_error'] = $field_id; $response['e_error'] = $error_id; $response[$error_id] = $this->make_error($config_data, $error_message); $valid = false; } if ($file_size == 0) { $error_message = JText::_('COM_FLEXICONTACT_FILE_EMPTY'); $response = array(); $response['f_error'] = $field_id; $response['e_error'] = $error_id; $response[$error_id] = $this->make_error($config_data, $error_message); $valid = false; } break; } // end switch $response_array[] = $response; } // end foreach return $valid; }
/** * Method to send an email to a contact * * @static * @since 1.0 */ function submit() { global $mainframe; // Check for request forgeries JRequest::checkToken() or jexit('Invalid Token'); // Initialize some variables $db =& JFactory::getDBO(); $SiteName = $mainframe->getCfg('sitename'); $default = JText::sprintf('MAILENQUIRY', $SiteName); $contactId = JRequest::getInt('id', 0, 'post'); $name = JRequest::getVar('name', '', 'post'); $email = JRequest::getVar('email', '', 'post'); $subject = JRequest::getVar('subject', $default, 'post'); $body = JRequest::getVar('text', '', 'post'); $emailCopy = JRequest::getInt('email_copy', 0, 'post'); // load the contact details $model =& $this->getModel('contact'); // query options $qOptions['id'] = $contactId; $contact = $model->getContact($qOptions); if ($contact->email_to == '' && $contact->user_id != 0) { $contact_user = JUser::getInstance($contact->user_id); $contact->email_to = $contact_user->get('email'); } /* * If there is no valid email address or message body then we throw an * error and return false. */ jimport('joomla.mail.helper'); if (!$email || !$body || JMailHelper::isEmailAddress($email) == false) { $this->setError(JText::_('CONTACT_FORM_NC')); $this->display(); return false; } // Contact plugins JPluginHelper::importPlugin('contact'); $dispatcher =& JDispatcher::getInstance(); // Input validation if (!$this->_validateInputs($contact, $email, $subject, $body)) { JError::raiseWarning(0, $this->getError()); return false; } // Custom handlers $post = JRequest::get('post'); $results = $dispatcher->trigger('onValidateContact', array(&$contact, &$post)); foreach ($results as $result) { if (JError::isError($result)) { return false; } } // Passed Validation: Process the contact plugins to integrate with other applications $results = $dispatcher->trigger('onSubmitContact', array(&$contact, &$post)); $pparams =& $mainframe->getParams('com_contact'); if (!$pparams->get('custom_reply')) { $MailFrom = $mainframe->getCfg('mailfrom'); $FromName = $mainframe->getCfg('fromname'); // Prepare email body $prefix = JText::sprintf('ENQUIRY_TEXT', JURI::base()); $body = $prefix . "\n" . $name . ' <' . $email . '>' . "\r\n\r\n" . stripslashes($body); $mail = JFactory::getMailer(); $mail->addRecipient($contact->email_to); $mail->setSender(array($email, $name)); $mail->setSubject($FromName . ': ' . $subject); $mail->setBody($body); $sent = $mail->Send(); /* * If we are supposed to copy the admin, do so. */ // parameter check $params = new JParameter($contact->params); $emailcopyCheck = $params->get('show_email_copy', 0); // check whether email copy function activated if ($emailCopy && $emailcopyCheck) { $copyText = JText::sprintf('Copy of:', $contact->name, $SiteName); $copyText .= "\r\n\r\n" . $body; $copySubject = JText::_('Copy of:') . " " . $subject; $mail = JFactory::getMailer(); $mail->addRecipient($email); $mail->setSender(array($MailFrom, $FromName)); $mail->setSubject($copySubject); $mail->setBody($copyText); $sent = $mail->Send(); } } $msg = JText::_('Thank you for your e-mail'); $link = JRoute::_('index.php?option=com_contact&view=contact&id=' . $contact->slug . '&catid=' . $contact->catslug, false); $this->setRedirect($link, $msg); }
/** * Send the message and display a notice * * @access public * @since 1.5 */ function send() { // Check for request forgeries JRequest::checkToken() or jexit(JText::_('JINVALID_TOKEN')); $app = JFactory::getApplication(); $session = JFactory::getSession(); $db = JFactory::getDbo(); $timeout = $session->get('com_mailto.formtime', 0); if ($timeout == 0 || time() - $timeout < 20) { JError::raiseNotice(500, JText::_('COM_MAILTO_EMAIL_NOT_SENT')); return $this->mailto(); } jimport('joomla.mail.helper'); $SiteName = $app->getCfg('sitename'); $MailFrom = $app->getCfg('mailfrom'); $FromName = $app->getCfg('fromname'); $link = MailtoHelper::validateHash(JRequest::getCMD('link', '', 'post')); // Verify that this is a local link if (!$link || !JURI::isInternal($link)) { //Non-local url... JError::raiseNotice(500, JText::_('COM_MAILTO_EMAIL_NOT_SENT')); return $this->mailto(); } // An array of email headers we do not want to allow as input $headers = array('Content-Type:', 'MIME-Version:', 'Content-Transfer-Encoding:', 'bcc:', 'cc:'); // An array of the input fields to scan for injected headers $fields = array('mailto', 'sender', 'from', 'subject'); /* * Here is the meat and potatoes of the header injection test. We * iterate over the array of form input and check for header strings. * If we find one, send an unauthorized header and die. */ foreach ($fields as $field) { foreach ($headers as $header) { if (strpos($_POST[$field], $header) !== false) { JError::raiseError(403, ''); } } } /* * Free up memory */ unset($headers, $fields); $email = JRequest::getString('mailto', '', 'post'); $sender = JRequest::getString('sender', '', 'post'); $from = JRequest::getString('from', '', 'post'); $subject_default = JText::sprintf('COM_MAILTO_SENT_BY', $sender); $subject = JRequest::getString('subject', $subject_default, 'post'); // Check for a valid to address $error = false; if (!$email || !JMailHelper::isEmailAddress($email)) { $error = JText::sprintf('COM_MAILTO_EMAIL_INVALID', $email); JError::raiseWarning(0, $error); } // Check for a valid from address if (!$from || !JMailHelper::isEmailAddress($from)) { $error = JText::sprintf('COM_MAILTO_EMAIL_INVALID', $from); JError::raiseWarning(0, $error); } if ($error) { return $this->mailto(); } // Build the message to send $msg = JText::_('COM_MAILTO_EMAIL_MSG'); $body = sprintf($msg, $SiteName, $sender, $from, $link); // Clean the email data $subject = JMailHelper::cleanSubject($subject); $body = JMailHelper::cleanBody($body); $sender = JMailHelper::cleanAddress($sender); // Send the email if (JUtility::sendMail($from, $sender, $email, $subject, $body) !== true) { JError::raiseNotice(500, JText::_('COM_MAILTO_EMAIL_NOT_SENT')); return $this->mailto(); } JRequest::setVar('view', 'sent'); $this->display(); }