$link = $context['url_to_home'] . $context['url_to_root'] . $anchor->get_url();
$menu[] = Skin::build_mail_button($link, $anchor->get_title(), FALSE);
}
// finalize links
$message .= Skin::build_mail_menu($menu);
// provide a link that also authenticates surfers on click-through --see users/login.php
$message = str_replace(array(Sections::get_permalink($item), str_replace('&', '&', Sections::get_permalink($item))), $context['url_to_root'] . Users::get_login_url('visit', 'section:' . $item['id'], $user['id'], $item['handle']), $message);
// threads messages
$headers = Mailer::set_thread('section:' . $item['id']);
// get attachments from the overlay, if any
$attachments = NULL;
if (is_callable(array($overlay, 'get_invite_attachments'))) {
$attachments = $overlay->get_invite_attachments('PUBLISH');
}
// post it
if (Mailer::notify(Surfer::from(), $recipient, $subject, $message, $headers, $attachments)) {
$actual_names[] = htmlspecialchars($recipient);
}
}
Mailer::close();
// display the list of actual recipients
if ($actual_names) {
$context['text'] .= '<div>' . sprintf(i18n::s('Your message is being transmitted to %s'), Skin::finalize_list($actual_names, 'compact')) . '</div>';
} else {
$context['text'] .= '<p>' . i18n::s('No message has been sent') . '</p>';
}
// back to the section page
$menu = array();
$menu[] = Skin::build_link(Sections::get_permalink($item), i18n::s('Done'), 'button');
$context['text'] .= Skin::finalize_list($menu, 'assistant_bar');
// a form to send an invitation to several people
// send a confirmation message to the surfer
if (isset($_REQUEST['edit_address']) && preg_match('/.+@.+/', $_REQUEST['edit_address']) && $link) {
// message recipient
$to = $_REQUEST['edit_address'];
// message subject
$subject = sprintf(i18n::s('Your query: %s'), strip_tags($_REQUEST['title']));
// message body
$message = sprintf(i18n::s("<p>Your query will now be reviewed by one of the associates of this community. It is likely that this will be done within the next 24 hours at the latest.</p><p>You can check the status of your query at the following address:</p><p>%s</p><p>We would like to thank you for your interest in our web site.</p>"), '<a href="' . $link . '">' . $link . '</a>');
// enable threading
if (isset($item['id'])) {
$headers = Mailer::set_thread('article:' . $item['id']);
} else {
$headers = '';
}
// actual post - don't stop on error
Mailer::notify(NULL, $to, $subject, $message, $headers);
}
// get the article back
$article = Anchors::get('article:' . $_REQUEST['id']);
// log the query submission
if (is_object($article)) {
$label = sprintf(i18n::c('New query: %s'), strip_tags($article->get_title()));
$link = $context['url_to_home'] . $context['url_to_root'] . $article->get_url();
$description = '<a href="' . $link . '">' . $link . '</a>' . "\n\n" . $article->get_teaser('basic');
Logger::notify('query.php: ' . $label, $description);
}
}
// display the form on GET
} else {
$with_form = TRUE;
}
$subject = sprintf(i18n::s('Your account at %s'), strip_tags($context['site_name']));
// top of the message
$message = '<p>' . sprintf(i18n::s('This message relates to your account at %s.'), '<a href="' . $context['url_to_home'] . $context['url_to_root'] . '">' . strip_tags($context['site_name']) . '</a>') . '</p>';
// mention nick name
$message .= '<p>' . sprintf(i18n::s('Your nick name is %s'), $item['nick_name']) . '</p>';
// direct link to login page --see users/login.php
$link = $context['url_to_home'] . $context['url_to_root'] . Users::get_login_url('login', $id, rand(1000, 9999), $item['handle']);
$message .= '<p>' . i18n::s('Record this message and use the following link to authenticate to the site at any time:') . '</p>' . '<p><a href="' . $link . '">' . $link . '</a></p>';
// caution note
$message .= '<p>' . i18n::s('Caution: This hyperlink contains your login credentials encrypted. Please be aware anyone who uses this link will have full access to your account.') . '</p>';
// bottom of the message
$message .= '<p>' . sprintf(i18n::s('On-line help is available at %s'), '<a href="' . $context['url_to_home'] . $context['url_to_root'] . 'help/' . '">' . $context['url_to_home'] . $context['url_to_root'] . 'help/' . '</a>') . '</p>' . '<p>' . sprintf(i18n::s('Thank you for your interest into %s.'), '<a href="' . $context['url_to_home'] . $context['url_to_root'] . '">' . strip_tags($context['site_name']) . '</a>') . '</p>';
// enable threading
$headers = Mailer::set_thread('user:'******'id']);
// post the confirmation message
Mailer::notify(NULL, $item['email'], $subject, $message, $headers);
// feed-back message
$context['text'] .= '<p>' . i18n::s('A reminder message has been sent to you. Check your mailbox and use provided information to authenticate to this site.') . '</p>';
// back to the anchor page
$links = array();
$links[] = Skin::build_link('users/login.php', i18n::s('Login'));
$context['text'] .= Skin::finalize_list($links, 'assistant_bar');
}
// redirect to the origin server
} elseif ($origin) {
Logger::error(sprintf(i18n::s('We are only keeping a shadow record for this profile. Please handle this account at %s'), Skin::build_link('http://' . $origin, $origin, 'external')));
// password is changing
} elseif (isset($_REQUEST['confirm'])) {
// restrictions: anyone can modify its own profile; associates can modify everything
if ($item['id'] != Surfer::get_id() && !Surfer::is_associate()) {
Safe::header('Status: 401 Unauthorized', TRUE, 401);
$headline = sprintf(i18n::c('%s is following you'), '<a href="' . $context['url_to_home'] . $context['url_to_root'] . $follower->get_url() . '">' . $follower->get_title() . '</a>');
// information
$message = '<p>' . sprintf(i18n::c('%s will receive notifications when you will update your followers at %s'), $follower->get_title(), $context['site_name']) . '</p>';
// assemble main content of this message
$message = Skin::build_mail_content($headline, $message);
// a set of links
$menu = array();
// call for action
$link = $context['url_to_home'] . $context['url_to_root'] . $follower->get_url();
$menu[] = Skin::build_mail_button($link, $follower->get_title(), TRUE);
// finalize links
$message .= Skin::build_mail_menu($menu);
// enable threading
$headers = Mailer::set_thread($follower->get_reference());
// allow for cross-referencing
Mailer::notify(Surfer::from(), $user['email'], $subject, $message, $headers);
}
// regular container
} else {
// always update the watch list
Members::assign($_REQUEST['member'], $_REQUEST['anchor']);
// editor link has to be added explicitly on non-private items
if (!$anchor->is_hidden() && (!isset($_REQUEST['assignment']) || $_REQUEST['assignment'] != 'editor')) {
} else {
Members::assign($_REQUEST['anchor'], $_REQUEST['member']);
}
}
// set editor
} elseif (isset($_REQUEST['action']) && $_REQUEST['action'] == 'set' && isset($_REQUEST['editor']) && isset($_REQUEST['member'])) {
Members::assign($_REQUEST['editor'], $_REQUEST['member']);
// reset editor
/**
* create a page out of a textual entity
*
* If a target is provided, it is extended with the text of this entity.
* Else if the anchor is an article, a comment is created. Otherwise an article is created.
*
* @param array of entity attributes
* @param string the textual entity to process
* @param array poster attributes
* @param string an optional anchor (e.g., 'article:123')
* @param string reference of the object to be extended, if any
* @return string reference to the created or updated object, or NULL
*/
public static function submit_page($entity_headers, $text, $user, $anchor = NULL, $target = NULL)
{
global $context;
// retrieve queue parameters
list($server, $account, $password, $allowed, $match, $section, $options, $hooks, $prefix, $suffix) = $context['mail_queue'];
// preserve breaks
$text = preg_replace('/\\s*<(br|div|h|p)/is', "\n\n<\$1", $text);
// suppress dangerous html tags
$text = strip_tags($text, $context['users_allowed_tags']);
// trim white spaces
while (TRUE) {
$text = trim($text, " \t\r\n");
if (!strncmp($text, '<br>', 4)) {
$text = substr($text, 4);
} elseif (!strncmp($text, '<br/>', 5)) {
$text = substr($text, 5);
} elseif (!strncmp($text, '<br />', 6)) {
$text = substr($text, 6);
} else {
break;
}
}
// parse article content
include_once $context['path_to_root'] . 'articles/article.php';
$article = new Article();
$entry_fields = array();
$entry_fields = $article->parse($text, $entry_fields);
// trim the header
if ($prefix) {
$tokens = explode($prefix, $entry_fields['description']);
if (isset($tokens[1])) {
$entry_fields['description'] = $tokens[1];
} else {
$entry_fields['description'] = $tokens[0];
}
}
// trim the signature
if ($suffix) {
list($entry_fields['description'], $dropped) = explode($suffix, $entry_fields['description']);
}
// strip extra text
$entry_fields['description'] = trim(preg_replace('/\\(See attached file: [^\\)]+?\\)/', '', $entry_fields['description']));
// anchor this item to something
$entry_fields['anchor'] = $anchor;
// make a title
if (!isset($entry_fields['title'])) {
$entry_fields['title'] = $context['mail_subject'];
}
// message creation stamp
$entry_fields['create_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', strtotime($context['mail_date']));
if (!isset($entry_fields['create_name'])) {
$entry_fields['create_name'] = $user['nick_name'];
}
if (!isset($entry_fields['create_id'])) {
$entry_fields['create_id'] = $user['id'];
}
if (!isset($entry_fields['create_address'])) {
$entry_fields['create_address'] = $user['email'];
}
// message edition stamp
$entry_fields['edit_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', time());
if (!isset($entry_fields['edit_name'])) {
$entry_fields['edit_name'] = $user['nick_name'];
}
if (!isset($entry_fields['edit_id'])) {
$entry_fields['edit_id'] = $user['id'];
}
if (!isset($entry_fields['edit_address'])) {
$entry_fields['edit_address'] = $user['email'];
}
// we have to extend an existing article --this entity is mutable
if ($target && !strncmp($target, 'article:', 8) && ($article = Articles::get(substr($target, 8), TRUE))) {
// append the text to article description field
$fields = array();
$fields['id'] = $article['id'];
$fields['description'] = $article['description'] . $entry_fields['description'];
$fields['silent'] = TRUE;
Articles::put_attributes($fields);
return $target;
// we have to extend an existing comment --this entity is mutable
} elseif ($target && !strncmp($target, 'comment:', 8) && ($comment = Comments::get(substr($target, 8), TRUE))) {
// append the text to comment description field
$comment['description'] .= $entry_fields['description'];
Comments::post($comment);
return $target;
// we have to comment an existing page
} elseif (!strncmp($anchor, 'article:', 8)) {
// insert comment in the database
if (!($entry_fields['id'] = Comments::post($entry_fields))) {
Logger::remember('agents/messages.php: ' . Logger::error_pop());
return NULL;
}
// debug, if required to do so
if ($context['debug_messages'] == 'Y') {
Logger::remember('agents/messages.php: Messages::submit_page() as a comment', $entry_fields, 'debug');
}
// increment the post counter of the surfer
Users::increment_posts($user['id']);
// clear cache
$parent = Anchors::get($entry_fields['anchor']);
// touch the related anchor
if (is_object($parent) && isset($entry_fields['id'])) {
$parent->touch('comment:create', $entry_fields['id'], TRUE);
}
return 'comment:' . $entry_fields['id'];
// create a new page
} else {
// publish automatically, if required to do so
$section = Anchors::get($entry_fields['anchor']);
if (isset($context['users_with_auto_publish']) && $context['users_with_auto_publish'] == 'Y' || preg_match('/\\bauto_publish\\b/i', $options) || is_object($section) && $section->has_option('auto_publish')) {
$entry_fields['publish_date'] = gmstrftime('%Y-%m-%d %H:%M:%S', time());
if (!isset($entry_fields['publish_name'])) {
$entry_fields['publish_name'] = $user['nick_name'];
}
if (!isset($entry_fields['publish_id'])) {
$entry_fields['publish_id'] = $user['id'];
}
if (!isset($entry_fields['publish_address'])) {
$entry_fields['publish_address'] = $user['email'];
}
}
// ensure we are using ids instead of nicknames
if (is_object($section)) {
$entry_fields['anchor'] = $section->get_reference();
}
// save in the database
if (!($entry_fields['id'] = Articles::post($entry_fields))) {
Logger::remember('agents/messages.php: ' . Logger::error_pop());
return NULL;
}
// debugging log
if (isset($context['debug_messages']) && $context['debug_messages'] == 'Y') {
$entry_fields['description'] = substr($entry_fields['description'], 0, 1024);
Logger::remember('agents/messages.php: Messages::submit_page() as an article', $entry_fields, 'debug');
}
// increment the post counter of the surfer
Users::increment_posts($user['id']);
// do whatever is necessary on page creation
if (isset($entry_fields['publish_date']) && $entry_fields['publish_date'] > NULL_DATE) {
Articles::finalize_publication($section, $entry_fields);
} else {
Articles::finalize_submission($section, $entry_fields);
}
// get the new item
$article = Anchors::get($anchor);
// if replies are allowed
if (!preg_match('/\\bno_reply\\b/i', $options)) {
// let the sender know about his post
if (isset($entry_fields['publish_date']) && $entry_fields['publish_date'] > NULL_DATE) {
$splash = i18n::s("The page received by e-mail has been successfully published. Please review it now to ensure that it reflects your mind.");
} else {
$splash = i18n::s("The page received by e-mail has been posted. Don't forget to read it online. Then click on the Publish command to make it publicly available.");
}
$message = '<p>' . $splash . '</p>' . '<p><a href="' . $context['url_to_home'] . $context['url_to_root'] . $article->get_url() . '">' . $article->get_title() . '</a></p>' . '<div>' . $article->get_teaser('basic') . '</div>' . '<p>' . i18n::c('Thank you for your contribution') . '</p>';
// enable threading
$headers = Mailer::set_thread($section);
// send a mail message
Mailer::notify(NULL, $post_sender, 'Re: ' . $post_subject, $message, $headers);
}
// reference to the new page
return 'article:' . $entry_fields['id'];
}
// job ends
return NULL;
}
$link = Categories::get_permalink($item);
if (!is_object($overlay) || !($label = $overlay->get_label('permalink_command', 'categories', FALSE))) {
$label = i18n::c('View the category');
}
$menu[] = Skin::build_mail_button($link, $label, TRUE);
// link to the container
if (is_object($anchor)) {
$link = $context['url_to_home'] . $context['url_to_root'] . $anchor->get_url();
$menu[] = Skin::build_mail_button($link, $anchor->get_title(), FALSE);
}
// finalize links
$message .= Skin::build_mail_menu($menu);
// threads messages
$headers = Mailer::set_thread('category:' . $item['id']);
// send the message
if (Mailer::notify(Surfer::from(), $to, $subject, $message, $headers)) {
// feed-back to the sender
$context['text'] .= '<p>' . i18n::s('A message has been sent to:') . "</p>\n" . '<ul>' . "\n";
foreach ($to as $address) {
$context['text'] .= '<li>' . encode_field($address) . '</li>' . "\n";
}
$context['text'] .= '</ul>' . "\n";
// back to the category page
$menu = array();
$menu[] = Skin::build_link(Categories::get_permalink($item), i18n::s('Done'), 'button');
$context['text'] .= Skin::finalize_list($menu, 'assistant_bar');
}
Mailer::close();
// no recipient has been found
} elseif (!($recipients =& Members::list_users_by_posts_for_anchor('category:' . $item['id'], 0, 200, 'mail')) || !count($recipients)) {
Logger::error(i18n::s('No recipient has been found.'));
/**
* remember an action once it's done
*
* To be overloaded into derived class
*
* @param string the action 'insert', 'update' or 'delete'
* @param array the hosting record
* @param string reference of the hosting record (e.g., 'article:123')
* @return FALSE on error, TRUE otherwise
*/
function remember($action, $host, $reference)
{
global $context;
// remember the id of the master record
$id = $host['id'];
// set default values for this editor
Surfer::check_default_editor($this->attributes);
// we use the existing back-end for dates
include_once $context['path_to_root'] . 'dates/dates.php';
// build the update query
switch ($action) {
case 'delete':
// no need to notify participants after the date planned for the event, nor if the event has been initiated
if (isset($this->attributes['date_stamp']) && $this->attributes['date_stamp'] > gmstrftime('%Y-%m-%d %H:%M') && isset($this->attributes['status']) && $this->attributes['status'] != 'started' && $this->attributes['status'] != 'stopped') {
// send a cancellation message to participants
$query = "SELECT user_email FROM " . SQL::table_name('enrolments') . " WHERE (anchor LIKE '" . $reference . "') AND (approved LIKE 'Y')";
$result = SQL::query($query);
while ($item = SQL::fetch($result)) {
// sanity check
if (!preg_match(VALID_RECIPIENT, $item['user_email'])) {
continue;
}
// message title
$subject = sprintf('%s: %s', i18n::c('Cancellation'), strip_tags($this->anchor->get_title()));
// headline
$headline = sprintf(i18n::c('%s has cancelled %s'), Surfer::get_link(), $this->anchor->get_title());
// message to reader
$message = $this->get_invite_default_message('CANCEL');
// assemble main content of this message
$message = Skin::build_mail_content($headline, $message);
// threads messages
$headers = Mailer::set_thread($this->anchor->get_reference());
// get attachment from the overlay
$attachments = $this->get_invite_attachments('CANCEL');
// post it
Mailer::notify(Surfer::from(), $item['user_email'], $subject, $message, $headers, $attachments);
}
}
// delete dates for this anchor
Dates::delete_for_anchor($reference);
// also delete related enrolment records
$query = "DELETE FROM " . SQL::table_name('enrolments') . " WHERE anchor LIKE '" . $reference . "'";
SQL::query($query);
break;
case 'insert':
// bind one date to this record
if (isset($this->attributes['date_stamp']) && $this->attributes['date_stamp']) {
$fields = array();
$fields['anchor'] = $reference;
$fields['date_stamp'] = $this->attributes['date_stamp'];
// update the database
if (!($fields['id'] = Dates::post($fields))) {
Logger::error(i18n::s('Impossible to add an item.'));
return FALSE;
}
}
// enroll page creator
include_once $context['path_to_root'] . 'shared/enrolments.php';
enrolments::confirm($reference);
// reload the anchor through the cache to reflect the update
if ($reference) {
$this->anchor = Anchors::get($reference, TRUE);
}
// send a confirmation message to event creator
$query = "SELECT * FROM " . SQL::table_name('enrolments') . " WHERE (anchor LIKE '" . $reference . "')";
$result = SQL::query($query);
while ($item = SQL::fetch($result)) {
// a user registered on this server
if ($item['user_id'] && ($watcher = Users::get($item['user_id']))) {
// sanity check
if (!preg_match(VALID_RECIPIENT, $item['user_email'])) {
continue;
}
// use this email address
if ($watcher['full_name']) {
$recipient = Mailer::encode_recipient($watcher['email'], $watcher['full_name']);
} else {
$recipient = Mailer::encode_recipient($watcher['email'], $watcher['nick_name']);
}
// message title
$subject = sprintf(i18n::c('Meeting: %s'), strip_tags($this->anchor->get_title()));
// headline
$headline = sprintf(i18n::c('you have arranged %s'), '<a href="' . $context['url_to_home'] . $context['url_to_root'] . $this->anchor->get_url() . '">' . $this->anchor->get_title() . '</a>');
// message to reader
$message = $this->get_invite_default_message('PUBLISH');
// assemble main content of this message
$message = Skin::build_mail_content($headline, $message);
// a set of links
$menu = array();
// call for action
$link = $context['url_to_home'] . $context['url_to_root'] . $this->anchor->get_url();
$menu[] = Skin::build_mail_button($link, i18n::c('View event details'), TRUE);
// finalize links
$message .= Skin::build_mail_menu($menu);
// threads messages
$headers = Mailer::set_thread($this->anchor->get_reference());
// get attachment from the overlay
$attachments = $this->get_invite_attachments('PUBLISH');
// post it
Mailer::notify(Surfer::from(), $recipient, $subject, $message, $headers, $attachments);
}
}
break;
case 'update':
// reload the anchor through the cache to reflect the update
if ($reference) {
$this->anchor = Anchors::get($reference, TRUE);
}
// no need to notify watchers after the date planned for the event, nor if the event has been initiated
if (isset($this->attributes['date_stamp']) && $this->attributes['date_stamp'] > gmstrftime('%Y-%m-%d %H:%M') && isset($this->attributes['status']) && $this->attributes['status'] != 'started' && $this->attributes['status'] != 'stopped' && isset($_REQUEST['notify_watchers']) && $_REQUEST['notify_watchers'] == 'Y') {
// send a confirmation message to participants
$query = "SELECT * FROM " . SQL::table_name('enrolments') . " WHERE (anchor LIKE '" . $reference . "')";
$result = SQL::query($query);
while ($item = SQL::fetch($result)) {
// skip current surfer
if (Surfer::get_id() && Surfer::get_id() == $item['user_id']) {
continue;
}
// a user registered on this server
if ($item['user_id'] && ($watcher = Users::get($item['user_id']))) {
// skip banned users
if ($watcher['capability'] == '?') {
continue;
}
// ensure this surfer wants to be alerted
if ($watcher['without_alerts'] == 'Y') {
continue;
}
// sanity check
if (!preg_match(VALID_RECIPIENT, $item['user_email'])) {
continue;
}
// use this email address
if ($watcher['full_name']) {
$recipient = Mailer::encode_recipient($watcher['email'], $watcher['full_name']);
} else {
$recipient = Mailer::encode_recipient($watcher['email'], $watcher['nick_name']);
}
// message title
$subject = sprintf(i18n::c('Updated: %s'), strip_tags($this->anchor->get_title()));
// headline
$headline = sprintf(i18n::c('%s has updated %s'), Surfer::get_link(), '<a href="' . $context['url_to_home'] . $context['url_to_root'] . $this->anchor->get_url() . '">' . $this->anchor->get_title() . '</a>');
// message to reader
$message = $this->get_invite_default_message('PUBLISH');
// assemble main content of this message
$message = Skin::build_mail_content($headline, $message);
// a set of links
$menu = array();
// call for action
$link = $context['url_to_home'] . $context['url_to_root'] . $this->anchor->get_url();
$menu[] = Skin::build_mail_button($link, i18n::c('View event details'), TRUE);
// finalize links
$message .= Skin::build_mail_menu($menu);
// threads messages
$headers = Mailer::set_thread($this->anchor->get_reference());
// get attachment from the overlay
$attachments = $this->get_invite_attachments('PUBLISH');
// post it
Mailer::notify(Surfer::from(), $recipient, $subject, $message, $headers, $attachments);
}
}
}
// bind one date to this record
if (isset($this->attributes['date_stamp']) && $this->attributes['date_stamp']) {
$fields = array();
$fields['anchor'] = $reference;
$fields['date_stamp'] = $this->attributes['date_stamp'];
// there is an existing record
if ($date =& Dates::get_for_anchor($reference)) {
// update the record
$fields['id'] = $date['id'];
if (!($id = Dates::post($fields))) {
Logger::error(sprintf(i18n::s('Impossible to update date %s'), $this->attributes['date_stamp']));
return FALSE;
}
// create a record instead of raising an error, we are smart y'a'know
} else {
if (!($fields['id'] = Dates::post($fields))) {
Logger::error(i18n::s('Impossible to add an item.'));
return FALSE;
}
}
}
break;
}
// job done
return TRUE;
}
/**
* notify an event
*
* This script calls [code]Logger::remember()[/code] to save the event locally, then attempts to send an e-mail
* message if possible.
*
* @param string a one-line label that can be used as a mail title (e.g. 'creation of a new article')
* @param string a more comprehensive description, if any
* @return void
*/
public static function notify($label, $description = '')
{
global $context;
// local storage
Logger::remember($label, $description);
// send also a message
if (isset($context['mail_logger_recipient']) && $context['mail_logger_recipient']) {
// except to current surfer
if ($self_address = Surfer::get_email_address()) {
$context['mail_logger_recipient'] = preg_replace('/' . preg_quote($self_address, '/') . '[ \\s,]*/i', '', $context['mail_logger_recipient']);
}
// do we have a recipient after all?
if (!trim($context['mail_logger_recipient'])) {
return;
}
// message footer
$description .= '<div>' . sprintf(i18n::c('This message has been generated automatically by %s. If you wish to stop these automatic alerts please visit the following link and remove your address from recipients of system events.'), $context['site_name']) . '</div>' . '<p><a href="' . $context['url_to_home'] . $context['url_to_root'] . 'control/configure.php' . '">' . i18n::s('System parameters') . '</a></p>';
// actual mail message
Mailer::notify(NULL, $context['mail_logger_recipient'], $label, $description);
}
}
continue;
}
// target recipient does not accept messages
if (isset($item['without_messages']) && $item['without_messages'] == 'Y') {
continue;
}
// target is known here
if (isset($item['id'])) {
// suggest to change user preferences if applicable
$mail['message'] .= '<p> </p>' . '<p>' . i18n::c('To prevent other members from contacting you, please visit your profile at the following address, and change preferences.') . '</p>' . '<p>' . $context['url_to_master'] . $context['url_to_root'] . Users::get_permalink($item) . '</p>';
// alert the target user
if (!Users::alert($item, $mail)) {
Logger::error(sprintf(i18n::s('Impossible to send a message to %s.'), $item['nick_name']));
}
// we only have a recipient address
} elseif ($item['email'] && !Mailer::notify(Surfer::from(), $item['email'], $mail['subject'], $mail['message'], $mail['headers'])) {
Logger::error(sprintf(i18n::s('Impossible to send a message to %s.'), $item['email']));
}
}
}
}
// follow-up commands
if (!$render_overlaid) {
$menu = array();
if (isset($article['id'])) {
$menu = array(Articles::get_permalink($article) => i18n::s('View the new thread'));
}
if (count($items) == 1 && ($item = $items[0]) && isset($item['id'])) {
$menu = array_merge($menu, array(Users::get_permalink($item) => sprintf(i18n::s('Back to %s'), $item['nick_name'])));
} elseif (Surfer::get_id()) {
$menu = array_merge($menu, array(Surfer::get_permalink() => i18n::s('Back to my profile')));
/**
* put an updated user profile in the database
*
* If present, only the password is changed. Or other fields except the password are modified.
*
* To change a password, set fields 'id', 'password' and 'confirm'
*
* @param array an array of fields
* @return TRUE on success, FALSE otherwise
*
* @see users/edit.php
* @see users/password.php
* @see users/select_avatar.php
**/
public static function put(&$fields)
{
global $context;
// load the record
$item = Users::get($fields['id']);
if (!isset($item['id']) || !$item['id']) {
Logger::error(i18n::s('No item has the provided id.'));
return FALSE;
}
// remember who is changing this record
Surfer::check_default_editor($fields);
// if a password change
if (isset($fields['password'])) {
// ensure that the password has been provided twice
if (!isset($fields['confirm']) || $fields['confirm'] != $fields['password']) {
Logger::error(i18n::s('New password has to be confirmed.'));
return FALSE;
}
// hash password, we are coming from an interactive form
$fields['password'] = md5($fields['password']);
// else if a regular profile update
} else {
// nick_name is required
if (!isset($fields['nick_name']) || !trim($fields['nick_name'])) {
Logger::error(i18n::s('Please indicate a nick name.'));
return FALSE;
}
// some weird users put spaces around
$fields['nick_name'] = trim($fields['nick_name']);
// nick_name may be already used
if (($used = Users::get($fields['nick_name'])) && $used['id'] != $fields['id']) {
Logger::error(i18n::s('Another member already has this nick name. Please select a different one.'));
return FALSE;
}
// ensure we have a full name
if (!isset($fields['full_name']) || !trim($fields['full_name'])) {
$fields['full_name'] = $fields['nick_name'];
}
// protect from hackers
if (isset($fields['avatar_url'])) {
$fields['avatar_url'] = encode_link($fields['avatar_url']);
}
// set default values
if (!isset($fields['active']) || !$fields['active']) {
$fields['active'] = 'Y';
}
if (isset($fields['selected_editor'])) {
$fields['editor'] = $fields['selected_editor'];
} elseif (isset($context['users_default_editor'])) {
$fields['editor'] = $context['users_default_editor'];
} else {
$fields['editor'] = 'yacs';
}
if (!isset($fields['interface']) || $fields['interface'] != 'C') {
$fields['interface'] = 'I';
}
if (!isset($fields['with_newsletters']) || $fields['with_newsletters'] != 'Y') {
$fields['with_newsletters'] = 'N';
}
if (!isset($fields['without_alerts']) || $fields['without_alerts'] != 'N') {
$fields['without_alerts'] = 'Y';
}
if (!isset($fields['without_confirmations']) || $fields['without_confirmations'] != 'N') {
$fields['without_confirmations'] = 'Y';
}
if (!isset($fields['without_messages']) || $fields['without_messages'] != 'N') {
$fields['without_messages'] = 'Y';
}
if (!isset($fields['birth_date']) || !$fields['birth_date']) {
$fields['birth_date'] = NULL_DATE;
}
// clean provided tags
if (isset($fields['tags'])) {
$fields['tags'] = trim($fields['tags'], " \t.:,!?");
}
// save new settings in session and in cookie
if (Surfer::is($fields['id'])) {
// change preferred editor
$_SESSION['surfer_editor'] = $fields['editor'];
Safe::setcookie('surfer_editor', $fields['editor'], NULL, '/');
// change preferred language
if (isset($fields['language']) && $_SESSION['surfer_language'] != $fields['language']) {
$_SESSION['surfer_language'] = $fields['language'];
$_SESSION['l10n_modules'] = array();
}
}
}
// update an existing record
$query = "UPDATE " . SQL::table_name('users') . " SET ";
// change only the password
if (isset($fields['password'])) {
$query .= "password='******'password']) . "'";
} else {
$query .= "email='" . SQL::escape(isset($fields['email']) ? $fields['email'] : '') . "', " . "aim_address='" . SQL::escape(isset($fields['aim_address']) ? $fields['aim_address'] : '') . "', " . "alternate_number='" . SQL::escape(isset($fields['alternate_number']) ? $fields['alternate_number'] : '') . "', " . "avatar_url='" . SQL::escape(isset($fields['avatar_url']) ? $fields['avatar_url'] : '') . "', " . "birth_date='" . SQL::escape($fields['birth_date']) . "', " . "description='" . SQL::escape(isset($fields['description']) ? $fields['description'] : '') . "', " . "editor='" . SQL::escape($fields['editor']) . "', " . "from_where='" . SQL::escape(isset($fields['from_where']) ? $fields['from_where'] : '') . "', " . "full_name='" . SQL::escape(isset($fields['full_name']) ? $fields['full_name'] : '') . "', " . "icq_address='" . SQL::escape(isset($fields['icq_address']) ? $fields['icq_address'] : '') . "', " . "interface='" . SQL::escape($fields['interface']) . "', " . "introduction='" . SQL::escape(isset($fields['introduction']) ? $fields['introduction'] : '') . "', " . "irc_address='" . SQL::escape(isset($fields['irc_address']) ? $fields['irc_address'] : '') . "', " . "jabber_address='" . SQL::escape(isset($fields['jabber_address']) ? $fields['jabber_address'] : '') . "', " . "language='" . SQL::escape(isset($fields['language']) ? $fields['language'] : 'none') . "', " . "msn_address='" . SQL::escape(isset($fields['msn_address']) ? $fields['msn_address'] : '') . "', " . "nick_name='" . SQL::escape($fields['nick_name']) . "', " . "options='" . SQL::escape(isset($fields['options']) ? $fields['options'] : '') . "', " . "overlay='" . SQL::escape(isset($fields['overlay']) ? $fields['overlay'] : '') . "'," . "overlay_id='" . SQL::escape(isset($fields['overlay_id']) ? $fields['overlay_id'] : '') . "'," . "pgp_key='" . SQL::escape(isset($fields['pgp_key']) ? $fields['pgp_key'] : '') . "', " . "phone_number='" . SQL::escape(isset($fields['phone_number']) ? $fields['phone_number'] : '') . "', " . "signature='" . SQL::escape(isset($fields['signature']) ? $fields['signature'] : '') . "', " . "skype_address='" . SQL::escape(isset($fields['skype_address']) ? $fields['skype_address'] : '') . "', " . "tags='" . SQL::escape(isset($fields['tags']) ? $fields['tags'] : '') . "', " . "twitter_address='" . SQL::escape(isset($fields['twitter_address']) ? $fields['twitter_address'] : '') . "', " . "vcard_agent='" . SQL::escape(isset($fields['vcard_agent']) ? $fields['vcard_agent'] : '') . "', " . "vcard_label='" . SQL::escape(isset($fields['vcard_label']) ? $fields['vcard_label'] : '') . "', " . "vcard_organization='" . SQL::escape(isset($fields['vcard_organization']) ? $fields['vcard_organization'] : '') . "', " . "vcard_title='" . SQL::escape(isset($fields['vcard_title']) ? $fields['vcard_title'] : '') . "', " . "web_address='" . SQL::escape(isset($fields['web_address']) ? $fields['web_address'] : '') . "', " . "with_newsletters='" . $fields['with_newsletters'] . "', " . "without_alerts='" . $fields['without_alerts'] . "', " . "without_confirmations='" . $fields['without_confirmations'] . "', " . "without_messages='" . $fields['without_messages'] . "', " . "yahoo_address='" . SQL::escape(isset($fields['yahoo_address']) ? $fields['yahoo_address'] : '') . "'";
// fields set only by associates -- see users/edit.php
if (Surfer::is_associate()) {
$query .= ", " . "capability='" . SQL::escape($fields['capability']) . "', " . "active='" . SQL::escape($fields['active']) . "'";
}
}
// maybe a silent update
if (!isset($fields['silent']) || $fields['silent'] != 'Y') {
$query .= ", " . "edit_name='" . SQL::escape($fields['edit_name']) . "', " . "edit_id=" . SQL::escape($fields['edit_id']) . ", " . "edit_address='" . SQL::escape($fields['edit_address']) . "', " . "edit_action='user:update', " . "edit_date='" . SQL::escape($fields['edit_date']) . "'";
}
// actual update query
$query .= " WHERE id = " . SQL::escape($item['id']);
SQL::query($query, FALSE, $context['users_connection']);
// list the user in categories
if (isset($fields['tags']) && $fields['tags']) {
Categories::remember('user:'******'id'], NULL_DATE, $fields['tags']);
}
// clear all the cache on profile update, because of avatars, etc.
$fields['id'] = $item['id'];
Users::clear($fields);
// send a confirmation message on password change
if (isset($context['with_email']) && $context['with_email'] == 'Y' && isset($fields['confirm']) && $item['email'] && $item['without_confirmations'] != 'Y') {
// message title
$subject = sprintf(i18n::s('Your account at %s'), strip_tags($context['site_name']));
// message body
$message = '<p>' . sprintf(i18n::s('This message has been automatically sent to you to confirm a change of your profile at %s.'), '<a href="' . $context['url_to_master'] . $context['url_to_root'] . '">' . strip_tags($context['site_name']) . '</a>') . '</p>' . '<p>' . sprintf(i18n::s('Your nick name is %s'), $item['nick_name']) . BR . sprintf(i18n::s('Authenticate with password %s'), $fields['confirm']) . '</p>' . '<p>' . sprintf(i18n::s('On-line help is available at %s'), '<a href="' . $context['url_to_home'] . $context['url_to_root'] . 'help/' . '">' . $context['url_to_home'] . $context['url_to_root'] . 'help/' . '</a>') . '</p>' . '<p>' . sprintf(i18n::s('Thank you for your interest into %s.'), '<a href="' . $context['url_to_master'] . $context['url_to_root'] . '">' . strip_tags($context['site_name']) . '</a>') . '</p>';
// enable threading
$headers = Mailer::set_thread('user:'******'id']);
// post the confirmation message
Mailer::notify(NULL, $item['email'], $subject, $message, $headers);
}
// update user session
if (isset($fields['nick_name']) && Surfer::get_id() && $fields['id'] == Surfer::get_id() && is_callable(array('Surfer', 'set'))) {
Surfer::set($fields);
}
// end of job
return TRUE;
}
// assemble main content of this message
$message = Skin::build_mail_content($headline, $message);
// a set of links
$menu = array();
// call for action
$link = $context['url_to_home'] . $context['url_to_root'] . Users::get_url(Surfer::get_id(), 'mail');
$menu[] = Skin::build_mail_button($link, i18n::c('Reply'), TRUE);
// link to surfer profile
$link = Surfer::get_permalink();
$menu[] = Skin::build_mail_button($link, Surfer::get_name(), FALSE);
// finalize links
$message .= Skin::build_mail_menu($menu);
// threads messages
$headers = Mailer::set_thread('user:'******'id']);
// send the message
if (Mailer::notify($from, $to, $subject, $message, $headers)) {
// feed-back to the sender
$context['text'] .= '<p>' . sprintf(i18n::s('Your message is being transmitted to %s'), strip_tags($item['email'])) . '</p>';
// signal that a copy has been forwarded as well
if (isset($_REQUEST['self_copy']) && $_REQUEST['self_copy'] == 'Y') {
$context['text'] .= '<p>' . sprintf(i18n::s('At your request, a copy was also sent to %s'), $from) . '</p>';
}
}
Mailer::close();
// back to user profile
$menu = array();
$menu[] = Skin::build_link(Users::get_permalink($item), i18n::s('Done'), 'button');
$context['text'] .= Skin::build_block(Skin::finalize_list($menu, 'menu_bar'), 'bottom');
}
// the default case
} else {
