public function SendMessage()
{
global $langmessage, $config;
$headers = array();
$_POST += array('subject' => '', 'contact_nonce' => '', 'message' => '');
if (empty($_POST['message'])) {
msg($langmessage['OOPS'] . '(Invalid Message)');
return;
}
//check nonce
if (!\gp\tool::verify_nonce('contact_post', $_POST['contact_nonce'], true)) {
msg($langmessage['OOPS'] . '(Invalid Nonce)');
return;
}
if (!empty($_POST['contact_void'])) {
msg($langmessage['OOPS'] . '(Robot Detected)');
return;
}
//captcha
if (!\gp\tool\Recaptcha::Check()) {
return;
}
if (!\gp\tool\Plugins::Filter('contact_form_check', array(true))) {
return;
}
$mailer = new \gp\tool\Emailer();
//subject
$_POST['subject'] = strip_tags($_POST['subject']);
//message
$tags = '<p><div><span><font><b><i><tt><em><i><a><strong><blockquote>';
$message = nl2br(strip_tags($_POST['message'], $tags));
//reply name
if (!empty($_POST['email'])) {
//check format
if (!$this->ValidEmail($_POST['email'])) {
msg($langmessage['invalid_email']);
return false;
}
$replyName = str_replace(array("\r", "\n"), array(' '), $_POST['name']);
$replyName = strip_tags($replyName);
$replyName = htmlspecialchars($replyName);
$mailer->AddReplyTo($_POST['email'], $replyName);
if (\gp\tool::ConfigValue('from_use_user', false)) {
$mailer->SetFrom($_POST['email'], $replyName);
}
}
//check for required values
$require_email =& $config['require_email'];
if (strpos($require_email, 'email') !== false) {
if (empty($_POST['email'])) {
$field = \gp\tool\Output::SelectText('your_email');
msg($langmessage['OOPS_REQUIRED'], $field);
return false;
}
}
if (strpos($require_email, 'none') === false) {
if (empty($_POST['subject'])) {
$field = \gp\tool\Output::SelectText('subject');
msg($langmessage['OOPS_REQUIRED'], $field);
return false;
}
if (empty($message)) {
$field = \gp\tool\Output::SelectText('message');
msg($langmessage['OOPS_REQUIRED'], $field);
return false;
}
}
if ($mailer->SendEmail($config['toemail'], $_POST['subject'], $message)) {
msg($langmessage['message_sent']);
return true;
}
msg($langmessage['OOPS'] . ' (Send Failed)');
return false;
}
/**
* Prevent XSS attacks for logged in users by making sure the request contains a valid nonce
*
*/
public static function CheckPosts()
{
if (count($_POST) == 0) {
return;
}
if (empty($_POST['verified'])) {
self::StripPost('XSS Verification Parameter Error');
return;
}
if (!\gp\tool::verify_nonce('post', $_POST['verified'], true)) {
self::StripPost('XSS Verification Parameter Mismatch');
return;
}
}
/**
* Clear all fatal errors
*
*/
public static function ClearAll()
{
global $dataDir;
if (!\gp\tool::verify_nonce('ClearErrors')) {
return;
}
$dir = $dataDir . '/data/_site';
//remove matching errors
$files = scandir($dir);
foreach ($files as $file) {
if (strpos($file, 'fatal_') !== 0) {
continue;
}
$full_path = $dir . '/' . $file;
unlink($full_path);
}
}
/**
* Assign a layout to the $title. Child pages without a layout assigned will inherit this setting
* @param string $title
*/
public function SetLayout()
{
global $gp_index, $gp_titles, $langmessage, $gpLayouts;
$index = $_POST['index'];
$title = \gp\tool::IndexToTitle($index);
if (!$title) {
msg($langmessage['OOPS']);
return;
}
$this->title = $title;
$layout = $_POST['layout'];
if (!isset($gpLayouts[$layout])) {
msg($langmessage['OOPS']);
return;
}
if (!\gp\tool::verify_nonce('use_' . $layout)) {
msg($langmessage['OOPS']);
return;
}
//unset, then reset if needed
unset($gp_titles[$index]['gpLayout']);
$currentLayout = \gp\Page::OrConfig($index, 'gpLayout');
if ($currentLayout != $layout) {
$gp_titles[$index]['gpLayout'] = $layout;
}
return \gp\admin\Tools::SavePagesPHP(true, true);
}
/**
* Delete a single file or folder
*
*/
public function DeleteConfirmed()
{
global $langmessage;
if ($this->isThumbDir) {
return false;
}
if (\gp\tool::verify_nonce('delete') === false) {
message($langmessage['OOPS'] . ' (Invalid Nonce)');
return;
}
$file = $this->CheckFile();
if (!$file) {
return;
}
$full_path = $this->currentDir . '/' . $file;
$rel_path = '/data/_uploaded' . $this->subdir . '/' . $file;
if (!\gp\tool\Files::RmAll($full_path)) {
message($langmessage['OOPS']);
return;
}
$this->page->ajaxReplace[] = array('img_deleted', '', $rel_path);
$this->page->ajaxReplace[] = array('img_deleted_id', '', self::ImageId($rel_path));
}