public function SendMessage()
 {
     global $langmessage, $config;
     $headers = array();
     $_POST += array('subject' => '', 'contact_nonce' => '', 'message' => '');
     if (empty($_POST['message'])) {
         msg($langmessage['OOPS'] . '(Invalid Message)');
         return;
     }
     //check nonce
     if (!\gp\tool::verify_nonce('contact_post', $_POST['contact_nonce'], true)) {
         msg($langmessage['OOPS'] . '(Invalid Nonce)');
         return;
     }
     if (!empty($_POST['contact_void'])) {
         msg($langmessage['OOPS'] . '(Robot Detected)');
         return;
     }
     //captcha
     if (!\gp\tool\Recaptcha::Check()) {
         return;
     }
     if (!\gp\tool\Plugins::Filter('contact_form_check', array(true))) {
         return;
     }
     $mailer = new \gp\tool\Emailer();
     //subject
     $_POST['subject'] = strip_tags($_POST['subject']);
     //message
     $tags = '<p><div><span><font><b><i><tt><em><i><a><strong><blockquote>';
     $message = nl2br(strip_tags($_POST['message'], $tags));
     //reply name
     if (!empty($_POST['email'])) {
         //check format
         if (!$this->ValidEmail($_POST['email'])) {
             msg($langmessage['invalid_email']);
             return false;
         }
         $replyName = str_replace(array("\r", "\n"), array(' '), $_POST['name']);
         $replyName = strip_tags($replyName);
         $replyName = htmlspecialchars($replyName);
         $mailer->AddReplyTo($_POST['email'], $replyName);
         if (\gp\tool::ConfigValue('from_use_user', false)) {
             $mailer->SetFrom($_POST['email'], $replyName);
         }
     }
     //check for required values
     $require_email =& $config['require_email'];
     if (strpos($require_email, 'email') !== false) {
         if (empty($_POST['email'])) {
             $field = \gp\tool\Output::SelectText('your_email');
             msg($langmessage['OOPS_REQUIRED'], $field);
             return false;
         }
     }
     if (strpos($require_email, 'none') === false) {
         if (empty($_POST['subject'])) {
             $field = \gp\tool\Output::SelectText('subject');
             msg($langmessage['OOPS_REQUIRED'], $field);
             return false;
         }
         if (empty($message)) {
             $field = \gp\tool\Output::SelectText('message');
             msg($langmessage['OOPS_REQUIRED'], $field);
             return false;
         }
     }
     if ($mailer->SendEmail($config['toemail'], $_POST['subject'], $message)) {
         msg($langmessage['message_sent']);
         return true;
     }
     msg($langmessage['OOPS'] . ' (Send Failed)');
     return false;
 }
Exemple #2
0
 /**
  * Prevent XSS attacks for logged in users by making sure the request contains a valid nonce
  *
  */
 public static function CheckPosts()
 {
     if (count($_POST) == 0) {
         return;
     }
     if (empty($_POST['verified'])) {
         self::StripPost('XSS Verification Parameter Error');
         return;
     }
     if (!\gp\tool::verify_nonce('post', $_POST['verified'], true)) {
         self::StripPost('XSS Verification Parameter Mismatch');
         return;
     }
 }
Exemple #3
0
 /**
  * Clear all fatal errors
  *
  */
 public static function ClearAll()
 {
     global $dataDir;
     if (!\gp\tool::verify_nonce('ClearErrors')) {
         return;
     }
     $dir = $dataDir . '/data/_site';
     //remove matching errors
     $files = scandir($dir);
     foreach ($files as $file) {
         if (strpos($file, 'fatal_') !== 0) {
             continue;
         }
         $full_path = $dir . '/' . $file;
         unlink($full_path);
     }
 }
Exemple #4
0
 /**
  * Assign a layout to the $title. Child pages without a layout assigned will inherit this setting
  * @param string $title
  */
 public function SetLayout()
 {
     global $gp_index, $gp_titles, $langmessage, $gpLayouts;
     $index = $_POST['index'];
     $title = \gp\tool::IndexToTitle($index);
     if (!$title) {
         msg($langmessage['OOPS']);
         return;
     }
     $this->title = $title;
     $layout = $_POST['layout'];
     if (!isset($gpLayouts[$layout])) {
         msg($langmessage['OOPS']);
         return;
     }
     if (!\gp\tool::verify_nonce('use_' . $layout)) {
         msg($langmessage['OOPS']);
         return;
     }
     //unset, then reset if needed
     unset($gp_titles[$index]['gpLayout']);
     $currentLayout = \gp\Page::OrConfig($index, 'gpLayout');
     if ($currentLayout != $layout) {
         $gp_titles[$index]['gpLayout'] = $layout;
     }
     return \gp\admin\Tools::SavePagesPHP(true, true);
 }
Exemple #5
0
 /**
  * Delete a single file or folder
  *
  */
 public function DeleteConfirmed()
 {
     global $langmessage;
     if ($this->isThumbDir) {
         return false;
     }
     if (\gp\tool::verify_nonce('delete') === false) {
         message($langmessage['OOPS'] . ' (Invalid Nonce)');
         return;
     }
     $file = $this->CheckFile();
     if (!$file) {
         return;
     }
     $full_path = $this->currentDir . '/' . $file;
     $rel_path = '/data/_uploaded' . $this->subdir . '/' . $file;
     if (!\gp\tool\Files::RmAll($full_path)) {
         message($langmessage['OOPS']);
         return;
     }
     $this->page->ajaxReplace[] = array('img_deleted', '', $rel_path);
     $this->page->ajaxReplace[] = array('img_deleted_id', '', self::ImageId($rel_path));
 }