/**
 * Handles the editorbrowser.
 *
 * @return void
 *
 * @global array                  The paths of system files and folders.
 * @global XH\CSRFProtection      The CSRF protector.
 * @global Filebrowser_Controller The filebrowser controller.
 */
function ImageUploader_forEditor()
{
    global $cf;
    $imgUploader = new Tinymce4\Uploader();
    $imgUploader->setBrowseBase(CMSIMPLE_BASE);
    $imgUploader->setMaxFileSize('images', $cf['images']['maxsize']);
    $imgUploader->linkType = 'images';
    $imgUploader->baseDirectory = $imgUploader->baseDirectories['userfiles'];
    $imgUploader->currentDirectory = $imgUploader->baseDirectories['images'];
    if (isset($_GET['subdir'])) {
        $subdir = str_replace(array('../', './', '?', '<', '>', ':'), '', $_GET['subdir']);
        if (strpos($subdir, $imgUploader->baseDirectory) === 0) {
            $imgUploader->currentDirectory = rtrim($subdir, '/') . '/';
        }
    }
    $imgUploader->determineCurrentType();
    reset($_FILES);
    if ($imgUploader->uploadFile(current($_FILES))) {
        echo json_encode(array('location' => $imgUploader->fileWritten));
    } else {
        foreach ($imgUploader->errMsg as $key => $val) {
            XH_logMessage('error', 'uploadFile', 'tinymce4', $key . ': ' . $val);
        }
        // Notify editor that the upload failed
        header("HTTP/1.0 500 Server Error");
    }
}
/**
 * Sends the mail and returns whether that was successful.
 *
 * @param string $id           A form ID.
 * @param bool   $confirmation Whether to send the confirmation mail.
 *
 * @return bool
 *
 * @global array  The paths of system files and folders.
 * @global string The current language.
 * @global array  The configuration of the plugins.
 * @global array  The localization of the plugins.
 * @global string The (X)HTML fragment that contains error messages.
 */
function Advancedform_mail($id, $confirmation)
{
    global $pth, $sl, $plugin_cf, $plugin_tx, $e;
    include_once $pth['folder']['plugins'] . 'advancedform/phpmailer/class.phpmailer.php';
    $pcf = $plugin_cf['advancedform'];
    $ptx = $plugin_tx['advancedform'];
    $forms = Advancedform_db();
    $form = $forms[$id];
    $type = strtolower($pcf['mail_type']);
    $from = '';
    $from_name = '';
    foreach ($form['fields'] as $field) {
        if ($field['type'] == 'from_name') {
            $from_name = stsl($_POST['advfrm-' . $field['field']]);
        } elseif ($field['type'] == 'from') {
            $from = stsl($_POST['advfrm-' . $field['field']]);
        }
    }
    if ($confirmation && empty($from)) {
        $e .= '<li>' . $ptx['error_missing_sender'] . '</li>' . PHP_EOL;
        return false;
    }
    $mail = new PHPMailer();
    $mail->LE = $pcf['mail_line_ending_*nix'] ? "\n" : "\r\n";
    $mail->set('CharSet', 'UTF-8');
    $mail->SetLanguage($sl, $pth['folder']['plugins'] . 'advancedform/phpmailer/language/');
    $mail->set('WordWrap', 72);
    if ($confirmation) {
        $mail->set('From', $form['to']);
        $mail->set('FromName', $form['to_name']);
        $mail->AddAddress($from, $from_name);
    } else {
        $mail->set('From', $from);
        $mail->set('FromName', $from_name);
        $mail->AddAddress($form['to'], $form['to_name']);
        foreach (explode(';', $form['cc']) as $cc) {
            if (trim($cc) != '') {
                $mail->AddCC($cc);
            }
        }
        foreach (explode(';', $form['bcc']) as $bcc) {
            if (trim($bcc) != '') {
                $mail->AddBCC($bcc);
            }
        }
    }
    if ($confirmation) {
        $mail->set('Subject', sprintf($ptx['mail_subject_confirmation'], $form['title'], $_SERVER['SERVER_NAME']));
    } else {
        $mail->set('Subject', sprintf($ptx['mail_subject'], $form['title'], $_SERVER['SERVER_NAME'], $_SERVER['REMOTE_ADDR']));
    }
    $mail->IsHtml($type != 'text');
    if ($type == 'text') {
        $mail->set('Body', Advancedform_mailBody($id, !$confirmation, false));
    } else {
        $body = Advancedform_mailBody($id, !$confirmation, true);
        $mail->MsgHTML($body);
        $mail->set('AltBody', Advancedform_mailBody($id, !$confirmation, false));
    }
    if (!$confirmation) {
        foreach ($form['fields'] as $field) {
            if ($field['type'] == 'file') {
                $name = 'advfrm-' . $field['field'];
                $mail->AddAttachment($_FILES[$name]['tmp_name'], stsl($_FILES[$name]['name']));
            }
        }
    }
    if (function_exists('advfrm_custom_mail')) {
        if (advfrm_custom_mail($id, $mail, $confirmation) === false) {
            return true;
        }
    }
    $ok = $mail->Send();
    if (!$confirmation) {
        if (!$ok) {
            $message = !empty($mail->ErrorInfo) ? Advancedform_hsc($mail->ErrorInfo) : $ptx['error_mail'];
            $e .= '<li>' . $message . '</li>' . PHP_EOL;
        }
        if (function_exists('XH_logMessage')) {
            $type = $ok ? 'info' : 'error';
            $message = $ok ? $ptx['log_success'] : $ptx['log_error'];
            $message = sprintf($message, $from);
            XH_logMessage($type, 'Advancedform', $id, $message);
        }
    }
    return $ok;
}
Esempio n. 3
0
 /**
  * Sends the mail and returns whether that was successful.
  *
  * @return bool
  *
  * @global string The current language.
  * @global array  The configuration of the plugins.
  * @global array  The localization of the plugins.
  * @global string The (X)HTML fragment that contains error messages.
  */
 public function send()
 {
     global $sl, $plugin_cf, $plugin_tx, $e;
     $pcf = $plugin_cf['advancedform'];
     $ptx = $plugin_tx['advancedform'];
     $type = strtolower($pcf['mail_type']);
     $this->mail->LE = $pcf['mail_line_ending_*nix'] ? "\n" : "\r\n";
     $this->mail->set('CharSet', 'UTF-8');
     $this->mail->SetLanguage($sl, $this->pluginFolder . 'phpmailer/language/');
     $this->mail->set('WordWrap', 72);
     if (!$this->determineAddresses()) {
         return false;
     }
     if ($this->isConfirmation) {
         $this->mail->set('Subject', sprintf($ptx['mail_subject_confirmation'], $this->form->getTitle(), $_SERVER['SERVER_NAME']));
     } else {
         $this->mail->set('Subject', sprintf($ptx['mail_subject'], $this->form->getTitle(), $_SERVER['SERVER_NAME'], $_SERVER['REMOTE_ADDR']));
     }
     $this->mail->IsHtml($type != 'text');
     if ($type == 'text') {
         $this->mail->set('Body', $this->getBody(false));
     } else {
         $body = $this->getBody(true);
         $this->mail->MsgHTML($body);
         $this->mail->set('AltBody', $this->getBody(false));
     }
     if (!$this->isConfirmation) {
         foreach ($this->form->getFields() as $field) {
             $field = Field::make($field);
             if ($field->getType() == 'file') {
                 $name = 'advfrm-' . $field->getName();
                 $this->mail->AddAttachment($_FILES[$name]['tmp_name'], stsl($_FILES[$name]['name']));
             }
         }
     }
     if (function_exists('advfrm_custom_mail')) {
         $customResult = advfrm_custom_mail($this->form->getName(), $this->mail, $this->isConfirmation);
         if ($customResult === false) {
             return true;
         }
     }
     $ok = $this->mail->Send();
     if (!$this->isConfirmation) {
         if (!$ok) {
             $message = !empty($this->mail->ErrorInfo) ? XH_hsc($this->mail->ErrorInfo) : $ptx['error_mail'];
             $e .= '<li>' . $message . '</li>' . PHP_EOL;
         }
         if (function_exists('XH_logMessage')) {
             $type = $ok ? 'info' : 'error';
             $message = $ok ? $ptx['log_success'] : $ptx['log_error'];
             $message = sprintf($message, $this->mail->From);
             XH_logMessage($type, 'Advancedform', $this->form->getName(), $message);
         }
     }
     return $ok;
 }