function shouldEnterFirstMessage() { global $captcha; $chatimmediatly = verify_param('chatimmediately', "/^\\d{1}\$/", '') == 1; if ($chatimmediatly) { return false; } if (!isset($_REQUEST['submitted'])) { displayStartChat(); return true; } else { $TML = new SmartyClass(); setupStartChat($TML); $_SESSION['webim_uname'] = $visitor_name = getSecureText($_REQUEST['visitorname']); $_SESSION['webim_email'] = $email = getSecureText($_REQUEST['email']); $_SESSION['webim_phone'] = $phone = getSecureText($_REQUEST['phone']); $message = getSecureText($_REQUEST['message']); $captcha_num = getSecureText($_REQUEST['captcha']); $has_errors = false; if (!$captcha->checkNumber($captcha_num)) { $TML->assign('errorcaptcha', true); $has_errors = true; } elseif (empty($visitor_name) && Visitor::getInstance()->canVisitorChangeName()) { $TML->assign('errorname', true); $has_errors = true; } elseif (!is_valid_name($visitor_name) && Visitor::getInstance()->canVisitorChangeName()) { $TML->assign('errornameformat', true); $has_errors = true; } elseif (empty($message)) { $TML->assign('errormessage', true); $has_errors = true; } else { if (!is_valid_email($email) && !intval($_SESSION['uid'])) { $TML->assign('erroremailformat', true); $has_errors = true; } } $captcha->setNumber(); if ($has_errors) { $TML->assign('visitorname', $visitor_name); $TML->assign('email', $email); $TML->assign('phone', $phone); $TML->assign('captcha_num', ''); $TML->display('start-chat.tpl'); return true; } return false; } }
function filecheck($path = '', $file = '', $namecheck = '', $extra = '') { if (!is_valid_name($namecheck)) { redirect_header("javascript:history.go(-1)",1, "<font color='#CC0000'>Invalid File name</font>"); } }
function process_email_form() { global $wpdb, $post, $text_direction; // If User Click On Mail if (isset($_POST['action']) && $_POST['action'] == 'email') { // Verify Referer if (!check_ajax_referer('wp-email-nonce', 'wp-email_nonce', false)) { _e('Failed To Verify Referrer', 'wp-email'); exit; } @session_start(); email_textdomain(); header('Content-Type: text/html; charset=' . get_option('blog_charset') . ''); // POST Variables $yourname = !empty($_POST['yourname']) ? strip_tags(stripslashes(trim($_POST['yourname']))) : ''; $youremail = !empty($_POST['youremail']) ? strip_tags(stripslashes(trim($_POST['youremail']))) : ''; $yourremarks = !empty($_POST['yourremarks']) ? strip_tags(stripslashes(trim($_POST['yourremarks']))) : ''; $friendname = !empty($_POST['friendname']) ? strip_tags(stripslashes(trim($_POST['friendname']))) : ''; $friendemail = !empty($_POST['friendemail']) ? strip_tags(stripslashes(trim($_POST['friendemail']))) : ''; $imageverify = !empty($_POST['imageverify']) ? $_POST['imageverify'] : ''; $p = !empty($_POST['p']) ? intval($_POST['p']) : 0; $page_id = !empty($_POST['page_id']) ? intval($_POST['page_id']) : 0; // Get Post Information if ($p > 0) { $post_type = get_post_type($p); $query_post = 'p=' . $p . '&post_type=' . $post_type; $id = $p; } else { $query_post = 'page_id=' . $page_id; $id = $page_id; } query_posts($query_post); if (have_posts()) { while (have_posts()) { the_post(); $post_title = email_get_title(); $post_author = get_the_author(); $post_date = get_the_time(get_option('date_format') . ' (' . get_option('time_format') . ')', '', '', false); $post_category = email_category(__(',', 'wp-email') . ' '); $post_category_alt = strip_tags($post_category); $post_excerpt = get_the_excerpt(); $post_content = email_content(); $post_content_alt = email_content_alt(); } } // Error $error = ''; $error_field = array('yourname' => $yourname, 'youremail' => $youremail, 'yourremarks' => $yourremarks, 'friendname' => $friendname, 'friendemail' => $friendemail, 'id' => $id); // Get Options $email_fields = get_option('email_fields'); $email_image_verify = intval(get_option('email_imageverify')); $email_smtp = get_option('email_smtp'); // Multiple Names/Emails $friends = array(); $friendname_count = 0; $friendemail_count = 0; $multiple_names = explode(',', $friendname); $multiple_emails = explode(',', $friendemail); $multiple_max = intval(get_option('email_multiple')); if ($multiple_max == 0) { $multiple_max = 1; } // Checking Your Name Field For Errors if (intval($email_fields['yourname']) == 1) { if (empty($yourname)) { $error .= '<br /><strong>»</strong> ' . __('Your Name is empty', 'wp-email'); } if (!is_valid_name($yourname)) { $error .= '<br /><strong>»</strong> ' . __('Your Name is invalid', 'wp-email'); } } // Checking Your E-Mail Field For Errors if (intval($email_fields['youremail']) == 1) { if (empty($youremail)) { $error .= '<br /><strong>»</strong> ' . __('Your Email is empty', 'wp-email'); } if (!is_valid_email($youremail)) { $error .= '<br /><strong>»</strong> ' . __('Your Email is invalid', 'wp-email'); } } // Checking Your Remarks Field For Errors if (intval($email_fields['yourremarks']) == 1) { if (!is_valid_remarks($yourremarks)) { $error .= '<br /><strong>»</strong> ' . __('Your Remarks is invalid', 'wp-email'); } } // Checking Friend's Name Field For Errors if (intval($email_fields['friendname']) == 1) { if (empty($friendname)) { $error .= '<br /><strong>»</strong> ' . __('Friend Name(s) is empty', 'wp-email'); } else { if ($multiple_names) { foreach ($multiple_names as $multiple_name) { $multiple_name = trim($multiple_name); if (empty($multiple_name)) { $error .= '<br /><strong>»</strong> ' . sprintf(__('Friend Name is empty: %s', 'wp-email'), $multiple_name); } elseif (!is_valid_name($multiple_name)) { $error .= '<br /><strong>»</strong> ' . sprintf(__('Friend Name is invalid: %s', 'wp-email'), $multiple_name); } else { $friends[$friendname_count]['name'] = $multiple_name; $friendname_count++; } if ($friendname_count > $multiple_max) { break; } } } } } // Checking Friend's E-Mail Field For Errors if (empty($friendemail)) { $error .= '<br /><strong>»</strong> ' . __('Friend Email(s) is empty', 'wp-email'); } else { if ($multiple_emails) { foreach ($multiple_emails as $multiple_email) { $multiple_email = trim($multiple_email); if (empty($multiple_email)) { $error .= '<br /><strong>»</strong> ' . sprintf(__('Friend Email is empty: %s', 'wp-email'), $multiple_email); } elseif (!is_valid_email($multiple_email)) { $error .= '<br /><strong>»</strong> ' . sprintf(__('Friend Email is invalid: %s', 'wp-email'), $multiple_email); } else { $friends[$friendemail_count]['email'] = $multiple_email; $friendemail_count++; } if ($friendemail_count > $multiple_max) { break; } } } } // Checking If The Fields Exceed The Size Of Maximum Entries Allowed if (sizeof($friends) > $multiple_max) { $error .= '<br /><strong>»</strong> ' . sprintf(_n('Maximum %s Friend allowed', 'Maximum %s Friend(s) allowed', $multiple_max, 'wp-email'), number_format_i18n($multiple_max)); } if (intval($email_fields['friendname']) == 1) { if ($friendname_count != $friendemail_count) { $error .= '<br /><strong>»</strong> ' . __('Friend Name(s) count does not tally with Friend Email(s) count', 'wp-email'); } } // Check Whether We Enable Image Verification if ($email_image_verify) { $imageverify = strtoupper($imageverify); if (empty($imageverify)) { $error .= '<br /><strong>»</strong> ' . __('Image Verification is empty', 'wp-email'); } else { if ($_SESSION['email_verify'] != md5($imageverify)) { $error .= '<br /><strong>»</strong> ' . __('Image Verification failed', 'wp-email'); } } } // If There Is No Error, We Process The E-Mail if (empty($error) && not_spamming()) { // If Remarks Is Empty, Assign N/A if (empty($yourremarks)) { $yourremarks = __('N/A', 'wp-email'); } // Template For E-Mail Subject $template_email_subject = stripslashes(get_option('email_template_subject')); $template_email_subject = str_replace("%EMAIL_YOUR_NAME%", $yourname, $template_email_subject); $template_email_subject = str_replace("%EMAIL_YOUR_EMAIL%", $youremail, $template_email_subject); $template_email_subject = str_replace("%EMAIL_POST_TITLE%", $post_title, $template_email_subject); $template_email_subject = str_replace("%EMAIL_POST_AUTHOR%", $post_author, $template_email_subject); $template_email_subject = str_replace("%EMAIL_POST_DATE%", $post_date, $template_email_subject); $template_email_subject = str_replace("%EMAIL_POST_CATEGORY%", $post_category_alt, $template_email_subject); $template_email_subject = str_replace("%EMAIL_BLOG_NAME%", get_bloginfo('name'), $template_email_subject); $template_email_subject = str_replace("%EMAIL_BLOG_URL%", get_bloginfo('url'), $template_email_subject); $template_email_subject = str_replace("%EMAIL_PERMALINK%", get_permalink(), $template_email_subject); // Template For E-Mail Body $template_email_body = stripslashes(get_option('email_template_body')); $template_email_body = str_replace("%EMAIL_YOUR_NAME%", $yourname, $template_email_body); $template_email_body = str_replace("%EMAIL_YOUR_EMAIL%", $youremail, $template_email_body); $template_email_body = str_replace("%EMAIL_YOUR_REMARKS%", $yourremarks, $template_email_body); $template_email_body = str_replace("%EMAIL_FRIEND_NAME%", $friendname, $template_email_body); $template_email_body = str_replace("%EMAIL_FRIEND_EMAIL%", $friendemail, $template_email_body); $template_email_body = str_replace("%EMAIL_POST_TITLE%", $post_title, $template_email_body); $template_email_body = str_replace("%EMAIL_POST_AUTHOR%", $post_author, $template_email_body); $template_email_body = str_replace("%EMAIL_POST_DATE%", $post_date, $template_email_body); $template_email_body = str_replace("%EMAIL_POST_CATEGORY%", $post_category, $template_email_body); $template_email_body = str_replace("%EMAIL_POST_EXCERPT%", $post_excerpt, $template_email_body); $template_email_body = str_replace("%EMAIL_POST_CONTENT%", $post_content, $template_email_body); $template_email_body = str_replace("%EMAIL_BLOG_NAME%", get_bloginfo('name'), $template_email_body); $template_email_body = str_replace("%EMAIL_BLOG_URL%", get_bloginfo('url'), $template_email_body); $template_email_body = str_replace("%EMAIL_PERMALINK%", get_permalink(), $template_email_body); if ('rtl' == $text_direction) { $template_email_body = "<div style=\"direction: rtl;\">{$template_email_body}</div>"; } // Template For E-Mail Alternate Body $template_email_bodyalt = stripslashes(get_option('email_template_bodyalt')); $template_email_bodyalt = str_replace("%EMAIL_YOUR_NAME%", $yourname, $template_email_bodyalt); $template_email_bodyalt = str_replace("%EMAIL_YOUR_EMAIL%", $youremail, $template_email_bodyalt); $template_email_bodyalt = str_replace("%EMAIL_YOUR_REMARKS%", $yourremarks, $template_email_bodyalt); $template_email_bodyalt = str_replace("%EMAIL_FRIEND_NAME%", $friendname, $template_email_bodyalt); $template_email_bodyalt = str_replace("%EMAIL_FRIEND_EMAIL%", $friendemail, $template_email_bodyalt); $template_email_bodyalt = str_replace("%EMAIL_POST_TITLE%", $post_title, $template_email_bodyalt); $template_email_bodyalt = str_replace("%EMAIL_POST_AUTHOR%", $post_author, $template_email_bodyalt); $template_email_bodyalt = str_replace("%EMAIL_POST_DATE%", $post_date, $template_email_bodyalt); $template_email_bodyalt = str_replace("%EMAIL_POST_CATEGORY%", $post_category_alt, $template_email_bodyalt); $template_email_bodyalt = str_replace("%EMAIL_POST_EXCERPT%", $post_excerpt, $template_email_bodyalt); $template_email_bodyalt = str_replace("%EMAIL_POST_CONTENT%", $post_content_alt, $template_email_bodyalt); $template_email_bodyalt = str_replace("%EMAIL_BLOG_NAME%", get_bloginfo('name'), $template_email_bodyalt); $template_email_bodyalt = str_replace("%EMAIL_BLOG_URL%", get_bloginfo('url'), $template_email_bodyalt); $template_email_bodyalt = str_replace("%EMAIL_PERMALINK%", get_permalink(), $template_email_bodyalt); // PHP Mailer Variables if (!class_exists("phpmailer")) { require_once ABSPATH . WPINC . '/class-phpmailer.php'; } $mail = new PHPMailer(); $mail->From = $youremail; $mail->FromName = $yourname; foreach ($friends as $friend) { $mail->AddAddress($friend['email'], $friend['name']); } $mail->CharSet = get_bloginfo('charset'); $mail->Username = $email_smtp['username']; $mail->Password = $email_smtp['password']; $mail->Host = $email_smtp['server']; $mail->Mailer = get_option('email_mailer'); if ($mail->Mailer == 'smtp') { $mail->SMTPAuth = true; } $mail->ContentType = get_option('email_contenttype'); $mail->Subject = $template_email_subject; if (get_option('email_contenttype') == 'text/plain') { $mail->Body = $template_email_bodyalt; } else { $mail->Body = $template_email_body; $mail->AltBody = $template_email_bodyalt; } // Send The Mail if($mail->Send()) { if ($mail->Send()) { $email_status = __('Success', 'wp-email'); // Template For Sent Successfully $template_email_sentsuccess = stripslashes(get_option('email_template_sentsuccess')); $template_email_sentsuccess = str_replace("%EMAIL_FRIEND_NAME%", $friendname, $template_email_sentsuccess); $template_email_sentsuccess = str_replace("%EMAIL_FRIEND_EMAIL%", $friendemail, $template_email_sentsuccess); $template_email_sentsuccess = str_replace("%EMAIL_POST_TITLE%", $post_title, $template_email_sentsuccess); $template_email_sentsuccess = str_replace("%EMAIL_BLOG_NAME%", get_bloginfo('name'), $template_email_sentsuccess); $template_email_sentsuccess = str_replace("%EMAIL_BLOG_URL%", get_bloginfo('url'), $template_email_sentsuccess); $template_email_sentsuccess = str_replace("%EMAIL_PERMALINK%", get_permalink(), $template_email_sentsuccess); // If There Is Error Sending } else { if ($yourremarks == __('N/A', 'wp-email')) { $yourremarks = ''; } $email_status = __('Failed', 'wp-email'); // Template For Sent Failed $template_email_sentfailed = stripslashes(get_option('email_template_sentfailed')); $template_email_sentfailed = str_replace("%EMAIL_FRIEND_NAME%", $friendname, $template_email_sentfailed); $template_email_sentfailed = str_replace("%EMAIL_FRIEND_EMAIL%", $friendemail, $template_email_sentfailed); $template_email_sentfailed = str_replace("%EMAIL_ERROR_MSG%", $mail->ErrorInfo, $template_email_sentfailed); $template_email_sentfailed = str_replace("%EMAIL_POST_TITLE%", $post_title, $template_email_sentfailed); $template_email_sentfailed = str_replace("%EMAIL_BLOG_NAME%", get_bloginfo('name'), $template_email_sentfailed); $template_email_sentfailed = str_replace("%EMAIL_BLOG_URL%", get_bloginfo('url'), $template_email_sentfailed); $template_email_sentfailed = str_replace("%EMAIL_PERMALINK%", get_permalink(), $template_email_sentfailed); } // Logging $email_yourname = addslashes($yourname); $email_youremail = addslashes($youremail); $email_yourremarks = addslashes($yourremarks); $email_postid = intval(get_the_id()); $email_posttitle = addslashes($post_title); $email_timestamp = current_time('timestamp'); $email_ip = get_email_ipaddress(); $email_host = esc_attr(@gethostbyaddr($email_ip)); foreach ($friends as $friend) { $email_friendname = addslashes($friend['name']); $email_friendemail = addslashes($friend['email']); $wpdb->query("INSERT INTO {$wpdb->email} VALUES (0, '{$email_yourname}', '{$email_youremail}', '{$email_yourremarks}', '{$email_friendname}', '{$email_friendemail}', {$email_postid}, '{$email_posttitle}', '{$email_timestamp}', '{$email_ip}', '{$email_host}', '{$email_status}')"); } if ($email_status == __('Success', 'wp-email')) { $output = $template_email_sentsuccess; } else { $output = $template_email_sentfailed; } echo $output; exit; // If There Are Errors } else { $error = substr($error, 21); $template_email_error = stripslashes(get_option('email_template_error')); $template_email_error = str_replace("%EMAIL_ERROR_MSG%", $error, $template_email_error); $template_email_error = str_replace("%EMAIL_BLOG_NAME%", get_bloginfo('name'), $template_email_error); $template_email_error = str_replace("%EMAIL_BLOG_URL%", get_bloginfo('url'), $template_email_error); $template_email_error = str_replace("%EMAIL_PERMALINK%", get_permalink(), $template_email_error); $output = $template_email_error; $output .= email_form('', false, false, false, $error_field); echo $output; exit; } // End if(empty($error)) } // End if(!empty($_POST['wp-email'])) }
* Display user information. */ require_login(); require __DIR__ . "/../layout/templates.php"; $user = get_user(user_id()); require_user($user); $old_email = $user['email']; $q = db()->prepare("SELECT * FROM user_passwords WHERE user_id=?"); $q->execute(array(user_id())); $password_hash = $q->fetch(); $messages = array(); $errors = array(); $name = require_post("name", false); $email = trim(require_post("email", false)); if ($name !== false && $email !== false) { if ($name !== "" && !is_valid_name($name)) { $errors[] = t("Invalid name."); } else { if ($email !== "" && !is_valid_email($email)) { $errors[] = t("Invalid e-mail."); } else { if (!$email && $password_hash) { $errors[] = t("You cannot remove your e-mail address until you have disabled :password_login on this account.", array(':password_login' => link_to(url_for('user#user_password'), t("password login")))); } } } // check that there are no existing users with this e-mail address if ($email && $password_hash) { $q = db()->prepare("SELECT * FROM users WHERE email=? AND id <> ?"); $q->execute(array($email, $user['id'])); if ($q->fetch()) {
public function edit_contact_info() { $user_id = $this->Session->read('user_id'); if (is_numeric($user_id) and $user_id > 0) { $errors = array(); $firstname = $this->request->data['User']['firstname']; $lastname = $this->request->data['User']['lastname']; $fathername = $this->request->data['User']['fathername']; $skype = $this->request->data['User']['skype']; $mail = $this->request->data['User']['mail']; if (isset($this->request->data['Phone'])) { foreach ($this->request->data['Phone'] as $key => $phone) { if (!empty($phone)) { if (!preg_match('/^[0-9]{10,13}$/', $phone)) { $this->request->data['Phone']['false_number'] = $key; pr($this->request->data['Phone']); exit; } else { } } } } if (!is_valid_name($firstname, 2, 32)) { $errors[] = 'firstname'; } if (!is_valid_name($lastname, 2, 32)) { $errors[] = 'lastname'; } //отчество может не быть if (!empty($fathername)) { if (!is_valid_name($fathername, 2, 32)) { $errors[] = 'firstname'; } } if (!filter_var($mail, FILTER_VALIDATE_EMAIL)) { $errors[] = 'mail'; } if (count($errors) == 0) { $this->User->id = $user_id; $data_to_save = array('firstname' => $firstname, 'lastname' => $lastname, 'fathername' => $fathername, 'skype' => $skype, 'mail' => $mail, 'phone' => $mail, 'data_status' => 'not_checked'); $user_save = $this->User->save($data_to_save); //сохранение списка телефонов if (isset($this->request->data['Phone'])) { foreach ($this->request->data['Phone'] as $key => $phone) { $this->Phone->tablePrefix = 'user_'; if (!empty($phone)) { if (preg_match('/^[0-9]{10,13}$/', $phone)) { //проверка наличия свободных слотов для телефонов $max_phone_per_user = Configure::read('MAX_USER_PHONES_COUNT'); $phone_counter = $this->Phone->find('count', array('conditions' => array('user_id' => $user_id))); $check_phone = $this->Phone->find('count', array('conditions' => array('user_id' => $user_id, 'phone' => $phone))); if ($check_phone == 0 and $phone_counter < $max_phone_per_user) { $this->Phone->save(array('user_id' => $user_id, 'phone' => $phone, 'check_status' => 'not_checked')); } } } } } } $this->redirect(array('controller' => 'backoffice', 'action' => 'edit_profile')); exit; } }
$registercomplete[] .= "Click <a href=\"http://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "\">here</a> to login"; $sendpasscomplete = true; } else { $errorString[] = "Password could not be reset :-("; $sendpasserror = true; } } else { $errorString[] = "Email address not found"; $showlostpassform = true; } break; case "processregister": include "inc/email_validator.php"; // validate fields $errorString = ""; if (!is_valid_name($_POST['username'])) { $errorString[] = "Invalid username"; } if (!is_valid_real_name($_POST['realname'])) { $errorString[] = "Invalid name"; } elseif (username_exists($_POST['username'])) { $errorString[] = "Username already in use"; } /* elseif (realname_exists($_POST['realname'])) { $errorString[] = "Name already in use"; } */ if (!is_valid_password($_POST['password'], $_POST['password2'])) { $errorString[] = "Passwords do not match or are not of required length"; } if (!is_rfc3696_valid_email_address($_POST['email'])) { $errorString[] = "Invalid email address";