if (!$mail->send()) { echo 'Message could not be sent.'; echo 'Mailer Error: ' . $mail->ErrorInfo; } else { echo 'Message has been sent'; } } function render_template($tmpl) { if ($tmpl != 'default') { $str = file_get_contents($tmpl); $obj = json_decode($str, true); if (!isset($obj['template'])) { die("Шаблон поврежден. Неудается прочитать"); } $overload = str_replace(["\r", "\n"], "\n", $obj['template']); global $title; $title = $obj['title']; } ob_start(); include 'template.php'; $rendered = ob_get_contents(); ob_end_clean(); return $rendered; } $html = render_template($_GET['template']); if (!isset($title)) { $title = "Посмотрите правде в глаза – ваше производство скоро вымрет."; } smtp_send($_GET['to'], $title, $html);
function rescue_item($user_id, $mail_id, $resend = false) { global $dbh, $logger; $sth = $dbh->prepare("SELECT sender_email, contents, " . "envelope_to, maia_mail_recipients.type " . "FROM maia_mail, maia_mail_recipients " . "WHERE maia_mail.id = maia_mail_recipients.mail_id " . "AND maia_mail_recipients.recipient_id = ? " . "AND maia_mail_recipients.mail_id = ?"); $res = $sth->execute(array($user_id, $mail_id)); if (PEAR::isError($sth)) { die($sth->getMessage()); } if ($row = $res->fetchrow()) { $sender_email = $row["sender_email"]; $body = $row["contents"]; $type = $row["type"]; if (extension_loaded('mcrypt')) { if (text_is_encrypted($body)) { $key = get_encryption_key(); $body = decrypt_text($key, $body); } } if (is_a_domain_default_user($user_id)) { // System default user (@.) or domain-class user (e.g. @domain) $my_email_address = $row["envelope_to"]; } else { // Regular user (e.g. user@domain) $rlist = explode(" ", trim($row["envelope_to"])); $sth2 = $dbh->prepare("SELECT email FROM users " . "WHERE maia_user_id = ? " . "AND email = ?"); $my_email_address = ""; foreach ($rlist as $rmail) { $res2 = $sth2->execute(array($user_id, $rmail)); if (PEAR::isError($sth2)) { die($sth2->getMessage()); } if ($row2 = $res2->fetchrow()) { $my_email_address = $row2["email"]; break; } } $sth2->free(); } if (!empty($my_email_address)) { if ($resend || $type != 'P') { // don't send if it is a labeled fp $smtp_result = smtp_send($sender_email, $my_email_address, $body); } else { $smtp_result = "200 no delivery needed"; } if (($succeeded = strncmp($smtp_result, "2", 1) == 0) || $type == 'P') { if (!$resend) { if ($type == 'S' || $type == 'P') { record_mail_stats($user_id, $mail_id, "fp"); if (get_user_value($user_id, "auto_whitelist") == "Y") { add_address_to_wb_list($user_id, $sender_email, "W"); } } set_item_confirmations('G', $user_id, $mail_id); } } else { $logger->err("rescue attempt failed! " . $smtp_result); } } else { $smtp_result = $lang['text_rescue_error'] . "(EmptyAddress)"; // code really shouldn't be here. } } else { $smtp_result = $lang['text_rescue_error'] . "(MessageNotFound)"; // code really shouldn't be here. } $sth->free(); $logger->info($smtp_result); return $smtp_result; }
function send_email($p, &$error = null, $mail_type = null) { if (empty($mail_type) and function_exists('send_email_type')) { $mail_type = send_email_type(); } if (function_exists('send_email_subject')) { $p['subject'] = send_email_subject($p); } $n = 0; if (!isset($p['emails']) or !is_array_full(array_keys($p['emails']))) { $error = 'You must send emails to the emailer as an array, even for single email addresses. If you don't know what this means, contact your website manager.'; return false; } // this bit is only needed until we've updated all other sites to use new email assoc format $first = reset($p['emails']); if (make_email($first)) { $temp = array(); foreach ($p['emails'] as $name => $email) { $temp[$email] = $name; } $p['emails'] = $temp; unset($temp); } // if (!defined('EMAIL_SEND')) { if (!isset($p['headers'])) { $headers = mail_headers(); } foreach ($p['emails'] as $email => $name) { log_email($name . ' <' . $email . '>', $p['subject'], $p['message'], $headers); $n++; } } else { switch ($mail_type) { case 'func': $func = send_email_func(); if (!$func($p, $error)) { return false; } break; case 'gmail': if (!gmail_send($p, $error)) { return false; } break; case 'sendgrid': if (!sendgrid_send($p, $error)) { return false; } break; case 'smtp': if (!smtp_send($p, $error)) { return false; } break; case 'sendmail': default: if (!is_array_full($p['emails'])) { $error = 'You must send emails to the emailer as an array, even for single email addresses. If you don't know what this means, contact your website manager.'; return false; } if (!isset($p['headers'])) { $p['headers'] = mail_headers(); } foreach ($p['emails'] as $email => $name) { if (@mail($email, $p['subject'], $p['message'], $p['headers'])) { $n++; } else { $errors[] = $email; } } if (!empty($errors)) { $error = 'The email message could not be sent to the following addresses.</p><ul><li>' . implode('</li><li>', $errors) . '</li></ul><p>'; return false; } break; } } return true; }
$title = mysql_escape_string(htmlentities(trim($_POST['title']))); $caption = mysql_escape_string(nl2br(htmlentities(trim($_POST['caption'])))); $category = get_category_by_category_id($_POST['category_id'], $db_read); if (validate_title($title) == false) { show_error_redirect_back("Invalid title. Titles have to be 0-{$max_length_title} characters."); } if (validate_comment($caption) == false) { show_error_redirect_back("Invalid caption. Captions have to be 0-{$max_length_comment} characters."); } # Make sure he's uploading to his own category $result = try_mysql_query("SELECT * FROM categories WHERE user_id='" . $me['user_id'] . "' AND category_id='" . $category['category_id'] . "'", $db_read); if (mysql_num_rows($result) == 0) { show_error_redirect_back("Invalid category."); } mysql_free_result($result); # Insert the new picture try_mysql_query("INSERT INTO pictures (category_id, title, filename, caption, date_added) VALUES ('" . $category['category_id'] . "', '{$title}', '{$image_filename}', '{$caption}', NOW())", $db_write); $picture_id = mysql_insert_id($db_write); # Update the las modified category (used for the default selection in the category combo) try_mysql_query("UPDATE users SET last_category='" . $category['category_id'] . "' WHERE user_id='" . $me['user_id'] . "'", $db_write); # Update the last modified time for the private user/category try_mysql_query("UPDATE users SET last_updated=NOW() WHERE user_id='" . $me['user_id'] . "'", $db_write); try_mysql_query("UPDATE categories SET last_updated=NOW() WHERE category_id='" . $category['category_id'] . "'", $db_write); # Set the last modified time for the public user/category if ($category['private'] != '1') { try_mysql_query("UPDATE users SET last_updated_public=NOW() WHERE user_id='" . $me['user_id'] . "'", $db_write); try_mysql_query("UPDATE categories SET last_updated_public=NOW() WHERE category_id='" . $category['category_id'] . "'", $db_write); } $user_ids = get_emails_notify_pictures($db_read); smtp_send($user_ids, "OSPAP - New Picture", "New picture notification", "A new picture has been posted in " . $me['username'] . "'s category, " . $category['name'] . "! Here is a link to it:\n\n" . get_full_path_to("show_picture.php?picture_id=" . $picture_id) . "\n\nTitle: {$title}\n\nCaption:\n{$caption}\n\nNote: this is an automatic email, please don't reply."); show_message_redirect("Picture successfully uploaded", "show_category.php?category_id=" . $category['category_id']);
list($password, $digest) = generate_random_password(); $sth = $dbh->prepare("UPDATE maia_users SET password = ? WHERE id = ?"); $sth->execute(array($digest, $new_user_id)); if (PEAR::isError($sth)) { die($sth->getMessage()); } $sth->free(); $fh = fopen($newuser_template_file, "r"); if ($fh) { $body = fread($fh, filesize($newuser_template_file)); fclose($fh); $body = preg_replace("/%%ADMINEMAIL%%/", $admin_email, $body); $body = preg_replace("/%%LOGIN%%/", $username, $body); $body = preg_replace("/%%PASSWORD%%/", $password, $body); $body = preg_replace("/%%LOGINURL%%/", $reminder_login_url, $body); $result = smtp_send($admin_email, $new_email, $body); if (strncmp($result, "2", 1) != 0) { $smarty->assign("error", $result); } } else { $smarty->assign("error", "Unable to open newuser.tpl template file: Please check you path and permissions."); } } else { $smarty->assign("submitted", false); $sth = $dbh->prepare("SELECT admin_email, " . "reminder_login_url, " . "newuser_template_file, " . "smtp_server, " . "smtp_port " . "FROM maia_config WHERE id = 0"); $res = $sth->execute(); if (PEAR::isError($sth)) { die($sth->getMessage()); } if ($row = $res->fetchrow()) { $admin_email = $row["admin_email"];
public static function attemptRecover($strName) { $objUser = clsUser::getByName($strName); if ($objUser == null) { return 'forgot_unknown'; } if ($objUser->get('email') == '') { return 'forgot_noemail'; } $strNewPassword = ''; for ($i = 0; $i < 20; $i++) { $strNewPassword .= substr('0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', rand(0, 61), 1); } $objUser->set('temp_password', md5($strNewPassword)); $objUser->set('temp_password_date', date('Y-m-d H:i:s', time())); $objUser->save(); $strMessage = "Your password for " . SITE_NAME . " has been reset to:\r\n\r\n"; $strMessage .= $strNewPassword . "\r\n\r\n"; $strMessage .= "This password will expire soon, so be sure to change it.\r\n"; return smtp_send(array($objUser->get('email')), SITE_NAME, SITE_NAME . ": Forgot Password", $strMessage); }
# post_comment.php # Post a comment on an image. # header('Pragma: no-cache'); require 'shared.php'; # Make a connection to the database $db_read = get_db_read(); $db_write = get_db_write(); if (!$me) { show_error_redirect_back("Please log in first"); } if (isset($_POST['picture_id']) == false) { show_error_redirect_back("Couldn't find picture id"); } if (isset($_POST['comment']) == false) { show_error_redirect_back("Couldn't find comment"); } $comment = mysql_escape_string(nl2br(htmlentities(trim($_POST['comment'])))); $picture_id = $_POST['picture_id']; if (validate_comment($comment) == false) { show_error_redirect_back("Invalid comment. Comments have to be 0-{$max_length_comment} characters."); } if (is_numeric($picture_id) == false) { show_error_redirect_back("Invalid category."); } try_mysql_query("INSERT INTO comments (user_id, picture_id, text, date_added) VALUES ('" . $me['user_id'] . "', '{$picture_id}', '{$comment}', NOW())", $db_write); $user = get_user_from_picture_id($picture_id, $db_read); if ($user['notify_comments'] == '1') { smtp_send(array($user['email']), "OSPAP - New Comment", "New Comment Notification", "A new comment has been posted for one of your pictures! It was posted by " . $me['username'] . " and can be viewed here:\n" . get_full_path_to("show_picture.php?picture_id={$picture_id}") . "\n\nNote: this is an automatic email, please don't reply."); } show_message_redirect("Comment added", "show_picture.php?picture_id={$picture_id}#comments");
function subscribe($param) { global $sender; if (preg_match('/\\@hebcal.com$/', $param["em"])) { form($param, "Sorry, can't use a <strong>hebcal.com</strong> email address."); } if ($param["geo"] == "zip") { if (!$param["zip"]) { form($param, "Please enter your zip code for candle lighting times."); } if (!preg_match('/^\\d{5}$/', $param["zip"])) { form($param, "Sorry, <strong>" . htmlspecialchars($param["zip"]) . "</strong> does\n" . "not appear to be a 5-digit zip code."); } list($city, $state, $tzid, $latitude, $longitude, $lat_deg, $lat_min, $long_deg, $long_min) = hebcal_get_zipcode_fields($param["zip"]); if (!$state) { form($param, "Sorry, can't find\n" . "<strong>" . htmlspecialchars($param["zip"]) . "</strong> in the zip code database.\n", "<ul><li>Please try a nearby zip code</li></ul>"); } $city_descr = "{$city}, {$state} " . $param["zip"]; unset($param["city"]); unset($param["geonameid"]); } elseif ($param["geo"] == "geoname") { if (!$param["geonameid"]) { form($param, "Please search for your city for candle lighting times."); } if (!preg_match('/^\\d+$/', $param["geonameid"])) { form($param, "Sorry, <strong>" . htmlspecialchars($param["geonameid"]) . "</strong> does\n" . "not appear to be a valid geonameid."); } list($name, $asciiname, $country, $admin1, $latitude, $longitude, $tzid) = hebcal_get_geoname($param["geonameid"]); if (!isset($tzid)) { form($param, "Sorry, <strong>" . htmlspecialchars($param["geonameid"]) . "</strong> is\n" . "not a recoginized geonameid."); } $city_descr = geoname_city_descr($name, $admin1, $country); unset($param["zip"]); unset($param["city"]); } else { $param["geo"] = "geoname"; form($param, "Sorry, missing location (zip, geonameid) field."); } // check for old sub if (isset($param["prev"]) && $param["prev"] != $param["em"]) { $info = get_sub_info($param["prev"], false); if (isset($info["status"]) && $info["status"] == "active") { sql_unsub($param["prev"]); } } // check if email address already verified $info = get_sub_info($param["em"], false); if (isset($info["status"]) && $info["status"] == "active") { write_sub_info($param); $from_name = "Hebcal"; $from_addr = "*****@*****.**"; $reply_to = "*****@*****.**"; $subject = "Your subscription is updated"; global $remoteAddr; $ip = $remoteAddr; $unsub_addr = "shabbat-unsubscribe+" . $info["id"] . "@hebcal.com"; $headers = array("From" => "\"{$from_name}\" <{$from_addr}>", "To" => $param["em"], "Reply-To" => $reply_to, "List-Unsubscribe" => "<mailto:{$unsub_addr}>", "MIME-Version" => "1.0", "Content-Type" => "text/html; charset=UTF-8", "X-Sender" => $sender, "X-Mailer" => "hebcal web", "Message-ID" => "<Hebcal.Web." . time() . "." . posix_getpid() . "@hebcal.com>", "X-Originating-IP" => "[{$ip}]", "Subject" => $subject); $body = <<<EOD <div dir="ltr"> <div>Hello,</div> <div><br></div> <div>We have updated your weekly Shabbat candle lighting time subscription for {$city_descr}.</div> <div><br></div> <div>Regards, <br>hebcal.com</div> <div><br></div> <div>To unsubscribe from this list, send an email to: <br><a href="mailto:shabbat-unsubscribe@hebcal.com">shabbat-unsubscribe@hebcal.com</a></div> </div> EOD; $err = smtp_send(get_return_path($param["em"]), $param["em"], $headers, $body); $html_email = htmlentities($param["em"]); $html = <<<EOD <div class="alert alert-success"> <strong>Success!</strong> Your subsciption information has been updated. <p>Email: <strong>{$html_email}</strong> <br>Location: {$city_descr}</p> </div> EOD; echo $html; return true; } if (isset($info["status"]) && $info["status"] == "pending" && isset($info["id"])) { $old_encoded = $info["id"]; } else { $old_encoded = null; } $encoded = write_staging_info($param, $old_encoded); $from_name = "Hebcal"; $from_addr = "*****@*****.**"; $subject = "Please confirm your request to subscribe to hebcal"; global $remoteAddr; $ip = $remoteAddr; $headers = array("From" => "\"{$from_name}\" <{$from_addr}>", "To" => $param["em"], "MIME-Version" => "1.0", "Content-Type" => "text/html; charset=UTF-8", "X-Sender" => $sender, "X-Mailer" => "hebcal web", "Message-ID" => "<Hebcal.Web." . time() . "." . posix_getpid() . "@hebcal.com>", "X-Originating-IP" => "[{$ip}]", "Subject" => $subject); $url_prefix = "https://" . $_SERVER["HTTP_HOST"]; $body = <<<EOD <div dir="ltr"> <div>Hello,</div> <div><br></div> <div>We have received your request to receive weekly Shabbat candle lighting time information from hebcal.com for {$city_descr}.</div> <div><br></div> <div>Please confirm your request by clicking on this link:</div> <div><br></div> <div><a href="{$url_prefix}/email/verify.php?{$encoded}">{$url_prefix}/email/verify.php?{$encoded}</a></div> <div><br></div> <div>If you did not request (or do not want) weekly Shabbat candle lighting time information, please accept our apologies and ignore this message.</div> <div><br></div> <div>Regards, <br>hebcal.com</div> <div><br></div> <div>[{$remoteAddr}]</div> </div> EOD; $err = smtp_send(get_return_path($param["em"]), $param["em"], $headers, $body); $html_email = htmlentities($param["em"]); if ($err === true) { $html = <<<EOD <div class="alert alert-success"> <strong>Thank you!</strong> A confirmation message has been sent to <strong>{$html_email}</strong> for {$city_descr}.<br> Click the link within that message to confirm your subscription. </div> <p>If you do not receive this acknowledgment message within an hour or two, then the most likely problem is that you made a typo in your email address. If you do not get the confirmation message, please return to the subscription page and try again, taking care to avoid typos.</p> EOD; } else { $html = <<<EOD <div class="alert alert-danger"> <h4>Server Error</h4> Sorry, we are temporarily unable to send email to <strong>{$html_email}</strong>. </div> <p>Please try again in a few minutes.</p> <p>If the problem persists, please send email to <a href="mailto:webmaster@hebcal.com">webmaster@hebcal.com</a>.</p> EOD; } echo $html; }
$url_prefix = "https://" . $_SERVER["HTTP_HOST"]; $unsub_url = $url_prefix . "/email/?e=" . urlencode(base64_encode($info["em"])); $unsub_addr = "shabbat-unsubscribe+" . $info["id"] . "@hebcal.com"; $headers = array("From" => "\"{$from_name}\" <{$from_addr}>", "To" => $info["em"], "Reply-To" => $reply_to, "List-Unsubscribe" => "<mailto:{$unsub_addr}>", "MIME-Version" => "1.0", "Content-Type" => "text/plain", "X-Mailer" => "hebcal web", "Message-ID" => "<Hebcal.Web." . time() . "." . posix_getpid() . "@hebcal.com>", "X-Originating-IP" => "[{$ip}]", "Subject" => $subject); $body = <<<EOD Hello, Your subscription request for hebcal is complete. Regards, hebcal.com To modify your subscription or to unsubscribe completely, visit: {$unsub_url} EOD; $err = smtp_send(get_return_path($info["em"]), $info["em"], $headers, $body); echo html_header_bootstrap3("Email Subscription Confirmed"); ?> <div class="row"> <div class="col-sm-12"> <p class="lead">Confirm your subscription to weekly Shabbat candle lighting times and Torah portion by email.</p> <div class="alert alert-success"> <strong>Thank you!</strong> Your subscription is now active. A confirmation message has been sent to <strong><?php echo htmlentities($info["em"]); ?> </strong>. </div> </div><!-- .col-sm-12 -->