function contact_post() { jabRequire("captcha"); global $jab; global $contact; // Retrieve model values $model['contact'] = $contact; $model['name'] = jabRequestParam('Name'); $model['email'] = jabRequestParam('Email'); $model['message'] = jabRequestParam('Message'); if (strlen($model['name']) == 0) { $model['errors'][] = "Name is missing"; } if (!jabIsValidEmail($model['email'])) { $model['errors'][] = "Invalid email address"; } if (strlen($model['message']) == 0) { $model['errors'][] = "You haven't entered a message"; } // Check recapture OK $error = jabCheckCaptcha(); if ($error !== true) { $model['errors'][] = $error; } if (sizeof($model['errors']) > 0) { return jabRenderView("contact_view_form.php", $model); } $model['to'] = $contact['emailTo']; $model['from'] = "\"" . $model['name'] . "\" <" . $model['email'] . ">"; $model['subject'] = $contact['emailSubject']; if (!jabRenderMail("contact_email.php", $model)) { $model['send_error'] = true; jabRenderView("contact_view_form.php", $model); } else { jabRenderView("contact_view_success.php", null); } }
function register_post($username, $email, $password, $password2) { $model['username'] = $username; $model['email'] = $email; if (strlen($username) == 0) { $model['errors'][] = "Please enter a username"; } if (strpos($username, "/") !== false || strpos($username, "\\") !== false || strpos($username, "<") !== false) { $model['errors'][] = "User name contains invalid characters"; } if (strlen($password) == 0) { $model['errors'][] = "Please enter a password"; } if ($password != $password2) { $model['errors'][] = "Re-typed password didn't match"; } if (!jabIsValidEmail($email)) { $model['errors'][] = "Please enter a valid email address"; } if (sizeof($model['errors'])) { return jabRenderView("auth_view_register.php", $model); } global $auth; try { // Setup model $model['activationId'] = md5($username . $email . date(DATE_RFC822)); $model['activateUrl'] = "http://" . $_SERVER['HTTP_HOST'] . "/" . $auth['routePrefix'] . "/activate/" . urlencode($username) . "/" . $model['activationId']; $model['auth'] = $auth; $model['to'] = $email; $model['from'] = $auth['adminEmail']; $model['subject'] = "Welcome to " . $auth['sitename']; // Create the account $stmt = $auth['pdo']->prepare("INSERT INTO {$auth['tablePrefix']}Users(username, email, password, rights, activationId, activated, enabled) VALUES (:username, :email, :password, :rights, :activationId, 0, 1);"); $stmt->bindValue(":username", $username); $stmt->bindValue(":email", $email); $stmt->bindValue(":password", md5($password)); $stmt->bindValue(":rights", $auth['defaultRights']); $stmt->bindValue(":activationId", $model['activationId']); $stmt->execute(); // Send registration email jabRenderMail("auth_email_register.php", $model); return jabRenderView("auth_view_register_success.php", $model); } catch (Exception $ex) { $model['errors'][] = "Failed to register account, please try a different account name"; $model['errors'][] = htmlspecialchars($ex->getMessage()); return jabRenderView("auth_view_register.php", $model); } }
function view_post_post($id) { global $blog; $model['blog'] = $blog; $model['comment'] = new BlogComment(); $model['comment']->IDArticle = $id; $model['article'] = blog_load_article($id, jabCanUser("author")); $model['preview'] = !!jabRequestParam("preview"); $model['ReplyTo'] = jabRequestParam("ReplyTo"); if ($model['comment']->InitFromForm($model['errors'])) { if (jabRequestParam("post")) { if (strlen($model['ReplyTo'] && jabCanUser("author"))) { $model['to'] = $model['ReplyTo']; $model['from'] = $blog['notifyEmailFrom']; jabRenderMail("blog_email_commentreplied.php", $model); } $model['comment']->Save(); if ($blog['notifyOnComment']) { $model['to'] = $blog['notifyEmailTo']; $model['from'] = strlen($model['comment']->Email) == 0 ? $blog['notifyEmailFrom'] : $model['comment']->Email; jabRenderMail("blog_email_commentposted.php", $model); } jabRedirect($_SERVER["REQUEST_URI_CLEAN"]); } } jabRenderView("blog_view_article.php", $model); }