function validate_input($valid, &$p, &$error) { $error = null; if ($valid['type'] != 'func') { if (is_array($p)) { $val =& $p[$valid['_input']]; } else { $val =& $p; } } switch ($valid['type']) { case 'address': $val = string_check($val); if (empty($valid['blank']) and strlen($val) < 4) { $error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid address.'; } if (!empty($valid['lines']) and !empty($val) and substr_count($val, "\n") < $valid['lines'] - 1) { $error = 'This address must contain at least ' . $valid['lines'] . ' lines.'; } if (!empty($valid['format'])) { $val = str_replace(array("\r", "\n", "\r\n", ', '), ',', $val); } break; case 'array': case 'choice': case 'select': // $val can't be an array at this point as that's sorted higher up by validate_input_array() if (!is_array($valid['options']) and function_exists($valid['options'])) { $valid['options'] = $valid['options'](); } if (is_array($valid['options'])) { if (is_assoc($valid['options'])) { $err = !@isset($valid['options'][$val]); } else { $err = !in_array($val, $valid['options']); } } elseif (isset($valid['no-opts'])) { $val = ''; } else { $err = true; $valid['msg'] = 'The options could not be found for this field.'; } if (isset($valid['not-empty']) and empty($val)) { $err = true; } if (!empty($err)) { if (!empty($valid['blank'])) { $val = ''; } elseif (!empty($valid['msg'])) { $error = $valid['msg']; } else { $error = 'You must select one of the available options.'; } } break; case 'bool': case 'boolean': if (!empty($val)) { $val = !empty($valid['set']) ? $valid['set'] : 1; } elseif (!empty($valid['mandatory'])) { $error = 'You must tick this box to continue.'; } else { $val = !empty($valid['empty']) ? $valid['empty'] : 0; } break; case 'clear': $val = false; break; // we can't do this because of the isset check in valid; use the func method to point to valid_copy instead // case 'copy': // $val=$p[$valid['copy']]; // break; // we can't do this because of the isset check in valid; use the func method to point to valid_copy instead // case 'copy': // $val=$p[$valid['copy']]; // break; case 'currency': if (!make_currency($val, $valid['blank'] ? 1 : false)) { $error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid currency value'; } if (!empty($valid['positive']) and $val < 0) { $val *= -1; } break; case 'dat': case 'date': // we had to be careful here, as when we moved to a function with &$error // it started adding the error even if we planned to ignore it // use $err in these cases but might be better to pass on the blank flag // to sub functions of the validator $func = 'sql_' . $valid['type']; $val = $func($val, $err); $today_date = date('Y-m-d'); if (empty($val)) { if (!empty($valid['blank'])) { $val = $valid['blank'] == 'today' ? $today_date : ''; } else { $error = !empty($err) ? $err : 'The date you entered was not recognised'; } } else { if (!empty($valid['past'])) { $valid['max'] = $today_date; } if (!empty($valid['future'])) { $valid['min'] = $today_date; } if (!empty($valid['max']) and $val > $valid['max']) { $error = 'The date specified is greater than the maximum allowed.'; } if (!empty($valid['min']) and $val < $valid['min']) { $error = 'The date specified is less than the minimum allowed.'; } } break; case 'dob': if (!empty($val)) { $val = date_from_dob($val); } if (empty($val) and empty($valid['blank'])) { if (!empty($valid['msg'])) { $error = $valid['msg']; } else { $error = 'You must enter a valid date of birth, try ' . (defined(DATE_USA) ? 'mm/dd/yy' : 'dd/mm/yy') . '.'; } } if (isset($valid['max']) or isset($valid['min'])) { $age = age_from_dob($val); if (!empty($valid['max']) and $age > $valid['max']) { $error = 'This date of birth indicates an age of ' . $age . '. It is required that the age is ' . $valid['max'] . ' or less.'; } if (!empty($valid['min']) and $age < $valid['min']) { $error = 'This date of birth indicates an age of ' . $age . '. It is required that the age is ' . $valid['min'] . ' or more.'; } } if ($val > date('Y-m-d')) { $error = 'A date of birth may not be in the future. If time travel has been invented, please let us know last year.'; } break; case 'email': if (!make_email($val, $valid['blank'] ? 1 : false)) { $error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid email address.'; } break; case 'equal': if (!string_compare($val, $valid['equal'])) { $error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter the exact value.'; } break; // this isn't really a data type, could be removed now that we can accept arrays // this isn't really a data type, could be removed now that we can accept arrays case 'extra': $extra = array(); if (is_array($val['key'])) { foreach ($val['key'] as $n => $key) { $extra[string_check($key)] = string_check($val['val'][$n]); } } $val = serialize($extra); break; case 'html': $val = make_html($val, $valid['tags'], !empty($valid['multi_byte']) ? true : false); if ($valid['length'] > 0) { if (strlen($val) < $valid['length']) { $error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a value at least ' . ($valid['length'] == 1 ? '1 character' : $valid['length'] . ' characters.') . ' long'; } } break; case 'image': break; case 'keygen': if (empty($val) and empty($valid['regen'])) { $val = rand_pass(); } break; case 'name': $val = make_name($val); if (empty($valid['blank']) and empty($val)) { $error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid name.'; } break; case 'num': case 'number': if (!is_number($val, $valid['blank'] ? 1 : false)) { if (!empty($valid['default'])) { $val = $valid['default']; } else { $error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid number.'; } } if (!empty($val)) { // for legacy support if (isset($valid['ulimit'])) { $valid['max'] = $valid['ulimit']; } if (isset($valid['dlimit'])) { $valid['min'] = $valid['dlimit']; } // if (isset($valid['max']) and $val > $valid['max']) { $error = 'You must enter a number no greater than ' . $valid['max'] . '.'; } if (isset($valid['min']) and $val < $valid['min']) { $error = 'You must enter a number no lower than ' . $valid['min'] . '.'; } if (isset($valid['max-other']) and $val > $p[$valid['max-other']]) { $error = 'You must enter a number no greater than ' . $p[$valid['max-other']] . '.'; } } break; case 'phone': if (isset($valid['other'])) { $error = !make_phones($val, $p[$valid['other']]); } else { $error = !make_phone($val, $valid['blank'] ? 1 : false); } if (!empty($error)) { $error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid phone number.'; } break; case 'postcode': if (!make_postcode($val, $valid['blank'] ? 1 : false)) { $error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid postcode.'; } break; case 'time': if (!make_time($val, $valid['blank'] ? 1 : false, $valid['format'] ? $valid['format'] : null)) { $error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid time.'; } break; case 'url': case 'website': if (!make_website($val, $valid['blank'] ? 1 : false)) { $error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid website address.'; } if (is_array($valid['unique'])) { $check = query("SELECT " . $valid['unique']['id'] . " FROM " . $valid['unique']['table'] . " WHERE website='{$val}'", 'single'); if ($check > 0) { $error = 'The website address you entered is already registered.'; } } break; case 'func': $func = $valid['func']; if (function_exists($func)) { if (!$func($p, $err, $valid)) { $error = !empty($valid['msg']) ? $valid['msg'] : $err; } break; } default: if (!empty($val)) { $val = string_check($val, $valid['strip']); } if (!empty($valid['length'])) { if (strlen($val) < $valid['length']) { $error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a value at least ' . ($valid['length'] == 1 ? '1 character' : $valid['length'] . ' characters.') . ' long'; } } elseif (!empty($valid['default']) and empty($val)) { $val = $valid['default']; } if (!empty($valid['max']) and $strlen > $valid['max']) { $error = 'You may not enter a value longer than ' . $valid['max'] . ' characters.'; } } validate_unique($valid, $val, $error); if ($error) { return false; } return true; }
function print_email($email, $linktext = false) { echo make_email($email, $linktext); }
function send_email($p, &$error = null, $mail_type = null) { if (empty($mail_type) and function_exists('send_email_type')) { $mail_type = send_email_type(); } if (function_exists('send_email_subject')) { $p['subject'] = send_email_subject($p); } $n = 0; if (!isset($p['emails']) or !is_array_full(array_keys($p['emails']))) { $error = 'You must send emails to the emailer as an array, even for single email addresses. If you don't know what this means, contact your website manager.'; return false; } // this bit is only needed until we've updated all other sites to use new email assoc format $first = reset($p['emails']); if (make_email($first)) { $temp = array(); foreach ($p['emails'] as $name => $email) { $temp[$email] = $name; } $p['emails'] = $temp; unset($temp); } // if (!defined('EMAIL_SEND')) { if (!isset($p['headers'])) { $headers = mail_headers(); } foreach ($p['emails'] as $email => $name) { log_email($name . ' <' . $email . '>', $p['subject'], $p['message'], $headers); $n++; } } else { switch ($mail_type) { case 'func': $func = send_email_func(); if (!$func($p, $error)) { return false; } break; case 'gmail': if (!gmail_send($p, $error)) { return false; } break; case 'sendgrid': if (!sendgrid_send($p, $error)) { return false; } break; case 'smtp': if (!smtp_send($p, $error)) { return false; } break; case 'sendmail': default: if (!is_array_full($p['emails'])) { $error = 'You must send emails to the emailer as an array, even for single email addresses. If you don't know what this means, contact your website manager.'; return false; } if (!isset($p['headers'])) { $p['headers'] = mail_headers(); } foreach ($p['emails'] as $email => $name) { if (@mail($email, $p['subject'], $p['message'], $p['headers'])) { $n++; } else { $errors[] = $email; } } if (!empty($errors)) { $error = 'The email message could not be sent to the following addresses.</p><ul><li>' . implode('</li><li>', $errors) . '</li></ul><p>'; return false; } break; } } return true; }
//everything is ok return 0 echo 0; //everyone involved should get an email $angebot = fetch_one_ride($angebot_id); $f_name = $angebot['name']; $f_tel = $angebot['tel']; $f_email = $angebot['email']; $von = $angebot['von']; $nach = $angebot['nach']; $datum = show_date($angebot['time']); $zeit = show_time($angebot['time']); $treffpunkt = $angebot['treffpunkt']; $dtstart = make_dtcomponent($angebot['time']); $dtend = make_dtcomponent($angebot['time'] + 30 * 60); //duration 30 minutes $ics = make_ics($dtstart, $dtend, $treffpunkt, $von, $nach); $mitfahrer_msg = make_mitfahrer_message($mf_name, $von, $nach, $datum, $zeit, $f_name, $f_tel, $f_email); $subject = "Mitfahrgelegenheit ({$von} -> {$nach}) am {$datum}, {$zeit}"; $from = "*****@*****.**"; $mitfahrer_email = make_email($mf_email, $from, $subject, $mitfahrer_msg); $mitfahrer_email = add_attachment($mitfahrer_email, $ics); send_mail($mitfahrer_email); $fahrer_msg = make_neuer_mitfahrer_message($f_name, $von, $nach, $datum, $zeit, $mf_name, $mf_tel, $mf_email); $fahrer_email = make_email($f_email, $from, $subject, $fahrer_msg); $fahrer_email = add_encoding($fahrer_email); send_mail($fahrer_email); } } else { //no free seats, return 1 echo 1; }
function download_tar() { $name = $GLOBALS['form_name']; $data = array(".htaccess" => make_htaccess(), "run.php ->" => 'code/wfpl/run.php', "style.css" => read_whole_file('code/wfpl/metaform/style.css'), "{$name}.html" => make_html(), "{$name}.php" => make_php()); if ($GLOBALS['opt_db'] == 'Yes') { $data["{$name}.sql"] = make_sql(); } if ($GLOBALS['opt_email'] == 'Yes') { $data["{$name}.email.txt"] = make_email(); } make_tar($name, $data); }
function testProceedingInvalidChar() { $email = '*****@*****.**>'; $this->assertFalse(make_email($email)); }
include 'mf-core.php'; $name = $_POST['name']; $anzahl = $_POST['anzahl']; $von = $_POST['von']; $nach = $_POST['nach']; $treffpunkt = $_POST['treffpunkt']; $fahrzeug = $_POST['fahrzeug']; $preis = $_POST['preis']; $tel = $_POST['tel']; $email = $_POST['email']; $timestamp = $_POST['timestamp']; add_ride($name, $von, $nach, $treffpunkt, $anzahl, $fahrzeug, $preis, $tel, $email, $timestamp); $angebot_id = find_ride($name, $timestamp); echo $angebot_id == 0 ? '0' : '1'; $datum = show_date($timestamp); $zeit = show_time($timestamp); //send email to fahrer //send ics with it //recipient, subject, separator $to = $email; $subject = "Mitfahrgelegenheit ({$von} -> {$nach}) am {$datum}, {$zeit}"; $from = "*****@*****.**"; $fahrer_msg = make_fahrer_msg($name, $datum, $zeit, $von, $nach, $treffpunkt, $anzahl, $preis); $fahrer_mail = make_email($to, $from, $subject, $fahrer_msg); $dtstart = make_dtcomponent($timestamp); $dtend = make_dtcomponent($timestamp + 30 * 60); //duration 30 minutes $ics = make_ics($dtstart, $dtend, $treffpunkt, $von, $nach); $fahrer_mail = add_attachment($fahrer_mail, $ics); send_mail($fahrer_mail);