}
}
if ($values->title != '') {
if ($sep == 1) {
$gbPosts .= ' From ';
}
$gbPosts .= PhocaguestbookHelper::wordDelete($values->title, 100, '...');
}
if ($this->tmpl['display_website'] != 0) {
if ($values->homesite != '') {
if ($values->title == '' && $values->email == '' && $values->username == '') {
$gbPosts .= '';
} else {
$gbPosts .= ' <br />';
}
$gbPosts .= ' <span><a href="' . $values->homesite . '">' . PhocaguestbookHelper::wordDelete($values->homesite, 50, '...') . '</a></span>';
}
}
$gbPosts .= '</h4>';
// SECURITY
// Open a tag protection
$a_count = substr_count(strtolower($values->content), "<a");
$a_end_count = substr_count(strtolower($values->content), "</a>");
$quote_count = substr_count(strtolower($values->content), "\"");
if ($quote_count % 2 != 0) {
$end_quote = "\"";
// close the " if it is open
} else {
$end_quote = "";
}
if ($a_count > $a_end_count) {
function sendPhocaGuestbookMail($id, $post, $url)
{
global $mainframe;
$db = JFactory::getDBO();
$sitename = $mainframe->getCfg('sitename');
//get all super administrator
$query = 'SELECT name, email, sendEmail' . ' FROM #__users' . ' WHERE id = ' . (int) $id;
$db->setQuery($query);
$rows = $db->loadObjectList();
if (isset($post['title']) && $post['title'] != '') {
$subject = $sitename . ' (' . JText::_('New Phoca Guestbook Item') . '): ' . PhocaguestbookHelper::wordDelete($post['title'], 25, '...');
$title = $post['title'];
} else {
$subject = $sitename . " (" . JText::_('New Phoca Guestbook Item') . ')';
$title = $post['title'];
}
if (isset($post['username']) && $post['username'] != '') {
$fromname = $post['username'];
} else {
$fromname = JText::_('Guest');
}
if (isset($post['email']) && $post['email'] != '') {
$mailfrom = $post['email'];
} else {
$mailfrom = $rows[0]->email;
}
if (isset($post['content']) && $post['content'] != '') {
$content = $post['content'];
} else {
$content = "...";
}
$email = $rows[0]->email;
$post['content'] = str_replace("</p>", "\n", $post['content']);
$post['content'] = strip_tags($post['content']);
$message = JText::_('New Phoca Guestbook item saved') . "\n\n" . JText::_('Website') . ': ' . $sitename . "\n" . JText::_('From') . ': ' . $fromname . "\n" . JText::_('Date') . ': ' . JHTML::_('date', gmdate('Y-m-d H:i:s'), JText::_('DATE_FORMAT_LC2')) . "\n\n" . JText::_('Title') . ': ' . $title . "\n" . JText::_('Message') . ': ' . "\n" . "\n\n" . PhocaguestbookHelper::wordDelete($post['content'], 400, '...') . "\n\n" . "\n\n" . JText::_('Click the link') . "\n" . $url . "\n\n" . JText::_('Regards') . ", \n" . $sitename . "\n";
$subject = html_entity_decode($subject, ENT_QUOTES);
$message = html_entity_decode($message, ENT_QUOTES);
JUtility::sendMail($mailfrom, $fromname, $email, $subject, $message);
return true;
}
echo $row->title;
?>
</a>
<?php
}
?>
</td>
<td align="center"><?php
echo $row->username;
?>
</td>
<td align="left"><?php
$row->content = JFilterOutput::cleanText(strip_tags($row->content));
echo PhocaguestbookHelper::wordDelete($row->content, 60, '...');
?>
</td>
<td align="center"><?php
echo $row->ip;
?>
</td>
<td align="center"><?php
echo $published;
?>
</td>
<td class="order">
<span><?php
echo $this->pagination->orderUpIcon($i, $row->catid == @$this->items[$i - 1]->catid, 'orderup', 'Move Up', $ordering);
if ($sep == 1) {
$msgpg .= ' ';
$msgpg .= '( ' . JHTML::_('email.cloak', PhocaguestbookHelper::wordDelete($values->email, 35, '...')) . ' )';
$sep = 1;
} else {
$msgpg .= JHTML::_('email.cloak', PhocaguestbookHelper::wordDelete($values->email, 35, '...'));
$sep = 1;
}
}
}
if ($values->title != '') {
if ($values->title != '') {
if ($sep == 1) {
$msgpg .= ': ';
}
$msgpg .= PhocaguestbookHelper::wordDelete($values->title, 40, '...');
}
}
// SECURITY
// Open a tag protection
$a_count = substr_count(strtolower($values->content), "<a");
$a_end_count = substr_count(strtolower($values->content), "</a>");
$quote_count = substr_count(strtolower($values->content), "\"");
if ($quote_count % 2 != 0) {
$end_quote = "\"";
// close the " if it is open
} else {
$end_quote = "";
}
if ($a_count > $a_end_count) {
$end_a = "></a>";
