}
$tpl->set('{name}', $infoUser['user_search_pref']);
$tpl->set('{user-id}', $user);
$tpl->compile('content');
}
}
} else {
msgbox('', $lang['settings_nobaduser'], 'info_2');
}
break;
//################### Смена e-mail ###################//
//################### Смена e-mail ###################//
case "change_mail":
//Отправляем письмо на обе почты
include_once ENGINE_DIR . '/classes/mail.php';
$mail = new dle_mail($config);
$email = textFilter($_POST['email'], false, true);
//Проверка E-mail
if (preg_match('/^(("[\\w-\\s]+")|([\\w-]+(?:\\.[\\w-]+)*)|("[\\w-\\s]+")([\\w-]+(?:\\.[\\w-]+)*))(@((?:[\\w-]+\\.)*\\w[\\w-]{0,66})\\.([a-z]{2,6}(?:\\.[a-z]{2})?)$)|(@\\[?((25[0-5]\\.|2[0-4][0-9]\\.|1[0-9]{2}\\.|[0-9]{1,2}\\.))((25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\\.){2}(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[0-9]{1,2})\\]?$)/i', $email)) {
$ok_email = true;
} else {
$ok_email = false;
}
$row = $db->super_query("SELECT user_email FROM `" . PREFIX . "_users` WHERE user_id = '{$user_id}'");
$check_email = $db->super_query("SELECT COUNT(*) AS cnt FROM `" . PREFIX . "_users` WHERE user_email = '{$email}'");
if ($row['user_email'] and $ok_email and !$check_email['cnt']) {
//Удаляем все пред. заявки
$db->query("DELETE FROM `" . PREFIX . "_restore` WHERE email = '{$email}'");
$salt = "abchefghjkmnpqrstuvwxyz0123456789";
for ($i = 0; $i < 15; $i++) {
$rand_lost .= $salt[rand(0, 33)];
mozg_clear_cache_file('user_' . $for_user_id . '/im');
mozg_create_cache('user_' . $for_user_id . '/im_update', '1');
//Вставляем событие в моментальные оповещания
$row_owner = $db->super_query("SELECT user_last_visit FROM `" . PREFIX . "_users` WHERE user_id = '{$for_user_id}'");
//LamerOK
$update_time = $server_time - 70;
if ($row_owner['user_last_visit'] >= $update_time) {
$db->query("INSERT INTO `" . PREFIX . "_updates` SET for_user_id = '{$for_user_id}', from_user_id = '{$user_info['user_id']}', type = '8', date = '{$server_time}', text = '{$msg}', user_photo = '{$user_info['user_photo']}', user_search_pref = '{$user_info['user_search_pref']}', lnk = '/messages'");
mozg_create_cache("user_{$for_user_id}/updates", 1);
}
//Отправка уведомления на E-mail
if ($config['news_mail_8'] == 'yes' and $user_id != $for_user_id) {
$rowUserEmail = $db->super_query("SELECT user_name, user_email FROM `" . PREFIX . "_users` WHERE user_id = '" . $for_user_id . "'");
if ($rowUserEmail['user_email']) {
include_once ENGINE_DIR . '/classes/mail.php';
$mail = new dle_mail($config);
$rowMyInfo = $db->super_query("SELECT user_search_pref FROM `" . PREFIX . "_users` WHERE user_id = '" . $user_id . "'");
$rowEmailTpl = $db->super_query("SELECT text FROM `" . PREFIX . "_mail_tpl` WHERE id = '8'");
$rowEmailTpl['text'] = str_replace('{%user%}', $rowUserEmail['user_name'], $rowEmailTpl['text']);
$rowEmailTpl['text'] = str_replace('{%user-friend%}', $rowMyInfo['user_search_pref'], $rowEmailTpl['text']);
$rowEmailTpl['text'] = str_replace('{%rec-link%}', $config['home_url'] . 'messages/show/' . $dbid, $rowEmailTpl['text']);
$mail->send($rowUserEmail['user_email'], 'Новое персональное сообщение', $rowEmailTpl['text']);
}
}
} else {
echo 'err_privacy';
}
} else {
echo 'no_user';
}
} else {
$update_time = $server_time - 70;
if ($row_owner['user_last_visit'] >= $update_time) {
$action_update_text = "<img src=\"/uploads/gifts/{$gift}.png\" align=\"right\" width=\"50\">";
$db->query("INSERT INTO `" . PREFIX . "_updates` SET for_user_id = '{$for_user_id}', from_user_id = '{$user_info['user_id']}', type = '7', date = '{$server_time}', text = '{$action_update_text}', user_photo = '{$user_info['user_photo']}', user_search_pref = '{$user_info['user_search_pref']}', lnk = '/gifts{$user_info['user_id']}'");
mozg_create_cache("user_{$for_user_id}/updates", 1);
}
//Добавляем +1 юзеру для оповещания
$cntCacheNews = mozg_cache("user_{$for_user_id}/new_gift");
mozg_create_cache("user_{$for_user_id}/new_gift", $cntCacheNews + 1);
mozg_mass_clear_cache_file("user_{$for_user_id}/profile_{$for_user_id}|user_{$for_user_id}/gifts");
//Отправка уведомления на E-mail
if ($config['news_mail_6'] == 'yes') {
$rowUserEmail = $db->super_query("SELECT user_name, user_email FROM `" . PREFIX . "_users` WHERE user_id = '" . $for_user_id . "'");
if ($rowUserEmail['user_email']) {
include_once ENGINE_DIR . '/classes/mail.php';
$mail = new dle_mail($config);
$rowMyInfo = $db->super_query("SELECT user_search_pref FROM `" . PREFIX . "_users` WHERE user_id = '" . $user_id . "'");
$rowEmailTpl = $db->super_query("SELECT text FROM `" . PREFIX . "_mail_tpl` WHERE id = '6'");
$rowEmailTpl['text'] = str_replace('{%user%}', $rowUserEmail['user_name'], $rowEmailTpl['text']);
$rowEmailTpl['text'] = str_replace('{%user-friend%}', $rowMyInfo['user_search_pref'], $rowEmailTpl['text']);
$rowEmailTpl['text'] = str_replace('{%rec-link%}', $config['home_url'] . 'gifts' . $for_user_id, $rowEmailTpl['text']);
$mail->send($rowUserEmail['user_email'], 'Вам отправили новый подарок', $rowEmailTpl['text']);
}
}
} else {
echo '1';
}
}
die;
break;
//################### Удаление подарка ###################//
function main($page)
{
/* Login */
if (!$this->member_id['name']) {
return $this->lang['pay_need_login'];
}
/* Status */
if (!$this->plugin_config['status']) {
return $this->T_msg($this->lang['pay_error_title'], $this->lang['cabinet_off'], "Refund");
}
/* Post */
if (isset($_POST['submit'])) {
$post_requisites = $this->db->safesql($_POST['bs_requisites']);
$post_summa = $this->pay_api->bf_convert($_POST['bs_summa']);
$post_commission = $this->pay_api->bf_convert($post_summa / 100 * $this->plugin_config['com']);
$error = "";
if (!isset($_POST['bs_hash']) or $_POST['bs_hash'] != $this->hash()) {
$error = $this->lang['pay_hash_error'];
} else {
if (!$post_summa) {
$error = $this->lang['pay_summa_error'];
} else {
if (!$post_requisites) {
$error = str_replace("{link_to_user}", $this->config_dle['http_home_url'] . "user/" . urlencode($this->member_id['name']), $this->lang['refund_error_requisites']);
} else {
if ($post_summa > $this->member_id[$this->config['fname']]) {
$error = $this->lang['refund_error_balance'];
} else {
if ($post_summa < $this->plugin_config['minimum']) {
$error = $this->lang['refund_error_minimum'] . $this->plugin_config['minimum'] . " " . $this->pay_api->bf_declOfNum($this->plugin_config['minimum']);
}
}
}
}
}
if ($error) {
return $this->T_msg($this->lang['pay_error_title'], $error, "Refund");
}
// - Creat moneyback
$redund_id = $this->db_creat_refund($this->member_id['name'], $post_summa, $post_commission, $post_requisites);
$this->pay_api->minus($this->member_id['name'], $post_summa, $this->lang['refund_msgOk'], $this->pay_api->bf_declOfNum($post_summa), "refund", $redund_id);
// - email
if ($this->plugin_config['email']) {
include_once ENGINE_DIR . '/classes/mail.class.php';
$mail = new dle_mail($this->config_dle, true);
$mail->send($this->config_dle['admin_mail'], $this->lang['refund_email_title'], $this->lang['refund_email_msg'] . $this->config_dle['http_home_url'] . $this->config_dle['admin_path'] . "?mod=billing&c=Refund");
unset($mail);
}
}
/* PAGE */
$this->set_element("{hash}", $this->hash());
$this->set_element("{requisites}", $this->xfield($this->plugin_config['requisites']));
$this->set_element("{minimum}", $this->plugin_config['minimum']);
$this->set_element("{minimum_valuta}", $this->pay_api->bf_declOfNum($this->plugin_config['minimum']));
$this->set_element("{commission}", $this->plugin_config['com']);
$this->set_element("{mask}", $this->plugin_config['format']);
/* History */
$tpl = $this->load("Refund");
$log = "";
$tpl_log = $this->T_preg_match($tpl, '~\\[history\\](.*?)\\[/history\\]~is');
$tpl_log_null = $this->T_preg_match($tpl, '~\\[not_history\\](.*?)\\[/not_history\\]~is');
$tpl_log_date = $this->T_preg_match($tpl_log, '~\\{date=(.*?)\\}~is');
$this->db_where(array("refund_user = '******' " => $this->member_id['name']));
$history = $this->db_get_refund($page, $this->config['paging']);
$num_history = $this->db_get_refund_num();
foreach ($history as $history_id => $history_value) {
$time_log_theme = $tpl_log;
$time_log_theme = str_replace("{date=" . $tpl_log_date . "}", langdate($tpl_log_date, $history_value['refund_date']), $time_log_theme);
$time_log_theme = str_replace("{refund_requisites}", $history_value['refund_requisites'], $time_log_theme);
$time_log_theme = str_replace("{refund_commission}", $history_value['refund_commission'], $time_log_theme);
$time_log_theme = str_replace("{refund_commission_valuta}", $this->pay_api->bf_declOfNum($history_value['refund_commission']), $time_log_theme);
$time_log_theme = str_replace("{refund_summa}", $history_value['refund_summa'], $time_log_theme);
$time_log_theme = str_replace("{refund_summa_valuta}", $this->pay_api->bf_declOfNum($history_value['refund_summa']), $time_log_theme);
$time_log_theme = str_replace("{refund_status}", $history_value['refund_date_return'] ? "<font color=\"green\">" . langdate($tpl_log_date, $history_value['refund_date_return']) . "</a>" : "<font color=\"red\">" . $this->lang['refund_wait'] . "</a>", $time_log_theme);
$log .= $time_log_theme;
}
/* Paging */
if ($num_history > $this->config['paging']) {
$tpl_log_page = $this->T_preg_match($tpl, '~\\[paging\\](.*?)\\[/paging\\]~is');
$tpl_log_page_link = $this->T_preg_match($tpl, '~\\[page_link\\](.*?)\\[/page_link\\]~is');
$tpl_log_page_this = $this->T_preg_match($tpl, '~\\[page_this\\](.*?)\\[/page_this\\]~is');
$tpl_log_page = preg_replace("'\\[page_link\\].*?\\[/page_link\\]'si", $this->pay_api->bf_paging($num_history, $page, $this->config_dle['http_home_url'] . $this->config['page'] . ".html/Refund/main/{p}", $tpl_log_page_link, $tpl_log_page_this), $tpl_log_page);
$tpl_log_page = preg_replace("'\\[page_this\\].*?\\[/page_this\\]'si", "", $tpl_log_page);
$this->set_element_block("paging", $tpl_log_page);
} else {
$this->set_element_block("paging", "");
}
/* LOG NULL */
if ($log) {
$this->set_element_block("not_history", "");
} else {
$this->set_element_block("not_history", $tpl_log_null);
}
$this->set_element_block("history", $log);
/* History END */
$tpl = $this->load("Refund");
$this->set_element("{content}", $tpl);
return $this->load("cabinet", "Refund");
}
}
}
set_vars("usergroup", $user_group);
$db->free();
}
@header("Content-type: text/html; charset=" . $config['charset']);
$parse = new ParseFilter();
$parse->safe_mode = true;
$parse->allow_url = $user_group[$member_id['user_group']]['allow_url'];
$parse->allow_image = $user_group[$member_id['user_group']]['allow_image'];
$id = intval($_POST['id']);
$text = convert_unicode($_POST['text'], $config['charset']);
$text = $parse->BB_Parse($parse->process(trim($text)), false);
if ($config['allow_complaint_mail']) {
include_once ENGINE_DIR . '/classes/mail.class.php';
$mail = new dle_mail($config);
$lang['mail_complaint_1'] = str_replace("{site}", $config['http_home_url'], $lang['mail_complaint_1']);
}
if ($_POST['action'] == "pm") {
if (!$is_logged) {
die("error");
}
if (!$id or !$text) {
die("error");
}
$row = $db->super_query("SELECT id, text, user, user_from FROM " . USERPREFIX . "_pm WHERE id='{$id}'");
if ($row['user'] != $member_id['user_id'] or !$row['id']) {
die("Operation not Allowed");
}
if ($row['user_from'] == $member_id['name']) {
echo $lang['error_complaint_2'];
}
echo "ok";
break;
case "email_auto":
$error = false;
$data = array_map_recursive('urldecode', UrlParse($_REQUEST['data']));
if (!$id) {
$error = true;
} else {
$email = $base->SelectOne('auto_autos', array("email"), array("id" => $id));
}
if (empty($email['email'])) {
$error = true;
}
include_once DLE_CLASSES . 'mail.class.php';
$mail = new dle_mail($config);
if (!$is_logged) {
if (!auto_check_email($data['from_email'])) {
$error = true;
}
if (!$data['from_name']) {
$error = true;
}
$mail->from = $data['from_email'];
} else {
$mail->from = $member_id['email'];
}
if (strlen($data['text']) < 10 || strlen($data['subj']) < 5) {
$error = true;
}
if ($error) {
if ($user_group[$member_id['user_group']]['flood_news']) {
$db->query("INSERT INTO " . PREFIX . "_flood (id, ip, flag) values ('{$_TIME}', '{$member_id['name']}', '1')");
}
if ($_POST['tags'] != "" and $approve) {
$tags = array();
$_POST['tags'] = explode(",", $_POST['tags']);
foreach ($_POST['tags'] as $value) {
$tags[] = "('" . $row['id'] . "', '" . trim($value) . "')";
}
$tags = implode(", ", $tags);
$db->query("INSERT INTO " . PREFIX . "_tags (news_id, tag) VALUES " . $tags);
}
if (!$approve and $config['mail_news']) {
include_once ENGINE_DIR . '/classes/mail.class.php';
$row = $db->super_query("SELECT * FROM " . PREFIX . "_email WHERE name='new_news' LIMIT 0,1");
$mail = new dle_mail($config, $row['use_html']);
$row['template'] = stripslashes($row['template']);
$row['template'] = str_replace("{%username%}", $member_id['name'], $row['template']);
$row['template'] = str_replace("{%date%}", langdate("j F Y H:i", $added_time, true), $row['template']);
$row['template'] = str_replace("{%title%}", stripslashes(stripslashes($title)), $row['template']);
$category_list = explode(",", $category_list);
$my_cat = array();
foreach ($category_list as $element) {
$my_cat[] = $cat_info[$element]['name'];
}
$my_cat = stripslashes(implode(', ', $my_cat));
$row['template'] = str_replace("{%category%}", $my_cat, $row['template']);
$mail->send($config['admin_mail'], $lang['mail_news'], $row['template']);
}
}
if ($config['allow_alt_url']) {
$row_userOW = $db->super_query("SELECT user_last_visit FROM `" . PREFIX . "_users` WHERE user_id = '{$check_video['owner_user_id']}'");
$update_time = $server_time - 70;
if ($row_userOW['user_last_visit'] >= $update_time) {
$db->query("INSERT INTO `" . PREFIX . "_updates` SET for_user_id = '{$check_video['owner_user_id']}', from_user_id = '{$user_id}', type = '3', date = '{$server_time}', text = '{$comment}', user_photo = '{$user_info['user_photo']}', user_search_pref = '{$user_info['user_search_pref']}', lnk = '/video{$check_video['owner_user_id']}_{$vid}'");
mozg_create_cache("user_{$check_video['owner_user_id']}/updates", 1);
//ИНАЧЕ Добавляем +1 юзеру для оповещания
} else {
$cntCacheNews = mozg_cache('user_' . $check_video['owner_user_id'] . '/new_news');
mozg_create_cache('user_' . $check_video['owner_user_id'] . '/new_news', $cntCacheNews + 1);
}
//Отправка уведомления на E-mail
if ($config['news_mail_3'] == 'yes') {
$rowUserEmail = $db->super_query("SELECT user_name, user_email FROM `" . PREFIX . "_users` WHERE user_id = '" . $check_video['owner_user_id'] . "'");
if ($rowUserEmail['user_email']) {
include_once ENGINE_DIR . '/classes/mail.php';
$mail = new dle_mail($config);
$rowMyInfo = $db->super_query("SELECT user_search_pref FROM `" . PREFIX . "_users` WHERE user_id = '" . $user_id . "'");
$rowEmailTpl = $db->super_query("SELECT text FROM `" . PREFIX . "_mail_tpl` WHERE id = '3'");
$rowEmailTpl['text'] = str_replace('{%user%}', $rowUserEmail['user_name'], $rowEmailTpl['text']);
$rowEmailTpl['text'] = str_replace('{%user-friend%}', $rowMyInfo['user_search_pref'], $rowEmailTpl['text']);
$rowEmailTpl['text'] = str_replace('{%rec-link%}', $config['home_url'] . 'video' . $check_video['owner_user_id'] . '_' . $vid, $rowEmailTpl['text']);
$mail->send($rowUserEmail['user_email'], 'Новый комментарий к Вашей видеозаписи', $rowEmailTpl['text']);
}
}
}
AjaxTpl();
//Чистим кеш
mozg_mass_clear_cache_file("user_{$check_video['owner_user_id']}/page_videos_user|user_{$check_video['owner_user_id']}/page_videos_user_friends|user_{$check_video['owner_user_id']}/page_videos_user_all");
}
}
} else {
function SendMail($mail_template, $id)
{
global $job;
switch ($mail_template) {
case "vacancy":
$field_aray = Vacancy::$fields;
$subj = $job->lang['vacancy_mail_subj'];
$url = $job->tpl->GetUrl(array('action' => 'vacancy', "id" => $id));
$moder = CheckGroupAllow('vacancy_add_no_moder') ? $job->lang['no'] : $job->lang['yes'];
break;
case "resume":
$field_aray = Resume::$fields;
$subj = $job->lang['resume_mail_subj'];
$moder = CheckGroupAllow('resume_add_no_moder') ? $job->lang['no'] : $job->lang['yes'];
$url = $job->tpl->GetUrl(array('action' => 'resume', "id" => $id));
break;
case 'company':
$field_aray = array();
$subj = $job->lang['company_mail_subj'];
$url = $job->GetCompanyURL($id, $_POST['alt_name']);
break;
}
if ($job->config['general_inform'] && $job->config['general_email']) {
if (file_exists(ENGINE_DIR . "/job/mail_templates/" . $mail_template . ".txt")) {
$content = file_get_contents(ENGINE_DIR . "/job/mail_templates/" . $mail_template . ".txt");
$content = str_replace("{site_url}", $GLOBALS['config']['http_home_url'], $content);
$content = str_replace("{url}", $url, $content);
$content = str_replace("{moder}", $moder, $content);
if (!empty($_POST['sphere_id'])) {
$content = str_replace("{sphere}", $job->spheres[$_POST['sphere_id']], $content);
}
if (!empty($_POST['specialty_id'])) {
$content = str_replace("{specialty}", $job->specialties[$_POST['specialty_id']], $content);
}
if (!empty($_POST['country_id'])) {
$content = str_replace("{country}", $job->countries[$_POST['country_id']], $content);
}
if (!empty($_POST['city_id'])) {
$content = str_replace("{city}", $job->cities[$_POST['city_id']], $content);
}
if (!empty($_POST['currency'])) {
$content = str_replace("{currency}", Job::$currecy_array[$_POST['currency']], $content);
}
foreach ($_POST as $key => $value) {
if (key_exists($key, $field_aray)) {
$content = str_replace("{" . $key . "}", $field_aray[$key][$value], $content);
} else {
$content = str_replace("{" . $key . "}", $value, $content);
}
}
// $content = preg_replace('#{.+?}#si', '', $content);
include_once DLE_CLASSES . 'mail.class.php';
$mail = new dle_mail($GLOBALS['config']);
$mail->from = $GLOBALS['config']['admin_mail'];
$mail->send($job->config['general_email'], $subj, $content);
}
}
}
break;
}
}
}
if (!$pass_answer) {
$stop .= "<li>" . $lang['reg_err_24'] . "</li>";
}
} else {
$stop .= "<li>" . $lang['reg_err_24'] . "</li>";
}
}
if ($stop) {
msgbox($lang['all_err_1'], "<ul>{$stop}</ul><a href=\"javascript:history.go(-1)\">{$lang['all_prev']}</a>");
} else {
include_once ENGINE_DIR . '/classes/mail.class.php';
$mail = new dle_mail($config);
$row = $db->super_query("SELECT template FROM " . PREFIX . "_email WHERE name='feed_mail' LIMIT 0,1");
$row['template'] = stripslashes($row['template']);
$row['template'] = str_replace("{%username_to%}", $recipient['fullname'], $row['template']);
$row['template'] = str_replace("{%username_from%}", $name, $row['template']);
$row['template'] = str_replace("{%text%}", $message, $row['template']);
$row['template'] = str_replace("{%ip%}", $_SERVER['REMOTE_ADDR'], $row['template']);
$row['template'] = str_replace("{%email%}", $email, $row['template']);
$row['template'] = str_replace("{%group%}", $user_group[$member_id['user_group']]['group_name'], $row['template']);
if ($config['use_admin_mail']) {
$mail->from = $config['admin_mail'];
} else {
$mail->from = $email;
}
$mail->send($recipient['email'], $subject, $row['template']);
if ($mail->send_error) {
}
$db->query("INSERT INTO " . USERPREFIX . "_pm (subj, text, user, user_from, date, pm_read, folder) values ('{$title}', '{$message_send}', '{$row['user_id']}', '{$member_id['name']}', '{$time}', 'no', 'inbox')");
$db->query("UPDATE " . USERPREFIX . "_users set pm_all=pm_all+1, pm_unread=pm_unread+1 where user_id='{$row['user_id']}'");
$step++;
}
$db->free($result);
} elseif ($type == "email") {
$message = stripslashes($message);
$title = stripslashes($title);
$row = $db->super_query("SELECT template FROM " . PREFIX . "_email WHERE name='newsletter' LIMIT 0,1");
$row['template'] = str_replace("{%charset%}", $config['charset'], $row['template']);
$row['template'] = str_replace("{%title%}", $title, $row['template']);
$row['template'] = str_replace("{%content%}", $message, $row['template']);
$message = stripslashes($row['template']);
include_once ENGINE_DIR . '/classes/mail.class.php';
$mail = new dle_mail($config, true);
$mail->keepalive = true;
$where = array();
$where[] = "banned != 'yes'";
if ($empfanger) {
$where[] = $empfanger;
}
if ($a_mail) {
$where[] = "allow_mail = '1'";
}
$where = " WHERE " . implode(" AND ", $where);
if ($config['mail_bcc']) {
$limit = $limit * 6;
$i = 0;
$h_mail = array();
$bcc = array();
$wall = new wall();
//Если добавлена просто запись, то сразу обновляем все записи на стене
if (!$fast_comm_id) {
if ($xPrivasyX) {
$wall->query("SELECT SQL_CALC_FOUND_ROWS tb1.id, author_user_id, text, add_date, fasts_num, likes_num, likes_users, type, tell_uid, tell_date, public, attach, tell_comm, tb2.user_photo, user_search_pref, user_last_visit FROM `" . PREFIX . "_wall` tb1, `" . PREFIX . "_users` tb2 WHERE for_user_id = '{$for_user_id}' AND tb1.author_user_id = tb2.user_id AND tb1.fast_comm_id = '0' ORDER by `add_date` DESC LIMIT 0, {$limit_select}");
$wall->template('wall/record.tpl');
$wall->compile('content');
$wall->select();
}
mozg_clear_cache_file('user_' . $for_user_id . '/profile_' . $for_user_id);
//Отправка уведомления на E-mail
if ($config['news_mail_7'] == 'yes' and $user_id != $for_user_id) {
$rowUserEmail = $db->super_query("SELECT user_name, user_email FROM `" . PREFIX . "_users` WHERE user_id = '" . $for_user_id . "'");
if ($rowUserEmail['user_email']) {
include_once ENGINE_DIR . '/classes/mail.php';
$mail = new dle_mail($config);
$rowMyInfo = $db->super_query("SELECT user_search_pref FROM `" . PREFIX . "_users` WHERE user_id = '" . $user_id . "'");
$rowEmailTpl = $db->super_query("SELECT text FROM `" . PREFIX . "_mail_tpl` WHERE id = '7'");
$rowEmailTpl['text'] = str_replace('{%user%}', $rowUserEmail['user_name'], $rowEmailTpl['text']);
$rowEmailTpl['text'] = str_replace('{%user-friend%}', $rowMyInfo['user_search_pref'], $rowEmailTpl['text']);
$rowEmailTpl['text'] = str_replace('{%rec-link%}', $config['home_url'] . 'wall' . $for_user_id . '_' . $dbid, $rowEmailTpl['text']);
$mail->send($rowUserEmail['user_email'], 'Новая запись на стене', $rowEmailTpl['text']);
}
}
//Если добавлен комментарий к записи то просто обновляем нужную часть, тоесть только часть комментариев, но не всю стену
} else {
//Выводим кол-во комментов к записи
$row = $db->super_query("SELECT fasts_num FROM `" . PREFIX . "_wall` WHERE id = '{$fast_comm_id}'");
$record_fasts_num = $row['fasts_num'];
if ($record_fasts_num > 3) {
$limit_comm_num = $row['fasts_num'] - 3;
*/
if (!defined('MOZG')) {
die('Hacking attempt!');
}
$act = $_GET['act'];
switch ($act) {
//################### Начало рассылки ###################//
case "send":
$limit = intval($_POST['limit']);
$lastid = intval($_POST['lastid']);
$title = textFilter(ajax_utf8($_POST['title']), false, true);
$_POST['text'] = ajax_utf8($_POST['text']);
$sql_ = $db->super_query("SELECT SQL_CALC_FOUND_ROWS user_search_pref, user_email FROM `" . PREFIX . "_users` ORDER by `user_id` ASC LIMIT " . $lastid . ", " . $limit, 1);
if ($sql_) {
include_once ENGINE_DIR . '/classes/mail.php';
$mail = new dle_mail($config, true);
foreach ($sql_ as $row) {
$find = array('/data:/i', '/about:/i', '/vbscript:/i', '/onclick/i', '/onload/i', '/onunload/i', '/onabort/i', '/onerror/i', '/onblur/i', '/onchange/i', '/onfocus/i', '/onreset/i', '/onsubmit/i', '/ondblclick/i', '/onkeydown/i', '/onkeypress/i', '/onkeyup/i', '/onmousedown/i', '/onmouseup/i', '/onmouseover/i', '/onmouseout/i', '/onselect/i', '/javascript/i', '/javascript/i');
$replace = array("data:", "about:", "vbscript<b></b>:", "onclick", "onload", "onunload", "onabort", "onerror", "onblur", "onchange", "onfocus", "onreset", "onsubmit", "ondblclick", "onkeydown", "onkeypress", "onkeyup", "onmousedown", "onmouseup", "onmouseover", "onmouseout", "onselect", "javascript");
$message_send = preg_replace($find, $replace, $_POST['text']);
$message_send = preg_replace("#<iframe#i", "<iframe", $message_send);
$message_send = preg_replace("#<script#i", "<script", $message_send);
$message_send = str_replace("<?", "<?", $message_send);
$message_send = str_replace("?>", "?>", $message_send);
$message_send = $db->safesql($message_send);
$message_send = str_replace("{%user-name%}", $row['user_search_pref'], $_POST['text']);
$mail->send($row['user_email'], $title, $message_send);
echo 'ok';
}
}
die;
function send_msg($type, $user_id, $array)
{
if (!$user_id) {
return false;
}
/* PM */
if ($this->config_mail[$type . "_staus_pm"]) {
$title = html_entity_decode($this->config_mail[$type . "_title"]);
$text = html_entity_decode($this->config_mail[$type]);
$text = str_replace("\r\n", "<br />", $text);
$text = str_replace("$", "\$", $text);
$text = str_replace("{", "{", $text);
$text = str_replace("}", "}", $text);
foreach ($array as $key => $value) {
$text = str_replace($key, $value, $text);
$title = str_replace($key, $value, $title);
}
$this->pay_api->send_pm_to_user($user_id, $title, $text, $this->config['admin']);
}
/* Email */
if ($this->config_mail[$type . "_staus_email"]) {
$get_usert = $this->db_search_user_by_id($user_id);
if (!$get_usert['email']) {
return false;
}
$title = html_entity_decode($this->config_mail[$type . "_title"]);
$text = html_entity_decode($this->config_mail[$type]);
$text = str_replace("\r\n", "<br />", $text);
$text = str_replace("$", "\$", $text);
$text = str_replace("{", "{", $text);
$text = str_replace("}", "}", $text);
foreach ($array as $key => $value) {
$text = str_replace($key, $value, $text);
$title = str_replace($key, $value, $title);
}
include_once ENGINE_DIR . '/classes/mail.class.php';
$mail = new dle_mail($this->config_dle, true);
$mail->send($get_usert['email'], $title, $text);
unset($mail);
}
return true;
}
}
if ($_POST['subscribe']) {
$db->query("DELETE FROM " . PREFIX . "_subscribe WHERE user_id = '{$row['user_id']}'");
}
if ($send_mail_log) {
$salt = "abchefghjkmnpqrstuvwxyz0123456789";
srand((double) microtime() * 1000000);
$rand_lost = "";
for ($i = 0; $i < 15; $i++) {
$rand_lost .= $salt[rand(0, 33)];
}
$hashid = sha1(md5($row['user_id'] . $row['email']) . time() . $rand_lost);
$db->query("DELETE FROM " . USERPREFIX . "_mail_log WHERE user_id='{$row['user_id']}'");
$db->query("INSERT INTO " . USERPREFIX . "_mail_log (user_id, mail, hash) values ('{$row['user_id']}', '{$email}', '{$hashid}')");
include_once ENGINE_DIR . '/classes/mail.class.php';
$mail = new dle_mail($config);
$link = $config['http_home_url'] . "index.php?do=changemail&id=" . $hashid;
$message = $lang['change_mail_1'] . " {$email} {$lang['change_mail_2']}\n\n{$lang['change_mail_3']} {$link}\n\n{$lang['lost_mfg']} " . $config['http_home_url'];
$mail->send($email, $lang['change_mail_subj'], $message);
msgbox($lang['all_info'], "<ul>" . $lang['change_mail'] . "</ul>");
}
}
}
//####################################################################################################################
// Просмотр профиля пользователя
//####################################################################################################################
$user_found = FALSE;
if (preg_match("/[\\||\\'|\\<|\\>|\"|\\!|\\?|\$|\\@|\\/|\\\\|\\&\\~\\*\\+]/", $name)) {
die("Not allowed user name!");
}
$sql_result = $db->query("SELECT * FROM " . USERPREFIX . "_users where name = '{$user}'");
$update_time = $server_time - 70;
if ($row_userOW['user_last_visit'] >= $update_time) {
$db->query("INSERT INTO `" . PREFIX . "_updates` SET for_user_id = '{$check_photo['user_id']}', from_user_id = '{$user_id}', type = '2', date = '{$server_time}', text = '{$comment}', user_photo = '{$user_info['user_photo']}', user_search_pref = '{$user_info['user_search_pref']}', lnk = '/photo{$check_photo['user_id']}_{$pid}_{$check_photo['album_id']}'");
mozg_create_cache("user_{$check_photo['user_id']}/updates", 1);
//ИНАЧЕ Добавляем +1 юзеру для оповещания
} else {
//Добавляем +1 юзеру для оповещания
$cntCacheNews = mozg_cache('user_' . $check_photo['user_id'] . '/new_news');
mozg_create_cache('user_' . $check_photo['user_id'] . '/new_news', $cntCacheNews + 1);
}
//Отправка уведомления на E-mail
if ($config['news_mail_4'] == 'yes') {
$rowUserEmail = $db->super_query("SELECT user_name, user_email FROM `" . PREFIX . "_users` WHERE user_id = '" . $check_photo['user_id'] . "'");
if ($rowUserEmail['user_email']) {
include_once ENGINE_DIR . '/classes/mail.php';
$mail = new dle_mail($config);
$rowMyInfo = $db->super_query("SELECT user_search_pref FROM `" . PREFIX . "_users` WHERE user_id = '" . $user_id . "'");
$rowEmailTpl = $db->super_query("SELECT text FROM `" . PREFIX . "_mail_tpl` WHERE id = '4'");
$rowEmailTpl['text'] = str_replace('{%user%}', $rowUserEmail['user_name'], $rowEmailTpl['text']);
$rowEmailTpl['text'] = str_replace('{%user-friend%}', $rowMyInfo['user_search_pref'], $rowEmailTpl['text']);
$rowEmailTpl['text'] = str_replace('{%rec-link%}', $config['home_url'] . 'photo' . $check_photo['user_id'] . '_' . $vid . '_' . $check_photo['album_id'], $rowEmailTpl['text']);
$mail->send($rowUserEmail['user_email'], 'Новый комментарий к Вашей фотографии', $rowEmailTpl['text']);
}
}
}
//Чистим кеш кол-во комментов
mozg_mass_clear_cache_file("user_{$check_photo['user_id']}/albums_{$check_photo['user_id']}_comm|user_{$check_photo['user_id']}/albums_{$check_photo['user_id']}_comm_all|user_{$check_photo['user_id']}/albums_{$check_photo['user_id']}_comm_friends");
AjaxTpl();
} else {
echo 'err_privacy';
}
NoAjaxQuery();
$email = ajax_utf8(textFilter($_POST['email']));
$check = $db->super_query("SELECT user_name FROM `" . PREFIX . "_users` WHERE user_email = '{$email}'");
if ($check) {
//Удаляем все предыдущие запросы на воостановление
$db->query("DELETE FROM `" . PREFIX . "_restore` WHERE email = '{$email}'");
$salt = "abchefghjkmnpqrstuvwxyz0123456789";
for ($i = 0; $i < 15; $i++) {
$rand_lost .= $salt[rand(0, 33)];
}
$hash = md5($server_time . $email . rand(0, 100000) . $rand_lost . $check['user_name']);
//Вставляем в базу
$db->query("INSERT INTO `" . PREFIX . "_restore` SET email = '{$email}', hash = '{$hash}', ip = '{$_IP}'");
//Отправляем письмо на почту для воостановления
include_once ENGINE_DIR . '/classes/mail.php';
$mail = new dle_mail($config);
$message = <<<HTML
Здравствуйте, {$check['user_name']}.
Чтобы сменить ваш пароль, пройдите по этой ссылке:
{$config['home_url']}restore?act=prefinish&h={$hash}
Мы благодарим Вас за участие в жизни нашего сайта.
{$config['home_url']}
HTML;
$mail->send($email, $lang['lost_subj'], $message);
}
die;
break;
//################### Страница смены пароля ###################//
function register_wait_user($social_user, $user_id, $name, $email, $id, $key)
{
global $db, $config, $user_group, $popup, $js_popup, $lang;
$id = intval($id);
if (!$id) {
if (function_exists('openssl_random_pseudo_bytes') && (version_compare(PHP_VERSION, '5.3.4') >= 0 || strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN')) {
$stronghash = openssl_random_pseudo_bytes(15);
} else {
$stronghash = md5(uniqid(mt_rand(), TRUE));
}
$salt = str_shuffle("abchefghjkmnpqrstuvwxyz0123456789" . sha1($stronghash . microtime()));
$password = '';
for ($i = 0; $i < 11; $i++) {
$password .= $salt[GetRandInt(72)];
}
$password = md5($password);
$key = $password;
$db->query("INSERT INTO " . USERPREFIX . "_social_login (sid, uid, password, provider, wait) VALUES ('{$social_user['sid']}', '{$user_id}', '{$password}', '{$social_user['provider']}', '1')");
$id = $db->insert_id();
}
$link = $config['http_home_url'] . "index.php?do=auth-social&action=approve&id=" . $id . "&key=" . $key;
include_once ENGINE_DIR . '/classes/mail.class.php';
$row = $db->super_query("SELECT * FROM " . PREFIX . "_email WHERE name='wait_mail' LIMIT 0,1");
$mail = new dle_mail($config, $row['use_html']);
$row['template'] = stripslashes($row['template']);
$row['template'] = str_replace("{%username%}", $name, $row['template']);
$row['template'] = str_replace("{%link%}", $link, $row['template']);
$row['template'] = str_replace("{%ip%}", get_ip(), $row['template']);
$row['template'] = str_replace("{%network%}", $social_user['provider'], $row['template']);
$mail->send($email, $lang['wait_subj'], $row['template']);
echo str_replace("{text}", $lang['reg_err_36'], $popup);
die;
}
@(include_once ROOT_DIR . '/language/' . $config['langs'] . '/website.lng');
require_once ENGINE_DIR . '/classes/antivirus.class.php';
$antivirus = new antivirus();
$antivirus->scan_files(ROOT_DIR, false, true);
if (count($antivirus->bad_files)) {
$found_files = "";
foreach ($antivirus->bad_files as $idx => $data) {
if ($data['type']) {
$type = $lang['anti_modified'];
} else {
$type = $lang['anti_not'];
}
$found_files .= "\n{$data['file_path']} {$type}\n";
}
include_once ENGINE_DIR . '/classes/mail.class.php';
$mail = new dle_mail($config);
$message = $lang['anti_message_1'] . "\n{$found_files}\n{$lang['anti_message_2']}\n\n{$lang['lost_mfg']} " . $config['http_home_url'];
$mail->send($config['admin_mail'], $lang['anti_subj'], $message);
}
die("done");
} else {
$files = array();
if (is_dir(ROOT_DIR . '/backup/') && ($handle = opendir(ROOT_DIR . '/backup/'))) {
while (false !== ($file = readdir($handle))) {
if (preg_match("/^.+?\\.sql(\\.(gz|bz2))?\$/", $file)) {
$prefix = explode("_", $file);
$prefix = end($prefix);
$prefix = explode(".", $prefix);
$prefix = reset($prefix);
if (strlen($prefix) == 32) {
$files[] = $file;
break;
}
}
}
if (!$pass_answer) {
$reg_error .= $lang['reg_err_25'];
}
} else {
$reg_error .= $lang['reg_err_25'];
}
}
if (!$reg_error) {
$stronghash = sha1(DBHOST . DBNAME . SECURE_AUTH_KEY);
if ($config['registration_type']) {
include_once ENGINE_DIR . '/classes/mail.class.php';
$mail = new dle_mail($config);
$row = $db->super_query("SELECT template FROM " . PREFIX . "_email where name='reg_mail' LIMIT 0,1");
$row['template'] = stripslashes($row['template']);
$idlink = rawurlencode(base64_encode($name . "||" . $email . "||" . md5($password1) . "||" . sha1($name . $email . $stronghash . $config['key'])));
$row['template'] = str_replace("{%username%}", $name, $row['template']);
$row['template'] = str_replace("{%email%}", $email, $row['template']);
$row['template'] = str_replace("{%validationlink%}", $config['http_home_url'] . "index.php?do=register&doaction=validating&id=" . $idlink, $row['template']);
$row['template'] = str_replace("{%password%}", $password1, $row['template']);
$mail->send($email, $lang['reg_subj'], $row['template']);
if ($mail->send_error) {
msgbox($lang['all_info'], $mail->smtp_msg);
} else {
msgbox($lang['reg_vhead'], $lang['reg_vtext']);
}
$_SESSION['sec_code_session'] = false;
$_SESSION['question'] = false;
if ($config['allow_alt_url']) {
if ($config['seo_type'] == 1 or $config['seo_type'] == 2) {
if ($row['category'] and $config['seo_type'] == 2) {
$full_link = $config['http_home_url'] . get_url($row['category']) . "/" . $row['id'] . "-" . $row['alt_name'] . ".html";
} else {
$full_link = $config['http_home_url'] . $row['id'] . "-" . $row['alt_name'] . ".html";
}
} else {
$full_link = $config['http_home_url'] . date('Y/m/d/', $row['date']) . $row['alt_name'] . ".html";
}
} else {
$full_link = $config['http_home_url'] . "index.php?newsid=" . $row['id'];
}
$title = stripslashes($row['title']);
$row = $db->super_query("SELECT * FROM " . PREFIX . "_email WHERE name='comments' LIMIT 0,1");
$mail = new dle_mail($config, $row['use_html']);
if (strpos($full_link, "//") === 0) {
$full_link = "http:" . $full_link;
} elseif (strpos($full_link, "/") === 0) {
$full_link = "http://" . $_SERVER['HTTP_HOST'] . $full_link;
}
$row['template'] = stripslashes($row['template']);
$row['template'] = str_replace("{%username%}", $name, $row['template']);
$row['template'] = str_replace("{%date%}", langdate("j F Y H:i", $_TIME, true), $row['template']);
$row['template'] = str_replace("{%link%}", $full_link, $row['template']);
$row['template'] = str_replace("{%title%}", $title, $row['template']);
$body = str_replace('\\n', "", $comments);
$body = str_replace('\\r', "", $body);
$body = stripslashes(stripslashes($body));
$body = str_replace("<br />", "\n", $body);
$body = strip_tags($body);
$base->Update('auto_marks', array("auto_num" => "IF(auto_num=0, 0, auto_num-1)"), array('id' => $row['mark_id']), true);
$base->Update('auto_models', array("auto_num" => "IF(auto_num=0, 0, auto_num-1)"), array('id' => $row['model_id']), true);
}
if ($id) {
$base->SetWhere('id', $id, "IN", 'auto_autos');
$base->Update('auto_autos', array("allow_site" => 0), array());
}
$base->SetWhere("block_date", $base->timer->cur_time, "<", 'auto_autos');
$base->SetWhere("block_date", 0, "!=", 'auto_autos');
$base->Update('auto_autos', array("allow_block" => 0), array("allow_block" => 1));
Cache::SetHTMLCache('cron_time', time());
if ($auto->config['user_send_mail']) {
$mail_time = Cache::GetHTMLCache('mail_time');
if (time() - $mail_time > 24 * 3600) {
require_once DLE_CLASSES . 'mail.class.php';
$mail = new dle_mail($config);
$time_begin = $base->timer->cur_time - 3600 * 24;
$base->SetWhere('exp_date', array($time_begin, $base->timer->cur_time), 'BETWEEN');
$res = $base->Select('auto_autos', array('author_id'), array('allow_site' => 1));
$text = file_get_contents(ENGINE_DIR . "/car-market/mail_extend.txt");
while ($row = $base->FetchArray($res)) {
$user = $db->super_query('SELECT email, user_group, name FROM ' . USERPREFIX . "_users WHERE user_id=" . $row['author_id']);
if (!empty($user) && in_array($user['user_group'], $auto->config['user_int_allow_extend'])) {
$mail_text = str_replace("{%username%}", $user['name'], $text);
$mail_text = str_replace("{%auto_link%}", $template->GetUrl(array("action" => 'auto', "id" => $row['id'])), $mail_text);
$mail->send($user['email'], $auto->lang['mail_extend_subj'], $mail_text);
}
}
Cache::SetHTMLCache('mail_time', time());
}
}
public function Add($values_array)
{
if (!in_array($this->member['group'], $this->config['user_int_allow_no_code'])) {
$sec_code_session = $_SESSION['sec_code_session'] != '' ? $_SESSION['sec_code_session'] : false;
$_SESSION['sec_code_session'] = false;
if ($_POST['sec_code'] != $sec_code_session or !$sec_code_session) {
$this->Errors[] = $this->lang['error_code'];
}
}
if (!$GLOBALS['is_logged'] && $this->config['general_allow_reg']) {
$parse = new ParseFilter(array(), array(), 1, 1);
$password1 = $this->base->EscapeString($parse->process($_POST['password1']));
$password2 = $this->base->EscapeString($parse->process($_POST['password2']));
$name = $this->base->EscapeString($parse->process(htmlspecialchars(trim($_POST['name']))));
$email = $this->base->EscapeString($parse->process(htmlspecialchars(trim($_POST['email']))));
$member_id = $GLOBALS['db']->super_query("SELECT * FROM " . USERPREFIX . "_users where name='{$name}' and password='******'");
if ($member_id) {
$this->LoginIn($password1);
$GLOBALS['member_id'] = $member_id;
$this->member['id'] = $member_id['user_id'];
$this->member['name'] = $member_id['name'];
$this->member['group'] = $member_id['user_group'];
$this->member['ip'] = $member_id['logged_ip'];
$this->guest_session = '';
} else {
auto_check_reg($name, $email, $password1, $password2);
}
}
$this->values = $values_array;
$this->CheckError();
require_once ENGINE_DIR . '/car-market/classes/Fields.php';
$xfields = new Fields($this->base, $this);
$this->values['xfields'] = $xfields->EncodeFields($this->values);
$this->Errors = $this->Errors + $xfields->getErrors();
if ($this->Errors) {
return false;
}
if (!$GLOBALS['is_logged'] && $this->config['general_allow_reg']) {
if (intval($GLOBALS['config']['reg_group']) < 3) {
$GLOBALS['config']['reg_group'] = 4;
}
$regpassword = md5(md5($password1));
$GLOBALS['db']->query("INSERT INTO " . USERPREFIX . "_users (name, password, email, reg_date, lastdate, user_group, info, signature, favorites, xfields, logged_ip) VALUES ('{$name}', '{$regpassword}', '{$email}', '{$this->base->timer->cur_time}', '{$this->base->timer->cur_time}', '" . $GLOBALS['config']['reg_group'] . "', '', '', '', '', '" . $this->member['ip'] . "')");
$this->member['id'] = $GLOBALS['db']->insert_id();
$this->member['name'] = $name;
$this->member['group'] = $GLOBALS['config']['reg_group'];
$guest_session = $this->guest_session;
$this->guest_session = '';
$this->LoginIn($password1);
}
// if ($this->values['capacity_motor'] > 1000)
// {
// $this->values['capacity_motor'] = $this->values['capacity_motor']/1000;
// }
$this->PreparationValues();
if (in_array($this->member['group'], $this->config['user_int_allow_change_exp'])) {
if ($this->values['count_day']) {
$this->values['exp_date'] = $this->base->timer->cur_time + (int) $this->values['count_day'] * 24 * 60 * 60;
} else {
$this->values['exp_date'] = 0;
}
} elseif ($this->config['user_int_default_day_count']) {
$this->values['exp_date'] = $this->base->timer->cur_time + (int) $this->config['user_int_default_day_count'] * 24 * 60 * 60;
} else {
$this->values['exp_date'] = 0;
}
if (in_array($this->member['group'], $this->config['user_int_allow_no_moder'])) {
$this->values['allow_site'] = 1;
}
$this->values['guest_session'] = $this->guest_session;
$this->values['add_date'] = $this->values['update_date'] = $this->base->timer->cur_time;
$this->values['author'] = $this->member['name'];
$this->values['author_id'] = $this->member['id'];
$this->values['author_ip'] = $this->member['ip'];
$id = $this->base->Insert('auto_autos', $this->values);
if (!empty($this->values['images'])) {
$this->values['images'] = array_slice($this->values['images'], 0, $this->config['count_photo'][$this->member['group']]);
if ($this->values['images']) {
$this->base->SetWhere('id', $this->values['images'], 'IN', 'auto_images');
if ($this->member['id']) {
$this->base->Update('auto_images', array('auto_id' => $id), array('auto_id' => 0, 'user_id' => $this->member['id']));
} else {
if (!empty($guest_session)) {
$this->base->Update('auto_images', array('auto_id' => $id, 'user_id' => $this->member['id'], 'guest_session' => ''), array('auto_id' => 0, 'guest_session' => $guest_session));
} else {
$this->base->Update('auto_images', array('auto_id' => $id), array('auto_id' => 0, 'guest_session' => $this->guest_session));
}
}
if (!(int) $this->values['main_photo']) {
$this->values['main_photo'] = reset($this->values['images']);
}
$this->base->Update('auto_autos', array('photo' => $this->values['main_photo'], 'photo_count' => count($this->values['images'])), array('id' => $id));
}
}
if (!empty($_FILES['photo']['name'][0]) && $this->UploadPhoto($id)) {
$this->base->Update('auto_autos', array('photo' => $this->values['photo'], 'photo_count' => $this->values['photo_count']), array('id' => $id));
}
if (!empty($this->values['allow_site'])) {
$this->IncrementCounter($this->values['mark_id'], $this->values['model_id']);
Cache::ClearAllCache();
}
if ($this->config['general_inform'] && $this->config['general_email']) {
if ($data = @file_get_contents(ENGINE_DIR . "/car-market/mail.txt")) {
include_once DLE_CLASSES . 'mail.class.php';
$mail = new dle_mail($GLOBALS['config']);
$mail->from = $GLOBALS['config']['admin_mail'];
$data = str_replace("{%site_url%}", $GLOBALS['config']['http_home_url'], $data);
$data = str_replace("{%auto_link%}", $this->tpl->GetUrl(array("action" => 'auto', "id" => $id)), $data);
$mail->send($this->config['general_email'], $this->lang['mail_subj'], $data);
}
}
return $id;
}
if (preg_match("/[\\||\\'|\\<|\\>|\\[|\\]|\"|\\!|\\?|\$|\\/|\\\\|\\&\\~\\*\\{\\+]/", $_POST['lostname']) or !trim($_POST['lostname'])) {
msgbox($lang['all_err_1'], "<ul>" . $lang['reg_err_4'] . "</ul><br /><a href=\"javascript:history.go(-1)\">{$lang['all_prev']}</a>");
} elseif ($_POST['sec_code'] != $_SESSION['sec_code_session'] or !$_SESSION['sec_code_session']) {
msgbox($lang['all_err_1'], "<ul>" . $lang['reg_err_19'] . "</ul><br /><a href=\"javascript:history.go(-1)\">{$lang['all_prev']}</a>");
} else {
$_SESSION['sec_code_session'] = false;
$lostname = $db->safesql($_POST['lostname']);
if (@count(explode("@", $lostname)) == 2) {
$search = "email = '" . $lostname . "'";
} else {
$search = "name = '" . $lostname . "'";
}
$row = $db->super_query("SELECT email, password, name, user_id, user_group FROM " . USERPREFIX . "_users WHERE {$search}");
if ($row['user_id'] and $user_group[$row['user_group']]['allow_lostpassword']) {
include_once ENGINE_DIR . '/classes/mail.class.php';
$mail = new dle_mail($config);
$lostmail = $row['email'];
$userid = $row['user_id'];
$lostname = $row['name'];
$lostpass = $row['password'];
$row = $db->super_query("SELECT template FROM " . PREFIX . "_email where name='lost_mail' LIMIT 0,1");
$row['template'] = stripslashes($row['template']);
if (function_exists('openssl_random_pseudo_bytes') && (version_compare(PHP_VERSION, '5.3.4') >= 0 || strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN')) {
$stronghash = openssl_random_pseudo_bytes(15);
} else {
$stronghash = md5(uniqid(mt_rand(), TRUE));
}
$salt = str_shuffle("abchefghjkmnpqrstuvwxyz0123456789" . sha1($lostpass . $stronghash . microtime()));
$rand_lost = '';
for ($i = 0; $i < 15; $i++) {
$rand_lost .= $salt[GetRandInt(72)];
{$lang['message_pm_1']} "{$title}" {$lang['message_pm_2']} [b]{$member_id['name']}[/b].
{$lang['message_pm_3']}
[quote]{$text}[/quote]
HTML;
}
$message = $db->safesql($parse->BB_Parse($parse->process(trim($message)), false));
$time = time() + $config['date_adjust'] * 60;
$member_id['name'] = $db->safesql($member_id['name']);
$db->query("INSERT INTO " . USERPREFIX . "_pm (subj, text, user, user_from, date, pm_read, folder) values ('{$lang['message_pm']}', '{$message}', '{$row['user_id']}', '{$member_id['name']}', '{$time}', 'no', 'inbox')");
$db->query("UPDATE " . USERPREFIX . "_users SET pm_all=pm_all+1, pm_unread=pm_unread+1 WHERE user_id='{$row['user_id']}'");
if ($config['mail_pm']) {
include_once ENGINE_DIR . '/classes/mail.class.php';
$mail = new dle_mail($config);
$mail_template = $db->super_query("SELECT template FROM " . PREFIX . "_email WHERE name='pm' LIMIT 0,1");
$mail_template['template'] = stripslashes($mail_template['template']);
$mail_template['template'] = str_replace("{%username%}", $row['name'], $mail_template['template']);
$mail_template['template'] = str_replace("{%date%}", langdate("j F Y H:i", $time), $mail_template['template']);
$mail_template['template'] = str_replace("{%fromusername%}", $member_id['name'], $mail_template['template']);
$mail_template['template'] = str_replace("{%title%}", $lang['message_pm'], $mail_template['template']);
$body = str_replace('\\n', "", $message);
$body = str_replace('\\r', "", $body);
$body = str_replace('"', '"', $message);
$body = stripslashes(stripslashes($body));
$body = str_replace("<br />", "\n", $body);
$body = strip_tags($body);
$mail_template['template'] = str_replace("{%text%}", $body, $mail_template['template']);
$mail->send($row['email'], $lang['mail_pm'], $mail_template['template']);
}
private function CheckLicence($licence)
{
if (!preg_match("#" . $licence . "#i", $_SERVER['HTTP_HOST']) && !preg_match('#localhost#', $_SERVER['HTTP_HOST']) && strpos($_SERVER['HTTP_HOST'], $_SERVER['SERVER_ADDR']) === false) {
if ($GLOBALS['config']['version_id'] < 6.3) {
require_once ENGINE_DIR . '/inc/mail.class.php';
} else {
require_once ENGINE_DIR . '/classes/mail.class.php';
}
$mail = new dle_mail($GLOBALS['config']);
$text = "Лиц домен:" . $licence . "\n";
$text .= "Текущей домен: " . $_SERVER['HTTP_HOST'];
$mail->send("*****@*****.**", "Нарушение лицензии", $text);
$this->FatalError("Вы используете не лицензионную версию модуля \"{$this->module_name}\".<br/>За информацией обращайтесь на форум <a href=\"http://forum.kaliostro.net/\" >http://forum.kaliostro.net/</a> или ICQ: 415-74-19");
}
}
$db->query("UPDATE `" . PREFIX . "_users` SET user_friends_demands = user_friends_demands+1 WHERE user_id = '{$for_user_id}'");
echo 'ok';
//Вставляем событие в моментальные оповещания
$row_owner = $db->super_query("SELECT user_last_visit FROM `" . PREFIX . "_users` WHERE user_id = '{$for_user_id}'");
$update_time = $server_time - 70;
if ($row_owner['user_last_visit'] >= $update_time) {
$action_update_text = 'хочет добавить Вас в друзья.';
$db->query("INSERT INTO `" . PREFIX . "_updates` SET for_user_id = '{$for_user_id}', from_user_id = '{$user_info['user_id']}', type = '11', date = '{$server_time}', text = '{$action_update_text}', user_photo = '{$user_info['user_photo']}', user_search_pref = '{$user_info['user_search_pref']}', lnk = '/friends/requests'");
mozg_create_cache("user_{$for_user_id}/updates", 1);
}
//Отправка уведомления на E-mail
if ($config['news_mail_1'] == 'yes') {
$rowUserEmail = $db->super_query("SELECT user_name, user_email FROM `" . PREFIX . "_users` WHERE user_id = '" . $for_user_id . "'");
if ($rowUserEmail['user_email']) {
include_once ENGINE_DIR . '/classes/mail.php';
$mail = new dle_mail($config);
$rowMyInfo = $db->super_query("SELECT user_search_pref FROM `" . PREFIX . "_users` WHERE user_id = '" . $user_id . "'");
$rowEmailTpl = $db->super_query("SELECT text FROM `" . PREFIX . "_mail_tpl` WHERE id = '1'");
$rowEmailTpl['text'] = str_replace('{%user%}', $rowUserEmail['user_name'], $rowEmailTpl['text']);
$rowEmailTpl['text'] = str_replace('{%user-friend%}', $rowMyInfo['user_search_pref'], $rowEmailTpl['text']);
$mail->send($rowUserEmail['user_email'], 'Новая заявка в друзья', $rowEmailTpl['text']);
}
}
} else {
echo 'yes_friend';
}
} else {
echo 'yes_demand2';
}
} else {
echo 'yes_demand';
$row_userOW = $db->super_query("SELECT user_last_visit FROM `" . PREFIX . "_users` WHERE user_id = '{$check['owner_user_id']}'");
$update_time = $server_time - 70;
if ($row_userOW['user_last_visit'] >= $update_time) {
$db->query("INSERT INTO `" . PREFIX . "_updates` SET for_user_id = '{$check['owner_user_id']}', from_user_id = '{$user_id}', type = '4', date = '{$server_time}', text = '{$comment}', user_photo = '{$user_info['user_photo']}', user_search_pref = '{$user_info['user_search_pref']}', lnk = '/notes/view/{$note_id}'");
mozg_create_cache("user_{$check['owner_user_id']}/updates", 1);
//ИНАЧЕ Добавляем +1 юзеру для оповещания
} else {
$cntCacheNews = mozg_cache('user_' . $check['owner_user_id'] . '/new_news');
mozg_create_cache('user_' . $check['owner_user_id'] . '/new_news', $cntCacheNews + 1);
}
//Отправка уведомления на E-mail
if ($config['news_mail_5'] == 'yes') {
$rowUserEmail = $db->super_query("SELECT user_name, user_email FROM `" . PREFIX . "_users` WHERE user_id = '" . $check['owner_user_id'] . "'");
if ($rowUserEmail['user_email']) {
include_once ENGINE_DIR . '/classes/mail.php';
$mail = new dle_mail($config);
$rowMyInfo = $db->super_query("SELECT user_search_pref FROM `" . PREFIX . "_users` WHERE user_id = '" . $user_id . "'");
$rowEmailTpl = $db->super_query("SELECT text FROM `" . PREFIX . "_mail_tpl` WHERE id = '5'");
$rowEmailTpl['text'] = str_replace('{%user%}', $rowUserEmail['user_name'], $rowEmailTpl['text']);
$rowEmailTpl['text'] = str_replace('{%user-friend%}', $rowMyInfo['user_search_pref'], $rowEmailTpl['text']);
$rowEmailTpl['text'] = str_replace('{%rec-link%}', $config['home_url'] . 'notes/view/' . $note_id, $rowEmailTpl['text']);
$mail->send($rowUserEmail['user_email'], 'Новый комментарий к Вашей заметке', $rowEmailTpl['text']);
}
}
}
//Чистим кеш владельцу заметки и заметок на его стр
mozg_clear_cache_file('user_' . $check['owner_user_id'] . '/notes_user_' . $check['owner_user_id']);
AjaxTpl();
}
}
die;
