/**
* if detect a $_POST["fieldname"] it acquire the new value
* this class override this method for "formatting" purposes
*
* @access private
* @return void
*/
function _getNewValue()
{
parent::_getNewValue();
if (isset($this->request[$this->name])) {
$this->newValue = entities_to_ascii($this->newValue);
}
}
public function test_entities_to_ascii()
{
$strs = array('“‘ “test”' => '“‘ “test”', '†¥¨ˆøåß∂ƒ©˙∆˚¬' => '†¥¨ˆøåß∂ƒ©˙∆˚¬');
foreach ($strs as $str => $expect) {
$this->assertEquals($expect, entities_to_ascii($str));
}
}
protected function _post_args($key, $type = ARGS_TYPE_STRING, $default = '', $params = array())
{
$value = '';
$post_default = '';
$key_exist = array_key_exists($key, $_POST);
$override = array_key_exists('override', $params) ? $params['override'] : FALSE;
$entities_to_ascii = array_key_exists('entities_to_ascii', $params) ? $params['entities_to_ascii'] : FALSE;
$gtzero = array_key_exists('gtzero', $params) ? $params['gtzero'] : TRUE;
switch ($type) {
case ARGS_TYPE_STRING:
$post_default = $override ? $default : '';
$value = $key_exist ? $this->input->post($key, TRUE) ? $this->input->post($key, TRUE) : $post_default : $default;
if ($entities_to_ascii) {
$value = entities_to_ascii($value);
}
break;
case ARGS_TYPE_INT:
$default = validate_integer($default) ? to_int($default) : 0;
$post_default = $override ? $default : 0;
$value = $key_exist ? ($value = $this->input->post($key)) && gtzero_integer($value) ? to_int($value) : $post_default : $default;
break;
case ARGS_TYPE_TRUE_FALSE:
$default = validate_integer($default) ? gtzero_integer($default) ? TRUE : FALSE : FALSE;
$post_default = $override ? $default : FALSE;
$value = $key_exist ? ($value = $this->input->post($key)) && ($gtzero && gtzero_integer($value) || !$gtzero && validate_integer($value)) ? TRUE : $post_default : $default;
break;
case ARGS_TYPE_ARRAY:
$value = $key_exist ? ($value = $this->input->post($key)) && is_array($value) ? $value : array() : (is_array($default) ? $default : array());
break;
case ARGS_TYPE_DECIMAL:
$default = gtzero_decimal($default) ? to_float($default) : 0;
$post_default = $override ? $default : 0;
$value = $key_exist ? ($value = $this->input->post($key)) && gtzero_decimal($value) ? to_float($value) : $post_default : $default;
break;
case ARGS_TYPE_DATE:
$default = validate_date($default) ? $default : '';
$post_default = $override ? $default : '';
$value = $key_exist ? ($value = $this->input->post($key)) && validate_date($value) ? $value : $post_default : $default;
break;
case ARGS_TYPE_DATETIME:
$default = validate_datetime($default) ? $default : '';
$post_default = $override ? $default : '';
$value = $key_exist ? ($value = $this->input->post($key)) && validate_date($value) ? $value : $post_default : $default;
break;
default:
$post_default = $override ? $default : '';
$value = $key_exist ? $this->input->post($key, TRUE) ? $this->input->post($key, TRUE) : $post_default : $default;
break;
}
unset($post_default);
return $value;
}
/** ----------------------------------------
/** Perform Store Item Actions
/** ----------------------------------------*/
function perform_actions($item_id, $qnty, $subtotal, $num_in_cart = '', $type = '')
{
$query = ee()->db->select('t.title as item_name, simple_commerce_items.*')->where('simple_commerce_items.entry_id = t.entry_id', NULL, FALSE)->where('simple_commerce_items.item_id', $item_id)->from('simple_commerce_items')->from('channel_titles t')->get();
if ($query->num_rows() != 1) {
return;
}
$row = $query->row();
$this->post['item_name'] = $row->item_name;
$this->post['item_number'] = $item_id;
$this->post['quantity'] = $qnty;
$this->post['mc_gross'] = $subtotal;
$this->post['member_id'] = $this->post['custom'];
$customer_email_template = $row->customer_email_template;
$admin_email_template = $row->admin_email_template;
$new_member_group = $row->new_member_group;
// Type Specific Actions
// we ignore subscr_cancel actions since they do not affect the current subscription
if ($type == 'subscr_eot') {
$new_member_group = $row->member_group_unsubscribe;
$admin_email_template = $row->admin_email_template_unsubscribe;
$customer_email_template = $row->customer_email_template_unsubscribe;
if ($this->end_subscription() === FALSE) {
return FALSE;
}
} elseif ($type == 'subscr_signup') {
if (!is_numeric($this->post['mc_amount3']) or $this->post['mc_amount3'] <= 0) {
return FALSE;
}
if ($this->start_subscription($row) === FALSE) {
return FALSE;
}
// Until payment goes through? We do not complete and just put it in as pending
return;
} elseif ($type == 'subscr_payment') {
//if ( ! is_numeric($this->post['mc_amount3']) OR $this->post['mc_amount3'] <= 0)
//{
// return FALSE;
//}
if ($this->subscription_payment($row) === FALSE) {
return FALSE;
}
}
/* -------------------------------------
/* 'simple_commerce_perform_actions_start' hook.
/* - After a purchase is recorded, do more processing before EE's processing
/* - Added EE 1.5.1
*/
if (ee()->extensions->active_hook('simple_commerce_perform_actions_start') === TRUE) {
ee()->extensions->universal_call('simple_commerce_perform_actions_start', $this, $query->row());
if (ee()->extensions->end_script === TRUE) {
return;
}
}
/*
/* -------------------------------------*/
if ($type == '') {
/* --------------------------------
/* Check Price
/* - There is a small chance the Admin changed the price between
/* purchase and the receipt of the IP, so we give a small bit of
/* wiggle room. About 10%...
/* --------------------------------*/
$price = $row->item_use_sale == 'y' ? $row->item_sale_price : $row->item_regular_price;
$cost = $subtotal / $qnty;
if ($cost < $price * 0.9) {
return;
}
$data = array('txn_id' => $this->post['txn_id'], 'member_id' => $this->post['custom'], 'item_id' => $row->item_id, 'purchase_date' => ee()->localize->now, 'item_cost' => $cost, 'paypal_details' => serialize($this->post));
if (!is_numeric($qnty) or $qnty == 1) {
ee()->db->insert('simple_commerce_purchases', $data);
ee()->db->where('item_id', $item_id);
ee()->db->set('item_purchases', "item_purchases + 1", FALSE);
ee()->db->update('simple_commerce_items');
} else {
for ($i = 0; $i < $qnty; ++$i) {
ee()->db->insert('simple_commerce_purchases', $data);
}
ee()->db->where('item_id', $item_id);
ee()->db->set('item_purchases', "item_purchases + {$qnty}", FALSE);
ee()->db->update('simple_commerce_items');
}
}
// end non-sub entry
// New Member Group
if ($new_member_group != '' && $new_member_group != 0) {
ee()->db->where('member_id', $this->post['custom']);
ee()->db->where('group_id !=', 1);
ee()->db->update('members', array('group_id' => $new_member_group));
}
// Send Emails!
ee()->load->library('email');
if ($customer_email_template != '' && $customer_email_template != 0) {
ee()->db->select('email');
$result = ee()->db->get_where('members', array('member_id' => $this->post['custom']));
$cust_row = $result->row();
$to = $cust_row->email;
ee()->db->select('email_subject, email_body');
$result = ee()->db->get_where('simple_commerce_emails', array('email_id' => $customer_email_template));
if ($result->num_rows() > 0) {
$email = $result->row();
$subject = $email->email_subject;
$message = $email->email_body;
foreach ($this->post as $key => $value) {
$subject = str_replace(LD . $key . RD, $value, $subject);
$message = str_replace(LD . $key . RD, $value, $message);
}
// Load the text helper
ee()->load->helper('text');
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('site_name'));
ee()->email->to($to);
ee()->email->subject($subject);
ee()->email->message(entities_to_ascii($message));
ee()->email->send();
ee()->email->EE_initialize();
}
}
if ($row->admin_email_address != '' && $admin_email_template != '' && $admin_email_template != 0) {
ee()->db->select('email_subject, email_body');
$result = ee()->db->get_where('simple_commerce_emails', array('email_id' => $admin_email_template));
if ($result->num_rows() > 0) {
$email = $result->row();
$subject = $email->email_subject;
$message = $email->email_body;
foreach ($this->post as $key => $value) {
$subject = str_replace(LD . $key . RD, $value, $subject);
$message = str_replace(LD . $key . RD, $value, $message);
}
// Load the text helper
ee()->load->helper('text');
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('site_name'));
ee()->email->to($row->admin_email_address);
ee()->email->subject($subject);
ee()->email->message(entities_to_ascii($message));
ee()->email->send();
ee()->email->EE_initialize();
}
}
/* -------------------------------------
/* 'simple_commerce_perform_actions_end' hook.
/* - After a purchase is recorded, do more processing
/* - Added EE 1.5.1
*/
if (ee()->extensions->active_hook('simple_commerce_perform_actions_end') === TRUE) {
ee()->extensions->universal_call('simple_commerce_perform_actions_end', $this, $query->row());
if (ee()->extensions->end_script === TRUE) {
return;
}
}
/*
/* -------------------------------------*/
}
/**
* Send checksum notification
*
* Sends a notification email to the webmaster if a bootstrap file
* was changed.
*
* @access public
* @param string
* @param int
* @param int
*/
function send_checksum_notification($changed)
{
// Send email
ee()->load->library('email');
ee()->load->helper('text');
$subject = ee()->lang->line('checksum_email_subject');
$message = ee()->lang->line('checksum_email_message');
$message = str_replace(array('{url}', '{changed}'), array(ee()->config->item('base_url'), implode("\n", $changed)), $message);
ee()->email->EE_initialize();
ee()->email->wordwrap = false;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to(ee()->config->item('webmaster_email'));
ee()->email->reply_to(ee()->config->item('webmaster_email'));
ee()->email->subject($subject);
ee()->email->message(entities_to_ascii($message));
ee()->email->send();
}
/**
* Send Notification Emails
*
* @return void
*/
public function send_notification_emails($comments)
{
// Load subscription class
ee()->load->library('subscription');
// Instantiate Typography class
ee()->load->library('typography');
ee()->typography->initialize(array('parse_images' => FALSE, 'word_censor' => ee()->config->item('comment_word_censoring') == 'y' ? TRUE : FALSE));
// Grab the required comments
ee()->db->select('comment, comment_id, author_id, name, email, comment_date, entry_id');
ee()->db->where_in('comment_id', $comments);
$query = ee()->db->get('comments');
// Sort based on entry
$entries = array();
foreach ($query->result() as $row) {
if (!isset($entries[$row->entry_id])) {
$entries[$row->entry_id] = array();
}
$entries[$row->entry_id][] = $row;
}
// Go through the entries and send subscriptions
foreach ($entries as $entry_id => $comments) {
ee()->subscription->init('comment', array('entry_id' => $entry_id), TRUE);
// Grab them all
$subscriptions = ee()->subscription->get_subscriptions();
ee()->load->model('comment_model');
$recipients = ee()->comment_model->fetch_email_recipients($entry_id, $subscriptions);
if (count($recipients)) {
// Grab generic entry info
$action_id = ee()->functions->fetch_action_id('Comment_mcp', 'delete_comment_notification');
ee()->db->select('channel_titles.title, channel_titles.entry_id, channel_titles.url_title, channels.channel_title, channels.comment_url, channels.channel_url, channels.channel_id');
ee()->db->join('channels', 'exp_channel_titles.channel_id = exp_channels.channel_id', 'left');
ee()->db->where('channel_titles.entry_id', $entry_id);
$results = ee()->db->get('channel_titles');
$com_url = $results->row('comment_url') == '' ? $results->row('channel_url') : $results->row('comment_url');
// Create an array of comments to add to the email
$comments_swap = array();
foreach ($comments as $c) {
$comment_text = ee()->typography->parse_type($c->comment, array('text_format' => 'none', 'html_format' => 'none', 'auto_links' => 'n', 'allow_img_url' => 'n'));
$comments_swap[] = array('name_of_commenter' => $c->name, 'name' => $c->name, 'comment' => $comment_text, 'comment_id' => $c->comment_id);
}
$swap = array('channel_name' => $results->row('channel_title'), 'entry_title' => $results->row('title'), 'site_name' => stripslashes(ee()->config->item('site_name')), 'site_url' => ee()->config->item('site_url'), 'comment_url' => reduce_double_slashes($com_url . '/' . $results->row('url_title') . '/'), 'channel_id' => $results->row('channel_id'), 'entry_id' => $results->row('entry_id'), 'url_title' => $results->row('url_title'), 'comment_url_title_auto_path' => reduce_double_slashes($com_url . '/' . $results->row('url_title')), 'comments' => $comments_swap);
$template = ee()->functions->fetch_email_template('comments_opened_notification');
ee()->load->library('template');
$email_tit = ee()->template->parse_variables_row($template['title'], $swap);
$email_msg = ee()->template->parse_variables_row($template['data'], $swap);
// Send email
ee()->load->library('email');
ee()->email->wordwrap = true;
// Load the text helper
ee()->load->helper('text');
$sent = array();
foreach ($recipients as $val) {
if (!in_array($val['0'], $sent)) {
$title = $email_tit;
$message = $email_msg;
$sub = $subscriptions[$val['1']];
$sub_qs = 'id=' . $sub['subscription_id'] . '&hash=' . $sub['hash'];
// Deprecate the {name} variable at some point
$title = str_replace('{name}', $val['2'], $title);
$message = str_replace('{name}', $val['2'], $message);
$title = str_replace('{name_of_recipient}', $val['2'], $title);
$message = str_replace('{name_of_recipient}', $val['2'], $message);
$title = str_replace('{notification_removal_url}', ee()->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&' . $sub_qs, $title);
$message = str_replace('{notification_removal_url}', ee()->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&' . $sub_qs, $message);
ee()->email->EE_initialize();
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($val['0']);
ee()->email->subject($title);
ee()->email->message(entities_to_ascii($message));
ee()->email->send();
$sent[] = $val['0'];
}
}
}
}
return;
}
/** -----------------------------------
/** Send Message
/** -----------------------------------*/
function send_message()
{
$submission_error = array();
/** ----------------------------------------
/** Is the user banned?
/** ----------------------------------------*/
if (ee()->session->userdata['is_banned'] === TRUE) {
return $this->_error_page();
}
/** ----------------------------------------
/** Is the IP or User Agent unavalable?
/** ----------------------------------------*/
if (ee()->config->item('require_ip_for_posting') == 'y') {
if (ee()->input->ip_address() == '0.0.0.0' or ee()->session->userdata['user_agent'] == '') {
return $this->_error_page();
}
}
/** -------------------------------------
/** Status Setting
/** -------------------------------------*/
if (ee()->input->get_post('preview') or ee()->input->get_post('remove')) {
$status = 'preview';
} elseif (ee()->input->get_post('draft')) {
$status = 'draft';
} else {
$status = 'sent';
}
/** -------------------------------------
/** Already Sent?
/** -------------------------------------*/
if (ee()->input->get_post('message_id') !== FALSE && is_numeric(ee()->input->get_post('message_id'))) {
$query = ee()->db->query("SELECT message_status FROM exp_message_data WHERE message_id = '" . ee()->db->escape_str(ee()->input->get_post('message_id')) . "'");
if ($query->num_rows() > 0 && $query->row('message_status') == 'sent') {
return $this->_error_page(ee()->lang->line('messsage_already_sent'));
}
}
/* -------------------------------------------
/* Hidden Configuration Variables
/* - prv_msg_waiting_period => How many hours after becoming a member until they can PM?
/* -------------------------------------------*/
$waiting_period = ee()->config->item('prv_msg_waiting_period') !== FALSE ? (int) ee()->config->item('prv_msg_waiting_period') : 1;
if (ee()->session->userdata['group_id'] != 1 && ee()->session->userdata['join_date'] > ee()->localize->now - $waiting_period * 60 * 60) {
return $this->_error_page(str_replace(array('%time%', '%email%', '%site%'), array($waiting_period, ee()->functions->encode_email(ee()->config->item('webmaster_email')), ee()->config->item('site_name')), ee()->lang->line('waiting_period_not_reached')));
}
/* -------------------------------------------
/* Hidden Configuration Variables
/* - prv_msg_throttling_period => How many seconds between PMs?
/* -------------------------------------------*/
if ($status == 'sent' && ee()->session->userdata['group_id'] != 1) {
$period = ee()->config->item('prv_msg_throttling_period') !== FALSE ? (int) ee()->config->item('prv_msg_throttling_period') : 30;
$query = ee()->db->query("SELECT COUNT(*) AS count FROM exp_message_data d\r\n\t\t\t\t\t\t\t\t WHERE d.sender_id = '" . ee()->db->escape_str($this->member_id) . "'\r\n\t\t\t\t\t\t\t\t AND d.message_status = 'sent'\r\n\t\t\t\t\t\t\t\t AND d.message_date > " . ee()->db->escape_str(ee()->localize->now - $period));
if ($query->row('count') > 0) {
return $this->_error_page(str_replace('%x', $period, ee()->lang->line('send_throttle')));
}
}
/** ------------------------------------------
/** Is there a recipient, subject, and body?
/** ------------------------------------------*/
if (ee()->input->get_post('recipients') == '' && $status == 'sent') {
$submission_error[] = ee()->lang->line('empty_recipients_field');
} elseif (ee()->input->get_post('subject') == '') {
$submission_error[] = ee()->lang->line('empty_subject_field');
} elseif (ee()->input->get_post('body') == '') {
$submission_error[] = ee()->lang->line('empty_body_field');
}
/** -------------------------------------------
/** Deny Duplicate Data
/** -------------------------------------------*/
if (ee()->config->item('deny_duplicate_data') == 'y') {
$query = ee()->db->query("SELECT COUNT(*) AS count FROM exp_message_data d\r\n\t\t\t\t\t\t\t\t WHERE d.sender_id = '" . ee()->db->escape_str($this->member_id) . "'\r\n\t\t\t\t\t\t\t\t AND d.message_status = 'sent'\r\n\t\t\t\t\t\t\t\t AND d.message_body = '" . ee()->db->escape_str(ee()->security->xss_clean(ee()->input->get_post('body'))) . "'");
if ($query->row('count') > 0) {
return $this->_error_page(ee()->lang->line('duplicate_message_sent'));
}
}
/** ------------------------------------------
/** Valid Recipients? - Only Checked on Sent
/** ------------------------------------------*/
$recipients = $this->convert_recipients(ee()->input->get_post('recipients'), 'array', 'member_id');
$cc = trim(ee()->input->get_post('cc')) == '' ? array() : $this->convert_recipients(ee()->input->get_post('cc'), 'array', 'member_id');
$recip_orig = count($recipients);
$cc_orig = count($cc);
// Make sure CC does not contain members in Recipients
$cc = array_diff($cc, $recipients);
if (count($recipients) == 0 && $status == 'sent') {
$submission_error[] = ee()->lang->line('empty_recipients_field');
}
if ($this->invalid_name === TRUE) {
$submission_error[] = ee()->lang->line('invalid_username');
}
/** ------------------------------------------
/** Too Big for Its Britches?
/** ------------------------------------------*/
if ($this->max_chars != 0 && strlen(ee()->input->get_post('body')) > $this->max_chars) {
$submission_error[] = str_replace('%max%', $this->max_chars, ee()->lang->line('message_too_large'));
}
/** -------------------------------------
/** Super Admins get a free pass
/** -------------------------------------*/
if (ee()->session->userdata('group_id') != 1) {
/** ------------------------------------------
/** Sender Allowed to Send More Messages?
/** ------------------------------------------*/
$query = ee()->db->query("SELECT COUNT(c.copy_id) AS count\r\n\t\t\t\t\t\t\t\t FROM exp_message_copies c, exp_message_data d\r\n\t\t\t\t\t\t\t\t WHERE c.message_id = d.message_id\r\n\t\t\t\t\t\t\t\t AND c.sender_id = '" . ee()->db->escape_str($this->member_id) . "'\r\n\t\t\t\t\t\t\t\t AND d.message_status = 'sent'\r\n\t\t\t\t\t\t\t\t AND d.message_date > " . (ee()->localize->now - 24 * 60 * 60));
if ($query->row('count') + count($recipients) + count($cc) > $this->send_limit) {
$submission_error[] = ee()->lang->line('sending_limit_warning');
}
/** ------------------------------------------
/** Sender Allowed to Store More Messages?
/** ------------------------------------------*/
if ($this->storage_limit != '0' && (ee()->input->get_post('sent_copy') !== FALSE && ee()->input->get_post('sent_copy') == 'y')) {
if ($this->total_messages == '') {
$this->storage_usage();
}
if ($this->total_messages + 1 > $this->storage_limit) {
$submission_error[] = ee()->lang->line('storage_limit_warning');
}
}
}
/** -------------------------------------
/** Upload Path Set?
/** -------------------------------------*/
if ($this->upload_path == '' && (isset($_POST['remove']) or isset($_FILES['userfile']['name']) && $_FILES['userfile']['name'] != '')) {
$submission_error[] = ee()->lang->line('unable_to_recieve_attach');
}
/** -------------------------------------
/** Attachments?
/** -------------------------------------*/
if (ee()->input->get_post('attach') !== FALSE && ee()->input->get_post('attach') != '') {
$this->attachments = explode('|', $_POST['attach']);
}
/* -------------------------------------
/* Create Forward Attachments
/*
/* We have to copy the attachments for
/* forwarded messages. We only do this
/* when the compose messaage page is first
/* submitted. We have a special variable
/* called 'create_attach' to tell us when
/* that is.
/* -------------------------------------*/
if ($this->attach_allowed == 'y' && $this->upload_path != '' && count($this->attachments) > 0 && ee()->input->get_post('create_attach')) {
if (($message = $this->_duplicate_files()) !== TRUE) {
$submission_error[] = $message . BR;
}
}
/** -------------------------------------
/** Is this a remove attachment request?
/** -------------------------------------*/
if (isset($_POST['remove']) && $this->upload_path != '') {
$id = key($_POST['remove']);
if (is_numeric($id)) {
$this->_remove_attachment($id);
// Treat an attachment removal like a draft, where we do not
// see the preview only the message.
$this->hide_preview = TRUE;
}
}
/** -------------------------------------
/** Do we have an attachment to deal with?
/** -------------------------------------*/
if ($this->attach_allowed == 'y') {
if ($this->upload_path != '' and isset($_FILES['userfile']['name']) and $_FILES['userfile']['name'] != '') {
$preview = ee()->input->post('preview') !== FALSE ? TRUE : FALSE;
if (($message = $this->_attach_file()) !== TRUE) {
$submission_error[] = $message . BR;
}
}
}
/** -----------------------------------
/** Check Overflow
/** -----------------------------------*/
$details = array();
$details['overflow_recipients'] = array();
$details['overflow_cc'] = array();
for ($i = 0, $size = count($recipients); $i < $size; $i++) {
if ($this->_check_overflow($recipients[$i]) === FALSE) {
$details['overflow_recipients'][] = $recipients[$i];
unset($recipients[$i]);
}
}
for ($i = 0, $size = count($cc); $i < $size; $i++) {
if ($this->_check_overflow($cc[$i]) === FALSE) {
$details['overflow_cc'][] = $cc[$i];
unset($cc[$i]);
}
}
/* -------------------------------------------------
/* If we have people unable to receive a message
/* because of an overflow we make the message a
/* preview and will send a message to the sender.
/* -------------------------------------*/
if (count($details['overflow_recipients']) > 0 or count($details['overflow_cc']) > 0) {
sort($recipients);
sort($cc);
$overflow_names = array();
/* -------------------------------------
/* Send email alert regarding a full
/* inbox to these users, load names
/* for error message
/* -------------------------------------*/
$query = ee()->db->query("SELECT exp_members.screen_name, exp_members.email, exp_members.accept_messages, exp_member_groups.prv_msg_storage_limit\r\n\t\t\t\t\t\t\t\t FROM exp_members\r\n\t\t\t\t\t\t\t\t LEFT JOIN exp_member_groups ON exp_member_groups.group_id = exp_members.group_id\r\n\t\t\t\t\t\t\t\t WHERE exp_members.member_id IN ('" . implode("','", array_merge($details['overflow_recipients'], $details['overflow_cc'])) . "')\r\n\t\t\t\t\t\t\t\t AND exp_member_groups.site_id = '" . ee()->db->escape_str(ee()->config->item('site_id')) . "'");
if ($query->num_rows() > 0) {
ee()->load->library('email');
ee()->email->wordwrap = true;
$swap = array('sender_name' => ee()->session->userdata('screen_name'), 'site_name' => stripslashes(ee()->config->item('site_name')), 'site_url' => ee()->config->item('site_url'));
$template = ee()->functions->fetch_email_template('pm_inbox_full');
$email_tit = ee()->functions->var_swap($template['title'], $swap);
$email_msg = ee()->functions->var_swap($template['data'], $swap);
foreach ($query->result_array() as $row) {
$overflow_names[] = $row['screen_name'];
if ($row['accept_messages'] != 'y') {
continue;
}
ee()->email->EE_initialize();
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($row['email']);
ee()->email->subject($email_tit);
ee()->email->message(ee()->functions->var_swap($email_msg, array('recipient_name' => $row['screen_name'], 'pm_storage_limit' => $row['prv_msg_storage_limit'])));
ee()->email->send();
}
}
$submission_error[] = str_replace('%overflow_names%', implode(', ', $overflow_names), ee()->lang->line('overflow_recipients'));
}
/** ----------------------------------------
/** Submission Errors Force a Preview
/** ----------------------------------------*/
if (count($submission_error) > 0) {
$status = 'preview';
$this->hide_preview = TRUE;
$this->invalid_name = FALSE;
}
/* -------------------------------------
/* Check Blocked on Sent
/*
/* If a message is blocked, we will not notify
/* the sender of this and simply proceed.
/* -------------------------------------*/
if ($status == 'sent') {
$sql = "SELECT member_id FROM exp_message_listed\r\n\t\t\t\t\tWHERE listed_type = 'blocked'\r\n\t\t\t\t\tAND listed_member = '{$this->member_id}'\r\n\t\t\t\t\tAND\r\n\t\t\t\t\t(\r\n\t\t\t\t\tmember_id IN ('" . implode("','", $recipients) . "')";
if (count($cc) > 0) {
$sql .= "OR\r\n\t\t\t\t\t\t member_id IN ('" . implode("','", $cc) . "')";
}
$sql .= ")";
$blocked = ee()->db->query($sql);
if ($blocked->num_rows() > 0) {
foreach ($blocked->result_array() as $row) {
$details['blocked'][] = $row['member_id'];
}
$recipients = array_diff($recipients, $details['blocked']);
$cc = count($cc) > 0 ? array_diff($cc, $details['blocked']) : array();
sort($recipients);
sort($cc);
}
}
/** -------------------------------------
/** Store Data
/** -------------------------------------*/
$data = array('sender_id' => $this->member_id, 'message_date' => ee()->localize->now, 'message_subject' => ee()->input->get_post('subject', TRUE), 'message_body' => ee()->input->get_post('body', TRUE), 'message_tracking' => !ee()->input->get_post('tracking') ? 'n' : 'y', 'message_attachments' => count($this->attachments) > 0 ? 'y' : 'n', 'message_recipients' => implode('|', $recipients), 'message_cc' => implode('|', $cc), 'message_hide_cc' => !ee()->input->get_post('hide_cc') ? 'n' : 'y', 'message_sent_copy' => !ee()->input->get_post('sent_copy') ? 'n' : 'y', 'total_recipients' => count($recipients) + count($cc), 'message_status' => $status);
if (ee()->input->get_post('message_id') && is_numeric(ee()->input->get_post('message_id'))) {
/* -------------------------------------
/* Preview or Draft previously submitted.
/* So, we're updating an already existing message
/* -------------------------------------*/
$message_id = ee()->input->get_post('message_id');
unset($data['message_id']);
ee()->db->query(ee()->db->update_string('exp_message_data', $data, "message_id = '" . ee()->db->escape_str($message_id) . "'"));
} else {
ee()->db->query(ee()->db->insert_string('exp_message_data', $data));
$message_id = ee()->db->insert_id();
}
/** -----------------------------------------
/** Send out Messages to Recipients and CC
/** -----------------------------------------*/
if ($status == 'sent') {
$copy_data = array('message_id' => $message_id, 'sender_id' => $this->member_id);
/** -----------------------------------------
/** Send out Messages to Recipients and CC
/** -----------------------------------------*/
for ($i = 0, $size = count($recipients); $i < $size; $i++) {
$copy_data['recipient_id'] = $recipients[$i];
$copy_data['message_authcode'] = ee()->functions->random('alnum', 10);
ee()->db->query(ee()->db->insert_string('exp_message_copies', $copy_data));
}
for ($i = 0, $size = count($cc); $i < $size; $i++) {
$copy_data['recipient_id'] = $cc[$i];
$copy_data['message_authcode'] = ee()->functions->random('alnum', 10);
ee()->db->query(ee()->db->insert_string('exp_message_copies', $copy_data));
}
/** ----------------------------------
/** Increment exp_members.private_messages
/** ----------------------------------*/
ee()->db->query("UPDATE exp_members SET private_messages = private_messages + 1\r\n\t\t\t\t\t\tWHERE member_id IN ('" . implode("','", array_merge($recipients, $cc)) . "')");
/** ----------------------------------
/** Send Any and All Email Notifications
/** ----------------------------------*/
$query = ee()->db->query("SELECT screen_name, email FROM exp_members\r\n\t\t\t\t\t\t\t\t WHERE member_id IN ('" . implode("','", array_merge($recipients, $cc)) . "')\r\n\t\t\t\t\t\t\t\t AND notify_of_pm = 'y'\r\n\t\t\t\t\t\t\t\t AND member_id != {$this->member_id}");
if ($query->num_rows() > 0) {
ee()->load->library('typography');
ee()->typography->initialize(array('parse_images' => FALSE, 'smileys' => FALSE, 'highlight_code' => TRUE));
if (ee()->config->item('enable_censoring') == 'y' and ee()->config->item('censored_words') != '') {
$subject = ee()->typography->filter_censored_words(ee()->security->xss_clean(ee()->input->get_post('subject')));
} else {
$subject = ee()->security->xss_clean(ee()->input->get_post('subject'));
}
$body = ee()->typography->parse_type(stripslashes(ee()->security->xss_clean(ee()->input->get_post('body'))), array('text_format' => 'none', 'html_format' => 'none', 'auto_links' => 'n', 'allow_img_url' => 'n'));
ee()->load->library('email');
ee()->email->wordwrap = true;
$swap = array('sender_name' => ee()->session->userdata('screen_name'), 'message_subject' => $subject, 'message_content' => $body, 'site_name' => stripslashes(ee()->config->item('site_name')), 'site_url' => ee()->config->item('site_url'));
$template = ee()->functions->fetch_email_template('private_message_notification');
$email_tit = ee()->functions->var_swap($template['title'], $swap);
$email_msg = ee()->functions->var_swap($template['data'], $swap);
// Load the text helper
ee()->load->helper('text');
foreach ($query->result_array() as $row) {
ee()->email->EE_initialize();
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($row['email']);
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii(ee()->functions->var_swap($email_msg, array('recipient_name' => $row['screen_name']))));
ee()->email->send();
}
}
}
/** -------------------------------------
/** Sent Copy?
/** -------------------------------------*/
if ($status == 'sent' && $data['message_sent_copy'] == 'y') {
$copy_data['recipient_id'] = $this->member_id;
$copy_data['message_authcode'] = ee()->functions->random('alnum', 10);
$copy_data['message_folder'] = '2';
// Sent Message Folder
$copy_data['message_read'] = 'y';
// Already read automatically
ee()->db->query(ee()->db->insert_string('exp_message_copies', $copy_data));
}
/** -------------------------------------
/** Replying or Forwarding?
/** -------------------------------------*/
if ($status == 'sent' && (ee()->input->get_post('replying') !== FALSE or ee()->input->get_post('forwarding') !== FALSE)) {
$copy_id = ee()->input->get_post('replying') !== FALSE ? ee()->input->get_post('replying') : ee()->input->get_post('forwarding');
$status = ee()->input->get_post('replying') !== FALSE ? 'replied' : 'forwarded';
ee()->db->query("UPDATE exp_message_copies SET message_status = '{$status}' WHERE copy_id = '{$copy_id}'");
}
/** -------------------------------------
/** Correct Member ID for Attachments
/** -------------------------------------*/
if (count($this->attachments) > 0) {
ee()->db->query("UPDATE exp_message_attachments SET message_id = '{$message_id}'\r\n\t\t\t\t\t\tWHERE attachment_id IN ('" . implode("','", $this->attachments) . "')");
}
/** -------------------------------------
/** Remove Temp Status for Attachments
/** -------------------------------------*/
if ($status == 'sent') {
ee()->db->query("UPDATE exp_message_attachments SET is_temp = 'n' WHERE message_id = '{$message_id}'");
}
/** -------------------------------------
/** Redirect Them
/** -------------------------------------*/
if ($status == 'preview') {
return $this->compose($message_id, $submission_error);
} elseif ($status == 'draft') {
$this->drafts();
} else {
ee()->functions->redirect($this->_create_path('inbox'));
}
}
/**
* Unserialize Cleanup
*/
function _unserialize_cleanup($vals)
{
if (is_array($vals)) {
foreach ($vals as &$val) {
$val = FF2EE2::_unserialize_cleanup($val);
}
} else {
$vals = stripslashes($vals);
if (get_instance()->config->item('auto_convert_high_ascii') == 'y') {
get_instance()->load->helper('text');
$vals = entities_to_ascii($vals);
}
}
return $vals;
}
/**
* insert new entry to db
*
* @access public
* @return null
*/
function insert_new_entry()
{
$default = array('name', 'email');
$all_fields = '';
$fields = array();
$entry_id = '';
$msg = array();
foreach ($default as $val)
{
if ( ! isset($_POST[$val]))
{
$_POST[$val] = '';
}
}
// ----------------------------------------
// Fetch the freeform language pack
// ----------------------------------------
ee()->lang->loadfile('freeform');
// ----------------------------------------
// Is the user banned?
// ----------------------------------------
if (ee()->session->userdata['is_banned'] == TRUE)
{
return ee()->output->show_user_error('general', array(ee()->lang->line('not_authorized')));
}
// ----------------------------------------
// Is the IP address and User Agent required?
// ----------------------------------------
if ( $this->check_yes($this->_param('require_ip')) )
{
if (ee()->session->userdata['group_id'] != 1 AND ee()->input->ip_address() == '0.0.0.0')
{
return ee()->output->show_user_error('general', array(ee()->lang->line('not_authorized')));
}
}
// ----------------------------------------
// Is the nation of the user banned?
// ----------------------------------------
ee()->session->nation_ban_check();
// ----------------------------------------
// Blacklist/Whitelist Check
// ----------------------------------------
if ($this->check_yes(ee()->blacklist->blacklisted) && $this->check_no(ee()->blacklist->whitelisted))
{
return ee()->output->show_user_error('general', array(ee()->lang->line('not_authorized')));
}
// ----------------------------------------
// Check duplicates
// ----------------------------------------
if ( $this->_param('prevent_duplicate_on') AND
$this->_param('prevent_duplicate_on') != '' AND
( ee()->session->userdata['group_id'] != 1 OR
ee()->input->get_post('email') != '' )
)
{
$sql = " SELECT COUNT(*)
AS count
FROM exp_freeform_entries
WHERE status != 'closed'";
if ( $this->_param('form_name') )
{
$sql .= " AND form_name = '".ee()->db->escape_str($this->_param('form_name'))."'";
}
if ( $this->_param('prevent_duplicate_on') == 'member_id' AND ee()->session->userdata['member_id'] != '0' )
{
$sql .= " AND author_id = '".ee()->db->escape_str(ee()->session->userdata['member_id'])."'";
}
elseif ( $this->_param('prevent_duplicate_on') == 'ip_address' AND
ee()->input->ip_address() != '0.0.0.0' AND
ee()->session->userdata['group_id'] != 1)
{
$sql .= " AND ip_address = '".ee()->db->escape_str(ee()->input->ip_address())."'";
}
else
{
$sql .= " AND email = '".ee()->db->escape_str(ee()->input->get_post('email'))."'";
}
$dup = ee()->db->query( $sql );
if ( $dup->row('count') > 0 )
{
return ee()->output->show_user_error('general', array(ee()->lang->line('no_duplicates')));
}
}
// ----------------------------------------
// Start error trapping on required fields
// ----------------------------------------
$errors = array();
// Are there any required fields?
if ( $this->_param('ee_required') != '' )
{
$required_fields = preg_split("/,|\|/" ,$this->_param('ee_required'));
// ----------------------------------------
// Let's get labels from the DB
// ----------------------------------------
$query = ee()->db->query(
"SELECT *
FROM exp_freeform_fields"
);
$labels = array();
if ( $query->num_rows() > 0 )
{
foreach ($query->result_array() as $row)
{
$labels[$row['name']] = $row['label'];
}
// Check for empty fields
foreach ( $required_fields as $val )
{
if ( ! ee()->input->post($val) OR ee()->input->post($val) == '' )
{
if (array_key_exists($val, $labels))
{
$errors[] = ee()->lang->line('field_required') . ' ' . $labels[$val];
}
else
{
$errors[] = ee()->lang->line('not_in_field_list') . ' ' . $val;
}
}
}
// End empty check
}
// End labels from DB
// ----------------------------------------
// Do we require an email address?
// ----------------------------------------
if ( isset( $labels['email'] ) AND ee()->input->get_post('email') )
{
// ----------------------------------------
// Valid email address?
// ----------------------------------------
//1.x
if (APP_VER < 2.0)
{
if ( ! class_exists('Validate'))
{
require PATH_CORE.'core.validate'.EXT;
}
$VAL = new Validate( array( 'email' => ee()->input->get_post('email') ) );
}
//2.x
else
{
if ( ! class_exists('EE_Validate'))
{
require APPPATH . 'libraries/Validate'.EXT;
}
$VAL = new EE_Validate( array( 'email' => ee()->input->get_post('email') ) );
}
$VAL->validate_email();
// ----------------------------------------
// Display errors if there are any
// ----------------------------------------
if (count($VAL->errors) > 0)
{
return ee()->output->show_user_error('general', $VAL->errors );
}
}
}
// ----------------------------------------
// Are we trying to accept file uploads?
// ----------------------------------------
if ( $this->_param('file_upload') != '' AND $this->upload_limit = $this->_param('upload_limit') )
{
$this->_upload_files( TRUE );
}
// ----------------------------------------
// 'freeform_module_validate_end' hook.
// - This allows developers to do more form validation.
// ----------------------------------------
if (ee()->extensions->active_hook('freeform_module_validate_end') === TRUE)
{
$errors = ee()->extensions->universal_call('freeform_module_validate_end', $errors);
if (ee()->extensions->end_script === TRUE) return;
}
// ----------------------------------------
// ----------------------------------------
// Do we have errors to display?
// ----------------------------------------
if (count($errors) > 0)
{
return ee()->output->show_user_error('submission', $errors);
}
// ----------------------------------------
// Do we require captcha?
// ----------------------------------------
if ( $this->_param('require_captcha') AND $this->check_yes($this->_param('require_captcha')) )
{
if ( $this->check_yes(ee()->config->item('captcha_require_members')) OR
( $this->check_no(ee()->config->item('captcha_require_members')) AND
ee()->session->userdata('member_id') == 0)
)
{
if ( ! ee()->input->post('captcha') OR ee()->input->post('captcha') == '')
{
return ee()->output->show_user_error('submission', ee()->lang->line('captcha_required'));
}
else
{
$res = ee()->db->query(
"SELECT COUNT(*)
AS count
FROM exp_captcha
WHERE word='" . ee()->db->escape_str(ee()->input->post('captcha')) . "'
AND ip_address = '" . ee()->db->escape_str(ee()->input->ip_address()) . "'
AND date > UNIX_TIMESTAMP()-7200"
);
if ($res->row('count') == 0)
{
return ee()->output->show_user_error('submission', ee()->lang->line('captcha_incorrect'));
}
// Moved because of file uploading errors
/*
ee()->db->query("DELETE FROM exp_captcha
WHERE (word='".ee()->db->escape_str($_POST['captcha'])."'
AND ip_address = '".ee()->db->escape_str(ee()->input->ip_address())."')
OR date < UNIX_TIMESTAMP()-7200");
*/
}
}
}
// ----------------------------------------
// Check Form Hash
// ----------------------------------------
if ( $this->check_yes(ee()->config->item('secure_forms')) )
{
$query = ee()->db->query(
"SELECT COUNT(*)
AS count
FROM exp_security_hashes
WHERE hash='" . ee()->db->escape_str(ee()->input->post('XID')) . "'
AND ip_address = '" . ee()->db->escape_str(ee()->input->ip_address())."'
AND date > UNIX_TIMESTAMP()-7200"
);
//email_change
if ($query->row('count') == 0)
{
return ee()->output->show_user_error('general', array(ee()->lang->line('not_authorized')));
}
// Moved because of file uploading errors
/* ee()->db->query("DELETE FROM exp_security_hashes
WHERE (hash='".ee()->db->escape_str($_POST['XID'])."'
AND ip_address = '".ee()->db->escape_str(ee()->input->ip_address())."')
OR date < UNIX_TIMESTAMP()-7200");
*/
}
// ----------------------------------------
// Let's get all of the fields from the
// database for testing purposes
// ----------------------------------------
$fields['form_name'] = "Collection Name";
$query = ee()->db->query(
"SELECT name, label
FROM exp_freeform_fields
ORDER BY field_order
ASC"
);
if ($query->num_rows() > 0)
{
foreach($query->result_array() as $row)
{
$fields[$row['name']] = $row['label'];
}
}
else
{
return false;
}
// ----------------------------------------
// Build the data array
// ----------------------------------------
$exclude = array('ACT', 'RET', 'URI', 'PRV', 'XID', 'return', 'ee_notify', 'ee_required', 'submit');
$include = array('status');
$data = array(
'author_id' => ee()->session->userdata['member_id'],
'group_id' => ee()->session->userdata['group_id'],
'ip_address' => ee()->input->ip_address(),
'entry_date' => ee()->localize->now,
'edit_date' => ee()->localize->now
);
foreach ( $_POST as $key => $val )
{
// ----------------------------------------
// If the given field is not a FreeForm
// field or not in our include list, then
// skip it.
// ----------------------------------------
if ( ! array_key_exists( $key, $fields ) AND ! in_array( $key, $include ) ) continue;
// ----------------------------------------
// If the given field is in our exclude
// list, then skip it.
// ----------------------------------------
if ( in_array( $key, $exclude ) ) continue;
if ( $key == 'website' )
{
ee()->security->xss_clean( prep_url( ee()->input->post('website') ) );
$data[$key] = ee()->input->post($key);
}
// If the field is a multi-select field, then handle it as such.
if ( is_array( $val ) )
{
$val = implode( "\n", $val );
$data[$key] = ee()->security->xss_clean($val);
}
else
{
$data[$key] = ee()->security->xss_clean($val);
}
}
//backup for form name in case it isnt in the post data
if ( ! isset($data['form_name']) AND $this->_param('form_name') !== FALSE)
{
$data['form_name'] = $this->_param('form_name');
}
//check to see if there is any missing data that we have in the params:
/*foreach($fields as $f_key => $f_value)
{
if ( ! isset($data[$f_key]) AND $this->_param($f_key) !== FALSE)
{
$data[$f_key] = $this->_param($f_key);
}
}*/
//i dont want to remove this because we might need it for some god awful reason, but it screws with stuff.
$fields['subject'] = "Subject";
// ----------------------------------------
// 'freeform_module_insert_begin' hook.
// - This allows developers to do one last thing before Freeform submit is ended.
// ----------------------------------------
if (ee()->extensions->active_hook('freeform_module_insert_begin') === TRUE)
{
$data = ee()->extensions->universal_call('freeform_module_insert_begin', $data);
if (ee()->extensions->end_script === TRUE) return;
}
// ------------------------------------------------------------------------------------
// Discarded data email_change
// ------------------------------------------------------------------------------------
// ----------------------------------------
// Are we discarding some field values and preventing data save on them?
// ----------------------------------------
if ( $this->_param('discard_field') != '' )
{
foreach ( explode( "|", $this->_param('discard_field') ) as $val )
{
if ( ! empty( $data[ $val ] ) )
{
$data[ $val ] = ee()->lang->line('discarded_field_data');
}
}
}
// ------------------------------------------------------------------------------------
// end Discarded data email_change
// ------------------------------------------------------------------------------------
// ----------------------------------------
// Submit data into DB
// ----------------------------------------
$sql = ee()->db->insert_string( 'exp_freeform_entries', $data ); //email_change
$query = ee()->db->query( $sql );
$this->entry_id = ee()->db->insert_id();
// ----------------------------------------
// Process file uploads
// ----------------------------------------
if ( count( $this->upload ) > 0 )
{
$this->_upload_files();
}
//----------------------------------------
// Delete CAPTCHA and Form Hash - Moved here because of File Upload Error possibilities
// ----------------------------------------
if ( $this->check_yes($this->_param('require_captcha')) && isset($_POST['captcha']))
{
ee()->db->query(
"DELETE FROM exp_captcha
WHERE (word='" . ee()->db->escape_str(ee()->input->post('captcha')) . "'
AND ip_address = '" . ee()->db->escape_str(ee()->input->ip_address()) . "')
OR date < UNIX_TIMESTAMP()-7200"
);
}
if ( $this->check_yes(ee()->config->item('secure_forms')) && ee()->input->post('XID') )
{
ee()->db->query(
"DELETE FROM exp_security_hashes
WHERE (hash='" . ee()->db->escape_str(ee()->input->post('XID')) . "'
AND ip_address = '" . ee()->db->escape_str(ee()->input->ip_address()) . "')
OR date < UNIX_TIMESTAMP()-7200"
);
}
// ----------------------------------------
// Send notifications
// ----------------------------------------
if ( $this->_param('ee_notify') != '' )
{
$recipients = preg_split("/,|\|/" , $this->_param('ee_notify') );
$template = ( $this->_param('template') AND $this->_param('template') != '' ) ?
$this->_param('template'): 'default_template';
// ----------------------------------------
// Generate message
// ----------------------------------------
$msg = array();
$query = ee()->db->query(
"SELECT *
FROM exp_freeform_templates
WHERE template_name = '" . ee()->db->escape_str($template) . "'
AND enable_template = 'y'
LIMIT 1"
);
if ( $query->num_rows() == 0 )
{
return ee()->output->show_user_error('general', array(ee()->lang->line('template_not_available')));
}
$msg['from_name'] = ( $query->row('data_from_name') != '' ) ?
$query->row('data_from_name'): ee()->config->item('webmaster_name');
$msg['from_email'] = ( $query->row('data_from_email') != '' ) ?
$query->row('data_from_email'): ee()->config->item('webmaster_email');
$msg['subject'] = $query->row('data_title');
$msg['msg'] = $query->row('template_data');
$wordwrap = $this->check_yes($query->row('wordwrap'));
$msg['subject'] = str_replace( LD.'entry_date'.RD,
ee()->localize->set_human_time(ee()->localize->now),
$msg['subject'] );
$msg['msg'] = str_replace( LD.'entry_date'.RD,
ee()->localize->set_human_time(ee()->localize->now),
$msg['msg'] );
$msg['subject'] = str_replace( LD.'freeform_entry_id'.RD, $this->entry_id, $msg['subject'] );
$msg['msg'] = str_replace( LD.'freeform_entry_id'.RD, $this->entry_id, $msg['msg'] );
if (preg_match_all("/".LD."(entry_date)\s+format=([\"'])(.*?)\\2".RD."/is",
$msg['subject'].$msg['msg'], $matches)
)
{
for ($j = 0; $j < count($matches[0]); $j++)
{
$val = $matches[3][$j];
foreach (ee()->localize->fetch_date_params($matches[3][$j]) AS $dvar)
{
$val = str_replace($dvar, ee()->localize->convert_timestamp($dvar, ee()->localize->now, TRUE), $val);
}
$msg['subject'] = str_replace( $matches[0][$j], $val, $msg['subject'] );
$msg['msg'] = str_replace( $matches[0][$j], $val, $msg['msg'] );
}
}
// ----------------------------------------
// Parse conditionals
// ----------------------------------------
//template isn't defined yet, so we have to fetch it
//1.x
if(APP_VER < 2.0)
{
if ( ! class_exists('Template'))
{
require PATH_CORE.'core.template'.EXT;
}
$local_TMPL = new Template();
}
//2.x
else
{
ee()->load->library('template');
$local_TMPL =& ee()->template;
}
$data['attachment_count'] = count( $this->attachments );
//i have no idea why this is being done instead of just using $data...
$cond = $data;
foreach( $msg as $key => $val )
{
$msg[$key] = $local_TMPL->advanced_conditionals(
ee()->functions->prep_conditionals( $msg[$key], $cond )
);
}
unset( $cond );
// ----------------------------------------
// Parse individual fields
// ----------------------------------------
$exclude = array('submit');
foreach ( $msg as $key => $val )
{
// ----------------------------------------
// Handle attachments
// ----------------------------------------
$msg[$key] = str_replace( LD."attachment_count".RD, $data['attachment_count'], $msg[$key] );
if ( $key == 'msg' )
{
$all_fields .= "Attachments: ".$data['attachment_count']."\n";
$n = 0;
foreach ( $this->attachments as $file )
{
$n++;
$all_fields .= "Attachment $n: ".$file['filename']." ".$this->upload['url'].$file['filename']."\n";
}
}
if ( preg_match( "/".LD."attachments".RD."(.*?)".LD."\/attachments".RD."/s", $msg[$key], $match ) )
{
if ( count( $this->attachments ) > 0 )
{
$str = '';
foreach ( $this->attachments as $file )
{
$tagdata = $match['1'];
$tagdata = str_replace( LD."fileurl".RD, $this->upload['url'].$file['filename'], $tagdata );
$tagdata = str_replace( LD."filename".RD, $file['filename'], $tagdata );
$str .= $tagdata;
}
$msg[$key] = str_replace( $match['0'], $str, $msg[$key] );
}
else
{
$msg[$key] = str_replace( $match['0'], "", $msg[$key] );
}
}
// ----------------------------------------
// Loop
// ----------------------------------------
foreach ( $fields as $name => $label )
{
if ( isset( $data[$name] ) AND ! in_array( $name, $exclude ) )
{
$msg[$key] = str_replace( LD.$name.RD, $data[$name], $msg[$key] );
// ----------------------------------------
// We don't want to concatenate for every
// time through the main loop.
// ----------------------------------------
if ( $key == 'msg' )
{
$all_fields .= $label.": ".$data[$name]."\n";
}
}
else
{
$msg[$key] = str_replace( LD.$name.RD, '', $msg[$key] );
}
}
}
// ----------------------------------------
// Parse all fields variable
// ----------------------------------------
if ( stristr( $msg['msg'], LD.'all_custom_fields'.RD ) )
{
$msg['msg'] = str_replace( LD.'all_custom_fields'.RD, $all_fields, $msg['msg'] );
}
// ----------------------------------------
// 'freeform_module_admin_notification' hook.
// - This allows developers to alter the
// $msg array before admin notification is sent.
// ----------------------------------------
if (ee()->extensions->active_hook('freeform_module_admin_notification') === TRUE)
{
$msg = ee()->extensions->universal_call('freeform_module_admin_notification', $fields, $this->entry_id, $msg);
if (ee()->extensions->end_script === TRUE) return;
}
// ----------------------------------------
// ----------------------------------------
// Send email
// ----------------------------------------
ee()->email->wordwrap = $wordwrap;
ee()->email->mailtype = ( $this->check_yes($query->row('html')) ) ? 'html': 'text';
if ( count( $this->attachments ) > 0 AND $this->check_yes($this->_param('send_attachment')) )
{
foreach ( $this->attachments as $file_name )
{
ee()->email->attach( $file_name['filepath'] );
}
ee()->db->query(
ee()->db->update_string(
'exp_freeform_attachments',
array( 'emailed' => 'y' ),
array( 'entry_id' => $this->entry_id )
)
);
}
foreach ($recipients as $val)
{
ee()->email->initialize();
ee()->email->from($msg['from_email'], $msg['from_name']);
ee()->email->to($val);
ee()->email->subject($msg['subject']);
ee()->email->message(entities_to_ascii($msg['msg']));
ee()->email->send();
}
ee()->email->clear(TRUE);
$msg = array();
// ----------------------------------------
// Register the template used
// ----------------------------------------
ee()->db->query(
ee()->db->update_string(
'exp_freeform_entries',
array( 'template' => $template),
array( 'entry_id' => $this->entry_id )
)
);
}
// ----------------------------------------
// Send user email email_change
// ----------------------------------------
if ($this->check_yes($this->_param('recipients')) AND
( ee()->session->userdata['group_id'] == 1 OR ee()->input->ip_address() != '0.0.0.0' ) AND
ee()->input->post('recipient_email') !== FALSE)
{
$all_fields = '';
//don't we already do this...?
$template = ( $this->_param('recipient_template') AND $this->_param('recipient_template') != '' ) ?
$this->_param('recipient_template') : 'default_template';
// ----------------------------------------
// Array of recipients?
// ----------------------------------------
if ( is_array( ee()->input->post('recipient_email') ) === TRUE AND
count( ee()->input->post('recipient_email') ) > 0 )
{
$recipient_email = ee()->input->post('recipient_email');
}
else
{
$recipient_email = array( ee()->input->post('recipient_email') );
}
// if we are using 'static recipients'. e.g., recipient1='bob|bob@email.com'
// parse out the uniqids and replace them with the real stored emails
if ( $this->_param('static_recipients') == TRUE )
{
//prevents injection and only uses hashed emails from the form
$temp_email = $recipient_email;
$recipient_email = array();
//parse email
$stored_recipients = $this->_param('static_recipients_list');
//have to check each email against the entire list.
foreach ( $temp_email as $key => $value )
{
foreach ( $stored_recipients as $recipient_data )
{
if ( $value == $recipient_data['key'] )
{
$recipient_email[] = $recipient_data['email'];
}
}
}
}
// ----------------------------------------
// Validate recipients?
// ----------------------------------------
$array = $this->_validate_recipients( implode( ",", $recipient_email ) );
$error = $array['error'];
$approved_tos = $array['approved'];
// ----------------------------------------
// Over our spam limit?
// ----------------------------------------
if ( $this->_param('static_recipients') != TRUE AND
count( $approved_tos ) > $this->_param( 'recipient_limit' ) )
{
$error[] = ee()->lang->line( 'recipient_limit_exceeded' );
}
// ----------------------------------------
// Errors?
// ----------------------------------------
if ( count( $error ) > 0 )
{
return ee()->output->show_user_error( 'general', $error );
}
// ----------------------------------------
// Check for spamming or hacking
// ----------------------------------------
$query = ee()->db->query(
"SELECT SUM(exp_freeform_user_email.email_count) AS count
FROM exp_freeform_entries, exp_freeform_user_email
WHERE exp_freeform_entries.entry_id = exp_freeform_user_email.entry_id
AND exp_freeform_entries.ip_address = '" . ee()->db->escape_str( ee()->input->ip_address() )."'
AND exp_freeform_entries.entry_date > '" . ee()->db->escape_str(
ee()->localize->now - ( 60 * ( (int) $this->prefs['spam_interval'] ) )
) . "'"
);
if ( $query->row('count') > $this->prefs['spam_count'] )
{
return ee()->email->output->show_user_error(
'general', array(ee()->lang->line('em_limit_exceeded')));
}
// ----------------------------------------
// Log the number of emails sent
// ----------------------------------------
ee()->db->query(
ee()->db->insert_string(
"exp_freeform_user_email",
array(
'email_count' => count( $approved_tos ) ,
'entry_id' => $this->entry_id
)
)
);
// ----------------------------------------
// Generate message
// ----------------------------------------
$msg = array();
$query = ee()->db->query(
"SELECT *
FROM exp_freeform_templates
WHERE template_name = '" . ee()->db->escape_str($template) . "'
AND enable_template = 'y'
LIMIT 1"
);
if ( $query->num_rows() == 0 )
{
return ee()->output->show_user_error('general', array(ee()->lang->line('template_not_available')));
}
$msg['from_name'] = ( $query->row('data_from_name') != '' ) ?
$query->row('data_from_name'): ee()->config->item('webmaster_name');
$msg['from_email'] = ( $query->row('data_from_email') != '' ) ?
$query->row('data_from_email'): ee()->config->item('webmaster_email');
$msg['subject'] = $query->row('data_title');
$msg['msg'] = $query->row('template_data');
$wordwrap = $this->check_yes($query->row('wordwrap'));
$msg['subject'] = str_replace( LD.'entry_date'.RD,
ee()->localize->set_human_time(ee()->localize->now),
$msg['subject'] );
$msg['msg'] = str_replace( LD.'entry_date'.RD,
ee()->localize->set_human_time(ee()->localize->now),
$msg['msg'] );
$msg['subject'] = str_replace( LD.'freeform_entry_id'.RD, $this->entry_id, $msg['subject'] );
$msg['msg'] = str_replace( LD.'freeform_entry_id'.RD, $this->entry_id, $msg['msg'] );
if (preg_match_all("/".LD."(entry_date)\s+format=([\"'])(.*?)\\2".RD."/is",
$msg['subject'].$msg['msg'], $matches)
)
{
for ($j = 0; $j < count($matches[0]); $j++)
{
$val = $matches[3][$j];
foreach (ee()->localize->fetch_date_params($matches[3][$j]) AS $dvar)
{
$val = str_replace($dvar, ee()->localize->convert_timestamp($dvar, ee()->localize->now, TRUE), $val);
}
$msg['subject'] = str_replace( $matches[0][$j], $val, $msg['subject'] );
$msg['msg'] = str_replace( $matches[0][$j], $val, $msg['msg'] );
}
}
// ----------------------------------------
// Parse conditionals
// ----------------------------------------
//template isn't defined yet, so we have to fetch it
//1.x
if(APP_VER < 2.0)
{
if ( ! class_exists('Template'))
{
require PATH_CORE.'core.template'.EXT;
}
$local_TMPL = new Template();
}
//2.x
else
{
ee()->load->library('template');
$local_TMPL =& ee()->template;
}
$data['attachment_count'] = count( $this->attachments );
$cond = $data;
foreach( $msg as $key => $val )
{
$msg[$key] = $local_TMPL->advanced_conditionals(
ee()->functions->prep_conditionals( $msg[$key], $cond )
);
}
unset( $cond );
// ----------------------------------------
// Parse individual fields
// ----------------------------------------
$exclude = array('submit');
foreach ( $msg as $key => $val )
{
// ----------------------------------------
// Handle attachments
// ----------------------------------------
$msg[$key] = str_replace( LD."attachment_count".RD, $data['attachment_count'], $msg[$key] );
if ( $key == 'msg' )
{
$all_fields .= "Attachments: ".$data['attachment_count']."\n";
$n = 0;
foreach ( $this->attachments as $file )
{
$n++;
$all_fields .= "Attachment $n: ".$file['filename']." ".$this->upload['url'].$file['filename']."\n";
}
}
if ( preg_match( "/".LD."attachments".RD."(.*?)".LD."\/attachments".RD."/s", $msg[$key], $match ) )
{
if ( count( $this->attachments ) > 0 )
{
$str = '';
foreach ( $this->attachments as $file )
{
$tagdata = $match['1'];
$tagdata = str_replace( LD."fileurl".RD, $this->upload['url'].$file['filename'], $tagdata );
$tagdata = str_replace( LD."filename".RD, $file['filename'], $tagdata );
$str .= $tagdata;
}
$msg[$key] = str_replace( $match['0'], $str, $msg[$key] );
}
else
{
$msg[$key] = str_replace( $match['0'], "", $msg[$key] );
}
}
// ----------------------------------------
// Loop
// ----------------------------------------
foreach ( $fields as $name => $label )
{
if ( isset( $data[$name] ) AND ! in_array( $name, $exclude ) )
{
$msg[$key] = str_replace( LD.$name.RD, $data[$name], $msg[$key] );
// ----------------------------------------
// We don't want to concatenate for every
// time through the main loop.
// ----------------------------------------
if ( $key == 'msg' )
{
$all_fields .= $label.": ".$data[$name]."\n";
}
}
else
{
$msg[$key] = str_replace( LD.$name.RD, '', $msg[$key] );
}
}
}
// ----------------------------------------
// Parse all fields variable
// ----------------------------------------
if ( stristr( $msg['msg'], LD.'all_custom_fields'.RD ) )
{
$msg['msg'] = str_replace( LD.'all_custom_fields'.RD, $all_fields, $msg['msg'] );
}
// ----------------------------------------
// 'freeform_recipient_email' hook.
// - This allows developers to alter the
// $msg array before admin notification is sent.
// ----------------------------------------
if (ee()->extensions->active_hook('freeform_recipient_email') === TRUE)
{
$msg = ee()->extensions->universal_call('freeform_recipient_email', $fields, $this->entry_id, $msg);
if (ee()->extensions->end_script === TRUE) return;
}
// ----------------------------------------
// ----------------------------------------
// Send email
// ----------------------------------------
ee()->email->wordwrap = $wordwrap;
ee()->email->mailtype = ( $this->check_yes($query->row('html')) ) ? 'html': 'text';
if ( count( $this->attachments ) > 0 AND $this->check_yes($this->_param('send_attachment')) )
{
foreach ( $this->attachments as $file_name )
{
ee()->email->attach( $file_name['filepath'] );
}
ee()->db->query(
ee()->db->update_string(
'exp_freeform_attachments',
array( 'emailed' => 'y' ),
array( 'entry_id' => $this->entry_id )
)
);
}
foreach ($approved_tos as $val)
{
ee()->email->initialize();
ee()->email->from($msg['from_email'], $msg['from_name']);
ee()->email->to($val);
ee()->email->subject($msg['subject']);
ee()->email->message(entities_to_ascii($msg['msg']));
ee()->email->send();
}
ee()->email->clear(TRUE);
$msg = array();
// ----------------------------------------
// Register the template used
// ----------------------------------------
ee()->db->query(
ee()->db->update_string(
'exp_freeform_entries',
array( 'template' => $template),
array( 'entry_id' => $this->entry_id )
)
);
}
// End send user recipients
// ----------------------------------------
// Send user email
// ----------------------------------------
//$msg = array(); email_change
if ( $this->check_yes($this->_param('send_user_email')) AND ee()->input->get_post('email') )
{
$all_fields = '';
$recipients = array();
$recipients[] = ee()->input->get_post('email');
$template = ( $this->_param('user_email_template') AND $this->_param('user_email_template') != '' ) ?
$this->_param('user_email_template'): 'default_template';
// ----------------------------------------
// Generate message
// ----------------------------------------
$msg = array();
$query = ee()->db->query(
"SELECT *
FROM exp_freeform_templates
WHERE template_name = '" . ee()->db->escape_str($template) . "'
AND enable_template = 'y'
LIMIT 1"
);
if ( $query->num_rows() == 0 )
{
return ee()->output->show_user_error('general', array(ee()->lang->line('template_not_available')));
}
$msg['from_name'] = ( $query->row('data_from_name') != '' ) ?
$query->row('data_from_name') : ee()->config->item('webmaster_name');
$msg['from_email'] = ( $query->row('data_from_email') != '' ) ?
$query->row('data_from_email') : ee()->config->item('webmaster_email');
$msg['subject'] = $query->row('data_title');
$msg['msg'] = $query->row('template_data');
$wordwrap = ( $this->check_yes($query->row('wordwrap')) ) ? TRUE: FALSE;
$msg['subject'] = str_replace( LD.'entry_date'.RD,
ee()->localize->set_human_time(ee()->localize->now),
$msg['subject'] );
$msg['msg'] = str_replace( LD.'entry_date'.RD,
ee()->localize->set_human_time(ee()->localize->now),
$msg['msg'] );
$msg['subject'] = str_replace( LD.'freeform_entry_id'.RD, $this->entry_id, $msg['subject'] );
$msg['msg'] = str_replace( LD.'freeform_entry_id'.RD, $this->entry_id, $msg['msg'] );
/* email_change*/
if (preg_match_all("/".LD."(entry_date)\s+format=([\"'])(.*?)\\2".RD."/is", $msg['subject'].$msg['msg'], $matches))
{
for ($j = 0; $j < count($matches[0]); $j++)
{
$val = $matches[3][$j];
foreach (ee()->localize->fetch_date_params($matches[3][$j]) AS $dvar)
{
$val = str_replace( $dvar,
ee()->localize->convert_timestamp($dvar, ee()->localize->now, TRUE),
$val);
}
$msg['subject'] = str_replace( $matches[0][$j], $val, $msg['subject'] );
$msg['msg'] = str_replace( $matches[0][$j], $val, $msg['msg'] );
}
}
// ----------------------------------------
// Parse conditionals
// ----------------------------------------
//template isn't defined yet, so we have to fetch it
//1.x
if(APP_VER < 2.0)
{
if ( ! class_exists('Template'))
{
require PATH_CORE.'core.template'.EXT;
}
$local_TMPL = new Template();
}
//2.x
else
{
ee()->load->library('template');
$local_TMPL =& ee()->template;
}
$data['attachment_count'] = count( $this->attachments );
$cond = $data;
foreach( $msg as $key => $val )
{
$msg[$key] = $local_TMPL->advanced_conditionals(
ee()->functions->prep_conditionals( $msg[$key], $cond )
);
}
unset( $cond );
// ----------------------------------------
// Parse individual fields
// ----------------------------------------
$exclude = array('submit');
foreach ( $msg as $key => $val )
{
// ----------------------------------------
// Handle attachments
// ----------------------------------------
$msg[$key] = str_replace( LD."attachment_count".RD, $data['attachment_count'], $msg[$key] );
if ( $key == 'msg' )
{
$all_fields .= "Attachments: ".$data['attachment_count']."\n";
$n = 0;
foreach ( $this->attachments as $file )
{
$n++;
$all_fields .= "Attachment $n: ".$file['filename']." ".$this->upload['url'].$file['filename']."\n";
}
}
if ( preg_match( "/".LD."attachments".RD."(.*?)".LD."\/attachments".RD."/s", $msg[$key], $match ) )
{
if ( count( $this->attachments ) > 0 )
{
$str = '';
foreach ( $this->attachments as $file )
{
$tagdata = $match['1'];
$tagdata = str_replace( LD."fileurl".RD, $this->upload['url'].$file['filename'], $tagdata );
$tagdata = str_replace( LD."filename".RD, $file['filename'], $tagdata );
$str .= $tagdata;
}
$msg[$key] = str_replace( $match['0'], $str, $msg[$key] );
}
else
{
$msg[$key] = str_replace( $match['0'], "", $msg[$key] );
}
}
// ----------------------------------------
// Loop
// ----------------------------------------
foreach ( $fields as $name => $label )
{
if ( isset( $data[$name] ) AND ! in_array( $name, $exclude ) )
{
$msg[$key] = str_replace( LD.$name.RD, $data[$name], $msg[$key] );
// ----------------------------------------
// We don't want to concatenate for every
// time through the main loop.
// ----------------------------------------
if ( $key == 'msg' )
{
$all_fields .= $label.": ".$data[$name]."\n";
}
}
else
{
$msg[$key] = str_replace( LD.$name.RD, '', $msg[$key] );
}
}
}
// ----------------------------------------
// Parse all fields variable
// ----------------------------------------
if ( stristr( $msg['msg'], LD.'all_custom_fields'.RD ) )
{
$msg['msg'] = str_replace( LD.'all_custom_fields'.RD, $all_fields, $msg['msg'] );
}
// ----------------------------------------
// 'freeform_module_user_notification' hook.
// - This allows developers to alter the $msg array before user notification is sent.
// ----------------------------------------
if (ee()->extensions->active_hook('freeform_module_user_notification') === TRUE)
{
$msg = ee()->extensions->universal_call('freeform_module_user_notification', $fields, $this->entry_id, $msg);
if (ee()->extensions->end_script === TRUE) return;
}
// ----------------------------------------
// ----------------------------------------
// Send email
// ----------------------------------------
//ee()->load->library('email');
ee()->email->wordwrap = $wordwrap;
ee()->email->mailtype = ( $this->check_yes($query->row('html')) ) ? 'html': 'text';
if ( count( $this->attachments ) > 0 AND $this->check_yes($this->_param('send_user_attachment')) )
{
foreach ( $this->attachments as $file_name )
{
ee()->email->attach( $file_name['filepath'] );
}
ee()->db->query(
ee()->db->update_string(
'exp_freeform_attachments',
array( 'emailed' => 'y' ),
array( 'entry_id' => $this->entry_id )
)
);
}
foreach ($recipients as $val)
{
ee()->email->initialize();
ee()->email->from($msg['from_email'], $msg['from_name']);
ee()->email->to($val);
ee()->email->subject($msg['subject']);
ee()->email->message(entities_to_ascii($msg['msg']));
ee()->email->send();
}
$msg = array();
ee()->email->clear(TRUE);
}
// End send user email
// ----------------------------------------
// Subscribe to mailing lists
// ----------------------------------------
if ( ee()->input->get_post('mailinglist') )
{
if ( ee()->db->table_exists('exp_mailing_lists') )
{
// ----------------------------------------
// Do we have an email?
// ----------------------------------------
if ( $email = ee()->input->get_post('email') )
{
// ----------------------------------------
// Explode mailinglist parameter
// ----------------------------------------
if ( is_array( ee()->input->post('mailinglist') ) )
{
$lists = implode( "','", ee()->db->escape_str(ee()->input->post('mailinglist')));
}
else
{
$lists = ee()->db->escape_str(ee()->input->post('mailinglist'));
}
// ----------------------------------------
// Get lists
// ----------------------------------------
$subscribed = '';
$sub = ee()->db->query(
"SELECT list_id
FROM exp_mailing_list
WHERE email = '" . ee()->db->escape_str($email) . "'
GROUP BY list_id"
);
if ( $sub->num_rows() > 0 )
{
foreach( $sub->result_array() as $row )
{
$subscribed[] = $row['list_id'];
}
$subscribed = " AND list_id NOT IN (".implode(',', $subscribed).") ";
}
$query = ee()->db->query(
"SELECT DISTINCT list_id, list_title
FROM exp_mailing_lists
WHERE ( list_id IN ('" . $lists . "') OR
list_name IN ('" . $lists . "') ) " . $subscribed
);
if ( $query->num_rows() > 0 AND $query->num_rows() < 50 )
{
// Kill duplicate emails from authorization queue. This prevents an error if a user
// signs up but never activates their email, then signs up again.
ee()->db->query(
"DELETE FROM exp_mailing_list_queue
WHERE email = '" . ee()->db->escape_str($email) . "'"
);
foreach ( $query->result_array() as $row )
{
// ----------------------------------------
// Insert email
// ----------------------------------------
$code = ee()->functions->random('alpha', 10);
if ( $this->check_no(ee()->input->get_post('mailinglist_opt_in')) )
{
ee()->db->query(
ee()->db->insert_string(
'exp_mailing_list',
array(
'user_id' => '',
'list_id' => $row['list_id'],
'authcode' => $code,
'email' => $email,
'ip_address' => ee()->input->ip_address()
)
)
);
// ----------------------------------------
// Is there an admin notification to send?
// ----------------------------------------
if ($this->check_yes(ee()->config->item('mailinglist_notify')) AND
ee()->config->item('mailinglist_notify_emails') != '')
{
$query = ee()->db->query(
"SELECT list_title
FROM exp_mailing_lists
WHERE list_id = '" . ee()->db->escape_str($row['list_id']) . "'"
);
$swap = array(
'email' => $email,
'mailing_list' => $query->row('list_title')
);
$template = ee()->functions->fetch_email_template('admin_notify_mailinglist');
$email_tit = ee()->functions->var_swap($template['title'], $swap);
$email_msg = ee()->functions->var_swap($template['data'], $swap);
// ----------------------------
// Send email
// ----------------------------
$notify_address = $this->remove_extra_commas(
ee()->config->item('mailinglist_notify_emails')
);
if ($notify_address != '')
{
// ----------------------------
// Send email
// ----------------------------
//ee()->load->library('email');
foreach (explode(',', $notify_address) as $addy)
{
ee()->email->initialize();
ee()->email->wordwrap = true;
ee()->email->from(
ee()->config->item('webmaster_email'),
ee()->config->item('webmaster_name')
);
ee()->email->to($addy);
ee()->email->reply_to(ee()->config->item('webmaster_email'));
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->Send();
}
ee()->email->clear(TRUE);
}
}
}
else
{
ee()->db->query(
"INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)
VALUES ('" . ee()->db->escape_str($email) . "', '" .
ee()->db->escape_str($row['list_id']) ."', '" .
ee()->db->escape_str($code) . "', '" . time() . "')"
);
$this->send_email_confirmation($email, $row, $code);
}
}
}
}
}
}
// End subscribe to mailinglists
// ----------------------------------------
// 'freeform_module_insert_end' hook.
// - This allows developers to do one last thing before Freeform submit is ended.
// ----------------------------------------
if (ee()->extensions->active_hook('freeform_module_insert_end') === TRUE)
{
$edata = ee()->extensions->universal_call('freeform_module_insert_end', $fields, $this->entry_id, $msg);
if (ee()->extensions->end_script === TRUE) return;
}
// ----------------------------------------
// ----------------------------------------
// Set return
// ----------------------------------------
if ( ! $return = ee()->input->get_post('return') )
{
$return = ee()->input->get_post('RET');
}
if ( preg_match( "/".LD."\s*path=(.*?)".RD."/", $return, $match ) > 0 )
{
$return = ee()->functions->create_url( $match['1'] );
}
elseif ( stristr( $return, "http://" ) === FALSE && stristr( $return, "https://" ) === FALSE )
{
$return = ee()->functions->create_url( $return );
}
$return = str_replace( "%%entry_id%%", $this->entry_id, $return );
$return = $this->_chars_decode( $return );
// ----------------------------------------
// Return the user
// ----------------------------------------
if ( $return != '' )
{
ee()->functions->redirect( $return );
}
else
{
ee()->functions->redirect( ee()->functions->fetch_site_index() );
}
exit;
}
static function fulltext($string)
{
global $ci;
$ci->load->helper('text');
$string = str_replace(array("\r\n", "\r", "\n"), ' ', strip_tags(nl2br($string)));
$string = convert_accented_characters(entities_to_ascii($string));
return trim(preg_replace('/\\s(?=\\s)/', '', $string));
}
/**
* Register Member
*/
public function register_member()
{
// Do we allow new member registrations?
if (ee()->config->item('allow_member_registration') == 'n') {
return FALSE;
}
// Is user banned?
if (ee()->session->userdata('is_banned') === TRUE) {
return ee()->output->show_user_error('general', array(lang('not_authorized')));
}
// Blacklist/Whitelist Check
if (ee()->blacklist->blacklisted == 'y' && ee()->blacklist->whitelisted == 'n') {
return ee()->output->show_user_error('general', array(lang('not_authorized')));
}
ee()->load->helper('url');
// -------------------------------------------
// 'member_member_register_start' hook.
// - Take control of member registration routine
// - Added EE 1.4.2
//
ee()->extensions->call('member_member_register_start');
if (ee()->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
// Set the default globals
$default = array('username', 'password', 'password_confirm', 'email', 'screen_name', 'url', 'location');
foreach ($default as $val) {
if (!isset($_POST[$val])) {
$_POST[$val] = '';
}
}
if ($_POST['screen_name'] == '') {
$_POST['screen_name'] = $_POST['username'];
}
// Instantiate validation class
if (!class_exists('EE_Validate')) {
require APPPATH . 'libraries/Validate.php';
}
$VAL = new EE_Validate(array('member_id' => '', 'val_type' => 'new', 'fetch_lang' => TRUE, 'require_cpw' => FALSE, 'enable_log' => FALSE, 'username' => trim_nbs($_POST['username']), 'cur_username' => '', 'screen_name' => trim_nbs($_POST['screen_name']), 'cur_screen_name' => '', 'password' => $_POST['password'], 'password_confirm' => $_POST['password_confirm'], 'cur_password' => '', 'email' => trim($_POST['email']), 'cur_email' => ''));
$VAL->validate_username();
$VAL->validate_screen_name();
$VAL->validate_password();
$VAL->validate_email();
// Do we have any custom fields?
$query = ee()->db->select('m_field_id, m_field_name, m_field_label, m_field_type, m_field_list_items, m_field_required')->where('m_field_reg', 'y')->get('member_fields');
$cust_errors = array();
$cust_fields = array();
if ($query->num_rows() > 0) {
foreach ($query->result_array() as $row) {
$field_name = 'm_field_id_' . $row['m_field_id'];
// Assume we're going to save this data, unless it's empty to begin with
$valid = isset($_POST[$field_name]) && $_POST[$field_name] != '';
// Basic validations
if ($row['m_field_required'] == 'y' && !$valid) {
$cust_errors[] = lang('mbr_field_required') . ' ' . $row['m_field_label'];
} elseif ($row['m_field_type'] == 'select' && $valid) {
// Ensure their selection is actually a valid choice
$options = explode("\n", $row['m_field_list_items']);
if (!in_array(htmlentities($_POST[$field_name]), $options)) {
$valid = FALSE;
$cust_errors[] = lang('mbr_field_invalid') . ' ' . $row['m_field_label'];
}
}
if ($valid) {
$cust_fields[$field_name] = ee()->security->xss_clean($_POST[$field_name]);
}
}
}
if (isset($_POST['email_confirm']) && $_POST['email'] != $_POST['email_confirm']) {
$cust_errors[] = lang('mbr_emails_not_match');
}
if (ee()->config->item('use_membership_captcha') == 'y') {
if (!isset($_POST['captcha']) or $_POST['captcha'] == '') {
$cust_errors[] = lang('captcha_required');
}
}
if (ee()->config->item('require_terms_of_service') == 'y') {
if (!isset($_POST['accept_terms'])) {
$cust_errors[] = lang('mbr_terms_of_service_required');
}
}
// -------------------------------------------
// 'member_member_register_errors' hook.
// - Additional error checking prior to submission
// - Added EE 2.5.0
//
ee()->extensions->call('member_member_register_errors', $this);
if (ee()->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
$errors = array_merge($VAL->errors, $cust_errors, $this->errors);
// Display error is there are any
if (count($errors) > 0) {
return ee()->output->show_user_error('submission', $errors);
}
// Do we require captcha?
if (ee()->config->item('use_membership_captcha') == 'y') {
$query = ee()->db->query("SELECT COUNT(*) AS count FROM exp_captcha WHERE word='" . ee()->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . ee()->input->ip_address() . "' AND date > UNIX_TIMESTAMP()-7200");
if ($query->row('count') == 0) {
return ee()->output->show_user_error('submission', array(lang('captcha_incorrect')));
}
ee()->db->query("DELETE FROM exp_captcha WHERE (word='" . ee()->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . ee()->input->ip_address() . "') OR date < UNIX_TIMESTAMP()-7200");
}
ee()->load->helper('security');
// Assign the base query data
$data = array('username' => trim_nbs(ee()->input->post('username')), 'password' => sha1($_POST['password']), 'ip_address' => ee()->input->ip_address(), 'unique_id' => ee()->functions->random('encrypt'), 'join_date' => ee()->localize->now, 'email' => trim_nbs(ee()->input->post('email')), 'screen_name' => trim_nbs(ee()->input->post('screen_name')), 'url' => prep_url(ee()->input->post('url')), 'location' => ee()->input->post('location'), 'language' => ee()->config->item('deft_lang') ? ee()->config->item('deft_lang') : 'english', 'date_format' => ee()->config->item('date_format') ? ee()->config->item('date_format') : '%n/%j/%y', 'time_format' => ee()->config->item('time_format') ? ee()->config->item('time_format') : '12', 'include_seconds' => ee()->config->item('include_seconds') ? ee()->config->item('include_seconds') : 'n', 'timezone' => ee()->config->item('default_site_timezone'));
// Set member group
if (ee()->config->item('req_mbr_activation') == 'manual' or ee()->config->item('req_mbr_activation') == 'email') {
$data['group_id'] = 4;
// Pending
} else {
if (ee()->config->item('default_member_group') == '') {
$data['group_id'] = 4;
// Pending
} else {
$data['group_id'] = ee()->config->item('default_member_group');
}
}
// Optional Fields
$optional = array('bio' => 'bio', 'language' => 'deft_lang', 'timezone' => 'server_timezone', 'date_format' => 'date_format', 'time_format' => 'time_format', 'include_seconds' => 'include_seconds');
foreach ($optional as $key => $value) {
if (isset($_POST[$value])) {
$data[$key] = $_POST[$value];
}
}
// We generate an authorization code if the member needs to self-activate
if (ee()->config->item('req_mbr_activation') == 'email') {
$data['authcode'] = ee()->functions->random('alnum', 10);
}
// Insert basic member data
ee()->db->query(ee()->db->insert_string('exp_members', $data));
$member_id = ee()->db->insert_id();
// Insert custom fields
$cust_fields['member_id'] = $member_id;
ee()->db->query(ee()->db->insert_string('exp_member_data', $cust_fields));
// Create a record in the member homepage table
// This is only necessary if the user gains CP access,
// but we'll add the record anyway.
ee()->db->query(ee()->db->insert_string('exp_member_homepage', array('member_id' => $member_id)));
// Mailinglist Subscribe
$mailinglist_subscribe = FALSE;
if (isset($_POST['mailinglist_subscribe']) && is_numeric($_POST['mailinglist_subscribe'])) {
// Kill duplicate emails from authorizatin queue.
ee()->db->where('email', $_POST['email'])->delete('mailing_list_queue');
// Validate Mailing List ID
$query = ee()->db->select('COUNT(*) as count')->where('list_id', $_POST['mailinglist_subscribe'])->get('mailing_lists');
// Email Not Already in Mailing List
$results = ee()->db->select('COUNT(*) as count')->where('email', $_POST['email'])->where('list_id', $_POST['mailinglist_subscribe'])->get('mailing_list');
// INSERT Email
if ($query->row('count') > 0 && $results->row('count') == 0) {
$mailinglist_subscribe = TRUE;
$code = ee()->functions->random('alnum', 10);
if (ee()->config->item('req_mbr_activation') == 'email') {
// Activated When Membership Activated
ee()->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)\r\n\t\t\t\t\t\t\t\tVALUES ('" . ee()->db->escape_str($_POST['email']) . "', '" . ee()->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . time() . "')");
} elseif (ee()->config->item('req_mbr_activation') == 'manual') {
// Mailing List Subscribe Email
ee()->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)\r\n\t\t\t\t\t\t\t\tVALUES ('" . ee()->db->escape_str($_POST['email']) . "', '" . ee()->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . time() . "')");
ee()->lang->loadfile('mailinglist');
$action_id = ee()->functions->fetch_action_id('Mailinglist', 'authorize_email');
$swap = array('activation_url' => ee()->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&id=' . $code, 'site_name' => stripslashes(ee()->config->item('site_name')), 'site_url' => ee()->config->item('site_url'));
$template = ee()->functions->fetch_email_template('mailinglist_activation_instructions');
$email_tit = ee()->functions->var_swap($template['title'], $swap);
$email_msg = ee()->functions->var_swap($template['data'], $swap);
// Send email
ee()->load->library('email');
ee()->email->wordwrap = true;
ee()->email->mailtype = 'plain';
ee()->email->priority = '3';
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($_POST['email']);
ee()->email->subject($email_tit);
ee()->email->message($email_msg);
ee()->email->send();
} else {
// Automatically Accepted
ee()->db->query("INSERT INTO exp_mailing_list (list_id, authcode, email, ip_address)\r\n\t\t\t\t\t\t\t\t\t\t VALUES ('" . ee()->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . ee()->db->escape_str($_POST['email']) . "', '" . ee()->db->escape_str(ee()->input->ip_address()) . "')");
}
}
}
// Update
if (ee()->config->item('req_mbr_activation') == 'none') {
ee()->stats->update_member_stats();
}
// Send admin notifications
if (ee()->config->item('new_member_notification') == 'y' && ee()->config->item('mbr_notification_emails') != '') {
$name = $data['screen_name'] != '' ? $data['screen_name'] : $data['username'];
$swap = array('name' => $name, 'site_name' => stripslashes(ee()->config->item('site_name')), 'control_panel_url' => ee()->config->item('cp_url'), 'username' => $data['username'], 'email' => $data['email']);
$template = ee()->functions->fetch_email_template('admin_notify_reg');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
// Remove multiple commas
$notify_address = reduce_multiples(ee()->config->item('mbr_notification_emails'), ',', TRUE);
// Send email
ee()->load->helper('text');
ee()->load->library('email');
ee()->email->wordwrap = true;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($notify_address);
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->Send();
}
// -------------------------------------------
// 'member_member_register' hook.
// - Additional processing when a member is created through the User Side
// - $member_id added in 2.0.1
//
ee()->extensions->call('member_member_register', $data, $member_id);
if (ee()->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
// Send user notifications
if (ee()->config->item('req_mbr_activation') == 'email') {
$action_id = ee()->functions->fetch_action_id('Member', 'activate_member');
$name = $data['screen_name'] != '' ? $data['screen_name'] : $data['username'];
$board_id = ee()->input->get_post('board_id') !== FALSE && is_numeric(ee()->input->get_post('board_id')) ? ee()->input->get_post('board_id') : 1;
$forum_id = ee()->input->get_post('FROM') == 'forum' ? '&r=f&board_id=' . $board_id : '';
$add = $mailinglist_subscribe !== TRUE ? '' : '&mailinglist=' . $_POST['mailinglist_subscribe'];
$swap = array('name' => $name, 'activation_url' => ee()->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&id=' . $data['authcode'] . $forum_id . $add, 'site_name' => stripslashes(ee()->config->item('site_name')), 'site_url' => ee()->config->item('site_url'), 'username' => $data['username'], 'email' => $data['email']);
$template = ee()->functions->fetch_email_template('mbr_activation_instructions');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
// Send email
ee()->load->helper('text');
ee()->load->library('email');
ee()->email->wordwrap = true;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($data['email']);
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->Send();
$message = lang('mbr_membership_instructions_email');
} elseif (ee()->config->item('req_mbr_activation') == 'manual') {
$message = lang('mbr_admin_will_activate');
} else {
// Log user in (the extra query is a little annoying)
ee()->load->library('auth');
$member_data_q = ee()->db->get_where('members', array('member_id' => $member_id));
$incoming = new Auth_result($member_data_q->row());
$incoming->remember_me();
$incoming->start_session();
$message = lang('mbr_your_are_logged_in');
}
// Build the message
if (ee()->input->get_post('FROM') == 'forum') {
$query = $this->_do_form_query();
$site_name = $query->row('board_label');
$return = $query->row('board_forum_url');
} else {
$site_name = ee()->config->item('site_name') == '' ? lang('back') : stripslashes(ee()->config->item('site_name'));
$return = ee()->config->item('site_url');
}
$data = array('title' => lang('mbr_registration_complete'), 'heading' => lang('thank_you'), 'content' => lang('mbr_registration_completed') . "\n\n" . $message, 'redirect' => '', 'link' => array($return, $site_name));
ee()->output->show_message($data);
}
function register_member($ext, $doRegister = TRUE, $error_handling = '')
{
$this->EE->load->helper('security');
$inline_errors = array();
//$this->EE->load->language("member");
/** -------------------------------------
/** Do we allow new member registrations?
/** ------------------------------------*/
if ($this->EE->config->item('allow_member_registration') == 'n') {
return array('general', array($this->EE->lang->line('member_registrations_not_allowed')));
}
/** ----------------------------------------
/** Is user banned?
/** ----------------------------------------*/
if ($this->EE->session->userdata['is_banned'] == TRUE) {
return array('general', array($this->EE->lang->line('not_authorized')));
}
/** ----------------------------------------
/** Blacklist/Whitelist Check
/** ----------------------------------------*/
if ($this->EE->blacklist->blacklisted == 'y' && $this->EE->blacklist->whitelisted == 'n') {
return array('general', array($this->EE->lang->line('not_authorized')));
}
$this->EE->load->helper('url');
/* -------------------------------------------
/* 'member_member_register_start' hook.
/* - Take control of member registration routine
/* - Added EE 1.4.2
*/
$edata = $this->EE->extensions->call('member_member_register_start');
if ($this->EE->extensions->end_script === TRUE) {
return;
}
/*
/* -------------------------------------------*/
/** ----------------------------------------
/** Set the default globals
/** ----------------------------------------*/
$default = array('username', 'password', 'password_confirm', 'email', 'screen_name', 'url', 'location');
foreach ($default as $val) {
if (!isset($_POST[$val])) {
$_POST[$val] = '';
}
}
if ($_POST['screen_name'] == '') {
$_POST['screen_name'] = $_POST['username'];
}
/** -------------------------------------
/** Instantiate validation class
/** -------------------------------------*/
if (!class_exists('EE_Validate')) {
require APPPATH . 'libraries/Validate' . EXT;
}
$VAL = new EE_Validate(array('member_id' => '', 'val_type' => 'new', 'fetch_lang' => TRUE, 'require_cpw' => FALSE, 'enable_log' => FALSE, 'username' => $_POST['username'], 'cur_username' => '', 'screen_name' => $_POST['screen_name'], 'cur_screen_name' => '', 'password' => $_POST['password'], 'password_confirm' => $_POST['password_confirm'], 'cur_password' => '', 'email' => $_POST['email'], 'cur_email' => ''));
// load the language file
$this->EE->lang->loadfile('zoo_visitor');
$VAL->validate_email();
$inline_errors["email"] = $VAL->errors;
$offset = count($VAL->errors);
/** -------------------------------------
/** Zoo Visitor conditional checking
/** -------------------------------------*/
if ($this->zoo_settings['email_is_username'] != 'yes') {
$VAL->validate_username();
$inline_errors["username"] = array_slice($VAL->errors, $offset);
$offset = count($VAL->errors);
}
if ($this->zoo_settings['use_screen_name'] != "no") {
$VAL->validate_screen_name();
$inline_errors["screen_name"] = array_slice($VAL->errors, $offset);
$offset = count($VAL->errors);
}
$VAL->validate_password();
$inline_errors["password"] = array_slice($VAL->errors, $offset);
$offset = count($VAL->errors);
/** -------------------------------------
/** Do we have any custom fields?
/** -------------------------------------*/
$query = $this->EE->db->query("SELECT m_field_id, m_field_name, m_field_label, m_field_required FROM exp_member_fields");
$cust_errors = array();
$cust_fields = array();
if ($query->num_rows() > 0) {
foreach ($query->result_array() as $row) {
if ($row['m_field_required'] == 'y' && (!isset($_POST['m_field_id_' . $row['m_field_id']]) or $_POST['m_field_id_' . $row['m_field_id']] == '')) {
$cust_errors[] = $this->EE->lang->line('mbr_field_required') . ' ' . $row['m_field_label'];
$inline_errors[$row['m_field_name']] = array($this->EE->lang->line('mbr_field_required') . ' ' . $row['m_field_label']);
} elseif (isset($_POST['m_field_id_' . $row['m_field_id']])) {
$cust_fields['m_field_id_' . $row['m_field_id']] = $this->EE->security->xss_clean($_POST['m_field_id_' . $row['m_field_id']]);
}
}
}
if (isset($_POST['email_confirm']) && $_POST['email'] != $_POST['email_confirm']) {
$cust_errors[] = $this->EE->lang->line('mbr_emails_not_match');
$inline_errors["email_confirm"] = array($this->EE->lang->line('mbr_emails_not_match'));
}
if ($this->EE->config->item('use_membership_captcha') == 'y') {
if (!isset($_POST['captcha']) or $_POST['captcha'] == '') {
$cust_errors[] = $this->EE->lang->line('captcha_required');
$inline_errors["captcha"] = array($this->EE->lang->line('captcha_required'));
}
}
/** ----------------------------------------
/** Do we require captcha?
/** ----------------------------------------*/
if ($this->EE->config->item('use_membership_captcha') == 'y') {
$query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_captcha WHERE word='" . $this->EE->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "' AND date > UNIX_TIMESTAMP()-7200");
if ($query->row('count') == 0) {
$cust_errors[] = $this->EE->lang->line('captcha_incorrect');
$inline_errors["captcha"] = array($this->EE->lang->line('captcha_incorrect'));
}
//$this->EE->db->query("DELETE FROM exp_captcha WHERE (word='" . $this->EE->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "') OR date < UNIX_TIMESTAMP()-7200");
}
if ($this->EE->config->item('require_terms_of_service') == 'y') {
if (!isset($_POST['accept_terms'])) {
$cust_errors[] = $this->EE->lang->line('mbr_terms_of_service_required');
$inline_errors["accept_terms"] = array($this->EE->lang->line('mbr_terms_of_service_required'));
}
}
$errors = array_merge($VAL->errors, $cust_errors);
// ===========================
// = Set default membergroup =
// ===========================
if ($this->EE->config->item('req_mbr_activation') == 'manual' or $this->EE->config->item('req_mbr_activation') == 'email') {
$data['group_id'] = 4;
// Pending
} else {
if ($this->EE->config->item('default_member_group') == '') {
$data['group_id'] = 4;
// Pending
} else {
$data['group_id'] = $this->EE->config->item('default_member_group');
}
}
// ============================================
// = Check if there is a membergroup selected =
// ============================================
$selected_group_id = $this->check_membergroup_change($data);
/** -------------------------------------
/** Display error is there are any
/** -------------------------------------*/
if (count($errors) > 0) {
return array('submission', $inline_errors);
//return array('submission', $errors);
}
if (!$doRegister) {
return TRUE;
}
/** ----------------------------------------
/** Secure Mode Forms?
/** ----------------------------------------*/
if ($this->EE->config->item('secure_forms') == 'y') {
if (version_compare(APP_VER, '2.5.4', '>=')) {
// Secure Mode Forms?
if ($this->EE->config->item('secure_forms') == 'y' and !$this->EE->security->secure_forms_check($this->EE->input->post('XID'))) {
return $this->EE->output->show_user_error('general', array(lang('not_authorized')));
}
} else {
$query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_security_hashes WHERE hash='" . $this->EE->db->escape_str($_POST['XID']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "' AND ip_address = '" . $this->EE->input->ip_address() . "' AND date > UNIX_TIMESTAMP()-7200");
if ($query->row('count') == 0) {
return array('general', array($this->EE->lang->line('not_authorized')));
}
$this->EE->db->query("DELETE FROM exp_security_hashes WHERE (hash='" . $this->EE->db->escape_str($_POST['XID']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "') OR date < UNIX_TIMESTAMP()-7200");
}
}
/** -------------------------------------
/** Assign the base query data
/** -------------------------------------*/
$data['username'] = $_POST['username'];
$data['password'] = version_compare(APP_VER, '2.6.0', '<') ? $this->EE->functions->hash(stripslashes($_POST['password'])) : do_hash(stripslashes($_POST['password']));
$data['ip_address'] = $this->EE->input->ip_address();
$data['unique_id'] = $this->EE->functions->random('encrypt');
$data['join_date'] = $this->EE->localize->now;
$data['email'] = $_POST['email'];
$data['screen_name'] = $_POST['screen_name'];
$data['url'] = prep_url($_POST['url']);
$data['location'] = $_POST['location'];
// overridden below if used as optional fields
$data['language'] = $this->EE->config->item('deft_lang') ? $this->EE->config->item('deft_lang') : 'english';
$data['time_format'] = $this->EE->config->item('time_format') ? $this->EE->config->item('time_format') : 'us';
$data['timezone'] = $this->EE->config->item('default_site_timezone') && $this->EE->config->item('default_site_timezone') != '' ? $this->EE->config->item('default_site_timezone') : $this->EE->config->item('server_timezone');
if (APP_VER < '2.6.0') {
$data['daylight_savings'] = $this->EE->config->item('default_site_dst') && $this->EE->config->item('default_site_dst') != '' ? $this->EE->config->item('default_site_dst') : $this->EE->config->item('daylight_savings');
}
// ==========================
// = Standard member fields =
// ==========================
$fields = array('bday_y', 'bday_m', 'bday_d', 'url', 'location', 'occupation', 'interests', 'aol_im', 'icq', 'yahoo_im', 'msn_im', 'bio');
foreach ($fields as $val) {
if ($this->EE->input->post($val)) {
$data[$val] = isset($_POST[$val]) ? $this->EE->security->xss_clean($_POST[$val]) : '';
unset($_POST[$val]);
}
}
if (isset($data['bday_d']) && is_numeric($data['bday_d']) && is_numeric($data['bday_m'])) {
$year = $data['bday_y'] != '' ? $data['bday_y'] : date('Y');
$mdays = $this->EE->localize->fetch_days_in_month($data['bday_m'], $year);
if ($data['bday_d'] > $mdays) {
$data['bday_d'] = $mdays;
}
}
// Optional Fields
$optional = array('bio' => 'bio', 'language' => 'deft_lang', 'timezone' => 'server_timezone', 'time_format' => 'time_format');
foreach ($optional as $key => $value) {
if (isset($_POST[$value])) {
$data[$key] = $_POST[$value];
}
}
/*
if ($this->EE->input->post('daylight_savings') == 'y') {
$data['daylight_savings'] = 'y';
}
elseif ($this->EE->input->post('daylight_savings') == 'n') {
$data['daylight_savings'] = 'n';
}
*/
// We generate an authorization code if the member needs to self-activate
if ($this->EE->config->item('req_mbr_activation') == 'email') {
$data['authcode'] = $this->EE->functions->random('alnum', 10);
}
/** -------------------------------------
/** Insert basic member data
/** -------------------------------------*/
$this->EE->db->query($this->EE->db->insert_string('exp_members', $data));
$member_id = $this->EE->db->insert_id();
// =============================================
// = Override the screenname for use in emails =
// =============================================
$screen_name_overriden = $this->get_override_screen_name();
$data['screen_name'] = $screen_name_overriden !== FALSE ? $screen_name_overriden : $data['screen_name'];
// =========================================================================================
// = Store the selected membergroup if it is defined in the form AND activation is required =
// ==========================================================================================
if (isset($selected_group_id) and is_numeric($selected_group_id) and $selected_group_id != '1') {
if ($this->EE->config->item('req_mbr_activation') == 'email' || $this->EE->config->item('req_mbr_activation') == 'manual') {
$activation_data = array();
$activation_data['member_id'] = $member_id;
$activation_data['group_id'] = $selected_group_id;
$this->EE->db->insert('zoo_visitor_activation_membergroup', $activation_data);
}
}
// =====================
// = HASH THE PASSWORD =
// =====================
$this->EE->load->library('auth');
$hashed_pair = $this->EE->auth->hash_password($_POST['password']);
if ($hashed_pair === FALSE) {
} else {
$this->EE->db->where('member_id', (int) $member_id);
$this->EE->db->update('members', $hashed_pair);
}
/** -------------------------------------
/** Insert custom fields
/** -------------------------------------*/
$cust_fields['member_id'] = $member_id;
$this->EE->db->query($this->EE->db->insert_string('exp_member_data', $cust_fields));
/** -------------------------------------
/** Create a record in the member homepage table
/** -------------------------------------*/
// This is only necessary if the user gains CP access, but we'll add the record anyway.
$this->EE->db->query($this->EE->db->insert_string('exp_member_homepage', array('member_id' => $member_id)));
/** -------------------------------------
/** Mailinglist Subscribe
/** -------------------------------------*/
$mailinglist_subscribe = FALSE;
if (isset($_POST['mailinglist_subscribe']) && is_numeric($_POST['mailinglist_subscribe'])) {
// Kill duplicate emails from authorizatin queue.
$this->EE->db->query("DELETE FROM exp_mailing_list_queue WHERE email = '" . $this->EE->db->escape_str($_POST['email']) . "'");
// Validate Mailing List ID
$query = $this->EE->db->query("SELECT COUNT(*) AS count\n\t\t\t\t\t\t\t\t FROM exp_mailing_lists\n\t\t\t\t\t\t\t\t WHERE list_id = '" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "'");
// Email Not Already in Mailing List
$results = $this->EE->db->query("SELECT count(*) AS count\n\t\t\t\t\t\t\t\t\tFROM exp_mailing_list\n\t\t\t\t\t\t\t\t\tWHERE email = '" . $this->EE->db->escape_str($_POST['email']) . "'\n\t\t\t\t\t\t\t\t\tAND list_id = '" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "'");
/** -------------------------------------
/** INSERT Email
/** -------------------------------------*/
if ($query->row('count') > 0 && $results->row('count') == 0) {
$mailinglist_subscribe = TRUE;
$code = $this->EE->functions->random('alnum', 10);
if ($this->EE->config->item('req_mbr_activation') == 'email') {
// Activated When Membership Activated
$this->EE->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)\n\t\t\t\t\t\t\t\tVALUES ('" . $this->EE->db->escape_str($_POST['email']) . "', '" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . time() . "')");
} elseif ($this->EE->config->item('req_mbr_activation') == 'manual') {
// Mailing List Subscribe Email
$this->EE->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)\n\t\t\t\t\t\t\t\tVALUES ('" . $this->EE->db->escape_str($_POST['email']) . "', '" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . time() . "')");
$this->EE->lang->loadfile('mailinglist');
$action_id = $this->EE->functions->fetch_action_id('Mailinglist', 'authorize_email');
$swap = array('activation_url' => $this->EE->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&id=' . $code, 'site_name' => stripslashes($this->EE->config->item('site_name')), 'site_url' => $this->EE->config->item('site_url'));
$template = $this->EE->functions->fetch_email_template('mailinglist_activation_instructions');
$email_tit = $this->EE->functions->var_swap($template['title'], $swap);
$email_msg = $this->EE->functions->var_swap($template['data'], $swap);
/** ----------------------------
/** Send email
/** ----------------------------*/
$this->EE->load->library('email');
$this->EE->email->wordwrap = true;
$this->EE->email->mailtype = 'plain';
$this->EE->email->priority = '3';
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($_POST['email']);
$this->EE->email->subject($email_tit);
$this->EE->email->message($email_msg);
$this->EE->email->send();
} else {
// Automatically Accepted
$this->EE->db->query("INSERT INTO exp_mailing_list (list_id, authcode, email, ip_address)\n\t\t\t\t\t\t\t\t\t\t VALUES ('" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . $this->EE->db->escape_str($_POST['email']) . "', '" . $this->EE->db->escape_str($this->EE->input->ip_address()) . "')");
}
}
}
/** -------------------------------------
/** Update
/** -------------------------------------*/
if ($this->EE->config->item('req_mbr_activation') == 'none') {
$this->EE->stats->update_member_stats();
}
/** -------------------------------------
/** Send admin notifications
/** -------------------------------------*/
if ($this->EE->config->item('new_member_notification') == 'y' and $this->EE->config->item('mbr_notification_emails') != '') {
$name = $data['screen_name'] != '' ? $data['screen_name'] : $data['username'];
$swap = array('name' => $name, 'site_name' => stripslashes($this->EE->config->item('site_name')), 'control_panel_url' => $this->EE->config->item('cp_url'), 'username' => $data['username'], 'email' => $data['email']);
$template = $this->EE->functions->fetch_email_template('admin_notify_reg');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
$this->EE->load->helper('string');
// Remove multiple commas
$notify_address = reduce_multiples($this->EE->config->item('mbr_notification_emails'), ',', TRUE);
/** ----------------------------
/** Send email
/** ----------------------------*/
// Load the text helper
$this->EE->load->helper('text');
$this->EE->load->library('email');
$this->EE->email->wordwrap = true;
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($notify_address);
$this->EE->email->subject($email_tit);
$this->EE->email->message(entities_to_ascii($email_msg));
$this->EE->email->Send();
}
// -------------------------------------------
// 'member_member_register' hook.
// - Additional processing when a member is created through the User Side
// - $member_id added in 2.0.1
//
$edata = $this->EE->extensions->call('member_member_register', $data, $member_id);
if ($this->EE->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
/** -------------------------------------
/** Zoo Visitor assignment
/** -------------------------------------*/
$member_data = $data;
$member_data["member_id"] = $member_id;
/** -------------------------------------
/** Send user notifications
/** -------------------------------------*/
if ($this->EE->config->item('req_mbr_activation') == 'email') {
$action_id = $this->EE->functions->fetch_action_id('Member', 'activate_member');
$name = $data['screen_name'] != '' ? $data['screen_name'] : $data['username'];
$board_id = $this->EE->input->get_post('board_id') !== FALSE && is_numeric($this->EE->input->get_post('board_id')) ? $this->EE->input->get_post('board_id') : 1;
$forum_id = $this->EE->input->get_post('FROM') == 'forum' ? '&r=f&board_id=' . $board_id : '';
$add = $mailinglist_subscribe !== TRUE ? '' : '&mailinglist=' . $_POST['mailinglist_subscribe'];
$swap = array('name' => $name, 'activation_url' => $this->EE->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&id=' . $data['authcode'] . $forum_id . $add, 'site_name' => stripslashes($this->EE->config->item('site_name')), 'site_url' => $this->EE->config->item('site_url'), 'username' => $data['username'], 'email' => $data['email']);
$template = $this->EE->functions->fetch_email_template('mbr_activation_instructions');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
/** ----------------------------
/** Send email
/** ----------------------------*/
// Load the text helper
$this->EE->load->helper('text');
$this->EE->load->library('email');
$this->EE->email->wordwrap = true;
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($data['email']);
$this->EE->email->subject($email_tit);
$this->EE->email->message(entities_to_ascii($email_msg));
$this->EE->email->Send();
$message = $this->EE->lang->line('mbr_membership_instructions_email');
} elseif ($this->EE->config->item('req_mbr_activation') == 'manual') {
$message = $this->EE->lang->line('mbr_admin_will_activate');
} else {
/** ----------------------------------------
/** Log user is handled at the end of the extension
/** ----------------------------------------*/
}
/** ----------------------------------------
/** Build the message
/** ----------------------------------------*/
if ($this->EE->input->get_post('FROM') == 'forum') {
if ($this->EE->input->get_post('board_id') !== FALSE && is_numeric($this->EE->input->get_post('board_id'))) {
$query = $this->EE->db->query("SELECT board_forum_url, board_id, board_label FROM exp_forum_boards WHERE board_id = '" . $this->EE->db->escape_str($this->EE->input->get_post('board_id')) . "'");
} else {
$query = $this->EE->db->query("SELECT board_forum_url, board_id, board_label FROM exp_forum_boards WHERE board_id = '1'");
}
$site_name = $query->row('board_label');
$return = $query->row('board_forum_url');
} else {
$site_name = $this->EE->config->item('site_name') == '' ? $this->EE->lang->line('back') : stripslashes($this->EE->config->item('site_name'));
$return = $this->EE->config->item('site_url');
}
$data = array('title' => $this->EE->lang->line('mbr_registration_complete'), 'heading' => $this->EE->lang->line('thank_you'), 'content' => $this->EE->lang->line('mbr_registration_completed'), 'redirect' => '', 'link' => array($return, $site_name), 'result' => 'registration_complete', 'member_data' => $member_data);
//$this->EE->output->show_message($data);
return $data;
}
function cp_welcome_email_send($member_id) {
$this->EE =& get_instance();
$this->EE->load->library('email');
$this->EE->load->helper('text');
$password_string = "abcdefghijklmnopqrstuvwxyz1234567890";
$password = "";
for($i=0; $i<8; $i++) {
$password .= $password_string[ rand(0, strlen($password_string)-1) ];
}
$message = $this->settings["welcome_email_body"];
$from = $this->settings["welcome_email_from"];
$subject = $this->settings["welcome_email_subject"];
$subject = str_replace("{site_name}", $this->EE->config->item('site_name'), $subject);
$query = $this->EE->db->query("SELECT username, screen_name, email from exp_members WHERE member_id = " . $member_id);
$message = str_replace("{password}", $password, $message);
$message = str_replace("{username}", $query->row("username"), $message);
$message = str_replace("{name}", $query->row("screen_name"), $message);
$message = str_replace("{site_name}", $this->EE->config->item('site_name'), $message);
$message = str_replace("{site_url}", $this->EE->config->item('site_url'), $message);
$this->EE->db->query("UPDATE exp_members SET password = SHA('". $password . "') WHERE member_id = " . $member_id);
$to = $query->row("email");
$this->EE->email->wordwrap = false;
$this->EE->email->mailtype = 'text';
$this->EE->email->from( $from );
$this->EE->email->to( $to );
if ($this->settings["welcome_email_bcc"]=="yes") {
$this->EE->email->bcc( $this->EE->config->item('webmaster_email') );
}
$this->EE->email->subject( $subject );
$this->EE->email->message(entities_to_ascii( $message ));
$this->EE->email->Send();
}
/**
* Delete Member Account Processing
*
* @access public
* @return string
*/
public function delete_account()
{
/** ----------------------------------------
/** Authorization Check
/** ----------------------------------------*/
if ($this->_param('member_id') == FALSE or !ctype_digit($this->_param('member_id')) or !isset($_POST['ACT'])) {
return $this->_output_error('general', array(ee()->lang->line('not_authorized')));
}
if (ee()->session->userdata['member_id'] == 0) {
return $this->_output_error('general', ee()->lang->line('not_authorized'));
}
// If not deleting yourself, you must be a SuperAdmin or have Delete Member permissions
// If deleting yourself, you must have permission to do so.
if ($this->_param('member_id') != ee()->session->userdata['member_id']) {
if (ee()->session->userdata['group_id'] != 1 and ee()->session->userdata['can_delete_members'] != 'y') {
return $this->_output_error('general', ee()->lang->line('not_authorized'));
}
} elseif (ee()->session->userdata['can_delete_self'] !== 'y') {
return $this->_output_error('general', ee()->lang->line('not_authorized'));
}
$admin = ee()->session->userdata['member_id'] != $this->_param('member_id') ? TRUE : FALSE;
/** --------------------------------------------
/** Member Data
/** --------------------------------------------*/
$query = ee()->db->query("SELECT m.*,\n\t\t\t\t\tmg.mbr_delete_notify_emails\n\t\t\t FROM \texp_members AS m, \n\t\t\t\t\texp_member_groups AS mg\n\t\t\t WHERE \tm.member_id = '" . ee()->db->escape_str($this->_param('member_id')) . "'\n\t\t\t AND \tm.group_id = mg.group_id");
if ($query->num_rows() == 0) {
return $this->_output_error('general', ee()->lang->line('not_authorized'));
}
/** -------------------------------------
/** One cannot delete a SuperAdmin from the User side. Sorry...
/** -------------------------------------*/
if ($query->row('group_id') == 1) {
return $this->_output_error('general', ee()->lang->line('cannot_delete_super_admin'));
}
/** --------------------------------------------
/** Variables!
/** --------------------------------------------*/
$id = $query->row('member_id');
$check_password = $query->row('password');
$mbr_delete_notify_emails = $query->row('mbr_delete_notify_emails');
$screen_name = $query->row('screen_name');
$email = $query->row('email');
/** ----------------------------------------
/** Is IP and User Agent required for login? Then, same here.
/** ----------------------------------------*/
if (ee()->config->item('require_ip_for_login') == 'y') {
if (ee()->session->userdata['ip_address'] == '' or ee()->session->userdata['user_agent'] == '') {
return $this->_output_error('general', ee()->lang->line('unauthorized_request'));
}
}
/** ----------------------------------------
/** Check password lockout status
/** ----------------------------------------*/
if (ee()->session->check_password_lockout() === TRUE) {
return $this->_output_error('general', str_replace("%x", ee()->config->item('password_lockout_interval'), ee()->lang->line('password_lockout_in_effect')));
}
/* -------------------------------------
/* If deleting self, you must submit your password.
/* If SuperAdmin deleting another, must submit your password
/* -------------------------------------*/
if (APP_VER >= '2.2.0') {
$check_salt = $query->row('salt');
}
// Fetch the SAs password instead as they are the one doing the deleting
if (ee()->session->userdata['member_id'] != $this->_param('member_id')) {
$squery = ee()->db->query("SELECT password" . (APP_VER < '2.2.0' ? '' : ', salt') . " \n\t\t\t\t FROM \texp_members \n\t\t\t\t WHERE \tmember_id = '" . ee()->db->escape_str(ee()->session->userdata['member_id']) . "'");
$check_password = $squery->row('password');
if (APP_VER >= '2.2.0') {
$check_salt = $squery->row('salt');
}
unset($squery);
}
if (APP_VER < '2.2.0') {
$password = ee()->functions->hash(stripslashes(ee()->input->post('password')));
if ($check_password != $password) {
ee()->session->save_password_lockout();
return $this->_output_error('general', ee()->lang->line('invalid_pw'));
}
} else {
ee()->load->library('auth');
$passwd = ee()->auth->hash_password(stripslashes(ee()->input->post('password')), $check_salt);
if (!isset($passwd['salt']) or $passwd['password'] != $check_password) {
ee()->session->save_password_lockout();
return $this->_output_error('general', ee()->lang->line('invalid_pw'));
}
}
// --------------------------------------------
// EE 2.4 Added a Member Model for Deleting That Works Rather Well
// --------------------------------------------
if (APP_VER >= '2.4.0') {
ee()->load->model('member_model');
ee()->member_model->delete_member($id);
} else {
/** -------------------------------------
/** No turning back, get to deletin'!
/** -------------------------------------*/
ee()->db->query("DELETE FROM exp_members WHERE member_id = '{$id}'");
ee()->db->query("DELETE FROM exp_member_data WHERE member_id = '{$id}'");
ee()->db->query("DELETE FROM exp_member_homepage WHERE member_id = '{$id}'");
$message_query = ee()->db->query("SELECT DISTINCT \trecipient_id \n\t\t\t\t FROM \t\t\t\texp_message_copies \n\t\t\t\t WHERE \t\t\t\tsender_id = '{$id}' \n\t\t\t\t AND \t\t\t\tmessage_read = 'n'");
ee()->db->query("DELETE FROM exp_message_copies WHERE sender_id = '{$id}'");
ee()->db->query("DELETE FROM exp_message_data WHERE sender_id = '{$id}'");
ee()->db->query("DELETE FROM exp_message_folders WHERE member_id = '{$id}'");
ee()->db->query("DELETE FROM exp_message_listed WHERE member_id = '{$id}'");
if ($message_query->num_rows() > 0) {
foreach ($message_query->result_array() as $row) {
$count_query = ee()->db->query("SELECT COUNT(*) AS count \n\t\t\t\t\t\t FROM \texp_message_copies \n\t\t\t\t\t\t WHERE \trecipient_id = '" . $row['recipient_id'] . "' AND message_read = 'n'");
ee()->db->query(ee()->db->update_string('exp_members', array('private_messages' => $count_query->row('count')), array('member_id' => $row['recipient_id'])));
}
}
/** -------------------------------------
/** Delete Forum Posts
/** -------------------------------------*/
if (ee()->config->item('forum_is_installed') == "y") {
ee()->db->query("DELETE FROM exp_forum_subscriptions WHERE member_id = '{$id}'");
ee()->db->query("DELETE FROM exp_forum_pollvotes WHERE member_id = '{$id}'");
ee()->db->query("DELETE FROM exp_forum_topics WHERE author_id = '{$id}'");
// Snag the affected topic id's before deleting the member for the update afterwards
$query = ee()->db->query("SELECT topic_id FROM exp_forum_posts WHERE author_id = '{$id}'");
if ($query->num_rows() > 0) {
$topic_ids = array();
foreach ($query->result_array() as $row) {
$topic_ids[] = $row['topic_id'];
}
$topic_ids = array_unique($topic_ids);
}
ee()->db->query("DELETE FROM exp_forum_posts WHERE author_id = '{$id}'");
ee()->db->query("DELETE FROM exp_forum_polls WHERE author_id = '{$id}'");
// Update the forum stats
$query = ee()->db->query("SELECT forum_id FROM exp_forums WHERE forum_is_cat = 'n'");
if (!class_exists('Forum')) {
require PATH_MOD . 'forum/mod.forum' . EXT;
require PATH_MOD . 'forum/mod.forum_core' . EXT;
}
$FRM = new Forum_Core();
foreach ($query->result_array() as $row) {
$FRM->_update_post_stats($row['forum_id']);
}
if (isset($topic_ids)) {
foreach ($topic_ids as $topic_id) {
$FRM->_update_topic_stats($topic_id);
}
}
}
/** -------------------------------------
/** Va-poo-rize Weblog Entries and Comments
/** -------------------------------------*/
$entry_ids = array();
$channel_ids = array();
$recount_ids = array();
// Find Entry IDs and Channel IDs, then DELETE! DELETE, WHA HA HA HA!!
if (APP_VER < 2.0) {
$query = ee()->db->query("SELECT entry_id, weblog_id AS channel_id FROM exp_weblog_titles WHERE author_id = '{$id}'");
} else {
$query = ee()->db->query("SELECT entry_id, channel_id FROM exp_channel_titles WHERE author_id = '{$id}'");
}
if ($query->num_rows() > 0) {
foreach ($query->result_array() as $row) {
$entry_ids[] = $row['entry_id'];
$channel_ids[] = $row['channel_id'];
}
if (APP_VER < 2.0) {
ee()->db->query("DELETE FROM exp_weblog_titles WHERE author_id = '{$id}'");
ee()->db->query("DELETE FROM exp_weblog_data WHERE entry_id IN ('" . implode("','", $entry_ids) . "')");
} else {
ee()->db->query("DELETE FROM exp_channel_titles WHERE author_id = '{$id}'");
ee()->db->query("DELETE FROM exp_channel_data WHERE entry_id IN ('" . implode("','", $entry_ids) . "')");
}
ee()->db->query("DELETE FROM exp_comments WHERE entry_id IN ('" . implode("','", $entry_ids) . "')");
ee()->db->query("DELETE FROM exp_trackbacks WHERE entry_id IN ('" . implode("','", $entry_ids) . "')");
}
// Find the affected entries AND channel ids for author's comments
if (APP_VER < 2.0) {
$query = ee()->db->query("SELECT DISTINCT(entry_id), weblog_id AS channel_id FROM exp_comments WHERE author_id = '{$id}'");
} else {
$query = ee()->db->query("SELECT DISTINCT(entry_id), channel_id FROM exp_comments WHERE author_id = '{$id}'");
}
if ($query->num_rows() > 0) {
foreach ($query->result_array() as $row) {
$recount_ids[] = $row['entry_id'];
$channel_ids[] = $row['channel_id'];
}
$recount_ids = array_diff($recount_ids, $entry_ids);
}
// Delete comments by member
ee()->db->query("DELETE FROM exp_comments WHERE author_id = '{$id}'");
$this->EE->stats->update_member_stats();
// Update stats on channel entries that were NOT deleted AND had comments by author
if (count($recount_ids) > 0) {
foreach (array_unique($recount_ids) as $entry_id) {
$query = ee()->db->query("SELECT MAX(comment_date) AS max_date FROM exp_comments WHERE status = 'o' AND entry_id = '" . ee()->db->escape_str($entry_id) . "'");
$comment_date = ($query->num_rows() == 0 or !is_numeric($query->row('max_date'))) ? 0 : $query->row('max_date');
$query = ee()->db->query("SELECT COUNT(*) AS count FROM exp_comments WHERE entry_id = '{$entry_id}' AND status = 'o'");
if (APP_VER < 2.0) {
ee()->db->query("UPDATE exp_weblog_titles SET\tcomment_total = '" . ee()->db->escape_str($query->row('count')) . "', \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\trecent_comment_date = '{$comment_date}' WHERE entry_id = '{$entry_id}'");
} else {
ee()->db->query("UPDATE exp_channel_titles SET comment_total = '" . ee()->db->escape_str($query->row('count')) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\trecent_comment_date = '{$comment_date}' WHERE entry_id = '{$entry_id}'");
}
}
}
foreach (array_unique($channel_ids) as $channel_id) {
if (APP_VER < 2.0) {
ee()->stats->update_weblog_stats($channel_id);
} else {
ee()->stats->update_channel_stats($channel_id);
}
ee()->stats->update_comment_stats($channel_id);
}
}
// END conditional for EE versions below EE 2.4.0
/** -------------------------------------
/** Email notification recipients
/** -------------------------------------*/
if ($mbr_delete_notify_emails != '') {
$notify_address = $mbr_delete_notify_emails;
$swap = array('name' => $screen_name, 'email' => $email, 'site_name' => stripslashes(ee()->config->item('site_name')));
$email_tit = ee()->functions->var_swap(ee()->lang->line('mbr_delete_notify_title'), $swap);
$email_msg = ee()->functions->var_swap(ee()->lang->line('mbr_delete_notify_message'), $swap);
// No notification for the user themselves, if they're in the list
if (stristr($notify_address, $email)) {
$notify_address = str_replace($email, "", $notify_address);
}
ee()->load->helper('string');
$notify_address = reduce_multiples($notify_address, ',', TRUE);
if ($notify_address != '') {
/** ----------------------------
/** Send email
/** ----------------------------*/
ee()->load->library('email');
ee()->load->helper('text');
foreach (explode(',', $notify_address) as $addy) {
ee()->email->initialize();
ee()->email->wordwrap = false;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($addy);
ee()->email->reply_to(ee()->config->item('webmaster_email'));
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->Send();
}
}
}
/** -------------------------------------
/** Trash the Session and cookies
/** -------------------------------------*/
ee()->db->query("DELETE FROM exp_online_users \n\t\t\t\t\t\t WHERE site_id = '" . ee()->db->escape_str(ee()->config->item('site_id')) . "' \n\t\t\t\t\t\t AND ip_address = '{ee()->input->ip_address()}' \n\t\t\t\t\t\t AND member_id = '{$id}'");
ee()->db->query("DELETE FROM exp_sessions WHERE member_id = '" . $id . "'");
if ($admin === FALSE) {
if (APP_VER < '2.2.0') {
ee()->functions->set_cookie(ee()->session->c_password);
}
ee()->functions->set_cookie(ee()->session->c_session);
ee()->functions->set_cookie(ee()->session->c_expire);
ee()->functions->set_cookie(ee()->session->c_anon);
ee()->functions->set_cookie('read_topics');
ee()->functions->set_cookie('tracker');
}
if (ee()->extensions->active_hook('user_delete_account_end') === TRUE) {
$edata = ee()->extensions->universal_call('user_delete_account_end', $this);
if (ee()->extensions->end_script === TRUE) {
return;
}
}
/** ----------------------------------------
/** Override Return
/** ----------------------------------------*/
if ($this->_param('override_return') !== FALSE and $this->_param('override_return') != '' && $this->is_ajax_request() === FALSE) {
ee()->functions->redirect($this->_param('override_return'));
exit;
}
/** ----------------------------------------
/** Set return
/** ----------------------------------------*/
if (ee()->input->get_post('return') !== FALSE and ee()->input->get_post('return') != '') {
$return = ee()->input->get_post('return');
} elseif (ee()->input->get_post('RET') !== FALSE and ee()->input->get_post('RET') != '') {
$return = ee()->input->get_post('RET');
} else {
$return = ee()->config->item('site_url');
}
if (preg_match("/" . LD . "\\s*path=(.*?)" . RD . "/", $return, $match)) {
$return = ee()->functions->create_url($match['1']);
}
/** ----------------------------------------
/** Return
/** ----------------------------------------*/
$return = $this->_chars_decode($return);
// --------------------------------------------
// AJAX Response
// --------------------------------------------
if ($this->is_ajax_request()) {
$this->send_ajax_response(array('success' => TRUE, 'heading' => lang('user_successful_submission'), 'message' => lang('mbr_account_deleted'), 'content' => lang('mbr_account_deleted')));
}
/** -------------------------------------
/** Build Success Message
/** -------------------------------------*/
$name = stripslashes(ee()->config->item('site_name'));
$data = array('title' => ee()->lang->line('mbr_delete'), 'heading' => ee()->lang->line('thank_you'), 'content' => ee()->lang->line('mbr_account_deleted'), 'redirect' => $return);
ee()->output->show_message($data);
}
function upload_asset()
{
$settings = $this->_fetch_settings();
$this->EE->load->library('form_validation');
$this->EE->form_validation->set_error_delimiters('<p class="notice">', '</p>');
$this->EE->form_validation->set_rules('title', 'Title', 'required');
if ($this->EE->input->post("id") !== FALSE) {
// Update an existing asset
if ($this->EE->form_validation->run() === FALSE) {
return $this->asset($this->EE->input->post("id"));
}
// todo: check whether we are replacing the asset with a new one
$data = array("title" => $this->EE->input->post("title"), "keywords" => $this->EE->input->post("keywords"), "description" => $this->EE->input->post("description"));
$this->EE->db->where('id', $this->EE->input->post("id"));
$this->EE->db->update('exp_ajw_client_downloads_asset', $data);
$asset_id = $this->EE->input->post("id");
// Get existing folders
$this->EE->db->select("folder_id");
$this->EE->db->where("asset_id", $this->EE->input->post("id"));
$query = $this->EE->db->get("exp_ajw_client_downloads_folder_assets");
$existing = array();
foreach ($query->result_array() as $row) {
$existing[] = $row["folder_id"];
}
if ($this->EE->input->post('folders') !== FALSE) {
$folders = $this->EE->input->post('folders');
} else {
$folders = array();
}
$delete = array_diff($existing, $folders);
$insert = array_diff($folders, $existing);
$update = array_intersect($folders, $existing);
// Add new folders
foreach ($insert as $folder_id) {
$data = array("site_id" => $this->EE->config->item('site_id'), "folder_id" => $folder_id, "asset_id" => $asset_id, "created" => $this->EE->localize->now);
$this->EE->db->insert('exp_ajw_client_downloads_folder_assets', $data);
}
// Remove old folders
if (count($delete)) {
$this->EE->db->where("site_id", $this->EE->config->item('site_id'));
$this->EE->db->where("asset_id", $asset_id);
$this->EE->db->where_in("folder_id", $delete);
$this->EE->db->delete("exp_ajw_client_downloads_folder_assets");
}
$this->EE->functions->redirect($this->base . AMP . "method=assets");
} else {
// Add a new asset
// $this->EE->form_validation->set_rules('file_upload', 'File', 'callback__file_uploaded');
if ($this->EE->form_validation->run() === FALSE) {
return $this->asset($this->EE->input->post("id"));
}
// Fetch the file
if (isset($_FILES["file_upload"]) && $_FILES["file_upload"]["name"] != "") {
// Do file upload
$config['upload_path'] = $settings["basepath"];
$config['allowed_types'] = '*';
$this->EE->load->library('upload', $config);
if (!$this->EE->upload->do_upload("file_upload")) {
// todo: handle this error properly
print_r($this->EE->upload->display_errors());
exit;
} else {
$upload = $this->EE->upload->data();
$data = array("site_id" => $this->EE->config->item('site_id'), "title" => $this->EE->input->post("title"), "keywords" => $this->EE->input->post("keywords"), "description" => $this->EE->input->post("description"), "path" => $upload["file_name"], "created" => $this->EE->localize->now);
}
} elseif ($this->EE->input->post("file") !== FALSE) {
// Move file from temporary folder
$target_path = $this->settings["basepath"] . $this->EE->input->post("file");
rename($this->settings["temp_path"] . $this->EE->input->post("file"), $target_path);
$data = array("site_id" => $this->EE->config->item('site_id'), "title" => $this->EE->input->post("title"), "keywords" => $this->EE->input->post("keywords"), "description" => $this->EE->input->post("description"), "path" => $this->EE->input->post("file"), "created" => $this->EE->localize->now);
}
$this->EE->db->insert('exp_ajw_client_downloads_asset', $data);
$asset_id = $this->EE->db->insert_id();
if ($this->EE->input->post('folders') !== FALSE) {
foreach ($this->EE->input->post('folders') as $folder_id) {
$data = array("site_id" => $this->EE->config->item('site_id'), "folder_id" => $folder_id, "asset_id" => $asset_id, "created" => $this->EE->localize->now);
$this->EE->db->insert('exp_ajw_client_downloads_folder_assets', $data);
}
}
// Send email notification to all members assigned to this folder
if ($this->EE->input->post("notify_upload") == "y" && $this->settings["new_asset_email_body"] != "") {
$this->EE->db->distinct();
$this->EE->db->select("email");
$this->EE->db->from("exp_ajw_client_downloads_asset");
$this->EE->db->join("exp_ajw_client_downloads_folder_assets", "exp_ajw_client_downloads_asset.id = exp_ajw_client_downloads_folder_assets.asset_id");
$this->EE->db->join("exp_ajw_client_downloads_users", " exp_ajw_client_downloads_folder_assets.folder_id = exp_ajw_client_downloads_users.folder_id");
$this->EE->db->join("exp_members", "exp_ajw_client_downloads_users.member_id = exp_members.member_id");
$this->EE->db->where("exp_ajw_client_downloads_asset.id", $asset_id);
$query = $this->EE->db->get();
$this->EE->load->library('email');
$this->EE->load->helper('text');
$this->EE->email->wordwrap = true;
$this->EE->email->mailtype = 'text';
$message = $this->settings["new_asset_email_body"];
// todo: any more variables?
$message = str_replace('{title}', $this->EE->input->post("title"), $message);
foreach ($query->result_array() as $row) {
$recipient = $row["email"];
$this->EE->email->initialize();
if (preg_match('/(.*)\\<(.*)\\>/', $this->settings["new_asset_email_from"], $match)) {
$this->EE->email->from(trim($match[2]), trim($match[1]));
} else {
$this->EE->email->from($this->settings["new_asset_email_from"]);
}
$this->EE->email->to($recipient);
$this->EE->email->subject($this->settings["new_asset_email_subject"]);
$this->EE->email->message(entities_to_ascii($message));
$this->EE->email->Send();
}
}
$this->EE->functions->redirect($this->base . AMP . "method=assets");
}
}
/**
* send notification
*
* @access public
* @param array options for the notifications
* @return bool user is flagged
*/
public function send_notification($options = array())
{
// -------------------------------------
// defaults
// -------------------------------------
$defaults = array('form_id' => 0, 'entry_id' => 0, 'notification_type' => FALSE, 'template' => 0, 'recipients' => array(), 'form_input_data' => array(), 'extra_message' => '', 'from_name' => ee()->config->item('webmaster_name'), 'from_email' => ee()->config->item('webmaster_email'), 'reply_to_name' => '', 'reply_to_email' => '', 'cc_recipients' => array(), 'bcc_recipients' => array(), 'include_attachments' => '', 'enable_spam_log' => TRUE);
$options = array_merge($defaults, $options);
//make local keys, but only from defaults
//no funny business
foreach ($defaults as $key => $value) {
${$key} = isset($options[$key]) ? $options[$key] : $value;
}
$form_data = $this->data->get_form_info($form_id);
//checkity check
if (!$form_data or !$this->is_positive_intlike($entry_id) or !$notification_type or !is_array($form_input_data) or empty($form_input_data) or !valid_email($from_email)) {
return FALSE;
}
// -------------------------------------
// validate recipients
// -------------------------------------
if (is_string($recipients)) {
$recipients = str_replace('|', ' , ', $recipients);
}
$recipients = $this->validate_emails($recipients);
$recipients = $recipients['good'];
if ($notification_type == 'admin' and empty($recipients)) {
$recipients = array(ee()->config->item('webmaster_email'));
}
if (empty($recipients)) {
return FALSE;
}
// -------------------------------------
// validate cc/bcc (non-critical)
// -------------------------------------
if ($cc_recipients) {
$cc_recipients = $this->validate_emails(str_replace('|', ' , ', (string) $cc_recipients));
$cc_recipients = $cc_recipients['good'];
}
if ($bcc_recipients) {
$bcc_recipients = $this->validate_emails(str_replace('|', ' , ', (string) $bcc_recipients));
$bcc_recipients = $bcc_recipients['good'];
}
// -------------------------------------
// prep libs (don't want to load these
// before validation in case we bail)
// -------------------------------------
//just in case someone else didn't clean up their mess
ee()->email->clear(TRUE);
// -------------------------------------
// get notification template
// -------------------------------------
$template_id = $template;
if (empty($template_id)) {
if ($notification_type == 'admin') {
$template_id = $form_data['admin_notification_id'];
} else {
if ($notification_type == 'user') {
$template_id = $form_data['user_notification_id'];
}
}
}
$template_data = '';
if (empty($template_id)) {
$template_data = $this->default_notification_template();
} else {
//if its not an int, check it as name
$on_column = $this->is_positive_intlike($template_id) ? 'notification_id' : 'notification_name';
ee()->load->model('freeform_notification_model');
$t_query = ee()->freeform_notification_model->get_row(array($on_column => $template_id));
if ($t_query !== FALSE) {
$template_data = $t_query;
} else {
$template_data = $this->default_notification_template();
}
}
if (!valid_email($reply_to_email)) {
if (!empty($template_data['reply_to_email'])) {
$reply_to_email = $template_data['reply_to_email'];
} else {
$reply_to_email = '';
}
}
if (empty($reply_to_name)) {
$reply_to_name = $reply_to_email;
}
// -------------------------------------
// attachments?
// -------------------------------------
if (!isset($include_attachments) or $include_attachments == '') {
$include_attachments = ($template_data['include_attachments'] and $this->check_yes($template_data['include_attachments']));
}
// -------------------------------------
// validate $from_name
// -------------------------------------
$from_name = $template_data['from_name'] ? $template_data['from_name'] : $from_name;
$from_email = $template_data['from_email'] ? $template_data['from_email'] : $from_email;
//----------------------------------------
// prep variables for field parsing
//----------------------------------------
$this->subject = $template_data['email_subject'];
$this->message = $template_data['template_data'];
$this->email =& ee()->email;
$this->all_form_fields = array();
$this->all_form_fields_string = array();
$this->fields = array();
$this->wordwrap = $this->check_yes($template_data['wordwrap']);
$this->mailtype = $this->check_yes($template_data['allow_html']) ? 'html' : 'text';
//we need some custom vars from form data and all of the fields
$this->variables = array_merge(array('form_name' => $form_data['form_name'], 'form_label' => $form_data['form_label'], 'form_id' => $form_data['form_id'], 'freeform_entry_id' => $entry_id, 'entry_date' => time(), 'attachments' => array(), 'attachment_count' => 0));
$this->field_inputs = $form_input_data;
$this->field_outputs = array();
// -------------------------------------
// get instance of field and parse
// -------------------------------------
foreach ($form_data['fields'] as $field_id => $field_data) {
//if this is a composer form, and the field is not a
//member of the form, continue out
if (!empty($form_data['composer_field_ids']) and !in_array($field_id, $form_data['composer_field_ids'])) {
continue;
}
//get class instance of field
$instance =& ee()->freeform_fields->get_fieldtype_instance($field_data['field_type']);
$instance->form_id = $form_id;
$instance->entry_id = $entry_id;
$instance->field_id = $field_id;
$instance->field_name = $field_data['field_name'];
$i_settings = json_decode($field_data['settings'], TRUE);
$instance->settings = array_merge(is_array($i_settings) ? $i_settings : array(), array('entry_id' => $entry_id));
$output_data = $instance->display_email_data(isset($this->field_inputs[$field_data['field_name']]) ? $this->field_inputs[$field_data['field_name']] : '', $this);
if (!is_string($output_data)) {
if (is_array($output_data)) {
$output_data = implode("\n", $output_data);
} else {
$output_data = (string) $output_data;
}
}
if ($this->mailtype == 'html') {
$output_data = str_replace("\n", '<br/>', $output_data);
}
//fully builds out all fields for auto setup
$this->all_form_fields_string[] = $field_data['field_label'] . ': ' . $output_data;
$this->all_form_fields[] = array('field_label' => $field_data['field_label'], 'field_type' => $field_data['field_type'], 'field_data' => $output_data);
$this->field_outputs[$field_data['field_name']] = $output_data;
//for legacy hooks
$this->fields[$field_data['field_name']] = $field_data['field_label'];
}
//END foreach ($form_data['fields']...
// -------------------------------------
// include attachments?
// some addons might have inlcluded attachments
// -------------------------------------
if (!$include_attachments) {
//this is going to clear any attachments
//that any of these fields have had privy to add
ee()->email->clear(TRUE);
$this->variables['attachment_count'] = 0;
} else {
if ($this->variables['attachment_count'] > 0) {
//add final attachment count to all form fields
array_unshift($this->all_form_fields_string, lang('attachments') . ': ' . $this->variables['attachment_count']);
array_unshift($this->all_form_fields, array('field_label' => lang('attachments'), 'field_type' => '', 'field_data' => $this->variables['attachment_count']));
}
}
// -------------------------------------
// conditionals, date formats, replacements, etc. FUN!
// -------------------------------------
$this->subject = ee()->template->parse_variables($this->subject, array(array_merge($this->variables, $this->field_outputs)));
$from_email = ee()->template->parse_variables($from_email, array(array_merge($this->variables, $this->field_outputs)));
$from_name = ee()->template->parse_variables($from_name, array(array_merge($this->variables, $this->field_outputs)));
$reply_to_email = ee()->template->parse_variables($reply_to_email, array(array_merge($this->variables, $this->field_outputs)));
$reply_to_name = ee()->template->parse_variables($reply_to_name, array(array_merge($this->variables, $this->field_outputs)));
//we don't want all form fields going into the subject
//that would be silly
$this->variables['all_form_fields_string'] = implode($this->check_yes($template_data['allow_html']) ? "<br/>" : "\n", $this->all_form_fields_string);
$this->variables['all_form_fields'] = $this->all_form_fields;
$this->message = ee()->template->parse_variables($this->message, array(array_merge($this->variables, $this->field_outputs)));
// -------------------------------------
// parse standard template data
// -------------------------------------
$this->message = $this->actions()->template()->process_string_as_template($this->message);
// -------------------------------------
// hook prep
// -------------------------------------
//this will allow adding or removing of emails through the hook
$this->variables['recipients'] = $recipients;
$this->variables['cc_recipients'] = $cc_recipients;
$this->variables['bcc_recipients'] = $bcc_recipients;
$this->variables['reply_to_email'] = $reply_to_email;
$this->variables['reply_to_name'] = $reply_to_name;
$this->variables['message'] = $this->variables['msg'] = $this->message;
$this->variables['subject'] = $this->subject;
$this->variables['from_name'] = $from_name;
$this->variables['from_email'] = $from_name;
$this->variables['field_inputs'] =& $this->field_inputs;
$this->variables['field_outputs'] =& $this->field_outputs;
// -------------------------------------
// freeform_recipient_email' hook.
// This allows developers to alter the
// $this->variables array before admin notification is sent.
// -------------------------------------
$hook_name = 'freeform_recipient_email';
if ($notification_type == 'admin') {
$hook_name = 'freeform_module_admin_notification';
} else {
if ($notification_type == 'user') {
$hook_name = 'freeform_module_user_notification';
}
}
if (ee()->extensions->active_hook($hook_name) === TRUE) {
$this->variables = ee()->extensions->universal_call($hook_name, $this->fields, $entry_id, $this->variables, $form_id, $this);
if (ee()->extensions->end_script === TRUE) {
return;
}
}
// -------------------------------------
// post hook var prep
// -------------------------------------
$recipients = $this->variables['recipients'];
$cc_recipients = $this->variables['cc_recipients'];
$bcc_recipients = $this->variables['bcc_recipients'];
$reply_to_email = $this->variables['reply_to_email'];
$reply_to_name = $this->variables['reply_to_name'];
//if the message has changed, copy back
if ($this->variables['message'] !== $this->message) {
$this->message = $this->variables['message'];
} else {
if ($this->variables['msg'] !== $this->message) {
$this->message = $this->variables['msg'];
}
}
$this->subject = $this->variables['subject'];
// ----------------------------------------
// Send email
// ----------------------------------------
ee()->email->wordwrap = $this->wordwrap;
ee()->email->mailtype = $this->mailtype;
$ascii_message = entities_to_ascii($this->message, !$template_data['allow_html']);
// -------------------------------------
// cc/bcc?
// these will only run once
// -------------------------------------
if (is_array($cc_recipients) and !empty($cc_recipients)) {
ee()->email->cc($cc_recipients);
}
if (is_array($bcc_recipients) and !empty($bcc_recipients)) {
ee()->email->bcc($bcc_recipients);
}
//all recipients
foreach ($recipients as $email_address) {
if ($reply_to_email and valid_email($reply_to_email)) {
ee()->email->reply_to($reply_to_email, $reply_to_name);
}
ee()->email->from($from_email, $from_name);
ee()->email->to($email_address);
ee()->email->subject(entities_to_ascii($this->subject, TRUE));
ee()->email->message($ascii_message);
ee()->email->send();
//clear out but keep attachments
//clear last so the first email can get the CC and BCC
//on the first item sent
ee()->email->clear(FALSE);
}
//needs a cleanout so the next notification can go
ee()->email->clear(TRUE);
// -------------------------------------
// clear local vars
// -------------------------------------
unset($this->message, $this->subject, $this->variables, $this->all_form_fields, $this->email, $this->field_inputs, $this->field_outputs);
// ----------------------------------------
// Register the template used
// ----------------------------------------
if ($notification_type != 'admin' and $enable_spam_log) {
$this->save_spam_interval($form_id, $entry_id, $recipients);
}
return TRUE;
}
/** -------------------------------------
/** Edit Article
/** -------------------------------------*/
function edit_article()
{
if (ee()->input->post('editing') === FALSE or ee()->input->get_post('title') === FALSE or ee()->input->get_post('title') == '' or ee()->input->get_post('article_content') === FALSE) {
return ee()->output->show_user_error('general', array(lang('invalid_permissions')));
}
if (!in_array(ee()->session->userdata['group_id'], $this->users) && !in_array(ee()->session->userdata['group_id'], $this->admins)) {
return ee()->output->show_user_error('general', array(lang('invalid_permissions')));
}
/** -------------------------------------
/** Edit Limit
/** -------------------------------------*/
$this->edit_limit();
/** -------------------------------------
/** Process Edit Form
/** -------------------------------------*/
$query = $this->topic_request($this->valid_title(ee()->input->get_post('title')));
if ($query->num_rows() == 0) {
$current_name = strtolower($this->current_namespace);
$key = '';
foreach ($this->namespaces as $name => $label) {
if ($current_name == strtolower($label['1'])) {
$key = $label['0'];
break;
}
}
$data = array('page_name' => $this->topic, 'page_namespace' => $key, 'last_updated' => ee()->localize->now, 'wiki_id' => $this->wiki_id);
if (in_array(ee()->session->userdata['group_id'], $this->admins)) {
if (ee()->input->get_post('delete_article') == 'y' && $this->current_namespace == $this->category_ns) {
$cat_data = $this->determine_category($this->topic);
if ($cat_data['cat_id'] != 0) {
$results = ee()->db->query("SELECT page_id FROM exp_wiki_category_articles WHERE cat_id = '" . ee()->db->escape_str($cat_data['cat_id']) . "'");
if ($results->num_rows() > 0) {
foreach ($results->result_array() as $row) {
$count = ee()->db->query("SELECT (COUNT(*) - 1) AS count FROM exp_wiki_category_articles WHERE page_id = '" . ee()->db->escape_str($row['page_id']) . "'");
if ($count->row('count') == 0) {
ee()->db->query("UPDATE exp_wiki_page SET has_categories = 'n' WHERE page_id = '" . ee()->db->escape_str($row['page_id']) . "'");
}
}
}
ee()->db->query("DELETE FROM exp_wiki_category_articles WHERE cat_id = '" . ee()->db->escape_str($cat_data['cat_id']) . "'");
ee()->db->query("DELETE FROM exp_wiki_categories WHERE cat_id = '" . ee()->db->escape_str($cat_data['cat_id']) . "'");
ee()->db->query("UPDATE exp_wiki_categories SET parent_id = '0' WHERE parent_id = '" . ee()->db->escape_str($cat_data['cat_id']) . "'");
}
} elseif (ee()->input->get_post('delete_article') == 'y') {
$this->redirect('', $this->title);
}
if (ee()->input->get_post('lock_article') == 'y') {
$data['page_locked'] = 'y';
}
if (ee()->input->get_post('moderate_article') == 'y') {
$data['page_moderated'] = 'y';
}
}
if (ee()->input->get_post('redirect') !== FALSE) {
$data['page_redirect'] = $this->valid_title(ee()->input->get_post('redirect'));
}
$data['last_updated'] = ee()->localize->now;
ee()->db->query(ee()->db->insert_string('exp_wiki_page', $data));
$page_id = ee()->db->insert_id();
} else {
$page_id = $query->row('page_id');
if (ee()->input->get_post('delete_article') == 'y' && in_array(ee()->session->userdata['group_id'], $this->admins)) {
if ($this->current_namespace == $this->category_ns) {
$cat_data = $this->determine_category($this->topic);
if ($cat_data['cat_id'] != 0) {
$results = ee()->db->query("SELECT page_id FROM exp_wiki_category_articles WHERE cat_id = '" . ee()->db->escape_str($cat_data['cat_id']) . "'");
if ($results->num_rows() > 0) {
foreach ($results->result_array() as $row) {
$count = ee()->db->query("SELECT (COUNT(*) - 1) AS count FROM exp_wiki_category_articles WHERE page_id = '" . ee()->db->escape_str($row['page_id']) . "'");
if ($count->row('count') == 0) {
ee()->db->query("UPDATE exp_wiki_page SET has_categories = 'n' WHERE page_id = '" . ee()->db->escape_str($row['page_id']) . "'");
}
}
}
ee()->db->query("DELETE FROM exp_wiki_category_articles WHERE cat_id = '" . ee()->db->escape_str($cat_data['cat_id']) . "'");
ee()->db->query("DELETE FROM exp_wiki_categories WHERE cat_id = '" . ee()->db->escape_str($cat_data['cat_id']) . "'");
ee()->db->query("UPDATE exp_wiki_categories SET parent_id = '0' WHERE parent_id = '" . ee()->db->escape_str($cat_data['cat_id']) . "'");
}
}
ee()->db->query("DELETE FROM exp_wiki_page WHERE page_id = '" . ee()->db->escape_str($page_id) . "'");
ee()->db->query("DELETE FROM exp_wiki_revisions WHERE page_id = '" . ee()->db->escape_str($page_id) . "'");
ee()->db->query("DELETE FROM exp_wiki_category_articles WHERE page_id = '" . ee()->db->escape_str($page_id) . "'");
$this->redirect('', $this->title);
}
if ($query->row('page_locked') == 'y' && !in_array(ee()->session->userdata['group_id'], $this->admins)) {
return ee()->output->show_user_error('general', array(lang('invalid_permissions')));
}
if ($query->row('page_moderated') == 'y' && !in_array(ee()->session->userdata['group_id'], $this->admins)) {
$data = array('last_updated' => $query->row('last_updated'));
} else {
$data = array('last_updated' => ee()->localize->now);
}
if (ee()->input->get_post('redirect') !== FALSE) {
$data['page_redirect'] = $this->valid_title(ee()->input->get_post('redirect'));
}
if (in_array(ee()->session->userdata['group_id'], $this->admins)) {
$data['page_locked'] = ee()->input->get_post('lock_article') == 'y' ? 'y' : 'n';
$data['page_moderated'] = ee()->input->get_post('moderate_article') == 'y' ? 'y' : 'n';
if (ee()->input->get_post('rename') !== FALSE && ee()->input->get_post('rename') != '') {
// Default
$this->topic = $this->valid_title(ee()->input->get_post('rename'));
$this->title = $this->topic;
$this->current_namespace = '';
$data['page_name'] = $this->topic;
$data['page_namespace'] = '';
if (stristr(ee()->input->get_post('rename'), ':') && count($this->namespaces) > 0) {
$parts = explode(':', ee()->input->get_post('rename'), 2);
foreach ($this->namespaces as $name => $label) {
if ($label['1'] == $parts['0']) {
$data['page_namespace'] = $name;
$data['page_name'] = $this->valid_title(substr(ee()->input->get_post('rename'), strlen($label['1'] . ':')));
$this->title = $label['1'] . ':' . $data['page_name'];
$this->topic = $data['page_name'];
$this->current_namespace = $label['1'];
break;
}
}
}
$t_query = ee()->db->where('page_name', $data['page_name'])->where('LOWER(page_namespace)', $data['page_namespace'])->where('wiki_id', $this->wiki_id)->count_all_results('wiki_page');
if ($t_query > 0) {
return ee()->output->show_user_error('general', array(lang('duplicate_article')));
}
}
}
ee()->db->query(ee()->db->update_string('exp_wiki_page', $data, "page_id = '" . ee()->db->escape_str($page_id) . "'"));
}
/** -------------------------------------
/** Process Revision a Bit and Insert
/** -------------------------------------*/
if (isset($data['page_redirect']) && preg_match("|\\#REDIRECT \\[\\[.*?\\]\\]|s", ee()->input->get_post('article_content'), $match)) {
$content = str_replace($match['0'], '', ee()->input->get_post('article_content'));
} else {
$content = ee()->input->get_post('article_content');
}
$revision = array('page_id' => $page_id, 'wiki_id' => $this->wiki_id, 'revision_date' => ee()->localize->now, 'revision_author' => ee()->session->userdata['member_id'], 'revision_notes' => ee()->input->get_post('revision_notes') !== FALSE ? ee()->input->get_post('revision_notes') : '', 'page_content' => ee()->security->xss_clean($content));
if ($query->num_rows() > 0 && $query->row('page_moderated') == 'y' && !in_array(ee()->session->userdata['group_id'], $this->admins)) {
$revision['revision_status'] = 'closed';
} else {
$revision['revision_status'] = 'open';
}
ee()->db->query(ee()->db->insert_string('exp_wiki_revisions', $revision));
$revision['revision_id'] = ee()->db->insert_id();
/** -------------------------------------
/** Check and Add Categories - But Not For Categories Namespace
/** -------------------------------------*/
if ($revision['revision_status'] == 'open') {
$cats = $this->check_categories($page_id, $revision['page_content'], $this->current_namespace);
}
/** ---------------------------------------
/** Update last_revision_id
/** ---------------------------------------*/
ee()->db->query(ee()->db->update_string('exp_wiki_page', array('last_revision_id' => $revision['revision_id']), array('page_id' => $page_id)));
/** -------------------------------------
/** Moderator Notifications?
/** -------------------------------------*/
if ($revision['revision_status'] == 'closed' && trim($this->moderation_emails) != '') {
/** ----------------------------
/** Send Emails to Moderators
/** ----------------------------*/
$replyto = ee()->session->userdata['email'] == '' ? ee()->config->item('webmaster_email') : ee()->session->userdata['email'];
$link = $this->create_url($this->current_namespace, $this->topic);
$revision['author'] = ee()->session->userdata['screen_name'];
$revision['email'] = ee()->session->userdata['email'];
$revision['title'] = $this->title;
$revision['content'] = ee()->security->xss_clean($content);
$revision['path:view_article'] = $link;
$revision['path:view_revision'] = $link . '/revision/' . $revision['revision_id'];
$revision['path:open_revision'] = $link . '/revision/' . $revision['revision_id'] . '/open';
$revision['path:close_revision'] = $link . '/revision/' . $revision['revision_id'] . '/close';
ee()->load->library('typography');
ee()->typography->initialize(array('parse_images' => FALSE, 'parse_smileys' => FALSE));
$revision['article'] = $this->convert_curly_brackets(ee()->typography->parse_type($this->wiki_syntax(ee()->security->xss_clean($content)), array('text_format' => $this->text_format, 'html_format' => $this->html_format, 'auto_links' => $this->auto_links, 'allow_img_url' => 'y')));
$subject = ee()->functions->var_swap($this->_fetch_template('wiki_email_moderation_subject.html'), $revision);
$message = ee()->functions->var_swap($this->_fetch_template('wiki_email_moderation_message.html'), $revision);
ee()->load->library('email');
// Load the text helper
ee()->load->helper('text');
$sent = array();
foreach (explode(',', $this->moderation_emails) as $addy) {
if (in_array($addy, $sent)) {
continue;
}
ee()->email->EE_initialize();
ee()->email->wordwrap = false;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($addy);
ee()->email->reply_to($replyto);
ee()->email->subject($subject);
ee()->email->message(entities_to_ascii($message));
ee()->email->send();
$sent[] = $addy;
}
}
/* -------------------------------------
/* 'edit_wiki_article_end' hook.
/* - Add more things to do for wiki articles
/* - Added 1.6.0
*/
ee()->extensions->universal_call('edit_wiki_article_end', $this, $query);
if (ee()->extensions->end_script === TRUE) {
return;
}
/*
/* -------------------------------------*/
$query = ee()->db->query("SELECT COUNT(revision_id) AS count FROM exp_wiki_revisions\n\t\t\t\t\t\t\t WHERE page_id = '" . ee()->db->escape_str($page_id) . "'\n\t\t\t\t\t\t\t AND wiki_id = '" . ee()->db->escape_str($this->wiki_id) . "'");
if ($query->row('count') > $this->revision_limit) {
$query = ee()->db->query("SELECT revision_id FROM exp_wiki_revisions\n\t\t\t\t\t\t\t\t WHERE page_id = '" . ee()->db->escape_str($page_id) . "'\n\t\t\t\t\t\t\t\t AND wiki_id = '" . ee()->db->escape_str($this->wiki_id) . "'\n\t\t\t\t\t\t\t\t LIMIT {$this->revision_limit}, 1");
if ($query->num_rows() > 0) {
ee()->db->query("DELETE FROM exp_wiki_revisions\n\t\t\t\t\t\t\tWHERE page_id = '" . ee()->db->escape_str($page_id) . "'\n\t\t\t\t\t\t\tAND wiki_id = '" . ee()->db->escape_str($this->wiki_id) . "'\n\t\t\t\t\t\t\tAND revision_id < '" . $query->row('revision_id') . "'");
}
}
// Clear wiki cache
ee()->functions->clear_caching('db');
$this->redirect($this->current_namespace, $this->topic);
}
/** ----------------------------------------
/** Send Email
/** ----------------------------------------*/
function send_email()
{
$error = array();
/** ----------------------------------------
/** Blacklist/Whitelist Check
/** ----------------------------------------*/
if ($this->EE->blacklist->blacklisted == 'y' && $this->EE->blacklist->whitelisted == 'n') {
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('not_authorized')));
}
/** ----------------------------------------
/** Is the nation of the user banend?
/** ----------------------------------------*/
$this->EE->session->nation_ban_check();
/** ----------------------------------------
/** Check and Set
/** ----------------------------------------*/
$default = array('subject', 'message', 'from', 'user_recipients', 'to', 'recipients', 'name', 'required');
foreach ($default as $val) {
if (!isset($_POST[$val])) {
$_POST[$val] = '';
} else {
if (is_array($_POST[$val]) && ($val == 'message' or $val == 'required')) {
$temp = '';
foreach ($_POST[$val] as $post_value) {
$temp .= $this->EE->input->_clean_input_data($post_value) . "\n";
}
$_POST[$val] = $temp;
}
if ($val == 'recipients') {
if (function_exists('mcrypt_encrypt')) {
$init_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$init_vect = mcrypt_create_iv($init_size, MCRYPT_RAND);
$decoded_recipients = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($this->EE->session->sess_crypt_key), base64_decode($_POST[$val]), MCRYPT_MODE_ECB, $init_vect), "");
} else {
$raw = base64_decode($_POST[$val]);
$hash = substr($raw, -32);
$decoded_recipients = substr($raw, 0, -32);
if ($hash != md5($this->EE->session->sess_crypt_key . $decoded_recipients)) {
$decoded_recipients = '';
}
}
$_POST[$val] = $decoded_recipients;
}
$_POST[$val] = $this->EE->security->xss_clean(trim(stripslashes($_POST[$val])));
}
}
/** ----------------------------------------
/** Clean incoming
/** ----------------------------------------*/
$clean = array('subject', 'from', 'user_recipients', 'to', 'recipients', 'name');
foreach ($clean as $val) {
$_POST[$val] = strip_tags($_POST[$val]);
}
/** ----------------------------------------
/** Fetch the email module language pack
/** ----------------------------------------*/
$this->EE->lang->loadfile('email');
/** ----------------------------------------
/** Basic Security Check
/** ----------------------------------------*/
if ($this->EE->session->userdata['ip_address'] == '' or $this->EE->session->userdata['user_agent'] == '') {
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('em_unauthorized_request')));
}
/** ----------------------------------------
/** Return Variables
/** ----------------------------------------*/
$x = explode('|', $_POST['RET']);
unset($_POST['RET']);
if (is_numeric($x['0'])) {
$return_link = $this->EE->functions->form_backtrack($x['0']);
} else {
$return_link = ($x['0'] == '' or !stristr($x['0'], 'http://')) ? $this->EE->functions->form_backtrack(2) : $x['0'];
}
$site_name = $this->EE->config->item('site_name') == '' ? $this->EE->lang->line('back') : stripslashes($this->EE->config->item('site_name'));
$return_name = (!isset($x['1']) or $x['1'] == '') ? $site_name : $x['1'];
/** ----------------------------------------
/** ERROR Checking
/** ----------------------------------------*/
// If the message is empty, bounce them back
if ($_POST['message'] == '') {
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('message_required')));
}
// If the from field is empty, error
$this->EE->load->helper('email');
if ($_POST['from'] == '' or !valid_email($_POST['from'])) {
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('em_sender_required')));
}
// If no recipients, bounce them back
if ($_POST['recipients'] == '' && $_POST['to'] == '') {
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('em_no_valid_recipients')));
}
/** ----------------------------------------
/** Is the user banned?
/** ----------------------------------------*/
if ($this->EE->session->userdata['is_banned'] == TRUE) {
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('not_authorized')));
}
/** ----------------------------------------
/** Check Form Hash
/** ----------------------------------------*/
if ($this->EE->config->item('secure_forms') == 'y') {
$query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_security_hashes WHERE hash='" . $this->EE->db->escape_str($_POST['XID']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "' AND date > UNIX_TIMESTAMP()-7200");
if ($query->row('count') == 0) {
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('not_authorized')));
}
}
/** ----------------------------
/** Check Tracking Class
/** ----------------------------*/
$day_ago = $this->EE->localize->now - 60 * 60 * 24;
$query = $this->EE->db->query("DELETE FROM exp_email_tracker WHERE email_date < '{$day_ago}'");
if ($this->EE->session->userdata['username'] === false or $this->EE->session->userdata['username'] == '') {
$query = $this->EE->db->query("SELECT *\n\t\t\t\t\t\t\t\tFROM exp_email_tracker\n\t\t\t\t\t\t\t\tWHERE sender_ip = '" . $this->EE->input->ip_address() . "'\n\t\t\t\t\t\t\t\tORDER BY email_date DESC");
} else {
$query = $this->EE->db->query("SELECT *\n\t\t\t\t\t\t\t\tFROM exp_email_tracker\n\t\t\t\t\t\t\t\tWHERE sender_username = '******'username']) . "'\n\t\t\t\t\t\t\t\tOR sender_ip = '" . $this->EE->input->ip_address() . "'\n\t\t\t\t\t\t\t\tORDER BY email_date DESC");
}
if ($query->num_rows() > 0) {
// Max Emails - Quick check
if ($query->num_rows() >= $this->email_max_emails) {
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('em_limit_exceeded')));
}
// Max Emails - Indepth check
$total_sent = 0;
foreach ($query->result_array() as $row) {
$total_sent = $total_sent + $row['number_recipients'];
}
if ($total_sent >= $this->email_max_emails) {
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('em_limit_exceeded')));
}
// Interval check
if ($query->row('email_date') > $this->EE->localize->now - $this->email_time_interval) {
$error[] = str_replace("%s", $this->email_time_interval, $this->EE->lang->line('em_interval_warning'));
return $this->EE->output->show_user_error('general', $error);
}
}
/** ----------------------------------------
/** Review Recipients
/** ----------------------------------------*/
$_POST['user_recipients'] = $_POST['user_recipients'] == md5($this->EE->db->username . $this->EE->db->password . 'y') ? 'y' : 'n';
if ($_POST['user_recipients'] == 'y' && trim($_POST['to']) != '') {
$array = $this->validate_recipients($_POST['to']);
$error = array_merge($error, $array['error']);
$approved_tos = $array['approved'];
} else {
$approved_tos = array();
}
if (trim($_POST['recipients']) != '') {
$array = $this->validate_recipients($_POST['recipients']);
$approved_recipients = $array['approved'];
} else {
$approved_recipients = array();
}
/** ----------------------------------------------------
/** If we have no valid emails to send, back they go.
/** ----------------------------------------------------*/
if ($_POST['user_recipients'] == 'y' && count($approved_tos) == 0) {
$error[] = $this->EE->lang->line('em_no_valid_recipients');
} elseif (count($approved_recipients) == 0 && count($approved_tos) == 0) {
$error[] = $this->EE->lang->line('em_no_valid_recipients');
}
/** -------------------------------------
/** Is from email banned?
/** -------------------------------------*/
if ($this->EE->session->ban_check('email', $_POST['from'])) {
$error[] = $this->EE->lang->line('em_banned_from_email');
}
/** ----------------------------------------
/** Do we have errors to display?
/** ----------------------------------------*/
if (count($error) > 0) {
return $this->EE->output->show_user_error('submission', $error);
}
/** ----------------------------------------
/** Check CAPTCHA
/** ----------------------------------------*/
if ($this->use_captchas == 'y') {
if (!isset($_POST['captcha']) or $_POST['captcha'] == '') {
return $this->EE->output->show_user_error('general', array($this->EE->lang->line('captcha_required')));
}
$query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_captcha\n\t\t\t\t\t\t\t\t WHERE word='" . $this->EE->db->escape_str($_POST['captcha']) . "'\n\t\t\t\t\t\t\t\t AND ip_address = '" . $this->EE->input->ip_address() . "'\n\t\t\t\t\t\t\t\t AND date > UNIX_TIMESTAMP()-7200");
if ($query->row('count') == 0) {
return $this->EE->output->show_user_error('submission', array($this->EE->lang->line('captcha_incorrect')));
}
$this->EE->db->query("DELETE FROM exp_captcha\n\t\t\t\t\t\tWHERE (word='" . $this->EE->db->escape_str($_POST['captcha']) . "'\n\t\t\t\t\t\tAND ip_address = '" . $this->EE->input->ip_address() . "')\n\t\t\t\t\t\tOR date < UNIX_TIMESTAMP()-7200");
}
/** ----------------------------------------
/** Censored Word Checking
/** ----------------------------------------*/
$this->EE->load->library('typography');
$this->EE->typography->initialize();
// Load the text helper
$this->EE->load->helper('text');
$subject = entities_to_ascii($_POST['subject']);
$subject = $this->EE->typography->filter_censored_words($subject);
$message = $_POST['required'] != '' ? $_POST['required'] . "\n" . $_POST['message'] : $_POST['message'];
$message = $this->EE->security->xss_clean($message);
if (isset($_POST['allow_html']) && $_POST['allow_html'] == 'y' && strlen(strip_tags($message)) != strlen($message)) {
$mail_type = 'html';
} else {
$mail_type = 'plain';
}
$message = entities_to_ascii($message);
$message = $this->EE->typography->filter_censored_words($message);
/** ----------------------------
/** Send email
/** ----------------------------*/
$this->EE->load->library('email');
$this->EE->email->wordwrap = true;
$this->EE->email->mailtype = $mail_type;
$this->EE->email->priority = '3';
if (isset($_POST['charset']) && $_POST['charset'] != '') {
$this->EE->email->charset = $_POST['charset'];
}
if (count($approved_recipients) == 0 && count($approved_tos) > 0) {
foreach ($approved_tos as $val) {
$this->EE->email->EE_initialize();
$this->EE->email->to($val);
if (isset($_POST['replyto']) && $_POST['replyto'] == 'yes') {
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->reply_to($_POST['from'], $_POST['name']);
} else {
$this->EE->email->from($_POST['from'], $_POST['name']);
}
$this->EE->email->subject($subject);
$this->EE->email->message($message);
$this->EE->email->send();
}
} elseif (count($approved_recipients) > 0 && count($approved_tos) == 0) {
foreach ($approved_recipients as $val) {
$this->EE->email->EE_initialize();
$this->EE->email->to($val);
if (isset($_POST['replyto']) && $_POST['replyto'] == 'yes') {
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->reply_to($_POST['from'], $_POST['name']);
} else {
$this->EE->email->from($_POST['from'], $_POST['name']);
}
$this->EE->email->subject($subject);
$this->EE->email->message($message);
$this->EE->email->send();
}
} else {
foreach ($approved_tos as $val) {
$this->EE->email->EE_initialize();
$this->EE->email->to($val);
$this->EE->email->bcc(implode(',', $approved_recipients));
if (isset($_POST['replyto']) && $_POST['replyto'] == 'yes') {
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->reply_to($_POST['from'], $_POST['name']);
} else {
$this->EE->email->from($_POST['from'], $_POST['name']);
}
$this->EE->email->subject($subject);
$this->EE->email->message($message);
$this->EE->email->send();
}
}
/** ----------------------------
/** Store in tracking class
/** ----------------------------*/
$data = array('email_date' => $this->EE->localize->now, 'sender_ip' => $this->EE->input->ip_address(), 'sender_email' => $_POST['from'], 'sender_username' => $this->EE->session->userdata['username'], 'number_recipients' => count($approved_tos) + count($approved_recipients));
$this->EE->db->query($this->EE->db->insert_string('exp_email_tracker', $data));
/** -------------------------------------------
/** Delete spam hashes
/** -------------------------------------------*/
if (isset($_POST['XID'])) {
$this->EE->db->query("DELETE FROM exp_security_hashes WHERE (hash='" . $this->EE->db->escape_str($_POST['XID']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "') OR date < UNIX_TIMESTAMP()-7200");
}
/* -------------------------------------
/* 'email_module_send_email_end' hook.
/* - After emails are sent, do some additional processing
/* - Added EE 1.5.1
*/
if ($this->EE->extensions->active_hook('email_module_send_email_end') === TRUE) {
$edata = $this->EE->extensions->call('email_module_send_email_end', $subject, $message, $approved_tos, $approved_recipients);
if ($this->EE->extensions->end_script === TRUE) {
return;
}
}
/*
/* -------------------------------------*/
/** -------------------------------------------
/** Thank you message
/** -------------------------------------------*/
$data = array('title' => $this->EE->lang->line('email_module_name'), 'heading' => $this->EE->lang->line('thank_you'), 'content' => $this->EE->lang->line('em_email_sent'), 'redirect' => $return_link, 'link' => array($return_link, $return_name));
if ($this->EE->input->get_post('redirect') !== FALSE) {
if (is_numeric($this->EE->input->get_post('redirect'))) {
$data['rate'] = $this->EE->input->get_post('redirect');
} elseif ($this->EE->input->get_post('redirect') == 'none') {
$data['redirect'] = '';
}
}
$this->EE->output->show_message($data);
}
/**
* display_email_data
*
* formats data for email notifications
*
* @access public
* @param string data from table for email output
* @param object instance of the notification object
* @return string output data
*/
public function display_email_data($data, $notification_obj)
{
ee()->load->helper('text');
return ee()->functions->encode_ee_tags(str_replace('<br/>', "\n", entities_to_ascii($this->replace_tag($data))), TRUE);
}
/**
* display_email_data
*
* formats data for email notifications
*
* @access public
* @param string data from table for email output
* @param object instance of the notification object
* @return string output data
*/
public function display_email_data($data, $notification_obj = null)
{
if (is_array($data)) {
$data = implode("\n", $data);
}
return $this->encode_ee(entities_to_ascii($data));
}
/**
* Validate Members
*
* Validate/Delete Selected Members
*
* @return mixed
*/
public function validate_members()
{
if (!$this->cp->allowed_group('can_access_members') or !$this->cp->allowed_group('can_admin_members')) {
show_error(lang('unauthorized_access'));
}
if (!$this->cp->allowed_group('can_delete_members') && $this->input->post('action') != 'activate') {
show_error(lang('unauthorized_access'));
}
if (!$this->input->post('toggle')) {
return $this->member_validation();
}
$send_email = isset($_POST['send_notification']) ? TRUE : FALSE;
if ($send_email == TRUE) {
if ($this->input->post('action') == 'activate') {
$template = $this->functions->fetch_email_template('validated_member_notify');
} else {
$template = $this->functions->fetch_email_template('decline_member_validation');
}
$this->load->library('email');
$this->email->wordwrap = true;
}
$group_id = $this->config->item('default_member_group');
// Load the text helper
$this->load->helper('text');
foreach ($_POST['toggle'] as $key => $val) {
if ($send_email == TRUE) {
$this->db->select('username, screen_name, email');
$this->db->from('members');
$this->db->where('member_id', $val);
$this->db->where('email != ""');
$query = $this->db->get();
if ($query->num_rows() == 1) {
$swap = array('name' => $query->row('screen_name') != '' ? $query->row('screen_name') : $query->row('username'), 'site_name' => stripslashes($this->config->item('site_name')), 'site_url' => $this->config->item('site_url'));
$email_tit = $this->functions->var_swap($template['title'], $swap);
$email_msg = $this->functions->var_swap($template['data'], $swap);
$this->email->EE_initialize();
$this->email->from($this->config->item('webmaster_email'), $this->config->item('webmaster_name'));
$this->email->to($query->row('email'));
$this->email->subject($email_tit);
$this->email->message(entities_to_ascii($email_msg));
$this->email->send();
}
}
if ($this->input->post('action') == 'activate') {
$this->db->set('group_id', $group_id);
$this->db->where('member_id', $val);
$this->db->update('members');
} else {
$this->db->query("DELETE FROM exp_members WHERE member_id = '{$val}'");
$this->db->query("DELETE FROM exp_member_data WHERE member_id = '{$val}'");
$this->db->query("DELETE FROM exp_member_homepage WHERE member_id = '{$val}'");
$message_query = $this->db->query("SELECT DISTINCT recipient_id FROM exp_message_copies WHERE sender_id = '{$val}' AND message_read = 'n'");
$this->db->query("DELETE FROM exp_message_copies WHERE sender_id = '{$val}'");
$this->db->query("DELETE FROM exp_message_data WHERE sender_id = '{$val}'");
$this->db->query("DELETE FROM exp_message_folders WHERE member_id = '{$val}'");
$this->db->query("DELETE FROM exp_message_listed WHERE member_id = '{$val}'");
if ($message_query->num_rows() > 0) {
foreach ($message_query->result_array() as $row) {
$count_query = $this->db->query("SELECT COUNT(*) AS count FROM exp_message_copies WHERE recipient_id = '" . $row['recipient_id'] . "' AND message_read = 'n'");
$this->db->query($this->db->update_string('exp_members', array('private_messages' => $count_query->row('count')), "member_id = '" . $row['recipient_id'] . "'"));
}
}
}
}
$this->stats->update_member_stats();
/* -------------------------------------------
/* 'cp_members_validate_members' hook.
/* - Additional processing when member(s) are validated in the CP
/* - Added 1.5.2, 2006-12-28
*/
$this->extensions->call('cp_members_validate_members');
if ($this->extensions->end_script === TRUE) {
return;
}
/*
/* -------------------------------------------*/
$vars['message'] = $this->input->post('action') == 'activate' ? lang('members_are_validated') : lang('members_are_deleted');
$this->view->cp_page_title = $vars['message'];
$this->cp->render("members/message", $vars);
}
/**
* Category Form Tree
*
* @param string
* @param mixed
* @param boolean
*/
public function category_form_tree($nested = 'y', $categories = FALSE, $sites = FALSE)
{
$order = $nested == 'y' ? 'group_id, parent_id, cat_name' : 'cat_name';
ee()->db->select('categories.group_id, categories.parent_id, categories.cat_id, categories.cat_name');
ee()->db->from('categories');
if ($sites == FALSE) {
ee()->db->where('site_id', ee()->config->item('site_id'));
} elseif ($sites != 'all') {
if (is_array($sites)) {
$sites = implode('|', $sites);
}
ee()->functions->ar_andor_string($sites, 'site_id');
}
if ($categories !== FALSE) {
if (is_array($categories)) {
$categories = implode('|', $categories);
}
ee()->functions->ar_andor_string($categories, 'cat_id', 'exp_categories');
}
ee()->db->order_by($order);
$query = ee()->db->get();
// Load the text helper
ee()->load->helper('text');
if ($query->num_rows() > 0) {
$categories = array();
foreach ($query->result_array() as $row) {
$categories[] = array($row['group_id'], $row['cat_id'], entities_to_ascii($row['cat_name']), $row['parent_id']);
}
if ($nested == 'y') {
foreach ($categories as $key => $val) {
if (0 == $val['3']) {
$this->cat_array[] = array($val['0'], $val['1'], $val['2']);
$this->category_form_subtree($val['1'], $categories, $depth = 1);
}
}
} else {
$this->cat_array = $categories;
}
}
return $this->cat_array;
}
/**
* Member self-delete
*/
public function member_delete()
{
// Make sure they got here via a form
if (!ee()->input->post('ACT')) {
// No output for you, Mr. URL Hax0r
return FALSE;
}
ee()->lang->loadfile('login');
// No sneakiness - we'll do this in case the site administrator
// has foolishly turned off secure forms and some monkey is
// trying to delete their account from an off-site form or
// after logging out.
if (ee()->session->userdata('member_id') == 0 or ee()->session->userdata('can_delete_self') !== 'y') {
return ee()->output->show_user_error('general', ee()->lang->line('not_authorized'));
}
// If the user is a SuperAdmin, then no deletion
if (ee()->session->userdata('group_id') == 1) {
return ee()->output->show_user_error('general', ee()->lang->line('cannot_delete_super_admin'));
}
// Is IP and User Agent required for login? Then, same here.
if (ee()->config->item('require_ip_for_login') == 'y') {
if (ee()->session->userdata('ip_address') == '' or ee()->session->userdata('user_agent') == '') {
return ee()->output->show_user_error('general', ee()->lang->line('unauthorized_request'));
}
}
// Check password lockout status
if (ee()->session->check_password_lockout(ee()->session->userdata('username')) === TRUE) {
ee()->lang->loadfile('login');
return ee()->output->show_user_error('general', sprintf(lang('password_lockout_in_effect'), ee()->config->item('password_lockout_interval')));
}
// Are you who you say you are, or someone sitting at someone
// else's computer being mean?!
ee()->load->library('auth');
if (!ee()->auth->authenticate_id(ee()->session->userdata('member_id'), ee()->input->post('password'))) {
ee()->session->save_password_lockout(ee()->session->userdata('username'));
return ee()->output->show_user_error('general', ee()->lang->line('invalid_pw'));
}
// No turning back, get to deletin'!
ee()->load->model('member_model');
ee()->member_model->delete_member(ee()->session->userdata('member_id'));
// Email notification recipients
if (ee()->session->userdata('mbr_delete_notify_emails') != '') {
$notify_address = ee()->session->userdata('mbr_delete_notify_emails');
$swap = array('name' => ee()->session->userdata('screen_name'), 'email' => ee()->session->userdata('email'), 'site_name' => stripslashes(ee()->config->item('site_name')));
$email_subject = ee()->functions->var_swap(ee()->lang->line('mbr_delete_notify_title'), $swap);
$email_msg = ee()->functions->var_swap(ee()->lang->line('mbr_delete_notify_message'), $swap);
// No notification for the user themselves, if they're in the list
if (strpos($notify_address, ee()->session->userdata('email')) !== FALSE) {
$notify_address = str_replace(ee()->session->userdata('email'), "", $notify_address);
}
// Remove multiple commas
$notify_address = reduce_multiples($notify_address, ',', TRUE);
if ($notify_address != '') {
// Send email
ee()->load->library('email');
// Load the text helper
ee()->load->helper('text');
foreach (explode(',', $notify_address) as $addy) {
ee()->email->EE_initialize();
ee()->email->wordwrap = FALSE;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($addy);
ee()->email->reply_to(ee()->config->item('webmaster_email'));
ee()->email->subject($email_subject);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->send();
}
}
}
ee()->db->where('session_id', ee()->session->userdata('session_id'))->delete('sessions');
ee()->functions->set_cookie(ee()->session->c_session);
ee()->functions->set_cookie(ee()->session->c_expire);
ee()->functions->set_cookie(ee()->session->c_anon);
ee()->functions->set_cookie('read_topics');
ee()->functions->set_cookie('tracker');
// Build Success Message
$url = ee()->config->item('site_url');
$name = stripslashes(ee()->config->item('site_name'));
$data = array('title' => ee()->lang->line('mbr_delete'), 'heading' => ee()->lang->line('thank_you'), 'content' => ee()->lang->line('mbr_account_deleted'), 'redirect' => '', 'link' => array($url, $name));
ee()->output->show_message($data);
}
/**
* Notifies the site administrator (via email) of the supplied OmniLog Entry.
*
* @access public
* @param Omnilog_entry $entry The log entry.
* @return void
*/
public function notify_site_admin_of_log_entry(Omnilog_entry $entry)
{
$this->_ee->load->helper('text');
$this->_ee->load->library('email');
$email = $this->_ee->email;
$lang = $this->_ee->lang;
if (!$entry->is_populated()) {
throw new Exception($lang->line('exception__notify_admin__missing_data'));
}
$webmaster_email = $this->_ee->config->item('webmaster_email');
if ($email->valid_email($webmaster_email) !== TRUE) {
throw new Exception($lang->line('exception__notify_admin__invalid_webmaster_email'));
}
$webmaster_name = ($webmaster_name = $this->_ee->config->item('webmaster_name')) ? $webmaster_name : '';
switch ($entry->get_type()) {
case Omnilog_entry::NOTICE:
$lang_entry_type = $lang->line('email_entry_type_notice');
break;
case Omnilog_entry::WARNING:
$lang_entry_type = $lang->line('email_entry_type_warning');
break;
case Omnilog_entry::ERROR:
$lang_entry_type = $lang->line('email_entry_type_error');
break;
default:
$lang_entry_type = $lang->line('email_entry_type_unknown');
break;
}
$subject = ($site_name = $this->_ee->config->item('site_name')) ? $lang->line('email_subject') . ' (' . $site_name . ')' : $lang->line('email_subject');
$message = $lang->line('email_preamble') . NL . NL;
$message .= $lang->line('email_addon_name') . NL . $entry->get_addon_name() . NL . NL;
$message .= $lang->line('email_log_date') . NL . date('r', $entry->get_date()) . NL . NL;
$message .= $lang->line('email_entry_type') . NL . $lang_entry_type . NL . NL;
$message .= $lang->line('email_log_message') . NL . $entry->get_message() . NL . NL;
$message .= $lang->line('email_cp_url') . NL . $this->_ee->config->item('cp_url') . NL . NL;
$message .= $lang->line('email_postscript');
$message = entities_to_ascii($message);
$email->from($webmaster_email, $webmaster_name);
$email->to($webmaster_email);
$email->subject($subject);
$email->message($message);
if ($email->send() !== TRUE) {
throw new Exception($lang->line('exception__notify_admin__email_not_sent'));
}
}
/**
* Send email notifications to email addresses for the respective member
* group of the users being deleted
*
* @param Array $member_ids Array of member_ids being deleted
* @return void
*/
private function _member_delete_notifications($member_ids)
{
// Email notification recipients
$group_query = ee()->db->distinct('member_id')->select('screen_name, email, mbr_delete_notify_emails')->join('member_groups', 'members.group_id = member_groups.group_id', 'left')->where('mbr_delete_notify_emails !=', '')->where_in('member_id', $member_ids)->get('members');
foreach ($group_query->result() as $member) {
$notify_address = $member->mbr_delete_notify_emails;
$swap = array('name' => $member->screen_name, 'email' => $member->email, 'site_name' => stripslashes(ee()->config->item('site_name')));
ee()->lang->loadfile('member');
$email_title = ee()->functions->var_swap(lang('mbr_delete_notify_title'), $swap);
$email_message = ee()->functions->var_swap(lang('mbr_delete_notify_message'), $swap);
// No notification for the user themselves, if they're in the list
if (strpos($notify_address, $member->email) !== FALSE) {
$notify_address = str_replace($member->email, "", $notify_address);
}
// Remove multiple commas
$notify_address = reduce_multiples($notify_address, ',', TRUE);
if ($notify_address != '') {
ee()->load->library('email');
ee()->load->helper('text');
foreach (explode(',', $notify_address) as $addy) {
ee()->email->EE_initialize();
ee()->email->wordwrap = FALSE;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($addy);
ee()->email->reply_to(ee()->config->item('webmaster_email'));
ee()->email->subject($email_title);
ee()->email->message(entities_to_ascii($email_message));
ee()->email->send();
}
}
}
}
function _send_notification($item_type = '', $item_id = 0, $create_edit = 0, $item_title = '', $channel_id = 0)
{
$results = $this->EE->db->query("SELECT * FROM exp_audit_notifications WHERE item_type = ?", array($item_type));
if ($results->num_rows() == 0) {
return false;
}
$this->EE->load->library('email');
$this->EE->load->helper('text');
$this->EE->email->wordwrap = true;
$this->EE->email->mailtype = 'text';
$from = '';
$recipient = '';
$email_subject = '';
$email_msg = '';
//var_dump($results);
foreach ($results->result_array() as $notification) {
// If stored item type does not match this item type, exit
if ($notification['item_type'] != $item_type) {
return false;
}
// If stored member ID is to be checked (not 0) and does not match this user, exit
if ($notification['member_id'] != $this->member_id && $notification['member_id'] != 0) {
return false;
}
if ($notification['group_id'] != $this->group_id && $notification['group_id'] != 0) {
return false;
}
// If stored item ID is to be checked (not 0) and does not match this item ID, exit
if ($notification['item_id'] != 0 && $notification['item_id'] != $item_id) {
return false;
}
// If stored Channel ID is to be checked (not 0) and does not match this channel ID, exit
if ($notification['channel_id'] != 0 && $notification['channel_id'] != $channel_id) {
return false;
}
// Now we have something to work with!
$this->EE->email->initialize();
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($notification['email_address']);
switch ($item_type) {
case 'cp_login':
// Assume member matches, Just send the email
$email_msg = "A user has logged in via the Control Panel.";
if ($notification['is_sms'] == 1) {
$this->EE->email->subject($this->site_label . ": " . $email_msg);
$email_msg = '';
break;
}
$email_msg .= "\n\nUsername: "******"A user has logged out via the Control Panel.";
if ($notification['is_sms'] == 1) {
$this->EE->email->subject($this->site_label . ": " . $email_msg);
$email_msg = '';
break;
}
$email_msg .= "\n\nUsername: "******"A user has logged in via the Front-end.";
if ($notification['is_sms'] == 1) {
$this->EE->email->subject($this->site_label . ": " . $email_msg);
$email_msg = '';
break;
}
$email_msg .= "\n\nUsername: "******"A user has logged out via the Front-end.";
if ($notification['is_sms'] == 1) {
$this->EE->email->subject($this->site_label . ": " . $email_msg);
$email_msg = '';
break;
}
$email_msg .= "\n\nUsername: "******"A user has deleted an entry.";
if ($notification['is_sms'] == 1) {
$this->EE->email->subject($this->site_label . ": " . $email_msg);
$email_msg = '';
break;
}
$email_msg .= "\n\nUsername: "******"\n\nEntry ID: " . $item_id;
$email_msg .= "\n\nEntry Title: " . $item_title;
$this->EE->email->subject($this->site_label . ': Audit Pro Notification: Entry Deleted');
break;
case 'entry_update':
// Assume entry ID matches, does channel match?
$results = $this->EE->db->query("SELECT * FROM exp_channels c\n WHERE c.channel_id = ?", array($channel_id));
$channel_name = $results->row('channel_name');
$channel_title = $results->row('channel_title');
$email_msg = "A user has updated an entry.";
if ($notification['is_sms'] == 1) {
$this->EE->email->subject($this->site_label . ": " . $email_msg);
$email_msg = '';
break;
}
$email_msg .= "\n\nUsername: "******"\n\nChannel: " . $channel_title;
$email_msg .= "\n\nEntry ID: " . $item_id;
$email_msg .= "\n\nEntry Title: " . $item_title;
$this->EE->email->subject($this->site_label . ': Audit Pro Notification: Entry Updated');
break;
case 'new_entry':
// Don't worry about entry ID, does channel match?
$results = $this->EE->db->query("SELECT * FROM exp_channels c\n WHERE c.channel_id = ?", array($channel_id));
$channel_name = $results->row('channel_name');
$channel_title = $results->row('channel_title');
$email_msg = "A user has published an entry.";
if ($notification['is_sms'] == 1) {
$this->EE->email->subject($this->site_label . ": " . $email_msg);
$email_msg = '';
break;
}
$email_msg .= "\n\nUsername: "******"\n\nChannel: " . $channel_title;
$email_msg .= "\n\nEntry ID: " . $item_id;
$email_msg .= "\n\nEntry Title: " . $item_title;
$this->EE->email->subject($this->site_label . ': Audit Pro Notification: Entry Created');
break;
case 'template_edit':
// Assume entry ID matches, Just send the email
$email_msg = "A user has edited a template.";
if ($notification['is_sms'] == 1) {
$this->EE->email->subject($this->site_label . ": " . $email_msg);
$email_msg = '';
break;
}
$email_msg .= "\n\nUsername: "******"\n\nTemplate ID: " . $item_id;
$email_msg .= "\n\nTemplate Name: " . $item_title;
$this->EE->email->subject($this->site_label . ': Audit Pro Notification: Template Edited');
break;
case 'member_create':
// Just send the email
$email_msg = "A user has created a new member.";
if ($notification['is_sms'] == 1) {
$this->EE->email->subject($this->site_label . ": " . $email_msg);
$email_msg = '';
break;
}
$email_msg .= "\n\nUsername: "******"\n\nNew Member ID: " . $item_id;
$email_msg .= "\n\nNew Member Name: " . $item_title;
$this->EE->email->subject($this->site_label . ': Audit Pro Notification: Member Created');
break;
case 'member_delete':
// Just send the email
$email_msg = "A user has deleted a member.";
if ($notification['is_sms'] == 1) {
$this->EE->email->subject($this->site_label . ": " . $email_msg);
$email_msg = '';
break;
}
$email_msg .= "\n\nUsername: "******"\n\nDeleted Member ID: " . $item_id;
$email_msg .= "\n\nDeleted Member Name: " . $item_title;
$this->EE->email->subject($this->site_label . ': Audit Pro Notification: Member Deleted');
break;
case 'member_edit':
// Just send the email
$email_msg = "A user has edited a member.";
if ($notification['is_sms'] == 1) {
$this->EE->email->subject($this->site_label . ": " . $email_msg);
$email_msg = '';
break;
}
$email_msg .= "\n\nUsername: "******"\n\nEdited Member ID: " . $item_id;
$email_msg .= "\n\nEdited Member Name: " . $item_title;
$this->EE->email->subject($this->site_label . ': Audit Pro Notification: Member Edited');
break;
}
$email_msg .= "\n\n" . $this->EE->localize->human_time($this->timestamp);
$this->EE->email->message(entities_to_ascii($email_msg));
$this->EE->email->Send();
}
}
/**
* Authorize email submission
*/
function authorize_email()
{
/** ----------------------------------------
/** Fetch the mailinglist language pack
/** ----------------------------------------*/
ee()->lang->loadfile('mailinglist');
// Is the mailing list turned on?
if (ee()->config->item('mailinglist_enabled') == 'n') {
return ee()->output->show_user_error('general', lang('mailinglist_disabled'));
}
/** ----------------------------------------
/** Fetch the name of the site
/** ----------------------------------------*/
$site_name = ee()->config->item('site_name') == '' ? lang('back') : stripslashes(ee()->config->item('site_name'));
/** ----------------------------------------
/** No ID? Tisk tisk...
/** ----------------------------------------*/
$id = ee()->input->get_post('id');
if ($id == FALSE) {
$data = array('title' => lang('ml_mailinglist'), 'heading' => lang('error'), 'content' => lang('invalid_url'), 'link' => array(ee()->functions->fetch_site_index(), $site_name));
ee()->output->show_message($data);
}
/** ----------------------------------------
/** Fetch email associated with auth-code
/** ----------------------------------------*/
$expire = time() - 60 * 60 * 48;
ee()->db->query("DELETE FROM exp_mailing_list_queue WHERE date < '{$expire}' ");
$query = ee()->db->query("SELECT email, list_id FROM exp_mailing_list_queue WHERE authcode = '" . ee()->db->escape_str($id) . "'");
if ($query->num_rows() == 0) {
$data = array('title' => lang('ml_mailinglist'), 'heading' => lang('error'), 'content' => lang('ml_expired_date'), 'link' => array(ee()->functions->fetch_site_index(), $site_name));
echo ee()->output->show_message($data);
exit;
}
/** ----------------------------------------
/** Transfer email to the mailing list
/** ----------------------------------------*/
$email = $query->row('email');
$list_id = $query->row('list_id');
if ($list_id == 0) {
$query = ee()->db->query("SELECT COUNT(*) AS count FROM exp_mailing_lists WHERE list_id = 1");
if ($query->row('count') != 1) {
return ee()->output->show_user_error('general', lang('ml_no_list_id'));
} else {
$list_id = 1;
}
}
ee()->db->query("INSERT INTO exp_mailing_list (list_id, authcode, email, ip_address)\r\n\t\t\t\t\t\t\t VALUES ('" . ee()->db->escape_str($list_id) . "', '{$id}', '" . ee()->db->escape_str($email) . "', '" . ee()->db->escape_str(ee()->input->ip_address()) . "')");
ee()->db->query("DELETE FROM exp_mailing_list_queue WHERE authcode = '" . ee()->db->escape_str($id) . "'");
/** ----------------------------------------
/** Is there an admin notification to send?
/** ----------------------------------------*/
if (ee()->config->item('mailinglist_notify') == 'y' and ee()->config->item('mailinglist_notify_emails') != '') {
$query = ee()->db->select('list_title')->get_where('mailing_lists', array('list_id' => $list_id));
$swap = array('email' => $email, 'mailing_list' => $query->row('list_title'));
$template = ee()->functions->fetch_email_template('admin_notify_mailinglist');
$email_tit = ee()->functions->var_swap($template['title'], $swap);
$email_msg = ee()->functions->var_swap($template['data'], $swap);
/** ----------------------------
/** Send email
/** ----------------------------*/
// Remove multiple commas
$notify_address = reduce_multiples(ee()->config->item('mailinglist_notify_emails'), ',', TRUE);
if ($notify_address != '') {
// Send email
ee()->load->library('email');
// Load the text helper
ee()->load->helper('text');
foreach (explode(',', $notify_address) as $addy) {
ee()->email->EE_initialize();
ee()->email->wordwrap = true;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($addy);
ee()->email->reply_to(ee()->config->item('webmaster_email'));
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->send();
}
}
}
/** ------------------------------
/** Success Message
/** ------------------------------*/
$data = array('title' => lang('ml_mailinglist'), 'heading' => lang('thank_you'), 'content' => lang('ml_account_confirmed'), 'link' => array(ee()->functions->fetch_site_index(), $site_name));
ee()->output->show_message($data);
}
/**
* display_email_data
*
* formats data for email notifications
*
* @access public
* @param string data from table for email output
* @param object instance of the notification object
* @return string output data
*/
public function display_email_data($data, $notification_obj = null)
{
return $this->encode_ee(str_replace('<br/>', "\n", entities_to_ascii($this->replace_tag($data))));
}
function filtering_menus()
{
// In order to build our filtering options we need to gather
// all the channels, categories and custom statuses
$channel_array = array();
$status_array = array();
ee()->api->instantiate('channel_categories');
$allowed_channels = ee()->functions->fetch_assigned_channels(TRUE);
if (count($allowed_channels) > 0) {
// Fetch channel titles
ee()->db->select('channel_title, channel_id, cat_group, status_group, field_group');
ee()->db->where_in('channel_id', $allowed_channels);
ee()->db->where('site_id', ee()->config->item('site_id'));
ee()->db->order_by('channel_title');
$query = ee()->db->get('channels');
foreach ($query->result_array() as $row) {
$channel_array[$row['channel_id']] = array(str_replace('"', '', $row['channel_title']), $row['cat_group'], $row['status_group'], $row['field_group']);
}
}
/** -----------------------------
/** Category Tree
/** -----------------------------*/
$order = $this->nest_categories == 'y' ? 'group_id, parent_id, cat_name' : 'cat_name';
ee()->db->select('categories.group_id, categories.parent_id, categories.cat_id, categories.cat_name');
ee()->db->from('categories');
ee()->db->where('site_id', ee()->config->item('site_id'));
ee()->db->order_by($order);
$query = ee()->db->get();
// Load the text helper
ee()->load->helper('text');
if ($query->num_rows() > 0) {
foreach ($query->result_array() as $row) {
$categories[] = array($row['group_id'], $row['cat_id'], entities_to_ascii($row['cat_name']), $row['parent_id']);
}
if ($this->nest_categories == 'y') {
foreach ($categories as $key => $val) {
if (0 == $val['3']) {
ee()->api_channel_categories->cat_array[] = array($val['0'], $val['1'], $val['2']);
ee()->api_channel_categories->category_form_subtree($val['1'], $categories, $depth = 1);
}
}
} else {
ee()->api_channel_categories->cat_array = $categories;
}
}
/** -----------------------------
/** Entry Statuses
/** -----------------------------*/
ee()->db->select('group_id, status');
ee()->db->where('site_id', ee()->config->item('site_id'));
ee()->db->order_by('status_order');
$query = ee()->db->get('statuses');
if ($query->num_rows() > 0) {
foreach ($query->result_array() as $row) {
$status_array[] = array($row['group_id'], $row['status']);
}
}
$default_cats[] = array('', lang('filter_by_category'));
$default_cats[] = array('all', lang('all'));
$default_cats[] = array('none', lang('none'));
$dstatuses[] = array('', lang('filter_by_status'));
$dstatuses[] = array('open', lang('open'));
$dstatuses[] = array('closed', lang('closed'));
$channel_info['0']['categories'] = $default_cats;
$channel_info['0']['statuses'] = $dstatuses;
foreach ($channel_array as $key => $val) {
$any = 0;
$cats = $default_cats;
if (count(ee()->api_channel_categories->cat_array) > 0) {
$last_group = 0;
foreach (ee()->api_channel_categories->cat_array as $k => $v) {
if (in_array($v['0'], explode('|', $val['1']))) {
if ($last_group == 0 or $last_group != $v['0']) {
$cats[] = array('', '-------');
$last_group = $v['0'];
}
$cats[] = array($v['1'], $v['2']);
}
}
}
$channel_info[$key]['categories'] = $cats;
$statuses = array();
$statuses[] = array('', lang('filter_by_status'));
if (count($status_array) > 0) {
foreach ($status_array as $k => $v) {
if ($v['0'] == $val['2']) {
$status_name = ($v['1'] == 'closed' or $v['1'] == 'open') ? lang($v['1']) : $v['1'];
$statuses[] = array($v['1'], $status_name);
}
}
} else {
$statuses[] = array($v['1'], lang('open'));
$statuses[] = array($v['1'], lang('closed'));
}
$channel_info[$key]['statuses'] = $statuses;
}
$channel_info = json_encode($channel_info);
$javascript = <<<MAGIC
// The oracle knows everything.
var channel_oracle = {$channel_info};
var spaceString = new RegExp('!-!', "g");
// We prep our magic arrays as soons as we can, basically
// converting everything into option elements
(function() {
\tjQuery.each(channel_oracle, function(key, details) {
\t\t// Go through each of the individual settings and build a proper dom element
\t\tjQuery.each(details, function(group, values) {
\t\t\tvar newval = new Array();
\t\t\t// Add the new option fields
\t\t\tjQuery.each(values, function(a, b) {
\t\t\t\tnewval.push(new Option(b[1].replace(spaceString, String.fromCharCode(160)), b[0]));
\t\t\t});
\t\t\t// Set the new values
\t\t\tchannel_oracle[key][group] = \$(newval);
\t\t});
\t});
})();
// Change the submenus
// Gets passed the channel id
function changemenu(index)
{
\tvar channels = 'null';
\tif (channel_oracle[index] === undefined) {
\t\tindex = 0;
\t}
\tjQuery.each(channel_oracle[index], function(key, val) {
\t\tswitch(key) {
\t\t\tcase 'categories':\t\$('select[name=cat_id]').empty().append(val);
\t\t\t\tbreak;
\t\t\tcase 'statuses':\t\$('select[name=status]').empty().append(val);
\t\t\t\tbreak;
\t\t}
\t});
}
\$('select[name=channel_id]').change(function() {
\tchangemenu(this.value);
});
MAGIC;
ee()->javascript->output($javascript);
}
/**
* Insert New Comment
*
* @access public
* @return string
*/
function insert_new_comment()
{
$default = array('name', 'email', 'url', 'comment', 'location', 'entry_id');
foreach ($default as $val) {
if (!isset($_POST[$val])) {
$_POST[$val] = '';
}
}
// No entry ID? What the heck are they doing?
if (!is_numeric($_POST['entry_id'])) {
return FALSE;
}
/** ----------------------------------------
/** Fetch the comment language pack
/** ----------------------------------------*/
ee()->lang->loadfile('comment');
// No comment- let's end it here
if (trim($_POST['comment']) == '') {
$error = ee()->lang->line('cmt_missing_comment');
return ee()->output->show_user_error('submission', $error);
}
/** ----------------------------------------
/** Is the user banned?
/** ----------------------------------------*/
if (ee()->session->userdata['is_banned'] == TRUE) {
return ee()->output->show_user_error('general', array(ee()->lang->line('not_authorized')));
}
/** ----------------------------------------
/** Is the IP address and User Agent required?
/** ----------------------------------------*/
if (ee()->config->item('require_ip_for_posting') == 'y') {
if (ee()->input->ip_address() == '0.0.0.0' or ee()->session->userdata['user_agent'] == "") {
return ee()->output->show_user_error('general', array(ee()->lang->line('not_authorized')));
}
}
/** ----------------------------------------
/** Is the nation of the user banend?
/** ----------------------------------------*/
ee()->session->nation_ban_check();
/** ----------------------------------------
/** Can the user post comments?
/** ----------------------------------------*/
if (ee()->session->userdata['can_post_comments'] == 'n') {
$error[] = ee()->lang->line('cmt_no_authorized_for_comments');
return ee()->output->show_user_error('general', $error);
}
/** ----------------------------------------
/** Blacklist/Whitelist Check
/** ----------------------------------------*/
if (ee()->blacklist->blacklisted == 'y' && ee()->blacklist->whitelisted == 'n') {
return ee()->output->show_user_error('general', array(ee()->lang->line('not_authorized')));
}
/** ----------------------------------------
/** Is this a preview request?
/** ----------------------------------------*/
if (isset($_POST['preview'])) {
return $this->preview_handler();
}
// -------------------------------------------
// 'insert_comment_start' hook.
// - Allows complete rewrite of comment submission routine.
// - Or could be used to modify the POST data before processing
//
ee()->extensions->call('insert_comment_start');
if (ee()->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
/** ----------------------------------------
/** Fetch channel preferences
/** ----------------------------------------*/
// Bummer, saw the hook after converting the query
/*
ee()->db->select('channel_titles.title, channel_titles.url_title, channel_titles.channel_id, channel_titles.author_id,
channel_titles.comment_total, channel_titles.allow_comments, channel_titles.entry_date, channel_titles.comment_expiration_date,
channels.channel_title, channels.comment_system_enabled, channels.comment_max_chars, channels.comment_use_captcha,
channels.comment_timelock, channels.comment_require_membership, channels.comment_moderate, channels.comment_require_email,
channels.comment_notify, channels.comment_notify_authors, channels.comment_notify_emails, channels.comment_expiration'
);
ee()->db->from(array('channel_titles', 'channels'));
ee()->db->where('channel_titles.channel_id = channels.channel_id');
ee()->db->where('channel_titles.entry_id', $_POST['entry_id']);
ee()->db->where('channel_titles.status', 'closed');
*/
$sql = "SELECT exp_channel_titles.title,\n\t\t\t\texp_channel_titles.url_title,\n\t\t\t\texp_channel_titles.entry_id,\n\t\t\t\texp_channel_titles.channel_id,\n\t\t\t\texp_channel_titles.author_id,\n\t\t\t\texp_channel_titles.allow_comments,\n\t\t\t\texp_channel_titles.entry_date,\n\t\t\t\texp_channel_titles.comment_expiration_date,\n\t\t\t\texp_channels.channel_title,\n\t\t\t\texp_channels.comment_system_enabled,\n\t\t\t\texp_channels.comment_max_chars,\n\t\t\t\texp_channels.comment_use_captcha,\n\t\t\t\texp_channels.comment_timelock,\n\t\t\t\texp_channels.comment_require_membership,\n\t\t\t\texp_channels.comment_moderate,\n\t\t\t\texp_channels.comment_require_email,\n\t\t\t\texp_channels.comment_notify,\n\t\t\t\texp_channels.comment_notify_authors,\n\t\t\t\texp_channels.comment_notify_emails,\n\t\t\t\texp_channels.comment_expiration,\n\t\t\t\texp_channels.channel_url,\n\t\t\t\texp_channels.comment_url,\n\t\t\t\texp_channels.site_id\n\t\t\tFROM\texp_channel_titles, exp_channels\n\t\t\tWHERE\texp_channel_titles.channel_id = exp_channels.channel_id\n\t\t\tAND\texp_channel_titles.entry_id = '" . ee()->db->escape_str($_POST['entry_id']) . "'";
// Added entry_status param, so it is possible to post to closed title
//AND exp_channel_titles.status != 'closed' ";
// -------------------------------------------
// 'insert_comment_preferences_sql' hook.
// - Rewrite or add to the comment preference sql query
// - Could be handy for comment/channel restrictions
//
if (ee()->extensions->active_hook('insert_comment_preferences_sql') === TRUE) {
$sql = ee()->extensions->call('insert_comment_preferences_sql', $sql);
if (ee()->extensions->end_script === TRUE) {
return;
}
}
//
// -------------------------------------------
$query = ee()->db->query($sql);
unset($sql);
if ($query->num_rows() == 0) {
return FALSE;
}
/** ----------------------------------------
/** Are comments allowed?
/** ----------------------------------------*/
if ($query->row('allow_comments') == 'n' or $query->row('comment_system_enabled') == 'n') {
return ee()->output->show_user_error('submission', ee()->lang->line('cmt_comments_not_allowed'));
}
/** ----------------------------------------
/** Has commenting expired?
/** ----------------------------------------*/
$force_moderation = $query->row('comment_moderate');
if ($this->comment_expiration_mode == 0) {
if ($query->row('comment_expiration_date') > 0) {
if (ee()->localize->now > $query->row('comment_expiration_date')) {
if (ee()->config->item('comment_moderation_override') == 'y') {
$force_moderation = 'y';
} else {
return ee()->output->show_user_error('submission', ee()->lang->line('cmt_commenting_has_expired'));
}
}
}
} else {
if ($query->row('comment_expiration') > 0) {
$days = $query->row('entry_date') + $query->row('comment_expiration') * 86400;
if (ee()->localize->now > $days) {
if (ee()->config->item('comment_moderation_override') == 'y') {
$force_moderation = 'y';
} else {
return ee()->output->show_user_error('submission', ee()->lang->line('cmt_commenting_has_expired'));
}
}
}
}
/** ----------------------------------------
/** Is there a comment timelock?
/** ----------------------------------------*/
if ($query->row('comment_timelock') != '' and $query->row('comment_timelock') > 0) {
if (ee()->session->userdata['group_id'] != 1) {
$time = ee()->localize->now - $query->row('comment_timelock');
ee()->db->where('comment_date >', $time);
ee()->db->where('ip_address', ee()->input->ip_address());
$result = ee()->db->count_all_results('comments');
if ($result > 0) {
return ee()->output->show_user_error('submission', str_replace("%s", $query->row('comment_timelock'), ee()->lang->line('cmt_comments_timelock')));
}
}
}
/** ----------------------------------------
/** Do we allow duplicate data?
/** ----------------------------------------*/
if (ee()->config->item('deny_duplicate_data') == 'y') {
if (ee()->session->userdata['group_id'] != 1) {
ee()->db->where('comment', $_POST['comment']);
$result = ee()->db->count_all_results('comments');
if ($result > 0) {
return ee()->output->show_user_error('submission', ee()->lang->line('cmt_duplicate_comment_warning'));
}
}
}
/** ----------------------------------------
/** Assign data
/** ----------------------------------------*/
$author_id = $query->row('author_id');
$entry_title = $query->row('title');
$url_title = $query->row('url_title');
$channel_title = $query->row('channel_title');
$channel_id = $query->row('channel_id');
$require_membership = $query->row('comment_require_membership');
$comment_moderate = (ee()->session->userdata['group_id'] == 1 or ee()->session->userdata['exclude_from_moderation'] == 'y') ? 'n' : $force_moderation;
$author_notify = $query->row('comment_notify_authors');
$comment_url = $query->row('comment_url');
$channel_url = $query->row('channel_url');
$entry_id = $query->row('entry_id');
$comment_site_id = $query->row('site_id');
$notify_address = ($query->row('comment_notify') == 'y' and $query->row('comment_notify_emails') != '') ? $query->row('comment_notify_emails') : '';
/** ----------------------------------------
/** Start error trapping
/** ----------------------------------------*/
$error = array();
if (ee()->session->userdata('member_id') != 0) {
// If the user is logged in we'll reassign the POST variables with the user data
$_POST['name'] = ee()->session->userdata['screen_name'] != '' ? ee()->session->userdata['screen_name'] : ee()->session->userdata['username'];
$_POST['email'] = ee()->session->userdata['email'];
$_POST['url'] = is_null(ee()->session->userdata['url']) ? '' : ee()->session->userdata['url'];
$_POST['location'] = is_null(ee()->session->userdata['location']) ? '' : ee()->session->userdata['location'];
}
/** ----------------------------------------
/** Is membership is required to post...
/** ----------------------------------------*/
if ($require_membership == 'y') {
// Not logged in
if (ee()->session->userdata('member_id') == 0) {
return ee()->output->show_user_error('submission', ee()->lang->line('cmt_must_be_member'));
}
// Membership is pending
if (ee()->session->userdata['group_id'] == 4) {
return ee()->output->show_user_error('general', ee()->lang->line('cmt_account_not_active'));
}
} else {
/** ----------------------------------------
/** Missing name?
/** ----------------------------------------*/
if (trim($_POST['name']) == '') {
$error[] = ee()->lang->line('cmt_missing_name');
}
/** -------------------------------------
/** Is name banned?
/** -------------------------------------*/
if (ee()->session->ban_check('screen_name', $_POST['name'])) {
$error[] = ee()->lang->line('cmt_name_not_allowed');
}
// Let's make sure they aren't putting in funky html to bork our screens
$_POST['name'] = str_replace(array('<', '>'), array('<', '>'), $_POST['name']);
/** ----------------------------------------
/** Missing or invalid email address
/** ----------------------------------------*/
if ($query->row('comment_require_email') == 'y') {
ee()->load->helper('email');
if ($_POST['email'] == '') {
$error[] = ee()->lang->line('cmt_missing_email');
} elseif (!valid_email($_POST['email'])) {
$error[] = ee()->lang->line('cmt_invalid_email');
}
}
}
/** -------------------------------------
/** Is email banned?
/** -------------------------------------*/
if ($_POST['email'] != '') {
if (ee()->session->ban_check('email', $_POST['email'])) {
$error[] = ee()->lang->line('cmt_banned_email');
}
}
/** ----------------------------------------
/** Is comment too big?
/** ----------------------------------------*/
if ($query->row('comment_max_chars') != '' and $query->row('comment_max_chars') != 0) {
if (strlen($_POST['comment']) > $query->row('comment_max_chars')) {
$str = str_replace("%n", strlen($_POST['comment']), ee()->lang->line('cmt_too_large'));
$str = str_replace("%x", $query->row('comment_max_chars'), $str);
$error[] = $str;
}
}
/** ----------------------------------------
/** Do we have errors to display?
/** ----------------------------------------*/
if (count($error) > 0) {
return ee()->output->show_user_error('submission', $error);
}
/** ----------------------------------------
/** Do we require CAPTCHA?
/** ----------------------------------------*/
if ($query->row('comment_use_captcha') == 'y') {
if (ee()->config->item('captcha_require_members') == 'y' or ee()->config->item('captcha_require_members') == 'n' and ee()->session->userdata('member_id') == 0) {
if (!isset($_POST['captcha']) or $_POST['captcha'] == '') {
return ee()->output->show_user_error('submission', ee()->lang->line('captcha_required'));
} else {
ee()->db->where('word', $_POST['captcha']);
ee()->db->where('ip_address', ee()->input->ip_address());
ee()->db->where('date > UNIX_TIMESTAMP()-7200', NULL, FALSE);
$result = ee()->db->count_all_results('captcha');
if ($result == 0) {
return ee()->output->show_user_error('submission', ee()->lang->line('captcha_incorrect'));
}
// @TODO: AR
ee()->db->query("DELETE FROM exp_captcha WHERE (word='" . ee()->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . ee()->input->ip_address() . "') OR date < UNIX_TIMESTAMP()-7200");
}
}
}
/** ----------------------------------------
/** Build the data array
/** ----------------------------------------*/
ee()->load->helper('url');
$notify = ee()->input->post('notify_me') ? 'y' : 'n';
$cmtr_name = ee()->input->post('name', TRUE);
$cmtr_email = ee()->input->post('email');
$cmtr_loc = ee()->input->post('location', TRUE);
$cmtr_url = ee()->input->post('url', TRUE);
$cmtr_url = prep_url($cmtr_url);
$data = array('channel_id' => $channel_id, 'entry_id' => $_POST['entry_id'], 'author_id' => ee()->session->userdata('member_id'), 'name' => $cmtr_name, 'email' => $cmtr_email, 'url' => $cmtr_url, 'location' => $cmtr_loc, 'comment' => ee()->security->xss_clean($_POST['comment']), 'comment_date' => ee()->localize->now, 'ip_address' => ee()->input->ip_address(), 'status' => $comment_moderate == 'y' ? 'p' : 'o', 'site_id' => $comment_site_id);
// -------------------------------------------
// 'insert_comment_insert_array' hook.
// - Modify any of the soon to be inserted values
//
if (ee()->extensions->active_hook('insert_comment_insert_array') === TRUE) {
$data = ee()->extensions->call('insert_comment_insert_array', $data);
if (ee()->extensions->end_script === TRUE) {
return;
}
}
//
// -------------------------------------------
$return_link = !stristr($_POST['RET'], 'http://') && !stristr($_POST['RET'], 'https://') ? ee()->functions->create_url($_POST['RET']) : $_POST['RET'];
// Secure Forms check
if (ee()->security->secure_forms_check(ee()->input->post('XID')) == FALSE) {
ee()->functions->redirect(stripslashes($return_link));
}
// Insert data
$sql = ee()->db->insert_string('exp_comments', $data);
ee()->db->query($sql);
$comment_id = ee()->db->insert_id();
if ($notify == 'y') {
ee()->load->library('subscription');
ee()->subscription->init('comment', array('entry_id' => $entry_id), TRUE);
if ($cmtr_id = ee()->session->userdata('member_id')) {
ee()->subscription->subscribe($cmtr_id);
} else {
ee()->subscription->subscribe($cmtr_email);
}
}
if ($comment_moderate == 'n') {
/** ------------------------------------------------
/** Update comment total and "recent comment" date
/** ------------------------------------------------*/
ee()->db->set('recent_comment_date', ee()->localize->now);
ee()->db->where('entry_id', $_POST['entry_id']);
ee()->db->update('channel_titles');
/** ----------------------------------------
/** Update member comment total and date
/** ----------------------------------------*/
if (ee()->session->userdata('member_id') != 0) {
ee()->db->select('total_comments');
ee()->db->where('member_id', ee()->session->userdata('member_id'));
$query = ee()->db->get('members');
ee()->db->set('total_comments', $query->row('total_comments') + 1);
ee()->db->set('last_comment_date', ee()->localize->now);
ee()->db->where('member_id', ee()->session->userdata('member_id'));
ee()->db->update('members');
}
/** ----------------------------------------
/** Update comment stats
/** ----------------------------------------*/
ee()->stats->update_comment_stats($channel_id, ee()->localize->now);
/** ----------------------------------------
/** Fetch email notification addresses
/** ----------------------------------------*/
ee()->load->library('subscription');
ee()->subscription->init('comment', array('entry_id' => $entry_id), TRUE);
// Remove the current user
$ignore = ee()->session->userdata('member_id') != 0 ? ee()->session->userdata('member_id') : ee()->input->post('email');
// Grab them all
$subscriptions = ee()->subscription->get_subscriptions($ignore);
ee()->load->model('comment_model');
ee()->comment_model->recount_entry_comments(array($entry_id));
$recipients = ee()->comment_model->fetch_email_recipients($_POST['entry_id'], $subscriptions);
}
/** ----------------------------------------
/** Fetch Author Notification
/** ----------------------------------------*/
if ($author_notify == 'y') {
ee()->db->select('email');
ee()->db->where('member_id', $author_id);
$result = ee()->db->get('members');
$notify_address .= ',' . $result->row('email');
}
/** ----------------------------------------
/** Instantiate Typography class
/** ----------------------------------------*/
ee()->load->library('typography');
ee()->typography->initialize(array('parse_images' => FALSE, 'allow_headings' => FALSE, 'smileys' => FALSE, 'word_censor' => ee()->config->item('comment_word_censoring') == 'y' ? TRUE : FALSE));
$comment = ee()->security->xss_clean($_POST['comment']);
$comment = ee()->typography->parse_type($comment, array('text_format' => 'none', 'html_format' => 'none', 'auto_links' => 'n', 'allow_img_url' => 'n'));
$path = $comment_url == '' ? $channel_url : $comment_url;
$comment_url_title_auto_path = reduce_double_slashes($path . '/' . $url_title);
/** ----------------------------
/** Send admin notification
/** ----------------------------*/
if ($notify_address != '') {
$cp_url = ee()->config->item('cp_url') . '?S=0&D=cp&C=addons_modules&M=show_module_cp&module=comment';
$swap = array('name' => $cmtr_name, 'name_of_commenter' => $cmtr_name, 'email' => $cmtr_email, 'url' => $cmtr_url, 'location' => $cmtr_loc, 'channel_name' => $channel_title, 'entry_title' => $entry_title, 'comment_id' => $comment_id, 'comment' => $comment, 'comment_url' => reduce_double_slashes(ee()->input->remove_session_id(ee()->functions->fetch_site_index() . '/' . $_POST['URI'])), 'delete_link' => $cp_url . '&method=delete_comment_confirm&comment_id=' . $comment_id, 'approve_link' => $cp_url . '&method=change_comment_status&comment_id=' . $comment_id . '&status=o', 'close_link' => $cp_url . '&method=change_comment_status&comment_id=' . $comment_id . '&status=c', 'channel_id' => $channel_id, 'entry_id' => $entry_id, 'url_title' => $url_title, 'comment_url_title_auto_path' => $comment_url_title_auto_path);
$template = ee()->functions->fetch_email_template('admin_notify_comment');
$email_tit = ee()->functions->var_swap($template['title'], $swap);
$email_msg = ee()->functions->var_swap($template['data'], $swap);
// We don't want to send an admin notification if the person
// leaving the comment is an admin in the notification list
// For added security, we only trust the post email if the
// commenter is logged in.
if (ee()->session->userdata('member_id') != 0 && $_POST['email'] != '') {
if (strpos($notify_address, $_POST['email']) !== FALSE) {
$notify_address = str_replace($_POST['email'], '', $notify_address);
}
}
// Remove multiple commas
$notify_address = reduce_multiples($notify_address, ',', TRUE);
if ($notify_address != '') {
/** ----------------------------
/** Send email
/** ----------------------------*/
ee()->load->library('email');
$replyto = $data['email'] == '' ? ee()->config->item('webmaster_email') : $data['email'];
$sent = array();
// Load the text helper
ee()->load->helper('text');
foreach (explode(',', $notify_address) as $addy) {
if (in_array($addy, $sent)) {
continue;
}
ee()->email->EE_initialize();
ee()->email->wordwrap = false;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($addy);
ee()->email->reply_to($replyto);
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->send();
$sent[] = $addy;
}
}
}
/** ----------------------------------------
/** Send user notifications
/** ----------------------------------------*/
if ($comment_moderate == 'n') {
$email_msg = '';
if (count($recipients) > 0) {
$action_id = ee()->functions->fetch_action_id('Comment_mcp', 'delete_comment_notification');
$swap = array('name_of_commenter' => $cmtr_name, 'channel_name' => $channel_title, 'entry_title' => $entry_title, 'site_name' => stripslashes(ee()->config->item('site_name')), 'site_url' => ee()->config->item('site_url'), 'comment_url' => reduce_double_slashes(ee()->input->remove_session_id(ee()->functions->fetch_site_index() . '/' . $_POST['URI'])), 'comment_id' => $comment_id, 'comment' => $comment, 'channel_id' => $channel_id, 'entry_id' => $entry_id, 'url_title' => $url_title, 'comment_url_title_auto_path' => $comment_url_title_auto_path);
$template = ee()->functions->fetch_email_template('comment_notification');
$email_tit = ee()->functions->var_swap($template['title'], $swap);
$email_msg = ee()->functions->var_swap($template['data'], $swap);
/** ----------------------------
/** Send email
/** ----------------------------*/
ee()->load->library('email');
ee()->email->wordwrap = true;
$cur_email = $_POST['email'] == '' ? FALSE : $_POST['email'];
if (!isset($sent)) {
$sent = array();
}
// Load the text helper
ee()->load->helper('text');
foreach ($recipients as $val) {
// We don't notify the person currently commenting. That would be silly.
if (!in_array($val['0'], $sent)) {
$title = $email_tit;
$message = $email_msg;
$sub = $subscriptions[$val['1']];
$sub_qs = 'id=' . $sub['subscription_id'] . '&hash=' . $sub['hash'];
// Deprecate the {name} variable at some point
$title = str_replace('{name}', $val['2'], $title);
$message = str_replace('{name}', $val['2'], $message);
$title = str_replace('{name_of_recipient}', $val['2'], $title);
$message = str_replace('{name_of_recipient}', $val['2'], $message);
$title = str_replace('{notification_removal_url}', ee()->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&' . $sub_qs, $title);
$message = str_replace('{notification_removal_url}', ee()->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&' . $sub_qs, $message);
ee()->email->EE_initialize();
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($val['0']);
ee()->email->subject($title);
ee()->email->message(entities_to_ascii($message));
ee()->email->send();
$sent[] = $val['0'];
}
}
}
/** ----------------------------------------
/** Clear cache files
/** ----------------------------------------*/
ee()->functions->clear_caching('all', ee()->functions->fetch_site_index() . $_POST['URI']);
// clear out the entry_id version if the url_title is in the URI, and vice versa
if (preg_match("#\\/" . preg_quote($url_title) . "\\/#", $_POST['URI'], $matches)) {
ee()->functions->clear_caching('all', ee()->functions->fetch_site_index() . preg_replace("#" . preg_quote($matches['0']) . "#", "/{$data['entry_id']}/", $_POST['URI']));
} else {
ee()->functions->clear_caching('all', ee()->functions->fetch_site_index() . preg_replace("#{$data['entry_id']}#", $url_title, $_POST['URI']));
}
}
/** ----------------------------------------
/** Set cookies
/** ----------------------------------------*/
if ($notify == 'y') {
ee()->functions->set_cookie('notify_me', 'yes', 60 * 60 * 24 * 365);
} else {
ee()->functions->set_cookie('notify_me', 'no', 60 * 60 * 24 * 365);
}
if (ee()->input->post('save_info')) {
ee()->functions->set_cookie('save_info', 'yes', 60 * 60 * 24 * 365);
ee()->functions->set_cookie('my_name', $_POST['name'], 60 * 60 * 24 * 365);
ee()->functions->set_cookie('my_email', $_POST['email'], 60 * 60 * 24 * 365);
ee()->functions->set_cookie('my_url', $_POST['url'], 60 * 60 * 24 * 365);
ee()->functions->set_cookie('my_location', $_POST['location'], 60 * 60 * 24 * 365);
} else {
ee()->functions->set_cookie('save_info', 'no', 60 * 60 * 24 * 365);
ee()->functions->set_cookie('my_name', '');
ee()->functions->set_cookie('my_email', '');
ee()->functions->set_cookie('my_url', '');
ee()->functions->set_cookie('my_location', '');
}
// -------------------------------------------
// 'insert_comment_end' hook.
// - More emails, more processing, different redirect
// - $comment_id added in 1.6.1
//
ee()->extensions->call('insert_comment_end', $data, $comment_moderate, $comment_id);
if (ee()->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
/** -------------------------------------------
/** Bounce user back to the comment page
/** -------------------------------------------*/
if ($comment_moderate == 'y') {
$data = array('title' => ee()->lang->line('cmt_comment_accepted'), 'heading' => ee()->lang->line('thank_you'), 'content' => ee()->lang->line('cmt_will_be_reviewed'), 'redirect' => $return_link, 'link' => array($return_link, ee()->lang->line('cmt_return_to_comments')), 'rate' => 3);
ee()->output->show_message($data);
} else {
ee()->functions->redirect($return_link);
}
}
