function shouldEnterFirstMessage()
{
global $captcha;
$chatimmediatly = verify_param('chatimmediately', "/^\\d{1}\$/", '') == 1;
if ($chatimmediatly) {
return false;
}
if (!isset($_REQUEST['submitted'])) {
displayStartChat();
return true;
} else {
$TML = new SmartyClass();
setupStartChat($TML);
$_SESSION['webim_uname'] = $visitor_name = getSecureText($_REQUEST['visitorname']);
$_SESSION['webim_email'] = $email = getSecureText($_REQUEST['email']);
$_SESSION['webim_phone'] = $phone = getSecureText($_REQUEST['phone']);
$message = getSecureText($_REQUEST['message']);
$captcha_num = getSecureText($_REQUEST['captcha']);
$has_errors = false;
if (!$captcha->checkNumber($captcha_num)) {
$TML->assign('errorcaptcha', true);
$has_errors = true;
} elseif (empty($visitor_name) && Visitor::getInstance()->canVisitorChangeName()) {
$TML->assign('errorname', true);
$has_errors = true;
} elseif (!is_valid_name($visitor_name) && Visitor::getInstance()->canVisitorChangeName()) {
$TML->assign('errornameformat', true);
$has_errors = true;
} elseif (empty($message)) {
$TML->assign('errormessage', true);
$has_errors = true;
} else {
if (!is_valid_email($email) && !intval($_SESSION['uid'])) {
$TML->assign('erroremailformat', true);
$has_errors = true;
}
}
$captcha->setNumber();
if ($has_errors) {
$TML->assign('visitorname', $visitor_name);
$TML->assign('email', $email);
$TML->assign('phone', $phone);
$TML->assign('captcha_num', '');
$TML->display('start-chat.tpl');
return true;
}
return false;
}
}
function filecheck($path = '', $file = '', $namecheck = '', $extra = '') {
if (!is_valid_name($namecheck)) {
redirect_header("javascript:history.go(-1)",1, "<font color='#CC0000'>Invalid File name</font>");
}
}
function process_email_form()
{
global $wpdb, $post, $text_direction;
// If User Click On Mail
if (isset($_POST['action']) && $_POST['action'] == 'email') {
// Verify Referer
if (!check_ajax_referer('wp-email-nonce', 'wp-email_nonce', false)) {
_e('Failed To Verify Referrer', 'wp-email');
exit;
}
@session_start();
email_textdomain();
header('Content-Type: text/html; charset=' . get_option('blog_charset') . '');
// POST Variables
$yourname = !empty($_POST['yourname']) ? strip_tags(stripslashes(trim($_POST['yourname']))) : '';
$youremail = !empty($_POST['youremail']) ? strip_tags(stripslashes(trim($_POST['youremail']))) : '';
$yourremarks = !empty($_POST['yourremarks']) ? strip_tags(stripslashes(trim($_POST['yourremarks']))) : '';
$friendname = !empty($_POST['friendname']) ? strip_tags(stripslashes(trim($_POST['friendname']))) : '';
$friendemail = !empty($_POST['friendemail']) ? strip_tags(stripslashes(trim($_POST['friendemail']))) : '';
$imageverify = !empty($_POST['imageverify']) ? $_POST['imageverify'] : '';
$p = !empty($_POST['p']) ? intval($_POST['p']) : 0;
$page_id = !empty($_POST['page_id']) ? intval($_POST['page_id']) : 0;
// Get Post Information
if ($p > 0) {
$post_type = get_post_type($p);
$query_post = 'p=' . $p . '&post_type=' . $post_type;
$id = $p;
} else {
$query_post = 'page_id=' . $page_id;
$id = $page_id;
}
query_posts($query_post);
if (have_posts()) {
while (have_posts()) {
the_post();
$post_title = email_get_title();
$post_author = get_the_author();
$post_date = get_the_time(get_option('date_format') . ' (' . get_option('time_format') . ')', '', '', false);
$post_category = email_category(__(',', 'wp-email') . ' ');
$post_category_alt = strip_tags($post_category);
$post_excerpt = get_the_excerpt();
$post_content = email_content();
$post_content_alt = email_content_alt();
}
}
// Error
$error = '';
$error_field = array('yourname' => $yourname, 'youremail' => $youremail, 'yourremarks' => $yourremarks, 'friendname' => $friendname, 'friendemail' => $friendemail, 'id' => $id);
// Get Options
$email_fields = get_option('email_fields');
$email_image_verify = intval(get_option('email_imageverify'));
$email_smtp = get_option('email_smtp');
// Multiple Names/Emails
$friends = array();
$friendname_count = 0;
$friendemail_count = 0;
$multiple_names = explode(',', $friendname);
$multiple_emails = explode(',', $friendemail);
$multiple_max = intval(get_option('email_multiple'));
if ($multiple_max == 0) {
$multiple_max = 1;
}
// Checking Your Name Field For Errors
if (intval($email_fields['yourname']) == 1) {
if (empty($yourname)) {
$error .= '<br /><strong>»</strong> ' . __('Your Name is empty', 'wp-email');
}
if (!is_valid_name($yourname)) {
$error .= '<br /><strong>»</strong> ' . __('Your Name is invalid', 'wp-email');
}
}
// Checking Your E-Mail Field For Errors
if (intval($email_fields['youremail']) == 1) {
if (empty($youremail)) {
$error .= '<br /><strong>»</strong> ' . __('Your Email is empty', 'wp-email');
}
if (!is_valid_email($youremail)) {
$error .= '<br /><strong>»</strong> ' . __('Your Email is invalid', 'wp-email');
}
}
// Checking Your Remarks Field For Errors
if (intval($email_fields['yourremarks']) == 1) {
if (!is_valid_remarks($yourremarks)) {
$error .= '<br /><strong>»</strong> ' . __('Your Remarks is invalid', 'wp-email');
}
}
// Checking Friend's Name Field For Errors
if (intval($email_fields['friendname']) == 1) {
if (empty($friendname)) {
$error .= '<br /><strong>»</strong> ' . __('Friend Name(s) is empty', 'wp-email');
} else {
if ($multiple_names) {
foreach ($multiple_names as $multiple_name) {
$multiple_name = trim($multiple_name);
if (empty($multiple_name)) {
$error .= '<br /><strong>»</strong> ' . sprintf(__('Friend Name is empty: %s', 'wp-email'), $multiple_name);
} elseif (!is_valid_name($multiple_name)) {
$error .= '<br /><strong>»</strong> ' . sprintf(__('Friend Name is invalid: %s', 'wp-email'), $multiple_name);
} else {
$friends[$friendname_count]['name'] = $multiple_name;
$friendname_count++;
}
if ($friendname_count > $multiple_max) {
break;
}
}
}
}
}
// Checking Friend's E-Mail Field For Errors
if (empty($friendemail)) {
$error .= '<br /><strong>»</strong> ' . __('Friend Email(s) is empty', 'wp-email');
} else {
if ($multiple_emails) {
foreach ($multiple_emails as $multiple_email) {
$multiple_email = trim($multiple_email);
if (empty($multiple_email)) {
$error .= '<br /><strong>»</strong> ' . sprintf(__('Friend Email is empty: %s', 'wp-email'), $multiple_email);
} elseif (!is_valid_email($multiple_email)) {
$error .= '<br /><strong>»</strong> ' . sprintf(__('Friend Email is invalid: %s', 'wp-email'), $multiple_email);
} else {
$friends[$friendemail_count]['email'] = $multiple_email;
$friendemail_count++;
}
if ($friendemail_count > $multiple_max) {
break;
}
}
}
}
// Checking If The Fields Exceed The Size Of Maximum Entries Allowed
if (sizeof($friends) > $multiple_max) {
$error .= '<br /><strong>»</strong> ' . sprintf(_n('Maximum %s Friend allowed', 'Maximum %s Friend(s) allowed', $multiple_max, 'wp-email'), number_format_i18n($multiple_max));
}
if (intval($email_fields['friendname']) == 1) {
if ($friendname_count != $friendemail_count) {
$error .= '<br /><strong>»</strong> ' . __('Friend Name(s) count does not tally with Friend Email(s) count', 'wp-email');
}
}
// Check Whether We Enable Image Verification
if ($email_image_verify) {
$imageverify = strtoupper($imageverify);
if (empty($imageverify)) {
$error .= '<br /><strong>»</strong> ' . __('Image Verification is empty', 'wp-email');
} else {
if ($_SESSION['email_verify'] != md5($imageverify)) {
$error .= '<br /><strong>»</strong> ' . __('Image Verification failed', 'wp-email');
}
}
}
// If There Is No Error, We Process The E-Mail
if (empty($error) && not_spamming()) {
// If Remarks Is Empty, Assign N/A
if (empty($yourremarks)) {
$yourremarks = __('N/A', 'wp-email');
}
// Template For E-Mail Subject
$template_email_subject = stripslashes(get_option('email_template_subject'));
$template_email_subject = str_replace("%EMAIL_YOUR_NAME%", $yourname, $template_email_subject);
$template_email_subject = str_replace("%EMAIL_YOUR_EMAIL%", $youremail, $template_email_subject);
$template_email_subject = str_replace("%EMAIL_POST_TITLE%", $post_title, $template_email_subject);
$template_email_subject = str_replace("%EMAIL_POST_AUTHOR%", $post_author, $template_email_subject);
$template_email_subject = str_replace("%EMAIL_POST_DATE%", $post_date, $template_email_subject);
$template_email_subject = str_replace("%EMAIL_POST_CATEGORY%", $post_category_alt, $template_email_subject);
$template_email_subject = str_replace("%EMAIL_BLOG_NAME%", get_bloginfo('name'), $template_email_subject);
$template_email_subject = str_replace("%EMAIL_BLOG_URL%", get_bloginfo('url'), $template_email_subject);
$template_email_subject = str_replace("%EMAIL_PERMALINK%", get_permalink(), $template_email_subject);
// Template For E-Mail Body
$template_email_body = stripslashes(get_option('email_template_body'));
$template_email_body = str_replace("%EMAIL_YOUR_NAME%", $yourname, $template_email_body);
$template_email_body = str_replace("%EMAIL_YOUR_EMAIL%", $youremail, $template_email_body);
$template_email_body = str_replace("%EMAIL_YOUR_REMARKS%", $yourremarks, $template_email_body);
$template_email_body = str_replace("%EMAIL_FRIEND_NAME%", $friendname, $template_email_body);
$template_email_body = str_replace("%EMAIL_FRIEND_EMAIL%", $friendemail, $template_email_body);
$template_email_body = str_replace("%EMAIL_POST_TITLE%", $post_title, $template_email_body);
$template_email_body = str_replace("%EMAIL_POST_AUTHOR%", $post_author, $template_email_body);
$template_email_body = str_replace("%EMAIL_POST_DATE%", $post_date, $template_email_body);
$template_email_body = str_replace("%EMAIL_POST_CATEGORY%", $post_category, $template_email_body);
$template_email_body = str_replace("%EMAIL_POST_EXCERPT%", $post_excerpt, $template_email_body);
$template_email_body = str_replace("%EMAIL_POST_CONTENT%", $post_content, $template_email_body);
$template_email_body = str_replace("%EMAIL_BLOG_NAME%", get_bloginfo('name'), $template_email_body);
$template_email_body = str_replace("%EMAIL_BLOG_URL%", get_bloginfo('url'), $template_email_body);
$template_email_body = str_replace("%EMAIL_PERMALINK%", get_permalink(), $template_email_body);
if ('rtl' == $text_direction) {
$template_email_body = "<div style=\"direction: rtl;\">{$template_email_body}</div>";
}
// Template For E-Mail Alternate Body
$template_email_bodyalt = stripslashes(get_option('email_template_bodyalt'));
$template_email_bodyalt = str_replace("%EMAIL_YOUR_NAME%", $yourname, $template_email_bodyalt);
$template_email_bodyalt = str_replace("%EMAIL_YOUR_EMAIL%", $youremail, $template_email_bodyalt);
$template_email_bodyalt = str_replace("%EMAIL_YOUR_REMARKS%", $yourremarks, $template_email_bodyalt);
$template_email_bodyalt = str_replace("%EMAIL_FRIEND_NAME%", $friendname, $template_email_bodyalt);
$template_email_bodyalt = str_replace("%EMAIL_FRIEND_EMAIL%", $friendemail, $template_email_bodyalt);
$template_email_bodyalt = str_replace("%EMAIL_POST_TITLE%", $post_title, $template_email_bodyalt);
$template_email_bodyalt = str_replace("%EMAIL_POST_AUTHOR%", $post_author, $template_email_bodyalt);
$template_email_bodyalt = str_replace("%EMAIL_POST_DATE%", $post_date, $template_email_bodyalt);
$template_email_bodyalt = str_replace("%EMAIL_POST_CATEGORY%", $post_category_alt, $template_email_bodyalt);
$template_email_bodyalt = str_replace("%EMAIL_POST_EXCERPT%", $post_excerpt, $template_email_bodyalt);
$template_email_bodyalt = str_replace("%EMAIL_POST_CONTENT%", $post_content_alt, $template_email_bodyalt);
$template_email_bodyalt = str_replace("%EMAIL_BLOG_NAME%", get_bloginfo('name'), $template_email_bodyalt);
$template_email_bodyalt = str_replace("%EMAIL_BLOG_URL%", get_bloginfo('url'), $template_email_bodyalt);
$template_email_bodyalt = str_replace("%EMAIL_PERMALINK%", get_permalink(), $template_email_bodyalt);
// PHP Mailer Variables
if (!class_exists("phpmailer")) {
require_once ABSPATH . WPINC . '/class-phpmailer.php';
}
$mail = new PHPMailer();
$mail->From = $youremail;
$mail->FromName = $yourname;
foreach ($friends as $friend) {
$mail->AddAddress($friend['email'], $friend['name']);
}
$mail->CharSet = get_bloginfo('charset');
$mail->Username = $email_smtp['username'];
$mail->Password = $email_smtp['password'];
$mail->Host = $email_smtp['server'];
$mail->Mailer = get_option('email_mailer');
if ($mail->Mailer == 'smtp') {
$mail->SMTPAuth = true;
}
$mail->ContentType = get_option('email_contenttype');
$mail->Subject = $template_email_subject;
if (get_option('email_contenttype') == 'text/plain') {
$mail->Body = $template_email_bodyalt;
} else {
$mail->Body = $template_email_body;
$mail->AltBody = $template_email_bodyalt;
}
// Send The Mail if($mail->Send()) {
if ($mail->Send()) {
$email_status = __('Success', 'wp-email');
// Template For Sent Successfully
$template_email_sentsuccess = stripslashes(get_option('email_template_sentsuccess'));
$template_email_sentsuccess = str_replace("%EMAIL_FRIEND_NAME%", $friendname, $template_email_sentsuccess);
$template_email_sentsuccess = str_replace("%EMAIL_FRIEND_EMAIL%", $friendemail, $template_email_sentsuccess);
$template_email_sentsuccess = str_replace("%EMAIL_POST_TITLE%", $post_title, $template_email_sentsuccess);
$template_email_sentsuccess = str_replace("%EMAIL_BLOG_NAME%", get_bloginfo('name'), $template_email_sentsuccess);
$template_email_sentsuccess = str_replace("%EMAIL_BLOG_URL%", get_bloginfo('url'), $template_email_sentsuccess);
$template_email_sentsuccess = str_replace("%EMAIL_PERMALINK%", get_permalink(), $template_email_sentsuccess);
// If There Is Error Sending
} else {
if ($yourremarks == __('N/A', 'wp-email')) {
$yourremarks = '';
}
$email_status = __('Failed', 'wp-email');
// Template For Sent Failed
$template_email_sentfailed = stripslashes(get_option('email_template_sentfailed'));
$template_email_sentfailed = str_replace("%EMAIL_FRIEND_NAME%", $friendname, $template_email_sentfailed);
$template_email_sentfailed = str_replace("%EMAIL_FRIEND_EMAIL%", $friendemail, $template_email_sentfailed);
$template_email_sentfailed = str_replace("%EMAIL_ERROR_MSG%", $mail->ErrorInfo, $template_email_sentfailed);
$template_email_sentfailed = str_replace("%EMAIL_POST_TITLE%", $post_title, $template_email_sentfailed);
$template_email_sentfailed = str_replace("%EMAIL_BLOG_NAME%", get_bloginfo('name'), $template_email_sentfailed);
$template_email_sentfailed = str_replace("%EMAIL_BLOG_URL%", get_bloginfo('url'), $template_email_sentfailed);
$template_email_sentfailed = str_replace("%EMAIL_PERMALINK%", get_permalink(), $template_email_sentfailed);
}
// Logging
$email_yourname = addslashes($yourname);
$email_youremail = addslashes($youremail);
$email_yourremarks = addslashes($yourremarks);
$email_postid = intval(get_the_id());
$email_posttitle = addslashes($post_title);
$email_timestamp = current_time('timestamp');
$email_ip = get_email_ipaddress();
$email_host = esc_attr(@gethostbyaddr($email_ip));
foreach ($friends as $friend) {
$email_friendname = addslashes($friend['name']);
$email_friendemail = addslashes($friend['email']);
$wpdb->query("INSERT INTO {$wpdb->email} VALUES (0, '{$email_yourname}', '{$email_youremail}', '{$email_yourremarks}', '{$email_friendname}', '{$email_friendemail}', {$email_postid}, '{$email_posttitle}', '{$email_timestamp}', '{$email_ip}', '{$email_host}', '{$email_status}')");
}
if ($email_status == __('Success', 'wp-email')) {
$output = $template_email_sentsuccess;
} else {
$output = $template_email_sentfailed;
}
echo $output;
exit;
// If There Are Errors
} else {
$error = substr($error, 21);
$template_email_error = stripslashes(get_option('email_template_error'));
$template_email_error = str_replace("%EMAIL_ERROR_MSG%", $error, $template_email_error);
$template_email_error = str_replace("%EMAIL_BLOG_NAME%", get_bloginfo('name'), $template_email_error);
$template_email_error = str_replace("%EMAIL_BLOG_URL%", get_bloginfo('url'), $template_email_error);
$template_email_error = str_replace("%EMAIL_PERMALINK%", get_permalink(), $template_email_error);
$output = $template_email_error;
$output .= email_form('', false, false, false, $error_field);
echo $output;
exit;
}
// End if(empty($error))
}
// End if(!empty($_POST['wp-email']))
}
* Display user information.
*/
require_login();
require __DIR__ . "/../layout/templates.php";
$user = get_user(user_id());
require_user($user);
$old_email = $user['email'];
$q = db()->prepare("SELECT * FROM user_passwords WHERE user_id=?");
$q->execute(array(user_id()));
$password_hash = $q->fetch();
$messages = array();
$errors = array();
$name = require_post("name", false);
$email = trim(require_post("email", false));
if ($name !== false && $email !== false) {
if ($name !== "" && !is_valid_name($name)) {
$errors[] = t("Invalid name.");
} else {
if ($email !== "" && !is_valid_email($email)) {
$errors[] = t("Invalid e-mail.");
} else {
if (!$email && $password_hash) {
$errors[] = t("You cannot remove your e-mail address until you have disabled :password_login on this account.", array(':password_login' => link_to(url_for('user#user_password'), t("password login"))));
}
}
}
// check that there are no existing users with this e-mail address
if ($email && $password_hash) {
$q = db()->prepare("SELECT * FROM users WHERE email=? AND id <> ?");
$q->execute(array($email, $user['id']));
if ($q->fetch()) {
public function edit_contact_info()
{
$user_id = $this->Session->read('user_id');
if (is_numeric($user_id) and $user_id > 0) {
$errors = array();
$firstname = $this->request->data['User']['firstname'];
$lastname = $this->request->data['User']['lastname'];
$fathername = $this->request->data['User']['fathername'];
$skype = $this->request->data['User']['skype'];
$mail = $this->request->data['User']['mail'];
if (isset($this->request->data['Phone'])) {
foreach ($this->request->data['Phone'] as $key => $phone) {
if (!empty($phone)) {
if (!preg_match('/^[0-9]{10,13}$/', $phone)) {
$this->request->data['Phone']['false_number'] = $key;
pr($this->request->data['Phone']);
exit;
} else {
}
}
}
}
if (!is_valid_name($firstname, 2, 32)) {
$errors[] = 'firstname';
}
if (!is_valid_name($lastname, 2, 32)) {
$errors[] = 'lastname';
}
//отчество может не быть
if (!empty($fathername)) {
if (!is_valid_name($fathername, 2, 32)) {
$errors[] = 'firstname';
}
}
if (!filter_var($mail, FILTER_VALIDATE_EMAIL)) {
$errors[] = 'mail';
}
if (count($errors) == 0) {
$this->User->id = $user_id;
$data_to_save = array('firstname' => $firstname, 'lastname' => $lastname, 'fathername' => $fathername, 'skype' => $skype, 'mail' => $mail, 'phone' => $mail, 'data_status' => 'not_checked');
$user_save = $this->User->save($data_to_save);
//сохранение списка телефонов
if (isset($this->request->data['Phone'])) {
foreach ($this->request->data['Phone'] as $key => $phone) {
$this->Phone->tablePrefix = 'user_';
if (!empty($phone)) {
if (preg_match('/^[0-9]{10,13}$/', $phone)) {
//проверка наличия свободных слотов для телефонов
$max_phone_per_user = Configure::read('MAX_USER_PHONES_COUNT');
$phone_counter = $this->Phone->find('count', array('conditions' => array('user_id' => $user_id)));
$check_phone = $this->Phone->find('count', array('conditions' => array('user_id' => $user_id, 'phone' => $phone)));
if ($check_phone == 0 and $phone_counter < $max_phone_per_user) {
$this->Phone->save(array('user_id' => $user_id, 'phone' => $phone, 'check_status' => 'not_checked'));
}
}
}
}
}
}
$this->redirect(array('controller' => 'backoffice', 'action' => 'edit_profile'));
exit;
}
}
$registercomplete[] .= "Click <a href=\"http://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "\">here</a> to login";
$sendpasscomplete = true;
} else {
$errorString[] = "Password could not be reset :-(";
$sendpasserror = true;
}
} else {
$errorString[] = "Email address not found";
$showlostpassform = true;
}
break;
case "processregister":
include "inc/email_validator.php";
// validate fields
$errorString = "";
if (!is_valid_name($_POST['username'])) {
$errorString[] = "Invalid username";
}
if (!is_valid_real_name($_POST['realname'])) {
$errorString[] = "Invalid name";
} elseif (username_exists($_POST['username'])) {
$errorString[] = "Username already in use";
}
/* elseif (realname_exists($_POST['realname'])) {
$errorString[] = "Name already in use";
} */
if (!is_valid_password($_POST['password'], $_POST['password2'])) {
$errorString[] = "Passwords do not match or are not of required length";
}
if (!is_rfc3696_valid_email_address($_POST['email'])) {
$errorString[] = "Invalid email address";
