private function SEND_SMTP_ZEND() { try { loadLibrary("ZEND", "Zend_Mail"); loadLibrary("ZEND", "Zend_Mail_Transport_Smtp"); if (empty($this->MailText)) { $this->MailText = ">>"; } if ($this->Account->Authentication == "No") { $config = array('port' => $this->Account->Port); } else { $config = array('auth' => 'login', 'username' => $this->Account->Username, 'password' => $this->Account->Password, 'port' => $this->Account->Port); } if (!empty($this->Account->SSL)) { $config['ssl'] = $this->Account->SSL == 1 ? 'SSL' : 'TLS'; } $transport = new Zend_Mail_Transport_Smtp($this->Account->Host, $config); $mail = new Zend_Mail('UTF-8'); $mail->setBodyText($this->MailText); $mail->setFrom($this->Account->Email, $this->Account->SenderName); if (strpos($this->Receiver, ",") !== false) { $emails = explode(",", $this->Receiver); $add = false; foreach ($emails as $mailrec) { if (!empty($mailrec)) { if (!$add) { $add = true; $mail->addTo($mailrec, $mailrec); } else { $mail->addBcc($mailrec, $mailrec); } } } } else { $mail->addTo($this->Receiver, $this->Receiver); } $mail->setSubject($this->Subject); $mail->setReplyTo($this->ReplyTo, $name = null); if ($this->Attachments != null) { foreach ($this->Attachments as $resId) { $res = getResource($resId); $at = $mail->createAttachment(file_get_contents("./uploads/" . $res["value"])); $at->type = 'application/octet-stream'; $at->disposition = Zend_Mime::DISPOSITION_ATTACHMENT; $at->encoding = Zend_Mime::ENCODING_BASE64; $at->filename = $res["title"]; } } $mail->send($transport); } catch (Exception $e) { if ($this->TestIt) { throw $e; } else { handleError("111", $this->Account->Host . " send mail connection error: " . $e->getMessage(), "functions.global.inc.php", 0); } return 0; } return 1; }
private function validateRegistration() { loadLibrary("validation.lib"); $user = secure($_POST["username"]); $display = secure($_POST["display"]); $pass1 = secure($_POST["pass1"]); $pass2 = secure($_POST["pass2"]); $email1 = secure($_POST["email1"]); $email2 = secure($_POST["email2"]); $res = valid_username($user); if ($res !== true) { $this->errors[] = $res; } $res = valid_displayname($display); if ($res !== true) { $this->errors[] = $res; } if ($pass1 !== $pass2) { $this->errors[] = "passwords_dont_match"; } else { $res = valid_password($pass1); if ($res !== true) { $this->errors[] = $res; } } if ($email1 !== $email2) { $this->errors[] = "emails_dont_match"; } else { $res = valid_email($email1); if ($res !== true) { $this->errors[] = $res; } } // Validate these next two for the most protective method. if ($_POST["hideemail"] == "no") { $hideemail = false; } else { $hideemail = true; } if ($_POST["receiveemail"] == "yes") { $receiveemail = true; } else { $receiveemail = false; } // Check ToS box if (!$_POST["tos"]) { $this->errors[] = "tos_not_checked"; } if (count($this->errors) == 0) { // Add the user global $yakbb; $yakbb->db->insert("users", array("id" => 0, "username" => $user, "displayname" => $display, "password" => sha256($pass1), "email" => $email1, "emailshow" => $hideemail ? 0 : 1, "emailoptin" => $receiveemail ? 1 : 0, "activated" => 1, "activationcode" => "", "pending" => 0, "registeredtime" => time(), "lastip" => $yakbb->ip, "template" => $yakbb->config["default_template"], "language" => $yakbb->config["default_language"], "timezone" => $yakbb->config["default_timezone"])); redirect("?action=login®=true"); } }
function insert_user($userdat) { // Creates a new user on the forum global $yakbb; // List fields that this function can provide. $valid_fields = array("username", "displayname", "password", "email", "emailshow", "emailoptin"); $required_fields = array("username", "password", "email"); // Validate that ONLY these fields are provided. Then, validate required fields $fields_provided = array_keys($userdat); foreach ($fields_provided as $k => $item) { if (!in_array($item, $valid_fields)) { unset($userdat[$item]); // Remove the invalid item } } foreach ($required_fields as $k => $item) { if (!in_array($item, $fields_provided)) { record_yakbb_error("Missed field \"" . $item . "\" in call to insert_user()."); return false; } } // Set the data that will ALWAYS be this way $userdat["group"] = 0; $userdat["activated"] = 1; $userdat["activationcode"] = ""; // Sent via e-mail $userdat["pending"] = 0; // Admin approval required? $userdat["registeredtime"] = time(); $userdat["lastip"] = $yakbb->ip; $userdat["template"] = $yakbb->config["default_template"]; $userdat["language"] = $yakbb->config["default_language"]; $userdat["timezone"] = $yakbb->config["default_timezone"]; // Set the data that is optional. intval() is used to force integer value upon certain ones $userdat["emailshow"] = isset($userdat["emailshow"]) ? intval($userdat["emailshow"]) : 0; $userdat["emailoptin"] = isset($userdat["emailoptin"]) ? intval($userdat["emailoptin"]) : 0; $userdat["displayname"] = isset($userdat["displayname"]) ? $userdat["displayname"] : $userdat["username"]; // Validate inputted data if (!function_exists("valid_username")) { loadLibrary("validation.lib"); } $errors = array(); $res = valid_username($userdat["username"]); if ($res !== true) { $errors[] = $res; } $res = valid_displayname($userdat["displayname"]); if ($res !== true) { $errors[] = $res; } $res = valid_password($userdat["password"]); if ($res !== true) { $errors[] = $res; } $res = valid_email($userdat["email"]); if ($res !== true) { $errors[] = $res; } if (count($errors) == 0) { $yakbb->db->insert("users", $userdat); return true; } else { return $errors; } }
private function loadUser() { $this->user = array("id" => 0, "username" => "Guest", "group" => -1, "template" => $this->config["default_template"], "language" => $this->config["default_language"]); $this->smarty->assign("guest", true); $this->smarty->assign("admin_access", false); if (getYakCookie("username") != "" && getYakCookie("password") != "") { // Check login $user = secure(getYakCookie("username")); $pass = getYakCookie("password"); loadLibrary("validation.lib"); if (valid_username($user) === true && valid_password($pass) === true) { $this->db->query("\r\n\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\tyakbb_users\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tusername = '******'\r\n\t\t\t\t\tLIMIT\r\n\t\t\t\t\t\t1\r\n\t\t\t\t"); if ($this->db->numRows() == 1) { $x = $this->db->fetch(); if ($x["password"] === $pass) { $this->user = $x; $this->smarty->assign("guest", false); } } } } }
function downloadFromMailbox(&$_reload, $_type, $_server, $_port, $_password, $_account, $_secure, $_delete, $_test = false) { global $CONFIG; $starttime = time(); $executiontime = setTimeLimit(CALLER_TIMEOUT - 10); loadLibrary("ZEND", "Zend_Mail"); $list = array(); $config = array('host' => $_server, 'auth' => 'login', 'user' => $_account, 'password' => $_password, 'port' => $_port); if (!empty($_secure)) { $config['ssl'] = $_secure == 1 ? 'SSL' : 'TLS'; } try { if ($_type == "IMAP") { loadLibrary("ZEND", "Zend_Mail_Storage_Imap"); $mail = new Zend_Mail_Storage_Imap($config); } else { loadLibrary("ZEND", "Zend_Mail_Storage_Pop3"); $mail = new Zend_Mail_Storage_Pop3($config); } } catch (Exception $e) { if ($_test) { throw $e; } else { handleError("111", $_server . " " . $_type . " mailbox connection error: " . $e->getMessage(), "functions.global.inc.php", 0); } return $list; } $message = null; $delete = array(); $subject = ""; try { $counter = 0; foreach ($mail as $mnum => $message) { if ($_test) { return count($mail); } try { $temail = new TicketEmail(); if ($message->headerExists("subject")) { $subject = $temail->Subject = mimeHeaderDecode($message->Subject); } if ($message->headerExists("message-id")) { $temail->Id = str_replace(array("<", ">"), "", $message->MessageId); } if (empty($temail->Id)) { $temail->Id = getId(32); } if ($_delete) { $delete[$mnum] = $temail->Id; } if (strpos($message->From, "<") !== false) { $fromparts = explode("<", str_replace(">", "", $message->From)); if (!empty($fromparts[0])) { $temail->Name = str_replace(array("\""), "", mimeHeaderDecode(trim($fromparts[0]))); } $temail->Email = trim($fromparts[1]); } else { $temail->Email = trim($message->From); } if (strpos($message->To, "<") !== false) { $toparts = explode("<", str_replace(">", "", $message->To)); $temail->ReceiverEmail = trim($toparts[1]); } else { $temail->ReceiverEmail = trim($message->To); } if ($message->headerExists("reply-to")) { if (strpos($message->ReplyTo, "<") !== false) { $rtoparts = explode("<", str_replace(">", "", $message->ReplyTo)); $temail->ReplyTo = trim($rtoparts[1]); } else { $temail->ReplyTo = trim($message->ReplyTo); } } $parts = array(); if ($message->isMultipart()) { foreach (new RecursiveIteratorIterator($message) as $part) { $parts[] = $part; } } else { $parts[] = $message; } foreach ($parts as $part) { try { if ($part->headerExists("content-type")) { $ctype = $part->contentType; } else { $ctype = 'text/html'; } if ($part->headerExists("content-disposition")) { $ctype .= "; " . $part->contentDisposition; } $charset = ""; $hparts = explode(";", str_replace(" ", "", $ctype)); foreach ($hparts as $hpart) { if (strpos(strtolower($hpart), "charset=") === 0) { $charset = trim(str_replace(array("charset=", "'", "\""), "", strtolower($hpart))); } } $isatt = strpos(strtolower($ctype), "name=") !== false || strpos(strtolower($ctype), "filename=") !== false; if (DEBUG_MODE) { logit(" PROCESSING EMAIL / charset:" . $ctype . " - " . $charset . " - " . $subject . " - " . $isatt); } if (!$isatt && (($html = strpos(strtolower($ctype), 'text/html') !== false) || strpos(strtolower($ctype), 'text/plain') !== false)) { $content = $part->getContent(); foreach ($part->getHeaders() as $name => $value) { if (strpos(strtolower($name), 'content-transfer-encoding') !== false && strpos(strtolower($value), 'quoted-printable') !== false) { $content = quoted_printable_decode($content); } else { if (strpos(strtolower($name), 'content-transfer-encoding') !== false && strpos(strtolower($value), 'base64') !== false) { $content = base64_decode($content); } } } if ($html) { if (!empty($CONFIG["gl_avhe"])) { $temail->BodyHTML = max($temail->BodyHTML, $content); } @set_error_handler("ignoreError"); try { require_once LIVEZILLA_PATH . "_lib/trdp/html2text.php"; $content = convert_html_to_text($content); } catch (Exception $e) { $content = preg_replace("/<style\\b[^>]*>(.*?)<\\/style>/s", "", $content); $content = trim(html_entity_decode(strip_tags($content), ENT_COMPAT, "UTF-8")); $content = preg_replace('/[\\s\\s\\s\\s\\s\\s]+/', " ", $content); } @set_error_handler("handleError"); } if ((!$html || empty($temail->Body)) && !empty($content)) { if (strpos(strtolower($charset), 'utf-8') === false && !empty($charset)) { if (DEBUG_MODE) { logit(" PROCESSING EMAIL / iconv | " . strtoupper($charset) . " | " . 'UTF-8' . " | " . $subject); } $temail->Body = @iconv(strtoupper($charset), 'UTF-8', $content); } else { if ($html && empty($charset)) { $temail->Body = utf8_encode($content); } else { $temail->Body = $content; } } } } else { $filename = ""; $fileid = getId(32); $unknown = getId(32); $filesid = $CONFIG["gl_lzid"] . "_" . $fileid; foreach ($hparts as $hpart) { $hpart = mimeHeaderDecode($hpart); if (strpos(strtolower(trim($hpart)), "name=") === 0 || strpos(strtolower(trim($hpart)), "filename=") === 0) { $filename = trim(str_replace(array("filename=", "name=", "'", "\""), "", strtolower($hpart))); } else { if ($part->headerExists("content-id") && empty($filename)) { $filename = trim(str_replace(array("<", ">", "'", "\""), "", strtolower($part->contentId))); } else { if (strpos(strtolower($ctype), 'message/rfc822') !== false && $part->headerExists("subject") && empty($filename)) { $filename = trim($part->Subject) . ".eml"; } else { if (strpos(strtolower($ctype), 'message/rfc822') !== false) { $unknown = "unknown.eml"; } } } } } $base64dec = !(strpos(strtolower($ctype), 'message/rfc822') !== false || strpos(strtolower($ctype), 'text/plain') !== false); foreach ($part->getHeaders() as $name => $value) { if (strpos(strtolower($name), 'content-transfer-encoding') !== false && strpos(strtolower($value), 'base64') !== false) { $base64dec = true; } } $filename = empty($filename) ? $unknown : str_replace(array("\\", ":", "?", "*", "<", ">", "|", "/", "\""), "", $filename); $content = !$base64dec ? $part->getContent() : base64_decode($part->getContent()); $temail->Attachments[$fileid] = array($filesid, $filename, $content); if (DEBUG_MODE) { logit("ADD ATT: " . $filesid . " - " . $filename . " - " . $ctype); } } } catch (Exception $e) { handleError("112", $_server . " imap Email Part Error: " . $e->getMessage() . ", email: " . $subject, "functions.global.inc.php", 0); } } $temail->Created = strtotime($message->Date); if ((!is_numeric($temail->Created) || empty($temail->Created)) && $message->headerExists("delivery-date")) { $temail->Created = strtotime($message->DeliveryDate); } if (!is_numeric($temail->Created) || empty($temail->Created)) { $temail->Created = time(); } $list[] = $temail; if (time() - $starttime >= $executiontime / 2 || $counter++ > DATA_ITEM_LOADS) { $_reload = true; break; } } catch (Exception $e) { if ($_test) { throw $e; } else { handleError("115", $_type . " Email Error: " . $e->getMessage() . ", email: " . $subject, "functions.global.inc.php", 0); } } } try { krsort($delete); foreach ($delete as $num => $id) { $mail->removeMessage($num); } } catch (Exception $e) { if ($_test) { throw $e; } else { handleError("114", $_type . " Email delete error: " . $e->getMessage() . ", email: " . $subject, "functions.global.inc.php", 0); } } } catch (Exception $e) { if ($_test) { throw $e; } else { handleError("113", $_type . " Email Error: " . $e->getMessage() . ", email: " . $subject, "functions.global.inc.php", 0); } } return $list; }
private function validate() { loadLibrary("validation.lib"); global $yakbb; $this->subject = secure($_REQUEST["subject"]); $this->message = secure($_REQUEST["message"]); // Validate subject $res = valid_subject($this->subject); if ($res !== true) { $this->errors[] = $res; } // Validate message $res = valid_message($this->message); if ($res !== true) { $this->errors[] = $res; } // Check if thread exists when replying if ($this->actiontype == "reply") { $yakbb->db->query("\r\n\t\t\t\tSELECT\r\n\t\t\t\t\tparentid\r\n\t\t\t\tFROM\r\n\t\t\t\t\tyakbb_threads\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tid = '" . $this->thread . "'\r\n\t\t\t\tLIMIT\r\n\t\t\t\t\t1\r\n\t\t\t"); if ($yakbb->db->numRows() == 0) { $yakbb->error(2, "reply_thread_doesnt_exist"); } $dat = $yakbb->db->fetch(); $this->board = $dat["parentid"]; } // Passes validation, submit/modify/whatever it if (count($this->errors) == 0) { $this->submitInfo(); } }
private function validate() { loadLibrary("validation.lib"); $user = secure($_POST["username"]); $pass = $_POST["password"]; $reg = valid_username($user); if ($reg !== true) { $this->errors[] = $reg; } $reg = valid_password($pass); if ($reg !== true) { $this->errors[] = $reg; } if (count($this->errors) == 0) { // Check actual login data now global $yakbb; $yakbb->db->query("\r\n\t\t\t\tSELECT\r\n\t\t\t\t\tpassword\r\n\t\t\t\tFROM\r\n\t\t\t\t\tyakbb_users\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tusername = '******'\r\n\t\t\t\tLIMIT\r\n\t\t\t\t\t1\r\n\t\t\t"); $x = $yakbb->db->fetch(); if ($yakbb->db->numRows() == 0) { $this->errors[] = "user_doesnt_exist"; } else { if (sha256($pass) !== $x["password"]) { $this->errors[] = "password_incorrect"; } else { // Login setYakCookie("username", $user, time() + 60 * 60 * 24 * 180); setYakCookie("password", sha256($pass), time() + 60 * 60 * 24 * 180); redirect("?"); } } } }