/**
* Standard modular run function for CRON hooks. Searches for tasks to perform.
*/
function run()
{
if (get_forum_type() != 'ocf') {
return;
}
$time = time();
$last_time = intval(get_value('last_confirm_reminder_time'));
if ($last_time > time() - 24 * 60 * 60 * 2) {
return;
}
set_value('last_confirm_reminder_time', strval($time));
require_code('mail');
require_lang('ocf');
$GLOBALS['NO_DB_SCOPE_CHECK'] = true;
$rows = $GLOBALS['SITE_DB']->query('SELECT * FROM ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'f_members WHERE ' . db_string_not_equal_to('m_validated_email_confirm_code', '') . ' AND m_join_time>' . strval($last_time));
$GLOBALS['NO_DB_SCOPE_CHECK'] = false;
foreach ($rows as $row) {
$coppa = get_option('is_on_coppa') == '1' && utctime_to_usertime(time() - mktime(0, 0, 0, $row['m_dob_month'], $row['m_dob_day'], $row['m_dob_year'])) / 31536000.0 < 13.0;
if (!$coppa) {
$zone = get_module_zone('join');
if ($zone != '') {
$zone .= '/';
}
$url = get_base_url() . '/' . $zone . 'index.php?page=join&type=step4&email=' . rawurlencode($row['m_email_address']) . '&code=' . $row['m_validated_email_confirm_code'];
$url_simple = get_base_url() . '/' . $zone . 'index.php?page=join&type=step4';
$message = do_lang('OCF_SIGNUP_TEXT', comcode_escape(get_site_name()), comcode_escape($url), array($url_simple, $row['m_email_address'], strval($row['m_validated_email_confirm_code'])), $row['m_language']);
mail_wrap(do_lang('CONFIRM_EMAIL_SUBJECT', get_site_name(), NULL, NULL, $row['m_language']), $message, array($row['m_email_address']), $row['m_username']);
}
}
}
/**
* Standard modular run function for CRON hooks. Searches for tasks to perform.
*/
function run()
{
if (get_option('mail_queue_debug') == '0') {
// Implement basic locking
if (get_long_value_newer_than('mailer_currently_dripping', time() - 60 * 5) === '1') {
return;
}
set_long_value('mailer_currently_dripping', '1');
$mails = $GLOBALS['SITE_DB']->query_select('logged_mail_messages', array('id', 'm_subject', 'm_message', 'm_to_email', 'm_to_name', 'm_from_email', 'm_from_name', 'm_priority', 'm_attachments', 'm_no_cc', 'm_as', 'm_as_admin', 'm_in_html', 'm_date_and_time', 'm_member_id', 'm_url', 'm_template'), array('m_queued' => 1), '', 100);
if (count($mails) != 0) {
require_code('mail');
foreach ($mails as $row) {
$subject = $row['m_subject'];
$message = $row['m_message'];
$to_email = unserialize($row['m_to_email']);
$to_name = unserialize($row['m_to_name']);
$from_email = $row['m_from_email'];
$from_name = $row['m_from_name'];
mail_wrap($subject, $message, $to_email, $to_name, $from_email, $from_name, $row['m_priority'], unserialize($row['m_attachments']), $row['m_no_cc'] == 1, $row['m_as'], $row['m_as_admin'] == 1, $row['m_in_html'] == 1, true, $row['m_template']);
$GLOBALS['SITE_DB']->query_update('logged_mail_messages', array('m_queued' => 0), array('id' => $row['id']), '', 1);
}
}
}
set_long_value('mailer_currently_dripping', '0');
}
/**
* Sends out a recommendation e-mail.
*
* @param string Recommenders name
* @param mixed Their e-mail address (string or array of alternates)
* @param string The recommendation message
* @param boolean Whether this is an invitation
* @param ?string Email address of the recommender (NULL: current user's)
* @param ?string The subject (NULL: default)
* @param ?array List of names (NULL: use email addresses as names)
*/
function send_recommendation_email($name, $email_address, $message, $is_invite = false, $recommender_email = NULL, $subject = NULL, $names = NULL)
{
if (!is_array($email_address)) {
$email_address = array($email_address);
}
if (is_null($recommender_email)) {
$recommender_email = $GLOBALS['FORUM_DRIVER']->get_member_email_address(get_member());
}
if (is_null($subject)) {
$subject = do_lang('RECOMMEND_MEMBER_SUBJECT', get_site_name());
}
require_code('mail');
if ($message == '') {
$message = '(' . do_lang('NONE') . ')';
}
mail_wrap(do_lang('RECOMMEND_MEMBER_SUBJECT', get_site_name()), $message, $email_address, is_null($names) ? $email_address : $names, $recommender_email, $name);
}
/**
* Find whether this preview hook applies.
*
* @return array A pair: The preview, the updated post Comcode
*/
function applies()
{
$member_id = get_param_integer('id', get_member());
$applies = get_param('page', '') == 'admin_ocf_welcome_emails';
if ($applies) {
require_lang('ocf');
require_code('mail');
$subject_tag = post_param('subject');
$message_raw = do_template('NEWSLETTER_DEFAULT', array('CONTENT' => post_param('text'), 'LANG' => get_site_default_lang()));
$to = $GLOBALS['FORUM_DRIVER']->get_member_email_address(get_member());
if ($to == '') {
$to = get_option('staff_address');
}
mail_wrap($subject_tag, $message_raw->evaluate(get_site_default_lang()), array($to), $GLOBALS['FORUM_DRIVER']->get_username(get_member()), '', '', 3, NULL, false, get_member(), true);
}
return array($applies, NULL);
}
/**
* Standard modular run function.
*
* @param array A map of parameters.
* @return tempcode The result of execution.
*/
function run($map)
{
require_lang('messaging');
require_code('feedback');
$to = array_key_exists('param', $map) ? $map['param'] : get_option('staff_address');
$post = post_param('post', '');
if (post_param_integer('_comment_form_post', 0) == 1 && $post != '') {
if (addon_installed('captcha')) {
if (get_option('captcha_on_feedback') == '1') {
require_code('captcha');
enforce_captcha();
}
}
$message = new ocp_tempcode();
/*Used to be written out here*/
attach_message(do_lang_tempcode('MESSAGE_SENT'), 'inform');
require_code('mail');
$email_from = trim(post_param('email', $GLOBALS['FORUM_DRIVER']->get_member_email_address(get_member())));
mail_wrap(post_param('title'), $post, array($to), NULL, $email_from, $GLOBALS['FORUM_DRIVER']->get_username(get_member()), 3, NULL, false, get_member());
if ($email_from != '') {
mail_wrap(do_lang('YOUR_MESSAGE_WAS_SENT_SUBJECT', post_param('title')), do_lang('YOUR_MESSAGE_WAS_SENT_BODY', $post), array($email_from), NULL, '', '', 3, NULL, false, get_member());
}
} else {
$message = new ocp_tempcode();
}
$box_title = array_key_exists('title', $map) ? $map['title'] : do_lang('CONTACT_US');
$private = array_key_exists('private', $map) && $map['private'] == '1';
$em = $GLOBALS['FORUM_DRIVER']->get_emoticon_chooser();
require_javascript('javascript_editing');
$comcode_help = build_url(array('page' => 'userguide_comcode'), get_comcode_zone('userguide_comcode', false));
require_javascript('javascript_validation');
$comment_url = get_self_url();
$email_optional = array_key_exists('email_optional', $map) ? intval($map['email_optional']) == 1 : true;
if (addon_installed('captcha')) {
require_code('captcha');
$use_captcha = get_option('captcha_on_feedback') == '1' && use_captcha();
if ($use_captcha) {
generate_captcha();
}
} else {
$use_captcha = false;
}
$comment_details = do_template('COMMENTS_POSTING_FORM', array('JOIN_BITS' => '', 'FIRST_POST_URL' => '', 'FIRST_POST' => '', 'USE_CAPTCHA' => $use_captcha, 'EMAIL_OPTIONAL' => $email_optional, 'POST_WARNING' => '', 'COMMENT_TEXT' => '', 'GET_EMAIL' => !$private, 'GET_TITLE' => !$private, 'EM' => $em, 'DISPLAY' => 'block', 'TITLE' => $box_title, 'COMMENT_URL' => $comment_url));
$out = do_template('BLOCK_MAIN_CONTACT_SIMPLE', array('_GUID' => '298a357f442f440c6b42e58d6717e57c', 'EMAIL_OPTIONAL' => true, 'COMMENT_DETAILS' => $comment_details, 'MESSAGE' => $message));
return $out;
}
/**
* Standard modular run function for CRON hooks. Searches for tasks to perform.
*/
function run()
{
if (!defined('MAXIMUM_DIGEST_LENGTH')) {
define('MAXIMUM_DIGEST_LENGTH', 1024 * 100);
// 100KB
}
require_code('notifications');
foreach (array(A_DAILY_EMAIL_DIGEST => 60 * 60 * 24, A_WEEKLY_EMAIL_DIGEST => 60 * 60 * 24 * 7, A_MONTHLY_EMAIL_DIGEST => 60 * 60 * 24 * 31) as $frequency => $timespan) {
$start = 0;
do {
// Find where not tint-in-tin
$members = $GLOBALS['SITE_DB']->query('SELECT DISTINCT d_to_member_id FROM ' . get_table_prefix() . 'digestives_consumed c JOIN ' . get_table_prefix() . 'digestives_tin t ON c.c_member_id=t.d_to_member_id AND c.c_frequency=' . strval($frequency) . ' WHERE c_time<' . strval(time() - $timespan) . ' AND c_frequency=' . strval($frequency), 100, $start);
foreach ($members as $member) {
require_lang('notifications');
$to_member_id = $member['d_to_member_id'];
$to_name = $GLOBALS['FORUM_DRIVER']->get_username($to_member_id);
$to_email = $GLOBALS['FORUM_DRIVER']->get_member_email_address($to_member_id);
$messages = $GLOBALS['SITE_DB']->query_select('digestives_tin', array('d_subject', 'd_message', 'd_date_and_time'), array('d_to_member_id' => $to_member_id, 'd_frequency' => $frequency), 'ORDER BY d_date_and_time');
$GLOBALS['SITE_DB']->query_delete('digestives_tin', array('d_to_member_id' => $to_member_id, 'd_frequency' => $frequency));
$_message = '';
foreach ($messages as $message) {
if ($_message != '') {
$_message .= chr(10);
}
if (strlen($_message) + strlen($message['d_message']) < MAXIMUM_DIGEST_LENGTH) {
$_message .= do_lang('DIGEST_EMAIL_INDIVIDUAL_MESSAGE_WRAP', comcode_escape($message['d_subject']), $message['d_message'], array(comcode_escape(get_site_name()), get_timezoned_date($message['d_date_and_time'])));
} else {
$_message .= do_lang('DIGEST_ITEM_OMITTED', comcode_escape($message['d_subject']), get_timezoned_date($message['d_date_and_time']), array(comcode_escape(get_site_name())));
}
}
if ($_message != '') {
$wrapped_subject = do_lang('DIGEST_EMAIL_SUBJECT_' . strval($frequency), comcode_escape(get_site_name()));
$wrapped_message = do_lang('DIGEST_EMAIL_MESSAGE_WRAP', $_message, comcode_escape(get_site_name()));
require_code('mail');
mail_wrap($wrapped_subject, $wrapped_message, array($to_email), $to_name, get_option('staff_address'), get_site_name(), 3, NULL, true, A_FROM_SYSTEM_UNPRIVILEGED, false);
$GLOBALS['SITE_DB']->query_update('digestives_consumed', array('c_time' => time()), array('c_member_id' => $to_member_id, 'c_frequency' => $frequency), '', 1);
}
}
$start += 100;
} while (count($members) == 100);
}
}
/**
* Standard modular run function.
*
* @param array A map of parameters.
* @return tempcode The result of execution.
*/
function run($map)
{
require_lang('newsletter');
require_lang('javascript');
$newsletter_id = array_key_exists('param', $map) ? intval($map['param']) : db_get_first_id();
$_newsletter_title = $GLOBALS['SITE_DB']->query_value_null_ok('newsletters', 'title', array('id' => $newsletter_id));
if (is_null($_newsletter_title)) {
return paragraph(do_lang_tempcode('MISSING_RESOURCE'));
}
$newsletter_title = get_translated_text($_newsletter_title);
$address = post_param('address' . strval($newsletter_id), '');
if ($address != '') {
require_code('newsletter');
require_code('type_validation');
if (!is_valid_email_address($address)) {
$msg = do_template('INLINE_WIP_MESSAGE', array('MESSAGE' => do_lang_tempcode('INVALID_EMAIL_ADDRESS')));
return do_template('BLOCK_MAIN_NEWSLETTER_SIGNUP', array('URL' => get_self_url(), 'MSG' => $msg));
}
if (!array_key_exists('path', $map)) {
$map['path'] = 'uploads/website_specific/signup.txt';
}
require_code('character_sets');
$password = basic_newsletter_join($address, 4, NULL, !file_exists(get_custom_file_base() . '/' . $map['path']), $newsletter_id, post_param('firstname' . strval($newsletter_id), ''), post_param('lastname' . strval($newsletter_id), ''));
if ($password == '') {
return do_template('INLINE_WIP_MESSAGE', array('MESSAGE' => do_lang_tempcode('NEWSLETTER_THIS_ALSO')));
}
if ($password == do_lang('NA')) {
$manage_url = build_url(array('page' => 'newsletter', 'email' => $address), get_module_zone('newsletter'));
return do_template('INLINE_WIP_MESSAGE', array('MESSAGE' => do_lang_tempcode('ALREADY_EMAIL_ADDRESS', escape_html($manage_url->evaluate()))));
}
require_code('mail');
if (file_exists(get_custom_file_base() . '/' . $map['path'])) {
$url = (url_is_local($map['path']) ? get_custom_base_url() . '/' : '') . $map['path'];
mail_wrap(array_key_exists('subject', $map) ? $map['subject'] : do_lang('WELCOME'), convert_to_internal_encoding(http_download_file($url)), array($address), array_key_exists('to', $map) ? $map['to'] : '', '', '', 3, NULL, false, NULL, true);
}
return do_template('BLOCK_MAIN_NEWSLETTER_SIGNUP_DONE', array('_GUID' => '9953c83685df4970de8f23fcd5dd15bb', 'NEWSLETTER_TITLE' => $newsletter_title, 'NID' => strval($newsletter_id), 'PASSWORD' => $password));
} else {
return do_template('BLOCK_MAIN_NEWSLETTER_SIGNUP', array('NEWSLETTER_TITLE' => $newsletter_title, 'NID' => strval($newsletter_id), 'URL' => get_self_url()));
}
}
/**
* Standard modular run function for CRON hooks. Searches for tasks to perform.
*/
function run()
{
if (!addon_installed('newsletter')) {
return;
}
if (get_long_value('newsletter_currently_dripping') === '1') {
return;
}
$_minutes_between_sends = get_value('minutes_between_sends');
$_mails_per_send = get_value('mails_per_send');
$minutes_between_sends = is_null($_minutes_between_sends) ? 10 : intval($_minutes_between_sends);
$mails_per_send = is_null($_mails_per_send) ? 60 : intval($_mails_per_send);
$time = time();
$last_time = intval(get_value('last_newsletter_drip_send'));
if ($last_time > time() - $minutes_between_sends * 60 && !$GLOBALS['FORUM_DRIVER']->is_super_admin(get_member())) {
return;
}
set_long_value('newsletter_currently_dripping', '1');
set_value('last_newsletter_drip_send', strval($time));
$to_send = $GLOBALS['SITE_DB']->query_select('newsletter_drip_send', array('*'), NULL, 'ORDER BY d_inject_time DESC', $mails_per_send);
if (count($to_send) != 0) {
//Quick cleanup for maximum performance
$id_list = '';
foreach ($to_send as $mail) {
if ($id_list != '') {
$id_list .= ' OR ';
}
$id_list .= 'id=' . strval($mail['id']);
}
$GLOBALS['SITE_DB']->query('DELETE FROM ' . get_table_prefix() . 'newsletter_drip_send WHERE ' . $id_list);
set_long_value('newsletter_currently_dripping', '0');
// Send
require_code('mail');
foreach ($to_send as $mail) {
mail_wrap($mail['d_subject'], $mail['d_message'], array($mail['d_to_email']), array($mail['d_to_name']), $mail['d_from_email'], $mail['d_from_name'], $mail['d_priority'], NULL, true, NULL, true, $mail['d_html_only'] == 1, false, $mail['d_template'], true);
}
} else {
set_long_value('newsletter_currently_dripping', '0');
}
}
/**
* Send the posted form over email to the staff address.
*
* @param ?string The subject of the email (NULL: from posted subject parameter).
* @param string The intro text to the mail.
* @param ?array A map of fields to field titles to transmit. (NULL: all posted fields, except subject and email)
* @param ?string Email address to send to (NULL: look from post environment / staff address).
*/
function form_to_email($subject = NULL, $intro = '', $fields = NULL, $to_email = NULL)
{
if (is_null($subject)) {
$subject = post_param('subject', get_site_name());
}
if (is_null($fields)) {
$fields = array();
foreach (array_diff(array_keys($_POST), array('MAX_FILE_SIZE', 'perform_validation', '_validated', 'posting_ref_id', 'f_face', 'f_colour', 'f_size', 'x', 'y', 'name', 'subject', 'email', 'to_members_email', 'to_written_name', 'redirect', 'http_referer')) as $key) {
$is_hidden = strpos($key, 'hour') !== false || strpos($key, 'access_') !== false || strpos($key, 'minute') !== false || strpos($key, 'confirm') !== false || strpos($key, 'pre_f_') !== false || strpos($key, 'label_for__') !== false || strpos($key, 'wysiwyg_version_of_') !== false || strpos($key, 'is_wysiwyg') !== false || strpos($key, 'require__') !== false || strpos($key, 'tempcodecss__') !== false || strpos($key, 'comcode__') !== false || strpos($key, '_parsed') !== false || preg_match('#^caption\\d+$#', $key) != 0 || preg_match('#^attachmenttype\\d+$#', $key) != 0 || substr($key, 0, 1) == '_' || substr($key, 0, 9) == 'hidFileID' || substr($key, 0, 11) == 'hidFileName';
if ($is_hidden) {
continue;
}
if (substr($key, 0, 1) != '_') {
$fields[$key] = post_param('label_for__' . $key, ucwords(str_replace('_', ' ', $key)));
}
}
}
$message_raw = $intro;
if ($message_raw != '') {
$message_raw .= "\n\n------------\n\n";
}
foreach ($fields as $field => $field_title) {
$field_val = post_param($field, NULL);
if (!is_null($field_val)) {
$message_raw .= $field_title . ': ' . $field_val . "\n\n";
}
}
$from_email = trim(post_param('email', ''));
$to_name = mixed();
$from_name = post_param('name', $GLOBALS['FORUM_DRIVER']->get_username(get_member()));
if (is_null($to_email)) {
$to = post_param_integer('to_members_email', NULL);
if (!is_null($to)) {
$to_email = $GLOBALS['FORUM_DRIVER']->get_member_email_address($to);
$to_name = $GLOBALS['FORUM_DRIVER']->get_username($to);
}
}
$attachments = array();
require_code('uploads');
is_swf_upload(true);
foreach ($_FILES as $file) {
$attachments[$file['tmp_name']] = $file['name'];
}
if (addon_installed('captcha')) {
if (post_param_integer('_security', 0) == 1) {
require_code('captcha');
enforce_captcha();
}
}
mail_wrap($subject, $message_raw, is_null($to_email) ? NULL : array($to_email), $to_name, $from_email, $from_name, 3, $attachments);
}
/**
* Send an e-mail notification for a new post in a support ticket, either to the staff or to the ticket's owner.
*
* @param string The ticket ID
* @param LONG_TEXT The ticket title
* @param LONG_TEXT The ticket post's content
* @param mixed The home URL (to view the ticket) (URLPATH or Tempcode URL)
* @param string Ticket owner's e-mail address, in the case of a new ticket
* @param integer The new ticket type, or -1 if it is a reply to an existing ticket
*/
function send_ticket_email($ticket_id, $title, $post, $ticket_url, $email, $ticket_type_if_new)
{
require_lang('tickets');
require_code('notifications');
$_temp = explode('_', $ticket_id);
$uid = intval($_temp[0]);
$username = $GLOBALS['FORUM_DRIVER']->get_username($uid);
if (is_null($username)) {
$username = do_lang('UNKNOWN');
}
$new_ticket = $ticket_type_if_new != -1;
$ticket_type_id = $GLOBALS['SITE_DB']->query_value_null_ok('tickets', 'ticket_type', array('ticket_id' => $ticket_id));
$ticket_type_text = mixed();
if ($uid != get_member() && !is_guest($uid)) {
// Reply from staff, notification to user
$ticket_type_text = $GLOBALS['SITE_DB']->query_value_null_ok('tickets t LEFT JOIN ' . $GLOBALS['SITE_DB']->get_table_prefix() . 'translate tr ON t.ticket_type=tr.id', 'text_original', array('ticket_id' => $ticket_id));
if (is_null($ticket_type_text)) {
$ticket_type_text = do_lang('UNKNOWN');
}
$their_lang = get_lang($uid);
$subject = do_lang('TICKET_REPLY', $ticket_type_text, $ticket_type_text, $title == '' ? do_lang('UNKNOWN') : $title, $their_lang);
$post_tempcode = comcode_to_tempcode($post);
if (trim($post_tempcode->evaluate()) != '') {
$message = do_lang('TICKET_REPLY_MESSAGE', comcode_escape($title == '' ? do_lang('UNKNOWN') : $title), comcode_escape($ticket_url), array(comcode_escape($GLOBALS['FORUM_DRIVER']->get_username(get_member())), $post, comcode_escape($ticket_type_text)), $their_lang);
dispatch_notification('ticket_reply', is_null($ticket_type_id) ? '' : strval($ticket_type_id), $subject, $message, array($uid));
}
} elseif ($uid == get_member()) {
// Reply from user, notification to staff
if (is_object($ticket_url)) {
$ticket_url = $ticket_url->evaluate();
}
if (is_null($ticket_type_text)) {
$ticket_type_text = $ticket_type_if_new == -1 ? '' : get_translated_text($ticket_type_if_new);
}
$subject = do_lang($new_ticket ? 'TICKET_NEW_STAFF' : 'TICKET_REPLY_STAFF', $ticket_type_text, $title == '' ? do_lang('UNKNOWN') : $title, NULL, get_site_default_lang());
$message = do_lang($new_ticket ? 'TICKET_NEW_MESSAGE_FOR_STAFF' : 'TICKET_REPLY_MESSAGE_FOR_STAFF', comcode_escape($title == '' ? do_lang('UNKNOWN') : $title), comcode_escape($ticket_url), array(comcode_escape($username), $post, comcode_escape($ticket_type_text)), get_site_default_lang());
dispatch_notification($new_ticket ? 'ticket_new_staff' : 'ticket_reply_staff', strval($ticket_type_id), $subject, $message);
// Tell user that their message was received
if ($email != '') {
require_code('mail');
mail_wrap(do_lang('YOUR_MESSAGE_WAS_SENT_SUBJECT', $title == '' ? do_lang('UNKNOWN') : $title), do_lang('YOUR_MESSAGE_WAS_SENT_BODY', $post), array($email), NULL, '', '', 3, NULL, false, get_member());
}
}
}
/**
* Standard modular run function.
*
* @param array A map of parameters.
* @return tempcode The result of execution.
*/
function run($map)
{
require_code('feedback');
require_javascript('javascript_validation');
$is_occle_talking = ocp_srv('HTTP_USER_AGENT') == 'ocPortal' && ocp_srv('HTTP_HOST') == 'ocportal.com';
$self_url = get_self_url();
$self_title = get_page_name();
$type = 'block_main_feedback';
$id = array_key_exists('param', $map) ? $map['param'] : '';
$out = new ocp_tempcode();
if (post_param_integer('_comment_form_post', 0) == 1) {
if (!has_no_forum()) {
$hidden = actualise_post_comment(true, $type, $id, $self_url, $self_title, array_key_exists('forum', $map) ? $map['forum'] : NULL, $is_occle_talking || get_option('captcha_on_feedback') == '0', 1, false, true, true);
if (array_key_exists('title', $_POST)) {
$redirect = get_param('redirect', NULL);
if (!is_null($redirect)) {
$redirect_screen = redirect_screen(get_page_title('_FEEDBACK'), $redirect, do_lang_tempcode('FEEDBACK_THANKYOU'));
@ob_end_clean();
$echo = globalise($redirect_screen, NULL, '', true);
$echo->evaluate_echo();
exit;
} else {
attach_message(do_lang_tempcode('SUCCESS'), 'inform');
}
}
} else {
$post = post_param('post', '');
$title = post_param('title', '');
if ($post != '') {
require_code('notifications');
dispatch_notification('new_feedback', $type, do_lang('NEW_FEEDBACK_SUBJECT', $title, NULL, NULL, get_site_default_lang()), do_lang('NEW_FEEDBACK_MESSAGE', $post, NULL, NULL, get_site_default_lang()));
$email_from = trim(post_param('email', $GLOBALS['FORUM_DRIVER']->get_member_email_address(get_member())));
if ($email_from != '') {
require_code('mail');
mail_wrap(do_lang('YOUR_MESSAGE_WAS_SENT_SUBJECT', $title), do_lang('YOUR_MESSAGE_WAS_SENT_BODY', $post), array($email_from), NULL, '', '', 3, NULL, false, get_member());
}
}
}
}
// Comment posts
$forum = get_option('comments_forum_name');
$count = 0;
$_comments = $GLOBALS['FORUM_DRIVER']->get_forum_topic_posts($GLOBALS['FORUM_DRIVER']->find_topic_id_for_topic_identifier($forum, $type . '_' . $id), $count);
if ($_comments !== -1) {
$em = $GLOBALS['FORUM_DRIVER']->get_emoticon_chooser();
require_javascript('javascript_editing');
$comcode_help = build_url(array('page' => 'userguide_comcode'), get_comcode_zone('userguide_comcode', false));
require_javascript('javascript_validation');
$comment_url = get_self_url();
if (addon_installed('captcha')) {
require_code('captcha');
$use_captcha = !$is_occle_talking && get_option('captcha_on_feedback') == '1' && use_captcha();
if ($use_captcha) {
generate_captcha();
}
} else {
$use_captcha = false;
}
$comment_details = do_template('COMMENTS_POSTING_FORM', array('_GUID' => '4ca32620f3eb68d9cc820b18265792d7', 'JOIN_BITS' => '', 'FIRST_POST_URL' => '', 'FIRST_POST' => '', 'USE_CAPTCHA' => $use_captcha, 'POST_WARNING' => get_param('post_warning', ''), 'COMMENT_TEXT' => '', 'GET_EMAIL' => false, 'EMAIL_OPTIONAL' => true, 'GET_TITLE' => true, 'EM' => $em, 'DISPLAY' => 'block', 'COMMENT_URL' => $comment_url, 'TITLE' => do_lang_tempcode('FEEDBACK')));
} else {
$comment_details = new ocp_tempcode();
}
$out->attach($comment_details);
return $out;
}
/**
* Actualiser to do a mass send.
*
* @return tempcode The result of execution.
*/
function mass_send()
{
$title = get_page_title('SEND_ALL');
require_code('mail');
$rows = $GLOBALS['SITE_DB']->query_select('logged_mail_messages', array('*'), array('m_queued' => 1));
foreach ($rows as $row) {
$subject = $row['m_subject'];
$message = $row['m_message'];
$to_email = unserialize($row['m_to_email']);
$to_name = unserialize($row['m_to_name']);
$from_email = $row['m_from_email'];
$from_name = $row['m_from_name'];
mail_wrap($subject, $message, $to_email, $to_name, $from_email, $from_name, $row['m_priority'], unserialize($row['m_attachments']), $row['m_no_cc'] == 1, $row['m_as'], $row['m_as_admin'] == 1, $row['m_in_html'] == 1, true);
}
$GLOBALS['SITE_DB']->query_update('logged_mail_messages', array('m_queued' => 0), array('m_queued' => 1));
$url = build_url(array('page' => '_SELF', 'type' => 'misc'), '_SELF');
return redirect_screen($title, $url, do_lang_tempcode('SENT_NUM', escape_html(integer_format(count($rows)))));
}
/**
* Find if the given member id and password is valid. If username is NULL, then the member id is used instead.
* All authorisation, cookies, and form-logins, are passed through this function.
* Some forums do cookie logins differently, so a Boolean is passed in to indicate whether it is a cookie login.
*
* @param ?SHORT_TEXT The member username (NULL: don't use this in the authentication - but look it up using the ID if needed)
* @param ?MEMBER The member id (NULL: use member name)
* @param MD5 The md5-hashed password
* @param string The raw password
* @param boolean Whether this is a cookie login, determines how the hashed password is treated for the value passed in
* @return array A map of 'id' and 'error'. If 'id' is NULL, an error occurred and 'error' is set
*/
function forum_authorise_login($username, $userid, $password_hashed, $password_raw, $cookie_login = false)
{
$out = array();
$out['id'] = NULL;
require_code('ocf_members');
require_code('ocf_groups');
if (!function_exists('require_lang')) {
require_code('lang');
}
if (!function_exists('do_lang_tempcode')) {
require_code('tempcode');
}
if (!function_exists('require_lang')) {
return $out;
}
require_lang('ocf');
require_code('mail');
$skip_auth = false;
if ($userid === NULL) {
$rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'f_members WHERE ' . db_string_equal_to('m_username', $username), 1);
if (!array_key_exists(0, $rows) && get_option('one_per_email_address') == '1') {
$rows = $this->connection->query('SELECT * FROM ' . $this->connection->get_table_prefix() . 'f_members WHERE ' . db_string_equal_to('m_email_address', $username) . ' ORDER BY id ASC', 1);
}
if (array_key_exists(0, $rows)) {
$this->MEMBER_ROWS_CACHED[$rows[0]['id']] = $rows[0];
$userid = $rows[0]['id'];
}
} else {
$rows[0] = $this->get_member_row($userid);
}
// LDAP to the rescue if we couldn't get a row
global $LDAP_CONNECTION;
if (!array_key_exists(0, $rows) && $LDAP_CONNECTION !== NULL && $userid === NULL) {
// See if LDAP has it -- if so, we can add
$test = ocf_is_on_ldap($username);
if (!$test) {
$out['error'] = is_null($username) ? do_lang_tempcode('USER_NO_EXIST') : do_lang_tempcode('_USER_NO_EXIST', escape_html($username));
return $out;
}
$test_auth = ocf_ldap_authorise_login($username, $password_raw);
if ($test_auth['m_pass_hash_salted'] == '!!!') {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
if ($test) {
require_code('ocf_members_action');
require_code('ocf_members_action2');
$completion_form_submitted = trim(post_param('email_address', '')) != '';
if (!$completion_form_submitted && get_value('no_finish_profile') !== '1') {
@ob_end_clean();
if (!function_exists('do_header')) {
require_code('site');
}
$middle = ocf_member_external_linker_ask($username, 'ldap', ocf_ldap_guess_email($username));
$tpl = globalise($middle, NULL, '', true);
$tpl->evaluate_echo();
exit;
} else {
$userid = ocf_member_external_linker($username, uniqid('', true), 'ldap');
$row = $this->get_member_row($userid);
}
}
}
if (!array_key_exists(0, $rows) || $rows[0] === NULL) {
$out['error'] = is_null($username) ? do_lang_tempcode('USER_NO_EXIST') : do_lang_tempcode('_USER_NO_EXIST', escape_html($username));
return $out;
}
$row = $rows[0];
// Now LDAP can kick in and get the correct hash
if (ocf_is_ldap_member($userid)) {
//$rows[0]['m_pass_hash_salted']=ocf_get_ldap_hash($userid);
// Doesn't exist any more? This is a special case - the 'LDAP member' exists in our DB, but not LDAP. It has been deleted from LDAP or LDAP server has jumped
/*if (is_null($rows[0]['m_pass_hash_salted']))
{
$out['error']=(do_lang_tempcode('_USER_NO_EXIST',$username));
return $out;
} No longer appropriate with new authentication mode - instead we just have to give an invalid password message */
$row = array_merge($row, ocf_ldap_authorise_login($username, $password_hashed));
}
if (addon_installed('unvalidated')) {
if ($row['m_validated'] == 0) {
$out['error'] = do_lang_tempcode('USER_NOT_VALIDATED_STAFF');
return $out;
}
}
if ($row['m_validated_email_confirm_code'] != '') {
$out['error'] = do_lang_tempcode('USER_NOT_VALIDATED_EMAIL');
return $out;
}
if ($this->is_banned($row['id'])) {
$out['error'] = do_lang_tempcode('USER_BANNED');
return $out;
}
// Check password
if (!$skip_auth) {
// Choose a compatibility screen.
// Note that almost all cookie logins are the same. This is because the cookie logins use OCF cookies, regardless of compatibility scheme.
$password_compatibility_scheme = $row['m_password_compat_scheme'];
switch ($password_compatibility_scheme) {
case 'remote':
// This will work too - we're logging in with the username of a remote profile, so no resynching will happen
// This will work too - we're logging in with the username of a remote profile, so no resynching will happen
case '':
// ocPortal style salted MD5 algorithm
if ($cookie_login) {
if ($password_hashed !== $row['m_pass_hash_salted']) {
require_code('tempcode');
// This can be incidental even in fast AJAX scripts, if an old invalid cookie is present, so we need tempcode for do_lang_tempcode
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
} else {
if (md5($row['m_pass_salt'] . $password_hashed) !== $row['m_pass_hash_salted']) {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
}
break;
case 'plain':
if ($password_hashed !== md5($row['m_pass_hash_salted'])) {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
break;
case 'md5':
// Old style plain md5 (also works if both are unhashed: used for LDAP)
if ($password_hashed !== $row['m_pass_hash_salted'] && $password_hashed != '!!!') {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
break;
/* case 'httpauth':
// This is handled in get_member() */
break;
case 'ldap':
if ($password_hashed !== $row['m_pass_hash_salted']) {
$out['error'] = do_lang_tempcode('USER_BAD_PASSWORD');
return $out;
}
break;
default:
$path = get_file_base() . '/sources_custom/hooks/systems/ocf_auth/' . $password_compatibility_scheme . '.php';
if (!file_exists($path)) {
$path = get_file_base() . '/sources/hooks/systems/ocf_auth/' . $password_compatibility_scheme . '.php';
}
if (!file_exists($path)) {
$out['error'] = do_lang_tempcode('UNKNOWN_AUTH_SCHEME_IN_DB');
return $out;
}
require_code('hooks/systems/ocf_auth/' . $password_compatibility_scheme);
$ob = object_factory('Hook_ocf_auth_' . $password_compatibility_scheme);
$error = $ob->auth($username, $userid, $password_hashed, $password_raw, $cookie_login, $row);
if (!is_null($error)) {
$out['error'] = $error;
return $out;
}
break;
}
}
// Ok, authorised basically, but we need to see if this is a valid login IP
if (ocf_get_best_group_property($this->get_members_groups($row['id']), 'enquire_on_new_ips') == 1) {
global $SENT_OUT_VALIDATE_NOTICE;
$ip = get_ip_address(3);
$test2 = $this->connection->query_value_null_ok('f_member_known_login_ips', 'i_val_code', array('i_member_id' => $row['id'], 'i_ip' => $ip));
if ((is_null($test2) || $test2 != '') && !compare_ip_address($ip, $row['m_ip_address'])) {
if (!$SENT_OUT_VALIDATE_NOTICE) {
if (!is_null($test2)) {
$this->connection->query_delete('f_member_known_login_ips', array('i_member_id' => $row['id'], 'i_ip' => $ip), '', 1);
}
$code = !is_null($test2) ? $test2 : uniqid('', true);
$this->connection->query_insert('f_member_known_login_ips', array('i_val_code' => $code, 'i_member_id' => $row['id'], 'i_ip' => $ip));
$url = find_script('validateip') . '?code=' . $code;
$url_simple = find_script('validateip');
require_code('comcode');
$mail = do_lang('IP_VERIFY_MAIL', comcode_escape($url), comcode_escape(get_ip_address()), array($url_simple, $code), get_lang($row['id']));
$email_address = $row['m_email_address'];
if ($email_address == '') {
$email_address = get_option('staff_address');
}
if (running_script('index')) {
mail_wrap(do_lang('IP_VERIFY_MAIL_SUBJECT', NULL, NULL, NULL, get_lang($row['id'])), $mail, array($email_address), $row['m_username'], '', '', 1);
}
$SENT_OUT_VALIDATE_NOTICE = true;
}
$out['error'] = do_lang_tempcode('REQUIRES_IP_VALIDATION');
return $out;
}
}
$this->ocf_flood_control($row['id']);
$out['id'] = $row['id'];
return $out;
}
/**
* Standard modular run function for CRON hooks. Searches for tasks to perform.
*/
function run()
{
//if (!running_script('execute_temp')) return;
$time_now = time();
//$time_now=1335726076;
$last_cron_time = intval(get_value('last_welcome_mail_time'));
if ($last_cron_time == 0) {
$last_cron_time = $time_now - 24 * 60 * 60 * 7;
}
set_value('last_welcome_mail_time', strval($time_now));
//$last_cron_time=$time_now-60*60*1;
require_code('mail');
$GLOBALS['NO_DB_SCOPE_CHECK'] = true;
$mails = $GLOBALS['SITE_DB']->query_select('f_welcome_emails', array('*'));
$GLOBALS['NO_DB_SCOPE_CHECK'] = false;
foreach ($mails as $mail) {
$send_seconds_after_joining = $mail['w_send_time'] * 60 * 60;
$newsletter_style = get_value('welcome_nw_choice') === '1' && !is_null($mail['w_newsletter']) || get_value('welcome_nw_choice') !== '1' && ($mail['w_newsletter'] == 1 || get_forum_type() != 'ocf');
if ($newsletter_style) {
if (addon_installed('newsletter')) {
// Think of it like this, m_join_time (members join time) must between $last_cron_time and $time_now, but offset back by $send_seconds_after_joining
$where = ' WHERE join_time>' . strval($last_cron_time - $send_seconds_after_joining) . ' AND join_time<=' . strval($time_now - $send_seconds_after_joining) . ' AND (the_level=3 OR the_level=4)';
if (get_value('welcome_nw_choice') === '1') {
$where .= ' AND newsletter_id=' . strval($mail['w_newsletter']);
}
$members = $GLOBALS['SITE_DB']->query('SELECT s.email AS m_email_address,the_password,n_forename,n_surname,n.id,join_time AS m_join_time FROM ' . get_table_prefix() . 'newsletter_subscribe s JOIN ' . get_table_prefix() . 'newsletter n ON n.email=s.email ' . $where . ' GROUP BY s.email');
} else {
$members = array();
}
} else {
// Think of it like this, m_join_time (members join time) must between $last_cron_time and $time_now, but offset back by $send_seconds_after_joining
$where = ' WHERE m_join_time>' . strval($last_cron_time - $send_seconds_after_joining) . ' AND m_join_time<=' . strval($time_now - $send_seconds_after_joining);
if (get_option('allow_email_from_staff_disable') == '1') {
$where .= ' AND m_allow_emails=1';
}
$query = 'SELECT m_email_address,m_username,id,m_join_time FROM ' . get_table_prefix() . 'f_members' . $where;
$members = $GLOBALS['FORUM_DB']->query($query);
}
//var_dump($members);exit();
foreach ($members as $member) {
$subject = get_translated_text($mail['w_subject'], NULL, get_lang($member['id']));
$text = get_translated_text($mail['w_text'], NULL, get_lang($member['id']));
$_text = do_template('NEWSLETTER_DEFAULT', array('CONTENT' => $text, 'LANG' => get_site_default_lang()));
for ($i = 0; $i < 100; $i++) {
if (strpos($text, '{{' . strval($i) . '}}') !== false) {
$text = str_replace('{{' . strval($i) . '}}', get_timezoned_date($time_now + $i * 60 * 60 * 24), $text);
}
}
if ($member['m_email_address'] != '') {
$message = $_text->evaluate(get_lang($member['id']));
if ($newsletter_style) {
$forename = $member['n_forename'];
$surname = $member['n_surname'];
$name = trim($forename . ' ' . $surname);
require_lang('newsletter');
if ($name == '') {
$name = do_lang('NEWSLETTER_SUBSCRIBER', get_site_name());
}
} else {
$forename = '';
$surname = '';
$name = $member['m_username'];
}
if (addon_installed('newsletter')) {
if ($newsletter_style) {
$sendid = 'n' . strval($member['id']);
$hash = best_hash($member['the_password'], 'xunsub');
} else {
$sendid = 'w' . strval('id');
$hash = '';
}
require_code('newsletter');
$message = newsletter_variable_substitution($message, $subject, $forename, $surname, $name, $member['m_email_address'], $sendid, $hash);
}
if ($is_html) {
require_code('tempcode_compiler');
$temp = template_to_tempcode($message);
$message = $temp->evaluate(get_lang($member['id']));
}
if (get_value('notification_safety_testing') === '1') {
$test = $GLOBALS['SITE_DB']->query_value_null_ok('logged_mail_messages', 'm_date_and_time', array('m_subject' => $subject, 'm_to_email' => serialize(array($member['m_email_address']))));
if (!is_null($test)) {
if ($test > $member['m_join_time']) {
fatal_exit(do_lang('INTERNAL_ERROR') . ' [' . $member['m_email_address'] . ']');
}
// otherwise they probably just resubscribed and hence bumped their time
}
}
mail_wrap($subject, $message, array($member['m_email_address']), $name, '', '', 3, NULL, false, NULL, true, $is_html);
}
}
}
}
/**
* Unban a member.
*
* @param AUTO_LINK The ID of the member.
*/
function ocf_unban_member($member_id)
{
require_code('mail');
$username = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_username');
$email_address = $GLOBALS['OCF_DRIVER']->get_member_row_field($member_id, 'm_email_address');
$GLOBALS['FORUM_DB']->query_update('f_members', array('m_is_perm_banned' => 0), array('id' => $member_id), '', 1);
log_it('UNBAN_MEMBER', strval($member_id), $username);
$mail = do_lang('UNBAN_MEMBER_MAIL', $username, get_site_name(), array(), get_lang($member_id));
mail_wrap(do_lang('UNBAN_MEMBER_MAIL_SUBJECT', NULL, NULL, NULL, get_lang($member_id)), $mail, array($email_address), $username, '', '', 2);
}
/**
* The UI to confirm sending of our newsletter.
*
* @return tempcode The UI
*/
function confirm_send()
{
$title = get_page_title('NEWSLETTER_SEND');
$message = post_param('message');
$subject = post_param('subject');
$lang = choose_language($title);
$template = post_param('template', 'MAIL');
$in_full = post_param_integer('in_full', 0);
$html_only = post_param_integer('html_only', 0);
$from_email = post_param('from_email', '');
$from_name = post_param('from_name', '');
$extra_post_data = array();
require_code('uploads');
if (is_swf_upload(true) && array_key_exists('file', $_FILES) || array_key_exists('file', $_FILES) && is_uploaded_file($_FILES['file']['tmp_name'])) {
$_csv_data = array();
$myfile = fopen($_FILES['file']['tmp_name'], 'rt');
$del = ',';
$csv_test_line = fgetcsv($myfile, 4096, $del);
if (count($csv_test_line) == 1 && strpos($csv_test_line[0], ';') !== false) {
$del = ';';
}
rewind($myfile);
while (($csv_line = fgetcsv($myfile, 4096, $del)) !== false) {
$_csv_data[] = $csv_line;
}
fclose($myfile);
$extra_post_data['csv_data'] = serialize($_csv_data);
}
if (post_param_integer('make_periodic', 0) == 1) {
// We're making a periodic newsletter. Thus we need to pass this info
// through to the next step
$extra_post_data['make_periodic'] = '1';
// Re-generate preview from latest chosen_categories
$message = $this->generate_whats_new_comcode(post_param('chosen_categories', ''), $in_full, $lang, get_input_date('cutoff'));
}
$address = $GLOBALS['FORUM_DRIVER']->get_member_email_address(get_member());
if ($address == '') {
$address = get_option('staff_address');
}
$username = $GLOBALS['FORUM_DRIVER']->get_username(get_member());
$message = newsletter_variable_substitution($message, $subject, '', '', do_lang('UNKNOWN'), $address, 'test', '');
require_code('mail');
require_code('tempcode_compiler');
$in_html = false;
if (strpos($message, '<html') !== false) {
$_preview = template_to_tempcode($message);
$in_html = true;
} else {
$comcode_version = comcode_to_tempcode($message, get_member(), true);
$_preview = do_template('MAIL', array('TITLE' => $subject, 'CSS' => css_tempcode(true, true, $comcode_version->evaluate()), 'LANG' => get_site_default_lang(), 'LOGOURL' => get_logo_url(''), 'CONTENT' => $comcode_version), NULL, false, NULL, '.tpl', 'templates', $GLOBALS['FORUM_DRIVER']->get_theme(''));
$in_html = $html_only == 1;
}
$text_preview = $html_only == 1 ? '' : comcode_to_clean_text(static_evaluate_tempcode(template_to_tempcode($message)));
require_code('mail');
$preview_subject = $subject;
if (post_param_integer('make_periodic', 0) == 1) {
$preview_subject .= ' - ' . get_timezoned_date(time(), false, false, false, true);
}
require_code('comcode_text');
$preview = do_template('NEWSLETTER_CONFIRM_WRAP', array('_GUID' => '02bd5a782620141f8589e647e2c6d90b', 'TEXT_PREVIEW' => $text_preview, 'PREVIEW' => $_preview, 'SUBJECT' => $subject));
mail_wrap($preview_subject, $html_only == 1 ? $_preview->evaluate() : $message, array($address), $username, $from_email, $from_name, 3, NULL, true, NULL, true, $in_html);
breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('MANAGE_NEWSLETTER')), array('_SELF:_SELF:new', do_lang_tempcode('NEWSLETTER_SEND'))));
breadcrumb_set_self(do_lang_tempcode('CONFIRM'));
require_code('templates_confirm_screen');
return form_confirm_screen($title, $preview, 'send', get_param('old_type', 'new'), $extra_post_data);
}
/**
* Send out a notification to a member.
*
* @param MEMBER Member to send to
* @param integer Listening setting
* @param ID_TEXT The notification code to use
* @param ?SHORT_TEXT The category within the notification code (NULL: none)
* @param SHORT_TEXT Message subject (in Comcode)
* @param LONG_TEXT Message body (in Comcode)
* @param integer The member ID doing the sending. Either a USER or a negative number (e.g. A_FROM_SYSTEM_UNPRIVILEGED)
* @param integer The message priority (1=urgent, 3=normal, 5=low)
* @range 1 5
* @param boolean Whether to NOT CC to the CC address
* @return boolean New $no_cc setting
*/
function _dispatch_notification_to_member($to_member_id, $setting, $notification_code, $code_category, $subject, $message, $from_member_id, $priority, $no_cc)
{
// Fish out some general details of the sender
$to_name = $GLOBALS['FORUM_DRIVER']->get_username($to_member_id);
$from_email = '';
$from_name = '';
if (!is_null($from_member_id) && $from_member_id >= 0) {
/*$from_email=$GLOBALS['FORUM_DRIVER']->get_member_email_address($from_member_id); No; we can't disclose email addresses, so notifications will all be emailed from system
if ($from_email=='') $from_email='';
$from_name=$GLOBALS['FORUM_DRIVER']->get_username($from_member_id);*/
}
$db = substr($notification_code, 0, 4) == 'ocf_' ? $GLOBALS['FORUM_DB'] : $GLOBALS['SITE_DB'];
// If none-specified, we'll need to be clever now
if ($setting == A__STATISTICAL) {
$setting = _find_member_statistical_notification_type($to_member_id);
}
$needs_manual_cc = true;
$message_to_send = $message;
// May get tweaked, if we have some kind of error to explain, etc
// Send according to the listen setting...
if (_notification_setting_available(A_INSTANT_SMS, $to_member_id)) {
if (($setting & A_INSTANT_SMS) != 0) {
$wrapped_message = do_lang('NOTIFICATION_SMS_COMPLETE_WRAP', $subject, $message_to_send);
// Lang string may be modified to include {2}, but would cost more. Default just has {1}.
require_code('sms');
$successes = sms_wrap($wrapped_message, array($to_member_id));
if ($successes == 0) {
$setting = $setting | A_INSTANT_EMAIL;
// Make sure it also goes to email then
$message_to_send = do_lang('INSTEAD_OF_SMS', $message);
}
}
}
if (_notification_setting_available(A_INSTANT_EMAIL, $to_member_id)) {
if (($setting & A_INSTANT_EMAIL) != 0) {
$to_email = $GLOBALS['FORUM_DRIVER']->get_member_email_address($to_member_id);
if ($to_email != '') {
$wrapped_subject = do_lang('NOTIFICATION_EMAIL_SUBJECT_WRAP', $subject, comcode_escape(get_site_name()));
$wrapped_message = do_lang('NOTIFICATION_EMAIL_MESSAGE_WRAP', $message_to_send, comcode_escape(get_site_name()));
mail_wrap($wrapped_subject, $wrapped_message, array($to_email), $to_name, $from_email, $from_name, $priority, NULL, $no_cc, $from_member_id < 0 ? $GLOBALS['FORUM_DRIVER']->get_guest_id() : $from_member_id, $from_member_id == A_FROM_SYSTEM_PRIVILEGED, false);
$needs_manual_cc = false;
$no_cc = true;
// Don't CC again
}
}
}
if (_notification_setting_available(A_DAILY_EMAIL_DIGEST, $to_member_id)) {
if (($setting & A_DAILY_EMAIL_DIGEST) != 0 || ($setting & A_WEEKLY_EMAIL_DIGEST) != 0 || ($setting & A_MONTHLY_EMAIL_DIGEST) != 0) {
foreach (array(A_DAILY_EMAIL_DIGEST, A_WEEKLY_EMAIL_DIGEST, A_MONTHLY_EMAIL_DIGEST) as $frequency) {
if (($setting & $frequency) != 0) {
$GLOBALS['SITE_DB']->query_insert('digestives_tin', array('d_subject' => $subject, 'd_message' => $message, 'd_from_member_id' => $from_member_id, 'd_to_member_id' => $to_member_id, 'd_priority' => $priority, 'd_no_cc' => $no_cc ? 1 : 0, 'd_date_and_time' => time(), 'd_notification_code' => substr($notification_code, 0, 80), 'd_code_category' => is_null($code_category) ? '' : $code_category, 'd_frequency' => $frequency));
$GLOBALS['SITE_DB']->query_insert('digestives_consumed', array('c_member_id' => $to_member_id, 'c_frequency' => $frequency, 'c_time' => time()), false, true);
}
}
$needs_manual_cc = false;
}
}
if (_notification_setting_available(A_INSTANT_PT, $to_member_id)) {
if (($setting & A_INSTANT_PT) != 0) {
require_code('ocf_topics_action');
require_code('ocf_posts_action');
$wrapped_subject = do_lang('NOTIFICATION_PT_SUBJECT_WRAP', $subject);
$wrapped_message = do_lang('NOTIFICATION_PT_MESSAGE_WRAP', $message_to_send);
// NB: These are posted by Guest (system) although the display name is set to the member triggering. This is intentional to stop said member getting unexpected replies.
$topic_id = ocf_make_topic(NULL, $wrapped_subject, 'ocf_topic_modifiers/announcement', 1, 1, 0, 0, 0, db_get_first_id(), $to_member_id, false, 0, NULL, '');
ocf_make_post($topic_id, $wrapped_subject, $wrapped_message, 0, true, 1, 0, $from_member_id < 0 ? do_lang('SYSTEM') : $from_name, NULL, NULL, db_get_first_id(), NULL, NULL, NULL, false, true, NULL, true, $wrapped_subject, 0, NULL, true, true, true, $from_member_id == A_FROM_SYSTEM_PRIVILEGED);
}
}
// Send to staff CC address regardless
if (!$no_cc && $needs_manual_cc) {
$no_cc = true;
// Don't CC again
$to_email = get_option('cc_address');
if ($to_email != '') {
mail_wrap($subject, $message, array($to_email), $to_name, $from_email, $from_name, $priority, NULL, true, $from_member_id < 0 ? NULL : $from_member_id, $from_member_id == A_FROM_SYSTEM_PRIVILEGED, false);
}
}
return $no_cc;
}
/**
* Send a newsletter join confirmation.
*
* @param SHORT_TEXT The e-mail address
* @param SHORT_TEXT The confirmation code
* @param ?SHORT_TEXT The newsletter password (NULL: password may not be viewed, because it's been permanently hashed already)
* @param string Subscribers forename
* @param string Subscribers surname
*/
function send_confirmation($email, $code_confirm, $password, $forename, $surname)
{
if (is_null($password)) {
$password = do_lang('NEWSLETTER_PASSWORD_ENCRYPTED');
}
$_url = build_url(array('page' => 'newsletter', 'type' => 'confirm', 'email' => $email, 'confirm' => $code_confirm), '_SELF', NULL, false, true);
$url = $_url->evaluate();
$message = do_lang('NEWSLETTER_SIGNUP_TEXT', comcode_escape($url), comcode_escape($password), array($forename, $surname, $email, get_site_name()));
require_code('mail');
mail_wrap(do_lang('NEWSLETTER_SIGNUP'), $message, array($email), $GLOBALS['FORUM_DRIVER']->get_username(get_member()));
}
/**
* Standard modular run function.
*
* @param array A map of parameters.
* @return tempcode The result of execution.
*/
function run($map)
{
require_lang('messaging');
require_code('feedback');
$type = array_key_exists('param', $map) ? $map['param'] : do_lang('GENERAL');
$id = uniqid('', true);
$_self_url = build_url(array('page' => 'admin_messaging', 'type' => 'view', 'id' => $id, 'message_type' => $type), get_module_zone('admin_messaging'));
$self_url = $_self_url->evaluate();
$self_title = post_param('title', do_lang('CONTACT_US_MESSAGING'));
$post = post_param('post', '');
$title = post_param('title', '');
$box_title = array_key_exists('title', $map) ? $map['title'] : do_lang('CONTACT_US');
if (post_param_integer('_comment_form_post', 0) == 1 && $post != '') {
$message = new ocp_tempcode();
/*Used to be written out here*/
attach_message(do_lang_tempcode('MESSAGE_SENT'), 'inform');
// Check CAPTCHA
if (addon_installed('captcha') && get_option('captcha_on_feedback') == '1') {
require_code('captcha');
enforce_captcha();
}
// Handle notifications
require_code('notifications');
$notification_subject = do_lang('CONTACT_US_NOTIFICATION_SUBJECT', $title, NULL, NULL, get_site_default_lang());
$notification_message = do_lang('CONTACT_US_NOTIFICATION_MESSAGE', comcode_escape(get_site_name()), comcode_escape($GLOBALS['FORUM_DRIVER']->get_username(get_member())), array($post, comcode_escape($type)), get_site_default_lang());
dispatch_notification('messaging', $type . '_' . $id, $notification_subject, $notification_message, NULL, NULL, 3, true);
// Send standard confirmation email to current user
$email_from = trim(post_param('email', $GLOBALS['FORUM_DRIVER']->get_member_email_address(get_member())));
if ($email_from != '') {
require_code('mail');
mail_wrap(do_lang('YOUR_MESSAGE_WAS_SENT_SUBJECT', $title), do_lang('YOUR_MESSAGE_WAS_SENT_BODY', $post), array($email_from), NULL, '', '', 3, NULL, false, get_member());
}
decache('main_staff_checklist');
} else {
$message = new ocp_tempcode();
}
if (!has_no_forum()) {
// Comment posts
$forum = get_option('messaging_forum_name');
$count = 0;
$_comments = $GLOBALS['FORUM_DRIVER']->get_forum_topic_posts($GLOBALS['FORUM_DRIVER']->find_topic_id_for_topic_identifier($forum, $type . '_' . $id), $count);
if ($_comments !== -1) {
$em = $GLOBALS['FORUM_DRIVER']->get_emoticon_chooser();
require_javascript('javascript_editing');
$comcode_help = build_url(array('page' => 'userguide_comcode'), get_comcode_zone('userguide_comcode', false));
require_javascript('javascript_validation');
$comment_url = get_self_url();
$email_optional = array_key_exists('email_optional', $map) ? intval($map['email_optional']) == 1 : true;
if (addon_installed('captcha')) {
require_code('captcha');
$use_captcha = get_option('captcha_on_feedback') == '1' && use_captcha();
if ($use_captcha) {
generate_captcha();
}
} else {
$use_captcha = false;
}
$comment_details = do_template('COMMENTS_POSTING_FORM', array('JOIN_BITS' => '', 'FIRST_POST_URL' => '', 'FIRST_POST' => '', 'USE_CAPTCHA' => $use_captcha, 'EMAIL_OPTIONAL' => $email_optional, 'POST_WARNING' => '', 'COMMENT_TEXT' => '', 'GET_EMAIL' => true, 'GET_TITLE' => true, 'EM' => $em, 'DISPLAY' => 'block', 'COMMENT_URL' => $comment_url, 'TITLE' => $box_title));
$notifications_enabled = NULL;
$notification_change_url = NULL;
if (has_actual_page_access(get_member(), 'admin_messaging')) {
require_code('notifications');
$notifications_enabled = notifications_enabled('messaging', 'type', get_member());
}
$out = do_template('BLOCK_MAIN_CONTACT_US', array('_GUID' => 'fd269dce5ff984ee558e9052fa0150b0', 'COMMENT_DETAILS' => $comment_details, 'MESSAGE' => $message, 'NOTIFICATIONS_ENABLED' => $notifications_enabled, 'TYPE' => $type));
} else {
$out = new ocp_tempcode();
}
} else {
$out = new ocp_tempcode();
}
return $out;
}
/**
* Actually send out the newsletter in the background.
*/
function newsletter_shutdown_function()
{
global $NEWSLETTER_SUBJECT, $NEWSLETTER_MESSAGE, $NEWSLETTER_HTML_ONLY, $NEWSLETTER_FROM_EMAIL, $NEWSLETTER_FROM_NAME, $NEWSLETTER_PRIORITY, $NEWSLETTER_SEND_DETAILS, $NEWSLETTER_LANGUAGE, $CSV_DATA, $NEWSLETTER_MAIL_TEMPLATE;
//mail_wrap($NEWSLETTER_SUBJECT,$NEWSLETTER_MESSAGE,$NEWSLETTER_ADDRESSES,$NEWSLETTER_USERNAMES,$NEWSLETTER_FROM_EMAIL,$NEWSLETTER_FROM_NAME,3,NULL,true,NULL,true,$NEWSLETTER_HTML_ONLY==1); Not so easy any more as message needs tailoring per subscriber
disable_php_memory_limit();
// As PHP can leak memory, or caches can fill, even if we do this carefully
$last_cron = get_value('last_cron');
$start = 0;
do {
list($addresses, $hashes, $usernames, $forenames, $surnames, $ids, ) = newsletter_who_send_to($NEWSLETTER_SEND_DETAILS, $NEWSLETTER_LANGUAGE, $start, 100, false, $CSV_DATA);
// Send to all
foreach ($addresses as $i => $email_address) {
// Variable substitution in body
$newsletter_message_substituted = newsletter_variable_substitution($NEWSLETTER_MESSAGE, $NEWSLETTER_SUBJECT, $forenames[$i], $surnames[$i], $usernames[$i], $email_address, $ids[$i], $hashes[$i]);
$in_html = false;
if (strpos($newsletter_message_substituted, '<html') === false) {
if ($NEWSLETTER_HTML_ONLY == 1) {
$_m = comcode_to_tempcode($newsletter_message_substituted, get_member(), true);
$newsletter_message_substituted = $_m->evaluate($NEWSLETTER_LANGUAGE);
$in_html = true;
}
} else {
require_code('tempcode_compiler');
$_m = template_to_tempcode($newsletter_message_substituted);
$newsletter_message_substituted = $_m->evaluate($NEWSLETTER_LANGUAGE);
$in_html = true;
}
if (!is_null($last_cron)) {
$GLOBALS['SITE_DB']->query_insert('newsletter_drip_send', array('d_inject_time' => time(), 'd_subject' => $NEWSLETTER_SUBJECT, 'd_message' => $newsletter_message_substituted, 'd_html_only' => $NEWSLETTER_HTML_ONLY, 'd_to_email' => $email_address, 'd_to_name' => $usernames[$i], 'd_from_email' => $NEWSLETTER_FROM_EMAIL, 'd_from_name' => $NEWSLETTER_FROM_NAME, 'd_priority' => $NEWSLETTER_PRIORITY, 'd_template' => $NEWSLETTER_MAIL_TEMPLATE));
} else {
mail_wrap($NEWSLETTER_SUBJECT, $newsletter_message_substituted, array($email_address), array($usernames[$i]), $NEWSLETTER_FROM_EMAIL, $NEWSLETTER_FROM_NAME, $NEWSLETTER_PRIORITY, NULL, true, NULL, true, $in_html, false, $NEWSLETTER_MAIL_TEMPLATE);
}
}
$start += 100;
} while (array_key_exists(0, $addresses));
}
/**
* The actualiser to contact a member.
*
* @return tempcode The UI
*/
function actual()
{
if (addon_installed('captcha')) {
require_code('captcha');
enforce_captcha();
}
$member_id = get_param_integer('id');
$email_address = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_email_address');
if (is_null($email_address)) {
fatal_exit(do_lang_tempcode('INTERNAL_ERROR'));
}
$to_name = $GLOBALS['FORUM_DRIVER']->get_username($member_id);
breadcrumb_set_parents(array(array('_SELF:_SELF:misc', do_lang_tempcode('EMAIL_MEMBER', escape_html($to_name)))));
if (is_null($to_name)) {
warn_exit(do_lang_tempcode('USER_NO_EXIST'));
}
$from_email = trim(post_param('email_address'));
require_code('type_validation');
if (!is_valid_email_address($from_email)) {
warn_exit(do_lang_tempcode('INVALID_EMAIL_ADDRESS'));
}
$from_name = post_param('name');
$title = get_page_title('EMAIL_MEMBER', true, array(escape_html($GLOBALS['FORUM_DRIVER']->get_username($member_id))));
require_code('mail');
$attachments = array();
$size_so_far = 0;
require_code('uploads');
is_swf_upload(true);
foreach ($_FILES as $file) {
if (is_swf_upload() || is_uploaded_file($file['tmp_name'])) {
$attachments[$file['tmp_name']] = $file['name'];
$size_so_far += $file['size'];
} else {
if (defined('UPLOAD_ERR_NO_FILE') && array_key_exists('error', $file) && $file['error'] != UPLOAD_ERR_NO_FILE) {
warn_exit(do_lang_tempcode('ERROR_UPLOADING_ATTACHMENTS'));
}
}
}
$size = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member_id, 'm_max_email_attach_size_mb');
if ($size_so_far > $size * 1024 * 1024) {
warn_exit(do_lang_tempcode('EXCEEDED_ATTACHMENT_SIZE', integer_format($size)));
}
mail_wrap(do_lang('EMAIL_MEMBER_SUBJECT', get_site_name(), post_param('subject'), NULL, get_lang($member_id)), post_param('message'), array($email_address), $to_name, $from_email, $from_name, 3, $attachments, false, get_member());
log_it('EMAIL', strval($member_id), $to_name);
breadcrumb_set_self(do_lang_tempcode('DONE'));
$url = get_param('redirect');
return redirect_screen($title, $url, do_lang_tempcode('SUCCESS'));
}
/**
* Relay an error message, if appropriate, to e-mail listeners (sometimes ocProducts, and site staff).
*
* @param string A error message (in HTML)
* @param boolean Also send to ocProducts
* @param ID_TEXT The notification type
*/
function relay_error_notification($text, $ocproducts = true, $notification_type = 'error_occurred')
{
// Make sure we don't send too many error emails
if (function_exists('get_value') && $GLOBALS['BOOTSTRAPPING'] == 0 && array_key_exists('SITE_DB', $GLOBALS) && !is_null($GLOBALS['SITE_DB'])) {
$num = intval(get_value('num_error_mails_' . date('Y-m-d'))) + 1;
if ($num == 51) {
return;
}
// We've sent too many error mails today
$GLOBALS['SITE_DB']->query('DELETE FROM ' . get_table_prefix() . 'values WHERE the_name LIKE \'' . db_encode_like('num\\_error\\_mails\\_%') . '\'');
persistant_cache_delete('VALUES');
set_value('num_error_mails_' . date('Y-m-d'), strval($num));
}
if (!function_exists('require_lang')) {
return;
}
require_code('urls');
require_code('tempcode');
$error_url = running_script('index') ? static_evaluate_tempcode(build_url(array('page' => '_SELF'), '_SELF', NULL, true, false, true)) : get_self_url_easy();
require_code('notifications');
require_code('comcode');
$mail = do_lang('ERROR_MAIL', comcode_escape($error_url), str_replace(array('[html', '[/html'), array('[html', '[/html'), $text), NULL, get_site_default_lang());
dispatch_notification($notification_type, NULL, do_lang('ERROR_OCCURRED_SUBJECT', get_page_name(), NULL, NULL, get_site_default_lang()), $mail, NULL, A_FROM_SYSTEM_PRIVILEGED);
if ($ocproducts && get_option('send_error_emails_ocproducts', true) == '1' && !running_script('cron_bridge') && strpos($text, '_custom/') === false && strpos($text, 'data/occle.php') === false && strpos($text, '/mini') === false && strpos($text, 'A transaction for the wrong IPN e-mail went through') === false && strpos($text, 'has been disabled for security reasons') === false && strpos($text, 'max_questions') === false && strpos($text, 'Error at offset') === false && strpos($text, 'Unable to allocate memory for pool') === false && strpos($text, 'Out of memory') === false && strpos($text, 'Disk is full writing') === false && strpos($text, 'Disk quota exceeded') === false && strpos($text, 'from storage engine') === false && strpos($text, 'Lost connection to MySQL server') === false && strpos($text, 'Unable to save result set') === false && strpos($text, '.MYI') === false && strpos($text, 'MySQL server has gone away') === false && strpos($text, 'Incorrect key file') === false && strpos($text, 'Too many connections') === false && strpos($text, 'marked as crashed and should be repaired') === false && strpos($text, 'connect to') === false && strpos($text, 'Access denied for') === false && strpos($text, 'Unknown database') === false && strpos($text, 'headers already sent') === false && preg_match('#Maximum execution time of \\d+ seconds#', $text) == 0 && preg_match('#Out of memory \\(allocated (1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24)\\d{6}\\)#', $text) == 0 && strpos($text, 'is marked as crashed and last') === false && strpos($text, 'failed to open stream: Permission denied') === false && strpos($text, 'phpinfo() has been disabled') === false && (strpos($text, 'Maximum execution time') === false || strpos($text, '/js_') === false && strpos($text, '/caches_filesystem.php') === false && strpos($text, '/files2.php') === false) && (strpos($text, 'doesn\'t exist') === false || strpos($text, 'import') === false) && (strpos($text, 'No such file or directory') === false || strpos($text, 'admin_setupwizard') === false) && strpos($text, 'File(/tmp/) is not within the allowed path') === false) {
require_code('mail');
mail_wrap(do_lang('ERROR_OCCURRED_SUBJECT', get_page_name(), NULL, NULL, get_site_default_lang()) . ' ' . ocp_version_full(), $mail, array('errors_final' . strval(ocp_version()) . '@ocportal.com'), '', '', '', 3, NULL, true, NULL, true);
}
if ($ocproducts && !is_null(get_value('agency_email_address'))) {
require_code('mail');
$agency_email_address = get_value('agency_email_address');
mail_wrap(do_lang('ERROR_OCCURRED_SUBJECT', get_page_name(), NULL, NULL, get_site_default_lang()) . ' ' . ocp_version_full(), $mail, array($agency_email_address), '', '', '', 3, NULL, true, NULL, true);
}
}
/**
* The UI and actualisation for: accepting code if it is correct (and not ''), and setting password to something random, emailing it
*
* @return tempcode The UI
*/
function step3()
{
$title = get_page_title('RESET_PASSWORD');
$code = get_param('code', '');
if ($code == '') {
require_code('form_templates');
$fields = new ocp_tempcode();
$fields->attach(form_input_username(do_lang_tempcode('USERNAME'), '', 'username', NULL, true));
$fields->attach(form_input_integer(do_lang_tempcode('CODE'), '', 'code', NULL, true));
$submit_name = do_lang_tempcode('PROCEED');
return do_template('FORM_SCREEN', array('_GUID' => '6e4db5c6f3c75faa999251339533d22a', 'TITLE' => $title, 'GET' => true, 'SKIP_VALIDATION' => true, 'HIDDEN' => '', 'URL' => get_self_url(false, false, NULL, false, true), 'FIELDS' => $fields, 'TEXT' => do_lang_tempcode('MISSING_CONFIRM_CODE'), 'SUBMIT_NAME' => $submit_name));
}
$username = get_param('username', NULL);
if (!is_null($username)) {
$username = trim($username);
$member = $GLOBALS['FORUM_DRIVER']->get_member_from_username($username);
if (is_null($member)) {
warn_exit(do_lang_tempcode('PASSWORD_RESET_ERROR_2'));
}
} else {
$member = get_param_integer('member');
}
$correct_code = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member, 'm_password_change_code');
if ($correct_code == '') {
$_reset_url = build_url(array('page' => '_SELF', 'username' => $GLOBALS['FORUM_DRIVER']->get_username($member)), '_SELF');
$reset_url = $_reset_url->evaluate();
warn_exit(do_lang_tempcode('PASSWORD_ALREADY_RESET', escape_html($reset_url), get_site_name()));
}
if ($code != $correct_code) {
$test = $GLOBALS['SITE_DB']->query_value_null_ok('adminlogs', 'date_and_time', array('the_type' => 'RESET_PASSWORD', 'param_a' => strval($member), 'param_b' => $code));
if (!is_null($test)) {
warn_exit(do_lang_tempcode('INCORRECT_PASSWORD_RESET_CODE'));
}
log_hack_attack_and_exit('HACK_ATTACK_PASSWORD_CHANGE');
}
$email = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member, 'm_email_address');
$new_password = get_rand_password();
// Send password in mail
$_login_url = build_url(array('page' => 'login', 'username' => $GLOBALS['FORUM_DRIVER']->get_username($member)), get_module_zone('login'), NULL, false, false, true);
$login_url = $_login_url->evaluate();
$message = do_lang('MAIL_NEW_PASSWORD', comcode_escape($new_password), $login_url, get_site_name());
require_code('mail');
mail_wrap(do_lang('RESET_PASSWORD'), $message, array($email), $GLOBALS['FORUM_DRIVER']->get_username($member), '', '', 3, NULL, false, NULL, false, false, false, 'MAIL', true);
if (get_value('no_password_hashing') === '1') {
$password_compatibility_scheme = 'plain';
$new = $new_password;
} else {
$password_compatibility_scheme = '';
$salt = $GLOBALS['FORUM_DRIVER']->get_member_row_field($member, 'm_pass_salt');
$new = md5($salt . md5($new_password));
}
unset($_GET['code']);
$GLOBALS['FORUM_DB']->query_update('f_members', array('m_validated_email_confirm_code' => '', 'm_password_compat_scheme' => $password_compatibility_scheme, 'm_password_change_code' => '', 'm_pass_hash_salted' => $new), array('id' => $member), '', 1);
return inform_screen($title, do_lang_tempcode('NEW_PASSWORD_MAILED', escape_html($email)));
}
/**
* Actualise the join form.
*
* @param boolean Whether to handle CAPTCHA (if enabled at all)
* @param boolean Whether to ask for intro messages (if enabled at all)
* @param boolean Whether to check for invites (if enabled at all)
* @param boolean Whether to check email-address restrictions (if enabled at all)
* @param boolean Whether to require staff confirmation (if enabled at all)
* @param boolean Whether to force email address validation (if enabled at all)
* @param boolean Whether to do COPPA checks (if enabled at all)
* @param boolean Whether to instantly log the user in
* @return array A tuple: Messages to show (currently nothing else in tuple)
*/
function ocf_join_actual($captcha_if_enabled = true, $intro_message_if_enabled = true, $invites_if_enabled = true, $one_per_email_address_if_enabled = true, $confirm_if_enabled = true, $validate_if_enabled = true, $coppa_if_enabled = true, $instant_login = false)
{
ocf_require_all_forum_stuff();
require_css('ocf');
require_code('ocf_members_action');
require_code('ocf_members_action2');
// Read in data
$username = trim(post_param('username'));
ocf_check_name_valid($username, NULL, NULL, true);
// Adjusts username if needed
$password = trim(post_param('password'));
$password_confirm = trim(post_param('password_confirm'));
if ($password != $password_confirm) {
warn_exit(make_string_tempcode(escape_html(do_lang('PASSWORD_MISMATCH'))));
}
$confirm_email_address = post_param('email_address_confirm', NULL);
$email_address = trim(post_param('email_address'));
if (!is_null($confirm_email_address)) {
if (trim($confirm_email_address) != $email_address) {
warn_exit(make_string_tempcode(escape_html(do_lang('EMAIL_ADDRESS_MISMATCH'))));
}
}
require_code('type_validation');
if (!is_valid_email_address($email_address)) {
warn_exit(do_lang_tempcode('INVALID_EMAIL_ADDRESS'));
}
if ($invites_if_enabled) {
if (get_option('is_on_invites') == '1') {
$test = $GLOBALS['FORUM_DB']->query_value_null_ok('f_invites', 'i_inviter', array('i_email_address' => $email_address, 'i_taken' => 0));
if (is_null($test)) {
warn_exit(do_lang_tempcode('NO_INVITE'));
}
}
$GLOBALS['FORUM_DB']->query_update('f_invites', array('i_taken' => 1), array('i_email_address' => $email_address, 'i_taken' => 0), '', 1);
}
$dob_day = post_param_integer('dob_day', NULL);
$dob_month = post_param_integer('dob_month', NULL);
$dob_year = post_param_integer('dob_year', NULL);
$reveal_age = post_param_integer('reveal_age', 0);
$timezone = post_param('timezone', get_users_timezone());
$language = post_param('language', get_site_default_lang());
$allow_emails = post_param_integer('allow_emails', 0);
$allow_emails_from_staff = post_param_integer('allow_emails_from_staff', 0);
$groups = ocf_get_all_default_groups(true);
// $groups will contain the built in default primary group too (it is not $secondary_groups)
$primary_group = post_param_integer('primary_group', NULL);
if ($primary_group !== NULL && !in_array($primary_group, $groups)) {
// Check security
$test = $GLOBALS['FORUM_DB']->query_value('f_groups', 'g_is_presented_at_install', array('id' => $primary_group));
if ($test == 1) {
$groups = ocf_get_all_default_groups(false);
// Get it so it does not include the built in default primary group
$groups[] = $primary_group;
// And add in the *chosen* primary group
} else {
$primary_group = NULL;
}
} else {
$primary_group = NULL;
}
if ($primary_group === NULL) {
$primary_group = get_first_default_group();
}
$custom_fields = ocf_get_all_custom_fields_match($groups, NULL, NULL, NULL, NULL, NULL, NULL, 0, true);
$actual_custom_fields = ocf_read_in_custom_fields($custom_fields);
// Check that the given address isn't already used (if one_per_email_address on)
$member_id = NULL;
if ($one_per_email_address_if_enabled) {
if (get_option('one_per_email_address') == '1') {
$test = $GLOBALS['FORUM_DB']->query_select('f_members', array('id', 'm_username'), array('m_email_address' => $email_address), '', 1);
if (array_key_exists(0, $test)) {
if ($test[0]['m_username'] != $username) {
$reset_url = build_url(array('page' => 'lostpassword', 'email_address' => $email_address), get_module_zone('lostpassword'));
warn_exit(do_lang_tempcode('EMAIL_ADDRESS_IN_USE', escape_html(get_site_name()), escape_html($reset_url->evaluate())));
}
$member_id = $test[0]['id'];
}
}
}
if ($captcha_if_enabled) {
if (addon_installed('captcha')) {
require_code('captcha');
enforce_captcha();
}
}
if (addon_installed('ldap')) {
require_code('ocf_ldap');
if (ocf_is_ldap_member_potential($username)) {
warn_exit(do_lang_tempcode('DUPLICATE_JOIN_AUTH'));
}
}
// Add member
$skip_confirm = get_option('skip_email_confirm_join') == '1';
if (!$confirm_if_enabled) {
$skip_confirm = true;
}
$validated_email_confirm_code = $skip_confirm ? '' : strval(mt_rand(1, 32000));
$require_new_member_validation = get_option('require_new_member_validation') == '1';
if (!$validate_if_enabled) {
$require_new_member_validation = false;
}
$coppa = get_option('is_on_coppa') == '1' && utctime_to_usertime(time() - mktime(0, 0, 0, $dob_month, $dob_day, $dob_year)) / 31536000.0 < 13.0;
if (!$coppa_if_enabled) {
$coppa = false;
}
$validated = $require_new_member_validation || $coppa ? 0 : 1;
if (is_null($member_id)) {
$member_id = ocf_make_member($username, $password, $email_address, $groups, $dob_day, $dob_month, $dob_year, $actual_custom_fields, $timezone, $primary_group, $validated, time(), time(), '', NULL, '', 0, get_option('default_preview_guests') == '1' ? 1 : 0, $reveal_age, '', '', '', 1, get_value('no_auto_notifications') === '1' ? 0 : 1, $language, $allow_emails, $allow_emails_from_staff, '', get_ip_address(), $validated_email_confirm_code, true, '', '');
}
// Send confirm mail
if (!$skip_confirm) {
$zone = get_module_zone('join');
if ($zone != '') {
$zone .= '/';
}
$_url = build_url(array('page' => 'join', 'type' => 'step4', 'email' => $email_address, 'code' => $validated_email_confirm_code), $zone, NULL, false, false, true);
$url = $_url->evaluate();
$_url_simple = build_url(array('page' => 'join', 'type' => 'step4'), $zone, NULL, false, false, true);
$url_simple = $_url_simple->evaluate();
$redirect = get_param('redirect', '');
if ($redirect != '') {
$url .= '&redirect=' . ocp_url_encode($redirect);
}
$message = do_lang('OCF_SIGNUP_TEXT', comcode_escape(get_site_name()), comcode_escape($url), array($url_simple, $email_address, $validated_email_confirm_code), $language);
require_code('mail');
if (!$coppa) {
mail_wrap(do_lang('CONFIRM_EMAIL_SUBJECT', get_site_name(), NULL, NULL, $language), $message, array($email_address), $username, '', '', 3, NULL, false, NULL, false, false, false, 'MAIL', true);
}
}
// Send COPPA mail
if ($coppa) {
$fields_done = do_lang('THIS_WITH_COMCODE', do_lang('USERNAME'), $username) . "\n\n";
foreach ($custom_fields as $custom_field) {
if ($custom_field['cf_type'] != 'upload') {
$fields_done .= do_lang('THIS_WITH_COMCODE', $custom_field['trans_name'], post_param('custom_' . $custom_field['id'] . '_value')) . "\n";
}
}
$_privacy_url = build_url(array('page' => 'privacy'), '_SEARCH', NULL, false, false, true);
$privacy_url = $_privacy_url->evaluate();
$message = do_lang('COPPA_MAIL', comcode_escape(get_option('site_name')), comcode_escape(get_option('privacy_fax')), array(comcode_escape(get_option('privacy_postal_address')), comcode_escape($fields_done), comcode_escape($privacy_url)), $language);
require_code('mail');
mail_wrap(do_lang('COPPA_JOIN_SUBJECT', $username, get_site_name(), NULL, $language), $message, array($email_address), $username);
}
// Send 'validate this member' notification
if ($require_new_member_validation) {
require_code('notifications');
$_validation_url = build_url(array('page' => 'members', 'type' => 'view', 'id' => $member_id), get_module_zone('members'), NULL, false, false, true, 'tab__edit');
$validation_url = $_validation_url->evaluate();
$message = do_lang('VALIDATE_NEW_MEMBER_MAIL', comcode_escape($username), comcode_escape($validation_url), comcode_escape(strval($member_id)), get_site_default_lang());
dispatch_notification('ocf_member_needs_validation', NULL, do_lang('VALIDATE_NEW_MEMBER_SUBJECT', $username, NULL, NULL, get_site_default_lang()), $message, NULL, A_FROM_SYSTEM_PRIVILEGED);
}
// Send new member notification
require_code('notifications');
$_member_url = build_url(array('page' => 'members', 'type' => 'view', 'id' => $member_id), get_module_zone('members'), NULL, false, false, true);
$member_url = $_member_url->evaluate();
$message = do_lang('NEW_MEMBER_NOTIFICATION_MAIL', comcode_escape($username), comcode_escape(get_site_name()), array(comcode_escape($member_url), comcode_escape(strval($member_id))), get_site_default_lang());
dispatch_notification('ocf_new_member', NULL, do_lang('NEW_MEMBER_NOTIFICATION_MAIL_SUBJECT', $username, get_site_name(), NULL, get_site_default_lang()), $message, NULL, A_FROM_SYSTEM_PRIVILEGED);
// Intro post
if ($intro_message_if_enabled) {
$forum_id = get_option('intro_forum_id');
if ($forum_id != '') {
if (!is_numeric($forum_id)) {
$_forum_id = $GLOBALS['FORUM_DB']->query_value_null_ok('f_forums', 'id', array('f_name' => $forum_id));
if (is_null($_forum_id)) {
$forum_id = strval(db_get_first_id());
} else {
$forum_id = strval($_forum_id);
}
}
$intro_title = post_param('intro_title', '');
$intro_post = post_param('intro_post', '');
if ($intro_post != '') {
require_code('ocf_topics_action');
if ($intro_title == '') {
$intro_title = do_lang('INTRO_POST_DEFAULT', $username);
}
$topic_id = ocf_make_topic(intval($forum_id));
require_code('ocf_posts_action');
ocf_make_post($topic_id, $intro_title, $intro_post, 0, true, NULL, 0, NULL, NULL, NULL, $member_id);
}
}
}
// Alert user to situation
$message = new ocp_tempcode();
if ($coppa) {
if (!$skip_confirm) {
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL'));
}
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_COPPA'));
} elseif ($require_new_member_validation) {
if (!$skip_confirm) {
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL'));
}
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_VALIDATED', escape_html(get_custom_base_url())));
} elseif ($skip_confirm) {
if ($instant_login) {
require_code('users_active_actions');
handle_active_login($username);
$message->attach(do_lang_tempcode('OCF_LOGIN_AUTO'));
} else {
$_login_url = build_url(array('page' => 'login', 'redirect' => get_param('redirect', NULL)), get_module_zone('login'));
$login_url = $_login_url->evaluate();
$message->attach(do_lang_tempcode('OCF_LOGIN_INSTANT', escape_html($login_url)));
}
} else {
if (!$skip_confirm) {
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL'));
}
$message->attach(do_lang_tempcode('OCF_WAITING_CONFIRM_MAIL_INSTANT'));
}
$message = protect_from_escaping($message);
return array($message);
}
