/** * Sends an email, wrapping PHP's mail() function. * ALL emails sent by b2evolution must be sent through this function (for consistency and for logging) * * {@link $current_locale} will be used to set the charset. * * Note: we use a single \n as line ending, though it does not comply to {@link http://www.faqs.org/rfcs/rfc2822 RFC2822}, but seems to be safer, * because some mail transfer agents replace \n by \r\n automatically. * * @todo Unit testing with "nice addresses" This gets broken over and over again. * * @param string Recipient email address. * @param string Recipient name. * @param string Subject of the mail * @param string The message text * @param string From address, being added to headers (we'll prevent injections); see {@link http://securephp.damonkohler.com/index.php/Email_Injection}. * Defaults to {@link GeneralSettings::get('notification_sender_email') } if NULL. * @param string From name. * @param array Additional headers ( headername => value ). Take care of injection! * @param integer User ID * @return boolean True if mail could be sent (not necessarily delivered!), false if not - (return value of {@link mail()}) */ function send_mail($to, $to_name, $subject, $message, $from = NULL, $from_name = NULL, $headers = array(), $user_ID = NULL) { global $servertimenow; // Stop a request from the blocked IP addresses antispam_block_ip(); global $debug, $app_name, $app_version, $current_locale, $current_charset, $evo_charset, $locales, $Debuglog, $Settings, $demo_mode, $sendmail_additional_params; // Memorize email address $to_email_address = $to; $NL = "\r\n"; if ($demo_mode) { // Debug mode restriction: Sending email in debug mode is not allowed return false; } if (!is_array($headers)) { // Make sure $headers is an array $headers = array($headers); } if (empty($from)) { $from = user_get_notification_sender($user_ID, 'email'); } if (empty($from_name)) { $from_name = user_get_notification_sender($user_ID, 'name'); } $return_path = $Settings->get('notification_return_path'); // Add real name into $from... if (!is_windows()) { // fplanque: Windows XP, Apache 1.3, PHP 4.4, MS SMTP : will not accept "nice" addresses. if (!empty($to_name)) { $to = '"' . mail_encode_header_string($to_name) . '" <' . $to . '>'; } if (!empty($from_name)) { $from = '"' . mail_encode_header_string($from_name) . '" <' . $from . '>'; } } $from = mail_sanitize_header_string($from, true); // From has to go into headers $headers['From'] = $from; if (!empty($return_path)) { // Set a return path $headers['Return-Path'] = $return_path; } // echo 'sending email to: ['.htmlspecialchars($to).'] from ['.htmlspecialchars($from).']'; $clear_subject = $subject; $subject = mail_encode_header_string($subject); $message = str_replace(array("\r\n", "\r"), $NL, $message); // Convert encoding of message (from internal encoding to the one of the message): // fp> why do we actually convert to $current_charset? // dh> I do not remember. Appears to make sense sending it unconverted in $evo_charset. // asimo> converting the message creates wrong output, no need for conversion, however this needs further investigation // $message = convert_charset( $message, $current_charset, $evo_charset ); if (!isset($headers['Content-Type'])) { // Specify charset and content-type of email $headers['Content-Type'] = 'text/plain; charset=' . $current_charset; } $headers['MIME-Version'] = '1.0'; $headers['Date'] = gmdate('r', $servertimenow); // ADDITIONAL HEADERS: $headers['X-Mailer'] = $app_name . ' ' . $app_version . ' - PHP/' . phpversion(); $ip_list = implode(',', get_ip_list()); if (!empty($ip_list)) { // Add X-Remote_Addr param only if its value is not empty $headers['X-Remote-Addr'] = $ip_list; } // COMPACT HEADERS: $headerstring = ''; reset($headers); while (list($lKey, $lValue) = each($headers)) { // Add additional headers $headerstring .= $lKey . ': ' . $lValue . $NL; } // Set an additional parameter for the return path: if (!empty($sendmail_additional_params)) { $additional_parameters = str_replace(array('$from-address$', '$return-address$'), array($from, empty($return_path) ? $from : $return_path), $sendmail_additional_params); } else { $additional_parameters = ''; } if (mail_is_blocked($to_email_address)) { // Check if the email address is blocked $Debuglog->add('Sending mail to «' . htmlspecialchars($to_email_address) . '» FAILED, because this email marked with spam or permanent errors.', 'error'); mail_log($user_ID, $to_email_address, $clear_subject, $message, $headerstring, 'blocked'); return false; } // SEND MESSAGE: if ($debug > 1) { // We agree to die for debugging... if (!mail($to, $subject, $message, $headerstring, $additional_parameters)) { mail_log($user_ID, $to_email_address, $clear_subject, $message, $headerstring, 'error'); debug_die('Sending mail from «' . htmlspecialchars($from) . '» to «' . htmlspecialchars($to) . '», Subject «' . htmlspecialchars($subject) . '» FAILED.'); } } else { // Soft debugging only.... if (!@mail($to, $subject, $message, $headerstring, $additional_parameters)) { $Debuglog->add('Sending mail from «' . htmlspecialchars($from) . '» to «' . htmlspecialchars($to) . '», Subject «' . htmlspecialchars($subject) . '» FAILED.', 'error'); mail_log($user_ID, $to_email_address, $clear_subject, $message, $headerstring, 'error'); return false; } } $Debuglog->add('Sent mail from «' . htmlspecialchars($from) . '» to «' . htmlspecialchars($to) . '», Subject «' . htmlspecialchars($subject) . '».'); mail_log($user_ID, $to_email_address, $clear_subject, $message, $headerstring, 'ok'); return true; }
/** * Display message depending on user email status * * @param integer User ID */ function display_user_email_status_message($user_ID = 0) { global $Messages, $current_User, $Blog, $disp; if (!is_logged_in() || $user_ID != 0 && $user_ID != $current_User->ID) { // User must be logged in AND only for current User return; } $email_status = $current_User->get_email_status(); if (empty($email_status) || !in_array($email_status, array('redemption', 'warning', 'suspicious1', 'suspicious2', 'suspicious3', 'prmerror'))) { // No message for current email status return; } $EmailAddressCache =& get_EmailAddressCache(); $EmailAddress =& $EmailAddressCache->get_by_name($current_User->get('email'), false, false); $is_admin_page = is_admin_page() || empty($Blog); if (check_user_status('is_validated')) { // Url to user profile page $url_change_email = get_user_settings_url('subs'); } else { // Url to activate email address $url_change_email = get_activate_info_url(NULL, '&'); } // Url to change status if ($is_admin_page) { global $admin_url; $user_tab_param = get_param('user_tab') != '' ? '&user_tab=' . get_param('user_tab') : ''; $url_change_status = $admin_url . '?ctrl=user&action=redemption&user_ID=' . $current_User->ID . $user_tab_param . '&' . url_crumb('user'); } else { $user_tab_param = empty($disp) ? 'profile' : $disp; $url_change_status = get_secure_htsrv_url() . 'profile_update.php?action=redemption&user_tab=' . $user_tab_param . '&blog=' . $Blog->ID . '&' . url_crumb('user'); } // Display info about last error only when such data exists $email_last_sent_ts = empty($EmailAddress) ? '' : $EmailAddress->get('last_sent_ts'); $last_error_info = empty($email_last_sent_ts) ? '' : ' ' . sprintf(T_('(last error was detected on %s)'), mysql2localedatetime_spans($email_last_sent_ts, 'M-d')); switch ($email_status) { case 'warning': case 'suspicious1': case 'suspicious2': case 'suspicious3': $Messages->add(sprintf(T_('We have detected some delivery problems to your email account %s%s. Please add our email: %s to your address book. If you still don\'t receive our emails, try using a different email address instead of %s for your account.<br /><a %s>Click here to use a different email address</a>.<br /><a %s>Click here to discard this message once you receive our emails again</a>.'), '<b>' . $current_User->get('email') . '</b>', $last_error_info, '<b>' . user_get_notification_sender($current_User->ID, 'email') . '</b>', '<b>' . $current_User->get('email') . '</b>', 'href="' . $url_change_email . '"', 'href="' . $url_change_status . '"'), 'error'); break; case 'prmerror': $Messages->add(sprintf(T_('Your email address: %s does not seem to work or is refusing our emails%s. Please check your email address carefully. If it\'s incorrect, <a %s>change your email address</a>. If it\'s correct, please add our email: %s to your address book, then <a %s>click here to try again</a>!'), '<b>' . $current_User->get('email') . '</b>', $last_error_info, 'href="' . $url_change_email . '"', '<b>' . user_get_notification_sender($current_User->ID, 'email') . '</b>', 'href="' . $url_change_status . '"'), 'error'); break; case 'redemption': $Messages->add(sprintf(T_('We are currently trying to send email to your address: %s again.'), '<b>' . $current_User->get('email') . '</b>'), 'note'); break; } }