function session_pagestart($user_ip, $thispage_id)
{
global $db, $lang, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
$cookiename = $board_config['cookie_name'];
$cookiepath = $board_config['cookie_path'];
$cookiedomain = $board_config['cookie_domain'];
$cookiesecure = $board_config['cookie_secure'];
$current_time = time();
unset($userdata);
if (isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data'])) {
$sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array();
$session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
$sessionmethod = SESSION_METHOD_COOKIE;
} else {
$sessiondata = array();
$session_id = isset($HTTP_GET_VARS['sid']) ? $HTTP_GET_VARS['sid'] : '';
$sessionmethod = SESSION_METHOD_GET;
}
//
if (!preg_match('/^[A-Za-z0-9]*$/', $session_id)) {
$session_id = '';
}
$thispage_id = (int) $thispage_id;
//
// Does a session exist?
//
if (!empty($session_id)) {
//
// session_id exists so go ahead and attempt to grab all
// data in preparation
//
$sql = "SELECT u.*, s.*\n\t\t\tFROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u\n\t\t\tWHERE s.session_id = '{$session_id}'\n\t\t\t\tAND u.user_id = s.session_user_id";
if (!($result = $db->sql_query($sql))) {
message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
}
$userdata = $db->sql_fetchrow($result);
//
// Did the session exist in the DB?
//
if (isset($userdata['user_id'])) {
// Added by FAI
// Find Public Whip user id
$logged_into_pw = user_isloggedin();
global $user_name;
// Look it up in PHPBB user account list
$result = $db->sql_query("select user_id from phpbb_users where username = '******'");
if ($result) {
$row = $db->sql_fetchrow($result);
$user_id_for_phpbb = $row['user_id'];
}
$url = !empty($HTTP_POST_VARS['redirect']) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : str_replace("/forum/", "", $_SERVER['REQUEST_URI']);
if ($logged_into_pw) {
// If user id is wrong, log into it
if ($user_id_for_phpbb && $user_id_for_phpbb != $userdata['user_id']) {
if ($userdata['user_id'] > 0) {
session_end($userdata['session_id'], $userdata['user_id']);
redirect(append_sid($url, true));
}
$session_id = session_begin($user_id_for_phpbb, $user_ip, PAGE_INDEX, FALSE, TRUE);
redirect(append_sid($url, true));
exit;
}
// Otherwise make new account
if (!$user_id_for_phpbb) {
// Log out first if logged in
if ($userdata['user_id'] > 0) {
session_end($userdata['session_id'], $userdata['user_id']);
redirect(append_sid($url, true));
exit;
}
$sql = "SELECT MAX(user_id) AS total FROM " . USERS_TABLE;
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
}
if (!($row = $db->sql_fetchrow($result))) {
message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
}
$user_id = $row['total'] + 1;
$notifyreply = 1;
$sql = "INSERT INTO " . USERS_TABLE . "\t \nVALUES ('" . mysql_escape_string($user_id) . "',1,'" . mysql_escape_string($user_name) . "','NEVER***',0,0,0," . time() . ",0,0,0.00,1,'english','D M d, Y g:i a',0,0,0,NULL,0,1,1,1,1,1,1,1,1,1,1,0,'',0,'" . mysql_escape_string(user_getemail()) . "','','','','','','','','','','','',NULL,0,0)";
/* VALUES ($user_id, '" . str_replace("\'", "''", $user_name) . "', " . time() . ", '" . str_replace("\'", "''", "NOT VALID ***") . "', '" . str_replace("\'", "''", user_getemail()) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', $avatar_sql, $viewemail, '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popup_pm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, ";
*/
if (!($result = $db->sql_query($sql, BEGIN_TRANSACTION))) {
message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__, $sql);
}
$sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, group_single_user, group_moderator)\n\t\t\t\tVALUES ('', 'Personal User', 1, 0)";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, 'Could not insert data into groups table', '', __LINE__, __FILE__, $sql);
}
$group_id = $db->sql_nextid();
$sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)\n\t\t\t\tVALUES ({$user_id}, {$group_id}, 0)";
if (!($result = $db->sql_query($sql, END_TRANSACTION))) {
message_die(GENERAL_ERROR, 'Could not insert data into user_group table', '', __LINE__, __FILE__, $sql);
}
$session_id = session_begin($user_id, $user_ip, PAGE_INDEX, FALSE, TRUE);
redirect(append_sid($url, true));
exit;
}
} else {
if ($userdata['user_id'] > 0) {
session_end($userdata['session_id'], $userdata['user_id']);
redirect(append_sid($url, true));
exit;
}
}
// End added by FAI
//
// Do not check IP assuming equivalence, if IPv4 we'll check only first 24
// bits ... I've been told (by vHiker) this should alleviate problems with
// load balanced et al proxies while retaining some reliance on IP security.
//
$ip_check_s = substr($userdata['session_ip'], 0, 6);
$ip_check_u = substr($user_ip, 0, 6);
if ($ip_check_s == $ip_check_u) {
$SID = $sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN') ? 'sid=' . $session_id : '';
//
// Only update session DB a minute or so after last update
//
if ($current_time - $userdata['session_time'] > 60) {
// A little trick to reset session_admin on session re-usage
$update_admin = !defined('IN_ADMIN') && $current_time - $userdata['session_time'] > $board_config['session_length'] + 60 ? ', session_admin = 0' : '';
$sql = "UPDATE " . SESSIONS_TABLE . " \n\t\t\t\t\t\tSET session_time = {$current_time}, session_page = {$thispage_id}{$update_admin}\n\t\t\t\t\t\tWHERE session_id = '" . $userdata['session_id'] . "'";
if (!$db->sql_query($sql)) {
message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
}
if ($userdata['user_id'] != ANONYMOUS) {
$sql = "UPDATE " . USERS_TABLE . " \n\t\t\t\t\t\t\tSET user_session_time = {$current_time}, user_session_page = {$thispage_id}\n\t\t\t\t\t\t\tWHERE user_id = " . $userdata['user_id'];
if (!$db->sql_query($sql)) {
message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
}
}
session_clean($userdata['session_id']);
setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
}
// Add the session_key to the userdata array if it is set
if (isset($sessiondata['autologinid']) && $sessiondata['autologinid'] != '') {
$userdata['session_key'] = $sessiondata['autologinid'];
}
return $userdata;
}
}
}
//
// If we reach here then no (valid) session exists. So we'll create a new one,
// using the cookie user_id if available to pull basic user prefs.
//
$user_id = isset($sessiondata['userid']) ? intval($sessiondata['userid']) : ANONYMOUS;
if (!($userdata = session_begin($user_id, $user_ip, $thispage_id, TRUE))) {
message_die(CRITICAL_ERROR, 'Error creating user session', '', __LINE__, __FILE__, $sql);
}
return $userdata;
}
/**
* Display the list of CC addresses
*
* @param group_id: the group id
* @param group_artifact_id: the artifact type ID
* @param ascii: ascii mode
*
* @return void
*/
function showCCList($group_id, $group_artifact_id, $ascii = false, $pv = 0)
{
$hp = Codendi_HTMLPurifier::instance();
global $Language;
//
// format the CC list for this artifact
//
$result = $this->getCCList();
$rows = db_numrows($result);
$out = '';
// Nobody in the CC list -> return now
if ($rows <= 0) {
if ($ascii) {
$out = $Language->getText('tracker_include_artifact', 'cc_empty') . $GLOBALS['sys_lf'];
} else {
$out = '<H4>' . $Language->getText('tracker_include_artifact', 'cc_empty') . '</H4>';
}
return $out;
}
// Header first an determine what the print out format is
// based on output type (Ascii, HTML)
if ($ascii) {
$out .= $Language->getText('tracker_include_artifact', 'cc_list') . $GLOBALS['sys_lf'] . str_repeat("*", strlen($Language->getText('tracker_include_artifact', 'cc_list'))) . $GLOBALS['sys_lf'] . $GLOBALS['sys_lf'];
$fmt = "%-35s | %s" . $GLOBALS['sys_lf'];
$out .= sprintf($fmt, $Language->getText('tracker_include_artifact', 'cc_address'), $Language->getText('tracker_include_artifact', 'fill_cc_list_cmt'));
$out .= "------------------------------------------------------------------" . $GLOBALS['sys_lf'];
} else {
$title_arr = array();
$title_arr[] = $Language->getText('tracker_include_artifact', 'cc_address');
$title_arr[] = $Language->getText('tracker_include_artifact', 'fill_cc_list_cmt');
$title_arr[] = $Language->getText('tracker_include_artifact', 'added_by');
$title_arr[] = $Language->getText('tracker_include_artifact', 'posted_on');
if ($pv == 0) {
$title_arr[] = $Language->getText('tracker_include_canned', 'delete');
}
$out .= html_build_list_table_top($title_arr);
$fmt = "\n" . '<TR class="%s"><td>%s</td><td>%s</td><td align="center">%s</td><td align="center">%s</td>';
if ($pv == 0) {
$fmt .= '<td align="center">%s</td>';
}
$fmt .= '</tr>';
}
// Loop through the cc and format them
for ($i = 0; $i < $rows; $i++) {
$email = db_result($result, $i, 'email');
$artifact_cc_id = db_result($result, $i, 'artifact_cc_id');
// if the CC is a user point to its user page else build a mailto: URL
$res_username = user_get_result_set_from_unix($email);
if ($res_username && db_numrows($res_username) == 1) {
$href_cc = util_user_link($email);
} else {
$href_cc = '<a href="mailto:' . util_normalize_email($email) . '">' . $email . '</a>';
}
if ($ascii) {
$out .= sprintf($fmt, $email, SimpleSanitizer::unsanitize(db_result($result, $i, 'comment')));
} else {
// show CC delete icon if one of the condition is met:
// (a) current user is a group member
// (b) the CC name is the current user
// (c) the CC email address matches the one of the current user
// (d) the current user is the person who added a gieven name in CC list
if (user_ismember($this->ArtifactType->getGroupID()) || user_getname(user_getid()) == $email || user_getemail(user_getid()) == $email || user_getname(user_getid()) == db_result($result, $i, 'user_name')) {
$html_delete = '<a href="?func=delete_cc&group_id=' . (int) $group_id . '&aid=' . (int) $this->getID() . '&atid=' . (int) $group_artifact_id . '&artifact_cc_id=' . (int) $artifact_cc_id . '" ' . ' onClick="return confirm(\'' . $Language->getText('tracker_include_artifact', 'delete_cc') . '\')">' . '<IMG SRC="' . util_get_image_theme("ic/trash.png") . '" HEIGHT="16" WIDTH="16" BORDER="0" ALT="' . $Language->getText('global', 'btn_delete') . '"></A>';
} else {
$html_delete = '-';
}
$out .= sprintf($fmt, util_get_alt_row_color($i), $href_cc, $hp->purify(SimpleSanitizer::unsanitize(db_result($result, $i, 'comment')), CODENDI_PURIFIER_BASIC, $this->ArtifactType->getGroupId()), util_user_link(db_result($result, $i, 'user_name')), format_date($GLOBALS['Language']->getText('system', 'datefmt'), db_result($result, $i, 'date')), $html_delete);
}
// for
}
// final touch...
$out .= $ascii ? $GLOBALS['sys_lf'] : "</TABLE>";
return $out;
}
/**
* Get the list of users to be notified by the event
*
* @return array
*/
function getNotifiedPeople()
{
global $art_field_fact;
//Instantiate a new Artifact object
$group = ProjectManager::instance()->getProject($this->getGroupId());
$at = new ArtifactType($group, $this->getGroupArtifactId());
$art_field_fact = new ArtifactFieldFactory($at);
$art = new Artifact($at, $this->getArtifactId(), false);
$notified_people = array();
$sql = sprintf('SELECT notified_people FROM artifact_date_reminder_settings' . ' WHERE reminder_id=%d' . ' AND group_artifact_id=%d' . ' AND field_id=%d', db_ei($this->getReminderId()), db_ei($this->getGroupArtifactId()), db_ei($this->getFieldId()));
$res = db_query($sql);
$notif = db_result($res, 0, 'notified_people');
$notif_array = explode(",", $notif);
foreach ($notif_array as $item) {
if ($item == 1) {
//Submitter
$submitter = $art->getSubmittedBy();
//add submitter in the 'notified_people' array
if (!in_array(user_getemail($submitter), $notified_people) && $submitter != 100 && $this->isUserAllowedToBeNotified($submitter)) {
$count = count($notified_people);
$notified_people[$count] = user_getemail($submitter);
}
} else {
if ($item == 2) {
//Assigned To
$assignee_array = array();
$multi_assigned_to = $art_field_fact->getFieldFromName('multi_assigned_to');
if (is_object($multi_assigned_to)) {
//Multi-Assigned To field
if ($multi_assigned_to->isUsed()) {
$assignee_array = $art->getMultiAssignedTo();
}
} else {
$assigned_to = $art_field_fact->getFieldFromName('assigned_to');
if (is_object($assigned_to)) {
//Assigned To field
if ($assigned_to->isUsed()) {
$assignee_array = array($art->getValue('assigned_to'));
}
}
}
$index = count($notified_people);
if (count($assignee_array) > 0) {
foreach ($assignee_array as $assignee) {
if (!in_array(user_getemail($assignee), $notified_people) && $assignee != 100 && $this->isUserAllowedToBeNotified($assignee)) {
$notified_people[$index] = user_getemail($assignee);
$index++;
}
}
}
} else {
if ($item == 3) {
//CC
$cc_array = $art->getCCIdList();
if (count($cc_array) > 0) {
$index = count($notified_people);
foreach ($cc_array as $cc_id) {
$cc = user_getemail($cc_id);
if (!in_array($cc, $notified_people) && $this->isUserAllowedToBeNotified($cc_id)) {
//add CC list in the 'notified_people' array
$notified_people[$index] = $cc;
$index++;
}
}
}
} else {
if ($item == 4) {
//Commenter
$res_com = $art->getCommenters();
if (db_numrows($res_com) > 0) {
$index = count($notified_people);
while ($row = db_fetch_array($res_com)) {
$commenter = $row['mod_by'];
if (!in_array(user_getemail($commenter), $notified_people) && $commenter != 100 && $this->isUserAllowedToBeNotified($commenter)) {
//add Commenters in the 'notified_people' array
$notified_people[$index] = user_getemail($commenter);
$index++;
}
}
}
} else {
if (preg_match("/^g/", $item)) {
// user-group
$ugr_id = (int) substr($item, 1);
if ($ugr_id > 100) {
// user-defined ugroup
$qry = ugroup_db_get_members($ugr_id);
$result = db_query($qry);
if (db_numrows($result) > 0) {
$idx = count($notified_people);
while ($row = db_fetch_array($result)) {
$usr = $row['user_id'];
if (!in_array(user_getemail($usr), $notified_people) && $usr != 100 && $this->isUserAllowedToBeNotified($usr)) {
//add ugroup members in the 'notified_people' array
$notified_people[$idx] = user_getemail($usr);
$idx++;
}
}
}
} else {
// predefined ugroup
$qry = ugroup_db_get_dynamic_members($ugr_id, $this->getGroupArtifactId(), $this->getGroupId());
$result = db_query($qry);
if (db_numrows($result) > 0) {
$idx = count($notified_people);
while ($row = db_fetch_array($result)) {
$usr = $row['user_id'];
if (!in_array(user_getemail($usr), $notified_people) && $usr != 100 && $this->isUserAllowedToBeNotified($usr)) {
//add ugroup members in the 'notified_people' array
$notified_people[$idx] = user_getemail($usr);
$idx++;
}
}
}
}
}
}
}
}
}
}
return $notified_people;
}
/** support mass rename / remove (not yet tested)
*/
function sendPageRenameNotification($to, &$meta, $emails, $userids)
{
global $request;
if (@is_array($request->_deferredPageRenameNotification)) {
$request->_deferredPageRenameNotification[] = array($this->_pagename, $to, $meta, $emails, $userids);
} else {
$oldname = $this->_pagename;
// Codendi specific
$subject = sprintf(_("Page rename %s to %s"), $oldname, $to);
$from = user_getemail(user_getid());
$body = $subject . "\n" . sprintf(_("Edited by: %s"), $from) . "\n" . WikiURL($to, array(), true);
$m = new Mail();
$m->setFrom($from);
$m->setSubject("[" . WIKI_NAME . "] " . $subject);
$m->setBcc(join(',', $emails));
$m->setBody($body);
if ($m->send()) {
trigger_error(sprintf(_("PageChange Notification of %s sent to %s"), $oldname, join(',', $userids)), E_USER_NOTICE);
} else {
trigger_error(sprintf(_("PageChange Notification Error: Couldn't send %s to %s"), $oldname, join(',', $userids)), E_USER_WARNING);
}
}
}
case 'delete_cc':
$ah = new ArtifactHtml($ath, $aid);
if (!$ah || !is_object($ah)) {
exit_error($Language->getText('global', 'error'), $Language->getText('tracker_index', 'not_create_art'));
} else {
if ($ah->isError()) {
exit_error($Language->getText('global', 'error'), $ah->getErrorMessage());
} else {
$artifact_cc_id = $request->get('artifact_cc_id');
$cc_array = $ah->getCC($artifact_cc_id);
// Perform CC deletion if one of the condition is met:
// (a) current user is a artifact admin
// (b) then CC name is the current user
// (c) the CC email address matches the one of the current user
// (d) the current user is the person who added a gieven name in CC list
if (user_ismember($group_id) || user_getname(user_getid()) == $cc_array['email'] || user_getemail(user_getid()) == $cc_array['email'] || user_getname(user_getid()) == $cc_array['user_name']) {
$changed = $ah->deleteCC($artifact_cc_id, $changes);
if ($changed) {
$agnf = new ArtifactGlobalNotificationFactory();
$addresses = $agnf->getAllAddresses($ath->getID(), true);
$ah->mailFollowupWithPermissions($addresses, $changes);
}
$GLOBALS['Response']->redirect('?group_id=' . (int) $group_id . '&atid=' . (int) $atid . '&aid=' . (int) $aid . '&func=detail');
} else {
// Invalid permission
exit_permission_denied();
return;
}
}
}
break;
function plugin_forumml_process_mail($plug, $reply = false)
{
$request =& HTTPRequest::instance();
$hp =& ForumML_HTMLPurifier::instance();
// Instantiate a new Mail class
$mail =& new Mail();
// Build mail headers
$to = mail_get_listname_from_list_id($request->get('list')) . "@" . $GLOBALS['sys_lists_host'];
$mail->setTo($to);
$from = user_getrealname(user_getid()) . " <" . user_getemail(user_getid()) . ">";
$mail->setFrom($from);
$vMsg = new Valid_Text('message');
if ($request->valid($vMsg)) {
$message = $request->get('message');
}
$subject = $request->get('subject');
$mail->setSubject($subject);
if ($reply) {
// set In-Reply-To header
$hres = plugin_forumml_get_message_headers($request->get('reply_to'));
$reply_to = db_result($hres, 0, 'value');
$mail->addAdditionalHeader("In-Reply-To", $reply_to);
}
$continue = true;
if ($request->validArray(new Valid_Email('ccs')) && $request->exist('ccs')) {
$cc_array = array();
$idx = 0;
foreach ($request->get('ccs') as $cc) {
if (trim($cc) != "") {
$cc_array[$idx] = $hp->purify($cc, CODENDI_PURIFIER_FULL);
$idx++;
}
}
// Checks sanity of CC List
$err = '';
if (!util_validateCCList($cc_array, $err)) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_forumml', 'invalid_mail', $err));
$continue = false;
} else {
// add list of cc users to mail mime
if (count($cc_array) > 0) {
$cc_list = util_normalize_emails(implode(',', $cc_array));
$mail->setCc($cc_list, true);
}
}
}
if ($continue) {
// Process attachments
// Define boundaries as specified in RFC:
// http://www.w3.org/Protocols/rfc1341/7_2_Multipart.html
$boundary = '----=_NextPart';
$boundaryStart = '--' . $boundary;
$boundaryEnd = '--' . $boundary . '--';
// Attachments headers
if (isset($_FILES["files"]) && count($_FILES["files"]['name']) > 0) {
$attachment = "";
$text = "This is a multi-part message in MIME format.\n";
$text = "{$boundaryStart}\n";
$text .= "Content-Type: text/plain; charset=\"iso-8859-1\"\n";
$text .= "Content-Transfer-Encoding: 8bit\n\n";
$text .= $message;
$text .= "\n\n";
foreach ($_FILES["files"]['name'] as $i => $fileName) {
$attachment .= "{$boundaryStart}\n";
$attachment .= "Content-Type:" . $_FILES["files"]["type"][$i] . "; name=" . $fileName . "\n";
$attachment .= "Content-Transfer-Encoding: base64\n";
$attachment .= "Content-Disposition: attachment; filename=" . $fileName . "\n\n";
$attachment .= chunk_split(base64_encode(file_get_contents($_FILES["files"]["tmp_name"][$i])));
}
$attachment .= "\n{$boundaryEnd}\n";
$body = $text . $attachment;
// force MimeType to multipart/mixed as default (when instantiating new Mail object) is text/plain
$mail->setMimeType('multipart/mixed; boundary="' . $boundary . '"');
$mail->addAdditionalHeader("MIME-Version", "1.0");
} else {
$body = $message;
}
$mail->setBody($body);
if ($mail->send()) {
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_forumml', 'mail_succeed'));
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_forumml', 'mail_fail'));
$continue = false;
}
}
return $continue;
}
exit_error($GLOBALS["Language"]->getText('global', 'error'), $GLOBALS["Language"]->getText('plugin_forumml', 'specify_list'));
} else {
$list_id = $request->get('list');
$project = ProjectManager::instance()->getProject($group_id);
if (!$user->isMember($group_id) && ($user->isRestricted() || !mail_is_list_public($list_id) || !$project->isPublic())) {
exit_error($GLOBALS["Language"]->getText('global', 'error'), $GLOBALS["Language"]->getText('include_exit', 'no_perm'));
}
if (!mail_is_list_active($list_id)) {
exit_error($GLOBALS["Language"]->getText('global', 'error'), $GLOBALS["Language"]->getText('plugin_forumml', 'wrong_list'));
}
}
// If the list is private, search if the current user is a member of that list. If not, permission denied
$list_name = mail_get_listname_from_list_id($list_id);
if (!mail_is_list_public($list_id)) {
exec("{$GLOBALS['mailman_bin_dir']}/list_members " . $list_name, $members);
$user = user_getemail(user_getid());
if (!in_array($user, $members)) {
exit_permission_denied();
}
}
// Build the mail to be sent
$vSrep = new Valid_WhiteList('send_reply', array('Submit'));
$vSrep->required();
if ($request->valid($vSrep)) {
// process the mail
$ret = plugin_forumml_process_mail($p, true);
if ($ret) {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('plugin_forumml', 'delay_redirection', array($p->getThemePath() . "/images/ic/spinner-greenie.gif", $group_id, $list_id, $topic)), CODENDI_PURIFIER_DISABLED);
}
}
$vRep = new Valid_WhiteList('reply', array('1'));
if ($feedback && !$just_logged_in) {
if ($ok) {
print "<p>{$feedback}</p>";
} else {
print "<div class=\"error\"><h2>Failed to change settings</h2><p>{$feedback}</div>";
}
}
$newsletter = user_getnewsletter();
if ($newsletter) {
$newsletter = "checked";
} else {
$newsletter = "";
}
print '<P><span class="ptitle">User name:</span> ' . $user_name . '
<br><span class="ptitle">Real name:</span> ' . user_getrealname() . '
<br><span class="ptitle">Email:</span> ' . user_getemail() . ' (<a href="changeemail.php">change email</a>)
<br><span class="ptitle">Password:</span> (<a href="changepass.php">change password</a>)
<FORM ACTION="' . $PHP_SELF . '" METHOD="POST">
<h2>Newsletter subscription</h2>
<INPUT TYPE="checkbox" NAME="newsletter" ' . $newsletter . '>Email newsletter (at most once a month)
<INPUT TYPE="SUBMIT" NAME="submit" VALUE="Update">
</FORM>
<P>';
print '<h2>Forum profile</h2>';
print '<p>';
print pretty_user_name($db, $user_name, 'View your forum profile, including posts you\'ve made');
print "<h2>Policies which you made</h2>";
$query = "select dream_id, name, description, private from pw_dyn_dreammp where user_id = '" . user_getid() . "' order by private, name";
$db->query($query);
$rowarray = $db->fetch_rows_assoc();
/**
* Display screen showing the allowed input format of the users file
*
*
*/
function displayShowFormat()
{
global $Language;
$this->displayInput();
echo '<hr><h2>' . $Language->getText('project_admin_userimport', 'format_hdr') . '</h2>';
echo $Language->getText('project_admin_userimport', 'import_format', array(user_getemail(user_getid())));
}
function get($name)
{
if ($name == 'emailVerified') {
return 1;
}
if ($name == 'email') {
return user_getemail(user_getid());
}
return parent::get($name);
}
function plugin_forumml_process_mail($plug, $reply = false)
{
$request =& HTTPRequest::instance();
$hp =& ForumML_HTMLPurifier::instance();
// Instantiate a new Mail class
$mail = new Codendi_Mail();
// Build mail headers
$to = mail_get_listname_from_list_id($request->get('list')) . "@" . $GLOBALS['sys_lists_host'];
$mail->setTo($to);
$from = user_getrealname(user_getid()) . " <" . user_getemail(user_getid()) . ">";
$mail->setFrom($from);
$vMsg = new Valid_Text('message');
if ($request->valid($vMsg)) {
$message = $request->get('message');
}
$subject = $request->get('subject');
$mail->setSubject($subject);
if ($reply) {
// set In-Reply-To header
$hres = plugin_forumml_get_message_headers($request->get('reply_to'));
$reply_to = db_result($hres, 0, 'value');
$mail->addAdditionalHeader("In-Reply-To", $reply_to);
}
$continue = true;
if ($request->validArray(new Valid_Email('ccs')) && $request->exist('ccs')) {
$cc_array = array();
$idx = 0;
foreach ($request->get('ccs') as $cc) {
if (trim($cc) != "") {
$cc_array[$idx] = $hp->purify($cc, CODENDI_PURIFIER_FULL);
$idx++;
}
}
// Checks sanity of CC List
$err = '';
if (!util_validateCCList($cc_array, $err)) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_forumml', 'invalid_mail', $err));
$continue = false;
} else {
// add list of cc users to mail mime
if (count($cc_array) > 0) {
$cc_list = util_normalize_emails(implode(',', $cc_array));
$mail->setCc($cc_list, true);
}
}
}
if ($continue) {
// Process attachments
if (isset($_FILES["files"]) && count($_FILES["files"]['name']) > 0) {
foreach ($_FILES["files"]['name'] as $i => $fileName) {
$data = file_get_contents($_FILES["files"]["tmp_name"][$i]);
$mime_type = $_FILES["files"]["type"][$i];
$mail->addAttachment($data, $mime_type, $fileName);
}
}
$mail->setBodyText($message);
if ($mail->send()) {
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_forumml', 'mail_succeed'));
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_forumml', 'mail_fail'));
$continue = false;
}
}
return $continue;
}
