} else {
$error = true;
}
}
}
if ($error) {
$ret['ret_email_copy_to'] = 'REGISTER_INVALID_EMAIL';
$input = !$error ? 'email_copy_to' : $input;
$error = !$error ? 'REGISTER_INVALID_EMAIL' : $error;
} else {
$save['copy_to'] = implode(',', $emails);
$ret['ret_email_copy_to'] = '';
}
}
// from_email
if ($save['from_email'] != '' && !gcms::validMail($save['from_email'])) {
$ret['ret_email_from_email'] = 'REGISTER_INVALID_EMAIL';
$input = !$error ? 'email_from_email' : $input;
$error = !$error ? 'REGISTER_INVALID_EMAIL' : $error;
} else {
$ret['ret_email_from_email'] = '';
}
// subject
if ($save['subject'] == '') {
$ret['ret_email_subject'] = 'TOPIC_EMPTY';
$input = !$error ? 'email_subject' : $input;
$error = !$error ? 'TOPIC_EMPTY' : $error;
} else {
$ret['ret_email_subject'] = '';
}
}
<?php
// widgets/contact/index.php
if (defined('MAIN_INIT')) {
// antispam
$antispam = gcms::rndname(32);
$_SESSION[$antispam] = gcms::rndname(4);
// contact form
$widget[] = '<form id=contact_frm class=mainform method=post action=index.php>';
$widget[] = '<div class=item><label for=mail_sender>{LNG_EMAIL_SEND} {LNG_TO}</label><span class="g-input icon-email-sent"><select name=mail_reciever id=mail_reciever>';
$emails = array();
$subject = '';
if (!empty($module)) {
foreach (explode(',', $module) as $item) {
if (gcms::validMail($item)) {
$emails = explode(',', $module);
} else {
$subject = $item;
}
}
$_SESSION['emails'] = implode(',', $emails);
}
$widget[] = '<option value=admin>{LNG_ADMIN}</option>';
foreach ($emails as $i => $email) {
$widget[] = '<option value=' . $i . '>' . $email . '</option>';
}
$widget[] = '</select></span></div>';
// sender
$widget[] = '<div class=item><label for=mail_sender>{LNG_EMAIL_SENDER}</label><span class="g-input icon-email"><input type=text name=mail_sender id=mail_sender value="' . (isset($_SESSION['login']['email']) ? $_SESSION['login']['email'] : '') . '"></span></div>';
// subject
$widget[] = '<div class=item><label for=mail_topic>{LNG_EMAIL_SUBJECT}</label><span class="g-input icon-edit"><input type=text name=mail_topic id=mail_topic value="' . $subject . '"></span></div>';
foreach ($db->customQuery($sql) as $item) {
$reciever[] = $item['email'];
}
$reciever = implode(',', $reciever);
} else {
$reciever = $emails[(int) $_POST['mail_reciever']];
}
// ค่าที่ส่งมา
$topic = htmlspecialchars(trim($_POST['mail_topic']));
$detail = gcms::txtClean($_POST['mail_detail']);
$sender = gcms::getVars($_POST, 'mail_sender', '');
// ตรวจสอบค่าที่ส่งมา
if ($sender == '') {
$ret['error'] = 'SENDER_EMPTY';
$ret['input'] = 'mail_sender';
} elseif (!gcms::validMail($sender)) {
$ret['error'] = 'REGISTER_INVALID_EMAIL';
$ret['input'] = 'mail_sender';
} elseif ($reciever == '') {
$ret['error'] = 'ACTION_ERROR';
$ret['input'] = 'mail_reciever';
} elseif ($sender == $reciever) {
$ret['error'] = 'EMAIL_SEND_SELF';
$ret['input'] = 'mail_sender';
} elseif ($topic == '') {
$ret['error'] = 'TOPIC_EMPTY';
$ret['input'] = 'mail_topic';
} elseif ($detail == '') {
$ret['error'] = 'DETAIL_EMPTY';
} elseif ($_POST['mail_antispam'] != $_SESSION[$_POST['antispam']]) {
$ret['ret_mail_antispam'] = 'this';
<?php
if (INSTALL_INIT == 'install') {
if (isset($_POST['email'])) {
$_SESSION['password'] = trim($_POST['password']);
$_SESSION['email'] = trim($_POST['email']);
}
if (empty($_SESSION['email'])) {
$error = 'กรุณากรอก ที่อยู่อีเมล์';
} elseif (!gcms::validMail($_SESSION['email'])) {
$error = 'ที่อยู่อีเมล์ ไม่ถูกต้อง';
} elseif (empty($_SESSION['password'])) {
$error = 'กรุณากรอก รหัสผ่าน';
} elseif (!preg_match('/^[A-Za-z0-9]{4,}$/u', $_SESSION['password'])) {
$error = 'รหัสผ่าน ภาษาอังกฤษและตัวเลข ไม่น้อยกว่า 4 หลัก';
}
$prefix = isset($_SESSION['prefix']) ? $_SESSION['prefix'] : 'gcms';
if (!empty($error)) {
include ROOT_PATH . 'admin/install/install3.php';
} else {
$db_weburl = empty($_SESSION['db_weburl']) ? WEB_URL : $_SESSION['db_weburl'];
$hostname = empty($_SESSION['hostname']) ? str_replace(array('http://', 'www.'), '', WEB_URL) : $_SESSION['hostname'];
$db_username = empty($_SESSION['db_username']) ? $config['db_username'] : $_SESSION['db_username'];
$db_password = empty($_SESSION['db_password']) ? $config['db_password'] : $_SESSION['db_password'];
$db_server = empty($_SESSION['db_server']) ? $config['db_server'] : $_SESSION['db_server'];
$db_name = empty($_SESSION['db_name']) ? $config['db_name'] : $_SESSION['db_name'];
$reply = empty($_SESSION['reply']) ? "no-reply@{$baseurl}" : $_SESSION['reply'];
echo '<h2>ค่ากำหนดของฐานข้อมูล</h2>';
echo '<form method=post action=index.php autocomplete=off>';
echo '<p>ระบุที่อยู่โดเมนที่ถูกต้องของเว็บไซต์</p>';
echo '<p class=row><label for=db_weburl>ที่อยู่โดเมน</label><input type=text size=50 id=db_weburl name=db_weburl value="' . $db_weburl . '"> <a href="http://gcms.in.th/index.php?module=howto&id=72" target=_blank><img src="' . WEB_URL . '/admin/install/img/help.png" alt=help></a></p>';
<?php
// admin/checkemail.php
header("content-type: text/html; charset=UTF-8");
// inint
include '../bin/inint.php';
// referer
if (gcms::isReferer()) {
$id = gcms::getVars($_POST, 'id', 0);
$value = $db->sql_trim_str($_POST, 'value');
// email
if ($value == '') {
echo 'EMAIL_EMPTY';
} elseif (!gcms::validMail($value)) {
echo 'REGISTER_INVALID_EMAIL';
} else {
// ตรวจสอบอีเมล์ซ้ำ
$sql = "SELECT `id` FROM `" . DB_USER . "` WHERE `email`='" . addslashes($value) . "' AND `fb`='0' LIMIT 1";
$search = $db->customQuery($sql);
if (sizeof($search) == 1 && ($id == 0 || $id != $search[0]['id'])) {
echo 'EMAIL_EXISTS';
}
}
}
} else {
// ชื่อสมาชิกใช้งานได้
$sender = empty($user['displayname']) ? $user['email'] : $user['displayname'];
$post['member_id'] = $user['id'];
$post['email'] = $user['email'];
}
} elseif ($guest) {
// ตรวจสอบอีเมล์ซ้ำกับสมาชิก สำหรับบุคคลทั่วไป
$sql = "SELECT `id` FROM `" . DB_USER . "` WHERE `email`='{$email}' LIMIT 1";
$user2 = $db->customQuery($sql);
if (sizeof($user2) > 0) {
// ต้องการรหัสผ่าน
$ret['error'] = 'PASSWORD_EMPTY';
$ret['input'] = 'reply_password';
$ret['ret_reply_email'] = 'PASSWORD_EMPTY';
} elseif (!gcms::validMail($email)) {
// อีเมล์ที่กรอกไม่ถูกต้อง
$ret['error'] = 'REGISTER_INVALID_EMAIL';
$ret['input'] = 'reply_email';
$ret['ret_reply_email'] = 'REGISTER_INVALID_EMAIL';
} else {
// ผู้มาเยือน
$sender = $email;
$post['member_id'] = 0;
$post['email'] = $email;
}
} else {
$ret['error'] = 'MEMBER_ONLY';
}
} elseif (!($index['member_id'] == $login['id'] || $moderator)) {
// แก้ไขความคิดเห็น ตรวจสอบ เจ้าของหรือผู้ดูแล
}
// numeric
$keys = array('hour', 'counter_digit', 'member_phone', 'member_idcard');
foreach ($keys as $key) {
if (isset($_POST[$key])) {
$config[$key] = (int) $_POST[$key];
}
}
// noreply_email
if (isset($_POST['noreply_email'])) {
$config['noreply_email'] = $db->sql_trim($_POST, 'noreply_email');
if (empty($config['noreply_email'])) {
$ret['ret_noreply_email'] = 'DO_NOT_EMPTY';
$error = !$error ? 'DO_NOT_EMPTY' : $error;
$input = !$input ? 'noreply_email' : $input;
} elseif (!gcms::validMail($config['noreply_email'])) {
$ret['ret_noreply_email'] = 'REGISTER_INVALID_EMAIL';
$error = !$error ? 'REGISTER_INVALID_EMAIL' : $error;
$input = !$input ? 'noreply_email' : $input;
} else {
$ret['ret_noreply_email'] = '';
}
}
// email_charset
if (isset($_POST['email_charset'])) {
$config['email_charset'] = strtolower(trim($_POST['email_charset']));
$config['email_charset'] = empty($config['email_charset']) ? 'tis-620' : $config['email_charset'];
$ret['email_charset'] = $config['email_charset'];
}
// email_Port
if (isset($_POST['email_Port'])) {
$to = $db->sql_trim_str($_POST, 'mail_to');
if (!preg_match('/[0-9,]{1,}/', $to)) {
$ret['error'] = 'EMAIL_RECIEVER_NOT_FOUND';
} else {
// อีเมล์ของผู้รับ
$emails = array();
// อ่านและตรวจสอบอีเมล์ของผู้รับ
$sql = "SELECT `email` FROM `" . DB_USER . "` WHERE `id` IN ({$to})";
foreach ($db->customQuery($sql) as $item) {
$emails[] = $item['email'];
}
// ตรวจสอบค่าที่ส่งมา
if (empty($sender['email'])) {
$ret['error'] = 'SENDER_EMPTY';
$ret['input'] = 'mail_sender';
} elseif (!gcms::validMail($sender['email'])) {
$ret['error'] = 'REGISTER_INVALID_EMAIL';
$ret['input'] = 'mail_sender';
} elseif (sizeof($emails) == 0) {
$ret['error'] = 'EMAIL_RECIEVER_NOT_FOUND';
} elseif ($topic == '') {
$ret['error'] = 'TOPIC_EMPTY';
$ret['input'] = 'mail_topic';
} elseif ($detail == '') {
$ret['error'] = 'DETAIL_EMPTY';
} elseif ($_POST['mail_antispam'] != $_SESSION[$_POST['antispam']]) {
$ret['ret_mail_antispam'] = 'this';
$ret['input'] = 'mail_antispam';
} else {
// ส่งอีเมล์
$error = gcms::customMail(implode(',', $emails), "{$sender['email']}<{$sender['displayname']}>", $topic, $detail);
// ค่าที่ส่งมา
$password = $db->sql_trim_str($_POST, 'register_password');
$repassword = $db->sql_trim_str($_POST, 'register_repassword');
$save['email'] = $db->sql_trim_str($_POST, 'register_email');
$save['phone1'] = $db->sql_trim_str($_POST, 'register_phone');
$save['idcard'] = $db->sql_trim_str($_POST, 'register_idcard');
// ตรวจสอบข้อมูลที่กรอก
$error = false;
$input = false;
if (isset($_POST['register_accept'])) {
// email
if ($save['email'] == '') {
$ret['ret_register_email'] = 'EMAIL_EMPTY';
$input = !$input ? 'register_email' : $input;
$error = !$error ? 'EMAIL_EMPTY' : $error;
} elseif (!gcms::validMail($save['email'])) {
$ret['ret_register_email'] = 'REGISTER_INVALID_EMAIL';
$input = !$input ? 'register_email' : $input;
$error = !$error ? 'REGISTER_INVALID_EMAIL' : $error;
} else {
// ตรวจสอบ email ซ้ำ
$sql = "SELECT `id` FROM `" . DB_USER . "` WHERE `email`='{$save['email']}' AND `fb`='0' LIMIT 1";
$search = $db->customQuery($sql);
if (sizeof($search) == 1) {
$ret['ret_register_email'] = 'EMAIL_EXISTS';
$input = !$input ? 'register_email' : $input;
$error = !$error ? 'EMAIL_EXISTS' : $error;
} else {
$ret['ret_register_email'] = '';
}
}
