function sendUserEmail( $option, $toid, $fromid, $subject, $message ) { global $ueConfig, $_CB_framework, $_CB_database, $_POST, $_PLUGINS; // simple spoof check security cbSpoofCheck( 'emailUser' ); $errorMsg = cbAntiSpamCheck( false ); if (($_CB_framework->myId() == 0) || ($_CB_framework->myId() != $fromid) || ( ! $toid ) || ($ueConfig['allow_email_display']!=1 && $ueConfig['allow_email_display']!=3)) { cbNotAuth(); return; } $rowFrom = new moscomprofilerUser( $_CB_database ); $rowFrom->load( (int) $fromid ); $rowTo = new moscomprofilerUser( $_CB_database ); $rowTo->load( (int) $toid ); $subject = stripslashes( $subject ); // cbGetParam() adds slashes...remove'em... $message = stripslashes( $message ); if ( ! $errorMsg ) { $errorMsg = _UE_SESSIONTIMEOUT . " " . _UE_SENTEMAILFAILED; if ( isset( $_POST["protect"] ) ) { $parts = explode( '_', cbGetParam( $_POST, 'protect', '' ) ); if ( ( count( $parts ) == 3 ) && ( $parts[0] == 'cbmv1' ) && ( strlen( $parts[2] ) == 16 ) && ( $parts[1] == md5($parts[2].$rowTo->id.$rowTo->password.$rowTo->lastvisitDate.$rowFrom->password.$rowFrom->lastvisitDate) ) ) { $errorMsg = null; $_PLUGINS->loadPluginGroup('user'); $pluginResults = $_PLUGINS->trigger( 'onBeforeEmailUser', array( &$rowFrom, &$rowTo, 1 )); //$ui=1 if ($_PLUGINS->is_errors()) { $errorMsg = $_PLUGINS->getErrorMSG( '<br />') . "\n"; } else { $spamCheck = cbSpamProtect( $_CB_framework->myId(), true ); if ( $spamCheck ) { $errorMsg = $spamCheck; } else { $cbNotification = new cbNotification(); $res = $cbNotification->sendUserEmail($toid,$fromid,$subject,$message, true); if ($res) { echo _UE_SENTEMAILSUCCESS; if (is_array($pluginResults)) { echo implode( "<br />", $pluginResults ); } return; } else { $errorMsg = _UE_SENTEMAILFAILED; } } } } } } echo '<div class="error">' . $errorMsg . '</div>'; HTML_comprofiler::emailUser( $option, $rowFrom, $rowTo, $subject, $message ); }
function sendUserEmail($option, $toId, $fromId, $emailName, $emailAddress, $subject, $message) { global $ueConfig, $_CB_framework, $_POST, $_PLUGINS; $allowPublic = isset($ueConfig['allow_email_public']) ? (int) $ueConfig['allow_email_public'] : 0; // simple spoof check: cbSpoofCheck('emailuser'); $errorMsg = cbAntiSpamCheck(false, $allowPublic); if ($_CB_framework->myId() == 0 && (!$allowPublic || $allowPublic && !$emailAddress) || $_CB_framework->myId() != $fromId || !$toId || $ueConfig['allow_email_display'] != 1 && $ueConfig['allow_email_display'] != 3 || !CBuser::getMyInstance()->authoriseView('profile', $toId)) { cbNotAuth(true); return; } $_PLUGINS->loadPluginGroup('user'); $rowFrom = new UserTable(); $rowFrom->load((int) $fromId); $rowTo = new UserTable(); $rowTo->load((int) $toId); $emailName = stripslashes($emailName); // remove slashes added by cbGetParam $emailAddress = stripslashes($emailAddress); // remove slashes added by cbGetParam $subject = stripslashes($subject); // remove slashes added by cbGetParam $message = stripslashes($message); // remove slashes added by cbGetParam if (!$errorMsg) { $errorMsg = CBTxt::Th('UE_SESSIONTIMEOUT', 'Session timed out.') . ' ' . CBTxt::Th('UE_SENTEMAILFAILED', 'Your email failed to send! Please try again.'); if (isset($_POST['protect'])) { $parts = explode('_', cbGetParam($_POST, 'protect', '')); if (count($parts) == 3 && $parts[0] == 'cbmv1' && strlen($parts[2]) == 16 && $parts[1] == md5($parts[2] . $rowTo->id . $rowTo->password . $rowTo->lastvisitDate . $rowFrom->password . $rowFrom->lastvisitDate)) { $errorMsg = null; $_PLUGINS->trigger('onBeforeEmailUser', array(&$rowFrom, &$rowTo, 1, &$emailName, &$emailAddress, &$subject, &$message)); //$ui=1 if ($_PLUGINS->is_errors()) { $errorMsg = $_PLUGINS->getErrorMSG('<br />'); } else { $spamCheck = cbSpamProtect($_CB_framework->myId(), true, $allowPublic); if ($spamCheck) { $errorMsg = $spamCheck; } else { $cbNotification = new cbNotification(); if ($_CB_framework->myId()) { $res = $cbNotification->sendUserEmail($toId, $fromId, $subject, $message, true); } else { $res = $cbNotification->sendUserEmailFromEmail($toId, $emailName, $emailAddress, $subject, $message, true); } if ($res) { cbRedirectToProfile($rowTo->id, CBTxt::Th('UE_SENTEMAILSUCCESS', 'Your email was sent successfully!')); return; } else { $errorMsg = CBTxt::Th('UE_SENTEMAILFAILED', 'Your email failed to send! Please try again.'); } } } } } } if ($errorMsg) { $_CB_framework->enqueueMessage($errorMsg, 'error'); } HTML_comprofiler::emailUser($option, $rowFrom, $rowTo, $allowPublic, $emailName, $emailAddress, $subject, $message); }