function invite($email) { global $CURUSER; global $SITENAME; global $BASEURL; global $SITEEMAIL; global $lang_takeinvite; $id = $CURUSER[id]; $email = unesc(htmlspecialchars(trim($email))); $email = safe_email($email); if (!$email) { bark($lang_takeinvite['std_must_enter_email']); } if (!check_email($email)) { bark($lang_takeinvite['std_invalid_email_address']); } if (EmailBanned($email)) { bark($lang_takeinvite['std_email_address_banned']); } if (!EmailAllowed($email)) { bark($lang_takeinvite['std_wrong_email_address_domains'] . allowedemails()); } $body = "\n你好,\n\n我邀请你加入 {$SITENAME}, 这是一个拥有丰富资源的非开放社区. \n如果你有兴趣加入我们请阅读规则并确认邀请.最后,确保维持一个良好的分享率 \n分享允许的资源.\n\n欢迎到来! :)\n"; $body = str_replace("<br />", "<br />", nl2br(trim(strip_tags($body)))); if (!$body) { bark($lang_takeinvite['std_must_enter_personal_message']); } // check if email addy is already in use $a = @mysql_fetch_row(@sql_query("select count(*) from users where email=" . sqlesc($email))) or die(mysql_error()); if ($a[0] != 0) { bark($lang_takeinvite['std_email_address'] . htmlspecialchars($email) . $lang_takeinvite['std_is_in_use']); } $b = @mysql_fetch_row(@sql_query("select count(*) from invites where invitee=" . sqlesc($email))) or die(mysql_error()); if ($b[0] != 0) { bark($lang_takeinvite['std_invitation_already_sent_to'] . htmlspecialchars($email) . $lang_takeinvite['std_await_user_registeration']); } $ret = sql_query("SELECT username FROM users WHERE id = " . sqlesc($id)) or sqlerr(); $arr = mysql_fetch_assoc($ret); $hash = md5(mt_rand(1, 10000) . $CURUSER['username'] . TIMENOW . $CURUSER['passhash']); $title = $SITENAME . $lang_takeinvite['mail_tilte']; $message = <<<EOD {$lang_takeinvite['mail_one']}{$arr[username]}{$lang_takeinvite['mail_two']} <b><a href="http://{$BASEURL}/signup.php?type=invite&invitenumber={$hash}" target="_blank">{$lang_takeinvite['mail_here']}</a></b><br /> http://{$BASEURL}/signup.php?type=invite&invitenumber={$hash} <br />{$lang_takeinvite['mail_three']}{$invite_timeout}{$lang_takeinvite['mail_four']}{$arr[username]}{$lang_takeinvite['mail_five']}<br /> {$body} <br /><br />{$lang_takeinvite['mail_six']} EOD; sent_mail($email, $SITENAME, $SITEEMAIL, change_email_encode(get_langfolder_cookie(), $title), change_email_encode(get_langfolder_cookie(), $message), "invitesignup", false, false, '', get_email_encode(get_langfolder_cookie())); //this email is sent only when someone give out an invitation sql_query("INSERT INTO invites (inviter, invitee, hash, time_invited) VALUES ('" . mysql_real_escape_string($id) . "', '" . mysql_real_escape_string($email) . "', '" . mysql_real_escape_string($hash) . "', " . sqlesc(date("Y-m-d H:i:s")) . ")"); }
$updateset[] = "editsecret = " . sqlesc($sec); $subject = "{$SITENAME}" . $lang_usercp['mail_profile_change_confirmation']; $body = <<<EOD {$lang_usercp['mail_change_email_one']}{$CURUSER["username"]}{$lang_usercp['mail_change_email_two']}({$email}){$lang_usercp['mail_change_email_three']} {$lang_usercp['mail_change_email_four']}{$_SERVER["REMOTE_ADDR"]}{$lang_usercp['mail_change_email_five']} {$lang_usercp['mail_change_email_six']}<b><a href="http://{$BASEURL}/confirmemail.php/{$CURUSER["id"]}/{$hash}/{$obemail}" target="_blank">{$lang_usercp['mail_here']}</a></b>{$lang_usercp['mail_change_email_six_1']}<br /> http://{$BASEURL}/confirmemail.php/{$CURUSER["id"]}/{$hash}/{$obemail} {$lang_usercp['mail_change_email_seven']} ------{$lang_usercp['mail_change_email_eight']} {$lang_usercp['mail_change_email_nine']} EOD; sent_mail($email, $SITENAME, $SITEEMAIL, change_email_encode(get_langfolder_cookie(), $subject), change_email_encode(get_langfolder_cookie(), str_replace("<br />", "<br />", nl2br($body))), "profile change", false, false, '', get_email_encode(get_langfolder_cookie())); // Add comment for email change /*$res = sql_query("SELECT * FROM users WHERE id = ".sqlesc($CURUSER["id"])) or sqlerr(__FILE__, __LINE__); $arr = mysql_fetch_assoc($res); $modcomment = $arr['modcomment'];*/ $modcomment = $CURUSER['modcomment']; $modcomment = date("Y-m-d") . " - " . "change email address: " . $CURUSER["email"] . " -> " . $email . "\n" . $modcomment; sql_query("UPDATE users SET modcomment = " . sqlesc($modcomment) . " WHERE id = " . $CURUSER["id"]) or sqlerr(__FILE__, __LINE__); } if ($privacy != "normal" && $privacy != "low" && $privacy != "strong") { die("whoops"); } $updateset[] = "privacy = " . sqlesc($privacy); if ($CURUSER['privacy'] != $privacy) { $privacyupdated = 1; }
function report_spam() { //report once only // if(!select_w_2('cm_spam_report',4,array('cmsr_mno_reporter',$_SESSION['mno'],'cmsr_plcno',$_GET['id']))) { insert('cm_spam_report', array('cmsr_mno_reporter', 'cmsr_plcno', 'cmsr_date'), array($_SESSION['mno'], $_GET['id'], date("Y-m-d")), 'cmsr_id'); sent_mail(); // } }
$body_arr[$langfolder_array[$i]] = <<<EOD {$lang_takeupload_target[$langfolder_array[$i]]['mail_hi']} {$lang_takeupload_target[$langfolder_array[$i]]['mail_new_torrent']} {$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_name']}{$torrent} {$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_size']}{$size} {$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_category']}{$cat} {$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_uppedby']}{$uploader} {$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent_description']} ------------------------------------------------------------------------------------------------------------------------- {$description} ------------------------------------------------------------------------------------------------------------------------- {$lang_takeupload_target[$langfolder_array[$i]]['mail_torrent']}<b><a href="javascript:void(null)" onclick="window.open('http://{$BASEURL}/details.php?id={$id}&hit=1')">{$lang_takeupload_target[$langfolder_array[$i]]['mail_here']}</a></b><br /> http://{$BASEURL}/details.php?id={$id}&hit=1 ------{$lang_takeupload_target[$langfolder_array[$i]]['mail_yours']} {$lang_takeupload_target[$langfolder_array[$i]]['mail_team']} EOD; $body_arr[$langfolder_array[$i]] = str_replace("<br />", "<br />", nl2br($body_arr[$langfolder_array[$i]])); $i++; } while ($arr = mysql_fetch_array($res)) { $current_lang = $arr["lang"]; $to = $arr["email"]; sent_mail($to, $SITENAME, $SITEEMAIL, change_email_encode(validlang($current_lang), $lang_takeupload_target[validlang($current_lang)]['mail_title'] . $torrent), change_email_encode(validlang($current_lang), $body_arr[validlang($current_lang)]), "torrent upload", false, false, '', get_email_encode(validlang($current_lang)), "eYou"); } } header("Location: " . get_protocol_prefix() . "{$BASEURL}/details.php?id=" . htmlspecialchars($id) . "&uploaded=1");
$or = $_POST["or"]; if ($_SERVER["REQUEST_METHOD"] == "POST") { $res = sql_query("SELECT id, username, email FROM users WHERE class {$or} " . mysql_real_escape_string($class)) or sqlerr(__FILE__, __LINE__); $subject = substr(htmlspecialchars(trim($_POST["subject"])), 0, 80); if ($subject == "") { $subject = "(no subject)"; } $subject = "Fw: {$subject}"; $message1 = htmlspecialchars(trim($_POST["message"])); if ($message1 == "") { stderr("Error", "Empty message!"); } while ($arr = mysql_fetch_array($res)) { $to = $arr["email"]; $message = "Message received from " . $SITENAME . " on " . date("Y-m-d H:i:s") . ".\n" . "---------------------------------------------------------------------\n\n" . $message1 . "\n\n" . "---------------------------------------------------------------------\n{$SITENAME}\n"; $success = sent_mail($to, $SITENAME, $SITEEMAIL, $subject, $message, "Mass Mail", false); } if ($success) { stderr("Success", "Messages sent."); } else { stderr("Error", "Try again."); } } stdhead("Mass E-mail Gateway"); ?> <p><table border=0 class=main cellspacing=0 cellpadding=0><tr> <td class=embedded style='padding-left: 10px'><font size=3><b>Send mass e-mail to all members</b></font></td> </tr></table></p> <table border=1 cellspacing=0 cellpadding=5> <form method=post action=massmail.php>
$ip = getip(); $usern = $arr["username"]; $id = $arr["id"]; $title = $SITENAME . $lang_confirm_resend['mail_title']; $body = <<<EOD {$lang_confirm_resend['mail_one']}{$usern}{$lang_confirm_resend['mail_two']}({$email}){$lang_confirm_resend['mail_three']}{$ip}{$lang_confirm_resend['mail_four']} <b><a href="javascript:void(null)" onclick="window.open('http://{$BASEURL}/confirm.php?id={$id}&secret={$psecret}')"> {$lang_confirm_resend['mail_this_link']} </a></b><br /> http://{$BASEURL}/confirm.php?id={$id}&secret={$psecret} {$lang_confirm_resend['mail_four_1']} <b><a href="javascript:void(null)" onclick="window.open('http://{$BASEURL}/confirm_resend.php')">{$lang_confirm_resend['mail_here']}</a></b><br /> http://{$BASEURL}/confirm_resend.php <br /> {$lang_confirm_resend['mail_five']} EOD; sent_mail($email, $SITENAME, $SITEEMAIL, change_email_encode(get_langfolder_cookie(), $title), change_email_encode(get_langfolder_cookie(), $body), "signup", false, false, '', get_email_encode(get_langfolder_cookie())); header("Location: " . get_protocol_prefix() . "{$BASEURL}/ok.php?type=signup&email=" . rawurlencode($email)); } else { stdhead(); $s = "<select name=\"sitelanguage\" onchange='submit()'>\n"; $langs = langlist("site_lang"); foreach ($langs as $row) { if ($row["site_lang_folder"] == get_langfolder_cookie()) { $se = " selected=\"selected\""; } else { $se = ""; } $s .= "<option value=\"" . $row["id"] . "\" " . $se . ">" . htmlspecialchars($row["lang_name"]) . "</option>\n"; } $s .= "\n</select>"; ?>
stderr($tracker_lang['error'], "Невозможно обновить данные пользователя. Пожалуста свяжитесь с администратором относительно этой ошибки."); } $body = <<<EOD По вашему запросу на восстановление пароля, вы сгенерировали вам новый пароль. Вот ваши новые данные для этого аккаунта: Пользователь: {$arr["username"]} Пароль: {$newpassword} Вы можете войти на сайт тут: {$DEFAULTBASEURL}/login.php -- {$SITENAME} EOD; sent_mail($email, $SITENAME, $SITEEMAIL, "Данные аккаунта на {$SITENAME}", $body) or stderr($tracker_lang['error'], "Невозможно отправить E-mail. Пожалуста сообщите администрации об ошибке."); stderr($tracker_lang['success'], "Новые данные по аккаунту отправлены на E-Mail <b>{$email}</b>.\n" . "Через несколько минут (обычно сразу) вы получите ваши новые данные."); } else { stdhead("Восстановление пароля"); ?> <form method="post" action="recover.php"> <table border="1" cellspacing="0" cellpadding="5"> <tr><td class="colhead" colspan="2">Восстановление имени пользователя или пароля</td></tr> <tr><td colspan="2">Используйте форму ниже для востановления пароля<br /> и ваши данные будут отправлены вам на почту.<br /><br /> Вы должны будете подтвердить запрос.</td></tr> <tr><td class="rowhead">Зарегистрированый email</td> <td><input type="text" size="40" name="email"></td></tr> <?php if ($use_captcha) { include_once "include/captcha.php"; $hash = create_captcha();
private function sendmails($nama, $email, $id) { $data = ""; $this->load->helper('mail'); $redirect = base_url(); $dbuff['nomor'] = 7; $dbuff['nama'] = "BGR Indonesia"; $dbuff['email'] = $email; $dbuff['id'] = $id; $data['to'] = $email; $data['subject'] = 'Registrasi Panselnas Kementerian BUMN'; $data['to_name'] = $nama; $data['content'] = $this->parser->parse('verification.html', $dbuff, true); sent_mail($data); }
} $body = <<<EOD Сообщение через обратную связь на {$website_name}: -------------------------------- {$message} -------------------------------- IP Адрес: {$ip} Имя пользователя: {$username} Код пользователя: {$userid} EOD; stdhead(); if (sent_mail($admin_email, $useremail, $useremail, 'Обратная связь на ' . $website_name . ' - ' . $subject, $body, false)) { stdmsg('Успешно', 'Ваше сообщение отправлено администрации.', 'success'); } else { stdmsg('Ошибка', 'Ваше сообщение <b>НЕ</b> было отправлено администрации, из-за непредвиденной ошибки сервера.', 'error'); } stdfoot(); } else { stdhead('Связаться с нами'); if ($use_captcha) { include_once "include/captcha.php"; $hash = create_captcha(); } ?> <form method="post" name="contactus" action="contactus.php" onsubmit="document.contactus.cbutton.value='Пожалуйста подождите ...';document.contactus.cbutton.disabled=true"> <input type="hidden" name="do" value="process"> <table class="main" border="1" cellspacing="0" cellpadding="5" width="100%">
} if (!check_email($from_email)) { stderr("Error", "Invalid email address!"); } $from = "{$from} <{$from_email}>"; $subject = substr(htmlspecialchars(trim($_POST["subject"])), 0, 80); if ($subject == "") { $subject = "(No subject)"; } $subject = "Fw: {$subject}"; $message = htmlspecialchars(trim($_POST["message"])); if ($message == "") { stderr("Error", "No message text!"); } $message = "Message submitted from " . getip() . " at " . date("Y-m-d H:i:s") . ".\n" . "Note: By replying to this e-mail you will reveal your e-mail address.\n" . "---------------------------------------------------------------------\n\n" . $message . "\n\n" . "---------------------------------------------------------------------\n{$SITENAME} E-Mail Gateway\n"; $success = sent_mail($to, $from, $from_email, $subject, $message, "E-Mail Gateway", false); if ($success) { stderr("Success", "E-mail successfully queued for delivery."); } else { stderr("Error", "The mail could not be sent. Please try again later."); } } stdhead("E-mail gateway"); ?> <p><table border=0 class=main cellspacing=0 cellpadding=0><tr> <td class=embedded style='padding-left: 10px'><font size=3><b>Send e-mail to <?php echo $username; ?> </b></font></td> </tr></table></p> <table border=1 cellspacing=0 cellpadding=5>
} $id = mysql_insert_id(); sql_query("DELETE FROM invites WHERE invite = " . sqlesc($_POST["invite"])); write_log("Зарегистрирован новый пользователь {$wantusername}", "FFFFFF", "tracker"); $psecret = md5($editsecret); $body = <<<EOD Вы зарегистрировались на {$SITENAME} и указали этот адрес как обратный ({$email}). Если это были не вы, пожалуйста проигнорируйте это письмо. Персона которая ввела ваш E-Mail адресс имеет IP адрес {$_SERVER["REMOTE_ADDR"]}. Пожалуйста, не отвечайте. Для подтверждения вашей регистрации, вам нужно пройти по следующей ссылке: {$DEFAULTBASEURL}/confirm.php?id={$id}&secret={$psecret} После того как вы это сделаете, вы сможете использовать ваш аккаунт. Если вы этого не сделаете, ваш новый аккаунт будет удален через пару дней. Мы рекомендуем вам прочитать правила и ЧаВо прежде чем вы начнете использовать {$SITENAME}. EOD; if ($use_email_act && $users) { if (!sent_mail($email, $SITENAME, $SITEEMAIL, "Подтверждение регистрации на {$SITENAME}", $body, false)) { //stderr($tracker_lang['error'], "Невозможно отправить E-Mail. Попробуйте позже"); write_log("Проблема с отправкой письма для активации на адрес {$email}", "FF0000", "errors"); logincookie($id, $wantpasshash); sql_query('UPDATE users SET status = "confirmed" WHERE id = ' . $id) or sqlerr(__FILE__, __LINE__); header("Location: ok.php?type=confirm"); die; } } else { logincookie($id, $wantpasshash); } header("Refresh: 0; url=ok.php?type=" . (!$users ? "sysop" : "signup&email=" . urlencode($email)));
if ($changedemail) { $sec = mksecret(); $hash = md5($sec . $email . $sec); $obemail = urlencode($email); $updateset[] = "editsecret = " . sqlesc($sec); $thishost = $_SERVER["HTTP_HOST"]; $thisdomain = preg_replace('/^www\\./is', "", $thishost); $body = <<<EOD You have requested that your user profile (username {$CURUSER["username"]}) on {$thisdomain} should be updated with this email address ({$email}) as user contact. If you did not do this, please ignore this email. The person who entered your email address had the IP address {$_SERVER["REMOTE_ADDR"]}. Please do not reply. To complete the update of your user profile, please follow this link: http://{$thishost}/confirmemail.php?id={$CURUSER["id"]}&hash={$hash}&email={$obemail} If you have AOL browser, please click the following link: <a href="http://{$thishost}/confirmemail.php?id={$CURUSER["id"]}&hash={$hash}&email={$obemail}">http://{$thishost}/confirmemail.php?id={$CURUSER["id"]}&hash={$hash}&email={$obemail}</a> Your new email address will appear in your profile after you do this. Otherwise your profile will remain unchanged. EOD; sent_mail($email, $SITENAME, $SITEEMAIL, "Изменение настроек профиля на {$thisdomain}", $body, false); // mail($email, "$thisdomain profile change confirmation", $body, "From: $SITEEMAIL"); $urladd .= "&mailsent=1"; } sql_query("UPDATE users SET " . implode(",", $updateset) . " WHERE id = " . $CURUSER["id"]) or sqlerr(__FILE__, __LINE__); header("Location: {$DEFAULTBASEURL}/my.php?edited=1" . $urladd);
$body = <<<EOD \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_dear']}{$msg_receiver}, \t\t \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_you_received_a_pm']} \t\t \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_sender']}: {$username} \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_subject']}: {$subject} \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_date']}: {$date} \t\t \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_use_following_url']}<b><a href="javascript:void(null)" onclick="window.open('{$prefix}{$BASEURL}/messages.php?action=viewmessage&id={$msgid}')">{$lang_takemessage_target[get_user_lang($user["id"])]['mail_here']}</a></b>{$lang_takemessage_target[get_user_lang($user["id"])]['mail_use_following_url_1']}<br /> {$prefix}{$BASEURL}/messages.php?action=viewmessage&id={$msgid} \t\t \t\t------{$lang_takemessage_target[get_user_lang($user["id"])]['mail_yours']} \t\t{$lang_takemessage_target[get_user_lang($user["id"])]['mail_the_site_team']} EOD; sent_mail($user["email"], $SITENAME, $SITEEMAIL, change_email_encode(get_user_lang($user["id"]), $title), change_email_encode(get_user_lang($user["id"]), str_replace("<br />", "<br />", nl2br($body))), "sendmessage", false, false, '', get_email_encode(get_user_lang($user["id"]))); } } $delete = $_POST["delete"]; if ($origmsg) { if ($delete == "yes") { // Make sure receiver of $origmsg is current user $res = sql_query("SELECT * FROM messages WHERE id={$origmsg}") or sqlerr(__FILE__, __LINE__); if (mysql_num_rows($res) == 1) { $arr = mysql_fetch_assoc($res); if ($arr["receiver"] != $CURUSER["id"]) { stderr("w00t", "This shouldn't happen."); } if ($arr["saved"] == "no") { sql_query("DELETE FROM messages WHERE id={$origmsg}") or sqlerr(__FILE__, __LINE__); } elseif ($arr["saved"] == "yes") {
</head> <body class="skin-blue"> <div class="wrapper"> <?php top_header(); //function in include/dashboardFunctions.php ?> <?php sidebar(); //function in include/dashboardFunctions.php ?> <?php sent_mail(); //function in include/authoritFunctions.php ?> <?php footer(); //function in include/dashboardFunctions.php ?> </div><!-- ./wrapper --> <!-- jQuery 2.1.3 --> <script src="plugins/jQuery/jQuery-2.1.3.min.js"></script> <!-- Bootstrap 3.3.2 JS --> <script src="bootstrap/js/bootstrap.min.js" type="text/javascript"></script> <!-- jQuery UI 1.11.1 -->
if (strpos($user['notifs'], '[pm]') !== false) { $username = $CURUSER["username"]; $usremail = $user["email"]; $body = <<<EOD {$username} послал вам личное сообщение! Пройдите по ссылке ниже, чтобы его прочитать. {$DEFAULTBASEURL}/message.php?action=viewmessage&id={$sended_id} -- {$SITENAME} EOD; $subj = "Вы получили новое ЛС от {$username}!"; sent_mail($usremail, $SITENAME, $SITEEMAIL, $subj, $body, false); } $delete = $_POST["delete"]; if ($origmsg) { if ($delete == "yes") { // Make sure receiver of $origmsg is current user $res = sql_query("SELECT * FROM messages WHERE id={$origmsg}") or sqlerr(__FILE__, __LINE__); if (mysql_num_rows($res) == 1) { $arr = mysql_fetch_assoc($res); if ($arr["receiver"] != $CURUSER["id"]) { stderr($tracker_lang['error'], "Вы пытаетесь удалить не свое сообщение!"); } if ($arr["saved"] == "no") { sql_query("DELETE FROM messages WHERE id={$origmsg}") or sqlerr(__FILE__, __LINE__); } elseif ($arr["saved"] == "yes") { sql_query("UPDATE messages SET unread = 'no', location = '0' WHERE id={$origmsg}") or sqlerr(__FILE__, __LINE__);