/** * This constructs and sends the email from an individual email template for a single form * submission. * * @param integer $form_id * @param integer $submission_id * @param integer $email_id */ function ft_process_email_template($form_id, $submission_id, $email_id) { list($success, $email_components) = ft_get_email_components($form_id, $submission_id, $email_id); if (!$success) { return array(false, "Email components not returned properly (ft_get_email_components)."); } extract(ft_process_hook_calls("start", compact("form_id", "submission_id", "email_id", "email_components"), array("email_components")), EXTR_OVERWRITE); // if Swift Mailer is enabled, send the emails with that $continue = true; if (ft_check_module_enabled("swift_mailer")) { $sm_settings = ft_get_module_settings("", "swift_mailer"); if (isset($sm_settings["swiftmailer_enabled"]) && $sm_settings["swiftmailer_enabled"] == "yes") { ft_include_module("swift_mailer"); list($success, $message) = swift_send_email($email_components); $continue = false; } } // if it was sent (or was attempted to have been sent) by the Swift Mailer module, stop here if (!$continue) { return array($success, $message); } $eol = _ft_get_email_eol_char(); $recipient_list = array(); foreach ($email_components["to"] as $to_info) { $recipient_list[] = $to_info["recipient_line"]; } $to = join(", ", $recipient_list); $to = htmlspecialchars_decode($to); if (empty($to)) { return array(false, "No main recipient specified."); } $headers = "MIME-Version: 1.0{$eol}"; if (!empty($email_components["from"])) { $from = htmlspecialchars_decode($email_components["from"]["recipient_line"]); $headers .= "From: {$from}{$eol}"; } if (!empty($email_components["reply_to"])) { $reply_to = htmlspecialchars_decode($email_components["reply_to"]["recipient_line"]); $headers .= "Reply-to: {$reply_to}{$eol}"; } if (!empty($email_components["cc"])) { $cc_list = array(); foreach ($email_components["cc"] as $cc_info) { $cc_list[] = $cc_info["recipient_line"]; } $cc = join(", ", $cc_list); $cc = htmlspecialchars_decode($cc); $headers .= "Cc: {$cc}{$eol}"; } if (!empty($email_components["bcc"])) { $bcc_list = array(); foreach ($email_components["bcc"] as $bcc_info) { $bcc_list[] = $bcc_info["recipient_line"]; } $bcc = join(", ", $bcc_list); $bcc = htmlspecialchars_decode($bcc); $headers .= "Bcc: {$bcc}{$eol}"; } $message = ""; $html_content = isset($email_components["html_content"]) ? $email_components["html_content"] : ""; $text_content = isset($email_components["text_content"]) ? $email_components["text_content"] : ""; $html_content = trim($html_content); $text_content = trim($text_content); // if there's no TO line or there's no email content for either types, we can't send the email if (empty($html_content) && empty($text_content)) { return array(false, "No text or HTML email content specified"); } if (!empty($html_content) && !empty($text_content)) { $headers .= _ft_get_multipart_message($html_content, $text_content, $eol); } else { if (!empty($html_content)) { $message = $html_content; $headers .= "Content-type: text/html; charset=UTF-8"; } else { if (!empty($text_content)) { $message = $text_content; $headers .= "Content-type: text/plain; charset=UTF-8"; } } } $subject = $email_components["subject"]; // send the email $email_sent = @mail("{$to}", $subject, $message, $headers); if ($email_sent) { return array(true, ""); } else { return array(false, "The mail() function failed to send the email."); } }
/** * Used by the "forget password?" page to have a client's login information sent to them. * * @param array $info the $_POST containing a "username" key. That value is used to find the user * account information to email them. * @return array [0]: true/false (success / failure) * [1]: message string */ function ft_send_password($info) { global $g_root_url, $g_root_dir, $g_table_prefix, $LANG; $info = ft_sanitize($info); extract(ft_process_hook_calls("start", compact("info"), array("info")), EXTR_OVERWRITE); $success = true; $message = $LANG["notify_login_info_emailed"]; if (!isset($info["username"]) || empty($info["username"])) { $success = false; $message = $LANG["validation_no_username_or_js"]; return array($success, $message); } $username = $info["username"]; $query = mysql_query("\r\n SELECT *\r\n FROM {$g_table_prefix}accounts\r\n WHERE username = '******'\r\n "); // not found if (!mysql_num_rows($query)) { $success = false; $message = $LANG["validation_account_not_recognized_info"]; return array($success, $message); } $account_info = mysql_fetch_assoc($query); $email = $account_info["email"]; // one final check: confirm the email is defined & valid if (empty($email) || !ft_is_valid_email($email)) { $success = false; $message = $LANG["validation_email_not_found_or_invalid"]; return array($success, $message); } $account_id = $account_info["account_id"]; $username = $account_info["username"]; $new_password = ft_generate_password(); $encrypted_password = md5(md5($new_password)); // update the database with the new password (encrypted). As of 2.1.0 there's a second field to store the // temporary generated password, leaving the original password intact. This prevents a situation arising when // someone other than the admin / client uses the "Forget Password" feature and invalidates a valid, known password. // Any time the user successfully logs in, mysql_query("\r\n UPDATE {$g_table_prefix}accounts\r\n SET temp_reset_password = '******'\r\n WHERE account_id = {$account_id}\r\n "); // now build and sent the email // 1. build the email content $placeholders = array("login_url" => "{$g_root_url}/?id={$account_id}", "email" => $email, "username" => $username, "new_password" => $new_password); $smarty_template_email_content = file_get_contents("{$g_root_dir}/global/emails/forget_password.tpl"); $email_content = ft_eval_smarty_string($smarty_template_email_content, $placeholders); // 2. build the email subject line $placeholders = array("program_name" => ft_get_settings("program_name")); $smarty_template_email_subject = file_get_contents("{$g_root_dir}/global/emails/forget_password_subject.tpl"); $email_subject = trim(ft_eval_smarty_string($smarty_template_email_subject, $placeholders)); // if Swift Mailer is enabled, send the emails with that. In case there's a problem sending the message with // Swift, it falls back the default mail() function. $swift_mail_error = false; $swift_mail_enabled = ft_check_module_enabled("swift_mailer"); if ($swift_mail_enabled) { $sm_settings = ft_get_module_settings("", "swift_mailer"); if ($sm_settings["swiftmailer_enabled"] == "yes") { ft_include_module("swift_mailer"); // get the admin info. We'll use that info for the "from" and "reply-to" values. Note // that we DON'T use that info for the regular mail() function. This is because retrieving // the password is important functionality and we don't want to cause problems that could // prevent the email being sent. Many servers don't all the 4th headers parameter of the mail() // function $admin_info = ft_get_admin_info(); $admin_email = $admin_info["email"]; $email_info = array(); $email_info["to"] = array(); $email_info["to"][] = array("email" => $email); $email_info["from"] = array(); $email_info["from"]["email"] = $admin_email; $email_info["subject"] = $email_subject; $email_info["text_content"] = $email_content; list($success, $sm_message) = swift_send_email($email_info); // if the email couldn't be sent, display the appropriate error message. Otherwise // the default success message is used if (!$success) { $swift_mail_error = true; $message = $sm_message; } } } // if there was an error sending with Swift, or if it wasn't installed, send it by mail() if (!$swift_mail_enabled || $swift_mail_error) { // send email [note: the double quotes around the email recipient and content are intentional: some systems fail without it] if (!@mail("{$email}", $email_subject, $email_content)) { $success = false; $message = $LANG["notify_email_not_sent"]; return array($success, $message); } } extract(ft_process_hook_calls("end", compact("success", "message", "info"), array("success", "message")), EXTR_OVERWRITE); return array($success, $message); }