function session_pagestart($user_ip, $thispage_id) { global $db, $lang, $board_config; global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID; $cookiename = $board_config['cookie_name']; $cookiepath = $board_config['cookie_path']; $cookiedomain = $board_config['cookie_domain']; $cookiesecure = $board_config['cookie_secure']; $current_time = time(); unset($userdata); if (isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data'])) { $sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array(); $session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : ''; $sessionmethod = SESSION_METHOD_COOKIE; } else { $sessiondata = array(); $session_id = isset($HTTP_GET_VARS['sid']) ? $HTTP_GET_VARS['sid'] : ''; $sessionmethod = SESSION_METHOD_GET; } // if (!preg_match('/^[A-Za-z0-9]*$/', $session_id)) { $session_id = ''; } $thispage_id = (int) $thispage_id; // // Does a session exist? // if (!empty($session_id)) { // // session_id exists so go ahead and attempt to grab all // data in preparation // $sql = "SELECT u.*, s.*\n\t\t\tFROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u\n\t\t\tWHERE s.session_id = '{$session_id}'\n\t\t\t\tAND u.user_id = s.session_user_id"; if (!($result = $db->sql_query($sql))) { message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql); } $userdata = $db->sql_fetchrow($result); // // Did the session exist in the DB? // if (isset($userdata['user_id'])) { // Added by FAI // Find Public Whip user id $logged_into_pw = user_isloggedin(); global $user_name; // Look it up in PHPBB user account list $result = $db->sql_query("select user_id from phpbb_users where username = '******'"); if ($result) { $row = $db->sql_fetchrow($result); $user_id_for_phpbb = $row['user_id']; } $url = !empty($HTTP_POST_VARS['redirect']) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : str_replace("/forum/", "", $_SERVER['REQUEST_URI']); if ($logged_into_pw) { // If user id is wrong, log into it if ($user_id_for_phpbb && $user_id_for_phpbb != $userdata['user_id']) { if ($userdata['user_id'] > 0) { session_end($userdata['session_id'], $userdata['user_id']); redirect(append_sid($url, true)); } $session_id = session_begin($user_id_for_phpbb, $user_ip, PAGE_INDEX, FALSE, TRUE); redirect(append_sid($url, true)); exit; } // Otherwise make new account if (!$user_id_for_phpbb) { // Log out first if logged in if ($userdata['user_id'] > 0) { session_end($userdata['session_id'], $userdata['user_id']); redirect(append_sid($url, true)); exit; } $sql = "SELECT MAX(user_id) AS total FROM " . USERS_TABLE; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql); } if (!($row = $db->sql_fetchrow($result))) { message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql); } $user_id = $row['total'] + 1; $notifyreply = 1; $sql = "INSERT INTO " . USERS_TABLE . "\t \nVALUES ('" . mysql_escape_string($user_id) . "',1,'" . mysql_escape_string($user_name) . "','NEVER***',0,0,0," . time() . ",0,0,0.00,1,'english','D M d, Y g:i a',0,0,0,NULL,0,1,1,1,1,1,1,1,1,1,1,0,'',0,'" . mysql_escape_string(user_getemail()) . "','','','','','','','','','','','',NULL,0,0)"; /* VALUES ($user_id, '" . str_replace("\'", "''", $user_name) . "', " . time() . ", '" . str_replace("\'", "''", "NOT VALID ***") . "', '" . str_replace("\'", "''", user_getemail()) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', $avatar_sql, $viewemail, '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popup_pm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, "; */ if (!($result = $db->sql_query($sql, BEGIN_TRANSACTION))) { message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__, $sql); } $sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, group_single_user, group_moderator)\n\t\t\t\tVALUES ('', 'Personal User', 1, 0)"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not insert data into groups table', '', __LINE__, __FILE__, $sql); } $group_id = $db->sql_nextid(); $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)\n\t\t\t\tVALUES ({$user_id}, {$group_id}, 0)"; if (!($result = $db->sql_query($sql, END_TRANSACTION))) { message_die(GENERAL_ERROR, 'Could not insert data into user_group table', '', __LINE__, __FILE__, $sql); } $session_id = session_begin($user_id, $user_ip, PAGE_INDEX, FALSE, TRUE); redirect(append_sid($url, true)); exit; } } else { if ($userdata['user_id'] > 0) { session_end($userdata['session_id'], $userdata['user_id']); redirect(append_sid($url, true)); exit; } } // End added by FAI // // Do not check IP assuming equivalence, if IPv4 we'll check only first 24 // bits ... I've been told (by vHiker) this should alleviate problems with // load balanced et al proxies while retaining some reliance on IP security. // $ip_check_s = substr($userdata['session_ip'], 0, 6); $ip_check_u = substr($user_ip, 0, 6); if ($ip_check_s == $ip_check_u) { $SID = $sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN') ? 'sid=' . $session_id : ''; // // Only update session DB a minute or so after last update // if ($current_time - $userdata['session_time'] > 60) { // A little trick to reset session_admin on session re-usage $update_admin = !defined('IN_ADMIN') && $current_time - $userdata['session_time'] > $board_config['session_length'] + 60 ? ', session_admin = 0' : ''; $sql = "UPDATE " . SESSIONS_TABLE . " \n\t\t\t\t\t\tSET session_time = {$current_time}, session_page = {$thispage_id}{$update_admin}\n\t\t\t\t\t\tWHERE session_id = '" . $userdata['session_id'] . "'"; if (!$db->sql_query($sql)) { message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql); } if ($userdata['user_id'] != ANONYMOUS) { $sql = "UPDATE " . USERS_TABLE . " \n\t\t\t\t\t\t\tSET user_session_time = {$current_time}, user_session_page = {$thispage_id}\n\t\t\t\t\t\t\tWHERE user_id = " . $userdata['user_id']; if (!$db->sql_query($sql)) { message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql); } } session_clean($userdata['session_id']); setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure); setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure); } // Add the session_key to the userdata array if it is set if (isset($sessiondata['autologinid']) && $sessiondata['autologinid'] != '') { $userdata['session_key'] = $sessiondata['autologinid']; } return $userdata; } } } // // If we reach here then no (valid) session exists. So we'll create a new one, // using the cookie user_id if available to pull basic user prefs. // $user_id = isset($sessiondata['userid']) ? intval($sessiondata['userid']) : ANONYMOUS; if (!($userdata = session_begin($user_id, $user_ip, $thispage_id, TRUE))) { message_die(CRITICAL_ERROR, 'Error creating user session', '', __LINE__, __FILE__, $sql); } return $userdata; }
/** * Display the list of CC addresses * * @param group_id: the group id * @param group_artifact_id: the artifact type ID * @param ascii: ascii mode * * @return void */ function showCCList($group_id, $group_artifact_id, $ascii = false, $pv = 0) { $hp = Codendi_HTMLPurifier::instance(); global $Language; // // format the CC list for this artifact // $result = $this->getCCList(); $rows = db_numrows($result); $out = ''; // Nobody in the CC list -> return now if ($rows <= 0) { if ($ascii) { $out = $Language->getText('tracker_include_artifact', 'cc_empty') . $GLOBALS['sys_lf']; } else { $out = '<H4>' . $Language->getText('tracker_include_artifact', 'cc_empty') . '</H4>'; } return $out; } // Header first an determine what the print out format is // based on output type (Ascii, HTML) if ($ascii) { $out .= $Language->getText('tracker_include_artifact', 'cc_list') . $GLOBALS['sys_lf'] . str_repeat("*", strlen($Language->getText('tracker_include_artifact', 'cc_list'))) . $GLOBALS['sys_lf'] . $GLOBALS['sys_lf']; $fmt = "%-35s | %s" . $GLOBALS['sys_lf']; $out .= sprintf($fmt, $Language->getText('tracker_include_artifact', 'cc_address'), $Language->getText('tracker_include_artifact', 'fill_cc_list_cmt')); $out .= "------------------------------------------------------------------" . $GLOBALS['sys_lf']; } else { $title_arr = array(); $title_arr[] = $Language->getText('tracker_include_artifact', 'cc_address'); $title_arr[] = $Language->getText('tracker_include_artifact', 'fill_cc_list_cmt'); $title_arr[] = $Language->getText('tracker_include_artifact', 'added_by'); $title_arr[] = $Language->getText('tracker_include_artifact', 'posted_on'); if ($pv == 0) { $title_arr[] = $Language->getText('tracker_include_canned', 'delete'); } $out .= html_build_list_table_top($title_arr); $fmt = "\n" . '<TR class="%s"><td>%s</td><td>%s</td><td align="center">%s</td><td align="center">%s</td>'; if ($pv == 0) { $fmt .= '<td align="center">%s</td>'; } $fmt .= '</tr>'; } // Loop through the cc and format them for ($i = 0; $i < $rows; $i++) { $email = db_result($result, $i, 'email'); $artifact_cc_id = db_result($result, $i, 'artifact_cc_id'); // if the CC is a user point to its user page else build a mailto: URL $res_username = user_get_result_set_from_unix($email); if ($res_username && db_numrows($res_username) == 1) { $href_cc = util_user_link($email); } else { $href_cc = '<a href="mailto:' . util_normalize_email($email) . '">' . $email . '</a>'; } if ($ascii) { $out .= sprintf($fmt, $email, SimpleSanitizer::unsanitize(db_result($result, $i, 'comment'))); } else { // show CC delete icon if one of the condition is met: // (a) current user is a group member // (b) the CC name is the current user // (c) the CC email address matches the one of the current user // (d) the current user is the person who added a gieven name in CC list if (user_ismember($this->ArtifactType->getGroupID()) || user_getname(user_getid()) == $email || user_getemail(user_getid()) == $email || user_getname(user_getid()) == db_result($result, $i, 'user_name')) { $html_delete = '<a href="?func=delete_cc&group_id=' . (int) $group_id . '&aid=' . (int) $this->getID() . '&atid=' . (int) $group_artifact_id . '&artifact_cc_id=' . (int) $artifact_cc_id . '" ' . ' onClick="return confirm(\'' . $Language->getText('tracker_include_artifact', 'delete_cc') . '\')">' . '<IMG SRC="' . util_get_image_theme("ic/trash.png") . '" HEIGHT="16" WIDTH="16" BORDER="0" ALT="' . $Language->getText('global', 'btn_delete') . '"></A>'; } else { $html_delete = '-'; } $out .= sprintf($fmt, util_get_alt_row_color($i), $href_cc, $hp->purify(SimpleSanitizer::unsanitize(db_result($result, $i, 'comment')), CODENDI_PURIFIER_BASIC, $this->ArtifactType->getGroupId()), util_user_link(db_result($result, $i, 'user_name')), format_date($GLOBALS['Language']->getText('system', 'datefmt'), db_result($result, $i, 'date')), $html_delete); } // for } // final touch... $out .= $ascii ? $GLOBALS['sys_lf'] : "</TABLE>"; return $out; }
/** * Get the list of users to be notified by the event * * @return array */ function getNotifiedPeople() { global $art_field_fact; //Instantiate a new Artifact object $group = ProjectManager::instance()->getProject($this->getGroupId()); $at = new ArtifactType($group, $this->getGroupArtifactId()); $art_field_fact = new ArtifactFieldFactory($at); $art = new Artifact($at, $this->getArtifactId(), false); $notified_people = array(); $sql = sprintf('SELECT notified_people FROM artifact_date_reminder_settings' . ' WHERE reminder_id=%d' . ' AND group_artifact_id=%d' . ' AND field_id=%d', db_ei($this->getReminderId()), db_ei($this->getGroupArtifactId()), db_ei($this->getFieldId())); $res = db_query($sql); $notif = db_result($res, 0, 'notified_people'); $notif_array = explode(",", $notif); foreach ($notif_array as $item) { if ($item == 1) { //Submitter $submitter = $art->getSubmittedBy(); //add submitter in the 'notified_people' array if (!in_array(user_getemail($submitter), $notified_people) && $submitter != 100 && $this->isUserAllowedToBeNotified($submitter)) { $count = count($notified_people); $notified_people[$count] = user_getemail($submitter); } } else { if ($item == 2) { //Assigned To $assignee_array = array(); $multi_assigned_to = $art_field_fact->getFieldFromName('multi_assigned_to'); if (is_object($multi_assigned_to)) { //Multi-Assigned To field if ($multi_assigned_to->isUsed()) { $assignee_array = $art->getMultiAssignedTo(); } } else { $assigned_to = $art_field_fact->getFieldFromName('assigned_to'); if (is_object($assigned_to)) { //Assigned To field if ($assigned_to->isUsed()) { $assignee_array = array($art->getValue('assigned_to')); } } } $index = count($notified_people); if (count($assignee_array) > 0) { foreach ($assignee_array as $assignee) { if (!in_array(user_getemail($assignee), $notified_people) && $assignee != 100 && $this->isUserAllowedToBeNotified($assignee)) { $notified_people[$index] = user_getemail($assignee); $index++; } } } } else { if ($item == 3) { //CC $cc_array = $art->getCCIdList(); if (count($cc_array) > 0) { $index = count($notified_people); foreach ($cc_array as $cc_id) { $cc = user_getemail($cc_id); if (!in_array($cc, $notified_people) && $this->isUserAllowedToBeNotified($cc_id)) { //add CC list in the 'notified_people' array $notified_people[$index] = $cc; $index++; } } } } else { if ($item == 4) { //Commenter $res_com = $art->getCommenters(); if (db_numrows($res_com) > 0) { $index = count($notified_people); while ($row = db_fetch_array($res_com)) { $commenter = $row['mod_by']; if (!in_array(user_getemail($commenter), $notified_people) && $commenter != 100 && $this->isUserAllowedToBeNotified($commenter)) { //add Commenters in the 'notified_people' array $notified_people[$index] = user_getemail($commenter); $index++; } } } } else { if (preg_match("/^g/", $item)) { // user-group $ugr_id = (int) substr($item, 1); if ($ugr_id > 100) { // user-defined ugroup $qry = ugroup_db_get_members($ugr_id); $result = db_query($qry); if (db_numrows($result) > 0) { $idx = count($notified_people); while ($row = db_fetch_array($result)) { $usr = $row['user_id']; if (!in_array(user_getemail($usr), $notified_people) && $usr != 100 && $this->isUserAllowedToBeNotified($usr)) { //add ugroup members in the 'notified_people' array $notified_people[$idx] = user_getemail($usr); $idx++; } } } } else { // predefined ugroup $qry = ugroup_db_get_dynamic_members($ugr_id, $this->getGroupArtifactId(), $this->getGroupId()); $result = db_query($qry); if (db_numrows($result) > 0) { $idx = count($notified_people); while ($row = db_fetch_array($result)) { $usr = $row['user_id']; if (!in_array(user_getemail($usr), $notified_people) && $usr != 100 && $this->isUserAllowedToBeNotified($usr)) { //add ugroup members in the 'notified_people' array $notified_people[$idx] = user_getemail($usr); $idx++; } } } } } } } } } } return $notified_people; }
/** support mass rename / remove (not yet tested) */ function sendPageRenameNotification($to, &$meta, $emails, $userids) { global $request; if (@is_array($request->_deferredPageRenameNotification)) { $request->_deferredPageRenameNotification[] = array($this->_pagename, $to, $meta, $emails, $userids); } else { $oldname = $this->_pagename; // Codendi specific $subject = sprintf(_("Page rename %s to %s"), $oldname, $to); $from = user_getemail(user_getid()); $body = $subject . "\n" . sprintf(_("Edited by: %s"), $from) . "\n" . WikiURL($to, array(), true); $m = new Mail(); $m->setFrom($from); $m->setSubject("[" . WIKI_NAME . "] " . $subject); $m->setBcc(join(',', $emails)); $m->setBody($body); if ($m->send()) { trigger_error(sprintf(_("PageChange Notification of %s sent to %s"), $oldname, join(',', $userids)), E_USER_NOTICE); } else { trigger_error(sprintf(_("PageChange Notification Error: Couldn't send %s to %s"), $oldname, join(',', $userids)), E_USER_WARNING); } } }
case 'delete_cc': $ah = new ArtifactHtml($ath, $aid); if (!$ah || !is_object($ah)) { exit_error($Language->getText('global', 'error'), $Language->getText('tracker_index', 'not_create_art')); } else { if ($ah->isError()) { exit_error($Language->getText('global', 'error'), $ah->getErrorMessage()); } else { $artifact_cc_id = $request->get('artifact_cc_id'); $cc_array = $ah->getCC($artifact_cc_id); // Perform CC deletion if one of the condition is met: // (a) current user is a artifact admin // (b) then CC name is the current user // (c) the CC email address matches the one of the current user // (d) the current user is the person who added a gieven name in CC list if (user_ismember($group_id) || user_getname(user_getid()) == $cc_array['email'] || user_getemail(user_getid()) == $cc_array['email'] || user_getname(user_getid()) == $cc_array['user_name']) { $changed = $ah->deleteCC($artifact_cc_id, $changes); if ($changed) { $agnf = new ArtifactGlobalNotificationFactory(); $addresses = $agnf->getAllAddresses($ath->getID(), true); $ah->mailFollowupWithPermissions($addresses, $changes); } $GLOBALS['Response']->redirect('?group_id=' . (int) $group_id . '&atid=' . (int) $atid . '&aid=' . (int) $aid . '&func=detail'); } else { // Invalid permission exit_permission_denied(); return; } } } break;
function plugin_forumml_process_mail($plug, $reply = false) { $request =& HTTPRequest::instance(); $hp =& ForumML_HTMLPurifier::instance(); // Instantiate a new Mail class $mail =& new Mail(); // Build mail headers $to = mail_get_listname_from_list_id($request->get('list')) . "@" . $GLOBALS['sys_lists_host']; $mail->setTo($to); $from = user_getrealname(user_getid()) . " <" . user_getemail(user_getid()) . ">"; $mail->setFrom($from); $vMsg = new Valid_Text('message'); if ($request->valid($vMsg)) { $message = $request->get('message'); } $subject = $request->get('subject'); $mail->setSubject($subject); if ($reply) { // set In-Reply-To header $hres = plugin_forumml_get_message_headers($request->get('reply_to')); $reply_to = db_result($hres, 0, 'value'); $mail->addAdditionalHeader("In-Reply-To", $reply_to); } $continue = true; if ($request->validArray(new Valid_Email('ccs')) && $request->exist('ccs')) { $cc_array = array(); $idx = 0; foreach ($request->get('ccs') as $cc) { if (trim($cc) != "") { $cc_array[$idx] = $hp->purify($cc, CODENDI_PURIFIER_FULL); $idx++; } } // Checks sanity of CC List $err = ''; if (!util_validateCCList($cc_array, $err)) { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_forumml', 'invalid_mail', $err)); $continue = false; } else { // add list of cc users to mail mime if (count($cc_array) > 0) { $cc_list = util_normalize_emails(implode(',', $cc_array)); $mail->setCc($cc_list, true); } } } if ($continue) { // Process attachments // Define boundaries as specified in RFC: // http://www.w3.org/Protocols/rfc1341/7_2_Multipart.html $boundary = '----=_NextPart'; $boundaryStart = '--' . $boundary; $boundaryEnd = '--' . $boundary . '--'; // Attachments headers if (isset($_FILES["files"]) && count($_FILES["files"]['name']) > 0) { $attachment = ""; $text = "This is a multi-part message in MIME format.\n"; $text = "{$boundaryStart}\n"; $text .= "Content-Type: text/plain; charset=\"iso-8859-1\"\n"; $text .= "Content-Transfer-Encoding: 8bit\n\n"; $text .= $message; $text .= "\n\n"; foreach ($_FILES["files"]['name'] as $i => $fileName) { $attachment .= "{$boundaryStart}\n"; $attachment .= "Content-Type:" . $_FILES["files"]["type"][$i] . "; name=" . $fileName . "\n"; $attachment .= "Content-Transfer-Encoding: base64\n"; $attachment .= "Content-Disposition: attachment; filename=" . $fileName . "\n\n"; $attachment .= chunk_split(base64_encode(file_get_contents($_FILES["files"]["tmp_name"][$i]))); } $attachment .= "\n{$boundaryEnd}\n"; $body = $text . $attachment; // force MimeType to multipart/mixed as default (when instantiating new Mail object) is text/plain $mail->setMimeType('multipart/mixed; boundary="' . $boundary . '"'); $mail->addAdditionalHeader("MIME-Version", "1.0"); } else { $body = $message; } $mail->setBody($body); if ($mail->send()) { $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_forumml', 'mail_succeed')); } else { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_forumml', 'mail_fail')); $continue = false; } } return $continue; }
exit_error($GLOBALS["Language"]->getText('global', 'error'), $GLOBALS["Language"]->getText('plugin_forumml', 'specify_list')); } else { $list_id = $request->get('list'); $project = ProjectManager::instance()->getProject($group_id); if (!$user->isMember($group_id) && ($user->isRestricted() || !mail_is_list_public($list_id) || !$project->isPublic())) { exit_error($GLOBALS["Language"]->getText('global', 'error'), $GLOBALS["Language"]->getText('include_exit', 'no_perm')); } if (!mail_is_list_active($list_id)) { exit_error($GLOBALS["Language"]->getText('global', 'error'), $GLOBALS["Language"]->getText('plugin_forumml', 'wrong_list')); } } // If the list is private, search if the current user is a member of that list. If not, permission denied $list_name = mail_get_listname_from_list_id($list_id); if (!mail_is_list_public($list_id)) { exec("{$GLOBALS['mailman_bin_dir']}/list_members " . $list_name, $members); $user = user_getemail(user_getid()); if (!in_array($user, $members)) { exit_permission_denied(); } } // Build the mail to be sent $vSrep = new Valid_WhiteList('send_reply', array('Submit')); $vSrep->required(); if ($request->valid($vSrep)) { // process the mail $ret = plugin_forumml_process_mail($p, true); if ($ret) { $GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('plugin_forumml', 'delay_redirection', array($p->getThemePath() . "/images/ic/spinner-greenie.gif", $group_id, $list_id, $topic)), CODENDI_PURIFIER_DISABLED); } } $vRep = new Valid_WhiteList('reply', array('1'));
if ($feedback && !$just_logged_in) { if ($ok) { print "<p>{$feedback}</p>"; } else { print "<div class=\"error\"><h2>Failed to change settings</h2><p>{$feedback}</div>"; } } $newsletter = user_getnewsletter(); if ($newsletter) { $newsletter = "checked"; } else { $newsletter = ""; } print '<P><span class="ptitle">User name:</span> ' . $user_name . ' <br><span class="ptitle">Real name:</span> ' . user_getrealname() . ' <br><span class="ptitle">Email:</span> ' . user_getemail() . ' (<a href="changeemail.php">change email</a>) <br><span class="ptitle">Password:</span> (<a href="changepass.php">change password</a>) <FORM ACTION="' . $PHP_SELF . '" METHOD="POST"> <h2>Newsletter subscription</h2> <INPUT TYPE="checkbox" NAME="newsletter" ' . $newsletter . '>Email newsletter (at most once a month) <INPUT TYPE="SUBMIT" NAME="submit" VALUE="Update"> </FORM> <P>'; print '<h2>Forum profile</h2>'; print '<p>'; print pretty_user_name($db, $user_name, 'View your forum profile, including posts you\'ve made'); print "<h2>Policies which you made</h2>"; $query = "select dream_id, name, description, private from pw_dyn_dreammp where user_id = '" . user_getid() . "' order by private, name"; $db->query($query); $rowarray = $db->fetch_rows_assoc();
/** * Display screen showing the allowed input format of the users file * * */ function displayShowFormat() { global $Language; $this->displayInput(); echo '<hr><h2>' . $Language->getText('project_admin_userimport', 'format_hdr') . '</h2>'; echo $Language->getText('project_admin_userimport', 'import_format', array(user_getemail(user_getid()))); }
function get($name) { if ($name == 'emailVerified') { return 1; } if ($name == 'email') { return user_getemail(user_getid()); } return parent::get($name); }
function plugin_forumml_process_mail($plug, $reply = false) { $request =& HTTPRequest::instance(); $hp =& ForumML_HTMLPurifier::instance(); // Instantiate a new Mail class $mail = new Codendi_Mail(); // Build mail headers $to = mail_get_listname_from_list_id($request->get('list')) . "@" . $GLOBALS['sys_lists_host']; $mail->setTo($to); $from = user_getrealname(user_getid()) . " <" . user_getemail(user_getid()) . ">"; $mail->setFrom($from); $vMsg = new Valid_Text('message'); if ($request->valid($vMsg)) { $message = $request->get('message'); } $subject = $request->get('subject'); $mail->setSubject($subject); if ($reply) { // set In-Reply-To header $hres = plugin_forumml_get_message_headers($request->get('reply_to')); $reply_to = db_result($hres, 0, 'value'); $mail->addAdditionalHeader("In-Reply-To", $reply_to); } $continue = true; if ($request->validArray(new Valid_Email('ccs')) && $request->exist('ccs')) { $cc_array = array(); $idx = 0; foreach ($request->get('ccs') as $cc) { if (trim($cc) != "") { $cc_array[$idx] = $hp->purify($cc, CODENDI_PURIFIER_FULL); $idx++; } } // Checks sanity of CC List $err = ''; if (!util_validateCCList($cc_array, $err)) { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_forumml', 'invalid_mail', $err)); $continue = false; } else { // add list of cc users to mail mime if (count($cc_array) > 0) { $cc_list = util_normalize_emails(implode(',', $cc_array)); $mail->setCc($cc_list, true); } } } if ($continue) { // Process attachments if (isset($_FILES["files"]) && count($_FILES["files"]['name']) > 0) { foreach ($_FILES["files"]['name'] as $i => $fileName) { $data = file_get_contents($_FILES["files"]["tmp_name"][$i]); $mime_type = $_FILES["files"]["type"][$i]; $mail->addAttachment($data, $mime_type, $fileName); } } $mail->setBodyText($message); if ($mail->send()) { $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_forumml', 'mail_succeed')); } else { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_forumml', 'mail_fail')); $continue = false; } } return $continue; }