Exemplo n.º 1
0
 /**
  * Sends email for ContactFormPro.
  *
  * Message information is extract from Post vars.
  *
  * @return object
  */
 static function sendmail()
 {
     jimport('joomla.mail.helper');
     $params = self::getParams();
     $response->status = 1001;
     $response->message = "";
     if (JRequest::getString("error_message")) {
         $response->message .= html_entity_decode(urldecode(JRequest::getString("error_message")));
     } else {
         $response->message .= '<p>' . JText::_('PLG_SYSTEM_CONTACTFORMPRO_GENERIC_ERROR') . '</p>';
     }
     if (!JRequest::checkToken()) {
         $respons->status = 9999;
         $response->message .= '<p>' . JText::_('JINVALID_TOKEN') . '</p>';
     }
     // Check for a valid session cookie
     if ($params->get('validate_session', 0)) {
         if (JFactory::getSession()->getState() != 'active') {
             $respons->status = 9999;
             $response->message .= '<p>' . JText::_('JINVALID_TOKEN') . '</p>';
         }
     }
     $debug = JRequest::getVar('debug');
     $mailto = JRequest::getVar('mailto');
     if ($mailto) {
         $mailto = base64_decode($mailto);
         $mailto = explode(';', $mailto);
     } else {
         $response->status = 1101;
         $response->message .= '<p>' . JText::_('PLG_SYSTEM_CONTACTFORMPRO_MAILTO_MISSING') . '</p>';
     }
     $sender_email = JRequest::getVar('sender_email');
     if (!$sender_email || !JMailHelper::isEmailAddress($sender_email)) {
         $response->status = 1201;
         $response->message .= '<p>' . JText::_('PLG_SYSTEM_CONTACTFORMPRO_SENDER_EMAIL_MISSING') . '</p>';
     }
     $message = stripslashes(JRequest::getVar('message'));
     if (!$message || $message == '') {
         $response->status = 1301;
         $response->message .= '<p>' . JText::_('PLG_SYSTEM_CONTACTFORMPRO_MESSAGE_MISSING') . '</p>';
     }
     $sender_name = stripslashes(JRequest::getVar('sender_name'));
     if (!$sender_name || $sender_name == '') {
         $response->status = 1401;
         $response->message .= '<p>' . JText::_('PLG_SYSTEM_CONTACTFORMPRO_SENDER_NAME_MISSING') . '</p>';
     }
     $subject = stripslashes(JRequest::getVar('subject'));
     if (!$subject || $subject == '') {
         $response->status = 1501;
         $response->message .= '<p>' . JText::_('PLG_SYSTEM_CONTACTFORMPRO_SUBJECT_MISSING') . '</p>';
     }
     if (!CFPHelper::validateCaptcha()) {
         $response->status = 1601;
         $response->message .= '<p>' . JText::_('PLG_SYSTEM_CONTACTFORMPRO_CAPTCHA_REQUIRE') . '</p>';
     }
     if ($response->status > 1001) {
         return $response;
     }
     $encoding = JRequest::getVar('encoding');
     $encoding || ($encoding = "UTF-8");
     // header injection test
     // An array of e-mail headers we do not want to allow as input
     $headers = array('Content-Type:', 'MIME-Version:', 'Content-Transfer-Encoding:', 'bcc:', 'cc:');
     // An array of the input fields to scan for injected headers
     $fields = array('mailto', 'sender_name', 'sender_email', 'subject');
     // iterate over variables and search for headers
     foreach ($fields as $field) {
         foreach ($headers as $header) {
             if (strpos(JRequest::getVar($field), $header) !== false) {
                 JError::raiseError(403, '');
             }
         }
     }
     unset($headers, $fields);
     $emailSubject = sprintf(JText::_('PLG_SYSTEM_CONTACTFORMPRO_EMAIL_SUBJECT'), $sender_name);
     // add header
     $emailBody = '
         <p><b>' . JText::_('PLG_SYSTEM_CONTACTFORMPRO_SUBJECT_LABEL') . '</b>: ' . JMailHelper::cleanBody($subject) . '</p>
         <p></p>
         <p><b>' . JText::_('PLG_SYSTEM_CONTACTFORMPRO_MESSAGE_LABEL') . ' : </b></p>
         <p>' . JMailHelper::cleanBody(nl2br($message)) . '</p>
         <p></p>
         <p>' . $sender_name . '
             <br />' . $sender_email . '</p>
         <p></p>
         <p></p>
         <p><small>' . JText::_('PLG_SYSTEM_CONTACTFORMPRO_GENERATED_BY') . $_SERVER['HTTP_REFERER'] . '</small></p>';
     $emailBody = mb_convert_encoding($emailBody, 'HTML-ENTITIES', $encoding);
     $adminemail = $params->get('fixedaddress');
     if ($adminemail) {
         $bcc = explode(';', $adminemail);
     } else {
         $bcc = array();
     }
     if (JRequest::getBool('receive_copy')) {
         $bcc[] = $sender_email;
     }
     $error_info = CFPHelper::_send_email($sender_name, $sender_email, $mailto, $emailSubject, $emailBody, $bcc, true);
     if ($error_info == '') {
         $response->status = 1;
         if (JRequest::getString("success_message")) {
             $response->message = html_entity_decode(urldecode(JRequest::getString("success_message")));
         } else {
             $response->message = JText::_('PLG_SYSTEM_CONTACTFORMPRO_SUCCESS');
         }
     } else {
         $response->status = 1501;
         if (JRequest::getString("error_message")) {
             $response->message = html_entity_decode(urldecode(JRequest::getString("success_message")));
         } else {
             if ($debug) {
                 $response->message = $error_info;
             } else {
                 $response->message = JText::_('PLG_SYSTEM_CONTACTFORMPRO_GENERIC_ERROR');
             }
         }
     }
     return $response;
 }