/**
* Handles the editorbrowser.
*
* @return void
*
* @global array The paths of system files and folders.
* @global XH\CSRFProtection The CSRF protector.
* @global Filebrowser_Controller The filebrowser controller.
*/
function ImageUploader_forEditor()
{
global $cf;
$imgUploader = new Tinymce4\Uploader();
$imgUploader->setBrowseBase(CMSIMPLE_BASE);
$imgUploader->setMaxFileSize('images', $cf['images']['maxsize']);
$imgUploader->linkType = 'images';
$imgUploader->baseDirectory = $imgUploader->baseDirectories['userfiles'];
$imgUploader->currentDirectory = $imgUploader->baseDirectories['images'];
if (isset($_GET['subdir'])) {
$subdir = str_replace(array('../', './', '?', '<', '>', ':'), '', $_GET['subdir']);
if (strpos($subdir, $imgUploader->baseDirectory) === 0) {
$imgUploader->currentDirectory = rtrim($subdir, '/') . '/';
}
}
$imgUploader->determineCurrentType();
reset($_FILES);
if ($imgUploader->uploadFile(current($_FILES))) {
echo json_encode(array('location' => $imgUploader->fileWritten));
} else {
foreach ($imgUploader->errMsg as $key => $val) {
XH_logMessage('error', 'uploadFile', 'tinymce4', $key . ': ' . $val);
}
// Notify editor that the upload failed
header("HTTP/1.0 500 Server Error");
}
}
/**
* Sends the mail and returns whether that was successful.
*
* @param string $id A form ID.
* @param bool $confirmation Whether to send the confirmation mail.
*
* @return bool
*
* @global array The paths of system files and folders.
* @global string The current language.
* @global array The configuration of the plugins.
* @global array The localization of the plugins.
* @global string The (X)HTML fragment that contains error messages.
*/
function Advancedform_mail($id, $confirmation)
{
global $pth, $sl, $plugin_cf, $plugin_tx, $e;
include_once $pth['folder']['plugins'] . 'advancedform/phpmailer/class.phpmailer.php';
$pcf = $plugin_cf['advancedform'];
$ptx = $plugin_tx['advancedform'];
$forms = Advancedform_db();
$form = $forms[$id];
$type = strtolower($pcf['mail_type']);
$from = '';
$from_name = '';
foreach ($form['fields'] as $field) {
if ($field['type'] == 'from_name') {
$from_name = stsl($_POST['advfrm-' . $field['field']]);
} elseif ($field['type'] == 'from') {
$from = stsl($_POST['advfrm-' . $field['field']]);
}
}
if ($confirmation && empty($from)) {
$e .= '<li>' . $ptx['error_missing_sender'] . '</li>' . PHP_EOL;
return false;
}
$mail = new PHPMailer();
$mail->LE = $pcf['mail_line_ending_*nix'] ? "\n" : "\r\n";
$mail->set('CharSet', 'UTF-8');
$mail->SetLanguage($sl, $pth['folder']['plugins'] . 'advancedform/phpmailer/language/');
$mail->set('WordWrap', 72);
if ($confirmation) {
$mail->set('From', $form['to']);
$mail->set('FromName', $form['to_name']);
$mail->AddAddress($from, $from_name);
} else {
$mail->set('From', $from);
$mail->set('FromName', $from_name);
$mail->AddAddress($form['to'], $form['to_name']);
foreach (explode(';', $form['cc']) as $cc) {
if (trim($cc) != '') {
$mail->AddCC($cc);
}
}
foreach (explode(';', $form['bcc']) as $bcc) {
if (trim($bcc) != '') {
$mail->AddBCC($bcc);
}
}
}
if ($confirmation) {
$mail->set('Subject', sprintf($ptx['mail_subject_confirmation'], $form['title'], $_SERVER['SERVER_NAME']));
} else {
$mail->set('Subject', sprintf($ptx['mail_subject'], $form['title'], $_SERVER['SERVER_NAME'], $_SERVER['REMOTE_ADDR']));
}
$mail->IsHtml($type != 'text');
if ($type == 'text') {
$mail->set('Body', Advancedform_mailBody($id, !$confirmation, false));
} else {
$body = Advancedform_mailBody($id, !$confirmation, true);
$mail->MsgHTML($body);
$mail->set('AltBody', Advancedform_mailBody($id, !$confirmation, false));
}
if (!$confirmation) {
foreach ($form['fields'] as $field) {
if ($field['type'] == 'file') {
$name = 'advfrm-' . $field['field'];
$mail->AddAttachment($_FILES[$name]['tmp_name'], stsl($_FILES[$name]['name']));
}
}
}
if (function_exists('advfrm_custom_mail')) {
if (advfrm_custom_mail($id, $mail, $confirmation) === false) {
return true;
}
}
$ok = $mail->Send();
if (!$confirmation) {
if (!$ok) {
$message = !empty($mail->ErrorInfo) ? Advancedform_hsc($mail->ErrorInfo) : $ptx['error_mail'];
$e .= '<li>' . $message . '</li>' . PHP_EOL;
}
if (function_exists('XH_logMessage')) {
$type = $ok ? 'info' : 'error';
$message = $ok ? $ptx['log_success'] : $ptx['log_error'];
$message = sprintf($message, $from);
XH_logMessage($type, 'Advancedform', $id, $message);
}
}
return $ok;
}
/**
* Sends the mail and returns whether that was successful.
*
* @return bool
*
* @global string The current language.
* @global array The configuration of the plugins.
* @global array The localization of the plugins.
* @global string The (X)HTML fragment that contains error messages.
*/
public function send()
{
global $sl, $plugin_cf, $plugin_tx, $e;
$pcf = $plugin_cf['advancedform'];
$ptx = $plugin_tx['advancedform'];
$type = strtolower($pcf['mail_type']);
$this->mail->LE = $pcf['mail_line_ending_*nix'] ? "\n" : "\r\n";
$this->mail->set('CharSet', 'UTF-8');
$this->mail->SetLanguage($sl, $this->pluginFolder . 'phpmailer/language/');
$this->mail->set('WordWrap', 72);
if (!$this->determineAddresses()) {
return false;
}
if ($this->isConfirmation) {
$this->mail->set('Subject', sprintf($ptx['mail_subject_confirmation'], $this->form->getTitle(), $_SERVER['SERVER_NAME']));
} else {
$this->mail->set('Subject', sprintf($ptx['mail_subject'], $this->form->getTitle(), $_SERVER['SERVER_NAME'], $_SERVER['REMOTE_ADDR']));
}
$this->mail->IsHtml($type != 'text');
if ($type == 'text') {
$this->mail->set('Body', $this->getBody(false));
} else {
$body = $this->getBody(true);
$this->mail->MsgHTML($body);
$this->mail->set('AltBody', $this->getBody(false));
}
if (!$this->isConfirmation) {
foreach ($this->form->getFields() as $field) {
$field = Field::make($field);
if ($field->getType() == 'file') {
$name = 'advfrm-' . $field->getName();
$this->mail->AddAttachment($_FILES[$name]['tmp_name'], stsl($_FILES[$name]['name']));
}
}
}
if (function_exists('advfrm_custom_mail')) {
$customResult = advfrm_custom_mail($this->form->getName(), $this->mail, $this->isConfirmation);
if ($customResult === false) {
return true;
}
}
$ok = $this->mail->Send();
if (!$this->isConfirmation) {
if (!$ok) {
$message = !empty($this->mail->ErrorInfo) ? XH_hsc($this->mail->ErrorInfo) : $ptx['error_mail'];
$e .= '<li>' . $message . '</li>' . PHP_EOL;
}
if (function_exists('XH_logMessage')) {
$type = $ok ? 'info' : 'error';
$message = $ok ? $ptx['log_success'] : $ptx['log_error'];
$message = sprintf($message, $this->mail->From);
XH_logMessage($type, 'Advancedform', $this->form->getName(), $message);
}
}
return $ok;
}