Пример #1
0
/**
 * Sends an email, wrapping PHP's mail() function.
 * ALL emails sent by b2evolution must be sent through this function (for consistency and for logging)
 *
 * {@link $current_locale} will be used to set the charset.
 *
 * Note: we use a single \n as line ending, though it does not comply to {@link http://www.faqs.org/rfcs/rfc2822 RFC2822}, but seems to be safer,
 * because some mail transfer agents replace \n by \r\n automatically.
 *
 * @todo Unit testing with "nice addresses" This gets broken over and over again.
 *
 * @param string Recipient email address.
 * @param string Recipient name.
 * @param string Subject of the mail
 * @param string The message text
 * @param string From address, being added to headers (we'll prevent injections); see {@link http://securephp.damonkohler.com/index.php/Email_Injection}.
 *               Defaults to {@link GeneralSettings::get('notification_sender_email') } if NULL.
 * @param string From name.
 * @param array Additional headers ( headername => value ). Take care of injection!
 * @param integer User ID
 * @return boolean True if mail could be sent (not necessarily delivered!), false if not - (return value of {@link mail()})
 */
function send_mail($to, $to_name, $subject, $message, $from = NULL, $from_name = NULL, $headers = array(), $user_ID = NULL)
{
    global $servertimenow;
    // Stop a request from the blocked IP addresses
    antispam_block_ip();
    global $debug, $app_name, $app_version, $current_locale, $current_charset, $evo_charset, $locales, $Debuglog, $Settings, $demo_mode, $sendmail_additional_params;
    // Memorize email address
    $to_email_address = $to;
    $NL = "\r\n";
    if ($demo_mode) {
        // Debug mode restriction: Sending email in debug mode is not allowed
        return false;
    }
    if (!is_array($headers)) {
        // Make sure $headers is an array
        $headers = array($headers);
    }
    if (empty($from)) {
        $from = user_get_notification_sender($user_ID, 'email');
    }
    if (empty($from_name)) {
        $from_name = user_get_notification_sender($user_ID, 'name');
    }
    $return_path = $Settings->get('notification_return_path');
    // Add real name into $from...
    if (!is_windows()) {
        // fplanque: Windows XP, Apache 1.3, PHP 4.4, MS SMTP : will not accept "nice" addresses.
        if (!empty($to_name)) {
            $to = '"' . mail_encode_header_string($to_name) . '" <' . $to . '>';
        }
        if (!empty($from_name)) {
            $from = '"' . mail_encode_header_string($from_name) . '" <' . $from . '>';
        }
    }
    $from = mail_sanitize_header_string($from, true);
    // From has to go into headers
    $headers['From'] = $from;
    if (!empty($return_path)) {
        // Set a return path
        $headers['Return-Path'] = $return_path;
    }
    // echo 'sending email to: ['.htmlspecialchars($to).'] from ['.htmlspecialchars($from).']';
    $clear_subject = $subject;
    $subject = mail_encode_header_string($subject);
    $message = str_replace(array("\r\n", "\r"), $NL, $message);
    // Convert encoding of message (from internal encoding to the one of the message):
    // fp> why do we actually convert to $current_charset?
    // dh> I do not remember. Appears to make sense sending it unconverted in $evo_charset.
    // asimo> converting the message creates wrong output, no need for conversion, however this needs further investigation
    // $message = convert_charset( $message, $current_charset, $evo_charset );
    if (!isset($headers['Content-Type'])) {
        // Specify charset and content-type of email
        $headers['Content-Type'] = 'text/plain; charset=' . $current_charset;
    }
    $headers['MIME-Version'] = '1.0';
    $headers['Date'] = gmdate('r', $servertimenow);
    // ADDITIONAL HEADERS:
    $headers['X-Mailer'] = $app_name . ' ' . $app_version . ' - PHP/' . phpversion();
    $ip_list = implode(',', get_ip_list());
    if (!empty($ip_list)) {
        // Add X-Remote_Addr param only if its value is not empty
        $headers['X-Remote-Addr'] = $ip_list;
    }
    // COMPACT HEADERS:
    $headerstring = '';
    reset($headers);
    while (list($lKey, $lValue) = each($headers)) {
        // Add additional headers
        $headerstring .= $lKey . ': ' . $lValue . $NL;
    }
    // Set an additional parameter for the return path:
    if (!empty($sendmail_additional_params)) {
        $additional_parameters = str_replace(array('$from-address$', '$return-address$'), array($from, empty($return_path) ? $from : $return_path), $sendmail_additional_params);
    } else {
        $additional_parameters = '';
    }
    if (mail_is_blocked($to_email_address)) {
        // Check if the email address is blocked
        $Debuglog->add('Sending mail to &laquo;' . htmlspecialchars($to_email_address) . '&raquo; FAILED, because this email marked with spam or permanent errors.', 'error');
        mail_log($user_ID, $to_email_address, $clear_subject, $message, $headerstring, 'blocked');
        return false;
    }
    // SEND MESSAGE:
    if ($debug > 1) {
        // We agree to die for debugging...
        if (!mail($to, $subject, $message, $headerstring, $additional_parameters)) {
            mail_log($user_ID, $to_email_address, $clear_subject, $message, $headerstring, 'error');
            debug_die('Sending mail from &laquo;' . htmlspecialchars($from) . '&raquo; to &laquo;' . htmlspecialchars($to) . '&raquo;, Subject &laquo;' . htmlspecialchars($subject) . '&raquo; FAILED.');
        }
    } else {
        // Soft debugging only....
        if (!@mail($to, $subject, $message, $headerstring, $additional_parameters)) {
            $Debuglog->add('Sending mail from &laquo;' . htmlspecialchars($from) . '&raquo; to &laquo;' . htmlspecialchars($to) . '&raquo;, Subject &laquo;' . htmlspecialchars($subject) . '&raquo; FAILED.', 'error');
            mail_log($user_ID, $to_email_address, $clear_subject, $message, $headerstring, 'error');
            return false;
        }
    }
    $Debuglog->add('Sent mail from &laquo;' . htmlspecialchars($from) . '&raquo; to &laquo;' . htmlspecialchars($to) . '&raquo;, Subject &laquo;' . htmlspecialchars($subject) . '&raquo;.');
    mail_log($user_ID, $to_email_address, $clear_subject, $message, $headerstring, 'ok');
    return true;
}
Пример #2
0
 *   - GNU General Public License 2 (GPL) - http://www.opensource.org/licenses/gpl-license.php
 *   - Mozilla Public License 1.1 (MPL) - http://www.opensource.org/licenses/mozilla1.1.php
 * }}
 *
 * {@internal Open Source relicensing agreement:
 * }}
 *
 * @package htsrv
 */
/**
 * Initialize everything:
 */
require_once dirname(__FILE__) . '/../conf/_config.php';
require_once $inc_path . '_main.inc.php';
// Stop a request from the blocked IP addresses
antispam_block_ip();
// Getting GET or POST parameters:
param('comment_post_ID', 'integer', true);
// required
param('redirect_to', 'url', '');
param('reply_ID', 'integer', 0);
$action = param_arrayindex('submit_comment_post_' . $comment_post_ID, 'save');
$ItemCache =& get_ItemCache();
$commented_Item =& $ItemCache->get_by_ID($comment_post_ID);
// Make sure Blog is loaded
$commented_Item->load_Blog();
$blog = $commented_Item->Blog->ID;
// Re-Init charset handling, in case current_charset has changed:
locale_activate($commented_Item->Blog->get('locale'));
if (init_charsets($current_charset)) {
    // Reload Blog(s) (for encoding of name, tagline etc):