function renderPreviewList()
{
$options = array('date_min' => getDateTimeFieldValue('time_start'), 'date_max' => getDateTimeFieldValue('time_end'));
### author
if (intval(get('person'))) {
$options['modified_by'] = get('person');
}
### Object types
$types = array();
if (get('type_task') || get('type_topic')) {
$types[] = ITEM_TASK;
}
if (get('type_comment')) {
$types[] = ITEM_COMMENT;
}
$options['type'] = $types;
$items = DbProjectItem::getAll($options);
echo "<ol>";
foreach ($items as $item) {
if ($item->type == ITEM_COMMENT) {
$comment = Comment::getById($item->id);
if (get('only_spam_comments') && !isSpam($comment->name . " " . $comment->description)) {
continue;
}
renderRemovalPreviewComment($comment);
}
if ($item->type == ITEM_TASK) {
$task = Task::getById($item->id);
renderRemovalPreviewTask($task);
}
}
echo "</ol>";
}
#$msg = preg_replace("/[^\r]\n/","\r\n",$msg);
$ok = true;
$errors = array();
if (!isValidEmailAddress($from_email)) {
$ok = false;
$errors['from_email'] = 'Please specify a valid email address';
}
if (!isValidRealName($from_name)) {
$ok = false;
$errors['from_name'] = 'Only letters A-Z, a-z, hyphens and apostrophes allowed';
}
if (strlen($msg) == 0) {
$ok = false;
$errors['msg'] = "Please enter a message to send";
}
if (isSpam($msg)) {
$ok = false;
$errors['msg'] = "Sorry, this looks like spam";
}
if (!$ok) {
die("ERROR: " . implode('. ', $errors));
}
$smarty->assign_by_ref('msg', $msg);
$smarty->assign_by_ref('contactmail', $CONF['abuse_email']);
$enc_from_name = mb_encode_mimeheader($from_name, $CONF['mail_charset'], $CONF['mail_transferencoding']);
$smarty->assign('http_host', "{$_SERVER['HTTP_HOST']} on behalf of {$domain}");
$body = $smarty->fetch('email_usermsg.tpl');
$subject = "{$from_name} contacting you via {$domain}";
$encsubject = mb_encode_mimeheader($CONF['mail_subjectprefix'] . $subject, $CONF['mail_charset'], $CONF['mail_transferencoding']);
$ip = getRemoteIP();
$hostname = trim(`hostname -f`);
onSend($to, $from, $message);
echo json_encode(array("message" => "Message sent!", "status" => "OK"));
} else {
echo json_encode(array("message" => "Spam", "status" => "ERROR"));
}
} else {
if ($ident == "C") {
$message = str_replace("&", "&", $message);
$message = str_replace("§", "?", $message);
$parts = explode(";", $message);
$message = $parts[0];
$attachments = "";
for ($i = 1; $i < count($parts); $i++) {
$attachments .= $parts[$i] . ";";
}
if (!isSpam($to, $from, $message)) {
if (!$debug) {
mysql_query("INSERT INTO `mail` (`to`, `from`, `message`, `unread`, `complex`, `attachments`, `sent`, `sent_from`, `pluginname`) VALUES ('{$to}', '{$from}', '{$message}', '1', '1', '{$attachments}', '{$now}', '{$ip}', '{$pluginname}')") or die(mysql_error());
}
onComplexSend($to, $from, $message);
echo json_encode(array("message" => "Message sent!", "status" => "OK"));
} else {
echo json_encode(array("message" => "Spam", "status" => "ERROR"));
}
} else {
echo json_encode(array("message" => "Unknown ident", "status" => "ERROR"));
}
}
} else {
echo json_encode(array("message" => "User does not exist", "status" => "ERROR", "missingUsername" => $to));
}
function do_comment($id)
{
$entry = $this->get('Entry', $id);
if (isPost()) {
$comment = new Comment();
$comment->name = param('name');
$comment->email = param('email');
$comment->body = param('body');
$comment->action = param('action');
if (isSpam(null, null, $comment->body)) {
$this->show_error('Yuck, that didn\'t taste very good!');
}
// Gather up relationships to save
$rels = array($entry);
if ($this->currentUser) {
$rels[] = $this->currentUser;
}
// Save the entry
$comment->save($rels);
}
redirect(url_to($entry, 'show'));
}
function validateNotSpam($str)
{
global $PH;
global $auth;
if (confGet('REJECT_SPAM_CONTENT') && $auth->cur_user->id == confGet('ANONYMOUS_USER') && isSpam($str)) {
log_message(sprintf("rejected spam comment from %s with %s", getServerVar('REMOTE_ADDR'), getSpamProbability($str)), LOG_MESSAGE_HACKING_ALERT);
$PH->abortWarning(__("Comment has been rejected, because it looks like spam."));
}
}
function validateNotSpam($field_names, $error_message)
{
global $form, $validation;
if (is_array($field_names)) {
//field_names is already an array
foreach ($field_names as $name) {
validateNotSpam($name, $error_message);
}
} elseif (strpos($field_names, ',') !== false) {
//field_names is comma-delimited
$field_names = explode(',', $field_names);
foreach ($field_names as $name) {
validateNotSpam(trim($name), $error_message);
}
} elseif ($field_names != '') {
//assume field_names is one field
if (isSpam($field_names)) {
$validation[$field_names] = filterErrorMessage($field_names, $error_message);
}
}
}
