function contact_post()
{
jabRequire("captcha");
global $jab;
global $contact;
// Retrieve model values
$model['contact'] = $contact;
$model['name'] = jabRequestParam('Name');
$model['email'] = jabRequestParam('Email');
$model['message'] = jabRequestParam('Message');
if (strlen($model['name']) == 0) {
$model['errors'][] = "Name is missing";
}
if (!jabIsValidEmail($model['email'])) {
$model['errors'][] = "Invalid email address";
}
if (strlen($model['message']) == 0) {
$model['errors'][] = "You haven't entered a message";
}
// Check recapture OK
$error = jabCheckCaptcha();
if ($error !== true) {
$model['errors'][] = $error;
}
if (sizeof($model['errors']) > 0) {
return jabRenderView("contact_view_form.php", $model);
}
$model['to'] = $contact['emailTo'];
$model['from'] = "\"" . $model['name'] . "\" <" . $model['email'] . ">";
$model['subject'] = $contact['emailSubject'];
if (!jabRenderMail("contact_email.php", $model)) {
$model['send_error'] = true;
jabRenderView("contact_view_form.php", $model);
} else {
jabRenderView("contact_view_success.php", null);
}
}
function InitFromForm(&$errors)
{
$this->Name = jabRequestParam("Name");
$this->Email = jabRequestParam("Email");
$this->Website = jabRequestParam("Website");
$this->Content = jabRequestParam("Content");
$this->ByAuthor = false;
global $blog;
if (jabCanUser("author")) {
$this->ByAuthor = true;
$this->Name = $blog['managingEditor'];
$this->Email = $blog['notifyEmailFrom'];
if (isset($blog['authorSite'])) {
$this->Website = $blog['authorSite'];
} else {
$this->Website = "http://" . $_SERVER['HTTP_HOST'];
}
}
if (strlen($this->Name) == 0) {
$errors[] = "Please enter your name";
}
if (strlen($this->Email) != 0 && !jabIsValidEmail($this->Email)) {
$errors[] = "Email address is not valid";
}
if (strlen($this->Content) == 0) {
$errors[] = "No article content";
}
return sizeof($errors) == 0;
}
function register_post($username, $email, $password, $password2)
{
$model['username'] = $username;
$model['email'] = $email;
if (strlen($username) == 0) {
$model['errors'][] = "Please enter a username";
}
if (strpos($username, "/") !== false || strpos($username, "\\") !== false || strpos($username, "<") !== false) {
$model['errors'][] = "User name contains invalid characters";
}
if (strlen($password) == 0) {
$model['errors'][] = "Please enter a password";
}
if ($password != $password2) {
$model['errors'][] = "Re-typed password didn't match";
}
if (!jabIsValidEmail($email)) {
$model['errors'][] = "Please enter a valid email address";
}
if (sizeof($model['errors'])) {
return jabRenderView("auth_view_register.php", $model);
}
global $auth;
try {
// Setup model
$model['activationId'] = md5($username . $email . date(DATE_RFC822));
$model['activateUrl'] = "http://" . $_SERVER['HTTP_HOST'] . "/" . $auth['routePrefix'] . "/activate/" . urlencode($username) . "/" . $model['activationId'];
$model['auth'] = $auth;
$model['to'] = $email;
$model['from'] = $auth['adminEmail'];
$model['subject'] = "Welcome to " . $auth['sitename'];
// Create the account
$stmt = $auth['pdo']->prepare("INSERT INTO {$auth['tablePrefix']}Users(username, email, password, rights, activationId, activated, enabled) VALUES (:username, :email, :password, :rights, :activationId, 0, 1);");
$stmt->bindValue(":username", $username);
$stmt->bindValue(":email", $email);
$stmt->bindValue(":password", md5($password));
$stmt->bindValue(":rights", $auth['defaultRights']);
$stmt->bindValue(":activationId", $model['activationId']);
$stmt->execute();
// Send registration email
jabRenderMail("auth_email_register.php", $model);
return jabRenderView("auth_view_register_success.php", $model);
} catch (Exception $ex) {
$model['errors'][] = "Failed to register account, please try a different account name";
$model['errors'][] = htmlspecialchars($ex->getMessage());
return jabRenderView("auth_view_register.php", $model);
}
}