function sendMail()
{
global $database, $my, $acl, $adminLanguage;
global $mosConfig_sitename, $mosConfig_debug;
global $mosConfig_mailfrom, $mosConfig_fromname;
$n = 0;
$message_body = mosGetParam($_POST, 'mm_message', '');
$message_body = stripslashes($message_body);
$subject = mosGetParam($_POST, 'mm_subject', '');
$gou = mosGetParam($_POST, 'mm_group', NULL);
$recurse = mosGetParam($_POST, 'mm_recurse', 'NO_RECURSE');
if (!$message_body || !$subject || $gou === null) {
mosRedirect("index2.php?option=com_massmail&mosmsg=" . $adminLanguage->A_COMP_MASS_FILL);
}
// get users in the group out of the acl
$to = $acl->get_group_objects($gou, 'ARO', $recurse);
$rows = array();
if (count($to['users']) || $gou === '0') {
// Get sending email address
$database->setQuery("SELECT email FROM #__users WHERE id='{$my->id}'");
$my->email = $database->loadResult();
// Get all users email and group except for senders
$database->setQuery("SELECT email FROM #__users" . "\n WHERE id != '{$my->id}'" . ($gou !== '0' ? " AND id IN (" . implode(',', $to['users']) . ")" : ""));
$rows = $database->loadObjectList();
// Build e-mail message format
$message_header = sprintf(_MASSMAIL_MESSAGE, $mosConfig_sitename);
$message = $message_header . $message_body;
$subject = $mosConfig_sitename . ' / ' . stripslashes($subject);
//Send email
foreach ($rows as $row) {
mosMail($mosConfig_mailfrom, $mosConfig_fromname, $row->email, $subject, $message);
}
}
mosRedirect("index2.php", $adminLanguage->A_COMP_MASS_SENT . " " . count($rows) . " " . $adminLanguage->A_COMP_MASS_USERS);
}
function sendmail()
{
global $mosConfig_usecaptcha;
$captcha_success = 0;
if ($mosConfig_usecaptcha == '1') {
session_name('mos_captcha');
session_start();
$spamstop = mosGetParam($_POST, 'spamstop', '');
if (isset($_SESSION['code']) && $_SESSION['code'] != "" && $_SESSION['code'] == $spamstop) {
$captcha_success = 1;
// success
} else {
$captcha_success = 2;
// fail
}
}
if ($captcha_success != '2') {
$contact = new mosContact();
$contact->load($this->con_id);
$default = mamboCore::get('mosConfig_sitename') . ' ' . T_('Enquiry');
$email = mosGetParam($_POST, 'email', '');
$text = mosGetParam($_POST, 'text', '');
$name = mosGetParam($_POST, 'name', '');
$subject = mosGetParam($_POST, 'subject', $default);
$email_copy = mosGetParam($_POST, 'email_copy', 0);
if (!$email or !$text or !$this->is_email($email) or $this->has_emailheaders($text) or $this->has_newlines($email) or $this->has_newlines($name) or $this->has_newlines($subject) or !isset($_SERVER['HTTP_USER_AGENT']) or $_SERVER['REQUEST_METHOD'] != 'POST') {
echo "<script>alert (\"" . T_('Please make sure the form is complete and valid.') . "\"); window.history.go(-1);</script>";
exit(0);
}
$prefix = sprintf(T_('This is an enquiry e-mail via %s from:'), mamboCore::get('mosConfig_live_site'));
$text = $prefix . "\n" . $name . ' <' . $email . '>' . "\n\n" . $text;
mosMail($email, $name, $contact->email_to, mamboCore::get('mosConfig_fromname') . ': ' . $subject, $text);
if ($email_copy) {
$copy_text = sprintf(T_('The following is a copy of the message you sent to %s via %s '), $contact->name, mamboCore::get('mosConfig_sitename'));
$copy_text = $copy_text . "\n\n" . $text . '';
$copy_subject = sprintf(T_('Copy of: %s'), $subject);
mosMail(mamboCore::get('mosConfig_mailfrom'), mamboCore::get('mosConfig_fromname'), $email, $copy_subject, $copy_text);
}
?>
<script>
alert( "<?php
echo T_('Thank you for your e-mail ') . $name;
?>
" );
document.location.href='<?php
echo sefRelToAbs('index.php?option=com_contact&Itemid=' . $this->Itemid);
?>
';
</script>
<?php
} else {
echo "<SCRIPT> alert('Incorrect Security Code'); window.history.go(-1);</SCRIPT>";
}
}
function sendMail()
{
global $database, $my, $acl;
global $mosConfig_sitename;
global $mosConfig_mailfrom, $mosConfig_fromname;
josSpoofCheck();
$mode = intval(mosGetParam($_POST, 'mm_mode', 0));
$subject = strval(mosGetParam($_POST, 'mm_subject', ''));
$gou = mosGetParam($_POST, 'mm_group', NULL);
$recurse = strval(mosGetParam($_POST, 'mm_recurse', 'NO_RECURSE'));
// pulls message inoformation either in text or html format
if ($mode) {
$message_body = $_POST['mm_message'];
} else {
// automatically removes html formatting
$message_body = strval(mosGetParam($_POST, 'mm_message', ''));
}
$message_body = stripslashes($message_body);
if (!$message_body || !$subject || $gou === null) {
mosRedirect('index2.php?option=com_massmail&mosmsg=Please fill in the form correctly');
}
// get users in the group out of the acl
$to = $acl->get_group_objects($gou, 'ARO', $recurse);
$rows = array();
if (count($to['users']) || $gou === '0') {
// Get sending email address
$query = "SELECT email" . "\n FROM #__users" . "\n WHERE id = " . (int) $my->id;
$database->setQuery($query);
$my->email = $database->loadResult();
mosArrayToInts($to['users']);
$user_ids = 'id=' . implode(' OR id=', $to['users']);
// Get all users email and group except for senders
$query = "SELECT email" . "\n FROM #__users" . "\n WHERE id != " . (int) $my->id . ($gou !== '0' ? " AND ( {$user_ids} )" : '');
$database->setQuery($query);
$rows = $database->loadObjectList();
// Build e-mail message format
$message_header = sprintf(_MASSMAIL_MESSAGE, html_entity_decode($mosConfig_sitename, ENT_QUOTES));
$message = $message_header . $message_body;
$subject = html_entity_decode($mosConfig_sitename, ENT_QUOTES) . ' / ' . stripslashes($subject);
//Send email
foreach ($rows as $row) {
mosMail($mosConfig_mailfrom, $mosConfig_fromname, $row->email, $subject, $message, $mode);
}
}
$msg = 'E-mail sent to ' . count($rows) . ' users';
mosRedirect('index2.php?option=com_massmail', $msg);
}
function sendMail()
{
global $database, $my, $acl;
global $mosConfig_sitename;
global $mosConfig_mailfrom, $mosConfig_fromname;
$mode = mosGetParam($_POST, 'mm_mode', 0);
$subject = mosGetParam($_POST, 'mm_subject', '');
$gou = mosGetParam($_POST, 'mm_group', NULL);
$recurse = mosGetParam($_POST, 'mm_recurse', 'NO_RECURSE');
$inc_blocked = mosGetParam($_POST, 'inc_blocked', 0);
// pulls message inoformation either in text or html format
if ($mode) {
$message_body = $_POST['mm_message'];
} else {
// automatically removes html formatting
$message_body = mosGetParam($_POST, 'mm_message', '');
}
$message_body = stripslashes($message_body);
if (!$message_body || !$subject || $gou === null) {
$msg = T_('Please fill in the form correctly');
mosRedirect('index2.php?option=com_massmail&mosmsg=' . $msg);
}
// get users in the group out of the acl
$to = $acl->get_group_objects($gou, 'ARO', $recurse);
$rows = array();
if (count($to['users']) || $gou === '0') {
// Get sending email address
$query = "SELECT email FROM #__users WHERE id='{$my->id}'";
$database->setQuery($query);
$my->email = $database->loadResult();
// Get all users email and group except for senders
$query = "SELECT email FROM #__users" . "\n WHERE id != '{$my->id}'" . ($inc_blocked !== '0' ? " AND block = 0 " : '') . ($gou !== '0' ? " AND id IN (" . implode(',', $to['users']) . ")" : '');
$database->setQuery($query);
$rows = $database->loadObjectList();
// Build e-mail message format
$message_header = sprintf(T_("This is an email from '%s'\n\nMessage:\n"), $mosConfig_sitename);
$message = $message_header . $message_body;
$subject = $mosConfig_sitename . ' / ' . stripslashes($subject);
//Send email
foreach ($rows as $row) {
mosMail($mosConfig_mailfrom, $mosConfig_fromname, $row->email, $subject, $message, $mode);
}
}
$msg = sprintf(Tn_('E-mail sent to %d user.', 'E-mail sent to %d users.', count($rows)), count($rows));
mosRedirect('index2.php?option=com_massmail', $msg);
}
function send($from_id = null, $to_id = null, $subject = null, $message = null)
{
global $database, $mosConfig_mailfrom, $mosConfig_fromname;
if (is_object($this)) {
$from_id = $from_id ? $from_id : $this->user_id_from;
$to_id = $to_id ? $to_id : $this->user_id_to;
$subject = $subject ? $subject : $this->subject;
$message = $message ? $message : $this->message;
}
$query = "SELECT cfg_name, cfg_value" . "\n FROM #__messages_cfg" . "\n WHERE user_id = " . (int) $to_id;
$database->setQuery($query);
$config = $database->loadObjectList('cfg_name');
$locked = @$config['lock']->cfg_value;
$domail = @$config['mail_on_new']->cfg_value;
if (!$locked) {
$this->user_id_from = $from_id;
$this->user_id_to = $to_id;
$this->subject = $subject;
$this->message = $message;
$this->date_time = date('Y-m-d H:i:s');
if ($this->store()) {
if ($domail) {
$query = "SELECT email" . "\n FROM #__users" . "\n WHERE id = " . (int) $to_id;
$database->setQuery($query);
$recipient = $database->loadResult();
$subject = _NEW_MESSAGE;
$msg = _NEW_MESSAGE;
mosMail($mosConfig_mailfrom, $mosConfig_fromname, $recipient, $subject, $msg);
}
return true;
}
} else {
if (is_object($this)) {
$this->_error = _MESSAGE_FAILED;
}
}
return false;
}
function send($from_id = null, $to_id = null, $subject = null, $message = null)
{
global $database;
global $mosConfig_site_name;
if (is_object($this)) {
$from_id = $from_id ? $from_id : $this->user_id_from;
$to_id = $to_id ? $to_id : $this->user_id_to;
$subject = $subject ? $subject : $this->subject;
$message = $message ? $message : $this->message;
}
$database->setQuery("SELECT cfg_name, cfg_value" . "\nFROM #__messages_cfg" . "\nWHERE user_id='{$to_id}'");
$config = $database->loadObjectList('cfg_name');
$locked = @$config['lock']->cfg_value;
$domail = @$config['mail_on_new']->cfg_value;
if (!$locked) {
$this->user_id_from = $from_id;
$this->user_id_to = $to_id;
$this->subject = $subject;
$this->message = $message;
$this->date_time = date("Y-m-d H:i:s");
if ($this->store()) {
if ($domail) {
$database->setQuery("SELECT email FROM #__users WHERE id='{$to_id}'");
$recipient = $database->loadResult();
$subject = T_('A new private message has arrived');
$msg = T_('A new private message has arrived');
mosMail($mosConfig_mailfrom, $mosConfig_fromname, $recipient, $subject, $msg);
}
return true;
}
} else {
if (is_object($this)) {
$this->_error = T_('The user has locked their mailbox. Message failed.');
}
}
return false;
}
/**
* Shows the email form for a given content item.
*/
function emailContentSend($uid)
{
global $database, $mainframe;
global $mosConfig_live_site, $mosConfig_sitename;
global $mosConfig_mailfrom, $mosConfig_fromname;
$_Itemid = $mainframe->getItemid($uid, 0, 0);
$email = trim(mosGetParam($_POST, 'email', ''));
$yourname = trim(mosGetParam($_POST, 'yourname', ''));
$youremail = trim(mosGetParam($_POST, 'youremail', ''));
$subject_default = sprintf(T_('Item sent by %s'), $yourname);
$subject = trim(mosGetParam($_POST, 'subject', $subject_default));
session_start();
$form_check = mosGetParam($_POST, 'form_check', '');
if (empty($_SESSION['_form_check_']['com_content']) || $form_check != $_SESSION['_form_check_']['com_content']) {
// the form hasn't been generated by the server on this session
exit;
}
if (!$email || !$youremail || is_email($email) == false || is_email($youremail) == false) {
echo "<script>alert (\"" . T_('You must enter valid e-mail addresses for both yourself and your recipient.') . "\"); window.history.go(-1);</script>";
exit(0);
}
$template = '';
$database->setQuery("SELECT template FROM #__templates_menu WHERE client_id='0' AND menuid='0'");
$template = $database->loadResult();
// link sent in email
$link = sefRelToAbs($mosConfig_live_site . '/index.php?option=com_content&task=view&id=' . $uid . '&Itemid=' . $_Itemid);
// message text
$msg = sprintf(T_(' The following page from the \\"%s\\" website has been sent to you by %s ( %s ).\\n\\nYou can access it at the following url:\\n%s'), $mosConfig_sitename, $yourname, $youremail, $link);
// mail function
mosMail($mosConfig_mailfrom, $mosConfig_fromname, $email, $subject, $msg);
HTML_content::emailSent($email, $template);
}
/**
* Shows the email form for a given content item.
*/
function emailContentSend($uid)
{
global $database, $mainframe;
global $mosConfig_live_site, $mosConfig_sitename;
global $mosConfig_mailfrom, $mosConfig_fromname;
$_Itemid = $mainframe->getItemid($uid, 0, 0);
$email = trim(mosGetParam($_POST, 'email', ''));
$yourname = trim(mosGetParam($_POST, 'yourname', ''));
$youremail = trim(mosGetParam($_POST, 'youremail', ''));
$subject_default = _EMAIL_INFO . " {$yourname}";
$subject = trim(mosGetParam($_POST, 'subject', $subject_default));
if (!$email || !$youremail || is_email($email) == false || is_email($youremail) == false) {
echo "<script>alert (\"" . _EMAIL_ERR_NOINFO . "\"); window.history.go(-1);</script>";
exit(0);
}
$template = '';
$database->setQuery("SELECT template FROM #__templates_menu WHERE client_id='0' AND menuid='0'");
$template = $database->loadResult();
// link sent in email
$link = sefRelToAbs($mosConfig_live_site . '/index.php?option=com_content&task=view&id=' . $uid . '&Itemid=' . $_Itemid);
// message text
$msg = sprintf(_EMAIL_MSG, $mosConfig_sitename, $yourname, $youremail, $link);
// mail function
mosMail($mosConfig_mailfrom, $mosConfig_fromname, $email, $subject, $msg);
HTML_content::emailSent($email, $template);
}
/**
* Shows the email form for a given content item.
* @param int The content item id
*/
function emailContentSend($uid, $gid)
{
global $database, $mainframe;
global $mosConfig_live_site, $mosConfig_sitename, $mosConfig_hideEmail;
$id = intval(mosGetParam($_REQUEST, 'id', 0));
if ($id) {
$query = 'SELECT attribs FROM #__content WHERE `id`=' . $id;
$database->setQuery($query);
$params = new mosParameters($database->loadResult());
} else {
$params = new mosParameters('');
}
$paramEmail = intval($params->get('email', 0));
if ($mosConfig_hideEmail && !$paramEmail) {
echo _NOT_AUTH;
return;
}
// simple spoof check security
josSpoofCheck(1);
// check for session cookie
// Session Cookie `name`
$sessionCookieName = mosMainFrame::sessionCookieName();
// Get Session Cookie `value`
$sessioncookie = mosGetParam($_COOKIE, $sessionCookieName, null);
if (!(strlen($sessioncookie) == 32 || $sessioncookie == '-')) {
mosErrorAlert(_NOT_AUTH);
}
$itemid = intval(mosGetParam($_POST, 'itemid', 0));
$now = _CURRENT_SERVER_TIME;
$nullDate = $database->getNullDate();
// query to check for state and access levels
$query = "SELECT a.*, cc.name AS category, s.name AS section, s.published AS sec_pub, cc.published AS cat_pub," . "\n s.access AS sec_access, cc.access AS cat_access, s.id AS sec_id, cc.id as cat_id" . "\n FROM #__content AS a" . "\n LEFT JOIN #__categories AS cc ON cc.id = a.catid" . "\n LEFT JOIN #__sections AS s ON s.id = cc.section AND s.scope = 'content'" . "\n WHERE a.id = " . (int) $uid . "\n AND a.state = 1" . "\n AND a.access <= " . (int) $gid . "\n AND ( a.publish_up = " . $database->Quote($nullDate) . " OR a.publish_up <= " . $database->Quote($now) . " )" . "\n AND ( a.publish_down = " . $database->Quote($nullDate) . " OR a.publish_down >= " . $database->Quote($now) . " )";
$database->setQuery($query);
$row = NULL;
if ($database->loadObject($row)) {
/*
* check whether category is published
*/
if (!$row->cat_pub && $row->catid) {
mosNotAuth();
return;
}
/*
* check whether section is published
*/
if (!$row->sec_pub && $row->sectionid) {
mosNotAuth();
return;
}
/*
* check whether category access level allows access
*/
if ($row->cat_access > $gid && $row->catid) {
mosNotAuth();
return;
}
/*
* check whether section access level allows access
*/
if ($row->sec_access > $gid && $row->sectionid) {
mosNotAuth();
return;
}
$email = strval(mosGetParam($_POST, 'email', ''));
$yourname = strval(mosGetParam($_POST, 'yourname', ''));
$youremail = strval(mosGetParam($_POST, 'youremail', ''));
$subject = strval(mosGetParam($_POST, 'subject', ''));
if (empty($subject)) {
$subject = _EMAIL_INFO . ' ' . $yourname;
}
if ($uid < 1 || !$email || !$youremail || JosIsValidEmail($email) == false || JosIsValidEmail($youremail) == false) {
mosErrorAlert(_EMAIL_ERR_NOINFO);
}
$query = "SELECT template" . "\n FROM #__templates_menu" . "\n WHERE client_id = 0" . "\n AND menuid = 0";
$database->setQuery($query);
$template = $database->loadResult();
// determine Itemid for Item
if ($itemid) {
$_itemid = '&Itemid=' . $itemid;
} else {
$itemid = $mainframe->getItemid($uid, 0, 0);
$_itemid = '&Itemid=' . $itemid;
}
// link sent in email
$link = sefRelToAbs('index.php?option=com_content&task=view&id=' . $uid . $_itemid);
// message text
$msg = sprintf(_EMAIL_MSG, html_entity_decode($mosConfig_sitename, ENT_QUOTES), $yourname, $youremail, $link);
// mail function
$success = mosMail($youremail, $yourname, $email, $subject, $msg);
if (!$success) {
mosErrorAlert(_EMAIL_ERR_NOINFO);
}
HTML_content::emailSent($email, $template);
} else {
mosNotAuth();
return;
}
}
/**
* comments for registered users
*/
function reviewBook($options, $catid)
{
PHP_booklibrary::addTitleAndMetaTags();
global $mainframe, $database, $my, $Itemid, $acl;
global $booklibrary_configuration, $mosConfig_absolute_path;
/* , $catid */
global $mosConfig_mailfrom, $session;
if (!isset($my->id)) {
//for 1.6
$my->id = 0;
}
if (!$GLOBALS['reviews_show'] || !checkAccessBL($GLOBALS['reviews_registrationlevel'], 'RECURSE', userGID_BL($my->id), $acl)) {
echo _BOOKLIBRARY_NOT_AUTHORIZED;
return;
}
$review = new mosBookLibrary_review($database);
$review->date = date("Y-m-d H:i:s");
$review->fk_userid = $my->id;
//********************* begin compare to key ***************************
//********************** end compare to key *****************************
//********************** BEGIN review approve ***************************
if ($booklibrary_configuration['approve_review']['show'] == '1') {
$review->published = 1;
} else {
$review->published = 0;
}
if ($booklibrary_configuration['approve_review']['show']) {
if (checkAccessBL($booklibrary_configuration['approve_review']['registrationlevel'], 'RECURSE', userGID_BL($my->id), $acl)) {
$review->published = 1;
} else {
$review->published = 0;
}
} else {
$review->published = 0;
}
//********************** END review approve ***************************
if (!$review->bind($_POST)) {
echo "<script> alert('" . addslashes($book->getError()) . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$review->check()) {
echo "<script> alert('" . addslashes($book->getError()) . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$review->store()) {
echo "<script> alert('" . addslashes($book->getError()) . "'); window.history.go(-1); </script>\n";
exit;
}
$review->updateRatingBook();
//*************** begin add send mail for admin ******************
if (version_compare(JVERSION, '3.0', 'lt')) {
$menu = new JTableMenu($database);
// for 1.6
$menu->load($Itemid);
$params = new mosParameters($menu->params);
} else {
$menu = new JTableMenu($database);
$menu->load($Itemid);
$params = new JRegistry();
$params->loadString($menu->params);
}
if (!isset($my->id)) {
//for 1.6
$my->id = 0;
}
if ($GLOBALS['review_added_email_show'] && trim($GLOBALS['review_email_address']) != "") {
$params->def('show_email', 1);
if (checkAccessBL($GLOBALS['review_added_email_registrationlevel'], 'RECURSE', userGID_BL($my->id), $acl)) {
$params->def('show_input_email', 1);
}
}
if ($params->get('show_input_email')) {
$mail_to = explode(",", $GLOBALS['review_email_address']);
// select book title
$zapros = "SELECT title FROM #__booklibrary WHERE id = '" . intval($_POST['fk_bookid']) . "';";
$database->setQuery($zapros);
$book_title = $database->loadObjectList();
echo $database->getErrorMsg();
$userid = $my->id;
//select new review
$zapros = "SELECT * FROM #__booklibrary_review WHERE date = '" . $review->date . "';";
$database->setQuery($zapros);
$item_review = $database->loadObjectList();
echo $database->getErrorMsg();
$zapros = "SELECT name, email FROM #__users WHERE id=" . $userid . ";";
$database->setQuery($zapros);
$item_user = $database->loadObjectList();
echo $database->getErrorMsg();
$rating = $item_review[0]->rating / 2;
$query = "SELECT * FROM #__booklibrary WHERE id='" . $_REQUEST['fk_bookid'] . "'";
$database->setQuery($query);
$book_name = $database->loadAssoc();
$username = isset($item_user[0]->name) ? $item_user[0]->name : "anonymous";
$message = _BOOKLIBRARY_EMAIL_NOTIFICATION_REVIEW;
$message = str_replace("{username}", $username, $message);
$message = str_replace("{book_title}", $book_name['title'], $message);
$message = str_replace("{label title comment}", _BOOKLIBRARY_LABEL_TITLE_COMMENT, $message);
$message = str_replace("{title}", $_REQUEST['title'], $message);
$message = str_replace("{label rating}", _BOOKLIBRARY_LABEL_RATING, $message);
$message = str_replace("{rating}", $_REQUEST['rating'], $message);
$message = str_replace("{label label title review comment}", _BOOKLIBRARY_LABEL_TITLE_REVIEW_COMMENT, $message);
$message = str_replace("{comment}", $_REQUEST['comment'], $message);
if ($userid == 0) {
mosMail($mosConfig_mailfrom, 'anonymous', $mail_to, 'New book review added', $message, true);
} else {
mosMail($mosConfig_mailfrom, $item_user[0]->name, $mail_to, 'New book review added', $message, true);
}
}
mosRedirect("index.php?option=com_booklibrary&task=view&catid=" . $catid . "&id={$review->fk_bookid}&Itemid={$Itemid}");
}
/**
* Sends mail to admin
*/
function mosSendAdminMail($adminName, $adminEmail, $email, $type, $title, $author)
{
global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_live_site;
$subject = _MAIL_SUB . " '{$type}'";
$message = _MAIL_MSG;
eval("\$message = \"{$message}\";");
mosMail($mosConfig_mailfrom, $mosConfig_fromname, $adminEmail, $subject, $message);
}
/**
* Mail function (uses phpMailer)
*
* @param string $from From e-mail address
* @param string $fromName From name
* @param mixed $recipient Recipient e-mail address(es)
* @param string $subject E-mail subject
* @param string $body Message body
* @param boolean $mode false = plain text, true = HTML
* @param mixed $cc CC e-mail address(es)
* @param mixed $bcc BCC e-mail address(es)
* @param mixed $attachment Attachment file name(s)
* @param mixed $replyTo Reply to email address(es)
* @param mixed $replyToName Reply to name(s)
* @return boolean True on success
*/
function send($from, $fromName, $recipient, $subject, $body, $mode = 0, $cc = NULL, $bcc = NULL, $attachment = NULL, $replyTo = NULL, $replyToName = NULL)
{
if (JCOMMENTS_JVERSION == '1.5') {
return JUTility::sendMail($from, $fromName, $recipient, $subject, $body, $mode, $cc, $bcc, $attachment, $replyTo, $replyToName);
}
return mosMail($from, $fromName, $recipient, $subject, $body, $mode, $cc, $bcc, $attachment, $replyTo, $replyToName);
}
function saveRegistration($option)
{
global $database, $my, $acl;
global $mosConfig_sitename, $mosConfig_live_site, $mosConfig_useractivation, $mosConfig_allowUserRegistration;
global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_mailfrom, $mosConfig_fromname;
if ($mosConfig_allowUserRegistration == "0") {
mosNotAuth();
return;
}
$row = new mosUser($database);
if (!$row->bind($_POST, "usertype")) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
mosMakeHtmlSafe($row);
$row->id = 0;
$row->usertype = '';
$row->gid = $acl->get_group_id('Registered', 'ARO');
if ($mosConfig_useractivation == "1") {
$row->activation = md5(mosMakePassword());
$row->block = "1";
}
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$pwd = $row->password;
$row->password = md5($row->password);
$row->registerDate = date("Y-m-d H:i:s");
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
//// Begin UserExtended
include "administrator/components/com_user_extended/user_extended.class.php";
$rowExtended = new mosUser_Extended($database);
if (!$rowExtended->bind($_POST)) {
echo "<script> alert('" . $rowExtended->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$rowExtended->check()) {
echo "<script> alert('" . $rowExtended->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$rowExtended->storeExtended($row->id)) {
echo "<script> alert('" . $rowExtended->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
//// End UserExtended
$row->checkin();
$name = $row->name;
$email = $row->email;
$username = $row->username;
$subject = sprintf(_SEND_SUB, $name, $mosConfig_sitename);
$subject = html_entity_decode($subject, ENT_QUOTES);
if ($mosConfig_useractivation == "1") {
$message = sprintf(_USEND_MSG_ACTIVATE, $name, $mosConfig_sitename, $mosConfig_live_site . "/index.php?option=com_registration&task=activate&activation=" . $row->activation, $mosConfig_live_site, $username, $pwd);
} else {
$message = sprintf(_USEND_MSG, $name, $mosConfig_sitename, $mosConfig_live_site);
}
$message = html_entity_decode($message, ENT_QUOTES);
// Send email to user
if ($mosConfig_mailfrom != "" && $mosConfig_fromname != "") {
$adminName2 = $mosConfig_fromname;
$adminEmail2 = $mosConfig_mailfrom;
} else {
$database->setQuery("SELECT name, email FROM #__users" . "\n WHERE usertype='superadministrator'");
$rows = $database->loadObjectList();
$row2 = $rows[0];
$adminName2 = $row2->name;
$adminEmail2 = $row2->email;
}
mosMail($adminEmail2, $adminName2, $email, $subject, $message);
// Send notification to all administrators
$subject2 = sprintf(_SEND_SUB, $name, $mosConfig_sitename);
$message2 = sprintf(_ASEND_MSG, $adminName2, $mosConfig_sitename, $row->name, $email, $username);
$subject2 = html_entity_decode($subject2, ENT_QUOTES);
$message2 = html_entity_decode($message2, ENT_QUOTES);
// get superadministrators id
$admins = $acl->get_group_objects(25, 'ARO');
foreach ($admins['users'] as $id) {
$database->setQuery("SELECT email, sendEmail FROM #__users" . "\n WHERE id='{$id}'");
$rows = $database->loadObjectList();
$row = $rows[0];
if ($row->sendEmail) {
mosMail($adminEmail2, $adminName2, $row->email, $subject2, $message2);
}
}
if ($mosConfig_useractivation == "1") {
echo _REG_COMPLETE_ACTIVATE;
} else {
echo _REG_COMPLETE;
}
}
function sendmail($con_id, $option)
{
global $mainframe, $database, $Itemid;
global $mosConfig_sitename, $mosConfig_live_site, $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_db;
// simple spoof check security
josSpoofCheck(1);
$query = "SELECT *" . "\n FROM #__contact_details" . "\n WHERE id = " . (int) $con_id;
$database->setQuery($query);
$contact = $database->loadObjectList();
if (count($contact) > 0) {
$default = $mosConfig_sitename . ' ' . _ENQUIRY;
$email = strval(mosGetParam($_POST, 'email', ''));
$text = strval(mosGetParam($_POST, 'text', ''));
$name = strval(mosGetParam($_POST, 'name', ''));
$subject = strval(mosGetParam($_POST, 'subject', $default));
$email_copy = strval(mosGetParam($_POST, 'email_copy', 0));
$menu = $mainframe->get('menu');
$mparams = new mosParameters($menu->params);
$bannedEmail = $mparams->get('bannedEmail', '');
$bannedSubject = $mparams->get('bannedSubject', '');
$bannedText = $mparams->get('bannedText', '');
$sessionCheck = $mparams->get('sessionCheck', 1);
// check for session cookie
if ($sessionCheck) {
// Session Cookie `name`
$sessionCookieName = mosMainFrame::sessionCookieName();
// Get Session Cookie `value`
$sessioncookie = mosGetParam($_COOKIE, $sessionCookieName, null);
if (!(strlen($sessioncookie) == 32 || $sessioncookie == '-')) {
mosErrorAlert(_NOT_AUTH);
}
}
// Prevent form submission if one of the banned text is discovered in the email field
if ($bannedEmail) {
$bannedEmail = explode(';', $bannedEmail);
foreach ($bannedEmail as $value) {
if (stristr($email, $value)) {
mosErrorAlert(_NOT_AUTH);
}
}
}
// Prevent form submission if one of the banned text is discovered in the subject field
if ($bannedSubject) {
$bannedSubject = explode(';', $bannedSubject);
foreach ($bannedSubject as $value) {
if (stristr($subject, $value)) {
mosErrorAlert(_NOT_AUTH);
}
}
}
// Prevent form submission if one of the banned text is discovered in the text field
if ($bannedText) {
$bannedText = explode(';', $bannedText);
foreach ($bannedText as $value) {
if (stristr($text, $value)) {
mosErrorAlert(_NOT_AUTH);
}
}
}
// test to ensure that only one email address is entered
$check = explode('@', $email);
if (strpos($email, ';') || strpos($email, ',') || strpos($email, ' ') || count($check) > 2) {
mosErrorAlert(_CONTACT_MORE_THAN);
}
if (!$email || !$text || JosIsValidEmail($email) == false) {
mosErrorAlert(_CONTACT_FORM_NC);
}
$prefix = sprintf(_ENQUIRY_TEXT, $mosConfig_live_site);
$text = $prefix . "\n" . $name . ' <' . $email . '>' . "\n\n" . stripslashes($text);
$success = mosMail($email, $name, $contact[0]->email_to, $mosConfig_fromname . ': ' . $subject, $text);
if (!$success) {
mosErrorAlert(_CONTACT_FORM_NC);
}
// parameter check
$params = new mosParameters($contact[0]->params);
$emailcopyCheck = $params->get('email_copy', 0);
// check whether email copy function activated
if ($email_copy && $emailcopyCheck) {
$copy_text = sprintf(_COPY_TEXT, $contact[0]->name, $mosConfig_sitename);
$copy_text = $copy_text . "\n\n" . $text . '';
$copy_subject = _COPY_SUBJECT . $subject;
$success = mosMail($mosConfig_mailfrom, $mosConfig_fromname, $email, $copy_subject, $copy_text);
if (!$success) {
mosErrorAlert(_CONTACT_FORM_NC);
}
}
$link = sefRelToAbs('index.php?option=com_contact&task=view&contact_id=' . $contact[0]->id . '&Itemid=' . $Itemid);
mosRedirect($link, _THANK_MESSAGE);
}
}
function saveUser($task)
{
global $database, $my, $acl;
global $mosConfig_live_site, $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_sitename;
josSpoofCheck();
$userIdPosted = mosGetParam($_POST, 'id');
if ($userIdPosted) {
$msg = checkUserPermissions(array($userIdPosted), 'save', in_array($my->gid, array(24, 25)));
if ($msg) {
echo "<script type=\"text/javascript\"> alert('" . $msg . "'); window.history.go(-1);</script>\n";
exit;
}
}
$row = new mosUser($database);
if (!$row->bind($_POST)) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$row->name = trim($row->name);
$row->email = trim($row->email);
$row->username = trim($row->username);
// sanitise fields
$row->id = (int) $row->id;
// sanitise gid field
$row->gid = (int) $row->gid;
$isNew = !$row->id;
$pwd = '';
// MD5 hash convert passwords
if ($isNew) {
// new user stuff
if ($row->password == '') {
$pwd = mosMakePassword();
$salt = mosMakePassword(16);
$crypt = md5($pwd . $salt);
$row->password = $crypt . ':' . $salt;
} else {
$pwd = trim($row->password);
$salt = mosMakePassword(16);
$crypt = md5($pwd . $salt);
$row->password = $crypt . ':' . $salt;
}
$row->registerDate = date('Y-m-d H:i:s');
} else {
$original = new mosUser($database);
$original->load((int) $row->id);
// existing user stuff
if ($row->password == '') {
// password set to null if empty
$row->password = null;
} else {
$row->password = trim($row->password);
$salt = mosMakePassword(16);
$crypt = md5($row->password . $salt);
$row->password = $crypt . ':' . $salt;
}
// if group has been changed and where original group was a Super Admin
if ($row->gid != $original->gid) {
if ($original->gid == 25) {
// count number of active super admins
$query = "SELECT COUNT( id )" . "\n FROM #__users" . "\n WHERE gid = 25" . "\n AND block = 0";
$database->setQuery($query);
$count = $database->loadResult();
if ($count <= 1) {
// disallow change if only one Super Admin exists
echo "<script> alert('You cannot change this users Group as it is the only active Super Administrator for your site'); window.history.go(-1); </script>\n";
exit;
}
}
$user_group = strtolower($acl->get_group_name($original->gid, 'ARO'));
if ($user_group == 'super administrator' && $my->gid != 25) {
// disallow change of super-Admin by non-super admin
echo "<script> alert('You cannot change this users Group as you are not a Super Administrator for your site'); window.history.go(-1); </script>\n";
exit;
} else {
if ($my->gid == 24 && $original->gid == 24) {
// disallow change of super-Admin by non-super admin
echo "<script> alert('You cannot change the Group of another Administrator as you are not a Super Administrator for your site'); window.history.go(-1); </script>\n";
exit;
}
}
// ensure user can't add group higher than themselves done below
}
}
/*
// if user is made a Super Admin group and user is NOT a Super Admin
if ( $row->gid == 25 && $my->gid != 25 ) {
// disallow creation of Super Admin by non Super Admin users
echo "<script> alert('You cannot create a user with this user Group level, only Super Administrators have this ability'); window.history.go(-1); </script>\n";
exit();
}
*/
// Security check to avoid creating/editing user to higher level than himself: response to artf4529.
if (!in_array($row->gid, getGIDSChildren($my->gid))) {
// disallow creation of Super Admin by non Super Admin users
echo "<script> alert('You cannot create a user with this user Group level, only Super Administrators have this ability'); window.history.go(-1); </script>\n";
exit;
}
// save usertype to usertype column
$query = "SELECT name" . "\n FROM #__core_acl_aro_groups" . "\n WHERE group_id = " . (int) $row->gid;
$database->setQuery($query);
$usertype = $database->loadResult();
$row->usertype = $usertype;
// save params
$params = mosGetParam($_POST, 'params', '');
if (is_array($params)) {
$txt = array();
foreach ($params as $k => $v) {
$txt[] = "{$k}={$v}";
}
$row->params = implode("\n", $txt);
}
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$row->checkin();
// updates the current users param settings
if ($my->id == $row->id) {
//session_start();
$_SESSION['session_user_params'] = $row->params;
session_write_close();
}
// update the ACL
if (!$isNew) {
$query = "SELECT aro_id" . "\n FROM #__core_acl_aro" . "\n WHERE value = " . (int) $row->id;
$database->setQuery($query);
$aro_id = $database->loadResult();
$query = "UPDATE #__core_acl_groups_aro_map" . "\n SET group_id = " . (int) $row->gid . "\n WHERE aro_id = " . (int) $aro_id;
$database->setQuery($query);
$database->query() or die($database->stderr());
}
// for new users, email username and password
if ($isNew) {
$query = "SELECT email" . "\n FROM #__users" . "\n WHERE id = " . (int) $my->id;
$database->setQuery($query);
$adminEmail = $database->loadResult();
$subject = _NEW_USER_MESSAGE_SUBJECT;
$message = sprintf(_NEW_USER_MESSAGE, $row->name, $mosConfig_sitename, $mosConfig_live_site, $row->username, $pwd);
if ($mosConfig_mailfrom != "" && $mosConfig_fromname != "") {
$adminName = $mosConfig_fromname;
$adminEmail = $mosConfig_mailfrom;
} else {
$query = "SELECT name, email" . "\n FROM #__users" . "\n WHERE gid = 25";
$database->setQuery($query);
$admins = $database->loadObjectList();
$admin = $admins[0];
$adminName = $admin->name;
$adminEmail = $admin->email;
}
mosMail($adminEmail, $adminName, $row->email, $subject, $message);
}
if (!$isNew) {
// if group has been changed
if ($original->gid != $row->gid) {
// delete user acounts active sessions
logoutUser($row->id, 'com_users', 'change');
}
}
switch ($task) {
case 'apply':
$msg = 'Successfully Saved changes to User: '******'index2.php?option=com_users&task=editA&hidemainmenu=1&id=' . $row->id, $msg);
break;
case 'save':
default:
$msg = 'Successfully Saved User: '******'index2.php?option=com_users', $msg);
break;
}
}
function sendmail($con_id, $option)
{
global $database, $Itemid;
global $mosConfig_sitename, $mosConfig_mailfrom, $mosConfig_fromname;
$database->setQuery("SELECT email_to FROM #__contact_details WHERE id='{$con_id}'");
$email_to = $database->loadResult();
$default = $mosConfig_sitename . ' ' . _ENQUIRY;
$email = trim(mosGetParam($_POST, 'email', ''));
$text = trim(mosGetParam($_POST, 'text', ''));
$name = trim(mosGetParam($_POST, 'name', ''));
$subject = trim(mosGetParam($_POST, 'subject', $default));
$email_copy = mosGetParam($_POST, 'email_copy', 0);
if (!$email || !$text || is_email($email) == false) {
echo "<script>alert (\"" . _CONTACT_FORM_NC . "\"); window.history.go(-1);</script>";
exit(0);
}
$text = _ENQUIRY_TEXT . ' ' . $name . ' (' . $email . ')' . "\r \n" . stripslashes($text);
mosMail($mosConfig_mailfrom, $mosConfig_fromname, $email_to, $subject, $text);
if ($email_copy) {
$copy_text = sprintf(_COPY_TEXT, $mosConfig_sitename);
$copy_text = $copy_text . "\n\n" . $text . '';
$copy_subject = _COPY_SUBJECT . $subject;
mosMail($mosConfig_mailfrom, $mosConfig_fromname, $email, $copy_subject, $copy_text);
}
?>
<script>
alert( "<?php
echo _THANK_MESSAGE;
?>
" );
document.location.href='<?php
echo sefRelToAbs("index.php?option={$option}&Itemid={$Itemid}");
?>
';
</script>
<?php
}
function saveUser($option)
{
global $database, $my;
global $mosConfig_live_site, $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_sitename;
$row = new mosUser($database);
if (!$row->bind($_POST)) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$isNew = !$row->id;
$pwd = '';
if ($isNew) {
// new user stuff
if ($row->password == '') {
$pwd = mosMakePassword();
$row->password = md5($pwd);
} else {
$pwd = $row->password;
$row->password = md5($row->password);
}
$row->registerDate = date('Y-m-d H:i:s');
} else {
// existing user stuff
if ($row->password == '') {
// password set to null if empty
$row->password = null;
} else {
$row->password = md5($row->password);
}
}
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
exit;
}
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
exit;
}
// update the ACL
if ($isNew) {
} else {
$query = "SELECT aro_id FROM #__core_acl_aro WHERE value='{$row->id}'";
$database->setQuery($query);
$aro_id = $database->loadResult();
$query = "UPDATE #__core_acl_groups_aro_map" . "\n SET group_id = '{$row->gid}'" . "\n WHERE aro_id = '{$aro_id}'";
$database->setQuery($query);
$database->query() or die($database->stderr());
}
$row->checkin();
if ($isNew) {
$query = "SELECT email FROM #__users WHERE id={$my->id}";
$database->setQuery($query);
$adminEmail = $database->loadResult();
$subject = _NEW_USER_MESSAGE_SUBJECT;
$message = sprintf(_NEW_USER_MESSAGE, $row->name, $mosConfig_sitename, $mosConfig_live_site, $row->username, $pwd);
if ($mosConfig_mailfrom != "" && $mosConfig_fromname != "") {
$adminName = $mosConfig_fromname;
$adminEmail = $mosConfig_mailfrom;
} else {
$query = "SELECT name, email FROM #__users WHERE usertype='superadministrator'";
$database->setQuery($query);
$rows = $database->loadObjectList();
$row = $rows[0];
$adminName = $row->name;
$adminEmail = $row->email;
}
mosMail($adminEmail, $adminName, $row->email, $subject, $message);
}
$limit = intval(mosGetParam($_REQUEST, 'limit', 10));
$limitstart = intval(mosGetParam($_REQUEST, 'limitstart', 0));
mosRedirect('index2.php?option=' . $option);
}
if ($captcha_success != '2') {
# if registered users only
if (!$allow_anonymous_entries and !$is_user) {
$link = sefRelToAbs("index.php?option=content&task=view&id={$articleid}");
echo "<SCRIPT>alert('Please register to add comments'); document.location.href='" . $link . "';</SCRIPT>";
} else {
$comments = strip_tags($comments);
$comments = mysql_escape_string(strip_tags($comments));
$startdate = date("Y-m-d H:i:s");
$ip = getenv('REMOTE_ADDR');
$query = "INSERT INTO #__comment SET articleid='{$articleid}', ip='{$ip}', name='{$mcname}', comments='{$comments}', startdate='{$startdate}', published='{$auto_publish_comments}';";
$database->setQuery($query);
$database->query();
if ($notify_new_entries == "1") {
// messaging for new items
require_once $mosConfig_absolute_path . "/includes/mambofunc.php";
$message = "A new comment has been added\n\n" . $comments;
if ($auto_publish_comments == "0") {
$message = $message . "\n\nYou have chosen not to auto publish new comments. Therefore you need to log in and publish new posts to make them visible.";
}
mosMail($mosConfig_mailfrom, $mosConfig_mailfrom, $mosConfig_mailfrom, "A new comment has been submitted", $message);
}
$msg = 'Thanks. Your comment has been successfully saved. ';
if ($auto_publish_comments == "0") {
$msg = $msg . "The Administrator will review and publish your comment shortly.";
}
mosRedirect("index.php?option=com_content&task=view&id=" . $articleid . "&Itemid=" . $mcitemid . "&limit=" . $limit . "&limitstart=" . $limitstart, $msg);
}
} else {
echo "<SCRIPT> alert('Incorrect Security Code');\t\t\tdocument.location='index.php?option=com_content&task=view&id={$articleid}&Itemid={$mcitemid}&limit={$limit}&limitstart={$limitstart}&comments={$comments}';</SCRIPT>";
}
/**
* Saves the record on an edit form submit
* @param database A database connector object
*/
function saveWeblink($option)
{
global $database, $my, $mosConfig_absolute_path, $mosConfig_mailfrom;
if ($my->gid < 1) {
mosNotAuth();
return;
}
$row = new mosWeblink($database);
if (!$row->bind($_POST, "approved published")) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
// sanitize
$row->id = intval($row->id);
$isNew = $row->id < 1;
$row->date = date("Y-m-d H:i:s");
$row->title = $database->getEscaped($row->title);
$row->catid = $database->getEscaped($row->catid);
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$row->checkin();
// messaging for new items
require_once $mosConfig_absolute_path . '/components/com_messages/messages.class.php';
$query = "SELECT id,email FROM #__users WHERE sendEmail = '1'";
$database->setQuery($query);
$rows = $database->loadObjectList();
foreach ($rows as $user) {
// admin message
$msg = new mosMessage($database);
$msg->send($my->id, $user->id, T_("New Item"), sprintf(T_('A new WebLink has been submitted by [ %s ] titled [ %s ] '), $my->username, $row->title));
// email message
mosMail($mosConfig_mailfrom, $mosConfig_mailfrom, $user->email, "A new Web Link has been submitted", 'A new WebLink has been submitted by [' . $my->username . '] titled [' . $row->title . ']. Please login to view and approve it.');
}
$msg = $isNew ? T_('Thanks for your submission; it will be reviewed before being posted to the site.') : '';
$Itemid = mosGetParam($_POST, 'Returnid', '');
mosRedirect('index.php?Itemid=' . $Itemid, $msg);
}
/**
* Mail function (uses phpMailer)
*
* @param string $from From e-mail address
* @param string $fromName From name
* @param mixed $recipient Recipient e-mail address(es)
* @param string $subject E-mail subject
* @param string $body Message body
* @param bool|int $mode false = plain text, true = HTML
* @param mixed $cc CC e-mail address(es)
* @param mixed $bcc BCC e-mail address(es)
* @param mixed $attachment Attachment file name(s)
* @param mixed $replyTo Reply to email address(es)
* @param mixed $replyToName Reply to name(s)
* @return boolean True on success
*/
public static function send($from, $fromName, $recipient, $subject, $body, $mode = 0, $cc = NULL, $bcc = NULL, $attachment = NULL, $replyTo = NULL, $replyToName = NULL)
{
if (JCOMMENTS_JVERSION == '1.5') {
return JUTility::sendMail($from, $fromName, $recipient, $subject, $body, $mode, $cc, $bcc, $attachment, $replyTo, $replyToName);
} else {
if (JCOMMENTS_JVERSION == '1.7') {
$mailer = JFactory::getMailer();
return $mailer->sendMail($from, $fromName, $recipient, $subject, $body, $mode, $cc, $bcc, $attachment, $replyTo, $replyToName);
}
}
return mosMail($from, $fromName, $recipient, $subject, $body, $mode, $cc, $bcc, $attachment, $replyTo, $replyToName);
}
function writeLogs($list, $log_simple, $log_detailed)
{
if (ACA_CMSTYPE) {
$database =& JFactory::getDBO();
} else {
global $database;
}
//endif
if ($GLOBALS[ACA . 'send_log_simple']) {
$send = $log_simple;
} else {
$send = $log_detailed;
}
if (lisType::sendLogs($list->list_type)) {
$database->setQuery("SELECT * FROM `#__users` WHERE `gid` = 25 LIMIT 1");
if (ACA_CMSTYPE) {
// joomla 15
$admin = $database->loadObject();
$owner = subscribers::getSubscriberInfoFromUserId($list->owner);
if ($GLOBALS[ACA . 'send_log'] == 1) {
if (!empty($owner->email)) {
JUTility::sendMail($admin->email, $admin->username, $owner->email, 'Acajoom mailing report', $send);
} else {
JUTility::sendMail($admin->email, $admin->username, $admin->email, 'Acajoom mailing report', $send);
}
} else {
if ($GLOBALS[ACA . 'send_log_closed'] == 1 && connection_aborted()) {
if (!empty($owner->email)) {
JUTility::sendMail($admin->email, $admin->username, $owner->email, 'Acajoom mailing report', $send);
} else {
JUTility::sendMail($admin->email, $admin->username, $admin->email, 'Acajoom mailing report', $send);
}
}
}
} else {
//joomla 1x
$database->loadObject($admin);
$owner = subscribers::getSubscriberInfoFromUserId($list->owner);
if ($GLOBALS[ACA . 'send_log'] == 1) {
if (!empty($owner->email)) {
mosMail($admin->email, $admin->username, $owner->email, 'Acajoom mailing report', $send);
} else {
mosMail($admin->email, $admin->username, $admin->email, 'Acajoom mailing report', $send);
}
} else {
if ($GLOBALS[ACA . 'send_log_closed'] == 1 && connection_aborted()) {
if (!empty($owner->email)) {
mosMail($admin->email, $admin->username, $owner->email, 'Acajoom mailing report', $send);
} else {
mosMail($admin->email, $admin->username, $admin->email, 'Acajoom mailing report', $send);
}
}
}
}
//endif
}
if ($GLOBALS[ACA . 'save_log']) {
if ($GLOBALS[ACA . 'save_log_simple']) {
@file_put_contents(ACA_JPATH_ROOT_NO_ADMIN . $GLOBALS[ACA . 'save_log_file'], $log_simple, FILE_APPEND);
} else {
@file_put_contents(ACA_JPATH_ROOT_NO_ADMIN . $GLOBALS[ACA . 'save_log_file'], $log_detailed, FILE_APPEND);
}
}
}
function writeLogs($list, $log_simple, $log_detailed)
{
global $database;
if ($GLOBALS[ACA . 'send_log_simple']) {
$send = $log_simple;
} else {
$send = $log_detailed;
}
if (lisType::sendLogs($list->list_type)) {
$database->setQuery("SELECT * FROM `#__users` WHERE `gid` = 25 LIMIT 1");
$database->loadObject($admin);
if ($GLOBALS[ACA . 'send_log'] == 1) {
$owner = subscribers::getSubscriberIdFromUserId($list->owner, false);
if (!empty($owner->email)) {
mosMail($admin->email, $admin->username, $owner->email, 'Acajoom mailing report', $send);
} else {
mosMail($admin->email, $admin->username, $admin->email, 'Acajoom mailing report', $send);
}
} else {
if ($GLOBALS[ACA . 'send_log_closed'] == 1 && connection_aborted()) {
if (!empty($owner->email)) {
mosMail($admin->email, $admin->username, $owner->email, 'Acajoom mailing report', $send);
} else {
mosMail($admin->email, $admin->username, $admin->email, 'Acajoom mailing report', $send);
}
}
}
}
if ($GLOBALS[ACA . 'save_log']) {
if ($GLOBALS[ACA . 'save_log_simple']) {
@file_put_contents($GLOBALS['mosConfig_absolute_path'] . $GLOBALS[ACA . 'save_log_file'], $log_simple, FILE_APPEND);
} else {
@file_put_contents($GLOBALS['mosConfig_absolute_path'] . $GLOBALS[ACA . 'save_log_file'], $log_detailed, FILE_APPEND);
}
}
}
function saveRegistration()
{
global $database, $acl;
global $mosConfig_sitename, $mosConfig_live_site, $mosConfig_useractivation, $mosConfig_allowUserRegistration;
global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_mailfrom, $mosConfig_fromname;
if ($mosConfig_allowUserRegistration == 0) {
mosNotAuth();
return;
}
// simple spoof check security
josSpoofCheck();
$row = new mosUser($database);
if (!$row->bind($_POST, 'usertype')) {
mosErrorAlert($row->getError());
}
$row->name = trim($row->name);
$row->email = trim($row->email);
$row->username = trim($row->username);
$row->password = trim($row->password);
mosMakeHtmlSafe($row);
$row->id = 0;
$row->usertype = '';
$row->gid = $acl->get_group_id('Registered', 'ARO');
if ($mosConfig_useractivation == 1) {
$row->activation = md5(mosMakePassword());
$row->block = '1';
}
if (!$row->check()) {
echo "<script> alert('" . html_entity_decode($row->getError()) . "'); window.history.go(-1); </script>\n";
exit;
}
$pwd = $row->password;
$salt = mosMakePassword(16);
$crypt = md5($row->password . $salt);
$row->password = $crypt . ':' . $salt;
$row->registerDate = date('Y-m-d H:i:s');
if (!$row->store()) {
echo "<script> alert('" . html_entity_decode($row->getError()) . "'); window.history.go(-1); </script>\n";
exit;
}
$row->checkin();
$name = trim($row->name);
$email = trim($row->email);
$username = trim($row->username);
$subject = sprintf(_SEND_SUB, $name, $mosConfig_sitename);
$subject = html_entity_decode($subject, ENT_QUOTES);
if ($mosConfig_useractivation == 1) {
$message = sprintf(_USEND_MSG_ACTIVATE, $name, $mosConfig_sitename, $mosConfig_live_site . "/index.php?option=com_registration&task=activate&activation=" . $row->activation, $mosConfig_live_site, $username, $pwd);
} else {
$message = sprintf(_USEND_MSG, $name, $mosConfig_sitename, $mosConfig_live_site);
}
$message = html_entity_decode($message, ENT_QUOTES);
// check if Global Config `mailfrom` and `fromname` values exist
if ($mosConfig_mailfrom != '' && $mosConfig_fromname != '') {
$adminName2 = $mosConfig_fromname;
$adminEmail2 = $mosConfig_mailfrom;
} else {
// use email address and name of first superadmin for use in email sent to user
$query = "SELECT name, email" . "\n FROM #__users" . "\n WHERE LOWER( usertype ) = 'superadministrator'" . "\n OR LOWER( usertype ) = 'super administrator'";
$database->setQuery($query);
$rows = $database->loadObjectList();
$row2 = $rows[0];
$adminName2 = $row2->name;
$adminEmail2 = $row2->email;
}
// Send email to user
mosMail($adminEmail2, $adminName2, $email, $subject, $message);
// Send notification to all administrators
$subject2 = sprintf(_SEND_SUB, $name, $mosConfig_sitename);
$message2 = sprintf(_ASEND_MSG, $adminName2, $mosConfig_sitename, $row->name, $email, $username);
$subject2 = html_entity_decode($subject2, ENT_QUOTES);
$message2 = html_entity_decode($message2, ENT_QUOTES);
// get email addresses of all admins and superadmins set to recieve system emails
$query = "SELECT email, sendEmail" . "\n FROM #__users" . "\n WHERE ( gid = 24 OR gid = 25 )" . "\n AND sendEmail = 1" . "\n AND block = 0";
$database->setQuery($query);
$admins = $database->loadObjectList();
foreach ($admins as $admin) {
// send email to admin & super admin set to recieve system emails
mosMail($adminEmail2, $adminName2, $admin->email, $subject2, $message2);
}
if ($mosConfig_useractivation == 1) {
echo _REG_COMPLETE_ACTIVATE;
} else {
echo _REG_COMPLETE;
}
}
function sendEmail($gid)
{
DOCMAN_token::check() or die('Invalid Token');
// this is a generic mass mail sender to groups members.
// From frontend you will find a email to group function specific for a document.
global $database, $my, $mosConfig_sitename;
global $mosConfig_mailfrom, $mosConfig_fromname;
$this_index = 'index2.php?option=com_docman§ion=groups';
$message = mosGetParam($_POST, "mm_message", '');
$subject = mosGetParam($_POST, "mm_subject", '');
$leadin = mosGetParam($_POST, "mm_leadin", '');
if (!$message || !$subject) {
mosRedirect($this_index . '&task=emailgroup&gid=' . $gid, _DML_FILL_FORM);
}
$usertmp = trim(strtolower($my->usertype));
if ($usertmp != "super administrator" && $usertmp != "superadministrator" && $usertmp != "manager") {
mosRedirect("index2.php", _DML_ONLY_ADMIN_EMAIL);
}
// Get the 'TO' list of addresses
$database->setQuery("SELECT * " . "\n FROM #__docman_groups " . "\n WHERE groups_id=" . (int) $gid);
$email_group = $database->loadObjectList();
$database->setQuery("SELECT id,name,username,email " . "\n FROM #__users" . "\n WHERE id in ( " . $email_group[0]->groups_members . ")" . "\n AND email !=''");
$listofusers = $database->loadObjectList();
if (!count($listofusers)) {
mosRedirect($this_index, _DML_NO_TARGET_EMAIL . " " . $email_groups[0]->name);
}
// Get 'FROM' sending email address (Use default)
if (!$mosConfig_mailfrom) {
$database->setQuery("SELECT email " . "\n FROM #__users " . "\n WHERE id=" . $my->id);
$my->email = $database->loadResult();
echo $database->getErrorMsg();
$mosConfig_mailfrom = $my->email;
}
// Build e-mail message format
$message = ($leadin ? stripslashes($leadin) . "\r\n\r\n" : '') . stripslashes($message);
$subject = stripslashes($subject);
// ------- Obsolete: ...kept for historical purposes....
// $headers = "MIME-Version: 1.0\r\n"
// . "From: " .$mosConfig_sitename." <".$my->email.">\r\n"
// . "Reply-To: ".$mosConfig_sitename." <".$my->email.">\r\n"
// . "X-Priority: 3\r\n"
// . "X-MSMail-Priority: Low\r\n"
// . "X-Mailer: DOCman\r\n"
// ;
// mail($emailtosend->email, $subject, $message, $headers);
// TO: SUBJECT: (message) Headers
// ------------ Send email using standard mosMail function
foreach ($listofusers as $emailtosend) {
mosMail($mosConfig_mailfrom, $mosConfig_fromname, $emailtosend->email, $subject, $message);
}
mosRedirect($this_index, _DML_EMAIL_SENT_TO . " " . count($listofusers) . " " . _DML_USERS);
}
/**
* Add a comment to the medium.
*
* @param string $uname
* @param string $comment
* @return void
* @access public
*/
function addComment($uname, $comment)
{
global $database, $zoom, $Itemid, $catid, $key, $mainframe, $mosConfig_live_site;
$comment = str_replace("'", "'", $comment);
if (!$zoom->EditMon->isEdited($this->_id, 'comment')) {
$uname = $zoom->cleanString($uname);
$comment = $zoom->cleanString($comment);
if (strlen($comment) > $zoom->_CONFIG['cmtLength']) {
$comment = substr($comment, 0, $zoom->_CONFIG['cmtLength'] - 4) . "...";
}
$database->setQuery("INSERT INTO #__zoom_comments (imgid,cmtname,cmtcontent,cmtdate) VALUES ('" . $this->_id . "','" . $zoom->escapeString($uname) . "','" . $zoom->escapeString($comment) . "', NOW() )");
$database->query();
$zoom->EditMon->setEditMon($this->_id, 'comment');
$subject = "New comments added!";
$body = "Name: " . $uname . "\n\nComment: " . $comment . "\n\nLink: " . sefReltoAbs($mosConfig_live_site . "/index.php?option=com_zoom&Itemid=" . $Itemid . "&page=view&catid=" . $catid . "&key=" . $key);
$database->setQuery("SELECT b.email AS email FROM #__zoomfiles a, #__users b WHERE a.imgid=" . $this->_id . " AND a.uid=b.id");
$result = $database->loadResult();
$sentmail = mosMail('', '', $result, $subject, $body);
echo "<script language=\"JavaScript\" type=\"text/JavaScript\"> alert('" . html_entity_decode(_ZOOM_ALERT_COMMENTOK) . "'); </script>";
} else {
echo "<script language=\"JavaScript\" type=\"text/JavaScript\"> alert('" . html_entity_decode(_ZOOM_ALERT_COMMENTERROR) . "'); </script>";
}
// reload/ refill comments array...
$this->getComments();
}
function sendMail($mail)
{
$app =& JFactory::getApplication();
$sent = mosMail($app->getCfg('mailfrom'), $app->getCfg('fromname'), $mail->mail_address, $mail->mail_subject, $mail->mail_body);
if (!$sent) {
$query = "UPDATE #__lms_notifications SET sent=-1 WHERE id={$mail->id}";
} else {
$query = "UPDATE #__lms_notifications SET sent=1 WHERE id={$mail->id}";
}
$this->db->setQuery($query);
$this->db->query();
}
function saveMessage($option)
{
global $database, $mainframe, $my, $mosConfig_absolute_path;
global $mosConfig_mailfrom, $mosConfig_fromname;
require_once $mosConfig_absolute_path . "/includes/mambofunc.php";
$row = new mosMessage($database);
if (!$row->bind($_POST)) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
require_once mamboCore::get('mosConfig_absolute_path') . '/includes/phpInputFilter/class.inputfilter.php';
$iFilter = new InputFilter(null, null, 1, 1);
$row->subject = trim($iFilter->process($row->subject));
$row->message = trim($iFilter->process($row->message));
if (!$row->send()) {
mosRedirect("index2.php?option=com_messages&mosmsg=" . $row->getError());
}
$msg = $row->subject . ' - ' . $row->message;
$sql = "SELECT a.id, a.name, a.email" . "\nFROM #__users AS a" . "\nWHERE a.sendEmail = '1'" . "\nAND a.id = '" . $row->user_id_to . "'";
$database->setQuery($sql);
$rows = $database->loadObjectList();
if ($rows) {
foreach ($rows as $row) {
$recipient = $row->email;
$subject = "New private message from " . $row->name;
mosMail($mosConfig_mailfrom, $mosConfig_fromname, $recipient, $subject, $msg);
}
}
mosRedirect("index2.php?option=com_messages");
}
function saveRegistration($option)
{
global $database, $my, $acl;
global $mosConfig_sitename, $mosConfig_live_site, $mosConfig_useractivation, $mosConfig_allowUserRegistration;
global $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_mailfrom, $mosConfig_fromname;
if ($mosConfig_allowUserRegistration == '0') {
mosNotAuth();
return;
}
$row = new mosUser($database);
if (!$row->bind($_POST, 'usertype')) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
mosMakeHtmlSafe($row);
$row->id = 0;
$row->usertype = 'Registered';
$row->gid = $acl->get_group_id('Registered', 'ARO');
if ($mosConfig_useractivation == '1') {
$row->activation = md5(mosMakePassword());
$row->block = '1';
}
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$pwd = $row->password;
$row->password = md5($row->password);
$row->registerDate = date("Y-m-d H:i:s");
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
$row->checkin();
$name = $row->name;
$email = $row->email;
$username = $row->username;
$subject = sprintf(T_('Account details for %s at %s'), $name, $mosConfig_sitename);
$subject = html_entity_decode($subject, ENT_QUOTES);
$mambothandler =& mosMambotHandler::getInstance();
$mambothandler->loadBotGroup('authenticator');
if ($mosConfig_useractivation == "1") {
$message = sprintf(T_('Hello %s,
Thank you for registering at %s. Your account has been created but, as a precaution, it must be activated by you before you can use it.
To activate the account click on the following link or copy and paste it in your browser:
%s
After activation you may login to %s using the following username and password:
Username - %s
Password - %s'), $name, $mosConfig_sitename, $mosConfig_live_site . "/index.php?option=com_registration&task=activate&activation=" . $row->activation, $mosConfig_live_site, $username, $pwd);
$loginfo = new mosLoginDetails($username, $pwd);
$mambothandler->trigger('userRegister', array($loginfo));
} else {
$message = sprintf(T_("Hello %s,\n\nThank you for registering at %s.\n\nYou may now login to %s using the username and password you registered with."), $name, $mosConfig_sitename, $mosConfig_live_site);
$loginfo = new mosLoginDetails($username, $pwd);
$mambothandler->trigger('userRegister', array($loginfo));
$mambothandler->trigger('userActivate', array($loginfo));
}
$message = html_entity_decode($message, ENT_QUOTES);
// Send email to user
if ($mosConfig_mailfrom != "" && $mosConfig_fromname != "") {
$adminName2 = $mosConfig_fromname;
$adminEmail2 = $mosConfig_mailfrom;
} else {
$database->setQuery("SELECT name, email FROM #__users" . "\n WHERE usertype='super administrator'");
$rows = $database->loadObjectList();
$row2 = $rows[0];
$adminName2 = $row2->name;
$adminEmail2 = $row2->email;
}
mosMail($adminEmail2, $adminName2, $email, $subject, $message);
// Send notification to all administrators
$subject2 = sprintf(T_('Account details for %s at %s'), $name, $mosConfig_sitename);
$message2 = sprintf(T_('Hello %s,
A new user has registered at %s.
This email contains their details:
Name - %s
e-mail - %s
Username - %s
Please do not respond to this message as it is automatically generated and is for information purposes only'), $adminName2, $mosConfig_sitename, $row->name, $email, $username);
$subject2 = html_entity_decode($subject2, ENT_QUOTES);
$message2 = html_entity_decode($message2, ENT_QUOTES);
// get superadministrators id
$admins = $acl->get_group_objects(25, 'ARO');
foreach ($admins['users'] as $id) {
$database->setQuery("SELECT email, sendEmail FROM #__users" . "\n WHERE id='{$id}'");
$rows = $database->loadObjectList();
$row = $rows[0];
if ($row->sendEmail) {
mosMail($adminEmail2, $adminName2, $row->email, $subject2, $message2);
}
}
if ($mosConfig_useractivation == "1") {
echo '<div class="componentheading">' . T_('Registration Complete') . '</div><br />';
echo T_('Your account has been created and an activation link has been sent to the e-mail address you entered. Note that you must activate the account by clicking on the activation link before you can login.');
} else {
echo '<div class="componentheading">' . T_('Registration Complete') . '</div><br />';
echo T_('You may now login.');
}
}
function saveUser($option, $task)
{
global $database, $my, $acl;
global $mosConfig_live_site, $mosConfig_mailfrom, $mosConfig_fromname, $mosConfig_sitename;
$row = new mosUser($database);
if (!$row->bind($_POST)) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
exit;
}
// sanitize
$row->id = intval($row->id);
$row->gid = intval($row->gid);
$isNew = !$row->id;
$pwd = '';
// disallow super administrator blocking self
$super_gid = $acl->get_group_id('super administrator');
if ($row->id == $my->id && $my->gid == $super_gid) {
$row->block = 0;
}
// MD5 hash convert passwords
if ($isNew) {
// new user stuff
if ($row->password == '') {
$pwd = mosMakePassword();
$row->password = md5($pwd);
} else {
$pwd = $row->password;
$row->password = md5($row->password);
}
$row->registerDate = date('Y-m-d H:i:s');
} else {
// existing user stuff
if ($row->password == '') {
// password set to null if empty
$row->password = null;
} else {
$pwd = $row->password;
$row->password = md5($pwd);
}
}
// save usertype to usetype column
$query = "SELECT name" . "\n FROM #__core_acl_aro_groups" . "\n WHERE group_id = {$row->gid}";
$database->setQuery($query);
$usertype = $database->loadResult();
$row->usertype = $usertype;
if (!$row->check()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
exit;
}
if (!$row->store()) {
echo "<script> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
exit;
}
$row->checkin();
$loginfo = new mosLoginDetails($row->username, $pwd);
$mambothandler =& mosMambotHandler::getInstance();
$mambothandler->loadBotGroup('authenticator');
// update the ACL
if (!$isNew) {
if ($pwd) {
$mambothandler->trigger('userChange', array($loginfo));
}
if ($row->block) {
$mambothandler->trigger('userBlock', array($loginfo));
} else {
$mambothandler->trigger('userUnblock', array($loginfo));
}
$query = "SELECT aro_id FROM #__core_acl_aro WHERE value='{$row->id}'";
$database->setQuery($query);
$aro_id = $database->loadResult();
$query = "UPDATE #__core_acl_groups_aro_map" . "\n SET group_id = '{$row->gid}'" . "\n WHERE aro_id = '{$aro_id}'";
$database->setQuery($query);
$database->query() or die($database->stderr());
}
// for new users, email username and password
if ($isNew) {
$mambothandler->trigger('userRegister', array($loginfo));
$mambothandler->trigger('userActivate', array($loginfo));
if ($row->block) {
$mambothandler->trigger('userBlock', array($loginfo));
}
$query = "SELECT email FROM #__users WHERE id={$my->id}";
$database->setQuery($query);
$adminEmail = $database->loadResult();
$subject = T_('New User Details');
$message = sprintf(T_('Hello %s,
You have been added as a user to %s by an Administrator.
This email contains your username and password to log into the %s
Username - %s
Password - %s
Please do not respond to this message as it is automatically generated and is for information purposes only'), $row->name, $mosConfig_sitename, $mosConfig_live_site, $row->username, $pwd);
if ($mosConfig_mailfrom != "" && $mosConfig_fromname != "") {
$adminName = $mosConfig_fromname;
$adminEmail = $mosConfig_mailfrom;
} else {
$query = "SELECT name, email FROM #__users WHERE usertype='super administrator'";
$database->setQuery($query);
$rows = $database->loadObjectList();
$row = $rows[0];
$adminName = $row->name;
$adminEmail = $row->email;
}
mosMail($adminEmail, $adminName, $row->email, $subject, $message);
}
switch ($task) {
case 'apply':
$msg = sprintf(T_('Successfully Saved changes to User: %s'), $row->name);
mosRedirect('index2.php?option=com_users&task=editA&hidemainmenu=1&id=' . $row->id, $msg);
case 'save':
default:
$msg = sprintf(T_('Successfully Saved User: %s'), $row->name);
mosRedirect('index2.php?option=com_users', $msg);
break;
}
}
/**
* Send the ecard(-link) to the friend the user entered.
*
* @return boolean
* @access public
*/
function send()
{
global $mosConfig_live_site, $mosConfig_host, $Itemid, $_SERVER;
$messageUrl = sefRelToAbs($mosConfig_live_site . "/index.php?option=com_zoom&Itemid=" . $Itemid . "&page=ecard&task=viewcard&ecdid=" . $this->_id);
$subject = _ZOOM_ECARD_SUBJ . " " . $this->_from_name;
$msg = "{$this->_to_name},\n\n";
$msg .= $this->_from_name . " " . _ZOOM_ECARD_MSG1 . " " . $mosConfig_live_site . "\n\n";
$msg .= html_entity_decode(_ZOOM_ECARD_MSG2) . "\n\n";
$msg .= "URL: {$messageUrl}\n\n";
$msg .= html_entity_decode(_ZOOM_ECARD_MSG3) . "\n";
$msg .= "\n\n\n\n\n";
$msg .= "------------------------------------------------------------------------------------------------------------------\n";
$msg .= "| zOOm Media Gallery! - a multi-gallery component\n";
$msg .= "| copyright (C) 2004-2006 by Mike de Boer, http://www.zoomfactory.org\n";
$msg .= "------------------------------------------------------------------------------------------------------------------";
$from = $mosConfig_live_site;
if (mosMail($this->_from_email, $this->_from_name, $this->_to_email, $subject, $msg)) {
return true;
} else {
return false;
}
}
