// checking semi_logged_in is important to avoid abuse } else { if (Request::get('email1') && Request::get('email2') && $_SESSION['semi_logged_in'] == Request::option('uid')) { if (Request::get('email1') == Request::get('email2')) { // change mail require_once 'lib/edit_about.inc.php'; $tmp_user = User::find(Request::option('uid')); $send = edit_email($tmp_user, Request::quoted('email1'), True); if ($send[0]) { $_SESSION['semi_logged_in'] = False; head(PageLayout::getTitle()); printf(_('An %s wurde ein Aktivierungslink geschickt.'), Request::quoted('email1')); footer(); } else { head(_('Fehler'), True); echo parse_msg($send[1]); footer(); head(PageLayout::getTitle()); reenter_mail(); footer(); } } else { head(PageLayout::getTitle()); printf('<b>%s</b>', _('Die eingegebenen E-Mail-Adressen stimmen nicht überein. Bitte überprüfen Sie Ihre Eingabe.')); reenter_mail(); footer(); } } else { // this never happens unless someone manipulates urls (or the presented link within the mail is broken) head(PageLayout::getTitle()); echo _('Der Aktivierungsschlüssel, der übergeben wurde, ist nicht korrekt.');
<? if ($msg) : ?> <?php echo parse_msg($msg); ?> <? endif ?> <table class="default nohover"> <tr> <td valign="top"> <?php echo $avatar; ?> <br> <br> <?php echo _('Profilbesuche:'); ?> <?php echo object_return_views($current_user->user_id); ?> <br> <? if(!empty($score) && !empty($score_title)) :?> <br> <a href="<?php echo URLhelper::getLink("dispatch.php/score"); ?> " <?php echo tooltip(_("Zur Rangliste")); ?> ><?php echo _("Stud.IP-Punkte:"); ?>
$message = MessageBox::info(_('Gefundene Einrichtungen:'), $found_items); } else { $message = MessageBox::info(_('Es konnte keine Einrichtung gefunden werden, die Ihrer Suchanfrage entspricht.')); } PageLayout::postMessage($message); } ?> <h1><?php echo _('Suche nach Einrichtungen'); ?> </h1> <? if ($msg) { echo "\n<table width=\"99%\" border=\"0\" cellpadding=\"2\" cellspacing=\"0\">"; parse_msg ($msg,"§","blank",1,false); echo "\n</table>"; } $the_tree->showTree(); $sidebar = Sidebar::get(); $sidebar->setImage('sidebar/institute-sidebar.png'); $search = new SearchWidget('?cmd=suche'); $search->addNeedle(_('Name der Einrichtung'), 'search_name'); $search->addNeedle(_('Einrichtung dieses Mitarbeiters'), 'search_user'); $search->addNeedle(_('Einrichtung dieser Veranstaltung'), 'search_sem'); $sidebar->addWidget($search); $template = $GLOBALS['template_factory']->open('layouts/base.php'); $template->content_for_layout = ob_get_clean();
function parse_msg($mail_part) { $retval = array(); $mail_part = explode("\r\n\r\n", $mail_part, 2); $mail_part_header = $mail_part[0] . "\r\n"; $mail_part_header = preg_replace('/\\r\\n\\s+/', ' ', $mail_part_header); $mail_part_body = $mail_part[1]; if (preg_match('/^Content-Type:\\s*(.*?)\\/(.*?)\\s*(?:$|;).*$/im', $mail_part_header, $line)) { $retval['type'] = trim(strtolower($line[1])); $retval['subtype'] = trim(strtolower($line[2])); if ($retval['type'] == 'multipart') { if (preg_match('/boundary=(?:")?([^;"\\s\\n]*?)(?:")?\\s*(?:$|;)/im', $line[0], $match)) { $retval['boundary'] = $match[1]; } $sub_content = explode('--' . $retval['boundary'], $mail_part_body); $mail_part_body = array(); for ($i = 1; $i < count($sub_content); $i++) { $sub_body = parse_msg($sub_content[$i]); if (is_array($sub_body['body']) || trim($sub_body['body'])) { $mail_part_body[] = $sub_body; } } } if (preg_match('/charset=(?:")?([^;"\\s\\n]*?)(?:")?\\s*(?:$|;)/im', $line[0], $match)) { $retval['charset'] = $match[1]; } if (preg_match('/name=(?:")?([^;"]*?)(?:")?\\s*(?:$|;)/im', $line[0], $match)) { $retval['name'] = $match[1]; } } if (preg_match('/^Content-Transfer-Encoding:\\s*(.*?)\\s*(?:$|;).*$/im', $mail_part_header, $line)) { $retval['encodings'] = strtolower($line[1]); } if (preg_match('/^Content-Disposition:\\s*(.*?)\\s*(?:$|;).*$/im', $mail_part_header, $line)) { $retval['disposition'] = strtolower($line[1]); if (preg_match('/filename=(?:")?([^;"]*?)(?:")?\\s*(?:$|;)/im', $line[0], $match)) { $retval['filename'] = $match[1]; } } $mail_part_headers = explode("\r\n", $mail_part_header); foreach ($mail_part_headers as $line) { if (preg_match('/^(.+?):\\s*(.*)$/', $line, $match)) { $retval['header'][strtolower($match[1])][] = $match[2]; } } $retval['body'] = $mail_part_body; return $retval; }
?> --> </td> </tr> <? } else { ?> <input type="hidden" name="select_old" value="<? if ($_SESSION['links_admin_data']['select_old']) echo "TRUE" ?> "> <input type="hidden" name="select_inactive" value="<? if ($_SESSION['links_admin_data']['select_inactive']) echo "TRUE" ?>"> <? } ?> <? if (! empty($message)) : ?> <tr> <td class="blank" colspan=5> <? parse_msg($message); ?> </td> </tr> <? endif; ?> </table> </form> <? //} // display Seminar-List //if ($_SESSION['links_admin_data']['srch_on'] || $auth->auth["perm"] =="tutor" || $auth->auth["perm"] == "dozent") { if(isset($admin_view)){ URLHelper::bindLinkParam('admin_view',$admin_view); } //Suchresultate abholen: $results = AdminList::getInstance()->getSearchResults();
<? if ($msg) parse_msg($msg); ?> <? if(!empty($flash['delete'])) : ?> <?php echo createQuestion2(sprintf(_('Wollen Sie die/den "%s" wirklich austragen?'), $status_groups[$flash['status']]), array('users' => $flash['delete']), array(), $controller->url_for(sprintf('course/members/cancel_subscription/collection/%s', $flash['status']))); ?> <? endif ?> <? if (count($dozenten) > 0) : ?> <?php echo $this->render_partial('course/members/dozent_list'); ?> <? endif ?> <? if (count($tutoren) > 0) : ?> <br /> <?php echo $this->render_partial('course/members/tutor_list'); ?> <? endif ?> <? if ($is_tutor && $semAdmissionEnabled) : ?> <p style="float: right"> <? //TODO?> <strong><?php echo _('Teilnahmebeschränkte Veranstaltung'); ?> </strong> - <?php echo _('max. Teilnehmeranzahl'); ?>
// Hauptteil if (!isset($range_id)) $range_id = $SessSemName[1] ; //JS Routinen einbinden, wenn benoetigt. Wird in der Funktion gecheckt, ob noetig... JS_for_upload(); //we need this <body> tag, sad but true :) echo "\n<body onUnLoad=\"STUDIP.OldUpload.upload_end()\">"; ?> <table cellspacing="0" cellpadding="0" border="0" width="100%" id="main_content"> <? if ($msg) { echo "<tr><td class='blank' colspan=3> "; parse_msg($msg); echo "</td></tr>"; } if ($question) { echo $question; } //Ordner die fehlen, anlegen: Allgemeiner, wenn nicht da, Ordner zu Terminen, die keinen Ordner haben if ($rechte){ if ($folder_system_data['mode']){ $module_check = new Modules(); $my_sem = $my_inst = array(); foreach(search_range('%') as $key => $value){ if ($module_check->getStatus('documents', $key, $value['type']) && $key != $SessSemName[1]){ if ($value['type'] == 'sem'){ $my_sem[$key] = $value['name'];
echo sprintf($size_of_book == 1 ? _('(%d Eintrag)') : _('(%d Einträge)'), $size_of_book); ?> </a> <? endif; ?> </td> <td align="right"> <span class="actions"> <?php echo $mp; ?> </span> </td> </tr> <? // TODO: Get rid of this. if ($_SESSION['sms_msg']): parse_msg ($_SESSION['sms_msg']); $_SESSION['sms_msg'] = ''; endif; ?> </table> </form> <table align="center" width="100%"> <tr> <td align="middle" > <? if ($contact['view'] == 'alpha'): ?> <?php echo $this->render_partial('contact/header-alpha'); ?> <? elseif ($contact['view'] == 'gruppen'): ?>
echo "</td></tr></table>"; } } else { $msg="error§" . _("Sie haben leider nicht die notwendige Berechtigung für diese Aktion."); } } else { PageLayout::setHelpKeyword("Basis.SuchenArchiv"); // dann eben den Rest... ?> <table width="100%" border="0" cellpadding="2" cellspacing="0"> <? if ($msg) { parse_msg($msg); } ?> <tr> <td class="blank" > <? if (isset($message)) : ?> <?php echo MessageBox::success($message, $details); ?> <? endif ?> <form name="search" method="post" action="<?php echo URLHelper::getLink(); ?> " > <?php echo CSRFProtection::tokenTag(); ?> <table class="default" border=0 cellspacing=0 cellpadding=2>
<section id="lit_edit_element"> <? if ($msg) : ?> <table width="99%" border="0" cellpadding="2" cellspacing="0"> <?php echo parse_msg($msg, '§', 'blank', 1, false); ?> </table> <? endif ?> <?php echo $form->getFormStart(URLHelper::getLink('dispatch.php/literature/edit_element?_catalog_id=' . $catalog_id), array('class' => 'studip-form', 'data-dialog' => '')); ?> <h1><?php echo $element->isNewEntry() ? _("Neuer Eintrag") : _('Eintrag'); ?> </h1> <? if (!$element->isNewEntry()) : ?> <p> <?php echo sprintf(_('Anzahl an Referenzen für diesen Eintrag: %s'), (int) $element->reference_count); ?> <br> <b><?php echo $element->getValue('user_id') == 'studip' ? _('Systemeintrag:') : _('Eingetragen von:'); ?> </b><br> <?php echo $element->getValue('user_id') == 'studip' ? _('Dies ist ein vom System generierter Eintrag.') : get_fullname($element->getValue("user_id"), 'full', true); ?> <br>
function send_newsletter($type, $subject, $msg) { global $unsubscribe_msg, $sender_email, $users_table, $_POST; if ($type == "html") { $result = @mysql_query("SELECT * FROM {$users_table} WHERE email_type='html'") or die(mysql_error()); while ($row = mysql_fetch_array($result)) { $send_msg = $msg . "\n\n" . parse_msg($unsubscribe_msg, $row[email]); $send_msg = nl2br($send_msg); $send_msg = stripslashes($send_msg); $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headers .= 'From: ' . $sender_email . '' . "\r\n" . 'Reply-To: ' . $sender_email . "\r\n"; $sender = '-f' . $sender_email . ''; mail($row[email], $_POST[html_subject], $send_msg, $headers, $sender); } } else { if ($type == "text") { $result = @mysql_query("SELECT * FROM {$users_table} WHERE email_type='text'"); while ($row = mysql_fetch_array($result)) { $send_msg = $msg . "\n\n" . parse_msg($unsubscribe_msg, $row[email]); $send_msg = stripslashes($send_msg); $headers = 'From: ' . $sender_email . '' . "\r\n" . 'Reply-To: ' . $sender_email . "\r\n"; $sender = '-f' . $sender_email . ''; mail($row[email], $_POST[text_subject], $send_msg, $headers, $sender); } } } }
<? # Lifter010: TODO use Studip\Button, Studip\LinkButton; ?> <!-- SEARCHBOX --> <form action="<?php echo URLHelper::getLink(); ?> " method="post"> <?php echo CSRFProtection::tokenTag(); ?> <? if($sms_msg): ?> <? parse_msg($sms_msg); ?> <? endif; ?> <!-- form zur wahl der institute --> <table class="default nohover"> <caption> <?php echo _('Suche nach Personen'); ?> </caption> <colgroup> <col width="25%"> <col width="75%"> </colgroup> <tbody> <? if (count($institutes)): ?>
// unsubscribe user $remove = @mysql_query("DELETE FROM {$users_table} WHERE email='" . $email . "'"); $send_msg = parse_msg($success_msg[2], $email); $headers = 'From: ' . $sender_email . '' . "\r\n" . 'Reply-To: ' . $sender_email . "\r\n"; $sender = '-f' . $sender_email . ''; mail($email, $subject[2], $send_msg, $headers, $sender); echo "<center><b>You have successfully been removed from this list</b></center>"; } } else { if ($_GET[action] == "sub") { // check existing email if (db_num($users_table, "email='{$email}'") > 0) { echo "<center><font color=\"red\"><b>This email address is already subscribed to this newsletter</b></center>"; } else { // subscribe user if (empty($_GET[email_type]) || !checkEmail($email)) { echo "<center><font color=\"red\"><b>Be sure you enter an email type (HTML/Text) and make sure your email address entered is a valid email</b></font></center>"; } else { $insert = @mysql_query("INSERT INTO {$users_table} VALUES ('" . (db_max($users_table) + 1) . "', '" . $email . "', '" . $_GET[email_type] . "', '" . time() . "')"); $send_msg = parse_msg($success_msg[1], $email); $headers = 'From: ' . $sender_email . '' . "\r\n" . 'Reply-To: ' . $sender_email . "\r\n"; $sender = '-f' . $sender_email . ''; mail($email, $subject[1], $send_msg, $headers, $sender); echo "<center>You successfully subscribed <b>" . $email . "</b> to our newsletter. Thank you for signing up.</center>"; } } } } } } }