/** * Shows the email form for a given content item. */ function emailContentForm($uid) { global $database, $mainframe, $my; $row = new mosContent($database); $row->load($uid); if ($row->id === null || $row->access > $my->gid) { mosNotAuth(); return; } else { $template = ''; $database->setQuery("SELECT template FROM #__templates_menu WHERE client_id = '0' AND menuid = '0'"); $template = $database->loadResult(); HTML_content::emailForm($row->id, $row->title, $template); } }
/** * Shows the email form for a given content item. * @param int The content item id */ function emailContentForm($uid, $gid) { global $database, $mosConfig_hideEmail; $id = intval(mosGetParam($_REQUEST, 'id', 0)); if ($id) { $query = 'SELECT attribs FROM #__content WHERE `id`=' . $id; $database->setQuery($query); $params = new mosParameters($database->loadResult()); } else { $params = new mosParameters(''); } $email = intval($params->get('email', 0)); if ($mosConfig_hideEmail && !$email) { echo _NOT_AUTH; return; } $itemid = intval(mosGetParam($_GET, 'itemid', 0)); $now = _CURRENT_SERVER_TIME; $nullDate = $database->getNullDate(); // query to check for state and access levels $query = "SELECT a.*, cc.name AS category, s.name AS section, s.published AS sec_pub, cc.published AS cat_pub," . "\n s.access AS sec_access, cc.access AS cat_access, s.id AS sec_id, cc.id as cat_id" . "\n FROM #__content AS a" . "\n LEFT JOIN #__categories AS cc ON cc.id = a.catid" . "\n LEFT JOIN #__sections AS s ON s.id = cc.section AND s.scope = 'content'" . "\n WHERE a.id = " . (int) $uid . "\n AND a.state = 1" . "\n AND a.access <= " . (int) $gid . "\n AND ( a.publish_up = " . $database->Quote($nullDate) . " OR a.publish_up <= " . $database->Quote($now) . " )" . "\n AND ( a.publish_down = " . $database->Quote($nullDate) . " OR a.publish_down >= " . $database->Quote($now) . " )"; $database->setQuery($query); $row = NULL; if ($database->loadObject($row)) { /* * check whether category is published */ if (!$row->cat_pub && $row->catid) { mosNotAuth(); return; } /* * check whether section is published */ if (!$row->sec_pub && $row->sectionid) { mosNotAuth(); return; } /* * check whether category access level allows access */ if ($row->cat_access > $gid && $row->catid) { mosNotAuth(); return; } /* * check whether section access level allows access */ if ($row->sec_access > $gid && $row->sectionid) { mosNotAuth(); return; } $query = "SELECT template" . "\n FROM #__templates_menu" . "\n WHERE client_id = 0" . "\n AND menuid = 0"; $database->setQuery($query); $template = $database->loadResult(); HTML_content::emailForm($row->id, $row->title, $template, $itemid); } else { mosNotAuth(); return; } }