$code .= '</div>';
$code .= '<div class="clear"></div>';
$code .= '</div>';
$code .= '</div>';
$data['code'] = $code;
$data['cid'] = $cid;
$data['bid'] = $bid;
$_SESSION['b_comment_added'] = time();
$sql = "SELECT b.UID, b.title, s.email, u.blog_comment \n FROM blog AS b, users_prefs AS u, signup AS s \n WHERE b.BID = " . $bid . " \n AND b.UID = u.UID \n AND b.UID = s.UID \n LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() === 1) {
$prefs_b_comment = $rs->fields['blog_comment'];
if ($prefs_b_comment == '1') {
$email = $rs->fields['email'];
$title = $rs->fields['title'];
require $config['BASE_DIR'] . '/classes/file.class.php';
require $config['BASE_DIR'] . '/classes/email.class.php';
$blog_link = '<a href="' . $config['BASE_URL'] . '/blog/' . $bid . '/' . prepare_string($title) . '">' . $config['BASE_URL'] . '/blog/' . $bid . '/' . prepare_string($title) . '</a>';
$search = array('{$username}', '{$site_title}', '{$site_name}', '{$baseurl}', '{$blog_link}');
$replace = array($_SESSION['username'], $config['site_title'], $config['site_name'], $config['BASE_URL'], $blog_link);
$mail = new VMail();
$mail->sendPredefined($email, 'blog_comment', $search, $replace);
}
}
}
} else {
$data['msg'] = $lang['ajax.comment_login'];
}
}
echo json_encode($data);
die;
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() === 1) {
$title = prepare_string($rs->fields['title']);
$video_url = $config['BASE_URL'] . '/video/' . $video_id . '/' . $title;
$sql = "SELECT * FROM emailinfo WHERE email_id='player_email' LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() === 1) {
require $config['BASE_DIR'] . '/classes/email.class.php';
require $config['BASE_DIR'] . '/classes/file.class.php';
$subject = $rs->fields['email_subject'];
$path = $config['BASE_DIR'] . '/templates/' . $rs->fields['email_path'];
$body = VFile::read($path);
$search = array('{$site_name}', '{$video_url}', '{$message}');
$replace = array($config['site_name'], $video_url, $message);
$body = str_replace($search, $replace, $body);
$mail = new VMail();
$mail->From = $from;
$mail->FromName = $from;
$mail->Sender = $from;
$mail->AddReplyTo($from);
$mail->Subject = $subject;
$mail->AltBody = $body;
$mail->Body = nl2br($body);
$mail->AddAddress($to);
$mail->Send();
}
}
}
}
}
if (defined('_DEBUG') && _DEBUG) {
$sql = "UPDATE signup SET total_friends = total_friends-1, popularity = popularity-2 WHERE UID = " . $uid . " LIMIT 1";
$conn->execute($sql);
$sql = "UPDATE signup SET points = points-2 WHERE UID = " . $fid . " LIMIT 1";
$conn->execute($sql);
$message = $lang['ajax.reject_friend_success'];
$sql = "SELECT u.username, u.email, p.friend_request FROM signup AS u, users_prefs AS p \n WHERE u.UID = " . $fid . " AND u.UID = p.UID LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() === 1 && $rs->fields['friend_request'] == '1') {
$to = $rs->fields['email'];
$receiver = $rs->fields['username'];
$sql = "SELECT username FROM signup WHERE UID = " . $uid . " LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() === 1) {
$username = $rs->fields['username'];
require $config['BASE_DIR'] . '/classes/email.class.php';
$mail = new VMail();
$search = array('{$site_title}', '{$username}', '{$baseurl}', '{$site_name}', '{$receiver}');
$replace = array($config['site_title'], $username, $config['BASE_URL'], $config['site_name'], $receiver);
$mail->sendPredefined($to, 'request_rejected', $search, $replace);
}
}
} else {
$message = $lang['ajax.reject_friend_missing'];
}
} else {
$message = $lang['ajax.reject_friend_login'];
}
} else {
$message = 'Invalid request!?';
}
echo $message;
function send_album_approve_email($album_id)
{
global $config, $conn;
$sql = "SELECT a.AID, a.name, s.username, s.email FROM albums AS a, signup AS s\n\t WHERE a.AID = " . intval($album_id) . " AND a.UID = s.UID\n\t\t\t\t LIMIT 1";
$rs = $conn->execute($sql);
$aid = intval($rs->fields['AID']);
$name = $rs->fields['name'];
$username = $rs->fields['username'];
$email = $rs->fields['email'];
$album_url = $config['BASE_URL'] . '/album/' . $aid . '/' . prepare_string($name);
$album_link = '<a href="' . $album_url . '">' . $album_url . '</a>';
$search = array('{$site_title}', '{$site_name}', '{$username}', '{$album_link}', '{$baseurl}');
$replace = array($config['site_title'], $config['site_name'], $username, $album_link, $config['BASE_URL']);
if (!class_exists('VMail')) {
require $config['BASE_DIR'] . '/classes/email.class.php';
}
$mail = new VMail();
$mail->sendPredefined($email, 'video_approve', $search, $replace);
}
$sql = "SELECT email FROM signup WHERE username = '******' LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows()) {
$email = $rs->fields['email'];
} else {
$errors[] = 'Username does not exist!';
}
}
}
if ($subject == '') {
$errors[] = 'Subject field cannot be empty!';
} elseif ($message == '') {
$errors[] = 'Email message cannot be empty!';
}
if (!$errors) {
$mail = new VMail();
$mail->set();
$mail->Subject = $subject;
$mail->AltBody = $message;
$mail->Body = nl2br($message);
$mail->AddAddress($rs->fields['email']);
if ($mail->Send()) {
$messages[] = 'Email was successfuly sent to <b>' . $username . '</b>!';
} else {
$errors[] = 'Failed to send email! Please check your <a href="index.php?m=mail">Mail Settings</a> and make sure the provided email is valid!';
}
}
}
$htmlCode = isset($_POST['htmlCode']) ? trim($_POST['htmlCode']) : NULL;
$editor->set_code($htmlCode);
$smarty->assign('email', $email);
public function sign()
{
$errors = array();
$VLog = new VLog();
$data = $VLog->getSignData();
if ($data) {
$bool = true;
foreach ($data as $elem) {
if ($elem == "" && $bool) {
$errors[] = 1;
$bool = false;
}
}
if ($data['password'] != $data['r_password']) {
$errors[] = 2;
$bool = false;
}
if ($bool) {
$n = ucfirst($data['name']);
$s = ucfirst($data['surname']);
$SSN = strtoupper($data['ssn']);
$p = $data['phone'];
$m = strtolower($data['mail']);
$pass = $data['password'];
try {
$b = new DateTime($data['birth']);
$now = new DateTime();
$diff = $now->diff($b);
if (intval($diff->format('%Y')) < 18) {
$errors[] = 6;
$bool = false;
} else {
$new_user = new DUser($n, $s, $SSN, $p, $m, $b, $pass);
}
} catch (Exception $e) {
$errors[] = 3;
$bool = false;
}
}
} else {
$errors[] = 1;
}
$n_errors = count($errors);
if ($n_errors == 0) {
$FUser = new FUser();
$hypS = $FUser->is_a_user($SSN);
//controlla se c'è già un utente con quel codice fiscale
if ($hypS) {
$errors[] = 4;
$bool = false;
}
$hypM = $FUser->mail_in($m);
if ($hypM) {
$errors[] = 7;
$bool = false;
}
if (!$hypS && !$hypM) {
try {
global $config;
$Mailer = new UEmail();
$VMail = new VMail();
$VMail->setLayout("confirmation");
$VMail->setDest("{$n} {$s}");
$VMail->setCode($new_user->getCode());
$message = $VMail->processTemplate();
if ($Mailer->send_mail($m, $n, $config['name'] . " confirmation mail", $message, true)) {
$FUser->saveUser($new_user);
//salva il nuovo utente (o aggiorna i campi nelle tabella person per un cliente ancora non utente)
} else {
$errors[] = 5;
$bool = false;
}
} catch (Exception $e) {
$errors[] = 5;
$bool = false;
}
}
}
if ($bool) {
return $this->show('sign_outcome', false);
} else {
return $this->show('sign_outcome', $errors);
}
}
require 'classes/email.class.php';
$passwd = VRandom::generate(8);
$password = md5($passwd);
$sql = "SELECT username FROM signup WHERE email = '" . mysql_real_escape_string($email) . "' LIMIT 1";
$rs = $conn->execute($sql);
$username = $rs->fields['username'];
$sql = "UPDATE signup SET pwd = '" . mysql_real_escape_string($password) . "'\n WHERE username = '******' LIMIT 1";
$conn->execute($sql);
$smarty->assign('receiver_name', $username);
$smarty->assign('password', $passwd);
$sql = "SELECT * FROM emailinfo WHERE email_id = 'recover_password' LIMIT 1";
$rs = $conn->execute($sql);
$subject = str_replace('{$site_name}', $config['site_name'], $rs->fields['email_subject']);
$email_path = $config['BASE_DIR'] . '/templates/' . $rs->fields['email_path'];
$body = $smarty->fetch($email_path);
$mail = new VMail();
$mail->set();
$mail->Subject = $subject;
$mail->AltBody = $body;
$mail->Body = nl2br($body);
$mail->AddAddress($email);
$mail->Send();
$messages[] = $lang['lost.msg'];
}
}
$smarty->assign('errors', $errors);
$smarty->assign('messages', $messages);
$smarty->assign('menu', 'home');
$smarty->assign('self_title', $seo['lost_title']);
$smarty->assign('self_description', $seo['lost_desc']);
$smarty->assign('self_keywords', $seo['lost_keywords']);
$search = array('{$site_title}', '{$username}', '{$baseurl}', '{$site_name}', '{$receiver}');
$replace = array($config['site_title'], $username, $config['BASE_URL'], $config['site_name'], $receiver);
$mail = new VMail();
$mail->sendPredefined($to, 'request_approved', $search, $replace);
}
}
} else {
$sql = "INSERT INTO friends ( UID, FID, message, invite_date, status )\n \t VALUES (" . $user_id . ", " . $uid . ", '" . mysql_real_escape_string($msg) . "', '" . date('Y-m-d') . "', 'Pending')";
$conn->execute($sql);
$sql = "SELECT p.friend_request, s.email, s.username FROM users_prefs AS p, signup AS s\n \t WHERE p.UID = " . $user_id . " AND p.UID = s.UID LIMIT 1";
$rs = $conn->execute($sql);
$friend_request = $rs->fields['friend_request'];
$to = $rs->fields['email'];
$receiver = $rs->fields['username'];
if ($friend_request == '1') {
require $config['BASE_DIR'] . '/classes/email.class.php';
$search = array('{$username}', '{$site_name}', '{$baseurl}', '{$receiver}');
$replace = array($_SESSION['username'], $config['site_name'], $config['BASE_URL'], $receiver);
$mail = new VMail();
$mail->sendPredefined($to, 'friend_request', $search, $replace);
}
$response = show_msg($lang['ajax.invite_friend_sent']);
}
}
}
} else {
$response = show_err($lang['ajax.invite_friend_login']);
}
}
echo $response;
die;
}
$src = $config['BASE_DIR'] . '/media/photos/tmb/' . $album_cover_id . '.jpg';
$dst = $config['BASE_DIR'] . '/media/albums/' . $album_id . '.jpg';
$image->process($src, $dst, 'MAX_WIDTH', 400, 0);
$image->resize(true, true);
$sql = "UPDATE albums SET total_photos = " . intval($photos) . " WHERE AID = " . $album_id . " LIMIT 1";
$conn->execute($sql);
$sql = "UPDATE channel SET total_albums = total_albums+1 WHERE CHID = " . $category . " LIMIT 1";
$conn->execute($sql);
$sql = "UPDATE signup SET total_albums = total_albums+1, points = points+5 WHERE UID = " . $uid . " LIMIT 1";
$conn->execute($sql);
$album_url = $config['BASE_URL'] . '/album/' . $album_id . '/' . prepare_string($name);
$album_link = '<a href="' . $album_url . '">' . $album_url . '</a>';
$search = array('{$site_title}', '{$site_name}', '{$username}', '{$album_link}', '{$baseurl}');
$replace = array($config['site_title'], $config['site_name'], $_SESSION['username'], $album_link, $config['BASE_URL']);
$mail = new VMail();
if ($config['approve'] == '0') {
$mail->sendPredefined($_SESSION['email'], 'photo_approve', $search, $replace);
} else {
$mail->sendPredefined($_SESSION['email'], 'photo_upload', $search, $replace);
}
$album['name'] = '';
$album['category'] = 0;
$album['tags'] = '';
$album['anonymous'] = 'no';
$album['type'] = 'public';
if ($config['approve_photos'] == '1') {
$messages[] = translate('upload.album_approve', $config['site_name']);
} else {
$messages[] = translate('upload.album_success', $config['site_name'], $album_url, htmlspecialchars($name, ENT_QUOTES, 'UTF-8'));
}
if ($conn->Affected_Rows() == 1) {
$sql = "UPDATE friends SET status = 'Confirmed' WHERE UID = " . $uid . " AND FID = " . $fid . " LIMIT 1";
$conn->execute($sql);
$sql = "INSERT INTO friends ( UID, FID, invite_date, status)\n VALUES (" . $fid . ", " . $uid . ", '" . date('Y-m-d') . "', 'Confirmed')";
$conn->execute($sql);
$sql = "UPDATE signup SET total_friends = total_friends+1, popularity = popularity+3 WHERE UID = " . $uid . " LIMIT 1";
$conn->execute($sql);
$sql = "UPDATE signup SET total_friends = total_friends+1, points = points+2 WHERE UID = " . $fid . " LIMIT 1";
$conn->execute($sql);
$sql = "SELECT u.username, u.email, p.friend_request FROM signup AS u, users_prefs AS p\n WHERE u.UID = " . $fid . " AND u.UID = p.UID LIMIT 1";
$rs = $conn->execute($sql);
$message = $lang['ajax.accept_friend_success'];
if ($conn->Affected_Rows() === 1 && $rs->fields['friend_request'] == '1') {
$to = $rs->fields['email'];
$receiver = $rs->fields['username'];
$sql = "SELECT username FROM signup WHERE UID = " . $uid . " LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() === 1) {
$username = $rs->fields['username'];
require $config['BASE_DIR'] . '/classes/email.class.php';
$search = array('{$site_title}', '{$username}', '{$baseurl}', '{$site_name}', '{$receiver}');
$replace = array($config['site_title'], $username, $config['BASE_URL'], $config['site_name'], $receiver);
$mail = new VMail();
$mail->sendPredefined($to, 'request_approved', $search, $replace);
}
}
}
}
}
echo $message;
die;
$conn->execute($sql);
$sql = "INSERT INTO users_online (UID, online) VALUES (" . $uid . ", " . time() . ")";
$conn->execute($sql);
$code = VRandom::generate(10, 'confirmation');
$sql = "INSERT INTO confirm (UID, code) VALUES (" . $uid . ",'" . mysql_real_escape_string($code) . "')";
$conn->execute($sql);
$sql = "SELECT email_subject, email_path FROM emailinfo\n WHERE email_id = 'verify_email' LIMIT 1";
$rs = $conn->execute($sql);
$email_subject = str_replace('{$site_name}', $config['site_name'], $rs->fields['email_subject']);
$email_path = $config['BASE_DIR'] . '/templates/' . $rs->fields['email_path'];
$smarty->assign('username', $username);
$smarty->assign('password', $password_clear);
$smarty->assign('uid', $uid);
$smarty->assign('code', $code);
$body = $smarty->fetch($email_path);
$mail = new VMail();
$mail->setNoReply();
$mail->Subject = $email_subject;
$mail->AltBody = $body;
$mail->Body = nl2br($body);
$mail->AddAddress($email);
$mail->Send();
$mail->ClearAddresses();
$sql = "SELECT email_subject, email_path FROM emailinfo\n WHERE email_id = 'welcome' LIMIT 1";
$rs = $conn->execute($sql);
$email_subject = str_replace('{$site_title}', $config['site_title'], $rs->fields['email_subject']);
$email_path = $rs->fields['email_path'];
$body = $smarty->fetch($config['BASE_DIR'] . '/templates/' . $email_path);
$mail->Subject = $email_subject;
$mail->AltBody = $body;
$mail->Body = nl2br($body);
$message = NULL;
if (isset($_POST['email_users'])) {
$subject = trim($_POST['subject']);
$message = trim($_POST['htmlCode']);
if ($subject == '') {
$errors[] = 'Subject field cannot be empty!';
} elseif ($message == '') {
$errors[] = 'Email message cannot be empty!';
}
if (!$errors) {
$email_errors = array();
$sql = "SELECT email FROM signup WHERE account_status = 'Active'";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows()) {
while (!$rs->EOF) {
$mail = new VMail();
$mail->set();
$mail->Subject = $subject;
$mail->AltBody = $message;
$mail->Body = nl2br($message);
$mail->AddAddress($rs->fields['email']);
if (!$mail->Send()) {
$email_errors[] = $rs->fields['email'];
}
$mail->ClearAddresses();
$rs->movenext();
}
} else {
$errors[] = 'No users! Is this your new site? :-)';
}
if (!$errors) {
$errors[] = $lang['global.message_empty'];
$err['message'] = 1;
} elseif (mb_strlen($message) > 1000) {
$errors[] = translate('message_length', '1000');
$err['email'] = 1;
} else {
$feedback['message'] = $message;
}
if ($_SESSION['captcha_code'] != strtoupper($code)) {
$errors[] = $lang['global.verif_invalid'];
$err['captcha'] = 1;
}
if (!$errors) {
require $config['BASE_DIR'] . '/classes/email.class.php';
$message = "Department: " . $department . "\n\nMessage: " . $message;
$mail = new VMail();
$mail->From = $email;
$mail->FromName = $name;
$mail->Sender = $email;
$mail->AddReplyTo($email, $name);
$mail->Subject = 'Feedback from ' . htmlspecialchars($name);
$mail->AltBody = $message;
$mail->Body = nl2br($message);
$mail->AddAddress($config['admin_email']);
$mail->Send();
$messages[] = $lang['feedback.sent'];
}
}
$smarty->assign('errors', $errors);
$smarty->assign('err', $err);
$smarty->assign('messages', $messages);
VRedirect::go($config['BASE_URL'] . '/siteadmin/index.php');
} else {
$err = 'Invalid username and/or password!';
}
}
}
if (isset($_POST['submit_forgot'])) {
if (!isset($_SESSION['email_forgot'])) {
$_SESSION['email_forgot'] = 1;
}
if ($_SESSION['email_forgot'] == 3) {
$err = 'Please try again later!';
}
if ($err == '') {
require '../classes/email.class.php';
$mail = new VMail();
$mail->set();
$mail->Subject = 'Your ' . $config['site_name'] . ' administrator username and password!';
$message = 'Username: '******'admin_name'] . "\n";
$message .= 'Password: '******'admin_pass'] . "\n";
$mail->AltBody = $message;
$mail->Body = nl2br($message);
$mail->AddAddress($config['admin_email']);
$mail->Send();
$msg = 'Email was successfuly sent!';
}
$_SESSION['email_forgot'] = $_SESSION['email_forgot'] + 1;
}
$smarty->assign('msg', $msg);
$smarty->assign('err', $err);
$smarty->display('header.tpl');
$uid = $rs->fields['UID'];
$username = $rs->fields['username'];
$code = VRandom::generate(10, 'confirmation');
$sql = "DELETE FROM confirm WHERE UID = " . $uid;
$conn->execute($sql);
$sql = "INSERT INTO confirm (UID, code) VALUES (" . $uid . ",'" . mysql_real_escape_string($code) . "')";
$conn->execute($sql);
$sql = "SELECT email_subject, email_path FROM emailinfo \n WHERE email_id = 'verify_email' LIMIT 1";
$rs = $conn->execute($sql);
$email_subject = str_replace('{$site_name}', $config['site_name'], $rs->fields['email_subject']);
$email_path = $config['BASE_DIR'] . '/templates/' . $rs->fields['email_path'];
$smarty->assign('username', $username);
$smarty->assign('uid', $uid);
$smarty->assign('code', $code);
$body = $smarty->fetch($email_path);
$mail = new VMail();
$mail->setNoReply();
$mail->Subject = $email_subject;
$mail->AltBody = $body;
$mail->Body = nl2br($body);
$mail->AddAddress($email);
$mail->Send();
$messages[] = $lang['confirm.success'];
}
}
$smarty->assign('errors', $errors);
$smarty->assign('messages', $messages);
$smarty->assign('menu', 'home');
$smarty->assign('self_title', $seo['confirm_title']);
$smarty->assign('self_description', $seo['confirm_desc']);
$smarty->assign('self_keywords', $seo['confirm_keywords']);
$sql_add[] = "'" . mysql_real_escape_string($user) . "'";
}
$sql = "SELECT email FROM signup WHERE username in (" . implode(',', $sql_add) . ")";
$rs = $conn->execute($sql);
$users_emails = $rs->getrows();
foreach ($users_emails as $user) {
$emails[] = $user['email'];
}
}
if (!$emails) {
$data['msg'] = show_err_mb($lang['ajax.share_recipient_valid']);
} else {
$sql = "SELECT title FROM game WHERE GID = " . $game_id . " LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$title = $rs->fields['title'];
$url = '<a href="' . $config['BASE_URL'] . '/game/' . $game_id . '/' . prepare_string($title) . '">' . $config['BASE_URL'] . '/game/' . $game_id . '/' . prepare_string($title) . '</a>';
$search = array('{$site_name}', '{$site_title}', '{$sender_name}', '{$message}', '{$baseurl}', '{$game_link}');
$replace = array($config['site_name'], $config['site_title'], $from, $message, $config['BASE_URL'], $url);
$mail = new VMail();
$mail->sendPredefined($emails, 'share_game', $search, $replace);
$data['status'] = 1;
$data['msg'] = show_msg_mb($lang['ajax.share_success']);
} else {
$data['msg'] = show_err_mb($lang['ajax.share_game_failed']);
}
}
}
}
echo json_encode($data);
die;