function MG_approveSubmission($media_id) { global $_CONF, $_TABLES, $LANG_MG01; $mid = addslashes($media_id); $owner_uid = DB_getItem($_TABLES['mg_mediaqueue'], 'media_user_id', "media_id='" . $mid . "'"); DB_delete($_TABLES['mg_mediaqueue'], 'media_id', $mid); $album_id = DB_getItem($_TABLES['mg_media_album_queue'], 'album_id', "media_id='" . $mid . "'"); DB_save($_TABLES['mg_media_albums'], 'album_id, media_id, media_order', "{$album_id}, '{$mid}', 0"); require_once $_CONF['path'] . 'plugins/mediagallery/include/sort.php'; MG_SortMedia($album_id); DB_delete($_TABLES['mg_media_album_queue'], 'media_id', $mid); $sql = "SELECT media_filename, media_type " . "FROM {$_TABLES['mg_media']} WHERE media_id='" . $mid . "'"; $result = DB_query($sql); list($media_filename, $media_type) = DB_fetchArray($result); $media_count = DB_getItem($_TABLES['mg_albums'], 'media_count', 'album_id=' . $album_id); $media_count++; DB_change($_TABLES['mg_albums'], 'media_count', $media_count, 'album_id', $album_id); MG_updateAlbumLastUpdate($album_id); $album_cover = DB_getItem($_TABLES['mg_albums'], 'album_cover', 'album_id=' . $album_id); if ($album_cover == -1 && $media_type == 0) { DB_change($_TABLES['mg_albums'], 'album_cover_filename', $media_filename, 'album_id', $album_id); } // email the owner / uploader that the item has been approved. COM_clearSpeedlimit(600, 'mgapprove'); $last = COM_checkSpeedlimit('mgapprove'); if ($last == 0) { $result2 = DB_query("SELECT username, fullname, email FROM {$_TABLES['users']} WHERE uid='" . $owner_uid . "'"); list($username, $fullname, $email) = DB_fetchArray($result2); if ($email != '') { $subject = $LANG_MG01['upload_approved']; $body = $LANG_MG01['upload_approved']; $body .= '<br' . XHTML . '><br' . XHTML . '>'; $body .= $LANG_MG01['thanks_submit']; $body .= '<br' . XHTML . '><br' . XHTML . '>'; $body .= $_CONF['site_name'] . '<br' . XHTML . '>'; $body .= $_CONF['site_url'] . '<br' . XHTML . '>'; $to = array(); $from = array(); $to = COM_formatEmailAddress($username, $email); $from = COM_formatEmailAddress($_CONF['site_name'], $_CONF['site_mail']); if (!COM_mail($to, $subject, $body, $from, true)) { COM_errorLog("Media Gallery Error - Unable to send queue notification email"); } COM_updateSpeedlimit('mgapprove'); } } // PLG_itemSaved($media_id, 'mediagallery'); // COM_rdfUpToDateCheck(); // COM_olderStuff(); return; }
function execute($comment) { global $result, $_CONF, $_USER, $LANG_SX00, $_SPX_CONF; if (isset($_USER['uid']) && $_USER['uid'] > 1) { $uid = $_USER['uid']; } else { $uid = 1; } $uid .= '@' . $_SERVER['REMOTE_ADDR']; $msg = sprintf($LANG_SX00['emailmsg'], $_CONF['site_name'], $uid, $comment); // Add headers of the spam post to help track down the source. // Function 'getallheaders' is not available when PHP is running as // CGI. Print the HTTP_... headers from $_SERVER array instead then. $msg .= "\n\n" . $LANG_SX00['headers'] . "\n"; if (function_exists('getallheaders')) { $headers = getallheaders(); foreach ($headers as $key => $content) { if (strcasecmp($key, 'Cookie') != 0) { $msg .= $key . ': ' . $content . "\n"; } } } else { foreach ($_SERVER as $key => $content) { if (substr($key, 0, 4) == 'HTTP') { if ($key != 'HTTP_COOKIE') { $msg .= $key . ': ' . $content . "\n"; } } } } $subject = sprintf($LANG_SX00['emailsubject'], $_CONF['site_name']); if (empty($_SPX_CONF['notification_email'])) { $email_address = $_CONF['site_mail']; } else { $email_address = $_SPX_CONF['notification_email']; } $to = array(); $to = COM_formatEmailAddress('', $email_address); COM_mail($to, $subject, $msg); $result = 8; SPAMX_log('Mail Sent to Admin'); return 0; }
/** * User request for a verification token - send email with a link and request id * * @param uid int userid of user who requested the new token * @param msg int index of message to display (if any) * @return string form or meta redirect * */ function requesttoken($uid, $msg = 0) { global $_CONF, $_SYSTEM, $_TABLES, $LANG04; if (!isset($_SYSTEM['verification_token_ttl'])) { $_SYSTEM['verification_token_ttl'] = 86400; } $retval = ''; $uid = (int) $uid; $result = DB_query("SELECT uid,username,email,passwd,status FROM {$_TABLES['users']} WHERE uid = " . (int) $uid . " AND (account_type & " . LOCAL_USER . ")"); $nrows = DB_numRows($result); if ($nrows == 1) { $A = DB_fetchArray($result); if ($_CONF['usersubmission'] == 1 && $A['status'] == USER_ACCOUNT_AWAITING_APPROVAL) { echo COM_refresh($_CONF['site_url'] . '/index.php?msg=48'); } $verification_id = USER_createActivationToken($uid, $A['username']); $activation_link = $_CONF['site_url'] . '/users.php?mode=verify&vid=' . $verification_id . '&u=' . $uid; $mailtext = $LANG04[168] . $_CONF['site_name'] . ".\n\n"; $mailtext .= $LANG04[170] . "\n\n"; $mailtext .= "----------------------------\n"; $mailtext .= $LANG04[2] . ': ' . $A['username'] . "\n"; $mailtext .= $LANG04[171] . ': ' . $_CONF['site_url'] . "\n"; $mailtext .= "----------------------------\n\n"; $mailtext .= sprintf($LANG04[172], $_SYSTEM['verification_token_ttl'] / 3600) . "\n\n"; $mailtext .= $activation_link . "\n\n"; $mailtext .= $LANG04[173] . "\n\n"; $mailtext .= $LANG04[174] . "\n\n"; $mailtext .= "--\n"; $mailtext .= $_CONF['site_name'] . "\n"; $mailtext .= $_CONF['site_url'] . "\n"; $subject = $_CONF['site_name'] . ': ' . $LANG04[16]; if ($_CONF['site_mail'] !== $_CONF['noreply_mail']) { $mailfrom = $_CONF['noreply_mail']; global $LANG_LOGIN; $mailtext .= LB . LB . $LANG04[159]; } else { $mailfrom = $_CONF['site_mail']; } $to = array(); $to = COM_formatEmailAddress('', $A['email']); $from = array(); $from = COM_formatEmailAddress('', $mailfrom); COM_mail($to, $subject, $mailtext, $from); COM_updateSpeedlimit('verifytoken'); if ($msg) { echo COM_refresh($_CONF['site_url'] . "/index.php?msg={$msg}"); } else { echo COM_refresh($_CONF['site_url'] . '/index.php'); } } else { COM_updateSpeedlimit('verifytoken'); echo COM_refresh($_CONF['site_url'] . '/users.php?mode=getnewtoken'); } return $retval; }
/** * This function actually sends the messages to the specified group * * @param array $vars Same as $_POST, holds all the email info * @return string HTML with success or error message * */ function send_messages($vars) { global $_CONF, $_TABLES, $LANG31; require_once $_CONF['path_system'] . 'lib-user.php'; $retval = ''; if (empty($vars['fra']) or empty($vars['fraepost']) or empty($vars['subject']) or empty($vars['message']) or empty($vars['to_group']) or strpos($vars['fra'], '@') !== false) { $retval .= COM_showMessageText($LANG31[26]); return $retval; } $to_group = COM_applyFilter($vars['to_group'], true); if ($to_group > 0) { $group_name = DB_getItem($_TABLES['groups'], 'grp_name', "grp_id = {$to_group}"); if (!SEC_inGroup($group_name)) { return COM_refresh($_CONF['site_admin_url'] . '/mail.php'); } } else { return COM_refresh($_CONF['site_admin_url'] . '/mail.php'); } // Urgent message! if (isset($vars['priority'])) { $priority = 1; } else { $priority = 0; } // If you want to send html mail if (isset($vars['html'])) { $html = true; } else { $html = false; } $groupList = implode(',', USER_getChildGroups($to_group)); // and now mail it if (isset($vars['overstyr'])) { $sql = "SELECT DISTINCT username,fullname,email FROM {$_TABLES['users']},{$_TABLES['group_assignments']} WHERE uid > 1"; $sql .= " AND {$_TABLES['users']}.status = 3 AND ((email IS NOT NULL) and (email != ''))"; $sql .= " AND {$_TABLES['users']}.uid = ug_uid AND ug_main_grp_id IN ({$groupList})"; } else { $sql = "SELECT DISTINCT username,fullname,email,emailfromadmin FROM {$_TABLES['users']},{$_TABLES['userprefs']},{$_TABLES['group_assignments']} WHERE {$_TABLES['users']}.uid > 1"; $sql .= " AND {$_TABLES['users']}.status = 3 AND ((email IS NOT NULL) and (email != ''))"; $sql .= " AND {$_TABLES['users']}.uid = {$_TABLES['userprefs']}.uid AND emailfromadmin = 1"; $sql .= " AND ug_uid = {$_TABLES['users']}.uid AND ug_main_grp_id IN ({$groupList})"; } $result = DB_query($sql); $nrows = DB_numRows($result); $from = COM_formatEmailAddress($vars['fra'], $vars['fraepost']); $subject = COM_stripslashes($vars['subject']); $message = COM_stripslashes($vars['message']); // Loop through and send the messages! $successes = array(); $failures = array(); for ($i = 0; $i < $nrows; $i++) { $A = DB_fetchArray($result); if (empty($A['fullname'])) { $to = COM_formatEmailAddress($A['username'], $A['email']); } else { $to = COM_formatEmailAddress($A['fullname'], $A['email']); } if (!COM_mail($to, $subject, $message, $from, $html, $priority)) { $failures[] = htmlspecialchars($to); } else { $successes[] = htmlspecialchars($to); } } $retval .= COM_startBlock($LANG31[1]); $failcount = count($failures); $successcount = count($successes); $mailresult = str_replace('<successcount>', $successcount, $LANG31[20]); $retval .= str_replace('<failcount>', $failcount, $mailresult); $retval .= '<h2>' . $LANG31[21] . '</h2>'; for ($i = 0; $i < count($failures); $i++) { $retval .= current($failures) . '<br' . XHTML . '>'; next($failures); } if (count($failures) == 0) { $retval .= $LANG31[23]; } $retval .= '<h2>' . $LANG31[22] . '</h2>'; for ($i = 0; $i < count($successes); $i++) { $retval .= current($successes) . '<br' . XHTML . '>'; next($successes); } if (count($successes) == 0) { $retval .= $LANG31[24]; } $retval .= COM_endBlock(); return $retval; }
/** * Custom email function for creating an email message in ISO-2022-JP */ function CUSTOM_mail($to, $subject, $message, $from = '', $html = false, $priority = 0, $cc = '') { global $_CONF, $LANG_CHARSET; static $mailobj; include_once 'Mail.php'; include_once 'Mail/RFC822.php'; if (defined('CUSTOM_MAIL_DEBUG')) { COM_errorLog('CUSTOM_mail: to=' . $to . ' subject=' . $subject); } // 余分なヘッダを追加されないように改行コードを削除 $to = substr($to, 0, strcspn($to, "\r\n")); $cc = substr($cc, 0, strcspn($cc, "\r\n")); $from = substr($from, 0, strcspn($from, "\r\n")); $subject = substr($subject, 0, strcspn($subject, "\r\n")); // Fromが空の場合は、サイト管理者のアドレスにする if (empty($from)) { $from = COM_formatEmailAddress($_CONF['site_name'], $_CONF['site_mail']); } // ヘッダをエスケープ(1.5.2では、この時点でエスケープ済み) // NOTE: version_compare(VERSION, '1.5.2')とすると、security releaseでは // 判定に失敗する preg_match("/^(\\d+\\.\\d+\\.\\d+).*\$/", VERSION, $match); if (version_compare($match[1], '1.5.2') < 0) { list($temp_to_comment, $temp_to_address) = CUSTOM_splitAddress($to); $to = CUSTOM_formatEmailAddress($temp_to_comment, $temp_to_address); list($temp_cc_comment, $temp_cc_address) = CUSTOM_splitAddress($cc); $cc = CUSTOM_formatEmailAddress($temp_cc_comment, $temp_cc_address); list($temp_from_comment, $temp_from_address) = CUSTOM_splitAddress($from); $from = CUSTOM_formatEmailAddress($temp_from_comment, $temp_from_address); $subject = CUSTOM_emailEscape($subject); } // 本文をエスケープ $message = CUSTOM_convertEncoding($message, CUSTOM_MAIL_ENCODING); $message = str_replace(array("\r\n", "\n", "\r"), CUSTOM_MAIL_BODY_LINEBREAK, $message); // メールオブジェクトを作成 $method = $_CONF['mail_settings']['backend']; if (!isset($mailobj)) { if ($method === 'sendmail' or $method === 'smtp') { $mailobj =& Mail::factory($method, $_CONF['mail_settings']); } else { $mailobj =& Mail::factory($method); } } // ヘッダ組み立て $headers = array(); $headers['From'] = $from; if ($method != 'mail') { $headers['To'] = $to; } if (!empty($cc)) { $headers['Cc'] = $cc; } $headers['Date'] = date('r'); // RFC822 formatted date if ($method === 'smtp') { list($usec, $sec) = explode(' ', microtime()); $m = substr($usec, 2, 5); $headers['Message-Id'] = '<' . date('YmdHis') . '.' . $m . '@' . $_CONF['mail_settings']['host'] . '>'; } if ($html) { $headers['Content-Type'] = 'text/html; charset=' . CUSTOM_MAIL_ENCODING; $headers['Content-Transfer-Encoding'] = '8bit'; } else { $headers['Content-Type'] = 'text/plain; charset=' . CUSTOM_MAIL_ENCODING; } $headers['Subject'] = $subject; if ($priority > 0) { $headers['X-Priority'] = $priority; } $headers['X-Mailer'] = 'Geeklog-' . VERSION . ' (' . CUSTOM_MAIL_ENCODING . ')'; $retval = $mailobj->send($to, $headers, $message); if ($retval !== true) { COM_errorLog($retval->toString(), 1); } return $retval === true; }
/** * User request for a verification token - send email with a link and request id * * @param uid int userid of user who requested the new token * @param msg int index of message to display (if any) * @return string form or meta redirect * */ function requesttoken($uid, $msg = 0) { global $_CONF, $_SYSTEM, $_TABLES, $LANG04; if (!isset($_SYSTEM['verification_token_ttl'])) { $_SYSTEM['verification_token_ttl'] = 86400; } $retval = ''; $uid = (int) $uid; $result = DB_query("SELECT uid,username,email,passwd,status FROM {$_TABLES['users']} WHERE uid = " . (int) $uid . " AND (account_type & " . LOCAL_USER . ")"); $nrows = DB_numRows($result); if ($nrows == 1) { $A = DB_fetchArray($result); if ($_CONF['usersubmission'] == 1 && $A['status'] == USER_ACCOUNT_AWAITING_APPROVAL) { echo COM_refresh($_CONF['site_url'] . '/index.php?msg=48'); } $verification_id = USER_createActivationToken($uid, $A['username']); $activation_link = $_CONF['site_url'] . '/users.php?mode=verify&vid=' . $verification_id . '&u=' . $uid; $T = new Template($_CONF['path_layout'] . 'email/'); $T->set_file(array('html_msg' => 'newuser_template_html.thtml', 'text_msg' => 'newuser_template_text.thtml')); $T->set_var(array('url' => $_CONF['site_url'] . '/users.php?mode=verify&vid=' . $verification_id . '&u=' . $uid, 'lang_site_or_password' => $LANG04[171], 'site_link_url' => $_CONF['site_url'], 'lang_activation' => sprintf($LANG04[172], $_SYSTEM['verification_token_ttl'] / 3600), 'lang_button_text' => $LANG04[203], 'title' => $_CONF['site_name'] . ': ' . $LANG04[16], 'site_name' => $_CONF['site_name'], 'username' => $A['username'])); $T->parse('output', 'html_msg'); $mailhtml = $T->finish($T->get_var('output')); $T->parse('output', 'text_msg'); $mailtext = $T->finish($T->get_var('output')); $msgData['htmlmessage'] = $mailhtml; $msgData['textmessage'] = $mailtext; $msgData['subject'] = $_CONF['site_name'] . ': ' . $LANG04[16]; $to = array(); $from = array(); $from = COM_formatEmailAddress($_CONF['site_name'], $_CONF['noreply_mail']); $to = COM_formatEmailAddress('', $A['email']); COM_mail($to, $msgData['subject'], $msgData['htmlmessage'], $from, true, 0, '', $msgData['textmessage']); COM_updateSpeedlimit('verifytoken'); if ($msg) { echo COM_refresh($_CONF['site_url'] . "/index.php?msg={$msg}"); } else { echo COM_refresh($_CONF['site_url'] . '/index.php'); } } else { COM_updateSpeedlimit('verifytoken'); echo COM_refresh($_CONF['site_url'] . '/users.php?mode=getnewtoken'); } return $retval; }
/** * Send an email. * * All emails sent by Geeklog are sent through this function. * * NOTE: Please note that using CC: will expose the email addresses of * all recipients. Use with care. * * @param string $to recipients name and email address * @param string $subject subject of the email * @param string $message the text of the email * @param string $from (optional) sender of the the email * @param boolean $html (optional) true if to be sent as HTML email * @param int $priority (optional) add X-Priority header, if > 0 * @param mixed $optional (optional) other headers or CC: * @return boolean true if successful, otherwise false * */ function COM_mail($to, $subject, $message, $from = '', $html = false, $priority = 0, $optional = null) { global $_CONF; static $mailobj; if (empty($from)) { $from = COM_formatEmailAddress($_CONF['site_name'], $_CONF['site_mail']); } $to = substr($to, 0, strcspn($to, "\r\n")); if ($optional != null && !is_array($optional)) { $optional = substr($optional, 0, strcspn($optional, "\r\n")); } $from = substr($from, 0, strcspn($from, "\r\n")); $subject = substr($subject, 0, strcspn($subject, "\r\n")); $subject = COM_emailEscape($subject); if (function_exists('CUSTOM_mail')) { return CUSTOM_mail($to, $subject, $message, $from, $html, $priority, $optional); } include_once 'Mail.php'; include_once 'Mail/RFC822.php'; $method = $_CONF['mail_settings']['backend']; if (!isset($mailobj)) { if ($method == 'sendmail' || $method == 'smtp') { $mailobj =& Mail::factory($method, $_CONF['mail_settings']); } else { $method = 'mail'; $mailobj =& Mail::factory($method); } } $charset = COM_getCharset(); $headers = array(); $headers['From'] = $from; if ($method != 'mail') { $headers['To'] = $to; } if ($optional != null && !is_array($optional) && !empty($optional)) { // assume old (optional) CC: header $headers['Cc'] = $optional; } $headers['Date'] = date('r'); // RFC822 formatted date if ($method == 'smtp') { list($usec, $sec) = explode(' ', microtime()); $m = substr($usec, 2, 5); $headers['Message-Id'] = '<' . date('YmdHis') . '.' . $m . '@' . $_CONF['mail_settings']['host'] . '>'; } if ($html) { $headers['Content-Type'] = 'text/html; charset=' . $charset; $headers['Content-Transfer-Encoding'] = '8bit'; } else { $headers['Content-Type'] = 'text/plain; charset=' . $charset; } $headers['Subject'] = $subject; if ($priority > 0) { $headers['X-Priority'] = $priority; } $headers['X-Mailer'] = 'Geeklog ' . VERSION; if (!empty($_SERVER['REMOTE_ADDR']) && !empty($_SERVER['SERVER_ADDR']) && $_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR']) { $url = COM_getCurrentURL(); if (substr($url, 0, strlen($_CONF['site_admin_url'])) != $_CONF['site_admin_url']) { $headers['X-Originating-IP'] = $_SERVER['REMOTE_ADDR']; } } // add optional headers last if ($optional != null && is_array($optional)) { foreach ($optional as $h => $v) { $headers[$h] = $v; } } $retval = $mailobj->send($to, $headers, $message); if ($retval !== true) { COM_errorLog($retval->toString(), 1); } return $retval === true ? true : false; }
public function testFormatEmailAddress() { // Line 3133 $email = COM_formatEmailAddress('John Doe', '*****@*****.**'); $formattedEmail = 'John Doe <*****@*****.**>'; $this->assertEquals($formattedEmail, $email); }
/** * This function used to send out reminders to users to access the site or account may be deleted * * @return string HTML with success or error message * */ function USER_sendReminders() { global $_CONF, $_TABLES, $LANG04, $LANG28; $msg = ''; $user_list = array(); if (isset($_POST['delitem'])) { $user_list = $_POST['delitem']; } $nusers = count($user_list); if (count($user_list) == 0) { $msg = $LANG28[79] . '<br/>'; } else { $c = 0; if (isset($_POST['delitem']) and is_array($_POST['delitem'])) { foreach ($_POST['delitem'] as $delitem) { $uid = COM_applyFilter($delitem); $useremail = DB_getItem($_TABLES['users'], 'email', "uid = '{$uid}'"); $username = DB_getItem($_TABLES['users'], 'username', "uid = '{$uid}'"); $lastlogin = DB_getItem($_TABLES['userinfo'], 'lastlogin', "uid = '{$uid}'"); $lasttime = COM_getUserDateTimeFormat($lastlogin); if (file_exists($_CONF['path_data'] . 'reminder_email.txt')) { $template = new Template($_CONF['path_data']); $template->set_file(array('mail' => 'reminder_email.txt')); $template->set_var('site_url', $_CONF['site_url']); $template->set_var('site_name', $_CONF['site_name']); $template->set_var('site_slogan', $_CONF['site_slogan']); $template->set_var('lang_username', $LANG04[2]); $template->set_var('username', $username); $template->set_var('name', COM_getDisplayName($uid)); $template->set_var('lastlogin', $lasttime[0]); $template->parse('output', 'mail'); $mailtext = $template->get_var('output'); } else { if ($lastlogin == 0) { $mailtext = $LANG28[83] . "\n\n"; } else { $mailtext = sprintf($LANG28[82], $lasttime[0]) . "\n\n"; } $mailtext .= sprintf($LANG28[84], $username) . "\n"; $mailtext .= sprintf($LANG28[85], $_CONF['site_url'] . '/users.php?mode=getpassword') . "\n\n"; } $subject = sprintf($LANG28[81], $_CONF['site_name']); if ($_CONF['site_mail'] !== $_CONF['noreply_mail']) { $mailfrom = $_CONF['noreply_mail']; global $LANG_LOGIN; $mailtext .= LB . LB . $LANG04[159]; } else { $mailfrom = $_CONF['site_mail']; } $to = array(); $to = COM_formatEmailAddress($username, $useremail); $from = array(); $from = COM_formatEmailAddress('', $mailfrom); if (COM_mail($to, $subject, $mailtext, $from)) { DB_query("UPDATE {$_TABLES['users']} SET num_reminders=num_reminders+1 WHERE uid={$uid}"); $c++; } else { COM_errorLog("Error attempting to send account reminder to user: {$username} ({$uid})"); } } } COM_numberFormat($c); // just in case we have more than 999).. $msg .= "{$LANG28[80]}: {$c}<br/>\n"; } return $msg; }
/** * Send an email notification when a new user registers with the site. * * @param username string User name of the new user * @param email string Email address of the new user * @param uid int User id of the new user * @param mode string Mode user was added at. * */ function USER_sendNotification($username, $email, $uid, $mode = 'inactive') { global $_CONF, $_USER, $_TABLES, $LANG01, $LANG04, $LANG08, $LANG28, $LANG29; $dt = new Date('now', $_USER['tzid']); $mailbody = "{$LANG04['2']}: {$username}\n" . "{$LANG04['5']}: {$email}\n" . "{$LANG28['14']}: " . $dt->format($_CONF['date'], true) . "\n\n"; if ($mode == 'inactive') { // user needs admin approval $mailbody .= "{$LANG01['10']} {$_CONF['site_admin_url']}/moderation.php\n\n"; } else { // user has been created, or has activated themselves: $mailbody .= "{$LANG29['4']} {$_CONF['site_url']}/users.php?mode=profile&uid={$uid}\n\n"; } $mailbody .= "\n------------------------------\n"; $mailbody .= "\n{$LANG08['34']}\n"; $mailbody .= "\n------------------------------\n"; $mailsubject = $_CONF['site_name'] . ' ' . $LANG29[40]; $to = array(); $to = COM_formatEmailAddress('', $_CONF['site_mail']); COM_mail($to, $mailsubject, $mailbody); }
/** * Email ad to a friend * * @param string $ad id of ad to email * @param string $to name of person / friend to email * @param string $toemail friend's email address * @param string $from name of person sending the email * @param string $fromemail sender's email address * @param string $shortmsg short intro text to send with the ad * @return string Meta refresh * * Modification History * * Date Author Description * ---- ------ ----------- * 4/17/01 Tony Bibbs Code now allows anonymous users to send email * and it allows user to input a message as well * Thanks to Yngve Wassvik Bergheim for some of * this code * */ function CLASSIFIEDS_mailAd($ad, $to, $toemail, $from, $fromemail, $shortmsg) { global $_CONF, $_TABLES, $LANG01, $LANG08; // check for correct $_CONF permission if (COM_isAnonUser() && $_CONF['loginrequired'] == 1) { return $retval; } // check mail speedlimit COM_clearSpeedlimit($_CONF['speedlimit'], 'mail'); if (COM_checkSpeedlimit('mail') > 0) { return $retval; } //Query ad $shortmsg = COM_stripslashes($shortmsg); $mailtext = sprintf($LANG08[23], $from, $fromemail) . LB; if (strlen($shortmsg) > 0) { $mailtext .= LB . sprintf($LANG08[28], $from) . $shortmsg . LB; } // just to make sure this isn't an attempt at spamming users ... $result = PLG_checkforSpam($mailtext, $_CONF['spamx']); if ($result > 0) { COM_updateSpeedlimit('mail'); COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden'); } $mailtext .= '------------------------------------------------------------' . LB . LB . COM_undoSpecialChars($story->displayElements('title')) . LB . strftime($_CONF['date'], $story->DisplayElements('unixdate')) . LB; if ($_CONF['contributedbyline'] == 1) { $author = COM_getDisplayName($story->displayElements('uid')); $mailtext .= $LANG01[1] . ' ' . $author . LB; } $introtext = $story->DisplayElements('introtext'); $bodytext = $story->DisplayElements('bodytext'); $introtext = COM_undoSpecialChars(strip_tags($introtext)); $bodytext = COM_undoSpecialChars(strip_tags($bodytext)); $introtext = str_replace(array("\n\r", "\r"), LB, $introtext); $bodytext = str_replace(array("\n\r", "\r"), LB, $bodytext); $mailtext .= LB . $introtext; if (!empty($bodytext)) { $mailtext .= LB . LB . $bodytext; } $mailtext .= LB . LB . '------------------------------------------------------------' . LB; if ($story->DisplayElements('commentcode') == 0) { // comments allowed $mailtext .= $LANG08[24] . LB . COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid . '#comments'); } else { // comments not allowed - just add the story's URL $mailtext .= $LANG08[33] . LB . COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid); } $mailto = COM_formatEmailAddress($to, $toemail); $mailfrom = COM_formatEmailAddress($from, $fromemail); $subject = 'Re: ' . COM_undoSpecialChars(strip_tags($story->DisplayElements('title'))); $sent = COM_mail($mailto, $subject, $mailtext, $mailfrom); if ($sent && isset($_POST['cc']) && $_POST['cc'] == 'on') { $ccmessage = sprintf($LANG08[38], $to); $ccmessage .= "\n------------------------------------------------------------\n\n" . $mailtext; $sent = COM_mail($mailfrom, $subject, $ccmessage, $mailfrom); } COM_updateSpeedlimit('mail'); return $retval; }
function fncsendmail($mode = "", $uidfrom = "", $uidto = "", $wkymlmguserflg = "") { global $_CONF; global $_TABLES; global $LANG_ASSIST_ADMIN; require_once $_CONF['path_system'] . 'lib-user.php'; //$html = true ; // If you want to send html mail $html = false; // If you want to send html mail /// Loop through and send the messages! //log 出力モード設定 0:作成しない,1:ファイルに出力 $logmode = 1; //$logfile = $_CONF['path_log'] . 'wkymlmguser.log'; $logfile = $_CONF['path_log'] . 'assist_newsletter.log'; $retval = ''; $fromname = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_fromname'"); $fromname = COM_stripslashes($fromname); $replyto = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_replyto'"); $replyto = COM_stripslashes($replyto); $sprefix = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_sprefix'"); $sprefix = COM_stripslashes($sprefix); $sid = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_sid'"); $sid = COM_stripslashes($sid); $testto = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_testto'"); $testto = COM_stripslashes($testto); $uidfrom = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_uidfrom'"); $uidfrom = COM_stripslashes($uidfrom); $uidto = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_uidto'"); $uidto = COM_stripslashes($uidto); //送信先環境 $toenv = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_toenv'"); $toenv = COM_stripslashes($toenv); //送信先グループ $selectgroup = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_selectgroup'"); $selectgroup = COM_stripslashes($selectgroup); // 冒頭文 本文 introbody $introbody = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_introbody'"); $introbody = COM_stripslashes($introbody); // ユーザの受信許可設定を無視して送る $overstyr = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_overstyr'"); $overstyr = COM_stripslashes($overstyr); $from = COM_formatEmailAddress($fromname, $replyto); $subject = DB_getItem($_TABLES['stories'], "title", "sid='{$sid}'"); $subject = $sprefix . $subject; if ($introbody == "1") { $message = DB_getItem($_TABLES['stories'], "bodytext", "sid='{$sid}'"); } else { $message = DB_getItem($_TABLES['stories'], "introtext", "sid='{$sid}'"); } $message = str_replace('<br' . XHTML . '>', LB, $message); $message = strip_tags($message); $failures = array(); $successes = array(); if ($mode == "test") { $message = $LANG_ASSIST_ADMIN['mail_test_message'] . LB . $message; $to = $testto; if (!COM_mail($to, $subject, $message, $from, $html, $priority)) { $failures[] = htmlspecialchars($to); $logentry = $LANG_ASSIST_ADMIN['mail_test_ng'] . $to; $dummy = LIB_OutLog($logentry, $logfile, $logmode); } else { $successes[] = htmlspecialchars($to); $logentry = $LANG_ASSIST_ADMIN['mail_test_ok'] . $to; $dummy = LIB_OutLog($logentry, $logfile, $logmode); } $retval = $logentry; } else { $sql = "SELECT DISTINCT t1.uid ,t1.email FROM "; //メルマガユーザか選択されたグループの登録ユーザか if ($selectgroup === "99999") { if ($wkymlmguserflg) { $sql .= $_TABLES['wkymlmguser'] . " AS t1 " . LB; $sql .= " where " . LB; if ($uidfrom != "0") { $sql .= " (t1.uid between " . $uidfrom . " and " . $uidto . ")" . LB; } } else { $err = "メルマガプラグインが有効ではありません"; return $err; } } else { $groupList = implode(',', USER_getChildGroups($selectgroup)); $sql .= "{$_TABLES['users']} AS t1 " . LB; $sql .= ",{$_TABLES['userprefs']} AS t2 " . LB; $sql .= ",{$_TABLES['group_assignments']} AS t3 " . LB; $sql .= " where " . LB; $sql .= " (t1.uid = t2.uid ) " . LB; $sql .= " AND (t1.uid >1) " . LB; $sql .= " AND (t1.status =3) " . LB; // ユーザの受信許可設定を無視して送る でなければ if ($overstyr != "1") { $sql .= " AND (t2.emailfromadmin =1) " . LB; } //指定グループ $sql .= " AND (t1.uid = t3.ug_uid) AND t3.ug_main_grp_id IN ({$groupList})" . LB; if ($uidfrom != "0") { $sql .= " AND (t1.uid between " . $uidfrom . " and " . $uidto . ")" . LB; } } //--- $sql .= " order by uid " . LB; $result = DB_query($sql); if ($result !== false) { $result = DB_query($sql); $nrows = DB_numRows($result); for ($i = 0; $i < $nrows; $i++) { $A = DB_fetchArray($result); //送付先環境のチェック if ($toenv == '1') { // PCのみ if (LIB_mail_is_mobile($A['email'])) { continue; } } elseif ($toenv == '2') { // 携帯のみ if (!LIB_mail_is_mobile($A['email'])) { continue; } } // $to = $A['email']; if (!COM_mail($to, $subject, $message, $from, $html, $priority)) { $failures[] = htmlspecialchars($to); $logentry = "NG uid:{$A['uid']} mail:{$A['email']}"; $dummy = LIB_OutLog($logentry, $logfile, $logmode); } else { $successes[] = htmlspecialchars($to); $logentry = "OK uid:{$A['uid']} mail:{$A['email']}"; $dummy = LIB_OutLog($logentry, $logfile, $logmode); } } } $failcount = count($failures); $successcount = count($successes); $retval .= $LANG_ASSIST_ADMIN['mail_send_success'] . "=" . $successcount . $LANG_ASSIST_ADMIN['mail_send_failure'] . "=" . $failcount . "<br>"; } return $retval; }
/** * This function actually sends the messages to the specified group * * @param array $vars Same as $_POST, holds all the email info * @return string HTML with success or error message * */ function MAIL_sendMessages($vars) { global $_CONF, $_TABLES, $LANG31; USES_lib_user(); $retval = ''; $html = 0; $message = $vars['message']; if ($vars['postmode'] == 'html') { $html = true; } $usermode = (int) $vars['to_uid'] > 0 && (int) $vars['to_group'] == 0 ? true : false; if (empty($vars['fra']) or empty($vars['fraepost']) or empty($vars['subject']) or empty($message) or empty($vars['to_group']) && empty($vars['to_uid'])) { $retval .= COM_showMessageText($LANG31[26], $LANG31[1], true); $msg = htmlspecialchars($vars['message'], ENT_COMPAT, COM_getEncodingt()); $subject = htmlspecialchars($vars['subject'], ENT_COMPAT, COM_getEncodingt()); $fra = htmlspecialchars($vars['fra'], ENT_COMPAT, COM_getEncodingt()); $fraepost = htmlspecialchars($vars['fraepost'], ENT_COMPAT, COM_getEncodingt()); $retval .= MAIL_displayForm($vars['to_uid'], $vars['to_group'], $fra, $fraepost, $subject, $msg); return $retval; } // Urgent message! if (isset($vars['priority'])) { $priority = 1; } else { $priority = 0; } $toUsers = array(); if ($usermode) { $result = DB_query("SELECT email,username FROM {$_TABLES['users']} WHERE uid=" . (int) COM_applyFilter($vars['to_uid'], true)); if (DB_numRows($result) > 0) { list($email, $username) = DB_fetchArray($result); $toUsers[] = COM_formatEmailAddress($username, $email); } } else { $groupList = implode(',', USER_getChildGroups((int) COM_applyFilter($vars['to_group'], true))); // and now mail it if (isset($vars['overstyr'])) { $sql = "SELECT DISTINCT username,fullname,email FROM {$_TABLES['users']},{$_TABLES['group_assignments']} WHERE uid > 1"; $sql .= " AND {$_TABLES['users']}.status = 3 AND ((email is not null) and (email != ''))"; $sql .= " AND {$_TABLES['users']}.uid = ug_uid AND ug_main_grp_id IN ({$groupList})"; } else { $sql = "SELECT DISTINCT username,fullname,email,emailfromadmin FROM {$_TABLES['users']},{$_TABLES['userprefs']},{$_TABLES['group_assignments']} WHERE {$_TABLES['users']}.uid > 1"; $sql .= " AND {$_TABLES['users']}.status = 3 AND ((email is not null) and (email != ''))"; $sql .= " AND {$_TABLES['users']}.uid = {$_TABLES['userprefs']}.uid AND emailfromadmin = 1"; $sql .= " AND ug_uid = {$_TABLES['users']}.uid AND ug_main_grp_id IN ({$groupList})"; } $result = DB_query($sql); $nrows = DB_numRows($result); for ($i = 0; $i < $nrows; $i++) { $A = DB_fetchArray($result); if (empty($A['fullname'])) { $toUsers[] = COM_formatEmailAddress($A['username'], $A['email']); } else { $toUsers[] = COM_formatEmailAddress($A['fullname'], $A['email']); } } } $from = array(); $from = COM_formatEmailAddress($vars['fra'], $vars['fraepost']); $subject = $vars['subject']; // Loop through and send the messages! $successes = array(); $failures = array(); foreach ($toUsers as $to) { if (defined('DEMO_MODE')) { $successes[] = htmlspecialchars($to[0]); } else { if (!COM_mail($to, $subject, $message, $from, $html, $priority)) { $failures[] = htmlspecialchars($to[0]); } else { $successes[] = htmlspecialchars($to[0]); } } } $retval .= COM_startBlock($LANG31[1]); $failcount = count($failures); $successcount = count($successes); $mailresult = str_replace('<successcount>', $successcount, $LANG31[20]); $retval .= str_replace('<failcount>', $failcount, $mailresult); $retval .= '<h2>' . $LANG31[21] . '</h2>'; for ($i = 0; $i < count($failures); $i++) { $retval .= current($failures) . '<br/>'; next($failures); } if (count($failures) == 0) { $retval .= $LANG31[23]; } $retval .= '<h2>' . $LANG31[22] . '</h2>'; for ($i = 0; $i < count($successes); $i++) { $retval .= current($successes) . '<br/>'; next($successes); } if (count($successes) == 0) { $retval .= $LANG31[24]; } $retval .= COM_endBlock(); return $retval; }
/** * Email story to a friend * * @param string $sid id of story to email * @param string $to name of person / friend to email * @param string $toemail friend's email address * @param string $from name of person sending the email * @param string $fromemail sender's email address * @param string $shortmsg short intro text to send with the story * @return string Meta refresh * * Modification History * * Date Author Description * ---- ------ ----------- * 4/17/01 Tony Bibbs Code now allows anonymous users to send email * and it allows user to input a message as well * Thanks to Yngve Wassvik Bergheim for some of * this code * */ function mailstory($sid, $to, $toemail, $from, $fromemail, $shortmsg, $html = 0) { global $_CONF, $_TABLES, $_USER, $LANG01, $LANG08; $dt = new Date('now', $_USER['tzid']); $storyurl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid); if ($_CONF['url_rewrite']) { $retURL = $storyurl . '?msg=85'; } else { $retURL = $storyurl . '&msg=85'; } // check for correct $_CONF permission if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) { echo COM_refresh($retURL); exit; } // check if emailing of stories is disabled if ($_CONF['hideemailicon'] == 1) { echo COM_refresh($retURL); exit; } // check mail speedlimit COM_clearSpeedlimit($_CONF['speedlimit'], 'mail'); if (COM_checkSpeedlimit('mail') > 0) { echo COM_refresh($retURL); exit; } $filter = sanitizer::getInstance(); if ($html) { $filter->setPostmode('html'); } else { $filter->setPostmode('text'); } $allowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_default']); $filter->setAllowedElements($allowedElements); $filter->setCensorData(true); $filter->setReplaceTags(true); $filter->setNamespace('glfusion', 'mail_story'); $sql = "SELECT uid,title,introtext,bodytext,commentcode,UNIX_TIMESTAMP(date) AS day,postmode FROM {$_TABLES['stories']} WHERE sid = '" . DB_escapeString($sid) . "'" . COM_getTopicSql('AND') . COM_getPermSql('AND'); $result = DB_query($sql); if (DB_numRows($result) == 0) { return COM_refresh($_CONF['site_url'] . '/index.php'); } $A = DB_fetchArray($result); $mailtext = sprintf($LANG08[23], $from, $fromemail) . LB; if (strlen($shortmsg) > 0) { if ($html) { $shortmsg = $filter->filterHTML($shortmsg); } $mailtext .= LB . sprintf($LANG08[28], $from) . $shortmsg . LB; } // just to make sure this isn't an attempt at spamming users ... $result = PLG_checkforSpam($mailtext, $_CONF['spamx']); if ($result > 0) { COM_updateSpeedlimit('mail'); COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden'); } $dt->setTimestamp($A['day']); if ($html) { $mailtext .= '<p>------------------------------------------------------------</p>' . '<p>' . COM_undoSpecialChars($A['title']) . '</p>' . '<p>' . $dt->format($_CONF['date'], true) . '</p>'; } else { $mailtext .= '------------------------------------------------------------' . LB . LB . COM_undoSpecialChars($A['title']) . LB . $dt->format($_CONF['date'], true) . LB; } if ($_CONF['contributedbyline'] == 1) { $author = COM_getDisplayName($A['uid']); $mailtext .= $LANG01[1] . ' ' . $author . LB; } if ($html) { $mailtext .= '<p>' . $filter->displayText($A['introtext']) . '<br />' . $filter->displayText($A['bodytext']) . '</p>' . '<p>------------------------------------------------------------</p>'; } else { $mailtext .= $filter->displayText($A['introtext']) . LB . $filter->displayText($A['bodytext']) . LB . LB . '------------------------------------------------------------' . LB; } if ($A['commentcode'] == 0) { // comments allowed $mailtext .= $LANG08[24] . LB . COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid . '#comments'); } else { // comments not allowed - just add the story's URL $mailtext .= $LANG08[33] . LB . COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid); } $mailto = array(); $mailfrom = array(); $mailto = COM_formatEmailAddress($to, $toemail); $mailfrom = COM_formatEmailAddress($from, $fromemail); $subject = COM_undoSpecialChars(strip_tags('Re: ' . $A['title'])); $rc = COM_mail($mailto, $subject, $mailtext, $mailfrom, $html); COM_updateSpeedlimit('mail'); if ($rc) { if ($_CONF['url_rewrite']) { $retval = COM_refresh($storyurl . '?msg=27'); } else { $retval = COM_refresh($storyurl . '&msg=27'); } } else { // Increment numemails counter for story DB_query("UPDATE {$_TABLES['stories']} SET numemails = numemails + 1 WHERE sid = '" . DB_escapeString($sid) . "'"); if ($_CONF['url_rewrite']) { $retval = COM_refresh($storyurl . '?msg=26'); } else { $retval = COM_refresh($storyurl . '&msg=26'); } } echo COM_refresh($retval); exit; }
/** * This will email new stories in the topics that the user is interested in * * In account information the user can specify which topics for which they * will receive any new article for in a daily digest. * * @return void */ function COM_emailUserTopics() { global $_CONF, $_USER, $_VARS, $_TABLES, $LANG04, $LANG08, $LANG24; if ($_CONF['emailstories'] == 0) { return; } $storytext = ''; $storytext_text = ''; USES_lib_story(); $subject = strip_tags($_CONF['site_name'] . $LANG08[30] . strftime('%Y-%m-%d', time())); $authors = array(); // Get users who want stories emailed to them $usersql = "SELECT username,email,etids,{$_TABLES['users']}.uid AS uuid, status " . "FROM {$_TABLES['users']}, {$_TABLES['userindex']} " . "WHERE {$_TABLES['users']}.uid > 1 AND {$_TABLES['userindex']}.uid = {$_TABLES['users']}.uid AND status=" . USER_ACCOUNT_ACTIVE . " AND (etids <> '-' OR etids IS NULL) ORDER BY {$_TABLES['users']}.uid"; $users = DB_query($usersql); $nrows = DB_numRows($users); if (!isset($_VARS['lastemailedstories'])) { $_VARS['lastemailedstories'] = 0; } $lastrun = $_VARS['lastemailedstories']; // For each user, pull the stories they want and email it to them for ($x = 0; $x < $nrows; $x++) { $U = DB_fetchArray($users); $storysql = "SELECT sid,uid,date AS day,title,introtext,bodytext"; $commonsql = " FROM {$_TABLES['stories']} WHERE draft_flag = 0 AND date <= NOW() AND date >= '{$lastrun}'"; $topicsql = "SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL('WHERE', $U['uuid']); $tresult = DB_query($topicsql); $trows = DB_numRows($tresult); if ($trows == 0) { // this user doesn't seem to have access to any topics ... continue; } $TIDS = array(); for ($i = 0; $i < $trows; $i++) { $T = DB_fetchArray($tresult); $TIDS[] = $T['tid']; } if (!empty($U['etids'])) { $ETIDS = explode(' ', $U['etids']); $TIDS = array_intersect($TIDS, $ETIDS); } if (sizeof($TIDS) > 0) { $commonsql .= " AND (tid IN ('" . implode("','", $TIDS) . "'))"; } $commonsql .= COM_getPermSQL('AND', $U['uuid']); $commonsql .= ' ORDER BY featured DESC, date DESC'; $storysql .= $commonsql; $stories = DB_query($storysql); $nsrows = DB_numRows($stories); if ($nsrows == 0) { // If no new stories where pulled for this user, continue with next continue; } $T = new Template($_CONF['path_layout']); $T->set_file(array('message' => 'digest.thtml', 'story' => 'digest_story.thtml')); $TT = new Template($_CONF['path_layout']); $TT->set_file(array('message' => 'digest_text.thtml', 'story' => 'digest_story_text.thtml')); $T->set_var('week_date', strftime($_CONF['shortdate'], time())); $TT->set_var('week_date', strftime($_CONF['shortdate'], time())); $T->set_var('site_name', $_CONF['site_name']); $TT->set_var('site_name', $_CONF['site_name']); $T->set_var('remove_msg', sprintf($LANG08[36], $_CONF['site_name'], $_CONF['site_url'])); $TT->set_var('remove_msg', sprintf($LANG08[37], $_CONF['site_name'], $_CONF['site_url'])); for ($y = 0; $y < $nsrows; $y++) { // Loop through stories building the requested email message $S = DB_fetchArray($stories); $story = new Story(); $args = array('sid' => $S['sid'], 'mode' => 'view'); $output = STORY_LOADED_OK; $result = PLG_invokeService('story', 'get', $args, $output, $svc_msg); if ($result == PLG_RET_OK) { /* loadFromArray cannot be used, since it overwrites the timestamp */ reset($story->_dbFields); while (list($fieldname, $save) = each($story->_dbFields)) { $varname = '_' . $fieldname; if (array_key_exists($fieldname, $output)) { $story->{$varname} = $output[$fieldname]; } } $story->_username = $output['username']; $story->_fullname = $output['fullname']; } $story_url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $S['sid']); $title = COM_undoSpecialChars($S['title']); if ($_CONF['contributedbyline'] == 1) { if (empty($authors[$S['uid']])) { $storyauthor = COM_getDisplayName($S['uid']); $authors[$S['uid']] = $storyauthor; } else { $storyauthor = $authors[$S['uid']]; } } $dt = new Date($S['day'], $_USER['tzid']); $story_date = $dt->format($_CONF['date'], true); if ($_CONF['emailstorieslength'] > 0) { $storytext = COM_undoSpecialChars(strip_tags(PLG_replaceTags($S['introtext'], 'glfusion', 'story'))); $storytext_text = COM_undoSpecialChars(strip_tags(PLG_replaceTags($S['introtext'], 'glfusion', 'story'))); if ($_CONF['emailstorieslength'] > 1) { $storytext = COM_truncate($storytext, $_CONF['emailstorieslength'], '...'); $storytext_text = COM_truncate($storytext_text, $_CONF['emailstorieslength'], '...'); } } else { $storytext = ''; $storytext_text = ''; } $T->set_var('story_introtext', $storytext); $TT->set_var('story_introtext', $storytext_text); $T->set_var(array('story_url' => $story_url, 'story_title' => $title, 'story_author' => $storyauthor, 'story_date' => $story_date, 'story_text' => $storytext)); $T->parse('digest_stories', 'story', true); $TT->set_var(array('story_url' => $story_url, 'story_title' => $title, 'story_author' => $storyauthor, 'story_date' => $story_date, 'story_text' => $storytext_text)); $TT->parse('digest_stories', 'story', true); } $T->parse('digest', 'message', true); $TT->parse('digest', 'message', true); $mailtext = $T->finish($T->get_var('digest')); $mailtext_text = $TT->finish($TT->get_var('digest')); $mailfrom = $_CONF['noreply_mail']; $mailtext .= LB . LB . $LANG04[159]; $mailtext_text .= LB . LB . $LANG04[159]; $to = array(); $from = array(); $from = COM_formatEmailAddress('', $mailfrom); $to = COM_formatEmailAddress($U['username'], $U['email']); COM_mail($to, $subject, $mailtext, $from, 1, 0, '', $mailtext_text); } DB_query("UPDATE {$_TABLES['vars']} SET value = NOW() WHERE name = 'lastemailedstories'"); }
/** * Email story to a friend * * @param string $sid id of story to email * @param string $to name of person / friend to email * @param string $toemail friend's email address * @param string $from name of person sending the email * @param string $fromemail sender's email address * @param string $shortmsg short intro text to send with the story * @return string Meta refresh * * Modification History * * Date Author Description * ---- ------ ----------- * 4/17/01 Tony Bibbs Code now allows anonymous users to send email * and it allows user to input a message as well * Thanks to Yngve Wassvik Bergheim for some of * this code * */ function mailstory($sid, $to, $toemail, $from, $fromemail, $shortmsg, $html = 0) { global $_CONF, $_TABLES, $_USER, $LANG01, $LANG08; $dt = new Date('now', $_USER['tzid']); $storyurl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid); if ($_CONF['url_rewrite']) { $retURL = $storyurl . '?msg=85'; } else { $retURL = $storyurl . '&msg=85'; } // check for correct $_CONF permission if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) { echo COM_refresh($retURL); exit; } // check if emailing of stories is disabled if ($_CONF['hideemailicon'] == 1) { echo COM_refresh($retURL); exit; } // check mail speedlimit COM_clearSpeedlimit($_CONF['speedlimit'], 'mail'); if (COM_checkSpeedlimit('mail') > 0) { echo COM_refresh($retURL); exit; } $filter = sanitizer::getInstance(); if ($html) { $filter->setPostmode('html'); } else { $filter->setPostmode('text'); } $allowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_default']); $filter->setAllowedElements($allowedElements); $filter->setCensorData(true); $filter->setReplaceTags(true); $filter->setNamespace('glfusion', 'mail_story'); $sql = "SELECT uid,title,introtext,bodytext,story_image,commentcode,UNIX_TIMESTAMP(date) AS day,postmode FROM {$_TABLES['stories']} WHERE sid = '" . DB_escapeString($sid) . "'" . COM_getTopicSql('AND') . COM_getPermSql('AND'); $result = DB_query($sql); if (DB_numRows($result) == 0) { return COM_refresh($_CONF['site_url'] . '/index.php'); } $A = DB_fetchArray($result); $result = PLG_checkforSpam($shortmsg, $_CONF['spamx']); if ($result > 0) { COM_updateSpeedlimit('mail'); COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden'); } USES_lib_html2text(); $T = new Template($_CONF['path_layout'] . 'email/'); $T->set_file(array('html_msg' => 'mailstory_html.thtml', 'text_msg' => 'mailstory_text.thtml')); // filter any HTML from the short message $shortmsg = $filter->filterHTML($shortmsg); $html2txt = new html2text($shortmsg, false); $shortmsg_text = $html2txt->get_text(); $story_body = COM_truncateHTML($A['introtext'], 512); $html2txt = new html2text($story_body, false); $story_body_text = $html2txt->get_text(); $dt->setTimestamp($A['day']); $story_date = $dt->format($_CONF['date'], true); $story_title = COM_undoSpecialChars($A['title']); $story_url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid); if ($_CONF['contributedbyline'] == 1) { $author = COM_getDisplayName($A['uid']); } else { $author = ''; } if ($A['story_image'] != '') { $story_image = $_CONF['site_url'] . $A['story_image']; } else { $story_image = ''; } $T->set_var(array('shortmsg_html' => $shortmsg, 'shortmsg_text' => $shortmsg_text, 'story_title' => $story_title, 'story_date' => $story_date, 'story_url' => $story_url, 'author' => $author, 'story_image' => $story_image, 'story_body_html' => $story_body, 'story_body_text' => $story_body_text, 'lang_by' => $LANG01[1], 'site_name' => $_CONF['site_name'], 'from_name' => $from, 'disclaimer' => sprintf($LANG08[23], $from, $fromemail))); $T->parse('message_body_html', 'html_msg'); $message_body_html = $T->finish($T->get_var('message_body_html')); $T->parse('message_body_text', 'text_msg'); $message_body_text = $T->finish($T->get_var('message_body_text')); $msgData = array('htmlmessage' => $message_body_html, 'textmessage' => $message_body_text, 'subject' => $story_title, 'from' => array('email' => $_CONF['site_mail'], 'name' => $from), 'to' => array('email' => $toemail, 'name' => $to)); $mailto = array(); $mailfrom = array(); $mailto = COM_formatEmailAddress($to, $toemail); $mailfrom = COM_formatEmailAddress($from, $fromemail); $subject = COM_undoSpecialChars(strip_tags('Re: ' . $A['title'])); $rc = COM_mail($mailto, $msgData['subject'], $msgData['htmlmessage'], $mailfrom, true, 0, '', $msgData['textmessage']); COM_updateSpeedlimit('mail'); if ($rc) { if ($_CONF['url_rewrite']) { $retval = COM_refresh($storyurl . '?msg=27'); } else { $retval = COM_refresh($storyurl . '&msg=27'); } } else { // Increment numemails counter for story DB_query("UPDATE {$_TABLES['stories']} SET numemails = numemails + 1 WHERE sid = '" . DB_escapeString($sid) . "'"); if ($_CONF['url_rewrite']) { $retval = COM_refresh($storyurl . '?msg=26'); } else { $retval = COM_refresh($storyurl . '&msg=26'); } } echo COM_refresh($retval); exit; }
/** * Send report about abusive comment * * @param string $cid comment id * @param string $type type of comment ('article', 'poll', ...) * @return string Meta refresh or HTML for error message * */ function CMT_sendReport($cid, $type) { global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG09, $LANG_LOGIN; if (COM_isAnonUser()) { $retval = COM_siteHeader('menu', $LANG_LOGIN[1]); $retval .= SEC_loginRequiredForm(); $retval .= COM_siteFooter(); return $retval; } COM_clearSpeedlimit($_CONF['speedlimit'], 'mail'); if (COM_checkSpeedlimit('mail') > 0) { return COM_refresh($_CONF['site_url'] . '/index.php'); } $username = DB_getItem($_TABLES['users'], 'username', "uid = {$_USER['uid']}"); $result = DB_query("SELECT uid,title,comment,sid,ipaddress FROM {$_TABLES['comments']} WHERE cid = " . (int) $cid . " AND type = '" . DB_escapeString($type) . "'"); $A = DB_fetchArray($result); $title = $A['title']; $comment = $A['comment']; // strip HTML if posted in HTML mode if (preg_match('/<.*>/', $comment) != 0) { $comment = strip_tags($comment); } $author = COM_getDisplayName($A['uid']); if ($A['uid'] <= 1 && !empty($A['ipaddress'])) { // add IP address for anonymous posters $author .= ' (' . $A['ipaddress'] . ')'; } $mailbody = sprintf($LANG03[26], $username); $mailbody .= "\n\n" . "{$LANG03['16']}: {$title}\n" . "{$LANG03['5']}: {$author}\n"; if ($type != 'article' && $type != 'poll') { $mailbody .= "{$LANG09['5']}: {$type}\n"; } if ($_CONF['emailstorieslength'] > 0) { if ($_CONF['emailstorieslength'] > 1) { $comment = MBYTE_substr($comment, 0, $_CONF['emailstorieslength']) . '...'; } $mailbody .= $comment . "\n\n"; } $mailbody .= $LANG08[33] . ' <' . $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $cid . ">\n\n"; $mailbody .= "\n------------------------------\n"; $mailbody .= "\n{$LANG08['34']}\n"; $mailbody .= "\n------------------------------\n"; $mailsubject = $_CONF['site_name'] . ' ' . $LANG03[27]; $to = array(); $to = COM_formatEmailAddress('', $_CONF['site_mail']); COM_mail($to, $mailsubject, $mailbody); COM_updateSpeedlimit('mail'); return COM_refresh($_CONF['site_url'] . '/index.php?msg=27'); }
/** * Mails the contents of the contact form to that user * * @param int $uid User ID of person to send email to * @param bool $cc Whether to send a copy of the message to the author * @param string $author The name of the person sending the email * @param string $authoremail Email address of person sending the email * @param string $subject Subject of email * @param string $message Text of message to send * @return string Meta redirect or HTML for the contact form */ function CONTACT_contactemail($uid, $cc, $author, $authoremail, $subject, $message) { global $_CONTACT_CONF, $_CONF, $_TABLES, $_USER, $LANG04, $LANG08, $LANG12, $MESSAGE; $retval = ''; // check for correct $_CONF permission if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailuserloginrequired'] == 1) && $uid != 2) { return COM_refresh($_CONF['site_url'] . '/index.php?msg=85'); } // check for correct 'to' user preferences $result = DB_query("SELECT emailfromadmin,emailfromuser FROM {$_TABLES['userprefs']} WHERE uid = '{$uid}'"); $P = DB_fetchArray($result); if (SEC_inGroup('Root') || SEC_hasRights('user.mail')) { $isAdmin = true; } else { $isAdmin = false; } if ($P['emailfromadmin'] != 1 && $isAdmin || $P['emailfromuser'] != 1 && !$isAdmin) { return COM_refresh($_CONF['site_url'] . '/index.php?msg=85'); } // check mail speedlimit COM_clearSpeedlimit($_CONF['speedlimit'], 'mail'); $last = COM_checkSpeedlimit('mail'); if ($last > 0) { $return .= COM_startBlock($LANG12[26], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG08[39] . $last . $LANG08[40] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); return $return; } if (!empty($author) && !empty($subject) && !empty($message)) { if (COM_isemail($authoremail) && strpos($author, '@') === false) { $result = DB_query("SELECT username,fullname,email FROM {$_TABLES['users']} WHERE uid = {$uid}"); $A = DB_fetchArray($result); // Append the user's signature to the message $sig = ''; if (!COM_isAnonUser()) { $sig = DB_getItem($_TABLES['users'], 'sig', "uid={$_USER['uid']}"); if (!empty($sig)) { $sig = strip_tags(COM_stripslashes($sig)); $sig = "\n\n-- \n" . $sig; } } $subject = COM_stripslashes($subject); $message = COM_stripslashes($message); // do a spam check with the unfiltered message text and subject $mailtext = $subject . "\n" . $message . $sig; $result = PLG_checkforSpam($mailtext, $_CONF['spamx']); if ($result > 0) { COM_updateSpeedlimit('mail'); COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden'); } $msg = PLG_itemPreSave('contact', $message); if (!empty($msg)) { define("CONTACT_TITLE", $LANG04[81]); $retval .= COM_errorLog($msg, 2) . CONTACT_contactform($uid, $cc, $subject, $message); return $retval; } $subject = strip_tags($subject); $subject = substr($subject, 0, strcspn($subject, "\r\n")); $message = strip_tags($message) . $sig; if (!empty($A['fullname'])) { $to = COM_formatEmailAddress($A['fullname'], $A['email']); } else { $to = COM_formatEmailAddress($A['username'], $A['email']); } $from = COM_formatEmailAddress($author, $authoremail); $sent = COM_mail($to, $subject, $message, $from); if ($sent && isset($_POST['cc']) && $_POST['cc'] == 'on') { $ccmessage = sprintf($LANG08[38], COM_getDisplayName($uid, $A['username'], $A['fullname'])); $ccmessage .= "\n------------------------------------------------------------\n\n" . $message; $sent = COM_mail($from, $subject, $ccmessage, $from); } COM_updateSpeedlimit('mail'); $retval .= COM_refresh($_CONF['site_url'] . '/' . $_CONTACT_CONF['folder_name'] . '/index.php?what=msg&msg=' . urlencode($sent ? $MESSAGE['27'] : $MESSAGE['85'])); } else { $subject = strip_tags($subject); $subject = substr($subject, 0, strcspn($subject, "\r\n")); $subject = htmlspecialchars(trim($subject), ENT_QUOTES); define("CONTACT_TITLE", $LANG04[81]); $retval .= COM_errorLog($LANG08[3], 2) . CONTACT_contactform($uid, $cc, $subject, $message); } } else { $subject = strip_tags($subject); $subject = substr($subject, 0, strcspn($subject, "\r\n")); $subject = htmlspecialchars(trim($subject), ENT_QUOTES); define("CONTACT_TITLE", $LANG04[81]); $retval .= COM_errorLog($LANG08[4], 2) . CONTACT_contactform($uid, $cc, $subject, $message); } return $retval; }
/** * Send a notification email when a new trackback comment has been posted * * @param int $cid ID of the trackback comment * @param string $what type of notification: 'trackback' or 'pingback' * @return void */ function TRB_sendNotificationEmail($cid, $what = 'trackback') { global $_CONF, $_TABLES, $LANG03, $LANG08, $LANG09, $LANG29, $LANG_TRB; $cid = DB_escapeString($cid); $result = DB_query("SELECT sid,type,title,excerpt,url,blog,ipaddress FROM {$_TABLES['trackback']} WHERE (cid = '{$cid}')"); $A = DB_fetchArray($result); $type = $A['type']; $id = $A['sid']; $mailbody = ''; if (!empty($A['title'])) { $mailbody .= $LANG03[16] . ': ' . $A['title'] . "\n"; } $mailbody .= $LANG_TRB['blog_name'] . ': '; if (!empty($A['blog'])) { $mailbody .= $A['blog'] . ' '; } $mailbody .= '(' . $A['ipaddress'] . ")\n"; $mailbody .= $LANG29[12] . ': ' . $A['url'] . "\n"; if ($type != 'article') { $mailbody .= $LANG09[5] . ': ' . $type . "\n"; } if (!empty($A['excerpt'])) { // the excerpt is max. 255 characters long anyway, so we add it // in its entirety $mailbody .= $A['excerpt'] . "\n\n"; } // assume that plugins follow the convention and have a 'trackback' anchor $trackbackurl = PLG_getItemInfo($type, $id, 'url') . '#trackback'; $mailbody .= $LANG08[33] . ' <' . $trackbackurl . ">\n\n"; $mailbody .= "\n------------------------------\n"; $mailbody .= "\n{$LANG08['34']}\n"; $mailbody .= "\n------------------------------\n"; if ($what == 'pingback') { $mailsubject = $_CONF['site_name'] . ' ' . $LANG_TRB['pingback']; } else { $mailsubject = $_CONF['site_name'] . ' ' . $LANG_TRB['trackback']; } $to = array(); $to = COM_formatEmailAddress('', $_CONF['site_mail']); COM_mail($to, $mailsubject, $mailbody); }
/** * Save the current values to the database. * Appends error messages to the $Errors property. * * The $forceNew parameter is a hack to force this record to be saved * as a new record even if it already has an ID. This is only to * handle events imported from the Calendar plugin. * * @param array $A Optional array of values from $_POST * @param string $table Table name (submission or production) * @param boolean $forceNew Hack to force this record to be "new" * @return boolean True if no errors, False otherwise */ public function Save($A = '', $table = 'evlist_submissions', $forceNew = false) { global $_TABLES, $LANG_EVLIST, $_EV_CONF, $_USER, $_CONF; // This is a bit of a hack, but we're going to save the old schedule // first before changing our own values. This is done so that we // can determine whether we have to update the repeats table, and // is only relevant for an existing record. if (!$this->isNew) { $this->old_schedule = array('date_start1' => $this->date_start1, 'date_end1' => $this->date_end1, 'time_start1' => $this->time_start1, 'time_end1' => $this->time_end1, 'time_start2' => $this->time_start2, 'time_end2' => $this->time_end2, 'allday' => $this->allday, 'recurring' => $this->recurring, 'rec_data' => $this->rec_data); } else { // submit privilege required to submit new events if (!$this->isSubmitter) { return false; } $this->old_schedule = array(); } // Now we can update our main record with the new info if (is_array($A)) { $this->SetVars($A); $this->MakeRecData(); } if (isset($A['eid']) && !empty($A['eid']) && !$forceNew) { $this->isNew = false; $oldid = COM_sanitizeID($A['eid']); } // Authorized to bypass the queue if ($this->isAdmin) { $table = 'evlist_events'; } $this->table = $table; if ($this->id == '') { // If we allow users to create IDs, this could happen $this->id = COM_makesid(); } $ev_id_DB = DB_escapeString($this->id); // Used often, sanitize now // Insert or update the record, as appropriate if (!$this->isNew) { // Existing event, we already have a Detail object instantiated $this->Detail->SetVars($A); $this->Detail->ev_id = $this->id; if (!$this->isValidRecord()) { return $this->PrintErrors(); } // Delete the category lookups DB_delete($_TABLES['evlist_lookup'], 'eid', $this->id); // Save the main event record $sql1 = "UPDATE {$_TABLES[$this->table]} SET "; $sql2 = "WHERE id='{$ev_id_DB}'"; // Save the new detail record & get the ID $this->det_id = $this->Detail->Save(); // Quit now if the detail record failed if ($this->det_id == 0) { return false; } // Determine if the schedule has changed so that we need to // update the repeat tables. If we do, any customizations will // be lost. if ($this->NeedRepeatUpdate($A)) { if ($this->old_schedule['recurring'] || $this->recurring) { // If this was, or is now, a recurring event then clear // out the repeats and update with new ones. // First, delete all detail records except the master DB_query("DELETE FROM {$_TABLES['evlist_detail']}\n WHERE ev_id = '{$this->id}'\n AND det_id <> '{$this->det_id}'"); // This function sets the rec_data value. $this->UpdateRepeats(); } else { // this is a one-time event, update the existing instance $sql = "UPDATE {$_TABLES['evlist_repeat']} SET\n rp_date_start = '{$this->date_start1}',\n rp_date_end = '{$this->date_end1}',\n rp_time_start1 = '{$this->time_start1}',\n rp_time_end1 = '{$this->time_end1}',\n rp_time_start2 = '{$this->time_start2}',\n rp_time_end2 = '{$this->time_end2}'\n WHERE rp_ev_id = '{$this->id}'"; DB_query($sql, 1); } } } else { // New event if (!$this->isAdmin) { // Override any submitted permissions if user is not an admin $this->perm_owner = $_EV_CONF['default_permissions'][0]; $this->perm_group = $_EV_CONF['default_permissions'][1]; $this->perm_members = $_EV_CONF['default_permissions'][2]; $this->perm_anon = $_EV_CONF['default_permissions'][3]; // Set the group_id to the default $this->group_id = (int) DB_getItem($_TABLES['groups'], 'grp_id', 'grp_name="evList Admin"'); // Set the owner to the submitter $this->owner_id = (int) $_USER['uid']; } // Create a detail record $this->Detail = new evDetail(); $this->Detail->SetVars($A); $this->Detail->ev_id = $this->id; if (!$this->isValidRecord()) { return $this->PrintErrors(); } // Save the new detail record & get the ID $this->det_id = $this->Detail->Save(); // Quit now if the detail record failed if ($this->det_id == 0) { return false; } if ($this->table != 'evlist_submissions') { // This function gets the rec_data value. $this->UpdateRepeats(); //var_dump($this);die; } $sql1 = "INSERT INTO {$_TABLES[$this->table]} SET\n id = '" . DB_escapeString($this->id) . "', "; $sql2 = ''; } // Now save the categories // First save the new category if one was submitted if (!is_array($this->categories)) { $this->categories = array(); } if (isset($A['newcat']) && !empty($A['newcat'])) { $newcat = $this->SaveCategory($A['newcat']); if ($newcat > 0) { $this->categories[] = $newcat; } } $tmp = array(); foreach ($this->categories as $cat_id) { $tmp[] = "('{$this->id}', '{$cat_id}')"; } if (!empty($tmp)) { $sql = "INSERT INTO {$_TABLES['evlist_lookup']}\n (eid, cid)\n VALUES " . implode(',', $tmp); DB_query($sql); } $fld_sql = "date_start1 = '" . DB_escapeString($this->date_start1) . "',\n date_end1 = '" . DB_escapeString($this->date_end1) . "',\n time_start1 = '" . DB_escapeString($this->time_start1) . "',\n time_end1 = '" . DB_escapeString($this->time_end1) . "',\n time_start2 = '" . DB_escapeString($this->time_start2) . "',\n time_end2 = '" . DB_escapeString($this->time_end2) . "',\n recurring = '{$this->recurring}',\n rec_data = '" . DB_escapeString(serialize($this->rec_data)) . "',\n allday = '{$this->allday}',\n split = '{$this->split}',\n status = '{$this->status}',\n postmode = '" . DB_escapeString($this->postmode) . "',\n enable_reminders = '{$this->enable_reminders}',\n owner_id = '{$this->owner_id}',\n group_id = '{$this->group_id}',\n perm_owner = '{$this->perm_owner}',\n perm_group = '{$this->perm_group}',\n perm_members = '{$this->perm_members}',\n perm_anon = '{$this->perm_anon}',\n det_id = '{$this->det_id}',\n cal_id = '{$this->cal_id}',\n show_upcoming = '{$this->show_upcoming}',\n options = '" . DB_escapeString(serialize($this->options)) . "' "; $sql = $sql1 . $fld_sql . $sql2; //echo $sql;die; DB_query($sql, 1); if (DB_error()) { $this->Errors[] = $LANG_EVLIST['err_db_saving']; } elseif ($this->table == 'evlist_submissions' && isset($_CONF['notification']) && in_array('evlist', $_CONF['notification'])) { $N = new Template(EVLIST_PI_PATH . '/templates/'); $N->set_file('mail', 'notify_submission.thtml'); $N->set_var(array('title' => $this->Detail->title, 'summary' => $this->Detail->summary, 'start_date' => $this->date_start1, 'end_date' => $this->date_end1, 'start_time' => $this->time_start1, 'end_time' => $this->time_end1, 'submitter' => COM_getDisplayName($this->owner_id))); $N->parse('output', 'mail'); $mailbody = $N->finish($N->get_var('output')); $subject = $LANG_EVLIST['notify_subject']; $to = COM_formatEmailAddress('', $_CONF['site_mail']); COM_mail($to, $subject, $mailbody, '', true); } if (empty($this->Errors)) { return ''; } else { return $this->PrintErrors(); } }
/** * Send an email notification for a new submission. * * @param string $table Table where the new submission can be found * @param string $story Story object that was submitted. * */ function sendNotification($table, $story) { global $_CONF, $_USER, $_TABLES, $LANG01, $LANG08, $LANG24, $LANG29, $LANG_ADMIN; $dt = new Date('now', $_USER['tzid']); $title = COM_undoSpecialChars($story->displayElements('title')); $postmode = $story->displayElements('postmode'); $introtext = COM_undoSpecialChars($story->displayElements('introtext') . "\n" . $story->displayElements('bodytext')); if ($postmode == 'html') { USES_lib_html2text(); $introtext = str_replace("\\r", "", $introtext); $introtext = $introtext; $html2txt = new html2text($introtext, false); $introtext = trim($html2txt->get_text()); } $storyauthor = COM_getDisplayName($story->displayelements('uid')); $topic = DB_getItem($_TABLES['topics'], 'topic', 'tid = \'' . DB_escapeString($story->displayElements('tid')) . '\''); $mailbody = "{$LANG08['31']}: {$title}\n" . "{$LANG24['7']}: {$storyauthor}\n" . "{$LANG08['32']}: " . $dt->format($_CONF['date'], true) . "\n" . "{$LANG_ADMIN['topic']}: {$topic}\n\n"; if ($_CONF['emailstorieslength'] > 0) { if ($_CONF['emailstorieslength'] > 1) { $introtext = MBYTE_substr($introtext, 0, $_CONF['emailstorieslength']) . '...'; } $mailbody .= $introtext . "\n\n"; } if ($table == $_TABLES['storysubmission']) { $mailbody .= "{$LANG01['10']} <{$_CONF['site_admin_url']}/moderation.php>\n\n"; } else { $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()); $mailbody .= $LANG08[33] . ' <' . $articleUrl . ">\n\n"; } $mailsubject = $_CONF['site_name'] . ' ' . $LANG29[35]; $mailbody .= "\n------------------------------\n"; $mailbody .= "\n{$LANG08['34']}\n"; $mailbody .= "\n------------------------------\n"; $to = array(); $to = COM_formatEmailAddress('', $_CONF['site_mail']); COM_mail($to, $mailsubject, $mailbody); }
function approve() { global $_TABLES, $_TABLES, $_CONF, $myts, $eh, $filemgmt_FileStore, $filemgmt_SnapStore, $filemgmt_Emailoption, $filemgmtFilePermissions; $lid = (int) COM_applyFilter($_POST['lid'], true); $title = $_POST['title']; $cid = intval($_POST['cid']); if (empty($cid)) { $cid = 0; } $homepage = $_POST['homepage']; $version = $_POST['version']; $size = isset($_POST['size']) ? COM_applyFilter($_POST['size'], true) : 0; $description = $_POST['description']; if ($_POST['url'] || $_POST['url'] != '') { $name = $myts->makeTboxData4Save($_POST['url']); $url = rawurlencode($name); } if ($_POST['logourl'] || $_POST['logourl'] != '') { $shotname = $myts->makeTboxData4Save($_POST['logourl']); $logourl = $myts->makeTboxData4Save(rawurlencode($_POST['logourl'])); } else { $logourl = ''; $shotname = ''; } $result = DB_query("SELECT COUNT(*) FROM {$_TABLES['filemgmt_filedetail']} WHERE url='{$url}' and status=1"); list($numrows) = DB_fetchArray($result); // Comment out this check if you want to allow duplicate filelistings for same file in the repository // Check for duplicate files of the same filename (actual filename in repository) if ($numrows > 0) { $eh->show("1108"); } $title = $myts->makeTboxData4Save($title); $homepage = $myts->makeTboxData4Save($homepage); $version = $myts->makeTboxData4Save($_POST['version']); $size = $myts->makeTboxData4Save($size); $description = $myts->makeTareaData4Save($description); $commentoption = (int) COM_applyFilter($_POST["commentoption"], true); // Move file from tmp directory under the document filestore to the main file directory // Now to extract the temporary names for both the file and optional thumbnail. I've used th platform field which I'm not using now for anything. $tmpnames = explode(";", DB_getItem($_TABLES['filemgmt_filedetail'], 'platform', "lid='{$lid}'")); $tmpfilename = $tmpnames[0]; if (isset($tmpnames[1])) { $tmpshotname = $tmpnames[1]; } else { $tmpshotname = ''; } $tmp = $filemgmt_FileStore . "tmp/" . $tmpfilename; if (file_exists($tmp) && !is_dir($tmp)) { // if this temporary file was really uploaded? $newfile = $filemgmt_FileStore . $name; COM_errorLOG("File move from " . $tmp . " to " . $newfile); $rename = @rename($tmp, $newfile); COM_errorLOG("Results of rename is: " . $rename); $chown = @chmod($newfile, $filemgmtFilePermissions); if (!file_exists($newfile)) { COM_errorLOG("Filemgmt upload approve error: New file does not exist after move of tmp file: '" . $newfile . "'"); $AddNewFile = false; // Set false again - in case it was set true above for actual file $eh->show("1101"); } else { $AddNewFile = true; } } else { COM_errorLOG("Filemgmt upload approve error: Temporary file does not exist: '" . $tmp . "'"); $eh->show("1101"); } if ($tmpshotname != "") { $tmp = $filemgmt_SnapStore . "tmp/" . $tmpshotname; if (file_exists($tmp) && !is_dir($tmp)) { // if this temporary Thumbnail was really uploaded? $newfile = $filemgmt_SnapStore . $shotname; $rename = @rename($tmp, $newfile); $chown = @chmod($newfile, $filemgmtFilePermissions); if (!file_exists($newfile)) { COM_errorLOG("Filemgmt upload approve error: New file does not exist after move of tmp file: '" . $newfile . "'"); $AddNewFile = false; // Set false again - in case it was set true above for actual file $eh->show("1101"); } } else { COM_errorLOG("Filemgmt upload approve error: Temporary file does not exist: '" . $tmp . "'"); $eh->show("1101"); } } if ($AddNewFile) { DB_query("UPDATE {$_TABLES['filemgmt_filedetail']} SET cid='{$cid}', title='{$title}', url='{$url}', homepage='{$homepage}', version='{$version}', logourl='{$logourl}', status=1, date=" . time() . ", comments={$commentoption} where lid='{$lid}'"); DB_query("UPDATE {$_TABLES['filemgmt_filedesc']} SET description='{$description}' where lid='{$lid}'"); PLG_itemSaved($lid, 'filemgmt'); CACHE_remove_instance('whatsnew'); // Send a email to submitter notifying them that file was approved if ($filemgmt_Emailoption) { $result = DB_query("SELECT username, email FROM {$_TABLES['users']} a, {$_TABLES['filemgmt_filedetail']} b WHERE a.uid=b.submitter and b.lid='{$lid}'"); list($submitter_name, $emailaddress) = DB_fetchArray($result); $mailtext = sprintf(_MD_HELLO, $submitter_name); $mailtext .= ",\n\n" . _MD_WEAPPROVED . " " . $title . " \n" . _MD_THANKSSUBMIT . "\n\n"; $mailtext .= "{$_CONF["site_name"]}\n"; $mailtext .= "{$_CONF['site_url']}\n"; //COM_errorLOG("email: ".$emailaddress.", text: ".$mailtext); $to = array(); $to = COM_formatEmailAddress($submitter_name, $emailaddress); COM_mail($to, _MD_APPROVED, $mailtext); } } CACHE_remove_instance('whatsnew'); redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php?op=listNewDownloads", 2, _MD_NEWDLADDED); exit; }
echo plugin_savesubmission_links($A); echo LINKS_siteFooter(); exit; } if ($mode == 'report' && (isset($_USER['uid']) && $_USER['uid'] > 1)) { if (isset($_GET['lid'])) { $lid = COM_sanitizeID(COM_applyFilter($_GET['lid'])); } if (!empty($lid)) { $lidsl = DB_escapeString($lid); $result = DB_query("SELECT url, title FROM {$_TABLES['links']} WHERE lid = '{$lidsl}'"); list($url, $title) = DB_fetchArray($result); $editurl = $_CONF['site_admin_url'] . '/plugins/links/index.php?edit=x&lid=' . $lid; $msg = $LANG_LINKS[119] . LB . LB . "{$title}, <{$url}>" . LB . LB . $LANG_LINKS[120] . LB . '<' . $editurl . '>' . LB . LB . $LANG_LINKS[121] . $_USER['username'] . ', IP: ' . $_SERVER['REMOTE_ADDR']; $to = array(); $to = COM_formatEmailAddress('', $_CONF['site_mail']); COM_mail($to, $LANG_LINKS[118], $msg); $message = array($LANG_LINKS[123], $LANG_LINKS[122]); } } if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_LI_CONF['linksloginrequired'] == 1)) { $display .= LINKS_siteHeader($LANG_LINKS[114]); $display .= SEC_loginRequiredForm(); $display .= LINKS_siteFooter(); echo $display; exit; } else { $display .= links_list($message); } $display .= LINKS_siteFooter(); echo $display;
/** * Email story to a friend * * @param string $sid id of story to email * @param string $to name of person / friend to email * @param string $toemail friend's email address * @param string $from name of person sending the email * @param string $fromemail sender's email address * @param string $shortmsg short intro text to send with the story * @return string Meta refresh * * Modification History * * Date Author Description * ---- ------ ----------- * 4/17/01 Tony Bibbs Code now allows anonymous users to send email * and it allows user to input a message as well * Thanks to Yngve Wassvik Bergheim for some of * this code * */ function mailstory($sid, $to, $toemail, $from, $fromemail, $shortmsg) { global $_CONF, $_TABLES, $LANG01, $LANG08; require_once $_CONF['path_system'] . 'lib-story.php'; $storyurl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid); if ($_CONF['url_rewrite']) { $retval = COM_refresh($storyurl . '?msg=85'); } else { $retval = COM_refresh($storyurl . '&msg=85'); } // check for correct $_CONF permission if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) { return $retval; } // check if emailing of stories is disabled if ($_CONF['hideemailicon'] == 1) { return $retval; } // check mail speedlimit COM_clearSpeedlimit($_CONF['speedlimit'], 'mail'); if (COM_checkSpeedlimit('mail') > 0) { return $retval; } $story = new Story(); $result = $story->loadFromDatabase($sid, 'view'); if ($result != STORY_LOADED_OK) { return COM_refresh($_CONF['site_url'] . '/index.php'); } $shortmsg = COM_stripslashes($shortmsg); $mailtext = sprintf($LANG08[23], $from, $fromemail) . LB; if (strlen($shortmsg) > 0) { $mailtext .= LB . sprintf($LANG08[28], $from) . $shortmsg . LB; } // just to make sure this isn't an attempt at spamming users ... $result = PLG_checkforSpam($mailtext, $_CONF['spamx']); if ($result > 0) { COM_updateSpeedlimit('mail'); COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden'); } $mailtext .= '------------------------------------------------------------' . LB . LB . COM_undoSpecialChars($story->displayElements('title')) . LB . strftime($_CONF['date'], $story->DisplayElements('unixdate')) . LB; if ($_CONF['contributedbyline'] == 1) { $author = COM_getDisplayName($story->displayElements('uid')); $mailtext .= $LANG01[1] . ' ' . $author . LB; } $introtext = $story->DisplayElements('introtext'); $bodytext = $story->DisplayElements('bodytext'); $introtext = COM_undoSpecialChars(strip_tags($introtext)); $bodytext = COM_undoSpecialChars(strip_tags($bodytext)); $introtext = str_replace(array("\n\r", "\r"), LB, $introtext); $bodytext = str_replace(array("\n\r", "\r"), LB, $bodytext); $mailtext .= LB . $introtext; if (!empty($bodytext)) { $mailtext .= LB . LB . $bodytext; } $mailtext .= LB . LB . '------------------------------------------------------------' . LB; if ($story->DisplayElements('commentcode') == 0) { // comments allowed $mailtext .= $LANG08[24] . LB . COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid . '#comments'); } else { // comments not allowed - just add the story's URL $mailtext .= $LANG08[33] . LB . COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid); } $mailto = COM_formatEmailAddress($to, $toemail); $mailfrom = COM_formatEmailAddress($from, $fromemail); $subject = 'Re: ' . COM_undoSpecialChars(strip_tags($story->DisplayElements('title'))); $sent = COM_mail($mailto, $subject, $mailtext, $mailfrom); if ($sent && isset($_POST['cc']) && $_POST['cc'] == 'on') { $ccmessage = sprintf($LANG08[38], $to); $ccmessage .= "\n------------------------------------------------------------\n\n" . $mailtext; $sent = COM_mail($mailfrom, $subject, $ccmessage, $mailfrom); } COM_updateSpeedlimit('mail'); // Increment numemails counter for story DB_query("UPDATE {$_TABLES['stories']} SET numemails = numemails + 1 WHERE sid = '{$sid}'"); if ($_CONF['url_rewrite']) { $retval = COM_refresh($storyurl . '?msg=' . ($sent ? '27' : '85')); } else { $retval = COM_refresh($storyurl . '&msg=' . ($sent ? '27' : '85')); } return $retval; }
/** * This function record in the hello queue the message to send to the specified group or to csv list * * @param array $vars Same as $_POST, holds all the email info * @return string HTML with success or error message * */ function send_messages($vars) { global $_CONF, $_TABLES, $LANG31, $LANG_HELLO01; require_once $_CONF['path_system'] . 'lib-user.php'; $retval = ''; if (empty($vars['fra']) or empty($vars['fraepost']) or empty($vars['subject']) or empty($vars['content'])) { $retval .= COM_startBlock($LANG31[1], '', COM_getBlockTemplate('_msg_block', 'header')); $retval .= $LANG31[26]; $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); $retval .= $display .= display_mailform($vars); return $retval; } // Urgent message! if (isset($vars['priority'])) { $priority = 1; } else { $priority = 0; } if (!empty($vars['to_group'])) { $groupList = implode(',', USER_getChildGroups($vars['to_group'])); //Group name $group_name = DB_query("SELECT grp_name FROM {$_TABLES['groups']} WHERE grp_id =" . $vars['to_group'] . " "); $group_name = DB_fetchArray($group_name); $email_group = $group_name[0]; if (isset($vars['overstyr'])) { $sql = "SELECT DISTINCT username,fullname,email FROM {$_TABLES['users']},{$_TABLES['group_assignments']} WHERE uid > 1"; $sql .= " AND {$_TABLES['users']}.status = 3 AND ((email is not null) and (email != ''))"; $sql .= " AND {$_TABLES['users']}.uid = ug_uid AND ug_main_grp_id IN ({$groupList})"; } else { $sql = "SELECT DISTINCT username,fullname,email,emailfromadmin FROM {$_TABLES['users']},{$_TABLES['userprefs']},{$_TABLES['group_assignments']} WHERE {$_TABLES['users']}.uid > 1"; $sql .= " AND {$_TABLES['users']}.status = 3 AND ((email is not null) and (email != ''))"; $sql .= " AND {$_TABLES['users']}.uid = {$_TABLES['userprefs']}.uid AND emailfromadmin = 1"; $sql .= " AND ug_uid = {$_TABLES['users']}.uid AND ug_main_grp_id IN ({$groupList})"; } $result = DB_query($sql); $nrows = DB_numRows($result); $quantity = $nrows; } else { // OK, let's upload csv file require_once $_CONF['path_system'] . 'classes/upload.class.php'; $upload = new upload(); //Debug with story debug function if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) { $upload->setLogFile($_CONF['path'] . 'logs/error.log'); $upload->setDebug(true); } $upload->setMaxFileUploads(1); $upload->setAllowedMimeTypes(array('text/csv' => '.csv', 'text/comma-separated-values' => '.csv', 'application/vnd.ms-excel' => '.csv', 'application/x-csv' => '.csv')); if (!$upload->setPath($_CONF['path_data'])) { $output = COM_siteHeader('menu', $LANG24[30]); $output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header')); $output .= $upload->printErrors(false); $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); $output .= COM_siteFooter(); echo $output; exit; } // Set file permissions on file after it gets uploaded (number is in octal) $upload->setPerms('0644'); $curfile = current($_FILES); if (!empty($curfile['name'])) { $pos = strrpos($curfile['name'], '.') + 1; $fextension = substr($curfile['name'], $pos); $filename = 'import_hello_' . COM_makesid() . '.' . $fextension; } if ($filename == '') { $output = COM_siteHeader('menu', $LANG24[30]); $output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header')); $output .= 'Upload error: csv file name is empty. Please try again...'; $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); $output .= COM_siteFooter(); echo $output; exit; } $upload->setFileNames($filename); reset($_FILES); $upload->uploadFiles(); if ($upload->areErrors()) { $msg = $upload->printErrors(false); return $LANG24[30]; } //email group $email_group = $LANG_HELLO01['csv_file']; $destinataires = array(); $separator = $vars['separator']; if (!in_array($separator, array(',', 'tab', ';'))) { $separator = ','; } if ($separator == 'tab') { $separator = "\t"; } if (($handle = fopen($_CONF['path_data'] . $filename, "r")) !== FALSE) { $quantity = 0; while (($data = fgetcsv($handle, 0, $separator)) !== FALSE) { //todo check if email is valid if ($data[0] != '' and COM_isEmail($data[0])) { $quantity++; $destinataires[] = $data[0]; } } fclose($handle); } } $retval .= COM_startBlock($LANG31[1]); // register hello $creation = date('YmdHi', time()); $subject = addslashes($vars['subject']); $content = addslashes($vars['content']); $from = COM_formatEmailAddress($vars['fra'], $vars['fraepost']); $sql_ajout_hello = "INSERT INTO {$_TABLES['hello']} (subject, creation, email_group, quantity, content) VALUES ('{$subject}', '{$creation}', '{$email_group}', '{$quantity}','{$content}')"; DB_query($sql_ajout_hello); $new_hello_id = DB_insertId(); // Loop through and send the messages in the DB! $successes = 0; $failures = 0; if (!empty($vars['to_group'])) { for ($i = 0; $i < $quantity; $i++) { $A = DB_fetchArray($result); $destinataire = $A['email']; $expediteur = $from; $date = date('YmdHi', time()); $sql_ajout_hello = "INSERT INTO {$_TABLES['hello_queue']} (expediteur, destinataire, date, hello_id, subject, content, priority) VALUES ('{$expediteur}', '{$destinataire}', '{$date}', '{$new_hello_id}', '{$subject}', '{$content}', '{$priority}')"; if ($destinataire != '') { if (DB_query($sql_ajout_hello)) { $successes = $successes + 1; } else { $failures = $failures + 1; } } else { $failures = $failures + 1; } } } else { //csv file for ($i = 0; $i < $quantity; $i++) { $destinataire = $destinataires[$i]; $expediteur = $from; $date = date('YmdHi', time()); $sql_ajout_hello = "INSERT INTO {$_TABLES['hello_queue']} (expediteur, destinataire, date, hello_id, subject, content, priority) VALUES ('{$expediteur}', '{$destinataire}', '{$date}', '{$new_hello_id}', '{$subject}', '{$content}', '{$priority}')"; if (DB_query($sql_ajout_hello)) { $successes = $successes + 1; } else { $failures = $failures + 1; } } } if ($successes >= 0) { $retval .= $i . ' ' . $LANG_HELLO01['email_schedule'] . '<br />' . $vars['priority']; } if ($failures > 0) { $retval .= 'Oups... There was ' . $failures . ' failure(s)'; } if (empty($vars['to_group'])) { //list emails from csv reset($destinataires); $retval .= COM_makeList($destinataires); } $retval .= COM_endBlock(); return $retval; }