$sAddonName = basename(__DIR__);
require WB_PATH . '/modules/' . $sAddonName . '/languages/EN.php';
if (file_exists(WB_PATH . '/modules/' . $sAddonName . '/languages/' . LANGUAGE . '.php')) {
    require WB_PATH . '/modules/' . $sAddonName . '/languages/' . LANGUAGE . '.php';
}
// This code removes any <?php tags and adds slashes
$friendly = array('&lt;', '&gt;', '?php');
$raw = array('<', '>', '');
//$header     = CleanInput('header');
$header = $admin->StripCodeFromText($admin->get_post('header'), true);
//$field_loop = CleanInput('field_loop');
$field_loop = $admin->StripCodeFromText($admin->get_post('field_loop'), true);
$footer = $admin->StripCodeFromText($admin->get_post('footer'), true);
//$email_to   = CleanInput('email_to');
$email_to = $admin->StripCodeFromText($admin->get_post('email_to'), true);
$email_to = $admin->StripCodeFromText($email_to != '' ? $email_to : emailAdmin());
$email_from = SERVER_EMAIL;
//$use_captcha =CleanInput('use_captcha');
$use_captcha = $admin->StripCodeFromText($admin->get_post('use_captcha'), true);
if (isset($_POST['email_fromname_field']) && $_POST['email_fromname_field'] != '') {
    $email_fromname = $admin->StripCodeFromText($admin->get_post('email_fromname_field'), true);
} else {
    $email_fromname = $admin->StripCodeFromText($admin->get_post('email_fromname'), true);
}
$email_fromname = $email_fromname != '' ? $email_fromname : WBMAILER_DEFAULT_SENDERNAME;
$email_subject = $admin->StripCodeFromText($admin->get_post('email_subject'), true);
$success_page = $admin->StripCodeFromText($admin->get_post('success_page'), true);
$success_email_to = $admin->StripCodeFromText($admin->get_post('success_email_to'), true);
$success_email_from = SERVER_EMAIL;
$success_email_fromname = $admin->StripCodeFromText($admin->get_post('success_email_fromname'), true);
$success_email_fromname = $success_email_fromname != '' ? $success_email_fromname : $email_fromname;
    function emailAdmin()
    {
        global $database, $admin;
        $retval = $admin->get_email();
        if ($admin->get_user_id() != '1') {
            $sql = 'SELECT `email` FROM `' . TABLE_PREFIX . 'users` ' . 'WHERE `user_id`=\'1\' ';
            $retval = $database->get_one($sql);
        }
        return $retval;
    }
}
// Get Settings from DB $aSettings['
$sql = 'SELECT * FROM `' . TABLE_PREFIX . 'mod_form_settings` ' . 'WHERE `section_id` = ' . (int) $section_id . '';
if ($oSetting = $database->query($sql)) {
    $aSettings = $oSetting->fetchRow(MYSQLI_ASSOC);
    $aSettings['email_to'] = $aSettings['email_to'] != '' ? $aSettings['email_to'] : emailAdmin();
    $aSettings['email_subject'] = $aSettings['email_subject'] != '' ? $aSettings['email_subject'] : '';
    $aSettings['success_email_subject'] = $aSettings['success_email_subject'] != '' ? $aSettings['success_email_subject'] : '';
    $aSettings['success_email_from'] = $admin->add_slashes(SERVER_EMAIL);
    $aSettings['success_email_fromname'] = $aSettings['success_email_fromname'] != '' ? $aSettings['success_email_fromname'] : WBMAILER_DEFAULT_SENDERNAME;
    $aSettings['success_email_subject'] = $aSettings['success_email_subject'] != '' ? $aSettings['success_email_subject'] : '';
}
// Set raw html <'s and >'s to be replace by friendly html code
$raw = array('<', '>');
$friendly = array('&lt;', '&gt;');
/*
// check if backend.css file needs to be included into the <body></body> of modify.php
if(!method_exists($admin, 'register_backend_modfiles') && file_exists(WB_PATH ."/modules/form/backend.css")) {
    echo '<style type="text/css">';
    include(WB_PATH .'/modules/form/backend.css');
    echo "\n</style>\n";
示例#3
0
文件: view.php 项目: WBCE/form
         exit($TEXT['UNDER_CONSTRUCTION']);
     }
 }
 $email_body = '';
 // Create blank "required" array
 $required = array();
 // Captcha
 if ($use_captcha) {
     if (isset($_POST['captcha']) and $_POST['captcha'] != '') {
         // Check for a mismatch get email user_id
         if (!isset($_POST['captcha']) or !isset($_SESSION['captcha']) or $_POST['captcha'] != $_SESSION['captcha']) {
             $replace = array('webmaster_email' => emailAdmin());
             $captcha_error = replace_vars($MOD_FORM['INCORRECT_CAPTCHA'], $replace);
         }
     } else {
         $replace = array('webmaster_email' => emailAdmin());
         $captcha_error = replace_vars($MOD_FORM['INCORRECT_CAPTCHA'], $replace);
     }
 }
 if (isset($_SESSION['captcha'])) {
     unset($_SESSION['captcha']);
 }
 // Loop through fields and add to message body
 // Get list of fields
 $sql = 'SELECT * FROM `' . TABLE_PREFIX . 'mod_form_fields` ';
 $sql .= 'WHERE `section_id` = ' . (int) $section_id . ' ';
 $sql .= 'ORDER BY position ASC';
 if ($query_fields = $database->query($sql)) {
     if ($query_fields->numRows() > 0) {
         while ($field = $query_fields->fetchRow(MYSQL_ASSOC)) {
             // Add to message body
示例#4
0
        global $database, $admin;
        $retval = $admin->get_email();
        if ($admin->get_user_id() != '1') {
            $sql = 'SELECT `email` FROM `' . TABLE_PREFIX . 'users` ';
            $sql .= 'WHERE `user_id`=\'1\' ';
            $retval = $database->get_one($sql);
        }
        return $retval;
    }
}
// Get Settings from DB
$sql = 'SELECT * FROM ' . TABLE_PREFIX . 'mod_form_settings ';
$sql .= 'WHERE `section_id` = ' . (int) $section_id . '';
if ($query_content = $database->query($sql)) {
    $setting = $query_content->fetchRow(MYSQL_ASSOC);
    $setting['email_to'] = $setting['email_to'] != '' ? $setting['email_to'] : emailAdmin();
    $setting['email_subject'] = $setting['email_subject'] != '' ? $setting['email_subject'] : '';
    $setting['success_email_subject'] = $setting['success_email_subject'] != '' ? $setting['success_email_subject'] : '';
    $setting['success_email_from'] = $admin->add_slashes(SERVER_EMAIL);
    $setting['success_email_fromname'] = $setting['success_email_fromname'] != '' ? $setting['success_email_fromname'] : WBMAILER_DEFAULT_SENDERNAME;
    $setting['success_email_subject'] = $setting['success_email_subject'] != '' ? $setting['success_email_subject'] : '';
}
// Set raw html <'s and >'s to be replace by friendly html code
$raw = array('<', '>');
$friendly = array('&lt;', '&gt;');
/*
// check if backend.css file needs to be included into the <body></body> of modify.php
if(!method_exists($admin, 'register_backend_modfiles') && file_exists(WB_PATH ."/modules/form/backend.css")) {
	echo '<style type="text/css">';
	include(WB_PATH .'/modules/form/backend.css');
	echo "\n</style>\n";
示例#5
0
            $retval = $database->get_one($sql);
        }
        return $retval;
    }
}
// load module language file
$lang = dirname(__FILE__) . '/languages/' . LANGUAGE . '.php';
require_once !file_exists($lang) ? dirname(__FILE__) . '/languages/EN.php' : $lang;
// This code removes any <?php tags and adds slashes
$friendly = array('&lt;', '&gt;', '?php');
$raw = array('<', '>', '');
$header = $admin->add_slashes($_POST['header']);
$field_loop = $admin->add_slashes($_POST['field_loop']);
$footer = $admin->add_slashes($_POST['footer']);
$email_to = $admin->add_slashes($_POST['email_to']);
$email_to = $email_to != '' ? $email_to : emailAdmin();
$email_from = $admin->add_slashes(SERVER_EMAIL);
$use_captcha = $admin->add_slashes($_POST['use_captcha']);
/*
if( isset($_POST['email_from_field']) && ($_POST['email_from_field'] != '')) {
	$email_from = $admin->add_slashes($_POST['email_from_field']);
} else {
	$email_from = $admin->add_slashes($_POST['email_from']);
}
*/
if (isset($_POST['email_fromname_field']) && $_POST['email_fromname_field'] != '') {
    $email_fromname = $admin->add_slashes($_POST['email_fromname_field']);
} else {
    $email_fromname = $admin->add_slashes($_POST['email_fromname']);
}
$email_subject = $admin->add_slashes($_POST['email_subject']);
<?php

//contact us in home page
//import general functions
require "functions.php";
//check input variables exist
if (isEmpty(@$_POST['name'])) {
    throw new GeneralException('Please enter your name.', 010);
} else {
    if (isEmpty(@$_POST['from'])) {
        throw new GeneralException('Please enter your email.', 011);
    } else {
        if (isEmpty(@$_POST['subject'])) {
            throw new GeneralException('Please enter a subject.', 012);
        } else {
            if (isEmpty(@$_POST['msg'])) {
                throw new GeneralException('Please enter a message.', 013);
            }
        }
    }
}
//read variables from register user form
$name = $_POST['name'];
$email = $_POST['from'];
$subject = $_POST['subject'];
$msg = $_POST['msg'];
//send an email to the admin from the user, when upload to server needs to be changed
emailAdmin($email, $name, $subject, $msg);
//return sent to client
returnValue("sent.");
示例#7
0
 public function resetPassword($username)
 {
     if (!empty($username)) {
         if ($uid = getUID($username)) {
             $query = sprintf("SELECT time FROM tokens WHERE affects = %d AND type = %d", $this->sql->sanitize($uid), $this->sql->sanitize(USER_RESETPW));
             $this->sql->query($query, SQL_FIRST);
             if (NULL == $this->sql->error) {
                 if (!empty($this->sql->record[0])) {
                     $this->error = "A reset request for this user has already been sent.";
                     return FALSE;
                 }
                 $passwordHash = $this->crypto->genPassword();
                 $passwordHash = explode(':::::', $passwordHash);
                 if ("" != ($email = $this->get($uid, USER_EMAIL))) {
                     $token = $this->crypto->genUniqueID();
                     $query = sprintf("INSERT INTO tokens (id, type, time, affects) values ('%s', %d, %d, %d", $this->sql->sanitize($token), $this->sql->sanitize(USER_RESETPW), $this->sql->sanitize(time()), $this->sql->sanitize($uid));
                     $this->sql->query($query);
                     if (NULL == $this->sql->error) {
                         $envelope = array('dest' => $email, 'subject' => 'Your password has been reset.', 'message' => 'To retrieve your new password and disable your old' . 'passwords, please visit the following link: ' . WEBSITE_URL . '?module=auth&action=confirm&id=' . $token);
                         if (emailAdmin($envelope)) {
                             return TRUE;
                         } else {
                             $this->error = "There was a problem sending the confirmation e-mail.";
                             return FALSE;
                         }
                     }
                 } else {
                     $this->error = "There is no e-mail assoiated with that user.";
                     return FALSE;
                 }
             }
             $this->error = "Query error.";
             return FALSE;
         } else {
             $this->error = "Invalid username.";
             return FALSE;
         }
     } else {
         $this->error = "You must enter a username.";
         return FALSE;
     }
 }