/**
* Send email
* Send an email to specified recipients. Supports RFC821-conform envelops.
*
* Email address must be formatted as in one of the following examples:
* john.doe@some.domain.tld
* <*****@*****.**>
* "John Doe" <*****@*****.**>
* "John Doe" john.doe@some.domain.tld
* John Doe <*****@*****.**>
* John Doe john.doe@some.domain.tld
* NOTE: Sender name must have UTF-8 charset
*
* Attached files must be passed to this function as an array of following structure:
* array ( <file_1>, <file_2>, ... )
* Single elements of that array must be an array of following structure:
* array ( 'filename' => 'invoice.pdf',
* 'mime_type' => 'application/pdf',
* 'body' => <file_contents_als_string> )
*
*
* @param string $from Sender email address
* @param mixed $to Receiver email address as string or multiple addresses as an array
* @param string $subject Subject
* @param mixed $cc CC Receiver email address as string or multiple addresses as an array
* @param mixed $bcc BCC Receiver email address as string or multiple addresses as an array
* @param string $body Email body
* @param array $files Attached files as array
* @return boolean TRUE on success or FALSE on error
*/
function send($from = '', $to = null, $subject = '', $cc = null, $bcc = null, $body = '', $files = null)
{
$result = false;
$from = trim($from);
$from_strict = $from;
$to_array = array();
$to_strict_array = array();
$cc_array = array();
$cc_strict_array = array();
$bcc_array = array();
$bcc_strict_array = array();
$default_mime = 'application/octet-stream';
if (!empty($to)) {
// From
$from = PCPIN_Email::convertEmailAddressRFC($from, false);
$from_strict = PCPIN_Email::convertEmailAddressRFC($from, true);
// To
if (!is_array($to)) {
$to = trim($to);
$to = $to != '' ? explode(';', $to) : array();
}
foreach ($to as $to_str) {
$to_str = trim($to_str);
if ($to_str != '') {
$to_str = PCPIN_Email::convertEmailAddressRFC($to_str, false);
if ($to_str != '') {
$to_array[] = $to_str;
}
$to_str_strict = PCPIN_Email::convertEmailAddressRFC($to_str, true);
if ($to_str_strict != '') {
$to_strict_array[] = $to_str_strict;
}
}
}
// CC
if (!is_array($cc)) {
$cc = trim($cc);
$cc = $cc != '' ? explode(';', $cc) : array();
}
foreach ($cc as $cc_str) {
$cc_str = trim($cc_str);
if ($cc_str != '') {
$cc_str = PCPIN_Email::convertEmailAddressRFC($cc_str, false);
if ($cc_str != '') {
$cc_array[] = $cc_str;
}
$cc_str_strict = PCPIN_Email::convertEmailAddressRFC($cc_str, true);
if ($cc_str_strict != '') {
$cc_strict_array[] = $cc_str_strict;
}
}
}
// BCC
if (!is_array($bcc)) {
$bcc = trim($bcc);
$bcc = $bcc != '' ? explode(';', $bcc) : array();
}
foreach ($bcc as $bcc_str) {
$bcc_str = trim($bcc_str);
if ($bcc_str != '') {
$bcc_str = PCPIN_Email::convertEmailAddressRFC($bcc_str, false);
if ($bcc_str != '') {
$bcc_array[] = $bcc_str;
}
$bcc_str_strict = PCPIN_Email::convertEmailAddressRFC($bcc_str, true);
if ($bcc_str_strict != '') {
$bcc_strict_array[] = $bcc_str_strict;
}
}
}
// Boundary
$boundary = '===' . md5(PCPIN_Common::randomString(32));
// Headers
$headers = array('Content-Type: multipart/mixed; boundary="' . $boundary . '";', 'Content-Transfer-Encoding: 7bit', 'MIME-Version: 1.0', 'X-Generator: PCPIN');
$headers_strict = $headers;
// From
if (!empty($from)) {
$headers[] = 'From: ' . $from;
}
if (!empty($from_strict)) {
$headers_strict[] = 'From: ' . $from_strict;
}
// CC
if (!empty($cc_array)) {
$headers[] = 'Cc: ' . implode(', ', $cc_array);
}
if (!empty($cc_strict_array)) {
$headers_strict[] = 'Cc: ' . implode(', ', $cc_strict_array);
}
// BCC
if (!empty($bcc_array)) {
$headers[] = 'Bcc: ' . implode(', ', $bcc_array);
}
if (!empty($bcc_strict_array)) {
$headers_strict[] = 'Bcc: ' . implode(', ', $bcc_strict_array);
}
// Create body
$message = '';
if ($body != '') {
$encoded_body = '';
$src = base64_encode($body);
while (true) {
$encoded_body .= substr($src, 0, 76);
$src = substr($src, 76);
if ($src != '') {
$encoded_body .= "\n";
} else {
break;
}
}
$message .= '--' . $boundary . "\n" . 'Content-Type: text/plain; charset=utf-8;' . "\n" . 'Content-Transfer-Encoding: base64' . "\n\n" . $encoded_body . "\n";
}
// Attachments
if (!empty($files)) {
foreach ($files as $file) {
if (empty($file['mime'])) {
$file['mime'] = $default_mime;
}
if (empty($file['filename'])) {
$file['filename'] = md5(PCPIN_Common::randomString(32));
}
$file['mime'] = str_replace('"', '\\"', $file['mime']);
$file['filename'] = str_replace('"', '\\"', PCPIN_Email::encodeHeaderValue($file['filename']));
$encoded_body = '';
$src = base64_encode($file['body']);
$encoded_body = wordwrap($src, 70, "\n", true);
$message .= '--' . $boundary . "\n" . 'Content-Type: ' . $file['mime'] . '; name="' . $file['filename'] . '";' . "\n" . 'Content-Transfer-Encoding: base64' . "\n" . 'Content-Disposition: attachment; filename="' . $file['filename'] . '"' . "\n\n" . $encoded_body . "\n";
}
}
if ($message != '') {
$message .= "\n" . '--' . $boundary . '--' . "\n";
}
// Trying to send mail
if (false === ($result = mail(implode(', ', $to_array), PCPIN_Email::encodeHeaderValue($subject), $message, implode("\n", $headers)))) {
// Failed. Trying to use RFC821-conform envelope.
$result = mail(implode(', ', $to_strict_array), PCPIN_Email::encodeHeaderValue($subject), $message, implode("\n", $headers_strict));
}
}
return $result;
}
$current_version = $version->_db_list[0]['version'];
$last_check = $version->_db_list[0]['last_version_check'] > '0000-00-00 00:00:00' ? $current_user->makeDate(PCPIN_Common::datetimeToTimestamp($version->_db_list[0]['last_version_check'])) : $l->g('never');
$new_version_available = $version->_db_list[0]['new_version_available'];
$new_version_url = $version->_db_list[0]['new_version_url'];
} else {
$current_version = 6.0;
$last_check = $l->g('never');
$new_version_available = $current_version;
$new_version_url = '';
}
$current_version = number_format($current_version, 2, '.', '');
$new_version_available = number_format($new_version_available, 2, '.', '');
if (!empty($do_check)) {
// Check for new version
// Generate new security key
$key = PCPIN_Common::randomString(36, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_-()[].,');
$version->setVersionCheckKey($key);
$session->_s_updateSession($session->_s_id, true, true, null, null, null, md5($key));
header('Location: ' . PCPIN_VERSIONCHECKER_URL . '?' . htmlspecialchars($key));
die;
}
// Initialize template handler
_pcpin_loadClass('pcpintpl');
$tpl = new PcpinTpl();
$tpl->setBasedir('./tpl');
$tpl->readTemplatesFromFile('./admin/versions.tpl');
// Add global vars to template
foreach ($global_tpl_vars as $key => $val) {
$tpl->addGlobalVar($key, htmlspecialchars($val));
}
// Add language expressions to template
/**
* Create new session
* @param int $user_id Optional ID of session owner user
* @param int $last_message_id ID of last message received by session owner
* @param int $language_id Optional. Selected language. If empty, then default language will be used.
* @param string $backend_login Optional. 'y', if user is Administrator and logged directly into Admin Backend.
*/
function _s_newSession($user_id = 0, $last_message_id = 0, $language_id = 0, $backend_login = '******')
{
$ok = false;
if ($backend_login !== 'y' && $backend_login !== 'n') {
$backend_login = '******';
}
$max_attempts = 100;
do {
// Generate new session ID
$this->_s_id = PCPIN_Common::randomString(PCPIN_SID_LENGTH, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789');
// Check new session ID
if (!$this->_db_getList('_s_id', '_s_id = ' . $this->_s_id, 1)) {
// New session ID is unique
// Check language
_pcpin_loadClass('language');
$language = new PCPIN_Language($this);
if (empty($this->_conf_all['allow_language_selection']) || 0 == ($language_id = $language->checkLanguage($language_id))) {
$language_id = $this->_conf_all['default_language'];
}
// Set all object properties up
$this->_s_ip = PCPIN_CLIENT_IP;
$this->_s_client_agent_name = PCPIN_CLIENT_AGENT_NAME;
$this->_s_client_agent_version = PCPIN_CLIENT_AGENT_VERSION;
$this->_s_client_os = PCPIN_CLIENT_OS;
$this->_s_created = date('Y-m-d H:i:s');
$this->_s_last_ping = date('Y-m-d H:i:s');
$this->_s_language_id = $language_id;
$this->_s_user_id = $user_id;
$this->_s_security_code = md5(PCPIN_Common::randomString(mt_rand(100, 255)));
$this->_s_security_code_img = '';
$this->_s_room_id = 0;
$this->_s_room_date = '';
$this->_s_last_message_id = $last_message_id;
$this->_s_last_sent_message_time = '0000-00-00 00:00:00';
$this->_s_last_sent_message_hash = '';
$this->_s_last_sent_message_repeats_count = 0;
$this->_s_online_status = 1;
$this->_s_online_status_message = '';
$this->_s_kicked = 'n';
$this->_s_stealth_mode = 'n';
$this->_s_backend = $backend_login;
$this->_s_page_unloaded = 'n';
// Save session into database
$ok = $this->_db_insertObj();
}
$max_attempts--;
} while ($ok !== true && $max_attempts > 0);
$this->_db_freeList();
if (!$ok) {
PCPIN_Common::dieWithError(-1, '<b>Fatal error</b>: Failed to create new session');
}
}
}
if (!PCPIN_Common::checkEmail($email, $session->_conf_all['email_validation_level'])) {
// Email invalid
$xmlwriter->setHeaderStatus(1);
$xmlwriter->setHeaderMessage($l->g('email_invalid'));
} else {
if (!$current_user->checkEmailUnique($profile_user_id, $email)) {
// Email address already taken
$xmlwriter->setHeaderStatus(1);
$xmlwriter->setHeaderMessage($l->g('email_already_taken'));
} else {
// Email address is free
if ($current_user->is_admin !== 'y' && !empty($session->_conf_all['activate_new_emails'])) {
// Email address needs to be activated
$activation_required = 1;
$email_new_activation_code = PCPIN_Common::randomString(18, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789');
$profile_user->email_new = $email;
$profile_user->email_new_date = date('Y-m-d H:i:s');
$profile_user->email_new_activation_code = md5($email_new_activation_code);
$profile_user->_db_updateObj($profile_user->id);
$email_body = $l->g('email_email_address_activation');
$email_body = str_replace('[HOURS]', $session->_conf_all['new_email_activation_timeout'], $email_body);
$email_body = str_replace('[SENDER]', $session->_conf_all['chat_email_sender_name'], $email_body);
$email_body = str_replace('[ACTIVATION_URL]', str_replace(' ', '%20', $session->_conf_all['base_url']) . '?activate_email&activation_code=' . urlencode($email_new_activation_code), $email_body);
$email_body = str_replace('[CHAT_NAME]', $session->_conf_all['chat_name'], $email_body);
PCPIN_Email::send('"' . $session->_conf_all['chat_email_sender_name'] . '"' . ' <' . $session->_conf_all['chat_email_sender_address'] . '>', $email, $l->g('email_address_activation'), null, null, $email_body);
$xmlwriter->setHeaderStatus(0);
$xmlwriter->setHeaderMessage(str_replace('[EMAIL]', $email, $l->g('email_address_activation_sent')));
} else {
// Save new email address
$activation_required = 0;
/**
* Insert new user into database
* @param string $login Login name
* @param string $password Password (NOT encoded!!!)
* @param string $email E-Mail address
* @param int $hide_email Hide E-Mail address? (0: No, 1: Yes)
* @param string $guest Flag: "y" if user is a guest, "n" if user was registered
* @param string $activation_code If new account activation enabled: Activation code (MD5-encoded)
* @param int $language_id Language ID. If empty: language ID from current session will be used
* @return boolean TRUE on success or FALSE on error
*/
function newUser($login, $password = '', $email = '', $hide_email = 0, $guest = 'n', $activation_code = '', $language_id = 0)
{
$result = false;
$this->id = 0;
$login = trim($login);
$email = trim($email);
if ($login != '' && $password != '') {
$this->id = 0;
$this->login = $login;
$this->password = md5($password);
$this->password_new = md5(PCPIN_Common::randomString(mt_rand(100, 255)));
$this->email = $email;
$this->email_new = '';
$this->email_new_date = '';
$this->email_new_activation_code = '';
$this->hide_email = $hide_email;
$this->joined = date('Y-m-d H:i:s');
$this->activated = $activation_code == '' ? 'y' : 'n';
$this->activation_code = $activation_code;
$this->last_login = '';
$this->previous_login = '';
$this->time_online = 0;
$this->date_format = $this->_conf_all['date_format'];
$this->last_message_id = 0;
$this->moderated_rooms = '';
$this->moderated_categories = '';
$this->is_admin = 'n';
$this->banned_by = 0;
$this->banned_by_username = '';
$this->banned_until = '';
$this->banned_permanently = 'n';
$this->ban_reason = '';
$this->muted_users = '';
$this->global_muted_by = 0;
$this->global_muted_by_username = '';
$this->global_muted_until = '';
$this->global_muted_permanently = 'n';
$this->global_muted_reason = '';
$this->time_zone_offset = 0;
$this->is_guest = $guest;
$this->show_message_time = '';
$this->outgoing_message_color = '';
$this->language_id = !empty($language_id) ? $language_id : $this->_s_language_id;
$this->allow_sounds = '';
$this->room_selection_view = $this->_conf_all['room_selection_display_type'];
// Insert row
if ($this->_db_insertObj()) {
$result = true;
$this->id = $this->_db_lastInsertID();
$this_id = $this->id;
// Add new nickname
_pcpin_loadClass('nickname');
$nickname = new PCPIN_Nickname($this);
if (!$nickname->_db_getList('id', 'nickname_plain = ' . $login, 1)) {
$nickname->addNickname($this_id, '^' . $this->_conf_all['default_nickname_color'] . $login);
}
$this->id = $this_id;
}
}
return $result;
}
/**
* Constructor
* @param string $header_service Service name
* @param string $encoding Optional. XML encoding
* @param string $name Optional. Name of the root element
* @param string $type Optional. Type of the root element
* @param boolean $indent Optional. Whether to indent XML or not
* @param string $indent_string Optional. Indent string
*/
function PCPIN_XMLWrite($header_service, $encoding = PCPIN_XMLDOC_ENCODING, $name = PCPIN_XMLDOC_ROOT_NAME, $indent = PCPIN_XMLDOC_INDENT, $indent_string = PCPIN_XMLDOC_INDENT_STRING)
{
$this->set('root_name', $name);
$this->set('encoding', $encoding);
$this->set('indent', $indent);
$this->set('indent_string', $indent_string);
$this->set('cdata_escape_sequence', '_' . PCPIN_Common::randomString(12) . '_');
$this->set('xml_data', array());
$this->set('header_service', $header_service);
}
*/
if (!empty($sk) && !empty($nv) && !empty($dl)) {
_pcpin_loadClass('version');
$version = new PCPIN_Version($session);
if ($version->_db_getList(1)) {
$current_version = $version->_db_list[0]['version'];
$last_check = $version->_db_list[0]['last_version_check'] > '0000-00-00 00:00:00' ? $current_user->makeDate(PCPIN_Common::datetimeToTimestamp($version->_db_list[0]['last_version_check'])) : $l->g('never');
$new_version_available = $version->_db_list[0]['new_version_available'];
$new_version_url = $version->_db_list[0]['new_version_url'];
$version_check_key = $version->_db_list[0]['version_check_key'];
} else {
$current_version = 6.0;
$last_check = $l->g('never');
$new_version_available = $current_version;
$new_version_url = '';
$version_check_key = PCPIN_Common::randomString(mt_rand(10, 20));
}
$version->_db_freeList();
// Check security key
if (!empty($version_check_key) && md5($sk) == $version_check_key) {
if ($session->_db_getList('_s_id', '_s_security_code = ' . $version_check_key, 1)) {
// Security key check passed
$old_session = $session->_db_list[0]['_s_id'];
// Save version number
$version->setLastVersionCheckTime();
$version->setNewestAvailableVersion($nv);
$version->setVersionCheckKey();
$version->setNewVersionDownloadUrl(base64_decode($dl));
$session->_s_updateSession($old_session, false, true, null, null, null, '');
header('Location: ' . PCPIN_ADMIN_FORMLINK . '?s_id=' . $old_session . '&ainc=versions&version_checked');
die;
// Avatar
$avatar->deleteAvatar($current_user_set['id']);
if (!empty($_pcpin_slave_userdata['avatar'])) {
$new_avatar_data = null;
if (PCPIN_IMAGE_CHECK_OK === PCPIN_Image::checkImage($new_avatar_data, $_pcpin_slave_userdata['avatar'], $session->_conf_all['avatar_image_types'], 0, 0, 0, true)) {
if ($binaryfile->newBinaryFile(file_get_contents($_pcpin_slave_userdata['avatar']), $new_avatar_data['mime'], $new_avatar_data['width'], $new_avatar_data['height'], 'log')) {
$avatar->addAvatar($binaryfile->id, $current_user_set['id']);
}
}
}
}
} else {
// User not exists yet
$login = $_pcpin_slave_userdata['login'];
// Create new user
$current_user->newUser($_pcpin_slave_userdata['login'], PCPIN_Common::randomString(32), $_pcpin_slave_userdata['email'], $_pcpin_slave_userdata['hide_email'], 'n', '');
$current_user->password = $_pcpin_slave_userdata['password'];
$_pcpin_slave_userdata_md5_password = $_pcpin_slave_userdata['password'];
$current_user->_db_updateObj($current_user->id);
// Userdata
$current_userdata->_db_getList('user_id = ' . $current_user->id, 1);
$current_userdata_set = $current_userdata->_db_list[0];
$current_userdata->_db_freeList();
$update_args = array();
foreach ($_pcpin_slave_userdata as $key => $val) {
if (!is_null($val) && isset($current_userdata_set[$key]) && $current_userdata_set[$key] != $val) {
$update_args[$key] = $val;
}
}
if (!empty($update_args)) {
$current_userdata->_db_updateRow($current_user->id, 'user_id', $update_args);
/**
* Export language object as string.
* Output string will have following format: <hash><data>
* <hash> - MD5 hash of the <data> (32 chars)
* <data> - Serialized and BASE64-encoded array in following format:
* array (
* // Header data.
* 'data_type' => 'language' ,
* 'pcpin_version' => 'pcpin_chat_<version>' ,
* 'date_created' => '<UNIX_TIMESTAMP>' ,
* 'rand' => '<RANDOM_STRING_32_BYTES>' ,
* // Main data block as serialized and BASE64-encoded array in following format (all values are hexadecial):
* 'data' => array (
* 'iso_name' => '<ISO_CODE>' ,
* 'local_name' => '<LOCAL_NAME>' ,
* 'expressions' => array (
* array (
* 'code' => '<EXPRESSION_CODE>' ,
* 'value' => '<EXPRESSION_VALUE>' ,
* 'multi_row' => '<EXPRESSION_MULTI_ROW>'
* ) ,
* ...
* )
* )
* )
* @param int $language_id Language ID to export
* @return mixed (string) Language data string on success or (boolean) FALSE on error
*/
function exportLanguage($language_id = 0)
{
$out = false;
if (!empty($language_id) && $this->_db_getList('x0iso_name, x0name, x0local_name', 'id = ' . $language_id, 1)) {
$lng = array('data_type' => 'language', 'pcpin_version' => 'pcpin_chat_' . PCPIN_VERSION, 'date_created' => time(), 'rand' => PCPIN_Common::randomString(32), 'data' => array('iso_name' => $this->_db_list[0]['iso_name'], 'local_name' => $this->_db_list[0]['local_name'], 'expressions' => array()));
$this->_db_freeList();
_pcpin_loadClass('language_expression');
$language_expression = new PCPIN_Language_Expression($this);
if ($language_expression->_db_getList('x0code, x0value, x0multi_row', 'language_id = ' . $language_id)) {
while ($expr = array_pop($language_expression->_db_list)) {
$lng['data']['expressions'][] = array('code' => $expr['code'], 'value' => $expr['value'], 'multi_row' => $expr['multi_row']);
}
$out = base64_encode(serialize($lng));
unset($lng);
// Get hash
$out = strtoupper(md5($out)) . $out;
}
}
return $out;
}
$tries = 100;
do {
$login = $l->g('guest') . mt_rand(0, 999);
if ($current_user->checkUsernameUnique($login) && $current_user->newUser($login, PCPIN_Common::randomString(mt_rand(100, 255)), '', 1, 'y')) {
// User created
$xmlwriter->setHeaderMessage('OK');
$xmlwriter->setHeaderStatus(0);
$user_created = true;
// Create new session and log it in
$session->_s_logIn($current_user->id, 0, $language_id);
// Update user
$current_user->_db_loadObj($current_user->id);
$current_user->previous_login = '******';
$current_user->last_login = date('Y-m-d H:i:s');
$current_user->time_zone_offset = $time_zone_offset;
$current_user->password_new = md5(PCPIN_Common::randomString(mt_rand(30, 120)));
$current_user->_db_updateObj($session->_s_user_id);
// Insert system message
$msg->addMessage(101, 'n', 0, '', 0, 0, $session->_s_user_id);
break;
}
if (--$tries == 0) {
break;
}
} while (true);
if (!$user_created) {
$xmlwriter->setHeaderMessage($l->g('error'));
}
}
}
}
}
if (empty($errortext)) {
// Check data
if ($current_user->_db_getList('id,login', 'email = ' . $email, 'activated = y', 'is_guest = n', 1)) {
// Email address found
$user_id = $current_user->_db_list[0]['id'];
$login = $current_user->_db_list[0]['login'];
$current_user->_db_freeList();
} else {
// Wrong Email
$errortext[] = $l->g('email_not_found');
}
}
if (!empty($errortext)) {
$xmlwriter->setHeaderStatus(1);
$xmlwriter->setHeaderMessage('- ' . implode("\n- ", $errortext));
} else {
// Reset password
$password_new = PCPIN_Common::randomString(mt_rand(6, 8), 'abcdefghijklmnopqrstuvwxyz0123456789');
$current_user->_db_updateRow($user_id, 'id', array('password_new' => md5($password_new)));
// Send "password reset" email
$email_body = $l->g('email_password_reset');
$email_body = str_replace('[CHAT_NAME]', $session->_conf_all['chat_name'], $email_body);
$email_body = str_replace('[USERNAME]', $login, $email_body);
$email_body = str_replace('[PASSWORD]', $password_new, $email_body);
$email_body = str_replace('[URL]', str_replace(' ', '%20', $session->_conf_all['base_url']), $email_body);
$email_body = str_replace('[SENDER]', $session->_conf_all['chat_email_sender_name'], $email_body);
PCPIN_Email::send('"' . $session->_conf_all['chat_email_sender_name'] . '"' . ' <' . $session->_conf_all['chat_email_sender_address'] . '>', $email, $l->g('password_reset'), null, null, $email_body);
$xmlwriter->setHeaderStatus(0);
$xmlwriter->setHeaderMessage(str_replace('[EMAIL]', $email, $l->g('new_password_sent')));
}
