php-e107/email.php

<?php
/*
+ ----------------------------------------------------------------------------+
|     e107 website system
|
|     Copyright (C) 2008-2009 e107 Inc (e107.org)
|     http://e107.org
|
|
|     Released under the terms and conditions of the
|     GNU General Public License (http://gnu.org).
|
|     $Source: /cvs_backup/e107_0.8/email.php,v $
|     $Revision$
|     $Date$
|     $Author$
+----------------------------------------------------------------------------+
*/
require_once('class2.php');
if (!check_class(varset($pref['email_item_class'],e_UC_MEMBER)))
{
	header('Location: '.e_BASE.'index.php');
	exit();
}

e107::includeLan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE);

require_once(HEADERF);

$use_imagecode = FALSE;
$imgtypes = array('jpeg', 'png', 'gif');
foreach($imgtypes as $t)
{
	if(function_exists('imagecreatefrom'.$t))
	{
		$use_imagecode = TRUE;
	}
}

if ($use_imagecode)
{
	require_once(e_HANDLER.'secure_img_handler.php');
	$sec_img = new secure_image;
}

if (e_QUERY)
{
	$qs = explode('.', e_QUERY, 2);
}
else
{
	e107::redirect();
	exit;
}
$source = $qs[0];
$parms = varset($qs[1], '');
unset($qs);
$error = '';
$message = '';

$referrer = strip_tags(urldecode(html_entity_decode(varset($_SERVER['HTTP_REFERER'],''), ENT_QUOTES)));
$emailurl = ($source == 'referer') ? $referrer : SITEURL;

$comments = $tp->post_toHTML(varset($_POST['comment'],''), TRUE, 'retain_nl, emotes_off, no_make_clickable');
$author = $tp->post_toHTML(varset($_POST['author_name'],''),FALSE,'emotes_off, no_make_clickable');
$email_send = check_email(varset($_POST['email_send'],''));


if (isset($_POST['emailsubmit']))
{
	if (!$email_send)
	{
		$error .= LAN_EMAIL_106;
	}

	if($use_imagecode)
	{
		if(!isset($_POST['code_verify']) || !isset($_POST['rand_num']))
		{
			e107::redirect();
			exit;
		}
		if (!$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify']))
		{
			e107::redirect();
			exit;
		}
	}

	if ($comments == '')
	{
		$message = LAN_EMAIL_6.' '.SITENAME.' ('.SITEURL.')';
		if (USER == TRUE)
		{
			$message .= "\n\n".LAN_EMAIL_1." ".USERNAME;
		}
		else
		{
			$message .= "\n\n".LAN_EMAIL_1." ".$author;
		}
	}
	else
	{
//		$message .= $comments."\n";			// Added to message later on
	}
	$ip = e107::getIPHandler()->getIP(FALSE);
	$message .= "\n\n".LAN_EMAIL_2." ".$ip."\n\n";

	if (substr($source,0,7) == 'plugin:')
	{
		$plugin = substr($source,7);
		$text = '';
		if(file_exists(e_PLUGIN.$plugin.'/e_emailprint.php'))
		{
			include_once(e_PLUGIN.$plugin.'/e_emailprint.php');
			$text = email_item($parms);
			$emailurl = SITEURL;
		}
		if($text == '')
		{
			e107::redirect();
			exit;
		}
		$message .= $text;
	}
	elseif($source == 'referer')
	{
		if(!isset($_POST['referer']) || $_POST['referer'] == '')
		{
			e107::redirect();
			exit;
		}
		$message .= strip_tags($_POST['referer']);
		$emailurl = strip_tags($_POST['referer']);
	}
	else
	{
		$emailurl = strip_tags($_POST['referer']);
		$message = '';
		if($sql->db_Select('news', 'news_title, news_body, news_extended', 'news_id='.((int)$parms)))
		{
			$row = $sql->db_Fetch();
			$message = "<h3 class='email_heading'>".$row['news_title']."</h3><br />".$row['news_body']."<br />".$row['news_extended']."<br /><br /><a href='{e_BASE}news.php?extend.".$parms."'>{e_BASE}news.php?extend.".$parms."</a><br />";
			$message = $tp->toEmail($message);
		}

		if($message == '')
		{
			e107::redirect();
			exit;
		}
	}

	if ($error == '')
	{
		// Load Mail Handler and Email Template.
		require_once(e_HANDLER.'mail.php');

		$email_body = (trim($comments) != '') ? $tp->toEmail($comments).'<hr />' : '';
		$email_body .= $tp->toEmail($message);

		if (sendemail($email_send, LAN_EMAIL_3.SITENAME,$email_body))
		{
			$text = "<div style='text-align:center'>".LAN_EMAIL_10." ".$email_send."</div>";
		}
		else
		{
			$text = "<div style='text-align:center'>".LAN_EMAIL_9."</div>";
		}
		$ns->tablerender(LAN_EMAIL_11, $text);
	}
	else
	{
		$ns->tablerender(LAN_ERROR, "<div style='text-align:center'>".$error."</div>");
	}
}


// --------------------- Form -------------------------------------------------


$text = "<form method='post' action='".e_SELF."?".e_QUERY."'>\n
	<table>";

if (USER != TRUE)
{
	$text .= "<tr>
	<td style='width:25%'>".LAN_EMAIL_15."</td>
	<td style='width:75%'>
	<input class='tbox' type='text' name='author_name' size='60' style='width:95%' value='$author' maxlength='100' />
	</td>
	</tr>";
}

$text .= "
<tr>
<td style='width:25%'>".LAN_EMAIL_8."</td>
<td style='width:75%'>
<textarea class='tbox' name='comment' cols='70' rows='4' style='width:95%'>".LAN_EMAIL_6." ".SITENAME." (".$emailurl.")
";

if (USER == TRUE)
{
	$text .= "\n\n".LAN_EMAIL_1." ".USERNAME;
}

$text .= "</textarea>
</td>
</tr>

<tr>
<td style='width:25%'>".LAN_EMAIL_187."</td>
<td style='width:75%'>
<input class='tbox' type='text' name='email_send' size='60' value='$email_send' style='width:95%' maxlength='100' />
</td>
</tr>
";

if($use_imagecode)
{
	$text .= "<tr><td>".LAN_EMAIL_190."</td><td>";
	$text .= $sec_img->r_image();
	$text .= " <input class='tbox' type='text' name='code_verify' size='15' maxlength='20' />
	<input type='hidden' name='rand_num' value='".$sec_img->random_number."' /></td></tr>";
}

$text .= "
<tr style='vertical-align:top'>
<td style='width:25%'></td>
<td style='width:75%'>
<input class='btn btn-default button' type='submit' name='emailsubmit' value='".LAN_EMAIL_4."' />
<input type='hidden' name='referer' value='".$referrer."' />
</td>
</tr>
</table>
</form>";

$ns->tablerender(LAN_EMAIL_5, $text);

require_once(FOOTERF);
?>
new module creation 2006-12-02 04:36:16 +00:00			`<?php`
			`/*`
			`+ ----------------------------------------------------------------------------+`
			`\| e107 website system`
			`\|`
Fix copyright info. 2009-11-18 01:06:08 +00:00			`\| Copyright (C) 2008-2009 e107 Inc (e107.org)`
new module creation 2006-12-02 04:36:16 +00:00			`\| http://e107.org`
Updated file description 2009-07-14 05:31:57 +00:00			`\|`
new module creation 2006-12-02 04:36:16 +00:00			`\|`
			`\| Released under the terms and conditions of the`
			`\| GNU General Public License (http://gnu.org).`
			`\|`
			`\| $Source: /cvs_backup/e107_0.8/email.php,v $`
svn keywords added (v0.8) 2010-02-10 18:18:01 +00:00			`\| $Revision$`
			`\| $Date$`
			`\| $Author$`
new module creation 2006-12-02 04:36:16 +00:00			`+----------------------------------------------------------------------------+`
			`*/`
Additional checking 2009-11-03 22:08:03 +00:00			`require_once('class2.php');`
Allow control of who can email items 2009-09-28 21:00:18 +00:00			`if (!check_class(varset($pref['email_item_class'],e_UC_MEMBER)))`
			`{`
			`header('Location: '.e_BASE.'index.php');`
			`exit();`
			`}`

Code cleanup: deprecated include_lan() 2017-01-23 09:41:23 -08:00			`e107::includeLan(e_LANGUAGEDIR.e_LANGUAGE.'/lan_'.e_PAGE);`
Add include_lan() to fornt 2009-08-28 15:30:25 +00:00
new module creation 2006-12-02 04:36:16 +00:00			`require_once(HEADERF);`

			`$use_imagecode = FALSE;`
Additional checking 2009-11-03 22:08:03 +00:00			`$imgtypes = array('jpeg', 'png', 'gif');`
new module creation 2006-12-02 04:36:16 +00:00			`foreach($imgtypes as $t)`
			`{`
Additional checking 2009-11-03 22:08:03 +00:00			`if(function_exists('imagecreatefrom'.$t))`
new module creation 2006-12-02 04:36:16 +00:00			`{`
			`$use_imagecode = TRUE;`
			`}`
			`}`

			`if ($use_imagecode)`
			`{`
Additional checking 2009-11-03 22:08:03 +00:00			`require_once(e_HANDLER.'secure_img_handler.php');`
new module creation 2006-12-02 04:36:16 +00:00			`$sec_img = new secure_image;`
			`}`

Additional checking 2009-11-03 22:08:03 +00:00			`if (e_QUERY)`
			`{`
			`$qs = explode('.', e_QUERY, 2);`
			`}`
			`else`
new module creation 2006-12-02 04:36:16 +00:00			`{`
Header location cleanup. From now, please use e107::redirect(); to redirect to the home page, or e107::redirect('admin'); to redirect to the admin start page or e107::redirect($url); 2016-01-13 19:17:37 -08:00			`e107::redirect();`
new module creation 2006-12-02 04:36:16 +00:00			`exit;`
			`}`
			`$source = $qs[0];`
Additional checking 2009-11-03 22:08:03 +00:00			`$parms = varset($qs[1], '');`
			`unset($qs);`
			`$error = '';`
			`$message = '';`
new module creation 2006-12-02 04:36:16 +00:00
Additional checking 2009-11-03 22:08:03 +00:00			`$referrer = strip_tags(urldecode(html_entity_decode(varset($_SERVER['HTTP_REFERER'],''), ENT_QUOTES)));`
			`$emailurl = ($source == 'referer') ? $referrer : SITEURL;`
new module creation 2006-12-02 04:36:16 +00:00
Additional checking 2009-11-03 22:08:03 +00:00			`$comments = $tp->post_toHTML(varset($_POST['comment'],''), TRUE, 'retain_nl, emotes_off, no_make_clickable');`
			`$author = $tp->post_toHTML(varset($_POST['author_name'],''),FALSE,'emotes_off, no_make_clickable');`
			`$email_send = check_email(varset($_POST['email_send'],''));`
new module creation 2006-12-02 04:36:16 +00:00

			`if (isset($_POST['emailsubmit']))`
			`{`
			`if (!$email_send)`
			`{`
			`$error .= LAN_EMAIL_106;`
			`}`

			`if($use_imagecode)`
			`{`
			`if(!isset($_POST['code_verify']) \|\| !isset($_POST['rand_num']))`
			`{`
Header location cleanup. From now, please use e107::redirect(); to redirect to the home page, or e107::redirect('admin'); to redirect to the admin start page or e107::redirect($url); 2016-01-13 19:17:37 -08:00			`e107::redirect();`
new module creation 2006-12-02 04:36:16 +00:00			`exit;`
			`}`
			`if (!$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify']))`
			`{`
Header location cleanup. From now, please use e107::redirect(); to redirect to the home page, or e107::redirect('admin'); to redirect to the admin start page or e107::redirect($url); 2016-01-13 19:17:37 -08:00			`e107::redirect();`
new module creation 2006-12-02 04:36:16 +00:00			`exit;`
			`}`
			`}`

Additional checking 2009-11-03 22:08:03 +00:00			`if ($comments == '')`
new module creation 2006-12-02 04:36:16 +00:00			`{`
Avoid duplicate message when emailing items - thanks btoovey 2010-09-21 18:06:56 +00:00			`$message = LAN_EMAIL_6.' '.SITENAME.' ('.SITEURL.')';`
new module creation 2006-12-02 04:36:16 +00:00			`if (USER == TRUE)`
			`{`
			`$message .= "\n\n".LAN_EMAIL_1." ".USERNAME;`
			`}`
			`else`
			`{`
			`$message .= "\n\n".LAN_EMAIL_1." ".$author;`
			`}`
			`}`
			`else`
			`{`
Avoid duplicate message when emailing items - thanks btoovey 2010-09-21 18:06:56 +00:00			`// $message .= $comments."\n"; // Added to message later on`
new module creation 2006-12-02 04:36:16 +00:00			`}`
Update function calls where moved from e107_class.php to iphandler_class.php 2012-01-02 22:06:22 +00:00			`$ip = e107::getIPHandler()->getIP(FALSE);`
new module creation 2006-12-02 04:36:16 +00:00			`$message .= "\n\n".LAN_EMAIL_2." ".$ip."\n\n";`

Additional checking 2009-11-03 22:08:03 +00:00			`if (substr($source,0,7) == 'plugin:')`
new module creation 2006-12-02 04:36:16 +00:00			`{`
			`$plugin = substr($source,7);`
Additional checking 2009-11-03 22:08:03 +00:00			`$text = '';`
			`if(file_exists(e_PLUGIN.$plugin.'/e_emailprint.php'))`
new module creation 2006-12-02 04:36:16 +00:00			`{`
Additional checking 2009-11-03 22:08:03 +00:00			`include_once(e_PLUGIN.$plugin.'/e_emailprint.php');`
new module creation 2006-12-02 04:36:16 +00:00			`$text = email_item($parms);`
			`$emailurl = SITEURL;`
			`}`
Additional checking 2009-11-03 22:08:03 +00:00			`if($text == '')`
new module creation 2006-12-02 04:36:16 +00:00			`{`
Header location cleanup. From now, please use e107::redirect(); to redirect to the home page, or e107::redirect('admin'); to redirect to the admin start page or e107::redirect($url); 2016-01-13 19:17:37 -08:00			`e107::redirect();`
new module creation 2006-12-02 04:36:16 +00:00			`exit;`
			`}`
			`$message .= $text;`
			`}`
Additional checking 2009-11-03 22:08:03 +00:00			`elseif($source == 'referer')`
new module creation 2006-12-02 04:36:16 +00:00			`{`
			`if(!isset($_POST['referer']) \|\| $_POST['referer'] == '')`
			`{`
Header location cleanup. From now, please use e107::redirect(); to redirect to the home page, or e107::redirect('admin'); to redirect to the admin start page or e107::redirect($url); 2016-01-13 19:17:37 -08:00			`e107::redirect();`
new module creation 2006-12-02 04:36:16 +00:00			`exit;`
			`}`
Additional checking 2009-11-03 22:08:03 +00:00			`$message .= strip_tags($_POST['referer']);`
			`$emailurl = strip_tags($_POST['referer']);`
new module creation 2006-12-02 04:36:16 +00:00			`}`
			`else`
			`{`
Additional checking 2009-11-03 22:08:03 +00:00			`$emailurl = strip_tags($_POST['referer']);`
Fixes for MYSQL_ASSOC change in db_Fetch 2009-01-22 01:58:29 +00:00			`$message = '';`
fixed parse error 2009-04-16 10:19:50 +00:00			`if($sql->db_Select('news', 'news_title, news_body, news_extended', 'news_id='.((int)$parms)))`
Fixes for MYSQL_ASSOC change in db_Fetch 2009-01-22 01:58:29 +00:00			`{`
			`$row = $sql->db_Fetch();`
			`$message = "<h3 class='email_heading'>".$row['news_title']."</h3><br />".$row['news_body']."<br />".$row['news_extended']."<br /><br /><a href='{e_BASE}news.php?extend.".$parms."'>{e_BASE}news.php?extend.".$parms."</a><br />";`
			`$message = $tp->toEmail($message);`
			`}`
new module creation 2006-12-02 04:36:16 +00:00
Additional checking 2009-11-03 22:08:03 +00:00			`if($message == '')`
new module creation 2006-12-02 04:36:16 +00:00			`{`
Header location cleanup. From now, please use e107::redirect(); to redirect to the home page, or e107::redirect('admin'); to redirect to the admin start page or e107::redirect($url); 2016-01-13 19:17:37 -08:00			`e107::redirect();`
new module creation 2006-12-02 04:36:16 +00:00			`exit;`
			`}`
			`}`

Additional checking 2009-11-03 22:08:03 +00:00			`if ($error == '')`
new module creation 2006-12-02 04:36:16 +00:00			`{`
Fixes for MYSQL_ASSOC change in db_Fetch 2009-01-22 01:58:29 +00:00			`// Load Mail Handler and Email Template.`
Additional checking 2009-11-03 22:08:03 +00:00			`require_once(e_HANDLER.'mail.php');`
Removed embedded email header - now managed with mail class. 2011-05-05 06:05:26 +00:00
			`$email_body = (trim($comments) != '') ? $tp->toEmail($comments).'<hr />' : '';`
			`$email_body .= $tp->toEmail($message);`
new module creation 2006-12-02 04:36:16 +00:00
			`if (sendemail($email_send, LAN_EMAIL_3.SITENAME,$email_body))`
			`{`
			`$text = "<div style='text-align:center'>".LAN_EMAIL_10." ".$email_send."</div>";`
			`}`
			`else`
			`{`
			`$text = "<div style='text-align:center'>".LAN_EMAIL_9."</div>";`
			`}`
			`$ns->tablerender(LAN_EMAIL_11, $text);`
			`}`
			`else`
			`{`
this one slipped through 2015-06-25 21:27:30 +02:00			`$ns->tablerender(LAN_ERROR, "<div style='text-align:center'>".$error."</div>");`
new module creation 2006-12-02 04:36:16 +00:00			`}`
			`}`


			`// --------------------- Form -------------------------------------------------`



			`$text = "<form method='post' action='".e_SELF."?".e_QUERY."'>\n`
Additional checking 2009-11-03 22:08:03 +00:00			`<table>";`
new module creation 2006-12-02 04:36:16 +00:00
			`if (USER != TRUE)`
			`{`
			`$text .= "<tr>`
Fixes for MYSQL_ASSOC change in db_Fetch 2009-01-22 01:58:29 +00:00			`<td style='width:25%'>".LAN_EMAIL_15."</td>`
			`<td style='width:75%'>`
			`<input class='tbox' type='text' name='author_name' size='60' style='width:95%' value='$author' maxlength='100' />`
			`</td>`
			`</tr>";`
new module creation 2006-12-02 04:36:16 +00:00			`}`

			`$text .= "`
			`<tr>`
Fixes for MYSQL_ASSOC change in db_Fetch 2009-01-22 01:58:29 +00:00			`<td style='width:25%'>".LAN_EMAIL_8."</td>`
			`<td style='width:75%'>`
			`<textarea class='tbox' name='comment' cols='70' rows='4' style='width:95%'>".LAN_EMAIL_6." ".SITENAME." (".$emailurl.")`
new module creation 2006-12-02 04:36:16 +00:00			`";`

			`if (USER == TRUE)`
			`{`
			`$text .= "\n\n".LAN_EMAIL_1." ".USERNAME;`
			`}`

			`$text .= "</textarea>`
Fixes for MYSQL_ASSOC change in db_Fetch 2009-01-22 01:58:29 +00:00			`</td>`
			`</tr>`
new module creation 2006-12-02 04:36:16 +00:00
Fixes for MYSQL_ASSOC change in db_Fetch 2009-01-22 01:58:29 +00:00			`<tr>`
			`<td style='width:25%'>".LAN_EMAIL_187."</td>`
			`<td style='width:75%'>`
			`<input class='tbox' type='text' name='email_send' size='60' value='$email_send' style='width:95%' maxlength='100' />`
			`</td>`
			`</tr>`
			`";`
new module creation 2006-12-02 04:36:16 +00:00
Fixes for MYSQL_ASSOC change in db_Fetch 2009-01-22 01:58:29 +00:00			`if($use_imagecode)`
			`{`
			`$text .= "<tr><td>".LAN_EMAIL_190."</td><td>";`
			`$text .= $sec_img->r_image();`
			`$text .= " <input class='tbox' type='text' name='code_verify' size='15' maxlength='20' />`
			`<input type='hidden' name='rand_num' value='".$sec_img->random_number."' /></td></tr>";`
			`}`
new module creation 2006-12-02 04:36:16 +00:00
			`$text .= "`
Fixes for MYSQL_ASSOC change in db_Fetch 2009-01-22 01:58:29 +00:00			`<tr style='vertical-align:top'>`
			`<td style='width:25%'></td>`
			`<td style='width:75%'>`
Added 'btn-default' to button for Bootstrap3 compatibility. 2014-02-07 07:33:33 -08:00			`<input class='btn btn-default button' type='submit' name='emailsubmit' value='".LAN_EMAIL_4."' />`
Additional checking 2009-11-03 22:08:03 +00:00			`<input type='hidden' name='referer' value='".$referrer."' />`
new module creation 2006-12-02 04:36:16 +00:00			`</td>`
Fixes for MYSQL_ASSOC change in db_Fetch 2009-01-22 01:58:29 +00:00			`</tr>`
			`</table>`
			`</form>";`
new module creation 2006-12-02 04:36:16 +00:00
			`$ns->tablerender(LAN_EMAIL_5, $text);`

			`require_once(FOOTERF);`
			`?>`