Added an option to send a copy to self to the "Mail Story to a Friend" dialog and made the look of this and the "Send mail to user" dialogs more consistent
3 /* Reminder: always indent with 4 spaces (no tabs). */
4 // +---------------------------------------------------------------------------+
6 // +---------------------------------------------------------------------------+
9 // | This pages lets GL users communicate with each other without risk of |
10 // | their email address being intercepted by spammers. |
11 // +---------------------------------------------------------------------------+
12 // | Copyright (C) 2000-2009 by the following authors: |
14 // | Authors: Tony Bibbs - tony AT tonybibbs DOT com |
15 // | Mark Limburg - mlimburg AT users DOT sourceforge DOT net |
16 // | Jason Whittenburg - jwhitten AT securitygeeks DOT com |
17 // | Dirk Haun - dirk AT haun-online DOT de |
18 // +---------------------------------------------------------------------------+
20 // | This program is free software; you can redistribute it and/or |
21 // | modify it under the terms of the GNU General Public License |
22 // | as published by the Free Software Foundation; either version 2 |
23 // | of the License, or (at your option) any later version. |
25 // | This program is distributed in the hope that it will be useful, |
26 // | but WITHOUT ANY WARRANTY; without even the implied warranty of |
27 // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
28 // | GNU General Public License for more details. |
30 // | You should have received a copy of the GNU General Public License |
31 // | along with this program; if not, write to the Free Software Foundation, |
32 // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
34 // +---------------------------------------------------------------------------+
37 * Geeklog common function library
39 require_once 'lib-common.php';
42 * Mails the contents of the contact form to that user
44 * @param int $uid User ID of person to send email to
45 * @param string $author The name of the person sending the email
46 * @param string $authoremail Email address of person sending the email
47 * @param string $subject Subject of email
48 * @param string $message Text of message to send
49 * @return string Meta redirect or HTML for the contact form
51 function contactemail($uid,$author,$authoremail,$subject,$message)
53 global $_CONF, $_TABLES, $_USER, $LANG04, $LANG08;
57 // check for correct $_CONF permission
58 if (COM_isAnonUser() && (($_CONF['loginrequired'] == 1) ||
59 ($_CONF['emailuserloginrequired'] == 1))
61 return COM_refresh($_CONF['site_url'] . '/index.php?msg=85');
64 // check for correct 'to' user preferences
65 $result = DB_query ("SELECT emailfromadmin,emailfromuser FROM {$_TABLES['userprefs']} WHERE uid = '$uid'");
66 $P = DB_fetchArray ($result);
67 if (SEC_inGroup ('Root') || SEC_hasRights ('user.mail')) {
72 if ((($P['emailfromadmin'] != 1) && $isAdmin) ||
73 (($P['emailfromuser'] != 1) && !$isAdmin)) {
74 return COM_refresh ($_CONF['site_url'] . '/index.php?msg=85');
77 // check mail speedlimit
78 COM_clearSpeedlimit ($_CONF['speedlimit'], 'mail');
79 if (COM_checkSpeedlimit ('mail') > 0) {
80 return COM_refresh ($_CONF['site_url'] . '/index.php?msg=85');
83 if (!empty($author) && !empty($subject) && !empty($message)) {
84 if (COM_isemail($authoremail)) {
85 $result = DB_query("SELECT username,fullname,email FROM {$_TABLES['users']} WHERE uid = $uid");
86 $A = DB_fetchArray($result);
88 // Append the user's signature to the message
90 if (!COM_isAnonUser()) {
91 $sig = DB_getItem($_TABLES['users'], 'sig',
92 "uid={$_USER['uid']}");
94 $sig = strip_tags (COM_stripslashes ($sig));
95 $sig = "\n\n-- \n" . $sig;
99 $subject = COM_stripslashes ($subject);
100 $message = COM_stripslashes ($message);
102 // do a spam check with the unfiltered message text and subject
103 $mailtext = $subject . "\n" . $message . $sig;
104 $result = PLG_checkforSpam ($mailtext, $_CONF['spamx']);
106 COM_updateSpeedlimit ('mail');
107 COM_displayMessageAndAbort ($result, 'spamx', 403, 'Forbidden');
110 $msg = PLG_itemPreSave ('contact', $message);
112 $retval .= COM_siteHeader ('menu', '')
113 . COM_errorLog ($msg, 2)
114 . contactform ($uid, $subject, $message)
120 $subject = strip_tags ($subject);
121 $subject = substr ($subject, 0, strcspn ($subject, "\r\n"));
122 $message = strip_tags ($message) . $sig;
123 if (!empty ($A['fullname'])) {
124 $to = COM_formatEmailAddress ($A['fullname'], $A['email']);
126 $to = COM_formatEmailAddress ($A['username'], $A['email']);
128 $from = COM_formatEmailAddress ($author, $authoremail);
130 $sent = COM_mail($to, $subject, $message, $from);
132 if ($sent && isset($_POST['cc']) && ($_POST['cc'] == 'on')) {
133 $ccmessage = sprintf($LANG08[38], COM_getDisplayName($uid,
134 $A['username'], $A['fullname']));
135 $ccmessage .= "\n------------------------------------------------------------\n\n" . $message;
137 $sent = COM_mail($from, $subject, $ccmessage, $from);
140 COM_updateSpeedlimit('mail');
142 $retval .= COM_refresh($_CONF['site_url']
143 . '/users.php?mode=profile&uid=' . $uid
144 . '&msg=' . ($sent ? '27' : '85'));
146 $subject = strip_tags ($subject);
147 $subject = substr ($subject, 0, strcspn ($subject, "\r\n"));
148 $subject = htmlspecialchars (trim ($subject), ENT_QUOTES);
149 $retval .= COM_siteHeader ('menu', $LANG04[81])
150 . COM_errorLog ($LANG08[3], 2)
151 . contactform ($uid, $subject, $message)
155 $subject = strip_tags ($subject);
156 $subject = substr ($subject, 0, strcspn ($subject, "\r\n"));
157 $subject = htmlspecialchars (trim ($subject), ENT_QUOTES);
158 $retval .= COM_siteHeader ('menu', $LANG04[81])
159 . COM_errorLog ($LANG08[4], 2)
160 . contactform ($uid, $subject, $message)
168 * Displays the contact form
170 * @param int $uid User ID of article author
171 * @param string $subject Subject of email
172 * @param string $message Text of message to send
173 * @return string HTML for the contact form
176 function contactform ($uid, $subject = '', $message = '')
178 global $_CONF, $_TABLES, $_USER, $LANG08, $LANG_LOGIN;
182 if (COM_isAnonUser() && (($_CONF['loginrequired'] == 1) ||
183 ($_CONF['emailuserloginrequired'] == 1))) {
184 $retval = COM_startBlock ($LANG_LOGIN[1], '',
185 COM_getBlockTemplate ('_msg_block', 'header'));
186 $login = new Template($_CONF['path_layout'] . 'submit');
187 $login->set_file (array ('login'=>'submitloginrequired.thtml'));
188 $login->set_var ( 'xhtml', XHTML );
189 $login->set_var ('site_url', $_CONF['site_url']);
190 $login->set_var ('site_admin_url', $_CONF['site_admin_url']);
191 $login->set_var ('layout_url', $_CONF['layout_url']);
192 $login->set_var ('login_message', $LANG_LOGIN[2]);
193 $login->set_var ('lang_login', $LANG_LOGIN[3]);
194 $login->set_var ('lang_newuser', $LANG_LOGIN[4]);
195 $login->parse ('output', 'login');
196 $retval .= $login->finish ($login->get_var('output'));
197 $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
199 $result = DB_query ("SELECT emailfromadmin,emailfromuser FROM {$_TABLES['userprefs']} WHERE uid = '$uid'");
200 $P = DB_fetchArray ($result);
201 if (SEC_inGroup ('Root') || SEC_hasRights ('user.mail')) {
207 $displayname = COM_getDisplayName ($uid);
208 if ((($P['emailfromadmin'] == 1) && $isAdmin) ||
209 (($P['emailfromuser'] == 1) && !$isAdmin)) {
211 $retval = COM_startBlock ($LANG08[10] . ' ' . $displayname);
212 $mail_template = new Template ($_CONF['path_layout'] . 'profiles');
213 $mail_template->set_file ('form', 'contactuserform.thtml');
214 $mail_template->set_var ( 'xhtml', XHTML );
215 $mail_template->set_var ('site_url', $_CONF['site_url']);
216 $mail_template->set_var ('lang_description', $LANG08[26]);
217 $mail_template->set_var ('lang_username', $LANG08[11]);
218 if (COM_isAnonUser()) {
220 if (isset ($_POST['author'])) {
221 $sender = strip_tags ($_POST['author']);
222 $sender = substr ($sender, 0, strcspn ($sender, "\r\n"));
223 $sender = htmlspecialchars (trim ($sender), ENT_QUOTES);
225 $mail_template->set_var ('username', $sender);
227 $mail_template->set_var ('username',
228 COM_getDisplayName ($_USER['uid'], $_USER['username'],
229 $_USER['fullname']));
231 $mail_template->set_var ('lang_useremail', $LANG08[12]);
232 if (COM_isAnonUser()) {
234 if (isset ($_POST['authoremail'])) {
235 $email = strip_tags ($_POST['authoremail']);
236 $email = substr ($email, 0, strcspn ($email, "\r\n"));
237 $email = htmlspecialchars (trim ($email), ENT_QUOTES);
239 $mail_template->set_var ('useremail', $email);
241 $mail_template->set_var ('useremail', $_USER['email']);
243 $mail_template->set_var('lang_cc', $LANG08[36]);
244 $mail_template->set_var('lang_cc_description', $LANG08[37]);
245 $mail_template->set_var('lang_subject', $LANG08[13]);
246 $mail_template->set_var('subject', $subject);
247 $mail_template->set_var('lang_message', $LANG08[14]);
248 $mail_template->set_var('message', htmlspecialchars($message));
249 $mail_template->set_var('lang_nohtml', $LANG08[15]);
250 $mail_template->set_var('lang_submit', $LANG08[16]);
251 $mail_template->set_var('uid', $uid);
252 PLG_templateSetVars('contact', $mail_template);
253 $mail_template->parse('output', 'form');
254 $retval .= $mail_template->finish($mail_template->get_var('output'));
255 $retval .= COM_endBlock();
257 $retval = COM_startBlock ($LANG08[10] . ' ' . $displayname, '',
258 COM_getBlockTemplate ('_msg_block', 'header'));
259 $retval .= $LANG08[35];
260 $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block',
269 * Email story to a friend
271 * @param string $sid id of story to email
272 * @param string $to name of person / friend to email
273 * @param string $toemail friend's email address
274 * @param string $from name of person sending the email
275 * @param string $fromemail sender's email address
276 * @param string $shortmsg short intro text to send with the story
277 * @return string Meta refresh
279 * Modification History
281 * Date Author Description
282 * ---- ------ -----------
283 * 4/17/01 Tony Bibbs Code now allows anonymous users to send email
284 * and it allows user to input a message as well
285 * Thanks to Yngve Wassvik Bergheim for some of
289 function mailstory($sid, $to, $toemail, $from, $fromemail, $shortmsg)
291 global $_CONF, $_TABLES, $LANG01, $LANG08;
293 require_once $_CONF['path_system'] . 'lib-story.php';
295 $storyurl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
296 if ($_CONF['url_rewrite']) {
297 $retval = COM_refresh($storyurl . '?msg=85');
299 $retval = COM_refresh($storyurl . '&msg=85');
302 // check for correct $_CONF permission
303 if (COM_isAnonUser() && (($_CONF['loginrequired'] == 1) ||
304 ($_CONF['emailstoryloginrequired'] == 1))) {
308 // check if emailing of stories is disabled
309 if ($_CONF['hideemailicon'] == 1) {
313 // check mail speedlimit
314 COM_clearSpeedlimit($_CONF['speedlimit'], 'mail');
315 if (COM_checkSpeedlimit('mail') > 0) {
319 $story = new Story();
320 $result = $story->loadFromDatabase($sid, 'view');
322 if ($result != STORY_LOADED_OK) {
323 return COM_refresh($_CONF['site_url'] . '/index.php');
326 $shortmsg = COM_stripslashes ($shortmsg);
327 $mailtext = sprintf ($LANG08[23], $from, $fromemail) . LB;
328 if (strlen ($shortmsg) > 0) {
329 $mailtext .= LB . sprintf ($LANG08[28], $from) . $shortmsg . LB;
332 // just to make sure this isn't an attempt at spamming users ...
333 $result = PLG_checkforSpam ($mailtext, $_CONF['spamx']);
335 COM_updateSpeedlimit ('mail');
336 COM_displayMessageAndAbort ($result, 'spamx', 403, 'Forbidden');
339 $mailtext .= '------------------------------------------------------------'
341 . COM_undoSpecialChars($story->displayElements('title')) . LB
342 . strftime ($_CONF['date'], $story->DisplayElements('unixdate')) . LB;
344 if ($_CONF['contributedbyline'] == 1) {
345 $author = COM_getDisplayName($story->displayElements('uid'));
346 $mailtext .= $LANG01[1] . ' ' . $author . LB;
349 $introtext = $story->DisplayElements('introtext');
350 $bodytext = $story->DisplayElements('bodytext');
351 $introtext = COM_undoSpecialChars(strip_tags($introtext));
352 $bodytext = COM_undoSpecialChars(strip_tags($bodytext));
354 $introtext = str_replace(array("\012\015", "\015"), LB, $introtext);
355 $bodytext = str_replace(array("\012\015", "\015"), LB, $bodytext);
357 $mailtext .= LB . $introtext;
358 if (! empty($bodytext)) {
359 $mailtext .= LB . LB . $bodytext;
362 . '------------------------------------------------------------' . LB;
364 if ($story->DisplayElements('commentcode') == 0) { // comments allowed
365 $mailtext .= $LANG08[24] . LB
366 . COM_buildUrl ($_CONF['site_url'] . '/article.php?story='
367 . $sid . '#comments');
368 } else { // comments not allowed - just add the story's URL
369 $mailtext .= $LANG08[33] . LB
370 . COM_buildUrl ($_CONF['site_url'] . '/article.php?story='
374 $mailto = COM_formatEmailAddress($to, $toemail);
375 $mailfrom = COM_formatEmailAddress($from, $fromemail);
376 $subject = 'Re: ' . COM_undoSpecialChars(strip_tags($story->DisplayElements('title')));
378 $sent = COM_mail($mailto, $subject, $mailtext, $mailfrom);
380 if ($sent && isset($_POST['cc']) && ($_POST['cc'] == 'on')) {
381 $ccmessage = sprintf($LANG08[38], $to);
382 $ccmessage .= "\n------------------------------------------------------------\n\n" . $mailtext;
384 $sent = COM_mail($mailfrom, $subject, $ccmessage, $mailfrom);
387 COM_updateSpeedlimit ('mail');
389 // Increment numemails counter for story
390 DB_query ("UPDATE {$_TABLES['stories']} SET numemails = numemails + 1 WHERE sid = '$sid'");
392 if ($_CONF['url_rewrite']) {
393 $retval = COM_refresh($storyurl . '?msg=' . ($sent ? '27' : '85'));
395 $retval = COM_refresh($storyurl . '&msg=' . ($sent ? '27' : '85'));
402 * Display form to email a story to someone.
404 * @param string $sid ID of article to email
405 * @return string HTML for email story form
408 function mailstoryform ($sid, $to = '', $toemail = '', $from = '',
409 $fromemail = '', $shortmsg = '', $msg = 0)
411 global $_CONF, $_TABLES, $_USER, $LANG08, $LANG_LOGIN;
413 require_once $_CONF['path_system'] . 'lib-story.php';
417 if (COM_isAnonUser() && (($_CONF['loginrequired'] == 1) ||
418 ($_CONF['emailstoryloginrequired'] == 1))) {
419 $retval = COM_startBlock ($LANG_LOGIN[1], '',
420 COM_getBlockTemplate ('_msg_block', 'header'));
421 $login = new Template($_CONF['path_layout'] . 'submit');
422 $login->set_file (array ('login'=>'submitloginrequired.thtml'));
423 $login->set_var ( 'xhtml', XHTML );
424 $login->set_var ('site_url', $_CONF['site_url']);
425 $login->set_var ('site_admin_url', $_CONF['site_admin_url']);
426 $login->set_var ('layout_url', $_CONF['layout_url']);
427 $login->set_var ('login_message', $LANG_LOGIN[2]);
428 $login->set_var ('lang_login', $LANG_LOGIN[3]);
429 $login->set_var ('lang_newuser', $LANG_LOGIN[4]);
430 $login->parse ('output', 'login');
431 $retval .= $login->finish ($login->get_var('output'));
432 $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
437 $story = new Story();
438 $result = $story->loadFromDatabase($sid, 'view');
440 if ($result != STORY_LOADED_OK) {
441 return COM_refresh($_CONF['site_url'] . '/index.php');
445 $retval .= COM_showMessage ($msg);
448 if (empty ($from) && empty ($fromemail)) {
449 if (!COM_isAnonUser()) {
450 $from = COM_getDisplayName ($_USER['uid'], $_USER['username'],
452 $fromemail = DB_getItem ($_TABLES['users'], 'email',
453 "uid = {$_USER['uid']}");
457 $mail_template = new Template($_CONF['path_layout'] . 'profiles');
458 $mail_template->set_file('form', 'contactauthorform.thtml');
459 $mail_template->set_var('xhtml', XHTML);
460 $mail_template->set_var('site_url', $_CONF['site_url']);
461 $mail_template->set_var('site_admin_url', $_CONF['site_admin_url']);
462 $mail_template->set_var('layout_url', $_CONF['layout_url']);
463 $mail_template->set_var('start_block_mailstory2friend',
464 COM_startBlock($LANG08[17]));
465 $mail_template->set_var('lang_title', $LANG08[31]);
466 $mail_template->set_var('story_title', $story->displayElements('title'));
467 $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
468 $mail_template->set_var('story_url', $url);
469 $link = COM_createLink($story->displayElements('title'), $url);
470 $mail_template->set_var('story_link', $link);
471 $mail_template->set_var('lang_fromname', $LANG08[20]);
472 $mail_template->set_var('name', $from);
473 $mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
474 $mail_template->set_var('email', $fromemail);
475 $mail_template->set_var('lang_toname', $LANG08[18]);
476 $mail_template->set_var('toname', $to);
477 $mail_template->set_var('lang_toemailaddress', $LANG08[19]);
478 $mail_template->set_var('toemail', $toemail);
479 $mail_template->set_var('lang_cc', $LANG08[36]);
480 $mail_template->set_var('lang_cc_description', $LANG08[37]);
481 $mail_template->set_var('lang_shortmessage', $LANG08[27]);
482 $mail_template->set_var('shortmsg', htmlspecialchars($shortmsg));
483 $mail_template->set_var('lang_warning', $LANG08[22]);
484 $mail_template->set_var('lang_sendmessage', $LANG08[16]);
485 $mail_template->set_var('story_id',$sid);
486 $mail_template->set_var('end_block', COM_endBlock());
487 PLG_templateSetVars('emailstory', $mail_template);
488 $mail_template->parse('output', 'form');
489 $retval .= $mail_template->finish($mail_template->get_var('output'));
498 if (isset ($_POST['what'])) {
499 $what = COM_applyFilter ($_POST['what']);
500 } else if (isset ($_GET['what'])) {
501 $what = COM_applyFilter ($_GET['what']);
508 $uid = COM_applyFilter ($_POST['uid'], true);
510 $display .= contactemail ($uid, $_POST['author'],
511 $_POST['authoremail'], $_POST['subject'],
514 $display .= COM_refresh ($_CONF['site_url'] . '/index.php');
519 $sid = COM_applyFilter ($_GET['sid']);
521 $display = COM_refresh ($_CONF['site_url'] . '/index.php');
522 } else if ($_CONF['hideemailicon'] == 1) {
523 $display = COM_refresh (COM_buildUrl ($_CONF['site_url']
524 . '/article.php?story=' . $sid));
526 $display .= COM_siteHeader ('menu', $LANG08[17])
527 . mailstoryform ($sid)
533 $sid = COM_applyFilter ($_POST['sid']);
535 $display = COM_refresh ($_CONF['site_url'] . '/index.php');
537 if (empty ($_POST['toemail']) || empty ($_POST['fromemail'])
538 || !COM_isEmail ($_POST['toemail'])
539 || !COM_isEmail ($_POST['fromemail'])) {
540 $display .= COM_siteHeader ('menu', $LANG08[17])
541 . mailstoryform ($sid, COM_applyFilter($_POST['to']), COM_applyFilter($_POST['toemail']),
542 COM_applyFilter($_POST['from']), COM_applyFilter($_POST['fromemail']),
543 $_POST['shortmsg'], 52)
545 } else if (empty ($_POST['to']) || empty ($_POST['from']) ||
546 empty ($_POST['shortmsg'])) {
547 $display .= COM_siteHeader ('menu', $LANG08[17])
548 . mailstoryform ($sid, COM_applyFilter($_POST['to']), COM_applyFilter($_POST['toemail']),
549 COM_applyFilter($_POST['from']), COM_applyFilter($_POST['fromemail']),
553 $msg = PLG_itemPreSave ('emailstory', $_POST['shortmsg']);
555 $display .= COM_siteHeader ('menu', '')
556 . COM_errorLog ($msg, 2)
557 . mailstoryform ($sid, COM_applyFilter($_POST['to']), COM_applyFilter($_POST['toemail']),
558 COM_applyFilter($_POST['from']), COM_applyFilter($_POST['fromemail']),
562 $display .= mailstory ($sid, $_POST['to'], $_POST['toemail'],
563 $_POST['from'], $_POST['fromemail'], $_POST['shortmsg']);
570 if (isset ($_GET['uid'])) {
571 $uid = COM_applyFilter ($_GET['uid'], true);
577 if (isset ($_GET['subject'])) {
578 $subject = strip_tags ($_GET['subject']);
579 $subject = substr ($subject, 0, strcspn ($subject, "\r\n"));
580 $subject = htmlspecialchars (trim ($subject), ENT_QUOTES);
582 $display .= COM_siteHeader ('menu', $LANG04[81])
583 . contactform ($uid, $subject)
586 $display .= COM_refresh ($_CONF['site_url'] . '/index.php');
591 COM_output($display);