CC setting is now an admin option. Original patch provided by Rouslan Placella. (feature request #0001259)
3 /* Reminder: always indent with 4 spaces (no tabs). */
4 // +---------------------------------------------------------------------------+
6 // +---------------------------------------------------------------------------+
9 // | This pages lets GL users communicate with each other without risk of |
10 // | their email address being intercepted by spammers. |
11 // +---------------------------------------------------------------------------+
12 // | Copyright (C) 2000-2011 by the following authors: |
14 // | Authors: Tony Bibbs - tony AT tonybibbs DOT com |
15 // | Mark Limburg - mlimburg AT users DOT sourceforge DOT net |
16 // | Jason Whittenburg - jwhitten AT securitygeeks DOT com |
17 // | Dirk Haun - dirk AT haun-online DOT de |
18 // +---------------------------------------------------------------------------+
20 // | This program is free software; you can redistribute it and/or |
21 // | modify it under the terms of the GNU General Public License |
22 // | as published by the Free Software Foundation; either version 2 |
23 // | of the License, or (at your option) any later version. |
25 // | This program is distributed in the hope that it will be useful, |
26 // | but WITHOUT ANY WARRANTY; without even the implied warranty of |
27 // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
28 // | GNU General Public License for more details. |
30 // | You should have received a copy of the GNU General Public License |
31 // | along with this program; if not, write to the Free Software Foundation, |
32 // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
34 // +---------------------------------------------------------------------------+
37 * Geeklog common function library
39 require_once 'lib-common.php';
42 * Mails the contents of the contact form to that user
44 * @param int $uid User ID of person to send email to
45 * @param bool $cc Whether to send a copy of the message to the author
46 * @param string $author The name of the person sending the email
47 * @param string $authoremail Email address of person sending the email
48 * @param string $subject Subject of email
49 * @param string $message Text of message to send
50 * @return string Meta redirect or HTML for the contact form
52 function contactemail($uid,$cc,$author,$authoremail,$subject,$message)
54 global $_CONF, $_TABLES, $_USER, $LANG04, $LANG08, $LANG12;
58 // check for correct $_CONF permission
59 if (COM_isAnonUser() && (($_CONF['loginrequired'] == 1) ||
60 ($_CONF['emailuserloginrequired'] == 1))
62 return COM_refresh($_CONF['site_url'] . '/index.php?msg=85');
65 // check for correct 'to' user preferences
66 $result = DB_query ("SELECT emailfromadmin,emailfromuser FROM {$_TABLES['userprefs']} WHERE uid = '$uid'");
67 $P = DB_fetchArray ($result);
68 if (SEC_inGroup ('Root') || SEC_hasRights ('user.mail')) {
73 if ((($P['emailfromadmin'] != 1) && $isAdmin) ||
74 (($P['emailfromuser'] != 1) && !$isAdmin)) {
75 return COM_refresh ($_CONF['site_url'] . '/index.php?msg=85');
78 // check mail speedlimit
79 COM_clearSpeedlimit ($_CONF['speedlimit'], 'mail');
80 $last = COM_checkSpeedlimit ('mail');
82 $retval = COM_siteHeader('menu', $LANG04[81]);
83 $retval .= COM_startBlock ($LANG12[26], '',
84 COM_getBlockTemplate ('_msg_block', 'header'))
85 . $LANG08[39] . $last . $LANG08[40]
86 . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
87 $retval .= COM_siteFooter();
92 if (!empty($author) && !empty($subject) && !empty($message)) {
93 if (COM_isemail($authoremail) && (strpos($author, '@') === false)) {
94 $result = DB_query("SELECT username,fullname,email FROM {$_TABLES['users']} WHERE uid = $uid");
95 $A = DB_fetchArray($result);
97 // Append the user's signature to the message
99 if (!COM_isAnonUser()) {
100 $sig = DB_getItem($_TABLES['users'], 'sig',
101 "uid={$_USER['uid']}");
103 $sig = strip_tags (COM_stripslashes ($sig));
104 $sig = "\n\n-- \n" . $sig;
108 $subject = COM_stripslashes ($subject);
109 $message = COM_stripslashes ($message);
111 // do a spam check with the unfiltered message text and subject
112 $mailtext = $subject . "\n" . $message . $sig;
113 $result = PLG_checkforSpam ($mailtext, $_CONF['spamx']);
115 COM_updateSpeedlimit ('mail');
116 COM_displayMessageAndAbort ($result, 'spamx', 403, 'Forbidden');
119 $msg = PLG_itemPreSave ('contact', $message);
121 $retval .= COM_siteHeader ('menu', $LANG04[81])
122 . COM_errorLog ($msg, 2)
123 . contactform ($uid, $cc, $subject, $message)
129 $subject = strip_tags ($subject);
130 $subject = substr ($subject, 0, strcspn ($subject, "\r\n"));
131 $message = strip_tags ($message) . $sig;
132 if (!empty ($A['fullname'])) {
133 $to = COM_formatEmailAddress ($A['fullname'], $A['email']);
135 $to = COM_formatEmailAddress ($A['username'], $A['email']);
137 $from = COM_formatEmailAddress ($author, $authoremail);
139 $sent = COM_mail($to, $subject, $message, $from);
141 if ($sent && $_CONF['mail_cc_enabled'] && isset($_POST['cc']) && ($_POST['cc'] == 'on')) {
142 $ccmessage = sprintf($LANG08[38], COM_getDisplayName($uid,
143 $A['username'], $A['fullname']));
144 $ccmessage .= "\n------------------------------------------------------------\n\n" . $message;
146 $sent = COM_mail($from, $subject, $ccmessage, $from);
149 COM_updateSpeedlimit('mail');
151 $retval .= COM_refresh($_CONF['site_url']
152 . '/users.php?mode=profile&uid=' . $uid
153 . '&msg=' . ($sent ? '27' : '85'));
155 $subject = strip_tags ($subject);
156 $subject = substr ($subject, 0, strcspn ($subject, "\r\n"));
157 $subject = htmlspecialchars (trim ($subject), ENT_QUOTES);
158 $retval .= COM_siteHeader ('menu', $LANG04[81])
159 . COM_errorLog ($LANG08[3], 2)
160 . contactform ($uid, $cc, $subject, $message)
164 $subject = strip_tags ($subject);
165 $subject = substr ($subject, 0, strcspn ($subject, "\r\n"));
166 $subject = htmlspecialchars (trim ($subject), ENT_QUOTES);
167 $retval .= COM_siteHeader ('menu', $LANG04[81])
168 . COM_errorLog ($LANG08[4], 2)
169 . contactform ($uid, $cc, $subject, $message)
177 * Displays the contact form
179 * @param int $uid User ID of article author
180 * @param bool $cc Whether to send a copy of the message to the author
181 * @param string $subject Subject of email
182 * @param string $message Text of message to send
183 * @return string HTML for the contact form
186 function contactform ($uid, $cc = false, $subject = '', $message = '')
188 global $_CONF, $_TABLES, $_USER, $LANG08;
192 if (COM_isAnonUser() && (($_CONF['loginrequired'] == 1) ||
193 ($_CONF['emailuserloginrequired'] == 1))) {
194 $retval .= SEC_loginRequiredForm();
196 $result = DB_query ("SELECT emailfromadmin,emailfromuser FROM {$_TABLES['userprefs']} WHERE uid = '$uid'");
197 $P = DB_fetchArray ($result);
198 if (SEC_inGroup ('Root') || SEC_hasRights ('user.mail')) {
204 $displayname = COM_getDisplayName ($uid);
205 if ((($P['emailfromadmin'] == 1) && $isAdmin) ||
206 (($P['emailfromuser'] == 1) && !$isAdmin)) {
209 $cc = ' checked="checked"';
211 $retval = COM_startBlock($LANG08[10] . ' ' . $displayname);
212 $mail_template = COM_newTemplate($_CONF['path_layout'] . 'profiles');
213 $mail_template->set_file('form', 'contactuserform.thtml');
214 $mail_template->set_var('lang_description', $LANG08[26]);
215 $mail_template->set_var('lang_username', $LANG08[11]);
216 if (COM_isAnonUser()) {
218 if (isset ($_POST['author'])) {
219 $sender = strip_tags ($_POST['author']);
220 $sender = substr ($sender, 0, strcspn ($sender, "\r\n"));
221 $sender = htmlspecialchars (trim ($sender), ENT_QUOTES);
223 $mail_template->set_var ('username', $sender);
225 $mail_template->set_var ('username',
226 COM_getDisplayName ($_USER['uid'], $_USER['username'],
227 $_USER['fullname']));
229 $mail_template->set_var ('lang_useremail', $LANG08[12]);
230 if (COM_isAnonUser()) {
232 if (isset ($_POST['authoremail'])) {
233 $email = strip_tags ($_POST['authoremail']);
234 $email = substr ($email, 0, strcspn ($email, "\r\n"));
235 $email = htmlspecialchars (trim ($email), ENT_QUOTES);
237 $mail_template->set_var ('useremail', $email);
239 $mail_template->set_var ('useremail', $_USER['email']);
241 if (!$_CONF['mail_cc_enabled']) {
242 $mail_template->set_var('cc_enabled', ' style="display: none"');
244 $mail_template->set_var('cc', $cc);
245 $mail_template->set_var('lang_cc', $LANG08[36]);
246 $mail_template->set_var('lang_cc_description', $LANG08[37]);
248 $mail_template->set_var('lang_subject', $LANG08[13]);
249 $mail_template->set_var('subject', $subject);
250 $mail_template->set_var('lang_message', $LANG08[14]);
251 $mail_template->set_var('message', htmlspecialchars($message));
252 $mail_template->set_var('lang_nohtml', $LANG08[15]);
253 $mail_template->set_var('lang_submit', $LANG08[16]);
254 $mail_template->set_var('uid', $uid);
255 PLG_templateSetVars('contact', $mail_template);
256 $mail_template->parse('output', 'form');
257 $retval .= $mail_template->finish($mail_template->get_var('output'));
258 $retval .= COM_endBlock();
260 $retval = COM_startBlock ($LANG08[10] . ' ' . $displayname, '',
261 COM_getBlockTemplate ('_msg_block', 'header'));
262 $retval .= $LANG08[35];
263 $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block',
272 * Email story to a friend
274 * @param string $sid id of story to email
275 * @param string $to name of person / friend to email
276 * @param string $toemail friend's email address
277 * @param string $from name of person sending the email
278 * @param string $fromemail sender's email address
279 * @param string $shortmsg short intro text to send with the story
280 * @return string Meta refresh
282 * Modification History
284 * Date Author Description
285 * ---- ------ -----------
286 * 4/17/01 Tony Bibbs Code now allows anonymous users to send email
287 * and it allows user to input a message as well
288 * Thanks to Yngve Wassvik Bergheim for some of
292 function mailstory($sid, $to, $toemail, $from, $fromemail, $shortmsg)
294 global $_CONF, $_TABLES, $LANG01, $LANG08;
296 require_once $_CONF['path_system'] . 'lib-story.php';
298 $storyurl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
299 if ($_CONF['url_rewrite']) {
300 $retval = COM_refresh($storyurl . '?msg=85');
302 $retval = COM_refresh($storyurl . '&msg=85');
305 // check for correct $_CONF permission
306 if (COM_isAnonUser() && (($_CONF['loginrequired'] == 1) ||
307 ($_CONF['emailstoryloginrequired'] == 1))) {
311 // check if emailing of stories is disabled
312 if ($_CONF['hideemailicon'] == 1) {
316 // check mail speedlimit
317 COM_clearSpeedlimit($_CONF['speedlimit'], 'mail');
318 if (COM_checkSpeedlimit('mail') > 0) {
322 $story = new Story();
323 $result = $story->loadFromDatabase($sid, 'view');
325 if ($result != STORY_LOADED_OK) {
326 return COM_refresh($_CONF['site_url'] . '/index.php');
329 $shortmsg = COM_stripslashes ($shortmsg);
330 $mailtext = sprintf ($LANG08[23], $from, $fromemail) . LB;
331 if (strlen ($shortmsg) > 0) {
332 $mailtext .= LB . sprintf ($LANG08[28], $from) . $shortmsg . LB;
335 // just to make sure this isn't an attempt at spamming users ...
336 $result = PLG_checkforSpam ($mailtext, $_CONF['spamx']);
338 COM_updateSpeedlimit ('mail');
339 COM_displayMessageAndAbort ($result, 'spamx', 403, 'Forbidden');
342 $mailtext .= '------------------------------------------------------------'
344 . COM_undoSpecialChars($story->displayElements('title')) . LB
345 . strftime ($_CONF['date'], $story->DisplayElements('unixdate')) . LB;
347 if ($_CONF['contributedbyline'] == 1) {
348 $author = COM_getDisplayName($story->displayElements('uid'));
349 $mailtext .= $LANG01[1] . ' ' . $author . LB;
352 $introtext = $story->DisplayElements('introtext');
353 $bodytext = $story->DisplayElements('bodytext');
354 $introtext = COM_undoSpecialChars(strip_tags($introtext));
355 $bodytext = COM_undoSpecialChars(strip_tags($bodytext));
357 $introtext = str_replace(array("\012\015", "\015"), LB, $introtext);
358 $bodytext = str_replace(array("\012\015", "\015"), LB, $bodytext);
360 $mailtext .= LB . $introtext;
361 if (! empty($bodytext)) {
362 $mailtext .= LB . LB . $bodytext;
365 . '------------------------------------------------------------' . LB;
367 if ($story->DisplayElements('commentcode') == 0) { // comments allowed
368 $mailtext .= $LANG08[24] . LB
369 . COM_buildUrl ($_CONF['site_url'] . '/article.php?story='
370 . $sid . '#comments');
371 } else { // comments not allowed - just add the story's URL
372 $mailtext .= $LANG08[33] . LB
373 . COM_buildUrl ($_CONF['site_url'] . '/article.php?story='
377 $mailto = COM_formatEmailAddress($to, $toemail);
378 $mailfrom = COM_formatEmailAddress($from, $fromemail);
379 $subject = 'Re: ' . COM_undoSpecialChars(strip_tags($story->DisplayElements('title')));
381 $sent = COM_mail($mailto, $subject, $mailtext, $mailfrom);
383 if ($sent && $_CONF['mail_cc_enabled'] && isset($_POST['cc']) && ($_POST['cc'] == 'on')) {
384 $ccmessage = sprintf($LANG08[38], $to);
385 $ccmessage .= "\n------------------------------------------------------------\n\n" . $mailtext;
387 $sent = COM_mail($mailfrom, $subject, $ccmessage, $mailfrom);
390 COM_updateSpeedlimit ('mail');
392 // Increment numemails counter for story
393 DB_query ("UPDATE {$_TABLES['stories']} SET numemails = numemails + 1 WHERE sid = '$sid'");
395 if ($_CONF['url_rewrite']) {
396 $retval = COM_refresh($storyurl . '?msg=' . ($sent ? '27' : '85'));
398 $retval = COM_refresh($storyurl . '&msg=' . ($sent ? '27' : '85'));
405 * Display form to email a story to someone.
407 * @param string $sid ID of article to email
408 * @param bool $cc Whether to send a copy of the message to the author
409 * @param string $to name of person / friend to email
410 * @param string $toemail friend's email address
411 * @param string $from name of person sending the email
412 * @param string $fromemail sender's email address
413 * @param string $shortmsg short intro text to send with the story
414 * @param string $msg Error message code
415 * @return string HTML for email story form
418 function mailstoryform ($sid, $cc=false, $to = '', $toemail = '', $from = '',
419 $fromemail = '', $shortmsg = '', $msg = 0)
421 global $_CONF, $_TABLES, $_USER, $LANG08;
423 require_once $_CONF['path_system'] . 'lib-story.php';
427 if (COM_isAnonUser() && (($_CONF['loginrequired'] == 1) ||
428 ($_CONF['emailstoryloginrequired'] == 1))) {
429 $retval .= SEC_loginRequiredForm();
434 $story = new Story();
435 $result = $story->loadFromDatabase($sid, 'view');
437 if ($result != STORY_LOADED_OK) {
438 return COM_refresh($_CONF['site_url'] . '/index.php');
442 $retval .= COM_showMessage ($msg);
445 if (empty ($from) && empty ($fromemail)) {
446 if (!COM_isAnonUser()) {
447 $from = COM_getDisplayName ($_USER['uid'], $_USER['username'],
449 $fromemail = DB_getItem ($_TABLES['users'], 'email',
450 "uid = {$_USER['uid']}");
455 $cc = ' checked="checked"';
458 $mail_template = COM_newTemplate($_CONF['path_layout'] . 'profiles');
459 $mail_template->set_file('form', 'contactauthorform.thtml');
460 $mail_template->set_var('start_block_mailstory2friend',
461 COM_startBlock($LANG08[17]));
462 $mail_template->set_var('lang_title', $LANG08[31]);
463 $mail_template->set_var('story_title', $story->displayElements('title'));
464 $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
465 $mail_template->set_var('story_url', $url);
466 $link = COM_createLink($story->displayElements('title'), $url);
467 $mail_template->set_var('story_link', $link);
468 $mail_template->set_var('lang_fromname', $LANG08[20]);
469 $mail_template->set_var('name', $from);
470 $mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
471 $mail_template->set_var('email', $fromemail);
472 $mail_template->set_var('lang_toname', $LANG08[18]);
473 $mail_template->set_var('toname', $to);
474 $mail_template->set_var('lang_toemailaddress', $LANG08[19]);
475 $mail_template->set_var('toemail', $toemail);
476 if (!$_CONF['mail_cc_enabled']) {
477 $mail_template->set_var('cc_enabled', ' style="display: none"');
479 $mail_template->set_var('cc', $cc);
480 $mail_template->set_var('lang_cc', $LANG08[36]);
481 $mail_template->set_var('lang_cc_description', $LANG08[37]);
483 $mail_template->set_var('lang_shortmessage', $LANG08[27]);
484 $mail_template->set_var('shortmsg', htmlspecialchars($shortmsg));
485 $mail_template->set_var('lang_warning', $LANG08[22]);
486 $mail_template->set_var('lang_sendmessage', $LANG08[16]);
487 $mail_template->set_var('story_id',$sid);
488 $mail_template->set_var('end_block', COM_endBlock());
489 PLG_templateSetVars('emailstory', $mail_template);
490 $mail_template->parse('output', 'form');
491 $retval .= $mail_template->finish($mail_template->get_var('output'));
500 if (isset ($_POST['what'])) {
501 $what = COM_applyFilter ($_POST['what']);
502 } else if (isset ($_GET['what'])) {
503 $what = COM_applyFilter ($_GET['what']);
508 if (isset($_POST['cc'])) { // Remember if user wants to get a copy of the message
516 $uid = COM_applyFilter ($_POST['uid'], true);
518 $display .= contactemail ($uid, $cc, $_POST['author'],
519 $_POST['authoremail'], $_POST['subject'],
522 $display .= COM_refresh ($_CONF['site_url'] . '/index.php');
527 $sid = COM_applyFilter ($_GET['sid']);
529 $display = COM_refresh ($_CONF['site_url'] . '/index.php');
530 } else if ($_CONF['hideemailicon'] == 1) {
531 $display = COM_refresh (COM_buildUrl ($_CONF['site_url']
532 . '/article.php?story=' . $sid));
534 $display .= COM_siteHeader ('menu', $LANG08[17])
535 . mailstoryform ($sid, $_CONF['mail_cc_default'])
541 $sid = COM_applyFilter($_POST['sid']);
543 $display = COM_refresh($_CONF['site_url'] . '/index.php');
545 if (empty($_POST['toemail']) || empty($_POST['fromemail']) ||
546 !COM_isEmail($_POST['toemail']) ||
547 !COM_isEmail($_POST['fromemail']) ||
548 (strpos($_POST['to'], '@') !== false) ||
549 (strpos($_POST['from'], '@') !== false)) {
550 $display .= COM_siteHeader('menu', $LANG08[17])
551 . mailstoryform ($sid, $cc, COM_applyFilter($_POST['to']),
552 COM_applyFilter($_POST['toemail']),
553 COM_applyFilter($_POST['from']),
554 COM_applyFilter($_POST['fromemail']),
555 $_POST['shortmsg'], 52)
557 } else if (empty($_POST['to']) || empty($_POST['from']) ||
558 empty($_POST['shortmsg'])) {
559 $display .= COM_siteHeader ('menu', $LANG08[17])
560 . COM_showMessageText($LANG08[22])
561 . mailstoryform($sid, $cc, COM_applyFilter($_POST['to']),
562 COM_applyFilter($_POST['toemail']),
563 COM_applyFilter($_POST['from']),
564 COM_applyFilter($_POST['fromemail']),
568 $msg = PLG_itemPreSave('emailstory', $_POST['shortmsg']);
570 $display .= COM_siteHeader('menu', $LANG08[17])
571 . COM_errorLog($msg, 2)
572 . mailstoryform($sid, $cc, COM_applyFilter($_POST['to']),
573 COM_applyFilter($_POST['toemail']),
574 COM_applyFilter($_POST['from']),
575 COM_applyFilter($_POST['fromemail']),
579 $display .= mailstory($sid, $_POST['to'], $_POST['toemail'],
580 $_POST['from'], $_POST['fromemail'], $_POST['shortmsg']);
587 if (isset ($_GET['uid'])) {
588 $uid = COM_applyFilter ($_GET['uid'], true);
594 if (isset ($_GET['subject'])) {
595 $subject = strip_tags ($_GET['subject']);
596 $subject = substr ($subject, 0, strcspn ($subject, "\r\n"));
597 $subject = htmlspecialchars (trim ($subject), ENT_QUOTES);
599 $display .= COM_siteHeader ('menu', $LANG04[81])
600 . contactform ($uid, $_CONF['mail_cc_default'], $subject)
603 $display .= COM_refresh ($_CONF['site_url'] . '/index.php');
608 COM_output($display);