| 130 |
kaklik |
1 |
<?php |
|
|
2 |
/*************************************************************************** |
|
|
3 |
* usercp_email.php |
|
|
4 |
* ------------------- |
|
|
5 |
* begin : Saturday, Feb 13, 2001 |
|
|
6 |
* copyright : (C) 2001 The phpBB Group |
|
|
7 |
* email : support@phpbb.com |
|
|
8 |
* |
|
|
9 |
* $Id: usercp_email.php,v 1.7.2.13 2003/06/06 18:02:15 acydburn Exp $ |
|
|
10 |
* |
|
|
11 |
* |
|
|
12 |
***************************************************************************/ |
|
|
13 |
|
|
|
14 |
/*************************************************************************** |
|
|
15 |
* |
|
|
16 |
* This program is free software; you can redistribute it and/or modify |
|
|
17 |
* it under the terms of the GNU General Public License as published by |
|
|
18 |
* the Free Software Foundation; either version 2 of the License, or |
|
|
19 |
* (at your option) any later version. |
|
|
20 |
* |
|
|
21 |
* |
|
|
22 |
***************************************************************************/ |
|
|
23 |
|
|
|
24 |
if ( !defined('IN_PHPBB') ) |
|
|
25 |
{ |
|
|
26 |
die("Hacking attempt"); |
|
|
27 |
exit; |
|
|
28 |
} |
|
|
29 |
|
|
|
30 |
// Is send through board enabled? No, return to index |
|
|
31 |
if (!$board_config['board_email_form']) |
|
|
32 |
{ |
|
|
33 |
redirect(append_sid("index.$phpEx", true)); |
|
|
34 |
} |
|
|
35 |
|
|
|
36 |
if ( !empty($HTTP_GET_VARS[POST_USERS_URL]) || !empty($HTTP_POST_VARS[POST_USERS_URL]) ) |
|
|
37 |
{ |
|
|
38 |
$user_id = ( !empty($HTTP_GET_VARS[POST_USERS_URL]) ) ? intval($HTTP_GET_VARS[POST_USERS_URL]) : intval($HTTP_POST_VARS[POST_USERS_URL]); |
|
|
39 |
} |
|
|
40 |
else |
|
|
41 |
{ |
|
|
42 |
message_die(GENERAL_MESSAGE, $lang['No_user_specified']); |
|
|
43 |
} |
|
|
44 |
|
|
|
45 |
if ( !$userdata['session_logged_in'] ) |
|
|
46 |
{ |
|
|
47 |
redirect(append_sid("login.$phpEx?redirect=profile.$phpEx&mode=email&" . POST_USERS_URL . "=$user_id", true)); |
|
|
48 |
} |
|
|
49 |
|
|
|
50 |
$sql = "SELECT username, user_email, user_viewemail, user_lang |
|
|
51 |
FROM " . USERS_TABLE . " |
|
|
52 |
WHERE user_id = $user_id"; |
|
|
53 |
if ( $result = $db->sql_query($sql) ) |
|
|
54 |
{ |
|
|
55 |
$row = $db->sql_fetchrow($result); |
|
|
56 |
|
|
|
57 |
$username = $row['username']; |
|
|
58 |
$user_email = $row['user_email']; |
|
|
59 |
$user_lang = $row['user_lang']; |
|
|
60 |
|
|
|
61 |
if ( $row['user_viewemail'] || $userdata['user_level'] == ADMIN ) |
|
|
62 |
{ |
|
|
63 |
if ( time() - $userdata['user_emailtime'] < $board_config['flood_interval'] ) |
|
|
64 |
{ |
|
|
65 |
message_die(GENERAL_MESSAGE, $lang['Flood_email_limit']); |
|
|
66 |
} |
|
|
67 |
|
|
|
68 |
if ( isset($HTTP_POST_VARS['submit']) ) |
|
|
69 |
{ |
|
|
70 |
$error = FALSE; |
|
|
71 |
|
|
|
72 |
if ( !empty($HTTP_POST_VARS['subject']) ) |
|
|
73 |
{ |
|
|
74 |
$subject = trim(stripslashes($HTTP_POST_VARS['subject'])); |
|
|
75 |
} |
|
|
76 |
else |
|
|
77 |
{ |
|
|
78 |
$error = TRUE; |
|
|
79 |
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_subject_email'] : $lang['Empty_subject_email']; |
|
|
80 |
} |
|
|
81 |
|
|
|
82 |
if ( !empty($HTTP_POST_VARS['message']) ) |
|
|
83 |
{ |
|
|
84 |
$message = trim(stripslashes($HTTP_POST_VARS['message'])); |
|
|
85 |
} |
|
|
86 |
else |
|
|
87 |
{ |
|
|
88 |
$error = TRUE; |
|
|
89 |
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_message_email'] : $lang['Empty_message_email']; |
|
|
90 |
} |
|
|
91 |
|
|
|
92 |
if ( !$error ) |
|
|
93 |
{ |
|
|
94 |
$sql = "UPDATE " . USERS_TABLE . " |
|
|
95 |
SET user_emailtime = " . time() . " |
|
|
96 |
WHERE user_id = " . $userdata['user_id']; |
|
|
97 |
if ( $result = $db->sql_query($sql) ) |
|
|
98 |
{ |
|
|
99 |
include($phpbb_root_path . 'includes/emailer.'.$phpEx); |
|
|
100 |
$emailer = new emailer($board_config['smtp_delivery']); |
|
|
101 |
|
|
|
102 |
$emailer->from($userdata['user_email']); |
|
|
103 |
$emailer->replyto($userdata['user_email']); |
|
|
104 |
|
|
|
105 |
$email_headers = 'X-AntiAbuse: Board servername - ' . $server_name . "\n"; |
|
|
106 |
$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n"; |
|
|
107 |
$email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n"; |
|
|
108 |
$email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n"; |
|
|
109 |
|
|
|
110 |
$emailer->use_template('profile_send_email', $user_lang); |
|
|
111 |
$emailer->email_address($user_email); |
|
|
112 |
$emailer->set_subject($subject); |
|
|
113 |
$emailer->extra_headers($email_headers); |
|
|
114 |
|
|
|
115 |
$emailer->assign_vars(array( |
|
|
116 |
'SITENAME' => $board_config['sitename'], |
|
|
117 |
'BOARD_EMAIL' => $board_config['board_email'], |
|
|
118 |
'FROM_USERNAME' => $userdata['username'], |
|
|
119 |
'TO_USERNAME' => $username, |
|
|
120 |
'MESSAGE' => $message) |
|
|
121 |
); |
|
|
122 |
$emailer->send(); |
|
|
123 |
$emailer->reset(); |
|
|
124 |
|
|
|
125 |
if ( !empty($HTTP_POST_VARS['cc_email']) ) |
|
|
126 |
{ |
|
|
127 |
$emailer->from($userdata['user_email']); |
|
|
128 |
$emailer->replyto($userdata['user_email']); |
|
|
129 |
$emailer->use_template('profile_send_email'); |
|
|
130 |
$emailer->email_address($userdata['user_email']); |
|
|
131 |
$emailer->set_subject($subject); |
|
|
132 |
|
|
|
133 |
$emailer->assign_vars(array( |
|
|
134 |
'SITENAME' => $board_config['sitename'], |
|
|
135 |
'BOARD_EMAIL' => $board_config['board_email'], |
|
|
136 |
'FROM_USERNAME' => $userdata['username'], |
|
|
137 |
'TO_USERNAME' => $username, |
|
|
138 |
'MESSAGE' => $message) |
|
|
139 |
); |
|
|
140 |
$emailer->send(); |
|
|
141 |
$emailer->reset(); |
|
|
142 |
} |
|
|
143 |
|
|
|
144 |
$template->assign_vars(array( |
|
|
145 |
'META' => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">') |
|
|
146 |
); |
|
|
147 |
|
|
|
148 |
$message = $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>'); |
|
|
149 |
|
|
|
150 |
message_die(GENERAL_MESSAGE, $message); |
|
|
151 |
} |
|
|
152 |
else |
|
|
153 |
{ |
|
|
154 |
message_die(GENERAL_ERROR, 'Could not update last email time', '', __LINE__, __FILE__, $sql); |
|
|
155 |
} |
|
|
156 |
} |
|
|
157 |
} |
|
|
158 |
|
|
|
159 |
include($phpbb_root_path . 'includes/page_header.'.$phpEx); |
|
|
160 |
|
|
|
161 |
$template->set_filenames(array( |
|
|
162 |
'body' => 'profile_send_email.tpl') |
|
|
163 |
); |
|
|
164 |
make_jumpbox('viewforum.'.$phpEx); |
|
|
165 |
|
|
|
166 |
if ( $error ) |
|
|
167 |
{ |
|
|
168 |
$template->set_filenames(array( |
|
|
169 |
'reg_header' => 'error_body.tpl') |
|
|
170 |
); |
|
|
171 |
$template->assign_vars(array( |
|
|
172 |
'ERROR_MESSAGE' => $error_msg) |
|
|
173 |
); |
|
|
174 |
$template->assign_var_from_handle('ERROR_BOX', 'reg_header'); |
|
|
175 |
} |
|
|
176 |
|
|
|
177 |
$template->assign_vars(array( |
|
|
178 |
'USERNAME' => $username, |
|
|
179 |
|
|
|
180 |
'S_HIDDEN_FIELDS' => '', |
|
|
181 |
'S_POST_ACTION' => append_sid("profile.$phpEx?mode=email&" . POST_USERS_URL . "=$user_id"), |
|
|
182 |
|
|
|
183 |
'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'], |
|
|
184 |
'L_RECIPIENT' => $lang['Recipient'], |
|
|
185 |
'L_SUBJECT' => $lang['Subject'], |
|
|
186 |
'L_MESSAGE_BODY' => $lang['Message_body'], |
|
|
187 |
'L_MESSAGE_BODY_DESC' => $lang['Email_message_desc'], |
|
|
188 |
'L_EMPTY_SUBJECT_EMAIL' => $lang['Empty_subject_email'], |
|
|
189 |
'L_EMPTY_MESSAGE_EMAIL' => $lang['Empty_message_email'], |
|
|
190 |
'L_OPTIONS' => $lang['Options'], |
|
|
191 |
'L_CC_EMAIL' => $lang['CC_email'], |
|
|
192 |
'L_SPELLCHECK' => $lang['Spellcheck'], |
|
|
193 |
'L_SEND_EMAIL' => $lang['Send_email']) |
|
|
194 |
); |
|
|
195 |
|
|
|
196 |
$template->pparse('body'); |
|
|
197 |
|
|
|
198 |
include($phpbb_root_path . 'includes/page_tail.'.$phpEx); |
|
|
199 |
} |
|
|
200 |
else |
|
|
201 |
{ |
|
|
202 |
message_die(GENERAL_MESSAGE, $lang['User_prevent_email']); |
|
|
203 |
} |
|
|
204 |
} |
|
|
205 |
else |
|
|
206 |
{ |
|
|
207 |
message_die(GENERAL_MESSAGE, $lang['User_not_exist']); |
|
|
208 |
} |
|
|
209 |
|
|
|
210 |
?> |