| [ Index ] |
PHP Cross Reference of MyBB 1.8.38 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define('THIS_SCRIPT', 'contact.php'); 13 14 $templatelist = "contact,post_captcha,post_captcha_recaptcha_invisible,post_captcha_nocaptcha,post_captcha_hcaptcha_invisible,post_captcha_hcaptcha"; 15 16 require_once "./global.php"; 17 require_once MYBB_ROOT.'inc/class_captcha.php'; 18 19 // Load global language phrases 20 $lang->load("contact"); 21 22 $plugins->run_hooks('contact_start'); 23 24 // Make navigation 25 add_breadcrumb($lang->contact, "contact.php"); 26 27 if($mybb->settings['contact'] != 1 || (!$mybb->user['uid'] && $mybb->settings['contact_guests'] == 1)) 28 { 29 error_no_permission(); 30 } 31 32 if($mybb->settings['contactemail']) 33 { 34 $contactemail = $mybb->settings['contactemail']; 35 } 36 else 37 { 38 $contactemail = $mybb->settings['adminemail']; 39 } 40 41 // Check group limits 42 if($mybb->usergroup['maxemails'] > 0) 43 { 44 if($mybb->user['uid'] > 0) 45 { 46 $user_check = "fromuid='{$mybb->user['uid']}'"; 47 } 48 else 49 { 50 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 51 } 52 53 $query = $db->simple_select("maillogs", "COUNT(mid) AS sent_count", "{$user_check} AND dateline >= ".(TIME_NOW - (60*60*24))); 54 $sent_count = $db->fetch_field($query, "sent_count"); 55 if($sent_count >= $mybb->usergroup['maxemails']) 56 { 57 $lang->error_max_emails_day = $lang->sprintf($lang->error_max_emails_day, $mybb->usergroup['maxemails']); 58 error($lang->error_max_emails_day); 59 } 60 } 61 62 // Check email flood control 63 if($mybb->usergroup['emailfloodtime'] > 0) 64 { 65 if($mybb->user['uid'] > 0) 66 { 67 $user_check = "fromuid='{$mybb->user['uid']}'"; 68 } 69 else 70 { 71 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 72 } 73 74 $timecut = TIME_NOW-$mybb->usergroup['emailfloodtime']*60; 75 76 $query = $db->simple_select("maillogs", "mid, dateline", "{$user_check} AND dateline > '{$timecut}'", array('order_by' => "dateline", 'order_dir' => "DESC")); 77 $last_email = $db->fetch_array($query); 78 79 // Users last email was within the flood time, show the error 80 if(!empty($last_email['mid'])) 81 { 82 $remaining_time = ($mybb->usergroup['emailfloodtime']*60)-(TIME_NOW-$last_email['dateline']); 83 84 if($remaining_time == 1) 85 { 86 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_second, $mybb->usergroup['emailfloodtime']); 87 } 88 elseif($remaining_time < 60) 89 { 90 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_seconds, $mybb->usergroup['emailfloodtime'], $remaining_time); 91 } 92 elseif($remaining_time > 60 && $remaining_time < 120) 93 { 94 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_minute, $mybb->usergroup['emailfloodtime']); 95 } 96 else 97 { 98 $remaining_time_minutes = ceil($remaining_time/60); 99 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_minutes, $mybb->usergroup['emailfloodtime'], $remaining_time_minutes); 100 } 101 102 error($lang->error_emailflooding); 103 } 104 } 105 106 $errors = array(); 107 108 $mybb->input['message'] = trim_blank_chrs($mybb->get_input('message')); 109 $mybb->input['subject'] = trim_blank_chrs($mybb->get_input('subject')); 110 $mybb->input['email'] = trim_blank_chrs($mybb->get_input('email')); 111 112 if($mybb->request_method == "post") 113 { 114 // Verify incoming POST request 115 verify_post_check($mybb->get_input('my_post_key')); 116 117 $plugins->run_hooks('contact_do_start'); 118 119 // Validate input 120 if(empty($mybb->input['subject'])) 121 { 122 $errors[] = $lang->contact_no_subject; 123 } 124 125 if(strlen($mybb->input['subject']) > $mybb->settings['contact_maxsubjectlength'] && $mybb->settings['contact_maxsubjectlength'] > 0) 126 { 127 $errors[] = $lang->sprintf($lang->subject_too_long, $mybb->settings['contact_maxsubjectlength'], strlen($mybb->input['subject'])); 128 } 129 130 if(empty($mybb->input['message'])) 131 { 132 $errors[] = $lang->contact_no_message; 133 } 134 135 if(strlen($mybb->input['message']) > $mybb->settings['contact_maxmessagelength'] && $mybb->settings['contact_maxmessagelength'] > 0) 136 { 137 $errors[] = $lang->sprintf($lang->message_too_long, $mybb->settings['contact_maxmessagelength'], strlen($mybb->input['message'])); 138 } 139 140 if(strlen($mybb->input['message']) < $mybb->settings['contact_minmessagelength'] && $mybb->settings['contact_minmessagelength'] > 0) 141 { 142 $errors[] = $lang->sprintf($lang->message_too_short, $mybb->settings['contact_minmessagelength'], strlen($mybb->input['message'])); 143 } 144 145 if(empty($mybb->input['email'])) 146 { 147 $errors[] = $lang->contact_no_email; 148 } 149 else 150 { 151 // Validate email 152 if(!validate_email_format($mybb->input['email'])) 153 { 154 $errors[] = $lang->contact_no_email; 155 } 156 } 157 158 // Should we have a CAPTCHA? Perhaps yes, but only for guests like in other pages... 159 if($mybb->settings['captchaimage'] && !$mybb->user['uid']) 160 { 161 $captcha = new captcha; 162 163 if($captcha->validate_captcha() == false) 164 { 165 // CAPTCHA validation failed 166 foreach($captcha->get_errors() as $error) 167 { 168 $errors[] = $error; 169 } 170 } 171 } 172 173 if(!$mybb->user['uid'] && $mybb->settings['stopforumspam_on_contact']) 174 { 175 require_once MYBB_ROOT . '/inc/class_stopforumspamchecker.php'; 176 177 $stop_forum_spam_checker = new StopForumSpamChecker( 178 $plugins, 179 $mybb->settings['stopforumspam_min_weighting_before_spam'], 180 $mybb->settings['stopforumspam_check_usernames'], 181 $mybb->settings['stopforumspam_check_emails'], 182 $mybb->settings['stopforumspam_check_ips'], 183 $mybb->settings['stopforumspam_log_blocks'] 184 ); 185 186 try { 187 if($stop_forum_spam_checker->is_user_a_spammer('', $mybb->input['email'], get_ip())) 188 { 189 $errors[] = $lang->sprintf($lang->error_stop_forum_spam_spammer, 190 $stop_forum_spam_checker->getErrorText(array( 191 'stopforumspam_check_emails', 192 'stopforumspam_check_ips'))); 193 } 194 } 195 catch (Exception $e) 196 { 197 if($mybb->settings['stopforumspam_block_on_error']) 198 { 199 $errors[] = $lang->error_stop_forum_spam_fetching; 200 } 201 } 202 } 203 204 if(empty($errors)) 205 { 206 if($mybb->settings['contact_badwords'] == 1) 207 { 208 // Load the post parser 209 require_once MYBB_ROOT."inc/class_parser.php"; 210 $parser = new postParser; 211 212 $mybb->input['subject'] = $parser->parse_badwords($mybb->input['subject']); 213 $mybb->input['message'] = $parser->parse_badwords($mybb->input['message']); 214 } 215 216 $user = $lang->guest; 217 if($mybb->user['uid']) 218 { 219 $user = htmlspecialchars_uni($mybb->user['username']).' - '.$mybb->settings['bburl'].'/'.get_profile_link($mybb->user['uid']); 220 } 221 222 $subject = $lang->sprintf($lang->email_contact_subject, $mybb->input['subject']); 223 $message = $lang->sprintf($lang->email_contact, $mybb->input['email'], $user, $session->ipaddress, $mybb->input['message']); 224 225 // Email the administrator 226 my_mail($contactemail, $subject, $message, '', '', '', false, 'text', '', $mybb->get_input('email', MyBB::INPUT_STRING)); 227 228 $plugins->run_hooks('contact_do_end'); 229 230 if($mybb->settings['mail_logging'] > 0) 231 { 232 // Log the message 233 $log_entry = array( 234 "subject" => $db->escape_string($subject), 235 "message" => $db->escape_string($message), 236 "dateline" => TIME_NOW, 237 "fromuid" => $mybb->user['uid'], 238 "fromemail" => $db->escape_string($mybb->input['email']), 239 "touid" => 0, 240 "toemail" => $db->escape_string($contactemail), 241 "tid" => 0, 242 "ipaddress" => $db->escape_binary($session->packedip), 243 "type" => 3 244 ); 245 $db->insert_query("maillogs", $log_entry); 246 } 247 248 $mybb->input['from'] = $mybb->get_input('from'); 249 if(!empty($mybb->input['from'])) 250 { 251 redirect($mybb->input['from'], $lang->contact_success_message, '', true); 252 } 253 else 254 { 255 redirect('index.php', $lang->contact_success_message, '', true); 256 } 257 } 258 else 259 { 260 $errors = inline_error($errors); 261 } 262 } 263 264 if(empty($errors)) 265 { 266 $errors = ''; 267 } 268 269 // Generate CAPTCHA? 270 $captcha = ''; 271 272 if($mybb->settings['captchaimage'] && !$mybb->user['uid']) 273 { 274 $post_captcha = new captcha(true, "post_captcha"); 275 276 if($post_captcha->html) 277 { 278 $captcha = $post_captcha->html; 279 } 280 } 281 282 $contact_subject = htmlspecialchars_uni($mybb->input['subject']); 283 $contact_message = htmlspecialchars_uni($mybb->input['message']); 284 285 if($mybb->user['uid'] && !$mybb->get_input('email')) 286 { 287 $user_email = htmlspecialchars_uni($mybb->user['email']); 288 } 289 else 290 { 291 $user_email = htmlspecialchars_uni($mybb->get_input('email')); 292 } 293 294 if(isset($mybb->input['from'])) 295 { 296 $redirect_url = htmlspecialchars_uni($mybb->get_input('from')); 297 } 298 else if(isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], $mybb->settings['bburl']) !== false && strpos($_SERVER['HTTP_REFERER'], "contact.php") === false) 299 { 300 $redirect_url = htmlentities($_SERVER['HTTP_REFERER']); 301 } 302 else 303 { 304 $redirect_url = ''; 305 } 306 307 $plugins->run_hooks('contact_end'); 308 309 eval("\$page = \"".$templates->get("contact")."\";"); 310 output_page($page);
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |