[ Index ]

PHP Cross Reference of MyBB 1.8.38

title

Body

[close]

/ -> contact.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'contact.php');
  13  
  14  $templatelist = "contact,post_captcha,post_captcha_recaptcha_invisible,post_captcha_nocaptcha,post_captcha_hcaptcha_invisible,post_captcha_hcaptcha";
  15  
  16  require_once  "./global.php";
  17  require_once  MYBB_ROOT.'inc/class_captcha.php';
  18  
  19  // Load global language phrases
  20  $lang->load("contact");
  21  
  22  $plugins->run_hooks('contact_start');
  23  
  24  // Make navigation
  25  add_breadcrumb($lang->contact, "contact.php");
  26  
  27  if($mybb->settings['contact'] != 1 || (!$mybb->user['uid'] && $mybb->settings['contact_guests'] == 1))
  28  {
  29      error_no_permission();
  30  }
  31  
  32  if($mybb->settings['contactemail'])
  33  {
  34      $contactemail = $mybb->settings['contactemail'];
  35  }
  36  else
  37  {
  38      $contactemail = $mybb->settings['adminemail'];
  39  }
  40  
  41  // Check group limits
  42  if($mybb->usergroup['maxemails'] > 0)
  43  {
  44      if($mybb->user['uid'] > 0)
  45      {
  46          $user_check = "fromuid='{$mybb->user['uid']}'";
  47      }
  48      else
  49      {
  50          $user_check = "ipaddress=".$db->escape_binary($session->packedip);
  51      }
  52  
  53      $query = $db->simple_select("maillogs", "COUNT(mid) AS sent_count", "{$user_check} AND dateline >= ".(TIME_NOW - (60*60*24)));
  54      $sent_count = $db->fetch_field($query, "sent_count");
  55      if($sent_count >= $mybb->usergroup['maxemails'])
  56      {
  57          $lang->error_max_emails_day = $lang->sprintf($lang->error_max_emails_day, $mybb->usergroup['maxemails']);
  58          error($lang->error_max_emails_day);
  59      }
  60  }
  61  
  62  // Check email flood control
  63  if($mybb->usergroup['emailfloodtime'] > 0)
  64  {
  65      if($mybb->user['uid'] > 0)
  66      {
  67          $user_check = "fromuid='{$mybb->user['uid']}'";
  68      }
  69      else
  70      {
  71          $user_check = "ipaddress=".$db->escape_binary($session->packedip);
  72      }
  73  
  74      $timecut = TIME_NOW-$mybb->usergroup['emailfloodtime']*60;
  75  
  76      $query = $db->simple_select("maillogs", "mid, dateline", "{$user_check} AND dateline > '{$timecut}'", array('order_by' => "dateline", 'order_dir' => "DESC"));
  77      $last_email = $db->fetch_array($query);
  78  
  79      // Users last email was within the flood time, show the error
  80      if(!empty($last_email['mid']))
  81      {
  82          $remaining_time = ($mybb->usergroup['emailfloodtime']*60)-(TIME_NOW-$last_email['dateline']);
  83  
  84          if($remaining_time == 1)
  85          {
  86              $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_second, $mybb->usergroup['emailfloodtime']);
  87          }
  88          elseif($remaining_time < 60)
  89          {
  90              $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_seconds, $mybb->usergroup['emailfloodtime'], $remaining_time);
  91          }
  92          elseif($remaining_time > 60 && $remaining_time < 120)
  93          {
  94              $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_minute, $mybb->usergroup['emailfloodtime']);
  95          }
  96          else
  97          {
  98              $remaining_time_minutes = ceil($remaining_time/60);
  99              $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_minutes, $mybb->usergroup['emailfloodtime'], $remaining_time_minutes);
 100          }
 101  
 102          error($lang->error_emailflooding);
 103      }
 104  }
 105  
 106  $errors = array();
 107  
 108  $mybb->input['message'] = trim_blank_chrs($mybb->get_input('message'));
 109  $mybb->input['subject'] = trim_blank_chrs($mybb->get_input('subject'));
 110  $mybb->input['email'] = trim_blank_chrs($mybb->get_input('email'));
 111  
 112  if($mybb->request_method == "post")
 113  {
 114      // Verify incoming POST request
 115      verify_post_check($mybb->get_input('my_post_key'));
 116  
 117      $plugins->run_hooks('contact_do_start');
 118  
 119      // Validate input
 120      if(empty($mybb->input['subject']))
 121      {
 122          $errors[] = $lang->contact_no_subject;
 123      }
 124  
 125      if(strlen($mybb->input['subject']) > $mybb->settings['contact_maxsubjectlength'] && $mybb->settings['contact_maxsubjectlength'] > 0)
 126      {
 127          $errors[] = $lang->sprintf($lang->subject_too_long, $mybb->settings['contact_maxsubjectlength'], strlen($mybb->input['subject']));
 128      }
 129  
 130      if(empty($mybb->input['message']))
 131      {
 132          $errors[] = $lang->contact_no_message;
 133      }
 134  
 135      if(strlen($mybb->input['message']) > $mybb->settings['contact_maxmessagelength'] && $mybb->settings['contact_maxmessagelength'] > 0)
 136      {
 137          $errors[] = $lang->sprintf($lang->message_too_long, $mybb->settings['contact_maxmessagelength'], strlen($mybb->input['message']));
 138      }
 139  
 140      if(strlen($mybb->input['message']) < $mybb->settings['contact_minmessagelength'] && $mybb->settings['contact_minmessagelength'] > 0)
 141      {
 142          $errors[] = $lang->sprintf($lang->message_too_short, $mybb->settings['contact_minmessagelength'], strlen($mybb->input['message']));
 143      }
 144  
 145      if(empty($mybb->input['email']))
 146      {
 147          $errors[] = $lang->contact_no_email;
 148      }
 149      else
 150      {
 151          // Validate email
 152          if(!validate_email_format($mybb->input['email']))
 153          {
 154              $errors[] = $lang->contact_no_email;
 155          }
 156      }
 157  
 158      // Should we have a CAPTCHA? Perhaps yes, but only for guests like in other pages...
 159      if($mybb->settings['captchaimage'] && !$mybb->user['uid'])
 160      {
 161          $captcha = new captcha;
 162  
 163          if($captcha->validate_captcha() == false)
 164          {
 165              // CAPTCHA validation failed
 166              foreach($captcha->get_errors() as $error)
 167              {
 168                  $errors[] = $error;
 169              }
 170          }
 171      }
 172  
 173      if(!$mybb->user['uid'] && $mybb->settings['stopforumspam_on_contact'])
 174      {
 175          require_once  MYBB_ROOT . '/inc/class_stopforumspamchecker.php';
 176  
 177          $stop_forum_spam_checker = new StopForumSpamChecker(
 178              $plugins,
 179              $mybb->settings['stopforumspam_min_weighting_before_spam'],
 180              $mybb->settings['stopforumspam_check_usernames'],
 181              $mybb->settings['stopforumspam_check_emails'],
 182              $mybb->settings['stopforumspam_check_ips'],
 183              $mybb->settings['stopforumspam_log_blocks']
 184          );
 185  
 186          try {
 187              if($stop_forum_spam_checker->is_user_a_spammer('', $mybb->input['email'], get_ip()))
 188              {
 189                  $errors[] = $lang->sprintf($lang->error_stop_forum_spam_spammer,
 190                      $stop_forum_spam_checker->getErrorText(array(
 191                          'stopforumspam_check_emails',
 192                          'stopforumspam_check_ips')));
 193              }
 194          }
 195          catch (Exception $e)
 196          {
 197              if($mybb->settings['stopforumspam_block_on_error'])
 198              {
 199                  $errors[] = $lang->error_stop_forum_spam_fetching;
 200              }
 201          }
 202      }
 203  
 204      if(empty($errors))
 205      {
 206          if($mybb->settings['contact_badwords'] == 1)
 207          {
 208              // Load the post parser
 209              require_once  MYBB_ROOT."inc/class_parser.php";
 210              $parser = new postParser;
 211  
 212              $mybb->input['subject'] = $parser->parse_badwords($mybb->input['subject']);
 213              $mybb->input['message'] = $parser->parse_badwords($mybb->input['message']);
 214          }
 215  
 216          $user = $lang->guest;
 217          if($mybb->user['uid'])
 218          {
 219              $user = htmlspecialchars_uni($mybb->user['username']).' - '.$mybb->settings['bburl'].'/'.get_profile_link($mybb->user['uid']);
 220          }
 221  
 222          $subject = $lang->sprintf($lang->email_contact_subject, $mybb->input['subject']);
 223          $message = $lang->sprintf($lang->email_contact, $mybb->input['email'], $user, $session->ipaddress, $mybb->input['message']);
 224  
 225          // Email the administrator
 226          my_mail($contactemail, $subject, $message, '', '', '', false, 'text', '', $mybb->get_input('email', MyBB::INPUT_STRING));
 227  
 228          $plugins->run_hooks('contact_do_end');
 229  
 230          if($mybb->settings['mail_logging'] > 0)
 231          {
 232              // Log the message
 233              $log_entry = array(
 234                  "subject" => $db->escape_string($subject),
 235                  "message" => $db->escape_string($message),
 236                  "dateline" => TIME_NOW,
 237                  "fromuid" => $mybb->user['uid'],
 238                  "fromemail" => $db->escape_string($mybb->input['email']),
 239                  "touid" => 0,
 240                  "toemail" => $db->escape_string($contactemail),
 241                  "tid" => 0,
 242                  "ipaddress" => $db->escape_binary($session->packedip),
 243                  "type" => 3
 244              );
 245              $db->insert_query("maillogs", $log_entry);
 246          }
 247          
 248          $mybb->input['from'] = $mybb->get_input('from');
 249          if(!empty($mybb->input['from']))
 250          {
 251              redirect($mybb->input['from'], $lang->contact_success_message, '', true);
 252          }
 253          else
 254          {
 255              redirect('index.php', $lang->contact_success_message, '', true);
 256          }
 257      }
 258      else
 259      {
 260          $errors = inline_error($errors);
 261      }
 262  }
 263  
 264  if(empty($errors))
 265  {
 266      $errors = '';
 267  }
 268  
 269  // Generate CAPTCHA?
 270  $captcha = '';
 271  
 272  if($mybb->settings['captchaimage'] && !$mybb->user['uid'])
 273  {
 274      $post_captcha = new captcha(true, "post_captcha");
 275  
 276      if($post_captcha->html)
 277      {
 278          $captcha = $post_captcha->html;
 279      }
 280  }
 281  
 282  $contact_subject = htmlspecialchars_uni($mybb->input['subject']);
 283  $contact_message = htmlspecialchars_uni($mybb->input['message']);
 284  
 285  if($mybb->user['uid'] && !$mybb->get_input('email'))
 286  {
 287      $user_email = htmlspecialchars_uni($mybb->user['email']);
 288  }
 289  else
 290  {
 291      $user_email = htmlspecialchars_uni($mybb->get_input('email'));
 292  }
 293  
 294  if(isset($mybb->input['from']))
 295  {
 296      $redirect_url = htmlspecialchars_uni($mybb->get_input('from'));
 297  }
 298  else if(isset($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], $mybb->settings['bburl']) !== false  && strpos($_SERVER['HTTP_REFERER'], "contact.php") === false)
 299  {
 300      $redirect_url = htmlentities($_SERVER['HTTP_REFERER']);
 301  }
 302  else
 303  {
 304      $redirect_url = '';
 305  }
 306  
 307  $plugins->run_hooks('contact_end');
 308  
 309  eval("\$page = \"".$templates->get("contact")."\";");
 310  output_page($page);


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref