[ Index ]

PHP Cross Reference of MyBB 1.8.12

title

Body

[close]

/ -> sendthread.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'sendthread.php');
  13  
  14  $templatelist = "sendthread,sendthread_fromemail,forumdisplay_password_wrongpass,forumdisplay_password,post_captcha,post_captcha_recaptcha,post_captcha_nocaptcha";
  15  
  16  require_once  "./global.php";
  17  require_once  MYBB_ROOT."inc/functions_post.php";
  18  require_once  MYBB_ROOT."inc/class_parser.php";
  19  $parser = new postParser;
  20  
  21  // Load global language phrases
  22  $lang->load("sendthread");
  23  
  24  // Get thread info
  25  $tid = $mybb->get_input('tid', MyBB::INPUT_INT);
  26  $thread = get_thread($tid);
  27  
  28  // Invalid thread
  29  if(!$thread || $thread['visible'] != 1)
  30  {
  31      error($lang->error_invalidthread);
  32  }
  33  
  34  // Get thread prefix
  35  $breadcrumbprefix = '';
  36  $threadprefix = array('prefix' => '');
  37  if($thread['prefix'])
  38  {
  39      $threadprefix = build_prefixes($thread['prefix']);
  40      if(!empty($threadprefix['displaystyle']))
  41      {
  42          $breadcrumbprefix = $threadprefix['displaystyle'].'&nbsp;';
  43      }
  44  }
  45  
  46  $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject']));
  47  
  48  // Make navigation
  49  build_forum_breadcrumb($thread['fid']);
  50  add_breadcrumb($breadcrumbprefix.$thread['subject'], get_thread_link($thread['tid']));
  51  add_breadcrumb($lang->nav_sendthread);
  52  
  53  // Get forum info
  54  $forum = get_forum($thread['fid']);
  55  $forumpermissions = forum_permissions($forum['fid']);
  56  
  57  // Invalid forum?
  58  if(!$forum['fid'] || $forum['type'] != "f")
  59  {
  60      error($lang->error_invalidforum);
  61  }
  62  
  63  // This user can't view this forum or this thread
  64  if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
  65  {
  66      error_no_permission();
  67  }
  68  
  69  // Check if this forum is password protected and we have a valid password
  70  check_forum_password($forum['fid']);
  71  
  72  if($mybb->usergroup['cansendemail'] == 0)
  73  {
  74      error_no_permission();
  75  }
  76  
  77  // Check group limits
  78  if($mybb->usergroup['maxemails'] > 0)
  79  {
  80      if($mybb->user['uid'] > 0)
  81      {
  82          $user_check = "fromuid='{$mybb->user['uid']}'";
  83      }
  84      else
  85      {
  86          $user_check = "ipaddress=".$db->escape_binary($session->packedip);
  87      }
  88  
  89      $query = $db->simple_select("maillogs", "COUNT(*) AS sent_count", "{$user_check} AND dateline >= '".(TIME_NOW - (60*60*24))."'");
  90      $sent_count = $db->fetch_field($query, "sent_count");
  91      if($sent_count >= $mybb->usergroup['maxemails'])
  92      {
  93          $lang->error_max_emails_day = $lang->sprintf($lang->error_max_emails_day, $mybb->usergroup['maxemails']);
  94          error($lang->error_max_emails_day);
  95      }
  96  }
  97  
  98  // Check email flood control
  99  if($mybb->usergroup['emailfloodtime'] > 0)
 100  {
 101      if($mybb->user['uid'] > 0)
 102      {
 103          $user_check = "fromuid='{$mybb->user['uid']}'";
 104      }
 105      else
 106      {
 107          $user_check = "ipaddress=".$db->escape_binary($session->packedip);
 108      }
 109  
 110      $timecut = TIME_NOW-$mybb->usergroup['emailfloodtime']*60;
 111  
 112      $query = $db->simple_select("maillogs", "mid, dateline", "{$user_check} AND dateline > '{$timecut}'", array('order_by' => "dateline", 'order_dir' => "DESC"));
 113      $last_email = $db->fetch_array($query);
 114  
 115      // Users last email was within the flood time, show the error
 116      if($last_email['mid'])
 117      {
 118          $remaining_time = ($mybb->usergroup['emailfloodtime']*60)-(TIME_NOW-$last_email['dateline']);
 119  
 120          if($remaining_time == 1)
 121          {
 122              $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_second, $mybb->usergroup['emailfloodtime']);
 123          }
 124          elseif($remaining_time < 60)
 125          {
 126              $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_seconds, $mybb->usergroup['emailfloodtime'], $remaining_time);
 127          }
 128          elseif($remaining_time > 60 && $remaining_time < 120)
 129          {
 130              $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_minute, $mybb->usergroup['emailfloodtime']);
 131          }
 132          else
 133          {
 134              $remaining_time_minutes = ceil($remaining_time/60);
 135              $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_minutes, $mybb->usergroup['emailfloodtime'], $remaining_time_minutes);
 136          }
 137  
 138          error($lang->error_emailflooding);
 139      }
 140  }
 141  
 142  $errors = array();
 143  
 144  $mybb->input['action'] = $mybb->get_input('action');
 145  if($mybb->input['action'] == "do_sendtofriend" && $mybb->request_method == "post")
 146  {
 147      // Verify incoming POST request
 148      verify_post_check($mybb->input['my_post_key']);
 149  
 150      $plugins->run_hooks("sendthread_do_sendtofriend_start");
 151  
 152      if(!validate_email_format($mybb->input['email']))
 153      {
 154          $errors[] = $lang->error_invalidemail;
 155      }
 156  
 157      if($mybb->user['uid'])
 158      {
 159          $mybb->input['fromemail'] = $mybb->user['email'];
 160          $mybb->input['fromname'] = $mybb->user['username'];
 161      }
 162  
 163      if(!validate_email_format($mybb->input['fromemail']))
 164      {
 165          $errors[] = $lang->error_invalidfromemail;
 166      }
 167  
 168      if(empty($mybb->input['fromname']))
 169      {
 170          $errors[] = $lang->error_noname;
 171      }
 172  
 173      if(empty($mybb->input['subject']))
 174      {
 175          $errors[] = $lang->error_nosubject;
 176      }
 177  
 178      if(empty($mybb->input['message']))
 179      {
 180          $errors[] = $lang->error_nomessage;
 181      }
 182  
 183      if($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0)
 184      {
 185          require_once  MYBB_ROOT.'inc/class_captcha.php';
 186          $captcha = new captcha;
 187  
 188          if($captcha->validate_captcha() == false)
 189          {
 190              // CAPTCHA validation failed
 191              foreach($captcha->get_errors() as $error)
 192              {
 193                  $errors[] = $error;
 194              }
 195          }
 196      }
 197  
 198      // No errors detected
 199      if(count($errors) == 0)
 200      {
 201          if($mybb->settings['mail_handler'] == 'smtp')
 202          {
 203              $from = $mybb->input['fromemail'];
 204          }
 205          else
 206          {
 207              $from = "{$mybb->input['fromname']} <{$mybb->input['fromemail']}>";
 208          }
 209  
 210          $threadlink = get_thread_link($thread['tid']);
 211  
 212          $message = $lang->sprintf($lang->email_sendtofriend, $mybb->input['fromname'], $mybb->settings['bbname'], $mybb->settings['bburl']."/".$threadlink, $mybb->input['message']);
 213  
 214          // Send the actual message
 215          my_mail($mybb->input['email'], $mybb->input['subject'], $message, $from, "", "", false, "text", "", $mybb->input['fromemail']);
 216  
 217          if($mybb->settings['mail_logging'] > 0)
 218          {
 219              // Log the message
 220              $log_entry = array(
 221                  "subject" => $db->escape_string($mybb->input['subject']),
 222                  "message" => $db->escape_string($message),
 223                  "dateline" => TIME_NOW,
 224                  "fromuid" => $mybb->user['uid'],
 225                  "fromemail" => $db->escape_string($mybb->input['fromemail']),
 226                  "touid" => 0,
 227                  "toemail" => $db->escape_string($mybb->input['email']),
 228                  "tid" => $thread['tid'],
 229                  "ipaddress" => $db->escape_binary($session->packedip),
 230                  "type" => 2
 231              );
 232              $db->insert_query("maillogs", $log_entry);
 233          }
 234  
 235          $plugins->run_hooks("sendthread_do_sendtofriend_end");
 236          redirect(get_thread_link($thread['tid']), $lang->redirect_emailsent);
 237      }
 238      else
 239      {
 240          $mybb->input['action'] = '';
 241      }
 242  }
 243  
 244  if(!$mybb->input['action'])
 245  {
 246      $plugins->run_hooks("sendthread_start");
 247  
 248      // Do we have some errors?
 249      if(count($errors) >= 1)
 250      {
 251          $errors = inline_error($errors);
 252          $email = htmlspecialchars_uni($mybb->input['email']);
 253          $fromname = htmlspecialchars_uni($mybb->input['fromname']);
 254          $fromemail = htmlspecialchars_uni($mybb->input['fromemail']);
 255          $subject = htmlspecialchars_uni($mybb->input['subject']);
 256          $message = htmlspecialchars_uni($mybb->input['message']);
 257      }
 258      else
 259      {
 260          $errors = '';
 261          $email = '';
 262          $fromname = '';
 263          $fromemail = '';
 264          $subject = $lang->sprintf($lang->emailsubject_sendtofriend, $mybb->settings['bbname']);
 265          $message = '';
 266      }
 267  
 268      // Generate CAPTCHA?
 269      if($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0)
 270      {
 271          require_once  MYBB_ROOT.'inc/class_captcha.php';
 272          $post_captcha = new captcha(true, "post_captcha");
 273  
 274          if($post_captcha->html)
 275          {
 276              $captcha = $post_captcha->html;
 277          }
 278      }
 279      else
 280      {
 281          $captcha = '';
 282      }
 283  
 284      $from_email = '';
 285      if($mybb->user['uid'] == 0)
 286      {
 287          eval("\$from_email = \"".$templates->get("sendthread_fromemail")."\";");
 288      }
 289  
 290      $plugins->run_hooks("sendthread_end");
 291  
 292      eval("\$sendtofriend = \"".$templates->get("sendthread")."\";");
 293      output_page($sendtofriend);
 294  }


2005 - 2016 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref 0.7.1