[ Index ]

PHP Cross Reference of MyBB 1.8.38

title

Body

[close]

/ -> sendthread.php (source)

   1  <?php
   2  /**
   3   * MyBB 1.8
   4   * Copyright 2014 MyBB Group, All Rights Reserved
   5   *
   6   * Website: http://www.mybb.com
   7   * License: http://www.mybb.com/about/license
   8   *
   9   */
  10  
  11  define("IN_MYBB", 1);
  12  define('THIS_SCRIPT', 'sendthread.php');
  13  
  14  $templatelist = "sendthread,sendthread_fromemail,forumdisplay_password_wrongpass,forumdisplay_password,post_captcha,post_captcha_nocaptcha,post_captcha_hcaptcha";
  15  
  16  require_once  "./global.php";
  17  require_once  MYBB_ROOT."inc/functions_post.php";
  18  require_once  MYBB_ROOT."inc/class_parser.php";
  19  $parser = new postParser;
  20  
  21  // Load global language phrases
  22  $lang->load("sendthread");
  23  
  24  // Get thread info
  25  $tid = $mybb->get_input('tid', MyBB::INPUT_INT);
  26  $thread = get_thread($tid);
  27  
  28  // Invalid thread
  29  if(!$thread || $thread['visible'] != 1)
  30  {
  31      error($lang->error_invalidthread);
  32  }
  33  
  34  // Get thread prefix
  35  $breadcrumbprefix = '';
  36  $threadprefix = array('prefix' => '');
  37  if($thread['prefix'])
  38  {
  39      $threadprefix = build_prefixes($thread['prefix']);
  40      if(!empty($threadprefix['displaystyle']))
  41      {
  42          $breadcrumbprefix = $threadprefix['displaystyle'].'&nbsp;';
  43      }
  44  }
  45  
  46  $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject']));
  47  
  48  // Make navigation
  49  build_forum_breadcrumb($thread['fid']);
  50  add_breadcrumb($breadcrumbprefix.$thread['subject'], get_thread_link($thread['tid']));
  51  add_breadcrumb($lang->nav_sendthread);
  52  
  53  // Get forum info
  54  $forum = get_forum($thread['fid']);
  55  $forumpermissions = forum_permissions($forum['fid']);
  56  
  57  // Invalid forum?
  58  if(!$forum || $forum['type'] != "f")
  59  {
  60      error($lang->error_invalidforum);
  61  }
  62  
  63  // This user can't view this forum or this thread
  64  if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid']))
  65  {
  66      error_no_permission();
  67  }
  68  
  69  // Check if this forum is password protected and we have a valid password
  70  check_forum_password($forum['fid']);
  71  
  72  if($mybb->usergroup['cansendemail'] == 0)
  73  {
  74      error_no_permission();
  75  }
  76  
  77  // Check group limits
  78  if($mybb->usergroup['maxemails'] > 0)
  79  {
  80      if($mybb->user['uid'] > 0)
  81      {
  82          $user_check = "fromuid='{$mybb->user['uid']}'";
  83      }
  84      else
  85      {
  86          $user_check = "ipaddress=".$db->escape_binary($session->packedip);
  87      }
  88  
  89      $query = $db->simple_select("maillogs", "COUNT(*) AS sent_count", "{$user_check} AND dateline >= '".(TIME_NOW - (60*60*24))."'");
  90      $sent_count = $db->fetch_field($query, "sent_count");
  91      if($sent_count >= $mybb->usergroup['maxemails'])
  92      {
  93          $lang->error_max_emails_day = $lang->sprintf($lang->error_max_emails_day, $mybb->usergroup['maxemails']);
  94          error($lang->error_max_emails_day);
  95      }
  96  }
  97  
  98  // Check email flood control
  99  if($mybb->usergroup['emailfloodtime'] > 0)
 100  {
 101      if($mybb->user['uid'] > 0)
 102      {
 103          $user_check = "fromuid='{$mybb->user['uid']}'";
 104      }
 105      else
 106      {
 107          $user_check = "ipaddress=".$db->escape_binary($session->packedip);
 108      }
 109  
 110      $timecut = TIME_NOW-$mybb->usergroup['emailfloodtime']*60;
 111  
 112      $query = $db->simple_select("maillogs", "mid, dateline", "{$user_check} AND dateline > '{$timecut}'", array('order_by' => "dateline", 'order_dir' => "DESC"));
 113      $last_email = $db->fetch_array($query);
 114  
 115      // Users last email was within the flood time, show the error
 116      if($last_email['mid'])
 117      {
 118          $remaining_time = ($mybb->usergroup['emailfloodtime']*60)-(TIME_NOW-$last_email['dateline']);
 119  
 120          if($remaining_time == 1)
 121          {
 122              $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_second, $mybb->usergroup['emailfloodtime']);
 123          }
 124          elseif($remaining_time < 60)
 125          {
 126              $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_seconds, $mybb->usergroup['emailfloodtime'], $remaining_time);
 127          }
 128          elseif($remaining_time > 60 && $remaining_time < 120)
 129          {
 130              $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_minute, $mybb->usergroup['emailfloodtime']);
 131          }
 132          else
 133          {
 134              $remaining_time_minutes = ceil($remaining_time/60);
 135              $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_minutes, $mybb->usergroup['emailfloodtime'], $remaining_time_minutes);
 136          }
 137  
 138          error($lang->error_emailflooding);
 139      }
 140  }
 141  
 142  $errors = array();
 143  
 144  $mybb->input['action'] = $mybb->get_input('action');
 145  if($mybb->input['action'] == "do_sendtofriend" && $mybb->request_method == "post")
 146  {
 147      // Verify incoming POST request
 148      verify_post_check($mybb->get_input('my_post_key'));
 149  
 150      $plugins->run_hooks("sendthread_do_sendtofriend_start");
 151  
 152      if(!validate_email_format($mybb->input['email']))
 153      {
 154          $errors[] = $lang->error_invalidemail;
 155      }
 156  
 157      if($mybb->user['uid'])
 158      {
 159          $mybb->input['fromemail'] = $mybb->user['email'];
 160          $mybb->input['fromname'] = $mybb->user['username'];
 161      }
 162  
 163      if(!validate_email_format($mybb->input['fromemail']))
 164      {
 165          $errors[] = $lang->error_invalidfromemail;
 166      }
 167  
 168      if(empty($mybb->input['fromname']))
 169      {
 170          $errors[] = $lang->error_noname;
 171      }
 172  
 173      if(empty($mybb->input['subject']))
 174      {
 175          $errors[] = $lang->error_nosubject;
 176      }
 177  
 178      if(empty($mybb->input['message']))
 179      {
 180          $errors[] = $lang->error_nomessage;
 181      }
 182  
 183      if($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0)
 184      {
 185          require_once  MYBB_ROOT.'inc/class_captcha.php';
 186          $captcha = new captcha;
 187  
 188          if($captcha->validate_captcha() == false)
 189          {
 190              // CAPTCHA validation failed
 191              foreach($captcha->get_errors() as $error)
 192              {
 193                  $errors[] = $error;
 194              }
 195          }
 196      }
 197  
 198      // No errors detected
 199      if(count($errors) == 0)
 200      {
 201          $threadlink = get_thread_link($thread['tid']);
 202  
 203          $message = $lang->sprintf($lang->email_sendtofriend, $mybb->input['fromname'], $mybb->settings['bbname'], $mybb->settings['bburl']."/".$threadlink, $mybb->input['message']);
 204  
 205          // Send the actual message
 206          my_mail($mybb->input['email'], $mybb->input['subject'], $message, "", "", "", false, "text", "", $mybb->input['fromemail']);
 207  
 208          if($mybb->settings['mail_logging'] > 0)
 209          {
 210              // Log the message
 211              $log_entry = array(
 212                  "subject" => $db->escape_string($mybb->input['subject']),
 213                  "message" => $db->escape_string($message),
 214                  "dateline" => TIME_NOW,
 215                  "fromuid" => $mybb->user['uid'],
 216                  "fromemail" => $db->escape_string($mybb->input['fromemail']),
 217                  "touid" => 0,
 218                  "toemail" => $db->escape_string($mybb->input['email']),
 219                  "tid" => $thread['tid'],
 220                  "ipaddress" => $db->escape_binary($session->packedip),
 221                  "type" => 2
 222              );
 223              $db->insert_query("maillogs", $log_entry);
 224          }
 225  
 226          $plugins->run_hooks("sendthread_do_sendtofriend_end");
 227          redirect(get_thread_link($thread['tid']), $lang->redirect_emailsent);
 228      }
 229      else
 230      {
 231          $mybb->input['action'] = '';
 232      }
 233  }
 234  
 235  if(!$mybb->input['action'])
 236  {
 237      $plugins->run_hooks("sendthread_start");
 238  
 239      // Do we have some errors?
 240      if(count($errors) >= 1)
 241      {
 242          $errors = inline_error($errors);
 243          $email = htmlspecialchars_uni($mybb->input['email']);
 244          $fromname = htmlspecialchars_uni($mybb->input['fromname']);
 245          $fromemail = htmlspecialchars_uni($mybb->input['fromemail']);
 246          $subject = htmlspecialchars_uni($mybb->input['subject']);
 247          $message = htmlspecialchars_uni($mybb->input['message']);
 248      }
 249      else
 250      {
 251          $errors = '';
 252          $email = '';
 253          $fromname = '';
 254          $fromemail = '';
 255          $subject = $lang->sprintf($lang->emailsubject_sendtofriend, $mybb->settings['bbname']);
 256          $message = '';
 257      }
 258  
 259      // Generate CAPTCHA?
 260      if($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0)
 261      {
 262          require_once  MYBB_ROOT.'inc/class_captcha.php';
 263          $post_captcha = new captcha(true, "post_captcha");
 264  
 265          if($post_captcha->html)
 266          {
 267              $captcha = $post_captcha->html;
 268          }
 269      }
 270      else
 271      {
 272          $captcha = '';
 273      }
 274  
 275      $from_email = '';
 276      if($mybb->user['uid'] == 0)
 277      {
 278          eval("\$from_email = \"".$templates->get("sendthread_fromemail")."\";");
 279      }
 280  
 281      $plugins->run_hooks("sendthread_end");
 282  
 283      eval("\$sendtofriend = \"".$templates->get("sendthread")."\";");
 284      output_page($sendtofriend);
 285  }


2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup Cross-referenced by PHPXref