[Summary view] [Print] [Text view]

   1  <?php
   2  /***************************************************************************
   3   *                             usercp_email.php 
   4   *                            -------------------
   5   *   begin                : Saturday, Feb 13, 2001
   6   *   copyright            : (C) 2001 The phpBB Group
   7   *   email                : support@phpbb.com
   8   *
   9   *   $Id: usercp_email.php 6772 2006-12-16 13:11:28Z acydburn $
  10   *
  11   *
  12   ***************************************************************************/
  13  
  14  /***************************************************************************
  15   *
  16   *   This program is free software; you can redistribute it and/or modify
  17   *   it under the terms of the GNU General Public License as published by
  18   *   the Free Software Foundation; either version 2 of the License, or
  19   *   (at your option) any later version.
  20   *
  21   *
  22   ***************************************************************************/
  23  
  24  if ( !defined('IN_PHPBB') )
  25  {
  26      die("Hacking attempt");
  27      exit;
  28  }
  29  
  30  // Is send through board enabled? No, return to index
  31  if (!$board_config['board_email_form'])
  32  {
  33      redirect(append_sid("index.$phpEx", true));
  34  }
  35  
  36  if ( !empty($HTTP_GET_VARS[POST_USERS_URL]) || !empty($HTTP_POST_VARS[POST_USERS_URL]) )
  37  {
  38      $user_id = ( !empty($HTTP_GET_VARS[POST_USERS_URL]) ) ? intval($HTTP_GET_VARS[POST_USERS_URL]) : intval($HTTP_POST_VARS[POST_USERS_URL]);
  39  }
  40  else
  41  {
  42      message_die(GENERAL_MESSAGE, $lang['No_user_specified']);
  43  }
  44  
  45  if ( !$userdata['session_logged_in'] )
  46  {
  47      redirect(append_sid("login.$phpEx?redirect=profile.$phpEx&mode=email&" . POST_USERS_URL . "=$user_id", true));
  48  }
  49  
  50  $sql = "SELECT username, user_email, user_viewemail, user_lang  
  51      FROM " . USERS_TABLE . " 
  52      WHERE user_id = $user_id";
  53  if ( $result = $db->sql_query($sql) )
  54  {
  55      if ( $row = $db->sql_fetchrow($result) )
  56      {
  57  
  58          $username = $row['username'];
  59          $user_email = $row['user_email']; 
  60          $user_lang = $row['user_lang'];
  61      
  62          if ( $row['user_viewemail'] || $userdata['user_level'] == ADMIN )
  63          {
  64              if ( time() - $userdata['user_emailtime'] < $board_config['flood_interval'] )
  65              {
  66                  message_die(GENERAL_MESSAGE, $lang['Flood_email_limit']);
  67              }
  68      
  69              if ( isset($HTTP_POST_VARS['submit']) )
  70              {
  71                  $error = FALSE;
  72      
  73                  if ( !empty($HTTP_POST_VARS['subject']) )
  74                  {
  75                      $subject = trim(stripslashes($HTTP_POST_VARS['subject']));
  76                  }
  77                  else
  78                  {
  79                      $error = TRUE;
  80                      $error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_subject_email'] : $lang['Empty_subject_email'];
  81                  }
  82      
  83                  if ( !empty($HTTP_POST_VARS['message']) )
  84                  {
  85                      $message = trim(stripslashes($HTTP_POST_VARS['message']));
  86                  }
  87                  else
  88                  {
  89                      $error = TRUE;
  90                      $error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_message_email'] : $lang['Empty_message_email'];
  91                  }
  92      
  93                  if ( !$error )
  94                  {
  95                      $sql = "UPDATE " . USERS_TABLE . " 
  96                          SET user_emailtime = " . time() . " 
  97                          WHERE user_id = " . $userdata['user_id'];
  98                      if ( $result = $db->sql_query($sql) )
  99                      {
 100                          include($phpbb_root_path . 'includes/emailer.'.$phpEx);
 101                          $emailer = new emailer($board_config['smtp_delivery']);
 102      
 103                          $emailer->from($userdata['user_email']);
 104                          $emailer->replyto($userdata['user_email']);
 105      
 106                          $email_headers = 'X-AntiAbuse: Board servername - ' . $server_name . "\n";
 107                          $email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
 108                          $email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n";
 109                          $email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n";
 110      
 111                          $emailer->use_template('profile_send_email', $user_lang);
 112                          $emailer->email_address($user_email);
 113                          $emailer->set_subject($subject);
 114                          $emailer->extra_headers($email_headers);
 115      
 116                          $emailer->assign_vars(array(
 117                              'SITENAME' => $board_config['sitename'], 
 118                              'BOARD_EMAIL' => $board_config['board_email'], 
 119                              'FROM_USERNAME' => $userdata['username'], 
 120                              'TO_USERNAME' => $username, 
 121                              'MESSAGE' => $message)
 122                          );
 123                          $emailer->send();
 124                          $emailer->reset();
 125      
 126                          if ( !empty($HTTP_POST_VARS['cc_email']) )
 127                          {
 128                              $emailer->from($userdata['user_email']);
 129                              $emailer->replyto($userdata['user_email']);
 130                              $emailer->use_template('profile_send_email');
 131                              $emailer->email_address($userdata['user_email']);
 132                              $emailer->set_subject($subject);
 133      
 134                              $emailer->assign_vars(array(
 135                                  'SITENAME' => $board_config['sitename'], 
 136                                  'BOARD_EMAIL' => $board_config['board_email'], 
 137                                  'FROM_USERNAME' => $userdata['username'], 
 138                                  'TO_USERNAME' => $username, 
 139                                  'MESSAGE' => $message)
 140                              );
 141                              $emailer->send();
 142                              $emailer->reset();
 143                          }
 144      
 145                          $template->assign_vars(array(
 146                              'META' => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">')
 147                          );
 148      
 149                          $message = $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_index'],  '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
 150      
 151                          message_die(GENERAL_MESSAGE, $message);
 152                      }
 153                      else
 154                      {
 155                          message_die(GENERAL_ERROR, 'Could not update last email time', '', __LINE__, __FILE__, $sql);
 156                      }
 157                  }
 158              }
 159      
 160              include($phpbb_root_path . 'includes/page_header.'.$phpEx);
 161      
 162              $template->set_filenames(array(
 163                  'body' => 'profile_send_email.tpl')
 164              );
 165              make_jumpbox('viewforum.'.$phpEx);
 166      
 167              if ( $error )
 168              {
 169                  $template->set_filenames(array(
 170                      'reg_header' => 'error_body.tpl')
 171                  );
 172                  $template->assign_vars(array(
 173                      'ERROR_MESSAGE' => $error_msg)
 174                  );
 175                  $template->assign_var_from_handle('ERROR_BOX', 'reg_header');
 176              }
 177      
 178              $template->assign_vars(array(
 179                  'USERNAME' => $username,
 180      
 181                  'S_HIDDEN_FIELDS' => '', 
 182                  'S_POST_ACTION' => append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL . "=$user_id"), 
 183      
 184                  'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'], 
 185                  'L_RECIPIENT' => $lang['Recipient'], 
 186                  'L_SUBJECT' => $lang['Subject'],
 187                  'L_MESSAGE_BODY' => $lang['Message_body'], 
 188                  'L_MESSAGE_BODY_DESC' => $lang['Email_message_desc'], 
 189                  'L_EMPTY_SUBJECT_EMAIL' => $lang['Empty_subject_email'],
 190                  'L_EMPTY_MESSAGE_EMAIL' => $lang['Empty_message_email'],
 191                  'L_OPTIONS' => $lang['Options'],
 192                  'L_CC_EMAIL' => $lang['CC_email'], 
 193                  'L_SPELLCHECK' => $lang['Spellcheck'],
 194                  'L_SEND_EMAIL' => $lang['Send_email'])
 195              );
 196      
 197              $template->pparse('body');
 198      
 199              include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
 200          }
 201          else
 202          {
 203              message_die(GENERAL_MESSAGE, $lang['User_prevent_email']);
 204          }
 205      }
 206      else
 207      {
 208          message_die(GENERAL_MESSAGE, $lang['User_not_exist']);
 209      }
 210  }
 211  else
 212  {
 213      message_die(GENERAL_ERROR, 'Could not select user data', '', __LINE__, __FILE__, $sql);
 214  }
 215  
 216  ?>