search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Codechange: Gruppierung der Ausgabe der Benutzerliste, Tabellen mit <thead> und ...
[wmmkf.git] / contact.php
blobd55d564481d6548ec51b80bf4d140c1841e21daa
1 <?php
2 ###############################################################################
3 # my little forum #
4 # Copyright (C) 2005 Alex #
5 # http://www.mylittlehomepage.net/ #
6 # #
7 # This program is free software; you can redistribute it and/or #
8 # modify it under the terms of the GNU General Public License #
9 # as published by the Free Software Foundation; either version 2 #
10 # of the License, or (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program; if not, write to the Free Software #
19 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. #
20 ###############################################################################
21
22 include_once("inc.php");
23 include_once("functions/include.prepare.php");
24
25 if (isset($_GET['id'])) $id = $_GET['id'];
26 if (isset($_POST['id'])) $id = $_POST['id'];
27 if (isset($_GET['uid'])) $uid = $_GET['uid'];
28 if (isset($_POST['uid'])) $uid = $_POST['uid'];
29 if (isset($_GET['view'])) $view = $_GET['view'];
30 if (isset($_GET['page'])) $page = $_GET['page'];
31 if (isset($_GET['order'])) $order = $_GET['order'];
32 if (isset($_GET['category'])) $category = $_GET['category'];
33 if (isset($_GET['descasc'])) $descasc = $_GET['descasc'];
34 if (isset($_GET['forum_contact'])) $forum_contact = $_GET['forum_contact'];
35 if (isset($_POST['forum_contact'])) $forum_contact = $_POST['forum_contact'];
36 if (isset($_POST['view'])) $view = $_POST['view'];
37 if (isset($_POST['page'])) $page = $_POST['page'];
38 if (isset($_GET['order'])) $order = $_GET['order'];
39 if (isset($_POST['category'])) $category = $_POST['category'];
40 if (isset($_POST['descasc'])) $descasc = $_POST['descasc'];
41 if (empty($page)) $page = 0;
42 if (empty($order)) $order = "time";
43 $category = empty($category) ? 0 : intval($category);
44 if (empty($descasc)) $descasc = "DESC";
45
46 # user is not logged in: captcha required (if setted)
47 if (empty($_SESSION[$settings['session_prefix'].'user_id']) && $settings['captcha_contact']==1)
48 {
49 require('captcha/captcha.php');
50 $captcha = new captcha();
51 }
52 # user is not logged in and tries to contact a specific user: no access
53 if (!isset($_SESSION[$settings['session_prefix'].'user_id']) && isset($uid))
54 {
55 header("location: ".$settings['forum_address']."index.php");
56 die("<a href=\"index.php\">further...</a>");
57 }
58 # user is not logged in, wants not contact a specific user:
59 # reload the page to contact an admin
60 if (empty($id) && empty($uid) && empty($forum_contact))
61 {
62 header("location: ".$settings['forum_address']."contact.php?forum_contact=true");
63 die("<a href=\"contact.php?forum_contact=true\">further...</a>");
64 }
65
66 if (isset($id) || isset($uid) || isset($forum_contact))
67 {
68 if (isset($_COOKIE['user_name']) && empty($_POST["form_submitted"])) $sender_name = $_COOKIE['user_name'];
69 if (isset($_COOKIE['user_email']) && empty($_POST["form_submitted"])) $sender_email = $_COOKIE['user_email'];
70 if (isset($_SESSION[$settings['session_prefix'].'user_id']) && empty($_POST["form_submitted"]))
71 {
72 $ue_result = mysql_query("SELECT user_email FROM ". $db_settings['userdata_table'] ." WHERE user_id = '". intval($_SESSION[$settings['session_prefix'].'user_id']) ."' LIMIT 1", $connid);
73 if (!$ue_result) die($lang['db_error']);
74 $ue_field = mysql_fetch_assoc($ue_result);
75 mysql_free_result($ue_result);
76 $sender_name = $_SESSION[$settings['session_prefix'].'user_name'];
77 $sender_email = $ue_field['user_email'];
78 }
79
80 if (isset($id))
81 {
82 $result = mysql_query("SELECT tid, user_id, name, email, subject FROM ". $db_settings['forum_table'] ." WHERE id = '". intval($id) ."' LIMIT 1", $connid);
83 if (!$result) die($lang['db_error']);
84 $field = mysql_fetch_assoc($result);
85 mysql_free_result($result);
86 $name = $field['name'];
87 $email = $field['email'];
88 }
89 else if (isset($uid))
90 {
91 $result = mysql_query("SELECT user_id, user_name, user_email, hide_email FROM ". $db_settings['userdata_table'] ." WHERE user_id = '". intval($uid) ."' LIMIT 1", $connid);
92 if (!$result) die($lang['db_error']);
93 $field = mysql_fetch_assoc($result);
94 mysql_free_result($result);
95 $name = $field['user_name'];
96 $email = $field['user_email'];
97 $hide_email = $field['hide_email'];
98 }
99
100 if (isset($field['user_id']) && $field['user_id'] > 0 && empty($uid))
101 {
102 $user_result = mysql_query("SELECT user_email, hide_email FROM ". $db_settings['userdata_table'] ." WHERE user_id = '". intval($field['user_id']) ."' LIMIT 1", $connid);
103 if (!$user_result) die($lang['db_error']);
104 $user_field = mysql_fetch_assoc($user_result);
105 mysql_free_result($user_result);
106 $email = $user_field['user_email'];
107 $hide_email = $user_field['hide_email'];
108 }
109
110 if (empty($forum_contact) && $field['user_id'] == 0 && $email == "" || empty($forum_contact) && $field['user_id'] > 0 && $hide_email == 1) $no_message = true;
111
112 if (isset($_POST["form_submitted"]))
113 {
114 # übergebene Variablen ermitteln:
115 $sender_name = trim(preg_replace("/\n/", "", preg_replace("/\r/", "", $_POST['sender_name'])));
116 $sender_email = trim(preg_replace("/\n/", "", preg_replace("/\r/", "", $_POST['sender_email'])));
117 $subject = trim($_POST['subject']);
118
119 # Check the data:
120 unset($errors);
121 if ($sender_name == "") $errors[] = $lang['error_no_name'];
122 if ($sender_email == "") $errors[] = $lang['error_no_email'];
123 if ($sender_email != "" and !preg_match($validator['email'], $sender_email)) $errors[] = $lang['error_email_wrong'];
124 if (empty($_POST['text'])) $errors[] = $lang['error_no_text'];
125
126 # TODO check for banned IPs
127
128 # check for not accepted words:
129 $result = mysql_query("SELECT list FROM ". $db_settings['banlists_table'] ." WHERE name = 'words' LIMIT 1", $connid);
130 if (!$result) die($lang['db_error']);
131 $data = mysql_fetch_assoc($result);
132 mysql_free_result($result);
133 if (trim($data['list']) != '')
134 {
135 $not_accepted_words = explode(',',trim($data['list']));
136 foreach ($not_accepted_words as $not_accepted_word)
137 {
138 if ($not_accepted_word!=''
139 && (preg_match("/".$not_accepted_word."/i",$sender_name)
140 || preg_match("/".$not_accepted_word."/i",$sender_email)
141 || preg_match("/".$not_accepted_word."/i",$subject)
142 || preg_match("/".$not_accepted_word."/i",$text)))
143 {
144 $errors[] = $lang['err_mail_not_accepted_word'];
145 break;
146 }
147 }
148 }
149
150 // CAPTCHA check:
151 if (empty($_SESSION[$settings['session_prefix'].'user_id']) && $settings['captcha_contact']==1)
152 {
153 if (empty($_SESSION['captcha_session'])) $errors[] = $lang['captcha_code_invalid'];
154 if (empty($errors))
155 {
156 if( $settings['captcha_type']==1)
157 {
158 if ($captcha->check_captcha($_SESSION['captcha_session'],$_POST['captcha_code'])!=TRUE) $errors[] = $lang['captcha_code_invalid'];
159 }
160 else
161 {
162 if ($captcha->check_math_captcha($_SESSION['captcha_session'][2],$_POST['captcha_code'])!=TRUE) $errors[] = $lang['captcha_code_invalid'];
163 }
164 }
165 }
166
167 if(empty($errors))
168 {
169 # process text content of the message
170 $emailbody = trim($_POST['text'])."\n\n". str_replace("[forum_address]", $settings['forum_address'], strip_tags($lang['msg_add']));
171 # generate and process TO
172 if (isset($forum_contact))
173 {
174 $name = $settings['forum_name'];
175 $email = $settings['forum_email'];
176 }
177 $an = mb_encode_mimeheader($name, "UTF-8")." <".$email.">";
178 # process subject
179 $mail_subject = ($_POST['subject'] != "") ? trim($_POST['subject']) : $lang['email_no_subject'];
180 $emailsubject = strip_tags($mail_subject);
181 # send email
182 $sent = processEmail($an, $emailsubject, $emailbody, $sender_email);
183 unset($emailsubject);
184 unset($emailbody);
185 unset($an);
186 // Bestätigung:
187 if (isset($sent) and $sent === true)
188 {
189 $emailbody = strip_tags($lang['conf_email_txt']);
190 $emailbody = str_replace("[forum_address]", $settings['forum_address'], $emailbody);
191 $emailbody = str_replace("[sender_name]", $sender_name, $emailbody);
192 $emailbody = str_replace("[recipient_name]", $name, $emailbody);
193 $emailbody = str_replace("[subject]", $mail_subject, $emailbody);
194 $emailbody .= "\n\n".$text;
195 # generate and process TO
196 $an = mb_encode_mimeheader($sender_name, "UTF-8")." <".$sender_email.">";
197 # process subject
198 $emailsubject = strip_tags($lang['conf_sj']);
199 # send email
200 $sent = processEmail($an, $emailsubject, $emailbody);
201 unset($emailsubject);
202 unset($emailbody);
203 unset($an);
204 }
205 }
206 }
207 }
208
209
210 $subnav_1 = '';
211 if (isset($uid))
212 {
213 $subnav_1 .= '<a class="textlink" href="user.php?id='. intval($uid) .'">'. $lang['back_linkname'] .'</a>';
214 }
215 else if (isset($forum_contact))
216 {
217 $subnav_1 .= '<a class="textlink" href="index.php">'. $lang['back_linkname'] .'</a>';
218 }
219 else if ($id == 0 || isset($no_message))
220 {
221 $subnav_1 .= '<a class="textlink" href="javascript:history.back(1)">'. $lang['back_linkname'] .'</a>';
222 }
223 else
224 {
225 if (empty($view))
226 {
227 $subnav_1 .= '&nbsp;<a class="textlink" href="forum_entry.php?id='. intval($id) .'">'. str_replace("[name]", htmlspecialchars($field["name"]), $lang['back_to_posting_linkname']) .'</a>';
228 }
229 else
230 {
231 $backURL = ($view == "board") ? 'board_entry.php' : 'mix_entry.php';
232 $subnav_1 .= '&nbsp;<a class="textlink" href="'. $backURL .'?id='. intval($field['tid']) .'">'. $lang['back_to_topic_linkname'] .'</a>';
233 }
234 }
235
236 $wo = $email_headline;
237 parse_template();
238 echo $header;
239 if (isset($id) || isset($uid) || isset($forum_contact))
240 {
241 if (empty($no_message))
242 {
243 echo '<h2>';
244 echo (isset($forum_contact)) ? $lang['forum_contact_hl'] : str_replace("[name]", htmlspecialchars($name), $lang['message_to']);
245 echo '</h2>'."\n";
246 }
247 if (empty($sent) && empty($no_message))
248 {
249 if(isset($errors))
250 {
251 echo errorMessages($errors);
252 }
253 if(empty($_SESSION[$settings['session_prefix'].'user_id'])
254 && $settings['captcha_contact']==1)
255 {
256 if($settings['captcha_type']==1) $_SESSION['captcha_session'] = $captcha->generate_code();
257 else $_SESSION['captcha_session'] = $captcha->generate_math_captcha();
258 }
259 echo '<form method="post" action="'.$_SERVER["SCRIPT_NAME"].'" accept-charset="UTF-8">'."\n";
260 if(empty($_SESSION[$settings['session_prefix'].'user_id'])
261 && $settings['captcha_contact']==1)
262 {
263 echo '<input type="hidden" name="'. session_name() .'" value="'. session_id() .'" />'."\n";
264 }
265 if (isset($id))
266 {
267 echo '<input type="hidden" name="id" value="'. intval($id) .'" />'."\n";
268 }
269 else if (isset($uid))
270 {
271 echo '<input type="hidden" name="uid" value="'. intval($uid) .'" />'."\n";
272 }
273 if (isset($view))
274 {
275 echo '<input type="hidden" name="view" value="'. htmlspecialchars($view) .'" />'."\n";
276 }
277 if (isset($forum_contact))
278 {
279 echo '<input type="hidden" name="forum_contact" value="'. $forum_contact .'" />'."\n";
280 }
281 if (isset($page) && isset($order) && isset($category) && isset($descasc))
282 {
283 echo '<input type="hidden" name="page" value="'. intval($page) .'" />'."\n";
284 echo '<input type="hidden" name="order" value="'. htmlspecialchars($order) .'" />'."\n";
285 echo '<input type="hidden" name="category" value="'. intval($category) .'" />'."\n";
286 echo '<input type="hidden" name="descasc" value="'. htmlspecialchars($descasc) .'" />'."\n";
287 }
288 echo '<table>'."\n";
289 echo '<tr>'."\n";
290 echo '<td><label for="sender_name">'. $lang['name_marking_msg'] .'</label></td>'."\n";
291 echo '<td><input type="text" name="sender_name" value="';
292 echo isset($sender_name) ? htmlspecialchars($sender_name) : "";
293 echo '" size="40" id="sender_name" /></td>'."\n";
294 echo '</tr><tr>'."\n";
295 echo '<td><label for="sender_email">'. $lang['email_marking_msg'] .'</label></td>'."\n";
296 echo '<td><input type="text" name="sender_email" value="';
297 echo isset($sender_email) ? htmlspecialchars($sender_email) : "";
298 echo '" size="40" id="sender_email" /></td>'."\n";
299 echo '</tr><tr>'."\n";
300 echo '<td><label for="subject">'. $lang['subject_marking'] .'</label></td>'."\n";
301 echo '<td><input type="text" name="subject" value="';
302 echo isset($subject) ? htmlspecialchars($subject) : "";
303 echo '" size="40" id="subject" /></td>'."\n";
304 echo '</tr><tr>'."\n";
305 echo '<td colspan="2"><textarea name="text" cols="60" rows="15">';
306 echo isset($text) ? htmlspecialchars($text) : "";
307 echo '</textarea></td>'."\n";
308 echo '</tr>';
309 if (empty($_SESSION[$settings['session_prefix'].'user_id'])
310 && $settings['captcha_contact']==1)
311 {
312 echo '<tr>'."\n";
313 echo '<td colspan="2" class="bold">'. $lang['captcha_marking'] .'</td>'."\n";
314 echo '</tr>';
315 if($settings['captcha_type']==1)
316 {
317 echo '<tr>'."\n";
318 echo '<td colspan="2"><img class="captcha" src="captcha/captcha_image.php';
319 echo '?'. SID .'" alt="'. outputLangDebugInAttributes($lang['captcha_image_alt']);
320 echo '" width="180" height="40"/></td>'."\n";
321 echo '</tr><tr>'."\n";
322 echo '<td colspan="2">'. $lang['captcha_expl_image'] .'</td>'."\n";
323 echo '</tr><tr>'."\n";
324 echo '<td colspan="2"><input type="text" name="captcha_code" value="" size="10" /></td>'."\n";
325 echo '</tr>';
326 }
327 else
328 {
329 echo '<tr>'."\n";
330 echo '<td colspan="2">'. $lang['captcha_expl_math'] .'</td>'."\n";
331 echo '</tr><tr>'."\n";
332 echo '<td colspan="2">'. $_SESSION['captcha_session'][0];
333 echo ' + '. $_SESSION['captcha_session'][1];
334 echo ' = <input type="text" name="captcha_code" value="" size="5" /></td>'."\n";
335 echo '</tr>';
336 }
337 }
338 echo '</table>'."\n";
339 echo '<p><input type="submit" name="form_submitted" value="';
340 echo outputLangDebugInAttributes($lang['pers_msg_subm_button']) .'" /></p>'."\n";
341 echo '</form>'."\n";
342 }
343 else if (empty($sent) && isset($no_message))
344 {
345 echo '<p>'. $lang['email_unknown'] .'</p>'."\n";
346 }
347 else
348 {
349 echo '<p>';
350 echo (isset($forum_contact)) ? $lang['forum_contact_sent'] : str_replace("[name]", htmlspecialchars($name), $lang['msg_sent']);
351 echo '</p>'."\n";
352 }
353 }
354 echo $footer;
355 ?>
a fork of mylittleforum version 1