| [ Index ] |
PHP Cross Reference of MyBB 1.8.37 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * MyBB 1.8 4 * Copyright 2014 MyBB Group, All Rights Reserved 5 * 6 * Website: http://www.mybb.com 7 * License: http://www.mybb.com/about/license 8 * 9 */ 10 11 define("IN_MYBB", 1); 12 define('THIS_SCRIPT', 'sendthread.php'); 13 14 $templatelist = "sendthread,sendthread_fromemail,forumdisplay_password_wrongpass,forumdisplay_password,post_captcha,post_captcha_nocaptcha,post_captcha_hcaptcha"; 15 16 require_once "./global.php"; 17 require_once MYBB_ROOT."inc/functions_post.php"; 18 require_once MYBB_ROOT."inc/class_parser.php"; 19 $parser = new postParser; 20 21 // Load global language phrases 22 $lang->load("sendthread"); 23 24 // Get thread info 25 $tid = $mybb->get_input('tid', MyBB::INPUT_INT); 26 $thread = get_thread($tid); 27 28 // Invalid thread 29 if(!$thread || $thread['visible'] != 1) 30 { 31 error($lang->error_invalidthread); 32 } 33 34 // Get thread prefix 35 $breadcrumbprefix = ''; 36 $threadprefix = array('prefix' => ''); 37 if($thread['prefix']) 38 { 39 $threadprefix = build_prefixes($thread['prefix']); 40 if(!empty($threadprefix['displaystyle'])) 41 { 42 $breadcrumbprefix = $threadprefix['displaystyle'].' '; 43 } 44 } 45 46 $thread['subject'] = htmlspecialchars_uni($parser->parse_badwords($thread['subject'])); 47 48 // Make navigation 49 build_forum_breadcrumb($thread['fid']); 50 add_breadcrumb($breadcrumbprefix.$thread['subject'], get_thread_link($thread['tid'])); 51 add_breadcrumb($lang->nav_sendthread); 52 53 // Get forum info 54 $forum = get_forum($thread['fid']); 55 $forumpermissions = forum_permissions($forum['fid']); 56 57 // Invalid forum? 58 if(!$forum || $forum['type'] != "f") 59 { 60 error($lang->error_invalidforum); 61 } 62 63 // This user can't view this forum or this thread 64 if($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0 || (isset($forumpermissions['canonlyviewownthreads']) && $forumpermissions['canonlyviewownthreads'] != 0 && $thread['uid'] != $mybb->user['uid'])) 65 { 66 error_no_permission(); 67 } 68 69 // Check if this forum is password protected and we have a valid password 70 check_forum_password($forum['fid']); 71 72 if($mybb->usergroup['cansendemail'] == 0) 73 { 74 error_no_permission(); 75 } 76 77 // Check group limits 78 if($mybb->usergroup['maxemails'] > 0) 79 { 80 if($mybb->user['uid'] > 0) 81 { 82 $user_check = "fromuid='{$mybb->user['uid']}'"; 83 } 84 else 85 { 86 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 87 } 88 89 $query = $db->simple_select("maillogs", "COUNT(*) AS sent_count", "{$user_check} AND dateline >= '".(TIME_NOW - (60*60*24))."'"); 90 $sent_count = $db->fetch_field($query, "sent_count"); 91 if($sent_count >= $mybb->usergroup['maxemails']) 92 { 93 $lang->error_max_emails_day = $lang->sprintf($lang->error_max_emails_day, $mybb->usergroup['maxemails']); 94 error($lang->error_max_emails_day); 95 } 96 } 97 98 // Check email flood control 99 if($mybb->usergroup['emailfloodtime'] > 0) 100 { 101 if($mybb->user['uid'] > 0) 102 { 103 $user_check = "fromuid='{$mybb->user['uid']}'"; 104 } 105 else 106 { 107 $user_check = "ipaddress=".$db->escape_binary($session->packedip); 108 } 109 110 $timecut = TIME_NOW-$mybb->usergroup['emailfloodtime']*60; 111 112 $query = $db->simple_select("maillogs", "mid, dateline", "{$user_check} AND dateline > '{$timecut}'", array('order_by' => "dateline", 'order_dir' => "DESC")); 113 $last_email = $db->fetch_array($query); 114 115 // Users last email was within the flood time, show the error 116 if($last_email['mid']) 117 { 118 $remaining_time = ($mybb->usergroup['emailfloodtime']*60)-(TIME_NOW-$last_email['dateline']); 119 120 if($remaining_time == 1) 121 { 122 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_second, $mybb->usergroup['emailfloodtime']); 123 } 124 elseif($remaining_time < 60) 125 { 126 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_seconds, $mybb->usergroup['emailfloodtime'], $remaining_time); 127 } 128 elseif($remaining_time > 60 && $remaining_time < 120) 129 { 130 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_1_minute, $mybb->usergroup['emailfloodtime']); 131 } 132 else 133 { 134 $remaining_time_minutes = ceil($remaining_time/60); 135 $lang->error_emailflooding = $lang->sprintf($lang->error_emailflooding_minutes, $mybb->usergroup['emailfloodtime'], $remaining_time_minutes); 136 } 137 138 error($lang->error_emailflooding); 139 } 140 } 141 142 $errors = array(); 143 144 $mybb->input['action'] = $mybb->get_input('action'); 145 if($mybb->input['action'] == "do_sendtofriend" && $mybb->request_method == "post") 146 { 147 // Verify incoming POST request 148 verify_post_check($mybb->get_input('my_post_key')); 149 150 $plugins->run_hooks("sendthread_do_sendtofriend_start"); 151 152 if(!validate_email_format($mybb->input['email'])) 153 { 154 $errors[] = $lang->error_invalidemail; 155 } 156 157 if($mybb->user['uid']) 158 { 159 $mybb->input['fromemail'] = $mybb->user['email']; 160 $mybb->input['fromname'] = $mybb->user['username']; 161 } 162 163 if(!validate_email_format($mybb->input['fromemail'])) 164 { 165 $errors[] = $lang->error_invalidfromemail; 166 } 167 168 if(empty($mybb->input['fromname'])) 169 { 170 $errors[] = $lang->error_noname; 171 } 172 173 if(empty($mybb->input['subject'])) 174 { 175 $errors[] = $lang->error_nosubject; 176 } 177 178 if(empty($mybb->input['message'])) 179 { 180 $errors[] = $lang->error_nomessage; 181 } 182 183 if($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0) 184 { 185 require_once MYBB_ROOT.'inc/class_captcha.php'; 186 $captcha = new captcha; 187 188 if($captcha->validate_captcha() == false) 189 { 190 // CAPTCHA validation failed 191 foreach($captcha->get_errors() as $error) 192 { 193 $errors[] = $error; 194 } 195 } 196 } 197 198 // No errors detected 199 if(count($errors) == 0) 200 { 201 $threadlink = get_thread_link($thread['tid']); 202 203 $message = $lang->sprintf($lang->email_sendtofriend, $mybb->input['fromname'], $mybb->settings['bbname'], $mybb->settings['bburl']."/".$threadlink, $mybb->input['message']); 204 205 // Send the actual message 206 my_mail($mybb->input['email'], $mybb->input['subject'], $message, "", "", "", false, "text", "", $mybb->input['fromemail']); 207 208 if($mybb->settings['mail_logging'] > 0) 209 { 210 // Log the message 211 $log_entry = array( 212 "subject" => $db->escape_string($mybb->input['subject']), 213 "message" => $db->escape_string($message), 214 "dateline" => TIME_NOW, 215 "fromuid" => $mybb->user['uid'], 216 "fromemail" => $db->escape_string($mybb->input['fromemail']), 217 "touid" => 0, 218 "toemail" => $db->escape_string($mybb->input['email']), 219 "tid" => $thread['tid'], 220 "ipaddress" => $db->escape_binary($session->packedip), 221 "type" => 2 222 ); 223 $db->insert_query("maillogs", $log_entry); 224 } 225 226 $plugins->run_hooks("sendthread_do_sendtofriend_end"); 227 redirect(get_thread_link($thread['tid']), $lang->redirect_emailsent); 228 } 229 else 230 { 231 $mybb->input['action'] = ''; 232 } 233 } 234 235 if(!$mybb->input['action']) 236 { 237 $plugins->run_hooks("sendthread_start"); 238 239 // Do we have some errors? 240 if(count($errors) >= 1) 241 { 242 $errors = inline_error($errors); 243 $email = htmlspecialchars_uni($mybb->input['email']); 244 $fromname = htmlspecialchars_uni($mybb->input['fromname']); 245 $fromemail = htmlspecialchars_uni($mybb->input['fromemail']); 246 $subject = htmlspecialchars_uni($mybb->input['subject']); 247 $message = htmlspecialchars_uni($mybb->input['message']); 248 } 249 else 250 { 251 $errors = ''; 252 $email = ''; 253 $fromname = ''; 254 $fromemail = ''; 255 $subject = $lang->sprintf($lang->emailsubject_sendtofriend, $mybb->settings['bbname']); 256 $message = ''; 257 } 258 259 // Generate CAPTCHA? 260 if($mybb->settings['captchaimage'] && $mybb->user['uid'] == 0) 261 { 262 require_once MYBB_ROOT.'inc/class_captcha.php'; 263 $post_captcha = new captcha(true, "post_captcha"); 264 265 if($post_captcha->html) 266 { 267 $captcha = $post_captcha->html; 268 } 269 } 270 else 271 { 272 $captcha = ''; 273 } 274 275 $from_email = ''; 276 if($mybb->user['uid'] == 0) 277 { 278 eval("\$from_email = \"".$templates->get("sendthread_fromemail")."\";"); 279 } 280 281 $plugins->run_hooks("sendthread_end"); 282 283 eval("\$sendtofriend = \"".$templates->get("sendthread")."\";"); 284 output_page($sendtofriend); 285 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| 2005 - 2021 © MyBB.de | Alle Rechte vorbehalten! | Sponsor: netcup | Cross-referenced by PHPXref |