Menu
▾
▴
[mxbb-commits] mx_contact mx_captcha.php, NONE, 1.1 mx_newsletter.php, NONE, 1.1
|
From: FlorinCB <ory...@us...> - 2008-10-04 08:03:33
|
Update of /cvsroot/mxbb/mx_contact In directory 23jxhf1.ch3.sourceforge.com:/tmp/cvs-serv842 Added Files: mx_captcha.php mx_newsletter.php Log Message: new version of contact module --- NEW FILE: mx_captcha.php --- <?php /** * * @package mxBB Portal Module - mx_contact * @version $Id: mx_captcha.php,v 1.1 2008/10/04 08:03:20 orynider Exp $ * @copyright (c) 2006-2007 [Marcus, ma...@ph...] mxBB Project Team * @license http://opensource.org/licenses/gpl-license.php GNU General Public License v2 * */ if( !defined('IN_PORTAL') || !is_object($mx_block)) { define('IN_PORTAL', true); $mx_root_path = '../../'; $module_root_path = './'; // // Let's include some stuff... // $phpEx = substr(strrchr(__FILE__, '.'), 1); include_once($mx_root_path . 'common.' . $phpEx); // // Start session management // $mx_user->init($user_ip, PAGE_INDEX); // // End session management // $block_id = ( !empty($HTTP_GET_VARS['block_id']) ) ? $HTTP_GET_VARS['block_id'] : $HTTP_POST_VARS['id']; if( empty($block_id) ) { $sql = "SELECT * FROM " . BLOCK_TABLE . " WHERE block_title = 'mxBB Contact' LIMIT 1"; if(!$result = $db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, "Could not query Contact module information", "", __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $block_id = $row['block_id']; } $is_block = FALSE; } else { // // Read block Configuration $title = $mx_block->block_info['block_title']; $block_size = ( isset($block_size) && !empty($block_size) ? $block_size : '100%' ); if( is_object($mx_block)) { $is_block = TRUE; } global $images; } include_once($module_root_path . 'includes/contact_constants.'.$phpEx); define('PAGE_CONTACT_FORM', -1405); @session_start(); $contact_config = array(); $sql = "SELECT * FROM " . CONTACT_CONFIG_TABLE; if(!($result = $db->sql_query($sql))) { message_die(CRITICAL_ERROR, 'Could not query config information', '', __LINE__, __FILE__, $sql); } while ($row = $db->sql_fetchrow($result)) { $contact_config[$row['config_name']] = $row['config_value']; } // // Seed the random number generator // 104729 is the 10000th prime number // mt_srand((double)microtime() * 104729); $random = md5(mt_rand() * microtime()); $digit = rand(1,9); $random = str_replace(0, $digit, $random); // Substitute zeros $length = rand(4,5); $captcha = substr($random, 0, $length); unset($random, $digit); $type = ''; if($contact_config['contact_captcha_type'] == 2) { if(function_exists('glob')) { $type = rand(0,1); } else { $type = 1; // PHP < 4.3.0 } } if($contact_config['contact_captcha_type'] == 0 || $type == 0) { unset($type); foreach(glob($module_root_path . 'images/captcha/captcha*.png') as $bgimg); if(empty($bgimg)) { $type = 1; } else { // // Image based CAPTCHA // $bg = rand(1,5); $image = @imagecreatefrompng($module_root_path . 'images/captcha/captcha'.$bg.'.png'); $txtcol = imagecolorallocate($image, 0, 0, 0); display_code($captcha); } } if($contact_config['contact_captcha_type'] == 1 || $type == 1) { unset($type); // // Coloured CAPTCHA // $image = imagecreate(80,25); $background = imagecolorallocatealpha($image, rand(125,255), rand(125,255), rand(125,255), rand(50,100)); $linecol = imagecolorallocatealpha($image, rand(50,200), rand(50,200), rand(50,200), rand(20,80)); $txtcol = imagecolorallocate($image, 0,0,0); $blk = imagecolorallocate($image, 0,0,0); // // Random Lines // $lines = rand(2,5); for($i=1; $i<=$lines; $i++) { imageline($image, rand(2,78), rand(2,23), rand(78,2), rand(23,2), $linecol); } // // Border Lines // imageline($image, 0, 0, 79, 0, $blk); imageline($image, 0, 0, 0, 24, $blk); imageline($image, 79, 24, 0, 24, $blk); imageline($image, 79, 24, 79, 0, $blk); display_code($captcha); } function display_code($captcha) { global $module_root_path; global $txtcol, $image, $length; if(function_exists('imagettftext')) { for($i=1; $i<=$length; $i++) { // // Rotate Characters // $rotate = rand(1,2); if($rotate == 1) { $angle = rand(0,25); } else { $angle = rand(335,360); } // // TTF's Fonts // $font = rand(1,6); switch ($font) { case 1: imagettftext($image, rand(12,14), $angle, ($i*12), 20, $txtcol, $module_root_path . 'fonts/ArialRoundedBT.ttf', substr($captcha,($i-1),1)); break; case 2: imagettftext($image, rand(12,14), $angle, ($i*12), 20, $txtcol, $module_root_path . 'fonts/VillageSquare.ttf', substr($captcha,($i-1),1)); break; case 3: imagettftext($image, rand(12,14), $angle, ($i*12), 20, $txtcol, $module_root_path . 'fonts/BauerBodoniItalicBT.ttf', substr($captcha,($i-1),1)); break; case 4: imagettftext($image, rand(12,14), $angle, ($i*12), 20, $txtcol, $module_root_path . 'fonts/WarmMilk.ttf', substr($captcha,($i-1),1)); break; case 5: imagettftext($image, rand(12,14), $angle, ($i*12), 20, $txtcol, $module_root_path . 'fonts/OregonDry.ttf', substr($captcha,($i-1),1)); break; case 6: imagettftext($image, rand(12,14), $angle, ($i*12), 20, $txtcol, $module_root_path . 'fonts/Aachenb.ttf', substr($captcha,($i-1),1)); break; case 7: imagettftext($image, rand(12,14), $angle, ($i*12), 20, $txtcol, $module_root_path . 'fonts/assimila.ttf', substr($captcha,($i-1),1)); break; case 8: imagettftext($image, rand(12,14), $angle, ($i*12), 20, $txtcol, $module_root_path . 'fonts/swash_normal.ttf', substr($captcha,($i-1),1)); break; } } } else { // // Standard PHP Font // imagestring($image, rand(4,5), rand(13,18), 4, $captcha, $txtcol); } } if(@ini_get('register_globals') == '0' || strtolower(@ini_get('register_globals')) == 'off') { $HTTP_SESSION_VARS['randi'] = $captcha; } else { // PHP5/6 $_SESSION['randi'] = $captcha; } header("Content-type: image/png"); header("Cache-Control: post-check=0, pre-check=0", false); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Pragma: no-cache"); header("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); imagepng($image); imagedestroy($image); ?> --- NEW FILE: mx_newsletter.php --- <?php /** * * @package mxBB Portal Module - mx_contact * @version $Id: mx_newsletter.php,v 1.1 2008/10/04 08:03:20 orynider Exp $ * @copyright (c) 2006-2007 [Marcus, ma...@ph...] mxBB Project Team * @license http://opensource.org/licenses/gpl-license.php GNU General Public License v2 * */ if( !defined('IN_PORTAL')) { die("Hacking attempt"); } // // Read Block Settings // $title = $mx_block->block_info['block_title']; $b_description = $mx_block->block_info['block_desc']; include_once($module_root_path . 'includes/contact_constants.' . $phpEx); include_once($module_root_path . 'includes/functions_newsletter.' . $phpEx); $contact_config = array(); $_br = '<br /><br />'; $sql = "SELECT * FROM " . CONTACT_CONFIG_TABLE; if(!($result = $db->sql_query($sql))) { mx_message_die(CRITICAL_ERROR, 'Could not query config information', '', __LINE__, __FILE__, $sql); } while ($row = $db->sql_fetchrow($result)) { $contact_config[$row['config_name']] = $row['config_value']; } // // Is the Form Enabled? // if($contact_config['contact_form_enable'] == 0) { mx_message_die(GENERAL_MESSAGE, $lang['Contact_Disabled'] . $_br . sprintf($lang['Click_return_index'], "<a href=" . mx_append_sid(this_contact_mxurl()) . ">", "</a>")); } // // Assign parameters // $user_name = $userdata['username']; $real_name = (!isset($HTTP_POST_VARS['real_name'])) ? '' : stripslashes(trim(htmlspecialchars($HTTP_POST_VARS['real_name']))); $institution = (!isset($HTTP_POST_VARS['institution'])) ? '' : stripslashes(trim(htmlspecialchars($HTTP_POST_VARS['institution']))); $fax = (!isset($HTTP_POST_VARS['fax'])) ? '' : stripslashes(trim(htmlspecialchars($HTTP_POST_VARS['fax']))); $phone = (!isset($HTTP_POST_VARS['phone'])) ? '' : stripslashes(trim(htmlspecialchars($HTTP_POST_VARS['phone']))); $email = (!isset($HTTP_POST_VARS['email'])) ? '' : stripslashes(trim(htmlspecialchars($HTTP_POST_VARS['email']))); $comments = (!isset($HTTP_POST_VARS['feedback'])) ? '' : stripslashes(trim(htmlspecialchars($HTTP_POST_VARS['feedback']))); $attachment = (!isset($HTTP_POST_FILES['attachment']['name'])) ? '' : basename($HTTP_POST_FILES['attachment']['name']); $code = (!isset($HTTP_POST_VARS['code'])) ? '' : htmlspecialchars(trim($HTTP_POST_VARS['code'])); $newsletter = (!isset($HTTP_POST_VARS['newsletter'])) ? 0 : 1; $script_path = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['script_path'])); $script_name = ($script_path != $module_root_path) ? $module_root_path . '/contact.'.$phpEx : $script_path . 'conatct.'.$phpEx; $server_name = trim($board_config['server_name']); $server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://'; $server_port = (($board_config['server_port'] <> 80) && $board_config['server_port']) ? ':' . trim($board_config['server_port']) . '/' : '/'; $server_url = $server_protocol . $server_name . $server_port; $timedate = date("D M d, Y g:ia"); $CF_general_message = 0; // // "Quick Delete" an Attachment // if(isset($HTTP_GET_VARS['delete'])) { if($contact_config['contact_delete'] == 0) { mx_message_die(GENERAL_ERROR, $lang['QDelete_disabled']); } else { include_once($module_root_path . 'includes/functions_contact.'.$phpEx); exit; } } // // Start send script // if(isset($HTTP_POST_VARS['submit'])) { function error_check() { global $HTTP_POST_FILES, $lang, $phpEx, $module_root_path, $mx_root_path; global $CF_general_message, $CF_code_empty, $CF_code_wrong, $CF_ini_max; global $CF_illegal_ext, $CF_unknown_ext, $CF_image_error, $CF_image_zip; global $CF_rname_empty, $CF_email_empty, $CF_email_check, $CF_comments_empty, $CF_comments_limit; global $CF_attach_POST_error, $CF_attach_file_exists, $CF_attach_file_dud, $CF_attach_file_big; // // Lets check for Errors // if($CF_general_message == 1) { @unlink($HTTP_POST_FILES['attachment']['tmp_name']); mx_message_die(GENERAL_ERROR, $lang['Contact_error'] . $CF_code_empty . $CF_code_wrong . $CF_attach_POST_error . $CF_illegal_ext . $CF_unknown_ext . $CF_rname_empty . $CF_email_empty . $CF_email_check . $CF_comments_empty . $CF_comments_limit . $CF_attach_file_exists . $CF_attach_file_dud . $CF_attach_file_big . $CF_image_error . $CF_image_zip . sprintf($lang['Click_return_form'], "<a href=" . this_contact_mxurl() . " onclick=\"history.back(-1); return false;\">", "</a>")); } } // // Flood Control // if($contact_config['contact_flood_limit'] != 0) { $sql = "SELECT send_time, ip_address FROM " . CONTACT_TABLE . " WHERE ip_address = '$user_ip' ORDER BY send_time DESC"; $result = $db->sql_query($sql); if(!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Failed to retrieve flood information', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); $time_left = round(intval($row['send_time'] - time()) / intval(60) / intval(60)); if($row['ip_address'] == $user_ip && $row['send_time'] - time() > 0) { mx_message_die(GENERAL_ERROR, sprintf($lang['Flood_limit'], $time_left)); } } // // Captcha Code // if(extension_loaded('gd')) { if($contact_config['contact_captcha'] == 1) { @session_start(); if(@ini_get('register_globals') == '0' || strtolower(@ini_get('register_globals')) == 'off') { if(isset($_SESSION['randi'])) { $randi = substr($_SESSION['randi'],0,6); } } else { // Required for max PHP5 compatability if(isset($_SESSION['randi'])) { $randi = substr($_SESSION['randi'],0,6); } } if(empty($code)) { $CF_code_empty = $_br . $lang['Code_Empty']; $CF_general_message = 1; } elseif($code != $randi) { $CF_code_wrong = $_br . $lang['Code_Wrong']; $CF_general_message = 1; } // // Clear session data to prevent image reuse // @session_destroy(); unset($randi); } } // // Real Name Validator // if($contact_config['contact_require_rname'] == 1) { if(empty($real_name)) { $CF_rname_empty = $_br . $lang['Rname-Empty']; $CF_general_message = 1; } } // // E-mail Validator // if($contact_config['contact_require_email'] == 1) { if(!empty($email)) { if(!preg_match('/^[a-z0-9&\'\.\-_\+]+@[a-z0-9\-äöü]+\.([a-z0-9\-äöü]+\.)*?[a-z]+$/is', $email)) { $CF_email_check = $_br . $lang['Email-Check']; $CF_general_message = 1; } } else { $CF_email_empty = $_br . $lang['Email-Empty']; $CF_general_message = 1; } } // // Comments Validator // if($contact_config['contact_require_comments'] == 1) { if(empty($comments)) { $CF_comments_empty = $_br . $lang['Comments-Empty']; $CF_general_message = 1; } } if($contact_config['contact_char_limit'] > 0) { if(strlen(trim($comments)) > $contact_config['contact_char_limit']) { $CF_comments_limit = $_br . $lang['Comments_exceeded']; $CF_general_message = 1; } } // Stage 1 error_check(); $CF_attach_success = ''; if($contact_config['contact_permit_attachments'] == 1) { require($module_root_path . 'includes/newsletter_attach.'.$phpEx); } // Stage 5 error_check(); // // Indicate any fields that weren't completed // if(empty($real_name) && $contact_config['contact_require_rname'] == 0) { $real_name = $lang['Empty']; } if(empty($institution)) { $institution = $lang['Empty']; } if(empty($fax)) { $fax = $lang['Empty']; } if(empty($phone)) { $phone = $lang['Empty']; } if(empty($email) && $contact_config['contact_require_email'] == 0) { $email = $lang['Empty']; } if(empty($comments) && $contact_config['contact_require_comments'] == 0) { $comments = $lang['Empty']; } if($contact_config['contact_permit_attachments'] == 0) { $attach = '--'; $delete_link = ''; } // // Change "Anonymous" to "Guest" // $user_name = ($userdata['user_id'] == ANONYMOUS) ? $lang['Guest'] : $userdata['username']; // // Set the Subject // NB: not used if email/index.tpl has 'Subject:' hard-coded // $subject = trim(stripslashes($lang['Feedback'])); // // Send the e-mail // include_once($module_root_path . 'includes/contact_emailer.'.$phpEx); $emailer = new emailer($board_config['smtp_delivery']); $emailer->from($board_config['board_email']); $emailer->replyto($board_config['board_email']); $email_headers = 'X-AntiAbuse: Board Servername - ' . $board_config['server_name'] . "\n"; $email_headers .= 'X-AntiAbuse: User ID - ' . $userdata['user_id'] . "\n"; $email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n"; $email_headers .= 'X-AntiAbuse: User IP - ' . contact_decode_ip($user_ip) . "\n"; empty($contact_config['contact_admin_email']) ? $emailer->email_address($board_config['board_email']) : $emailer->email_address($contact_config['contact_admin_email']); $default_lang = $userdata['user_lang'] ? $userdata['user_lang'] : $board_config['default_lang']; $emailer->extra_headers($email_headers); $emailer->use_template('contact', $default_lang); $emailer->set_subject($subject); $emailer->assign_vars(array( 'REAL_NAME' => $real_name, 'USERNAME' => $user_name, 'INSTITUTION' => $institution, 'FAX' => $fax, 'PHONE' => $phone, 'EMAIL' => $email, 'COMMENTS' => $comments, 'ATTACHMENT' => $attach, 'DELETE' => ($contact_config['contact_delete'] == 1) ? $delete_link : '', 'USER_IP' => contact_decode_ip($user_ip), 'TIMEDATE' => $timedate, 'SITENAME' => $board_config['sitename']) ); $emailer->send(); $emailer->reset(); // // Send "Thank You" E-mail? // if($contact_config['contact_thankyou'] != 0) { include_once($module_root_path . 'includes/contact_extend.'.$phpEx); } // // SQL Time // $wait_time = time() + intval($contact_config['contact_flood_limit'] * 60) * intval(60); $sql = "INSERT INTO " . CONTACT_TABLE . " VALUES ('$user_ip', '$wait_time')"; $result = $db->sql_query($sql); if(!$db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Failed to insert user information', '', __LINE__, __FILE__, $sql); } // // No Errors // if($CF_general_message == 0) { $send_time = time(); $getfile = (!empty($attachment)) ? $contact_config['contact_file_root'] . "/" . contact_decode_ip($user_ip) . "/" . $attachment : ''; $sql_array = array( 'sendtime' => $send_time, 'username' => $user_name, 'realname' => str_replace("\'", "''", $real_name), 'institution' => str_replace("\'", "''", $institution), 'phone' => str_replace("\'", "''", $phone), 'fax' => str_replace("\'", "''", $fax), 'email' => str_replace("\'", "''", $email), 'ip' => $user_ip, 'message' => addslashes(str_replace("\'", "''", $comments)), 'newsletter' => (int) $newsletter, 'upfile' => str_replace("\'", "''", $getfile), ); $sql = "INSERT INTO " . CONTACT_MSGS_TABLE . $db->sql_build_array('INSERT', $sql_array); if(!$result = $db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Could not update Message Log', '', __LINE__, __FILE__, $sql); } mx_message_die(GENERAL_MESSAGE, $lang['Contact_success'] . $CF_attach_success . $_br . sprintf($lang['Click_return_index'], "<a href=" . mx_append_sid(this_contact_mxurl()) . ">", "</a>")); } } // // End send script // // // Change "Anonymous" to "Guest" // $user_name = ($userdata['user_id'] == ANONYMOUS) ? $lang['Guest'] : $userdata['username']; // // Check if "Real Name" is required // $rname = ($contact_config['contact_require_rname'] == 1) ? $lang['Rname_require'] : $lang['Real_name']; // // Check if "E-mail" is required // $institution = $lang['Institution']; $phone = $lang['Phone']; $fax = $lang['Fax']; $email = ($contact_config['contact_require_email'] == 1) ? $lang['E-mail_require'] : $lang['E-mail']; // // Check if "Comments" are required // $comments = ($contact_config['contact_require_comments'] == 1) ? $lang['Comments_require'] : $lang['Comments']; // // Pruning // if($contact_config['contact_prune'] == 1) { $send_time = time(); $sql = "DELETE FROM " . CONTACT_TABLE . " WHERE send_time <= '$send_time'"; if(!$result = $db->sql_query($sql)) { mx_message_die(GENERAL_ERROR, 'Failed to initiate pruning', '', __LINE__, __FILE__, $sql); } } // // Generate the Page // //include($mx_root_path . 'includes/page_header.'.$phpEx); $template->set_filenames(array( 'newsletter_body' => 'newsletter_body.'.$tplEx) ); $template->assign_vars(array( 'L_CONTACT_FORM' => $lang['Contact_form'], 'L_NEWSLETTER_FORM' => $lang['Newsletter_form'], 'L_EXPLAIN_NEWSLETTER_FORM' => $lang['Newsletter_explain'], 'L_INTRODUCTION' => $lang['Newsletter_intro'], 'L_REAL_NAME' => $rname, 'L_REAL_NAME_EXPLAIN' => $lang['Real_name_explain'], 'L_INSTITUTION' => $institution, 'L_EXPLAIN_INSTITUTION' => $lang['Explain_institution'], 'L_PHONE' => $phone, 'L_EXPLAIN_PHONE' => $lang['Explain_phone'], 'L_FAX' => $fax, 'L_EXPLAIN_FAX' => $lang['Explain_fax'], 'L_EMAIL' => $email, 'L_EXPLAIN_EMAIL' => $lang['Explain_email'], 'L_COMMENTS' => $comments, 'L_COMMENTS_EXPLAIN' => $lang['Comments_explain'], 'L_COMMENTS_LIMIT' => ($contact_config['contact_char_limit'] > 0) ? sprintf($lang['Comments_limit'], $contact_config['contact_char_limit']) : '', 'L_ATTACHMENT' => $lang['Attachment'], 'L_ATTACHMENT_EXPLAIN' => sprintf($lang['Attachment_explain'], $contact_config['contact_max_file_size']), 'L_FLOOD_EXPLAIN' => ($contact_config['contact_flood_limit'] > 0) ? sprintf($lang['Flood_explain'], $contact_config['contact_flood_limit'], ($contact_config['contact_flood_limit'] <> 1) ? $lang['hours'] : $lang['hour']) : '', 'L_FIELDS_REQUIRED' => $lang['Fields_required'], 'L_NOTIFY_IP' => $lang['Notify_IP'], 'L_CHARS' => $lang['Chars'], 'L_CAPTCHA' => $lang['Captcha_code'], 'L_CAPTCHA_EXPLAIN' => $lang['Captcha_code_explain'], 'L_AGREEMENT' => $lang['Agreement'], 'L_AGREEMENT_EXPLAIN' => $lang['Agreement_explain'], // swithes for logged in users? 'USER_LOGGED_IN' => $userdata['session_logged_in'], 'USER_LOGGED_OUT' => !$userdata['session_logged_in'], 'L_YES' => $lang['Yes'], 'L_NO' => $lang['No'], 'L_SUBMIT' => $lang['Submit'], 'L_RESET' => $lang['Reset'], 'USERNAME' => $user_name, 'CAPTCHA' => mx_append_sid($module_root_path . "mx_captcha.$phpEx"), 'S_FORM_ENCTYPE' => 'multipart/form-data', 'S_SUBMIT_ACTION' => mx_append_sid(this_contact_mxurl()) )); // // Permit Attachments // $attach_auth = 0; if(!$userdata['session_logged_in']) { $attach_auth = ($contact_config['contact_auth_guest'] == 1) ? 1 : 0; } else { switch ($userdata['user_level']) { case USER: $attach_auth = ($contact_config['contact_auth_user'] == 1) ? 1 : 0; break; case MOD: $attach_auth = ($contact_config['contact_auth_mod'] == 1) ? 1 : 0; break; case ADMIN: $attach_auth = ($contact_config['contact_auth_admin'] == 1) ? 1 : 0; break; default: $attach_auth = ($contact_config['contact_auth_guest'] == 1) ? 1 : 0; } } if($contact_config['contact_permit_attachments'] == 1 && $attach_auth == 1) { $template->assign_block_vars('permit_attachments', array()); } if($contact_config['contact_captcha'] == 1 && extension_loaded('gd')) { $template->assign_block_vars('captcha', array()); } $template->pparse('newsletter_body'); //include($mx_root_path . 'includes/page_tail.'.$phpEx); ?> |
