Location: PHPKode > projects > Gnew > Gnew-2013.1/news/send.php
<?php
// -----------------------------------------------------------------------------
// $Id: send.php 642 2013-03-22 11:52:04Z raoul $
//
// Copyright (C) 2013 Raoul Proença
// License: GNU GPL version 3 (see copying.txt file)
// Website: http://www.gnew.fr/
// -----------------------------------------------------------------------------
// This program is free software: you can redistribute it and/or modify it under
// the terms of the GNU General Public License as published by the Free Software
// Foundation, either version 3 of the License, or (at your option) any later
// version.
//
// This program is distributed in the hope that it will be useful, but WITHOUT
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
// FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
// details.
//
// You should have received a copy of the GNU General Public License along with
// this program. If not, see <http://www.gnu.org/licenses/>.
// -----------------------------------------------------------------------------

include('./../includes/common.php');

page_header($lang['NEWS_SEND']);

// Send function enabled?
if ($settings['news_sending'] == 0)
{
    error_template($lang['ERROR_SENDING_DISABLED']);
}
// From send form?
elseif (isset($_POST['send']))
{
    $error = '';
    if (!trim($_POST['user_name']))
    {
        $error .= $lang['ERROR_NO_USERNAME'];
    }
    if (!trim($_POST['user_email']))
    {
        $error .= $lang['ERROR_NO_EMAIL'];
    }
    else
    {
        if (check_email($_POST['user_email']))
        {
            $user_email = $_POST['user_email'];
        }
        else
        {
            $error .= $lang['ERROR_INVALID_USER_EMAIL'];
        }
    }
    if (!trim($_POST['friend_email']))
    {
        $error .= $lang['ERROR_NO_FRIEND_EMAIL'];
    }
    else
    {
        if (check_email($_POST['friend_email']))
        {
            $friend_email = $_POST['friend_email'];
        }
        else
        {
            $error .= $lang['ERROR_INVALID_USER_EMAIL'];
        }
    }
    if ($error)
    {
        error_template($error);
    }
    else
    {
        $sql->query('SELECT news_subject, news_text
                     FROM ' . TABLE_NEWS . '
                     WHERE news_id = \'' . $_POST['news_id'] . '\'');
        $table_news = $sql->fetch();
        $header = 'From: ' . utf8_chars($settings['sender_name']) . ' <' . $settings['sender_email'] . '>' . "\n";
        $header .= 'Reply-To: ' . utf8_chars($_POST['user_name']) . ' <' . $user_email . '>' . "\n";
        $header .= 'X-Mailer: PHP/' . get_phpversion() . "\n";
        $header .= 'MIME-Version: 1.0' . "\n";
        if (isset($_POST['html_email']))
        {
            $subject = sprintf($lang['MAIL_SEND_SUBJECT'], $settings['site_name']);
            $header .= 'Content-Type: text/html; charset=utf-8' . "\n";
            $news_text = undo_escape_sequences($table_news['news_text']);
            $news_text = str_replace('./..', $settings['site_url'], $news_text);
            $message = sprintf($lang['MAIL_SEND_HTML'], $_POST['user_name'], $table_news['news_subject'], $news_text, $settings['site_url'], $settings['site_name']);
        }
        else
        {
            $subject = sprintf($lang['MAIL_SEND_SUBJECT'], utf8_chars($settings['site_name']));
            $header .= 'Content-Type: text/plain; charset=utf-8' . "\n";
            $news_text = utf8_chars($table_news['news_text']);
            $news_text = str_replace('./..', $settings['site_url'], $news_text);
            $message = sprintf($lang['MAIL_SEND_PLAIN'], utf8_chars($_POST['user_name']), utf8_chars($table_news['news_subject']), $news_text, $settings['site_url']);
        }
        mail($friend_email, $subject, $message, $header);
        success_template($lang['NEWS_SENT'], './../index.php');
    }
}
// Send form
else
{
    // Check query
    if (!empty($_GET['news_id']) && string_is_int($_GET['news_id']))
    {
        $sql->query('SELECT news_id
                     FROM ' . TABLE_NEWS . '
                     WHERE news_id = \'' . $_GET['news_id'] . '\'
                     AND news_active = \'1\'');
        $table_news = $sql->fetch();
        // Check news
        if (!$table_news['news_id'])
        {
            error_template($lang['ERROR_NO_DATA']);
        }
        else
        {
            $template->set_file('send', 'news/send.htpl');
            $template->set_var('NEWS_ID', $_GET['news_id']);
            // User logged?
            if ($_SESSION['user_id'] > 0)
            {
                $template->set_var(array('USER_EMAIL' => $users['user_email'],
                                         'USER_NAME' => $users['user_name']));
            }
            $template->parse('send', null, false, TABLE_NEWS);
        }
    }
    else
    {
        error_template($lang['ERROR_NO_DATA']);
    }
}

page_footer();

?>
Return current item: Gnew