Location: PHPKode > projects > PBBoard > PBBoard_v2.1.4/Upload/modules/send.module.php
<?php
session_start();

$CALL_SYSTEM = array();
$CALL_SYSTEM['SUBJECT'] = true;
$CALL_SYSTEM['PM'] 	= 	true;

(!defined('IN_PowerBB')) ? die() : '';

include('common.php');

define('CLASS_NAME','PowerBBSendMOD');

class PowerBBSendMOD
{
	function run()
	{
		global $PowerBB;

		if ($PowerBB->_GET['member'])
		{
			if ($PowerBB->_GET['index'])
			{
				$this->_MemberSendIndex();
			}
			elseif ($PowerBB->_GET['start'])
			{
				$this->_MemberSendStart();
			}
		}
            if ($PowerBB->_GET['sendmessage'])
			{
				$this->_SendIndex();
			}
			elseif ($PowerBB->_GET['startsendmessage'])
			{
				$this->_SendStart();
			}


		$PowerBB->functions->GetFooter();
	}

	function _MemberSendIndex()
	{
		global $PowerBB;

		$PowerBB->functions->ShowHeader();
     /*
		if (!$PowerBB->_CONF['member_permission'])
     	{
     		$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Visitors_can_not_send_an_email']);
     	}
       */
     	$PowerBB->_GET['id'] = $PowerBB->functions->CleanVariable($PowerBB->_GET['id'],'intval');


     	//////////

		$MemArr = array();

		$MemArr['get'] 	= 'id,username,send_allow';
		$MemArr['where'] = array('id',$PowerBB->_GET['id']);

		$PowerBB->_CONF['template']['MemberInfo'] = $PowerBB->member->GetMemberInfo($MemArr);

		if ($PowerBB->_CONF['template']['MemberInfo'] == false)
		{
		$MemusernameArr 			= 	array();
		$MemusernameArr['get'] 		= 	'*';
		$MemusernameArr['where'] 	= 	array('username',$PowerBB->_GET['username']);

		$PowerBB->_CONF['template']['MemberInfo'] = $PowerBB->member->GetMemberInfo($MemusernameArr);

		}

		//////////

		if (!$PowerBB->_CONF['template']['MemberInfo'])
		{
			$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Member_you_want_does_not_exist']);
		}

		if (!$PowerBB->_CONF['template']['MemberInfo']['send_allow'] == '1'
		and !$PowerBB->_CONF['group_info']['admincp_allow'])
		{
			$PowerBB->functions->error($PowerBB->_CONF['template']['MemberInfo']['username'] . ' '.$PowerBB->_CONF['template']['lang']['no_send_allow']);
		}

		// Kill XSS first
		$PowerBB->functions->CleanVariable($PowerBB->_CONF['template']['MemberInfo'],'html');
		// Second Kill SQL Injections
		$PowerBB->functions->CleanVariable($PowerBB->_CONF['template']['MemberInfo'],'sql');

		//////////

		$PowerBB->template->display('send_email');
	}

	function _MemberSendStart()
	{
		global $PowerBB;

		$PowerBB->functions->ShowHeader();
       /*
		if (!$PowerBB->_CONF['member_permission'])
     	{
     		$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Visitors_can_not_send_an_email']);
     	}
      */
     	$PowerBB->_GET['id'] = $PowerBB->functions->CleanVariable($PowerBB->_GET['id'],'intval');

     	if (empty($PowerBB->_GET['id']))
     	{
     		$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['path_not_true']);
     	}


       // to
		$MemArr 			= 	array();
		$MemArr['where'] 	= 	array('id',$PowerBB->_GET['id']);

		$MemberInfo = $PowerBB->member->GetMemberInfo($MemArr);

		// Form
		$MemFormArr 			= 	array();
		$MemFormArr['where'] 	= 	array('username',$PowerBB->_POST['username']);

		$MemberFormInfo = $PowerBB->member->GetMemberInfo($MemFormArr);

		//////////

		if (!$MemberInfo)
		{
			$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Member_you_want_does_not_exist']);
		}

		// Kill XSS first
		$PowerBB->functions->CleanVariable($MemberInfo,'html');
		// Second Kill SQL Injections
		$PowerBB->functions->CleanVariable($MemberInfo,'sql');

		//////////

		if (empty($PowerBB->_POST['title'])
			or empty($PowerBB->_POST['text']))
		{
			$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Please_fill_in_all_the_information']);
		}

		$PowerBB->_POST['title'] 	= 	$PowerBB->functions->CleanVariable($PowerBB->_POST['title'],'sql');
		$PowerBB->_POST['text']   = 	$PowerBB->functions->CleanVariable($PowerBB->_POST['text'] ,'sql');

		$PowerBB->_POST['text'] = $PowerBB->Powerparse->replace($PowerBB->_POST['text']);

		$forums_name1 = $PowerBB->_CONF['template']['lang']['This_message_received_from_the_postal_model_for_the_Forums'].' (' .$PowerBB->_CONF['info_row']['title'] .')<br />';
		$forum_name2 = $PowerBB->_CONF['info_row']['title'] . '(' . $PowerBB->_CONF['info_row']['admin_email'] . ')';
		$Form_name = '<br />'.$PowerBB->_CONF['template']['lang']['Sender_Massege'] . $PowerBB->_POST['username'] .'<br /> '.$PowerBB->_CONF['template']['lang']['Massege_title'] .$PowerBB->_POST['title'] . '<br>'.$PowerBB->_POST['text'];
		$Form_Massege ='<br>
	---------------------------------------------------<br>
	'.$PowerBB->_CONF['template']['lang']['Warning_send2'].'
	---------------------------------------------------<br>
     '.$PowerBB->_CONF['template']['lang']['With_my_sincere_greetings_to_all'].'
	&nbsp;<br>'.$PowerBB->_CONF['template']['lang']['Team'].' ' . $PowerBB->_CONF['info_row']['title'] .'.<br>
	&nbsp;';
        $forums_name1 = $PowerBB->Powerparse->replace($forums_name1);
        $forum_name2 = $PowerBB->Powerparse->replace($forum_name2);
 		$Form_Massege = $PowerBB->Powerparse->replace($Form_Massege);
         	if ($PowerBB->_CONF['info_row']['mailer']=='phpmail')
			{
              $Send = $PowerBB->functions->mail($MemberInfo['email'],$PowerBB->_POST['title'],$forums_name1 . $Form_name . $Form_Massege,$PowerBB->_CONF['info_row']['send_email']);
             }
			elseif ($PowerBB->_CONF['info_row']['mailer']=='smtp')
			{
				$to = $MemberInfo['email'];
				$fromname = $PowerBB->_CONF['info_row']['title'];
				$message = $forums_name1 . $Form_name . $Form_Massege;
				$subject = $PowerBB->_POST['title'];
				$from = $PowerBB->_CONF['info_row']['send_email'];
                $Send = $PowerBB->functions->send_this_smtp($to,$fromname,$message,$subject,$from);
			}

		if ($Send)
		{
			$PowerBB->functions->msg($PowerBB->_CONF['template']['lang']['The_message_was_sent_successfully']);
			$PowerBB->functions->redirect('index.php');
		}
		else
		{
			$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['There_was_an_error_no_transmission']);
		}
	}


	function _SendIndex()
	{
		global $PowerBB;

 		if (!$PowerBB->_CONF['info_row']['active_send_admin_message'])
		{
		exit;
        }

		$PowerBB->functions->ShowHeader();

        $username = $PowerBB->_CONF['member_row']['username'];

        if ($username)
        {



		     $Email = $PowerBB->DB->sql_query("SELECT  *   FROM " . $PowerBB->table['member'] . " WHERE username LIKE '$username' ");


		       while ($getstyle_row = $PowerBB->DB->sql_fetch_array($Email))
		      {
			   $PowerBB->template->assign('email',$getstyle_row['email']);
		     }
             	$PowerBB->template->display('send_admin');

      	}
		else
		{
			$PowerBB->template->display('send_admin');
		}

	}

	function _SendStart()
	{
		global $PowerBB;

		$PowerBB->functions->ShowHeader();
  		$PowerBB->_POST['email'] 	= 	$PowerBB->functions->CleanVariable($PowerBB->_POST['email'],'sql');
		$PowerBB->_POST['text']   = 	$PowerBB->functions->CleanVariable($PowerBB->_POST['text'] ,'sql');
       	$PowerBB->_POST['username']   = 	$PowerBB->functions->CleanVariable($PowerBB->_POST['username'] ,'sql');

         if(md5($PowerBB->_POST['code']) != $_SESSION['key'] and !$PowerBB->_CONF['member_permission'])
		 {
          $PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Code_that_you_enter_the_wrong']);
	     }

     	//////////

		if (empty($PowerBB->_POST['text']))
		{
			$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['You_do_not_type_the_letter']);
		}
		if (empty($PowerBB->_POST['username']))
		{
			$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['You_do_not_type_your_name']);
		}
		if (empty($PowerBB->_POST['email']))
		{
			$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['You_do_not_enter_your_email_address']);
		}
		if (!$PowerBB->functions->CheckEmail($PowerBB->_POST['email']))
		{
			$PowerBB->functions->error($PowerBB->_CONF['template']['lang']['Please_enter_a_valid_e-mail']);
		}


      $AdminUsername = $PowerBB->DB->sql_query("SELECT  *   FROM " . $PowerBB->table['member'] . " WHERE usergroup = 1 ");


            $PowerBB->_POST['text'] = str_replace("\n","<br>",$PowerBB->_POST['text']);
          	$PowerBB->_POST['text'] = str_ireplace('{39}',"'",$PowerBB->_POST['text']);
	        $PowerBB->_POST['text'] = str_ireplace('cookie','**',$PowerBB->_POST['text']);
	        $censorwords = preg_split('#[ \r\n\t]+#', $PowerBB->_CONF['info_row']['censorwords'], -1, PREG_SPLIT_NO_EMPTY);
	        $PowerBB->_POST['text'] = str_ireplace($censorwords,'**', $PowerBB->_POST['text']);

       while ($getstyle_row = $PowerBB->DB->sql_fetch_array($AdminUsername))
      {

             /*

				$MsgArr 			= 	array();
				$MsgArr['field']	=	array();
				$MsgArr['field']['user_from'] 	= 	$PowerBB->_POST['username'];
				$MsgArr['field']['user_to'] 	= 	$getstyle_row['username'];
				$MsgArr['field']['title'] 		= 	$PowerBB->_CONF['template']['lang']['This_message_received_from_the_Contact_Us_form'];
				$MsgArr['field']['text'] 		= 	$PowerBB->_CONF['template']['lang']['reply_message'].'<br />' .$PowerBB->_POST['text'] . '<p>&nbsp; '.$PowerBB->_CONF['template']['lang']['email'].'</p>' .$PowerBB->_POST['email'];
				$MsgArr['field']['date'] 		= 	$PowerBB->_CONF['now'];
				$MsgArr['field']['folder'] 		= 	'inbox';
				$Send = $PowerBB->pm->InsertMassege($MsgArr);

            	$NumberArr 				= 	array();
				$NumberArr['username'] 	= 	$getstyle_row['username'];

				$Number = $PowerBB->pm->NewMessageNumber($NumberArr);

				$CacheArr 					= 	array();
				$CacheArr['field']			=	array();

				$CacheArr['field']['unread_pm'] 	= 	$Number;
				$CacheArr['where'] 					= 	array('username',$getstyle_row['username']);

				$Cache = $PowerBB->member->UpdateMember($CacheArr);


            $message = $PowerBB->_CONF['template']['lang']['This_message_received_from_the_Contact_Us_form'].'<br />'.$PowerBB->_POST['text'];
      		$PowerBB->_POST['text'] = $PowerBB->Powerparse->replace($PowerBB->_POST['text']);

        	$send_admin = $PowerBB->functions->mail($getstyle_row['email'],$PowerBB->_POST['username'],$message,$PowerBB->_POST['email']);
        	*/
        }

             $message = $PowerBB->_CONF['template']['lang']['This_message_received_from_the_Contact_Us_form'].'<br />'.$PowerBB->_POST['text'];
      		 $PowerBB->_POST['text'] = str_replace("\n","<br>",$PowerBB->_POST['text']);

			if ($PowerBB->_CONF['info_row']['mailer']=='phpmail')
			{
            $send_admin = $PowerBB->functions->mail($PowerBB->_CONF['info_row']['admin_email'],$PowerBB->_POST['username'].' - '.$PowerBB->_CONF['template']['lang']['This_message_received_from_the_Contact_Us_form'],$message,$PowerBB->_POST['email']);
            }
			elseif ($PowerBB->_CONF['info_row']['mailer']=='smtp')
			{
			$to = $PowerBB->_CONF['info_row']['admin_email'];
			$fromname = $PowerBB->_CONF['info_row']['title'];
			$message = $message;
			$subject = $PowerBB->_POST['username'];
			$from = $PowerBB->_POST['email'];
             $Send = $PowerBB->functions->send_this_smtp($to,$fromname,$message,$subject,$from);
			}
			$PowerBB->functions->msg($PowerBB->_CONF['template']['lang']['your_message_has_been_sent_successfully']);
			$PowerBB->functions->redirect('index.php');


	}
}

?>
Return current item: PBBoard