/upload/includes/ucp/usercp_email.php

http://torrentpier2.googlecode.com/ · PHP · 91 lines · 73 code · 17 blank · 1 comment · 12 complexity · 17a08b62cea68f7ff349866744b8dac8 MD5 · raw file

  1. <?php
  2. if (!defined('IN_FORUM')) die("Hacking attempt");
  3. // Is send through board enabled? No, return to index
  4. if (!$bb_cfg['board_email_form'])
  5. {
  6. redirect("index.php");
  7. }
  8. set_die_append_msg();
  9. if ( !empty($_GET[POST_USERS_URL]) || !empty($_POST[POST_USERS_URL]) )
  10. {
  11. $user_id = ( !empty($_GET[POST_USERS_URL]) ) ? intval($_GET[POST_USERS_URL]) : intval($_POST[POST_USERS_URL]);
  12. }
  13. else
  14. {
  15. bb_die($lang['NO_USER_SPECIFIED']);
  16. }
  17. if ( !$userdata['session_logged_in'] )
  18. {
  19. redirect(LOGIN_URL . "?redirect=profile.php&mode=email&" . POST_USERS_URL . "=$user_id");
  20. }
  21. $errors = array();
  22. $sql = "SELECT username, user_id, user_rank, user_email, user_lang
  23. FROM " . BB_USERS . "
  24. WHERE user_id = $user_id
  25. ";
  26. if ($row = DB()->fetch_row($sql))
  27. {
  28. $username = $row['username'];
  29. $user_email = $row['user_email'];
  30. $user_lang = $row['user_lang'];
  31. if ( true || IS_ADMIN ) // TRUE instead of missing user_opt "prevent_email"
  32. {
  33. if (isset($_POST['submit']))
  34. {
  35. $subject = trim(html_entity_decode($_POST['subject']));
  36. $message = trim(html_entity_decode($_POST['message']));
  37. if(!$subject) $errors[] = $lang['EMPTY_SUBJECT_EMAIL'];
  38. if(!$message) $errors[] = $lang['EMPTY_MESSAGE_EMAIL'];
  39. if (!$errors)
  40. {
  41. require(INC_DIR .'emailer.class.php');
  42. $emailer = new emailer($bb_cfg['smtp_delivery']);
  43. $emailer->from($userdata['username'] ." <{$userdata['user_email']}>");
  44. $emailer->email_address($username ." <$user_email>");
  45. $emailer->use_template('profile_send_email', $user_lang);
  46. $emailer->set_subject($subject);
  47. $emailer->assign_vars(array(
  48. 'SITENAME' => $bb_cfg['sitename'],
  49. 'FROM_USERNAME' => $userdata['username'],
  50. 'TO_USERNAME' => $username,
  51. 'MESSAGE' => $message,
  52. ));
  53. $emailer->send();
  54. $emailer->reset();
  55. bb_die($lang['EMAIL_SENT']);
  56. }
  57. }
  58. $template->assign_vars(array(
  59. 'USERNAME' => profile_url($row),
  60. 'S_HIDDEN_FIELDS' => '',
  61. 'S_POST_ACTION' => "profile.php?mode=email&amp;" . POST_USERS_URL . "=$user_id",
  62. 'ERROR_MESSAGE' => ($errors) ? join('<br />', array_unique($errors)) : '',
  63. ));
  64. print_page('usercp_email.tpl');
  65. }
  66. else
  67. {
  68. bb_die($lang['USER_PREVENT_EMAIL']);
  69. }
  70. }
  71. else
  72. {
  73. bb_die($lang['USER_NOT_EXIST']);
  74. }