usercp_email.php | searchcode

/upload/includes/ucp/usercp_email.php

http://torrentpier2.googlecode.com/
PHP | 91 lines | 73 code | 17 blank | 1 comment | 12 complexity | 17a08b62cea68f7ff349866744b8dac8 MD5 | raw file
 1<?php
 2
 3if (!defined('IN_FORUM')) die("Hacking attempt");
 4
 5// Is send through board enabled? No, return to index
 6if (!$bb_cfg['board_email_form'])
 7{
 8	redirect("index.php");
 9}
10
11set_die_append_msg();
12
13if ( !empty($_GET[POST_USERS_URL]) || !empty($_POST[POST_USERS_URL]) )
14{
15	$user_id = ( !empty($_GET[POST_USERS_URL]) ) ? intval($_GET[POST_USERS_URL]) : intval($_POST[POST_USERS_URL]);
16}
17else
18{
19	bb_die($lang['NO_USER_SPECIFIED']);
20}
21
22if ( !$userdata['session_logged_in'] )
23{
24	redirect(LOGIN_URL . "?redirect=profile.php&mode=email&" . POST_USERS_URL . "=$user_id");
25}
26
27$errors = array();
28
29$sql = "SELECT username, user_id, user_rank, user_email, user_lang
30	FROM " . BB_USERS . "
31	WHERE user_id = $user_id
32";
33
34if ($row = DB()->fetch_row($sql))
35{
36	$username   = $row['username'];
37	$user_email = $row['user_email'];
38	$user_lang  = $row['user_lang'];
39
40	if ( true || IS_ADMIN )  //  TRUE instead of missing user_opt "prevent_email"
41	{
42		if (isset($_POST['submit']))
43		{
44			$subject = trim(html_entity_decode($_POST['subject']));
45			$message = trim(html_entity_decode($_POST['message']));
46			
47			if(!$subject)  $errors[] = $lang['EMPTY_SUBJECT_EMAIL'];
48			if(!$message)  $errors[] = $lang['EMPTY_MESSAGE_EMAIL'];
49
50			if (!$errors)
51			{
52				require(INC_DIR .'emailer.class.php');
53				$emailer = new emailer($bb_cfg['smtp_delivery']);
54
55				$emailer->from($userdata['username'] ." <{$userdata['user_email']}>");
56				$emailer->email_address($username ." <$user_email>");
57
58				$emailer->use_template('profile_send_email', $user_lang);
59				$emailer->set_subject($subject);
60
61				$emailer->assign_vars(array(
62					'SITENAME'      => $bb_cfg['sitename'],
63					'FROM_USERNAME' => $userdata['username'],
64					'TO_USERNAME'   => $username,
65					'MESSAGE'       => $message,
66				));
67				$emailer->send();
68				$emailer->reset();
69
70				bb_die($lang['EMAIL_SENT']);
71			}
72		}
73
74		$template->assign_vars(array(
75			'USERNAME' => profile_url($row),
76			'S_HIDDEN_FIELDS' => '',
77			'S_POST_ACTION' => "profile.php?mode=email&amp;" . POST_USERS_URL . "=$user_id",
78			'ERROR_MESSAGE'	=> ($errors) ? join('<br />', array_unique($errors)) : '',
79		));
80
81		print_page('usercp_email.tpl');
82	}
83	else
84	{
85		bb_die($lang['USER_PREVENT_EMAIL']);
86	}
87}
88else
89{
90	bb_die($lang['USER_NOT_EXIST']);
91}