Subs-Post.php 114 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827282828292830283128322833283428352836283728382839284028412842284328442845284628472848284928502851285228532854285528562857285828592860286128622863286428652866286728682869287028712872287328742875287628772878287928802881288228832884288528862887288828892890289128922893289428952896289728982899290029012902290329042905290629072908290929102911291229132914291529162917291829192920292129222923292429252926292729282929293029312932293329342935293629372938293929402941294229432944294529462947294829492950295129522953295429552956295729582959296029612962296329642965296629672968296929702971297229732974297529762977297829792980298129822983298429852986298729882989299029912992299329942995299629972998299930003001300230033004300530063007300830093010301130123013301430153016301730183019302030213022302330243025302630273028302930303031303230333034303530363037303830393040304130423043304430453046304730483049305030513052305330543055305630573058305930603061306230633064306530663067306830693070307130723073307430753076307730783079308030813082308330843085308630873088308930903091309230933094309530963097309830993100310131023103310431053106310731083109311031113112311331143115311631173118311931203121312231233124312531263127312831293130313131323133313431353136313731383139314031413142314331443145314631473148314931503151315231533154315531563157315831593160316131623163316431653166316731683169317031713172317331743175317631773178317931803181318231833184318531863187318831893190319131923193319431953196319731983199320032013202320332043205320632073208320932103211321232133214321532163217321832193220322132223223322432253226322732283229323032313232323332343235323632373238323932403241324232433244324532463247324832493250325132523253325432553256325732583259326032613262326332643265326632673268
  1. <?php
  2. /**
  3. * This file contains those functions pertaining to posting, and other such
  4. * operations, including sending emails, ims, blocking spam, preparsing posts,
  5. * spell checking, and the post box.
  6. *
  7. * Simple Machines Forum (SMF)
  8. *
  9. * @package SMF
  10. * @author Simple Machines http://www.simplemachines.org
  11. * @copyright 2011 Simple Machines
  12. * @license http://www.simplemachines.org/about/smf/license.php BSD
  13. *
  14. * @version 2.1 Alpha 1
  15. */
  16. if (!defined('SMF'))
  17. die('Hacking attempt...');
  18. /**
  19. * Takes a message and parses it, returning nothing.
  20. * Cleans up links (javascript, etc.) and code/quote sections.
  21. * Won't convert \n's and a few other things if previewing is true.
  22. *
  23. * @param $message
  24. * @param $previewing
  25. */
  26. function preparsecode(&$message, $previewing = false)
  27. {
  28. global $user_info, $modSettings, $smcFunc, $context;
  29. // This line makes all languages *theoretically* work even with the wrong charset ;).
  30. $message = preg_replace('~&amp;#(\d{4,5}|[2-9]\d{2,4}|1[2-9]\d);~', '&#$1;', $message);
  31. // Clean up after nobbc ;).
  32. $message = preg_replace('~\[nobbc\](.+?)\[/nobbc\]~ie', '\'[nobbc]\' . strtr(\'$1\', array(\'[\' => \'&#91;\', \']\' => \'&#93;\', \':\' => \'&#58;\', \'@\' => \'&#64;\')) . \'[/nobbc]\'', $message);
  33. // Remove \r's... they're evil!
  34. $message = strtr($message, array("\r" => ''));
  35. // You won't believe this - but too many periods upsets apache it seems!
  36. $message = preg_replace('~\.{100,}~', '...', $message);
  37. // Trim off trailing quotes - these often happen by accident.
  38. while (substr($message, -7) == '[quote]')
  39. $message = substr($message, 0, -7);
  40. while (substr($message, 0, 8) == '[/quote]')
  41. $message = substr($message, 8);
  42. // Find all code blocks, work out whether we'd be parsing them, then ensure they are all closed.
  43. $in_tag = false;
  44. $had_tag = false;
  45. $codeopen = 0;
  46. if (preg_match_all('~(\[(/)*code(?:=[^\]]+)?\])~is', $message, $matches))
  47. foreach ($matches[0] as $index => $dummy)
  48. {
  49. // Closing?
  50. if (!empty($matches[2][$index]))
  51. {
  52. // If it's closing and we're not in a tag we need to open it...
  53. if (!$in_tag)
  54. $codeopen = true;
  55. // Either way we ain't in one any more.
  56. $in_tag = false;
  57. }
  58. // Opening tag...
  59. else
  60. {
  61. $had_tag = true;
  62. // If we're in a tag don't do nought!
  63. if (!$in_tag)
  64. $in_tag = true;
  65. }
  66. }
  67. // If we have an open tag, close it.
  68. if ($in_tag)
  69. $message .= '[/code]';
  70. // Open any ones that need to be open, only if we've never had a tag.
  71. if ($codeopen && !$had_tag)
  72. $message = '[code]' . $message;
  73. // Now that we've fixed all the code tags, let's fix the img and url tags...
  74. $parts = preg_split('~(\[/code\]|\[code(?:=[^\]]+)?\])~i', $message, -1, PREG_SPLIT_DELIM_CAPTURE);
  75. // The regular expression non breaking space has many versions.
  76. $non_breaking_space = $context['utf8'] ? '\x{A0}' : '\xA0';
  77. // Only mess with stuff outside [code] tags.
  78. for ($i = 0, $n = count($parts); $i < $n; $i++)
  79. {
  80. // It goes 0 = outside, 1 = begin tag, 2 = inside, 3 = close tag, repeat.
  81. if ($i % 4 == 0)
  82. {
  83. fixTags($parts[$i]);
  84. // Replace /me.+?\n with [me=name]dsf[/me]\n.
  85. if (strpos($user_info['name'], '[') !== false || strpos($user_info['name'], ']') !== false || strpos($user_info['name'], '\'') !== false || strpos($user_info['name'], '"') !== false)
  86. $parts[$i] = preg_replace('~(\A|\n)/me(?: |&nbsp;)([^\n]*)(?:\z)?~i', '$1[me=&quot;' . $user_info['name'] . '&quot;]$2[/me]', $parts[$i]);
  87. else
  88. $parts[$i] = preg_replace('~(\A|\n)/me(?: |&nbsp;)([^\n]*)(?:\z)?~i', '$1[me=' . $user_info['name'] . ']$2[/me]', $parts[$i]);
  89. if (!$previewing && strpos($parts[$i], '[html]') !== false)
  90. {
  91. if (allowedTo('admin_forum'))
  92. $parts[$i] = preg_replace('~\[html\](.+?)\[/html\]~ise', '\'[html]\' . strtr(un_htmlspecialchars(\'$1\'), array("\n" => \'&#13;\', \' \' => \' &#32;\', \'[\' => \'&#91;\', \']\' => \'&#93;\')) . \'[/html]\'', $parts[$i]);
  93. // We should edit them out, or else if an admin edits the message they will get shown...
  94. else
  95. {
  96. while (strpos($parts[$i], '[html]') !== false)
  97. $parts[$i] = preg_replace('~\[[/]?html\]~i', '', $parts[$i]);
  98. }
  99. }
  100. // Let's look at the time tags...
  101. $parts[$i] = preg_replace('~\[time(?:=(absolute))*\](.+?)\[/time\]~ie', '\'[time]\' . (is_numeric(\'$2\') || @strtotime(\'$2\') == 0 ? \'$2\' : strtotime(\'$2\') - (\'$1\' == \'absolute\' ? 0 : (($modSettings[\'time_offset\'] + $user_info[\'time_offset\']) * 3600))) . \'[/time]\'', $parts[$i]);
  102. // Change the color specific tags to [color=the color].
  103. $parts[$i] = preg_replace('~\[(black|blue|green|red|white)\]~', '[color=$1]', $parts[$i]); // First do the opening tags.
  104. $parts[$i] = preg_replace('~\[/(black|blue|green|red|white)\]~', '[/color]', $parts[$i]); // And now do the closing tags
  105. // Make sure all tags are lowercase.
  106. $parts[$i] = preg_replace('~\[([/]?)(list|li|table|tr|td)((\s[^\]]+)*)\]~ie', '\'[$1\' . strtolower(\'$2\') . \'$3]\'', $parts[$i]);
  107. $list_open = substr_count($parts[$i], '[list]') + substr_count($parts[$i], '[list ');
  108. $list_close = substr_count($parts[$i], '[/list]');
  109. if ($list_close - $list_open > 0)
  110. $parts[$i] = str_repeat('[list]', $list_close - $list_open) . $parts[$i];
  111. if ($list_open - $list_close > 0)
  112. $parts[$i] = $parts[$i] . str_repeat('[/list]', $list_open - $list_close);
  113. $mistake_fixes = array(
  114. // Find [table]s not followed by [tr].
  115. '~\[table\](?![\s' . $non_breaking_space . ']*\[tr\])~s' . ($context['utf8'] ? 'u' : '') => '[table][tr]',
  116. // Find [tr]s not followed by [td].
  117. '~\[tr\](?![\s' . $non_breaking_space . ']*\[td\])~s' . ($context['utf8'] ? 'u' : '') => '[tr][td]',
  118. // Find [/td]s not followed by something valid.
  119. '~\[/td\](?![\s' . $non_breaking_space . ']*(?:\[td\]|\[/tr\]|\[/table\]))~s' . ($context['utf8'] ? 'u' : '') => '[/td][/tr]',
  120. // Find [/tr]s not followed by something valid.
  121. '~\[/tr\](?![\s' . $non_breaking_space . ']*(?:\[tr\]|\[/table\]))~s' . ($context['utf8'] ? 'u' : '') => '[/tr][/table]',
  122. // Find [/td]s incorrectly followed by [/table].
  123. '~\[/td\][\s' . $non_breaking_space . ']*\[/table\]~s' . ($context['utf8'] ? 'u' : '') => '[/td][/tr][/table]',
  124. // Find [table]s, [tr]s, and [/td]s (possibly correctly) followed by [td].
  125. '~\[(table|tr|/td)\]([\s' . $non_breaking_space . ']*)\[td\]~s' . ($context['utf8'] ? 'u' : '') => '[$1]$2[_td_]',
  126. // Now, any [td]s left should have a [tr] before them.
  127. '~\[td\]~s' => '[tr][td]',
  128. // Look for [tr]s which are correctly placed.
  129. '~\[(table|/tr)\]([\s' . $non_breaking_space . ']*)\[tr\]~s' . ($context['utf8'] ? 'u' : '') => '[$1]$2[_tr_]',
  130. // Any remaining [tr]s should have a [table] before them.
  131. '~\[tr\]~s' => '[table][tr]',
  132. // Look for [/td]s followed by [/tr].
  133. '~\[/td\]([\s' . $non_breaking_space . ']*)\[/tr\]~s' . ($context['utf8'] ? 'u' : '') => '[/td]$1[_/tr_]',
  134. // Any remaining [/tr]s should have a [/td].
  135. '~\[/tr\]~s' => '[/td][/tr]',
  136. // Look for properly opened [li]s which aren't closed.
  137. '~\[li\]([^\[\]]+?)\[li\]~s' => '[li]$1[_/li_][_li_]',
  138. '~\[li\]([^\[\]]+?)\[/list\]~s' => '[_li_]$1[_/li_][/list]',
  139. '~\[li\]([^\[\]]+?)$~s' => '[li]$1[/li]',
  140. // Lists - find correctly closed items/lists.
  141. '~\[/li\]([\s' . $non_breaking_space . ']*)\[/list\]~s' . ($context['utf8'] ? 'u' : '') => '[_/li_]$1[/list]',
  142. // Find list items closed and then opened.
  143. '~\[/li\]([\s' . $non_breaking_space . ']*)\[li\]~s' . ($context['utf8'] ? 'u' : '') => '[_/li_]$1[_li_]',
  144. // Now, find any [list]s or [/li]s followed by [li].
  145. '~\[(list(?: [^\]]*?)?|/li)\]([\s' . $non_breaking_space . ']*)\[li\]~s' . ($context['utf8'] ? 'u' : '') => '[$1]$2[_li_]',
  146. // Allow for sub lists.
  147. '~\[/li\]([\s' . $non_breaking_space . ']*)\[list\]~' . ($context['utf8'] ? 'u' : '') => '[_/li_]$1[list]',
  148. '~\[/list\]([\s' . $non_breaking_space . ']*)\[li\]~' . ($context['utf8'] ? 'u' : '') => '[/list]$1[_li_]',
  149. // Any remaining [li]s weren't inside a [list].
  150. '~\[li\]~' => '[list][li]',
  151. // Any remaining [/li]s weren't before a [/list].
  152. '~\[/li\]~' => '[/li][/list]',
  153. // Put the correct ones back how we found them.
  154. '~\[_(li|/li|td|tr|/tr)_\]~' => '[$1]',
  155. // Images with no real url.
  156. '~\[img\]https?://.{0,7}\[/img\]~' => '',
  157. );
  158. // Fix up some use of tables without [tr]s, etc. (it has to be done more than once to catch it all.)
  159. for ($j = 0; $j < 3; $j++)
  160. $parts[$i] = preg_replace(array_keys($mistake_fixes), $mistake_fixes, $parts[$i]);
  161. // Now we're going to do full scale table checking...
  162. $table_check = $parts[$i];
  163. $table_offset = 0;
  164. $table_array = array();
  165. $table_order = array(
  166. 'table' => 'td',
  167. 'tr' => 'table',
  168. 'td' => 'tr',
  169. );
  170. while (preg_match('~\[(/)*(table|tr|td)\]~', $table_check, $matches) != false)
  171. {
  172. // Keep track of where this is.
  173. $offset = strpos($table_check, $matches[0]);
  174. $remove_tag = false;
  175. // Is it opening?
  176. if ($matches[1] != '/')
  177. {
  178. // If the previous table tag isn't correct simply remove it.
  179. if ((!empty($table_array) && $table_array[0] != $table_order[$matches[2]]) || (empty($table_array) && $matches[2] != 'table'))
  180. $remove_tag = true;
  181. // Record this was the last tag.
  182. else
  183. array_unshift($table_array, $matches[2]);
  184. }
  185. // Otherwise is closed!
  186. else
  187. {
  188. // Only keep the tag if it's closing the right thing.
  189. if (empty($table_array) || ($table_array[0] != $matches[2]))
  190. $remove_tag = true;
  191. else
  192. array_shift($table_array);
  193. }
  194. // Removing?
  195. if ($remove_tag)
  196. {
  197. $parts[$i] = substr($parts[$i], 0, $table_offset + $offset) . substr($parts[$i], $table_offset + strlen($matches[0]) + $offset);
  198. // We've lost some data.
  199. $table_offset -= strlen($matches[0]);
  200. }
  201. // Remove everything up to here.
  202. $table_offset += $offset + strlen($matches[0]);
  203. $table_check = substr($table_check, $offset + strlen($matches[0]));
  204. }
  205. // Close any remaining table tags.
  206. foreach ($table_array as $tag)
  207. $parts[$i] .= '[/' . $tag . ']';
  208. // Remove empty bbc from the sections outside the code tags
  209. $parts[$i] = preg_replace('~\[[bisu]\]\s*\[/[bisu]\]~', '', $parts[$i]);
  210. $parts[$i] = preg_replace('~\[quote\]\s*\[/quote\]~', '', $parts[$i]);
  211. $parts[$i] = preg_replace('~\[color=(?:#[\da-fA-F]{3}|#[\da-fA-F]{6}|[A-Za-z]{1,20}|rgb\(\d{1,3}, ?\d{1,3}, ?\d{1,3}\))\]\s*\[/color\]~', '', $parts[$i]);
  212. }
  213. }
  214. // Put it back together!
  215. if (!$previewing)
  216. $message = strtr(implode('', $parts), array(' ' => '&nbsp; ', "\n" => '<br />', $context['utf8'] ? "\xC2\xA0" : "\xA0" => '&nbsp;'));
  217. else
  218. $message = strtr(implode('', $parts), array(' ' => '&nbsp; ', $context['utf8'] ? "\xC2\xA0" : "\xA0" => '&nbsp;'));
  219. // Now let's quickly clean up things that will slow our parser (which are common in posted code.)
  220. $message = strtr($message, array('[]' => '&#91;]', '[&#039;' => '&#91;&#039;'));
  221. }
  222. /**
  223. * This is very simple, and just removes things done by preparsecode.
  224. *
  225. * @param $message
  226. */
  227. function un_preparsecode($message)
  228. {
  229. global $smcFunc;
  230. $parts = preg_split('~(\[/code\]|\[code(?:=[^\]]+)?\])~i', $message, -1, PREG_SPLIT_DELIM_CAPTURE);
  231. // We're going to unparse only the stuff outside [code]...
  232. for ($i = 0, $n = count($parts); $i < $n; $i++)
  233. {
  234. // If $i is a multiple of four (0, 4, 8, ...) then it's not a code section...
  235. if ($i % 4 == 0)
  236. {
  237. $parts[$i] = preg_replace('~\[html\](.+?)\[/html\]~ie', '\'[html]\' . strtr(htmlspecialchars(\'$1\', ENT_QUOTES), array(\'\\&quot;\' => \'&quot;\', \'&amp;#13;\' => \'<br />\', \'&amp;#32;\' => \' \', \'&amp;#91;\' => \'[\', \'&amp;#93;\' => \']\')) . \'[/html]\'', $parts[$i]);
  238. // $parts[$i] = preg_replace('~\[html\](.+?)\[/html\]~ie', '\'[html]\' . strtr(htmlspecialchars(\'$1\', ENT_QUOTES), array(\'\\&quot;\' => \'&quot;\', \'&amp;#13;\' => \'<br />\', \'&amp;#32;\' => \' \', \'&amp;#38;\' => \'&#38;\', \'&amp;#91;\' => \'[\', \'&amp;#93;\' => \']\')) . \'[/html]\'', $parts[$i]);
  239. // Attempt to un-parse the time to something less awful.
  240. $parts[$i] = preg_replace('~\[time\](\d{0,10})\[/time\]~ie', '\'[time]\' . timeformat(\'$1\', false) . \'[/time]\'', $parts[$i]);
  241. }
  242. }
  243. // Change breaks back to \n's and &nsbp; back to spaces.
  244. return preg_replace('~<br( /)?' . '>~', "\n", str_replace('&nbsp;', ' ', implode('', $parts)));
  245. }
  246. /**
  247. * Fix any URLs posted - ie. remove 'javascript:'.
  248. * Used by preparsecode, fixes links in message and returns nothing.
  249. *
  250. * @param string $message
  251. */
  252. function fixTags(&$message)
  253. {
  254. global $modSettings;
  255. // WARNING: Editing the below can cause large security holes in your forum.
  256. // Edit only if you are sure you know what you are doing.
  257. $fixArray = array(
  258. // [img]http://...[/img] or [img width=1]http://...[/img]
  259. array(
  260. 'tag' => 'img',
  261. 'protocols' => array('http', 'https'),
  262. 'embeddedUrl' => false,
  263. 'hasEqualSign' => false,
  264. 'hasExtra' => true,
  265. ),
  266. // [url]http://...[/url]
  267. array(
  268. 'tag' => 'url',
  269. 'protocols' => array('http', 'https'),
  270. 'embeddedUrl' => true,
  271. 'hasEqualSign' => false,
  272. ),
  273. // [url=http://...]name[/url]
  274. array(
  275. 'tag' => 'url',
  276. 'protocols' => array('http', 'https'),
  277. 'embeddedUrl' => true,
  278. 'hasEqualSign' => true,
  279. ),
  280. // [iurl]http://...[/iurl]
  281. array(
  282. 'tag' => 'iurl',
  283. 'protocols' => array('http', 'https'),
  284. 'embeddedUrl' => true,
  285. 'hasEqualSign' => false,
  286. ),
  287. // [iurl=http://...]name[/iurl]
  288. array(
  289. 'tag' => 'iurl',
  290. 'protocols' => array('http', 'https'),
  291. 'embeddedUrl' => true,
  292. 'hasEqualSign' => true,
  293. ),
  294. // [ftp]ftp://...[/ftp]
  295. array(
  296. 'tag' => 'ftp',
  297. 'protocols' => array('ftp', 'ftps'),
  298. 'embeddedUrl' => true,
  299. 'hasEqualSign' => false,
  300. ),
  301. // [ftp=ftp://...]name[/ftp]
  302. array(
  303. 'tag' => 'ftp',
  304. 'protocols' => array('ftp', 'ftps'),
  305. 'embeddedUrl' => true,
  306. 'hasEqualSign' => true,
  307. ),
  308. // [flash]http://...[/flash]
  309. array(
  310. 'tag' => 'flash',
  311. 'protocols' => array('http', 'https'),
  312. 'embeddedUrl' => false,
  313. 'hasEqualSign' => false,
  314. 'hasExtra' => true,
  315. ),
  316. );
  317. // Fix each type of tag.
  318. foreach ($fixArray as $param)
  319. fixTag($message, $param['tag'], $param['protocols'], $param['embeddedUrl'], $param['hasEqualSign'], !empty($param['hasExtra']));
  320. // Now fix possible security problems with images loading links automatically...
  321. $message = preg_replace('~(\[img.*?\])(.+?)\[/img\]~eis', '\'$1\' . preg_replace(\'~action(=|%3d)(?!dlattach)~i\', \'action-\', \'$2\') . \'[/img]\'', $message);
  322. // Limit the size of images posted?
  323. if (!empty($modSettings['max_image_width']) || !empty($modSettings['max_image_height']))
  324. {
  325. // Find all the img tags - with or without width and height.
  326. preg_match_all('~\[img(\s+width=\d+)?(\s+height=\d+)?(\s+width=\d+)?\](.+?)\[/img\]~is', $message, $matches, PREG_PATTERN_ORDER);
  327. $replaces = array();
  328. foreach ($matches[0] as $match => $dummy)
  329. {
  330. // If the width was after the height, handle it.
  331. $matches[1][$match] = !empty($matches[3][$match]) ? $matches[3][$match] : $matches[1][$match];
  332. // Now figure out if they had a desired height or width...
  333. $desired_width = !empty($matches[1][$match]) ? (int) substr(trim($matches[1][$match]), 6) : 0;
  334. $desired_height = !empty($matches[2][$match]) ? (int) substr(trim($matches[2][$match]), 7) : 0;
  335. // One was omitted, or both. We'll have to find its real size...
  336. if (empty($desired_width) || empty($desired_height))
  337. {
  338. list ($width, $height) = url_image_size(un_htmlspecialchars($matches[4][$match]));
  339. // They don't have any desired width or height!
  340. if (empty($desired_width) && empty($desired_height))
  341. {
  342. $desired_width = $width;
  343. $desired_height = $height;
  344. }
  345. // Scale it to the width...
  346. elseif (empty($desired_width) && !empty($height))
  347. $desired_width = (int) (($desired_height * $width) / $height);
  348. // Scale if to the height.
  349. elseif (!empty($width))
  350. $desired_height = (int) (($desired_width * $height) / $width);
  351. }
  352. // If the width and height are fine, just continue along...
  353. if ($desired_width <= $modSettings['max_image_width'] && $desired_height <= $modSettings['max_image_height'])
  354. continue;
  355. // Too bad, it's too wide. Make it as wide as the maximum.
  356. if ($desired_width > $modSettings['max_image_width'] && !empty($modSettings['max_image_width']))
  357. {
  358. $desired_height = (int) (($modSettings['max_image_width'] * $desired_height) / $desired_width);
  359. $desired_width = $modSettings['max_image_width'];
  360. }
  361. // Now check the height, as well. Might have to scale twice, even...
  362. if ($desired_height > $modSettings['max_image_height'] && !empty($modSettings['max_image_height']))
  363. {
  364. $desired_width = (int) (($modSettings['max_image_height'] * $desired_width) / $desired_height);
  365. $desired_height = $modSettings['max_image_height'];
  366. }
  367. $replaces[$matches[0][$match]] = '[img' . (!empty($desired_width) ? ' width=' . $desired_width : '') . (!empty($desired_height) ? ' height=' . $desired_height : '') . ']' . $matches[4][$match] . '[/img]';
  368. }
  369. // If any img tags were actually changed...
  370. if (!empty($replaces))
  371. $message = strtr($message, $replaces);
  372. }
  373. }
  374. /**
  375. * Fix a specific class of tag - ie. url with =.
  376. * Used by fixTags, fixes a specific tag's links.
  377. *
  378. * @param string $message
  379. * @param string $myTag - the tag
  380. * @param string $protocols - http or ftp
  381. * @param bool $embeddedUrl = false - whether it *can* be set to something
  382. * @param bool $hasEqualSign = false, whether it *is* set to something
  383. * @param bool $hasExtra = false - whether it can have extra cruft after the begin tag.
  384. */
  385. function fixTag(&$message, $myTag, $protocols, $embeddedUrl = false, $hasEqualSign = false, $hasExtra = false)
  386. {
  387. global $boardurl, $scripturl;
  388. if (preg_match('~^([^:]+://[^/]+)~', $boardurl, $match) != 0)
  389. $domain_url = $match[1];
  390. else
  391. $domain_url = $boardurl . '/';
  392. $replaces = array();
  393. if ($hasEqualSign)
  394. preg_match_all('~\[(' . $myTag . ')=([^\]]*?)\](?:(.+?)\[/(' . $myTag . ')\])?~is', $message, $matches);
  395. else
  396. preg_match_all('~\[(' . $myTag . ($hasExtra ? '(?:[^\]]*?)' : '') . ')\](.+?)\[/(' . $myTag . ')\]~is', $message, $matches);
  397. foreach ($matches[0] as $k => $dummy)
  398. {
  399. // Remove all leading and trailing whitespace.
  400. $replace = trim($matches[2][$k]);
  401. $this_tag = $matches[1][$k];
  402. $this_close = $hasEqualSign ? (empty($matches[4][$k]) ? '' : $matches[4][$k]) : $matches[3][$k];
  403. $found = false;
  404. foreach ($protocols as $protocol)
  405. {
  406. $found = strncasecmp($replace, $protocol . '://', strlen($protocol) + 3) === 0;
  407. if ($found)
  408. break;
  409. }
  410. if (!$found && $protocols[0] == 'http')
  411. {
  412. if (substr($replace, 0, 1) == '/')
  413. $replace = $domain_url . $replace;
  414. elseif (substr($replace, 0, 1) == '?')
  415. $replace = $scripturl . $replace;
  416. elseif (substr($replace, 0, 1) == '#' && $embeddedUrl)
  417. {
  418. $replace = '#' . preg_replace('~[^A-Za-z0-9_\-#]~', '', substr($replace, 1));
  419. $this_tag = 'iurl';
  420. $this_close = 'iurl';
  421. }
  422. else
  423. $replace = $protocols[0] . '://' . $replace;
  424. }
  425. elseif (!$found && $protocols[0] == 'ftp')
  426. $replace = $protocols[0] . '://' . preg_replace('~^(?!ftps?)[^:]+://~', '', $replace);
  427. elseif (!$found)
  428. $replace = $protocols[0] . '://' . $replace;
  429. if ($hasEqualSign && $embeddedUrl)
  430. $replaces[$matches[0][$k]] = '[' . $this_tag . '=' . $replace . ']' . (empty($matches[4][$k]) ? '' : $matches[3][$k] . '[/' . $this_close . ']');
  431. elseif ($hasEqualSign)
  432. $replaces['[' . $matches[1][$k] . '=' . $matches[2][$k] . ']'] = '[' . $this_tag . '=' . $replace . ']';
  433. elseif ($embeddedUrl)
  434. $replaces['[' . $matches[1][$k] . ']' . $matches[2][$k] . '[/' . $matches[3][$k] . ']'] = '[' . $this_tag . '=' . $replace . ']' . $matches[2][$k] . '[/' . $this_close . ']';
  435. else
  436. $replaces['[' . $matches[1][$k] . ']' . $matches[2][$k] . '[/' . $matches[3][$k] . ']'] = '[' . $this_tag . ']' . $replace . '[/' . $this_close . ']';
  437. }
  438. foreach ($replaces as $k => $v)
  439. {
  440. if ($k == $v)
  441. unset($replaces[$k]);
  442. }
  443. if (!empty($replaces))
  444. $message = strtr($message, $replaces);
  445. }
  446. /**
  447. * This function sends an email to the specified recipient(s).
  448. * It uses the mail_type settings and webmaster_email variable.
  449. *
  450. * @param array $to - the email(s) to send to
  451. * @param string $subject - email subject, expected to have entities, and slashes, but not be parsed
  452. * @param string $message - email body, expected to have slashes, no htmlentities
  453. * @param string $from = null - the address to use for replies
  454. * @param string $message_id = null - if specified, it will be used as local part of the Message-ID header.
  455. * @param bool $send_html = false, whether or not the message is HTML vs. plain text
  456. * @param int $priority = 3
  457. * @param bool $hotmail_fix = null
  458. * @param $is_private
  459. * @return bool, whether ot not the email was sent properly.
  460. */
  461. function sendmail($to, $subject, $message, $from = null, $message_id = null, $send_html = false, $priority = 3, $hotmail_fix = null, $is_private = false)
  462. {
  463. global $webmaster_email, $context, $modSettings, $txt, $scripturl;
  464. global $smcFunc;
  465. // Use sendmail if it's set or if no SMTP server is set.
  466. $use_sendmail = empty($modSettings['mail_type']) || $modSettings['smtp_host'] == '';
  467. // Line breaks need to be \r\n only in windows or for SMTP.
  468. $line_break = $context['server']['is_windows'] || !$use_sendmail ? "\r\n" : "\n";
  469. // So far so good.
  470. $mail_result = true;
  471. // If the recipient list isn't an array, make it one.
  472. $to_array = is_array($to) ? $to : array($to);
  473. // Once upon a time, Hotmail could not interpret non-ASCII mails.
  474. // In honour of those days, it's still called the 'hotmail fix'.
  475. if ($hotmail_fix === null)
  476. {
  477. $hotmail_to = array();
  478. foreach ($to_array as $i => $to_address)
  479. {
  480. if (preg_match('~@(att|comcast|bellsouth)\.[a-zA-Z\.]{2,6}$~i', $to_address) === 1)
  481. {
  482. $hotmail_to[] = $to_address;
  483. $to_array = array_diff($to_array, array($to_address));
  484. }
  485. }
  486. // Call this function recursively for the hotmail addresses.
  487. if (!empty($hotmail_to))
  488. $mail_result = sendmail($hotmail_to, $subject, $message, $from, $message_id, $send_html, $priority, true, $is_private);
  489. // The remaining addresses no longer need the fix.
  490. $hotmail_fix = false;
  491. // No other addresses left? Return instantly.
  492. if (empty($to_array))
  493. return $mail_result;
  494. }
  495. // Get rid of entities.
  496. $subject = un_htmlspecialchars($subject);
  497. // Make the message use the proper line breaks.
  498. $message = str_replace(array("\r", "\n"), array('', $line_break), $message);
  499. // Make sure hotmail mails are sent as HTML so that HTML entities work.
  500. if ($hotmail_fix && !$send_html)
  501. {
  502. $send_html = true;
  503. $message = strtr($message, array($line_break => '<br />' . $line_break));
  504. $message = preg_replace('~(' . preg_quote($scripturl, '~') . '(?:[?/][\w\-_%\.,\?&;=#]+)?)~', '<a href="$1">$1</a>', $message);
  505. }
  506. list (, $from_name) = mimespecialchars(addcslashes($from !== null ? $from : $context['forum_name'], '<>()\'\\"'), true, $hotmail_fix, $line_break);
  507. list (, $subject) = mimespecialchars($subject, true, $hotmail_fix, $line_break);
  508. // Construct the mail headers...
  509. $headers = 'From: "' . $from_name . '" <' . (empty($modSettings['mail_from']) ? $webmaster_email : $modSettings['mail_from']) . '>' . $line_break;
  510. $headers .= $from !== null ? 'Reply-To: <' . $from . '>' . $line_break : '';
  511. $headers .= 'Return-Path: ' . (empty($modSettings['mail_from']) ? $webmaster_email : $modSettings['mail_from']) . $line_break;
  512. $headers .= 'Date: ' . gmdate('D, d M Y H:i:s') . ' -0000' . $line_break;
  513. if ($message_id !== null && empty($modSettings['mail_no_message_id']))
  514. $headers .= 'Message-ID: <' . md5($scripturl . microtime()) . '-' . $message_id . strstr(empty($modSettings['mail_from']) ? $webmaster_email : $modSettings['mail_from'], '@') . '>' . $line_break;
  515. $headers .= 'X-Mailer: SMF' . $line_break;
  516. // Pass this to the integration before we start modifying the output -- it'll make it easier later.
  517. if (in_array(false, call_integration_hook('integrate_outgoing_email', array(&$subject, &$message, &$headers)), true))
  518. return false;
  519. // Save the original message...
  520. $orig_message = $message;
  521. // The mime boundary separates the different alternative versions.
  522. $mime_boundary = 'SMF-' . md5($message . time());
  523. // Using mime, as it allows to send a plain unencoded alternative.
  524. $headers .= 'Mime-Version: 1.0' . $line_break;
  525. $headers .= 'Content-Type: multipart/alternative; boundary="' . $mime_boundary . '"' . $line_break;
  526. $headers .= 'Content-Transfer-Encoding: 7bit' . $line_break;
  527. // Sending HTML? Let's plop in some basic stuff, then.
  528. if ($send_html)
  529. {
  530. $no_html_message = un_htmlspecialchars(strip_tags(strtr($orig_message, array('</title>' => $line_break))));
  531. // But, then, dump it and use a plain one for dinosaur clients.
  532. list(, $plain_message) = mimespecialchars($no_html_message, false, true, $line_break);
  533. $message = $plain_message . $line_break . '--' . $mime_boundary . $line_break;
  534. // This is the plain text version. Even if no one sees it, we need it for spam checkers.
  535. list($charset, $plain_charset_message, $encoding) = mimespecialchars($no_html_message, false, false, $line_break);
  536. $message .= 'Content-Type: text/plain; charset=' . $charset . $line_break;
  537. $message .= 'Content-Transfer-Encoding: ' . $encoding . $line_break . $line_break;
  538. $message .= $plain_charset_message . $line_break . '--' . $mime_boundary . $line_break;
  539. // This is the actual HTML message, prim and proper. If we wanted images, they could be inlined here (with multipart/related, etc.)
  540. list($charset, $html_message, $encoding) = mimespecialchars($orig_message, false, $hotmail_fix, $line_break);
  541. $message .= 'Content-Type: text/html; charset=' . $charset . $line_break;
  542. $message .= 'Content-Transfer-Encoding: ' . ($encoding == '' ? '7bit' : $encoding) . $line_break . $line_break;
  543. $message .= $html_message . $line_break . '--' . $mime_boundary . '--';
  544. }
  545. // Text is good too.
  546. else
  547. {
  548. // Send a plain message first, for the older web clients.
  549. list(, $plain_message) = mimespecialchars($orig_message, false, true, $line_break);
  550. $message = $plain_message . $line_break . '--' . $mime_boundary . $line_break;
  551. // Now add an encoded message using the forum's character set.
  552. list ($charset, $encoded_message, $encoding) = mimespecialchars($orig_message, false, false, $line_break);
  553. $message .= 'Content-Type: text/plain; charset=' . $charset . $line_break;
  554. $message .= 'Content-Transfer-Encoding: ' . $encoding . $line_break . $line_break;
  555. $message .= $encoded_message . $line_break . '--' . $mime_boundary . '--';
  556. }
  557. // Are we using the mail queue, if so this is where we butt in...
  558. if (!empty($modSettings['mail_queue']) && $priority != 0)
  559. return AddMailQueue(false, $to_array, $subject, $message, $headers, $send_html, $priority, $is_private);
  560. // If it's a priority mail, send it now - note though that this should NOT be used for sending many at once.
  561. elseif (!empty($modSettings['mail_queue']) && !empty($modSettings['mail_limit']))
  562. {
  563. list ($last_mail_time, $mails_this_minute) = @explode('|', $modSettings['mail_recent']);
  564. if (empty($mails_this_minute) || time() > $last_mail_time + 60)
  565. $new_queue_stat = time() . '|' . 1;
  566. else
  567. $new_queue_stat = $last_mail_time . '|' . ((int) $mails_this_minute + 1);
  568. updateSettings(array('mail_recent' => $new_queue_stat));
  569. }
  570. // SMTP or sendmail?
  571. if ($use_sendmail)
  572. {
  573. $subject = strtr($subject, array("\r" => '', "\n" => ''));
  574. if (!empty($modSettings['mail_strip_carriage']))
  575. {
  576. $message = strtr($message, array("\r" => ''));
  577. $headers = strtr($headers, array("\r" => ''));
  578. }
  579. foreach ($to_array as $to)
  580. {
  581. if (!mail(strtr($to, array("\r" => '', "\n" => '')), $subject, $message, $headers))
  582. {
  583. log_error(sprintf($txt['mail_send_unable'], $to));
  584. $mail_result = false;
  585. }
  586. // Wait, wait, I'm still sending here!
  587. @set_time_limit(300);
  588. if (function_exists('apache_reset_timeout'))
  589. @apache_reset_timeout();
  590. }
  591. }
  592. else
  593. $mail_result = $mail_result && smtp_mail($to_array, $subject, $message, $headers);
  594. // Everything go smoothly?
  595. return $mail_result;
  596. }
  597. /**
  598. * Add an email to the mail queue.
  599. *
  600. * @param bool $flush = false
  601. * @param array $to_array = array()
  602. * @param string $subject = ''
  603. * @param string $message = ''
  604. * @param string $headers = ''
  605. * @param bool $send_html = false
  606. * @param int $priority = 3
  607. * @param $is_private
  608. * @return bool
  609. */
  610. function AddMailQueue($flush = false, $to_array = array(), $subject = '', $message = '', $headers = '', $send_html = false, $priority = 3, $is_private = false)
  611. {
  612. global $context, $modSettings, $smcFunc;
  613. static $cur_insert = array();
  614. static $cur_insert_len = 0;
  615. if ($cur_insert_len == 0)
  616. $cur_insert = array();
  617. // If we're flushing, make the final inserts - also if we're near the MySQL length limit!
  618. if (($flush || $cur_insert_len > 800000) && !empty($cur_insert))
  619. {
  620. // Only do these once.
  621. $cur_insert_len = 0;
  622. // Dump the data...
  623. $smcFunc['db_insert']('',
  624. '{db_prefix}mail_queue',
  625. array(
  626. 'time_sent' => 'int', 'recipient' => 'string-255', 'body' => 'string-65534', 'subject' => 'string-255',
  627. 'headers' => 'string-65534', 'send_html' => 'int', 'priority' => 'int', 'private' => 'int',
  628. ),
  629. $cur_insert,
  630. array('id_mail')
  631. );
  632. $cur_insert = array();
  633. $context['flush_mail'] = false;
  634. }
  635. // If we're flushing we're done.
  636. if ($flush)
  637. {
  638. $nextSendTime = time() + 10;
  639. $smcFunc['db_query']('', '
  640. UPDATE {db_prefix}settings
  641. SET value = {string:nextSendTime}
  642. WHERE variable = {string:mail_next_send}
  643. AND value = {string:no_outstanding}',
  644. array(
  645. 'nextSendTime' => $nextSendTime,
  646. 'mail_next_send' => 'mail_next_send',
  647. 'no_outstanding' => '0',
  648. )
  649. );
  650. return true;
  651. }
  652. // Ensure we tell obExit to flush.
  653. $context['flush_mail'] = true;
  654. foreach ($to_array as $to)
  655. {
  656. // Will this insert go over MySQL's limit?
  657. $this_insert_len = strlen($to) + strlen($message) + strlen($headers) + 700;
  658. // Insert limit of 1M (just under the safety) is reached?
  659. if ($this_insert_len + $cur_insert_len > 1000000)
  660. {
  661. // Flush out what we have so far.
  662. $smcFunc['db_insert']('',
  663. '{db_prefix}mail_queue',
  664. array(
  665. 'time_sent' => 'int', 'recipient' => 'string-255', 'body' => 'string-65534', 'subject' => 'string-255',
  666. 'headers' => 'string-65534', 'send_html' => 'int', 'priority' => 'int', 'private' => 'int',
  667. ),
  668. $cur_insert,
  669. array('id_mail')
  670. );
  671. // Clear this out.
  672. $cur_insert = array();
  673. $cur_insert_len = 0;
  674. }
  675. // Now add the current insert to the array...
  676. $cur_insert[] = array(time(), (string) $to, (string) $message, (string) $subject, (string) $headers, ($send_html ? 1 : 0), $priority, (int) $is_private);
  677. $cur_insert_len += $this_insert_len;
  678. }
  679. // If they are using SSI there is a good chance obExit will never be called. So lets be nice and flush it for them.
  680. if (SMF === 'SSI')
  681. return AddMailQueue(true);
  682. return true;
  683. }
  684. /**
  685. * Sends an personal message from the specified person to the specified people
  686. * ($from defaults to the user)
  687. *
  688. * @param array $recipients - an array containing the arrays 'to' and 'bcc', both containing id_member's.
  689. * @param string $subject - should have no slashes and no html entities
  690. * @param string $message - should have no slashes and no html entities
  691. * @param bool $store_outbox
  692. * @param array $from - an array with the id, name, and username of the member.
  693. * @param int $pm_head - the ID of the chain being replied to - if any.
  694. * @return array, an array with log entries telling how many recipients were successful and which recipients it failed to send to.
  695. */
  696. function sendpm($recipients, $subject, $message, $store_outbox = false, $from = null, $pm_head = 0)
  697. {
  698. global $scripturl, $txt, $user_info, $language;
  699. global $modSettings, $smcFunc;
  700. // Make sure the PM language file is loaded, we might need something out of it.
  701. loadLanguage('PersonalMessage');
  702. $onBehalf = $from !== null;
  703. // Initialize log array.
  704. $log = array(
  705. 'failed' => array(),
  706. 'sent' => array()
  707. );
  708. if ($from === null)
  709. $from = array(
  710. 'id' => $user_info['id'],
  711. 'name' => $user_info['name'],
  712. 'username' => $user_info['username']
  713. );
  714. // Probably not needed. /me something should be of the typer.
  715. else
  716. $user_info['name'] = $from['name'];
  717. // This is the one that will go in their inbox.
  718. $htmlmessage = $smcFunc['htmlspecialchars']($message, ENT_QUOTES);
  719. preparsecode($htmlmessage);
  720. $htmlsubject = strtr($smcFunc['htmlspecialchars']($subject), array("\r" => '', "\n" => '', "\t" => ''));
  721. if ($smcFunc['strlen']($htmlsubject) > 100)
  722. $htmlsubject = $smcFunc['substr']($htmlsubject, 0, 100);
  723. // Integrated PMs
  724. call_integration_hook('integrate_personal_message', array(&$recipients, &$from['username'], &$subject, &$message));
  725. // Get a list of usernames and convert them to IDs.
  726. $usernames = array();
  727. foreach ($recipients as $rec_type => $rec)
  728. {
  729. foreach ($rec as $id => $member)
  730. {
  731. if (!is_numeric($recipients[$rec_type][$id]))
  732. {
  733. $recipients[$rec_type][$id] = $smcFunc['strtolower'](trim(preg_replace('/[<>&"\'=\\\]/', '', $recipients[$rec_type][$id])));
  734. $usernames[$recipients[$rec_type][$id]] = 0;
  735. }
  736. }
  737. }
  738. if (!empty($usernames))
  739. {
  740. $request = $smcFunc['db_query']('pm_find_username', '
  741. SELECT id_member, member_name
  742. FROM {db_prefix}members
  743. WHERE ' . ($smcFunc['db_case_sensitive'] ? 'LOWER(member_name)' : 'member_name') . ' IN ({array_string:usernames})',
  744. array(
  745. 'usernames' => array_keys($usernames),
  746. )
  747. );
  748. while ($row = $smcFunc['db_fetch_assoc']($request))
  749. if (isset($usernames[$smcFunc['strtolower']($row['member_name'])]))
  750. $usernames[$smcFunc['strtolower']($row['member_name'])] = $row['id_member'];
  751. $smcFunc['db_free_result']($request);
  752. // Replace the usernames with IDs. Drop usernames that couldn't be found.
  753. foreach ($recipients as $rec_type => $rec)
  754. foreach ($rec as $id => $member)
  755. {
  756. if (is_numeric($recipients[$rec_type][$id]))
  757. continue;
  758. if (!empty($usernames[$member]))
  759. $recipients[$rec_type][$id] = $usernames[$member];
  760. else
  761. {
  762. $log['failed'][$id] = sprintf($txt['pm_error_user_not_found'], $recipients[$rec_type][$id]);
  763. unset($recipients[$rec_type][$id]);
  764. }
  765. }
  766. }
  767. // Make sure there are no duplicate 'to' members.
  768. $recipients['to'] = array_unique($recipients['to']);
  769. // Only 'bcc' members that aren't already in 'to'.
  770. $recipients['bcc'] = array_diff(array_unique($recipients['bcc']), $recipients['to']);
  771. // Combine 'to' and 'bcc' recipients.
  772. $all_to = array_merge($recipients['to'], $recipients['bcc']);
  773. // Check no-one will want it deleted right away!
  774. $request = $smcFunc['db_query']('', '
  775. SELECT
  776. id_member, criteria, is_or
  777. FROM {db_prefix}pm_rules
  778. WHERE id_member IN ({array_int:to_members})
  779. AND delete_pm = {int:delete_pm}',
  780. array(
  781. 'to_members' => $all_to,
  782. 'delete_pm' => 1,
  783. )
  784. );
  785. $deletes = array();
  786. // Check whether we have to apply anything...
  787. while ($row = $smcFunc['db_fetch_assoc']($request))
  788. {
  789. $criteria = unserialize($row['criteria']);
  790. // Note we don't check the buddy status, cause deletion from buddy = madness!
  791. $delete = false;
  792. foreach ($criteria as $criterium)
  793. {
  794. $match = false;
  795. if (($criterium['t'] == 'mid' && $criterium['v'] == $from['id']) || ($criterium['t'] == 'gid' && in_array($criterium['v'], $user_info['groups'])) || ($criterium['t'] == 'sub' && strpos($subject, $criterium['v']) !== false) || ($criterium['t'] == 'msg' && strpos($message, $criterium['v']) !== false))
  796. $delete = true;
  797. // If we're adding and one criteria don't match then we stop!
  798. elseif (!$row['is_or'])
  799. {
  800. $delete = false;
  801. break;
  802. }
  803. }
  804. if ($delete)
  805. $deletes[$row['id_member']] = 1;
  806. }
  807. $smcFunc['db_free_result']($request);
  808. // Load the membergrounp message limits.
  809. // @todo Consider caching this?
  810. static $message_limit_cache = array();
  811. if (!allowedTo('moderate_forum') && empty($message_limit_cache))
  812. {
  813. $request = $smcFunc['db_query']('', '
  814. SELECT id_group, max_messages
  815. FROM {db_prefix}membergroups',
  816. array(
  817. )
  818. );
  819. while ($row = $smcFunc['db_fetch_assoc']($request))
  820. $message_limit_cache[$row['id_group']] = $row['max_messages'];
  821. $smcFunc['db_free_result']($request);
  822. }
  823. // Load the groups that are allowed to read PMs.
  824. // @todo move into a separate function on $permission.
  825. $allowed_groups = array();
  826. $disallowed_groups = array();
  827. $request = $smcFunc['db_query']('', '
  828. SELECT id_group, add_deny
  829. FROM {db_prefix}permissions
  830. WHERE permission = {string:read_permission}',
  831. array(
  832. 'read_permission' => 'pm_read',
  833. )
  834. );
  835. while ($row = $smcFunc['db_fetch_assoc']($request))
  836. {
  837. if (empty($row['add_deny']))
  838. $disallowed_groups[] = $row['id_group'];
  839. else
  840. $allowed_groups[] = $row['id_group'];
  841. }
  842. $smcFunc['db_free_result']($request);
  843. if (empty($modSettings['permission_enable_deny']))
  844. $disallowed_groups = array();
  845. $request = $smcFunc['db_query']('', '
  846. SELECT
  847. member_name, real_name, id_member, email_address, lngfile,
  848. pm_email_notify, instant_messages,' . (allowedTo('moderate_forum') ? ' 0' : '
  849. (pm_receive_from = {int:admins_only}' . (empty($modSettings['enable_buddylist']) ? '' : ' OR
  850. (pm_receive_from = {int:buddies_only} AND FIND_IN_SET({string:from_id}, buddy_list) = 0) OR
  851. (pm_receive_from = {int:not_on_ignore_list} AND FIND_IN_SET({string:from_id}, pm_ignore_list) != 0)') . ')') . ' AS ignored,
  852. FIND_IN_SET({string:from_id}, buddy_list) != 0 AS is_buddy, is_activated,
  853. additional_groups, id_group, id_post_group
  854. FROM {db_prefix}members
  855. WHERE id_member IN ({array_int:recipients})
  856. ORDER BY lngfile
  857. LIMIT {int:count_recipients}',
  858. array(
  859. 'not_on_ignore_list' => 1,
  860. 'buddies_only' => 2,
  861. 'admins_only' => 3,
  862. 'recipients' => $all_to,
  863. 'count_recipients' => count($all_to),
  864. 'from_id' => $from['id'],
  865. )
  866. );
  867. $notifications = array();
  868. while ($row = $smcFunc['db_fetch_assoc']($request))
  869. {
  870. // Don't do anything for members to be deleted!
  871. if (isset($deletes[$row['id_member']]))
  872. continue;
  873. // We need to know this members groups.
  874. $groups = explode(',', $row['additional_groups']);
  875. $groups[] = $row['id_group'];
  876. $groups[] = $row['id_post_group'];
  877. $message_limit = -1;
  878. // For each group see whether they've gone over their limit - assuming they're not an admin.
  879. if (!in_array(1, $groups))
  880. {
  881. foreach ($groups as $id)
  882. {
  883. if (isset($message_limit_cache[$id]) && $message_limit != 0 && $message_limit < $message_limit_cache[$id])
  884. $message_limit = $message_limit_cache[$id];
  885. }
  886. if ($message_limit > 0 && $message_limit <= $row['instant_messages'])
  887. {
  888. $log['failed'][$row['id_member']] = sprintf($txt['pm_error_data_limit_reached'], $row['real_name']);
  889. unset($all_to[array_search($row['id_member'], $all_to)]);
  890. continue;
  891. }
  892. // Do they have any of the allowed groups?
  893. if (count(array_intersect($allowed_groups, $groups)) == 0 || count(array_intersect($disallowed_groups, $groups)) != 0)
  894. {
  895. $log['failed'][$row['id_member']] = sprintf($txt['pm_error_user_cannot_read'], $row['real_name']);
  896. unset($all_to[array_search($row['id_member'], $all_to)]);
  897. continue;
  898. }
  899. }
  900. // Note that PostgreSQL can return a lowercase t/f for FIND_IN_SET
  901. if (!empty($row['ignored']) && $row['ignored'] != 'f' && $row['id_member'] != $from['id'])
  902. {
  903. $log['failed'][$row['id_member']] = sprintf($txt['pm_error_ignored_by_user'], $row['real_name']);
  904. unset($all_to[array_search($row['id_member'], $all_to)]);
  905. continue;
  906. }
  907. // If the receiving account is banned (>=10) or pending deletion (4), refuse to send the PM.
  908. if ($row['is_activated'] >= 10 || ($row['is_activated'] == 4 && !$user_info['is_admin']))
  909. {
  910. $log['failed'][$row['id_member']] = sprintf($txt['pm_error_user_cannot_read'], $row['real_name']);
  911. unset($all_to[array_search($row['id_member'], $all_to)]);
  912. continue;
  913. }
  914. // Send a notification, if enabled - taking the buddy list into account.
  915. if (!empty($row['email_address']) && ($row['pm_email_notify'] == 1 || ($row['pm_email_notify'] > 1 && (!empty($modSettings['enable_buddylist']) && $row['is_buddy']))) && $row['is_activated'] == 1)
  916. $notifications[empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']][] = $row['email_address'];
  917. $log['sent'][$row['id_member']] = sprintf(isset($txt['pm_successfully_sent']) ? $txt['pm_successfully_sent'] : '', $row['real_name']);
  918. }
  919. $smcFunc['db_free_result']($request);
  920. // Only 'send' the message if there are any recipients left.
  921. if (empty($all_to))
  922. return $log;
  923. // Insert the message itself and then grab the last insert id.
  924. $smcFunc['db_insert']('',
  925. '{db_prefix}personal_messages',
  926. array(
  927. 'id_pm_head' => 'int', 'id_member_from' => 'int', 'deleted_by_sender' => 'int',
  928. 'from_name' => 'string-255', 'msgtime' => 'int', 'subject' => 'string-255', 'body' => 'string-65534',
  929. ),
  930. array(
  931. $pm_head, $from['id'], ($store_outbox ? 0 : 1),
  932. $from['username'], time(), $htmlsubject, $htmlmessage,
  933. ),
  934. array('id_pm')
  935. );
  936. $id_pm = $smcFunc['db_insert_id']('{db_prefix}personal_messages', 'id_pm');
  937. // Add the recipients.
  938. if (!empty($id_pm))
  939. {
  940. // If this is new we need to set it part of it's own conversation.
  941. if (empty($pm_head))
  942. $smcFunc['db_query']('', '
  943. UPDATE {db_prefix}personal_messages
  944. SET id_pm_head = {int:id_pm_head}
  945. WHERE id_pm = {int:id_pm_head}',
  946. array(
  947. 'id_pm_head' => $id_pm,
  948. )
  949. );
  950. // Some people think manually deleting personal_messages is fun... it's not. We protect against it though :)
  951. $smcFunc['db_query']('', '
  952. DELETE FROM {db_prefix}pm_recipients
  953. WHERE id_pm = {int:id_pm}',
  954. array(
  955. 'id_pm' => $id_pm,
  956. )
  957. );
  958. $insertRows = array();
  959. $to_list = array();
  960. foreach ($all_to as $to)
  961. {
  962. $insertRows[] = array($id_pm, $to, in_array($to, $recipients['bcc']) ? 1 : 0, isset($deletes[$to]) ? 1 : 0, 1);
  963. if (!in_array($to, $recipients['bcc']))
  964. $to_list[] = $to;
  965. }
  966. $smcFunc['db_insert']('insert',
  967. '{db_prefix}pm_recipients',
  968. array(
  969. 'id_pm' => 'int', 'id_member' => 'int', 'bcc' => 'int', 'deleted' => 'int', 'is_new' => 'int'
  970. ),
  971. $insertRows,
  972. array('id_pm', 'id_member')
  973. );
  974. }
  975. censorText($subject);
  976. if (empty($modSettings['disallow_sendBody']))
  977. {
  978. censorText($message);
  979. $message = trim(un_htmlspecialchars(strip_tags(strtr(parse_bbc(htmlspecialchars($message), false), array('<br />' => "\n", '</div>' => "\n", '</li>' => "\n", '&#91;' => '[', '&#93;' => ']')))));
  980. }
  981. else
  982. $message = '';
  983. $to_names = array();
  984. if (count($to_list) > 1)
  985. {
  986. $request = $smcFunc['db_query']('', '
  987. SELECT real_name
  988. FROM {db_prefix}members
  989. WHERE id_member IN ({array_int:to_members})',
  990. array(
  991. 'to_members' => $to_list,
  992. )
  993. );
  994. while ($row = $smcFunc['db_fetch_assoc']($request))
  995. $to_names[] = un_htmlspecialchars($row['real_name']);
  996. $smcFunc['db_free_result']($request);
  997. }
  998. $replacements = array(
  999. 'SUBJECT' => $subject,
  1000. 'MESSAGE' => $message,
  1001. 'SENDER' => un_htmlspecialchars($from['name']),
  1002. 'READLINK' => $scripturl . '?action=pm;pmsg=' . $id_pm . '#msg' . $id_pm,
  1003. 'REPLYLINK' => $scripturl . '?action=pm;sa=send;f=inbox;pmsg=' . $id_pm . ';quote;u=' . $from['id'],
  1004. 'TOLIST' => implode(', ', $to_names),
  1005. );
  1006. $email_template = 'new_pm' . (empty($modSettings['disallow_sendBody']) ? '_body' : '') . (!empty($to_names) ? '_tolist' : '');
  1007. foreach ($notifications as $lang => $notification_list)
  1008. {
  1009. $mail = loadEmailTemplate($email_template, $replacements, $lang);
  1010. // Off the notification email goes!
  1011. sendmail($notification_list, $mail['subject'], $mail['body'], null, 'p' . $id_pm, false, 2, null, true);
  1012. }
  1013. // Back to what we were on before!
  1014. loadLanguage('index+PersonalMessage');
  1015. // Add one to their unread and read message counts.
  1016. foreach ($all_to as $k => $id)
  1017. if (isset($deletes[$id]))
  1018. unset($all_to[$k]);
  1019. if (!empty($all_to))
  1020. updateMemberData($all_to, array('instant_messages' => '+', 'unread_messages' => '+', 'new_pm' => 1));
  1021. return $log;
  1022. }
  1023. /**
  1024. * Prepare text strings for sending as email body or header.
  1025. * In case there are higher ASCII characters in the given string, this
  1026. * function will attempt the transport method 'quoted-printable'.
  1027. * Otherwise the transport method '7bit' is used.
  1028. *
  1029. * @param string $string
  1030. * @param bool $with_charset = true
  1031. * @param bool $hotmail_fix = false, with hotmail_fix set all higher ASCII
  1032. * characters are converted to HTML entities to assure proper display of the mail
  1033. * @param $line_break
  1034. * @param string $custom_charset = null, if set, it uses this character set
  1035. * @return array an array containing the character set, the converted string and the transport method.
  1036. */
  1037. function mimespecialchars($string, $with_charset = true, $hotmail_fix = false, $line_break = "\r\n", $custom_charset = null)
  1038. {
  1039. global $context;
  1040. $charset = $custom_charset !== null ? $custom_charset : $context['character_set'];
  1041. // This is the fun part....
  1042. if (preg_match_all('~&#(\d{3,8});~', $string, $matches) !== 0 && !$hotmail_fix)
  1043. {
  1044. // Let's, for now, assume there are only &#021;'ish characters.
  1045. $simple = true;
  1046. foreach ($matches[1] as $entity)
  1047. if ($entity > 128)
  1048. $simple = false;
  1049. unset($matches);
  1050. if ($simple)
  1051. $string = preg_replace('~&#(\d{3,8});~e', 'chr(\'$1\')', $string);
  1052. else
  1053. {
  1054. // Try to convert the string to UTF-8.
  1055. if (!$context['utf8'] && function_exists('iconv'))
  1056. {
  1057. $newstring = @iconv($context['character_set'], 'UTF-8', $string);
  1058. if ($newstring)
  1059. $string = $newstring;
  1060. }
  1061. $fixchar = create_function('$n', '
  1062. if ($n < 128)
  1063. return chr($n);
  1064. elseif ($n < 2048)
  1065. return chr(192 | $n >> 6) . chr(128 | $n & 63);
  1066. elseif ($n < 65536)
  1067. return chr(224 | $n >> 12) . chr(128 | $n >> 6 & 63) . chr(128 | $n & 63);
  1068. else
  1069. return chr(240 | $n >> 18) . chr(128 | $n >> 12 & 63) . chr(128 | $n >> 6 & 63) . chr(128 | $n & 63);');
  1070. $string = preg_replace('~&#(\d{3,8});~e', '$fixchar(\'$1\')', $string);
  1071. // Unicode, baby.
  1072. $charset = 'UTF-8';
  1073. }
  1074. }
  1075. // Convert all special characters to HTML entities...just for Hotmail :-\
  1076. if ($hotmail_fix && ($context['utf8'] || function_exists('iconv') || $context['character_set'] === 'ISO-8859-1'))
  1077. {
  1078. if (!$context['utf8'] && function_exists('iconv'))
  1079. {
  1080. $newstring = @iconv($context['character_set'], 'UTF-8', $string);
  1081. if ($newstring)
  1082. $string = $newstring;
  1083. }
  1084. $entityConvert = create_function('$c', '
  1085. if (strlen($c) === 1 && ord($c[0]) <= 0x7F)
  1086. return $c;
  1087. elseif (strlen($c) === 2 && ord($c[0]) >= 0xC0 && ord($c[0]) <= 0xDF)
  1088. return "&#" . (((ord($c[0]) ^ 0xC0) << 6) + (ord($c[1]) ^ 0x80)) . ";";
  1089. elseif (strlen($c) === 3 && ord($c[0]) >= 0xE0 && ord($c[0]) <= 0xEF)
  1090. return "&#" . (((ord($c[0]) ^ 0xE0) << 12) + ((ord($c[1]) ^ 0x80) << 6) + (ord($c[2]) ^ 0x80)) . ";";
  1091. elseif (strlen($c) === 4 && ord($c[0]) >= 0xF0 && ord($c[0]) <= 0xF7)
  1092. return "&#" . (((ord($c[0]) ^ 0xF0) << 18) + ((ord($c[1]) ^ 0x80) << 12) + ((ord($c[2]) ^ 0x80) << 6) + (ord($c[3]) ^ 0x80)) . ";";
  1093. else
  1094. return "";');
  1095. // Convert all 'special' characters to HTML entities.
  1096. return array($charset, preg_replace('~([\x80-\x{10FFFF}])~eu', '$entityConvert(\'\1\')', $string), '7bit');
  1097. }
  1098. // We don't need to mess with the subject line if no special characters were in it..
  1099. elseif (!$hotmail_fix && preg_match('~([^\x09\x0A\x0D\x20-\x7F])~', $string) === 1)
  1100. {
  1101. // Base64 encode.
  1102. $string = base64_encode($string);
  1103. // Show the characterset and the transfer-encoding for header strings.
  1104. if ($with_charset)
  1105. $string = '=?' . $charset . '?B?' . $string . '?=';
  1106. // Break it up in lines (mail body).
  1107. else
  1108. $string = chunk_split($string, 76, $line_break);
  1109. return array($charset, $string, 'base64');
  1110. }
  1111. else
  1112. return array($charset, $string, '7bit');
  1113. }
  1114. // Send an email via SMTP.
  1115. /**
  1116. * Sends mail, like mail() but over SMTP.
  1117. * It expects no slashes or entities.
  1118. * @internal
  1119. *
  1120. * @param array $mail_to_array - array of strings (email addresses)
  1121. * @param string $subject, email subject
  1122. * @param string $message, email message
  1123. * @param string $headers
  1124. * @return bool, whether it sent or not.
  1125. */
  1126. function smtp_mail($mail_to_array, $subject, $message, $headers)
  1127. {
  1128. global $modSettings, $webmaster_email, $txt;
  1129. $modSettings['smtp_host'] = trim($modSettings['smtp_host']);
  1130. // Try POP3 before SMTP?
  1131. // @todo There's no interface for this yet.
  1132. if ($modSettings['mail_type'] == 2 && $modSettings['smtp_username'] != '' && $modSettings['smtp_password'] != '')
  1133. {
  1134. $socket = fsockopen($modSettings['smtp_host'], 110, $errno, $errstr, 2);
  1135. if (!$socket && (substr($modSettings['smtp_host'], 0, 5) == 'smtp.' || substr($modSettings['smtp_host'], 0, 11) == 'ssl://smtp.'))
  1136. $socket = fsockopen(strtr($modSettings['smtp_host'], array('smtp.' => 'pop.')), 110, $errno, $errstr, 2);
  1137. if ($socket)
  1138. {
  1139. fgets($socket, 256);
  1140. fputs($socket, 'USER ' . $modSettings['smtp_username'] . "\r\n");
  1141. fgets($socket, 256);
  1142. fputs($socket, 'PASS ' . base64_decode($modSettings['smtp_password']) . "\r\n");
  1143. fgets($socket, 256);
  1144. fputs($socket, 'QUIT' . "\r\n");
  1145. fclose($socket);
  1146. }
  1147. }
  1148. // Try to connect to the SMTP server... if it doesn't exist, only wait three seconds.
  1149. if (!$socket = fsockopen($modSettings['smtp_host'], empty($modSettings['smtp_port']) ? 25 : $modSettings['smtp_port'], $errno, $errstr, 3))
  1150. {
  1151. // Maybe we can still save this? The port might be wrong.
  1152. if (substr($modSettings['smtp_host'], 0, 4) == 'ssl:' && (empty($modSettings['smtp_port']) || $modSettings['smtp_port'] == 25))
  1153. {
  1154. if ($socket = fsockopen($modSettings['smtp_host'], 465, $errno, $errstr, 3))
  1155. log_error($txt['smtp_port_ssl']);
  1156. }
  1157. // Unable to connect! Don't show any error message, but just log one and try to continue anyway.
  1158. if (!$socket)
  1159. {
  1160. log_error($txt['smtp_no_connect'] . ': ' . $errno . ' : ' . $errstr);
  1161. return false;
  1162. }
  1163. }
  1164. // Wait for a response of 220, without "-" continuer.
  1165. if (!server_parse(null, $socket, '220'))
  1166. return false;
  1167. if ($modSettings['mail_type'] == 1 && $modSettings['smtp_username'] != '' && $modSettings['smtp_password'] != '')
  1168. {
  1169. // @todo These should send the CURRENT server's name, not the mail server's!
  1170. // EHLO could be understood to mean encrypted hello...
  1171. if (server_parse('EHLO ' . $modSettings['smtp_host'], $socket, null) == '250')
  1172. {
  1173. if (!server_parse('AUTH LOGIN', $socket, '334'))
  1174. return false;
  1175. // Send the username and password, encoded.
  1176. if (!server_parse(base64_encode($modSettings['smtp_username']), $socket, '334'))
  1177. return false;
  1178. // The password is already encoded ;)
  1179. if (!server_parse($modSettings['smtp_password'], $socket, '235'))
  1180. return false;
  1181. }
  1182. elseif (!server_parse('HELO ' . $modSettings['smtp_host'], $socket, '250'))
  1183. return false;
  1184. }
  1185. else
  1186. {
  1187. // Just say "helo".
  1188. if (!server_parse('HELO ' . $modSettings['smtp_host'], $socket, '250'))
  1189. return false;
  1190. }
  1191. // Fix the message for any lines beginning with a period! (the first is ignored, you see.)
  1192. $message = strtr($message, array("\r\n" . '.' => "\r\n" . '..'));
  1193. // !! Theoretically, we should be able to just loop the RCPT TO.
  1194. $mail_to_array = array_values($mail_to_array);
  1195. foreach ($mail_to_array as $i => $mail_to)
  1196. {
  1197. // Reset the connection to send another email.
  1198. if ($i != 0)
  1199. {
  1200. if (!server_parse('RSET', $socket, '250'))
  1201. return false;
  1202. }
  1203. // From, to, and then start the data...
  1204. if (!server_parse('MAIL FROM: <' . (empty($modSettings['mail_from']) ? $webmaster_email : $modSettings['mail_from']) . '>', $socket, '250'))
  1205. return false;
  1206. if (!server_parse('RCPT TO: <' . $mail_to . '>', $socket, '250'))
  1207. return false;
  1208. if (!server_parse('DATA', $socket, '354'))
  1209. return false;
  1210. fputs($socket, 'Subject: ' . $subject . "\r\n");
  1211. if (strlen($mail_to) > 0)
  1212. fputs($socket, 'To: <' . $mail_to . '>' . "\r\n");
  1213. fputs($socket, $headers . "\r\n\r\n");
  1214. fputs($socket, $message . "\r\n");
  1215. // Send a ., or in other words "end of data".
  1216. if (!server_parse('.', $socket, '250'))
  1217. return false;
  1218. // Almost done, almost done... don't stop me just yet!
  1219. @set_time_limit(300);
  1220. if (function_exists('apache_reset_timeout'))
  1221. @apache_reset_timeout();
  1222. }
  1223. fputs($socket, 'QUIT' . "\r\n");
  1224. fclose($socket);
  1225. return true;
  1226. }
  1227. /**
  1228. * Parse a message to the SMTP server.
  1229. * Sends the specified message to the server, and checks for the
  1230. * expected response.
  1231. * @internal
  1232. *
  1233. * @param string $message - the message to send
  1234. * @param resource $socket - socket to send on
  1235. * @param string $response - the expected response code
  1236. * @return whether it responded as such.
  1237. */
  1238. function server_parse($message, $socket, $response)
  1239. {
  1240. global $txt;
  1241. if ($message !== null)
  1242. fputs($socket, $message . "\r\n");
  1243. // No response yet.
  1244. $server_response = '';
  1245. while (substr($server_response, 3, 1) != ' ')
  1246. if (!($server_response = fgets($socket, 256)))
  1247. {
  1248. // @todo Change this message to reflect that it may mean bad user/password/server issues/etc.
  1249. log_error($txt['smtp_bad_response']);
  1250. return false;
  1251. }
  1252. if ($response === null)
  1253. return substr($server_response, 0, 3);
  1254. if (substr($server_response, 0, 3) != $response)
  1255. {
  1256. log_error($txt['smtp_error'] . $server_response);
  1257. return false;
  1258. }
  1259. return true;
  1260. }
  1261. /**
  1262. * Spell checks the post for typos ;).
  1263. * It uses the pspell library, which MUST be installed.
  1264. * It has problems with internationalization.
  1265. * It is accessed via ?action=spellcheck.
  1266. */
  1267. function SpellCheck()
  1268. {
  1269. global $txt, $context, $smcFunc;
  1270. // A list of "words" we know about but pspell doesn't.
  1271. $known_words = array('smf', 'php', 'mysql', 'www', 'gif', 'jpeg', 'png', 'http', 'smfisawesome', 'grandia', 'terranigma', 'rpgs');
  1272. loadLanguage('Post');
  1273. loadTemplate('Post');
  1274. // Okay, this looks funny, but it actually fixes a weird bug.
  1275. ob_start();
  1276. $old = error_reporting(0);
  1277. // See, first, some windows machines don't load pspell properly on the first try. Dumb, but this is a workaround.
  1278. pspell_new('en');
  1279. // Next, the dictionary in question may not exist. So, we try it... but...
  1280. $pspell_link = pspell_new($txt['lang_dictionary'], $txt['lang_spelling'], '', strtr($context['character_set'], array('iso-' => 'iso', 'ISO-' => 'iso')), PSPELL_FAST | PSPELL_RUN_TOGETHER);
  1281. // Most people don't have anything but English installed... So we use English as a last resort.
  1282. if (!$pspell_link)
  1283. $pspell_link = pspell_new('en', '', '', '', PSPELL_FAST | PSPELL_RUN_TOGETHER);
  1284. error_reporting($old);
  1285. ob_end_clean();
  1286. if (!isset($_POST['spellstring']) || !$pspell_link)
  1287. die;
  1288. // Construct a bit of Javascript code.
  1289. $context['spell_js'] = '
  1290. var txt = {"done": "' . $txt['spellcheck_done'] . '"};
  1291. var mispstr = window.opener.spellCheckGetText(spell_fieldname);
  1292. var misps = Array(';
  1293. // Get all the words (Javascript already separated them).
  1294. $alphas = explode("\n", strtr($_POST['spellstring'], array("\r" => '')));
  1295. $found_words = false;
  1296. for ($i = 0, $n = count($alphas); $i < $n; $i++)
  1297. {
  1298. // Words are sent like 'word|offset_begin|offset_end'.
  1299. $check_word = explode('|', $alphas[$i]);
  1300. // If the word is a known word, or spelled right...
  1301. if (in_array($smcFunc['strtolower']($check_word[0]), $known_words) || pspell_check($pspell_link, $check_word[0]) || !isset($check_word[2]))
  1302. continue;
  1303. // Find the word, and move up the "last occurance" to here.
  1304. $found_words = true;
  1305. // Add on the javascript for this misspelling.
  1306. $context['spell_js'] .= '
  1307. new misp("' . strtr($check_word[0], array('\\' => '\\\\', '"' => '\\"', '<' => '', '&gt;' => '')) . '", ' . (int) $check_word[1] . ', ' . (int) $check_word[2] . ', [';
  1308. // If there are suggestions, add them in...
  1309. $suggestions = pspell_suggest($pspell_link, $check_word[0]);
  1310. if (!empty($suggestions))
  1311. {
  1312. // But first check they aren't going to be censored - no naughty words!
  1313. foreach ($suggestions as $k => $word)
  1314. if ($suggestions[$k] != censorText($word))
  1315. unset($suggestions[$k]);
  1316. if (!empty($suggestions))
  1317. $context['spell_js'] .= '"' . implode('", "', $suggestions) . '"';
  1318. }
  1319. $context['spell_js'] .= ']),';
  1320. }
  1321. // If words were found, take off the last comma.
  1322. if ($found_words)
  1323. $context['spell_js'] = substr($context['spell_js'], 0, -1);
  1324. $context['spell_js'] .= '
  1325. );';
  1326. // And instruct the template system to just show the spellcheck sub template.
  1327. $context['template_layers'] = array();
  1328. $context['sub_template'] = 'spellcheck';
  1329. }
  1330. /**
  1331. * Sends a notification to members who have elected to receive emails
  1332. * when things happen to a topic, such as replies are posted.
  1333. * The function automatically finds the subject and its board, and
  1334. * checks permissions for each member who is "signed up" for notifications.
  1335. * It will not send 'reply' notifications more than once in a row.
  1336. *
  1337. * @param array $topics - represents the topics the action is happening to.
  1338. * @param string $type - can be any of reply, sticky, lock, unlock, remove,
  1339. * move, merge, and split. An appropriate message will be sent for each.
  1340. * @param array $exclude = array() - members in the exclude array will not be
  1341. * processed for the topic with the same key.
  1342. * @param array $members_only = array() - are the only ones that will be sent the notification if they have it on.
  1343. * @uses Post language file
  1344. */
  1345. function sendNotifications($topics, $type, $exclude = array(), $members_only = array())
  1346. {
  1347. global $txt, $scripturl, $language, $user_info;
  1348. global $modSettings, $sourcedir, $context, $smcFunc;
  1349. // Can't do it if there's no topics.
  1350. if (empty($topics))
  1351. return;
  1352. // It must be an array - it must!
  1353. if (!is_array($topics))
  1354. $topics = array($topics);
  1355. // Get the subject and body...
  1356. $result = $smcFunc['db_query']('', '
  1357. SELECT mf.subject, ml.body, ml.id_member, t.id_last_msg, t.id_topic,
  1358. IFNULL(mem.real_name, ml.poster_name) AS poster_name
  1359. FROM {db_prefix}topics AS t
  1360. INNER JOIN {db_prefix}messages AS mf ON (mf.id_msg = t.id_first_msg)
  1361. INNER JOIN {db_prefix}messages AS ml ON (ml.id_msg = t.id_last_msg)
  1362. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = ml.id_member)
  1363. WHERE t.id_topic IN ({array_int:topic_list})
  1364. LIMIT 1',
  1365. array(
  1366. 'topic_list' => $topics,
  1367. )
  1368. );
  1369. $topicData = array();
  1370. while ($row = $smcFunc['db_fetch_assoc']($result))
  1371. {
  1372. // Clean it up.
  1373. censorText($row['subject']);
  1374. censorText($row['body']);
  1375. $row['subject'] = un_htmlspecialchars($row['subject']);
  1376. $row['body'] = trim(un_htmlspecialchars(strip_tags(strtr(parse_bbc($row['body'], false, $row['id_last_msg']), array('<br />' => "\n", '</div>' => "\n", '</li>' => "\n", '&#91;' => '[', '&#93;' => ']')))));
  1377. $topicData[$row['id_topic']] = array(
  1378. 'subject' => $row['subject'],
  1379. 'body' => $row['body'],
  1380. 'last_id' => $row['id_last_msg'],
  1381. 'topic' => $row['id_topic'],
  1382. 'name' => $user_info['name'],
  1383. 'exclude' => '',
  1384. );
  1385. }
  1386. $smcFunc['db_free_result']($result);
  1387. // Work out any exclusions...
  1388. foreach ($topics as $key => $id)
  1389. if (isset($topicData[$id]) && !empty($exclude[$key]))
  1390. $topicData[$id]['exclude'] = (int) $exclude[$key];
  1391. // Nada?
  1392. if (empty($topicData))
  1393. trigger_error('sendNotifications(): topics not found', E_USER_NOTICE);
  1394. $topics = array_keys($topicData);
  1395. // Just in case they've gone walkies.
  1396. if (empty($topics))
  1397. return;
  1398. // Insert all of these items into the digest log for those who want notifications later.
  1399. $digest_insert = array();
  1400. foreach ($topicData as $id => $data)
  1401. $digest_insert[] = array($data['topic'], $data['last_id'], $type, (int) $data['exclude']);
  1402. $smcFunc['db_insert']('',
  1403. '{db_prefix}log_digest',
  1404. array(
  1405. 'id_topic' => 'int', 'id_msg' => 'int', 'note_type' => 'string', 'exclude' => 'int',
  1406. ),
  1407. $digest_insert,
  1408. array()
  1409. );
  1410. // Find the members with notification on for this topic.
  1411. $members = $smcFunc['db_query']('', '
  1412. SELECT
  1413. mem.id_member, mem.email_address, mem.notify_regularity, mem.notify_types, mem.notify_send_body, mem.lngfile,
  1414. ln.sent, mem.id_group, mem.additional_groups, b.member_groups, mem.id_post_group, t.id_member_started,
  1415. ln.id_topic
  1416. FROM {db_prefix}log_notify AS ln
  1417. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = ln.id_member)
  1418. INNER JOIN {db_prefix}topics AS t ON (t.id_topic = ln.id_topic)
  1419. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  1420. WHERE ln.id_topic IN ({array_int:topic_list})
  1421. AND mem.notify_types < {int:notify_types}
  1422. AND mem.notify_regularity < {int:notify_regularity}
  1423. AND mem.is_activated = {int:is_activated}
  1424. AND ln.id_member != {int:current_member}' .
  1425. (empty($members_only) ? '' : ' AND ln.id_member IN ({array_int:members_only})') . '
  1426. ORDER BY mem.lngfile',
  1427. array(
  1428. 'current_member' => $user_info['id'],
  1429. 'topic_list' => $topics,
  1430. 'notify_types' => $type == 'reply' ? '4' : '3',
  1431. 'notify_regularity' => 2,
  1432. 'is_activated' => 1,
  1433. 'members_only' => is_array($members_only) ? $members_only : array($members_only),
  1434. )
  1435. );
  1436. $sent = 0;
  1437. $current_language = '';
  1438. while ($row = $smcFunc['db_fetch_assoc']($members))
  1439. {
  1440. // Don't do the excluded...
  1441. if ($topicData[$row['id_topic']]['exclude'] == $row['id_member'])
  1442. continue;
  1443. // Easier to check this here... if they aren't the topic poster do they really want to know?
  1444. if ($type != 'reply' && $row['notify_types'] == 2 && $row['id_member'] != $row['id_member_started'])
  1445. continue;
  1446. if ($row['id_group'] != 1)
  1447. {
  1448. $allowed = explode(',', $row['member_groups']);
  1449. $row['additional_groups'] = explode(',', $row['additional_groups']);
  1450. $row['additional_groups'][] = $row['id_group'];
  1451. $row['additional_groups'][] = $row['id_post_group'];
  1452. if (count(array_intersect($allowed, $row['additional_groups'])) == 0)
  1453. continue;
  1454. }
  1455. $needed_language = empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'];
  1456. if (empty($current_language) || $current_language != $needed_language)
  1457. $current_language = loadLanguage('Post', $needed_language, false);
  1458. $message_type = 'notification_' . $type;
  1459. $replacements = array(
  1460. 'TOPICSUBJECT' => $topicData[$row['id_topic']]['subject'],
  1461. 'POSTERNAME' => un_htmlspecialchars($topicData[$row['id_topic']]['name']),
  1462. 'TOPICLINK' => $scripturl . '?topic=' . $row['id_topic'] . '.new;topicseen#new',
  1463. 'UNSUBSCRIBELINK' => $scripturl . '?action=notify;topic=' . $row['id_topic'] . '.0',
  1464. );
  1465. if ($type == 'remove')
  1466. unset($replacements['TOPICLINK'], $replacements['UNSUBSCRIBELINK']);
  1467. // Do they want the body of the message sent too?
  1468. if (!empty($row['notify_send_body']) && $type == 'reply' && empty($modSettings['disallow_sendBody']))
  1469. {
  1470. $message_type .= '_body';
  1471. $replacements['MESSAGE'] = $topicData[$row['id_topic']]['body'];
  1472. }
  1473. if (!empty($row['notify_regularity']) && $type == 'reply')
  1474. $message_type .= '_once';
  1475. // Send only if once is off or it's on and it hasn't been sent.
  1476. if ($type != 'reply' || empty($row['notify_regularity']) || empty($row['sent']))
  1477. {
  1478. $emaildata = loadEmailTemplate($message_type, $replacements, $needed_language);
  1479. sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'], null, 'm' . $topicData[$row['id_topic']]['last_id']);
  1480. $sent++;
  1481. }
  1482. }
  1483. $smcFunc['db_free_result']($members);
  1484. if (isset($current_language) && $current_language != $user_info['language'])
  1485. loadLanguage('Post');
  1486. // Sent!
  1487. if ($type == 'reply' && !empty($sent))
  1488. $smcFunc['db_query']('', '
  1489. UPDATE {db_prefix}log_notify
  1490. SET sent = {int:is_sent}
  1491. WHERE id_topic IN ({array_int:topic_list})
  1492. AND id_member != {int:current_member}',
  1493. array(
  1494. 'current_member' => $user_info['id'],
  1495. 'topic_list' => $topics,
  1496. 'is_sent' => 1,
  1497. )
  1498. );
  1499. // For approvals we need to unsend the exclusions (This *is* the quickest way!)
  1500. if (!empty($sent) && !empty($exclude))
  1501. {
  1502. foreach ($topicData as $id => $data)
  1503. if ($data['exclude'])
  1504. $smcFunc['db_query']('', '
  1505. UPDATE {db_prefix}log_notify
  1506. SET sent = {int:not_sent}
  1507. WHERE id_topic = {int:id_topic}
  1508. AND id_member = {int:id_member}',
  1509. array(
  1510. 'not_sent' => 0,
  1511. 'id_topic' => $id,
  1512. 'id_member' => $data['exclude'],
  1513. )
  1514. );
  1515. }
  1516. }
  1517. /**
  1518. * Create a post, either as new topic (id_topic = 0) or in an existing one.
  1519. * The input parameters of this function assume:
  1520. * - Strings have been escaped.
  1521. * - Integers have been cast to integer.
  1522. * - Mandatory parameters are set.
  1523. *
  1524. * @param array $msgOptions
  1525. * @param array $topicOptions
  1526. * @param array $posterOptions
  1527. */
  1528. function createPost(&$msgOptions, &$topicOptions, &$posterOptions)
  1529. {
  1530. global $user_info, $txt, $modSettings, $smcFunc, $context, $sourcedir;
  1531. // Set optional parameters to the default value.
  1532. $msgOptions['icon'] = empty($msgOptions['icon']) ? 'xx' : $msgOptions['icon'];
  1533. $msgOptions['smileys_enabled'] = !empty($msgOptions['smileys_enabled']);
  1534. $msgOptions['attachments'] = empty($msgOptions['attachments']) ? array() : $msgOptions['attachments'];
  1535. $msgOptions['approved'] = isset($msgOptions['approved']) ? (int) $msgOptions['approved'] : 1;
  1536. $topicOptions['id'] = empty($topicOptions['id']) ? 0 : (int) $topicOptions['id'];
  1537. $topicOptions['poll'] = isset($topicOptions['poll']) ? (int) $topicOptions['poll'] : null;
  1538. $topicOptions['lock_mode'] = isset($topicOptions['lock_mode']) ? $topicOptions['lock_mode'] : null;
  1539. $topicOptions['sticky_mode'] = isset($topicOptions['sticky_mode']) ? $topicOptions['sticky_mode'] : null;
  1540. $topicOptions['redirect_expires'] = isset($topicOptions['redirect_expires']) ? $topicOptions['redirect_expires'] : null;
  1541. $topicOptions['redirect_topic'] = isset($topicOptions['redirect_topic']) ? $topicOptions['redirect_topic'] : null;
  1542. $posterOptions['id'] = empty($posterOptions['id']) ? 0 : (int) $posterOptions['id'];
  1543. $posterOptions['ip'] = empty($posterOptions['ip']) ? $user_info['ip'] : $posterOptions['ip'];
  1544. // We need to know if the topic is approved. If we're told that's great - if not find out.
  1545. if (!$modSettings['postmod_active'])
  1546. $topicOptions['is_approved'] = true;
  1547. elseif (!empty($topicOptions['id']) && !isset($topicOptions['is_approved']))
  1548. {
  1549. $request = $smcFunc['db_query']('', '
  1550. SELECT approved
  1551. FROM {db_prefix}topics
  1552. WHERE id_topic = {int:id_topic}
  1553. LIMIT 1',
  1554. array(
  1555. 'id_topic' => $topicOptions['id'],
  1556. )
  1557. );
  1558. list ($topicOptions['is_approved']) = $smcFunc['db_fetch_row']($request);
  1559. $smcFunc['db_free_result']($request);
  1560. }
  1561. // If nothing was filled in as name/e-mail address, try the member table.
  1562. if (!isset($posterOptions['name']) || $posterOptions['name'] == '' || (empty($posterOptions['email']) && !empty($posterOptions['id'])))
  1563. {
  1564. if (empty($posterOptions['id']))
  1565. {
  1566. $posterOptions['id'] = 0;
  1567. $posterOptions['name'] = $txt['guest_title'];
  1568. $posterOptions['email'] = '';
  1569. }
  1570. elseif ($posterOptions['id'] != $user_info['id'])
  1571. {
  1572. $request = $smcFunc['db_query']('', '
  1573. SELECT member_name, email_address
  1574. FROM {db_prefix}members
  1575. WHERE id_member = {int:id_member}
  1576. LIMIT 1',
  1577. array(
  1578. 'id_member' => $posterOptions['id'],
  1579. )
  1580. );
  1581. // Couldn't find the current poster?
  1582. if ($smcFunc['db_num_rows']($request) == 0)
  1583. {
  1584. trigger_error('createPost(): Invalid member id ' . $posterOptions['id'], E_USER_NOTICE);
  1585. $posterOptions['id'] = 0;
  1586. $posterOptions['name'] = $txt['guest_title'];
  1587. $posterOptions['email'] = '';
  1588. }
  1589. else
  1590. list ($posterOptions['name'], $posterOptions['email']) = $smcFunc['db_fetch_row']($request);
  1591. $smcFunc['db_free_result']($request);
  1592. }
  1593. else
  1594. {
  1595. $posterOptions['name'] = $user_info['name'];
  1596. $posterOptions['email'] = $user_info['email'];
  1597. }
  1598. }
  1599. // It's do or die time: forget any user aborts!
  1600. $previous_ignore_user_abort = ignore_user_abort(true);
  1601. $new_topic = empty($topicOptions['id']);
  1602. $message_columns = array(
  1603. 'id_board' => 'int', 'id_topic' => 'int', 'id_member' => 'int', 'subject' => 'string-255', 'body' => (!empty($modSettings['max_messageLength']) && $modSettings['max_messageLength'] > 65534 ? 'string-' . $modSettings['max_messageLength'] : (isset($modSettings['max_messageLength']) && $modSettings['max_messageLength'] == 0 ? 'string' : 'string-65534')),
  1604. 'poster_name' => 'string-255', 'poster_email' => 'string-255', 'poster_time' => 'int', 'poster_ip' => 'string-255',
  1605. 'smileys_enabled' => 'int', 'modified_name' => 'string', 'icon' => 'string-16', 'approved' => 'int',
  1606. );
  1607. $message_parameters = array(
  1608. $topicOptions['board'], $topicOptions['id'], $posterOptions['id'], $msgOptions['subject'], $msgOptions['body'],
  1609. $posterOptions['name'], $posterOptions['email'], time(), $posterOptions['ip'],
  1610. $msgOptions['smileys_enabled'] ? 1 : 0, '', $msgOptions['icon'], $msgOptions['approved'],
  1611. );
  1612. // What if we want to do anything with posts?
  1613. call_integration_hook('integrate_create_post', array(&$message_columns, &$message_parameters, &$msgOptions, &$topicOptions, &$posterOptions));
  1614. // Insert the post.
  1615. $smcFunc['db_insert']('',
  1616. '{db_prefix}messages',
  1617. $message_columns,
  1618. $message_parameters,
  1619. array('id_msg')
  1620. );
  1621. $msgOptions['id'] = $smcFunc['db_insert_id']('{db_prefix}messages', 'id_msg');
  1622. // Something went wrong creating the message...
  1623. if (empty($msgOptions['id']))
  1624. return false;
  1625. // Fix the attachments.
  1626. if (!empty($msgOptions['attachments']))
  1627. $smcFunc['db_query']('', '
  1628. UPDATE {db_prefix}attachments
  1629. SET id_msg = {int:id_msg}
  1630. WHERE id_attach IN ({array_int:attachment_list})',
  1631. array(
  1632. 'attachment_list' => $msgOptions['attachments'],
  1633. 'id_msg' => $msgOptions['id'],
  1634. )
  1635. );
  1636. // Insert a new topic (if the topicID was left empty.)
  1637. if ($new_topic)
  1638. {
  1639. $topic_columns = array(
  1640. 'id_board' => 'int', 'id_member_started' => 'int', 'id_member_updated' => 'int', 'id_first_msg' => 'int',
  1641. 'id_last_msg' => 'int', 'locked' => 'int', 'is_sticky' => 'int', 'num_views' => 'int',
  1642. 'id_poll' => 'int', 'unapproved_posts' => 'int', 'approved' => 'int',
  1643. 'redirect_expires' => 'int', 'id_redirect_topic' => 'int',
  1644. );
  1645. $topic_parameters = array(
  1646. $topicOptions['board'], $posterOptions['id'], $posterOptions['id'], $msgOptions['id'],
  1647. $msgOptions['id'], $topicOptions['lock_mode'] === null ? 0 : $topicOptions['lock_mode'], $topicOptions['sticky_mode'] === null ? 0 : $topicOptions['sticky_mode'], 0,
  1648. $topicOptions['poll'] === null ? 0 : $topicOptions['poll'], $msgOptions['approved'] ? 0 : 1, $msgOptions['approved'],
  1649. $topicOptions['redirect_expires'] === null ? 0 : $topicOptions['redirect_expires'], $topicOptions['redirect_topic'] === null ? 0 : $topicOptions['redirect_topic'],
  1650. );
  1651. call_integration_hook('integrate_before_create_topic', array(&$topic_columns, &$topic_parameters, &$msgOptions, &$topicOptions, &$posterOptions));
  1652. $smcFunc['db_insert']('',
  1653. '{db_prefix}topics',
  1654. $topic_columns,
  1655. $topic_parameters,
  1656. array('id_topic')
  1657. );
  1658. $topicOptions['id'] = $smcFunc['db_insert_id']('{db_prefix}topics', 'id_topic');
  1659. // The topic couldn't be created for some reason.
  1660. if (empty($topicOptions['id']))
  1661. {
  1662. // We should delete the post that did work, though...
  1663. $smcFunc['db_query']('', '
  1664. DELETE FROM {db_prefix}messages
  1665. WHERE id_msg = {int:id_msg}',
  1666. array(
  1667. 'id_msg' => $msgOptions['id'],
  1668. )
  1669. );
  1670. return false;
  1671. }
  1672. // Fix the message with the topic.
  1673. $smcFunc['db_query']('', '
  1674. UPDATE {db_prefix}messages
  1675. SET id_topic = {int:id_topic}
  1676. WHERE id_msg = {int:id_msg}',
  1677. array(
  1678. 'id_topic' => $topicOptions['id'],
  1679. 'id_msg' => $msgOptions['id'],
  1680. )
  1681. );
  1682. // There's been a new topic AND a new post today.
  1683. trackStats(array('topics' => '+', 'posts' => '+'));
  1684. updateStats('topic', true);
  1685. updateStats('subject', $topicOptions['id'], $msgOptions['subject']);
  1686. // What if we want to export new topics out to a CMS?
  1687. call_integration_hook('integrate_create_topic', array($msgOptions, $topicOptions, $posterOptions));
  1688. }
  1689. // The topic already exists, it only needs a little updating.
  1690. else
  1691. {
  1692. $update_parameters = array(
  1693. 'poster_id' => $posterOptions['id'],
  1694. 'id_msg' => $msgOptions['id'],
  1695. 'locked' => $topicOptions['lock_mode'],
  1696. 'is_sticky' => $topicOptions['sticky_mode'],
  1697. 'id_topic' => $topicOptions['id'],
  1698. 'counter_increment' => 1,
  1699. );
  1700. $topics_columns = array();
  1701. if ($msgOptions['approved'])
  1702. $topics_columns = array(
  1703. 'id_member_updated = {int:poster_id}',
  1704. 'id_last_msg = {int:id_msg}',
  1705. 'num_replies = num_replies + {int:counter_increment}',
  1706. );
  1707. else
  1708. $topics_columns = array(
  1709. 'unapproved_posts = unapproved_posts + {int:counter_increment}',
  1710. );
  1711. if ($topicOptions['lock_mode'] !== null)
  1712. $topics_columns = array(
  1713. 'locked = {int:locked}',
  1714. );
  1715. if ($topicOptions['sticky_mode'] !== null)
  1716. $topics_columns = array(
  1717. 'is_sticky = {int:is_sticky}',
  1718. );
  1719. call_integration_hook('integrate_modify_topic', array(&$topics_columns, &$update_parameters, &$msgOptions, &$topicOptions, &$posterOptions));
  1720. // Update the number of replies and the lock/sticky status.
  1721. $smcFunc['db_query']('', '
  1722. UPDATE {db_prefix}topics
  1723. SET
  1724. ' . implode(', ', $topics_columns) . '
  1725. WHERE id_topic = {int:id_topic}',
  1726. $update_parameters
  1727. );
  1728. // One new post has been added today.
  1729. trackStats(array('posts' => '+'));
  1730. }
  1731. // Creating is modifying...in a way.
  1732. // @todo Why not set id_msg_modified on the insert?
  1733. $smcFunc['db_query']('', '
  1734. UPDATE {db_prefix}messages
  1735. SET id_msg_modified = {int:id_msg}
  1736. WHERE id_msg = {int:id_msg}',
  1737. array(
  1738. 'id_msg' => $msgOptions['id'],
  1739. )
  1740. );
  1741. // Increase the number of posts and topics on the board.
  1742. if ($msgOptions['approved'])
  1743. $smcFunc['db_query']('', '
  1744. UPDATE {db_prefix}boards
  1745. SET num_posts = num_posts + 1' . ($new_topic ? ', num_topics = num_topics + 1' : '') . '
  1746. WHERE id_board = {int:id_board}',
  1747. array(
  1748. 'id_board' => $topicOptions['board'],
  1749. )
  1750. );
  1751. else
  1752. {
  1753. $smcFunc['db_query']('', '
  1754. UPDATE {db_prefix}boards
  1755. SET unapproved_posts = unapproved_posts + 1' . ($new_topic ? ', unapproved_topics = unapproved_topics + 1' : '') . '
  1756. WHERE id_board = {int:id_board}',
  1757. array(
  1758. 'id_board' => $topicOptions['board'],
  1759. )
  1760. );
  1761. // Add to the approval queue too.
  1762. $smcFunc['db_insert']('',
  1763. '{db_prefix}approval_queue',
  1764. array(
  1765. 'id_msg' => 'int',
  1766. ),
  1767. array(
  1768. $msgOptions['id'],
  1769. ),
  1770. array()
  1771. );
  1772. }
  1773. // Mark inserted topic as read (only for the user calling this function).
  1774. if (!empty($topicOptions['mark_as_read']) && !$user_info['is_guest'])
  1775. {
  1776. // Since it's likely they *read* it before replying, let's try an UPDATE first.
  1777. if (!$new_topic)
  1778. {
  1779. $smcFunc['db_query']('', '
  1780. UPDATE {db_prefix}log_topics
  1781. SET id_msg = {int:id_msg}
  1782. WHERE id_member = {int:current_member}
  1783. AND id_topic = {int:id_topic}',
  1784. array(
  1785. 'current_member' => $posterOptions['id'],
  1786. 'id_msg' => $msgOptions['id'],
  1787. 'id_topic' => $topicOptions['id'],
  1788. )
  1789. );
  1790. $flag = $smcFunc['db_affected_rows']() != 0;
  1791. }
  1792. if (empty($flag))
  1793. {
  1794. $smcFunc['db_insert']('ignore',
  1795. '{db_prefix}log_topics',
  1796. array('id_topic' => 'int', 'id_member' => 'int', 'id_msg' => 'int'),
  1797. array($topicOptions['id'], $posterOptions['id'], $msgOptions['id']),
  1798. array('id_topic', 'id_member')
  1799. );
  1800. }
  1801. }
  1802. // If there's a custom search index, it may need updating...
  1803. require_once($sourcedir . '/Search.php');
  1804. $searchAPI = findSearchAPI();
  1805. if (is_callable(array($searchAPI, 'postCreated')))
  1806. $searchAPI->postCreated($msgOptions, $topicOptions, $posterOptions);
  1807. // Increase the post counter for the user that created the post.
  1808. if (!empty($posterOptions['update_post_count']) && !empty($posterOptions['id']) && $msgOptions['approved'])
  1809. {
  1810. // Are you the one that happened to create this post?
  1811. if ($user_info['id'] == $posterOptions['id'])
  1812. $user_info['posts']++;
  1813. updateMemberData($posterOptions['id'], array('posts' => '+'));
  1814. }
  1815. // They've posted, so they can make the view count go up one if they really want. (this is to keep views >= replies...)
  1816. $_SESSION['last_read_topic'] = 0;
  1817. // Better safe than sorry.
  1818. if (isset($_SESSION['topicseen_cache'][$topicOptions['board']]))
  1819. $_SESSION['topicseen_cache'][$topicOptions['board']]--;
  1820. // Update all the stats so everyone knows about this new topic and message.
  1821. updateStats('message', true, $msgOptions['id']);
  1822. // Update the last message on the board assuming it's approved AND the topic is.
  1823. if ($msgOptions['approved'])
  1824. updateLastMessages($topicOptions['board'], $new_topic || !empty($topicOptions['is_approved']) ? $msgOptions['id'] : 0);
  1825. // Alright, done now... we can abort now, I guess... at least this much is done.
  1826. ignore_user_abort($previous_ignore_user_abort);
  1827. // Success.
  1828. return true;
  1829. }
  1830. /**
  1831. * Create an attachment, with the given array of parameters.
  1832. * - Adds any addtional or missing parameters to $attachmentOptions.
  1833. * - Renames the temporary file.
  1834. * - Creates a thumbnail if the file is an image and the option enabled.
  1835. *
  1836. * @param array $attachmentOptions
  1837. */
  1838. function createAttachment(&$attachmentOptions)
  1839. {
  1840. global $modSettings, $sourcedir, $smcFunc, $context;
  1841. global $txt, $boarddir;
  1842. require_once($sourcedir . '/Subs-Graphics.php');
  1843. if (!empty($modSettings['currentAttachmentUploadDir']))
  1844. $id_folder = $modSettings['currentAttachmentUploadDir'];
  1845. else
  1846. $id_folder = 1;
  1847. // These are the only valid image types for SMF.
  1848. $validImageTypes = array(
  1849. 1 => 'gif',
  1850. 2 => 'jpeg',
  1851. 3 => 'png',
  1852. 5 => 'psd',
  1853. 6 => 'bmp',
  1854. 7 => 'tiff',
  1855. 8 => 'tiff',
  1856. 9 => 'jpeg',
  1857. 14 => 'iff'
  1858. );
  1859. // If this is an image we need to set a few additional parameters.
  1860. $size = @getimagesize($attachmentOptions['tmp_name']);
  1861. list ($attachmentOptions['width'], $attachmentOptions['height']) = $size;
  1862. // If it's an image get the mime type right.
  1863. if (empty($attachmentOptions['mime_type']) && $attachmentOptions['width'])
  1864. {
  1865. // Got a proper mime type?
  1866. if (!empty($size['mime']))
  1867. $attachmentOptions['mime_type'] = $size['mime'];
  1868. // Otherwise a valid one?
  1869. elseif (isset($validImageTypes[$size[2]]))
  1870. $attachmentOptions['mime_type'] = 'image/' . $validImageTypes[$size[2]];
  1871. }
  1872. // Get the hash if no hash has been given yet.
  1873. if (empty($attachmentOptions['file_hash']))
  1874. $attachmentOptions['file_hash'] = getAttachmentFilename($attachmentOptions['name'], false, null, true);
  1875. // Assuming no-one set the extension let's take a look at it.
  1876. if (empty($attachmentOptions['fileext']))
  1877. {
  1878. $attachmentOptions['fileext'] = strtolower(strrpos($attachmentOptions['name'], '.') !== false ? substr($attachmentOptions['name'], strrpos($attachmentOptions['name'], '.') + 1) : '');
  1879. if (strlen($attachmentOptions['fileext']) > 8 || '.' . $attachmentOptions['fileext'] == $attachmentOptions['name'])
  1880. $attachmentOptions['fileext'] = '';
  1881. }
  1882. $smcFunc['db_insert']('',
  1883. '{db_prefix}attachments',
  1884. array(
  1885. 'id_folder' => 'int', 'id_msg' => 'int', 'filename' => 'string-255', 'file_hash' => 'string-40', 'fileext' => 'string-8',
  1886. 'size' => 'int', 'width' => 'int', 'height' => 'int',
  1887. 'mime_type' => 'string-20', 'approved' => 'int',
  1888. ),
  1889. array(
  1890. $id_folder, (int) $attachmentOptions['post'], $attachmentOptions['name'], $attachmentOptions['file_hash'], $attachmentOptions['fileext'],
  1891. (int) $attachmentOptions['size'], (empty($attachmentOptions['width']) ? 0 : (int) $attachmentOptions['width']), (empty($attachmentOptions['height']) ? '0' : (int) $attachmentOptions['height']),
  1892. (!empty($attachmentOptions['mime_type']) ? $attachmentOptions['mime_type'] : ''), (int) $attachmentOptions['approved'],
  1893. ),
  1894. array('id_attach')
  1895. );
  1896. $attachmentOptions['id'] = $smcFunc['db_insert_id']('{db_prefix}attachments', 'id_attach');
  1897. // @todo Add an error here maybe?
  1898. if (empty($attachmentOptions['id']))
  1899. return false;
  1900. // Now that we have the attach id, let's rename this sucker and finish up.
  1901. $attachmentOptions['destination'] = getAttachmentFilename(basename($attachmentOptions['name']), $attachmentOptions['id'], $id_folder, false, $attachmentOptions['file_hash']);
  1902. rename($attachmentOptions['tmp_name'], $attachmentOptions['destination']);
  1903. // If it's not approved then add to the approval queue.
  1904. if (!$attachmentOptions['approved'])
  1905. $smcFunc['db_insert']('',
  1906. '{db_prefix}approval_queue',
  1907. array(
  1908. 'id_attach' => 'int', 'id_msg' => 'int',
  1909. ),
  1910. array(
  1911. $attachmentOptions['id'], (int) $attachmentOptions['post'],
  1912. ),
  1913. array()
  1914. );
  1915. if (empty($modSettings['attachmentThumbnails']) || (empty($attachmentOptions['width']) && empty($attachmentOptions['height'])))
  1916. return true;
  1917. // Like thumbnails, do we?
  1918. if (!empty($modSettings['attachmentThumbWidth']) && !empty($modSettings['attachmentThumbHeight']) && ($attachmentOptions['width'] > $modSettings['attachmentThumbWidth'] || $attachmentOptions['height'] > $modSettings['attachmentThumbHeight']))
  1919. {
  1920. if (createThumbnail($attachmentOptions['destination'], $modSettings['attachmentThumbWidth'], $modSettings['attachmentThumbHeight']))
  1921. {
  1922. // Figure out how big we actually made it.
  1923. $size = @getimagesize($attachmentOptions['destination'] . '_thumb');
  1924. list ($thumb_width, $thumb_height) = $size;
  1925. if (!empty($size['mime']))
  1926. $thumb_mime = $size['mime'];
  1927. elseif (isset($validImageTypes[$size[2]]))
  1928. $thumb_mime = 'image/' . $validImageTypes[$size[2]];
  1929. // Lord only knows how this happened...
  1930. else
  1931. $thumb_mime = '';
  1932. $thumb_filename = $attachmentOptions['name'] . '_thumb';
  1933. $thumb_size = filesize($attachmentOptions['destination'] . '_thumb');
  1934. $thumb_file_hash = getAttachmentFilename($thumb_filename, false, null, true);
  1935. // To the database we go!
  1936. $smcFunc['db_insert']('',
  1937. '{db_prefix}attachments',
  1938. array(
  1939. 'id_folder' => 'int', 'id_msg' => 'int', 'attachment_type' => 'int', 'filename' => 'string-255', 'file_hash' => 'string-40', 'fileext' => 'string-8',
  1940. 'size' => 'int', 'width' => 'int', 'height' => 'int', 'mime_type' => 'string-20', 'approved' => 'int',
  1941. ),
  1942. array(
  1943. $id_folder, (int) $attachmentOptions['post'], 3, $thumb_filename, $thumb_file_hash, $attachmentOptions['fileext'],
  1944. $thumb_size, $thumb_width, $thumb_height, $thumb_mime, (int) $attachmentOptions['approved'],
  1945. ),
  1946. array('id_attach')
  1947. );
  1948. $attachmentOptions['thumb'] = $smcFunc['db_insert_id']('{db_prefix}attachments', 'id_attach');
  1949. if (!empty($attachmentOptions['thumb']))
  1950. {
  1951. $smcFunc['db_query']('', '
  1952. UPDATE {db_prefix}attachments
  1953. SET id_thumb = {int:id_thumb}
  1954. WHERE id_attach = {int:id_attach}',
  1955. array(
  1956. 'id_thumb' => $attachmentOptions['thumb'],
  1957. 'id_attach' => $attachmentOptions['id'],
  1958. )
  1959. );
  1960. rename($attachmentOptions['destination'] . '_thumb', getAttachmentFilename($thumb_filename, $attachmentOptions['thumb'], $id_folder, false, $thumb_file_hash));
  1961. }
  1962. }
  1963. }
  1964. return true;
  1965. }
  1966. /**
  1967. * Performs various checks on an uploaded file.
  1968. * - Requires that $_SESSION['temp_attachments'][$attachID] be properly populated.
  1969. *
  1970. * @param $attachID
  1971. */
  1972. function attachmentChecks($attachID)
  1973. {
  1974. global $modSettings, $context, $sourcedir, $smcFunc;
  1975. // No data or missing data .... Not necessarily needed, but in case a mod author missed something.
  1976. if ( empty($_SESSION['temp_attachments'][$attachID]))
  1977. $errror = '$_SESSION[\'temp_attachments\'][$attachID]';
  1978. elseif (empty($attachID))
  1979. $errror = '$attachID';
  1980. elseif (empty($context['attachments']))
  1981. $errror = '$context[\'attachments\']';
  1982. elseif (empty($context['attach_dir']))
  1983. $errror = '$context[\'attach_dir\']';
  1984. // Let's get their attention.
  1985. if (!empty($error))
  1986. fatal_lang_error('attach_check_nag', 'debug', array($error));
  1987. // These are the only valid image types for SMF.
  1988. $validImageTypes = array(
  1989. 1 => 'gif',
  1990. 2 => 'jpeg',
  1991. 3 => 'png',
  1992. 5 => 'psd',
  1993. 6 => 'bmp',
  1994. 7 => 'tiff',
  1995. 8 => 'tiff',
  1996. 9 => 'jpeg',
  1997. 14 => 'iff'
  1998. );
  1999. // Just in case this slipped by the first checks, we stop it here and now
  2000. if ($_SESSION['temp_attachments'][$attachID]['size'] == 0)
  2001. {
  2002. $_SESSION['temp_attachments'][$attachID]['errors'][] = 'attach_0_byte_file';
  2003. return false;
  2004. }
  2005. // First, the dreaded security check. Sorry folks, but this can't be avoided
  2006. $size = @getimagesize($_SESSION['temp_attachments'][$attachID]['tmp_name']);
  2007. if (isset($validImageTypes[$size[2]]))
  2008. {
  2009. require_once($sourcedir . '/Subs-Graphics.php');
  2010. if (!checkImageContents($_SESSION['temp_attachments'][$attachID]['tmp_name'], !empty($modSettings['attachment_image_paranoid'])))
  2011. {
  2012. // It's bad. Last chance, maybe we can re-encode it?
  2013. if (empty($modSettings['attachment_image_reencode']) || (!reencodeImage($_SESSION['temp_attachments'][$attachID]['tmp_name'], $size[2])))
  2014. {
  2015. // Nothing to do: not allowed or not successful re-encoding it.
  2016. $_SESSION['temp_attachments'][$attachID]['errors'][] = 'bad_attachment';
  2017. return false;
  2018. }
  2019. // Success! However, successes usually come for a price:
  2020. // we might get a new format for our image...
  2021. $old_format = $size[2];
  2022. $size = @getimagesize($attachmentOptions['tmp_name']);
  2023. if (!(empty($size)) && ($size[2] != $old_format))
  2024. {
  2025. if (isset($validImageTypes[$size[2]]))
  2026. $_SESSION['temp_attachments'][$attachID]['type'] = 'image/' . $validImageTypes[$size[2]];
  2027. }
  2028. }
  2029. }
  2030. if (!empty($modSettings['attachmentDirSizeLimit']))
  2031. {
  2032. // Check the folder size if it hasn't been done already.
  2033. if (!isset($context['dir_size']))
  2034. {
  2035. $request = $smcFunc['db_query']('', '
  2036. SELECT SUM(size)
  2037. FROM {db_prefix}attachments
  2038. WHERE id_folder = {int:folder_id}',
  2039. array(
  2040. 'folder_id' => empty($modSettings['currentAttachmentUploadDir']) ? 1 : $modSettings['currentAttachmentUploadDir'],
  2041. )
  2042. );
  2043. list ($context['dir_size']) = $smcFunc['db_fetch_row']($request);
  2044. $smcFunc['db_free_result']($request);
  2045. }
  2046. $context['dir_size'] += $_SESSION['temp_attachments'][$attachID]['size'];
  2047. // Soon to be too big - warn the admins...
  2048. if (empty($modSettings['attachment_full_notified']) && $modSettings['attachmentDirSizeLimit'] > 4000 && $context['dir_size'] > ($modSettings['attachmentDirSizeLimit'] - 2000) * 1024)
  2049. {
  2050. require_once($sourcedir . '/Subs-Admin.php');
  2051. emailAdmins('admin_attachments_full');
  2052. updateSettings(array('attachment_full_notified' => 1));
  2053. }
  2054. // Too big! Maybe you could zip it or something...
  2055. if ($context['dir_size'] > $modSettings['attachmentDirSizeLimit'] * 1024)
  2056. $_SESSION['temp_attachments'][$attachID]['errors'][] = 'ran_out_of_space';
  2057. }
  2058. // Is the file too big?
  2059. $context['attachments']['total_size'] += $_SESSION['temp_attachments'][$attachID]['size'];
  2060. if (!empty($modSettings['attachmentSizeLimit']) && $_SESSION['temp_attachments'][$attachID]['size'] > $modSettings['attachmentSizeLimit'] * 1024)
  2061. $_SESSION['temp_attachments'][$attachID]['errors'][] = array('file_too_big', array(comma_format($modSettings['attachmentSizeLimit'], 0)));
  2062. // Check the total upload size for this post...
  2063. if (!empty($modSettings['attachmentPostLimit']) && $context['attachments']['total_size'] > $modSettings['attachmentPostLimit'] * 1024)
  2064. $_SESSION['temp_attachments'][$attachID]['errors'][] = array('attach_max_total_file_size', array(comma_format($modSettings['attachmentPostLimit'], 0), comma_format($modSettings['attachmentPostLimit'] - (($context['attachments']['total_size'] - $_SESSION['temp_attachments'][$attachID]['size']) / 1024), 0)));
  2065. // Have we reached the maximum number of files we are allowed?
  2066. $context['attachments']['quantity']++;
  2067. // Set a max limit if none exists
  2068. if (empty($modSettings['attachmentNumPerPostLimit']) && $context['attachments']['quantity'] >= 50)
  2069. $modSettings['attachmentNumPerPostLimit'] = 50;
  2070. if (!empty($modSettings['attachmentNumPerPostLimit']) && $context['attachments']['quantity'] > $modSettings['attachmentNumPerPostLimit'])
  2071. $_SESSION['temp_attachments'][$attachID]['errors'][] = array('attachments_limit_per_post', array($modSettings['attachmentNumPerPostLimit']));
  2072. // File extension check
  2073. if (!empty($modSettings['attachmentCheckExtensions']))
  2074. {
  2075. $allowed = explode(',', strtolower($modSettings['attachmentExtensions']));
  2076. foreach ($allowed as $k => $dummy)
  2077. $allowed[$k] = trim($dummy);
  2078. if (!in_array(strtolower(substr(strrchr($_SESSION['temp_attachments'][$attachID]['name'], '.'), 1)), $allowed))
  2079. {
  2080. $allowed_extensions = strtr(strtolower($modSettings['attachmentExtensions']), array(',' => ', '));
  2081. $_SESSION['temp_attachments'][$attachID]['errors'][] = array('cant_upload_type', array($allowed_extensions));
  2082. }
  2083. }
  2084. // back up to the previous one if there's been an error.
  2085. if (!empty($_SESSION['temp_attachments'][$attachID]['errors']))
  2086. {
  2087. $context['dir_size'] -= $_SESSION['temp_attachments'][$attachID]['size'];
  2088. $context['attachments']['total_size'] -= $_SESSION['temp_attachments'][$attachID]['size'];
  2089. $context['attachments']['quantity']--;
  2090. return false;
  2091. }
  2092. return true;
  2093. }
  2094. /**
  2095. * Modifying a post...
  2096. *
  2097. * @param array &$msgOptions
  2098. * @param array &$topicOptions
  2099. * @param array &$posterOptions
  2100. */
  2101. function modifyPost(&$msgOptions, &$topicOptions, &$posterOptions)
  2102. {
  2103. global $user_info, $modSettings, $smcFunc, $context, $sourcedir;
  2104. $topicOptions['poll'] = isset($topicOptions['poll']) ? (int) $topicOptions['poll'] : null;
  2105. $topicOptions['lock_mode'] = isset($topicOptions['lock_mode']) ? $topicOptions['lock_mode'] : null;
  2106. $topicOptions['sticky_mode'] = isset($topicOptions['sticky_mode']) ? $topicOptions['sticky_mode'] : null;
  2107. // This is longer than it has to be, but makes it so we only set/change what we have to.
  2108. $messages_columns = array();
  2109. if (isset($posterOptions['name']))
  2110. $messages_columns['poster_name'] = $posterOptions['name'];
  2111. if (isset($posterOptions['email']))
  2112. $messages_columns['poster_email'] = $posterOptions['email'];
  2113. if (isset($msgOptions['icon']))
  2114. $messages_columns['icon'] = $msgOptions['icon'];
  2115. if (isset($msgOptions['subject']))
  2116. $messages_columns['subject'] = $msgOptions['subject'];
  2117. if (isset($msgOptions['body']))
  2118. {
  2119. $messages_columns['body'] = $msgOptions['body'];
  2120. // using a custom search index, then lets get the old message so we can update our index as needed
  2121. if (!empty($modSettings['search_custom_index_config']))
  2122. {
  2123. $request = $smcFunc['db_query']('', '
  2124. SELECT body
  2125. FROM {db_prefix}messages
  2126. WHERE id_msg = {int:id_msg}',
  2127. array(
  2128. 'id_msg' => $msgOptions['id'],
  2129. )
  2130. );
  2131. list ($msgOptions['old_body']) = $smcFunc['db_fetch_row']($request);
  2132. $smcFunc['db_free_result']($request);
  2133. }
  2134. }
  2135. if (!empty($msgOptions['modify_time']))
  2136. {
  2137. $messages_columns['modified_time'] = $msgOptions['modify_time'];
  2138. $messages_columns['modified_name'] = $msgOptions['modify_name'];
  2139. $messages_columns['id_msg_modified'] = $modSettings['maxMsgID'];
  2140. }
  2141. if (isset($msgOptions['smileys_enabled']))
  2142. $messages_columns['smileys_enabled'] = empty($msgOptions['smileys_enabled']) ? 0 : 1;
  2143. // Which columns need to be ints?
  2144. $messageInts = array('modified_time', 'id_msg_modified', 'smileys_enabled');
  2145. $update_parameters = array(
  2146. 'id_msg' => $msgOptions['id'],
  2147. );
  2148. call_integration_hook('integrate_modify_post', array(&$messages_columns, &$update_parameters, &$msgOptions, &$topicOptions, &$posterOptions));
  2149. foreach ($messages_columns as $var => $val)
  2150. {
  2151. $messages_columns[$var] = $var . ' = {' . (in_array($var, $messageInts) ? 'int' : 'string') . ':var_' . $var . '}';
  2152. $update_parameters['var_' . $var] = $val;
  2153. }
  2154. // Nothing to do?
  2155. if (empty($messages_columns))
  2156. return true;
  2157. // Change the post.
  2158. $smcFunc['db_query']('', '
  2159. UPDATE {db_prefix}messages
  2160. SET ' . implode(', ', $messages_columns) . '
  2161. WHERE id_msg = {int:id_msg}',
  2162. $update_parameters
  2163. );
  2164. // Lock and or sticky the post.
  2165. if ($topicOptions['sticky_mode'] !== null || $topicOptions['lock_mode'] !== null || $topicOptions['poll'] !== null)
  2166. {
  2167. $smcFunc['db_query']('', '
  2168. UPDATE {db_prefix}topics
  2169. SET
  2170. is_sticky = {raw:is_sticky},
  2171. locked = {raw:locked},
  2172. id_poll = {raw:id_poll}
  2173. WHERE id_topic = {int:id_topic}',
  2174. array(
  2175. 'is_sticky' => $topicOptions['sticky_mode'] === null ? 'is_sticky' : (int) $topicOptions['sticky_mode'],
  2176. 'locked' => $topicOptions['lock_mode'] === null ? 'locked' : (int) $topicOptions['lock_mode'],
  2177. 'id_poll' => $topicOptions['poll'] === null ? 'id_poll' : (int) $topicOptions['poll'],
  2178. 'id_topic' => $topicOptions['id'],
  2179. )
  2180. );
  2181. }
  2182. // Mark the edited post as read.
  2183. if (!empty($topicOptions['mark_as_read']) && !$user_info['is_guest'])
  2184. {
  2185. // Since it's likely they *read* it before editing, let's try an UPDATE first.
  2186. $smcFunc['db_query']('', '
  2187. UPDATE {db_prefix}log_topics
  2188. SET id_msg = {int:id_msg}
  2189. WHERE id_member = {int:current_member}
  2190. AND id_topic = {int:id_topic}',
  2191. array(
  2192. 'current_member' => $user_info['id'],
  2193. 'id_msg' => $modSettings['maxMsgID'],
  2194. 'id_topic' => $topicOptions['id'],
  2195. )
  2196. );
  2197. $flag = $smcFunc['db_affected_rows']() != 0;
  2198. if (empty($flag))
  2199. {
  2200. $smcFunc['db_insert']('ignore',
  2201. '{db_prefix}log_topics',
  2202. array('id_topic' => 'int', 'id_member' => 'int', 'id_msg' => 'int'),
  2203. array($topicOptions['id'], $user_info['id'], $modSettings['maxMsgID']),
  2204. array('id_topic', 'id_member')
  2205. );
  2206. }
  2207. }
  2208. // If there's a custom search index, it needs to be modified...
  2209. require_once($sourcedir . '/Search.php');
  2210. $searchAPI = findSearchAPI();
  2211. if (is_callable(array($searchAPI, 'postModified')))
  2212. $searchAPI->postModified($msgOptions, $topicOptions, $posterOptions);
  2213. if (isset($msgOptions['subject']))
  2214. {
  2215. // Only update the subject if this was the first message in the topic.
  2216. $request = $smcFunc['db_query']('', '
  2217. SELECT id_topic
  2218. FROM {db_prefix}topics
  2219. WHERE id_first_msg = {int:id_first_msg}
  2220. LIMIT 1',
  2221. array(
  2222. 'id_first_msg' => $msgOptions['id'],
  2223. )
  2224. );
  2225. if ($smcFunc['db_num_rows']($request) == 1)
  2226. updateStats('subject', $topicOptions['id'], $msgOptions['subject']);
  2227. $smcFunc['db_free_result']($request);
  2228. }
  2229. // Finally, if we are setting the approved state we need to do much more work :(
  2230. if ($modSettings['postmod_active'] && isset($msgOptions['approved']))
  2231. approvePosts($msgOptions['id'], $msgOptions['approved']);
  2232. return true;
  2233. }
  2234. /**
  2235. * Approve (or not) some posts... without permission checks...
  2236. *
  2237. * @param array $msgs - array of message ids
  2238. * @param bool $approve = true
  2239. */
  2240. function approvePosts($msgs, $approve = true)
  2241. {
  2242. global $sourcedir, $smcFunc;
  2243. if (!is_array($msgs))
  2244. $msgs = array($msgs);
  2245. if (empty($msgs))
  2246. return false;
  2247. // May as well start at the beginning, working out *what* we need to change.
  2248. $request = $smcFunc['db_query']('', '
  2249. SELECT m.id_msg, m.approved, m.id_topic, m.id_board, t.id_first_msg, t.id_last_msg,
  2250. m.body, m.subject, IFNULL(mem.real_name, m.poster_name) AS poster_name, m.id_member,
  2251. t.approved AS topic_approved, b.count_posts
  2252. FROM {db_prefix}messages AS m
  2253. INNER JOIN {db_prefix}topics AS t ON (t.id_topic = m.id_topic)
  2254. INNER JOIN {db_prefix}boards AS b ON (b.id_board = m.id_board)
  2255. LEFT JOIN {db_prefix}members AS mem ON (mem.id_member = m.id_member)
  2256. WHERE m.id_msg IN ({array_int:message_list})
  2257. AND m.approved = {int:approved_state}',
  2258. array(
  2259. 'message_list' => $msgs,
  2260. 'approved_state' => $approve ? 0 : 1,
  2261. )
  2262. );
  2263. $msgs = array();
  2264. $topics = array();
  2265. $topic_changes = array();
  2266. $board_changes = array();
  2267. $notification_topics = array();
  2268. $notification_posts = array();
  2269. $member_post_changes = array();
  2270. while ($row = $smcFunc['db_fetch_assoc']($request))
  2271. {
  2272. // Easy...
  2273. $msgs[] = $row['id_msg'];
  2274. $topics[] = $row['id_topic'];
  2275. // Ensure our change array exists already.
  2276. if (!isset($topic_changes[$row['id_topic']]))
  2277. $topic_changes[$row['id_topic']] = array(
  2278. 'id_last_msg' => $row['id_last_msg'],
  2279. 'approved' => $row['topic_approved'],
  2280. 'replies' => 0,
  2281. 'unapproved_posts' => 0,
  2282. );
  2283. if (!isset($board_changes[$row['id_board']]))
  2284. $board_changes[$row['id_board']] = array(
  2285. 'posts' => 0,
  2286. 'topics' => 0,
  2287. 'unapproved_posts' => 0,
  2288. 'unapproved_topics' => 0,
  2289. );
  2290. // If it's the first message then the topic state changes!
  2291. if ($row['id_msg'] == $row['id_first_msg'])
  2292. {
  2293. $topic_changes[$row['id_topic']]['approved'] = $approve ? 1 : 0;
  2294. $board_changes[$row['id_board']]['unapproved_topics'] += $approve ? -1 : 1;
  2295. $board_changes[$row['id_board']]['topics'] += $approve ? 1 : -1;
  2296. // Note we need to ensure we announce this topic!
  2297. $notification_topics[] = array(
  2298. 'body' => $row['body'],
  2299. 'subject' => $row['subject'],
  2300. 'name' => $row['poster_name'],
  2301. 'board' => $row['id_board'],
  2302. 'topic' => $row['id_topic'],
  2303. 'msg' => $row['id_first_msg'],
  2304. 'poster' => $row['id_member'],
  2305. );
  2306. }
  2307. else
  2308. {
  2309. $topic_changes[$row['id_topic']]['replies'] += $approve ? 1 : -1;
  2310. // This will be a post... but don't notify unless it's not followed by approved ones.
  2311. if ($row['id_msg'] > $row['id_last_msg'])
  2312. $notification_posts[$row['id_topic']][] = array(
  2313. 'id' => $row['id_msg'],
  2314. 'body' => $row['body'],
  2315. 'subject' => $row['subject'],
  2316. 'name' => $row['poster_name'],
  2317. 'topic' => $row['id_topic'],
  2318. );
  2319. }
  2320. // If this is being approved and id_msg is higher than the current id_last_msg then it changes.
  2321. if ($approve && $row['id_msg'] > $topic_changes[$row['id_topic']]['id_last_msg'])
  2322. $topic_changes[$row['id_topic']]['id_last_msg'] = $row['id_msg'];
  2323. // If this is being unapproved, and it's equal to the id_last_msg we need to find a new one!
  2324. elseif (!$approve)
  2325. // Default to the first message and then we'll override in a bit ;)
  2326. $topic_changes[$row['id_topic']]['id_last_msg'] = $row['id_first_msg'];
  2327. $topic_changes[$row['id_topic']]['unapproved_posts'] += $approve ? -1 : 1;
  2328. $board_changes[$row['id_board']]['unapproved_posts'] += $approve ? -1 : 1;
  2329. $board_changes[$row['id_board']]['posts'] += $approve ? 1 : -1;
  2330. // Post count for the user?
  2331. if ($row['id_member'] && empty($row['count_posts']))
  2332. $member_post_changes[$row['id_member']] = isset($member_post_changes[$row['id_member']]) ? $member_post_changes[$row['id_member']] + 1 : 1;
  2333. }
  2334. $smcFunc['db_free_result']($request);
  2335. if (empty($msgs))
  2336. return;
  2337. // Now we have the differences make the changes, first the easy one.
  2338. $smcFunc['db_query']('', '
  2339. UPDATE {db_prefix}messages
  2340. SET approved = {int:approved_state}
  2341. WHERE id_msg IN ({array_int:message_list})',
  2342. array(
  2343. 'message_list' => $msgs,
  2344. 'approved_state' => $approve ? 1 : 0,
  2345. )
  2346. );
  2347. // If we were unapproving find the last msg in the topics...
  2348. if (!$approve)
  2349. {
  2350. $request = $smcFunc['db_query']('', '
  2351. SELECT id_topic, MAX(id_msg) AS id_last_msg
  2352. FROM {db_prefix}messages
  2353. WHERE id_topic IN ({array_int:topic_list})
  2354. AND approved = {int:approved}
  2355. GROUP BY id_topic',
  2356. array(
  2357. 'topic_list' => $topics,
  2358. 'approved' => 1,
  2359. )
  2360. );
  2361. while ($row = $smcFunc['db_fetch_assoc']($request))
  2362. $topic_changes[$row['id_topic']]['id_last_msg'] = $row['id_last_msg'];
  2363. $smcFunc['db_free_result']($request);
  2364. }
  2365. // ... next the topics...
  2366. foreach ($topic_changes as $id => $changes)
  2367. $smcFunc['db_query']('', '
  2368. UPDATE {db_prefix}topics
  2369. SET approved = {int:approved}, unapproved_posts = unapproved_posts + {int:unapproved_posts},
  2370. num_replies = num_replies + {int:num_replies}, id_last_msg = {int:id_last_msg}
  2371. WHERE id_topic = {int:id_topic}',
  2372. array(
  2373. 'approved' => $changes['approved'],
  2374. 'unapproved_posts' => $changes['unapproved_posts'],
  2375. 'num_replies' => $changes['replies'],
  2376. 'id_last_msg' => $changes['id_last_msg'],
  2377. 'id_topic' => $id,
  2378. )
  2379. );
  2380. // ... finally the boards...
  2381. foreach ($board_changes as $id => $changes)
  2382. $smcFunc['db_query']('', '
  2383. UPDATE {db_prefix}boards
  2384. SET num_posts = num_posts + {int:num_posts}, unapproved_posts = unapproved_posts + {int:unapproved_posts},
  2385. num_topics = num_topics + {int:num_topics}, unapproved_topics = unapproved_topics + {int:unapproved_topics}
  2386. WHERE id_board = {int:id_board}',
  2387. array(
  2388. 'num_posts' => $changes['posts'],
  2389. 'unapproved_posts' => $changes['unapproved_posts'],
  2390. 'num_topics' => $changes['topics'],
  2391. 'unapproved_topics' => $changes['unapproved_topics'],
  2392. 'id_board' => $id,
  2393. )
  2394. );
  2395. // Finally, least importantly, notifications!
  2396. if ($approve)
  2397. {
  2398. if (!empty($notification_topics))
  2399. {
  2400. require_once($sourcedir . '/Post.php');
  2401. notifyMembersBoard($notification_topics);
  2402. }
  2403. if (!empty($notification_posts))
  2404. sendApprovalNotifications($notification_posts);
  2405. $smcFunc['db_query']('', '
  2406. DELETE FROM {db_prefix}approval_queue
  2407. WHERE id_msg IN ({array_int:message_list})
  2408. AND id_attach = {int:id_attach}',
  2409. array(
  2410. 'message_list' => $msgs,
  2411. 'id_attach' => 0,
  2412. )
  2413. );
  2414. }
  2415. // If unapproving add to the approval queue!
  2416. else
  2417. {
  2418. $msgInserts = array();
  2419. foreach ($msgs as $msg)
  2420. $msgInserts[] = array($msg);
  2421. $smcFunc['db_insert']('ignore',
  2422. '{db_prefix}approval_queue',
  2423. array('id_msg' => 'int'),
  2424. $msgInserts,
  2425. array('id_msg')
  2426. );
  2427. }
  2428. // Update the last messages on the boards...
  2429. updateLastMessages(array_keys($board_changes));
  2430. // Post count for the members?
  2431. if (!empty($member_post_changes))
  2432. foreach ($member_post_changes as $id_member => $count_change)
  2433. updateMemberData($id_member, array('posts' => 'posts ' . ($approve ? '+' : '-') . ' ' . $count_change));
  2434. return true;
  2435. }
  2436. /**
  2437. * Approve topics?
  2438. * @todo shouldn't this be in topic
  2439. *
  2440. * @param array $topics, array of topics ids
  2441. * @param bool $approve = true
  2442. */
  2443. function approveTopics($topics, $approve = true)
  2444. {
  2445. global $smcFunc;
  2446. if (!is_array($topics))
  2447. $topics = array($topics);
  2448. if (empty($topics))
  2449. return false;
  2450. $approve_type = $approve ? 0 : 1;
  2451. // Just get the messages to be approved and pass through...
  2452. $request = $smcFunc['db_query']('', '
  2453. SELECT id_msg
  2454. FROM {db_prefix}messages
  2455. WHERE id_topic IN ({array_int:topic_list})
  2456. AND approved = {int:approve_type}',
  2457. array(
  2458. 'topic_list' => $topics,
  2459. 'approve_type' => $approve_type,
  2460. )
  2461. );
  2462. $msgs = array();
  2463. while ($row = $smcFunc['db_fetch_assoc']($request))
  2464. $msgs[] = $row['id_msg'];
  2465. $smcFunc['db_free_result']($request);
  2466. return approvePosts($msgs, $approve);
  2467. }
  2468. /**
  2469. * A special function for handling the hell which is sending approval notifications.
  2470. *
  2471. * @param $topicData
  2472. */
  2473. function sendApprovalNotifications(&$topicData)
  2474. {
  2475. global $txt, $scripturl, $language, $user_info;
  2476. global $modSettings, $sourcedir, $context, $smcFunc;
  2477. // Clean up the data...
  2478. if (!is_array($topicData) || empty($topicData))
  2479. return;
  2480. $topics = array();
  2481. $digest_insert = array();
  2482. foreach ($topicData as $topic => $msgs)
  2483. foreach ($msgs as $msgKey => $msg)
  2484. {
  2485. censorText($topicData[$topic][$msgKey]['subject']);
  2486. censorText($topicData[$topic][$msgKey]['body']);
  2487. $topicData[$topic][$msgKey]['subject'] = un_htmlspecialchars($topicData[$topic][$msgKey]['subject']);
  2488. $topicData[$topic][$msgKey]['body'] = trim(un_htmlspecialchars(strip_tags(strtr(parse_bbc($topicData[$topic][$msgKey]['body'], false), array('<br />' => "\n", '</div>' => "\n", '</li>' => "\n", '&#91;' => '[', '&#93;' => ']')))));
  2489. $topics[] = $msg['id'];
  2490. $digest_insert[] = array($msg['topic'], $msg['id'], 'reply', $user_info['id']);
  2491. }
  2492. // These need to go into the digest too...
  2493. $smcFunc['db_insert']('',
  2494. '{db_prefix}log_digest',
  2495. array(
  2496. 'id_topic' => 'int', 'id_msg' => 'int', 'note_type' => 'string', 'exclude' => 'int',
  2497. ),
  2498. $digest_insert,
  2499. array()
  2500. );
  2501. // Find everyone who needs to know about this.
  2502. $members = $smcFunc['db_query']('', '
  2503. SELECT
  2504. mem.id_member, mem.email_address, mem.notify_regularity, mem.notify_types, mem.notify_send_body, mem.lngfile,
  2505. ln.sent, mem.id_group, mem.additional_groups, b.member_groups, mem.id_post_group, t.id_member_started,
  2506. ln.id_topic
  2507. FROM {db_prefix}log_notify AS ln
  2508. INNER JOIN {db_prefix}members AS mem ON (mem.id_member = ln.id_member)
  2509. INNER JOIN {db_prefix}topics AS t ON (t.id_topic = ln.id_topic)
  2510. INNER JOIN {db_prefix}boards AS b ON (b.id_board = t.id_board)
  2511. WHERE ln.id_topic IN ({array_int:topic_list})
  2512. AND mem.is_activated = {int:is_activated}
  2513. AND mem.notify_types < {int:notify_types}
  2514. AND mem.notify_regularity < {int:notify_regularity}
  2515. GROUP BY mem.id_member, ln.id_topic, mem.email_address, mem.notify_regularity, mem.notify_types, mem.notify_send_body, mem.lngfile, ln.sent, mem.id_group, mem.additional_groups, b.member_groups, mem.id_post_group, t.id_member_started
  2516. ORDER BY mem.lngfile',
  2517. array(
  2518. 'topic_list' => $topics,
  2519. 'is_activated' => 1,
  2520. 'notify_types' => 4,
  2521. 'notify_regularity' => 2,
  2522. )
  2523. );
  2524. $sent = 0;
  2525. $current_language = $user_info['language'];
  2526. while ($row = $smcFunc['db_fetch_assoc']($members))
  2527. {
  2528. if ($row['id_group'] != 1)
  2529. {
  2530. $allowed = explode(',', $row['member_groups']);
  2531. $row['additional_groups'] = explode(',', $row['additional_groups']);
  2532. $row['additional_groups'][] = $row['id_group'];
  2533. $row['additional_groups'][] = $row['id_post_group'];
  2534. if (count(array_intersect($allowed, $row['additional_groups'])) == 0)
  2535. continue;
  2536. }
  2537. $needed_language = empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile'];
  2538. if (empty($current_language) || $current_language != $needed_language)
  2539. $current_language = loadLanguage('Post', $needed_language, false);
  2540. $sent_this_time = false;
  2541. // Now loop through all the messages to send.
  2542. foreach ($topicData[$row['id_topic']] as $msg)
  2543. {
  2544. $replacements = array(
  2545. 'TOPICSUBJECT' => $topicData[$row['id_topic']]['subject'],
  2546. 'POSTERNAME' => un_htmlspecialchars($topicData[$row['id_topic']]['name']),
  2547. 'TOPICLINK' => $scripturl . '?topic=' . $row['id_topic'] . '.new;topicseen#new',
  2548. 'UNSUBSCRIBELINK' => $scripturl . '?action=notify;topic=' . $row['id_topic'] . '.0',
  2549. );
  2550. $message_type = 'notification_reply';
  2551. // Do they want the body of the message sent too?
  2552. if (!empty($row['notify_send_body']) && empty($modSettings['disallow_sendBody']))
  2553. {
  2554. $message_type .= '_body';
  2555. $replacements['BODY'] = $topicData[$row['id_topic']]['body'];
  2556. }
  2557. if (!empty($row['notify_regularity']))
  2558. $message_type .= '_once';
  2559. // Send only if once is off or it's on and it hasn't been sent.
  2560. if (empty($row['notify_regularity']) || (empty($row['sent']) && !$sent_this_time))
  2561. {
  2562. $emaildata = loadEmailTemplate($message_type, $replacements, $needed_language);
  2563. sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'], null, 'm' . $topicData[$row['id_topic']]['last_id']);
  2564. $sent++;
  2565. }
  2566. $sent_this_time = true;
  2567. }
  2568. }
  2569. $smcFunc['db_free_result']($members);
  2570. if (isset($current_language) && $current_language != $user_info['language'])
  2571. loadLanguage('Post');
  2572. // Sent!
  2573. if (!empty($sent))
  2574. $smcFunc['db_query']('', '
  2575. UPDATE {db_prefix}log_notify
  2576. SET sent = {int:is_sent}
  2577. WHERE id_topic IN ({array_int:topic_list})
  2578. AND id_member != {int:current_member}',
  2579. array(
  2580. 'current_member' => $user_info['id'],
  2581. 'topic_list' => $topics,
  2582. 'is_sent' => 1,
  2583. )
  2584. );
  2585. }
  2586. /**
  2587. * Takes an array of board IDs and updates their last messages.
  2588. * If the board has a parent, that parent board is also automatically
  2589. * updated.
  2590. * The columns updated are id_last_msg and last_updated.
  2591. * Note that id_last_msg should always be updated using this function,
  2592. * and is not automatically updated upon other changes.
  2593. *
  2594. * @param array $setboards
  2595. * @param int $id_msg = 0
  2596. */
  2597. function updateLastMessages($setboards, $id_msg = 0)
  2598. {
  2599. global $board_info, $board, $modSettings, $smcFunc;
  2600. // Please - let's be sane.
  2601. if (empty($setboards))
  2602. return false;
  2603. if (!is_array($setboards))
  2604. $setboards = array($setboards);
  2605. // If we don't know the id_msg we need to find it.
  2606. if (!$id_msg)
  2607. {
  2608. // Find the latest message on this board (highest id_msg.)
  2609. $request = $smcFunc['db_query']('', '
  2610. SELECT id_board, MAX(id_last_msg) AS id_msg
  2611. FROM {db_prefix}topics
  2612. WHERE id_board IN ({array_int:board_list})
  2613. AND approved = {int:approved}
  2614. GROUP BY id_board',
  2615. array(
  2616. 'board_list' => $setboards,
  2617. 'approved' => 1,
  2618. )
  2619. );
  2620. $lastMsg = array();
  2621. while ($row = $smcFunc['db_fetch_assoc']($request))
  2622. $lastMsg[$row['id_board']] = $row['id_msg'];
  2623. $smcFunc['db_free_result']($request);
  2624. }
  2625. else
  2626. {
  2627. // Just to note - there should only be one board passed if we are doing this.
  2628. foreach ($setboards as $id_board)
  2629. $lastMsg[$id_board] = $id_msg;
  2630. }
  2631. $parent_boards = array();
  2632. // Keep track of last modified dates.
  2633. $lastModified = $lastMsg;
  2634. // Get all the child boards for the parents, if they have some...
  2635. foreach ($setboards as $id_board)
  2636. {
  2637. if (!isset($lastMsg[$id_board]))
  2638. {
  2639. $lastMsg[$id_board] = 0;
  2640. $lastModified[$id_board] = 0;
  2641. }
  2642. if (!empty($board) && $id_board == $board)
  2643. $parents = $board_info['parent_boards'];
  2644. else
  2645. $parents = getBoardParents($id_board);
  2646. // Ignore any parents on the top child level.
  2647. // @todo Why?
  2648. foreach ($parents as $id => $parent)
  2649. {
  2650. if ($parent['level'] != 0)
  2651. {
  2652. // If we're already doing this one as a board, is this a higher last modified?
  2653. if (isset($lastModified[$id]) && $lastModified[$id_board] > $lastModified[$id])
  2654. $lastModified[$id] = $lastModified[$id_board];
  2655. elseif (!isset($lastModified[$id]) && (!isset($parent_boards[$id]) || $parent_boards[$id] < $lastModified[$id_board]))
  2656. $parent_boards[$id] = $lastModified[$id_board];
  2657. }
  2658. }
  2659. }
  2660. // Note to help understand what is happening here. For parents we update the timestamp of the last message for determining
  2661. // whether there are child boards which have not been read. For the boards themselves we update both this and id_last_msg.
  2662. $board_updates = array();
  2663. $parent_updates = array();
  2664. // Finally, to save on queries make the changes...
  2665. foreach ($parent_boards as $id => $msg)
  2666. {
  2667. if (!isset($parent_updates[$msg]))
  2668. $parent_updates[$msg] = array($id);
  2669. else
  2670. $parent_updates[$msg][] = $id;
  2671. }
  2672. foreach ($lastMsg as $id => $msg)
  2673. {
  2674. if (!isset($board_updates[$msg . '-' . $lastModified[$id]]))
  2675. $board_updates[$msg . '-' . $lastModified[$id]] = array(
  2676. 'id' => $msg,
  2677. 'updated' => $lastModified[$id],
  2678. 'boards' => array($id)
  2679. );
  2680. else
  2681. $board_updates[$msg . '-' . $lastModified[$id]]['boards'][] = $id;
  2682. }
  2683. // Now commit the changes!
  2684. foreach ($parent_updates as $id_msg => $boards)
  2685. {
  2686. $smcFunc['db_query']('', '
  2687. UPDATE {db_prefix}boards
  2688. SET id_msg_updated = {int:id_msg_updated}
  2689. WHERE id_board IN ({array_int:board_list})
  2690. AND id_msg_updated < {int:id_msg_updated}',
  2691. array(
  2692. 'board_list' => $boards,
  2693. 'id_msg_updated' => $id_msg,
  2694. )
  2695. );
  2696. }
  2697. foreach ($board_updates as $board_data)
  2698. {
  2699. $smcFunc['db_query']('', '
  2700. UPDATE {db_prefix}boards
  2701. SET id_last_msg = {int:id_last_msg}, id_msg_updated = {int:id_msg_updated}
  2702. WHERE id_board IN ({array_int:board_list})',
  2703. array(
  2704. 'board_list' => $board_data['boards'],
  2705. 'id_last_msg' => $board_data['id'],
  2706. 'id_msg_updated' => $board_data['updated'],
  2707. )
  2708. );
  2709. }
  2710. }
  2711. /**
  2712. * This simple function gets a list of all administrators and sends them an email
  2713. * to let them know a new member has joined.
  2714. * Called by registerMember() function in Subs-Members.php.
  2715. * Email is sent to all groups that have the moderate_forum permission.
  2716. * The language set by each member is being used (if available).
  2717. *
  2718. * @param string $type, types supported are 'approval', 'activation', and 'standard'.
  2719. * @param int $memberID
  2720. * @param string $member_name = null
  2721. * @uses the Login language file.
  2722. */
  2723. function adminNotify($type, $memberID, $member_name = null)
  2724. {
  2725. global $txt, $modSettings, $language, $scripturl, $user_info, $context, $smcFunc;
  2726. // If the setting isn't enabled then just exit.
  2727. if (empty($modSettings['notify_new_registration']))
  2728. return;
  2729. if ($member_name == null)
  2730. {
  2731. // Get the new user's name....
  2732. $request = $smcFunc['db_query']('', '
  2733. SELECT real_name
  2734. FROM {db_prefix}members
  2735. WHERE id_member = {int:id_member}
  2736. LIMIT 1',
  2737. array(
  2738. 'id_member' => $memberID,
  2739. )
  2740. );
  2741. list ($member_name) = $smcFunc['db_fetch_row']($request);
  2742. $smcFunc['db_free_result']($request);
  2743. }
  2744. $toNotify = array();
  2745. $groups = array();
  2746. // All membergroups who can approve members.
  2747. $request = $smcFunc['db_query']('', '
  2748. SELECT id_group
  2749. FROM {db_prefix}permissions
  2750. WHERE permission = {string:moderate_forum}
  2751. AND add_deny = {int:add_deny}
  2752. AND id_group != {int:id_group}',
  2753. array(
  2754. 'add_deny' => 1,
  2755. 'id_group' => 0,
  2756. 'moderate_forum' => 'moderate_forum',
  2757. )
  2758. );
  2759. while ($row = $smcFunc['db_fetch_assoc']($request))
  2760. $groups[] = $row['id_group'];
  2761. $smcFunc['db_free_result']($request);
  2762. // Add administrators too...
  2763. $groups[] = 1;
  2764. $groups = array_unique($groups);
  2765. // Get a list of all members who have ability to approve accounts - these are the people who we inform.
  2766. $request = $smcFunc['db_query']('', '
  2767. SELECT id_member, lngfile, email_address
  2768. FROM {db_prefix}members
  2769. WHERE (id_group IN ({array_int:group_list}) OR FIND_IN_SET({raw:group_array_implode}, additional_groups) != 0)
  2770. AND notify_types != {int:notify_types}
  2771. ORDER BY lngfile',
  2772. array(
  2773. 'group_list' => $groups,
  2774. 'notify_types' => 4,
  2775. 'group_array_implode' => implode(', additional_groups) != 0 OR FIND_IN_SET(', $groups),
  2776. )
  2777. );
  2778. $current_language = $user_info['language'];
  2779. while ($row = $smcFunc['db_fetch_assoc']($request))
  2780. {
  2781. $replacements = array(
  2782. 'USERNAME' => $member_name,
  2783. 'PROFILELINK' => $scripturl . '?action=profile;u=' . $memberID
  2784. );
  2785. $emailtype = 'admin_notify';
  2786. // If they need to be approved add more info...
  2787. if ($type == 'approval')
  2788. {
  2789. $replacements['APPROVALLINK'] = $scripturl . '?action=admin;area=viewmembers;sa=browse;type=approve';
  2790. $emailtype .= '_approval';
  2791. }
  2792. $emaildata = loadEmailTemplate($emailtype, $replacements, empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']);
  2793. // And do the actual sending...
  2794. sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
  2795. }
  2796. $smcFunc['db_free_result']($request);
  2797. if (isset($current_language) && $current_language != $user_info['language'])
  2798. loadLanguage('Login');
  2799. }
  2800. /**
  2801. * Load a template from EmailTemplates language file.
  2802. *
  2803. * @param string $template
  2804. * @param array $replacements = array()
  2805. * @param string $lang = ''
  2806. * @param bool $loadLang = true
  2807. */
  2808. function loadEmailTemplate($template, $replacements = array(), $lang = '', $loadLang = true)
  2809. {
  2810. global $txt, $mbname, $scripturl, $settings, $user_info;
  2811. // First things first, load up the email templates language file, if we need to.
  2812. if ($loadLang)
  2813. loadLanguage('EmailTemplates', $lang);
  2814. if (!isset($txt[$template . '_subject']) || !isset($txt[$template . '_body']))
  2815. fatal_lang_error('email_no_template', 'template', array($template));
  2816. $ret = array(
  2817. 'subject' => $txt[$template . '_subject'],
  2818. 'body' => $txt[$template . '_body'],
  2819. );
  2820. // Add in the default replacements.
  2821. $replacements += array(
  2822. 'FORUMNAME' => $mbname,
  2823. 'SCRIPTURL' => $scripturl,
  2824. 'THEMEURL' => $settings['theme_url'],
  2825. 'IMAGESURL' => $settings['images_url'],
  2826. 'DEFAULT_THEMEURL' => $settings['default_theme_url'],
  2827. 'REGARDS' => $txt['regards_team'],
  2828. );
  2829. // Split the replacements up into two arrays, for use with str_replace
  2830. $find = array();
  2831. $replace = array();
  2832. foreach ($replacements as $f => $r)
  2833. {
  2834. $find[] = '{' . $f . '}';
  2835. $replace[] = $r;
  2836. }
  2837. // Do the variable replacements.
  2838. $ret['subject'] = str_replace($find, $replace, $ret['subject']);
  2839. $ret['body'] = str_replace($find, $replace, $ret['body']);
  2840. // Now deal with the {USER.variable} items.
  2841. $ret['subject'] = preg_replace_callback('~{USER.([^}]+)}~', 'user_info_callback', $ret['subject']);
  2842. $ret['body'] = preg_replace_callback('~{USER.([^}]+)}~', 'user_info_callback', $ret['body']);
  2843. // Finally return the email to the caller so they can send it out.
  2844. return $ret;
  2845. }
  2846. function user_info_callback($matches)
  2847. {
  2848. global $user_info;
  2849. if (empty($matches[1]))
  2850. return '';
  2851. $use_ref = true;
  2852. $ref = &$user_info;
  2853. foreach (explode('.', $matches[1]) as $index)
  2854. {
  2855. if ($use_ref && isset($ref[$index]))
  2856. $ref = &$ref[$index];
  2857. else
  2858. {
  2859. $use_ref = false;
  2860. break;
  2861. }
  2862. }
  2863. return $use_ref ? $ref : $matches[0];
  2864. }
  2865. ?>