get_config(); } /** * Load configuration from database * Assign value to the variable $config */ function get_config() { $query = 'SELECT value FROM '.CONFIG_TABLE.' WHERE param="piwecard";'; $result = pwg_query($query); if(isset($result)) { $row = pwg_db_fetch_row($result); if(is_string($row[0])) { $this->config = unserialize(($row[0])); } } } /** * Load default configuration from the install directory * Assign value to the variable $config */ function get_default_config() { require(PIWECARD_INSTALL_PATH.'default_values.inc.php'); foreach ($ecard_default_values as $key => $value) { if (!isset($this->config[$key])) $this->config[$key] = $value; } } /** * Get the default value of a parameter * @param name of the parameter * @return the default config of the parameter */ function get_default_config_param($param) { require(PIWECARD_INSTALL_PATH.'default_values.inc.php'); return $ecard_default_values[$param]; } /** * Save the current configuration (ie the value of $config) to the database */ function set_config() { conf_update_param('piwecard', pwg_db_real_escape_string(serialize($this->config))); } /** * Initialize the section parameter of the page */ function section_init_ecard() { global $tokens, $page; if ($tokens[0] == 'ecard') $page['section'] = 'ecard'; } /** * Load the ecard */ function index_ecard() { global $page; if (isset($page['section']) and $page['section'] == 'ecard') { include('publish.inc.php'); } } /** * Get a random string * @param Integer number of caracter of the random string * @return String the random string */ private function random($car) { $string = ""; $chaine = "abcdefghijklmnpqrstuvwxy0123456789"; srand((double)microtime()*1000000); for($i=0; $i<$car; $i++) { $string .= $chaine[rand()%strlen($chaine)]; } return $string; } /** * Parse the message * @param String string to parse * @param Array parser parameters * @param Array an array with the id and the url of the image * @return String the parsed string */ function parse($data, $values, $image_element) { include (PIWECARD_PATH.'include/parse_param.inc.php'); $patterns = array(); $replacements = array(); foreach ($ecard_parse as $key => $value) { array_push($patterns, $key); array_push($replacements, $value); } return str_replace($patterns, $replacements, $data); } /** * Get the number of ecards in the database * @return Integer number of ecards */ function get_nb_ecard() { $query = 'SELECT COUNT(DISTINCT ecard_id) AS nb FROM '.PIWECARD_TABLE.' ORDER BY date_creation;'; $result = pwg_query($query); if ($result) { $nb=pwg_db_fetch_assoc($result); return $nb['nb']; } else return 0; } /** * Get the number of validecards in the database * @return Integer number of valid ecards */ function get_nb_valid_ecard() { $query = 'SELECT COUNT(DISTINCT ecard_id) AS nb FROM '.PIWECARD_TABLE.' WHERE date_validity IS NULL OR date_validity > NOW();'; $result = pwg_query($query); if ($result) { $nb=pwg_db_fetch_assoc($result); return $nb['nb']; } else return 0; } /** * Get ecard informations into an array * @param Integer ecard id * @return Array informations of the ecard */ function get_ecard($ecard_id) { if ($ecard_id!== null) { $query = 'SELECT * FROM ' . PIWECARD_TABLE .' WHERE ecard_id="' . $ecard_id . '" LIMIT 1;'; $result = pwg_query($query); if ($result) return pwg_db_fetch_assoc($result); else return false; } } /** * Is the ecard valid? * @param Integer ecard id * @return Boolean True if valid, False otherwise */ function is_valid($ecard_id) { if (isset($ecard_id)) { $ecard_info = $this->get_ecard($ecard_id); if (isset($ecard_info)) { // Valid duration for an ecard $date_validity = $ecard_info['date_validity']; if (isset($date_validity)) { $now = new DateTime(date("Y-m-d H:i:s")); $date_validity = new DateTime($date_validity); if ($date_validity > $now) return true; else return false; } else { return true; } } else return false; } else { return false; } } /** * Delete one ecard * @param Integer ecard id */ function delete_ecard($ecard_id) { if (isset($ecard_id)) { $query = 'DELETE FROM ' . PIWECARD_TABLE .' WHERE ecard_id="' . $ecard_id . '";'; pwg_query($query); } else return false; } /** * Delete all invalid ecards */ function delete_allinvalid_ecard() { $query = 'DELETE FROM ' . PIWECARD_TABLE .' WHERE date_validity < NOW();'; pwg_query($query); } /** * Is the email valid? * @param String email address * @return Boolean True if valid, False otherwise */ function is_valid_email($email_address) { $syntax = '#^[\w.-]+@[\w.-]+\.[a-zA-Z]{2,6}$#'; if(preg_match($syntax, $email_address)) return true; else return false; } /** * Add tpl to picture.php page to display ecard informations */ function display_ecard_to_picture() { global $page, $user, $template; // Only on category page! if (isset($page['section'])) { $upper_names = null; if (!empty($page['category'])) { // Gets all upper categories from the image category to test // - if the upper category is activated for this function $query = 'SELECT * FROM '.CATEGORIES_TABLE.' WHERE id = '.pwg_db_real_escape_string($page['category']['id']).';'; $cat = pwg_db_fetch_assoc(pwg_query($query)); if (empty($cat)) { $upper_ids = null; } else { $upper_ids = explode(',', $cat['uppercats']); } } if ($this->config['authorized_cats'] == 'user') { // !Function only allowed on user image if (isset($cat) and !empty($cat)) { $catname[0] = $cat['name']; if (isset($upper_ids)) { $nb=1; foreach ($upper_ids as $upper_cat) { $cat_info = get_cat_info($upper_cat); $catname[$nb++] = $cat_info['name']; } } } // Username or the current user $username = $user['username']; if (!$this->config['user_cats_case_sensitive']) $catname = array_map('strtolower', $catname); // author of the photo $query = 'SELECT author FROM '.IMAGES_TABLE.' WHERE id = '.$page['image_id'].' LIMIT 1;'; $result = pwg_query($query); if (isset($result)) { $img_infos = pwg_db_fetch_assoc($result); $authorname = $img_infos['author']; } } if ($this->config['authorized_groups_users'] == 'granted' OR $this->config['authorized_groups_users'] == 'denied') { $user_groups = array(); $query = 'SELECT group_id FROM '.USER_GROUP_TABLE.' WHERE user_id='.$user['id'].';'; $result = pwg_query($query); while ($row = pwg_db_fetch_assoc($result)) { array_push($user_groups, $row['group_id']); } } // Only on available cats if (($this->config['authorized_cats'] == 'all') //Parameter : all OR ($this->config['authorized_cats'] == 'selected' AND !empty($upper_ids) AND (array_intersect($upper_ids, $this->config['selected_cats']) != array())) //Parameter : selected OR ($this->config['authorized_cats'] == 'user' AND $this->config['user_cats_case_sensitive'] AND (in_array($username, $catname) OR $username == $authorname)) //Parameter : user AND case sensitive OR ($this->config['authorized_cats'] == 'user' AND !$this->config['user_cats_case_sensitive'] AND (in_array(strtolower($username), $catname) OR $username == $authorname)) //Parameter : user AND not case sensitive ) { if (($this->config['authorized_groups_users'] == 'all') //Parameter : all OR ($this->config['authorized_groups_users'] == 'granted' AND ((array_intersect($user_groups, $this->config['selected_groups']) != array()) OR in_array($user['id'], $this->config['selected_users']))) //Parameter : granted OR ($this->config['authorized_groups_users'] == 'denied' AND ((array_intersect($user_groups, $this->config['selected_groups']) == array()) AND !in_array($user['id'], $this->config['selected_users']))) //Parameter : denied ) { // Check if user is guest. // In this case, force mail to default mail (in configuration) if (is_a_guest()) { if (!empty($this->config['default_guest_email'])) $user['email'] = $this->config['default_guest_email']; } // Template informations $template->assign('ecard', array( 'title' => l10n('Title'), 'message' => l10n('piwecard_message'), 'sender_name' => $user['username'], 'sender_email' => $user['email'], 'recipient_name' => l10n('piwecard_recipient_name'), 'recipient_email' => l10n('piwecard_recipient_email'), 'copy' => $this->config['sender_copy'] ? 'checked="checked"' : '', 'changemail' => (!isset($user['email']) OR $this->config['sender_email_change']) ? '' : 'disabled="disabled"', 'nb_max_recipients' => $this->config['nb_max_recipients'], ) ); // Template add for the active parameter choice by the user if ($this->config['validity_choice']) { foreach($this->config['validity'] as $validity) { $template->append('ecard_validity', array( 'id' => $validity, 'name' => ($validity == 0) ? l10n('piwecard_nolimit') : $validity.' '.l10n('piwecard_days'), 'selected' => ($this->config['validity_default'] == $validity ? 'checked' : '') ) ); } } else { $template->assign('ecard_validity_hidden', $this->config['validity_default']); } foreach ($this->config['email_format_authorized'] as $email_format) { $template->append('ecard_email_format', array( 'id' => $email_format, 'name' => l10n('piwecard_email_format_'.$email_format), 'selected' => (($this->config['email_format_default'] == $email_format) ? 'checked' : ''), ) ); } $template->set_filenames(array('ecard_template' => PIWECARD_ROOT.'/template/ecard.tpl')); $template->concat('COMMENT_IMG', $template->parse('ecard_template', true)); // Send the card if (isset($_POST['ecard_submit'])) { // If conf doesn't allow to modify the %yourmail% param, force it to user mail if (!$this->config['sender_email_change'] and isset($user['email'])) $_POST['ecard_sender_email'] = $user['email']; $email_format = $_POST['ecard_email_format']; //Check fields if ($_POST['ecard_sender_name'] == '' OR $_POST['ecard_title'] == '' OR $_POST['ecard_message'] == '') { return; } if ($_POST['ecard_sender_email'] == '' OR !$this->is_valid_email($_POST['ecard_sender_email'])) return; // Initialize the array for image element $image_element = array(); // Get all image informations $query = 'SELECT * FROM '.IMAGES_TABLE.' WHERE id='.$page['image_id'].' LIMIT 1;'; $result = pwg_query($query); if (isset($result)) $image_element = pwg_db_fetch_assoc($result); // Generate random number $next_element_id_random = $this->random(64); while (pwg_db_num_rows(pwg_query('SELECT ecard_id FROM '.PIWECARD_TABLE.' WHERE ecard_id="'.$next_element_id_random.'";')) != 0) { $next_element_id_random = $this->random(64); } $image_element['next_element_id'] = $next_element_id_random; // Image infos if ($this->config['show_image_infos']) { if (isset($image_element['name'])) { $image_element['picture_infos'] = $image_element['name']; if (isset($image_element['author'])) $image_element['picture_infos'] .= ' ('.$image_element['author'].')'; } } // Complete the image_element array with Link for the ecard url to be added in the mail set_make_full_url(); $ecard_url = embellish_url(get_absolute_root_url() . './index.php?/ecard/'.$image_element['next_element_id']); $image_element['ecard_url'] = $ecard_url; unset_make_full_url(); // Complete the image_element with the url to point to the image url set_make_full_url(); $image_element['picture_url'] = duplicate_picture_url( array( 'image_id' => $image_element['id'], 'image_file' => $image_element['file'] ), array('start') ); unset_make_full_url(); // Send the mail $recipient_infos = array_combine($_POST['ecard_recipient_name'], $_POST['ecard_recipient_email']); foreach ($recipient_infos as $recipient_name => $recipient_email) { if ($recipient_name == '' OR $recipient_email == '' OR !$this->is_valid_email($recipient_email)) continue; $parse_list = array( 'ecard_sender_name' => $_POST['ecard_sender_name'], 'ecard_sender_email' => $_POST['ecard_sender_email'], 'ecard_recipient_name' => $recipient_name, 'ecard_recipient_email' => $recipient_email, 'ecard_title' => $_POST['ecard_title'], 'ecard_message' => $_POST['ecard_message'], ); $email_infos = array( 'from_name' => $_POST['ecard_sender_name'], 'from_email' => (isset($_POST['ecard_sender_email']) ? $_POST['ecard_sender_email'] : $user['email']), 'to' => $recipient_email, 'subject' => htmlspecialchars_decode($this->parse($this->config['email_subject'], $parse_list, $image_element)), ); $email_message_text = stripslashes(strip_tags($this->parse($this->config['email_message']['text'], $parse_list, $image_element))); $email_message_html = stripslashes($this->parse($this->config['email_message']['html'], $parse_list, $image_element)); switch($email_format) { case 'text': // text $email_infos['message'] = array( 'text' => $email_message_text ); break; case 'html': // html $email_infos['message'] = array( 'text' => $email_message_text, 'html' => $email_message_html, ); default: break; } // Add the copy to expe if param. if (isset($_POST['ecard_copy'])) // send copy to sender $email_infos['bcc'] = $email_infos['from_email']; $this->mail($email_infos); //Insert into database $insert = array( 'ecard_id' => $image_element['next_element_id'], 'sender_name' => $_POST['ecard_sender_name'], 'recipient_name' => $recipient_name, 'sender_email' => $_POST['ecard_sender_email'], 'recipient_email' => $recipient_email, 'title' => $_POST['ecard_title'], 'message' => $_POST['ecard_message'], 'image' => $image_element['id'], 'date_creation' => date("Y-m-d H:i:s"), ); if ($_POST['ecard_validity'] != '0') { $date = new DateTime(); $date->modify("+".$_POST['ecard_validity']." day"); $insert['date_validity'] = $date->format('Y-m-d H:i:s'); } single_insert(PIWECARD_TABLE, $insert); } } } } } } /** * Encodes a string using Q form if required (RFC2045) * mail headers MUST contain only US-ASCII characters * * This function was in Piwigo core include/functions_mail.inc.php, but * was removed from version 2.6. */ function encode_mime_header($str) { $x = preg_match_all('/[\000-\010\013\014\016-\037\177-\377]/', $str, $matches); if ($x==0) { return $str; } // Replace every high ascii, control =, ? and _ characters $str = preg_replace('/([\000-\011\013\014\016-\037\075\077\137\177-\377])/e', "'='.sprintf('%02X', ord('\\1'))", $str); // Replace every spaces to _ (more readable than =20) $str = str_replace(" ", "_", $str); global $lang_info; return '=?'.get_pwg_charset().'?Q?'.$str.'?='; } /** * Send an email * @param Array informations of the email */ function mail($email_infos) { global $lang_info; $template_mail = new Template(PIWECARD_MAIL_PATH.'template'); $smarty = $template_mail->smarty; $from = '"'.$email_infos['from_name'].'" <'.$email_infos['from_email'].'>'; $subject = $this->encode_mime_header(trim(preg_replace('#[\n\r]+#s', '', $email_infos['subject']))); $boundary = '_----------='.md5(uniqid(mt_rand())); $headers = 'From: '.$from."\n"; $headers .= 'Reply-To: '.$from."\n"; if (!empty($email_infos['bcc'])) $headers .= 'Bcc: '.$email_infos['bcc']."\n"; $headers .= 'X-Sender: <'.get_absolute_root_url().'>'."\n"; $headers .= 'X-Mailer: Piwigo Mailer'."\n"; $headers .= 'X-auth-smtp-user: '.$from."\n"; $headers .= 'X-abuse-contact: '.$from."\n"; $headers .= 'Date: '.date("D, j M Y G:i:s O")."\n"; $message = ''; if (empty($email_infos['message']['html'])) { //Text plain email $headers .= 'Content-Type: text/plain; charset="'.get_pwg_charset().'"'."\n"; $headers .= 'Content-Transfer-Encoding: 8bit'."\n"; $message = $this->get_text_message($email_infos['message']['text'], $smarty); } else { $headers .= 'MIME-Version: 1.0'."\n"; $headers .= 'Content-Type: multipart/alternative; boundary="'.$boundary.'"'; $message .= 'This is a multi-part message in MIME format'."\n\n"; $message .= '--'.$boundary."\n"; $message .= 'Content-Type: text/plain; charset="'.get_pwg_charset().'"'."\n"; $message .= 'Content-Transfer-Encoding: binary'."\n\n"; $message .= $this->get_text_message($email_infos['message']['text'], $smarty); $message .= "\n\n"; $message .= '--'.$boundary."\n"; $message .= 'Content-Type: text/html; charset="'.get_pwg_charset().'"'."\n"; $message .= 'Content-Transfer-Encoding: binary;'."\n\n"; $message .= $this->get_html_message($email_infos['message']['html'], $smarty); $message .= "\n\n"; $message .= '--'.$boundary."--\n"; } mail($email_infos['to'], $subject, $message, $headers); } /** * Get the content of the email when the format is plain text * @param String the email message * @param Smarty a smarty object */ function get_text_message($message_text, $smarty) { global $page, $conf; $message = $message_text; $smarty->assign(array( 'GALLERY_TITLE' => isset($page['gallery_title']) ? $page['gallery_title'] : $conf['gallery_title'], 'GALLERY_URL' => get_absolute_root_url(), 'MAIL' => get_webmaster_mail_address(), ) ); $message .= $smarty->fetch('mail_text.tpl'); return $message; } /** * Get the content of the email when the format is html * @param String the email message * @param Smarty a smarty object */ function get_html_message($message_html, $smarty) { global $page, $conf; $border_config = $this->config['image_border']; $smarty->assign(array( 'BORDER' => (($border_config['display']) ? 'border-style: '.$border_config['style'].'; border-width: '.$border_config['width'].'; border-color: #'.$border_config['color'].';' : ''), 'CONTENT_ENCODING' => get_pwg_charset(), 'GALLERY_URL' => get_absolute_root_url(), 'GALLERY_TITLE' => isset($page['gallery_title']) ? $page['gallery_title'] : $conf['gallery_title'], 'VERSION' => $conf['show_version'] ? PHPWG_VERSION : '', 'MAIL' => get_webmaster_mail_address(), 'MESSAGE_HTML' => $message_html, ) ); $message = $smarty->fetch('mail_html.tpl'); return $message; } }