Changeset 28458


Ignore:
Timestamp:
05/13/14 19:46:37 (5 years ago)
Author:
mistic100
Message:

fix unused content type, send copy as Bcc

Location:
extensions/ContactForm
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • extensions/ContactForm/include/contact_form.inc.php

    r27846 r28458  
    1717{ 
    1818  $contact = array( 
    19     'author' =>  trim($_POST['author']), 
    20     'email' =>   trim($_POST['email']), 
     19    'author' =>  stripslashes(trim($_POST['author'])), 
     20    'email' =>   stripslashes(trim($_POST['email'])), 
    2121    'group' =>   @$_POST['group'], 
    22     'subject' => trim($_POST['subject']), 
    23     'content' => $_POST['content'], 
     22    'subject' => stripslashes(trim($_POST['subject'])), 
     23    'content' => stripslashes($_POST['content']), 
    2424    'send_copy' => isset($_POST['send_copy']), 
    2525   ); 
  • extensions/ContactForm/include/functions.inc.php

    r28324 r28458  
    1717    $page['is_homepage'] = false; 
    1818 
    19     $page['section_title'] = '<a href="'.get_absolute_root_url().'">'.l10n('Home').'</a>'.$conf['level_separator'].'<a href="'.CONTACT_FORM_PUBLIC.'">'.l10n('Contact').'</a>'; 
     19    $page['section_title'] =  
     20      '<a href="'.get_absolute_root_url().'">'.l10n('Home').'</a>' 
     21      .$conf['level_separator'] 
     22      .'<a href="'.CONTACT_FORM_PUBLIC.'">'.l10n('Contact').'</a>'; 
    2023  } 
    2124} 
     
    233236 
    234237  // get admin emails 
    235   $emails = get_contact_emails($comm['group']); 
    236   if (!count($emails)) 
     238  $to = get_contact_emails($comm['group']); 
     239  if (!count($to)) 
    237240  { 
    238241    $page['errors'][] = l10n('Error while sending e-mail'); 
     
    246249    $prefix = str_replace('%gallery_title%', $conf['gallery_title'], $conf['ContactForm']['cf_subject_prefix']); 
    247250 
    248     $from = $Cc = null; 
     251    $from = $Cc = $Bcc = null; 
    249252    if (!empty($comm['email'])) 
    250253    { 
     
    255258      if ($comm['send_copy']) 
    256259      { 
     260        $Bcc = $to; 
     261        $to = null; 
    257262        $Cc = $from; 
    258263      } 
     
    263268 
    264269    $result = pwg_mail( 
    265       $emails, 
     270      $to, 
    266271      array( 
    267272        'subject' => '['.$prefix.'] '.$comm['subject'], 
     273        'content' => $comm['content'], 
    268274        'mail_title' => $prefix, 
    269275        'mail_subtitle' => $comm['subject'], 
    270276        'content_format' => 'text/html', 
     277        'email_format' => $conf['ContactForm']['cf_mail_type'], 
    271278        'from' => $from, 
    272279        'Cc' => $Cc, 
     280        'Bcc' => $Bcc, 
    273281        ), 
    274282      array( 
     
    328336  ORDER BY name ASC 
    329337'; 
    330   $emails = array_from_query($query); 
     338  $emails = query2array($query); 
    331339 
    332340  return $emails; 
  • extensions/ContactForm/template/contact_form.tpl

    r26070 r28458  
    4747        {if $contact.is_logged} 
    4848          {$contact.author} 
    49           <input type="hidden" name="author" value="{$contact.author}"> 
     49          <input type="hidden" name="author" value="{$contact.author|escape:html}"> 
    5050        {else} 
    51           <input type="text" name="author" id="author" size="40" value="{$contact.author}"> 
     51          <input type="text" name="author" id="author" size="40" value="{$contact.author|escape:html}"> 
    5252        {/if} 
    5353        </td> 
     
    5858        {if $contact.is_logged and !empty($contact.email)} 
    5959          {$contact.email} 
    60           <input type="hidden" name="email" value="{$contact.email}"> 
     60          <input type="hidden" name="email" value="{$contact.email|escape:html}"> 
    6161        {else} 
    62           <input type="text" name="email" id="email" size="40" value="{$contact.email}"> 
     62          <input type="text" name="email" id="email" size="40" value="{$contact.email|escape:html}"> 
    6363        {/if} 
    6464        </td> 
     
    7777      <tr> 
    7878        <td class="title"><label for="subject">{'Subject'|translate}</label></td> 
    79         <td><input type="text" name="subject" id="subject" style="width:400px;" value="{$contact.subject}"></td> 
     79        <td><input type="text" name="subject" id="subject" style="width:400px;" value="{$contact.subject|escape:html}"></td> 
    8080      </tr> 
    8181      <tr> 
  • extensions/ContactForm/template/text/html/mail.tpl

    r28324 r28458  
    1212</p> 
    1313 
    14 <blockquote>{$CONTACT.content}</blockquote> 
     14<blockquote>{$CONTENT}</blockquote> 
  • extensions/ContactForm/template/text/plain/mail.tpl

    r28324 r28458  
    55 
    66-------------------- 
    7 {$CONTACT.content} 
     7{$CONTENT} 
Note: See TracChangeset for help on using the changeset viewer.