-
Notifications
You must be signed in to change notification settings - Fork 8
/
com_connect.php
3249 lines (2637 loc) · 128 KB
/
com_connect.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<?php
// This is a PLUGIN TEMPLATE for Textpattern CMS.
// Copy this file to a new name like abc_myplugin.php. Edit the code, then
// run this file at the command line to produce a plugin for distribution:
// $ php abc_myplugin.php > abc_myplugin-0.1.txt
// Plugin name is optional. If unset, it will be extracted from the current
// file name. Plugin names should start with a three letter prefix which is
// unique and reserved for each plugin author ("abc" is just an example).
// Uncomment and edit this line to override:
$plugin['name'] = 'com_connect';
// Allow raw HTML help, as opposed to Textile.
// 0 = Plugin help is in Textile format, no raw HTML allowed (default).
// 1 = Plugin help is in raw HTML. Not recommended.
# $plugin['allow_html_help'] = 1;
$plugin['version'] = '4.7.1';
$plugin['author'] = 'Textpattern Community';
$plugin['author_uri'] = 'https://forum.textpattern.io/viewtopic.php?id=47913';
$plugin['description'] = 'Form and contact mailer for Textpattern';
// Plugin load order:
// The default value of 5 would fit most plugins, while for instance comment
// spam evaluators or URL redirectors would probably want to run earlier
// (1...4) to prepare the environment for everything else that follows.
// Values 6...9 should be considered for plugins which would work late.
// This order is user-overrideable.
$plugin['order'] = '5';
// Plugin 'type' defines where the plugin is loaded
// 0 = public : only on the public side of the website (default)
// 1 = public+admin : on both the public and admin side
// 2 = library : only when include_plugin() or require_plugin() is called
// 3 = admin : only on the admin side (no AJAX)
// 4 = admin+ajax : only on the admin side (AJAX supported)
// 5 = public+admin+ajax : on both the public and admin side (AJAX supported)
$plugin['type'] = '0';
// Plugin "flags" signal the presence of optional capabilities to the core plugin loader.
// Use an appropriately OR-ed combination of these flags.
// The four high-order bits 0xf000 are available for this plugin's private use
if (!defined('PLUGIN_HAS_PREFS')) define('PLUGIN_HAS_PREFS', 0x0001); // This plugin wants to receive "plugin_prefs.{$plugin['name']}" events
if (!defined('PLUGIN_LIFECYCLE_NOTIFY')) define('PLUGIN_LIFECYCLE_NOTIFY', 0x0002); // This plugin wants to receive "plugin_lifecycle.{$plugin['name']}" events
$plugin['flags'] = '0';
// Plugin 'textpack' is optional. It provides i18n strings to be used in conjunction with gTxt().
// Syntax:
// ## arbitrary comment
// #@event
// #@language ISO-LANGUAGE-CODE
// abc_string_name => Localized String
$plugin['textpack'] = <<<EOT
#@owner com_connect
#@language en, en-gb, en-us
#@public
com_connect_checkbox => Checkbox
com_connect_contact => Contact
com_connect_email => Email
com_connect_email_subject => {site} > Enquiry
com_connect_email_thanks => Thank you, your message has been sent.
com_connect_field_missing => Required field <strong>{field}</strong> is missing.
com_connect_format_warning => Value {value} in <strong>{field}</strong> is not of the expected format.
com_connect_form_expired => The form has expired, please try again.
com_connect_form_used => The form was already submitted, please fill out a new form.
com_connect_general_inquiry => General enquiry
com_connect_invalid_email => <strong>{email}</strong> is not a valid email address.
com_connect_invalid_host => <strong>{host}</strong> is not a valid email host.
com_connect_invalid_utf8 => <strong>{field}</strong> contains invalid UTF-8 characters.
com_connect_invalid_value => Invalid value for <strong>{field}</strong>: <strong>{value}</strong> is not one of the available options.
com_connect_mail_sorry => Sorry, unable to send email.
com_connect_maxval_warning => <strong>{field}</strong> must not exceed {value}.
com_connect_max_warning => <strong>{field}</strong> must not contain more than {value} characters.
com_connect_message => Message
com_connect_minval_warning => <strong>{field}</strong> must be at least {value}.
com_connect_min_warning => <strong>{field}</strong> must contain at least {value} characters.
com_connect_name => Name
com_connect_option => Option
com_connect_pattern_warning => <strong>{field}</strong> does not match the pattern {value}.
com_connect_radio => Radio
com_connect_recipient => Recipient
com_connect_refresh => Follow this link if the page does not refresh automatically.
com_connect_secret => Secret
com_connect_send => Send
com_connect_send_article => Send article
com_connect_spam => We do not accept spam, thank you!
com_connect_text => Text
com_connect_to_missing => <strong>To</strong> email address is missing.
#@language de-de
com_connect_checkbox => Checkbox
com_connect_contact => Kontakt
com_connect_email => E-Mail
com_connect_email_subject => {site} > Anfrage
com_connect_email_thanks => Vielen Dank, Ihre Nachricht wurde gesendet.
com_connect_field_missing => Erforderliche Eingabe im Feld <strong>{field}</strong> fehlt.
com_connect_format_warning => Eingabe {value} im Feld <strong>{field}</strong> entspricht nicht dem erwarteten Format.
com_connect_form_expired => Dieses Formular ist abgelaufen, bitte versuchen Sie es erneut.
com_connect_form_used => Dieses Formular wurde bereits gesendet. Bitte laden Sie das Formular noch einmal.
com_connect_general_inquiry => Allgemeine Anfrage
com_connect_invalid_email => <strong>{email}</strong> ist keine gültige E-Mailadresse.
com_connect_invalid_host => <strong>{host}</strong> ist kein gültiger E-Mail-Server.
com_connect_invalid_utf8 => <strong>{field}</strong> enthält ungültige UTF-8-Zeichen.
com_connect_invalid_value => Ungültiger Wert für <strong>{field}</strong>, <strong>{value}</strong> ist keine verfügbare Option.
com_connect_mail_sorry => Leider kann keine E-Mail gesendet werden.
com_connect_maxval_warning => <strong>{field}</strong> darf {value} nicht überschreiten.
com_connect_max_warning => <strong>{field}</strong> darf nicht länger als {value} Zeichen sein.
com_connect_message => Nachricht
com_connect_minval_warning => <strong>{field}</strong> darf {value} nicht unterschreiten.
com_connect_min_warning => <strong>{field}</strong> darf nicht kürzer als {value} Zeichen sein.
com_connect_name => Name
com_connect_option => Option
com_connect_pattern_warning => <strong>{field}</strong> entspricht nicht dem Muster {value}.
com_connect_radio => Radio
com_connect_recipient => Empfänger
com_connect_refresh => Bitte folgen Sie diesem Link, falls die Seite icht automatisch neu geladen wird.
com_connect_secret => Geheimnis
com_connect_send => Senden
com_connect_send_article => Artikel senden
com_connect_spam => Danke, wir brauchen keinen Spam!
com_connect_text => Text
com_connect_to_missing => <strong>To</strong> E-Mail-Adresse fehlt.
#@language es-es
com_connect_checkbox => Casilla de verificación
com_connect_contact => Contacto
com_connect_email => Correo electrónico
com_connect_email_subject => {site} > Consulta
com_connect_email_thanks => Gracias, tu mensaje ha sido enviado.
com_connect_field_missing => falta el campo obligatorio <strong>{field}</strong>.
com_connect_format_warning => El valor {value} en <strong>{field}</strong> no está en el formato esperado.
com_connect_form_expired => El formulario ha caducado, por favor inténtalo de nuevo.
com_connect_form_used => El formulario ya había sido enviado, por favor rellena el formulario de nuevo.
com_connect_general_inquiry => Consulta general
com_connect_invalid_email => La dirección de correo electrónico <strong>{email}</strong> no es válida.
com_connect_invalid_host => El dominio de correo electrónico <strong>{host}</strong> no es válido.
com_connect_invalid_utf8 => <strong>{field}</strong> contiene caracteres UTF-8 no válidos.
com_connect_invalid_value => Valor incorrecto para <strong>{field}</strong>: <strong>{value}</strong> no es una de las opciones disponibles.
com_connect_mail_sorry => Lo siento, el correo electrónico no pudo ser enviado.
com_connect_maxval_warning => <strong>{field}</strong> no debe exceder {value}.
com_connect_max_warning => <strong>{field}</strong> no debe contener más de {value} caracteres.
com_connect_message => Mensaje
com_connect_minval_warning => <strong>{field}</strong> debe tener al menos {value}.
com_connect_min_warning => <strong>{field}</strong> debe contener al menos {value} caracteres.
com_connect_name => Nombre
com_connect_option => Opción
com_connect_pattern_warning => <strong>{field}</strong> no encaja con el patrón {value}.
com_connect_radio => Botón de opción
com_connect_recipient => Destinatario
com_connect_refresh => Siga este enlace si la página no se recarga automáticamente.
com_connect_secret => Secreto
com_connect_send => Enviar
com_connect_send_article => Enviar artículo
com_connect_spam => Gracias, ¡pero no aceptamos correo basura!
com_connect_text => Texto
com_connect_to_missing => Falta la dirección de correo electrónico del <strong>destinatario</strong>.
#@language fr-fr
com_connect_checkbox => Case à cocher
com_connect_contact => Contact
com_connect_email => Email
com_connect_email_subject => {site} > Demande
com_connect_email_thanks => Merci, votre message a bien été envoyé.
com_connect_field_missing => Champ obligatoire <strong>{field}</strong> manquant.
com_connect_form_expired => Le délai du formulaire vient d’expirer. Veuillez recommencer.
com_connect_form_used => Le formulaire a déjà été soumis. Veuillez en remplir un nouveau.
com_connect_general_inquiry => Demande d’ordre général
com_connect_invalid_email => <strong>{email}</strong> n’est pas une adresse email valide.
com_connect_invalid_host => <strong>{host}</strong> n’est pas correctement rédigé.
com_connect_invalid_utf8 => <strong>{field}</strong> contient des caractères invalides.
com_connect_invalid_value => Cette valeur : <strong>{value}</strong> n’est pas correcte pour <strong>{field}</strong>.
com_connect_mail_sorry => Désolé, impossible d’envoyer votre message dans l’immédiat.
com_connect_maxval_warning => <strong>{field}</strong> ne peux pas être plus grand que {value}.
com_connect_max_warning => <strong>{field}</strong> dépasse {value} caractères.
com_connect_message => Message
com_connect_minval_warning => <strong>{field}</strong> doit être au moins {value}.
com_connect_min_warning => <strong>{field}</strong> doit contenir au moins {value} caractères.
com_connect_name => Nom
com_connect_option => Option
com_connect_pattern_warning =><strong>{field}</strong> doit correspondre à ce modèle {value}.
com_connect_radio => Bouton radio
com_connect_recipient => Destinataire
com_connect_refresh => Cliquez sur ce lien si la page ne se rafraîchissait pas automatiquement.
com_connect_secret => Secret
com_connect_send => Envoyer
com_connect_send_article => Envoyer l’article
com_connect_spam => Nous refusons catégoriquement les spam. Bien à vous!
com_connect_text => Texte
com_connect_to_missing => l’adresse mail <strong>To</strong> est manquante.
#@language nl-nl
com_connect_checkbox => Keuze
com_connect_contact => Contact
com_connect_email => E-mail adres
com_connect_email_subject => {site} > bericht via de site
com_connect_email_thanks => Hartelijk dank, je bericht is verzonden.
com_connect_field_missing => Je hebt bij <strong>{field}</strong> nog niets ingevuld.
com_connect_format_warning => De invoer {value} in <strong>{field}</strong> heeft niet de juiste vorm.
com_connect_form_expired => Het formulier is verlopen, probeer het opnieuw.
com_connect_form_used => Het formulier is reeds verstuurd, vul het opnieuw in.
com_connect_general_inquiry => Bericht van de site
com_connect_invalid_email => <strong>{email}</strong> is geen geldig e-mail addres.
com_connect_invalid_host => <strong>{host}</strong> is geen geldige e-mail host.
com_connect_invalid_utf8 => <strong>{field}</strong> bevat ongeldige lettertekens.
com_connect_invalid_value => Ongeldige invoer bij <strong>{field}</strong>, <strong>{value}</strong> is niet mogelijk.
com_connect_mail_sorry => Sorry, er kan geen e-mail verzonden worden.
com_connect_maxval_warning => <strong>{field}</strong> mag niet groter zijn dan {value}.
com_connect_max_warning => <strong>{field}</strong> mag niet meer dan {value} lettertekes bevatten.
com_connect_message => Berichttekst
com_connect_minval_warning => <strong>{field}</strong> moet minstens {value} zijn.
com_connect_min_warning => <strong>{field}</strong> moet minstens {value} lettertekens bevatten.
com_connect_name => Naam
com_connect_option => Optie
com_connect_pattern_warning => <strong>{field}</strong> komt niet overeen met de volgorde {value}.
com_connect_radio => Keuzeknop
com_connect_recipient => Ontvanger
com_connect_refresh => Je kunt deze link gebruiken als de pagina niet automatisch ververst.
com_connect_secret => Geheim
com_connect_send => Verzenden
com_connect_send_article => Artikel verzenden
com_connect_spam => We accepteren geen spam!
com_connect_text => Tekst
com_connect_to_missing => <strong>Aan</strong> e-mailadres ontbreekt.
#@language pt-br
com_connect_checkbox => Checkbox
com_connect_contact => Contato
com_connect_email => Email
com_connect_email_subject => {site} > Contato
com_connect_email_thanks => Obrigado, sua mensagem foi enviada.
com_connect_field_missing => Faltou preencher o campo requerido <strong>{field}</strong>.
com_connect_format_warning => O valor {value} em <strong>{field}</strong> não está formato esperado.
com_connect_form_expired => O formulário expirou, por favor tente novamente.
com_connect_form_used => O formulário já foi enviado, por favor preencha o formulário novamente.
com_connect_general_inquiry => Assuntos gerais
com_connect_invalid_email => <strong>{email}</strong> não é um endereço de email válido.
com_connect_invalid_host => <strong>{host}</strong> não é um domínio de email válido.
com_connect_invalid_utf8 => <strong>{field}</strong> contém caracteres UTF-8 inválidos.
com_connect_invalid_value => Valor incorreto para <strong>{field}</strong>, <strong>{value}</strong> não é uma das opções disponíveis.
com_connect_mail_sorry => Desculpe, não foi possível enviar o email.
com_connect_maxval_warning => <strong>{field}</strong> não pode exceder {value}.
com_connect_max_warning => <strong>{field}</strong> não pode conter mais que {value} caracteres.
com_connect_message => Mensagem
com_connect_minval_warning => <strong>{field}</strong> deve ter ao menos {value}.
com_connect_min_warning => <strong>{field}</strong> deve conter ao menos {value} caracteres.
com_connect_name => Nome
com_connect_option => Opção
com_connect_pattern_warning => <strong>{field}</strong> não se encaixa no formato {value}.
com_connect_radio => Rádio
com_connect_recipient => Destinatário
com_connect_refresh => Clique neste link caso a página não se atualize automaticamente.
com_connect_secret => Secreto
com_connect_send => Enviar
com_connect_send_article => Enviar artigo
com_connect_spam => Não aceitamos spam, obrigado!
com_connect_text => Texto
com_connect_to_missing => <strong>To</strong> falta o endereço de email.
EOT;
if (!defined('txpinterface'))
@include_once('zem_tpl.php');
# --- BEGIN PLUGIN CODE ---
//<?php
/**
* com_connect: A Textpattern CMS plugin for mail delivery of contact forms.
*/
// Register tags if necessary.
if (class_exists('\Textpattern\Tag\Registry')) {
Txp::get('\Textpattern\Tag\Registry')
->register('com_connect')
->register('com_connect_text')
->register('com_connect_email')
->register('com_connect_textarea')
->register('com_connect_select')
->register('com_connect_option')
->register('com_connect_checkbox')
->register('com_connect_radio')
->register('com_connect_serverinfo')
->register('com_connect_secret')
->register('com_connect_submit')
->register('com_connect_send_article')
->register('com_connect_value')
->register('com_connect_label')
->register('com_connect_fields')
->register('com_connect_mime')
->register('com_connect_if');
}
/**
* Tag: encapsulate a contact form.
*
* Triggers the following callbacks:
* -> 'comconnect.form' during form rendering so additional fields (e.g. spam honeypots) can be injected.
* -> 'comconnect.render' immediately prior to form rendering so other parts of the form content may be altered.
* -> 'comconnect.submit' on successful posting of form data. Primarily of use for spam
* plugins: they can return a non-zero value to signal that the form should NOT be sent.
*
* @param array $atts Tag attributes
* @param string $thing Tag's container content
*/
function com_connect($atts, $thing = '')
{
global $sitename, $com_connect_flags, $com_connect_from,
$com_connect_recipient, $com_connect_error, $com_connect_submit,
$com_connect_form, $com_connect_labels, $com_connect_values;
extract(com_connect_lAtts(array(
'body_form' => '',
'class' => 'comConnectForm',
'classes' => '',
'copysender' => 0,
'expire' => 600,
'form' => '',
'from' => '',
'from_form' => '',
'label' => null,
'browser_validate' => 1,
'redirect' => '',
'replyto' => true,
'required' => '1',
'show_error' => 1,
'show_input' => 1,
'send_article' => 0,
'subject' => null,
'subject_form' => '',
'to' => '',
'to_form' => '',
'thanks' => null,
'thanks_form' => ''
), $atts));
$doctype = get_pref('doctype', 'xhtml');
if (!empty($lang)) {
$strings = com_connect_load_lang($lang);
$current = Txp::get('\Textpattern\L10n\Lang')->getStrings();
$textarray = array_merge($current, $strings);
Txp::get('\Textpattern\L10n\Lang')->setPack($textarray);
}
// Set defaults, in the local language if necessary.
if ($label === null) {
$label = gTxt('com_connect_contact');
}
if ($subject === null) {
$subject = gTxt('com_connect_email_subject', array('{site}' => html_entity_decode($sitename,ENT_QUOTES)));
}
if ($thanks === null) {
$thanks = graf(gTxt('com_connect_email_thanks'));
}
unset($atts['show_error'], $atts['show_input']);
$defaultClassNames = array(
'element' => 'errorElement',
'wrapper' => 'comError',
'required' => 'comRequired',
'thanks' => 'comThanks',
);
$com_connect_form_id = md5(serialize($atts) . preg_replace('/[\t\s\r\n]/', '', $thing));
$com_connect_submit = (ps('com_connect_form_id') == $com_connect_form_id);
$override_email_charset = (get_pref('override_emailcharset') && is_callable('utf8_decode'));
$userClassNames = do_list($classes);
foreach (array_merge($defaultClassNames, $userClassNames) as $classKey => $classValue) {
if (strpos($classValue, ':') !== false) {
$classParts = do_list($classValue, ':');
if (count($classParts) === 2) {
$com_connect_flags['cls_' . $classParts[0]] = $classParts[1];
}
} elseif ($classKey && $classValue) {
$com_connect_flags['cls_' . $classKey] = $classValue;
}
}
// The $com_connect_flags['this_form'] global is set if an id is supplied for the <form>.
// This value then becomes the default value for all html_form (a.k.a. form=)
// attributes for any input tags in this tag's container, providing HTML5 is in use.
$com_connect_flags['this_form'] = 'com' . $com_connect_form_id;
// Global toggle for required attribute.
$com_connect_flags['required'] = $required;
$now = time();
$now_date = date('Y-m-d H:i:s', $now);
$expire = abs(assert_int($expire));
static $headers_sent = false;
if (!$headers_sent) {
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $now - (3600 * 24 * 7)) . ' GMT');
header('Expires: ' . gmdate('D, d M Y H:i:s', $now + $expire) . ' GMT');
header('Cache-Control: no-cache, must-revalidate');
$headers_sent = true;
}
$nonce = doSlash(ps('com_connect_nonce'));
$renonce = false;
if ($com_connect_submit) {
// Since multiple com_connect forms could delete data that might be in use by other forms,
// protect them by using a well-known minimum value of 10 minutes. Not perfect.
// Using multiple forms on a page will result in them all adopting the lowest expiry time.
safe_delete('txp_discuss_nonce', "issue_time < date_sub('$now_date', interval ".max(600, $expire)." second)");
if ($rs = safe_row('used', 'txp_discuss_nonce', "nonce = '$nonce'")) {
if ($rs['used']) {
unset($com_connect_error);
$com_connect_error[] = gTxt('com_connect_form_used');
$renonce = true;
$_POST = array();
$_POST['com_connect_submit'] = true;
$_POST['com_connect_form_id'] = $com_connect_form_id;
$_POST['com_connect_nonce'] = $nonce;
}
} else {
$com_connect_error[] = gTxt('com_connect_form_expired');
$renonce = true;
}
}
if ($com_connect_submit && $nonce && !$renonce) {
$com_connect_nonce = $nonce;
} elseif (!$show_error || $show_input) {
$com_connect_nonce = md5(uniqid(rand(), true));
safe_insert('txp_discuss_nonce', "issue_time = '" . $now_date . "', nonce = '$com_connect_nonce'");
}
$form = ($form) ? fetch_form($form) : $thing;
if (empty($form)) {
$br = ($doctype === 'xhtml') ? '<br />' : '<br>';
$form = '
<txp:com_connect_text label="'.gTxt('com_connect_name').'" />'.$br.
'<txp:com_connect_email />'.$br.
($send_article ? '<txp:com_connect_email send_article="1" label="'.gTxt('com_connect_recipient').'" />'.$br : '').
'<txp:com_connect_textarea />'.$br.
'<txp:com_connect_submit />
';
}
$form = parse($form);
// Perform aggregate functions for checking radio sets.
if ($com_connect_submit) {
com_connect_group_validate();
}
if ($to_form) {
$to = parse_form($to_form);
}
if (!$to && !$send_article) {
return gTxt('com_connect_to_missing');
}
$out = '';
if (!$com_connect_submit) {
// Don't show errors or send mail.
} elseif (!empty($com_connect_error)) {
if ($show_error || !$show_input) {
$out .= n.doWrap(array_unique($com_connect_error), 'ul', 'li', $com_connect_flags['cls_wrapper']).n;
if (!$show_input) {
return $out;
}
}
} elseif ($show_input && is_array($com_connect_form)) {
// Load and check spam plugins.
callback_event('comconnect.submit');
$evaluation =& get_comconnect_evaluator();
$clean = $evaluation->get_comconnect_status();
if ($clean != 0) {
return $evaluation->get_comconnect_reason();
}
$semi_rand = md5(time());
$com_connect_flags['boundary'] = "Multipart_Boundary_x{$semi_rand}x";
if ($from_form) {
$from = parse_form($from_form);
}
if ($subject_form) {
$subject = parse_form($subject_form);
}
$sep = IS_WIN ? "\r\n" : "\n";
$msg = array();
$fields = array();
foreach ($com_connect_labels as $name => $lbl) {
$com_connect_values[$name] = doArray($com_connect_values[$name], 'trim');
if ($com_connect_values[$name] === false) {
continue;
}
$msg[] = $lbl . ': ' . (is_array($com_connect_values[$name]) ? implode(',', $com_connect_values[$name]) : $com_connect_values[$name]);
$fields[$name] = $com_connect_values[$name];
}
if ($send_article) {
global $thisarticle;
$subject = str_replace('&', '&', $thisarticle['title']);
$msg[] = permlinkurl($thisarticle);
$msg[] = $subject;
$s_ar = array('‘', '’', '“', '”', '’', '′', '″', '…', '–', '—', '×', '™', '®', '©', '<', '>', '"', '&', '&', "\t", '<p');
if ($override_email_charset) {
$r_ar = array("'", "'", '"', '"', "'", "'", '"', '...', '-', '--', 'x', '[tm]', '(r)', '(c)', '<', '>', '"', '&', '&', ' ', "\n<p");
} else {
$r_ar = array('‘', '’', '“', '”', '’', '?', '?', '…', '–', '—', '×', '™', '®', '©', '<', '>', '"', '&', '&', ' ', "\n<p");
}
$msg[] = trim(strip_tags(str_replace($s_ar, $r_ar, (trim(strip_tags($thisarticle['excerpt'])) ? $thisarticle['excerpt'] : $thisarticle['body']))));
if (empty($com_connect_recipient)) {
return gTxt('com_connect_field_missing', array('{field}' => gTxt('com_connect_recipient')));
} else {
$to = $com_connect_recipient;
}
}
$com_connect_flags['charset'] = $override_email_charset ? 'ISO-8859-1' : 'UTF-8';
$com_connect_flags['content_type'] = 'text/plain';
$com_connect_flags['xfer_encoding'] = '8bit';
if ($replyto === true) {
$reply = com_connect_strip($from ? $com_connect_from : '');
$from = com_connect_strip($from ? $from : $com_connect_from);
} elseif ($replyto === false || !is_valid_email($replyto)) {
$reply = com_connect_strip($from ? $from : '');
$from = com_connect_strip($from ? $from : '');
} else {
$reply = com_connect_strip($replyto);
$from = com_connect_strip($from ? $from : $replyto);
}
$to = com_connect_strip($to);
$subject = com_connect_strip($subject);
$body = implode("\n\n", $msg);
if ($body_form) {
$body = parse_form($body_form);
}
$body = str_replace(array("\r\n", "\r", "\n"), array("\n", "\n", $sep), $body);
$body = com_connect_strip($body, false);
if ($override_email_charset) {
$subject = utf8_decode($subject);
$body = utf8_decode($body);
}
$subject = Txp::get('\Textpattern\Mail\Encode')->header($subject, 'text');
$headers = array(
'from' => $from,
'separator' => $sep,
'reply' => $reply,
'charset' => $com_connect_flags['charset'],
'content_type' => $com_connect_flags['content_type'],
'xfer_encoding' => $com_connect_flags['xfer_encoding'],
);
safe_update('txp_discuss_nonce', "used = '1', issue_time = '$now_date'", "nonce = '$nonce'");
if (com_connect_deliver($to, $subject, $body, $headers, $fields, array('isCopy' => false, 'redirect' => $redirect))) {
$_POST = array();
if ($copysender && $com_connect_from) {
com_connect_deliver(com_connect_strip($com_connect_from), $subject, $body, $headers, $fields, array('isCopy' => true, 'redirect' => $redirect));
}
if ($redirect) {
while (@ob_end_clean());
$uri = hu.ltrim($redirect,'/');
if (empty($_SERVER['FCGI_ROLE']) && empty($_ENV['FCGI_ROLE'])) {
txp_status_header('303 See Other');
header('Location: '.$uri);
header('Connection: close');
header('Content-Length: 0');
} else {
$uri = txpspecialchars($uri);
$refresh = gTxt('com_connect_refresh');
echo <<<END
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>$sitename</title>
<meta http-equiv="refresh" content="0;url=$uri">
</head>
<body>
<a href="$uri">$refresh</a>
</body>
</html>
END;
}
exit;
} else {
return '<div class="' . $com_connect_flags['cls_thanks'] . '" id="com'.$com_connect_form_id.'">' .
($thanks_form ? parse_form($thanks_form) : $thanks) .
'</div>';
}
} else {
// Plugin modules may have set error messages: display if appropriate.
if ($com_connect_error) {
$out .= n.doWrap(array_unique($com_connect_error), 'ul', 'li', $com_connect_flags['cls_wrapper']).n;
} else {
$out .= graf(gTxt('com_connect_mail_sorry'));
}
}
}
if ($show_input && !$send_article || gps('com_connect_send_article')) {
$contactForm = '<form method="post"' . ((!$show_error && $com_connect_error) ? '' : ' id="com' . $com_connect_form_id . '"') .
($class ? ' class="' . $class . '"' : '') .
($browser_validate ? '' : ' novalidate') .
' action="' . txpspecialchars(serverSet('REQUEST_URI')) . '#com' . $com_connect_form_id . '">' .
($label ? n . '<fieldset>' : '') .
($label ? n . '<legend>' . txpspecialchars($label) . '</legend>' : '') .
$out .
n . '<input type="hidden" name="com_connect_nonce" value="' . $com_connect_nonce . '"' . (($doctype === 'xhtml') ? ' />' : '>') .
n . '<input type="hidden" name="com_connect_form_id" value="' . $com_connect_form_id . '"' . (($doctype === 'xhtml') ? ' />' : '>') .
$form .
callback_event('comconnect.form') .
($label ? (n . '</fieldset>') : '') .
n . '</form>';
callback_event_ref('comconnect.render', '', 0, $contactForm, $atts);
return $contactForm;
}
return '';
}
/**
* Tag: Render a text input field.
*
* Many different $types are allowed. In fact, the $type attribute is not
* restricted in any way to allow for any future types. This does bring some
* developer responsibility if you wish your document to validate because
* not all attributes will be valid for all input types, despite the plugin
* faithfully rendering whatever attributes it is given.
*
* A lot of invalid situations are recognised (e.g. only permitting max/min/step
* to occur on 'numeric' input types) but some are not easily trappable so they
* are left to user discretion.
*
* @param array $atts Tag attributes
* @return string HTML
*/
function com_connect_text($atts)
{
global $com_connect_error, $com_connect_submit, $com_connect_flags;
extract(com_connect_lAtts(array(
'autocomplete' => '',
'break' => br,
'class' => 'comText',
'default' => '',
'html_form' => $com_connect_flags['this_form'],
'isError' => '',
'inputmode' => '',
'label' => gTxt('com_connect_text'),
'label_position' => 'before',
'max' => null,
'min' => null,
'name' => '',
'pattern' => '',
'placeholder' => '',
'required' => $com_connect_flags['required'],
'size' => '',
'step' => '',
'type' => 'text',
), $atts));
$doctype = get_pref('doctype', 'xhtml');
$datetime_types = array(
'date',
'datetime',
'datetime-local',
'month',
'time',
'week',
);
$numeric_types = array(
'number',
'range',
);
$is_datetime = (in_array($type, $datetime_types));
$is_numeric = (in_array($type, $numeric_types));
// Dates / times get special treatment: no default min/max if not set by tag.
if (!$is_datetime && $min === null) {
$min = 0;
}
if (!$is_datetime && $max === null) {
$max = 100;
}
if (empty($name)) {
$name = com_connect_label2name($label);
}
$name = sanitizeForUrl($name);
if ($com_connect_submit) {
$value = trim(ps($name));
$utf8len = preg_match_all("/./su", $value, $utf8ar);
$hlabel = txpspecialchars($label);
$datetime_ok = true;
if ($is_datetime) {
$minval = $min;
$maxval = $max;
$cmpval = $value;
try {
$dt = new DateTime($cmpval);
$cmpval = $dt->format('U');
if ($min) {
$dt = new DateTime($min);
$minval = $dt->format('U');
}
if ($max) {
$dt = new DateTime($max);
$maxval = $dt->format('U');
}
} catch (Exception $e) {
$datetime_ok = false;
}
}
if (strlen($value)) {
if (!$utf8len) {
$com_connect_error[] = gTxt('com_connect_invalid_utf8', array('{field}' => $hlabel));
$isError = $com_connect_flags['cls_element'];
} elseif ($is_datetime && !$datetime_ok) {
$com_connect_error[] = gTxt('com_connect_format_warning', array('{field}' => $hlabel, '{value}' => $value));
$isError = $com_connect_flags['cls_element'];
} elseif ($min && !$is_numeric && !$is_datetime && $utf8len < $min) {
$com_connect_error[] = gTxt('com_connect_min_warning', array('{field}' => $hlabel, '{value}' => $min));
$isError = $com_connect_flags['cls_element'];
} elseif ($max && !$is_numeric && !$is_datetime && $utf8len > $max) {
$com_connect_error[] = gTxt('com_connect_max_warning', array('{field}' => $hlabel, '{value}' => $max));
$isError = $com_connect_flags['cls_element'];
} elseif ($min && $is_datetime && $cmpval < $minval) {
$com_connect_error[] = gTxt('com_connect_minval_warning', array('{field}' => $hlabel, '{value}' => $min));
$isError = $com_connect_flags['cls_element'];
} elseif ($max && $is_datetime && $cmpval > $maxval) {
$com_connect_error[] = gTxt('com_connect_maxval_warning', array('{field}' => $hlabel, '{value}' => $max));
$isError = $com_connect_flags['cls_element'];
} elseif ($min && $is_numeric && $value < $min) {
$com_connect_error[] = gTxt('com_connect_minval_warning', array('{field}' => $hlabel, '{value}' => $min));
$isError = $com_connect_flags['cls_element'];
} elseif ($max && $is_numeric && $value > $max) {
$com_connect_error[] = gTxt('com_connect_maxval_warning', array('{field}' => $hlabel, '{value}' => $max));
$isError = $com_connect_flags['cls_element'];
} elseif ($pattern and !preg_match('/^'.$pattern.'$/', $value)) {
$com_connect_error[] = gTxt('com_connect_pattern_warning', array('{field}' => $hlabel, '{value}' => $pattern));
$isError = $com_connect_flags['cls_element'];
} else {
com_connect_store($name, $label, $value);
}
} elseif ($required) {
$com_connect_error[] = gTxt('com_connect_field_missing', array('{field}' => $hlabel));
$isError = $com_connect_flags['cls_element'];
}
} else {
$value = $default;
}
// Core attributes.
$attr = com_connect_build_atts(array(
'id' => (isset($id) ? $id : $name),
'name' => $name,
'type' => $type,
'value' => $value,
));
if ($size && !$is_numeric) {
$attr['size'] = 'size="' . intval($size) . '"';
}
if ($min && !$is_numeric) {
$attr['minlength'] = 'minlength="' . intval($min) . '"';
}
if ($max && !$is_numeric) {
$attr['maxlength'] = 'maxlength="' . intval($max) . '"';
}
if ($doctype !== 'xhtml' && ($is_numeric || $is_datetime)) {
// Not using intval() because min/max/step can be floating point values.
$attr += com_connect_build_atts(array(
'min' => $min,
'max' => $max,
'step' => $step,
));
}
// HTML5 attributes.
$required = ($required) ? 'required' : '';
if ($doctype !== 'xhtml') {
$attr += com_connect_build_atts(array(
'autocomplete' => $autocomplete,
'form' => $html_form,
'inputmode' => $inputmode,
'pattern' => $pattern,
'placeholder' => $placeholder,
'required' => $required,
));
if ($isError) {
$attr += com_connect_build_atts(array(
'aria-invalid' => 'true',
));
}
}
// Global attributes.
$attr += com_connect_build_atts($com_connect_globals, $atts);
$classes = array();
foreach (array($class, ($required ? $com_connect_flags['cls_required'] : ''), $isError) as $cls) {
if ($cls) {
$classes[] = $cls;
}
}
$classStr = ($classes ? ' class="' . implode(' ', $classes) . '"' : '');
$labelStr = ($label) ? '<label for="' . $name . '"' . $classStr . '>' . txpspecialchars($label) . '</label>' : '';
return ($labelStr && $label_position === 'before' ? $labelStr . $break : '') .
'<input' . $classStr . ($attr ? ' ' . implode(' ', $attr) : '') . (($doctype === 'xhtml') ? ' />' : '>') .
($labelStr && $label_position === 'after' ? $break . $labelStr : '');
}
/**
* Tag: Render an email input field.
*
* @param array $atts Tag attributes
* @return string HTML
*/
function com_connect_email($atts)
{
global $com_connect_error, $com_connect_submit, $com_connect_from, $com_connect_recipient, $com_connect_flags;
// TODO: 'multiple' attribute?
$defaults = array(
'autocomplete' => '',
'break' => br,
'class' => 'comEmail',
'default' => '',
'html_form' => $com_connect_flags['this_form'],
'isError' => '',
'label' => gTxt('com_connect_email'),
'label_position' => 'before',
'max' => 100,
'min' => 0,
'name' => '',
'pattern' => '',
'placeholder' => '',
'required' => $com_connect_flags['required'],
'send_article' => 0,
'size' => '',
'type' => 'email',
);
extract(com_connect_lAtts($defaults, $atts));
if (empty($name)) {
$name = com_connect_label2name($label);
}
$name = sanitizeForUrl($name);
$email = $com_connect_submit ? trim(ps($name)) : $default;
if ($com_connect_submit && strlen($email)) {
if (!is_valid_email($email)) {
$com_connect_error[] = gTxt('com_connect_invalid_email', array('{email}' => txpspecialchars($email)));
$isError = $com_connect_flags['cls_element'];
} else {
preg_match("/@(.+)$/", $email, $match);
$domain = $match[1];
if (is_callable('checkdnsrr') && checkdnsrr('textpattern.com.','A') && !checkdnsrr($domain.'.','MX') && !checkdnsrr($domain.'.','A')) {
$com_connect_error[] = gTxt('com_connect_invalid_host', array('{host}' => txpspecialchars($domain)));
$isError = $com_connect_flags['cls_element'];
} else {
if ($send_article) {
$com_connect_recipient = $email;
} else {
$com_connect_from = $email;
}
}
}
}
$passed_atts = array();
foreach ($defaults as $key => $value) {
$passed_atts[$key] = $$key;
}
$passed_atts['isError'] = $isError;
unset ($passed_atts['send_article']);
return com_connect_text($passed_atts);
}
/**
* Tag: Render a textarea input field.
*
* @param array $atts Tag attributes
* @return string HTML
*/
function com_connect_textarea($atts)
{
global $com_connect_error, $com_connect_submit, $com_connect_flags;
extract(com_connect_lAtts(array(
'autocomplete' => '',
'break' => br,
'class' => 'comTextarea',
'cols' => 58,
'default' => '',
'html_form' => $com_connect_flags['this_form'],
'isError' => '',
'label' => gTxt('com_connect_message'),
'label_position' => 'before',
'max' => 10000,
'min' => 0,
'name' => '',
'placeholder' => '',
'required' => $com_connect_flags['required'],
'rows' => 8,
'wrap' => '',
), $atts));
$min = intval($min);
$max = intval($max);
if (empty($name)) {
$name = com_connect_label2name($label);
}
$name = sanitizeForUrl($name);
$doctype = get_pref('doctype', 'xhtml');
if ($com_connect_submit) {
$value = preg_replace('/^\s*[\r\n]/', '', rtrim(ps($name)));
$utf8len = preg_match_all("/./su", ltrim($value), $utf8ar);
$hlabel = txpspecialchars($label);
if (strlen(ltrim($value))) {
if (!$utf8len) {
$com_connect_error[] = gTxt('com_connect_invalid_utf8', array('{field}' => $hlabel));
$isError = $com_connect_flags['cls_element'];
} elseif ($min && $utf8len < $min) {
$com_connect_error[] = gTxt('com_connect_min_warning', array('{field}' => $hlabel, '{value}' => $min));
$isError = $com_connect_flags['cls_element'];
} elseif ($max && $utf8len > $max) {
$com_connect_error[] = gTxt('com_connect_max_warning', array('{field}' => $hlabel, '{value}' => $max));
$isError = $com_connect_flags['cls_element'];
} else {
com_connect_store($name, $label, $value);
}
} elseif ($required) {
$com_connect_error[] = gTxt('com_connect_field_missing', array('{field}' => $hlabel));
$isError = $com_connect_flags['cls_element'];
}
} else {
$value = $default;
}
// Core attributes.