<?php
if(!defined('DATALIFEENGINE')) { die("Hacking attempt!"); }
if (!$user_group[$member_id['user_group']]['allow_feed']) {
$lang['feed_error'] = str_replace('{group}', $user_group[$member_id['user_group']]['group_name'], $lang['feed_error']); msgbox ($lang['all_info'], $lang['feed_error']);
} else {
if (isset($_POST['send'])) { $stop = "";
if ($is_logged) { $name = $member_id['name']; $email = $member_id['email']; $name2 = $member_id['name2']; $name3 = $member_id['name3']; $tel1 = $member_id['tel1']; $tel2 = $member_id['tel2']; $tel3 = $member_id['tel3']; $tel4 = $member_id['tel4']; $tel5 = $member_id['tel5']; $adres1 = $member_id['adres1']; $adres2 = $member_id['adres2']; $adres3 = $member_id['adres3']; $adres4 = $member_id['adres4']; } else {
$name = $db->safesql(strip_tags($_POST['name'])); $email = $db->safesql(strip_tags($_POST['email'])); $name2 = $db->safesql(strip_tags($_POST['name2'])); $name3 = $db->safesql(strip_tags($_POST['name3'])); $tel1 = $db->safesql(strip_tags($_POST['tel1'])); $tel2 = $db->safesql(strip_tags($_POST['tel2'])); $tel3 = $db->safesql(strip_tags($_POST['tel3'])); $tel4 = $db->safesql(strip_tags($_POST['tel4'])); $tel5 = $db->safesql(strip_tags($_POST['tel5'])); $adres1 = $db->safesql(strip_tags($_POST['adres1'])); $adres2 = $db->safesql(strip_tags($_POST['adres2'])); $adres3 = $db->safesql(strip_tags($_POST['adres3'])); $adres4 = $db->safesql(strip_tags($_POST['adres4']));
$db->query("SELECT name from " . USERPREFIX . "_users where LOWER(name) = '".strtolower($name)."' OR LOWER(email) = '".strtolower($email)."'");
if ($db->num_rows() > 0) { $stop = $lang['news_err_7']; }
$name = strip_tags(stripslashes($_POST['name'])); $email = strip_tags(stripslashes($_POST['email'])); $name2 = strip_tags(stripslashes($_POST['name2'])); $name3 = strip_tags(stripslashes($_POST['name3'])); $tel1 = strip_tags(stripslashes($_POST['tel1'])); $tel2 = strip_tags(stripslashes($_POST['tel2'])); $tel3 = strip_tags(stripslashes($_POST['tel3'])); $tel4 = strip_tags(stripslashes($_POST['tel4'])); $tel5 = strip_tags(stripslashes($_POST['tel5'])); $adres1 = strip_tags(stripslashes($_POST['adres1'])); $adres2 = strip_tags(stripslashes($_POST['adres2'])); $adres3 = strip_tags(stripslashes($_POST['adres3'])); $adres4 = strip_tags(stripslashes($_POST['adres4']));
}
$subject = Заявка_на_подключение; $message = strip_tags(stripslashes($_POST['message'])); $email = strip_tags(stripslashes($_POST['email'])); $name2 = strip_tags(stripslashes($_POST['name2'])); $name3 = strip_tags(stripslashes($_POST['name3'])); $tel1 = strip_tags(stripslashes($_POST['tel1'])); $tel2 = strip_tags(stripslashes($_POST['tel2'])); $tel3 = strip_tags(stripslashes($_POST['tel3'])); $tel4 = strip_tags(stripslashes($_POST['tel4'])); $tel5 = strip_tags(stripslashes($_POST['tel5'])); $adres1 = strip_tags(stripslashes($_POST['adres1'])); $adres2 = strip_tags(stripslashes($_POST['adres2'])); $adres3 = strip_tags(stripslashes($_POST['adres3'])); $adres4 = strip_tags(stripslashes($_POST['adres4'])); $recip = intval($_POST['recip']);
function check_email($value) { return eregi("^([0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-wyz][a-z](fo|g|l|m|mes|o|op|pa|ro|seum|t|u|v|z)?)$", $value); } function check_tel1($value) { return eregi("[0-9]", $value); } function check_tel2($value) { return eregi("[0-9]", $value); } function check_tel3($value) { return eregi("[0-9]", $value); } function check_tel4($value) { return eregi("[0-9]", $value); } function check_tel5($value) { return eregi("[0-9]", $value); } function check_tel6($value) { return eregi("[0-9]", $value); } function check_adres1($value) { return eregi("[А-Яа-я]", $value); } function check_adres2($value) { return eregi("[0-9А-Яа-я]", $value); } function check_adres3($value) { return eregi("[0-9А-Яа-я]", $value); } function check_adres4($value) { return eregi("[0-9]", $value); } if (empty($name)) { $stop .= $lang['feed_err_1']; }
if (empty($name2)) { $stop .= $lang['feed_err_8']; }
if (empty($name3)) { $stop .= $lang['feed_err_9']; }
if (empty($tel1)) { $stop .= $lang['feed_err_11']; } elseif (!check_tel1($tel1)) { $stop .= $lang['feed_err_10']; } if (empty($tel2)) { $stop .= $lang['feed_err_13']; } elseif (!check_tel2($tel2)) { $stop .= $lang['feed_err_12']; } if (empty($tel3)) { $stop .= $lang['feed_err_15']; } elseif (!check_tel3($tel3)) { $stop .= $lang['feed_err_14']; } if (empty($tel4)) { $stop .= $lang['feed_err_17']; } elseif (!check_tel4($tel4)) { $stop .= $lang['feed_err_16']; } if (empty($tel5)) { $stop .= $lang['feed_err_19']; } elseif (!check_tel5($tel5)) { $stop .= $lang['feed_err_18']; } if (empty($adres1)) { $stop .= $lang['feed_err_20']; } elseif (!check_adres1($adres1)) { $stop .= $lang['feed_err_21']; } if (empty($adres2)) { $stop .= $lang['feed_err_22']; } elseif (!check_adres2($adres2)) { $stop .= $lang['feed_err_23']; } if (empty($adres3)) { $stop .= $lang['feed_err_24']; } elseif (!check_adres3($adres3)) { $stop .= $lang['feed_err_25']; } if (empty($adres4)) { $stop .= $lang['feed_err_26']; } elseif (!check_adres4($adres4)) { $stop .= $lang['feed_err_27']; } if (empty($email)) { $stop .= $lang['feed_err_2']; } elseif (!check_email($email)) { $stop .= $lang['feed_err_3']; }
if (empty($message)) { $stop .= $lang['feed_err_5']; } if (empty($email)) { $stop .= $lang['feed_err_6']; }
if ( $_POST['sec_code'] != $_SESSION['sec_code_session'] OR !$_SESSION['sec_code_session']) { $stop .= $lang['reg_err_19']; } $_SESSION['sec_code_session'] = false;
if ($stop) {
msgbox ($lang['all_err_1'], "$stop<br><br><a href=\"javascript:history.go(-1)\">$lang[all_prev]</a>");
} else {
include_once ENGINE_DIR.'/classes/mail.class.php'; $mail = new dle_mail ($config);
$recipient = $db->super_query("SELECT name, email, fullname FROM " . USERPREFIX . "_users WHERE user_id='".$recip."'"); if (empty($recipient['fullname'])) $recipient['fullname'] = $recipient['name'];
$row = $db->super_query("SELECT template FROM " . PREFIX . "_email where name='feed_mail' LIMIT 0,1");
$row['template'] = stripslashes($row['template']); $row['template'] = str_replace("{%username_to%}",$recipient['fullname'], $row['template']); $row['template'] = str_replace("{%username_from%}",$name, $row['template']); $row['template'] = str_replace("{%username_from2%}",$name2, $row['template']); $row['template'] = str_replace("{%username_from3%}",$name3, $row['template']); $row['template'] = str_replace("{%tel1%}",$tel1, $row['template']); $row['template'] = str_replace("{%tel2%}",$tel2, $row['template']); $row['template'] = str_replace("{%tel3%}",$tel3, $row['template']); $row['template'] = str_replace("{%tel4%}",$tel4, $row['template']); $row['template'] = str_replace("{%tel5%}",$tel5, $row['template']); $row['template'] = str_replace("{%adres1%}",$adres1, $row['template']); $row['template'] = str_replace("{%adres2%}",$adres2, $row['template']); $row['template'] = str_replace("{%adres3%}",$adres3, $row['template']); $row['template'] = str_replace("{%adres4%}",$adres4, $row['template']); $row['template'] = str_replace("{%text%}",$message, $row['template']); $row['template'] = str_replace("{%email%}",$email, $row['template']); $row['template'] = str_replace("{%ip%}",$_SERVER['REMOTE_ADDR'], $row['template']);
$mail->from = $email;
$mail->send ($recipient['email'], $subject, $row['template']);
if ($mail->send_error) msgbox ($lang['all_info'], $mail->smtp_msg); else msgbox($lang['feed_ok_1'], "$lang[feed_ok_2] ".$recipient['name']." $lang[feed_ok_3] <a href=\"{$config['http_home_url']}\">$lang[feed_ok_4]</a>");
}
} else {
$user = intval($_GET['user']); if (!$user) $db->query("SELECT name, user_id FROM " . USERPREFIX . "_users where user_group = '3' AND allow_mail = '1' ORDER BY user_group"); else $db->query("SELECT name, user_id FROM " . USERPREFIX . "_users where user_id = '$user' AND allow_mail = '1' ORDER BY user_group");
if ($db->num_rows()) { $empf = "<select name=\"recip\">"; $i = 1; while ($row = $db->get_array()) { $str = $row['name']."";
if ($i == 1) { $empf .= "<option selected=\"selected\" value=\"".$row["user_id"]."\">".$str."</option>\n"; } else { $empf .= "<option value=\"".$row["user_id"]."\">".$str."</option>\n"; } $i++; } $empf .="</select>";
$db->free();
$tpl->load_template('feedback.tpl');
$path = parse_url($config['http_home_url']); $tpl->set('{recipient}',$empf); $tpl->set('{code}',"<span id=\"dle-captcha\"><img src=\"".$path['path']."engine/modules/antibot.php\" alt=\"{$lang['sec_image']}\" border=\"0\" /><br /><a onclick=\"reload(); return false;\" href=\"#\">{$lang['reload_code']}</a></span>");
if (!$is_logged) { $tpl->set('[not-logged]',""); $tpl->set('[/not-logged]',""); } else $tpl->set_block("'\\[not-logged\\](.*?)\\[/not-logged\\]'si","");
$tpl->copy_template = "<form method=\"post\" name=\"sendmail\" onsubmit=\"if(document.sendmail.subject.value == '' || document.sendmail.message.value == ''){alert('{$lang['comm_req_f']}');return false}\"action=\"\">\n".$tpl->copy_template." <input name=\"send\" type=\"hidden\" value=\"send\" /> </form>";
$tpl->copy_template .= <<<HTML <script language='JavaScript' type="text/javascript"> function reload () {
var rndval = new Date().getTime();
document.getElementById('dle-captcha').innerHTML = '<img src="{$path['path']}engine/modules/antibot.php?rndval=' + rndval + '" border="0" width="120" height="50"><br /><a onclick="reload(); return false;" href="#">{$lang['reload_code']}</a>';
}; </script> HTML;
$tpl->compile('content'); $tpl->clear();
} else {msgbox ($lang['all_err_1'], $lang['feed_err_7']);} }
}
|