<?php
if(!defined('DATALIFEENGINE'))
{
die("Hacking attempt!");
}
if (!$user_group[$member_id['user_group']]['allow_feed']) {
$lang['feed_error'] = str_replace('{group}', $user_group[$member_id['user_group']]['group_name'], $lang['feed_error']);
msgbox ($lang['all_info'], $lang['feed_error']);
} else {
if (isset($_POST['send'])) {
$stop = "";
if ($is_logged)
{
$name = $member_id['name'];
$email = $member_id['email'];
$name2 = $member_id['name2'];
$name3 = $member_id['name3'];
$tel1 = $member_id['tel1'];
$tel2 = $member_id['tel2'];
$tel3 = $member_id['tel3'];
$tel4 = $member_id['tel4'];
$tel5 = $member_id['tel5'];
$adres1 = $member_id['adres1'];
$adres2 = $member_id['adres2'];
$adres3 = $member_id['adres3'];
$adres4 = $member_id['adres4'];
} else {
$name = $db->safesql(strip_tags($_POST['name']));
$email = $db->safesql(strip_tags($_POST['email']));
$name2 = $db->safesql(strip_tags($_POST['name2']));
$name3 = $db->safesql(strip_tags($_POST['name3']));
$tel1 = $db->safesql(strip_tags($_POST['tel1']));
$tel2 = $db->safesql(strip_tags($_POST['tel2']));
$tel3 = $db->safesql(strip_tags($_POST['tel3']));
$tel4 = $db->safesql(strip_tags($_POST['tel4']));
$tel5 = $db->safesql(strip_tags($_POST['tel5']));
$adres1 = $db->safesql(strip_tags($_POST['adres1']));
$adres2 = $db->safesql(strip_tags($_POST['adres2']));
$adres3 = $db->safesql(strip_tags($_POST['adres3']));
$adres4 = $db->safesql(strip_tags($_POST['adres4']));
$db->query("SELECT name from " . USERPREFIX . "_users where LOWER(name) = '".strtolower($name)."' OR LOWER(email) = '".strtolower($email)."'");
if ($db->num_rows() > 0) {
$stop = $lang['news_err_7'];
}
$name = strip_tags(stripslashes($_POST['name']));
$email = strip_tags(stripslashes($_POST['email']));
$name2 = strip_tags(stripslashes($_POST['name2']));
$name3 = strip_tags(stripslashes($_POST['name3']));
$tel1 = strip_tags(stripslashes($_POST['tel1']));
$tel2 = strip_tags(stripslashes($_POST['tel2']));
$tel3 = strip_tags(stripslashes($_POST['tel3']));
$tel4 = strip_tags(stripslashes($_POST['tel4']));
$tel5 = strip_tags(stripslashes($_POST['tel5']));
$adres1 = strip_tags(stripslashes($_POST['adres1']));
$adres2 = strip_tags(stripslashes($_POST['adres2']));
$adres3 = strip_tags(stripslashes($_POST['adres3']));
$adres4 = strip_tags(stripslashes($_POST['adres4']));
}
$subject = Заявка_на_подключение;
$message = strip_tags(stripslashes($_POST['message']));
$email = strip_tags(stripslashes($_POST['email']));
$name2 = strip_tags(stripslashes($_POST['name2']));
$name3 = strip_tags(stripslashes($_POST['name3']));
$tel1 = strip_tags(stripslashes($_POST['tel1']));
$tel2 = strip_tags(stripslashes($_POST['tel2']));
$tel3 = strip_tags(stripslashes($_POST['tel3']));
$tel4 = strip_tags(stripslashes($_POST['tel4']));
$tel5 = strip_tags(stripslashes($_POST['tel5']));
$adres1 = strip_tags(stripslashes($_POST['adres1']));
$adres2 = strip_tags(stripslashes($_POST['adres2']));
$adres3 = strip_tags(stripslashes($_POST['adres3']));
$adres4 = strip_tags(stripslashes($_POST['adres4']));
$recip = intval($_POST['recip']);
function check_email($value) {
return eregi("^([0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-wyz][a-z](fo|g|l|m|mes|o|op|pa|ro|seum|t|u|v|z)?)$", $value);
}
function check_tel1($value) {
return eregi("[0-9]", $value);
}
function check_tel2($value) {
return eregi("[0-9]", $value);
}
function check_tel3($value) {
return eregi("[0-9]", $value);
}
function check_tel4($value) {
return eregi("[0-9]", $value);
}
function check_tel5($value) {
return eregi("[0-9]", $value);
}
function check_tel6($value) {
return eregi("[0-9]", $value);
}
function check_adres1($value) {
return eregi("[А-Яа-я]", $value);
}
function check_adres2($value) {
return eregi("[0-9А-Яа-я]", $value);
}
function check_adres3($value) {
return eregi("[0-9А-Яа-я]", $value);
}
function check_adres4($value) {
return eregi("[0-9]", $value);
}
if (empty($name)) {
$stop .= $lang['feed_err_1'];
}
if (empty($name2)) {
$stop .= $lang['feed_err_8'];
}
if (empty($name3)) {
$stop .= $lang['feed_err_9'];
}
if (empty($tel1)) {
$stop .= $lang['feed_err_11'];
}
elseif (!check_tel1($tel1)) {
$stop .= $lang['feed_err_10'];
}
if (empty($tel2)) {
$stop .= $lang['feed_err_13'];
}
elseif (!check_tel2($tel2)) {
$stop .= $lang['feed_err_12'];
}
if (empty($tel3)) {
$stop .= $lang['feed_err_15'];
}
elseif (!check_tel3($tel3)) {
$stop .= $lang['feed_err_14'];
}
if (empty($tel4)) {
$stop .= $lang['feed_err_17'];
}
elseif (!check_tel4($tel4)) {
$stop .= $lang['feed_err_16'];
}
if (empty($tel5)) {
$stop .= $lang['feed_err_19'];
}
elseif (!check_tel5($tel5)) {
$stop .= $lang['feed_err_18'];
}
if (empty($adres1)) {
$stop .= $lang['feed_err_20'];
}
elseif (!check_adres1($adres1)) {
$stop .= $lang['feed_err_21'];
}
if (empty($adres2)) {
$stop .= $lang['feed_err_22'];
}
elseif (!check_adres2($adres2)) {
$stop .= $lang['feed_err_23'];
}
if (empty($adres3)) {
$stop .= $lang['feed_err_24'];
}
elseif (!check_adres3($adres3)) {
$stop .= $lang['feed_err_25'];
}
if (empty($adres4)) {
$stop .= $lang['feed_err_26'];
}
elseif (!check_adres4($adres4)) {
$stop .= $lang['feed_err_27'];
}
if (empty($email)) {
$stop .= $lang['feed_err_2'];
}
elseif (!check_email($email)) {
$stop .= $lang['feed_err_3'];
}
if (empty($message)) {
$stop .= $lang['feed_err_5'];
}
if (empty($email)) {
$stop .= $lang['feed_err_6'];
}
if ( $_POST['sec_code'] != $_SESSION['sec_code_session'] OR !$_SESSION['sec_code_session']) {
$stop .= $lang['reg_err_19'];
}
$_SESSION['sec_code_session'] = false;
if ($stop) {
msgbox ($lang['all_err_1'], "$stop<br><br><a href=\"javascript:history.go(-1)\">$lang[all_prev]</a>");
} else {
include_once ENGINE_DIR.'/classes/mail.class.php';
$mail = new dle_mail ($config);
$recipient = $db->super_query("SELECT name, email, fullname FROM " . USERPREFIX . "_users WHERE user_id='".$recip."'");
if (empty($recipient['fullname'])) $recipient['fullname'] = $recipient['name'];
$row = $db->super_query("SELECT template FROM " . PREFIX . "_email where name='feed_mail' LIMIT 0,1");
$row['template'] = stripslashes($row['template']);
$row['template'] = str_replace("{%username_to%}",$recipient['fullname'], $row['template']);
$row['template'] = str_replace("{%username_from%}",$name, $row['template']);
$row['template'] = str_replace("{%username_from2%}",$name2, $row['template']);
$row['template'] = str_replace("{%username_from3%}",$name3, $row['template']);
$row['template'] = str_replace("{%tel1%}",$tel1, $row['template']);
$row['template'] = str_replace("{%tel2%}",$tel2, $row['template']);
$row['template'] = str_replace("{%tel3%}",$tel3, $row['template']);
$row['template'] = str_replace("{%tel4%}",$tel4, $row['template']);
$row['template'] = str_replace("{%tel5%}",$tel5, $row['template']);
$row['template'] = str_replace("{%adres1%}",$adres1, $row['template']);
$row['template'] = str_replace("{%adres2%}",$adres2, $row['template']);
$row['template'] = str_replace("{%adres3%}",$adres3, $row['template']);
$row['template'] = str_replace("{%adres4%}",$adres4, $row['template']);
$row['template'] = str_replace("{%text%}",$message, $row['template']);
$row['template'] = str_replace("{%email%}",$email, $row['template']);
$row['template'] = str_replace("{%ip%}",$_SERVER['REMOTE_ADDR'], $row['template']);
$mail->from = $email;
$mail->send ($recipient['email'], $subject, $row['template']);
if ($mail->send_error) msgbox ($lang['all_info'], $mail->smtp_msg);
else msgbox($lang['feed_ok_1'], "$lang[feed_ok_2] ".$recipient['name']." $lang[feed_ok_3] <a href=\"{$config['http_home_url']}\">$lang[feed_ok_4]</a>");
}
} else {
$user = intval($_GET['user']);
if (!$user)
$db->query("SELECT name, user_id FROM " . USERPREFIX . "_users where user_group = '3' AND allow_mail = '1' ORDER BY user_group");
else
$db->query("SELECT name, user_id FROM " . USERPREFIX . "_users where user_id = '$user' AND allow_mail = '1' ORDER BY user_group");
if ($db->num_rows())
{
$empf = "<select name=\"recip\">";
$i = 1;
while ($row = $db->get_array()) {
$str = $row['name']."";
if ($i == 1) {
$empf .= "<option selected=\"selected\" value=\"".$row["user_id"]."\">".$str."</option>\n";
} else {
$empf .= "<option value=\"".$row["user_id"]."\">".$str."</option>\n";
}
$i++;
}
$empf .="</select>";
$db->free();
$tpl->load_template('feedback.tpl');
$path = parse_url($config['http_home_url']);
$tpl->set('{recipient}',$empf);
$tpl->set('{code}',"<span id=\"dle-captcha\"><img src=\"".$path['path']."engine/modules/antibot.php\" alt=\"{$lang['sec_image']}\" border=\"0\" /><br /><a onclick=\"reload(); return false;\" href=\"#\">{$lang['reload_code']}</a></span>");
if (!$is_logged) {
$tpl->set('[not-logged]',"");
$tpl->set('[/not-logged]',"");
}
else $tpl->set_block("'\\[not-logged\\](.*?)\\[/not-logged\\]'si","");
$tpl->copy_template = "<form method=\"post\" name=\"sendmail\" onsubmit=\"if(document.sendmail.subject.value == '' || document.sendmail.message.value == ''){alert('{$lang['comm_req_f']}');return false}\"action=\"\">\n".$tpl->copy_template."
<input name=\"send\" type=\"hidden\" value=\"send\" />
</form>";
$tpl->copy_template .= <<<HTML
<script language='JavaScript' type="text/javascript">
function reload () {
var rndval = new Date().getTime();
document.getElementById('dle-captcha').innerHTML = '<img src="{$path['path']}engine/modules/antibot.php?rndval=' + rndval + '" border="0" width="120" height="50"><br /><a onclick="reload(); return false;" href="#">{$lang['reload_code']}</a>';
};
</script>
HTML;
$tpl->compile('content');
$tpl->clear();
}
else {msgbox ($lang['all_err_1'], $lang['feed_err_7']);}
}
}
|
