1<?php 2/** 3 * @package tikiwiki 4 */ 5// (c) Copyright by authors of the Tiki Wiki CMS Groupware Project 6// 7// All Rights Reserved. See copyright.txt for details and a complete list of authors. 8// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details. 9// $Id$ 10$inputConfiguration = [[ 11 'staticKeyFilters' => [ 12 'send' => 'bool', // post 13 'priority' => 'int', // post 14 'from' => 'striptags', // post 15 'subject' => 'striptags', // post 16 'body' => 'xss', // post 17 'to' => 'email', // post 18 'g-recaptcha-response' => 'striptags', 19 ], 20 'catchAllUnset' => null 21]]; 22 23require_once('tiki-setup.php'); 24 25$messulib = TikiLib::lib('message'); 26 27// This feature needs both 'feature_contact' and 'feature_messages' to work 28$access->check_feature(['feature_contact', 'feature_messages']); 29 30$auto_query_args = []; 31 32if ($user) { 33 $access->check_permission('tiki_p_messages'); 34} else { 35 $access->check_feature('contact_anon'); 36} 37 38$smarty->assign('sent', 0); 39 40$priority = 3; 41$from = $user ? $user : ''; 42$subject = ''; 43$body = ''; 44 45if (isset($_REQUEST['send']) && $access->checkCsrf()) { 46 if (isset($_REQUEST['priority'])) { 47 $priority = $_REQUEST['priority']; 48 } 49 if (! $user && validate_email($_POST['from'])) { 50 $from = 'tiki-contact.php'; 51 $body .= tra('From') . " " . $_POST['from'] . ":\n"; 52 } 53 if (isset($_POST['subject'])) { 54 $subject = $_POST['subject']; 55 } 56 if (isset($_POST['body'])) { 57 $body .= $_POST['body']; 58 } 59 60 // Validation: 61 // must have a subject or body non-empty (or both) 62 $hasContent = ! empty($_POST['subject']) || ! empty($_POST['body']); 63 64 $failsCaptcha = ! $user && $prefs['feature_antibot'] == 'y' && ! $captchalib->validate(); 65 if (! $hasContent || empty($from) || $failsCaptcha) { 66 if (! $hasContent) { 67 $message = tra("You must include a subject or a message."); 68 } elseif (empty($from)) { 69 $message = tra("You must make sure to have a valid email address in the From field."); 70 } else { 71 $message = $captchalib->getErrors(); 72 } 73 Feedback::error(['mes' => $message, 'title' => tr('Invalid')]); 74 } else { 75 $body = tr("%0 sent you a message:", $from) . "\n" . $body; 76 $messulib->post_message( 77 $prefs['contact_user'], 78 $from, 79 $_POST['to'], 80 '', 81 $_POST['subject'], 82 $body, 83 $priority 84 ); 85 $contact_name = $userlib->get_user_preference($prefs['contact_user'], 'realName'); 86 if ($contact_name == '') { 87 $contact_name = $prefs['contact_user']; 88 } 89 $message = tra('Message sent to') . ': ' . $contact_name . '<br />'; 90 $smarty->assign('sent', 1); 91 Feedback::success($message); 92 } 93} 94 95$email = $userlib->get_user_email($prefs['contact_user']); 96if ($email == '') { 97 $email = $userlib->get_admin_email(); 98} 99$smarty->assign('email0', $email); 100$email = TikiMail::scrambleEmail($email, $tikilib->get_user_preference('admin', "email is public")); 101$smarty->assign('email', $email); 102 103$smarty->assign('priority', $priority); 104$smarty->assign('from', $from); 105$smarty->assign('subject', $subject); 106$smarty->assign('body', $body); 107 108$smarty->assign('mid', 'tiki-contact.tpl'); 109$smarty->display("tiki.tpl"); 110