$msg

'tell a friend', 'your_name'=>'your name', 'your_email'=>'your email', 'recipient_email'=>'recipient email', 'message'=>'message', 'send'=>'send', 'clear_fields'=>'clear fields', 'close'=>'close', 'administrator'=>'administrator', 'required_msg'=>'Fields marked with * are required', 'email_msg'=>'Invalid email address', 'on_success_msg'=>'The Message Was Sent', 'on_fail_msg'=> 'The Message Could Not Be Sent'); $settings_keys = array('tell_friend', 'your_name', 'your_email', 'recipient_email', 'message', 'send', 'clear_fields', 'close', 'administrator', 'required_msg', 'email_msg', 'on_success_msg', 'on_fail_msg', 'from_address', 'subject', 'default_message', 'hidden_message', 'include_url', 'allow_msg_change'); $faq_link = " For instructions what to do next, check here."; //$demo_mode = false; $first_line = ""; $default_msg = "Dear Friend, ".$lf."I am happy to share with you this interesting site:"; $sitemap_fname = '../sitemap.php'; $max_line_chars = 25000; // --------------------------------------------------------------------- function get_session($Var) { return (isset($_SESSION[$Var])? $_SESSION[$Var]: ""); } function set_session($Var, $varValue) { $_SESSION[$Var] = $varValue; } function is_logged($Var) { return ( "" != get_session( $Var) ); } function unset_session($Var) { unset($_SESSION[ $Var ]); session_destroy(); return true; } function int_start_session() { $session_ini='../sessions_path.ini'; if (file_exists($session_ini)) { $fp=@fopen($session_ini,"r"); $session_save_path=trim(fread($fp,filesize($session_ini))); fclose($fp); if ($session_save_path != '') session_save_path($session_save_path); } session_start(); } function check_email($email) { return preg_match("/^[A-Za-z_0-9\.\-]+@(?:[A-Za-z_0-9\-]+\.)+[A-Za-z_0-9]{1,6}$/", $email); } function sth($s) { return htmlspecialchars(str_replace( array('\\\\', '\\\'', '\"'), array( '\\', '\'', '"' ), $s), ENT_QUOTES); } function prepare_for_write($data) { foreach ($data as $k=>$v) { $temp = trim($v); $data[$k] = (get_magic_quotes_gpc() ? $v: str_replace( array( '\\', '\'', '"' ), array('\\\\', '\\\'', '\"'), $v)); } $line = implode('|', $data); return $line; } function build_select($name, &$data, $selected, $jstring="", $style="") { $r = ""; if (is_array($data) and !empty($data)) { $r = ''; } return $r; } function build_ass_array_record($value, $key) // format data from db as a record ( associative array) { $output = array(); foreach($key as $k=>$v) { $output[$v] = (current($value)?current($value):'NULL'); next($value); } return $output; } function GFS($src,$start,$stop) { $res = ''; if ($start == '') $res = $src; else if (strpos($src,$start) === false) { $res = ''; return $res; } else $res = substr($src,strpos($src,$start) + strlen($start)); if (($stop != '') && (strpos($res,$stop) !== false)) $res = substr($res,0,strpos($res,$stop)); return $res; } function write_data($record_line, $open_tag, $close_tag, $flag='log') // writing data in log file { global $log_fname, $first_line, $last_line, $lf, $faq_link, $use_linefeed; $buf = ""; $old_data = ""; clearstatcache(); if (!$handle = @fopen($log_fname, "r+")) { if($use_linefeed==false && !chmod($log_fname, 0666)) { echo "Could not open file.".$faq_link; exit; } elseif (!$handle = fopen($log_fname, "r+")) { echo "Could not open file."; exit; } } flock($handle, LOCK_EX); if(filesize($log_fname)==0) { $buf .= $first_line; $buf .= $open_tag.$record_line.$close_tag; $buf .= $last_line; } else { $old_data = fread($handle, filesize($log_fname)); if($flag=="log") { if(strpos($old_data, $close_tag)!==false) { $buf .= str_replace($close_tag, $record_line.$close_tag." ", $old_data); } else { $buf .= str_replace($last_line, $open_tag.$record_line.$close_tag.$last_line, $old_data); } } else { if(strpos($old_data, $close_tag)!==false) { $for_replace = substr ($old_data, strpos($old_data, $open_tag), strpos($old_data, $close_tag)-strpos($old_data, $open_tag)+ strlen($close_tag)); $buf .= str_replace(trim($for_replace),$open_tag.$record_line.$close_tag." ", $old_data); } else { $buf .= str_replace($last_line, $open_tag.$record_line.$close_tag.$last_line, $old_data); } } if(ftruncate($handle, 0)===false) { echo "Failed to truncate file --> last update failed"; exit; } fseek($handle, 0); } if (fwrite($handle, $buf)===FALSE) { echo "Failed to edit file --> last update failed"; exit; } flock($handle, LOCK_UN); fclose($handle); } function html_header($msg='Tell a friend') { global $page_charset; $body_section = ''; $body_section .= ""; $body_section .= ''; $body_section .= "$msg"; $body_section .= ''; $body_section .= ""; return $body_section; } function html_footer() { return ""; } // building tell a friend form HTML function tell_friend_form($labels, $suggested_url="", $msg='', $sender_name="", $sender_from="", $send_to="", $message="") { global $full_path, $current_lang, $default_language_strings, $frames_on, $page_charset,$standalone; global $default_msg, $lf; if(empty($_SESSION) ) int_start_session(); set_session( 'SID_ALLOW_TELLFRIEND', session_id()); if(strpos($suggested_url, "../")!==false) { $full_path_fixed = $full_path; $full_path_fixed = str_replace("/documents", "", $full_path_fixed); $full_path_fixed .= str_replace('..', "", $suggested_url); } else { $full_path_fixed = $full_path."/". str_replace('documents/', "", $suggested_url); } if(isset($labels['include_url']) && ($labels['include_url']=='no') ) { $full_path_fixed = ""; } if($frames_on) { $full_path_fixed = $full_path."/". "tell_friend.php?action=load&language=$current_lang&charset=$page_charset&url=$full_path_fixed"; } $default_message = ($message!=''?$message:(isset($labels['default_message']) && ($labels['default_message']!='NULL')?sth($labels['default_message']).' '.$full_path_fixed:$default_msg.$lf.$full_path_fixed)); if ($standalone == false) { $default_message = str_replace("\r\n","",$default_message); $default_message = str_replace("\r","",$default_message); $default_message = str_replace("\n","",$default_message); } //strpos($suggested_url, "../")===false && empty($msg) $addform_html = '

'; $addform_html .= ' '.(isset($labels['tell_friend'])&&($labels['tell_friend']!='NULL')? $labels['tell_friend'].'
'.$msg: $default_language_strings['tell_friend'].'
'.$msg).'
'; $addform_html .= ''; $addform_html .= ''; $addform_html .= ''; $addform_html .= ''; $addform_html .= ''; $addform_html .= '

'.(isset($labels['your_name'])&&($labels['your_name']!='NULL')?sth($labels['your_name']) :$default_language_strings['your_name']).'*

'.(isset($labels['your_email'])&&($labels['your_email']!='NULL')? sth($labels['your_email']) :$default_language_string['your_email']).'*

'.(isset($labels['recipient_email'])&&($labels['recipient_email']!='NULL')?sth($labels['recipient_email']):$default_language_string['your_email']).'*

'.(isset($labels['message'])&&($labels['message']!='NULL')?sth($labels['message']):$default_language_strings['message']).'*
'; $addform_html .= '

'; if ($standalone) $addform_html .= ' '; $addform_html .= '

'; return $addform_html; } function html_settings_form($language, $labels_data) { global $proj_languages_array, $current_lang, $settings_keys, $default_language_strings, $page_charset; $jstring = "onChange=\"document.location='../documents/tell_friend.php?action=admin&charset=".$page_charset."&language=' + this.options[this.selectedIndex].value;\""; $body_section = "

"; $body_section .= "

"; $body_section .= ""; foreach($labels_data as $k=>$v) { if(array_key_exists($k, $default_language_strings)) { if($k=='required_msg') { $body_section .= ""; } elseif($k=='email_msg') { $body_section .= ""; } elseif($k=='on_fail_msg') { $body_section .= ""; } else if($k=='on_success_msg') { $body_section .= ""; } else { $body_section .= ""; } } } $body_section .= "

LANGUAGE	".build_select("language", $proj_languages_array, $language, $jstring)."
	".'required fields msg'."
	".'email not valid msg'."
	".'fail message'."
	".'success message'."
	".$default_language_strings[$k]."

"; $body_section .= ""; $body_section .= "

".'from address'."
".'subject'."

"; $body_section .= ""; $body_section .= ""; $body_section .= ""; $body_section .= ""; //
You can use %%SENDERNAME%%, %%SENDEREMAIL%%, %%SENDERIP%%, or %%RECIPIENTEMAIL%% to personalize the message that will be send."; $body_section .= ""; $body_section .= "

".'default message'." ".($labels_data['default_message']=='NULL'?"" :sth($labels_data['default_message'])) ."	".'hidden message'." ".($labels_data['hidden_message']=='NULL'?"" :sth($labels_data['hidden_message'])) ."
include page URL in message	allow users to edit message

"; $body_section .= "

"; return $body_section; } function index($suggested_url="") // admin screen { global $current_lang, $settings_keys, $page_charset, $log_fname,$standalone; $body_section = ""; $labels = array(); $labels = get_language_labels($current_lang); if ($standalone) { $body_section .= html_header($labels['tell_friend']);} $body_section .= tell_friend_form($labels, $suggested_url); if ($standalone) { $body_section .= html_footer();} if ($standalone) print $body_section; else print "document.write('".$body_section."');"; } function send($suggested_url) { global $mail_type, $use_linefeed, $current_lang, $lf, $default_language_strings, $return_path, $page_charset; global $log_fname, $standalone; $body_section = ""; $sender_name = $_POST['Sender']; $sender_email = $_POST['Sender_email']; $send_to = $_POST['Recipient_email']; $message = $_POST['Message']; $send_to_array = array ($_POST['Recipient_email']); $sender_ip = (isset($_SERVER['REMOTE_ADDR'])?$_SERVER['REMOTE_ADDR']:"unknown"); $labels = get_language_labels($current_lang); $time = date("d M Y H:i:s"); if(empty($_SESSION) ) int_start_session(); if(!is_logged('SID_ALLOW_TELLFRIEND')) { echo "This is illegal operation.You are not allowed to use this Tell a friend."; exit; } if(isset($_POST['Send'])) { if((empty($_POST['Sender'])) || (empty($_POST['Sender_email'])) || (empty($_POST['Recipient_email'])) || (empty($_POST['Message']))) { $msg = "".(isset($labels['required_msg'])&& ($labels['required_msg']!='NULL')? $labels['required_msg'] :$default_language_strings['required_msg']).""; if ($standalone) { $body_section .= html_header($labels['tell_friend']); } $body_section .= tell_friend_form($labels,$suggested_url, $msg, $sender_name, $sender_email, $send_to, $message); if ($standalone) { $body_section .= html_footer(); } } elseif (!check_email($sender_email) || !check_email($send_to)) { $msg = "".(isset($labels['email_msg'])&& ($labels['email_msg']!='NULL')? $labels['email_msg'] :$default_language_strings['email_msg']) .""; if ($standalone) { $body_section .= html_header($labels['tell_friend']); } $body_section .= tell_friend_form($labels, $suggested_url, $msg, $sender_name, $sender_email, $send_to, $message); if ($standalone) { $body_section .= html_footer(); } } else { if ($standalone) { $body_section .= html_header($labels['tell_friend']); } $message .= $lf.$lf.(isset($labels['hidden_message']) && ($labels['hidden_message']!='NULL')? str_replace( array('\\\\', '\\\'', '\"'), array( '\\', '\'', '"' ), $labels['hidden_message']): ""); $send_from = (isset($labels['from_address']) && ($labels['from_address']!='NULL')? $labels['from_address']: $sender_email); $message = str_replace("%%SENDERNAME%%", $sender_name, $message); $message = str_replace("%%SENDEREMAIL%%", $sender_email, $message); $message = str_replace("%%SENDERIP%%", $sender_ip, $message); $message = str_replace("%%RECIPIENTEMAIL%%", $send_to, $message); $mail = new htmlMimeMail(); if ($use_linefeed) $mail->setCrlf("\r\n"); $mail->setHeadCharset($page_charset); // $mail->setTextCharset($page_charset); // $mail->setSubject(isset($labels['subject']) && ($labels['subject']!='NULL')?str_replace( array('\\\\', '\\\'', '\"'), array( '\\', '\'', '"' ), $labels['subject']): 'I want to share with you'); $mail->setText(str_replace( array('\\\\', '\\\'', '\"'), array( '\\', '\'', '"' ), $message)); $mail->setFrom(str_replace( array('\\\\', '\\\'', '\"'), array( '\\', '\'', '"' ), $send_from)); //if ($return_path != '') $mail->setReturnPath($return_path); if((strpos(strtolower($message),'mime-version')!==false) || (strpos(strtolower($message),'content-type')!==false) ) { $msg = "FAILED - possible dangerous content"; $body_section .= "

".(isset($labels['on_fail_msg']) ?$labels['on_fail_msg'] :$default_language_strings['on_fail_msg']).""; } else { $result = $mail->send($send_to_array, $mail_type); if ($result) { $msg = "SENT"; $body_section .= "

".(isset($labels['on_success_msg'])&&($labels['on_success_msg']!='NULL') ?$labels['on_success_msg'] :$default_language_strings['on_success_msg']).""; } else { $msg = "FAILED"; $body_section .= "

".(isset($labels['on_fail_msg'])&&($labels['on_fail_msg']!='NULL') ?$labels['on_fail_msg'] :$default_language_strings['on_fail_msg']).""; } } if ($standalone) { $body_section .= "

"; } $body_section .= "

"; $record_line = "$time ==> Sender: $sender_email, Sender IP: $sender_ip, Recipient: $send_to, Message: $message ==> Result: $msg".$lf; $record_line = str_replace( array('\\\\', '\\\'', '\"'), array( '\\', '\'', '"' ), $record_line) ; write_data($record_line, '', ''); unset_session('SID_ALLOW_TELLFRIEND'); if ($standalone) { $body_section .= html_footer(); } } } if ($standalone) { print $body_section; } else { $fixed_url = (file_exists($suggested_url)?$suggested_url :'../'.$suggested_url ); $fp = fopen($fixed_url, "r"); $contents = fread($fp, filesize($fixed_url)); fclose($fp); $pattern = '