setPageTitle(WT_I18N::translate('webtrees Message'));
$to_user_id=get_user_id($to);
// Only admins can send broadcast messages
if ((!$to_user_id || $to=='all' || $to=='last_6mo' || $to=='never_logged') && !WT_USER_IS_ADMIN) {
// TODO, what if we have a user called "all" or "last_6mo" or "never_logged" ???
Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger')->addMessage(WT_I18N::translate('Message was not sent'));
$controller->pageHeader();
$controller->addInlineJavascript('window.opener.location.reload(); window.close();');
exit;
}
$errors='';
// Is this message from a member or a visitor?
if (WT_USER_ID) {
$from=WT_USER_NAME;
} else {
// Visitors must provide a valid email address
if ($from_email && (!preg_match("/(.+)@(.+)/", $from_email, $match) || function_exists('checkdnsrr') && checkdnsrr($match[2])===false)) {
$errors.='
'.WT_I18N::translate('Please enter a valid email address.').'
';
$action='compose';
}
// Do not allow anonymous visitors to include links to external sites
if (preg_match('/(?!'.preg_quote(WT_SERVER_NAME, '/').')(((?:ftp|http|https):\/\/)[a-zA-Z0-9.-]+)/', $subject.$body, $match)) {
$errors.=
''.WT_I18N::translate('You are not allowed to send messages that contain external links.').'
'.
''./* I18N: e.g. "You should delete the “http://” from “http://www.example.com” and try again." */ WT_I18N::translate('You should delete the “%1$s” from “%2$s” and try again.', $match[2], $match[1]).'
'.
AddToLog('Possible spam message from "'.$from_name.'"/"'.$from_email.'", IP="'.$_SERVER['REMOTE_ADDR'].'", subject="'.$subject.'", body="'.$body.'"', 'auth');
$action='compose';
}
$from=$from_email;
}
// Ensure the user always visits this page twice - once to compose it and again to send it.
// This makes it harder for spammers.
// We must write all session variables *before* we display the page header.
switch ($action) {
case 'compose':
$WT_SESSION->good_to_send=true;
break;
case 'send':
// Only send messages if we've come straight from the compose page.
if ($WT_SESSION->good_to_send) {
unset($WT_SESSION->good_to_send);
} else {
AddToLog('Attempt to send message without visiting the compose page. Spam attack?', 'auth');
$action='compose';
}
break;
default:
unset($WT_SESSION->good_to_send);
break;
}
switch ($action) {
case 'compose':
$controller
->pageHeader()
->addInlineJavascript('
function checkForm(frm) {
if (frm.subject.value=="") {
alert("'.WT_I18N::translate('Please enter a message subject.').'");
document.messageform.subject.focus();
return false;
}
if (frm.body.value=="") {
alert("'.WT_I18N::translate('Please enter some message text before sending.').'");
document.messageform.body.focus();
return false;
}
return true;
}
');
echo '';
echo $errors;
if (!WT_USER_ID) {
echo '
', WT_I18N::translate('Please Note: Private information of living individuals will only be given to family relatives and close friends. You will be asked to verify your relationship before you will receive any private data. Sometimes information of dead persons may also be private. If this is the case, it is because there is not enough information known about the person to determine whether they are alive or not and we probably do not have more information on this person.
Before asking a question, please verify that you are inquiring about the correct person by checking dates, places, and close relatives. If you are submitting changes to the genealogical data, please include the sources where you obtained the data.');
}
echo '
';
if ($method=='messaging2') {
echo WT_I18N::translate('When you send this message you will receive a copy sent via email to the address you provided.');
}
echo '
', WT_I18N::translate('Close Window'), '';
break;
case 'send':
if ($from_email) {
$from = $from_email;
}
$toarray = array($to);
if ($to == 'all') {
$toarray = get_all_users();
}
if ($to == 'never_logged') {
$toarray = array();
foreach (get_all_users() as $user_id=>$user_name) {
// SEE Bug [ 1827547 ] Message to inactive users sent to newcomers
if (get_user_setting($user_id,'verified_by_admin') && get_user_setting($user_id, 'reg_timestamp') > get_user_setting($user_id, 'sessiontime')) {
$toarray[$user_id] = $user_name;
}
}
}
if ($to == 'last_6mo') {
$toarray = array();
$sixmos = 60*60*24*30*6; //-- timestamp for six months
foreach (get_all_users() as $user_id=>$user_name) {
// SEE Bug [ 1827547 ] Message to inactive users sent to newcomers
if (get_user_setting($user_id,'sessiontime')>0 && (time() - get_user_setting($user_id, 'sessiontime') > $sixmos)) {
$toarray[$user_id] = $user_name;
}
//-- not verified by registration past 6 months
else if (!get_user_setting($user_id, 'verified_by_admin') && (time() - get_user_setting($user_id, 'reg_timestamp') > $sixmos)) {
$toarray[$user_id] = $user_name;
}
}
}
$i = 0;
foreach ($toarray as $indexval => $to) {
$message = array();
$message['to']=$to;
$message['from']=$from;
if (!empty($from_name)) {
$message['from_name'] = $from_name;
$message['from_email'] = $from_email;
}
$message['subject'] = $subject;
$message['body'] = $body;
$message['created'] = time();
$message['method'] = $method;
$message['url'] = $url;
if ($i>0) $message['no_from'] = true;
if (addMessage($message)) {
Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger')->addMessage(WT_I18N::translate('Message successfully sent to %s', htmlspecialchars($to)));
} else {
Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger')->addMessage(WT_I18N::translate('Message was not sent'));
AddToLog('Unable to send message. FROM:'.$from.' TO:'.$to.' (failed to send)', 'error');
}
$i++;
}
$controller
->pageHeader()
->addInlineJavascript('window.opener.location.reload(); window.close();');
break;
}