Obsidian wrote:Is there a version of this MOD that is ready to use with the 3.0.6 CAPTCHA system?
Code: Select all
<?php
/**
*
* @package phpBB3
* @version 1.0.5
* @copyright (c) 2009 RMcGirr83
* @copyright (c) 2007 eviL<3
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
/**
* @ignore
*/
define('IN_PHPBB', true);
$phpbb_root_path = './';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
include($phpbb_root_path . 'common.' . $phpEx);
include($phpbb_root_path . 'includes/constants_contact.' . $phpEx);
include($phpbb_root_path . 'includes/functions_contact.' . $phpEx);
include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
// Start session management
$user->session_begin();
$auth->acl($user->data);
// language(s) we need...why re-invent the wheel?
$user->setup(array('mods/contact','ucp','posting'));
// Database update/install handling
$contact_version = '1.0.5a';
if (!isset($config['contact_version']))
{
install_contact($contact_version);
}
elseif (version_compare($config['contact_version'], $contact_version, '<'))
{
update_contact($contact_version);
}
// If contact method is invalid, it will default to email
// this should never occur
if (!in_array($config['contact_method'], array(CONTACT_METHOD_EMAIL, CONTACT_METHOD_POST, CONTACT_METHOD_PM)))
{
set_config('contact_method', CONTACT_METHOD_EMAIL);
}
// Trigger error if board email and/or contact are disabled
if ((!$config['email_enable'] && $config['contact_method'] == CONTACT_METHOD_EMAIL) || !$config['contact_enable'])
{
if (!$config['email_enable'] && $config['contact_method'] == CONTACT_METHOD_EMAIL)
{
// disable the contact mod
set_config('contact_enable', 0);
}
$message = sprintf($user->lang['CONTACT_MAIL_DISABLED'], '<a href="mailto:' . $config['board_contact'] . '">', '</a>');
// show message that contact form is disabled
trigger_error($message);
}
// Only have contact confirmation for guests, if the option is enabled
if ($user->data['user_id'] != ANONYMOUS && $config['contact_confirm_guests'])
{
$config['contact_confirm'] = false;
}
// check to make sure the contact bot forum is legit for posting
// has to be able to accept posts
if (in_array($config['contact_method'], array(CONTACT_METHOD_POST)))
{
// from includes/functions_contact.php
// check to make sure forum is, ermmm, forum
// not link and not cat
// this will also check to make sure the bot in the ACP
// has the correct auths for the forum
contact_check($config['contact_bot_forum'], 'contact_check_forum');
}
elseif(in_array($config['contact_method'], array(CONTACT_METHOD_EMAIL, CONTACT_METHOD_PM)))
{
// quick check to ensure our "bot" is good
contact_check('', 'contact_check_bot');
}
// Our request variables
$submit = (isset($_POST['submit'])) ? true : false;
$preview = (isset($_POST['preview'])) ? true : false;
//a variable
$date = gmstrftime ("%A %d-%b-%y %T %Z", time());
$s_hidden_fields = '';
// bbcode and smilies allowed?
// not for emails...at least don't show the buttons/icons
$bbcodes_allowed = ($config['contact_bbcodes_allowed'] && $config['contact_method'] != CONTACT_METHOD_EMAIL) ? true : false;
$smilies_allowed = ($bbcodes_allowed && $config['contact_smilies_allowed']) ? true : false;
$urls_allowed = true;
// captcha triggers
$solved_captcha = $solved_abq = false;
// add the form key
add_form_key('contact');
// our data array
$contact_data = array(
'contact_name' => ($user->data['user_id'] != ANONYMOUS) ? $user->data['username'] : utf8_normalize_nfc(request_var('contact_name', '', true)),
'contact_email' => ($user->data['user_id'] != ANONYMOUS) ? $user->data['user_email'] : strtolower(request_var('contact_email', '')),
'contact_email_confirm' => ($user->data['user_id'] != ANONYMOUS) ? $user->data['user_email'] : strtolower(request_var('contact_email_confirm', '')),
'contact_reason' => utf8_normalize_nfc(request_var('contact_reason', '', true)),
'contact_subject' => utf8_normalize_nfc(request_var('contact_subject', '', true)),
'contact_message' => utf8_normalize_nfc(request_var('message', '', true)),
);
$c_error = array();
// &*^@#ING CAPTCHA
// Visual Confirmation - The CAPTCHA kicks in here
if ($config['contact_confirm'])
{
include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx);
$captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']);
$captcha->init(CONFIRM_CONTACT);
if ($submit)
{
$vc_response = $captcha->validate();
if ($vc_response !== false)
{
$c_error[] = $vc_response;
}
// Make sure we're all good.
if (!sizeof($c_error))
{
$captcha->reset();
}
else if ($captcha->is_solved())
{
$s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
}
}
if (!$captcha->is_solved())
{
// Make sure we've not submitted it too many times
if ($config['contact_max_attempts'] && ($captcha->get_attempt_count() > $config['contact_max_attempts']))
{
$message = $user->lang['CONTACT_TOO_MANY'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
trigger_error($message);
}
}
// if the form was not yet submitted or the CAPTCHA was not solved ...
if (!$submit || !$captcha->is_solved())
{
// ... display the CAPTCHA
$template->assign_vars(array(
'S_CONFIRM_CODE' => true,
'CAPTCHA_TEMPLATE' => $captcha->get_template(),
));
}
}
// YEAH for includes/ucp/ucp_register.php and posting.php!! :)
if ($submit || $preview)
{
// $submit, ermmm, submitted, let's check our inputs
$error = validate_data($contact_data, array(
'contact_name' => array('string', false, $config['min_name_chars'], $config['max_name_chars']),
'contact_email' => array('string', false, 6, 60),
'contact_email_confirm' => array('string', false, 6, 60),
));
// Replace "error" strings with their real, localised form
$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
$error = array_merge($error, $c_error);
// check form
if (!check_form_key('contact'))
{
$error[] = $user->lang['FORM_INVALID'];
}
// BEGIN Anti Bot Mod by CoC addon
if (isset($config['enable_abquestion']) && ($config['enable_abquestion'] && $config['contact_confirm']))
{
$ab_question = strtolower(request_var('ab_question', '', true));
if ($ab_question == '')
{
$error[] = $user->lang['AB_NO_ANSWER'];
}
elseif ($ab_question != strtolower($config['abanswer']) && $contact_data['ab_question'] != strtolower($config['abanswer2']))
{
$error[] = $user->lang['AB_QUESTION_ERROR'];
}
else
{
$solved_abq = true;
}
}
// END Anti Bot Mod by CoC addon
if (!sizeof($error))
{
// Validate message and subject
// and reason and email
// and lions and bears, oh my!!
if (empty($contact_data['contact_subject']))
{
$error[] = $user->lang['CONTACT_NO_SUBJ'];
}
if (empty($contact_data['contact_message']))
{
$error[] = $user->lang['CONTACT_NO_MSG'];
}
if (!empty($config['contact_reasons']) && !in_array($contact_data['contact_reason'], explode("\n", $config['contact_reasons'])))
{
$error[] = $user->lang['CONTACT_NO_REASON'];
}
if ($contact_data['contact_email'] != $contact_data['contact_email_confirm'])
{
$error[] = $user->lang['NEW_EMAIL_ERROR'];
}
}
if ($submit && !sizeof($error))
{
// No errors, let's send the message :)
if (!empty($config['contact_reasons']))
{
$subject = '[' . htmlspecialchars_decode($contact_data['contact_reason']) . '] ' . $contact_data['contact_subject'];
}
else
{
$subject = $contact_data['contact_subject'];
}
if ($config['contact_method'] != CONTACT_METHOD_POST)
{
$sql_where = '';
// Only founders...maybe
if ($config['contact_founder_only'])
{
$sql_where .= ' WHERE user_type = ' . USER_FOUNDER;
}
else
{
// Grab an array of user_id's with admin permissions
$admin_ary = $auth->acl_get_list(false, 'a_', false);
$admin_ary = (!empty($admin_ary[0]['a_'])) ? $admin_ary[0]['a_'] : array();
if ($config['contact_method'] == CONTACT_METHOD_EMAIL && sizeof($admin_ary))
{
$sql_where .= ' WHERE ' . $db->sql_in_set('user_id', $admin_ary) . ' AND user_allow_viewemail = 1';
}
elseif ($config['contact_method'] == CONTACT_METHOD_PM && sizeof($admin_ary))
{
$sql_where .= ' WHERE ' . $db->sql_in_set('user_id', $admin_ary) . ' AND user_allow_pm = 1';
}
}
// teh sql
$sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type
FROM ' . USERS_TABLE . ' ' .
$sql_where;
$result = $db->sql_query($sql);
$contact_users = array();
// Loop through our results
while ($row = $db->sql_fetchrow($result))
{
$contact_users[] = $row;
}
$db->sql_freeresult($result);
// we didn't get a soul
if (!sizeof($contact_users))
{
// we have no one to send anything to
// notify the board default
contact_check('', 'contact_nobody');
}
}
if (in_array($config['contact_method'], array(CONTACT_METHOD_PM, CONTACT_METHOD_POST)))
{
// change user auths and post count....momentarily
$contact_perms = contact_change_auth($config['contact_bot_user']);
$user_name = ($config['contact_bot_poster'] == CONTACT_POST_GUEST || $config['contact_bot_poster'] == CONTACT_POST_ALL) ? $user->data['username'] : htmlspecialchars_decode($contact_data['contact_name']);
// Parse the text with the bbcode parser and write into $text
$text = $contact_data['contact_message'];
$text = sprintf($user->lang['CONTACT_TEMPLATE'], $contact_data['contact_name'], $contact_data['contact_email'], $user->ip, $date, $contact_data['contact_subject'], $contact_data['contact_reason'], $text);
$uid = $bitfield = $options = ''; // will be modified by generate_text_for_storage
generate_text_for_storage($text, $uid, $bitfield, $options, $bbcodes_allowed, $urls_allowed, $smilies_allowed);
$text = generate_text_for_display($text, $uid, $bitfield, $options, $bbcodes_allowed, $urls_allowed, $smilies_allowed);
}
switch ($config['contact_method'])
{
case CONTACT_METHOD_PM:
// Send using PMs
// Thanks to Handymans handy tutorial :D
if (!function_exists('submit_pm'))
{
include($phpbb_root_path . 'includes/functions_privmsgs.' . $phpEx);
}
$pm_data = array(
'from_user_id' => $user->data['user_id'],
'icon_id' => 0,
'from_user_ip' => $user->data['user_ip'],
'from_username' => $user_name,
'enable_sig' => false,
'enable_bbcode' => (bool) $bbcodes_allowed,
'enable_smilies' => (bool) $smilies_allowed,
'enable_urls' => (bool) $urls_allowed,
'bbcode_bitfield' => $bitfield,
'bbcode_uid' => $uid,
'message' => $text,
'message_attachment' => 0,
);
// Loop through our list of users
for ($i = 0, $size = sizeof($contact_users); $i < $size; $i++)
{
$pm_data['address_list'] = array('u' => array($contact_users[$i]['user_id'] => 'to'));
submit_pm('post', $subject, $pm_data, false);
}
break;
case CONTACT_METHOD_POST:
// Create a new post
// Many thanks to paul999 for helping me with this! evil<3
// updated to 3.0.4 - RMcGirr83
if(!function_exists('submit_post'))
{
include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
}
$sql = 'SELECT forum_name
FROM ' . FORUMS_TABLE . '
WHERE forum_id = ' . (int) $config['contact_bot_forum'];
$result = $db->sql_query($sql);
$forum_name = $db->sql_fetchfield('forum_name');
$db->sql_freeresult($result);
$post_data = array(
'forum_id' => (int) $config['contact_bot_forum'],
'icon_id' => false,
'enable_sig' => true,
'enable_bbcode' => (bool) $bbcodes_allowed,
'enable_smilies' => (bool) $smilies_allowed,
'enable_urls' => (bool) $urls_allowed,
'message' => $text,
'message_md5' => (string) md5($text),
'bbcode_bitfield' => $bitfield,
'bbcode_uid' => $uid,
'poster_ip' => $user->ip,
'post_edit_locked' => 0,
'topic_title' => $subject,
'notify_set' => false,
'notify' => false,
'post_time' => time(),
'forum_name' => $forum_name,
'enable_indexing' => false,
);
$poll = array();
// Submit the post!
submit_post('post', $subject, $user_name, POST_NORMAL, $poll, $post_data);
break;
case CONTACT_METHOD_EMAIL:
default:
// Send using email (default)
$email_message = htmlspecialchars_decode($contact_data['contact_message']);
// Some of the code borrowed from includes/ucp/ucp_register.php
// The first argument of messenger::messenger() decides if it uses the message queue (which we will)
include($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
$messenger = new messenger(true);
// Email headers
$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
$messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
$messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
// Loop through our list of users
for ($i = 0, $size = sizeof($contact_users); $i < $size; $i++)
{
$messenger->template('contact', $contact_users[$i]['user_lang']);
$messenger->to($contact_users[$i]['user_email'], $contact_users[$i]['username']);
$messenger->im($contact_users[$i]['user_jabber'], $contact_users[$i]['username']);
$messenger->from($contact_data['contact_email']);
$messenger->replyto($contact_data['contact_email']);
$messenger->assign_vars(array(
'ADM_USERNAME' => htmlspecialchars_decode($contact_users[$i]['username']),
'SITENAME' => htmlspecialchars_decode($config['sitename']),
'USER_IP' => $user->ip,
'USERNAME' => htmlspecialchars_decode($contact_data['contact_name']),
'USER_EMAIL' => htmlspecialchars_decode($contact_data['contact_email']),
'SUBJECT' => htmlspecialchars_decode($contact_data['contact_subject']),
'MESSAGE' => $email_message,
));
$messenger->send($contact_users[$i]['user_notify_type']);
}
// Save emails in the queue to prevent timeouts
$messenger->save_queue();
break;
}
if (in_array($config['contact_method'], array(CONTACT_METHOD_PM, CONTACT_METHOD_POST)))
{
//Restore users original permissions and post count
contact_change_auth('', 'restore', $contact_perms);
}
// Everything went fine, output a confirmation page
$meta_info = append_sid("{$phpbb_root_path}index.$phpEx");
meta_refresh(5, $meta_info);
$message = $user->lang['CONTACT_MSG_SENT'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
trigger_error($message);
}
}
// Preview
// posting to the rescue once again!!
if ($preview && !sizeof($error))
{
include($phpbb_root_path . 'includes/message_parser.' . $phpEx);
$text = sprintf($user->lang['CONTACT_TEMPLATE'], $contact_data['contact_name'], $contact_data['contact_email'], $user->ip, $date, $contact_data['contact_subject'], $contact_data['contact_reason'], $contact_data['contact_message']);
$message_parser = new parse_message();
$message_parser->message = $text;
$message_parser->parse($bbcodes_allowed, ($config['allow_post_links']) ? $urls_allowed : false, $smilies_allowed, false, false, false, $config['allow_post_links']);
$preview_message = $message_parser->format_display($bbcodes_allowed, $urls_allowed, $smilies_allowed, false);
if (!empty($config['contact_reasons']))
{
$preview_subject = '[' . htmlspecialchars_decode($contact_data['contact_reason']) . '] ' . $contact_data['contact_subject'];
}
else
{
$preview_subject = $contact_data['contact_subject'];
}
$preview_subject = censor_text($preview_subject);
if (!sizeof($error))
{
$template->assign_vars(array(
'PREVIEW_SUBJECT' => $preview_subject,
'PREVIEW_MESSAGE' => $preview_message,
'S_DISPLAY_PREVIEW' => true)
);
}
}
// Visual Confirmation - The CAPTCHA kicks in here
/*
if ($config['contact_confirm'])
{
include($phpbb_root_path . 'includes/captcha/captcha_factory.' . $phpEx);
$captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']);
$captcha->init(CONFIRM_CONTACT);
if ($submit)
{
$vc_response = $captcha->validate($data);
if ($vc_response !== false)
{
$error[] = $vc_response;
}
// Make sure we're all good.
if (!sizeof($error))
{
$captcha->reset();
}
else if ($captcha->is_solved())
{
$s_hidden_fields .= build_hidden_fields($captcha->get_hidden_fields());
}
}
if (!$captcha->is_solved())
{
// Make sure we've not submitted it too many times
if ($config['contact_max_attempts'] && ($captcha->get_attempt_count() > $config['contact_max_attempts']))
{
$message = $user->lang['CONTACT_TOO_MANY'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
trigger_error($message);
}
}
// if the form was not yet submitted or the CAPTCHA was not solved ...
if (!$submit || !$captcha->is_solved())
{
// ... display the CAPTCHA
$template->assign_vars(array(
'S_CONFIRM_CODE' => true,
'CAPTCHA_TEMPLATE' => $captcha->get_template(),
));
}
}*/
/*if ($config['contact_confirm'] && $solved_captcha === false)
{
$sql = 'SELECT COUNT(session_id) AS attempts
FROM ' . CONFIRM_TABLE . "
WHERE session_id = '" . $db->sql_escape($user->session_id) . "'
AND confirm_type = " . CONFIRM_CONTACT;
$result = $db->sql_query($sql);
$attempts = (int) $db->sql_fetchfield('attempts');
$db->sql_freeresult($result);
if ($config['contact_max_attempts'] && $attempts > $config['contact_max_attempts'])
{
// this could be better...
// don't have to wait after failing to answer the captcha
// but at least make the user think they do
// @ todo..confirm table is truncated on a regular basis? Not sure still have to check
// leave it for now
$sql = 'DELETE FROM ' . CONFIRM_TABLE . "
WHERE session_id = '" . $db->sql_escape($user->session_id) . "'
AND confirm_type = " . CONFIRM_CONTACT;
$db->sql_query($sql);
// show a message
$meta_info = append_sid("{$phpbb_root_path}index.$phpEx");
meta_refresh(5, $meta_info);
$message = $user->lang['CONTACT_TOO_MANY'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>');
trigger_error($message);
}
$code = gen_rand_string(mt_rand(5, 8));
$confirm_id = md5(unique_id($user->ip));
$seed = hexdec(substr(unique_id(), 4, 10));
// compute $seed % 0x7fffffff
$seed -= 0x7fffffff * floor($seed / 0x7fffffff);
$sql = 'INSERT INTO ' . CONFIRM_TABLE . ' ' . $db->sql_build_array('INSERT', array(
'confirm_id' => (string) $confirm_id,
'session_id' => (string) $user->session_id,
'confirm_type' => (int) CONFIRM_CONTACT,
'code' => (string) $code,
'seed' => (int) $seed)
);
$db->sql_query($sql);
$template->assign_vars(array(
'S_CONFIRM_CODE' => true,
'CONFIRM_ID' => $confirm_id,
'CONFIRM_IMAGE' => '<img src="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=confirm&id=' . $confirm_id . '&type=' . CONFIRM_CONTACT) . '" alt="" title="" />',
'L_CONTACT_CONFIRM_EXPLAIN' => sprintf($user->lang['POST_CONFIRM_EXPLAIN'], '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>'),
));
}*/
// BEGIN ABD question addon
if (($config['enable_abquestion'] && $config['contact_confirm']) && $solved_abq === false)
{
$ab_question = '';
$template->assign_vars(array(
'S_AB_QUESTION' => true,
'L_AB_QUESTION' => $config['abquestion'],
'AB_QUESTION' => $ab_question,
));
}
// END ABD question addon
// BEGIN AB question addon
// Add the ab question to the hidden fields, else an error is displayed on next submit/preview
if ($solved_abq !== false)
{
$s_hidden_fields .= build_hidden_fields(array(
'ab_question' => strtolower(request_var('ab_question', '', true)))
);
}
// END AB question addon
// output the display
$template->assign_vars(array(
'CONTACT_NAME' => $contact_data['contact_name'],
'CONTACT_EMAIL' => $contact_data['contact_email'],
'CONTACT_EMAIL_CONFIRM' => $contact_data['contact_email_confirm'],
'CONTACT_REASONS' => (!empty($config['contact_reasons'])) ? contact_make_select(explode("\n", $config['contact_reasons']), $contact_data['contact_reason']) : '',
'CONTACT_SUBJECT' => $contact_data['contact_subject'],
'CONTACT_MESSAGE' => $contact_data['contact_message'],
'L_CONTACT_YOUR_NAME_EXPLAIN' => sprintf($user->lang['CONTACT_YOUR_NAME_EXPLAIN'], $config['min_name_chars'], $config['max_name_chars']),
'L_CONTACT_MSG_BODY_EXPLAIN' => ($user->data['is_registered']) ? $user->lang['CONTACT_MSG_BODY_EXPLAIN'] : '',
'S_CONFIRM_REFRESH' => ($config['enable_confirm'] && $config['confirm_refresh']) ? true : false,
'S_BBCODE_ALLOWED' => $bbcodes_allowed,
'S_SMILIES_ALLOWED' => $smilies_allowed,
'S_HIDDEN_FIELDS' => $s_hidden_fields,
'S_ERROR' => (isset($error) && sizeof($error)) ? implode('<br />', $error) : '',
'S_CONTACT_ACTION' => append_sid("{$phpbb_root_path}contact.$phpEx",'', true, $user->session_id),
));
// we allow bbcodes...show them
if ($bbcodes_allowed)
{
if (!function_exists('display_custom_bbcodes'))
{
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);
}
// Build custom bbcodes array
display_custom_bbcodes();
}
// we allow smilies too
if ($smilies_allowed)
{
if (!function_exists('generate_smilies'))
{
include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
}
// Generate smiley listing
generate_smilies('inline', 0);
}
// Output the page
page_header($user->lang['CONTACT_BOARD_ADMIN']);
$template->set_filenames(array(
'body' => 'contact_body.html')
);
page_footer();
?>