ruạṛ
<?php /** * Let customer email link to product to a friend * @version 0.9 * @author Robert Urquhart <programmer@activatedesign.co.nz> * @package WEP-CMS */ //these calls will get repeated in template.php so use require_once $data_dir = $_SERVER['DOCUMENT_ROOT'].'/admin/scripts-includes/'; $template_dir = $_SERVER['DOCUMENT_ROOT'].'/resources/template/'; require_once $data_dir.'universal.php'; require_once $template_dir.'functions.php'; /* * start the session (after includes so objects stored in $_SESSION are created properly) */ session_start(); /** * set up database connection * @var resource $connID db connection reference */ $connID=connect_to_db(); /** * suhosin workaround - load session user data * @var object $customer */ $customer = user_load(); //print_r($customer); //else /** * @var string $to_name * @var string $to_email * @var string $from_name * @var string $from_email * @var string $message * @var int $prod_id * @var int $cat_id * @var bool $process * @var string $m * @var string $content * @var bool $fail */ $to_name = $to_email = $from_name = $message = ''; $from_email = $customer->email; $m = $content = ''; $fail = true; if(!$prod_id = is_numeric_id($_POST['prod_id'],0)) { $prod_id = is_numeric_id($_GET['p'],0); } if(!$cat_id = is_numeric_id($_POST['cat_id'],0)) { $cat_id = is_numeric_id($_GET['c'],0); } $p = new product($prod_id); $p->set_category($cat_id); if(!$customer->logged_in || !$p->prod_id) { $four_o_four = true; require_once $template_dir.'template.php'; exit; } //else if(isset($_POST) && !empty($_POST)) { $process = ($_POST['process'] === '1') ? true : false; $from_name = clean_plain_data($_POST['from']); if($from_name == '') { $from_name = $customer->name; } if($from_name == '') { $from_name = $from_email; } $to_name = clean_plain_data($_POST['to']); $to_email = clean_plain_data($_POST['email']); if($to_name == '') { $to_name = $to_email; } $message = clean_plain_data($_POST['message']); if(!is_email($to_email)){ $content .= '<p>Please check the To address.</p>'; } elseif($process) { $fail = false; /* * remove special characters for email */ $to_name = html_entity_decode($to_name,ENT_QUOTES); $from_name = html_entity_decode($from_name,ENT_QUOTES); $message = str_replace('\r\n',"\n",html_entity_decode($message,ENT_QUOTES)); /** * @var string $headers; * @var string $subject * @var string $mailbody */ $headers = "From: \"$from_name\" <$from_email>" . "\n" . "Reply-To: $from_email" . "\n" . "Return-Path: $from_email" . "\n" . 'X-Mailer: PHP/' . phpversion(); $subject = $from_name.' has sent you a link to '.SITE_FROM_NAME; $mailbody = 'Dear '.$to_name.' '.$from_name.' has sent you a link to this '.$p->name.' at '.SITE_FROM_NAME.'. http://'.SITE_ROOT.$p->path ; if($message !='') { $mailbody .= ' They say: '.$message.' '; } $mailbody .= ' Thank you for visiting '.SITE_FROM_NAME; mail($to_email, $subject, $mailbody, $headers); $content = '<p>Thank you, your message has been sent. Send to someone else?</p>'; } else { $content .= '<p>Please check and Send your message or Edit it below.</p> <form method="post" enctype="multipart/form-data" class="preview"> <fieldset> <input type="hidden" name="prod_id" value="'.$prod_id.'" /> <input type="hidden" name="category_id" value="'.$cat_id.'" /> <input type="hidden" name="process" value="1" /> <input type="hidden" name="from" value="'.$from_name.'" /> <input type="hidden" name="to" value="'.$to_name.'" /> <input type="hidden" name="email" value="'.$to_email.'" /> <input type="hidden" name="message" value="'.str_replace('\r\n',"\n",$message).'" /> <p>From: '.$from_name.' ('.$from_email.')</p> <p>To: '.$to_name.' ('.$to_email.')</p> <p>Subject: '.$from_name.' has sent you a link to '.SITE_FROM_NAME.'</p> <p>Dear '.$to_name.'<br /><br />'.$from_name.' has sent you a link to this '.$p->name.' at '.SITE_FROM_NAME.'.<br />http://'.SITE_ROOT.$p->path .'<br /><br />'; if($message !='') { $content .= 'They say: <br />'.nl2br(str_replace('\r\n',"\n",$message)).'<br />'; } $content .= '<br />Thank you for visiting '.SITE_FROM_NAME.'</p> <p class="actions"><input type="submit" value="Send link" class="button" /></p> </fieldset> </form> <h2>Edit message:</h2>'; } } if($from_name == '') { $from_name = $customer->name; } if($from_name == '') { $from_name = $from_email; } $content .= '<form method="post" enctype="multipart/form-data" class="contact"> <fieldset> <input type="hidden" name="prod_id" value="'.$prod_id.'" /> <input type="hidden" name="category_id" value="'.$cat_id.'" /> <p><label for="from">From (name):</label> <input type="text" name="from" id="from" value="'.$from_name.'" /> <br /><span class="info">('.$from_email.')</span></p> <p><label for="to" id="to">To (name):</label> <input type="text" name="to" id="to" value="'.$to_name.'" /></p> <p><label for="email">To (email):</label> <input type="text" name="email" id="email" value="'.$to_email.'" /></p> <p><label for="message">Personal message:</label> <textarea name="message" id="message">'.str_replace('\r\n',"\n",$message).'</textarea><br /> <span class="info">(link will be included automatically)</span> <p class="actions"><input type="submit" value="Preview" class="button" /></p> </fieldset> </form>'; ob_start(); ?> <?php echo '<!DOCTYPE html>'; ?> <html> <head> <title><?php echo ($p->title!='') ? $p->title : $p->name; ?></title> <link rel="stylesheet" type="text/css" href="/resources/template/email_product.css" /> <link rel="stylesheet" type="text/css" href="/resources/template/print_hide.css" media="print" /> </head> <body> <h1>Email <?php echo $p->name; ?></h1> <?php echo $content; ?> </body> </html> <?php ob_end_flush(); exit; ?>
cải xoăn