Файл: write.php
Строк: 439
<?php
error_reporting(0);
include_once('./versions.inc');
$key=preg_replace('~[^0-9]~','',$_GET['key']); $er=true;
$ms=ms_connect(1);
include_once('./key.inc');
if ($er) {
p_begin(w2u('Ошибка'),'center');
echo w2u('Неверно введены данные..').$br.$_hr.$br.'<a href="index.php'.$_v1.'">'.w2u('Главная').'</a>'.$br;
p_end('center');
} else {
$send=$_GET['send'];
if ($send<>'1') {
p_begin($user['login'].w2u('@').$user['domain'].' - '.w2u('Написать'));
$usr='@'; $subject=out_ms($user['subject']); if ($wml) {$subject=dol($subject);}
$action=$_GET['action'];
if ($action=='reply') {
$box=$_GET['box']; $id=preg_replace('~[^0-9]~','',$_GET['id']);
if ($box<>'inbox' && $box<>'outbox') {$box='';}
if ($box<>null && $id<>null) {
$res=ms_q("Select * From `".$box."` Where `user`='".$user['id']."' And `id`='".$id."' Limit 1");
if (ms_num($res)==1) {
$mail=ms_data($res);
if ($subject==null) {$subject='Re: '.out_ms($mail['subject']); if ($wml) {$subject=dol($subject);}}
if ($box=='outbox') {$usr=out_ms($mail['to']);} else {$usr=out_ms($mail['from']);}
if ($usr<>null) {
preg_match('~.*<(.*)>.*~',$usr,$ar);
if ($ar[1]<>null) {$usr=$ar[1];}
}
}
}
}
echo '<a href="help.php?p=4&key='.$key.$_v2.'">'.w2u('Транслит').'</a>'.$br.$_hr;
if (!$wml) {echo '<form action="write.php?key='.$key.'&send=1" enctype="multipart/form-data" method="post">';}
else {echo $br;}
echo $_star.w2u('Кому:').$br;
$res=ms_q("Select * From `contacts` Where `user`='".$user['id']."' And `show`='1'");
if (ms_num($res)>0) {
echo '<select name="contact"><option value="0">---</option>';
$contacts=ms_data_full($res);
for ($i=0;$i<count($contacts);$i++) {
if ($contacts[$i]['name']<>null) {$name=out_ms($contacts[$i]['name']);} else {$name=$contacts[$i]['mail'];}
if ($wml) {$name=dol($name);}
echo '<option value="'.$contacts[$i]['id'].'">'.$name.'</option>';
}
echo '</select>'.$br.w2u('или на E-Mail:').$br;
}
echo '<input type="text" name="to" value="'.$usr.'"'.$_s.'>'.$br.w2u('Тема:').$br.'<input type="text" name="subject" value="'.$subject.'"'.$_s.'>'.$br;
if (!$wml) {echo '<input type="checkbox" name="tr_subject" value="1">'.w2u('Транслит');}
else {echo '<select name="tr_subject" multiple="true" value="0"><option value="1">'.w2u('Транслит').'</option></select>';}
echo $br.w2u('Вложение (URL):').$br.'<input type="text" name="att" value="http://"'.$_s.'>'.$br;
if (!$wml) {echo w2u('Вложение (File):').$br.'<input type="file" name="att_file">'.$br;}
echo $_star.w2u('Сообщение:').$br.'<input type="text" name="text" value=""'.$_s.'>'.$br;
if (!$wml) {echo '<input type="checkbox" name="tr_text" value="1">'.w2u('Транслит');} else {echo '<select name="tr_text" multiple="true" value="0"><option value="1">'.w2u('Транслит').'</option></select>';}
$chrs=$user['charset']; $iv1=''; $iv2=''; $iv3='';
if (!$wml) {
if ($chrs=='koi8-r') {$iv1=' selected';} elseif ($chrs=='win-1251') {$iv2=' selected';}
elseif ($chrs=='utf-8') {$iv3=' selected';}
echo $br.w2u('Кодировка:').$br.'<select name="charset"><option value="koi8-r"'.$iv1.'>Koi8-R</option><option value="win-1251"'.$iv2.'>Windows-1251</option><option value="utf-8"'.$iv3.'>Utf-8</option></select>'.$br;
} else {
echo $br.w2u('Кодировка:').$br.'<select name="charset" value="'.$chrs.'"><option value="koi8-r">Koi8-R</option><option value="win-1251">Windows-1251</option><option value="utf-8">Utf-8</option></select>'.$br;
}
if ($wml) {
echo '<anchor>'.w2u('Отправить').'<go href="write.php?key='.$key.'&send=1&wml" method="post"><postfield name="contact" value="$(contact)"/><postfield name="to" value="$(to)"/><postfield name="subject" value="$(subject)"/><postfield name="tr_subject" value="$(tr_subject)"/><postfield name="att" value="$(att)"/><postfield name="text" value="$(text)"/><postfield name="tr_text" value="$(tr_text)"/><postfield name="charset" value="$(charset)"/></go></anchor>'.$br;
} else {
echo '<input type="submit" value="'.w2u('Отправить').'"></form>';
}
echo $_hr.$br.$_tr.' <a href="inbox.php?key='.$key.$_v2.'">'.w2u('Входящие').'</a>'.$br.$_tr.' <a href="outbox.php?key='.$key.$_v2.'">'.w2u('Исходящие').'</a>'.$br.$_tr.' <a href="main.php?key='.$key.$_v2.'">'.w2u('Главная').'</a>'.$br.$_tr.' <a href="exit.php?key='.$key.$_v2.'">'.w2u('Выход').'</a>'.$br;
p_end();
} else {
$to=preg_replace('~[^0-9a-z-@.]~i','',$_POST['to']); $contact=preg_replace('~[^0-9]~','',$_POST['contact']);
$subject=$_POST['subject']; $tr_subject=$_POST['tr_subject']; $att=del($_POST['att']);
$text=$_POST['text']; $tr_text=$_POST['tr_text']; $charset=$_POST['charset'];
preg_match('~^([0-9a-z-.]*)@([0-9a-z-.]*)$~i',$to,$ar);
if (strlen($ar[1])<2 || strlen($ar[2])<5 || strpos($ar[2],'.')===false) {$to='';}
$fsz=0;
if (strpos($att,'/')===strlen($att)-1) {$att='';}
if (strtolower($att)=='http://') {$att='';}
if ($att<>null) {
if (strpos(strtolower($att),'http://')!==0) {$att='http://'.$att;}
preg_match('~^http://([^/]*)(/.*)$~i',$att,$url);
if ($url[1]<>null && $url[2]<>null) {
if ($f=fsockopen($url[1],80,$e,$e,2)) {
fputs($f,"HEAD $url[2] HTTP/1.1rnHost: $url[1]rnConnection: closernContent-Type: application/x-www-form-urlencodedrnrn");
$txt='';
while (!feof($f)) {$txt.=fgets($f,1024);}
fclose($f); $txt=strtolower($txt);
if (strpos($txt,'content-length:')!==false) {
eregi('content-length: ([0-9]*)',$txt,$rst);
$fsz=trim($rst[1]);
}
}
}
}
$contact_mail='';
if ($contact<>null) {
$res=ms_q("Select * From `contacts` Where `user`='".$user['id']."' And `show`='1' And `id`='".$contact."' Limit 1");
if (ms_num($res)==1) {
$contact_mail=ms_data($res,'mail');
}
}
if ($tr_text==1 && $text<>null) {$text=iconv('windows-1251','utf-8',translit($text));}
if (($to<>null || $contact_mail<>null) && $text<>null && (($att<>null && $fsz>0 && $fsz<=512000) || ($att==null && $fsz==0))) {
$t1=array('3gp','midi','mid','wav','amr','bmp','jpeg','jpg','gif',
'png','wbmp','sdt','scs','ldb','jad','jar','mp3','mmf','txt','thm',
'sis','mp3','avi','rar','zip','wml','htm','html','doc','exe','class',
'ogg','pdf','swf','tar','xml','ram','rm','tiff','tif','djvu','djv',
'ico','css','rtf','wmls','mov','vcf','vcs','imy','app','bmx','mp4','mpeg');
$t2=array('video/3gpp','audio/midi','audio/midi','audio/wav','audio/amr',
'image/bmp','image/jpeg','image/jpeg','image/gif','image/png',
'image/vnd.wap.wbmp','application/vnd.siemens-mp.theme',
'application/vnd.siemens-mp.skin','application/vnd.siemens-mp.t9db',
'text/vnd.sun.j2me.app-descriptor','application/java-archive','application/mp3',
'application/vnd.smaf','text/plain','application/vnd.eri.thm',
'application/vnd.symbian.install','audio/mpeg','video/x-msvideo',
'application/x-rar-compressed','application/zip','text/vnd.wap.wml',
'text/html','text/html','application/msword',
'application/octet-stream','application/octet-stream','application/ogg',
'application/pdf','application/x-shockwave-flash','application/x-tar',
'application/xml','audio/x-pn-realaudio','application/vnd.rn-realmedia',
'image/tiff','image/tiff','image/vnd.djvu','image/vnd.djvu','image/x-icon',
'text/css','text/rtf','text/vnd.wap.wmlscript','video/quicktime',
'text/x-vCalendar','text/x-vCard','audio/imelody','application/vnd.symbian.install',
'image/bmp','video/3gpp','video/mp4');
function send_mail($to,$from,$from_add,$subject,$text,$add,$charset,$att,$file_size,$fname) {
global $t1,$t2;
if ($from_add<>null) {
if ($charset=='koi8-r') {
$from_add='=?koi8-r?Q?'.imap_8bit(str_replace(' ','_',iconv('utf-8','koi8-r',$from_add))).'?=';
} elseif ($charset=='win-1251') {
$from_add='=?windows-1251?Q?'.imap_8bit(str_replace(' ','_',iconv('utf-8','windows-1251',$from_add))).'?=';
} else {
$from_add='=?utf-8?Q?'.imap_8bit(str_replace(' ','_',$from_add)).'?=';
}
$from=$from_add.' <'.$from.'>';
}
if ($add<>null) {$text=$text."rnrn".$add;}
$vrs=rand(0,1);
if ($vrs==1) {
$text.="rnrn- - -rnNEW-MAILrnhttp://nmail.biz";
} else {
$text.="rnrn- - -rnXUP.RUrnhttp://wap.xup.ru";
}
if ($charset=='koi8-r') {
$subject='=?koi8-r?Q?'.imap_8bit(str_replace(' ','_',iconv('utf-8','koi8-r',$subject))).'?=';
$text=iconv('utf-8','koi8-r',$text);
} elseif ($charset=='win-1251') {
$subject='=?windows-1251?Q?'.imap_8bit(str_replace(' ','_',iconv('utf-8','windows-1251',$subject))).'?=';
$text=iconv('utf-8','windows-1251',$text); $charset='windows-1251';
} else {
if ($charset<>'utf-8') {$charset='utf-8';}
$subject='=?utf-8?Q?'.imap_8bit(str_replace(' ','_',$subject)).'?=';
}
$text=imap_8bit($text); $files=0;
if (($_FILES['att_file']['error']==0 && $_FILES['att_file']['name']<>null && $_FILES['att_file']['size']<=512000) || $file_size>0) {
$boundary='-----'.date("Ymd").time();
$headers='From: '.$from."rnContent-type: multipart/mixed; boundary="$boundary"rnX-Mailer: NEW-MAIL (nmail.biz)";
$text="--$boundaryrnContent-type: text/plain; charset=".$charset."rnContent-transfer-encoding: quoted-printablernrn".$text."rn";
} else {
$headers='From: '.$from."rnContent-type: text/plain; charset=".$charset."rnContent-transfer-encoding: quoted-printablernX-Mailer: NEW-MAIL (nmail.biz)";
}
if ($file_size>0) {
$files++;
$file=file_get_contents($att);
$type=preg_replace('~.*[.]([^.]*)~','\1',$fname,1); $rt=false;
for ($i=0;$i<strlen($fname);$i++) {if (ord($fname[$i])>128) {$rt=true; break;}}
if ($rt) {
if ($charset=='koi8-r') {
$fname='=?koi8-r?Q?'.imap_8bit(str_replace(' ','_',iconv('utf-8','koi8-r',$fname))).'?=';
} elseif ($charset=='win-1251') {
$fname='=?windows-1251?Q?'.imap_8bit(str_replace(' ','_',iconv('utf-8','windows-1251',$fname))).'?=';
} else {
$fname='=?utf-8?Q?'.imap_8bit(str_replace(' ','_',iconv('utf-8','utf-8',$fname))).'?=';
}
}
if ($type==null) {$ftype='application/octet-stream; name="'.$fname.'"';}
else {
$ky=array_search($type,$t1);
if ($ky==false) {$ftype='application/octet-stream; name="'.$fname.'"';}
else {$ftype=$t2[$ky].'; name="'.$fname.'"';}
}
$text.="--$boundaryrnContent-type: $ftypernContent-transfer-encoding: base64rnContent-disposition: attachment; filename="$fname"rnrn".chunk_split(base64_encode($file),64)."rn";
}
if ($_FILES['att_file']['error']==0 && $_FILES['att_file']['name']<>null && $_FILES['att_file']['size']<=512000) {
$files++;
$file=file_get_contents($_FILES['att_file']['tmp_name']);
$fname=$_FILES['att_file']['name'];
$type=preg_replace('~.*[.]([^.]*)~','\1',$fname,1); $rt=false;
for ($i=0;$i<strlen($fname);$i++) {if (ord($fname[$i])>128) {$rt=true; break;}}
if ($rt) {
if ($charset=='koi8-r') {
$fname='=?koi8-r?Q?'.imap_8bit(str_replace(' ','_',iconv('utf-8','koi8-r',$fname))).'?=';
} elseif ($charset=='win-1251') {
$fname='=?windows-1251?Q?'.imap_8bit(str_replace(' ','_',iconv('utf-8','windows-1251',$fname))).'?=';
} else {
$fname='=?utf-8?Q?'.imap_8bit(str_replace(' ','_',iconv('utf-8','utf-8',$fname))).'?=';
}
}
if ($type==null) {$ftype='application/octet-stream; name="'.$fname.'"';}
else {
$ky=array_search($type,$t1);
if ($ky==false) {$ftype='application/octet-stream; name="'.$fname.'"';}
else {$ftype=$t2[$ky].'; name="'.$fname.'"';}
}
$text.="--$boundaryrnContent-type: $ftypernContent-transfer-encoding: base64rnContent-disposition: attachment; filename="$fname"rnrn".chunk_split(base64_encode($file),64)."rn";
}
if ($files>0) {$text.="--$boundary--rn";}
if (mail($to,$subject,$text,$headers)) {return array('size'=>strlen($headers)+strlen($text),'files'=>$files);}
else {return false;}
}
$from=$user['login'].'@'.$user['domain'];
if ($tr_subject==1 && $subject<>null) {$subject=iconv('windows-1251','utf-8',translit($subject));}
if ($subject==null) {
$subject=out_ms($user['subject']);
if ($subject==null) {
$subject=iconv('windows-1251','utf-8','Нет темы');
}
}
if ($to==null) {$to=$contact_mail;}
$from_add=out_ms($user['from_add']); $add=out_ms($user['add']);
$fname=del(preg_replace('~.*/([^/]*)~','\1',$att,1));
if ($fname==null) {$fname='file';}
if ($rt=send_mail($to,$from,$from_add,$subject,$text,$add,$charset,$att,$fsz,$fname)) {
if ($user['save_out']==1) {
$all_size=$rt['size']; $files=$rt['files']; $text_size=strlen($text);
$mdate=date('d.m.y, H:i').' (GMT '.preg_replace('~^([+]d{2})(d{2})$~','\1:\2',date('O'),1).')';
ms_q("Insert Into `outbox` Set `user`='".$user['id']."', `text_size`='".$text_size."', `size`='".$all_size."', `to`='".$to."', `subject`='".in_ms(special($subject))."', `text`='".in_ms(special($text))."', `files`='".$files."', `date`='".$mdate."'");
ms_q("Update `users` Set `size`=`size`+$text_size Where `id`='".$user['id']."' Limit 1");
if ($files>0) {
$res=ms_q("Select `id` From `outbox` Where `user`='".$user['id']."' And `files`='".$files."' And `date`='".$mdate."' Limit 1");
$mid=ms_data($res,'id');
if ($fsz>0) {
ms_q("Insert Into `files_list` Set `user`='".$user['id']."', `mail`='".$mid."', `name`='".in_ms(special($att))."', `type`='1', `size`='".$fsz."'");
}
if ($_FILES['att_file']['size']>0) {
ms_q("Insert Into `files_list` Set `user`='".$user['id']."', `mail`='".$mid."', `name`='".in_ms(special($_FILES['att_file']['name']))."', `type`='2', `size`='".$_FILES['att_file']['size']."'");
}
}
}
p_begin($user['login'].w2u('@').$user['domain']);
echo w2u('Письмо успешно отправлено!!').$br.$_hr.$br.' <a href="main.php?key='.$key.$_v2.'">'.w2u('Главная').'</a>'.$br;
p_end();
} else {
p_begin(w2u('Ошибка'));
echo w2u('Письмо не отправлено, повторите попытку позже..').$br.$_hr.$br.'<a href="write.php?key='.$key.$_v2.'">'.w2u('Назад').'</a>'.$br;
p_end();
}
} else {
p_begin(w2u('Ошибка'));
$e_er=false;
if ($to==null && $contact_mail==null) {
echo w2u('Неверно заполнено поле "Кому"..').$br; $e_er=true;
}
if ($att<>null && !$fsz>0) {
echo w2u('Неверно заполнено поле "Вложение".. Невозможно определить размер файла или его размер более 500kb..').$br; $e_er=true;
}
if ($text==null) {
echo w2u('Неверно заполнено поле "Сообщение"..').$br; $e_er=true;
}
if (!$e_er) {echo w2u('Произошла неизвестная ошибка, попробуйте повторить ещё раз..').$br;}
echo $_hr.$br.'<a href="write.php?key='.$key.$_v2.'">'.w2u('Назад').'</a>'.$br;
p_end();
}
}
}
ms_close($ms);
?>