forked from science-ation/science-ation
Fix the contact form
This commit is contained in:
james
parent
902e45fe2e
commit
1749d8c67b
49
contact.php
49
contact.php
@ -23,6 +23,8 @@
|
||||
<?
|
||||
require("common.inc.php");
|
||||
send_header("Contact Us",null,"communication");
|
||||
include "account.inc.php";
|
||||
include "user.inc.php";
|
||||
|
||||
function cleanify($in) {
|
||||
$in=ereg_replace("\r","\n",$in);
|
||||
@ -34,10 +36,11 @@
|
||||
if($_POST['to'] && $_POST['subject'] && $_POST['message'] && $_POST['from'] && $_POST['fromemail']) {
|
||||
if(isEmailAddress($_POST['fromemail'])) {
|
||||
list($id,$md5email)=explode(":",$_POST['to']);
|
||||
$q=mysql_query("SELECT * FROM users WHERE uid='$id' ORDER BY year DESC LIMIT 1");
|
||||
$r=mysql_fetch_object($q);
|
||||
$a=account_load($id);
|
||||
$u=user_load_by_accounts_id($id);
|
||||
|
||||
//if a valid selection is made from the list, then this will always match.
|
||||
if($md5email == md5($r->email)) {
|
||||
if($md5email == md5($a['email'])) {
|
||||
$from=cleanify($_POST['from'])." <".cleanify($_POST['fromemail']).">";
|
||||
$extra="Return-Path: $from\r\nFrom: $from\r\nReply-To: $from\r\n";
|
||||
|
||||
@ -47,7 +50,7 @@
|
||||
//and strip the slashes from the message
|
||||
$message=stripslashes($_POST['message']);
|
||||
|
||||
mail("$r->firstname $r->lastname <$r->email>",$subject,$message,$extra);
|
||||
mail("{$u['firstname']} {$u['lastname']} <{$a['email']}>",$subject,$message,$extra);
|
||||
echo happy(i18n("Contact email successfully sent"));
|
||||
}
|
||||
else {
|
||||
@ -62,15 +65,6 @@
|
||||
echo error(i18n("All fields are required"));
|
||||
}
|
||||
|
||||
?>
|
||||
<script type="text/javascript">
|
||||
function tochange() {
|
||||
if(!document.forms.contactform.to.options[document.forms.contactform.to.selectedIndex].value)
|
||||
document.forms.contactform.to.selectedIndex=0;
|
||||
}
|
||||
</script>
|
||||
<?
|
||||
|
||||
echo i18n("Choose who you would like to contact from the list below, type your subject and message, and click the 'Send' button");
|
||||
echo "<br />";
|
||||
echo "<br />";
|
||||
@ -78,23 +72,37 @@ function tochange() {
|
||||
echo "<input type=\"hidden\" name=\"action\" value=\"send\">\n";
|
||||
echo "<table class=\"tableedit\">";
|
||||
echo "<tr><td>".i18n("To").":</td>";
|
||||
echo "<td><select name=\"to\" onchange=\"tochange()\">";
|
||||
echo "<td><select name=\"to\">";
|
||||
echo "<option value=\"\">".i18n("Choose a person to contact")."</option>\n";
|
||||
$q=mysql_query("SELECT * FROM committees ORDER BY ord,name");
|
||||
while($r=mysql_fetch_object($q)) {
|
||||
|
||||
/* Select everyone in this committee, attach the user data using MAX(year) so we only get the most recent
|
||||
* user data */
|
||||
$q2=mysql_query("SELECT committees_link.*,users.accounts_id,MAX(users.year),users.firstname,users.lastname,users.email,users.deleted
|
||||
FROM committees_link LEFT JOIN users ON users.accounts_id = committees_link.accounts_id
|
||||
WHERE committees_id='{$r->id}'
|
||||
GROUP BY users.accounts_id ORDER BY ord,users.lastname ");
|
||||
|
||||
//FIXME: this sstill isnt right, it should
|
||||
//AND users.conferences_id='{$conference['id']}'
|
||||
//and not group by the accounts.id, but for some reason, alison's committee members dont seem to have
|
||||
//user records for the current conference, so if i do it like it should there's nobody except her
|
||||
//in her committee list
|
||||
$q2=mysql_query("SELECT
|
||||
committees_link.*,
|
||||
users.accounts_id,
|
||||
users.firstname,
|
||||
users.lastname,
|
||||
accounts.email,
|
||||
users.deleted
|
||||
FROM committees_link
|
||||
LEFT JOIN users ON users.accounts_id = committees_link.accounts_id
|
||||
JOIN accounts ON committees_link.accounts_id=accounts.id
|
||||
WHERE committees_id='{$r->id}'
|
||||
GROUP BY users.accounts_id ORDER BY ord,users.lastname ");
|
||||
echo mysql_error();
|
||||
//if there's nobody in this committee, then just skip it and go on to the next one.
|
||||
if(mysql_num_rows($q2)==0)
|
||||
continue;
|
||||
|
||||
echo "<option value=\"\">{$r->name}</option>\n";
|
||||
echo "<optgroup label=\"{$r->name}\">";
|
||||
|
||||
echo mysql_error();
|
||||
while($r2=mysql_fetch_object($q2))
|
||||
@ -104,9 +112,10 @@ function tochange() {
|
||||
if($r2->email) {
|
||||
$name=$r2->firstname.' '.$r2->lastname;
|
||||
if($r2->title) $titlestr=" ($r2->title)"; else $titlestr="";
|
||||
echo "<option value=\"$r2->uid:".md5($r2->email)."\"> -{$name}{$titlestr}</option>\n";
|
||||
echo "<option value=\"$r2->accounts_id:".md5($r2->email)."\">{$name}{$titlestr}</option>\n";
|
||||
}
|
||||
}
|
||||
echo "</optgroup>\n";
|
||||
}
|
||||
echo "</select></td></tr>";
|
||||
echo "<tr><td>".i18n("Your Name").":</td><td><input type=\"text\" name=\"from\" size=\"50\"></td></tr>";
|
||||
|
||||
Loading…
Reference in New Issue
Block a user