--- contact.module.orig	2007-05-23 08:59:07.000000000 -0700
+++ contact.module	2007-05-23 09:15:12.000000000 -0700
@@ -35,7 +35,7 @@ function contact_help($section) {
  * Implementation of hook_perm
  */
 function contact_perm() {
-  return array('access site-wide contact form');
+  return array('access site-wide contact form', 'access personal contact form');
 }
 /**
  * Implementation of hook_menu().
@@ -104,7 +104,7 @@ function _contact_user_tab_access($accou
   return
     $account &&
     (
-      ($user->uid != $account->uid && $account->contact) ||
+      ($user->uid != $account->uid && $account->contact && user_access('access personal contact form')) ||
       user_access('administer users')
     );
 }
@@ -312,7 +312,7 @@ function contact_admin_settings() {
 function contact_user_page($account) {
   global $user;
 
-  if (!valid_email_address($user->mail)) {
+  if ($user->uid && !valid_email_address($user->mail)) {
     $output = t('You need to provide a valid e-mail address to contact other users. Please update your <a href="@url">user information</a> and try again.', array('@url' => url("user/$user->uid/edit")));
   }
   else if (!flood_is_allowed('contact', variable_get('contact_hourly_threshold', 3))) {
@@ -329,10 +329,25 @@ function contact_user_page($account) {
 function contact_mail_user($recipient) {
   global $user;
   $form['#token'] = $user->name . $user->mail;
-  $form['from'] = array('#type' => 'item',
-    '#title' => t('From'),
-    '#value' => check_plain($user->name) .' &lt;'. check_plain($user->mail) .'&gt;',
-  );
+  if (!$user->uid) {
+    $form['name'] = array('#type' => 'textfield',
+      '#title' => t('Your name'),
+      '#maxlength' => 255,
+      '#required' => TRUE,
+    );
+    $form['mail'] = array('#type' => 'textfield',
+      '#title' => t('Your e-mail address'),
+      '#maxlength' => 255,
+      '#required' => TRUE,
+    );
+  }
+  else {
+    $form['from'] = array('#type' => 'item',
+      '#title' => t('From'),
+      '#value' => check_plain($user->name) .' &lt;'. check_plain($user->mail) .'&gt;',
+    );
+  }
+
   $form['to'] = array('#type' => 'item',
     '#title' => t('To'),
     '#value' => check_plain($recipient->name),
@@ -347,15 +362,31 @@ function contact_mail_user($recipient) {
     '#rows' => 15,
     '#required' => TRUE,
   );
-  $form['copy'] = array('#type' => 'checkbox',
-    '#title' => t('Send yourself a copy.'),
-  );
+  // We do not allow anonymous users to send themselves a copy
+  // because it can be abused to spam people.
+  if ($user->uid) {
+    $form['copy'] = array('#type' => 'checkbox',
+      '#title' => t('Send yourself a copy.'),
+    );
+  }
   $form['submit'] = array('#type' => 'submit',
     '#value' => t('Send e-mail'),
   );
   return $form;
 }
 
+
+/**
+ * Validate the personal contact page form submission.
+ */
+function contact_mail_user_validate($form_id, $form_values) {
+  global $user;
+  
+  if (!$user->uid && !valid_email_address($form_values['mail'])) {
+    form_set_error('mail', t('You must enter a valid e-mail address.'));
+  }
+}
+
 /**
  * Process the personal contact page form submission.
  */
@@ -365,7 +396,12 @@ function contact_mail_user_submit($form_
   $account = user_load(array('uid' => arg(1), 'status' => 1));
   // Compose the body:
   $message[] = "$account->name,";
-  $message[] = t("!name (!name-url) has sent you a message via your contact form (!form-url) at !site.", array('!name' => $user->name, '!name-url' => url("user/$user->uid", array('absolute' => TRUE)), '!form-url' => url($_GET['q'], array('absolute' => TRUE)), '!site' => variable_get('site_name', 'Drupal')));
+  if (!$user->uid) {
+    $message[] = t("!name (!name-url) has sent you a message via your contact form (!form-url) at !site.", array('!name' => $form_values['name'], '!name-url' => $form_values['mail'], '!form-url' => url($_GET['q'], NULL, NULL, TRUE), '!site' => variable_get('site_name', 'Drupal')));
+  }
+  else {
+    $message[] = t("!name (!name-url) has sent you a message via your contact form (!form-url) at !site.", array('!name' => $user->name, '!name-url' => url("user/$user->uid", NULL, NULL, TRUE), '!form-url' => url($_GET['q'], NULL, NULL, TRUE), '!site' => variable_get('site_name', 'Drupal')));
+  }
   $message[] = t("If you don't want to receive such e-mails, you can change your settings at !url.", array('!url' => url("user/$account->uid", array('absolute' => TRUE))));
   $message[] = t('Message:');
   $message[] = $form_values['message'];
@@ -377,7 +413,12 @@ function contact_mail_user_submit($form_
 
   // Prepare all fields:
   $to = $account->mail;
-  $from = $user->mail;
+  if (!$user->uid) {
+    $from = $form_values['mail'];
+  }
+  else {
+    $from = $user->mail;
+  }
 
   // Format the subject:
   $subject = '['. variable_get('site_name', 'Drupal') .'] '. $form_values['subject'];
@@ -395,7 +436,12 @@ function contact_mail_user_submit($form_
 
   // Log the operation:
   flood_register_event('contact');
-  watchdog('mail', '%name-from sent %name-to an e-mail.', array('%name-from' => $user->name, '%name-to' => $account->name));
+  if (!$user->uid) {
+    watchdog('mail', t('%name-from sent %name-to an e-mail.', array('%name-from' => $form_values['name'] . ', ' . $form_values['mail'] . ',', '%name-to' => $account->name)));
+  }
+  else {
+    watchdog('mail', t('%name-from sent %name-to an e-mail.', array('%name-from' => $user->name, '%name-to' => $account->name)));
+  }
 
   // Set a status message:
   drupal_set_message(t('The message has been sent.'));