Index: contact.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/Attic/contact.module,v
retrieving revision 1.51.2.1
diff -u -r1.51.2.1 contact.module
--- contact.module 18 Oct 2006 20:14:42 -0000 1.51.2.1
+++ contact.module 5 Jan 2007 22:17:43 -0000
@@ -98,6 +98,7 @@
$items[] = array('path' => "user/". arg(1) ."/contact",
'title' => t('contact'),
'callback' => 'contact_mail_user',
+ 'access' => user_access('access content'),
'type' => MENU_LOCAL_TASK,
'weight' => 2,
);
@@ -298,7 +299,6 @@
*/
function contact_mail_user() {
global $user;
-
if ($account = user_load(array('uid' => arg(1)))) {
$admin_access = user_access('administer users');
if (!$account->status && !$admin_access) {
@@ -307,23 +307,40 @@
else if (!$account->contact && !$admin_access) {
$output = t('%name is not accepting e-mails.', array('%name' => check_plain($account->name)));
}
- else if (!$user->uid) {
- $output = t('Please login or register to send %name a message.', array('%login' => url('user/login'), '%register' => url('user/register'), '%name' => check_plain($account->name)));
- }
- else if (!valid_email_address($user->mail)) {
+ else if ($user->uid && !valid_email_address($user->mail)) {
$output = t('You need to provide a valid e-mail address to contact other users. Please update your user information and try again.', array('%url' => url("user/$user->uid/edit")));
}
- else if (!flood_is_allowed('contact', variable_get('contact_hourly_threshold', 3))) {
+ else if (!flood_is_allowed('contact', variable_get('contact_hourly_threshold', 6))) {
$output = t('You cannot contact more than %number users per hour. Please try again later.', array('%number' => variable_get('contact_hourly_threshold', 3)));
}
else {
drupal_set_title(check_plain($account->name));
$form['#token'] = $user->name . $user->mail;
- $form['from'] = array('#type' => 'item',
- '#title' => t('From'),
- '#value' => check_plain($user->name) .' <'. $user->mail .'>',
- );
+ if ($user->uid) {
+ // User is logged in so we'll use the account e-mail address
+ $form['from'] = array(
+ '#type' => 'item',
+ '#title' => t('From'),
+ '#value' => check_plain($user->name) .' <'. $user->mail .'>',
+ );
+ }
+ else {
+ // User is not logged in so we must ask his e-mail address and validate it
+ $form['from_name'] = array(
+ '#type' => 'textfield',
+ '#title' => t('Your full name'),
+ '#required' => TRUE,
+ '#maxlength' => 60,
+ );
+ $form['from'] = array(
+ '#type' => 'textfield',
+ '#title' => t('Your e-mail'),
+ '#required' => TRUE,
+ '#maxlength' => 64,
+ '#validate' => array('contact_email_validate' => array()),
+ );
+ }
$form['to'] = array('#type' => 'item',
'#title' => t('To'),
'#value' => check_plain($account->name),
@@ -338,9 +355,13 @@
'#rows' => 15,
'#required' => TRUE,
);
- $form['copy'] = array('#type' => 'checkbox',
- '#title' => t('Send me a copy.'),
- );
+ if ($user->uid) {
+ // User is logged in so we'll allow them to send themselves a copy
+ // Otherwise, an anonymous user could use the form to send out spam (to "themselves")
+ $form['copy'] = array('#type' => 'checkbox',
+ '#title' => t('Send yourself a copy.'),
+ );
+ }
$form['submit'] = array('#type' => 'submit',
'#value' => t('Send e-mail'),
);
@@ -354,6 +375,13 @@
}
}
+function contact_email_validate($form) {
+ $address = $form['#value'];
+ if (!valid_email_address($address)) {
+ form_error($form, t('%address is an invalid e-mail address.', array('%address' => $address)));
+ }
+}
+
/**
* Process the personal contact page form submission.
*/
@@ -363,7 +391,7 @@
$account = user_load(array('uid' => arg(1), 'status' => 1));
// Compose the body:
$message[] = "$account->name,";
- $message[] = t("%name (%name-url) has sent you a message via your contact form (%form-url) at %site.", array('%name' => $user->name, '%name-url' => url("user/$user->uid", NULL, NULL, TRUE), '%form-url' => url($_GET['q'], NULL, NULL, TRUE), '%site' => variable_get('site_name', 'drupal')));
+ $message[] = t("!name (!name-url) has sent you a message via your contact form (!form-url) at !site.", array('!name' => $user->uid ? $user->name : $edit['from_name'], '!name-url' => $user->uid ? url("user/$user->uid", NULL, NULL, TRUE) : $edit['form_name'] . t('Not verified'), '!form-url' => url($_GET['q'], NULL, NULL, TRUE), '!site' => variable_get('site_name', 'drupal')));
$message[] = t("If you don't want to receive such e-mails, you can change your settings at %url.", array('%url' => url("user/$account->uid", NULL, NULL, TRUE)));
$message[] = t('Message:');
$message[] = $edit['message'];
@@ -375,7 +403,7 @@
// Prepare all fields:
$to = $account->mail;
- $from = $user->mail;
+ $from = $edit['from'];
// Format the subject:
$subject = '['. variable_get('site_name', 'drupal') .'] '. $edit['subject'];
@@ -399,7 +427,8 @@
drupal_set_message(t('The message has been sent.'));
// Jump to the user's profile page:
- return "user/$account->uid";
+ return $user->uid ? "user/$account->uid" : "";
+
}
/**