 |
boardom
b2 message board
|
| View previous topic :: View next topic |
| Author |
Message |
cjc
Joined: 24 Dec 2002
Posts: 146
Location: New York
|
 Posted: Sun Mar 09, 2003 11:30 pm Post subject: Email posting to a friend, revisited |
 |
|
Just cooked this up. Hopefully, it doesn't totally suck.
This is based on a "printable" hack as well as an earlier email-to-a-friend effort found here: http://tidakada.com/board/viewtopic.php?t=1036&highlight=mail+friend
A window will pop up to present a form that asks for the from, to and a short message to prepend to the posting. Submitting the form sends the post, which is content type text/html. I'm not sure if that's the best way to do it, but I didn't want to strip out all the HTML tags from all the posts. I'm sure there's a cleverer way to deal with MIME types.
The script checks for valid email to: addresses, and pauses for three seconds before returning. This is to discourage spammers.
To use this, put something like the following in the b2 loop of your index.php:
<a href="b2mailpost.php?p=<?php the_ID() ?>">Mail Post To a Friend</a>
| Code: |
<?
include ("b2config.php");
require_once ($b2inc.'/b2vars.php');
require_once ($b2inc.'/b2functions.php');
$email_result = '';
if ( $submit == 'send' && preg_match("/^([a-z,0-9,-,_,.])+@([a-z,0-9,-,_,.])+(.([a-z,0-9])+)+$/", $email-to)) {
$email_result = "There are invalid characters in the recipient email address\n";
}
if ( $submit == 'send' && $email_result == '') {
$db = mysql_connect($dbhost, $dbusername, $dbpassword)
or die("Can not connect to the database");
mysql_select_db($dbname)
or die("Can not to select the database");
// Date format from the DB
// See http://www.mysql.com/doc/en/Date_and_time_functions.html for full spec
$date_format = '<b>%m/%d/%Y</b> @ <b>%l:%i%p</b>';
$query = "SELECT post_title, cat_name, user_nickname, " .
" DATE_FORMAT(post_date, '$date_format') as post_date, post_content ".
" FROM $tableusers, $tableposts, $tablecategories ".
" WHERE $tableposts.post_category = $tablecategories.cat_ID " .
" AND $tableposts.post_author = $tableusers.ID AND $tableposts.ID=$p";
$result = mysql_query($query, $db)
or die("Can not to execute query." . $query);
$myrow = mysql_fetch_array($result);
$mytitle = convert_smilies(stripslashes($myrow[post_title]));
$mycategory = stripslashes($myrow[cat_name]);
$myauthor = $myrow[user_nickname];
$mydate = $myrow[post_date];
$mybody = convert_smilies(stripslashes($myrow[post_content]));
$email_subject = 'Fwd: ' . $mytitle;
$email_body = "<blockquote>$shortmsg</blockquote>";
$email_body .= "\n\n</br>" . "<hr>\n</br>" . "Forwarded posting:\n" . "<hr></br>" ;
$email_body .= $mytitle . "<br>\n";
$email_body .= "Posted by $myauthor on $mydate in $mycategory <p>\n";
$email_body .= $mybody . "\n" ;
$email_body .= 'This article can be found at: ' . $siteurl . '/' . $blogfilename . '?p=' . $p . "\n";
$mailerr = mail($email_to, $email_subject, $email_body, "From: $email_from\n" . "Content-type: text/html\n" . "X-Mailer: PHP/"
. phpversion() . "\n");
if ($mailerr) {
$email_result = "Posting sent to $email_to\n";
} else {
$email_result = "Email error\n";
}
sleep(3);
}
?>
<head>
<title>E-Mail <? echo $myrow[post_title] ?> to a friend</title>
</head>
<body>
<center><font face="Verdana" size="3" color="#000000"><b>:: <?php echo $blogname; ?> weblog ::</b></font></center>
<form action="<?php echo $siteurl . '/b2mailpost.php?p=' . $p ; ?>">
<table bgcolor="#000000" align="center" border="0" cellspacing="1" cellpadding="10">
<tr><td width=25% bgcolor="#FFFFFF">
Status:
</td><td bgcolor="#FFFFFF">
<font color="#AA0000">
<?php echo $email_result; ?>
</font>
</td></tr>
<tr><td bgcolor="#FFFFFF">
From:
</td><td bgcolor="#FFFFFF">
<input type="text" name="email_from" size="25" value="<?php echo $email_from; ?>"> (Your email address)
</td></tr>
<tr><td bgcolor="#FFFFFF">
To:
</td><td bgcolor="#FFFFFF">
<input type="text" name="email_to" size="25" value="<?php echo $email_to; ?>"> (Recipient email address)
</td></tr>
<tr><td bgcolor="#FFFFFF">
Short message:
</td><td bgcolor="#FFFFFF">
<textarea name="shortmsg" cols="40" rows="5"><?php echo $shortmsg; ?></textarea>
</td></tr>
<tr><td bgcolor="#FFFFFF" colspan=2>
<center>
<input type=submit name="submit" value="send">
<input type=reset name="reset" value="clear">
<input type=button name="close" value="Close Window" onClick="javascript:window.close()">
</center>
</td></tr>
</table>
<input type="hidden" name="p" value="<?php echo $p; ?>">
</form>
</body>
</html> |
|
|
| Back to top |
|
 |
Gibi
Joined: 12 Mar 2003
Posts: 5
Location: Rio de Janeiro
|
| Posted: Wed Mar 12, 2003 3:37 pm Post subject: |
|
|
| I instaled the script and work, but it's possible to open the formmail in a pop-up window?! |
|
| Back to top |
|
|
cjc
Joined: 24 Dec 2002
Posts: 146
Location: New York
|
| Posted: Wed Mar 12, 2003 4:10 pm Post subject: |
|
|
| Gibi wrote: | | I instaled the script and work, but it's possible to open the formmail in a pop-up window?! |
In your index.php, instead of using
| Code: | | <a href="b2mailpost.php?p=<?php the_ID() ?>">Mail Post To a Friend</a> |
you should use something like:
| Code: |
<a href="b2mailpost.php?p=<?php the_ID() ?>" target="_blank">Mail Post To a Friend</a>
|
The "target" attribute should open up the referenced link in a new window. You can have finer control over that window by supplying some JavaScript in an additional onClick statement, something like:
| Code: |
<a href="b2mailpost.php?p=<?php the_ID() ?>" target="_blank" onClick="window.open('b2mailpost.php?p=<?php the_ID() ?>','b2mailpost','width=640,height=480,location=0,menubar=0,resizable=1,scrollbars=yes,status=0,toolbar=0'); return false">Mail Post To a Friend</a>
|
Hmm. I should add in a status message for when the window opens for the first time, something like, "You are about to mail this post to a friend: (post title)". |
|
| Back to top |
|
|
cjc
Joined: 24 Dec 2002
Posts: 146
Location: New York
|
| Posted: Wed Mar 12, 2003 4:36 pm Post subject: |
|
|
| cjc wrote: | | Hmm. I should add in a status message for when the window opens for the first time, something like, "You are about to mail this post to a friend: (post title)". |
OK, here's some revised code:
| Code: |
<?
include ("b2config.php");
require_once ($b2inc.'/b2vars.php');
require_once ($b2inc.'/b2functions.php');
$email_result = '';
if ( $submit == 'send' && preg_match("/^([a-z,0-9,-,_,.])+@([a-z,0-9,-,_,.])+(.([a-z,0-9])+)+$/", $email-to)) {
$email_result = "There are invalid characters in the recipient email address\n";
}
$db = mysql_connect($dbhost, $dbusername, $dbpassword)
or die("Can not connect to the database");
mysql_select_db($dbname)
or die("Can not to select the database");
// Date format from the DB
// See http://www.mysql.com/doc/en/Date_and_time_functions.html for full spec
$date_format = '<b>%m/%d/%Y</b> @ <b>%l:%i%p</b>';
$query = "SELECT post_title, cat_name, user_nickname, " .
" DATE_FORMAT(post_date, '$date_format') as post_date, post_content ".
" FROM $tableusers, $tableposts, $tablecategories ".
" WHERE $tableposts.post_category = $tablecategories.cat_ID " .
" AND $tableposts.post_author = $tableusers.ID AND $tableposts.ID=$p";
$result = mysql_query($query, $db)
or die("Can not to execute query." . $query);
$myrow = mysql_fetch_array($result);
$mytitle = convert_smilies(stripslashes($myrow[post_title]));
$mycategory = stripslashes($myrow[cat_name]);
$myauthor = $myrow[user_nickname];
$mydate = $myrow[post_date];
$mybody = convert_smilies(stripslashes($myrow[post_content]));
if ( $submit == 'send' && $email_result == '') {
$email_subject = 'Fwd: ' . $mytitle;
$email_body = "<blockquote>$shortmsg</blockquote>";
$email_body .= "\n\n</br>" . "<hr>\n</br>" . "Forwarded posting:\n" . "<hr></br>" ;
$email_body .= $mytitle . "<br>\n";
$email_body .= "Posted by $myauthor on $mydate in $mycategory <p>\n";
$email_body .= $mybody . "\n\n\n" ;
$email_body .= 'This article can be found at: ' . $siteurl . '/' . $blogfilename . '?p=' . $p . "\n";
$mailerr = mail($email_to, $email_subject, $email_body, "From: $email_from\n" . "Content-type: text/html\n" . "X-Mailer: PHP/" . phpversion() . "\n");
if ($mailerr) {
$email_result = "Posting sent to $email_to\n";
} else {
$email_result = "Email error\n";
}
sleep( 3 );
}
?>
<head>
<title>E-Mail <? echo $mytitle ?> to a friend</title>
</head>
<body>
<center><font face="Verdana" size="3" color="#000000"><b>:: <?php echo $blogname; ?> weblog ::</b></font></center>
<form action="<?php echo $siteurl . '/b2mailpost.php?p=' . $p ; ?>">
<table bgcolor="#000000" align="center" border="0" cellspacing="1" cellpadding="10">
<tr><td width=25% bgcolor="#FFFFFF">
Status:
</td><td bgcolor="#FFFFFF">
<?php
if ($email_result == '') {
echo '<font color="#000000">';
echo "You are about to email the following post to a friend:<br><b>$mytitle</b>\n";
echo '</font>';
} else {
echo '<font color="#AA0000">';
echo $email_result;
echo '</font>';
}
?>
</td></tr>
<tr><td bgcolor="#FFFFFF">
From:
</td><td bgcolor="#FFFFFF">
<input type="text" name="email_from" size="25" value="<?php echo $email_from; ?>"> (Your email address)
</td></tr>
<tr><td bgcolor="#FFFFFF">
To:
</td><td bgcolor="#FFFFFF">
<input type="text" name="email_to" size="25" value="<?php echo $email_to; ?>"> (Recipient email address)
</td></tr>
<tr><td bgcolor="#FFFFFF">
Short message:
</td><td bgcolor="#FFFFFF">
<textarea name="shortmsg" cols="40" rows="5"><?php echo $shortmsg; ?></textarea>
</td></tr>
<tr><td bgcolor="#FFFFFF" colspan=2>
<center>
<input type=submit name="submit" value="send">
<input type=reset name="reset" value="clear">
<input type=button name="close" value="Close Window" onClick="javascript:window.close()">
</center>
</td></tr>
</table>
<input type="hidden" name="p" value="<?php echo $p; ?>">
</form>
</body>
</html>
|
|
|
| Back to top |
|
|
Mister44
Joined: 31 Oct 2002
Posts: 237
Location: Philadelphia, PA, USA
|
| Posted: Wed Mar 12, 2003 4:52 pm Post subject: |
|
|
| Good hack. |
|
| Back to top |
|
|
Gibi
Joined: 12 Mar 2003
Posts: 5
Location: Rio de Janeiro
|
| Posted: Wed Mar 12, 2003 5:03 pm Post subject: |
|
|
| Thanks...it'a a wonderful hack! |
|
| Back to top |
|
|
cjc
Joined: 24 Dec 2002
Posts: 146
Location: New York
|
| Posted: Thu Mar 13, 2003 2:59 am Post subject: Thanks, and an update |
|
|
Thanks for the compliments!
However, after a night's thinking about the hack, I feel I had to revise it somewhat. It's a bit more complicated now.
The motivation of these changes was to prevent mail abuse by spammers. Yes, there's a sleep for 3 seconds, but that doesn't prevent someone from stacking up a whole bunch of HTTP requests, all of which will be faithfully executed by the web server eventually. A spammer can therefore send a whole bunch of spam before you realize it.
The changes do two things. The first is to create a table for logging the times b2mailpost.php gets used. It records the usual info, such as the post being send (so you can get an idea of which posts gets email often), the destination email address, and the IP address of the connection. There's also a timestamp.
The second change is an enforced timeout, where the logging table gets queried as to the last time an email was sent by the program. If it's too soon (say, 30 seconds), there'll be an error message saying that the person sending the email should wait before trying again. Yes, it's a nuisance, but people probably won't sent a post more than once, and they can put more than one address in the "To:" line if they're sending it to multiple recipients. The way the timeout works should prevent a spammer from stacking up HTTP requests.
Anyway, here are the two scripts: the first creates the tables, and is modelled on the b2install.php script. The second is a revised version of the b2mailpost.php I put up earlier.
| Code: |
<html>
<head>
<title>b2 Mailpost.php Installation</title>
</head>
<body>
<?php
include ("b2config.php");
function mysql_doh($msg,$sql,$error) {
echo "<p>$msg</p>";
echo "<p>query:<br />$sql</p>";
echo "<p>error:<br />$error</p>";
die();
}
$connexion = mysql_connect($server,$loginsql,$passsql) or die("Can't connect to the database<br>".mysql_error());
$dbconnexion = mysql_select_db($base, $connexion);
if (!$dbconnexion) {
echo mysql_error();
die();
}
echo "Creating log table for b2mailpost.php<br /><br />";
# Note: if you want to start again with a clean b2mailpost database,
# just remove the // in this file
// $query = "DROP TABLE IF EXISTS b2mailpostlog";
// $q = mysql_query($query) or die ("doh, can't drop the table \"$tableposts\" in the database.");
$query = "CREATE TABLE b2mailpostlog
( ID int(10) unsigned NOT NULL auto_increment,
mailpost_date datetime DEFAULT '0000-00-00 00:00:00' NOT NULL,
post_ID int(10) NOT NULL,
email_to varchar(100) NOT NULL,
email_from varchar(100),
shortmsg text,
ipaddr varchar(100),
PRIMARY KEY (ID), UNIQUE ID (ID) )";
$q = mysql_query($query) or mysql_doh("doh, can't create the table \"$tableposts\" in the database.", $query, mysq
l_error());
echo "posts: OK<br />";
|
This is b2mailpost.php:
| Code: |
<?
include ("b2config.php");
require_once ($b2inc.'/b2vars.php');
require_once ($b2inc.'/b2functions.php');
$antispamtimer = 30;
$b2mailpost_table = 'b2mailpostlog';
$email_result = '';
if ( $submit == 'send' && preg_match("/^([a-z,0-9,-,_,.])+@([a-z,0-9,-,_,.])+(.([a-z,0-9])+)+$/", $email-to)) {
$email_result = "There are invalid characters in the recipient email address\n";
}
$db = mysql_connect($dbhost, $dbusername, $dbpassword)
or die("Can not connect to the database");
mysql_select_db($dbname)
or die("Can not to select the database");
// Date format from the DB
// See http://www.mysql.com/doc/en/Date_and_time_functions.html for full spec
$date_format = '<b>%m/%d/%Y</b> @ <b>%l:%i%p</b>';
$query = "SELECT post_title, cat_name, user_nickname, " .
" DATE_FORMAT(post_date, '$date_format') as post_date, post_content ".
" FROM $tableusers, $tableposts, $tablecategories ".
" WHERE $tableposts.post_category = $tablecategories.cat_ID " .
" AND $tableposts.post_author = $tableusers.ID AND $tableposts.ID=$p";
$result = mysql_query($query, $db)
or die("Can not to execute query." . $query);
$myrow = mysql_fetch_array($result);
$mytitle = convert_smilies(stripslashes($myrow[post_title]));
$mycategory = stripslashes($myrow[cat_name]);
$myauthor = $myrow[user_nickname];
$mydate = $myrow[post_date];
$mybody = convert_smilies(stripslashes($myrow[post_content]));
$query = "SELECT MAX(UNIX_TIMESTAMP(mailpost_date)) maxdate FROM $b2mailpost_table";
$result = mysql_query($query, $db)
or die("Can not to execute query." . $query);
$myrow = mysql_fetch_array($result);
$maxdate = $myrow[maxdate];
$rightnow = time();
if ( ($rightnow - $maxdate) <= $antispamtimer ) {
$email_result = "The b2mailpost.php function was used recently. To prevent spammers from using this as a relayer, there is an enforced timeout of $antispamtimer seconds. Please wait and resubmit.";
}
if ( $submit == 'send' && $email_result == '') {
$email_subject = 'Fwd: ' . $mytitle;
$email_body = "<blockquote>$shortmsg</blockquote>";
$email_body .= "\n\n</br>" . "<hr>\n</br>" . "Forwarded posting:\n" . "<hr></br>" ;
$email_body .= $mytitle . "<br>\n";
$email_body .= "Posted by $myauthor on $mydate in $mycategory <p>\n";
$email_body .= $mybody . "\n\n\n" ;
$email_body .= 'This article can be found at: ' . $siteurl . '/' . $blogfilename . '?p=' . $p . "\n";
$mailerr = mail($email_to, $email_subject, $email_body, "From: $email_from\n" . "Content-type: text/html\n" . "X-Mailer: PHP/" . phpversion() . "\n");
if ($mailerr) {
$email_result = "Posting sent to $email_to\n";
} else {
$email_result = "Email error\n";
}
$ipaddr = $REMOTE_ADDR;
$now = date("Y-m-d H:i:s",(time() + ($time_difference * 3600)));
$query = "INSERT INTO $b2mailpost_table ( id, mailpost_date, post_ID, email_to, email_from, shortmsg, ipaddr)
VALUES ( '0', '$now', '$p', '$email_to', '$email_from', '$shortmsg', '$ipaddr' )";
$result = mysql_query($query, $db) or die("Can not to execute query." . $query);
}
?>
<head>
<title>E-Mail <? echo $mytitle ?> to a friend</title>
</head>
<body>
<center><font face="Verdana" size="3" color="#000000"><b>:: <?php echo $blogname; ?> weblog ::</b></font></center>
<form action="<?php echo $siteurl . '/b2mailpost.php?p=' . $p ; ?>">
<table bgcolor="#000000" align="center" border="0" cellspacing="1" cellpadding="10">
<tr><td width=25% bgcolor="#FFFFFF">
Status:
</td><td bgcolor="#FFFFFF">
<?php
if ($email_result == '') {
echo '<font color="#000000">';
echo "You are about to email the following post to a friend:<br><b>$mytitle</b>\n";
echo '</font>';
} else {
echo '<font color="#AA0000">';
echo $email_result;
echo '</font>';
}
?>
</td></tr>
<tr><td bgcolor="#FFFFFF">
From:
</td><td bgcolor="#FFFFFF">
<input type="text" name="email_from" size="25" maxsize="100" value="<?php echo $email_from; ?>"> (Your email address)
</td></tr>
<tr><td bgcolor="#FFFFFF">
To:
</td><td bgcolor="#FFFFFF">
<input type="text" name="email_to" size="25" maxsize="100" value="<?php echo $email_to; ?>"> (Recipient email address)
</td></tr>
<tr><td bgcolor="#FFFFFF">
Short message:
</td><td bgcolor="#FFFFFF">
<textarea name="shortmsg" cols="40" rows="5"><?php echo $shortmsg; ?></textarea>
</td></tr>
<tr><td bgcolor="#FFFFFF" colspan=2>
<center>
<input type=submit name="submit" value="send">
<input type=reset name="reset" value="clear">
<input type=button name="close" value="Close Window" onClick="javascript:window.close()">
</center>
</td></tr>
</table>
<input type="hidden" name="p" value="<?php echo $p; ?>">
</form>
</body>
</html>
|
|
|
| Back to top |
|
|
Gibi
Joined: 12 Mar 2003
Posts: 5
Location: Rio de Janeiro
|
| Posted: Thu Mar 13, 2003 5:06 pm Post subject: |
|
|
| I try to translate the mail form to portuguese, but when i try to send a post, ther's an error. The mail form don't send the post. |
|
| Back to top |
|
|
cjc
Joined: 24 Dec 2002
Posts: 146
Location: New York
|
| Posted: Fri Mar 14, 2003 12:47 am Post subject: |
|
|
| Gibi wrote: | | I try to translate the mail form to portuguese, but when i try to send a post, ther's an error. The mail form don't send the post. |
What's the error? The most recent scripts I posted work on my setup. |
|
| Back to top |
|
|
kichu
Joined: 23 Feb 2002
Posts: 53
Location: Chennai,India
|
| Posted: Fri Mar 14, 2003 12:57 pm Post subject: |
|
|
It is working properly, but when I enable smartquotes in b2config.php, I get an error message that 'add_filter" in b2vars.php is not a valid command.
Please help.
Thanks
S.K
_________________
Cause something to change, you are not here for ever! |
|
| Back to top |
|
|
cjc
Joined: 24 Dec 2002
Posts: 146
Location: New York
|
| Posted: Fri Mar 14, 2003 2:05 pm Post subject: |
|
|
| kichu wrote: | It is working properly, but when I enable smartquotes in b2config.php, I get an error message that 'add_filter" in b2vars.php is not a valid command.
Please help.
Thanks
S.K |
Ah, OK. That means that I didn't include a particular file at the beginning. The add_filter function is described in the b2-include/b2template.functions.php file. So, what you have to do is add this line near the top of the b2mailpost.php file:
| Code: | | require_once ($b2inc.'/b2template.functions.php'); |
Line 4 would be fine. You'll see other require_once statements. The "require_once" loads in other PHP files to use, and these files generally contain function definitions, configuration information, etc. |
|
| Back to top |
|
|
blog17
Joined: 28 Jan 2003
Posts: 144
Location: London, UK
|
| Posted: Wed Mar 19, 2003 4:21 pm Post subject: |
|
|
The install isnt working, I get this:
| Code: | | Parse error: parse error, unexpected T_STRING in .../public_html/b2install.php on line 45 |
_________________
Check this out! The ULTIMATE site! |
|
| Back to top |
|
|
cjc
Joined: 24 Dec 2002
Posts: 146
Location: New York
|
| Posted: Wed Mar 19, 2003 4:28 pm Post subject: |
|
|
| blog17 wrote: | The install isnt working, I get this:
| Code: | | Parse error: parse error, unexpected T_STRING in .../public_html/b2install.php on line 45 |
|
The install script probably shouldn't be named b2install.php or be appended to b2install.php. You should name it something like b2mailpost_install.php and hit that. |
|
| Back to top |
|
|
blog17
Joined: 28 Jan 2003
Posts: 144
Location: London, UK
|
|
| Back to top |
|
|
cjc
Joined: 24 Dec 2002
Posts: 146
Location: New York
|
| Posted: Wed Mar 19, 2003 4:40 pm Post subject: |
|
|
| blog17 wrote: | | I get the same error. |
Email the installer file directly to me as an attachment. Don't post it using the bulletin board software. I don't want stray linebreaks caused by email clients. Use [email protected]. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB 2 © 2001, 2002 phpBB Group
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
