require("head-inc.php");
$dbh=mysql_pconnect($dbserver,$dbuser,$dbpass);
$supout=1;
if ($qtype=="Send") {
if (!($from&&$subject&&$body)) {
bomb("You must fill in all of the fields");
}
$subject=mysql_escape_string($subject);
$body=mysql_escape_string($body);
$from=mysql_escape_string($from);
$review=$body;
include('twat.php');
$from=preg_replace("/","<",$from);
$from=preg_replace("/>/",">",$from);
$body=preg_replace("/","<",$body);
$body=preg_replace("/>/",">",$body);
$body=preg_replace("/\n/m","
",$body);
if (!$parentid) {$parentid=0;}
$query="insert into msgboard (subject,date,user,address,ip,parentid,
bname,body,status) values (
'$subject',now(),'$user','$from','$REMOTE_ADDR',
$parentid, '$bd','$body','u')";
if (!($cur=mysql_db_query($dbname, $query,$dbh))) {
print(mysql_error());
}
mail("veg@gold.ac.uk","Message added to sandwichselector","$REMOTE_ADDR:".$parentid.":$subject\n$body");
print("
");
} else {
$tclass="addnewt";
$bclass="addnew";
$thead="Add New Message";
if ($replyto) {
$tclass="replyt";
$bclass="reply";
$thead="Reply To Message";
$query="select * from msgboard where msgid=$replyto and
status='a'
and bname='$bd'";
$cur=mysql_db_query($dbname, $query,$dbh);
if ($res=mysql_fetch_array($cur)) {
$res{body}=preg_replace("/\\\/","",$res{body});
$res{address}=preg_replace("/\\\/","",$res{address});
$res{subject}=preg_replace("/\\\/","",$res{subject});
$subjval=$res{subject};
if (!preg_match("/^Re:/i",$subjval)) {
$subjval="Re:".$subjval;
}
$bodyval=$res{body};
$bodyval=preg_replace("/
/m","\n",$bodyval);
$bodyval=preg_replace("/([^\n]{100})/m","\\1\n",$bodyval);
$bodyval="[quote]".$bodyval."[/quote]\n";
}
mysql_free_result($cur);
}
if ($PHP_AUTH_USER) {
if ($pw=posix_getpwnam($PHP_AUTH_USER)) {
$fromval=$pw{gecos}." <".$pw{name}."@$maildomain>";
}
}
?>
>
|
}
function bomb($string)
{
print("$string
");
include("tail-inc.php");
exit();
}
function errorout($e) {
echo("