addFilter(new Zend_Filter_StripTags()) ->addFilter(new Zend_Filter_StringTrim()); $pageTitle = array_key_exists('pageTitle', $_GET) ? $filters->filter($_GET['pageTitle']) : ''; $pageUrl = array_key_exists('pageUrl', $_GET) ? $filters->filter($_GET['pageUrl']) : ''; $page = 'form'; $errors = array(); if('post' == strtolower($_SERVER['REQUEST_METHOD'])) { // someone sent over an invalid if(!Readability::hasValidParams()) { Readability::logMessage("ERROR:Someone tried to send a request with an invalid set of parameters."); die(); } require_once 'Zend/Validate/EmailAddress.php'; //FILTER DATA $from = $filters->filter($_POST['from']); $to = $filters->filter($_POST['to']); $to = array_map('trim', split(',', $to)); $note = $filters->filter($_POST['note']); $key = $filters->filter($_POST['key']); $pageUrl = $filters->filter($_POST['pageUrl']); $pageTitle = $filters->filter($_POST['pageTitle']); if(!Readability::validateSecureKey($key)) { $errors[] = 'key'; Readability::logMessage("ERROR:Someone tried to send an email with an invalid key."); } // VALIDATE DATA $emailValidator = new Zend_Validate_EmailAddress(); if(!$emailValidator->isValid($_POST['from'])) { $errors[] = 'from'; } if(count($to) == 0) { $errors[] = 'to'; } else { foreach($to as $toAddress) { if(!$emailValidator->isValid($toAddress)) { $errors[] = 'to'; break; } } } // NO ERRORS SEND EMAIL if(count($errors) == 0) { // store the from address so it's saved for future use setcookie("from", $from, time()+3600*24*7*4, "/"); require_once 'Zend/Mail.php'; require_once 'Zend/Mail/Transport/Smtp.php'; $mailer = new Zend_Mail_Transport_Smtp('smtp.googlemail.com', Array( 'auth' => 'login', 'username' => 'readability@arc90.com', 'password' => '*******', 'ssl' => 'ssl', 'port' => 465, )); $mailer->EOL = "\r\n"; // gmail is fussy about this Zend_Mail::setDefaultTransport($mailer); $body = ''; $body = ''; $body = ''; $body .= '
'; $body .= '

This page was sent to you by: '.$from.'

'; $body .= '

Message from sender:

'.stripslashes($note).'

'; $body .= '

Just click this link: '.$pageTitle.'

'; $body .= '
'; $body .= '

Sent from Readability | An Arc90 lab experiment

'; $body .= '

'; $body .= ''; $mail = new Zend_Mail(); $mail->setBodyHtml($body); $mail->setFrom($from); foreach($to as $toAddress) { $mail->addTo($toAddress); } $mail->setSubject("Sent via Readability: {$pageTitle}"); try { if(!$mail->send()) { Readability::logMessage("ERROR:There was an error sending the email. [to:".implode(', ', $to).", from:{$from}, notes:{$note}, pageUrl: {$pageUrl}, pageTitle: {$pageTitle}]"); } else { $page = 'complete'; } } catch(Exception $e) { Readability::logMessage("ERROR:There was an exception sending the email. [to:".implode(', ', $to).", from:{$from}, notes:{$note}, pageUrl: {$pageUrl}, pageTitle: {$pageTitle}]"); Readability::logMessage("ERROR:".$e->getMessage()); } //header('location: close.html'); } } // end of: if method == POST elseif('get' == strtolower($_SERVER['REQUEST_METHOD'])) { $_SESSION['secureKey'] = Readability::generateSecureKey(); } class Readability { public static function isError($field, $errors) { if(in_array($field, $errors)) { return TRUE; } return FALSE; } public static function getErrorClass($field, $errors) { if(in_array($field, $errors)) { return 'class = "error"'; } return ''; } public static function getParam($param) { if(isset($_POST) && array_key_exists($param, $_POST)) { return $_POST[$param]; } elseif(isset($_COOKIE) && array_key_exists($param, $_COOKIE)) { return $_COOKIE[$param]; } return ''; } public static function logMessage($message) { $logFile = dirname(__FILE__) . '/log.txt'; $handle = @fopen($logFile, 'a'); if(is_resource($handle)) { $message = date('Y-m-d G:i:s') . ' :: ' . $message . "\n"; fwrite($handle, $message); fclose($handle); } } public static function generateSecureKey($length = 8) { $sucureKey = ""; $possible = "012*3456)789b(cdfg#hjkmn@pqrs!tvwx[yz"; for($x=0; $x < $length; $x++) { $char = substr($possible, mt_rand(0, strlen($possible)-1), 1); if (!strstr($sucureKey, $char)) { $sucureKey .= $char; } } return $sucureKey; } /** * this adds a small (very small) level of security * * @param string $testKey * @return void * @author David Hauenstein */ public static function validateSecureKey($testKey) { if(!array_key_exists('secureKey', $_SESSION)) { $_SESSION['secureKey'] = self::generateSecureKey(); return false; } else { if($testKey != $_SESSION['secureKey']) { return false; } } return true; } public static function emailAsLinks($addresses) { $toReturn = ''; foreach($addresses as $address) { $toReturn .= '' . $address . ', '; } return substr($toReturn, 0, strlen($toReturn)-2); } public static function hasValidParams() { $requiredParams = array('from', 'to', 'note', 'key', 'pageTitle', 'pageUrl'); $sentParams = array_keys($_POST); foreach($requiredParams as $required) { if(!in_array($required, $sentParams)) { return false; } } return true; } } ?> xml version="1.0" encoding="utf-8" ?> Readability

Email Page

/>

This field should be a valid email address.

/>

Please ensure that all addresses are valid email adderesses.

Seperate multiple recipients with commas.

Thanks for using Readability!

A link to this page has been sent to