Search options (Page 1 of 2)

Oh, you would be surprised...   I run a forum (not punBB for a _highly_ technical software company - the kind that has people (techies) like Microsoft, Oracle, Nasa, etc as clients.  The forum sends out notification emails with:

        ******************************************************
           PLEASE DO NOT REPLY TO THIS EMAIL.
           THIS IS AN INFORMATION MESSAGE ONLY AS YOU ASKED
           TO BE INFORMED OF ANY REPLYS TO YOUR POST.
        ******************************************************

I regularly get replies from people thinking they are replying to the original author!

Your call dude... As you can see from that site, there are many regexs available - none of which are proven correct.  From a cost benefit point of view (esp since this is only used during registration or guest posts?) the minor performance difference isn't going to hurt a dot.

Then what about when someone says "I use .@foo.a which is a new alternative TLD from NewNet" are you going to decypher the regex in use to help them?

Path of least resistance....

Guess they have removed sendmail then.  Start reading up on cURL - you will be able to use curl to make a e.g. curlmail() function which creates a POST to your formmail.pl script to send the email.

It's a non-trivial task - not impossible, but beyond the scope and time I have available here.  Good luck.

Just put it in it's own php file and run it - it is a test to see if we can make PHP send an email.

Email changed.

Hmm, ok - this might work:

$email = <<<EOMAIL
From: ludo <ludo at free d0t fr>
To: ludo <ludo at free d0t fr>
Subject: Test

testing

EOMAIL;
$fh = popen('/usr/sbin/sendmail -t -i', 'w');
fwrite($fh, $email);
fclose($fh);

If this works, then there is your method for sending emails...

Oh dear!  Well this certainly puts the cat among the pigeons....

This probably isn't going to help, but it shows that the local machine runs postfix and that the form2mail.pl injects directly to this.  The machine is not running (or listening) on the SMTP port, so you can't use the SMTP method.

First thing to try: Do you have shell access?  If so, look up some documentation on postfix and find out what program controls the injection of email from the shell.  Even if you don't have shell access, find this out anyway.  Then you're going to have to do some hacking of email.php.  If you aren't good with PHP, then I'd give up now, because this involves a popen() to open a handle to the injection program and then fwrite() to manually enter the email including headers.

The second option, is another hack job   It involves reading up on cURL www.php.net/curl and having PHP generate a POST call to your formmail.pl url to send the email.

Good luck.

Ok, I there's several different issues at play here, so lets eliminate the red herrings and focus on the problem.

When you try to use SMTP - it doesn't connect.
When you try to use the local mailer it has the wrong email address.

So first, lets ignore the SMTP method.

So, using the local mailer, punBB injects the email via PHPs mail() function via its own pun_mail() wrapper function in includes.email.php

Depending on your PHP install *AND* the mail injection program that is used this MAY result in the SMTP envelope address using the From: address you specify - otherwise it MAY end up as the user@host that the webserver runs as - regardless of any admin options you set in punBB.

So, the question now is - What emailer is running on the punBB webserver?
Also, what is the sendmail_path = line in your php.ini
Finally, can you post as sample header from an email that is delivered via this route?

Given these answers, I am sure I can point you in the right direction.

Paul.

[addition] Rickard: you might like to change the email.php from:
function pun_mail($to, $subject, $message, $from = '')
to
function pun_mail($to, $subject, $message, $from = '', $extra='')

and the call from:
mail($to, $subject, $message, $headers);
to
mail($to, $subject, $message, $headers, $extra);

to prepare the code to be able to pass "-f [adminemail]" in the extra arg for some webservers.

Other MTAs such as QMAIL, you have to use: (iirc)
putenv('QMAILSUSER=sendername');
putenv('QMAILSHOST=senderhost');
before you call the mail();

Mmmm, oh dear Rickard - using variables without declaring them ;-)

Anyway, I looked in my code - which I thought was 1.1.4 but it is totally different!

while (($entry = $d->read()) !== false)
                {
                        if (substr($entry, strlen($entry)-4) == '.css')
                                $styles[] = substr($entry, 0, strlen($entry)-4);
                }

Now I appreciate that the {} are redundant and the css check in this is better than the one rADo posted (more correct) - but why are they different?

My last point (which was why I started a followup in the first place is that you can use if(substr($entry, -4) == '.css') and substr($entry,0,-4) here and save a couple of strlen() calls.

Or, in all img conversions append a ?image (or &image if the url aready has a ?) to the url. Then in the logout/login script:

if (isset($_GET['image'])) { // some lamer created a logout link in an image

Hi Crissipos,

I found the same thing - see my post at http://punbb.org/forums/viewtopic.php?id=3818&p=2 where you'll find a fix to add to line 266.  Basically you want to add a "ORDER BY posted" to the SQL so that you get the first post in the thread.

Hope this helps.

Paul.

1) Add a list of _permitted_ image file types, jpg/jpeg/gif/png/etc
   then in the post submission look for [ img ] tags that don't match up.

2) Check it during the bbcode->html conversion - though I think 1 is better since it is done once rather than every time a post is viewed.

3) More specific - check the img url for login.php and deny it (assuming login.php is the only place action=out can work).

I'd rather not have a blanket ban on images sent from a .php page since I've several graph generation scripts that use such urls.