- SQL_FREERESULT($result);
-
- if ($type == 'TEMP') {
- // No entry found, so we need to check out the stats table as well... :)
- // We have to add that suff here, now we continue WITHOUT checking and check the text and subject against some filters
- $url = '';
- if (getConfig('allow_url_in_text') == 'Y') {
- // Test submitted text against some filters (length, URLs in text etc.)
- if ((strpos(strtolower(postRequestParameter('text')), 'https://') > -1) || (strpos(strtolower(postRequestParameter('text')), 'http://') > -1) || (strpos(strtolower(postRequestParameter('text')), "www") > -1)) {
- // URL found!
- $url = 'modules.php?module=login&what=order&code=' . getCode('URL_FOUND');
- } // END - if
-
- // Remove new-line and carriage-return characters
- $TEST = str_replace("\n", '', str_replace("\r", '', postRequestParameter('text')));
-
- // Text length within allowed length?
- if (strlen($TEST) > getConfig('max_tlength')) {
- // Text is too long!
- $url = 'modules.php?module=login&what=order&code=' . getCode('OVERLENGTH');
- } // END - if
- } // END - if
-
- // Shall I test the subject line against URLs?
- if (getConfig('allow_url_in_subject') == 'Y') {
- // Check the subject line for issues
- setPostRequestParameter('subject', str_replace("\\", '[nl]', substr(postRequestParameter('subject'), 0, 200)));
- if ((strpos(strtolower(postRequestParameter('subject')), 'http://') > -1) || (strpos(strtolower(postRequestParameter('subject')), "www") > -1)) {
- // URL in subject found
- $url = 'modules.php?module=login&what=order&code=' . getCode('SUBJECT_URL');
- } // END - if
- } // END - if
-
- // And shall I check that his URL is not in the black list?
- if (isUrlBlacklistEnabled()) {
- // Ok, I do that for you know...
- $result = SQL_QUERY_ESC("SELECT UNIX_TIMESTAMP(`timestamp`) AS tstamp FROM `{?_MYSQL_PREFIX?}_url_blacklist` WHERE `url`='%s' LIMIT 1",
- array(postRequestParameter('url')), __FILE__, __LINE__);
-
- if (SQL_NUMROWS($result) == 1) {
- // Jupp, we got one listed
- list($blist) = SQL_FETCHROW($result);
-
- // Create redirect-URL
- $url = 'modules.php?module=login&what=order&code=' . getCode('BLIST_URL') . '&blist=' . $blist;
- } // END - if
-
- // Free result
- SQL_FREERESULT($result);
- } // END - if
-
- // Enougth receivers entered?
- if ((postRequestParameter('receiver') < getConfig('order_min')) && (!isAdmin())) {
- // Less than allowed receivers entered!
- $url = 'modules.php?module=login&what=order&code=' . getCode('MORE_RECEIVERS3');
- } // END - if
-
- // Validate URL
- if (!isUrlValid(postRequestParameter('url'))) {
- // URL is invalid!
- $url = 'modules.php?module=login&what=order&code=' . getCode('INVALID_URL');
- } // END - if
-
- // Probe for HTML extension
- if (isExtensionActive('html_mail')) {
- // HTML or regular text mail?
- if (postRequestParameter('html') == 'Y') {
- // Chek for valid HTML tags
- setPostRequestParameter('text', checkHtmlTags(postRequestParameter('text')));
-
- // Maybe invalid tags found?
- if (!isPostRequestParameterSet('text')) $url = 'modules.php?module=login&what=order&code=' . getCode('INVALID_TAGS')."&id=".$id;
- } else {
- // Remove any HTML code
- setPostRequestParameter('text', str_replace('<', '{OPEN_HTML}', str_replace('>', '{CLOSE_HTML}', postRequestParameter('text'))));
- }
- } // END - if
-
- // Is mail type set?
- if ((!isPostRequestParameterSet('mail_type')) || (postRequestParameter('mail_type') < 1)) {
- // Not correctly set
- $url = 'modules.php?module=login&what=order&code=' . getCode('NO_MAIL_TYPE');
+ sqlFreeResult($result);
+
+ if ($data['data_type'] == 'TEMP') {
+ // Prepare data for filter chain
+ $filterData = array(
+ 'url' => postRequestElement('url'),
+ 'text' => postRequestElement('text'),
+ 'subject' => postRequestElement('subject'),
+ 'receiver' => bigintval(postRequestElement('receiver')),
+ 'mail_type' => bigintval(postRequestElement('mail_type')),
+ 'html' => postRequestElement('html'),
+ 'id' => bigintval($data['id']),
+ 'redirect' => '',
+ );
+
+ // Run the filter chain
+ $filterData = runFilterChain('pre_mail_order', $filterData);
+
+ // Copy field redirect->url
+ $data['url'] = $filterData['redirect'];
+
+ // Is there an error?
+ if (empty($data['url'])) {
+ // Copy all filter data -> POST
+ foreach ($filterData as $key => $value) {
+ // Set it
+ setPostRequestElement($key, $value);
+ } // END - foreach