I have a question, which frankly disturbs me to have to ask at all.
Is there any possible way to track/view the contents of member-to-member pm's or mail sent from my archive?
As explaination, I have had more than one member tell me that a particular few members have been using the archive's contact function to harass and/or flame them, much in the manner of the infamous Literal Union of Fanfiction.net, but as they have not done so in reviews, I am honestly at a loss as to how I would obtain absolute proof outside of copy/pasted reports by the presumed victims.
I would most likely use the archive's own records (if they exist and are accessable) to confront these individuals myself, and then present the aforementioned harassing/flaming messages to my host for banning via IP.
I would never have imagined that someone would do such a thing, but I simply cannot tolerate it even on this small scale.
Any assistance you could provide would be greatly appreciated.
No, there's no record kept by the script of e-mails sent using the contact form. I guess that's one more thing to be logged in v4.
Thank you for your reply.
I am currently talking to my host to see if there's an internal mail feature to address this, such as having all mailings bcc/cc to my meperate mail account, but we've his a few snags on his end, so..
But yes, that would be an extremely useful feature to have, set as on/off-able, of course.
If you can think of any other soloutions, please don't hesitate to reply back, I'll check back semi-regularly.
It'll be logging on or off. No individual settings for what gets logged. There would be WAY too many.
There is a submissions queue mod somewhere in the mods board which sends the acceptance/rejection letters to an email of your choice. That might be good to check out to see if it can be added other places.
My host had addressed a valid option, of possibly removing the "your email" option from the contact form and replacing it with my host maill addy, which is already the archive's admin mail. I'm about to look and see if anyone here's done that before.
Okay a couple options:
1. To disable the ability for visitors to contact site members, delete the hidden contact panel from the profile options. Go to Admin->Panels. Select "P" and then delete the "Contact" panel. That would also remove the option for you to e-mail members.
2. Open user/contact.php and change:
if(!$uid) $output .= write_error(_ERROR);
to
if(!$uid) $output .= write_error(_ERROR);
else if(!isADMIN) $output .= write_error("We're sorry. Due to abuse, this feature has been disabled.");
That will make it so only admins can use the contact form. Everyone else will just get the message that this feature has been disabled.
3.Edit user/contact.php to send yourself a copy of the e-mail as well.
Change:
include_once(_BASEDIR."includes/emailer.php");
if(!$email) $output .= write_error(_ERROR);
else $result = sendemail($penname, $email, $_POST['email'], $_POST['email'], descript(strip_tags($_POST['subject'])), descript($_POST['comments'])."<br /><br />".(isMEMBER ? sprintf(_SITESIG2, "<a href="'".$url."/viewuser.php?uid=".USERUID."'>".USERPENNAME."</a>")" : _SITESIG), "html");
if($result) $output .= write_message(_ACTIONSUCCESSFUL);
else $output .= write_error(_ERROR);
to
include_once(_BASEDIR."includes/emailer.php");
if(!$email) $output .= write_error(_ERROR);
else $result = sendemail($penname, $email, $_POST['email'], $_POST['email'], descript(strip_tags($_POST['subject'])), descript($_POST['comments'])."<br /><br />".(isMEMBER ? sprintf(_SITESIG2, "<a href="'".$url."/viewuser.php?uid=".USERUID."'>".USERPENNAME."</a>")" : _SITESIG), "html");
if($result) $output .= write_message(_ACTIONSUCCESSFUL);
else $output .= write_error(_ERROR);
sendemail($sitename, $siteemail, $_POST['email'], $_POST['email'], descript(strip_tags($_POST['subject'])), descript($_POST['comments'])."<br /><br />".(isMEMBER ? sprintf(_SITESIG2, "<a href="'".$url."/viewuser.php?uid=".USERUID."'>".USERPENNAME."</a>")" : _SITESIG), "html");
4. Add a log to the contact form. Edit as before except add the change it as follows:
include_once(_BASEDIR."includes/emailer.php");
if(!$email) $output .= write_error(_ERROR);
else $result = sendemail($penname, $email, $_POST['email'], $_POST['email'], descript(strip_tags($_POST['subject'])), descript($_POST['comments'])."<br /><br />".(isMEMBER ? sprintf(_SITESIG2, "<a href="'".$url."/viewuser.php?uid=".USERUID."'>".USERPENNAME."</a>")" : _SITESIG), "html");
if($result) $output .= write_message(_ACTIONSUCCESSFUL);
else $output .= write_error(_ERROR);
dbquery("INSERT INTO ".TABLEPREFIX."fanfiction_log (`log_action`, `log_uid`, `log_ip`, `log_type`) VALUES('".
escapestring(USERPENNAME." ( ".USERUID.") with the e-mail ".$_POST['email']." sent the following message to $penname: ".$_POST['subject']." -- ".descript($_POST['comments']))."', '".USERUID."', INET_ATON('".$_SERVER['REMOTE_ADDR']."'), 'CU')");
WARNING None of these options are tested! I don't have time. You may find you'll need to do some debugging.
#4 option didn't work at all, or at least i got no mail to myself when i sent an author mail to a test account i have access to.
#3 seems to have done the trick, as i got a copy of the test message in my server's mailbox with the text included. Thank you so very much for your help!
#4 isn't supposed to send you an email. It's suipposed to add an entry to the site's log. You can access it at Admin-> Action Log.
