X-Git-Url: http://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2FSpecialEmailuser.php;h=2e667d5e5eb4c9f8a36d0a270f614c75cac144bb;hb=d194296a6a0ffd28fdd2387139c6070a3763bb19;hp=860d25b7f43e5b2664ad9099e9f550cf56d6dcea;hpb=798270581d38271fa87b2744fa157f77f2d2db80;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/SpecialEmailuser.php b/includes/SpecialEmailuser.php
index 860d25b7f4..2e667d5e5e 100644
--- a/includes/SpecialEmailuser.php
+++ b/includes/SpecialEmailuser.php
@@ -18,48 +18,45 @@ function wfSpecialEmailuser( $par ) {
 		return;
 	}
 	
-	if ( 0 == $wgUser->getID() ||
-		( !$wgUser->isValidEmailAddr( $wgUser->getEmail() ) ) ) {
+	if( !$wgUser->canSendEmail() ) {
+		wfDebug( "User can't send.\n" );
 		$wgOut->errorpage( "mailnologin", "mailnologintext" );
 		return;
 	}
 	
 	$action = $wgRequest->getVal( 'action' );
-	if( empty( $par ) ) {
-		$target = $wgRequest->getVal( 'target' );
-	} else {
-		$target = $par;
-	}
+	$target = isset($par) ? $par : $wgRequest->getVal( 'target' );
 	if ( "" == $target ) {
+		wfDebug( "Target is empty.\n" );
 		$wgOut->errorpage( "notargettitle", "notargettext" );
 		return;
 	}
+	
 	$nt = Title::newFromURL( $target );
 	if ( is_null( $nt ) ) {
+		wfDebug( "Target is invalid title.\n" );
 		$wgOut->errorpage( "notargettitle", "notargettext" );
 		return;
 	}
+	
 	$nu = User::newFromName( $nt->getText() );
-
-	if ( 0 == $nu->getID() ) {
+	if( is_null( $nu ) || !$nu->canReceiveEmail() ) {
+		wfDebug( "Target is invalid user or can't receive.\n" );
 		$wgOut->errorpage( "noemailtitle", "noemailtext" );
 		return;
 	}
 
 	$address = $nu->getEmail();
-
-	if ( ( !$nu->isValidEmailAddr( $address ) ) ||
-	     ( 1 == $nu->getOption( "disablemail" ) ) ||
-	     ( 0 == $nu->getEmailauthenticationtimestamp() ) ) {
-		$wgOut->errorpage( "noemailtitle", "noemailtext" );
-		return;
-	}
-
 	$f = new EmailUserForm( $nu->getName() . " <{$address}>", $target );
 
-	if ( "success" == $action ) { $f->showSuccess(); }
-	else if ( "submit" == $action && $wgRequest->wasPosted() ) { $f->doSubmit(); }
-	else { $f->showForm( "" ); }
+	if ( "success" == $action ) {
+		$f->showSuccess();
+	} else if ( "submit" == $action && $wgRequest->wasPosted() &&
+		$wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) {
+		$f->doSubmit();
+	} else {
+		$f->showForm();
+	}
 }
 
 /**
@@ -81,7 +78,7 @@ class EmailUserForm {
 		$this->subject = $wgRequest->getText( 'wpSubject' );
 	}
 
-	function showForm( $err ) {
+	function showForm() {
 		global $wgOut, $wgUser, $wgLang;
 
 		$wgOut->setPagetitle( wfMsg( "emailpage" ) );
@@ -101,20 +98,18 @@ class EmailUserForm {
 		$encSubject = htmlspecialchars( $this->subject );
 		
 		$titleObj = Title::makeTitle( NS_SPECIAL, "Emailuser" );
-		$action = $titleObj->escapeLocalURL( "target={$this->target}&action=submit" );
+		$action = $titleObj->escapeLocalURL( "target=" .
+			urlencode( $this->target ) . "&action=submit" );
+		$token = $wgUser->editToken();
 
-		if ( "" != $err ) {
-			$wgOut->setSubtitle( wfMsg( "formerror" ) );
-			$wgOut->addHTML( "<p><font color='red' size='+1'>{$err}</font></p>\n" );
-		}
 		$wgOut->addHTML( "
 <form id=\"emailuser\" method=\"post\" action=\"{$action}\">
 <table border='0'><tr>
 <td align='right'>{$emf}:</td>
-<td align='left'><strong>{$sender}</strong></td>
+<td align='left'><strong>" . htmlspecialchars( $sender ) . "</strong></td>
 </tr><tr>
 <td align='right'>{$emt}:</td>
-<td align='left'><strong>{$rcpt}</strong></td>
+<td align='left'><strong>" . htmlspecialchars( $rcpt ) . "</strong></td>
 </tr><tr>
 <td align='right'>{$emr}:</td>
 <td align='left'>
@@ -129,6 +124,7 @@ class EmailUserForm {
 <td>&nbsp;</td><td align='left'>
 <input type='submit' name=\"wpSend\" value=\"{$ems}\" />
 </td></tr></table>
+<input type='hidden' name='wpEditToken' value=\"$token\" />
 </form>\n" );
 
 	}
@@ -139,17 +135,17 @@ class EmailUserForm {
 		$from = wfQuotedPrintable( $wgUser->getName() ) . " <" . $wgUser->getEmail() . ">";
 		$subject = wfQuotedPrintable( $this->subject );
 		
-		if (wfRunHooks('EmailUser', $this->mAddress, $from, $subject, $this->text)) {
+		if (wfRunHooks('EmailUser', array(&$this->mAddress, &$from, &$subject, &$this->text))) {
 			
 			$mailResult = userMailer( $this->mAddress, $from, $subject, $this->text );
 			
-			if (!$mailResult) {
+			if( WikiError::isError( $mailResult ) ) {
+				$wgOut->addHTML( wfMsg( "usermailererror" ) . $mailResult);
+			} else {
 				$titleObj = Title::makeTitle( NS_SPECIAL, "Emailuser" );
 				$encTarget = wfUrlencode( $this->target );
 				$wgOut->redirect( $titleObj->getFullURL( "target={$encTarget}&action=success" ) );
-				wfRunHooks('EmailUserComplete', $this->mAddress, $from, $subject, $this->text);
-			} else {
-			  $wgOut->addHTML( wfMsg( "usermailererror" ) . $mailResult);
+				wfRunHooks('EmailUserComplete', array($this->mAddress, $from, $subject, $this->text));
 			}
 		}
 	}

{$emf}:	{$sender}	" . htmlspecialchars( $sender ) . "
{$emt}:	{$rcpt}	" . htmlspecialchars( $rcpt ) . "
{$emr}:	@@ -129,6 +124,7 @@ class EmailUserForm {