X-Git-Url: http://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fspecials%2FSpecialEmailuser.php;h=7c3d5c1e383e206c0f7578457362942c83c59223;hb=958d82a003cad733b164c48f1401dc0f9439c89a;hp=8fc900c05f64cbe5ebee72a6ed820e322064b2c6;hpb=486dd110bfb4d8f06b2b268631d89e58a00c72b8;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/specials/SpecialEmailuser.php b/includes/specials/SpecialEmailuser.php index 8fc900c05f..7c3d5c1e38 100644 --- a/includes/specials/SpecialEmailuser.php +++ b/includes/specials/SpecialEmailuser.php @@ -1,285 +1,302 @@ getVal( 'action' ); - $target = isset($par) ? $par : $wgRequest->getVal( 'target' ); - $targetUser = EmailUserForm::validateEmailTarget( $target ); +class SpecialEmailUser extends UnlistedSpecialPage { + protected $mTarget; - if ( !( $targetUser instanceof User ) ) { - $wgOut->showErrorPage( $targetUser[0], $targetUser[1] ); - return; + public function __construct(){ + parent::__construct( 'Emailuser' ); } - $form = new EmailUserForm( $targetUser, - $wgRequest->getText( 'wpText' ), - $wgRequest->getText( 'wpSubject' ), - $wgRequest->getBool( 'wpCCMe' ) ); - if ( $action == 'success' ) { - $form->showSuccess(); - return; + protected function getFormFields(){ + global $wgUser; + return array( + 'From' => array( + 'type' => 'info', + 'raw' => 1, + 'default' => $wgUser->getSkin()->link( + $wgUser->getUserPage(), + htmlspecialchars( $wgUser->getName() ) + ), + 'label-message' => 'emailfrom', + 'id' => 'mw-emailuser-sender', + ), + 'To' => array( + 'type' => 'info', + 'raw' => 1, + 'default' => $wgUser->getSkin()->link( + $this->mTargetObj->getUserPage(), + htmlspecialchars( $this->mTargetObj->getName() ) + ), + 'label-message' => 'emailto', + 'id' => 'mw-emailuser-recipient', + ), + 'Target' => array( + 'type' => 'hidden', + 'default' => $this->mTargetObj->getName(), + ), + 'Subject' => array( + 'type' => 'text', + 'default' => wfMsgExt( 'defemailsubject', array( 'content', 'parsemag' ) ), + 'label-message' => 'emailsubject', + 'maxlength' => 200, + 'size' => 60, + 'required' => 1, + ), + 'Text' => array( + 'type' => 'textarea', + 'rows' => 20, + 'cols' => 80, + 'label-message' => 'emailmessage', + 'required' => 1, + ), + 'CCMe' => array( + 'type' => 'check', + 'label-message' => 'emailccme', + 'default' => $wgUser->getBoolOption( 'ccmeonemails' ), + ), + ); } - - $error = EmailUserForm::getPermissionsError( $wgUser, $wgRequest->getVal( 'wpEditToken' ) ); - if ( $error ) { - switch ( $error[0] ) { + + public function execute( $par ) { + global $wgRequest, $wgOut, $wgUser; + + $this->setHeaders(); + $this->outputHeader(); + + $this->mTarget = is_null( $par ) + ? $wgRequest->getVal( 'wpTarget', '' ) + : $par; + + $ret = self::getTarget( $this->mTarget ); + if( $ret instanceof User ){ + $this->mTargetObj = $ret; + } else { + $wgOut->showErrorPage( "{$ret}title", "{$ret}text" ); + return false; + } + + $error = self::getPermissionsError( $wgUser, $wgRequest->getVal( 'wpEditToken' ) ); + switch ( $error ) { + case null: + # Wahey! + break; + case 'badaccess': + $wgOut->permissionRequired( 'sendemail' ); + return; case 'blockedemailuser': $wgOut->blockedPage(); return; case 'actionthrottledtext': $wgOut->rateLimited(); return; - case 'sessionfailure': - $form->showForm(); + case 'mailnologin': + case 'usermaildisabled': + $wgOut->showErrorPage( $error, "{$error}text" ); return; default: - $wgOut->showErrorPage( $error[0], $error[1] ); + # It's a hook error + list( $title, $msg, $params ) = $error; + $wgOut->showErrorPage( $title, $msg, $params ); return; } - } - - if ( "submit" == $action && $wgRequest->wasPosted() ) { - $result = $form->doSubmit(); + $form = new HTMLForm( $this->getFormFields() ); + $form->addPreText( wfMsgExt( 'emailpagetext', 'parseinline' ) ); + $form->setSubmitText( wfMsg( 'emailsend' ) ); + $form->setTitle( $this->getTitle() ); + $form->setSubmitCallback( array( __CLASS__, 'submit' ) ); + $form->setWrapperLegend( wfMsgExt( 'email-legend', 'parsemag' ) ); + $form->loadData(); - if ( !is_null( $result ) ) { - $wgOut->addHTML( wfMsg( "usermailererror" ) . - ' ' . htmlspecialchars( $result->getMessage() ) ); - } else { - $titleObj = SpecialPage::getTitleFor( "Emailuser" ); - $encTarget = wfUrlencode( $form->getTarget()->getName() ); - $wgOut->redirect( $titleObj->getFullURL( "target={$encTarget}&action=success" ) ); + if( !wfRunHooks( 'EmailUserForm', array( &$form ) ) ){ + return false; + } + + $wgOut->setPagetitle( wfMsg( 'emailpage' ) ); + $result = $form->show(); + + if( $result === true || ( $result instanceof Status && $result->isGood() ) ){ + $wgOut->setPagetitle( wfMsg( 'emailsent' ) ); + $wgOut->addWikiMsg( 'emailsenttext' ); + $wgOut->returnToMain( false, $this->mTargetObj->getUserPage() ); } - } else { - $form->showForm(); } -} - -/** - * Implements the Special:Emailuser web interface, and invokes userMailer for sending the email message. - * @ingroup SpecialPage - */ -class EmailUserForm { - - var $target; - var $text, $subject; - var $cc_me; // Whether user requested to be sent a separate copy of their email. /** - * @param User $target + * Validate target User + * + * @param $target String: target user name + * @return User object on success or a string on error */ - function EmailUserForm( $target, $text, $subject, $cc_me ) { - $this->target = $target; - $this->text = $text; - $this->subject = $subject; - $this->cc_me = $cc_me; - } - - function showForm() { - global $wgOut, $wgUser; - $skin = $wgUser->getSkin(); + public static function getTarget( $target ) { + if ( $target == '' ) { + wfDebug( "Target is empty.\n" ); + return 'notarget'; + } + + $nu = User::newFromName( $target ); + if( !$nu instanceof User || !$nu->getId() ) { + wfDebug( "Target is invalid user.\n" ); + return 'notarget'; + } else if ( !$nu->isEmailConfirmed() ) { + wfDebug( "User has no valid email.\n" ); + return 'noemail'; + } else if ( !$nu->canReceiveEmail() ) { + wfDebug( "User does not allow user emails.\n" ); + return 'nowikiemail'; + } - $wgOut->setPagetitle( wfMsg( "emailpage" ) ); - $wgOut->addWikiMsg( "emailpagetext" ); + return $nu; + } - if ( $this->subject === "" ) { - $this->subject = wfMsgForContent( "defemailsubject" ); + /** + * Check whether a user is allowed to send email + * + * @param $user User object + * @param $editToken String: edit token + * @return null on success or string on error + */ + public static function getPermissionsError( $user, $editToken ) { + global $wgEnableEmail, $wgEnableUserEmail; + if( !$wgEnableEmail || !$wgEnableUserEmail ){ + return 'usermaildisabled'; + } + + if( !$user->isAllowed( 'sendemail' ) ) { + return 'badaccess'; + } + + if( !$user->isEmailConfirmed() ){ + return 'mailnologin'; } - $emf = wfMsg( "emailfrom" ); - $senderLink = $skin->makeLinkObj( - $wgUser->getUserPage(), htmlspecialchars( $wgUser->getName() ) ); - $emt = wfMsg( "emailto" ); - $recipientLink = $skin->makeLinkObj( - $this->target->getUserPage(), htmlspecialchars( $this->target->getName() ) ); - $emr = wfMsg( "emailsubject" ); - $emm = wfMsg( "emailmessage" ); - $ems = wfMsg( "emailsend" ); - $emc = wfMsg( "emailccme" ); - $encSubject = htmlspecialchars( $this->subject ); + if( $user->isBlockedFromEmailuser() ) { + wfDebug( "User is blocked from sending e-mail.\n" ); + return "blockedemailuser"; + } - $titleObj = SpecialPage::getTitleFor( "Emailuser" ); - $action = $titleObj->escapeLocalURL( "target=" . - urlencode( $this->target->getName() ) . "&action=submit" ); - $token = htmlspecialchars( $wgUser->editToken() ); + if( $user->pingLimiter( 'emailuser' ) ) { + wfDebug( "Ping limiter triggered.\n" ); + return 'actionthrottledtext'; + } - $wgOut->addHTML( " -
- - - - - - - - - - -
{$emf}:{$senderLink}
{$emt}:{$recipientLink}
{$emr}: - -
-
- -" . wfCheckLabel( $emc, 'wpCCMe', 'wpCCMe', $wgUser->getBoolOption( 'ccmeonemails' ) ) . "
- - -
\n" ); + $hookErr = false; + wfRunHooks( 'UserCanSendEmail', array( &$user, &$hookErr ) ); + wfRunHooks( 'EmailUserPermissionsErrors', array( $user, $editToken, &$hookErr ) ); + if ( $hookErr ) { + return $hookErr; + } + return null; } - /* - * Really send a mail. Permissions should have been checked using - * EmailUserForm::getPermissionsError. It is probably also a good idea to - * check the edit token and ping limiter in advance. + /** + * Really send a mail. Permissions should have been checked using + * getPermissionsError(). It is probably also a good + * idea to check the edit token and ping limiter in advance. + * + * @return Mixed: True on success, String on error */ - function doSubmit() { - global $wgUser, $wgUserEmailUseReplyTo, $wgSiteName; + public static function submit( $data ) { + global $wgUser, $wgUserEmailUseReplyTo; - $to = new MailAddress( $this->target ); + $target = self::getTarget( $data['Target'] ); + if( !$target instanceof User ){ + return wfMsgExt( $target . 'text', 'parse' ); + } + $to = new MailAddress( $target ); $from = new MailAddress( $wgUser ); - $subject = $this->subject; - - // Add a standard footer - $this->text = $this->text . "\n ---- \n" . wfMsgForContent( 'emailuserfooter', array( $from->name, $to->name ) ); - - if( wfRunHooks( 'EmailUser', array( &$to, &$from, &$subject, &$this->text ) ) ) { - - if( $wgUserEmailUseReplyTo ) { - // Put the generic wiki autogenerated address in the From: - // header and reserve the user for Reply-To. - // - // This is a bit ugly, but will serve to differentiate - // wiki-borne mails from direct mails and protects against - // SPF and bounce problems with some mailers (see below). - global $wgPasswordSender; - $mailFrom = new MailAddress( $wgPasswordSender ); - $replyTo = $from; - } else { - // Put the sending user's e-mail address in the From: header. - // - // This is clean-looking and convenient, but has issues. - // One is that it doesn't as clearly differentiate the wiki mail - // from "directly" sent mails. - // - // Another is that some mailers (like sSMTP) will use the From - // address as the envelope sender as well. For open sites this - // can cause mails to be flunked for SPF violations (since the - // wiki server isn't an authorized sender for various users' - // domains) as well as creating a privacy issue as bounces - // containing the recipient's e-mail address may get sent to - // the sending user. - $mailFrom = $from; - $replyTo = null; - } - - $mailResult = UserMailer::send( $to, $mailFrom, $subject, $this->text, $replyTo ); + $subject = $data['Subject']; + $text = $data['Text']; - if( WikiError::isError( $mailResult ) ) { - return $mailResult; - - } else { + // Add a standard footer and trim up trailing newlines + $text = rtrim( $text ) . "\n\n-- \n"; + $text .= wfMsgExt( + 'emailuserfooter', + array( 'content', 'parsemag' ), + array( $from->name, $to->name ) + ); - // if the user requested a copy of this mail, do this now, - // unless they are emailing themselves, in which case one copy of the message is sufficient. - if ($this->cc_me && $to != $from) { - $cc_subject = wfMsg('emailccsubject', $this->target->getName(), $subject); - if( wfRunHooks( 'EmailUser', array( &$from, &$from, &$cc_subject, &$this->text ) ) ) { - $ccResult = UserMailer::send( $from, $from, $cc_subject, $this->text ); - if( WikiError::isError( $ccResult ) ) { - // At this stage, the user's CC mail has failed, but their - // original mail has succeeded. It's unlikely, but still, what to do? - // We can either show them an error, or we can say everything was fine, - // or we can say we sort of failed AND sort of succeeded. Of these options, - // simply saying there was an error is probably best. - return $ccResult; - } - } - } - - wfRunHooks( 'EmailUserComplete', array( $to, $from, $subject, $this->text ) ); - return; - } + $error = ''; + if( !wfRunHooks( 'EmailUser', array( &$to, &$from, &$subject, &$text, &$error ) ) ) { + return $error; } - } - - function showSuccess( &$user = null ) { - global $wgOut; - if ( is_null($user) ) - $user = $this->target; + if( $wgUserEmailUseReplyTo ) { + // Put the generic wiki autogenerated address in the From: + // header and reserve the user for Reply-To. + // + // This is a bit ugly, but will serve to differentiate + // wiki-borne mails from direct mails and protects against + // SPF and bounce problems with some mailers (see below). + global $wgPasswordSender, $wgPasswordSenderName; + $mailFrom = new MailAddress( $wgPasswordSender, $wgPasswordSenderName ); + $replyTo = $from; + } else { + // Put the sending user's e-mail address in the From: header. + // + // This is clean-looking and convenient, but has issues. + // One is that it doesn't as clearly differentiate the wiki mail + // from "directly" sent mails. + // + // Another is that some mailers (like sSMTP) will use the From + // address as the envelope sender as well. For open sites this + // can cause mails to be flunked for SPF violations (since the + // wiki server isn't an authorized sender for various users' + // domains) as well as creating a privacy issue as bounces + // containing the recipient's e-mail address may get sent to + // the sending user. + $mailFrom = $from; + $replyTo = null; + } - $wgOut->setPagetitle( wfMsg( "emailsent" ) ); - $wgOut->addHTML( wfMsg( "emailsenttext" ) ); + $status = UserMailer::send( $to, $mailFrom, $subject, $text, $replyTo ); - $wgOut->returnToMain( false, $user->getUserPage() ); - } - - function getTarget() { - return $this->target; - } - - static function validateEmailTarget ( $target ) { - global $wgEnableEmail, $wgEnableUserEmail; + if( !$status->isGood() ) { + return $status; + } else { + // if the user requested a copy of this mail, do this now, + // unless they are emailing themselves, in which case one + // copy of the message is sufficient. + if ( $data['CCMe'] && $to != $from ) { + $cc_subject = wfMsg( + 'emailccsubject', + $target->getName(), + $subject + ); + wfRunHooks( 'EmailUserCC', array( &$from, &$from, &$cc_subject, &$text ) ); + $ccStatus = UserMailer::send( $from, $from, $cc_subject, $text ); + $status->merge( $ccStatus ); + } - if( !( $wgEnableEmail && $wgEnableUserEmail ) ) - return array( "nosuchspecialpage", "nospecialpagetext" ); - - if ( "" == $target ) { - wfDebug( "Target is empty.\n" ); - return array( "notargettitle", "notargettext" ); - } - - $nt = Title::newFromURL( $target ); - if ( is_null( $nt ) ) { - wfDebug( "Target is invalid title.\n" ); - return array( "notargettitle", "notargettext" ); + wfRunHooks( 'EmailUserComplete', array( $to, $from, $subject, $text ) ); + return $status; } - - $nu = User::newFromName( $nt->getText() ); - if( is_null( $nu ) || !$nu->canReceiveEmail() ) { - wfDebug( "Target is invalid user or can't receive.\n" ); - return array( "noemailtitle", "noemailtext" ); - } - - return $nu; - } - static function getPermissionsError ( $user, $editToken ) { - if( !$user->canSendEmail() ) { - wfDebug( "User can't send.\n" ); - return array( "mailnologin", "mailnologintext" ); - } - - if( $user->isBlockedFromEmailuser() ) { - wfDebug( "User is blocked from sending e-mail.\n" ); - return array( "blockedemailuser", "" ); - } - - if( $user->pingLimiter( 'emailuser' ) ) { - wfDebug( "Ping limiter triggered.\n" ); - return array( 'actionthrottledtext', '' ); - } - - if( !$user->matchEditToken( $editToken ) ) { - wfDebug( "Matching edit token failed.\n" ); - return array( 'sessionfailure', '' ); - } - - return; - } - - static function newFromURL( $target, $text, $subject, $cc_me ) - { - $nt = Title::newFromURL( $target ); - $nu = User::newFromName( $nt->getText() ); - return new EmailUserForm( $nu, $text, $subject, $cc_me ); } }