dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Revert r24105, r24106, r24107 'security fix' forbidden text/css and text/javascript...
[lhc/web/wiklou.git] / includes / UserMailer.php
1 <?php
2 /**
3 * UserMailer.php
4 * Copyright (C) 2004 Thomas Gries <mail@tgries.de>
5 * http://www.mediawiki.org/
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; if not, write to the Free Software Foundation, Inc.,
19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 * http://www.gnu.org/copyleft/gpl.html
21 *
22 * @author <brion@pobox.com>
23 * @author <mail@tgries.de>
24 *
25 */
26
27 /**
28 * Converts a string into a valid RFC 822 "phrase", such as is used for the sender name
29 */
30 function wfRFC822Phrase( $phrase ) {
31 $phrase = strtr( $phrase, array( "\r" => '', "\n" => '', '"' => '' ) );
32 return '"' . $phrase . '"';
33 }
34
35 /**
36 * Stores a single person's name and email address.
37 * These are passed in via the constructor, and will be returned in SMTP
38 * header format when requested.
39 */
40 class MailAddress {
41 /**
42 * @param mixed $address String with an email address, or a User object
43 * @param string $name Human-readable name if a string address is given
44 */
45 function __construct( $address, $name=null ) {
46 if( is_object( $address ) && $address instanceof User ) {
47 $this->address = $address->getEmail();
48 $this->name = $address->getName();
49 } else {
50 $this->address = strval( $address );
51 $this->name = strval( $name );
52 }
53 }
54
55 /**
56 * Return formatted and quoted address to insert into SMTP headers
57 * @return string
58 */
59 function toString() {
60 # PHP's mail() implementation under Windows is somewhat shite, and
61 # can't handle "Joe Bloggs <joe@bloggs.com>" format email addresses,
62 # so don't bother generating them
63 if( $this->name != '' && !wfIsWindows() ) {
64 $quoted = wfQuotedPrintable( $this->name );
65 if( strpos( $quoted, '.' ) !== false ) {
66 $quoted = '"' . $quoted . '"';
67 }
68 return "$quoted <{$this->address}>";
69 } else {
70 return $this->address;
71 }
72 }
73 }
74
75 function send_mail($mailer, $dest, $headers, $body)
76 {
77 $mailResult =& $mailer->send($dest, $headers, $body);
78
79 # Based on the result return an error string,
80 if ($mailResult === true) {
81 return '';
82 } elseif (is_object($mailResult)) {
83 wfDebug( "PEAR::Mail failed: " . $mailResult->getMessage() . "\n" );
84 return $mailResult->getMessage();
85 } else {
86 wfDebug( "PEAR::Mail failed, unknown error result\n" );
87 return 'Mail object return unknown error.';
88 }
89 }
90
91 /**
92 * This function will perform a direct (authenticated) login to
93 * a SMTP Server to use for mail relaying if 'wgSMTP' specifies an
94 * array of parameters. It requires PEAR:Mail to do that.
95 * Otherwise it just uses the standard PHP 'mail' function.
96 *
97 * @param $to MailAddress: recipient's email
98 * @param $from MailAddress: sender's email
99 * @param $subject String: email's subject.
100 * @param $body String: email's text.
101 * @param $replyto String: optional reply-to email (default: null).
102 */
103 function userMailer( $to, $from, $subject, $body, $replyto=null ) {
104 global $wgSMTP, $wgOutputEncoding, $wgErrorString, $wgEnotifImpersonal;
105 global $wgEnotifMaxRecips;
106
107 if (is_array( $wgSMTP )) {
108 require_once( 'Mail.php' );
109
110 $msgid = str_replace(" ", "_", microtime());
111 if (function_exists('posix_getpid'))
112 $msgid .= '.' . posix_getpid();
113
114 if (is_array($to)) {
115 $dest = array();
116 foreach ($to as $u)
117 $dest[] = $u->address;
118 } else
119 $dest = $to->address;
120
121 $headers['From'] = $from->toString();
122
123 if ($wgEnotifImpersonal)
124 $headers['To'] = 'undisclosed-recipients:;';
125 else
126 $headers['To'] = $to->toString();
127
128 if ( $replyto ) {
129 $headers['Reply-To'] = $replyto->toString();
130 }
131 $headers['Subject'] = wfQuotedPrintable( $subject );
132 $headers['Date'] = date( 'r' );
133 $headers['MIME-Version'] = '1.0';
134 $headers['Content-type'] = 'text/plain; charset='.$wgOutputEncoding;
135 $headers['Content-transfer-encoding'] = '8bit';
136 $headers['Message-ID'] = "<$msgid@" . $wgSMTP['IDHost'] . '>'; // FIXME
137 $headers['X-Mailer'] = 'MediaWiki mailer';
138
139 // Create the mail object using the Mail::factory method
140 $mail_object =& Mail::factory('smtp', $wgSMTP);
141 if( PEAR::isError( $mail_object ) ) {
142 wfDebug( "PEAR::Mail factory failed: " . $mail_object->getMessage() . "\n" );
143 return $mail_object->getMessage();
144 }
145
146 wfDebug( "Sending mail via PEAR::Mail to $dest\n" );
147 if (is_array($dest)) {
148 $chunks = array_chunk($dest, $wgEnotifMaxRecips);
149 foreach ($chunks as $chunk) {
150 $e = send_mail($mail_object, $chunk, $headers, $body);
151 if ($e != '')
152 return $e;
153 }
154 } else
155 return $mail_object->send($dest, $headers, $body);
156
157 } else {
158 # In the following $headers = expression we removed "Reply-To: {$from}\r\n" , because it is treated differently
159 # (fifth parameter of the PHP mail function, see some lines below)
160
161 # Line endings need to be different on Unix and Windows due to
162 # the bug described at http://trac.wordpress.org/ticket/2603
163 if ( wfIsWindows() ) {
164 $body = str_replace( "\n", "\r\n", $body );
165 $endl = "\r\n";
166 } else {
167 $endl = "\n";
168 }
169 $headers =
170 "MIME-Version: 1.0$endl" .
171 "Content-type: text/plain; charset={$wgOutputEncoding}$endl" .
172 "Content-Transfer-Encoding: 8bit$endl" .
173 "X-Mailer: MediaWiki mailer$endl".
174 'From: ' . $from->toString();
175 if ($replyto) {
176 $headers .= "{$endl}Reply-To: " . $replyto->toString();
177 }
178
179 $wgErrorString = '';
180 set_error_handler( 'mailErrorHandler' );
181 wfDebug( "Sending mail via internal mail() function\n" );
182
183 if (function_exists('mail'))
184 if (is_array($to))
185 foreach ($to as $recip)
186 $sent = mail( $recip->toString(), wfQuotedPrintable( $subject ), $body, $headers );
187 else
188 $sent = mail( $to->toString(), wfQuotedPrintable( $subject ), $body, $headers );
189 else
190 $wgErrorString = 'PHP is not configured to send mail';
191
192
193 restore_error_handler();
194
195 if ( $wgErrorString ) {
196 wfDebug( "Error sending mail: $wgErrorString\n" );
197 return $wgErrorString;
198 } elseif (! $sent) {
199 //mail function only tells if there's an error
200 wfDebug( "Error sending mail\n" );
201 return 'mailer error';
202 } else {
203 return '';
204 }
205 }
206 }
207
208
209
210 /**
211 * Get the mail error message in global $wgErrorString
212 *
213 * @param $code Integer: error number
214 * @param $string String: error message
215 */
216 function mailErrorHandler( $code, $string ) {
217 global $wgErrorString;
218 $wgErrorString = preg_replace( '/^mail\(\)(\s*\[.*?\])?: /', '', $string );
219 }
220
221
222 /**
223 * This module processes the email notifications when the current page is
224 * changed. It looks up the table watchlist to find out which users are watching
225 * that page.
226 *
227 * The current implementation sends independent emails to each watching user for
228 * the following reason:
229 *
230 * - Each watching user will be notified about the page edit time expressed in
231 * his/her local time (UTC is shown additionally). To achieve this, we need to
232 * find the individual timeoffset of each watching user from the preferences..
233 *
234 * Suggested improvement to slack down the number of sent emails: We could think
235 * of sending out bulk mails (bcc:user1,user2...) for all these users having the
236 * same timeoffset in their preferences.
237 *
238 * Visit the documentation pages under http://meta.wikipedia.com/Enotif
239 *
240 *
241 */
242 class EmailNotification {
243 /**@{{
244 * @private
245 */
246 var $to, $subject, $body, $replyto, $from;
247 var $user, $title, $timestamp, $summary, $minorEdit, $oldid;
248
249 /**@}}*/
250
251 function notifyOnPageChange($editor, &$title, $timestamp, $summary, $minorEdit, $oldid = false) {
252 global $wgEnotifUseJobQ;
253 global $wgEnotifWatchlist, $wgShowUpdatedMarker;
254
255 if( $title->getNamespace() < 0 )
256 return;
257
258 if ($wgEnotifUseJobQ) {
259 $params = array(
260 "editor" => $editor->getName(),
261 "timestamp" => $timestamp,
262 "summary" => $summary,
263 "minorEdit" => $minorEdit,
264 "oldid" => $oldid);
265 $job = new EnotifNotifyJob( $title, $params );
266 $job->insert();
267 } else {
268 $this->actuallyNotifyOnPageChange($editor, $title, $timestamp, $summary, $minorEdit, $oldid);
269 }
270
271 }
272
273 /**
274 * @todo document
275 * @param $title Title object
276 * @param $timestamp
277 * @param $summary
278 * @param $minorEdit
279 * @param $oldid (default: false)
280 */
281 function actuallyNotifyOnPageChange($editor, &$title, $timestamp, $summary, $minorEdit, $oldid=false) {
282
283 # we use $wgEmergencyContact as sender's address
284 global $wgEnotifWatchlist;
285 global $wgEnotifMinorEdits, $wgEnotifUserTalk, $wgShowUpdatedMarker;
286 global $wgEnotifImpersonal;
287
288 $fname = 'UserMailer::notifyOnPageChange';
289 wfProfileIn( $fname );
290
291 # The following code is only run, if several conditions are met:
292 # 1. EmailNotification for pages (other than user_talk pages) must be enabled
293 # 2. minor edits (changes) are only regarded if the global flag indicates so
294
295 $isUserTalkPage = ($title->getNamespace() == NS_USER_TALK);
296 $enotifusertalkpage = ($isUserTalkPage && $wgEnotifUserTalk);
297 $enotifwatchlistpage = $wgEnotifWatchlist;
298
299 $this->title =& $title;
300 $this->timestamp = $timestamp;
301 $this->summary = $summary;
302 $this->minorEdit = $minorEdit;
303 $this->oldid = $oldid;
304 $this->composeCommonMailtext($editor);
305
306 $impersonals = array();
307
308 if ( (!$minorEdit || $wgEnotifMinorEdits) ) {
309 if( $wgEnotifWatchlist ) {
310 // Send updates to watchers other than the current editor
311 $userCondition = 'wl_user <> ' . intval( $editor->getId() );
312 } elseif( $wgEnotifUserTalk && $title->getNamespace() == NS_USER_TALK ) {
313 $targetUser = User::newFromName( $title->getText() );
314 if( is_null( $targetUser ) ) {
315 wfDebug( "$fname: user-talk-only mode; no such user\n" );
316 $userCondition = false;
317 } elseif( $targetUser->getId() == $editor->getId() ) {
318 wfDebug( "$fname: user-talk-only mode; editor is target user\n" );
319 $userCondition = false;
320 } else {
321 // Don't notify anyone other than the owner of the talk page
322 $userCondition = 'wl_user = ' . intval( $targetUser->getId() );
323 }
324 } else {
325 // Notifications disabled
326 $userCondition = false;
327 }
328 if( $userCondition ) {
329 $dbr = wfGetDB( DB_MASTER );
330
331 $res = $dbr->select( 'watchlist', array( 'wl_user' ),
332 array(
333 'wl_title' => $title->getDBkey(),
334 'wl_namespace' => $title->getNamespace(),
335 $userCondition,
336 'wl_notificationtimestamp IS NULL',
337 ), $fname );
338
339 # if anyone is watching ... set up the email message text which is
340 # common for all receipients ...
341 if ( $dbr->numRows( $res ) > 0 ) {
342
343 $watchingUser = new User();
344
345 # ... now do for all watching users ... if the options fit
346 for ($i = 1; $i <= $dbr->numRows( $res ); $i++) {
347
348 $wuser = $dbr->fetchObject( $res );
349 $watchingUser->setID($wuser->wl_user);
350
351 if ( ( $enotifwatchlistpage && $watchingUser->getOption('enotifwatchlistpages') ) ||
352 ( $enotifusertalkpage
353 && $watchingUser->getOption('enotifusertalkpages')
354 && $title->equals( $watchingUser->getTalkPage() ) )
355 && (!$minorEdit || ($wgEnotifMinorEdits && $watchingUser->getOption('enotifminoredits') ) )
356 && ($watchingUser->isEmailConfirmed() ) ) {
357 # ... adjust remaining text and page edit time placeholders
358 # which needs to be personalized for each user
359 if ($wgEnotifImpersonal)
360 $impersonals[] = $watchingUser;
361 else
362 $this->composeAndSendPersonalisedMail( $watchingUser );
363
364 } # if the watching user has an email address in the preferences
365 }
366 }
367 } # if anyone is watching
368 } # if $wgEnotifWatchlist = true
369
370 global $wgUsersNotifedOnAllChanges;
371 foreach ( $wgUsersNotifedOnAllChanges as $name ) {
372 $user = User::newFromName( $name );
373 if ($wgEnotifImpersonal)
374 $impersonals[] = $user;
375 else
376 $this->composeAndSendPersonalisedMail( $user );
377 }
378
379 $this->composeAndSendImpersonalMail($impersonals);
380
381 if ( $wgShowUpdatedMarker || $wgEnotifWatchlist ) {
382 # mark the changed watch-listed page with a timestamp, so that the page is
383 # listed with an "updated since your last visit" icon in the watch list, ...
384 $dbw = wfGetDB( DB_MASTER );
385 $success = $dbw->update( 'watchlist',
386 array( /* SET */
387 'wl_notificationtimestamp' => $dbw->timestamp($timestamp)
388 ), array( /* WHERE */
389 'wl_title' => $title->getDBkey(),
390 'wl_namespace' => $title->getNamespace(),
391 'wl_notificationtimestamp IS NULL'
392 ), 'UserMailer::NotifyOnChange'
393 );
394 # FIXME what do we do on failure ?
395 }
396
397 wfProfileOut( $fname );
398 } # function NotifyOnChange
399
400 /**
401 * @private
402 */
403 function composeCommonMailtext($editor) {
404 global $wgEmergencyContact, $wgNoReplyAddress;
405 global $wgEnotifFromEditor, $wgEnotifRevealEditorAddress;
406 global $wgEnotifImpersonal;
407
408 $summary = ($this->summary == '') ? ' - ' : $this->summary;
409 $medit = ($this->minorEdit) ? wfMsg( 'minoredit' ) : '';
410
411 # You as the WikiAdmin and Sysops can make use of plenty of
412 # named variables when composing your notification emails while
413 # simply editing the Meta pages
414
415 $subject = wfMsgForContent( 'enotif_subject' );
416 $body = wfMsgForContent( 'enotif_body' );
417 $from = ''; /* fail safe */
418 $replyto = ''; /* fail safe */
419 $keys = array();
420
421 # regarding the use of oldid as an indicator for the last visited version, see also
422 # http://bugzilla.wikipeda.org/show_bug.cgi?id=603 "Delete + undelete cycle doesn't preserve old_id"
423 # However, in the case of a new page which is already watched, we have no previous version to compare
424 if( $this->oldid ) {
425 $difflink = $this->title->getFullUrl( 'diff=0&oldid=' . $this->oldid );
426 $keys['$NEWPAGE'] = wfMsgForContent( 'enotif_lastvisited', $difflink );
427 $keys['$OLDID'] = $this->oldid;
428 $keys['$CHANGEDORCREATED'] = wfMsgForContent( 'changed' );
429 } else {
430 $keys['$NEWPAGE'] = wfMsgForContent( 'enotif_newpagetext' );
431 # clear $OLDID placeholder in the message template
432 $keys['$OLDID'] = '';
433 $keys['$CHANGEDORCREATED'] = wfMsgForContent( 'created' );
434 }
435
436 if ($wgEnotifImpersonal && $this->oldid)
437 /*
438 * For impersonal mail, show a diff link to the last
439 * revision.
440 */
441 $keys['$NEWPAGE'] = wfMsgForContent('enotif_lastdiff',
442 $this->title->getFullURL("oldid={$this->oldid}&diff=prev"));
443
444 $body = strtr( $body, $keys );
445 $pagetitle = $this->title->getPrefixedText();
446 $keys['$PAGETITLE'] = $pagetitle;
447 $keys['$PAGETITLE_URL'] = $this->title->getFullUrl();
448
449 $keys['$PAGEMINOREDIT'] = $medit;
450 $keys['$PAGESUMMARY'] = $summary;
451
452 $subject = strtr( $subject, $keys );
453
454 # Reveal the page editor's address as REPLY-TO address only if
455 # the user has not opted-out and the option is enabled at the
456 # global configuration level.
457 $name = $editor->getName();
458 $adminAddress = new MailAddress( $wgEmergencyContact, 'WikiAdmin' );
459 $editorAddress = new MailAddress( $editor );
460 if( $wgEnotifRevealEditorAddress
461 && ( $editor->getEmail() != '' )
462 && $editor->getOption( 'enotifrevealaddr' ) ) {
463 if( $wgEnotifFromEditor ) {
464 $from = $editorAddress;
465 } else {
466 $from = $adminAddress;
467 $replyto = $editorAddress;
468 }
469 } else {
470 $from = $adminAddress;
471 $replyto = new MailAddress( $wgNoReplyAddress );
472 }
473
474 if( $editor->isIP( $name ) ) {
475 #real anon (user:xxx.xxx.xxx.xxx)
476 $utext = wfMsgForContent('enotif_anon_editor', $name);
477 $subject = str_replace('$PAGEEDITOR', $utext, $subject);
478 $keys['$PAGEEDITOR'] = $utext;
479 $keys['$PAGEEDITOR_EMAIL'] = wfMsgForContent( 'noemailtitle' );
480 } else {
481 $subject = str_replace('$PAGEEDITOR', $name, $subject);
482 $keys['$PAGEEDITOR'] = $name;
483 $emailPage = SpecialPage::getSafeTitleFor( 'Emailuser', $name );
484 $keys['$PAGEEDITOR_EMAIL'] = $emailPage->getFullUrl();
485 }
486 $userPage = $editor->getUserPage();
487 $keys['$PAGEEDITOR_WIKI'] = $userPage->getFullUrl();
488 $body = strtr( $body, $keys );
489 $body = wordwrap( $body, 72 );
490
491 # now save this as the constant user-independent part of the message
492 $this->from = $from;
493 $this->replyto = $replyto;
494 $this->subject = $subject;
495 $this->body = $body;
496 }
497
498 /**
499 * Does the per-user customizations to a notification e-mail (name,
500 * timestamp in proper timezone, etc) and sends it out.
501 * Returns true if the mail was sent successfully.
502 *
503 * @param User $watchingUser
504 * @param object $mail
505 * @return bool
506 * @private
507 */
508 function composeAndSendPersonalisedMail( $watchingUser ) {
509 global $wgLang;
510 // From the PHP manual:
511 // Note: The to parameter cannot be an address in the form of "Something <someone@example.com>".
512 // The mail command will not parse this properly while talking with the MTA.
513 $to = new MailAddress( $watchingUser );
514 $body = str_replace( '$WATCHINGUSERNAME', $watchingUser->getName() , $this->body );
515
516 $timecorrection = $watchingUser->getOption( 'timecorrection' );
517
518 # $PAGEEDITDATE is the time and date of the page change
519 # expressed in terms of individual local time of the notification
520 # recipient, i.e. watching user
521 $body = str_replace('$PAGEEDITDATE',
522 $wgLang->timeanddate( $this->timestamp, true, false, $timecorrection ),
523 $body);
524
525 return userMailer($to, $this->from, $this->subject, $body, $this->replyto);
526 }
527
528 /**
529 * Same as composeAndSendPersonalisedMail but does impersonal mail
530 * suitable for bulk mailing. Takes an array of users.
531 */
532 function composeAndSendImpersonalMail($users) {
533 global $wgLang;
534
535 if (empty($users))
536 return;
537
538 $to = array();
539 foreach ($users as $user)
540 $to[] = new MailAddress($user);
541
542 $body = str_replace(
543 array( '$WATCHINGUSERNAME',
544 '$PAGEEDITDATE'),
545 array( wfMsgForContent('enotif_impersonal_salutation'),
546 $wgLang->timeanddate($this->timestamp, true, false, false)),
547 $this->body);
548
549 return userMailer($to, $this->from, $this->subject, $body, $this->replyto);
550 }
551
552 } # end of class EmailNotification
553
Wiklou, le Wiki du Wiklou