* @addtogroup SpecialPage
*/
-/**
- *
- */
require_once('UserMailer.php');
+/**
+ * @todo document
+ */
function wfSpecialEmailuser( $par ) {
global $wgUser, $wgOut, $wgRequest, $wgEnableEmail, $wgEnableUserEmail;
return;
}
+ if ( $wgUser->isBlockedFromEmailUser() ) {
+ // User has been blocked from sending e-mail. Show the std blocked form.
+ wfDebug( "User is blocked from sending e-mail.\n" );
+ $wgOut->blockedPage();
+ return;
+ }
+
$f = new EmailUserForm( $nu );
if ( "success" == $action ) {
$f->showSuccess( $nu );
} else if ( "submit" == $action && $wgRequest->wasPosted() &&
+ $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) )
+ {
# Check against the rate limiter
if( $wgUser->pingLimiter( 'emailuser' ) ) {
$wgOut->rateLimited();
return;
}
- $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) {
+
$f->doSubmit();
} else {
$f->showForm();
}
/**
- * @todo document
+ * Implements the Special:Emailuser web interface, and invokes userMailer for sending the email message.
* @addtogroup SpecialPage
*/
class EmailUserForm {
$titleObj = SpecialPage::getTitleFor( "Emailuser" );
$action = $titleObj->escapeLocalURL( "target=" .
urlencode( $this->target->getName() ) . "&action=submit" );
- $token = $wgUser->editToken();
+ $token = htmlspecialchars( $wgUser->editToken() );
$wgOut->addHTML( "
<form id=\"emailuser\" method=\"post\" action=\"{$action}\">
</tr>
</table>
<span id='wpTextLabel'><label for=\"wpText\">{$emm}:</label><br /></span>
-<textarea name=\"wpText\" rows='20' cols='80' wrap='virtual' style=\"width: 100%;\">" . htmlspecialchars( $this->text ) .
+<textarea id=\"wpText\" name=\"wpText\" rows='20' cols='80' style=\"width: 100%;\">" . htmlspecialchars( $this->text ) .
"</textarea>
" . wfCheckLabel( $emc, 'wpCCMe', 'wpCCMe', $wgUser->getBoolOption( 'ccmeonemails' ) ) . "<br />
<input type='submit' name=\"wpSend\" value=\"{$ems}\" />
}
function doSubmit() {
- global $wgOut, $wgUser;
+ global $wgOut, $wgUser, $wgUserEmailUseReplyTo;
$to = new MailAddress( $this->target );
$from = new MailAddress( $wgUser );
$subject = $this->subject;
if( wfRunHooks( 'EmailUser', array( &$to, &$from, &$subject, &$this->text ) ) ) {
+
+ if( $wgUserEmailUseReplyTo ) {
+ // Put the generic wiki autogenerated address in the From:
+ // header and reserve the user for Reply-To.
+ //
+ // This is a bit ugly, but will serve to differentiate
+ // wiki-borne mails from direct mails and protects against
+ // SPF and bounce problems with some mailers (see below).
+ global $wgPasswordSender;
+ $mailFrom = new MailAddress( $wgPasswordSender );
+ $replyTo = $from;
+ } else {
+ // Put the sending user's e-mail address in the From: header.
+ //
+ // This is clean-looking and convenient, but has issues.
+ // One is that it doesn't as clearly differentiate the wiki mail
+ // from "directly" sent mails.
+ //
+ // Another is that some mailers (like sSMTP) will use the From
+ // address as the envelope sender as well. For open sites this
+ // can cause mails to be flunked for SPF violations (since the
+ // wiki server isn't an authorized sender for various users'
+ // domains) as well as creating a privacy issue as bounces
+ // containing the recipient's e-mail address may get sent to
+ // the sending user.
+ $mailFrom = $from;
+ $replyTo = null;
+ }
- $mailResult = userMailer( $to, $from, $subject, $this->text );
+ $mailResult = UserMailer::send( $to, $mailFrom, $subject, $this->text, $replyTo );
if( WikiError::isError( $mailResult ) ) {
$wgOut->addHTML( wfMsg( "usermailererror" ) . $mailResult);
$wgOut->returnToMain( false, $user->getUserPage() );
}
}
-?>