<?php
+/**
+ * @file
+ * @ingroup SpecialPage
+ */
-require_once('UserMailer.php');
+/**
+ * @todo document
+ */
+function wfSpecialEmailuser( $par ) {
+ global $wgRequest, $wgUser, $wgOut;
-function wfSpecialEmailuser()
-{
- global $wgUser, $wgOut, $action, $target;
-
- if ( 0 == $wgUser->getID() ||
- ( false === strpos( $wgUser->getEmail(), "@" ) ) ) {
- $wgOut->errorpage( "mailnologin", "mailnologintext" );
- return;
- }
- $target = wfCleanQueryVar( $target );
- if ( "" == $target ) {
- $wgOut->errorpage( "notargettitle", "notargettext" );
+ $action = $wgRequest->getVal( 'action' );
+ $target = isset($par) ? $par : $wgRequest->getVal( 'target' );
+ $targetUser = EmailUserForm::validateEmailTarget( $target );
+
+ if ( !( $targetUser instanceof User ) ) {
+ $wgOut->showErrorPage( $targetUser[0], $targetUser[1] );
return;
}
- $nt = Title::newFromURL( $target );
- $nu = User::newFromName( $nt->getText() );
- $id = $nu->idForName();
-
- if ( 0 == $id ) {
- $wgOut->errorpage( "noemailtitle", "noemailtext" );
+
+ $form = new EmailUserForm( $targetUser,
+ $wgRequest->getText( 'wpText' ),
+ $wgRequest->getText( 'wpSubject' ),
+ $wgRequest->getBool( 'wpCCMe' ) );
+ if ( $action == 'success' ) {
+ $form->showSuccess();
return;
}
- $nu->setID( $id );
- $address = $nu->getEmail();
-
- if ( ( false === strpos( $address, "@" ) ) ||
- ( 1 == $nu->getOption( "disablemail" ) ) ) {
- $wgOut->errorpage( "noemailtitle", "noemailtext" );
- return;
+
+ $error = EmailUserForm::getPermissionsError( $wgUser, $wgRequest->getVal( 'wpEditToken' ) );
+ if ( $error ) {
+ switch ( $error[0] ) {
+ case 'blockedemailuser':
+ $wgOut->blockedPage();
+ return;
+ case 'actionthrottledtext':
+ $wgOut->rateLimited();
+ return;
+ case 'sessionfailure':
+ $form->showForm();
+ return;
+ default:
+ $wgOut->showErrorPage( $error[0], $error[1] );
+ return;
+ }
+ }
+
+
+ if ( "submit" == $action && $wgRequest->wasPosted() ) {
+ $result = $form->doSubmit();
+
+ if ( !is_null( $result ) ) {
+ $wgOut->addHTML( wfMsg( "usermailererror" ) .
+ ' ' . htmlspecialchars( $result->getMessage() ) );
+ } else {
+ $titleObj = SpecialPage::getTitleFor( "Emailuser" );
+ $encTarget = wfUrlencode( $form->getTarget()->getName() );
+ $wgOut->redirect( $titleObj->getFullURL( "target={$encTarget}&action=success" ) );
+ }
+ } else {
+ $form->showForm();
}
- $fields = array( "wpSubject", "wpText" );
- wfCleanFormFields( $fields );
-
- $f = new EmailUserForm( $nu->getName() . " <{$address}>" );
-
- if ( "success" == $action ) { $f->showSuccess(); }
- else if ( "submit" == $action ) { $f->doSubmit(); }
- else { $f->showForm( "" ); }
}
+/**
+ * Implements the Special:Emailuser web interface, and invokes userMailer for sending the email message.
+ * @ingroup SpecialPage
+ */
class EmailUserForm {
- var $mAddress;
+ var $target;
+ var $text, $subject;
+ var $cc_me; // Whether user requested to be sent a separate copy of their email.
- function EmailUserForm( $addr )
- {
- $this->mAddress = $addr;
+ /**
+ * @param User $target
+ */
+ function EmailUserForm( $target, $text, $subject, $cc_me ) {
+ $this->target = $target;
+ $this->text = $text;
+ $this->subject = $subject;
+ $this->cc_me = $cc_me;
}
- function showForm( $err )
- {
- global $wgOut, $wgUser, $wgLang;
- global $wpSubject, $wpText, $target;
+ function showForm() {
+ global $wgOut, $wgUser;
+ $skin = $wgUser->getSkin();
$wgOut->setPagetitle( wfMsg( "emailpage" ) );
- $wgOut->addWikiText( wfMsg( "emailpagetext" ) );
+ $wgOut->addWikiMsg( "emailpagetext" );
- if ( ! $wpSubject ) { $wpSubject = wfMsg( "defemailsubject" ); }
+ if ( $this->subject === "" ) {
+ $this->subject = wfMsgForContent( "defemailsubject" );
+ }
$emf = wfMsg( "emailfrom" );
- $sender = $wgUser->getName();
+ $senderLink = $skin->makeLinkObj(
+ $wgUser->getUserPage(), htmlspecialchars( $wgUser->getName() ) );
$emt = wfMsg( "emailto" );
- $rcpt = str_replace( "_", " ", urldecode( $target ) );
+ $recipientLink = $skin->makeLinkObj(
+ $this->target->getUserPage(), htmlspecialchars( $this->target->getName() ) );
$emr = wfMsg( "emailsubject" );
$emm = wfMsg( "emailmessage" );
$ems = wfMsg( "emailsend" );
+ $emc = wfMsg( "emailccme" );
+ $encSubject = htmlspecialchars( $this->subject );
- $titleObj = Title::makeTitle( NS_SPECIAL, "Emailuser" );
- $action = $titleObj->getURL( "target={$target}&action=submit", true );
+ $titleObj = SpecialPage::getTitleFor( "Emailuser" );
+ $action = $titleObj->escapeLocalURL( "target=" .
+ urlencode( $this->target->getName() ) . "&action=submit" );
+ $token = htmlspecialchars( $wgUser->editToken() );
- if ( "" != $err ) {
- $wgOut->setSubtitle( wfMsg( "formerror" ) );
- $wgOut->addHTML( "<p><font color='red' size='+1'>{$err}</font>\n" );
- }
- $wgOut->addHTML( "<p>
+ $wgOut->addHTML( "
<form id=\"emailuser\" method=\"post\" action=\"{$action}\">
-<table border=0><tr>
-<td align=right>{$emf}:</td>
-<td align=left><strong>{$sender}</strong></td>
+<table border='0' id='mailheader'><tr>
+<td align='right'>{$emf}:</td>
+<td align='left'><strong>{$senderLink}</strong></td>
</tr><tr>
-<td align=right>{$emt}:</td>
-<td align=left><strong>{$rcpt}</strong></td>
+<td align='right'>{$emt}:</td>
+<td align='left'><strong>{$recipientLink}</strong></td>
</tr><tr>
-<td align=right>{$emr}:</td>
-<td align=left>
-<input type=text name=\"wpSubject\" value=\"{$wpSubject}\">
+<td align='right'>{$emr}:</td>
+<td align='left'>
+<input type='text' size='60' maxlength='200' name=\"wpSubject\" value=\"{$encSubject}\" />
</td>
-</tr><tr>
-<td align=right>{$emm}:</td>
-<td align=left>
-<textarea name=\"wpText\" rows=10 cols=60 wrap=virtual>
-{$wpText}
-</textarea>
-</td></tr><tr>
-<td> </td><td align=left>
-<input type=submit name=\"wpSend\" value=\"{$ems}\">
-</td></tr></table>
+</tr>
+</table>
+<span id='wpTextLabel'><label for=\"wpText\">{$emm}:</label><br /></span>
+<textarea id=\"wpText\" name=\"wpText\" rows='20' cols='80' style=\"width: 100%;\">" . htmlspecialchars( $this->text ) .
+"</textarea>
+" . wfCheckLabel( $emc, 'wpCCMe', 'wpCCMe', $wgUser->getBoolOption( 'ccmeonemails' ) ) . "<br />
+<input type='submit' name=\"wpSend\" value=\"{$ems}\" />
+<input type='hidden' name='wpEditToken' value=\"$token\" />
</form>\n" );
}
- function doSubmit()
- {
- global $wgOut, $wgUser, $wgLang, $wgOutputEncoding;
- global $wpSubject, $wpText, $target;
-
- $from = wfQuotedPrintable( $wgUser->getName() ) . " <" . $wgUser->getEmail() . ">";
-
- $mailResult = userMailer( $this->mAddress, $from, wfQuotedPrintable( $wpSubject ), $wpText );
+ /*
+ * Really send a mail. Permissions should have been checked using
+ * EmailUserForm::getPermissionsError. It is probably also a good idea to
+ * check the edit token and ping limiter in advance.
+ */
+ function doSubmit() {
+ global $wgUser, $wgUserEmailUseReplyTo;
+
+ $to = new MailAddress( $this->target );
+ $from = new MailAddress( $wgUser );
+ $subject = $this->subject;
+
+ if( wfRunHooks( 'EmailUser', array( &$to, &$from, &$subject, &$this->text ) ) ) {
+
+ if( $wgUserEmailUseReplyTo ) {
+ // Put the generic wiki autogenerated address in the From:
+ // header and reserve the user for Reply-To.
+ //
+ // This is a bit ugly, but will serve to differentiate
+ // wiki-borne mails from direct mails and protects against
+ // SPF and bounce problems with some mailers (see below).
+ global $wgPasswordSender;
+ $mailFrom = new MailAddress( $wgPasswordSender );
+ $replyTo = $from;
+ } else {
+ // Put the sending user's e-mail address in the From: header.
+ //
+ // This is clean-looking and convenient, but has issues.
+ // One is that it doesn't as clearly differentiate the wiki mail
+ // from "directly" sent mails.
+ //
+ // Another is that some mailers (like sSMTP) will use the From
+ // address as the envelope sender as well. For open sites this
+ // can cause mails to be flunked for SPF violations (since the
+ // wiki server isn't an authorized sender for various users'
+ // domains) as well as creating a privacy issue as bounces
+ // containing the recipient's e-mail address may get sent to
+ // the sending user.
+ $mailFrom = $from;
+ $replyTo = null;
+ }
+
+ $mailResult = UserMailer::send( $to, $mailFrom, $subject, $this->text, $replyTo );
+
+ if( WikiError::isError( $mailResult ) ) {
+ return $mailResult;
+
+ } else {
- if (! $mailResult)
- {
- $titleObj = Title::makeTitle( NS_SPECIAL, "Emailuser" );
- $wgOut->redirect( $titleObj->getURL( "target={$target}&action=success" ) );
+ // if the user requested a copy of this mail, do this now,
+ // unless they are emailing themselves, in which case one copy of the message is sufficient.
+ if ($this->cc_me && $to != $from) {
+ $cc_subject = wfMsg('emailccsubject', $this->target->getName(), $subject);
+ if( wfRunHooks( 'EmailUser', array( &$from, &$from, &$cc_subject, &$this->text ) ) ) {
+ $ccResult = UserMailer::send( $from, $from, $cc_subject, $this->text );
+ if( WikiError::isError( $ccResult ) ) {
+ // At this stage, the user's CC mail has failed, but their
+ // original mail has succeeded. It's unlikely, but still, what to do?
+ // We can either show them an error, or we can say everything was fine,
+ // or we can say we sort of failed AND sort of succeeded. Of these options,
+ // simply saying there was an error is probably best.
+ return $ccResult;
+ }
+ }
+ }
+
+ wfRunHooks( 'EmailUserComplete', array( $to, $from, $subject, $this->text ) );
+ return;
+ }
}
- else
- $wgOut->addHTML( wfMsg( "usermailererror" ) . $mailResult);
}
- function showSuccess()
- {
- global $wgOut, $wgUser;
+ function showSuccess( &$user = null ) {
+ global $wgOut;
+
+ if ( is_null($user) )
+ $user = $this->target;
$wgOut->setPagetitle( wfMsg( "emailsent" ) );
$wgOut->addHTML( wfMsg( "emailsenttext" ) );
- $wgOut->returnToMain( false );
+ $wgOut->returnToMain( false, $user->getUserPage() );
+ }
+
+ function getTarget() {
+ return $this->target;
+ }
+
+ static function validateEmailTarget ( $target ) {
+ global $wgEnableEmail, $wgEnableUserEmail;
+
+ if( !( $wgEnableEmail && $wgEnableUserEmail ) )
+ return array( "nosuchspecialpage", "nospecialpagetext" );
+
+ if ( "" == $target ) {
+ wfDebug( "Target is empty.\n" );
+ return array( "notargettitle", "notargettext" );
+ }
+
+ $nt = Title::newFromURL( $target );
+ if ( is_null( $nt ) ) {
+ wfDebug( "Target is invalid title.\n" );
+ return array( "notargettitle", "notargettext" );
+ }
+
+ $nu = User::newFromName( $nt->getText() );
+ if( is_null( $nu ) || !$nu->canReceiveEmail() ) {
+ wfDebug( "Target is invalid user or can't receive.\n" );
+ return array( "noemailtitle", "noemailtext" );
+ }
+
+ return $nu;
+ }
+ static function getPermissionsError ( $user, $editToken ) {
+ if( !$user->canSendEmail() ) {
+ wfDebug( "User can't send.\n" );
+ return array( "mailnologin", "mailnologintext" );
+ }
+
+ if( $user->isBlockedFromEmailuser() ) {
+ wfDebug( "User is blocked from sending e-mail.\n" );
+ return array( "blockedemailuser", "" );
+ }
+
+ if( $user->pingLimiter( 'emailuser' ) ) {
+ wfDebug( "Ping limiter triggered.\n" );
+ return array( 'actionthrottledtext', '' );
+ }
+
+ if( !$user->matchEditToken( $editToken ) ) {
+ wfDebug( "Matching edit token failed.\n" );
+ return array( 'sessionfailure', '' );
+ }
+
+ return;
+ }
+
+ static function newFromURL( $target, $text, $subject, $cc_me )
+ {
+ $nt = Title::newFromURL( $target );
+ $nu = User::newFromName( $nt->getText() );
+ return new EmailUserForm( $nu, $text, $subject, $cc_me );
}
}
-?>