X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2FSpecialEmailuser.php;h=76add3048684c4ae89b37e04fa9763e5c97344f1;hb=772b5eb07e95144ae38fdceb3c1e2afbd588a4b7;hp=80ae1ef8dcb43780fd57dd26314dcc59e2c4c52b;hpb=c771fc9c96aacb44b86ade5ecca68334c5d8213f;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/SpecialEmailuser.php b/includes/SpecialEmailuser.php index 80ae1ef8dc..76add30486 100644 --- a/includes/SpecialEmailuser.php +++ b/includes/SpecialEmailuser.php @@ -5,10 +5,8 @@ */ /** - * + * @todo document */ -require_once('UserMailer.php'); - function wfSpecialEmailuser( $par ) { global $wgUser, $wgOut, $wgRequest, $wgEnableEmail, $wgEnableUserEmail; @@ -45,12 +43,26 @@ function wfSpecialEmailuser( $par ) { return; } + if ( $wgUser->isBlockedFromEmailUser() ) { + // User has been blocked from sending e-mail. Show the std blocked form. + wfDebug( "User is blocked from sending e-mail.\n" ); + $wgOut->blockedPage(); + return; + } + $f = new EmailUserForm( $nu ); if ( "success" == $action ) { $f->showSuccess( $nu ); } else if ( "submit" == $action && $wgRequest->wasPosted() && - $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) { + $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) + { + # Check against the rate limiter + if( $wgUser->pingLimiter( 'emailuser' ) ) { + $wgOut->rateLimited(); + return; + } + $f->doSubmit(); } else { $f->showForm(); @@ -58,7 +70,7 @@ function wfSpecialEmailuser( $par ) { } /** - * @todo document + * Implements the Special:Emailuser web interface, and invokes userMailer for sending the email message. * @addtogroup SpecialPage */ class EmailUserForm { @@ -101,7 +113,7 @@ class EmailUserForm { $titleObj = SpecialPage::getTitleFor( "Emailuser" ); $action = $titleObj->escapeLocalURL( "target=" . urlencode( $this->target->getName() ) . "&action=submit" ); - $token = $wgUser->editToken(); + $token = htmlspecialchars( $wgUser->editToken() ); $wgOut->addHTML( "