/**
* Vetos (denies) a login attempt, and forces the user to change his password.
*
* This handler is triggered by the 'user.login.veto' event. It vetos (denies) a
* login attempt if the users's account record is flagged to force the user to change
* his password maintained by the Users module. If the user does not maintain a
* password on his Users account (e.g., he registered with and logs in with a Google
* Account or an OpenID, and never established a Users password), then this handler
* will not trigger a change of password.
*
* @param Zikula_Event $event The event that triggered this handler.
*
* @return void
*/
public static function forcedPasswordChangeListener(Zikula_Event $event)
{
$userObj = $event->getSubject();
$userMustChangePassword = UserUtil::getVar('_Users_mustChangePassword', $userObj['uid'], false);
if ($userMustChangePassword && ($userObj['pass'] != Users_Constant::PWD_NO_USERS_AUTHENTICATION)) {
$event->stop();
$event->setData(array(
'redirect_func' => array(
'modname' => self::$modname,
'type' => 'user',
'func' => 'changePassword',
'args' => array(
'login' => true,
),
'session' => array(
'var' => 'Users_Controller_User_changePassword',
'namespace' => 'Zikula_Users',
)
),
));
LogUtil::registerError(__("Your log-in request was not completed. You must change your web site account's password first."));
}
}
/**
* Add 'anotherfunction' Event handler .
*
* @param Zikula_Event $event Handler.
*
* @return void
*/
public function anotherfunction(Zikula_Event $event)
{
// check if this is for this handler
$subject = $event->getSubject();
if (!($event['method'] == 'anotherfunction' && $subject instanceof Users_Controller_Admin)) {
return;
}
if (!SecurityUtil::checkPermission('Users::', '::', ACCESS_ADMIN)) {
return LogUtil::registerPermissionError();
}
$view = Zikula_View_plugin::getModulePluginInstance($this->moduleName, $this->pluginName);
$event->setData($view->fetch('anotherfunction.tpl'));
$event->stop();
}
/**
* Event handler here.
*
* @param Zikula_Event $event Event handler.
*
* @return void
*/
public function handler(Zikula_Event $event)
{
// check if this is for this handler
$subject = $event->getSubject();
if (!($event['method'] == 'extensions' && $subject instanceof Users_Controller_Admin)) {
return;
}
if (!SecurityUtil::checkPermission('Users::', '::', ACCESS_ADMIN)) {
return LogUtil::registerPermissionError();
}
// Zikula Modules and Themes versions
$view = Zikula_View::getInstance('Users');
$view->assign('mods', ModuleUtil::getModules());
$view->assign('themes', ThemeUtil::getAllThemes());
$event->setData($view->fetch('users_admin_extensions.tpl'));
$event->stop();
}
/**
* Run a module function.
*
* @param string $modname The name of the module.
* @param string $type The type of function to run.
* @param string $func The specific function to run.
* @param array $args The arguments to pass to the function.
* @param boolean $api Whether or not to execute an API (or regular) function.
* @param string $instanceof Perform instanceof checking of target class.
*
* @throws Zikula_Exception_NotFound If method was not found.
* @throws InvalidArgumentException If the controller is not an instance of the class specified in $instanceof.
*
* @return mixed.
*/
public static function exec($modname, $type = 'user', $func = 'main', $args = array(), $api = false, $instanceof = null)
{
// define input, all numbers and booleans to strings
$modname = isset($modname) ? (string) $modname : '';
$ftype = $api ? 'api' : '';
$loadfunc = $api ? 'ModUtil::loadApi' : 'ModUtil::load';
// validate
if (!System::varValidate($modname, 'mod')) {
return null;
}
// Remove from 1.4
if (System::isLegacyMode() && $modname == 'Modules') {
LogUtil::log(__('Warning! "Modules" module has been renamed to "Extensions". Please update your ModUtil::func() and ModUtil::apiFunc() calls.'));
$modname = 'Extensions';
}
$modinfo = self::getInfo(self::getIDFromName($modname));
$path = $modinfo['type'] == self::TYPE_SYSTEM ? 'system' : 'modules';
$controller = null;
$modfunc = null;
$loaded = call_user_func_array($loadfunc, array($modname, $type));
if (self::isOO($modname)) {
$result = self::getCallable($modname, $type, $func, $api);
if ($result) {
$modfunc = $result['callable'];
$controller = $modfunc[0];
if (!is_null($instanceof)) {
if (!$controller instanceof $instanceof) {
throw new InvalidArgumentException(__f('%1$s must be an instance of $2$s', array(get_class($controller), $instanceof)));
}
}
}
}
$modfunc = $modfunc ? $modfunc : "{$modname}_{$type}{$ftype}_{$func}";
$eventManager = EventUtil::getManager();
if ($loaded) {
$preExecuteEvent = new Zikula_Event('module_dispatch.preexecute', $controller, array('modname' => $modname, 'modfunc' => $modfunc, 'args' => $args, 'modinfo' => $modinfo, 'type' => $type, 'api' => $api));
$postExecuteEvent = new Zikula_Event('module_dispatch.postexecute', $controller, array('modname' => $modname, 'modfunc' => $modfunc, 'args' => $args, 'modinfo' => $modinfo, 'type' => $type, 'api' => $api));
if (is_callable($modfunc)) {
$eventManager->notify($preExecuteEvent);
// Check $modfunc is an object instance (OO) or a function (old)
if (is_array($modfunc)) {
if ($modfunc[0] instanceof Zikula_AbstractController) {
$reflection = call_user_func(array($modfunc[0], 'getReflection'));
$subclassOfReflection = new ReflectionClass($reflection->getParentClass());
if ($subclassOfReflection->hasMethod($modfunc[1])) {
// Don't allow front controller to access any public methods inside the controller's parents
throw new Zikula_Exception_NotFound();
}
$modfunc[0]->preDispatch();
}
$postExecuteEvent->setData(call_user_func($modfunc, $args));
if ($modfunc[0] instanceof Zikula_AbstractController) {
$modfunc[0]->postDispatch();
}
} else {
$postExecuteEvent->setData($modfunc($args));
}
return $eventManager->notify($postExecuteEvent)->getData();
}
// get the theme
if (ServiceUtil::getManager()->getService('zikula')->getStage() & Zikula_Core::STAGE_THEME) {
$theme = ThemeUtil::getInfo(ThemeUtil::getIDFromName(UserUtil::getTheme()));
if (file_exists($file = 'themes/' . $theme['directory'] . '/functions/' . $modname . "/{$type}{$ftype}/{$func}.php") || file_exists($file = 'themes/' . $theme['directory'] . '/functions/' . $modname . "/pn{$type}{$ftype}/{$func}.php")) {
include_once $file;
if (function_exists($modfunc)) {
EventUtil::notify($preExecuteEvent);
$postExecuteEvent->setData($modfunc($args));
return EventUtil::notify($postExecuteEvent)->getData();
}
}
}
if (file_exists($file = "config/functions/{$modname}/{$type}{$ftype}/{$func}.php") || file_exists($file = "config/functions/{$modname}/pn{$type}{$ftype}/{$func}.php")) {
include_once $file;
if (is_callable($modfunc)) {
$eventManager->notify($preExecuteEvent);
$postExecuteEvent->setData($modfunc($args));
return $eventManager->notify($postExecuteEvent)->getData();
}
}
if (file_exists($file = "{$path}/{$modname}/{$type}{$ftype}/{$func}.php") || file_exists($file = "{$path}/{$modname}/pn{$type}{$ftype}/{$func}.php")) {
include_once $file;
if (is_callable($modfunc)) {
$eventManager->notify($preExecuteEvent);
$postExecuteEvent->setData($modfunc($args));
return $eventManager->notify($postExecuteEvent)->getData();
}
}
// try to load plugin
// This kind of eventhandler should
// 1. Check $event['modfunc'] to see if it should run else exit silently.
// 2. Do something like $result = {$event['modfunc']}({$event['args'});
// 3. Save the result $event->setData($result).
// 4. $event->setNotify().
// return void
// This event means that no $type was found
$event = new Zikula_Event('module_dispatch.type_not_found', null, array('modfunc' => $modfunc, 'args' => $args, 'modinfo' => $modinfo, 'type' => $type, 'api' => $api), false);
$eventManager->notify($event);
if ($preExecuteEvent->isStopped()) {
return $preExecuteEvent->getData();
}
return false;
}
// Issue not found exception for controller requests
if (!System::isLegacyMode() && !$api) {
throw new Zikula_Exception_NotFound(__f('The requested controller action %s_Controller_%s::%s() could not be found', array($modname, $type, $func)));
}
}
public static function moduleservices(Zikula_Event $event)
{
// check if this is for this handler
$subject = $event->getSubject();
if (!($event['method'] == 'moduleservices' && strrpos(get_class($subject), '_Controller_Admin'))) {
return;
}
$moduleName = $subject->getName();
if (!SecurityUtil::checkPermission($moduleName.'::', '::', ACCESS_ADMIN)) {
return LogUtil::registerPermissionError();
}
$view = Zikula_View::getInstance('Extensions', false);
$view->assign('currentmodule', $moduleName);
// notify EVENT here to gather any system service links
$localevent = new Zikula_Event('module_dispatch.service_links', $subject, array('modname' => $moduleName));
EventUtil::notify($localevent);
$sublinks = $localevent->getData();
$view->assign('sublinks', $sublinks);
$event->setData($view->fetch('extensions_hookui_moduleservices.tpl'));
$event->stop();
}
/**
* Debug toolbar rendering (listener for 'theme.prefetch' and 'theme.postfetch' events).
*
* @param Zikula_Event $event Event.
*
* @return void
*/
public function debugToolbarRendering(Zikula_Event $event)
{
if (!$event->getSubject() instanceof Zikula_ErrorHandler_Ajax) {
if ($event->getName() == 'theme.prefetch') {
// force object construction (debug toolbar constructor registers javascript and css files via PageUtil)
$this->serviceManager->getService('debug.toolbar');
} else {
$toolbar = $this->serviceManager->getService('debug.toolbar');
$html = $toolbar->getContent() . "\n</body>";
$event->setData(str_replace('</body>', $html, $event->getData()));
}
}
}
/**
* Available plugins list.
*
* @return array List of the available plugins.
*/
public static function getPluginsAvailable()
{
$classNames = array();
$classNames['category'] = 'FilterUtil_Filter_Category';
$classNames['default'] = 'FilterUtil_Filter_Default';
$classNames['date'] = 'FilterUtil_Filter_Date';
$classNames['mnlist'] = 'FilterUtil_Filter_Mnlist';
$classNames['pmlist'] = 'FilterUtil_Filter_Pmlist';
$classNames['replaceName'] = 'FilterUtil_Filter_ReplaceName';
// collect classes from other providers also allows for override
// TODO A [This is only allowed for the module which owns this object.]
$event = new Zikula_Event('zikula.filterutil.get_plugin_classes');
$event->setData($classNames);
$classNames = EventUtil::getManager()->notify($event)->getData();
return $classNames;
}
/**
* Format a variable for HTML display. This method is recursive array safe.
*
* @param string $var The variable to format.
*
* @return string The formatted variable.
*/
public static function formatForDisplayHTML($var)
{
// This search and replace finds the text 'x@y' and replaces
// it with HTML entities, this provides protection against
// email harvesters
//
// Note that the use of \024 and \022 are needed to ensure that
// this does not break HTML tags that might be around either
// the username or the domain name
static $search = array(
'/([^\024])@([^\022])/se');
static $replace = array('"&#" .
sprintf("%03d", ord("\\1")) .
";@&#" .
sprintf("%03d", ord("\\2")) . ";";');
static $allowedtags = null;
static $outputfilter;
static $event;
if (!$event) {
$event = new Zikula_Event('system.outputfilter');
}
if (!isset($allowedtags)) {
$allowedHTML = array();
$allowableHTML = System::getVar('AllowableHTML');
if (is_array($allowableHTML)) {
foreach ($allowableHTML as $k => $v) {
if ($k == '!--') {
if ($v != 0) {
$allowedHTML[] = "$k.*?--";
}
} else {
switch ($v) {
case 0:
break;
case 1:
$allowedHTML[] = "/?$k\s*/?";
break;
case 2:
$allowedHTML[] = "/?\s*$k" . "(\s+[\w:]+\s*=\s*(\"[^\"]*\"|'[^']*'))*" . '\s*/?';
break;
}
}
}
}
if (count($allowedHTML) > 0) {
$allowedtags = '~<\s*(' . implode('|', $allowedHTML) . ')\s*>~is';
} else {
$allowedtags = '';
}
}
if (!isset($outputfilter)) {
if (ModUtil::available('SecurityCenter') && !System::isInstalling()) {
$outputfilter = System::getVar('outputfilter');
} else {
$outputfilter = 0;
}
}
if (is_array($var)) {
foreach ($var as $k => $v) {
$var[$k] = self::formatForDisplayHTML($v);
}
} else {
// Run additional filters
if ($outputfilter > 0) {
$event->setData($var)->setArg('filter', $outputfilter);
$var = EventUtil::notify($event)->getData();
}
// Preparse var to mark the HTML that we want
if (!empty($allowedtags)) {
$var = preg_replace($allowedtags, "\022\\1\024", $var);
}
// Encode email addresses
$var = preg_replace($search, $replace, $var);
// Fix html entities
$var = htmlspecialchars($var);
// Fix the HTML that we want
$var = preg_replace_callback('#\022([^\024]*)\024#', create_function('$m', 'return DataUtil::formatForDisplayHTML_callback($m);'), $var);
// Fix entities if required
if (System::getVar('htmlentities')) {
$var = preg_replace('/&([a-z#0-9]+);/i', "&\\1;", $var);
}
}
return $var;
}
/**
* Checks if the user is member of clients group and if it should be member of it
* @author Albert Pérez Monfort
* @return bool true authetication succesful
*/
public static function sendMail(Zikula_Event $event) {
$args = $event->getArgs();
/*
$args['html'] = FormUtil::getPassedValue('html', isset($args['html']) ? $args['html'] : 0, 'POST');
$args['toaddress'] = FormUtil::getPassedValue('toaddress', isset($args['toaddress']) ? $args['toaddress'] : null, 'POST');
$args['cc'] = FormUtil::getPassedValue('cc', isset($args['cc']) ? $args['cc'] : null, 'POST');
$args['bcc'] = FormUtil::getPassedValue('bcc', isset($args['bcc']) ? $args['bcc'] : null, 'POST');
$args['subject'] = FormUtil::getPassedValue('subject', isset($args['subject']) ? $args['subject'] : null, 'POST');
$args['body'] = FormUtil::getPassedValue('body', isset($args['body']) ? $args['body'] : null, 'POST');
$args['attachments'] = FormUtil::getPassedValue('attachments', isset($args['attachments']) ? $args['attachments'] : array(), 'POST');
$args['stringattachments'] = FormUtil::getPassedValue('stringattachments', isset($args['stringattachments']) ? $args['stringattachments'] : array(), 'POST');
$args['embeddedimages'] = FormUtil::getPassedValue('embeddedimages', isset($args['embeddedimages']) ? $args['embeddedimages'] : array(), 'POST');
*/
// include php mailsender class file
if (file_exists($file = "modules/SiriusXtecMailer/includes/mailsender.class.php")) {
require_once($file);
} else {
return false;
}
// include php message class file
if (file_exists($file = "modules/SiriusXtecMailer/includes/message.class.php")) {
require_once($file);
} else {
return false;
}
$enabled = ModUtil::getVar('SiriusXtecMailer', 'enabled');
if ($enabled == 0) {
// Add processed flag
//$args['processed'] = 1;
//$result = ModUtil::apiFunc('Mailer', 'user', 'sendmessage', $args);
//return $result;
return false;
}
$idApp = ModUtil::getVar('SiriusXtecMailer', 'idApp');
$replyAddress = ModUtil::getVar('SiriusXtecMailer', 'replyAddress');
$sender = ModUtil::getVar('SiriusXtecMailer', 'sender');
$environment = ModUtil::getVar('SiriusXtecMailer','environment');
$log = ModUtil::getVar('SiriusXtecMailer', 'log');
$debug = ModUtil::getVar('SiriusXtecMailer', 'debug');
$logpath = ModUtil::getVar('SiriusXtecMailer', 'logpath');
$mail = new mailsender($idApp, $replyAddress, $sender, $environment, $log, $debug, $logpath);
// add body content type
$contenttypes = ModUtil::func('SiriusXtecMailer', 'admin', 'getContentTypes');
// set HTML mail if required
if (isset($args['html']) && is_bool($args['html'])) {
if ($args['html']) {
$bodyType = 'text/html';
} else {
$bodyType = TEXTPLAIN;
}
} else {
$bodyType = $contenttypes[ModUtil::getVar('SiriusXtecMailer', 'contenttype')];
}
$message = new message($bodyType, $log, $debug, $logpath);
// add any to addresses
if (is_array($args['toaddress'])) {
foreach ($args['toaddress'] as $to) {
$message->set_to($to);
}
} else {
// $toaddress is not an array -> old logic
// process multiple names entered in a single field separated by commas (#262)
foreach (explode(',', $args['toaddress']) as $to) {
$message->set_to($to);
}
}
// add any cc addresses
if (isset($args['cc']) && is_array($args['cc'])) {
foreach ($args['cc'] as $cc) {
$message->set_cc($cc['address']);
}
}
// add any bcc addresses
if (isset($args['bcc']) && is_array($args['bcc'])) {
foreach ($args['bcc'] as $bcc) {
$message->set_bcc($bcc['address']);
}
}
// add message subject and body
$subject = $args['subject'];
$message->set_subject($subject);
$body = $args['body'];
$message->set_bodyContent($body);
// add attachments
if (isset($args['attachments']) && !empty($args['attachments'])) {
foreach ($args['attachments'] as $attachment) {
if (is_array($attachment)) {
if (count($attachment) != 4) {
// skip invalid arrays
continue;
}
$message->set_attachByPathOnAppServer($attachment[1], $attachment[0]);
} else {
$message->set_attachByPathOnAppServer(basename($attachment[0]), $attachment[0]);
}
}
}
// add string attachments.
if (isset($args['stringattachments']) && !empty($args['stringattachments'])) {
foreach ($args['stringattachments'] as $attachment) {
if (is_array($attachment) && count($attachment) == 4) {
$message->set_attachByContent($attachment[1], $attachment[0], $attachment[3]);
}
}
}
// add embedded images
if (isset($args['embeddedimages']) && !empty($args['embeddedimages'])) {
foreach ($args['embeddedimages'] as $embeddedimage) {
$message->set_attachByPathOnAppServer(basename($embeddedimage), $embeddedimage);
}
}
//add message to mailsender
if (!$mail->add($message)) {
// message not added
return LogUtil::registerError(__f('Error! A problem occurred while adding an e-mail message to \'%1$s\' (%2$s) with subject \'%3$s\'', array($args['toname'], $args['toaddress'][0], $args['subject'])));
}
// send message
if (!$mail->send_mail()) {
// message not sent
return LogUtil::registerError(__f('Error! A problem occurred while sending an e-mail message to \'%1$s\' (%2$s) with subject \'%3$s\'', array($args['toname'], $args['toaddress'][0], $args['subject'])));
}
$event->stop();
$event->setData(true);
return true; // message sent
}
