/** * Performs an authentication attempt * * @throws Zend_Auth_Adapter_Exception If authentication cannot be performed * @return Zend_Auth_Result */ public function authenticate() { $config = new Zend_Config_Ini('../config/zportal.ini', 'mail'); $mailConfig = array('auth' => 'login', 'username' => $this->name, 'password' => $this->password); $login = new Zend_Mail_Protocol_Smtp_Auth_Login($config->mail->get('server'), null, $mailConfig); $login->connect(); try { $login->helo("localhost"); } catch (Exception $e) { // unauth user $result = Zend_Auth_Result::FAILURE; $identity = $this->name; $message = 'Authentication failed. Please check your login details or call system admin.'; return new Zend_Auth_Result($result, $identity, array($message)); } // create result array $users = new Users(); $email = strtolower($this->name . "@zend.com"); $user = $users->getByEmail($email); // if first time visit if (!$user) { // add record to users $users->addUser(array('email' => $email, 'role' => 'member')); $user = $users->getByEmail($email); // send welcome page $bodyHtml = 'Dear User<br>Welcome to ZPortal.<br>'; $config = new Zend_Config_Ini('../config/zportal.ini', 'mail'); $transport = new Zend_Mail_Transport_Smtp($config->mail->get('server'), $mailConfig); $mail = new Zend_Mail(); $mail->setBodyText("See html attachment"); $mail->setBodyHtml($bodyHtml, 'UTF-8', Zend_Mime::ENCODING_BASE64); $mail->setFrom('*****@*****.**', 'ZPortal'); $mail->addTo($email, $email); $mail->setSubject('Welcome to ZPortal'); $mail->send($transport); } $result = Zend_Auth_Result::SUCCESS; $identity = $user; $message = ''; return new Zend_Auth_Result($result, $identity, array($message)); }
<?php $redirect = function () { if (array_key_exists('state', $_GET)) { header('Location: ' . $_GET['state']); } else { header('Location: /'); } }; $auth = new GoogleAuth(Config::get('GOOGLE_WA_CLIENT_ID'), Config::get('GOOGLE_WA_CLIENT_SECRET'), Config::get('GOOGLE_OAUTH_REDIRECT_URI'), Config::get('GOOGLE_OAUTH_SCOPES')); $info = $auth->getUserInfo($_GET['code']); if (null === $info) { // Access denied $redirect(); } else { // Access granted $email = $info['email']; $nick = $info['name']; $picture = $info['picture']; $user = Users::getByEmail($email); if (null == $user) { $user = Users::add($email); $user->setNick($nick); $user->setPicture(Image::INSERT($picture)); } $user->login(); $redirect(); }
private static function getPersonLinkFromEmailAddress($email, $addr_name, $clean = true, $add_contact_link = true) { $name = $email; $url = ""; $user = Users::getByEmail($email); if ($user instanceof User && $user->canSeeUser(logged_user())) { $name = $clean ? clean($user->getDisplayName()) : $user->getDisplayName(); $url = $user->getCardUrl(); } else { $contact = Contacts::getByEmail($email); if ($contact instanceof Contact && $contact->canView(logged_user())) { $name = $clean ? clean($contact->getDisplayName()) : $contact->getDisplayName(); $url = $contact->getCardUrl(); } } if ($url != "") { return '<a class="internalLink" href="' . $url . '" title="' . $email . '">' . $name . " <{$email}></a>"; } else { if (!(active_project() instanceof Project ? Contact::canAdd(logged_user(), active_project()) : can_manage_contacts(logged_user()))) { return $email; } else { $url = get_url('contact', 'add', array('ce' => $email)); $to_show = $addr_name == '' ? $email : $addr_name . " <{$email}>"; return $to_show . ($add_contact_link ? ' <a class="internalLink link-ico ico-add" style="padding-left:12px;" href="' . $url . '" title="' . lang('add contact') . '"> </a>' : ''); } } }
/** * Render and process forgot password form * * @param void * @return null */ function forgot_password() { $your_email = trim(array_var($_POST, 'your_email')); tpl_assign('your_email', $your_email); if (array_var($_POST, 'submitted') == 'submitted') { if (!is_valid_email($your_email)) { tpl_assign('error', new InvalidEmailAddressError($your_email, lang('invalid email address'))); $this->render(); } // if $user = Users::getByEmail($your_email); if (!$user instanceof User) { flash_error(lang('email address not in use', $your_email)); $this->redirectTo('access', 'forgot_password'); } // if try { Notifier::forgotPassword($user); flash_success(lang('success forgot password')); } catch (Exception $e) { flash_error(lang('error forgot password')); } // try $this->redirectTo('access', 'forgot_password'); } // if }
/** * Add single mail * * @access public * @param void * @return null */ function add_mail() { if (logged_user()->isGuest()) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } $this->addHelper('textile'); $mail_accounts = MailAccounts::getMailAccountsByUser(logged_user()); if (count($mail_accounts) < 1) { flash_error(lang('no mail accounts set')); ajx_current("empty"); return; } $this->setTemplate('add_mail'); $mail_data = array_var($_POST, 'mail'); $isDraft = array_var($mail_data, 'isDraft', '') == 'true' ? true : false; $isUpload = array_var($mail_data, 'isUpload', '') == 'true' ? true : false; $autosave = array_var($mail_data, 'autosave', '') == 'true'; $id = array_var($mail_data, 'id'); $mail = MailContents::findById($id); $isNew = false; if (!$mail) { $isNew = true; $mail = new MailContent(); } tpl_assign('mail_to', urldecode(array_var($_GET, 'to'))); tpl_assign('link_to_objects', array_var($_GET, 'link_to_objects')); $def_acc = $this->getDefaultAccountId(); if ($def_acc > 0) { tpl_assign('default_account', $def_acc); } tpl_assign('mail', $mail); tpl_assign('mail_data', $mail_data); tpl_assign('mail_accounts', $mail_accounts); // Form is submited if (is_array($mail_data)) { $account = MailAccounts::findById(array_var($mail_data, 'account_id')); if (!$account instanceof MailAccount) { flash_error(lang('mail account dnx')); ajx_current("empty"); return; } $accountUser = MailAccountUsers::getByAccountAndUser($account, logged_user()); if (!$accountUser instanceof MailAccountUser) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } if ($account->getOutgoingTrasnportType() == 'ssl' || $account->getOutgoingTrasnportType() == 'tls') { $available_transports = stream_get_transports(); if (array_search($account->getOutgoingTrasnportType(), $available_transports) === FALSE) { flash_error('The server does not support SSL.'); ajx_current("empty"); return; } } $cp_errs = $this->checkRequiredCustomPropsBeforeSave(array_var($_POST, 'object_custom_properties', array())); if (is_array($cp_errs) && count($cp_errs) > 0) { foreach ($cp_errs as $err) { flash_error($err); } ajx_current("empty"); return; } $subject = array_var($mail_data, 'subject'); $body = array_var($mail_data, 'body'); if (($pre_body_fname = array_var($mail_data, 'pre_body_fname')) != "") { $body = str_replace(lang('content too long not loaded'), '', $body, $count = 1); $tmp_filename = ROOT . "/tmp/{$pre_body_fname}"; if (is_file($tmp_filename)) { $body .= file_get_contents($tmp_filename); if (!$isDraft) { @unlink($tmp_filename); } } } if (array_var($mail_data, 'format') == 'html') { $css = "font-family:Arial,Verdana,sans-serif;font-size:12px;color:#222;"; Hook::fire('email_base_css', null, $css); str_replace(array("\r", "\n"), "", $css); $body = '<div style="' . $css . '">' . $body . '</div>'; $body = str_replace('<blockquote>', '<blockquote style="border-left:1px solid #987ADD;padding-left:10px;">', $body); } $type = 'text/' . array_var($mail_data, 'format'); $to = trim(array_var($mail_data, 'to')); if (str_ends_with($to, ",") || str_ends_with($to, ";")) { $to = substr($to, 0, strlen($to) - 1); } $mail_data['to'] = $to; $cc = trim(array_var($mail_data, 'cc')); if (str_ends_with($cc, ",") || str_ends_with($cc, ";")) { $cc = substr($cc, 0, strlen($cc) - 1); } $mail_data['cc'] = $cc; $bcc = trim(array_var($mail_data, 'bcc')); if (str_ends_with($bcc, ",") || str_ends_with($bcc, ";")) { $bcc = substr($bcc, 0, strlen($bcc) - 1); } $mail_data['bcc'] = $bcc; if (!$isDraft && trim($to . $cc . $bcc) == '') { flash_error(lang('recipient must be specified')); ajx_current("empty"); return; } $invalid_to = MailUtilities::validate_email_addresses($to); if (is_array($invalid_to)) { flash_error(lang('error invalid recipients', lang('mail to'), implode(", ", $invalid_to))); ajx_current("empty"); return; } $invalid_cc = MailUtilities::validate_email_addresses($cc); if (is_array($invalid_cc)) { flash_error(lang('error invalid recipients', lang('mail CC'), implode(", ", $invalid_cc))); ajx_current("empty"); return; } $invalid_bcc = MailUtilities::validate_email_addresses($bcc); if (is_array($invalid_bcc)) { flash_error(lang('error invalid recipients', lang('mail BCC'), implode(", ", $invalid_bcc))); ajx_current("empty"); return; } $last_mail_in_conversation = array_var($mail_data, 'last_mail_in_conversation'); $conversation_id = array_var($mail_data, 'conversation_id'); if ($last_mail_in_conversation && $conversation_id) { $new_mail_in_conversation = MailContents::getLastMailIdInConversation($conversation_id, true); if ($new_mail_in_conversation != $last_mail_in_conversation) { ajx_current("empty"); evt_add("new email in conversation", array('id' => $new_mail_in_conversation, 'genid' => array_var($_POST, 'instanceName'))); return; } } $mail->setFromAttributes($mail_data); $mail->setTo($to); $mail->setCc($cc); $mail->setBcc($bcc); $mail->setSubject($mail_data['subject']); $utils = new MailUtilities(); // attachment $linked_attachments = array(); $attachments = array(); $objects = array_var($_POST, 'linked_objects'); $attach_contents = array_var($_POST, 'attach_contents', array()); if (is_array($objects)) { $err = 0; $count = -1; foreach ($objects as $objid) { $count++; $split = explode(":", $objid); if (count($split) == 2) { $object = get_object_by_manager_and_id($split[1], $split[0]); } else { if (count($split) == 4) { if ($split[0] == 'FwdMailAttach') { $tmp_filename = ROOT . "/tmp/" . logged_user()->getId() . "_" . $mail_data['account_id'] . "_FwdMailAttach_" . $split[3]; if (is_file($tmp_filename)) { $attachments[] = array("data" => file_get_contents($tmp_filename), "name" => $split[1], "type" => $split[2]); continue; } } } } if (!isset($object) || !$object) { flash_error(lang('file dnx')); $err++; } else { if (isset($attach_contents[$count])) { if ($split[0] == 'ProjectFiles') { $file = ProjectFiles::findById($object->getId()); if (!$file instanceof ProjectFile) { flash_error(lang('file dnx')); $err++; } // if if (!$file->canDownload(logged_user())) { flash_error(lang('no access permissions')); $err++; } // if $attachments[] = array("data" => $file->getFileContent(), "name" => $file->getFilename(), "type" => $file->getTypeString()); } else { if ($split[0] == 'MailContents') { $email = MailContents::findById($object->getId()); if (!$email instanceof MailContent) { flash_error(lang('email dnx')); $err++; } // if if (!$email->canView(logged_user())) { flash_error(lang('no access permissions')); $err++; } // if $attachments[] = array("data" => $email->getContent(), "name" => $email->getSubject() . ".eml", "type" => 'message/rfc822'); } } } else { $linked_attachments[] = array("data" => $object->getViewUrl(), "name" => clean($object->getObjectName()), "type" => lang($object->getObjectTypeName()), "manager" => $object->getObjectManagerName(), "id" => $object->getId()); } } } if ($err > 0) { flash_error(lang('some objects could not be linked', $err)); ajx_current('empty'); return; } } $to = preg_split('/;|,/', $to); $to = $utils->parse_to($to); if ($body == '') { $body .= ' '; } try { if (count($linked_attachments)) { $linked_users = array(); foreach ($to as $to_user) { $linked_user = Users::getByEmail($to_user[1]); if (!$linked_user instanceof User) { try { $linked_user = create_user_from_email($to_user[1], $to_user[0]); } catch (Exception $e) { //Logger::log($e->getMessage()); } } if ($linked_user instanceof User) { $linked_users[] = $linked_user; } } $linked_atts = $type == 'text/html' ? '<div style="font-family:arial;"><br><br><br><span style="font-size:12pt;font-weight:bold;color:#777">' . lang('linked attachments') . '</span><ul>' : "\n\n\n-----------------------------------------\n" . lang('linked attachments') . "\n\n"; foreach ($linked_attachments as $att) { $linked_atts .= $type == 'text/html' ? '<li><a href="' . $att['data'] . '">' . $att['name'] . ' (' . $att['type'] . ')</a></li>' : $att['name'] . ' (' . $att['type'] . '): ' . $att['data'] . "\n"; foreach ($linked_users as $linked_user) { try { $linked_user->giveAccessToObject(get_object_by_manager_and_id($att['id'], $att['manager'])); } catch (Exception $e) { //Logger::log($e->getMessage()); } } } $linked_atts .= $type == 'text/html' ? '</ul></div>' : ''; } else { $linked_atts = ''; } $body .= $linked_atts; if (count($attachments) > 0) { $i = 0; $str = ""; /* foreach ($attachments as $att) { $str .= "--000000000000000000000000000$i\n"; $str .= "Name: ".$att['name'] .";\n"; $str .= "Type: ".$att['type'] .";\n"; //$str .= "Encoding: ".$att['type'] .";\n"; $str .= base64_encode($att['data']) ."\n"; $str .= "--000000000000000000000000000$i--\n"; $i++; } */ $str = "#att_ver 2\n"; foreach ($attachments as $att) { $rep_id = $utils->saveContent($att['data']); $str .= $att['name'] . "," . $att['type'] . "," . $rep_id . "\n"; } // save attachments, when mail is sent this file is deleted and full content is saved $repository_id = $utils->saveContent($str); if (!$isNew) { if (FileRepository::isInRepository($mail->getContentFileId())) { // delete old attachments $content = FileRepository::getFileContent($mail->getContentFileId()); if (str_starts_with($content, "#att_ver")) { $lines = explode("\n", $content); foreach ($lines as $line) { if (!str_starts_with($line, "#") && trim($line) !== "") { $data = explode(",", $line); if (isset($data[2]) && FileRepository::isInRepository($data[2])) { FileRepository::deleteFile($data[2]); } } } } FileRepository::deleteFile($mail->getContentFileId()); } } $mail->setContentFileId($repository_id); } $mail->setHasAttachments(is_array($attachments) && count($attachments) > 0 ? 1 : 0); $mail->setAccountEmail($account->getEmailAddress()); $mail->setSentDate(DateTimeValueLib::now()); $mail->setReceivedDate(DateTimeValueLib::now()); DB::beginWork(); $msg_id = MailUtilities::generateMessageId($account->getEmailAddress()); $conversation_id = array_var($mail_data, 'conversation_id'); $in_reply_to_id = array_var($mail_data, 'in_reply_to_id'); if ($conversation_id) { $in_reply_to = MailContents::findById(array_var($mail_data, 'original_id')); if ($in_reply_to instanceof MailContent && $in_reply_to->getSubject() && strpos(strtolower($mail->getSubject()), strtolower($in_reply_to->getSubject())) === false) { $conversation_id = null; $in_reply_to_id = ''; } } if (!$conversation_id) { $conversation_id = MailContents::getNextConversationId($account->getId()); } $mail->setMessageId($msg_id); $mail->setConversationId($conversation_id); $mail->setInReplyToId($in_reply_to_id); $mail->setUid(gen_id()); $mail->setState($isDraft ? 2 : 200); $mail->setIsPrivate(false); set_user_config_option('last_mail_format', array_var($mail_data, 'format', 'plain'), logged_user()->getId()); $body = utf8_safe($body); if (array_var($mail_data, 'format') == 'html') { $mail->setBodyHtml($body); $mail->setBodyPlain(utf8_safe(html_to_text($body))); } else { $mail->setBodyPlain($body); $mail->setBodyHtml(''); } $mail->setFrom($account->getEmailAddress()); $mail->setFromName(logged_user()->getDisplayName()); $mail->save(); $mail->setIsRead(logged_user()->getId(), true); $mail->setTagsFromCSV(array_var($mail_data, 'tags')); // autoclassify sent email // if replying a classified email classify on same workspace $classified = false; if (array_var($mail_data, 'original_id')) { $in_reply_to = MailContents::findById(array_var($mail_data, 'original_id')); if ($in_reply_to instanceof MailContent) { $workspaces = $in_reply_to->getWorkspaces(); foreach ($workspaces as $w) { if ($mail->canAdd(logged_user(), $w)) { $mail->addToWorkspace($w); $classified = true; } } } } if (!$classified && $account->getWorkspace() instanceof Project) { $mail->addToWorkspace($account->getWorkspace()); } if (!$classified && active_project() instanceof Project) { $mail->addToWorkspace(active_project()); } $object_controller = new ObjectController(); $object_controller->add_custom_properties($mail); $object_controller->link_to_new_object($mail); if (array_var($mail_data, 'link_to_objects') != '') { $lto = explode('|', array_var($mail_data, 'link_to_objects')); foreach ($lto as $object_string) { $split_object = explode('-', $object_string); $object = get_object_by_manager_and_id($split_object[1], $split_object[0]); if ($object instanceof ProjectDataObject) { $mail->linkObject($object); } } } ApplicationLogs::createLog($mail, $mail->getWorkspaces(), ApplicationLogs::ACTION_ADD); if (user_config_option('create_contacts_from_email_recipients') && can_manage_contacts(logged_user())) { // automatically create contacts foreach ($to as $recipient) { $recipient_name = trim($recipient[0]); $recipient_address = trim($recipient[1]); if (!$recipient_address) { continue; } $contact = Contacts::getByEmail($recipient_address); if (!$contact instanceof Contact) { try { $contact = new Contact(); $contact->setEmail($recipient_address); if ($recipient_name && $recipient_name != $recipient_address) { $contact->setFirstName($recipient_name); } else { $index = strpos($recipient_address, "@"); $recipient_name = substr($recipient_address, 0, $index); $contact->setFirstName($recipient_name); } $contact->save(); } catch (Exception $e) { // TODO: show error message? } } } } DB::commit(); if (!$autosave) { if ($isDraft) { flash_success(lang('success save mail')); ajx_current("empty"); } else { evt_add("must send mails", array("account" => $mail->getAccountId())); //flash_success(lang('mail is being sent')); ajx_current("back"); } evt_add("email saved", array("id" => $mail->getId(), "instance" => array_var($_POST, 'instanceName'))); } else { evt_add("draft mail autosaved", array("id" => $mail->getId(), "hf_id" => $mail_data['hf_id'])); flash_success(lang('success autosave draft')); ajx_current("empty"); } } catch (Exception $e) { DB::rollback(); flash_error($e->getMessage()); ajx_current("empty"); } // try } // if }
function getSenderUrl() { $user = Users::getByEmail($this->getFrom()); if ($user instanceof User && $user->canSeeUser(logged_user())) { return $user->getCardUrl(); } else { $contact = Contacts::getByEmail($this->getFrom()); if ($contact instanceof Contact && $contact->canView(logged_user())) { return $contact->getCardUrl(); } } return $this->getViewUrl(); }
/** * Resend activation email */ public function resendActivationAction() { $config = new Zend_Config_Ini(APPLICATION_PATH . '/configs/forms.ini'); $this->view->form = new Zend_Form($config->feed->resendactivation); if ($this->getRequest()->isPost() && $this->view->form->isValid($_POST)) { $feeds = new Feeds(); $users = new Users(); $user = $users->getByEmail($this->view->form->email->getValue()); $feed = $feeds->getBySiteUrlAndUserId($this->view->form->url->getValue(), $user->id); if ($feed) { $this->sendActivationEmail($feed, $user); } else { $this->view->form->email->markAsError(); } } }
public function actionPassRequest() { if (!isset($_POST['PassRequestForm'])) { //new request $requestForm = new PassRequestForm(); $this->render('passrequest', array('model' => $requestForm)); } else { //requst form has been filled $requestForm = new PassRequestForm(); $requestForm->attributes = $_POST['PassRequestForm']; if (!$requestForm->validate()) { yii::app()->user->setFlash('error', Yii::t('AuthModule.main', 'Restore form validation failed')); $this->render('passrequest', array('model' => $requestForm)); return; } //for is correct so, prepare and send request email $email = $_POST['PassRequestForm']['email']; //create new guid and sent it to user $guid = AuthCommon::getGUID(); $userModel = new Users(); $user = $userModel->getByEmail($email); if ($user == null) { yii::app()->user->setFlash('warning', sprintf(Yii::t('AuthModule.main', 'Email address was not found'), $email)); $this->redirect(array('user/passrequest')); return; } $user_id = $user->id; $validations = new Validations(); $validations->guid = $guid; $validations->user_id = $user_id; $validations->email = $email; $validations->type = self::VALIDATOR_RESTORE; $date = new DateTime(); $date->modify("+24 hours"); $exp_time = $date->format(AuthCommon::getParam('dateFormat')); $validations->exp_datetime = $exp_time; $validations->comments = 'Restore user password'; if (!$validations->validate()) { yii::app()->user->setFlash('error', Yii::t('AuthModule.main', 'Password restore not complited')); $this->render('passrequest', array('model' => $requestForm)); return; } if (!$validations->save()) { yii::app()->user->setFlash('error', Yii::t('AuthModule.main', 'Password restore not complited')); $this->render('passrequest', array('model' => $requestForm)); return; } //send email with restore link if (!$requestForm->validate()) { yii::app()->user->setFlash('error', Yii::t('AuthModule.main', 'Restore form validation failed')); $this->render('passrequest', array('model' => $requestForm)); return; } $result = AuthCommon::sendPassRequestEmail($email, $guid, $user->username); if ($result) { Yii::app()->user->setFlash('success', sprintf(Yii::t('AuthModule.main', 'Password restore link has been sent'), $email)); $this->redirect(array('user/passchange')); } else { Yii::app()->user->setFlash('error', Yii::t('AuthModule.main', 'Error sending email message')); $this->redirect(array('user/passrequest')); } } }
<?php if ($page->isPostBack()) { if (!isset($_POST["username"]) || !isset($_POST["password"])) { $page->smarty->assign('error', "Please enter your username and password."); } else { $page->smarty->assign('username', $_POST["username"]); $users = new Users(); $res = $users->getByUsername($_POST["username"]); $dis = $users->isDisabled($_POST["username"]); if (!$res) { $res = $users->getByEmail($_POST["username"]); } if ($res) { if ($dis) { $page->smarty->assign('error', "Your account has been disabled."); } else { if ($users->checkPassword($_POST["password"], $res["password"])) { $rememberMe = isset($_POST['rememberme']) && $_POST['rememberme'] == 'on' ? 1 : 0; $users->login($res["ID"], $_SERVER['REMOTE_ADDR'], $rememberMe); if (isset($_POST["redirect"]) && $_POST["redirect"] != "") { header("Location: " . $_POST["redirect"]); } else { header("Location: " . WWW_TOP . $page->site->home_link); } die; } else { $page->smarty->assign('error', "Incorrect username or password."); } } } else {
/** * Render and process forgot password form * * @param void * @return null */ function forgot_password() { $your_email = trim(array_var($_POST, 'your_email')); tpl_assign('your_email', $your_email); if (array_var($_POST, 'submited') == 'submited') { if (!is_valid_email($your_email)) { tpl_assign('error', new InvalidEmailAddressError($your_email, lang('invalid email address'))); $this->render(); } // if $user = Users::getByEmail($your_email); if (!$user instanceof User) { flash_error(lang('email address not in use', $your_email)); $this->redirectTo('access', 'forgot_password'); } // if $token = sha1(gen_id() . (defined('SEED') ? SEED : '')); $timestamp = time() + 60 * 60 * 24; set_user_config_option('reset_password', $token . ";" . $timestamp, $user->getId()); try { DB::beginWork(); Notifier::forgotPassword($user, $token); flash_success(lang('success forgot password')); DB::commit(); } catch (Exception $e) { DB::rollback(); flash_error(lang('error forgot password')); } // try $this->redirectTo('access', 'forgot_password'); } // if }