protected function afterLoad(&$response, &$model, &$params) { // create message model from client's content field, turned into HTML format $message = \GO\Email\Model\SavedMessage::model()->createFromMimeData($model->content); $html = empty($params['content_type']) || $params['content_type'] == 'html'; $response['data'] = array_merge($response['data'], $message->toOutputArray($html)); unset($response['data']['content']); return parent::afterLoad($response, $model, $params); }
public function actionMessageAttachment($params) { $account = Account::model()->findByPk($params['account_id']); $tmpFile = \GO\Base\Fs\File::tempFile('message.eml'); $imap = $account->openImapConnection($params['mailbox']); /* @var $imap \GO\Base\Mail\Imap */ $imap->save_to_file($params['uid'], $tmpFile->path(), $params['number'], $params['encoding']); $message = \GO\Email\Model\SavedMessage::model()->createFromMimeData($tmpFile->getContents()); $response = $message->toOutputArray(); $response = $this->_checkXSS($params, $response); $response['path'] = $tmpFile->stripTempPath(); $response['is_tmp_file'] = true; $response['success'] = true; return $response; }
/** * This action will generate multiple Email Download link and return a JSON * response with the generated links in the email subject * @param array $params * - string ids: json encode file ids to mail * - timestamp expire_time: chosen email link expire time * - int template_id: id of used template * - int alias_id: id of alias to mail from * - string content_type : html | plain * @return string Json response */ protected function actionEmailDownloadLink($params) { $files = \GO\Files\Model\File::model()->findByAttribute('id', json_decode($params['ids'])); $html = $params['content_type'] == 'html'; $bodyindex = $html ? 'htmlbody' : 'plainbody'; $lb = $html ? '<br />' : "\n"; $text = $html ? \GO::t('clickHereToDownload', "files") : \GO::t('copyPasteToDownload', "files"); $linktext = $html ? "<ul>" : $lb; foreach ($files as $file) { $url = $file->getEmailDownloadURL($html, \GO\Base\Util\Date::date_add($params['expire_time'], 1), $params['delete_when_expired']); $linktext .= $html ? '<li><a href="' . $url . '">' . $file->name . '</a></li>' . $lb : $url . $lb; } $linktext .= $html ? "</ul>" : "\n"; $text .= ' (' . \GO::t('possibleUntil', 'files') . ' ' . \GO\Base\Util\Date::get_timestamp(\GO\Base\Util\Date::date_add($file->expire_time, -1), false) . ')' . $lb; $text .= $linktext; if ($params['template_id'] && ($template = \GO\Addressbook\Model\Template::model()->findByPk($params['template_id']))) { $message = \GO\Email\Model\SavedMessage::model()->createFromMimeData($template->content); $response['data'] = $message->toOutputArray($html, true); if (strpos($response['data'][$bodyindex], '{body}')) { $response['data'][$bodyindex] = \GO\Addressbook\Model\Template::model()->replaceUserTags($response['data'][$bodyindex], true); \GO\Addressbook\Model\Template::model()->htmlSpecialChars = false; $response['data'][$bodyindex] = \GO\Addressbook\Model\Template::model()->replaceCustomTags($response['data'][$bodyindex], array('body' => $text)); } else { $response['data'][$bodyindex] = \GO\Addressbook\Model\Template::model()->replaceUserTags($response['data'][$bodyindex], false); $response['data'][$bodyindex] = $text . $response['data'][$bodyindex]; } } else { $response['data'][$bodyindex] = $text; } $response['data']['subject'] = \GO::t('downloadLink', 'files'); //.' '.$file->name; $response['success'] = true; return $response; }
public static function toOutputArray(array &$response, \GO\Email\Model\ImapMessage $imapMessage) { if ($imapMessage->content_type == 'application/x-pkcs7-mime') { $imapMessage->content_type = 'application/pkcs7-mime'; } if ($imapMessage->content_type == 'application/pkcs7-mime' && isset($imapMessage->content_type_attributes['smime-type']) && $imapMessage->content_type_attributes['smime-type'] == 'signed-data') { //signed data but not in clear text. Outlook has this option. $outfile = \GO\Base\Fs\File::tempFile(); $imapMessage->getImapConnection()->save_to_file($imapMessage->uid, $outfile->path()); $verifyOutfile = \GO\Base\Fs\File::tempFile(); // $cmd = '/usr/bin/openssl smime -verify -in ' . $outfile->path() . ' -out ' . $verifyOutfile->path(); // exec($cmd); // //PHP can't output the verified data without the signature without //suppling the extracerts option. We generated a dummy certificate for //this. openssl_pkcs7_verify($outfile->path(), null, "/dev/null", array(), GO::config()->root_path . "modules/smime/dummycert.pem", $verifyOutfile->path()); $message = \GO\Email\Model\SavedMessage::model()->createFromMimeData($verifyOutfile->getContents()); //remove temp files $outfile->delete(); $verifyOutfile->delete(); $newResponse = $message->toOutputArray(true); unset($newResponse['to']); unset($newResponse['cc']); foreach ($newResponse as $key => $value) { if (!empty($value) || $key == 'attachments') { $response[$key] = $value; } } // $response['path'] = $outfile->stripTempPath(); return; } if ($imapMessage->content_type == 'application/pkcs7-mime') { $encrypted = !isset($imapMessage->content_type_attributes['smime-type']) || $imapMessage->content_type_attributes['smime-type'] != 'signed-data'; if ($encrypted) { GO::debug("Message is encrypted"); $cert = Model\Certificate::model()->findByPk($imapMessage->account->id); if (!$cert || empty($cert->cert)) { GO::debug('SMIME: No private key at all found for this account'); $response['htmlbody'] = GO::t('noPrivateKeyForDecrypt', 'smime'); return false; } if (isset($_REQUEST['password'])) { GO::session()->values['smime']['passwords'][$imapMessage->account->id] = $_REQUEST['password']; } if (!isset(GO::session()->values['smime']['passwords'][$imapMessage->account->id])) { $response['askPassword'] = true; GO::debug("Need to ask for password"); return false; } } $attachments = $imapMessage->getAttachments(); $att = array_shift($attachments); // array ( // 'type' => 'application', // 'subtype' => 'pkcs7-mime', // 'smime-type' => 'enveloped-data', // 'name' => 'smime.p7m', // 'id' => false, // 'encoding' => 'base64', // 'size' => '2302', // 'md5' => false, // 'disposition' => false, // 'language' => false, // 'location' => false, // 'charset' => false, // 'lines' => false, // 'number' => 1, // 'extension' => 'p7m', // 'human_size' => '2,2 KB', // 'tmp_file' => false, // ) $infile = \GO\Base\Fs\File::tempFile(); $outfile = \GO\Base\Fs\File::tempFile(); //$outfilerel = $reldir . 'unencrypted.txt'; if ($encrypted) { GO::debug('Message is encrypted'); // $imapMessage->getImapConnection()->save_to_file($imapMessage->uid, $infile->path(), 'TEXT', 'base64'); // throw new \Exception($infile->path()); if (!$imapMessage->saveToFile($infile->path())) { throw new \Exception("Could not save IMAP message to file for decryption"); } $password = GO::session()->values['smime']['passwords'][$imapMessage->account->id]; openssl_pkcs12_read($cert->cert, $certs, $password); if (empty($certs)) { //password invalid $response['askPassword'] = true; GO::debug("Invalid password"); return false; } $return = openssl_pkcs7_decrypt($infile->path(), $outfile->path(), $certs['cert'], array($certs['pkey'], $password)); $infile->delete(); if (!$return || !$outfile->exists() || !$outfile->size()) { $response['htmlbody'] = GO::t('decryptionFailed', 'smime') . '<br />'; while ($str = openssl_error_string()) { $response['htmlbody'] .= '<br />' . $str; } GO::debug("Decryption failed"); return false; } else { //check if also signed $data = $outfile->getContents(); if (strpos($data, 'signed-data')) { $verifyOutfile = \GO\Base\Fs\File::tempFile(); openssl_pkcs7_verify($outfile->path(), null, "/dev/null", array(), GO::config()->root_path . "modules/smime/dummycert.pem", $verifyOutfile->path()); $outfile = $verifyOutfile; } $message = \GO\Email\Model\SavedMessage::model()->createFromMimeData($outfile->getContents()); $newResponse = $message->toOutputArray(true); unset($newResponse['to']); unset($newResponse['to_string']); unset($newResponse['cc']); foreach ($newResponse as $key => $value) { if (!empty($value) || $key == 'attachments') { $response[$key] = $value; } } $response['smime_encrypted'] = true; //$response['path']=$outfile->stripTempPath(); $outfile->delete(); } } else { GO::debug('Message is NOT encrypted'); } } }