Exemple #1
0
/**
 * Process an incoming email
 *
 * @param string $address the email address to process
 */
function process_email($address)
{
    $email = new StdClass();
    if (strlen($address) <= 30) {
        log_debug('-- Email address not long enough to contain valid data.');
        return $email;
    }
    if (!strstr($address, '@')) {
        log_debug('-- Email address does not contain @.');
        return $email;
    }
    $mailprefix = get_config('bounceprefix');
    $prefixlength = strlen($mailprefix);
    list($email->localpart, $email->domain) = explode('@', $address);
    // The prefix is stored in the first characters denoted by $prefixlength
    $email->prefix = substr($email->localpart, 0, $prefixlength);
    // The type of message received is a one letter code
    $email->type = substr($email->localpart, $prefixlength, 1);
    // The userid should be available immediately afterwards
    // Postfix and other smtp servers don't like the use of / in the extension part of an email
    // We may of replaced it with another valid email character which isn't in base64, namely '-'
    // If we didn't, then the preg_replace won't do anything
    list(, $email->userid) = unpack('V', base64_decode(preg_replace('/-/', '/', substr($email->localpart, $prefixlength + 1, 8))));
    // Any additional arguments
    $email->args = substr($email->localpart, $prefixlength + 9, -16);
    // And a hash of the intended recipient for authentication
    $email->addresshash = substr($email->localpart, -16);
    if (!$email->userid) {
        log_debug('-- no userid associated with this email address');
        return $email;
    }
    switch ($email->type) {
        case 'B':
            // E-mail bounces
            if ($user = get_record_select('artefact_internal_profile_email', '"owner" = ? AND principal = 1', array($email->userid))) {
                $maildomain = get_config('bouncedomain');
                $installation_key = get_config('installation_key');
                // check the half md5 of their email
                $md5check = substr(md5($mailprefix . $user->email . $installation_key), 0, 16);
                $user->id = $user->owner;
                if ($md5check == substr($email->addresshash, -16)) {
                    update_bounce_count($user);
                    check_overcount($user);
                }
                // else maybe they've already changed their email address
            }
            break;
            // No more cases yet
    }
    return $email;
}
/**
 * Process an incoming email
 *
 * @param string $address the email address to process
 */
function process_email($address)
{
    $email = new StdClass();
    if (strlen($address) <= 30) {
        log_debug('-- Email address not long enough to contain valid data.');
        return $email;
    }
    if (!strstr($address, '@')) {
        log_debug('-- Email address does not contain @.');
        return $email;
    }
    list($email->localpart, $email->domain) = explode('@', $address);
    // The prefix is stored in the first four characters
    $email->prefix = substr($email->localpart, 0, 4);
    // The type of message received is a one letter code
    $email->type = substr($email->localpart, 4, 1);
    // The userid should be available immediately afterwards
    list(, $email->userid) = unpack('V', base64_decode(substr($email->localpart, 5, 8)));
    // Any additional arguments
    $email->args = substr($email->localpart, 13, -16);
    // And a hash of the intended recipient for authentication
    $email->addresshash = substr($email->localpart, -16);
    if (!$email->userid) {
        log_debug('-- no userid associated with this email address');
        return $email;
    }
    switch ($email->type) {
        case 'B':
            // E-mail bounces
            if ($user = get_record_select('artefact_internal_profile_email', '"owner" = ? AND principal = 1', array($email->userid))) {
                $mailprefix = get_config('bounceprefix');
                $maildomain = get_config('bouncedomain');
                $installation_key = get_config('installation_key');
                // check the half md5 of their email
                $md5check = substr(md5($mailprefix . $user->email . $installation_key), 0, 16);
                $user->id = $user->owner;
                if ($md5check == substr($email->addresshash, -16)) {
                    update_bounce_count($user);
                    check_overcount($user);
                }
                // else maybe they've already changed their email address
            }
            break;
            // No more cases yet
    }
    return $email;
}
Exemple #3
0
function forgotpass_submit(Pieform $form, $values)
{
    global $SESSION;
    try {
        if (!($user = get_record_sql('SELECT u.* FROM {usr} u
            INNER JOIN {auth_instance} ai ON (u.authinstance = ai.id)
            WHERE (LOWER(u.email) = ? OR LOWER(u.username) = ?)
            AND ai.authname = \'internal\'', array_fill(0, 2, strtolower($values['emailusername']))))) {
            die_info(get_string('forgotpassnosuchemailaddressorusername'));
        }
        $pwrequest = new StdClass();
        $pwrequest->usr = $user->id;
        $pwrequest->expiry = db_format_timestamp(time() + 86400);
        $pwrequest->key = get_random_key();
        $sitename = get_config('sitename');
        $fullname = display_name($user);
        // Override the disabled status of this e-mail address
        $user->ignoredisabled = true;
        email_user($user, null, get_string('forgotusernamepasswordemailsubject', 'mahara', $sitename), get_string('forgotusernamepasswordemailmessagetext', 'mahara', $fullname, $sitename, $user->username, get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key, get_config('wwwroot') . 'contact.php', $sitename), get_string('forgotusernamepasswordemailmessagehtml', 'mahara', $fullname, $sitename, $user->username, get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key, get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key, get_config('wwwroot') . 'contact.php', $sitename));
        insert_record('usr_password_request', $pwrequest);
    } catch (SQLException $e) {
        die_info(get_string('forgotpassemailsendunsuccessful'));
    } catch (EmailException $e) {
        die_info(get_string('forgotpassemailsendunsuccessful'));
    }
    // Add a note if this e-mail address is over the bounce threshold to
    // warn users that they may not receive the e-mail
    if ($mailinfo = get_record_select('artefact_internal_profile_email', '"owner" = ? AND principal = 1', array($user->id))) {
        if (check_overcount($mailinfo)) {
            $SESSION->add_info_msg(get_string('forgotpassemailsentanyway1', 'mahara', get_config('sitename')));
        }
    }
    // Unsetting disabled status overriding
    unset($user->ignoredisabled);
    // Add a marker in the session to say that the user has registered
    $SESSION->set('pwchangerequested', true);
    redirect('/forgotpass.php');
}