/**
* Process an incoming email
*
* @param string $address the email address to process
*/
function process_email($address)
{
$email = new StdClass();
if (strlen($address) <= 30) {
log_debug('-- Email address not long enough to contain valid data.');
return $email;
}
if (!strstr($address, '@')) {
log_debug('-- Email address does not contain @.');
return $email;
}
$mailprefix = get_config('bounceprefix');
$prefixlength = strlen($mailprefix);
list($email->localpart, $email->domain) = explode('@', $address);
// The prefix is stored in the first characters denoted by $prefixlength
$email->prefix = substr($email->localpart, 0, $prefixlength);
// The type of message received is a one letter code
$email->type = substr($email->localpart, $prefixlength, 1);
// The userid should be available immediately afterwards
// Postfix and other smtp servers don't like the use of / in the extension part of an email
// We may of replaced it with another valid email character which isn't in base64, namely '-'
// If we didn't, then the preg_replace won't do anything
list(, $email->userid) = unpack('V', base64_decode(preg_replace('/-/', '/', substr($email->localpart, $prefixlength + 1, 8))));
// Any additional arguments
$email->args = substr($email->localpart, $prefixlength + 9, -16);
// And a hash of the intended recipient for authentication
$email->addresshash = substr($email->localpart, -16);
if (!$email->userid) {
log_debug('-- no userid associated with this email address');
return $email;
}
switch ($email->type) {
case 'B':
// E-mail bounces
if ($user = get_record_select('artefact_internal_profile_email', '"owner" = ? AND principal = 1', array($email->userid))) {
$maildomain = get_config('bouncedomain');
$installation_key = get_config('installation_key');
// check the half md5 of their email
$md5check = substr(md5($mailprefix . $user->email . $installation_key), 0, 16);
$user->id = $user->owner;
if ($md5check == substr($email->addresshash, -16)) {
update_bounce_count($user);
check_overcount($user);
}
// else maybe they've already changed their email address
}
break;
// No more cases yet
}
return $email;
}
/**
* Process an incoming email
*
* @param string $address the email address to process
*/
function process_email($address)
{
$email = new StdClass();
if (strlen($address) <= 30) {
log_debug('-- Email address not long enough to contain valid data.');
return $email;
}
if (!strstr($address, '@')) {
log_debug('-- Email address does not contain @.');
return $email;
}
list($email->localpart, $email->domain) = explode('@', $address);
// The prefix is stored in the first four characters
$email->prefix = substr($email->localpart, 0, 4);
// The type of message received is a one letter code
$email->type = substr($email->localpart, 4, 1);
// The userid should be available immediately afterwards
list(, $email->userid) = unpack('V', base64_decode(substr($email->localpart, 5, 8)));
// Any additional arguments
$email->args = substr($email->localpart, 13, -16);
// And a hash of the intended recipient for authentication
$email->addresshash = substr($email->localpart, -16);
if (!$email->userid) {
log_debug('-- no userid associated with this email address');
return $email;
}
switch ($email->type) {
case 'B':
// E-mail bounces
if ($user = get_record_select('artefact_internal_profile_email', '"owner" = ? AND principal = 1', array($email->userid))) {
$mailprefix = get_config('bounceprefix');
$maildomain = get_config('bouncedomain');
$installation_key = get_config('installation_key');
// check the half md5 of their email
$md5check = substr(md5($mailprefix . $user->email . $installation_key), 0, 16);
$user->id = $user->owner;
if ($md5check == substr($email->addresshash, -16)) {
update_bounce_count($user);
check_overcount($user);
}
// else maybe they've already changed their email address
}
break;
// No more cases yet
}
return $email;
}
function forgotpass_submit(Pieform $form, $values)
{
global $SESSION;
try {
if (!($user = get_record_sql('SELECT u.* FROM {usr} u
INNER JOIN {auth_instance} ai ON (u.authinstance = ai.id)
WHERE (LOWER(u.email) = ? OR LOWER(u.username) = ?)
AND ai.authname = \'internal\'', array_fill(0, 2, strtolower($values['emailusername']))))) {
die_info(get_string('forgotpassnosuchemailaddressorusername'));
}
$pwrequest = new StdClass();
$pwrequest->usr = $user->id;
$pwrequest->expiry = db_format_timestamp(time() + 86400);
$pwrequest->key = get_random_key();
$sitename = get_config('sitename');
$fullname = display_name($user);
// Override the disabled status of this e-mail address
$user->ignoredisabled = true;
email_user($user, null, get_string('forgotusernamepasswordemailsubject', 'mahara', $sitename), get_string('forgotusernamepasswordemailmessagetext', 'mahara', $fullname, $sitename, $user->username, get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key, get_config('wwwroot') . 'contact.php', $sitename), get_string('forgotusernamepasswordemailmessagehtml', 'mahara', $fullname, $sitename, $user->username, get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key, get_config('wwwroot') . 'forgotpass.php?key=' . $pwrequest->key, get_config('wwwroot') . 'contact.php', $sitename));
insert_record('usr_password_request', $pwrequest);
} catch (SQLException $e) {
die_info(get_string('forgotpassemailsendunsuccessful'));
} catch (EmailException $e) {
die_info(get_string('forgotpassemailsendunsuccessful'));
}
// Add a note if this e-mail address is over the bounce threshold to
// warn users that they may not receive the e-mail
if ($mailinfo = get_record_select('artefact_internal_profile_email', '"owner" = ? AND principal = 1', array($user->id))) {
if (check_overcount($mailinfo)) {
$SESSION->add_info_msg(get_string('forgotpassemailsentanyway1', 'mahara', get_config('sitename')));
}
}
// Unsetting disabled status overriding
unset($user->ignoredisabled);
// Add a marker in the session to say that the user has registered
$SESSION->set('pwchangerequested', true);
redirect('/forgotpass.php');
}