function sendMail(eZMail $mail)
 {
     $ini = eZINI::instance();
     $parameters = array();
     $parameters['host'] = $ini->variable('MailSettings', 'TransportServer');
     $parameters['helo'] = $ini->variable('MailSettings', 'SenderHost');
     $parameters['port'] = $ini->variable('MailSettings', 'TransportPort');
     $parameters['connectionType'] = $ini->variable('MailSettings', 'TransportConnectionType');
     $user = $ini->variable('MailSettings', 'TransportUser');
     $password = $ini->variable('MailSettings', 'TransportPassword');
     if ($user and $password) {
         $parameters['auth'] = true;
         $parameters['user'] = $user;
         $parameters['pass'] = $password;
     }
     /* If email sender hasn't been specified or is empty
      * we substitute it with either MailSettings.EmailSender or AdminEmail.
      */
     if (!$mail->senderText()) {
         $emailSender = $ini->variable('MailSettings', 'EmailSender');
         if (!$emailSender) {
             $emailSender = $ini->variable('MailSettings', 'AdminEmail');
         }
         eZMail::extractEmail($emailSender, $emailSenderAddress, $emailSenderName);
         if (!eZMail::validate($emailSenderAddress)) {
             $emailSender = false;
         }
         if ($emailSender) {
             $mail->setSenderText($emailSender);
         }
     }
     $excludeHeaders = $ini->variable('MailSettings', 'ExcludeHeaders');
     if (count($excludeHeaders) > 0) {
         $mail->Mail->appendExcludeHeaders($excludeHeaders);
     }
     $options = new ezcMailSmtpTransportOptions();
     if ($parameters['connectionType']) {
         $options->connectionType = $parameters['connectionType'];
     }
     $smtp = new ezcMailSmtpTransport($parameters['host'], $user, $password, $parameters['port'], $options);
     // If in debug mode, send to debug email address and nothing else
     if ($ini->variable('MailSettings', 'DebugSending') == 'enabled') {
         $mail->Mail->to = array(new ezcMailAddress($ini->variable('MailSettings', 'DebugReceiverEmail')));
         $mail->Mail->cc = array();
         $mail->Mail->bcc = array();
     }
     // send() from ezcMailSmtpTransport doesn't return anything (it uses exceptions in case
     // something goes bad)
     try {
         eZPerfLogger::accumulatorStart('mail_sent');
         $smtp->send($mail->Mail);
         eZPerfLogger::accumulatorStop('mail_sent');
     } catch (ezcMailException $e) {
         eZPerfLogger::accumulatorStop('mail_send');
         eZDebug::writeError($e->getMessage(), __METHOD__);
         return false;
     }
     // return true in case of no exceptions
     return true;
 }
 function sendConfirmation()
 {
     if ($this->attribute('status') != eZSubscription::StatusPending) {
         return;
     }
     $res = eZTemplateDesignResource::instance();
     $ini = eZINI::instance();
     $hostname = eZSys::hostname();
     $template = 'design:eznewsletter/sendout/registration.tpl';
     $tpl = eZNewsletterTemplateWrapper::templateInit();
     $tpl->setVariable('userData', eZUserSubscriptionData::fetch($this->attribute('email')));
     $tpl->setVariable('hostname', $hostname);
     $tpl->setVariable('subscription', $this);
     $tpl->setVariable('subscriptionList', $this->attribute('subscription_list'));
     $templateResult = $tpl->fetch($template);
     if ($tpl->hasVariable('subject')) {
         $subject = $tpl->variable('subject');
     }
     $mail = new eZMail();
     $mail->setSender($ini->variable('MailSettings', 'EmailSender'), $ini->variable('SiteSettings', 'SiteName'));
     $mail->setReceiver($this->attribute('email'));
     $mail->setBody($templateResult);
     $mail->setSubject($subject);
     eZMailTransport::send($mail);
 }
 function sendMail(eZMail $mail)
 {
     $ini = eZINI::instance();
     $sendmailOptions = '';
     $emailFrom = $mail->sender();
     $emailSender = isset($emailFrom['email']) ? $emailFrom['email'] : false;
     if (!$emailSender || count($emailSender) <= 0) {
         $emailSender = $ini->variable('MailSettings', 'EmailSender');
     }
     if (!$emailSender) {
         $emailSender = $ini->variable('MailSettings', 'AdminEmail');
     }
     if (!eZMail::validate($emailSender)) {
         $emailSender = false;
     }
     $isSafeMode = ini_get('safe_mode') != 0;
     $sendmailOptionsArray = $ini->variable('MailSettings', 'SendmailOptions');
     if (is_array($sendmailOptionsArray)) {
         $sendmailOptions = implode(' ', $sendmailOptionsArray);
     } elseif (!is_string($sendmailOptionsArray)) {
         $sendmailOptions = $sendmailOptionsArray;
     }
     if (!$isSafeMode and $emailSender) {
         $sendmailOptions .= ' -f' . $emailSender;
     }
     if ($isSafeMode and $emailSender and $mail->sender() == false) {
         $mail->setSenderText($emailSender);
     }
     if (function_exists('mail')) {
         $message = $mail->body();
         $sys = eZSys::instance();
         $excludeHeaders = array('Subject');
         // If not Windows PHP mail() implementation, we can not specify a To: header in the $additional_headers parameter,
         // because then there will be 2 To: headers in the resulting e-mail.
         // However, we can use "undisclosed-recipients:;" in $to.
         if ($sys->osType() != 'win32') {
             $excludeHeaders[] = 'To';
             $receiverEmailText = count($mail->ReceiverElements) > 0 ? $mail->receiverEmailText() : 'undisclosed-recipients:;';
         } else {
             $receiverEmailText = $mail->receiverEmailText();
         }
         // If in debug mode, send to debug email address and nothing else
         if ($ini->variable('MailSettings', 'DebugSending') == 'enabled') {
             $receiverEmailText = $ini->variable('MailSettings', 'DebugReceiverEmail');
             $excludeHeaders[] = 'To';
             $excludeHeaders[] = 'Cc';
             $excludeHeaders[] = 'Bcc';
         }
         $extraHeaders = $mail->headerText(array('exclude-headers' => $excludeHeaders));
         $returnedValue = mail($receiverEmailText, $mail->subject(), $message, $extraHeaders, $sendmailOptions);
         if ($returnedValue === false) {
             eZDebug::writeError('An error occurred while sending e-mail. Check the Sendmail error message for further information (usually in /var/log/messages)', __METHOD__);
         }
         return $returnedValue;
     } else {
         eZDebug::writeWarning("Unable to send mail: 'mail' function is not compiled into PHP.", __METHOD__);
     }
     return false;
 }
 function validateEMailHTTPInput($email, $contentObjectAttribute)
 {
     if (!eZMail::validate($email)) {
         $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The email address is not valid.'));
         return eZInputValidator::STATE_INVALID;
     }
     return eZInputValidator::STATE_ACCEPTED;
 }
 function sendOrderEmail($params)
 {
     $ini = eZINI::instance();
     if (isset($params['order']) and isset($params['email'])) {
         $order = $params['order'];
         $email = $params['email'];
         $tpl = eZTemplate::factory();
         $tpl->setVariable('order', $order);
         $templateResult = $tpl->fetch('design:shop/orderemail.tpl');
         $subject = $tpl->variable('subject');
         $mail = new eZMail();
         $emailSender = $ini->variable('MailSettings', 'EmailSender');
         if (!$emailSender) {
             $emailSender = $ini->variable("MailSettings", "AdminEmail");
         }
         if ($tpl->hasVariable('content_type')) {
             $mail->setContentType($tpl->variable('content_type'));
         }
         $mail->setReceiver($email);
         $mail->setSender($emailSender);
         $mail->setSubject($subject);
         $mail->setBody($templateResult);
         $mailResult = eZMailTransport::send($mail);
         $email = $ini->variable('MailSettings', 'AdminEmail');
         $mail = new eZMail();
         if ($tpl->hasVariable('content_type')) {
             $mail->setContentType($tpl->variable('content_type'));
         }
         $mail->setReceiver($email);
         $mail->setSender($emailSender);
         $mail->setSubject($subject);
         $mail->setBody($templateResult);
         $mailResult = eZMailTransport::send($mail);
     }
 }
 function validateObjectAttributeHTTPInput($http, $base, $contentObjectAttribute)
 {
     $actionRemoveSelected = false;
     if ($http->hasPostVariable('CustomActionButton')) {
         $customActionArray = $http->postVariable('CustomActionButton');
         if (isset($customActionArray[$contentObjectAttribute->attribute("id") . '_remove_selected'])) {
             if ($customActionArray[$contentObjectAttribute->attribute("id") . '_remove_selected'] == 'Remove selected') {
                 $actionRemoveSelected = true;
             }
         }
     }
     if ($http->hasPostVariable($base . "_data_author_id_" . $contentObjectAttribute->attribute("id"))) {
         $classAttribute = $contentObjectAttribute->contentClassAttribute();
         $idList = $http->postVariable($base . "_data_author_id_" . $contentObjectAttribute->attribute("id"));
         $nameList = $http->postVariable($base . "_data_author_name_" . $contentObjectAttribute->attribute("id"));
         $emailList = $http->postVariable($base . "_data_author_email_" . $contentObjectAttribute->attribute("id"));
         if ($http->hasPostVariable($base . "_data_author_remove_" . $contentObjectAttribute->attribute("id"))) {
             $removeList = $http->postVariable($base . "_data_author_remove_" . $contentObjectAttribute->attribute("id"));
         } else {
             $removeList = array();
         }
         if ($contentObjectAttribute->validateIsRequired()) {
             if (trim($nameList[0]) == "") {
                 $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'At least one author is required.'));
                 return eZInputValidator::STATE_INVALID;
             }
         }
         if (trim($nameList[0]) != "") {
             for ($i = 0; $i < count($idList); $i++) {
                 if ($actionRemoveSelected) {
                     if (in_array($idList[$i], $removeList)) {
                         continue;
                     }
                 }
                 $name = $nameList[$i];
                 $email = $emailList[$i];
                 if (trim($name) == "") {
                     $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The author name must be provided.'));
                     return eZInputValidator::STATE_INVALID;
                 }
                 $isValidate = eZMail::validate($email);
                 if (!$isValidate) {
                     $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The email address is not valid.'));
                     return eZInputValidator::STATE_INVALID;
                 }
             }
         }
     } else {
         if ($contentObjectAttribute->validateIsRequired()) {
             $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'At least one author is required.'));
             return eZInputValidator::STATE_INVALID;
         }
     }
     return eZInputValidator::STATE_ACCEPTED;
 }
 function sendMail(eZMail $mail)
 {
     $ini = eZINI::instance();
     $sendmailOptions = '';
     $emailFrom = $mail->sender();
     $emailSender = $emailFrom['email'];
     if (!$emailSender || count($emailSender) <= 0) {
         $emailSender = $ini->variable('MailSettings', 'EmailSender');
     }
     if (!$emailSender) {
         $emailSender = $ini->variable('MailSettings', 'AdminEmail');
     }
     if (!eZMail::validate($emailSender)) {
         $emailSender = false;
     }
     $isSafeMode = ini_get('safe_mode');
     if ($isSafeMode and $emailSender and $mail->sender() == false) {
         $mail->setSenderText($emailSender);
     }
     $filename = time() . '-' . mt_rand() . '.mail';
     $data = preg_replace('/(\\r\\n|\\r|\\n)/', "\r\n", $mail->headerText() . "\n" . $mail->body());
     $returnedValue = eZFile::create($filename, 'var/log/mail', $data);
     if ($returnedValue === false) {
         eZDebug::writeError('An error occurred writing the e-mail file in var/log/mail', __METHOD__);
     }
     return $returnedValue;
 }
 function validateObjectAttributeHTTPInput($http, $base, $contentObjectAttribute)
 {
     //$classAttribute = $contentObjectAttribute->contentClassAttribute();
     if ($http->hasPostVariable($base . '_data_text_' . $contentObjectAttribute->attribute('id'))) {
         $email = $http->postVariable($base . '_data_text_' . $contentObjectAttribute->attribute('id'));
         $trimmedEmail = trim($email);
         if ($trimmedEmail == "") {
             return eZInputValidator::STATE_ACCEPTED;
         }
         if (!eZMail::validate($trimmedEmail)) {
             $contentObjectAttribute->setValidationError(ezi18n('kernel/classes/datatypes', 'The email address is not valid.'));
             return eZInputValidator::STATE_INVALID;
         }
     }
     return eZInputValidator::STATE_ACCEPTED;
 }
    function processPostData()
    {
        $user = array();

        $user['first_name'] = $this->Http->postVariable( 'eZSetup_site_templates_first_name' );
        $user['last_name'] = $this->Http->postVariable( 'eZSetup_site_templates_last_name' );
        $user['email'] = $this->Http->postVariable( 'eZSetup_site_templates_email' );
        if ( strlen( trim( $user['first_name'] ) ) == 0 )
        {
            $this->Error[] = self::FIRST_NAME_MISSING;
        }
        if ( strlen( trim( $user['last_name'] ) ) == 0 )
        {
            $this->Error[] = self::LAST_NAME_MISSING;
        }
        if ( strlen( trim( $user['email'] ) ) == 0 )
        {
            $this->Error[] = self::EMAIL_MISSING;
        }
        else if ( !eZMail::validate( trim( $user['email'] ) ) )
        {
            $this->Error[] = self::EMAIL_INVALID;
        }
        if ( strlen( trim( $this->Http->postVariable( 'eZSetup_site_templates_password1' ) ) ) == 0 )
        {
            $this->Error[] = self::PASSWORD_MISSING;
        }
        else if ( $this->Http->postVariable( 'eZSetup_site_templates_password1' ) != $this->Http->postVariable( 'eZSetup_site_templates_password2' ) )
        {
            $this->Error[] = self::PASSWORD_MISSMATCH;
        }
        else if ( !eZUser::validatePassword( trim( $this->Http->postVariable( 'eZSetup_site_templates_password1' ) ) ) )
        {
            $this->Error[] = self::PASSWORD_TOO_SHORT;
        }
        else
        {
            $user['password'] = $this->Http->postVariable( 'eZSetup_site_templates_password1' );
        }
        if ( !isset( $user['password'] ) )
            $user['password'] = '';
        $this->PersistenceList['admin'] = $user;

        return ( count( $this->Error ) == 0 );
    }
 function processViewActions(&$validation, $params)
 {
     $http = eZHTTPTool::instance();
     $prefix = eZSurveyType::PREFIX_ATTRIBUTE;
     $attributeID = $params['contentobjectattribute_id'];
     $postAnswer = $prefix . '_ezsurvey_answer_' . $this->ID . '_' . $attributeID;
     $answer = trim($http->postVariable($postAnswer));
     if ($this->attribute('mandatory') == 1 and strlen($answer) == 0) {
         $validation['error'] = true;
         $validation['errors'][] = array('message' => ezpI18n::tr('survey', 'Please answer the question %number as well!', null, array('%number' => $this->questionNumber())), 'question_number' => $this->questionNumber(), 'code' => 'email_answer_question', 'question' => $this);
     } else {
         if (strlen($answer) != 0 && !eZMail::validate($answer)) {
             $validation['error'] = true;
             $validation['errors'][] = array('message' => ezpI18n::tr('survey', 'Entered text in the question %number is not a valid email address!', null, array('%number' => $this->questionNumber())), 'question_number' => $this->questionNumber(), 'code' => 'email_email_not_valid', 'question' => $this);
         }
     }
     $this->setAnswer($answer);
 }
    function execute( $xml )
    {
        $template   = $xml->getAttribute( 'template' );
        $receiverID = $xml->getAttribute( 'receiver' );
        $nodeID     = $xml->getAttribute( 'node' );

        $ini = eZINI::instance();
        $mail = new eZMail();
        $tpl = eZTemplate::factory();

        $node = eZContentObjectTreeNode::fetch( $nodeID );
        if ( !$node )
        {
            $node = eZContentObjectTreeNode::fetch( 2 );
        }

        $emailSender = $ini->variable( 'MailSettings', 'EmailSender' );
        if ( !$emailSender )
            $emailSender = $ini->variable( "MailSettings", "AdminEmail" );

        $receiver = eZUser::fetch( $receiverID );
        if ( !$receiver )
        {
            $emailReceiver = $emailSender;
        }
        else
        {
            $emailReceiver = $receiver->attribute( 'email' );
        }

        $tpl->setVariable( 'node', $node );
        $tpl->setVariable( 'receiver', $receiver );

        $body = $tpl->fetch( 'design:' . $template );
        $subject = $tpl->variable( 'subject' );

        $mail->setReceiver( $emailReceiver );
        $mail->setSender( $emailSender );
        $mail->setSubject( $subject );
        $mail->setBody( $body );

        $mailResult = eZMailTransport::send( $mail );
        return $mailResult;
    }
 /**
  * Implement the validatation in adding comment
  * @see extension/ezcomments/classes/ezcomFormTool#validateField($field)
  */
 protected function validateField($field, $value)
 {
     switch ($field) {
         case 'website':
             return ezcomUtility::validateURLString($value);
         case 'email':
             // just validate anonymous's input email
             $user = eZUser::currentUser();
             if ($user->isAnonymous()) {
                 $result = eZMail::validate($value);
                 if (!$result) {
                     return ezpI18n::tr('ezcomments/comment/add', 'Not a valid email address.');
                 }
             }
             return true;
         case 'recaptcha':
             require_once 'recaptchalib.php';
             $ini = eZINI::instance('ezcomments.ini');
             $privateKey = $ini->variable('RecaptchaSetting', 'PrivateKey');
             $http = eZHTTPTool::instance();
             if ($http->hasPostVariable('recaptcha_challenge_field') && $http->hasPostVariable('recaptcha_response_field')) {
                 $ip = $_SERVER["REMOTE_ADDR"];
                 $challengeField = $http->postVariable('recaptcha_challenge_field');
                 $responseField = $http->postVariable('recaptcha_response_field');
                 $capchaResponse = recaptcha_check_answer($privateKey, $ip, $challengeField, $responseField);
                 if (!$capchaResponse->is_valid) {
                     return ezpI18n::tr('ezcomments/comment/add', 'The words you input are incorrect.');
                 }
             } else {
                 return ezpI18n::tr('ezcomments/comment/add', 'Captcha parameter error.');
             }
             return true;
         default:
             return true;
     }
 }
Exemple #13
0
 /**
  * publishHandlerLink (Publish handler, pass 2 after schema validation)
  * Publish handler for link element, converts href to [object|node|link]_id.
  *
  * @param DOMElement $element
  * @param array $param parameters for xml element
  * @return null|array changes structure if it contains 'result' key
  */
 function publishHandlerLink($element, &$params)
 {
     $ret = null;
     $href = $element->getAttribute('href');
     if ($href) {
         $objectID = false;
         if (strpos($href, 'ezobject') === 0 && preg_match("@^ezobject://([0-9]+)/?(#.+)?@i", $href, $matches)) {
             $objectID = $matches[1];
             if (isset($matches[2])) {
                 $anchorName = substr($matches[2], 1);
             }
             $element->setAttribute('object_id', $objectID);
             if (!eZContentObject::exists($objectID)) {
                 $this->Messages[] = ezpI18n::tr('design/standard/ezoe/handler', 'Object %1 does not exist.', false, array($objectID));
             }
         } elseif (strpos($href, 'eznode') === 0 && preg_match("@^eznode://([^#]+)(#.+)?@i", $href, $matches)) {
             $nodePath = trim($matches[1], '/');
             if (isset($matches[2])) {
                 $anchorName = substr($matches[2], 1);
             }
             if (is_numeric($nodePath)) {
                 $nodeID = $nodePath;
                 $node = eZContentObjectTreeNode::fetch($nodeID);
                 if (!$node instanceof eZContentObjectTreeNode) {
                     $this->Messages[] = ezpI18n::tr('design/standard/ezoe/handler', 'Node %1 does not exist.', false, array($nodeID));
                 }
             } else {
                 $node = eZContentObjectTreeNode::fetchByURLPath($nodePath);
                 if (!$node instanceof eZContentObjectTreeNode) {
                     $this->Messages[] = ezpI18n::tr('design/standard/ezoe/handler', 'Node &apos;%1&apos; does not exist.', false, array($nodePath));
                 } else {
                     $nodeID = $node->attribute('node_id');
                 }
                 $element->setAttribute('show_path', 'true');
             }
             if (isset($nodeID) && $nodeID) {
                 $element->setAttribute('node_id', $nodeID);
             }
             if (isset($node) && $node instanceof eZContentObjectTreeNode) {
                 $objectID = $node->attribute('contentobject_id');
             }
         } elseif (strpos($href, '#') === 0) {
             $anchorName = substr($href, 1);
         } else {
             $temp = explode('#', $href);
             $url = $temp[0];
             if (isset($temp[1])) {
                 $anchorName = $temp[1];
             }
             if ($url) {
                 // Protection from XSS attack
                 if (preg_match("/^(java|vb)script:.*/i", $url)) {
                     $this->isInputValid = false;
                     $this->Messages[] = "Using scripts in links is not allowed, '{$url}' has been removed";
                     $element->removeAttribute('href');
                     return $ret;
                 }
                 // Check mail address validity following RFC 5322 and RFC 5321
                 if (preg_match("/^mailto:([^.][a-z0-9!#\$%&'*+-\\/=?`{|}~^]+@([a-z0-9.-]+))/i", $url, $mailAddr)) {
                     if (!eZMail::validate($mailAddr[1])) {
                         $this->isInputValid = false;
                         if ($this->errorLevel >= 0) {
                             $this->Messages[] = ezpI18n::tr('kernel/classes/datatypes/ezxmltext', "Invalid e-mail address: '%1'", false, array($mailAddr[1]));
                         }
                         $element->removeAttribute('href');
                         return $ret;
                     }
                 }
                 // Store urlID instead of href
                 $url = str_replace(array('&amp;', '%28', '%29'), array('&', '(', ')'), $url);
                 $urlID = eZURL::registerURL($url);
                 if ($urlID) {
                     if (!in_array($urlID, $this->urlIDArray)) {
                         $this->urlIDArray[] = $urlID;
                     }
                     $element->setAttribute('url_id', $urlID);
                 }
             }
         }
         if ($objectID && !in_array($objectID, $this->linkedObjectIDArray)) {
             $this->linkedObjectIDArray[] = $objectID;
         }
         if (isset($anchorName) && $anchorName) {
             $element->setAttribute('anchor_name', $anchorName);
         }
     }
     return $ret;
 }
 public function executeBeforeLastRedirect($node)
 {
     $survey = $this->fetchFeedbackSurvey();
     $surveyQuestions = $this->feedbackQuestionList();
     $mailTo = $this->fetchMailTo($surveyQuestions);
     if ($survey = $this->fetchFeedbackSurvey() and $survey instanceof eZSurvey and $surveyQuestions = $this->feedbackQuestionList() and $mailTo = $this->fetchMailTo($surveyQuestions) and eZMail::validate($mailTo)) {
         $tpl_email = eZTemplate::factory();
         $tpl_email->setVariable('intro', $this->Text2);
         $tpl_email->setVariable('survey', $survey);
         $tpl_email->setVariable('survey_questions', $surveyQuestions);
         $tpl_email->setVariable('survey_node', $node);
         $templateResult = $tpl_email->fetch('design:survey/feedbackfield_mail.tpl');
         if (trim($this->Text3) != '') {
             $subject = $this->Text3;
         } else {
             $subject = $tpl_email->variable('subject');
         }
         $mail = new eZMail();
         $ini = eZINI::instance();
         $emailSender = $ini->variable('MailSettings', 'EmailSender');
         if (!$emailSender) {
             $emailSender = $ini->variable('MailSettings', 'AdminEmail');
         }
         $mail->setSenderText($emailSender);
         $mail->setReceiver($mailTo);
         $mail->setSubject($subject);
         $mail->setBody($templateResult);
         if ($this->Num == 1) {
             $adminReceiver = $ini->variable('MailSettings', 'AdminEmail');
             $mail->addBcc($adminReceiver);
         }
         $mailResult = eZMailTransport::send($mail);
     }
 }
 $modifierDays = $http->hasPostVariable('SendModifierDays') ? $http->postVariable('SendModifierDays') : 0;
 $modifierHours = $http->hasPostVariable('SendModifierHours') ? $http->postVariable('SendModifierHours') : 0;
 $modifierMinutes = $http->hasPostVariable('SendModifierMinutes') ? $http->postVariable('SendModifierMinutes') : 0;
 $SendDateModifier = $modifierDays * 86400 + $modifierHours * 3600 + $modifierMinutes * 60;
 $newsletterType->setAttribute('send_date_modifier', $SendDateModifier);
 $preText = $http->hasPostVariable('preText') ? $http->postVariable('preText') : '';
 $postText = $http->hasPostVariable('postText') ? $http->postVariable('postText') : '';
 $newsletterType->setAttribute('pretext', $preText);
 $newsletterType->setAttribute('posttext', $postText);
 if ($http->postVariable('PersonaliseNewsletter')) {
     $newsletterType->setAttribute('personalise', '1');
 } else {
     $newsletterType->setAttribute('personalise', '0');
 }
 $senderAddress = $http->postVariable('NewsletterTypeSenderAddress');
 if (eZMail::validate($senderAddress)) {
     $newsletterType->setAttribute('sender_address', $senderAddress);
 } else {
     $warning[] = ezpI18n::tr('eznewsletter/edit_newslettertype', 'Email address "%address" did not validate.', false, array('%address' => $senderAddress));
 }
 if ($http->hasPostVariable('ValidContentClassIDArray')) {
     $newsletterType->setAttribute('contentclass_list', eZNewsletterType::serializeArray($http->postVariable('ValidContentClassIDArray')));
 }
 if ($http->hasPostVariable('AllowedDesigns') && 0 < count($http->postVariable('AllowedDesigns'))) {
     $newsletterType->setAttribute('allowed_designs', eZNewsletterType::serializeArray($http->postVariable('AllowedDesigns')));
 } else {
     $warning[] = ezpI18n::tr('eznewsletter/edit_newslettertype', 'You have to select at least one design.');
 }
 if ($http->hasPostVariable('AllowedSiteaccesses') && 0 < count($http->postVariable('AllowedSiteaccesses'))) {
     $newsletterType->setAttribute('allowed_siteaccesses', eZNewsletterType::serializeArray($http->postVariable('AllowedSiteaccesses')));
 } else {
    /**
     * @return bool
     */
    function init()
    {
        if ( $this->hasKickstartData() )
        {
            $data = $this->kickstartData();

            $this->PersistenceList['email_info']['send'] = isset( $data['Send'] ) ? ( $data['Send'] == 'true' ) : true;
            $this->PersistenceList['email_info']['user_data'] = isset( $data['UserData'] ) ? $data['UserData'] : $this->defaultUserData;

            if ( $this->kickstartContinueNextStep() )
            {
                if ( $this->PersistenceList['email_info']['send'] )
                {
                    $mailTpl = eZTemplate::factory();
                    $bodyText = $this->generateRegistration( $mailTpl, $this->PersistenceList['email_info']['user_data'] );
                    $subject = $mailTpl->variable( 'subject' );

                    // Fill in E-Mail data and send it
                    $mail = new eZMail();
                    $mail->setReceiver( '*****@*****.**', 'eZ Site Registration' );
                    $mail->setSender( '*****@*****.**' );
                    $mail->setSubject( $subject );
                    $mail->setBody( $bodyText );
                    $mailResult = eZMailTransport::send( $mail );

                    $this->PersistenceList['email_info']['result'] = $mailResult;
                }
                else
                {
                    $this->PersistenceList['email_info']['result'] = false;
                }
                return true;
            }
            else
            {
                return false;
            }
        }

        return false; // Always display registration information
    }
 /**
  * Validates input from user registration form
  *
  * @param eZHTTPTool $http
  *
  * @return array
  */
 public static function validateUserInput($http)
 {
     if ($http->hasPostVariable('data_user_login') && $http->hasPostVariable('data_user_email') && $http->hasPostVariable('data_user_password') && $http->hasPostVariable('data_user_password_confirm')) {
         $loginName = $http->postVariable('data_user_login');
         $email = $http->postVariable('data_user_email');
         $password = $http->postVariable('data_user_password');
         $passwordConfirm = $http->postVariable('data_user_password_confirm');
         if (trim($loginName) == '') {
             return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The username must be specified.'));
         } else {
             $existUser = eZUser::fetchByName($loginName);
             if ($existUser != null) {
                 return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The username already exists, please choose another one.'));
             }
             // validate user email
             $isValidate = eZMail::validate($email);
             if (!$isValidate) {
                 return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The email address is not valid.'));
             }
             $authenticationMatch = eZUser::authenticationMatch();
             if ($authenticationMatch & eZUser::AUTHENTICATE_EMAIL) {
                 if (eZUser::requireUniqueEmail()) {
                     $userByEmail = eZUser::fetchByEmail($email);
                     if ($userByEmail != null) {
                         return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'A user with this email already exists.'));
                     }
                 }
             }
             // validate user name
             if (!eZUser::validateLoginName($loginName, $errorText)) {
                 return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', $errorText));
             }
             // validate user password
             $ini = eZINI::instance();
             $generatePasswordIfEmpty = $ini->variable("UserSettings", "GeneratePasswordIfEmpty") == 'true';
             if (!$generatePasswordIfEmpty || $password != "") {
                 if ($password == "") {
                     return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The password cannot be empty.', 'eZUserType'));
                 }
                 if ($password != $passwordConfirm) {
                     return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The passwords do not match.', 'eZUserType'));
                 }
                 if (!eZUser::validatePassword($password)) {
                     $minPasswordLength = $ini->hasVariable('UserSettings', 'MinPasswordLength') ? $ini->variable('UserSettings', 'MinPasswordLength') : 3;
                     return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The password must be at least %1 characters long.', null, array($minPasswordLength)));
                 }
                 if (strtolower($password) == 'password') {
                     return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'The password must not be "password".'));
                 }
             }
         }
     } else {
         return array('status' => 'error', 'message' => ezpI18n::tr('kernel/classes/datatypes', 'Input required.'));
     }
     return array('status' => 'success');
 }
 $tpl->setVariable('viewmode', $ViewMode);
 $tpl->setVariable('view_parameters', $userParameters);
 $tpl->setVariable('object', $object);
 $tpl->setVariable('attribute_hide_list', $attributeHideList);
 $tpl->setVariable('collection', $collection);
 $tpl->setVariable('object', $object);
 $templateResult = $tpl->fetch('design:content/collectedinfomail/' . $informationCollectionTemplate . '.tpl');
 $subject = $tpl->variable('subject');
 $receiver = $tpl->variable('email_receiver');
 $ccReceivers = $tpl->variable('email_cc_receivers');
 $bccReceivers = $tpl->variable('email_bcc_receivers');
 $sender = $tpl->variable('email_sender');
 $replyTo = $tpl->variable('email_reply_to');
 $redirectToNodeID = $tpl->variable('redirect_to_node_id');
 $ini = eZINI::instance();
 $mail = new eZMail();
 if ($tpl->hasVariable('content_type')) {
     $mail->setContentType($tpl->variable('content_type'));
 }
 if (!$mail->validate($receiver)) {
     $receiver = $ini->variable("InformationCollectionSettings", "EmailReceiver");
     if (!$receiver) {
         $receiver = $ini->variable("MailSettings", "AdminEmail");
     }
 }
 $mail->setReceiver($receiver);
 if (!$mail->validate($sender)) {
     $sender = $ini->variable("MailSettings", "EmailSender");
 }
 $mail->setSender($sender);
 if (!$mail->validate($replyTo)) {
 /**
  *  Send the notification after registeration
  */
 public static function sendUserNotification($userID)
 {
     eZDebugSetting::writeNotice('Sending approval notification to the user.', 'kernel-user', 'user register');
     $user = eZUser::fetch($userID);
     $ini = eZINI::instance();
     // Send mail
     $tpl = eZTemplate::factory();
     $tpl->setVariable('user', $user);
     $templateResult = $tpl->fetch('design:user/registrationapproved.tpl');
     $mail = new eZMail();
     if ($tpl->hasVariable('content_type')) {
         $mail->setContentType($tpl->variable('content_type'));
     }
     $emailSender = $ini->variable('MailSettings', 'EmailSender');
     if ($tpl->hasVariable('email_sender')) {
         $emailSender = $tpl->variable('email_sender');
     } else {
         if (!$emailSender) {
             $emailSender = $ini->variable('MailSettings', 'AdminEmail');
         }
     }
     if ($tpl->hasVariable('subject')) {
         $subject = $tpl->variable('subject');
     } else {
         $subject = ezpI18n::tr('kernel/user/register', 'User registration approved');
     }
     $mail->setSender($emailSender);
     $receiver = $user->attribute('email');
     $mail->setReceiver($receiver);
     $mail->setSubject($subject);
     $mail->setBody($templateResult);
     $mailResult = eZMailTransport::send($mail);
     return array('status' => eZModuleOperationInfo::STATUS_CONTINUE);
 }
    function encodeMimeHeader( $str )
    {
        if ( !$this->TextCodec )
        {
             $this->TextCodec = eZTextCodec::instance( $this->contentCharset(), $this->outputCharset() );
        }

        if ( function_exists( "mb_encode_mimeheader" ) )
        {
            $encoded = mb_encode_mimeheader( $str, $this->TextCodec->InputCharsetCode, "B", eZMail::lineSeparator() );
        }
        else
        {
            if (  0 == preg_match_all( '/[\000-\010\013\014\016-\037\177-\377]/', $str, $matches ) )
                return $str;

            $maxlen = 75 - 7 - strlen( $this->TextCodec->InputCharsetCode );

            $encoding = 'B';
            $encoded = base64_encode( $str );
            $maxlen -= $maxlen % 4;
            $encoded = trim( chunk_split( $encoded, $maxlen, "\n" ) );

            $encoded = preg_replace( '/^(.*)$/m', " =?".$this->TextCodec->InputCharsetCode."?$encoding?\\1?=", $encoded );

            $encoded = trim( str_replace( "\n", eZMail::lineSeparator(), $encoded ) );
        }

        return $encoded;
    }
 /**
  * Logs in an user if applied login and password is valid.
  *
  * This method does not do any house keeping work anymore (writing audits, etc).
  * When you call this method make sure to call loginSucceeded() or loginFailed()
  * depending on the success of the login.
  *
  * @param string $login
  * @param string $password
  * @param bool $authenticationMatch
  * @return mixed eZUser object on log in success, int userID if the username
  *         exists but log in failed, or false if the username doesn't exists.
  */
 protected static function _loginUser($login, $password, $authenticationMatch = false)
 {
     $http = eZHTTPTool::instance();
     $db = eZDB::instance();
     if ($authenticationMatch === false) {
         $authenticationMatch = eZUser::authenticationMatch();
     }
     $login = self::trimAuthString($login);
     $password = self::trimAuthString($password);
     $loginEscaped = $db->escapeString($login);
     $passwordEscaped = $db->escapeString($password);
     $loginArray = array();
     if ($authenticationMatch & self::AUTHENTICATE_LOGIN) {
         $loginArray[] = "login='******'";
     }
     if ($authenticationMatch & self::AUTHENTICATE_EMAIL) {
         if (eZMail::validate($login)) {
             $loginArray[] = "email='{$loginEscaped}'";
         }
     }
     if (empty($loginArray)) {
         $loginArray[] = "login='******'";
     }
     $loginText = implode(' OR ', $loginArray);
     $contentObjectStatus = eZContentObject::STATUS_PUBLISHED;
     $ini = eZINI::instance();
     $databaseName = $db->databaseName();
     // if mysql
     if ($databaseName === 'mysql') {
         $query = "SELECT contentobject_id, password_hash, password_hash_type, email, login\n                      FROM ezuser, ezcontentobject\n                      WHERE ( {$loginText} ) AND\n                        ezcontentobject.status='{$contentObjectStatus}' AND\n                        ezcontentobject.id=contentobject_id AND\n                        ( ( password_hash_type!=4 ) OR\n                          ( password_hash_type=4 AND\n                              ( {$loginText} ) AND\n                          password_hash=PASSWORD('{$passwordEscaped}') ) )";
     } else {
         $query = "SELECT contentobject_id, password_hash,\n                             password_hash_type, email, login\n                      FROM   ezuser, ezcontentobject\n                      WHERE  ( {$loginText} )\n                      AND    ezcontentobject.status='{$contentObjectStatus}'\n                      AND    ezcontentobject.id=contentobject_id";
     }
     $users = $db->arrayQuery($query);
     $exists = false;
     if ($users !== false && isset($users[0])) {
         $ini = eZINI::instance();
         foreach ($users as $userRow) {
             $userID = $userRow['contentobject_id'];
             $hashType = $userRow['password_hash_type'];
             $hash = $userRow['password_hash'];
             $exists = eZUser::authenticateHash($userRow['login'], $password, eZUser::site(), $hashType, $hash);
             // If hash type is MySql
             if ($hashType == self::PASSWORD_HASH_MYSQL and $databaseName === 'mysql') {
                 $queryMysqlUser = "******";
                 $mysqlUsers = $db->arrayQuery($queryMysqlUser);
                 if (isset($mysqlUsers[0])) {
                     $exists = true;
                 }
             }
             eZDebugSetting::writeDebug('kernel-user', eZUser::createHash($userRow['login'], $password, eZUser::site(), $hashType, $hash), "check hash");
             eZDebugSetting::writeDebug('kernel-user', $hash, "stored hash");
             // If current user has been disabled after a few failed login attempts.
             $canLogin = eZUser::isEnabledAfterFailedLogin($userID);
             if ($exists) {
                 // We should store userID for warning message.
                 $GLOBALS['eZFailedLoginAttemptUserID'] = $userID;
                 $userSetting = eZUserSetting::fetch($userID);
                 $isEnabled = $userSetting->attribute("is_enabled");
                 if ($hashType != eZUser::hashType() and strtolower($ini->variable('UserSettings', 'UpdateHash')) == 'true') {
                     $hashType = eZUser::hashType();
                     $hash = eZUser::createHash($userRow['login'], $password, eZUser::site(), $hashType);
                     $db->query("UPDATE ezuser SET password_hash='{$hash}', password_hash_type='{$hashType}' WHERE contentobject_id='{$userID}'");
                 }
                 break;
             }
         }
     }
     if ($exists and $isEnabled and $canLogin) {
         return new eZUser($userRow);
     } else {
         return isset($userID) ? $userID : false;
     }
 }
 $tpl->setVariable('viewmode', $ViewMode);
 $tpl->setVariable('view_parameters', $userParameters);
 $tpl->setVariable('object', $object);
 $tpl->setVariable('attribute_hide_list', $attributeHideList);
 $tpl->setVariable('collection', $collection);
 $tpl->setVariable('object', $object);
 $templateResult = $tpl->fetch('design:content/collectedinfomail/' . $informationCollectionTemplate . '.tpl');
 $subject = $tpl->variable('subject');
 $receiver = $tpl->variable('email_receiver');
 $ccReceivers = $tpl->variable('email_cc_receivers');
 $bccReceivers = $tpl->variable('email_bcc_receivers');
 $sender = $tpl->variable('email_sender');
 $replyTo = $tpl->variable('email_reply_to');
 $redirectToNodeID = $tpl->variable('redirect_to_node_id');
 $ini = eZINI::instance();
 $mail = new eZMail();
 if ($tpl->hasVariable('content_type')) {
     $mail->setContentType($tpl->variable('content_type'));
 }
 if (!$mail->validate($receiver)) {
     $receiver = $ini->variable("InformationCollectionSettings", "EmailReceiver");
     if (!$receiver) {
         $receiver = $ini->variable("MailSettings", "AdminEmail");
     }
 }
 $mail->setReceiver($receiver);
 if (!$mail->validate($sender)) {
     $sender = $ini->variable("MailSettings", "EmailSender");
 }
 $mail->setSender($sender);
 if (!$mail->validate($replyTo)) {
//
//
// ## END COPYRIGHT, LICENSE AND WARRANTY NOTICE ##
//
/*! \file subscription_import.php
*/
$Module = $Params['Module'];
$http = eZHTTPTool::instance();
$empty_input = true;
$done = false;
$warning = "";
if ($http->hasPostVariable('AddButton') || $http->hasPostVariable('RemoveButton')) {
    if ($http->hasPostVariable('RobinsonlistEntry_Email')) {
        if ($http->postVariable('RobinsonlistEntry_Email') != "") {
            $empty_input = false;
            if (eZMail::validate($http->postVariable('RobinsonlistEntry_Email'))) {
                if ($http->hasPostVariable('AddButton')) {
                    if (!eZRobinsonListEntry::inList($http->postVariable('RobinsonlistEntry_Email'), eZRobinsonListEntry::EMAIL)) {
                        eZRobinsonListEntry::create($http->postVariable('RobinsonlistEntry_Email'), eZRobinsonListEntry::EMAIL, eZRobinsonListEntry::IMPORT_LOCAL);
                        $done = true;
                    } else {
                        $warning = ezpI18n::tr('eznewsletter/robinson_user', 'Entered email address is already in the list.');
                        $done = true;
                    }
                } else {
                    if ($http->hasPostVariable('RemoveButton')) {
                        if (eZRobinsonListEntry::inList($http->postVariable('RobinsonlistEntry_Email'), eZRobinsonListEntry::EMAIL, eZRobinsonListEntry::IMPORT_LOCAL)) {
                            eZRobinsonListEntry::removeByValue($http->postVariable('RobinsonlistEntry_Email'), eZRobinsonListEntry::EMAIL, eZRobinsonListEntry::IMPORT_LOCAL);
                            $done = true;
                        } else {
                            $warning = ezpI18n::tr('eznewsletter/robinson_user', 'Entered email address is not in the list.');
Exemple #24
0
 function checkContentActions($module, $class, $object, $version, $contentObjectAttributes, $EditVersion, $EditLanguage)
 {
     if ($module->isCurrentAction('Cancel')) {
         $http = eZHTTPTool::instance();
         if ($http->hasPostVariable('RedirectIfDiscarded')) {
             eZRedirectManager::redirectTo($module, $http->postVariable('RedirectIfDiscarded'));
         } else {
             eZRedirectManager::redirectTo($module, '/');
         }
         $version->removeThis();
         $http = eZHTTPTool::instance();
         $http->removeSessionVariable("RegisterUserID");
         $http->removeSessionVariable('StartedRegistration');
         return eZModule::HOOK_STATUS_CANCEL_RUN;
     }
     if ($module->isCurrentAction('Publish')) {
         $userID = $object->attribute('id');
         $operationResult = eZOperationHandler::execute('user', 'register', array('user_id' => $userID));
         // send feedback
         $ini = eZINI::instance();
         $tpl = eZTemplate::factory();
         $hostname = eZSys::hostname();
         $user = eZUser::fetch($userID);
         $feedbackTypes = $ini->variableArray('UserSettings', 'RegistrationFeedback');
         foreach ($feedbackTypes as $feedbackType) {
             switch ($feedbackType) {
                 case 'email':
                     // send feedback with the default email type
                     $mail = new eZMail();
                     $tpl->resetVariables();
                     $tpl->setVariable('user', $user);
                     $tpl->setVariable('object', $object);
                     $tpl->setVariable('hostname', $hostname);
                     $templateResult = $tpl->fetch('design:user/registrationfeedback.tpl');
                     if ($tpl->hasVariable('content_type')) {
                         $mail->setContentType($tpl->variable('content_type'));
                     }
                     $emailSender = $ini->variable('MailSettings', 'EmailSender');
                     if ($tpl->hasVariable('email_sender')) {
                         $emailSender = $tpl->variable('email_sender');
                     } else {
                         if (!$emailSender) {
                             $emailSender = $ini->variable('MailSettings', 'AdminEmail');
                         }
                     }
                     $feedbackReceiver = $ini->variable('UserSettings', 'RegistrationEmail');
                     if ($tpl->hasVariable('email_receiver')) {
                         $feedbackReceiver = $tpl->variable('email_receiver');
                     } else {
                         if (!$feedbackReceiver) {
                             $feedbackReceiver = $ini->variable('MailSettings', 'AdminEmail');
                         }
                     }
                     if ($tpl->hasVariable('subject')) {
                         $subject = $tpl->variable('subject');
                     } else {
                         $subject = ezpI18n::tr('kernel/user/register', 'New user registered');
                     }
                     $mail->setSender($emailSender);
                     $mail->setReceiver($feedbackReceiver);
                     $mail->setSubject($subject);
                     $mail->setBody($templateResult);
                     $mailResult = eZMailTransport::send($mail);
                     break;
                 default:
                     $registrationFeedbackClass = false;
                     // load custom registration feedback settings
                     if ($ini->hasGroup('RegistrationFeedback_' . $feedbackType)) {
                         if ($ini->hasVariable('RegistrationFeedback_' . $feedbackType, 'File')) {
                             include_once $ini->variable('RegistrationFeedback_' . $feedbackType, 'File');
                         }
                         $registrationFeedbackClass = $ini->variable('RegistrationFeedback_' . $feedbackType, 'Class');
                     }
                     // try to call the registration feedback class with function registrationFeedback
                     if ($registrationFeedbackClass && method_exists($registrationFeedbackClass, 'registrationFeedback')) {
                         call_user_func(array($registrationFeedbackClass, 'registrationFeedback'), $user, $tpl, $object, $hostname);
                     } else {
                         eZDebug::writeWarning("Unknown feedback type '{$feedbackType}'", 'user/register');
                     }
             }
         }
         $http = eZHTTPTool::instance();
         $http->removeSessionVariable("GeneratedPassword");
         $http->removeSessionVariable("RegisterUserID");
         $http->removeSessionVariable('StartedRegistration');
         // if everything is passed, login the user
         if ($operationResult['status'] === eZModuleOperationInfo::STATUS_CONTINUE) {
             $user->loginCurrent();
         }
         // check for redirectionvariable
         if ($operationResult['status'] === eZModuleOperationInfo::STATUS_CONTINUE || $operationResult['status'] === eZModuleOperationInfo::STATUS_HALTED) {
             if ($http->hasSessionVariable('RedirectAfterUserRegister')) {
                 $module->redirectTo($http->sessionVariable('RedirectAfterUserRegister'));
                 $http->removeSessionVariable('RedirectAfterUserRegister');
             } else {
                 if ($http->hasPostVariable('RedirectAfterUserRegister')) {
                     $module->redirectTo($http->postVariable('RedirectAfterUserRegister'));
                 } else {
                     $module->redirectTo('/user/success/');
                 }
             }
         } else {
             eZDebug::writeError('Unexpected operation status: ' . $operationResult['status'], 'user/register');
             // @todo: finish the failure code
             $module->redirectTo('/user/register/5');
         }
     }
 }
 function publishHandlerLink($element, &$params)
 {
     $ret = null;
     $href = $element->getAttribute('href');
     if ($href) {
         if (preg_match("@^ezobject://[0-9]+(#.*)?\$@", $href)) {
             $url = strtok($href, '#');
             $anchorName = strtok('#');
             $objectID = substr(strrchr($url, "/"), 1);
             $element->setAttribute('object_id', $objectID);
             if (!in_array($objectID, $this->linkedObjectIDArray)) {
                 $this->linkedObjectIDArray[] = $objectID;
             }
         } elseif (preg_match("@^eznode://.+(#.*)?\$@", $href)) {
             $objectID = null;
             $url = strtok($href, '#');
             $anchorName = strtok('#');
             $nodePath = substr(strchr($url, "/"), 2);
             if (preg_match("@^[0-9]+\$@", $nodePath)) {
                 $nodeID = $nodePath;
                 $node = eZContentObjectTreeNode::fetch($nodeID, false, false);
                 if (!$node) {
                     $this->handleError(eZXMLInputParser::ERROR_DATA, ezpI18n::tr('kernel/classes/datatypes/ezxmltext', "Node '%1' does not exist.", '', array($nodeID)));
                 } else {
                     $objectID = $node['contentobject_id'];
                 }
             } else {
                 $node = eZContentObjectTreeNode::fetchByURLPath($nodePath, false);
                 if (!$node) {
                     $this->handleError(eZXMLInputParser::ERROR_DATA, ezpI18n::tr('kernel/classes/datatypes/ezxmltext', "Node '%1' does not exist.", '', array($nodePath)));
                 } else {
                     $nodeID = $node['node_id'];
                     $objectID = $node['contentobject_id'];
                 }
                 $element->setAttribute('show_path', 'true');
             }
             $element->setAttribute('node_id', $nodeID);
             if ($objectID && !in_array($objectID, $this->linkedObjectIDArray)) {
                 $this->linkedObjectIDArray[] = $objectID;
             }
         } elseif (preg_match("@^#.*\$@", $href)) {
             $anchorName = substr($href, 1);
         } else {
             //washing href. single and double quotes replaced with their urlencoded form
             $href = str_replace(array('\'', '"'), array('%27', '%22'), $href);
             $temp = explode('#', $href);
             $url = $temp[0];
             if (isset($temp[1])) {
                 $anchorName = $temp[1];
             }
             if ($url) {
                 // Protection from XSS attack
                 if (preg_match("/^(java|vb)script:.*/i", $url)) {
                     $this->handleError(eZXMLInputParser::ERROR_DATA, ezpI18n::tr('kernel/classes/datatypes/ezxmltext', "Using scripts in links is not allowed, link '%1' has been removed", '', array($url)));
                     $element->removeAttribute('href');
                     return $ret;
                 }
                 // Check mail address validity following RFC 5322 and RFC 5321
                 if (preg_match("/^mailto:([^.][a-z0-9!#\$%&'*+-\\/=?`{|}~^]+@([a-z0-9.-]+))/i", $url, $mailAddr) && !eZMail::validate($mailAddr[1])) {
                     $this->handleError(eZXMLInputParser::ERROR_DATA, ezpI18n::tr('kernel/classes/datatypes/ezxmltext', "Invalid e-mail address: '%1'", '', array($mailAddr[1])));
                     $element->removeAttribute('href');
                     return $ret;
                 }
                 // Store urlID instead of href
                 $urlID = $this->convertHrefToID($url);
                 if ($urlID) {
                     $urlIDAttributeName = 'url_id';
                     $element->setAttribute($urlIDAttributeName, $urlID);
                 }
             }
         }
         if (isset($anchorName) && $anchorName) {
             $element->setAttribute('anchor_name', $anchorName);
         }
         $element->removeAttribute('href');
     }
     return $ret;
 }
Exemple #26
0
 function processViewActions($objectAttribute, &$survey, &$validation)
 {
     $http = eZHTTPTool::instance();
     $actionContinue = false;
     $postNodeID = self::PREFIX_ATTRIBUTE . '_ezsurvey_node_id_' . $objectAttribute->attribute('id');
     $postContentObjectAttributeID = self::PREFIX_ATTRIBUTE . '_ezsurvey_contentobjectattribute_id_' . $objectAttribute->attribute('id');
     $postSurveyID = self::PREFIX_ATTRIBUTE . '_ezsurvey_id_' . $objectAttribute->attribute('id');
     $continueViewActions = true;
     if ($survey->attribute('one_answer') == 1) {
         $user = eZUser::currentUser();
         if ($user->isLoggedIn() === true) {
             $contentObjectID = $objectAttribute->attribute('contentobject_id');
             $contentClassAttributeID = $objectAttribute->attribute('contentclassattribute_id');
             $languageCode = $objectAttribute->attribute('language_code');
             $surveyID = $survey->attribute('id');
             $exist = eZSurveyResult::exist($surveyID, $user->attribute('contentobject_id'), $contentObjectID, $contentClassAttributeID, $languageCode);
             if ($exist === true) {
                 $continueViewActions = false;
             }
         } else {
             $continueViewActions = false;
         }
     }
     if ($continueViewActions === true) {
         if ($http->hasPostVariable($postNodeID) and $http->hasPostVariable($postContentObjectAttributeID) and $http->hasPostVariable($postSurveyID)) {
             $surveyID = $http->postVariable($postSurveyID);
             $contentObjectAttributeID = $http->postVariable($postContentObjectAttributeID);
             $nodeID = $http->postVariable($postNodeID);
             $node = eZContentObjectTreeNode::fetch($nodeID);
             if (get_class($node) == 'eZContentObjectTreeNode' and $node->canRead() === true) {
                 // verify that our attribute is included in this node.
                 $dataMap = $node->dataMap();
                 foreach ($dataMap as $attribute) {
                     $attributeObjectID = $attribute->attribute('id');
                     if ($attributeObjectID == $contentObjectAttributeID) {
                         $actionContinue = true;
                         break;
                     }
                 }
             } else {
                 if (get_class($node) == 'eZContentObjectTreeNode') {
                     eZDebug::writeWarning("Not enough permissions to read node with ID: " . $nodeID . ".", 'eZSurveyType::processViewActions');
                 } else {
                     eZDebug::writeWarning("node with ID: " . $nodeID . " does not exist.", 'eZSurveyType::processViewActions');
                     return false;
                 }
             }
         } else {
             eZDebug::writeWarning("All the postvariables {$postNodeID}, {$postContentObjectAttributeID} and {$postSurveyID} need to be supplied.", 'eZSurveyType::processViewActions');
             return false;
         }
         $nodeID = $http->postVariable($postNodeID);
         $node = eZContentObjectTreeNode::fetch($nodeID);
         if ($actionContinue === true) {
             $survey = eZSurvey::fetch($surveyID);
             $status = $survey->validateContentObjectAttributeID($contentObjectAttributeID);
             if (!$survey or !$survey->published() or !$survey->enabled() or !$survey->valid()) {
                 eZDebug::writeWarning('Survey is not valid', 'eZSurveyType::processViewActions');
                 return;
             }
             $params = array('prefix_attribute' => self::PREFIX_ATTRIBUTE, 'contentobjectattribute_id' => $contentObjectAttributeID);
             $variableArray = $survey->processViewActions($validation, $params);
             $postSurveyStoreButton = self::PREFIX_ATTRIBUTE . '_ezsurvey_store_button_' . $contentObjectAttributeID;
             $user = eZUser::currentUser();
             if ($survey->attribute('persistent')) {
                 $result = eZSurveyResult::instance($surveyID, $user->id());
             } else {
                 $result = eZSurveyResult::instance($surveyID);
             }
             $result->setAttribute('user_id', $user->id());
             $http = eZHTTPTool::instance();
             $sessionID = $http->sessionID();
             $result->setAttribute('user_session_id', $sessionID);
             if ($http->hasPostVariable($postSurveyStoreButton) && $validation['error'] == false) {
                 $result->storeResult($params);
                 $postReceiverID = self::PREFIX_ATTRIBUTE . '_ezsurvey_receiver_id_' . $contentObjectAttributeID;
                 if ($http->hasPostVariable($postReceiverID) and $questionList = $survey->fetchQuestionList() and $postReceiverQuestionID = $http->postVariable($postReceiverID) and isset($questionList[$postReceiverQuestionID])) {
                     $mailTo = $questionList[$postReceiverQuestionID]->answer();
                     $emailSenderList = explode('_', $questionList[$postReceiverQuestionID]->attribute('text3'));
                     if (isset($emailSenderList[1]) and $emailSenderID = $emailSenderList[1] and is_numeric($emailSenderID) and $emailSenderID > 0 and isset($questionList[$emailSenderID]) and $senderQuestion = $questionList[$emailSenderID] and $senderQuestion->attribute('type') == 'EmailEntry' and eZMail::validate($senderQuestion->attribute('answer'))) {
                         $emailSender = $senderQuestion->attribute('answer');
                     } else {
                         $ini = eZINI::instance();
                         $emailSender = $ini->variable('MailSettings', 'EmailSender');
                         if (!$emailSender) {
                             $emailSender = $ini->variable('MailSettings', 'AdminEmail');
                         }
                     }
                     require_once 'kernel/common/template.php';
                     $tpl_email = templateInit();
                     $tpl_email->setVariable('survey', $survey);
                     $tpl_email->setVariable('survey_questions', $questionList);
                     $tpl_email->setVariable('survey_node', $node);
                     $templateResult = $tpl_email->fetch('design:survey/mail.tpl');
                     $subject = $tpl_email->variable('subject');
                     $mail = new eZMail();
                     $mail->setSenderText($emailSender);
                     $mail->setReceiver($mailTo);
                     $mail->setSubject($subject);
                     $mail->setBody($templateResult);
                     $mailResult = eZMailTransport::send($mail);
                 }
                 $survey->executeBeforeLastRedirect($node);
                 $href = trim($survey->attribute('redirect_submit'));
                 $module = $GLOBALS['module'];
                 if ($module instanceof eZModule) {
                     if (trim($href) != "") {
                         if (preg_match("/^http:\\/\\/.+/", $href)) {
                             $module->redirectTo($href);
                         } else {
                             $originalHref = $href;
                             $status = eZURI::transformURI($href);
                             if ($status === true) {
                                 // Need to keep the original href, since it's
                                 // already changed here.
                                 $module->redirectTo($originalHref);
                             } else {
                                 $http->redirect($href);
                             }
                         }
                     }
                 }
             } else {
                 if ($validation['error'] == true and $survey->attribute('persistent') == true) {
                     // Fix prevous results.
                     $validation['post_variables']['active'] = true;
                     $validation['post_variables']['variables'] = $variableArray;
                 }
             }
         }
     } else {
         eZDebug::writeWarning('Answer for survey with userid: ' . $user->id() . ' does already exist', 'eZSurveyType::processViewActions');
         $validation['one_answer']['warning'] = true;
     }
 }
Exemple #27
0
 /**
  * @todo set up soap and webdav tests
  */
 public static function runTests()
 {
     $status_tests = array('db' => '0', 'cluster db' => '0', 'ldap server' => '0', 'web access' => '0', 'ezfind' => '0', 'mail' => '0');
     $db = eZDB::instance();
     if ($db->isConnected() === true) {
         $status_tests['db'] = '1';
     }
     $clusterDBHandler = ezSysinfoClusterManager::clusterDBHandler();
     if ($clusterDBHandler instanceof eZDBFileHandler) {
         // warning - we dig into the private parts of the cluster file handler,
         // as no real API are provided for it (yet)
         if (is_resource($clusterDBHandler->backend->db)) {
             $status_tests['cluster db'] = '1';
         }
     } else {
         if (is_object($clusterDBHandler)) {
             // This is even worse: we have no right to know if db connection is ok.
             // So we replicate some code here...
             try {
                 $clusterDBHandler->_connect();
                 $status_tests['cluster db'] = '1';
             } catch (exception $e) {
             }
         } else {
             $status_tests['cluster db'] = 'X';
         }
     }
     if (in_array('ezfind', eZExtension::activeExtensions())) {
         $ini = eZINI::instance('solr.ini');
         $ezfinpingurl = $ini->variable('SolrBase', 'SearchServerURI') . "/admin/ping";
         $data = eZHTTPTool::getDataByURL($ezfinpingurl, false);
         $pos2 = stripos($data, '<str name="status">OK</str>');
         if ($pos2 !== false) {
             $status_tests['ezfind'] = '1';
         } else {
             $status_tests['ezfind'] = '0';
         }
     } else {
         $status_tests['ezfind'] = 'X';
     }
     $ini = eZINI::instance('ldap.ini');
     if ($ini->variable('LDAPSettings', 'LDAPEnabled') == 'true' && $ini->variable('LDAPSettings', 'LDAPServer') != '') {
         if (function_exists('ldap_connect')) {
             // code copied over ezldapuser class...
             $LDAPVersion = $ini->variable('LDAPSettings', 'LDAPVersion');
             $LDAPServer = $ini->variable('LDAPSettings', 'LDAPServer');
             $LDAPPort = $ini->variable('LDAPSettings', 'LDAPPort');
             $LDAPBindUser = $ini->variable('LDAPSettings', 'LDAPBindUser');
             $LDAPBindPassword = $ini->variable('LDAPSettings', 'LDAPBindPassword');
             $ds = ldap_connect($LDAPServer, $LDAPPort);
             if ($ds) {
                 ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $LDAPVersion);
                 if ($LDAPBindUser == '') {
                     $r = ldap_bind($ds);
                 } else {
                     $r = ldap_bind($ds, $LDAPBindUser, $LDAPBindPassword);
                 }
                 if ($r) {
                     $status_tests['ldap server'] = '1';
                 }
             }
         }
     } else {
         $status_tests['ldap server'] = 'X';
     }
     $ini = eZINI::instance('sysinfo.ini');
     $websites = $ini->variable('SystemStatus', 'WebBeacons');
     if (is_string($websites)) {
         $websites = array($websites);
     }
     foreach ($websites as $key => $site) {
         if (trim($site) == '') {
             unset($websites[$key]);
         }
     }
     if (count($websites)) {
         foreach ($websites as $site) {
             // current eZ code is broken if no curl is installed, as it does not check for 404 or such.
             // besides, it does not even support proxies...
             if (extension_loaded('curl')) {
                 if (eZHTTPTool::getDataByURL($site, true)) {
                     $status_tests['web access'] = '1';
                     break;
                 }
             } else {
                 $data = eZHTTPTool::getDataByURL($site, false);
                 if ($data !== false && sysInfoTools::isHTTP200($data)) {
                     $status_tests['web access'] = '1';
                     break;
                 }
             }
         }
     } else {
         $status_tests['web access'] = 'X';
     }
     $ini = eZINI::instance('sysinfo.ini');
     $recipient = $ini->variable('SystemStatus', 'MailReceiver');
     $mail = new eZMail();
     if (trim($recipient) != '' && $mail->validate($recipient)) {
         $mail->setReceiver($recipient);
         $ini = eZINI::instance();
         $sender = $ini->variable('MailSettings', 'EmailSender');
         $mail->setSender($sender);
         $mail->setSubject("Test email");
         $mail->setBody("This email was automatically sent while testing eZ Publish connectivity to the mail server. Please do not reply.");
         $mailResult = eZMailTransport::send($mail);
         if ($mailResult) {
             $status_tests['mail'] = '1';
         }
     } else {
         $status_tests['mail'] = 'X';
     }
     /*
     $ini = eZINI::instance( 'soap.ini' );
     if ( $ini->variable( 'GeneralSettings', 'EnableSOAP' ) == 'true' )
     {
         /// @todo...
     }
     else
     {
         $status_tests['ez soap'] = 'X';
     }
     
     $ini = eZINI::instance( 'webdav.ini' );
     if ( $ini->variable( 'GeneralSettings', 'EnableWebDAV' ) == 'true' )
     {
         /// @todo...
     }
     else
     {
         $status_tests['ez webdav'] = 'X';
     }
     */
     return $status_tests;
 }
 function validateObjectAttributeHTTPInput($http, $base, $contentObjectAttribute)
 {
     if ($http->hasPostVariable($base . "_data_user_login_" . $contentObjectAttribute->attribute("id")) && $http->hasPostVariable($base . "_data_user_email_" . $contentObjectAttribute->attribute("id")) && $http->hasPostVariable($base . "_data_user_password_" . $contentObjectAttribute->attribute("id")) && $http->hasPostVariable($base . "_data_user_password_confirm_" . $contentObjectAttribute->attribute("id"))) {
         $classAttribute = $contentObjectAttribute->contentClassAttribute();
         $loginName = $http->postVariable($base . "_data_user_login_" . $contentObjectAttribute->attribute("id"));
         $email = $http->postVariable($base . "_data_user_email_" . $contentObjectAttribute->attribute("id"));
         $password = $http->postVariable($base . "_data_user_password_" . $contentObjectAttribute->attribute("id"));
         $passwordConfirm = $http->postVariable($base . "_data_user_password_confirm_" . $contentObjectAttribute->attribute("id"));
         if (trim($loginName) == '') {
             if ($contentObjectAttribute->validateIsRequired() || trim($email) != '') {
                 $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The username must be specified.'));
                 return eZInputValidator::STATE_INVALID;
             }
         } else {
             $existUser = eZUser::fetchByName($loginName);
             if ($existUser != null) {
                 $userID = $existUser->attribute('contentobject_id');
                 if ($userID != $contentObjectAttribute->attribute("contentobject_id")) {
                     $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The username already exists, please choose another one.'));
                     return eZInputValidator::STATE_INVALID;
                 }
             }
             // validate user email
             $isValidate = eZMail::validate($email);
             if (!$isValidate) {
                 $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The email address is not valid.'));
                 return eZInputValidator::STATE_INVALID;
             }
             $authenticationMatch = eZUser::authenticationMatch();
             if ($authenticationMatch & eZUser::AUTHENTICATE_EMAIL) {
                 if (eZUser::requireUniqueEmail()) {
                     $userByEmail = eZUser::fetchByEmail($email);
                     if ($userByEmail != null) {
                         $userID = $userByEmail->attribute('contentobject_id');
                         if ($userID != $contentObjectAttribute->attribute("contentobject_id")) {
                             $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'A user with this email already exists.'));
                             return eZInputValidator::STATE_INVALID;
                         }
                     }
                 }
             }
             // validate user name
             if (!eZUser::validateLoginName($loginName, $errorText)) {
                 $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', $errorText));
                 return eZInputValidator::STATE_INVALID;
             }
             // validate user password
             $ini = eZINI::instance();
             $generatePasswordIfEmpty = $ini->variable("UserSettings", "GeneratePasswordIfEmpty") == 'true';
             if (!$generatePasswordIfEmpty || $password != "") {
                 if ($password == "") {
                     $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The password cannot be empty.', 'eZUserType'));
                     return eZInputValidator::STATE_INVALID;
                 }
                 if ($password != $passwordConfirm) {
                     $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The passwords do not match.', 'eZUserType'));
                     return eZInputValidator::STATE_INVALID;
                 }
                 if (!eZUser::validatePassword($password)) {
                     $minPasswordLength = $ini->variable('UserSettings', 'MinPasswordLength');
                     $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The password must be at least %1 characters long.', null, array($minPasswordLength)));
                     return eZInputValidator::STATE_INVALID;
                 }
                 if (strtolower($password) == 'password') {
                     $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The password must not be "password".'));
                     return eZInputValidator::STATE_INVALID;
                 }
             }
             // validate confirm email
             if ($ini->variable('UserSettings', 'RequireConfirmEmail') == 'true') {
                 $emailConfirm = $http->postVariable($base . "_data_user_email_confirm_" . $contentObjectAttribute->attribute("id"));
                 if ($email != $emailConfirm) {
                     $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'The emails do not match.', 'eZUserType'));
                     return eZInputValidator::STATE_INVALID;
                 }
             }
         }
     } else {
         if ($contentObjectAttribute->validateIsRequired()) {
             $contentObjectAttribute->setValidationError(ezpI18n::tr('kernel/classes/datatypes', 'Input required.'));
             return eZInputValidator::STATE_INVALID;
         }
     }
     return eZInputValidator::STATE_ACCEPTED;
 }
            if ( eZOperationHandler::operationIsAvailable( 'user_forgotpassword' ) )
            {
                $operationResult = eZOperationHandler::execute( 'user',
                                                                'forgotpassword', array( 'user_id'    => $userID,
                                                                                         'password_hash'  => $hashKey,
                                                                                         'time' => $time ) );
            }
            else
            {
                eZUserOperationCollection::forgotpassword( $userID, $hashKey, $time );
            }

            $userToSendEmail = $user;
            $receiver = $email;

            $mail = new eZMail();
            if ( !$mail->validate( $receiver ) )
            {
            }

            $tpl = eZTemplate::factory();
            $tpl->setVariable( 'user', $userToSendEmail );
            $tpl->setVariable( 'object', $userToSendEmail->attribute( 'contentobject' ) );
            $tpl->setVariable( 'password', $password );
            $tpl->setVariable( 'link', true );
            $tpl->setVariable( 'hash_key', $hashKey );
            $templateResult = $tpl->fetch( 'design:user/forgotpasswordmail.tpl' );
            if ( $tpl->hasVariable( 'content_type' ) )
                $mail->setContentType( $tpl->variable( 'content_type' ) );
            $emailSender = $ini->variable( 'MailSettings', 'EmailSender' );
            if ( !$emailSender )
Exemple #30
0
    $module->redirectTo('/shop/basket/');
    return;
}
$tpl->setVariable("input_error", false);
if ($module->isCurrentAction('Store')) {
    $inputIsValid = true;
    $firstName = $http->postVariable("FirstName");
    if (trim($firstName) == "") {
        $inputIsValid = false;
    }
    $lastName = $http->postVariable("LastName");
    if (trim($lastName) == "") {
        $inputIsValid = false;
    }
    $email = $http->postVariable("EMail");
    if (!eZMail::validate($email)) {
        $inputIsValid = false;
    }
    $address = $http->postVariable("Address");
    if (trim($address) == "") {
        $inputIsValid = false;
    }
    $tpl->setVariable("first_name", $firstName);
    $tpl->setVariable("last_name", $lastName);
    $tpl->setVariable("email", $email);
    $tpl->setVariable("address", $address);
    if ($inputIsValid == true) {
        // Check for validation
        $basket = eZBasket::currentBasket();
        $order = $basket->createOrder();
        $doc = new DOMDocument('1.0', 'utf-8');