public final function validated() { $okay = true; if (trim($this->agentId) == "") { $this->setError("Agent id not set or there is an error during the submission of the form contact administrator"); $okay = false; } else { if (!Validator::isEmail($this->email)) { $this->setError("Enter a valid email address"); $okay = false; } else { if (!Validator::isWord($this->firstname) || strlen(trim($this->firstname)) <= 2) { $this->setError("Enter a valid firstname!"); $okay = false; } else { if (!Validator::isWord($this->lastname) || strlen(trim($this->lastname)) <= 2) { $this->setError("Enter a valid lastname!"); $okay = false; } else { if (!Validator::isNumber($this->phonenumber)) { $this->setError("Enter a valid phone number e.g +44(0)7765441232!"); $okay = false; } else { if (strlen(trim($this->password)) < 6) { $this->setError("Enter a valid password that is more than 5 character!"); $okay = false; } } } } } } return $okay; }
private function validate(User $user) { $okay = false; if ($user == null) { return $okay; } if (!Validator::isEmail($user->getEmail())) { $email = $user->getEmail(); if ($email == "" || $email == null) { $this->message = "User email address required"; } else { $this->message = "Invalid email[{$email}] entry"; } } elseif (!Validator::IsWord($user->getFullname())) { $fullname = $user->getFullname(); if ($fullname == null || $fullname == "") { $this->message = "User fullname is required!"; } else { $this->message = "Enter a valid user name "; } } else { if (Validator::IsWord($user->getGender())) { $this->message = "Enter your gender"; } else { $okay = true; } } return $okay; }
public function test_isEmail() { $arrEmails = array('*****@*****.**' => true, 'test@test.c' => false, 'test@test.' => false, 'test@test' => false, 'test@' => false, 'test' => false, Idna::encodeEmail('test@tèst.ch') => true); foreach ($arrEmails as $strAddress => $blnValidity) { $this->assertEquals(Validator::isEmail($strAddress), $blnValidity); } }
/** * This Hook provides case-insensitive contao-login by email usernames * * RFC 5321, section-2.3.11 says that email addresses should be treated as case-insensitive * * @param $strUser * @param $strPassword * @param $strTable * * @return bool */ public function importUserHook($strUser, $strPassword, $strTable) { if (!\Validator::isEmail($strUser)) { return false; } switch ($strTable) { case 'tl_member': $objUser = \FrontendUser::getInstance(); if ($objUser->findBy('LOWER(username)', strtolower($strUser)) !== false) { // set post user name to the users username \Input::setPost('username', $objUser->username); return true; } break; } return false; }
/** * Store Login Module ID in Session, required by LdapAuth (Module config) * @return string */ public function generate() { // Login if (\Input::post('FORM_SUBMIT') == 'tl_login') { if (\Input::post('username', true) && \Input::post('password', true)) { $objMember = \MemberModel::findBy('username', \Input::post('username', true)); if ($objMember !== null) { // always reset the password to a random value, otherwise checkCredentialsHook will never be triggered LdapMember::resetPassword($objMember, \Input::post('username', true)); } } // validate email if ($GLOBALS['TL_CONFIG']['ldap_uid'] == 'mail' && !\Validator::isEmail(\Input::post('username', true))) { \Message::addError($GLOBALS['TL_LANG']['ERR']['email']); $this->reload(); } } $strParent = parent::generate(); return $strParent; }
/** * Renturn a form to choose an existing style sheet and import it * @param \DataContainer * @return string */ public function send(\DataContainer $objDc) { if (TL_MODE == 'BE') { $GLOBALS['TL_CSS'][] = 'system/modules/newsletter_content/assets/css/style.css'; if ($this->isFlexible) { $GLOBALS['TL_CSS'][] = 'system/modules/newsletter_content/assets/css/style-flexible.css'; } } $objNewsletter = $this->Database->prepare("SELECT n.*, c.useSMTP, c.smtpHost, c.smtpPort, c.smtpUser, c.smtpPass FROM tl_newsletter n LEFT JOIN tl_newsletter_channel c ON n.pid=c.id WHERE n.id=?")->limit(1)->execute($objDc->id); // Return if there is no newsletter if ($objNewsletter->numRows < 1) { return ''; } // Overwrite the SMTP configuration if ($objNewsletter->useSMTP) { $GLOBALS['TL_CONFIG']['useSMTP'] = true; $GLOBALS['TL_CONFIG']['smtpHost'] = $objNewsletter->smtpHost; $GLOBALS['TL_CONFIG']['smtpUser'] = $objNewsletter->smtpUser; $GLOBALS['TL_CONFIG']['smtpPass'] = $objNewsletter->smtpPass; $GLOBALS['TL_CONFIG']['smtpEnc'] = $objNewsletter->smtpEnc; $GLOBALS['TL_CONFIG']['smtpPort'] = $objNewsletter->smtpPort; } // Add default sender address if ($objNewsletter->sender == '') { list($objNewsletter->senderName, $objNewsletter->sender) = \String::splitFriendlyEmail($GLOBALS['TL_CONFIG']['adminEmail']); } $arrAttachments = array(); $blnAttachmentsFormatError = false; // Add attachments if ($objNewsletter->addFile) { $files = deserialize($objNewsletter->files); if (!empty($files) && is_array($files)) { $objFiles = \FilesModel::findMultipleByUuids($files); if ($objFiles === null) { if (!\Validator::isUuid($files[0])) { $blnAttachmentsFormatError = true; \Message::addError($GLOBALS['TL_LANG']['ERR']['version2format']); } } else { while ($objFiles->next()) { if (is_file(TL_ROOT . '/' . $objFiles->path)) { $arrAttachments[] = $objFiles->path; } } } } } // Get content $html = ''; $objContentElements = \ContentModel::findPublishedByPidAndTable($objNewsletter->id, 'tl_newsletter'); if ($objContentElements !== null) { if (!defined('NEWSLETTER_CONTENT_PREVIEW')) { define('NEWSLETTER_CONTENT_PREVIEW', true); } while ($objContentElements->next()) { $html .= $this->getContentElement($objContentElements->id); } } // Replace insert tags $text = $this->replaceInsertTags($objNewsletter->text); $html = $this->replaceInsertTags($html); // Convert relative URLs $html = $this->convertRelativeUrls($html); // Set back to object $objNewsletter->content = $html; // Send newsletter if (!$blnAttachmentsFormatError && \Input::get('token') != '' && \Input::get('token') == $this->Session->get('tl_newsletter_send')) { $referer = preg_replace('/&(amp;)?(start|mpc|token|recipient|preview)=[^&]*/', '', \Environment::get('request')); // Preview if (isset($_GET['preview'])) { // Check the e-mail address if (!\Validator::isEmail(\Input::get('recipient', true))) { $_SESSION['TL_PREVIEW_MAIL_ERROR'] = true; $this->redirect($referer); } // get preview recipient $arrRecipient = array(); $strEmail = urldecode(\Input::get('recipient', true)); $objRecipient = $this->Database->prepare("SELECT * FROM tl_member m WHERE email=? ORDER BY email")->limit(1)->execute($strEmail); if ($objRecipient->num_rows < 1) { $arrRecipient['email'] = $strEmail; } else { $arrRecipient = $objRecipient->row(); } $arrRecipient = array_merge($arrRecipient, array('extra' => '&preview=1', 'tracker_png' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $strEmail . '&preview=1&t=png', 'tracker_gif' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $strEmail . '&preview=1&t=gif', 'tracker_css' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $strEmail . '&preview=1&t=css', 'tracker_js' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $strEmail . '&preview=1&t=js')); // Send $objEmail = $this->generateEmailObject($objNewsletter, $arrAttachments); $objNewsletter->email = $strEmail; $this->sendNewsletter($objEmail, $objNewsletter, $arrRecipient, $text, $html); // Redirect \Message::addConfirmation(sprintf($GLOBALS['TL_LANG']['tl_newsletter']['confirm'], 1)); $this->redirect($referer); } // Get the total number of recipients $objTotal = $this->Database->prepare("SELECT COUNT(DISTINCT email) AS count FROM tl_newsletter_recipients WHERE pid=? AND active=1")->execute($objNewsletter->pid); // Return if there are no recipients if ($objTotal->count < 1) { $this->Session->set('tl_newsletter_send', null); \Message::addError($GLOBALS['TL_LANG']['tl_newsletter']['error']); $this->redirect($referer); } $intTotal = $objTotal->count; // Get page and timeout $intTimeout = \Input::get('timeout') > 0 ? \Input::get('timeout') : 1; $intStart = \Input::get('start') ? \Input::get('start') : 0; $intPages = \Input::get('mpc') ? \Input::get('mpc') : 10; // Get recipients $objRecipients = $this->Database->prepare("SELECT *, r.email FROM tl_newsletter_recipients r LEFT JOIN tl_member m ON(r.email=m.email) WHERE r.pid=? AND r.active=1 GROUP BY r.email ORDER BY r.email")->limit($intPages, $intStart)->execute($objNewsletter->pid); echo '<div style="font-family:Verdana,sans-serif;font-size:11px;line-height:16px;margin-bottom:12px">'; // Send newsletter if ($objRecipients->numRows > 0) { // Update status if ($intStart == 0) { $this->Database->prepare("UPDATE tl_newsletter SET sent=1, date=? WHERE id=?")->execute(time(), $objNewsletter->id); $_SESSION['REJECTED_RECIPIENTS'] = array(); } while ($objRecipients->next()) { $objEmail = $this->generateEmailObject($objNewsletter, $arrAttachments); $objNewsletter->email = $objRecipients->email; $arrRecipient = array_merge($objRecipients->row(), array('tracker_png' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $objRecipients->email . '&t=png', 'tracker_gif' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $objRecipients->email . '&t=gif', 'tracker_css' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $objRecipients->email . '&t=css', 'tracker_js' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $objRecipients->email . '&t=js')); $this->sendNewsletter($objEmail, $objNewsletter, $arrRecipient, $text, $html); echo 'Sending newsletter to <strong>' . $objRecipients->email . '</strong><br>'; } } echo '<div style="margin-top:12px">'; // Redirect back home if ($objRecipients->numRows < 1 || $intStart + $intPages >= $intTotal) { $this->Session->set('tl_newsletter_send', null); // Deactivate rejected addresses if (!empty($_SESSION['REJECTED_RECIPIENTS'])) { $intRejected = count($_SESSION['REJECTED_RECIPIENTS']); \Message::addInfo(sprintf($GLOBALS['TL_LANG']['tl_newsletter']['rejected'], $intRejected)); $intTotal -= $intRejected; foreach ($_SESSION['REJECTED_RECIPIENTS'] as $strRecipient) { $this->Database->prepare("UPDATE tl_newsletter_recipients SET active='' WHERE email=?")->execute($strRecipient); $this->log('Recipient address "' . $strRecipient . '" was rejected and has been deactivated', __METHOD__, TL_ERROR); } } $this->Database->prepare("UPDATE tl_newsletter SET recipients=?, rejected=? WHERE id=?")->execute($intTotal, $intRejected, $objNewsletter->id); \Message::addConfirmation(sprintf($GLOBALS['TL_LANG']['tl_newsletter']['confirm'], $intTotal)); echo '<script>setTimeout(\'window.location="' . \Environment::get('base') . $referer . '"\',1000)</script>'; echo '<a href="' . \Environment::get('base') . $referer . '">Please click here to proceed if you are not using JavaScript</a>'; } else { $url = preg_replace('/&(amp;)?(start|mpc|recipient)=[^&]*/', '', \Environment::get('request')) . '&start=' . ($intStart + $intPages) . '&mpc=' . $intPages; echo '<script>setTimeout(\'window.location="' . \Environment::get('base') . $url . '"\',' . $intTimeout * 1000 . ')</script>'; echo '<a href="' . \Environment::get('base') . $url . '">Please click here to proceed if you are not using JavaScript</a>'; } echo '</div></div>'; exit; } $strToken = md5(uniqid(mt_rand(), true)); $this->Session->set('tl_newsletter_send', $strToken); $sprintf = $objNewsletter->senderName != '' ? $objNewsletter->senderName . ' <%s>' : '%s'; $this->import('BackendUser', 'User'); // prepare preview $preview = $text; if (!$objNewsletter->sendText) { // Default template if ($objNewsletter->template == '') { $objNewsletter->template = 'mail_default'; } // Load the mail template $objTemplate = new \BackendTemplate($objNewsletter->template); $objTemplate->setData($objNewsletter->row()); $objTemplate->title = $objNewsletter->subject; $objTemplate->body = $html; $objTemplate->charset = $GLOBALS['TL_CONFIG']['characterSet']; $objTemplate->css = $css; // Backwards compatibility // Parse template $preview = $objTemplate->parse(); } // Replace inserttags $arrName = explode(' ', $this->User->name); $preview = $this->replaceInsertTags($preview); $preview = $this->prepareLinkTracking($preview, $objNewsletter->id, $this->User->email, '&preview=1'); $preview = $this->parseSimpleTokens($preview, array('firstname' => $arrName[0], 'lastname' => $arrName[sizeof($arrName) - 1], 'street' => 'Königsbrücker Str. 9', 'postal' => '01099', 'city' => 'Dresden', 'phone' => '0351 30966184', 'email' => $this->User->email, 'tracker_png' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $this->User->email . '&preview=1&t=png', 'tracker_gif' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $this->User->email . '&preview=1&t=gif', 'tracker_css' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $this->User->email . '&preview=1&t=css', 'tracker_js' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $this->User->email . '&preview=1&t=js')); // Create cache folder if (!file_exists(TL_ROOT . '/system/cache/newsletter')) { mkdir(TL_ROOT . '/system/cache/newsletter'); file_put_contents(TL_ROOT . '/system/cache/newsletter/.htaccess', '<IfModule !mod_authz_core.c> Order allow,deny Allow from all </IfModule> <IfModule mod_authz_core.c> Require all granted </IfModule>'); } // Cache preview file_put_contents(TL_ROOT . '/system/cache/newsletter/' . $objNewsletter->alias . '.html', preg_replace('/^\\s+|\\n|\\r|\\s+$/m', '', $preview)); // Preview newsletter $return = ' <div id="tl_buttons"> <a href="' . $this->getReferer(true) . '" class="header_back" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a> </div> <h2 class="sub_headline">' . sprintf($GLOBALS['TL_LANG']['tl_newsletter']['send'][1], $objNewsletter->id) . '</h2> ' . \Message::generate() . ' <form action="' . ampersand(\Environment::get('script'), true) . '" id="tl_newsletter_send" class="tl_form" method="get"> <div class="tl_formbody_edit tl_newsletter_send"> <input type="hidden" name="do" value="' . \Input::get('do') . '"> <input type="hidden" name="table" value="' . \Input::get('table') . '"> <input type="hidden" name="key" value="' . \Input::get('key') . '"> <input type="hidden" name="id" value="' . \Input::get('id') . '"> <input type="hidden" name="token" value="' . $strToken . '"> <table class="prev_header"> <tr class="row_0"> <td class="col_0">' . $GLOBALS['TL_LANG']['tl_newsletter']['from'] . '</td> <td class="col_1">' . sprintf($sprintf, $objNewsletter->sender) . '</td> </tr> <tr class="row_1"> <td class="col_0">' . $GLOBALS['TL_LANG']['tl_newsletter']['subject'][0] . '</td> <td class="col_1">' . $objNewsletter->subject . '</td> </tr> <tr class="row_2"> <td class="col_0">' . $GLOBALS['TL_LANG']['tl_newsletter']['template'][0] . '</td> <td class="col_1">' . $objNewsletter->template . '</td> </tr>' . (!empty($arrAttachments) && is_array($arrAttachments) ? ' <tr class="row_3"> <td class="col_0">' . $GLOBALS['TL_LANG']['tl_newsletter']['attachments'] . '</td> <td class="col_1">' . implode(', ', $arrAttachments) . '</td> </tr>' : '') . ' </table>' . (!$objNewsletter->sendText ? ' <iframe class="preview_html" id="preview_html" seamless border="0" width="703px" height="503px" style="padding:0" src="system/cache/newsletter/' . $objNewsletter->alias . '.html"></iframe> ' : '') . ' <div class="preview_text"> ' . nl2br_html5($text) . ' </div> <div class="tl_tbox"> <div class="w50"> <h3><label for="ctrl_mpc">' . $GLOBALS['TL_LANG']['tl_newsletter']['mailsPerCycle'][0] . '</label></h3> <input type="text" name="mpc" id="ctrl_mpc" value="10" class="tl_text" onfocus="Backend.getScrollOffset()">' . ($GLOBALS['TL_LANG']['tl_newsletter']['mailsPerCycle'][1] && $GLOBALS['TL_CONFIG']['showHelp'] ? ' <p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['tl_newsletter']['mailsPerCycle'][1] . '</p>' : '') . ' </div> <div class="w50"> <h3><label for="ctrl_timeout">' . $GLOBALS['TL_LANG']['tl_newsletter']['timeout'][0] . '</label></h3> <input type="text" name="timeout" id="ctrl_timeout" value="1" class="tl_text" onfocus="Backend.getScrollOffset()">' . ($GLOBALS['TL_LANG']['tl_newsletter']['timeout'][1] && $GLOBALS['TL_CONFIG']['showHelp'] ? ' <p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['tl_newsletter']['timeout'][1] . '</p>' : '') . ' </div> <div class="w50"> <h3><label for="ctrl_start">' . $GLOBALS['TL_LANG']['tl_newsletter']['start'][0] . '</label></h3> <input type="text" name="start" id="ctrl_start" value="0" class="tl_text" onfocus="Backend.getScrollOffset()">' . ($GLOBALS['TL_LANG']['tl_newsletter']['start'][1] && $GLOBALS['TL_CONFIG']['showHelp'] ? ' <p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['tl_newsletter']['start'][1] . '</p>' : '') . ' </div> <div class="w50"> <h3><label for="ctrl_recipient">' . $GLOBALS['TL_LANG']['tl_newsletter']['sendPreviewTo'][0] . '</label></h3> <input type="text" name="recipient" id="ctrl_recipient" value="' . $this->User->email . '" class="tl_text" onfocus="Backend.getScrollOffset()">' . (isset($_SESSION['TL_PREVIEW_MAIL_ERROR']) ? ' <div class="tl_error">' . $GLOBALS['TL_LANG']['ERR']['email'] . '</div>' : ($GLOBALS['TL_LANG']['tl_newsletter']['sendPreviewTo'][1] && $GLOBALS['TL_CONFIG']['showHelp'] ? ' <p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['tl_newsletter']['sendPreviewTo'][1] . '</p>' : '')) . ' </div> <div class="clear"></div> </div> </div>'; // Do not send the newsletter if there is an attachment format error if (!$blnAttachmentsFormatError) { $return .= ' <div class="tl_formbody_submit"> <div class="tl_submit_container"> <input type="submit" name="preview" class="tl_submit" accesskey="p" value="' . specialchars($GLOBALS['TL_LANG']['tl_newsletter']['preview']) . '"> <input type="submit" id="send" class="tl_submit" accesskey="s" value="' . specialchars($GLOBALS['TL_LANG']['tl_newsletter']['send'][0]) . '" onclick="return confirm(\'' . str_replace("'", "\\'", $GLOBALS['TL_LANG']['tl_newsletter']['sendConfirm']) . '\')"> </div> </div>'; } $return .= ' </form>'; unset($_SESSION['TL_PREVIEW_MAIL_ERROR']); return $return; }
if($validator->isValid()) { $auth->avatar($db, $user_id, $avatar); move_uploaded_file($_FILES['avatar']['tmp_name'], $avatar); $info_user->avatar = $avatar; } else { $errors = $validator->getErrors(); }*/ if (isset($_POST['email_modif'])) { $validator = new Validator($_POST); if (!empty($_POST['pass']) && !empty($_POST['email'])) { $pass = $_POST['pass']; $password = $auth->hashPassword($pass); $email = htmlspecialchars($_POST['email']); if ($password == $info_user->password) { $validator->isEmail('email', "Votre email n'est pas valide"); if ($validator->isValid()) { $validator->isUniq('email', $db, 'users', 'Cet email est déjà utilisé pour un autre compte'); } if ($validator->isValid()) { $db->query('UPDATE users SET email = ? WHERE id_user = ?', [$email, $user_id]); $_SESSION['flash']['success'] = "Votre email a bien été mis à jour"; $info_user->email = $email; } else { $errors = $validator->getErrors(); } } else { $_SESSION['flash']['danger'] = "Erreur dans le mot de passs actuel"; } } else { $_SESSION['flash']['danger'] = "Veuillez remplir tous les champs";
/** * Remove the recipient */ protected function removeRecipient() { $arrChannels = \Input::post('channels'); $arrChannels = array_intersect($arrChannels, $this->nl_channels); // see #3240 // Check the selection if (!is_array($arrChannels) || empty($arrChannels)) { $_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['noChannels']; $this->reload(); } $varInput = \Idna::encodeEmail(\Input::post('email', true)); // Validate e-mail address if (!\Validator::isEmail($varInput)) { $_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['email']; $this->reload(); } $arrSubscriptions = array(); // Get the existing active subscriptions if (($objSubscription = \NewsletterRecipientsModel::findBy(array("email=? AND active=1"), $varInput)) !== null) { $arrSubscriptions = $objSubscription->fetchEach('pid'); } $arrRemove = array_intersect($arrChannels, $arrSubscriptions); // Return if there are no subscriptions to remove if (!is_array($arrRemove) || empty($arrRemove)) { $_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['unsubscribed']; $this->reload(); } // Remove the subscriptions if (($objRemove = \NewsletterRecipientsModel::findByEmailAndPids($varInput, $arrRemove)) !== null) { while ($objRemove->next()) { $objRemove->delete(); } } // Get the channels $objChannels = \NewsletterChannelModel::findByIds($arrRemove); $arrChannels = $objChannels->fetchEach('title'); // Log activity $this->log($varInput . ' unsubscribed from ' . implode(', ', $arrChannels), 'ModuleUnsubscribe removeRecipient()', TL_NEWSLETTER); // HOOK: post unsubscribe callback if (isset($GLOBALS['TL_HOOKS']['removeRecipient']) && is_array($GLOBALS['TL_HOOKS']['removeRecipient'])) { foreach ($GLOBALS['TL_HOOKS']['removeRecipient'] as $callback) { $this->import($callback[0]); $this->{$callback}[0]->{$callback}[1]($varInput, $arrRemove); } } // Prepare the e-mail text $strText = str_replace('##domain##', \Environment::get('host'), $this->nl_unsubscribe); $strText = str_replace(array('##channel##', '##channels##'), implode("\n", $arrChannels), $strText); // Confirmation e-mail $objEmail = new \Email(); $objEmail->from = $GLOBALS['TL_ADMIN_EMAIL']; $objEmail->fromName = $GLOBALS['TL_ADMIN_NAME']; $objEmail->subject = sprintf($GLOBALS['TL_LANG']['MSC']['nl_subject'], \Environment::get('host')); $objEmail->text = $strText; $objEmail->sendTo($varInput); // Redirect to the jumpTo page if ($this->jumpTo && ($objTarget = $this->objModel->getRelated('jumpTo')) !== null) { $this->redirect($this->generateFrontendUrl($objTarget->row())); } $_SESSION['UNSUBSCRIBE_CONFIRM'] = $GLOBALS['TL_LANG']['MSC']['nl_removed']; $this->reload(); }
/** * Set the Return-Path property. * @param string $address The email address. */ public function setReturnPath($address) { $this->prepareAddr($address); if (!Validator::isEmail($address)) { throw new EmailException(array("Email address '%s' is invalid.", $address)); } $this->returnPath = $address; }
/** * Add a new recipient */ protected function addRecipient() { if (!\Environment::get('isAjaxRequest')) { return parent::addRecipient(); } $arrChannels = \Input::post('channels'); if (!is_array($arrChannels)) { $_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['noChannels']; return false; } $arrChannels = array_intersect($arrChannels, $this->nl_channels); // see #3240 // Check the selection if (!is_array($arrChannels) || empty($arrChannels)) { $_SESSION['SUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['noChannels']; return false; } $varInput = \Idna::encodeEmail(\Input::post('email', true)); // Validate the e-mail address if (!\Validator::isEmail($varInput)) { $_SESSION['SUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['email']; return false; } $arrSubscriptions = array(); // Get the existing active subscriptions if (($objSubscription = \NewsletterRecipientsModel::findBy(array("email=? AND active=1"), $varInput)) !== null) { $arrSubscriptions = $objSubscription->fetchEach('pid'); } $arrNew = array_diff($arrChannels, $arrSubscriptions); // Return if there are no new subscriptions if (!is_array($arrNew) || empty($arrNew)) { $_SESSION['SUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['subscribed']; return false; } // Remove old subscriptions that have not been activated yet if (($objOld = \NewsletterRecipientsModel::findBy(array("email=? AND active=''"), $varInput)) !== null) { while ($objOld->next()) { $objOld->delete(); } } $time = time(); $strToken = md5(uniqid(mt_rand(), true)); // Add the new subscriptions foreach ($arrNew as $id) { $objRecipient = new \NewsletterRecipientsModel(); $objRecipient->pid = $id; $objRecipient->tstamp = $time; $objRecipient->email = $varInput; $objRecipient->active = ''; $objRecipient->addedOn = $time; $objRecipient->ip = $this->anonymizeIp(\Environment::get('ip')); $objRecipient->token = $strToken; $objRecipient->confirmed = ''; $objRecipient->save(); } // Get the channels $objChannel = \NewsletterChannelModel::findByIds($arrChannels); // Prepare the e-mail text $strText = str_replace('##token##', $strToken, $this->nl_subscribe); $strText = str_replace('##domain##', \Idna::decode(\Environment::get('host')), $strText); $strText = str_replace('##link##', \Idna::decode(\Environment::get('base')) . \Environment::get('request') . (\Config::get('disableAlias') || strpos(\Environment::get('request'), '?') !== false ? '&' : '?') . 'token=' . $strToken, $strText); $strText = str_replace(array('##channel##', '##channels##'), implode("\n", $objChannel->fetchEach('title')), $strText); // Activation e-mail $objEmail = new \Email(); $objEmail->from = $GLOBALS['TL_ADMIN_EMAIL']; $objEmail->fromName = $GLOBALS['TL_ADMIN_NAME']; $objEmail->subject = sprintf($GLOBALS['TL_LANG']['MSC']['nl_subject'], \Idna::decode(\Environment::get('host'))); $objEmail->text = $strText; $objEmail->sendTo($varInput); // Redirect to the jumpTo page if ($this->jumpTo && ($objTarget = $this->objModel->getRelated('jumpTo')) !== null) { $this->redirect($this->generateFrontendUrl($objTarget->row())); } $_SESSION['SUBSCRIBE_CONFIRM'] = $GLOBALS['TL_LANG']['MSC']['nl_confirm']; return true; }
/** * Validate an e-mail address * * @param string $strEmail The e-mail address * * @return boolean True if it is a valid e-mail address * * @deprecated Use Validator::isEmail() instead */ protected function isValidEmailAddress($strEmail) { return \Validator::isEmail($strEmail); }
/** * Recursively validate an input variable * * @param mixed $varInput The user input * * @return mixed The original or modified user input */ protected function validator($varInput) { if (is_array($varInput)) { foreach ($varInput as $k => $v) { $varInput[$k] = $this->validator($v); } return $varInput; } if (!$this->doNotTrim) { $varInput = trim($varInput); } if ($varInput == '') { if (!$this->mandatory) { return ''; } else { if ($this->strLabel == '') { $this->addError($GLOBALS['TL_LANG']['ERR']['mdtryNoLabel']); } else { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['mandatory'], $this->strLabel)); } } } if ($this->minlength && $varInput != '' && utf8_strlen($varInput) < $this->minlength) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['minlength'], $this->strLabel, $this->minlength)); } if ($this->maxlength && $varInput != '' && utf8_strlen($varInput) > $this->maxlength) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['maxlength'], $this->strLabel, $this->maxlength)); } if ($this->minval && is_numeric($varInput) && $varInput < $this->minval) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['minval'], $this->strLabel, $this->minval)); } if ($this->maxval && is_numeric($varInput) && $varInput > $this->maxval) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['maxval'], $this->strLabel, $this->maxval)); } if ($this->rgxp != '') { switch ($this->rgxp) { // Special validation rule for style sheets case strncmp($this->rgxp, 'digit_', 6) === 0: $textual = explode('_', $this->rgxp); array_shift($textual); if (in_array($varInput, $textual) || strncmp($varInput, '$', 1) === 0) { break; } // DO NOT ADD A break; STATEMENT HERE // Numeric characters (including full stop [.] and minus [-]) // DO NOT ADD A break; STATEMENT HERE // Numeric characters (including full stop [.] and minus [-]) case 'digit': // Support decimal commas and convert them automatically (see #3488) if (substr_count($varInput, ',') == 1 && strpos($varInput, '.') === false) { $varInput = str_replace(',', '.', $varInput); } if (!\Validator::isNumeric($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['digit'], $this->strLabel)); } break; // Natural numbers (positive integers) // Natural numbers (positive integers) case 'natural': if (!\Validator::isNatural($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['natural'], $this->strLabel)); } break; // Alphabetic characters (including full stop [.] minus [-] and space [ ]) // Alphabetic characters (including full stop [.] minus [-] and space [ ]) case 'alpha': if (!\Validator::isAlphabetic($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alpha'], $this->strLabel)); } break; // Alphanumeric characters (including full stop [.] minus [-], underscore [_] and space [ ]) // Alphanumeric characters (including full stop [.] minus [-], underscore [_] and space [ ]) case 'alnum': if (!\Validator::isAlphanumeric($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alnum'], $this->strLabel)); } break; // Do not allow any characters that are usually encoded by class Input [=<>()#/]) // Do not allow any characters that are usually encoded by class Input [=<>()#/]) case 'extnd': if (!\Validator::isExtendedAlphanumeric(html_entity_decode($varInput))) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['extnd'], $this->strLabel)); } break; // Check whether the current value is a valid date format // Check whether the current value is a valid date format case 'date': if (!\Validator::isDate($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['date'], \Date::getInputFormat(\Date::getNumericDateFormat()))); } else { // Validate the date (see #5086) try { new \Date($varInput, \Date::getNumericDateFormat()); } catch (\OutOfBoundsException $e) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varInput)); } } break; // Check whether the current value is a valid time format // Check whether the current value is a valid time format case 'time': if (!\Validator::isTime($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['time'], \Date::getInputFormat(\Date::getNumericTimeFormat()))); } break; // Check whether the current value is a valid date and time format // Check whether the current value is a valid date and time format case 'datim': if (!\Validator::isDatim($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['dateTime'], \Date::getInputFormat(\Date::getNumericDatimFormat()))); } else { // Validate the date (see #5086) try { new \Date($varInput, \Date::getNumericDatimFormat()); } catch (\OutOfBoundsException $e) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varInput)); } } break; // Check whether the current value is a valid friendly name e-mail address // Check whether the current value is a valid friendly name e-mail address case 'friendly': list($strName, $varInput) = \String::splitFriendlyEmail($varInput); // no break; // Check whether the current value is a valid e-mail address // no break; // Check whether the current value is a valid e-mail address case 'email': if (!\Validator::isEmail($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['email'], $this->strLabel)); } if ($this->rgxp == 'friendly' && $strName != '') { $varInput = $strName . ' [' . $varInput . ']'; } break; // Check whether the current value is list of valid e-mail addresses // Check whether the current value is list of valid e-mail addresses case 'emails': $arrEmails = trimsplit(',', $varInput); foreach ($arrEmails as $strEmail) { $strEmail = \Idna::encodeEmail($strEmail); if (!\Validator::isEmail($strEmail)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['emails'], $this->strLabel)); break; } } break; // Check whether the current value is a valid URL // Check whether the current value is a valid URL case 'url': if (!\Validator::isUrl($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['url'], $this->strLabel)); } break; // Check whether the current value is a valid alias // Check whether the current value is a valid alias case 'alias': if (!\Validator::isAlias($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alias'], $this->strLabel)); } break; // Check whether the current value is a valid folder URL alias // Check whether the current value is a valid folder URL alias case 'folderalias': if (!\Validator::isFolderAlias($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['folderalias'], $this->strLabel)); } break; // Phone numbers (numeric characters, space [ ], plus [+], minus [-], parentheses [()] and slash [/]) // Phone numbers (numeric characters, space [ ], plus [+], minus [-], parentheses [()] and slash [/]) case 'phone': if (!\Validator::isPhone(html_entity_decode($varInput))) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['phone'], $this->strLabel)); } break; // Check whether the current value is a percent value // Check whether the current value is a percent value case 'prcnt': if (!\Validator::isPercent($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['prcnt'], $this->strLabel)); } break; // Check whether the current value is a locale // Check whether the current value is a locale case 'locale': if (!\Validator::isLocale($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['locale'], $this->strLabel)); } break; // Check whether the current value is a language code // Check whether the current value is a language code case 'language': if (!\Validator::isLanguage($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['language'], $this->strLabel)); } break; // Check whether the current value is a Google+ ID or vanity name // Check whether the current value is a Google+ ID or vanity name case 'google+': if (!\Validator::isGooglePlusId($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidGoogleId'], $this->strLabel)); } break; // HOOK: pass unknown tags to callback functions // HOOK: pass unknown tags to callback functions default: if (isset($GLOBALS['TL_HOOKS']['addCustomRegexp']) && is_array($GLOBALS['TL_HOOKS']['addCustomRegexp'])) { foreach ($GLOBALS['TL_HOOKS']['addCustomRegexp'] as $callback) { $this->import($callback[0]); $break = $this->{$callback}[0]->{$callback}[1]($this->rgxp, $varInput, $this); // Stop the loop if a callback returned true if ($break === true) { break; } } } break; } } if ($this->isHexColor && $varInput != '' && strncmp($varInput, '$', 1) !== 0) { $varInput = preg_replace('/[^a-f0-9]+/i', '', $varInput); } if ($this->nospace && preg_match('/[\\t ]+/', $varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['noSpace'], $this->strLabel)); } if ($this->spaceToUnderscore) { $varInput = preg_replace('/\\s+/', '_', trim($varInput)); } if (is_bool($this->trailingSlash) && $varInput != '') { $varInput = preg_replace('/\\/+$/', '', $varInput) . ($this->trailingSlash ? '/' : ''); } return $varInput; }
/** * Recursively validate an input variable * * @param mixed $varInput The user input * * @return mixed The original or modified user input */ protected function validator($varInput) { if (is_array($varInput)) { foreach ($varInput as $k => $v) { $varInput[$k] = $this->validator($v); } return $varInput; } $varInput = trim($varInput); if ($varInput == '') { if (!$this->mandatory) { return ''; } else { if ($this->strLabel == '') { $this->addError($GLOBALS['TL_LANG']['ERR']['mdtryNoLabel']); } else { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['mandatory'], $this->strLabel)); } } } if ($this->minlength && $varInput != '' && utf8_strlen($varInput) < $this->minlength) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['minlength'], $this->strLabel, $this->minlength)); } if ($this->maxlength && $varInput != '' && utf8_strlen($varInput) > $this->maxlength) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['maxlength'], $this->strLabel, $this->maxlength)); } if ($this->rgxp != '') { switch ($this->rgxp) { // Special validation rule for style sheets case strncmp($this->rgxp, 'digit_', 6) === 0: $textual = explode('_', $this->rgxp); array_shift($textual); if (in_array($varInput, $textual) || strncmp($varInput, '$', 1) === 0) { break; } // DO NOT ADD A break; STATEMENT HERE // Numeric characters (including full stop [.] minus [-] and space [ ]) // DO NOT ADD A break; STATEMENT HERE // Numeric characters (including full stop [.] minus [-] and space [ ]) case 'digit': if (!\Validator::isNumeric($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['digit'], $this->strLabel)); } break; // Alphabetic characters (including full stop [.] minus [-] and space [ ]) // Alphabetic characters (including full stop [.] minus [-] and space [ ]) case 'alpha': if (!\Validator::isAlphabetic($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alpha'], $this->strLabel)); } break; // Alphanumeric characters (including full stop [.] minus [-], underscore [_] and space [ ]) // Alphanumeric characters (including full stop [.] minus [-], underscore [_] and space [ ]) case 'alnum': if (!\Validator::isAlphanumeric($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alnum'], $this->strLabel)); } break; // Do not allow any characters that are usually encoded by class Input [=<>()#/]) // Do not allow any characters that are usually encoded by class Input [=<>()#/]) case 'extnd': if (!\Validator::isExtendedAlphanumeric(html_entity_decode($varInput))) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['extnd'], $this->strLabel)); } break; // Check whether the current value is a valid date format // Check whether the current value is a valid date format case 'date': $objDate = new \Date(); if (!preg_match('~^' . $objDate->getRegexp($GLOBALS['TL_CONFIG']['dateFormat']) . '$~i', $varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['date'], $objDate->getInputFormat($GLOBALS['TL_CONFIG']['dateFormat']))); } break; // Check whether the current value is a valid time format // Check whether the current value is a valid time format case 'time': $objDate = new \Date(); if (!preg_match('~^' . $objDate->getRegexp($GLOBALS['TL_CONFIG']['timeFormat']) . '$~i', $varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['time'], $objDate->getInputFormat($GLOBALS['TL_CONFIG']['timeFormat']))); } break; // Check whether the current value is a valid date and time format // Check whether the current value is a valid date and time format case 'datim': $objDate = new \Date(); if (!preg_match('~^' . $objDate->getRegexp($GLOBALS['TL_CONFIG']['datimFormat']) . '$~i', $varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['dateTime'], $objDate->getInputFormat($GLOBALS['TL_CONFIG']['datimFormat']))); } break; // Check whether the current value is a valid friendly name e-mail address // Check whether the current value is a valid friendly name e-mail address case 'friendly': list($strName, $varInput) = $this->splitFriendlyName($varInput); // no break; // Check whether the current value is a valid e-mail address // no break; // Check whether the current value is a valid e-mail address case 'email': if (!\Validator::isEmail($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['email'], $this->strLabel)); } if ($this->rgxp == 'friendly' && $strName != '') { $varInput = $strName . ' [' . $varInput . ']'; } break; // Check whether the current value is list of valid e-mail addresses // Check whether the current value is list of valid e-mail addresses case 'emails': $arrEmails = trimsplit(',', $varInput); foreach ($arrEmails as $strEmail) { $strEmail = \Idna::encodeEmail($strEmail); if (!\Validator::isEmail($strEmail)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['emails'], $this->strLabel)); break; } } break; // Check whether the current value is a valid URL // Check whether the current value is a valid URL case 'url': if (!\Validator::isUrl($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['url'], $this->strLabel)); } break; // Check whether the current value is a valid alias // Check whether the current value is a valid alias case 'alias': if (!\Validator::isAlias($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alias'], $this->strLabel)); } break; // Check whether the current value is a valid folder URL alias // Check whether the current value is a valid folder URL alias case 'folderalias': if (!\Validator::isFolderAlias($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['folderalias'], $this->strLabel)); } break; // Phone numbers (numeric characters, space [ ], plus [+], minus [-], parentheses [()] and slash [/]) // Phone numbers (numeric characters, space [ ], plus [+], minus [-], parentheses [()] and slash [/]) case 'phone': if (!\Validator::isPhone(html_entity_decode($varInput))) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['phone'], $this->strLabel)); } break; // Check whether the current value is a percent value // Check whether the current value is a percent value case 'prcnt': if (!\Validator::isPercent($varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['prcnt'], $this->strLabel)); } break; // HOOK: pass unknown tags to callback functions // HOOK: pass unknown tags to callback functions default: if (isset($GLOBALS['TL_HOOKS']['addCustomRegexp']) && is_array($GLOBALS['TL_HOOKS']['addCustomRegexp'])) { foreach ($GLOBALS['TL_HOOKS']['addCustomRegexp'] as $callback) { $this->import($callback[0]); $break = $this->{$callback}[0]->{$callback}[1]($this->rgxp, $varInput, $this); // Stop the loop if a callback returned true if ($break === true) { break; } } } break; } } if ($this->isHexColor && $varInput != '' && strncmp($varInput, '$', 1) !== 0) { $varInput = preg_replace('/[^a-f0-9]+/i', '', $varInput); } if ($this->nospace && preg_match('/[\\t ]+/i', $varInput)) { $this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['noSpace'], $this->strLabel)); } if ($this->spaceToUnderscore) { $varInput = preg_replace('/\\s+/i', '_', trim($varInput)); } if (is_bool($this->trailingSlash) && $varInput != '') { $varInput = preg_replace('/\\/+$/i', '', $varInput) . ($this->trailingSlash ? '/' : ''); } return $varInput; }
/** * Generate CC or BCC recipients from comma separated string * * @param string $strRecipients * @param array $arrTokens * * @return array */ public static function compileRecipients($strRecipients, $arrTokens) { // Replaces tokens first so that tokens can contain a list of recipients. $strRecipients = \Haste\Util\StringUtil::recursiveReplaceTokensAndTags($strRecipients, $arrTokens, static::NO_TAGS | static::NO_BREAKS); $arrRecipients = array(); foreach ((array) trimsplit(',', $strRecipients) as $strAddress) { if ($strAddress != '') { list($strName, $strEmail) = \String::splitFriendlyEmail($strAddress); // Address could become empty through invalid insert tag if ($strAddress == '' || !\Validator::isEmail($strEmail)) { continue; } $arrRecipients[] = $strAddress; } } return $arrRecipients; }
/** * Return a form to choose a CSV file and import it * * @return string */ public function importRecipients() { if (\Input::get('key') != 'import') { return ''; } $this->import('BackendUser', 'User'); $class = $this->User->uploader; // See #4086 and #7046 if (!class_exists($class) || $class == 'DropZone') { $class = 'FileUpload'; } /** @var \FileUpload $objUploader */ $objUploader = new $class(); // Import CSS if (\Input::post('FORM_SUBMIT') == 'tl_recipients_import') { $arrUploaded = $objUploader->uploadTo('system/tmp'); if (empty($arrUploaded)) { \Message::addError($GLOBALS['TL_LANG']['ERR']['all_fields']); $this->reload(); } $time = time(); $intTotal = 0; $intInvalid = 0; foreach ($arrUploaded as $strCsvFile) { $objFile = new \File($strCsvFile, true); if ($objFile->extension != 'csv') { \Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['filetype'], $objFile->extension)); continue; } // Get separator switch (\Input::post('separator')) { case 'semicolon': $strSeparator = ';'; break; case 'tabulator': $strSeparator = "\t"; break; case 'linebreak': $strSeparator = "\n"; break; default: $strSeparator = ','; break; } $arrRecipients = array(); $resFile = $objFile->handle; while (($arrRow = @fgetcsv($resFile, null, $strSeparator)) !== false) { $arrRecipients = array_merge($arrRecipients, $arrRow); } $arrRecipients = array_filter(array_unique($arrRecipients)); foreach ($arrRecipients as $strRecipient) { // Skip invalid entries if (!\Validator::isEmail($strRecipient)) { $this->log('Recipient address "' . $strRecipient . '" seems to be invalid and has been skipped', __METHOD__, TL_ERROR); ++$intInvalid; continue; } // Check whether the e-mail address exists $objRecipient = $this->Database->prepare("SELECT COUNT(*) AS count FROM tl_newsletter_recipients WHERE pid=? AND email=?")->execute(\Input::get('id'), $strRecipient); if ($objRecipient->count < 1) { $this->Database->prepare("INSERT INTO tl_newsletter_recipients SET pid=?, tstamp={$time}, email=?, active=1")->execute(\Input::get('id'), $strRecipient); ++$intTotal; } } } \Message::addConfirmation(sprintf($GLOBALS['TL_LANG']['tl_newsletter_recipients']['confirm'], $intTotal)); if ($intInvalid > 0) { \Message::addInfo(sprintf($GLOBALS['TL_LANG']['tl_newsletter_recipients']['invalid'], $intInvalid)); } \System::setCookie('BE_PAGE_OFFSET', 0, 0); $this->reload(); } // Return form return ' <div id="tl_buttons"> <a href="' . ampersand(str_replace('&key=import', '', \Environment::get('request'))) . '" class="header_back" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a> </div> ' . \Message::generate() . ' <form action="' . ampersand(\Environment::get('request'), true) . '" id="tl_recipients_import" class="tl_form" method="post" enctype="multipart/form-data"> <div class="tl_formbody_edit"> <input type="hidden" name="FORM_SUBMIT" value="tl_recipients_import"> <input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '"> <input type="hidden" name="MAX_FILE_SIZE" value="' . \Config::get('maxFileSize') . '"> <div class="tl_tbox"> <h3><label for="separator">' . $GLOBALS['TL_LANG']['MSC']['separator'][0] . '</label></h3> <select name="separator" id="separator" class="tl_select" onfocus="Backend.getScrollOffset()"> <option value="comma">' . $GLOBALS['TL_LANG']['MSC']['comma'] . '</option> <option value="semicolon">' . $GLOBALS['TL_LANG']['MSC']['semicolon'] . '</option> <option value="tabulator">' . $GLOBALS['TL_LANG']['MSC']['tabulator'] . '</option> <option value="linebreak">' . $GLOBALS['TL_LANG']['MSC']['linebreak'] . '</option> </select>' . ($GLOBALS['TL_LANG']['MSC']['separator'][1] != '' ? ' <p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['MSC']['separator'][1] . '</p>' : '') . ' <h3>' . $GLOBALS['TL_LANG']['MSC']['source'][0] . '</h3>' . $objUploader->generateMarkup() . (isset($GLOBALS['TL_LANG']['MSC']['source'][1]) ? ' <p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['MSC']['source'][1] . '</p>' : '') . ' </div> </div> <div class="tl_formbody_submit"> <div class="tl_submit_container"> <input type="submit" name="save" id="save" class="tl_submit" accesskey="s" value="' . specialchars($GLOBALS['TL_LANG']['tl_newsletter_recipients']['import'][0]) . '"> </div> </div> </form>'; }
protected function commentsController() { $returnarray['error'] = $this->errorcode(0); $returnarray['changes'] = 1; $getTs = \Input::get($this->request['ts']); $getId = \Input::get($this->request['id']); $returnarray['ts'] = isset($getTs) ? $getTs : 0; if (isset($getId)) { if (\Input::get($this->request['action']) == 'add') { $comment = $_REQUEST[$this->request['comment']]; $name = $_REQUEST[$this->request['name']]; $email = $_REQUEST[$this->request['email']]; $key = $_REQUEST[$this->request['key']]; if (!$comment || $comment == "" || !$name || !$email) { $returnarray['error'] = $this->errorcode(30); } elseif (!\Validator::isEmail($email)) { $returnarray['error'] = $this->errorcode(31); } else { $ts = time(); $arrInsert = array('tstamp' => $ts, 'source' => 'tl_news', 'parent' => $getId, 'date' => $ts, 'name' => $name, 'email' => $email, 'comment' => trim($comment), 'published' => $this->settings['news_moderate'] == 1 ? 0 : 1, 'ip' => \Environment::get('remote_addr')); $objComment = new \CommentsModel(); $objComment->setRow($arrInsert)->save(); if ($objComment->id) { $strComment = $_REQUEST[$this->request['comment']]; $strComment = strip_tags($strComment); $strComment = \String::decodeEntities($strComment); $strComment = str_replace(array('[&]', '[lt]', '[gt]'), array('&', '<', '>'), $strComment); $objTemplate = new \FrontendTemplate('kommentar_email'); $objTemplate->name = $arrInsert['name'] . ' (' . $arrInsert['email'] . ')'; $objTemplate->comment = $strComment; $objTemplate->edit = \Idna::decode(\Environment::get('base')) . 'contao/main.php?do=comments&act=edit&id=' . $objComment->id; $objEmail = new \Email(); $objEmail->from = $GLOBALS['TL_ADMIN_EMAIL']; $objEmail->fromName = $GLOBALS['TL_ADMIN_NAME']; $objEmail->subject = sprintf($GLOBALS['TL_LANG']['MSC']['com_subject'], \Idna::decode(\Environment::get('host'))); $objEmail->text = $objTemplate->parse(); if ($GLOBALS['TL_ADMIN_EMAIL'] != '') { $objEmail->sendTo($GLOBALS['TL_ADMIN_EMAIL']); } $returnarray['error'] = $this->errorcode(0); $returnarray['ts'] = $ts; $returnarray['comment_id'] = $objComment->id; $returnarray['changes'] = 1; $returnarray['status'] = $this->settings['news_moderate'] == 1 ? 'Kommentar wird geprüft.' : "Kommentar veröffentlicht."; } else { $returnarray['error'] = $this->errorcode(31); } } } else { $post = $this->getComment($getId); if ($post['commentStatus'] == 'open') { $returnarray['comment_status'] = $post['commentStatus']; $returnarray['comments_count'] = $post['commentsCount']; $returnarray['REQUEST_TOKEN'] = REQUEST_TOKEN; if ($post['commentsCount'] > 0) { $pos = 0; foreach ($post['items'] as $comment) { $tempArray = array(); $tempArray['pos'] = ++$pos; $tempArray['id'] = $comment->id; $tempArray['text'] = strip_tags($comment->comment); $tempArray['timestamp'] = (int) $comment->date; if ($tempArray['timestamp'] > $returnarray['ts']) { $returnarray['ts'] = $tempArray['timestamp']; $returnarray['changes'] = 1; } $tempArray['datum'] = date('d.m.Y, H:i', $tempArray['timestamp']); $tempArray['author']['name'] = $comment->name; $tempArray['author']['id'] = "0"; $tempArray['author']['email'] = $comment->email; $tempArray['author']['img'] = ""; if ($comment->addReply) { $objUser = \UserModel::findByPk($comment->author); $tempArray['subitems'] = array(array('pos' => 1, 'id' => 1, 'parent_id' => $comment->id, 'text' => strip_tags($comment->reply), 'timestamp' => (int) $comment->tstamp, 'datum' => date('d.m.Y, H:i', $comment->tstamp), 'author' => array('name' => $objUser->name, 'id' => $objUser->id, 'email' => $objUser->email, 'img' => ""))); } $returnarray['items'][] = $tempArray; } if ($returnarray['changes'] != 1) { unset($returnarray['items']); } } } else { $returnarray['error'] = $this->errorcode(29); } } } else { $returnarray['error'] = $this->errorcode(15); } return array('comments' => $returnarray); }
protected function getValidDomainUsername() { $arrDomainList = $this->getDomainList(); $username = $_POST['username']; $domain = $_POST['domain']; if (\Validator::isEmail($username)) { $domain = substr($username, strpos($username, '@')); // remove domain $username = str_replace($domain, '', $username); } $domain = $arrDomainList[str_replace('@', '', $domain)]; if ($domain === null) { $_SESSION['LOGIN_ERROR'] = $GLOBALS['TL_LANG']['MSC']['invalidDomain']; return null; } // combine domain with username if ($domain !== null) { $username = $username . $domain; } return $username; }
<?php require_once 'inc/bootstrap.php'; if (!empty($_POST)) { $db = theApp::getDataBase(); $errors = array(); $validator = new Validator($_POST); $validator->isAlpha('username', 'Votre pseudo n\'est pas valide, il doit etre au format AlphaNumérique'); if ($validator->isValid()) { $validator->isUniq('username', $db, 'users', 'Ce pseudo est déjà utilisé'); } $validator->isEmail('email', 'Votre email n\'est pas valide'); if ($validator->isValid()) { $validator->isUniq('email', $db, 'users', 'Cet Email est deja utilisé pour un autre compte!'); } $validator->isConfirmPWD('password', 'Vos deux mots de passe ne sont pas les mêmes'); if ($validator->isValid()) { $auth = theApp::getAuth(); $auth->register($db, $_POST['username'], $_POST['password'], $_POST['email']); $session = Session::getInstance(); $session->setFlash('success', 'un email de confirmation vous a été envoyé!'); header('Location: login.php'); exit; } else { $errors = $validator->getErrors(); } } require 'inc/header.php'; ?> <h1>S'inscrire</h1>
private function notifiy($insertId) { $result = $this->Database->prepare('SELECT tl_shoutbox_entries.*, tl_shoutbox.email AS email, tl_member.username AS username, tl_member.email AS useremail FROM tl_shoutbox_entries, tl_shoutbox, tl_member WHERE tl_shoutbox_entries.id = ? AND tl_shoutbox_entries.member = tl_member.id AND tl_shoutbox_entries.pid = tl_shoutbox.id')->execute($insertId); if ($result->numRows != 1) { return false; } $data = (object) $result->row(); if (!\Validator::isEmail($data->email)) { return false; } // Convert the comment to plain text $strComment = \String::decodeEntities(strip_tags($data->entry)); $strComment = str_replace(array('[&]', '[lt]', '[gt]'), array('&', '<', '>'), $strComment); $objEmail = new \Email(); $objEmail->from = $GLOBALS['TL_ADMIN_EMAIL']; $objEmail->fromName = $GLOBALS['TL_ADMIN_NAME']; $objEmail->subject = "New shoutbox entry from " . $data->username . ' (' . $data->useremail . ')'; // Add comment details $objEmail->text = sprintf($GLOBALS['TL_LANG']['MSC']['com_message'], $data->username . ' (' . $data->useremail . ')', $strComment, \Environment::get('base') . \Environment::get('request'), \Environment::get('base') . 'contao/main.php?do=shoutbox&table=tl_shoutbox_entries&id=' . $data->pid); $objEmail->sendTo($data->email); return true; }
/** * Validate e-mail addresses in the comma separated list * @param mixed * @param \DataContainer * @return mixed * @throws \Exception */ public function validateEmailList($varValue, \DataContainer $dc) { if ($varValue != '') { $chunks = trimsplit(',', $varValue); foreach ($chunks as $chunk) { // Skip string with tokens or inserttags if (strpos($chunk, '##') !== false || strpos($chunk, '{{') !== false || strpos($chunk, '{if') !== false) { continue; } if (!\Validator::isEmail($chunk)) { throw new \Exception($GLOBALS['TL_LANG']['ERR']['emails']); } } } return $varValue; }
/** * * @param type $arrSubmitted * @param type $arrLabels * @param type $objForm */ public function emailNearestStore(&$arrSubmitted, $arrLabels, $objForm) { if ($objForm->anystores_emailNearestStore == 1) { // if there is no postal field if (!strlen($arrSubmitted['postal'])) { \System::log("No postal field for email nearest store", __METHOD__, TL_ERROR); return; } $arrSearch[] = $arrSubmitted['street'] ?: null; $arrSearch[] = $arrSubmitted['postal'] ?: null; $arrSearch[] = $arrSubmitted['city'] ?: null; $arrSearch[] = $arrSubmitted['country'] ?: null; // drop empty arrays $arrSearch = array_filter($arrSearch, 'count'); // query string $strSearch = implode(', ', $arrSearch); $objStore = AnyStoresModel::findPublishedByAdressAndCountryAndCategory($strSearch, null, deserialize($objForm->anystores_categories), 1); if (!$objStore) { \System::log("No store found for email", __METHOD__, TL_ERROR); return; } if (\Validator::isEmail($objStore->email)) { // legagy contao $objForm->recipient .= ',' . $objStore->email; // efg $objForm->formattedMailRecipient .= ',' . $objStore->email; } } }
/** * Create an admin user */ protected function createAdminUser() { try { $objAdmin = $this->Database->execute("SELECT COUNT(*) AS count FROM tl_user WHERE admin=1"); if ($objAdmin->count > 0) { $this->Template->adminCreated = true; } elseif (\Input::post('FORM_SUBMIT') == 'tl_admin') { // Do not allow special characters in usernames if (preg_match('/[#()\\/<=>]/', \Input::post('username', true))) { $this->Template->usernameError = $GLOBALS['TL_LANG']['ERR']['extnd']; } elseif (strpos(\Input::post('username', true), ' ') !== false) { $this->Template->usernameError = sprintf($GLOBALS['TL_LANG']['ERR']['noSpace'], $GLOBALS['TL_LANG']['MSC']['username']); } elseif (!\Validator::isEmail(\Input::post('email', true))) { $this->Template->emailError = $GLOBALS['TL_LANG']['ERR']['email']; } elseif (\Input::post('pass', true) != \Input::post('confirm_pass', true)) { $this->Template->passwordError = $GLOBALS['TL_LANG']['ERR']['passwordMatch']; } elseif (utf8_strlen(\Input::post('pass', true)) < \Config::get('minPasswordLength')) { $this->Template->passwordError = sprintf($GLOBALS['TL_LANG']['ERR']['passwordLength'], \Config::get('minPasswordLength')); } elseif (\Input::post('pass', true) == \Input::post('username', true)) { $this->Template->passwordError = $GLOBALS['TL_LANG']['ERR']['passwordName']; } elseif (\Input::post('name') != '' && \Input::post('email', true) != '' && \Input::post('username', true) != '') { $time = time(); $strPassword = \Encryption::hash(\Input::post('pass', true)); $this->Database->prepare("INSERT INTO tl_user (tstamp, name, email, username, password, language, backendTheme, admin, showHelp, useRTE, useCE, thumbnails, dateAdded) VALUES ({$time}, ?, ?, ?, ?, ?, ?, 1, 1, 1, 1, 1, {$time})")->execute(\Input::post('name'), \Input::post('email', true), \Input::post('username', true), $strPassword, str_replace('-', '_', $GLOBALS['TL_LANGUAGE']), \Config::get('backendTheme')); \Config::persist('adminEmail', \Input::post('email', true)); // Scan the upload folder (see #6134) if ($this->Database->tableExists('tl_files') && $this->Database->query("SELECT COUNT(*) AS count FROM tl_files")->count < 1) { $this->import('Database\\Updater', 'Updater'); $this->Updater->scanUploadFolder(); } $this->reload(); } $this->Template->adminName = \Input::post('name'); $this->Template->adminEmail = \Input::post('email', true); $this->Template->adminUser = \Input::post('username', true); } } catch (\Exception $e) { $this->Template->adminCreated = false; } }
/** * Remove the recipient */ protected function removeRecipient() { $arrChannels = \Input::post('channels'); if (!is_array($arrChannels)) { $_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['noChannels']; $this->reload(); } $arrChannels = array_intersect($arrChannels, $this->nl_channels); // see #3240 // Check the selection if (!is_array($arrChannels) || empty($arrChannels)) { $_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['noChannels']; $this->reload(); } $varInput = \Idna::encodeEmail(\Input::post('email', true)); // Validate e-mail address if (!\Validator::isEmail($varInput)) { $_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['email']; $this->reload(); } $arrSubscriptions = array(); // Get the existing active subscriptions if (($objSubscription = \NewsletterRecipientsModel::findBy(array("email=? AND active=1"), $varInput)) !== null) { $arrSubscriptions = $objSubscription->fetchEach('pid'); } $arrRemove = array_intersect($arrChannels, $arrSubscriptions); // Return if there are no subscriptions to remove if (!is_array($arrRemove) || empty($arrRemove)) { $_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['unsubscribed']; $this->reload(); } // Remove the subscriptions if (($objRemove = \NewsletterRecipientsModel::findByEmailAndPids($varInput, $arrRemove)) !== null) { while ($objRemove->next()) { $objRemove->delete(); } } // Get the channels $objChannels = \NewsletterChannelModel::findByIds($arrRemove); $arrChannels = $objChannels->fetchEach('title'); // HOOK: post unsubscribe callback if (isset($GLOBALS['TL_HOOKS']['removeRecipient']) && is_array($GLOBALS['TL_HOOKS']['removeRecipient'])) { foreach ($GLOBALS['TL_HOOKS']['removeRecipient'] as $callback) { $this->import($callback[0]); $this->{$callback[0]}->{$callback[1]}($varInput, $arrRemove); } } // Prepare the simple token data $arrData = array(); $arrData['domain'] = \Idna::decode(\Environment::get('host')); $arrData['channel'] = $arrData['channels'] = implode("\n", $arrChannels); // Confirmation e-mail $objEmail = new \Email(); $objEmail->from = $GLOBALS['TL_ADMIN_EMAIL']; $objEmail->fromName = $GLOBALS['TL_ADMIN_NAME']; $objEmail->subject = sprintf($GLOBALS['TL_LANG']['MSC']['nl_subject'], \Idna::decode(\Environment::get('host'))); $objEmail->text = \StringUtil::parseSimpleTokens($this->nl_unsubscribe, $arrData); $objEmail->sendTo($varInput); // Redirect to the jumpTo page if ($this->jumpTo && ($objTarget = $this->objModel->getRelated('jumpTo')) !== null) { /** @var \PageModel $objTarget */ $this->redirect($objTarget->getFrontendUrl()); } $_SESSION['UNSUBSCRIBE_CONFIRM'] = $GLOBALS['TL_LANG']['MSC']['nl_removed']; $this->reload(); }