public final function validated()
{
$okay = true;
if (trim($this->agentId) == "") {
$this->setError("Agent id not set or there is an error during the submission of the form contact administrator");
$okay = false;
} else {
if (!Validator::isEmail($this->email)) {
$this->setError("Enter a valid email address");
$okay = false;
} else {
if (!Validator::isWord($this->firstname) || strlen(trim($this->firstname)) <= 2) {
$this->setError("Enter a valid firstname!");
$okay = false;
} else {
if (!Validator::isWord($this->lastname) || strlen(trim($this->lastname)) <= 2) {
$this->setError("Enter a valid lastname!");
$okay = false;
} else {
if (!Validator::isNumber($this->phonenumber)) {
$this->setError("Enter a valid phone number e.g +44(0)7765441232!");
$okay = false;
} else {
if (strlen(trim($this->password)) < 6) {
$this->setError("Enter a valid password that is more than 5 character!");
$okay = false;
}
}
}
}
}
}
return $okay;
}
private function validate(User $user)
{
$okay = false;
if ($user == null) {
return $okay;
}
if (!Validator::isEmail($user->getEmail())) {
$email = $user->getEmail();
if ($email == "" || $email == null) {
$this->message = "User email address required";
} else {
$this->message = "Invalid email[{$email}] entry";
}
} elseif (!Validator::IsWord($user->getFullname())) {
$fullname = $user->getFullname();
if ($fullname == null || $fullname == "") {
$this->message = "User fullname is required!";
} else {
$this->message = "Enter a valid user name ";
}
} else {
if (Validator::IsWord($user->getGender())) {
$this->message = "Enter your gender";
} else {
$okay = true;
}
}
return $okay;
}
public function test_isEmail()
{
$arrEmails = array('*****@*****.**' => true, 'test@test.c' => false, 'test@test.' => false, 'test@test' => false, 'test@' => false, 'test' => false, Idna::encodeEmail('test@tèst.ch') => true);
foreach ($arrEmails as $strAddress => $blnValidity) {
$this->assertEquals(Validator::isEmail($strAddress), $blnValidity);
}
}
/**
* This Hook provides case-insensitive contao-login by email usernames
*
* RFC 5321, section-2.3.11 says that email addresses should be treated as case-insensitive
*
* @param $strUser
* @param $strPassword
* @param $strTable
*
* @return bool
*/
public function importUserHook($strUser, $strPassword, $strTable)
{
if (!\Validator::isEmail($strUser)) {
return false;
}
switch ($strTable) {
case 'tl_member':
$objUser = \FrontendUser::getInstance();
if ($objUser->findBy('LOWER(username)', strtolower($strUser)) !== false) {
// set post user name to the users username
\Input::setPost('username', $objUser->username);
return true;
}
break;
}
return false;
}
/**
* Store Login Module ID in Session, required by LdapAuth (Module config)
* @return string
*/
public function generate()
{
// Login
if (\Input::post('FORM_SUBMIT') == 'tl_login') {
if (\Input::post('username', true) && \Input::post('password', true)) {
$objMember = \MemberModel::findBy('username', \Input::post('username', true));
if ($objMember !== null) {
// always reset the password to a random value, otherwise checkCredentialsHook will never be triggered
LdapMember::resetPassword($objMember, \Input::post('username', true));
}
}
// validate email
if ($GLOBALS['TL_CONFIG']['ldap_uid'] == 'mail' && !\Validator::isEmail(\Input::post('username', true))) {
\Message::addError($GLOBALS['TL_LANG']['ERR']['email']);
$this->reload();
}
}
$strParent = parent::generate();
return $strParent;
}
/**
* Renturn a form to choose an existing style sheet and import it
* @param \DataContainer
* @return string
*/
public function send(\DataContainer $objDc)
{
if (TL_MODE == 'BE') {
$GLOBALS['TL_CSS'][] = 'system/modules/newsletter_content/assets/css/style.css';
if ($this->isFlexible) {
$GLOBALS['TL_CSS'][] = 'system/modules/newsletter_content/assets/css/style-flexible.css';
}
}
$objNewsletter = $this->Database->prepare("SELECT n.*, c.useSMTP, c.smtpHost, c.smtpPort, c.smtpUser, c.smtpPass FROM tl_newsletter n LEFT JOIN tl_newsletter_channel c ON n.pid=c.id WHERE n.id=?")->limit(1)->execute($objDc->id);
// Return if there is no newsletter
if ($objNewsletter->numRows < 1) {
return '';
}
// Overwrite the SMTP configuration
if ($objNewsletter->useSMTP) {
$GLOBALS['TL_CONFIG']['useSMTP'] = true;
$GLOBALS['TL_CONFIG']['smtpHost'] = $objNewsletter->smtpHost;
$GLOBALS['TL_CONFIG']['smtpUser'] = $objNewsletter->smtpUser;
$GLOBALS['TL_CONFIG']['smtpPass'] = $objNewsletter->smtpPass;
$GLOBALS['TL_CONFIG']['smtpEnc'] = $objNewsletter->smtpEnc;
$GLOBALS['TL_CONFIG']['smtpPort'] = $objNewsletter->smtpPort;
}
// Add default sender address
if ($objNewsletter->sender == '') {
list($objNewsletter->senderName, $objNewsletter->sender) = \String::splitFriendlyEmail($GLOBALS['TL_CONFIG']['adminEmail']);
}
$arrAttachments = array();
$blnAttachmentsFormatError = false;
// Add attachments
if ($objNewsletter->addFile) {
$files = deserialize($objNewsletter->files);
if (!empty($files) && is_array($files)) {
$objFiles = \FilesModel::findMultipleByUuids($files);
if ($objFiles === null) {
if (!\Validator::isUuid($files[0])) {
$blnAttachmentsFormatError = true;
\Message::addError($GLOBALS['TL_LANG']['ERR']['version2format']);
}
} else {
while ($objFiles->next()) {
if (is_file(TL_ROOT . '/' . $objFiles->path)) {
$arrAttachments[] = $objFiles->path;
}
}
}
}
}
// Get content
$html = '';
$objContentElements = \ContentModel::findPublishedByPidAndTable($objNewsletter->id, 'tl_newsletter');
if ($objContentElements !== null) {
if (!defined('NEWSLETTER_CONTENT_PREVIEW')) {
define('NEWSLETTER_CONTENT_PREVIEW', true);
}
while ($objContentElements->next()) {
$html .= $this->getContentElement($objContentElements->id);
}
}
// Replace insert tags
$text = $this->replaceInsertTags($objNewsletter->text);
$html = $this->replaceInsertTags($html);
// Convert relative URLs
$html = $this->convertRelativeUrls($html);
// Set back to object
$objNewsletter->content = $html;
// Send newsletter
if (!$blnAttachmentsFormatError && \Input::get('token') != '' && \Input::get('token') == $this->Session->get('tl_newsletter_send')) {
$referer = preg_replace('/&(amp;)?(start|mpc|token|recipient|preview)=[^&]*/', '', \Environment::get('request'));
// Preview
if (isset($_GET['preview'])) {
// Check the e-mail address
if (!\Validator::isEmail(\Input::get('recipient', true))) {
$_SESSION['TL_PREVIEW_MAIL_ERROR'] = true;
$this->redirect($referer);
}
// get preview recipient
$arrRecipient = array();
$strEmail = urldecode(\Input::get('recipient', true));
$objRecipient = $this->Database->prepare("SELECT * FROM tl_member m WHERE email=? ORDER BY email")->limit(1)->execute($strEmail);
if ($objRecipient->num_rows < 1) {
$arrRecipient['email'] = $strEmail;
} else {
$arrRecipient = $objRecipient->row();
}
$arrRecipient = array_merge($arrRecipient, array('extra' => '&preview=1', 'tracker_png' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $strEmail . '&preview=1&t=png', 'tracker_gif' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $strEmail . '&preview=1&t=gif', 'tracker_css' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $strEmail . '&preview=1&t=css', 'tracker_js' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $strEmail . '&preview=1&t=js'));
// Send
$objEmail = $this->generateEmailObject($objNewsletter, $arrAttachments);
$objNewsletter->email = $strEmail;
$this->sendNewsletter($objEmail, $objNewsletter, $arrRecipient, $text, $html);
// Redirect
\Message::addConfirmation(sprintf($GLOBALS['TL_LANG']['tl_newsletter']['confirm'], 1));
$this->redirect($referer);
}
// Get the total number of recipients
$objTotal = $this->Database->prepare("SELECT COUNT(DISTINCT email) AS count FROM tl_newsletter_recipients WHERE pid=? AND active=1")->execute($objNewsletter->pid);
// Return if there are no recipients
if ($objTotal->count < 1) {
$this->Session->set('tl_newsletter_send', null);
\Message::addError($GLOBALS['TL_LANG']['tl_newsletter']['error']);
$this->redirect($referer);
}
$intTotal = $objTotal->count;
// Get page and timeout
$intTimeout = \Input::get('timeout') > 0 ? \Input::get('timeout') : 1;
$intStart = \Input::get('start') ? \Input::get('start') : 0;
$intPages = \Input::get('mpc') ? \Input::get('mpc') : 10;
// Get recipients
$objRecipients = $this->Database->prepare("SELECT *, r.email FROM tl_newsletter_recipients r LEFT JOIN tl_member m ON(r.email=m.email) WHERE r.pid=? AND r.active=1 GROUP BY r.email ORDER BY r.email")->limit($intPages, $intStart)->execute($objNewsletter->pid);
echo '<div style="font-family:Verdana,sans-serif;font-size:11px;line-height:16px;margin-bottom:12px">';
// Send newsletter
if ($objRecipients->numRows > 0) {
// Update status
if ($intStart == 0) {
$this->Database->prepare("UPDATE tl_newsletter SET sent=1, date=? WHERE id=?")->execute(time(), $objNewsletter->id);
$_SESSION['REJECTED_RECIPIENTS'] = array();
}
while ($objRecipients->next()) {
$objEmail = $this->generateEmailObject($objNewsletter, $arrAttachments);
$objNewsletter->email = $objRecipients->email;
$arrRecipient = array_merge($objRecipients->row(), array('tracker_png' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $objRecipients->email . '&t=png', 'tracker_gif' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $objRecipients->email . '&t=gif', 'tracker_css' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $objRecipients->email . '&t=css', 'tracker_js' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $objRecipients->email . '&t=js'));
$this->sendNewsletter($objEmail, $objNewsletter, $arrRecipient, $text, $html);
echo 'Sending newsletter to <strong>' . $objRecipients->email . '</strong><br>';
}
}
echo '<div style="margin-top:12px">';
// Redirect back home
if ($objRecipients->numRows < 1 || $intStart + $intPages >= $intTotal) {
$this->Session->set('tl_newsletter_send', null);
// Deactivate rejected addresses
if (!empty($_SESSION['REJECTED_RECIPIENTS'])) {
$intRejected = count($_SESSION['REJECTED_RECIPIENTS']);
\Message::addInfo(sprintf($GLOBALS['TL_LANG']['tl_newsletter']['rejected'], $intRejected));
$intTotal -= $intRejected;
foreach ($_SESSION['REJECTED_RECIPIENTS'] as $strRecipient) {
$this->Database->prepare("UPDATE tl_newsletter_recipients SET active='' WHERE email=?")->execute($strRecipient);
$this->log('Recipient address "' . $strRecipient . '" was rejected and has been deactivated', __METHOD__, TL_ERROR);
}
}
$this->Database->prepare("UPDATE tl_newsletter SET recipients=?, rejected=? WHERE id=?")->execute($intTotal, $intRejected, $objNewsletter->id);
\Message::addConfirmation(sprintf($GLOBALS['TL_LANG']['tl_newsletter']['confirm'], $intTotal));
echo '<script>setTimeout(\'window.location="' . \Environment::get('base') . $referer . '"\',1000)</script>';
echo '<a href="' . \Environment::get('base') . $referer . '">Please click here to proceed if you are not using JavaScript</a>';
} else {
$url = preg_replace('/&(amp;)?(start|mpc|recipient)=[^&]*/', '', \Environment::get('request')) . '&start=' . ($intStart + $intPages) . '&mpc=' . $intPages;
echo '<script>setTimeout(\'window.location="' . \Environment::get('base') . $url . '"\',' . $intTimeout * 1000 . ')</script>';
echo '<a href="' . \Environment::get('base') . $url . '">Please click here to proceed if you are not using JavaScript</a>';
}
echo '</div></div>';
exit;
}
$strToken = md5(uniqid(mt_rand(), true));
$this->Session->set('tl_newsletter_send', $strToken);
$sprintf = $objNewsletter->senderName != '' ? $objNewsletter->senderName . ' <%s>' : '%s';
$this->import('BackendUser', 'User');
// prepare preview
$preview = $text;
if (!$objNewsletter->sendText) {
// Default template
if ($objNewsletter->template == '') {
$objNewsletter->template = 'mail_default';
}
// Load the mail template
$objTemplate = new \BackendTemplate($objNewsletter->template);
$objTemplate->setData($objNewsletter->row());
$objTemplate->title = $objNewsletter->subject;
$objTemplate->body = $html;
$objTemplate->charset = $GLOBALS['TL_CONFIG']['characterSet'];
$objTemplate->css = $css;
// Backwards compatibility
// Parse template
$preview = $objTemplate->parse();
}
// Replace inserttags
$arrName = explode(' ', $this->User->name);
$preview = $this->replaceInsertTags($preview);
$preview = $this->prepareLinkTracking($preview, $objNewsletter->id, $this->User->email, '&preview=1');
$preview = $this->parseSimpleTokens($preview, array('firstname' => $arrName[0], 'lastname' => $arrName[sizeof($arrName) - 1], 'street' => 'Königsbrücker Str. 9', 'postal' => '01099', 'city' => 'Dresden', 'phone' => '0351 30966184', 'email' => $this->User->email, 'tracker_png' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $this->User->email . '&preview=1&t=png', 'tracker_gif' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $this->User->email . '&preview=1&t=gif', 'tracker_css' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $this->User->email . '&preview=1&t=css', 'tracker_js' => \Environment::get('base') . 'tracking/?n=' . $objNewsletter->id . '&e=' . $this->User->email . '&preview=1&t=js'));
// Create cache folder
if (!file_exists(TL_ROOT . '/system/cache/newsletter')) {
mkdir(TL_ROOT . '/system/cache/newsletter');
file_put_contents(TL_ROOT . '/system/cache/newsletter/.htaccess', '<IfModule !mod_authz_core.c>
Order allow,deny
Allow from all
</IfModule>
<IfModule mod_authz_core.c>
Require all granted
</IfModule>');
}
// Cache preview
file_put_contents(TL_ROOT . '/system/cache/newsletter/' . $objNewsletter->alias . '.html', preg_replace('/^\\s+|\\n|\\r|\\s+$/m', '', $preview));
// Preview newsletter
$return = '
<div id="tl_buttons">
<a href="' . $this->getReferer(true) . '" class="header_back" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a>
</div>
<h2 class="sub_headline">' . sprintf($GLOBALS['TL_LANG']['tl_newsletter']['send'][1], $objNewsletter->id) . '</h2>
' . \Message::generate() . '
<form action="' . ampersand(\Environment::get('script'), true) . '" id="tl_newsletter_send" class="tl_form" method="get">
<div class="tl_formbody_edit tl_newsletter_send">
<input type="hidden" name="do" value="' . \Input::get('do') . '">
<input type="hidden" name="table" value="' . \Input::get('table') . '">
<input type="hidden" name="key" value="' . \Input::get('key') . '">
<input type="hidden" name="id" value="' . \Input::get('id') . '">
<input type="hidden" name="token" value="' . $strToken . '">
<table class="prev_header">
<tr class="row_0">
<td class="col_0">' . $GLOBALS['TL_LANG']['tl_newsletter']['from'] . '</td>
<td class="col_1">' . sprintf($sprintf, $objNewsletter->sender) . '</td>
</tr>
<tr class="row_1">
<td class="col_0">' . $GLOBALS['TL_LANG']['tl_newsletter']['subject'][0] . '</td>
<td class="col_1">' . $objNewsletter->subject . '</td>
</tr>
<tr class="row_2">
<td class="col_0">' . $GLOBALS['TL_LANG']['tl_newsletter']['template'][0] . '</td>
<td class="col_1">' . $objNewsletter->template . '</td>
</tr>' . (!empty($arrAttachments) && is_array($arrAttachments) ? '
<tr class="row_3">
<td class="col_0">' . $GLOBALS['TL_LANG']['tl_newsletter']['attachments'] . '</td>
<td class="col_1">' . implode(', ', $arrAttachments) . '</td>
</tr>' : '') . '
</table>' . (!$objNewsletter->sendText ? '
<iframe class="preview_html" id="preview_html" seamless border="0" width="703px" height="503px" style="padding:0" src="system/cache/newsletter/' . $objNewsletter->alias . '.html"></iframe>
' : '') . '
<div class="preview_text">
' . nl2br_html5($text) . '
</div>
<div class="tl_tbox">
<div class="w50">
<h3><label for="ctrl_mpc">' . $GLOBALS['TL_LANG']['tl_newsletter']['mailsPerCycle'][0] . '</label></h3>
<input type="text" name="mpc" id="ctrl_mpc" value="10" class="tl_text" onfocus="Backend.getScrollOffset()">' . ($GLOBALS['TL_LANG']['tl_newsletter']['mailsPerCycle'][1] && $GLOBALS['TL_CONFIG']['showHelp'] ? '
<p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['tl_newsletter']['mailsPerCycle'][1] . '</p>' : '') . '
</div>
<div class="w50">
<h3><label for="ctrl_timeout">' . $GLOBALS['TL_LANG']['tl_newsletter']['timeout'][0] . '</label></h3>
<input type="text" name="timeout" id="ctrl_timeout" value="1" class="tl_text" onfocus="Backend.getScrollOffset()">' . ($GLOBALS['TL_LANG']['tl_newsletter']['timeout'][1] && $GLOBALS['TL_CONFIG']['showHelp'] ? '
<p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['tl_newsletter']['timeout'][1] . '</p>' : '') . '
</div>
<div class="w50">
<h3><label for="ctrl_start">' . $GLOBALS['TL_LANG']['tl_newsletter']['start'][0] . '</label></h3>
<input type="text" name="start" id="ctrl_start" value="0" class="tl_text" onfocus="Backend.getScrollOffset()">' . ($GLOBALS['TL_LANG']['tl_newsletter']['start'][1] && $GLOBALS['TL_CONFIG']['showHelp'] ? '
<p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['tl_newsletter']['start'][1] . '</p>' : '') . '
</div>
<div class="w50">
<h3><label for="ctrl_recipient">' . $GLOBALS['TL_LANG']['tl_newsletter']['sendPreviewTo'][0] . '</label></h3>
<input type="text" name="recipient" id="ctrl_recipient" value="' . $this->User->email . '" class="tl_text" onfocus="Backend.getScrollOffset()">' . (isset($_SESSION['TL_PREVIEW_MAIL_ERROR']) ? '
<div class="tl_error">' . $GLOBALS['TL_LANG']['ERR']['email'] . '</div>' : ($GLOBALS['TL_LANG']['tl_newsletter']['sendPreviewTo'][1] && $GLOBALS['TL_CONFIG']['showHelp'] ? '
<p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['tl_newsletter']['sendPreviewTo'][1] . '</p>' : '')) . '
</div>
<div class="clear"></div>
</div>
</div>';
// Do not send the newsletter if there is an attachment format error
if (!$blnAttachmentsFormatError) {
$return .= '
<div class="tl_formbody_submit">
<div class="tl_submit_container">
<input type="submit" name="preview" class="tl_submit" accesskey="p" value="' . specialchars($GLOBALS['TL_LANG']['tl_newsletter']['preview']) . '">
<input type="submit" id="send" class="tl_submit" accesskey="s" value="' . specialchars($GLOBALS['TL_LANG']['tl_newsletter']['send'][0]) . '" onclick="return confirm(\'' . str_replace("'", "\\'", $GLOBALS['TL_LANG']['tl_newsletter']['sendConfirm']) . '\')">
</div>
</div>';
}
$return .= '
</form>';
unset($_SESSION['TL_PREVIEW_MAIL_ERROR']);
return $return;
}
if($validator->isValid()) {
$auth->avatar($db, $user_id, $avatar);
move_uploaded_file($_FILES['avatar']['tmp_name'], $avatar);
$info_user->avatar = $avatar;
}
else {
$errors = $validator->getErrors();
}*/
if (isset($_POST['email_modif'])) {
$validator = new Validator($_POST);
if (!empty($_POST['pass']) && !empty($_POST['email'])) {
$pass = $_POST['pass'];
$password = $auth->hashPassword($pass);
$email = htmlspecialchars($_POST['email']);
if ($password == $info_user->password) {
$validator->isEmail('email', "Votre email n'est pas valide");
if ($validator->isValid()) {
$validator->isUniq('email', $db, 'users', 'Cet email est déjà utilisé pour un autre compte');
}
if ($validator->isValid()) {
$db->query('UPDATE users SET email = ? WHERE id_user = ?', [$email, $user_id]);
$_SESSION['flash']['success'] = "Votre email a bien été mis à jour";
$info_user->email = $email;
} else {
$errors = $validator->getErrors();
}
} else {
$_SESSION['flash']['danger'] = "Erreur dans le mot de passs actuel";
}
} else {
$_SESSION['flash']['danger'] = "Veuillez remplir tous les champs";
/**
* Remove the recipient
*/
protected function removeRecipient()
{
$arrChannels = \Input::post('channels');
$arrChannels = array_intersect($arrChannels, $this->nl_channels);
// see #3240
// Check the selection
if (!is_array($arrChannels) || empty($arrChannels)) {
$_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['noChannels'];
$this->reload();
}
$varInput = \Idna::encodeEmail(\Input::post('email', true));
// Validate e-mail address
if (!\Validator::isEmail($varInput)) {
$_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['email'];
$this->reload();
}
$arrSubscriptions = array();
// Get the existing active subscriptions
if (($objSubscription = \NewsletterRecipientsModel::findBy(array("email=? AND active=1"), $varInput)) !== null) {
$arrSubscriptions = $objSubscription->fetchEach('pid');
}
$arrRemove = array_intersect($arrChannels, $arrSubscriptions);
// Return if there are no subscriptions to remove
if (!is_array($arrRemove) || empty($arrRemove)) {
$_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['unsubscribed'];
$this->reload();
}
// Remove the subscriptions
if (($objRemove = \NewsletterRecipientsModel::findByEmailAndPids($varInput, $arrRemove)) !== null) {
while ($objRemove->next()) {
$objRemove->delete();
}
}
// Get the channels
$objChannels = \NewsletterChannelModel::findByIds($arrRemove);
$arrChannels = $objChannels->fetchEach('title');
// Log activity
$this->log($varInput . ' unsubscribed from ' . implode(', ', $arrChannels), 'ModuleUnsubscribe removeRecipient()', TL_NEWSLETTER);
// HOOK: post unsubscribe callback
if (isset($GLOBALS['TL_HOOKS']['removeRecipient']) && is_array($GLOBALS['TL_HOOKS']['removeRecipient'])) {
foreach ($GLOBALS['TL_HOOKS']['removeRecipient'] as $callback) {
$this->import($callback[0]);
$this->{$callback}[0]->{$callback}[1]($varInput, $arrRemove);
}
}
// Prepare the e-mail text
$strText = str_replace('##domain##', \Environment::get('host'), $this->nl_unsubscribe);
$strText = str_replace(array('##channel##', '##channels##'), implode("\n", $arrChannels), $strText);
// Confirmation e-mail
$objEmail = new \Email();
$objEmail->from = $GLOBALS['TL_ADMIN_EMAIL'];
$objEmail->fromName = $GLOBALS['TL_ADMIN_NAME'];
$objEmail->subject = sprintf($GLOBALS['TL_LANG']['MSC']['nl_subject'], \Environment::get('host'));
$objEmail->text = $strText;
$objEmail->sendTo($varInput);
// Redirect to the jumpTo page
if ($this->jumpTo && ($objTarget = $this->objModel->getRelated('jumpTo')) !== null) {
$this->redirect($this->generateFrontendUrl($objTarget->row()));
}
$_SESSION['UNSUBSCRIBE_CONFIRM'] = $GLOBALS['TL_LANG']['MSC']['nl_removed'];
$this->reload();
}
/**
* Set the Return-Path property.
* @param string $address The email address.
*/
public function setReturnPath($address)
{
$this->prepareAddr($address);
if (!Validator::isEmail($address)) {
throw new EmailException(array("Email address '%s' is invalid.", $address));
}
$this->returnPath = $address;
}
/**
* Add a new recipient
*/
protected function addRecipient()
{
if (!\Environment::get('isAjaxRequest')) {
return parent::addRecipient();
}
$arrChannels = \Input::post('channels');
if (!is_array($arrChannels)) {
$_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['noChannels'];
return false;
}
$arrChannels = array_intersect($arrChannels, $this->nl_channels);
// see #3240
// Check the selection
if (!is_array($arrChannels) || empty($arrChannels)) {
$_SESSION['SUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['noChannels'];
return false;
}
$varInput = \Idna::encodeEmail(\Input::post('email', true));
// Validate the e-mail address
if (!\Validator::isEmail($varInput)) {
$_SESSION['SUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['email'];
return false;
}
$arrSubscriptions = array();
// Get the existing active subscriptions
if (($objSubscription = \NewsletterRecipientsModel::findBy(array("email=? AND active=1"), $varInput)) !== null) {
$arrSubscriptions = $objSubscription->fetchEach('pid');
}
$arrNew = array_diff($arrChannels, $arrSubscriptions);
// Return if there are no new subscriptions
if (!is_array($arrNew) || empty($arrNew)) {
$_SESSION['SUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['subscribed'];
return false;
}
// Remove old subscriptions that have not been activated yet
if (($objOld = \NewsletterRecipientsModel::findBy(array("email=? AND active=''"), $varInput)) !== null) {
while ($objOld->next()) {
$objOld->delete();
}
}
$time = time();
$strToken = md5(uniqid(mt_rand(), true));
// Add the new subscriptions
foreach ($arrNew as $id) {
$objRecipient = new \NewsletterRecipientsModel();
$objRecipient->pid = $id;
$objRecipient->tstamp = $time;
$objRecipient->email = $varInput;
$objRecipient->active = '';
$objRecipient->addedOn = $time;
$objRecipient->ip = $this->anonymizeIp(\Environment::get('ip'));
$objRecipient->token = $strToken;
$objRecipient->confirmed = '';
$objRecipient->save();
}
// Get the channels
$objChannel = \NewsletterChannelModel::findByIds($arrChannels);
// Prepare the e-mail text
$strText = str_replace('##token##', $strToken, $this->nl_subscribe);
$strText = str_replace('##domain##', \Idna::decode(\Environment::get('host')), $strText);
$strText = str_replace('##link##', \Idna::decode(\Environment::get('base')) . \Environment::get('request') . (\Config::get('disableAlias') || strpos(\Environment::get('request'), '?') !== false ? '&' : '?') . 'token=' . $strToken, $strText);
$strText = str_replace(array('##channel##', '##channels##'), implode("\n", $objChannel->fetchEach('title')), $strText);
// Activation e-mail
$objEmail = new \Email();
$objEmail->from = $GLOBALS['TL_ADMIN_EMAIL'];
$objEmail->fromName = $GLOBALS['TL_ADMIN_NAME'];
$objEmail->subject = sprintf($GLOBALS['TL_LANG']['MSC']['nl_subject'], \Idna::decode(\Environment::get('host')));
$objEmail->text = $strText;
$objEmail->sendTo($varInput);
// Redirect to the jumpTo page
if ($this->jumpTo && ($objTarget = $this->objModel->getRelated('jumpTo')) !== null) {
$this->redirect($this->generateFrontendUrl($objTarget->row()));
}
$_SESSION['SUBSCRIBE_CONFIRM'] = $GLOBALS['TL_LANG']['MSC']['nl_confirm'];
return true;
}
/**
* Validate an e-mail address
*
* @param string $strEmail The e-mail address
*
* @return boolean True if it is a valid e-mail address
*
* @deprecated Use Validator::isEmail() instead
*/
protected function isValidEmailAddress($strEmail)
{
return \Validator::isEmail($strEmail);
}
/**
* Recursively validate an input variable
*
* @param mixed $varInput The user input
*
* @return mixed The original or modified user input
*/
protected function validator($varInput)
{
if (is_array($varInput)) {
foreach ($varInput as $k => $v) {
$varInput[$k] = $this->validator($v);
}
return $varInput;
}
if (!$this->doNotTrim) {
$varInput = trim($varInput);
}
if ($varInput == '') {
if (!$this->mandatory) {
return '';
} else {
if ($this->strLabel == '') {
$this->addError($GLOBALS['TL_LANG']['ERR']['mdtryNoLabel']);
} else {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['mandatory'], $this->strLabel));
}
}
}
if ($this->minlength && $varInput != '' && utf8_strlen($varInput) < $this->minlength) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['minlength'], $this->strLabel, $this->minlength));
}
if ($this->maxlength && $varInput != '' && utf8_strlen($varInput) > $this->maxlength) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['maxlength'], $this->strLabel, $this->maxlength));
}
if ($this->minval && is_numeric($varInput) && $varInput < $this->minval) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['minval'], $this->strLabel, $this->minval));
}
if ($this->maxval && is_numeric($varInput) && $varInput > $this->maxval) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['maxval'], $this->strLabel, $this->maxval));
}
if ($this->rgxp != '') {
switch ($this->rgxp) {
// Special validation rule for style sheets
case strncmp($this->rgxp, 'digit_', 6) === 0:
$textual = explode('_', $this->rgxp);
array_shift($textual);
if (in_array($varInput, $textual) || strncmp($varInput, '$', 1) === 0) {
break;
}
// DO NOT ADD A break; STATEMENT HERE
// Numeric characters (including full stop [.] and minus [-])
// DO NOT ADD A break; STATEMENT HERE
// Numeric characters (including full stop [.] and minus [-])
case 'digit':
// Support decimal commas and convert them automatically (see #3488)
if (substr_count($varInput, ',') == 1 && strpos($varInput, '.') === false) {
$varInput = str_replace(',', '.', $varInput);
}
if (!\Validator::isNumeric($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['digit'], $this->strLabel));
}
break;
// Natural numbers (positive integers)
// Natural numbers (positive integers)
case 'natural':
if (!\Validator::isNatural($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['natural'], $this->strLabel));
}
break;
// Alphabetic characters (including full stop [.] minus [-] and space [ ])
// Alphabetic characters (including full stop [.] minus [-] and space [ ])
case 'alpha':
if (!\Validator::isAlphabetic($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alpha'], $this->strLabel));
}
break;
// Alphanumeric characters (including full stop [.] minus [-], underscore [_] and space [ ])
// Alphanumeric characters (including full stop [.] minus [-], underscore [_] and space [ ])
case 'alnum':
if (!\Validator::isAlphanumeric($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alnum'], $this->strLabel));
}
break;
// Do not allow any characters that are usually encoded by class Input [=<>()#/])
// Do not allow any characters that are usually encoded by class Input [=<>()#/])
case 'extnd':
if (!\Validator::isExtendedAlphanumeric(html_entity_decode($varInput))) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['extnd'], $this->strLabel));
}
break;
// Check whether the current value is a valid date format
// Check whether the current value is a valid date format
case 'date':
if (!\Validator::isDate($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['date'], \Date::getInputFormat(\Date::getNumericDateFormat())));
} else {
// Validate the date (see #5086)
try {
new \Date($varInput, \Date::getNumericDateFormat());
} catch (\OutOfBoundsException $e) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varInput));
}
}
break;
// Check whether the current value is a valid time format
// Check whether the current value is a valid time format
case 'time':
if (!\Validator::isTime($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['time'], \Date::getInputFormat(\Date::getNumericTimeFormat())));
}
break;
// Check whether the current value is a valid date and time format
// Check whether the current value is a valid date and time format
case 'datim':
if (!\Validator::isDatim($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['dateTime'], \Date::getInputFormat(\Date::getNumericDatimFormat())));
} else {
// Validate the date (see #5086)
try {
new \Date($varInput, \Date::getNumericDatimFormat());
} catch (\OutOfBoundsException $e) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidDate'], $varInput));
}
}
break;
// Check whether the current value is a valid friendly name e-mail address
// Check whether the current value is a valid friendly name e-mail address
case 'friendly':
list($strName, $varInput) = \String::splitFriendlyEmail($varInput);
// no break;
// Check whether the current value is a valid e-mail address
// no break;
// Check whether the current value is a valid e-mail address
case 'email':
if (!\Validator::isEmail($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['email'], $this->strLabel));
}
if ($this->rgxp == 'friendly' && $strName != '') {
$varInput = $strName . ' [' . $varInput . ']';
}
break;
// Check whether the current value is list of valid e-mail addresses
// Check whether the current value is list of valid e-mail addresses
case 'emails':
$arrEmails = trimsplit(',', $varInput);
foreach ($arrEmails as $strEmail) {
$strEmail = \Idna::encodeEmail($strEmail);
if (!\Validator::isEmail($strEmail)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['emails'], $this->strLabel));
break;
}
}
break;
// Check whether the current value is a valid URL
// Check whether the current value is a valid URL
case 'url':
if (!\Validator::isUrl($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['url'], $this->strLabel));
}
break;
// Check whether the current value is a valid alias
// Check whether the current value is a valid alias
case 'alias':
if (!\Validator::isAlias($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alias'], $this->strLabel));
}
break;
// Check whether the current value is a valid folder URL alias
// Check whether the current value is a valid folder URL alias
case 'folderalias':
if (!\Validator::isFolderAlias($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['folderalias'], $this->strLabel));
}
break;
// Phone numbers (numeric characters, space [ ], plus [+], minus [-], parentheses [()] and slash [/])
// Phone numbers (numeric characters, space [ ], plus [+], minus [-], parentheses [()] and slash [/])
case 'phone':
if (!\Validator::isPhone(html_entity_decode($varInput))) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['phone'], $this->strLabel));
}
break;
// Check whether the current value is a percent value
// Check whether the current value is a percent value
case 'prcnt':
if (!\Validator::isPercent($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['prcnt'], $this->strLabel));
}
break;
// Check whether the current value is a locale
// Check whether the current value is a locale
case 'locale':
if (!\Validator::isLocale($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['locale'], $this->strLabel));
}
break;
// Check whether the current value is a language code
// Check whether the current value is a language code
case 'language':
if (!\Validator::isLanguage($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['language'], $this->strLabel));
}
break;
// Check whether the current value is a Google+ ID or vanity name
// Check whether the current value is a Google+ ID or vanity name
case 'google+':
if (!\Validator::isGooglePlusId($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['invalidGoogleId'], $this->strLabel));
}
break;
// HOOK: pass unknown tags to callback functions
// HOOK: pass unknown tags to callback functions
default:
if (isset($GLOBALS['TL_HOOKS']['addCustomRegexp']) && is_array($GLOBALS['TL_HOOKS']['addCustomRegexp'])) {
foreach ($GLOBALS['TL_HOOKS']['addCustomRegexp'] as $callback) {
$this->import($callback[0]);
$break = $this->{$callback}[0]->{$callback}[1]($this->rgxp, $varInput, $this);
// Stop the loop if a callback returned true
if ($break === true) {
break;
}
}
}
break;
}
}
if ($this->isHexColor && $varInput != '' && strncmp($varInput, '$', 1) !== 0) {
$varInput = preg_replace('/[^a-f0-9]+/i', '', $varInput);
}
if ($this->nospace && preg_match('/[\\t ]+/', $varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['noSpace'], $this->strLabel));
}
if ($this->spaceToUnderscore) {
$varInput = preg_replace('/\\s+/', '_', trim($varInput));
}
if (is_bool($this->trailingSlash) && $varInput != '') {
$varInput = preg_replace('/\\/+$/', '', $varInput) . ($this->trailingSlash ? '/' : '');
}
return $varInput;
}
/**
* Recursively validate an input variable
*
* @param mixed $varInput The user input
*
* @return mixed The original or modified user input
*/
protected function validator($varInput)
{
if (is_array($varInput)) {
foreach ($varInput as $k => $v) {
$varInput[$k] = $this->validator($v);
}
return $varInput;
}
$varInput = trim($varInput);
if ($varInput == '') {
if (!$this->mandatory) {
return '';
} else {
if ($this->strLabel == '') {
$this->addError($GLOBALS['TL_LANG']['ERR']['mdtryNoLabel']);
} else {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['mandatory'], $this->strLabel));
}
}
}
if ($this->minlength && $varInput != '' && utf8_strlen($varInput) < $this->minlength) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['minlength'], $this->strLabel, $this->minlength));
}
if ($this->maxlength && $varInput != '' && utf8_strlen($varInput) > $this->maxlength) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['maxlength'], $this->strLabel, $this->maxlength));
}
if ($this->rgxp != '') {
switch ($this->rgxp) {
// Special validation rule for style sheets
case strncmp($this->rgxp, 'digit_', 6) === 0:
$textual = explode('_', $this->rgxp);
array_shift($textual);
if (in_array($varInput, $textual) || strncmp($varInput, '$', 1) === 0) {
break;
}
// DO NOT ADD A break; STATEMENT HERE
// Numeric characters (including full stop [.] minus [-] and space [ ])
// DO NOT ADD A break; STATEMENT HERE
// Numeric characters (including full stop [.] minus [-] and space [ ])
case 'digit':
if (!\Validator::isNumeric($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['digit'], $this->strLabel));
}
break;
// Alphabetic characters (including full stop [.] minus [-] and space [ ])
// Alphabetic characters (including full stop [.] minus [-] and space [ ])
case 'alpha':
if (!\Validator::isAlphabetic($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alpha'], $this->strLabel));
}
break;
// Alphanumeric characters (including full stop [.] minus [-], underscore [_] and space [ ])
// Alphanumeric characters (including full stop [.] minus [-], underscore [_] and space [ ])
case 'alnum':
if (!\Validator::isAlphanumeric($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alnum'], $this->strLabel));
}
break;
// Do not allow any characters that are usually encoded by class Input [=<>()#/])
// Do not allow any characters that are usually encoded by class Input [=<>()#/])
case 'extnd':
if (!\Validator::isExtendedAlphanumeric(html_entity_decode($varInput))) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['extnd'], $this->strLabel));
}
break;
// Check whether the current value is a valid date format
// Check whether the current value is a valid date format
case 'date':
$objDate = new \Date();
if (!preg_match('~^' . $objDate->getRegexp($GLOBALS['TL_CONFIG']['dateFormat']) . '$~i', $varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['date'], $objDate->getInputFormat($GLOBALS['TL_CONFIG']['dateFormat'])));
}
break;
// Check whether the current value is a valid time format
// Check whether the current value is a valid time format
case 'time':
$objDate = new \Date();
if (!preg_match('~^' . $objDate->getRegexp($GLOBALS['TL_CONFIG']['timeFormat']) . '$~i', $varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['time'], $objDate->getInputFormat($GLOBALS['TL_CONFIG']['timeFormat'])));
}
break;
// Check whether the current value is a valid date and time format
// Check whether the current value is a valid date and time format
case 'datim':
$objDate = new \Date();
if (!preg_match('~^' . $objDate->getRegexp($GLOBALS['TL_CONFIG']['datimFormat']) . '$~i', $varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['dateTime'], $objDate->getInputFormat($GLOBALS['TL_CONFIG']['datimFormat'])));
}
break;
// Check whether the current value is a valid friendly name e-mail address
// Check whether the current value is a valid friendly name e-mail address
case 'friendly':
list($strName, $varInput) = $this->splitFriendlyName($varInput);
// no break;
// Check whether the current value is a valid e-mail address
// no break;
// Check whether the current value is a valid e-mail address
case 'email':
if (!\Validator::isEmail($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['email'], $this->strLabel));
}
if ($this->rgxp == 'friendly' && $strName != '') {
$varInput = $strName . ' [' . $varInput . ']';
}
break;
// Check whether the current value is list of valid e-mail addresses
// Check whether the current value is list of valid e-mail addresses
case 'emails':
$arrEmails = trimsplit(',', $varInput);
foreach ($arrEmails as $strEmail) {
$strEmail = \Idna::encodeEmail($strEmail);
if (!\Validator::isEmail($strEmail)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['emails'], $this->strLabel));
break;
}
}
break;
// Check whether the current value is a valid URL
// Check whether the current value is a valid URL
case 'url':
if (!\Validator::isUrl($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['url'], $this->strLabel));
}
break;
// Check whether the current value is a valid alias
// Check whether the current value is a valid alias
case 'alias':
if (!\Validator::isAlias($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['alias'], $this->strLabel));
}
break;
// Check whether the current value is a valid folder URL alias
// Check whether the current value is a valid folder URL alias
case 'folderalias':
if (!\Validator::isFolderAlias($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['folderalias'], $this->strLabel));
}
break;
// Phone numbers (numeric characters, space [ ], plus [+], minus [-], parentheses [()] and slash [/])
// Phone numbers (numeric characters, space [ ], plus [+], minus [-], parentheses [()] and slash [/])
case 'phone':
if (!\Validator::isPhone(html_entity_decode($varInput))) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['phone'], $this->strLabel));
}
break;
// Check whether the current value is a percent value
// Check whether the current value is a percent value
case 'prcnt':
if (!\Validator::isPercent($varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['prcnt'], $this->strLabel));
}
break;
// HOOK: pass unknown tags to callback functions
// HOOK: pass unknown tags to callback functions
default:
if (isset($GLOBALS['TL_HOOKS']['addCustomRegexp']) && is_array($GLOBALS['TL_HOOKS']['addCustomRegexp'])) {
foreach ($GLOBALS['TL_HOOKS']['addCustomRegexp'] as $callback) {
$this->import($callback[0]);
$break = $this->{$callback}[0]->{$callback}[1]($this->rgxp, $varInput, $this);
// Stop the loop if a callback returned true
if ($break === true) {
break;
}
}
}
break;
}
}
if ($this->isHexColor && $varInput != '' && strncmp($varInput, '$', 1) !== 0) {
$varInput = preg_replace('/[^a-f0-9]+/i', '', $varInput);
}
if ($this->nospace && preg_match('/[\\t ]+/i', $varInput)) {
$this->addError(sprintf($GLOBALS['TL_LANG']['ERR']['noSpace'], $this->strLabel));
}
if ($this->spaceToUnderscore) {
$varInput = preg_replace('/\\s+/i', '_', trim($varInput));
}
if (is_bool($this->trailingSlash) && $varInput != '') {
$varInput = preg_replace('/\\/+$/i', '', $varInput) . ($this->trailingSlash ? '/' : '');
}
return $varInput;
}
/**
* Generate CC or BCC recipients from comma separated string
*
* @param string $strRecipients
* @param array $arrTokens
*
* @return array
*/
public static function compileRecipients($strRecipients, $arrTokens)
{
// Replaces tokens first so that tokens can contain a list of recipients.
$strRecipients = \Haste\Util\StringUtil::recursiveReplaceTokensAndTags($strRecipients, $arrTokens, static::NO_TAGS | static::NO_BREAKS);
$arrRecipients = array();
foreach ((array) trimsplit(',', $strRecipients) as $strAddress) {
if ($strAddress != '') {
list($strName, $strEmail) = \String::splitFriendlyEmail($strAddress);
// Address could become empty through invalid insert tag
if ($strAddress == '' || !\Validator::isEmail($strEmail)) {
continue;
}
$arrRecipients[] = $strAddress;
}
}
return $arrRecipients;
}
/**
* Return a form to choose a CSV file and import it
*
* @return string
*/
public function importRecipients()
{
if (\Input::get('key') != 'import') {
return '';
}
$this->import('BackendUser', 'User');
$class = $this->User->uploader;
// See #4086 and #7046
if (!class_exists($class) || $class == 'DropZone') {
$class = 'FileUpload';
}
/** @var \FileUpload $objUploader */
$objUploader = new $class();
// Import CSS
if (\Input::post('FORM_SUBMIT') == 'tl_recipients_import') {
$arrUploaded = $objUploader->uploadTo('system/tmp');
if (empty($arrUploaded)) {
\Message::addError($GLOBALS['TL_LANG']['ERR']['all_fields']);
$this->reload();
}
$time = time();
$intTotal = 0;
$intInvalid = 0;
foreach ($arrUploaded as $strCsvFile) {
$objFile = new \File($strCsvFile, true);
if ($objFile->extension != 'csv') {
\Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['filetype'], $objFile->extension));
continue;
}
// Get separator
switch (\Input::post('separator')) {
case 'semicolon':
$strSeparator = ';';
break;
case 'tabulator':
$strSeparator = "\t";
break;
case 'linebreak':
$strSeparator = "\n";
break;
default:
$strSeparator = ',';
break;
}
$arrRecipients = array();
$resFile = $objFile->handle;
while (($arrRow = @fgetcsv($resFile, null, $strSeparator)) !== false) {
$arrRecipients = array_merge($arrRecipients, $arrRow);
}
$arrRecipients = array_filter(array_unique($arrRecipients));
foreach ($arrRecipients as $strRecipient) {
// Skip invalid entries
if (!\Validator::isEmail($strRecipient)) {
$this->log('Recipient address "' . $strRecipient . '" seems to be invalid and has been skipped', __METHOD__, TL_ERROR);
++$intInvalid;
continue;
}
// Check whether the e-mail address exists
$objRecipient = $this->Database->prepare("SELECT COUNT(*) AS count FROM tl_newsletter_recipients WHERE pid=? AND email=?")->execute(\Input::get('id'), $strRecipient);
if ($objRecipient->count < 1) {
$this->Database->prepare("INSERT INTO tl_newsletter_recipients SET pid=?, tstamp={$time}, email=?, active=1")->execute(\Input::get('id'), $strRecipient);
++$intTotal;
}
}
}
\Message::addConfirmation(sprintf($GLOBALS['TL_LANG']['tl_newsletter_recipients']['confirm'], $intTotal));
if ($intInvalid > 0) {
\Message::addInfo(sprintf($GLOBALS['TL_LANG']['tl_newsletter_recipients']['invalid'], $intInvalid));
}
\System::setCookie('BE_PAGE_OFFSET', 0, 0);
$this->reload();
}
// Return form
return '
<div id="tl_buttons">
<a href="' . ampersand(str_replace('&key=import', '', \Environment::get('request'))) . '" class="header_back" title="' . specialchars($GLOBALS['TL_LANG']['MSC']['backBTTitle']) . '" accesskey="b">' . $GLOBALS['TL_LANG']['MSC']['backBT'] . '</a>
</div>
' . \Message::generate() . '
<form action="' . ampersand(\Environment::get('request'), true) . '" id="tl_recipients_import" class="tl_form" method="post" enctype="multipart/form-data">
<div class="tl_formbody_edit">
<input type="hidden" name="FORM_SUBMIT" value="tl_recipients_import">
<input type="hidden" name="REQUEST_TOKEN" value="' . REQUEST_TOKEN . '">
<input type="hidden" name="MAX_FILE_SIZE" value="' . \Config::get('maxFileSize') . '">
<div class="tl_tbox">
<h3><label for="separator">' . $GLOBALS['TL_LANG']['MSC']['separator'][0] . '</label></h3>
<select name="separator" id="separator" class="tl_select" onfocus="Backend.getScrollOffset()">
<option value="comma">' . $GLOBALS['TL_LANG']['MSC']['comma'] . '</option>
<option value="semicolon">' . $GLOBALS['TL_LANG']['MSC']['semicolon'] . '</option>
<option value="tabulator">' . $GLOBALS['TL_LANG']['MSC']['tabulator'] . '</option>
<option value="linebreak">' . $GLOBALS['TL_LANG']['MSC']['linebreak'] . '</option>
</select>' . ($GLOBALS['TL_LANG']['MSC']['separator'][1] != '' ? '
<p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['MSC']['separator'][1] . '</p>' : '') . '
<h3>' . $GLOBALS['TL_LANG']['MSC']['source'][0] . '</h3>' . $objUploader->generateMarkup() . (isset($GLOBALS['TL_LANG']['MSC']['source'][1]) ? '
<p class="tl_help tl_tip">' . $GLOBALS['TL_LANG']['MSC']['source'][1] . '</p>' : '') . '
</div>
</div>
<div class="tl_formbody_submit">
<div class="tl_submit_container">
<input type="submit" name="save" id="save" class="tl_submit" accesskey="s" value="' . specialchars($GLOBALS['TL_LANG']['tl_newsletter_recipients']['import'][0]) . '">
</div>
</div>
</form>';
}
protected function commentsController()
{
$returnarray['error'] = $this->errorcode(0);
$returnarray['changes'] = 1;
$getTs = \Input::get($this->request['ts']);
$getId = \Input::get($this->request['id']);
$returnarray['ts'] = isset($getTs) ? $getTs : 0;
if (isset($getId)) {
if (\Input::get($this->request['action']) == 'add') {
$comment = $_REQUEST[$this->request['comment']];
$name = $_REQUEST[$this->request['name']];
$email = $_REQUEST[$this->request['email']];
$key = $_REQUEST[$this->request['key']];
if (!$comment || $comment == "" || !$name || !$email) {
$returnarray['error'] = $this->errorcode(30);
} elseif (!\Validator::isEmail($email)) {
$returnarray['error'] = $this->errorcode(31);
} else {
$ts = time();
$arrInsert = array('tstamp' => $ts, 'source' => 'tl_news', 'parent' => $getId, 'date' => $ts, 'name' => $name, 'email' => $email, 'comment' => trim($comment), 'published' => $this->settings['news_moderate'] == 1 ? 0 : 1, 'ip' => \Environment::get('remote_addr'));
$objComment = new \CommentsModel();
$objComment->setRow($arrInsert)->save();
if ($objComment->id) {
$strComment = $_REQUEST[$this->request['comment']];
$strComment = strip_tags($strComment);
$strComment = \String::decodeEntities($strComment);
$strComment = str_replace(array('[&]', '[lt]', '[gt]'), array('&', '<', '>'), $strComment);
$objTemplate = new \FrontendTemplate('kommentar_email');
$objTemplate->name = $arrInsert['name'] . ' (' . $arrInsert['email'] . ')';
$objTemplate->comment = $strComment;
$objTemplate->edit = \Idna::decode(\Environment::get('base')) . 'contao/main.php?do=comments&act=edit&id=' . $objComment->id;
$objEmail = new \Email();
$objEmail->from = $GLOBALS['TL_ADMIN_EMAIL'];
$objEmail->fromName = $GLOBALS['TL_ADMIN_NAME'];
$objEmail->subject = sprintf($GLOBALS['TL_LANG']['MSC']['com_subject'], \Idna::decode(\Environment::get('host')));
$objEmail->text = $objTemplate->parse();
if ($GLOBALS['TL_ADMIN_EMAIL'] != '') {
$objEmail->sendTo($GLOBALS['TL_ADMIN_EMAIL']);
}
$returnarray['error'] = $this->errorcode(0);
$returnarray['ts'] = $ts;
$returnarray['comment_id'] = $objComment->id;
$returnarray['changes'] = 1;
$returnarray['status'] = $this->settings['news_moderate'] == 1 ? 'Kommentar wird geprüft.' : "Kommentar veröffentlicht.";
} else {
$returnarray['error'] = $this->errorcode(31);
}
}
} else {
$post = $this->getComment($getId);
if ($post['commentStatus'] == 'open') {
$returnarray['comment_status'] = $post['commentStatus'];
$returnarray['comments_count'] = $post['commentsCount'];
$returnarray['REQUEST_TOKEN'] = REQUEST_TOKEN;
if ($post['commentsCount'] > 0) {
$pos = 0;
foreach ($post['items'] as $comment) {
$tempArray = array();
$tempArray['pos'] = ++$pos;
$tempArray['id'] = $comment->id;
$tempArray['text'] = strip_tags($comment->comment);
$tempArray['timestamp'] = (int) $comment->date;
if ($tempArray['timestamp'] > $returnarray['ts']) {
$returnarray['ts'] = $tempArray['timestamp'];
$returnarray['changes'] = 1;
}
$tempArray['datum'] = date('d.m.Y, H:i', $tempArray['timestamp']);
$tempArray['author']['name'] = $comment->name;
$tempArray['author']['id'] = "0";
$tempArray['author']['email'] = $comment->email;
$tempArray['author']['img'] = "";
if ($comment->addReply) {
$objUser = \UserModel::findByPk($comment->author);
$tempArray['subitems'] = array(array('pos' => 1, 'id' => 1, 'parent_id' => $comment->id, 'text' => strip_tags($comment->reply), 'timestamp' => (int) $comment->tstamp, 'datum' => date('d.m.Y, H:i', $comment->tstamp), 'author' => array('name' => $objUser->name, 'id' => $objUser->id, 'email' => $objUser->email, 'img' => "")));
}
$returnarray['items'][] = $tempArray;
}
if ($returnarray['changes'] != 1) {
unset($returnarray['items']);
}
}
} else {
$returnarray['error'] = $this->errorcode(29);
}
}
} else {
$returnarray['error'] = $this->errorcode(15);
}
return array('comments' => $returnarray);
}
protected function getValidDomainUsername()
{
$arrDomainList = $this->getDomainList();
$username = $_POST['username'];
$domain = $_POST['domain'];
if (\Validator::isEmail($username)) {
$domain = substr($username, strpos($username, '@'));
// remove domain
$username = str_replace($domain, '', $username);
}
$domain = $arrDomainList[str_replace('@', '', $domain)];
if ($domain === null) {
$_SESSION['LOGIN_ERROR'] = $GLOBALS['TL_LANG']['MSC']['invalidDomain'];
return null;
}
// combine domain with username
if ($domain !== null) {
$username = $username . $domain;
}
return $username;
}
<?php
require_once 'inc/bootstrap.php';
if (!empty($_POST)) {
$db = theApp::getDataBase();
$errors = array();
$validator = new Validator($_POST);
$validator->isAlpha('username', 'Votre pseudo n\'est pas valide, il doit etre au format AlphaNumérique');
if ($validator->isValid()) {
$validator->isUniq('username', $db, 'users', 'Ce pseudo est déjà utilisé');
}
$validator->isEmail('email', 'Votre email n\'est pas valide');
if ($validator->isValid()) {
$validator->isUniq('email', $db, 'users', 'Cet Email est deja utilisé pour un autre compte!');
}
$validator->isConfirmPWD('password', 'Vos deux mots de passe ne sont pas les mêmes');
if ($validator->isValid()) {
$auth = theApp::getAuth();
$auth->register($db, $_POST['username'], $_POST['password'], $_POST['email']);
$session = Session::getInstance();
$session->setFlash('success', 'un email de confirmation vous a été envoyé!');
header('Location: login.php');
exit;
} else {
$errors = $validator->getErrors();
}
}
require 'inc/header.php';
?>
<h1>S'inscrire</h1>
private function notifiy($insertId)
{
$result = $this->Database->prepare('SELECT
tl_shoutbox_entries.*,
tl_shoutbox.email AS email,
tl_member.username AS username,
tl_member.email AS useremail
FROM tl_shoutbox_entries, tl_shoutbox, tl_member
WHERE tl_shoutbox_entries.id = ?
AND tl_shoutbox_entries.member = tl_member.id
AND tl_shoutbox_entries.pid = tl_shoutbox.id')->execute($insertId);
if ($result->numRows != 1) {
return false;
}
$data = (object) $result->row();
if (!\Validator::isEmail($data->email)) {
return false;
}
// Convert the comment to plain text
$strComment = \String::decodeEntities(strip_tags($data->entry));
$strComment = str_replace(array('[&]', '[lt]', '[gt]'), array('&', '<', '>'), $strComment);
$objEmail = new \Email();
$objEmail->from = $GLOBALS['TL_ADMIN_EMAIL'];
$objEmail->fromName = $GLOBALS['TL_ADMIN_NAME'];
$objEmail->subject = "New shoutbox entry from " . $data->username . ' (' . $data->useremail . ')';
// Add comment details
$objEmail->text = sprintf($GLOBALS['TL_LANG']['MSC']['com_message'], $data->username . ' (' . $data->useremail . ')', $strComment, \Environment::get('base') . \Environment::get('request'), \Environment::get('base') . 'contao/main.php?do=shoutbox&table=tl_shoutbox_entries&id=' . $data->pid);
$objEmail->sendTo($data->email);
return true;
}
/**
* Validate e-mail addresses in the comma separated list
* @param mixed
* @param \DataContainer
* @return mixed
* @throws \Exception
*/
public function validateEmailList($varValue, \DataContainer $dc)
{
if ($varValue != '') {
$chunks = trimsplit(',', $varValue);
foreach ($chunks as $chunk) {
// Skip string with tokens or inserttags
if (strpos($chunk, '##') !== false || strpos($chunk, '{{') !== false || strpos($chunk, '{if') !== false) {
continue;
}
if (!\Validator::isEmail($chunk)) {
throw new \Exception($GLOBALS['TL_LANG']['ERR']['emails']);
}
}
}
return $varValue;
}
/**
*
* @param type $arrSubmitted
* @param type $arrLabels
* @param type $objForm
*/
public function emailNearestStore(&$arrSubmitted, $arrLabels, $objForm)
{
if ($objForm->anystores_emailNearestStore == 1) {
// if there is no postal field
if (!strlen($arrSubmitted['postal'])) {
\System::log("No postal field for email nearest store", __METHOD__, TL_ERROR);
return;
}
$arrSearch[] = $arrSubmitted['street'] ?: null;
$arrSearch[] = $arrSubmitted['postal'] ?: null;
$arrSearch[] = $arrSubmitted['city'] ?: null;
$arrSearch[] = $arrSubmitted['country'] ?: null;
// drop empty arrays
$arrSearch = array_filter($arrSearch, 'count');
// query string
$strSearch = implode(', ', $arrSearch);
$objStore = AnyStoresModel::findPublishedByAdressAndCountryAndCategory($strSearch, null, deserialize($objForm->anystores_categories), 1);
if (!$objStore) {
\System::log("No store found for email", __METHOD__, TL_ERROR);
return;
}
if (\Validator::isEmail($objStore->email)) {
// legagy contao
$objForm->recipient .= ',' . $objStore->email;
// efg
$objForm->formattedMailRecipient .= ',' . $objStore->email;
}
}
}
/**
* Create an admin user
*/
protected function createAdminUser()
{
try {
$objAdmin = $this->Database->execute("SELECT COUNT(*) AS count FROM tl_user WHERE admin=1");
if ($objAdmin->count > 0) {
$this->Template->adminCreated = true;
} elseif (\Input::post('FORM_SUBMIT') == 'tl_admin') {
// Do not allow special characters in usernames
if (preg_match('/[#()\\/<=>]/', \Input::post('username', true))) {
$this->Template->usernameError = $GLOBALS['TL_LANG']['ERR']['extnd'];
} elseif (strpos(\Input::post('username', true), ' ') !== false) {
$this->Template->usernameError = sprintf($GLOBALS['TL_LANG']['ERR']['noSpace'], $GLOBALS['TL_LANG']['MSC']['username']);
} elseif (!\Validator::isEmail(\Input::post('email', true))) {
$this->Template->emailError = $GLOBALS['TL_LANG']['ERR']['email'];
} elseif (\Input::post('pass', true) != \Input::post('confirm_pass', true)) {
$this->Template->passwordError = $GLOBALS['TL_LANG']['ERR']['passwordMatch'];
} elseif (utf8_strlen(\Input::post('pass', true)) < \Config::get('minPasswordLength')) {
$this->Template->passwordError = sprintf($GLOBALS['TL_LANG']['ERR']['passwordLength'], \Config::get('minPasswordLength'));
} elseif (\Input::post('pass', true) == \Input::post('username', true)) {
$this->Template->passwordError = $GLOBALS['TL_LANG']['ERR']['passwordName'];
} elseif (\Input::post('name') != '' && \Input::post('email', true) != '' && \Input::post('username', true) != '') {
$time = time();
$strPassword = \Encryption::hash(\Input::post('pass', true));
$this->Database->prepare("INSERT INTO tl_user (tstamp, name, email, username, password, language, backendTheme, admin, showHelp, useRTE, useCE, thumbnails, dateAdded) VALUES ({$time}, ?, ?, ?, ?, ?, ?, 1, 1, 1, 1, 1, {$time})")->execute(\Input::post('name'), \Input::post('email', true), \Input::post('username', true), $strPassword, str_replace('-', '_', $GLOBALS['TL_LANGUAGE']), \Config::get('backendTheme'));
\Config::persist('adminEmail', \Input::post('email', true));
// Scan the upload folder (see #6134)
if ($this->Database->tableExists('tl_files') && $this->Database->query("SELECT COUNT(*) AS count FROM tl_files")->count < 1) {
$this->import('Database\\Updater', 'Updater');
$this->Updater->scanUploadFolder();
}
$this->reload();
}
$this->Template->adminName = \Input::post('name');
$this->Template->adminEmail = \Input::post('email', true);
$this->Template->adminUser = \Input::post('username', true);
}
} catch (\Exception $e) {
$this->Template->adminCreated = false;
}
}
/**
* Remove the recipient
*/
protected function removeRecipient()
{
$arrChannels = \Input::post('channels');
if (!is_array($arrChannels)) {
$_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['noChannels'];
$this->reload();
}
$arrChannels = array_intersect($arrChannels, $this->nl_channels);
// see #3240
// Check the selection
if (!is_array($arrChannels) || empty($arrChannels)) {
$_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['noChannels'];
$this->reload();
}
$varInput = \Idna::encodeEmail(\Input::post('email', true));
// Validate e-mail address
if (!\Validator::isEmail($varInput)) {
$_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['email'];
$this->reload();
}
$arrSubscriptions = array();
// Get the existing active subscriptions
if (($objSubscription = \NewsletterRecipientsModel::findBy(array("email=? AND active=1"), $varInput)) !== null) {
$arrSubscriptions = $objSubscription->fetchEach('pid');
}
$arrRemove = array_intersect($arrChannels, $arrSubscriptions);
// Return if there are no subscriptions to remove
if (!is_array($arrRemove) || empty($arrRemove)) {
$_SESSION['UNSUBSCRIBE_ERROR'] = $GLOBALS['TL_LANG']['ERR']['unsubscribed'];
$this->reload();
}
// Remove the subscriptions
if (($objRemove = \NewsletterRecipientsModel::findByEmailAndPids($varInput, $arrRemove)) !== null) {
while ($objRemove->next()) {
$objRemove->delete();
}
}
// Get the channels
$objChannels = \NewsletterChannelModel::findByIds($arrRemove);
$arrChannels = $objChannels->fetchEach('title');
// HOOK: post unsubscribe callback
if (isset($GLOBALS['TL_HOOKS']['removeRecipient']) && is_array($GLOBALS['TL_HOOKS']['removeRecipient'])) {
foreach ($GLOBALS['TL_HOOKS']['removeRecipient'] as $callback) {
$this->import($callback[0]);
$this->{$callback[0]}->{$callback[1]}($varInput, $arrRemove);
}
}
// Prepare the simple token data
$arrData = array();
$arrData['domain'] = \Idna::decode(\Environment::get('host'));
$arrData['channel'] = $arrData['channels'] = implode("\n", $arrChannels);
// Confirmation e-mail
$objEmail = new \Email();
$objEmail->from = $GLOBALS['TL_ADMIN_EMAIL'];
$objEmail->fromName = $GLOBALS['TL_ADMIN_NAME'];
$objEmail->subject = sprintf($GLOBALS['TL_LANG']['MSC']['nl_subject'], \Idna::decode(\Environment::get('host')));
$objEmail->text = \StringUtil::parseSimpleTokens($this->nl_unsubscribe, $arrData);
$objEmail->sendTo($varInput);
// Redirect to the jumpTo page
if ($this->jumpTo && ($objTarget = $this->objModel->getRelated('jumpTo')) !== null) {
/** @var \PageModel $objTarget */
$this->redirect($objTarget->getFrontendUrl());
}
$_SESSION['UNSUBSCRIBE_CONFIRM'] = $GLOBALS['TL_LANG']['MSC']['nl_removed'];
$this->reload();
}
