/**
* Sends the collected messages from sendingMail as e-mail.
*/
function bulkSend()
{
// if nothing to do, return
if (empty($this->bulk_mail)) {
return;
}
// send a mail, for each language one
foreach ($this->bulk_mail as $lang_data) {
foreach ($lang_data as $data) {
$mail = new StudipMail();
$mail->setSubject($data['title']);
foreach ($data['users'] as $user_id => $to) {
$mail->addRecipient($to, get_fullname($user_id), 'Bcc');
}
$mail->setReplyToEmail('')->setBodyText($data['text']);
if (strlen($data['reply_to'])) {
$mail->setSenderEmail($data['reply_to'])->setSenderName($snd_fullname);
}
$user_cfg = UserConfig::get($user_id);
if ($user_cfg->getValue('MAIL_AS_HTML')) {
$mail->setBodyHtml($mailhtml);
}
if ($GLOBALS["ENABLE_EMAIL_ATTACHMENTS"]) {
foreach (get_message_attachments($data['message_id']) as $attachment) {
$mail->addStudipAttachment($attachment['dokument_id']);
}
}
$mail->send();
}
}
}
$message = MessageBox::info($info, $details);
} else {
if (empty($secret)) {
$message = MessageBox::error(_('Sie müssen den vollständigen Link aus der Bestätigungsmail in die Adresszeile Ihres Browsers kopieren.'));
} else {
if ($secret != $hash) {
$error = _('Der übergebene <em>Secret-Code</em> ist nicht korrekt.');
$details = array();
$details[] = _('Sie müssen unter dem Benutzernamen eingeloggt sein, für den Sie die Bestätigungsmail erhalten haben.');
$details[] = _('Und Sie müssen den vollständigen Link aus der Bestätigungsmail in die Adresszeile Ihres Browsers kopieren.');
$message = MessageBox::error($error, $details);
// Mail an abuse
$REMOTE_ADDR = getenv("REMOTE_ADDR");
$Zeit = date("H:i:s, d.m.Y", time());
$username = $auth->auth["uname"];
StudipMail::sendAbuseMessage("Validation", "Secret falsch\n\nUser: {$username}\n\nIP: {$REMOTE_ADDR}\nZeit: {$Zeit}\n");
} else {
if ($secret == $hash) {
$query = "UPDATE auth_user_md5 SET perms = 'autor' WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($user->id));
if ($statement->rowCount() == 0) {
$error = _('Fehler! Bitte wenden Sie sich an den Systemadministrator.');
$details = array($query);
$message = MessageBox::error($error, $details);
} else {
$success = _('Ihr Status wurde erfolgreich auf <em>autor</em> gesetzt.<br>
Damit dürfen Sie in den meisten Veranstaltungen schreiben, für die Sie sich anmelden.');
$details = array();
$details[] = _('Einige Veranstaltungen erfordern allerdings bei der Anmeldung die Eingabe eines Passwortes.
Dieses Passwort erfahren Sie von den Lehrenden der Veranstaltung.');
/**
* Send a validation mail to the passed user
*
* @param User $user a user-object or id of the user
* to resend the validation mail for
*
* @return void
*/
public static function sendValidationMail($user)
{
global $_language_path;
// if no user-object is given interpret it as a user-id
if (is_string($user)) {
$user = new User($user);
}
// template-variables for the include partial
$Zeit = date("H:i:s, d.m.Y", $user->mkdate);
$username = $user->username;
$Vorname = $user->vorname;
$Nachname = $user->nachname;
$Email = $user->email;
// (re-)send the confirmation mail
$to = $user->email;
$secret = md5($user->user_id . ':' . self::$magic);
$url = $GLOBALS['ABSOLUTE_URI_STUDIP'] . "email_validation.php?secret=" . $secret;
$mail = new StudipMail();
$abuse = $mail->getReplyToEmail();
// include language-specific subject and mailbody
include_once "locale/{$_language_path}/LC_MAILS/register_mail.inc.php";
// send the mail
$mail->setSubject($subject)->addRecipient($to)->setBodyText($mailbody)->send();
}
/**
* Executes the cronjob.
*
* @param mixed $last_result What the last execution of this cronjob
* returned.
* @param Array $parameters Parameters for this cronjob instance which
* were defined during scheduling.
* Only valid parameter at the moment is
* "verbose" which toggles verbose output while
* purging the cache.
*/
public function execute($last_result, $parameters = array())
{
global $user;
$cli_user = $user;
$notification = new ModulesNotification();
$query = "SELECT DISTINCT user_id FROM seminar_user su WHERE notification <> 0";
if (get_config('DEPUTIES_ENABLE')) {
$query .= " UNION SELECT DISTINCT user_id FROM deputies WHERE notification <> 0";
}
$rs = DBManager::get()->query($query);
while ($r = $rs->fetch()) {
$user = new Seminar_User($r["user_id"]);
if ($user->locked) {
continue;
}
setTempLanguage('', $user->preferred_language);
$to = $user->email;
$title = "[" . $GLOBALS['UNI_NAME_CLEAN'] . "] " . _("Tägliche Benachrichtigung");
$mailmessage = $notification->getAllNotifications($user->id);
$ok = false;
if ($mailmessage) {
if ($user->cfg->getValue('MAIL_AS_HTML')) {
$smail = new StudipMail();
$ok = $smail->setSubject($title)->addRecipient($to)->setBodyHtml($mailmessage['html'])->setBodyText($mailmessage['text'])->send();
} else {
$ok = StudipMail::sendMessage($to, $title, $mailmessage['text']);
}
}
UserConfig::set($user->id, null);
if ($ok !== false && $parameters['verbose']) {
echo $user->username . ':' . $ok . "\n";
}
}
$user = $cli_user;
}
function parse_link($link, $level=0) {
global $name, $the_file_name, $the_link, $locationheader, $parsed_link, $link_update;
if ($level > 3)
return FALSE;
if ($link == "***" && $link_update)
$link = getLinkPath($link_update);
$url_parts = @parse_url( $link );
//filter out localhost and reserved or private IPs
if (stripos($url_parts["host"], 'localhost') !== false
|| stripos($url_parts["host"], 'loopback') !== false
|| (filter_var($url_parts["host"], FILTER_VALIDATE_IP) !== false
&& (strpos($url_parts["host"],'127') === 0
|| filter_var($url_parts["host"], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) === false)
)
) {
return array('response' => 'HTTP/1.0 400 Bad Request', 'response_code' => 400);
}
if (substr($link,0,6) == "ftp://") {
// Parsing an FTF-Adress
$documentpath = $url_parts["path"];
if (strpos($url_parts["host"],"@")) {
$url_parts["pass"] .= "@".substr($url_parts["host"],0,strpos($url_parts["host"],"@"));
$url_parts["host"] = substr(strrchr($url_parts["host"],"@"),1);
}
if (preg_match('/[^a-z0-9_.-]/i',$url_parts['host'])){ // exists umlauts ?
$IDN = new idna_convert();
$out = $IDN->encode(utf8_encode($url_parts['host'])); // false by error
$url_parts['host'] = ($out)? $out : $url_parts['host'];
}
$ftp = ftp_connect($url_parts["host"]);
if (!$url_parts["user"]) $url_parts["user"] = "******";
if (!$url_parts["pass"]) {
$mailclass = new StudipMail();
$url_parts["pass"] = $mailclass->getSenderEmail();
}
if (!@ftp_login($ftp,$url_parts["user"],$url_parts["pass"])) {
ftp_quit($ftp);
return FALSE;
}
$parsed_link["Content-Length"] = ftp_size($ftp, $documentpath);
ftp_quit($ftp);
if ($parsed_link["Content-Length"] != "-1") {
$parsed_link["HTTP/1.0 200 OK"] = "HTTP/1.0 200 OK";
$parsed_link["response_code"] = 200;
} else {
$parsed_link = FALSE;
}
$url_parts["pass"] = preg_replace("!@!","%40",$url_parts["pass"]);
$the_link = "ftp://".$url_parts["user"].":".$url_parts["pass"]."@".$url_parts["host"].$documentpath;
return $parsed_link;
} else {
if (!empty( $url_parts["path"])){
$documentpath = $url_parts["path"];
} else {
$documentpath = "/";
}
if ( !empty( $url_parts["query"] ) ) {
$documentpath .= "?" . $url_parts["query"];
}
$host = $url_parts["host"];
$port = $url_parts["port"];
$scheme = strtolower($url_parts['scheme']);
if (!in_array($scheme , words('http https'))) {
return array('response' => 'HTTP/1.0 400 Bad Request', 'response_code' => 400);
}
if ($scheme == "https") {
$ssl = TRUE;
if (empty($port)) $port = 443;
} else {
$ssl = FALSE;
}
if (empty( $port ) ) $port = "80";
if (preg_match('/[^a-z0-9_.-]/i',$host)){ // exists umlauts ?
$IDN = new idna_convert();
$out = $IDN->encode(utf8_encode($host)); // false by error
$host = ($out)? $out : $host;
$pwtxt = ($url_parts['user'] && $url_parts['pass'])? $url_parts['user'].':'. $url_parts['pass'].'@':'';
$the_link = $url_parts['scheme'].'://'.$pwtxt.$host.':'.$port.$documentpath;
}
$socket = @fsockopen( ($ssl? 'ssl://':'').$host, $port, $errno, $errstr, 10 );
if (!$socket) {
return array('response' => 'HTTP/1.0 400 Bad Request', 'response_code' => 400);
} else {
$urlString = "GET ".$documentpath." HTTP/1.0\r\nHost: $host\r\n";
if ($url_parts["user"] && $url_parts["pass"]) {
$pass = $url_parts["pass"];
$user = $url_parts["user"];
$urlString .= "Authorization: Basic ".base64_encode("$user:$pass")."\r\n";
}
$urlString .= sprintf("User-Agent: Stud.IP v%s File Crawler\r\n", $GLOBALS['SOFTWARE_VERSION']);
$urlString .= "Connection: close\r\n\r\n";
fputs($socket, $urlString);
stream_set_timeout($socket, 5);
$response = '';
do {
$response .= fgets($socket, 128);
$info = stream_get_meta_data($socket);
} while (!feof($socket) && !$info['timed_out'] && strlen($response) < 1024);
fclose($socket);
}
$parsed_link = parse_header($response);
// Anderer Dateiname?
$disposition_header = $parsed_link['Content-Disposition']
?: $parsed_link['content-disposition'];
if ($disposition_header) {
$header_parts = explode(';', $disposition_header);
foreach ($header_parts as $part) {
$part = trim($part);
list($key, $value) = explode('=', $part, 2);
if (strtolower($key) === 'filename') {
$the_file_name = trim($value, '"');
}
}
} else {
$the_file_name = basename($url_parts['path']) ?: $the_file_name;
}
// Weg über einen Locationheader:
$location_header = $parsed_link["Location"]
?: $parsed_link["location"];
if (in_array($parsed_link["response_code"], array(300,301,302,303,305,307)) && $location_header) {
if (strpos($location_header, 'http') !== 0) {
$location_header = $url_parts['scheme'] . '://' . $url_parts['host'] . '/' . $location_header;
}
$parsed_link = parse_link($location_header, $level + 1);
}
return $parsed_link;
}
}
/* set default umask to a sane value */
umask(022);
/*mail settings
----------------------------------------------------------------*/
if ($GLOBALS['MAIL_TRANSPORT']) {
$mail_transporter_name = strtolower($GLOBALS['MAIL_TRANSPORT']) . '_message';
} else {
$mail_transporter_name = 'smtp_message';
}
include 'vendor/email_message/email_message.php';
include 'vendor/email_message/' . $mail_transporter_name . '.php';
$mail_transporter_class = $mail_transporter_name . '_class';
$mail_transporter = new $mail_transporter_class();
if ($mail_transporter_name == 'smtp_message') {
include 'vendor/email_message/smtp.php';
$mail_transporter->localhost = $GLOBALS['MAIL_LOCALHOST'] == "" ? $_SERVER["SERVER_NAME"] : $GLOBALS['MAIL_LOCALHOST'];
$mail_transporter->smtp_host = $GLOBALS['MAIL_HOST_NAME'] == "" ? $_SERVER["SERVER_NAME"] : $GLOBALS['MAIL_HOST_NAME'];
if (is_array($MAIL_SMTP_OPTIONS)) {
foreach ($MAIL_SMTP_OPTIONS as $key => $value) {
$mail_transporter->{"smtp_{$key}"} = $value;
}
if ($mail_transporter->smtp_user !== '') {
include 'vendor/sasl/sasl.php';
}
}
}
$mail_transporter->default_charset = 'WINDOWS-1252';
$mail_transporter->SetBulkMail((int) $GLOBALS['MAIL_BULK_DELIVERY']);
StudipMail::setDefaultTransporter($mail_transporter);
unset($mail_transporter);
}
/**
* Imports a line of the table into the Stud.IP database if the check returns no errors.
* @param array $line : array of fields
* @return array : array('found' => true|false, 'errors' => "Error message", 'pk' => "primary key")
*/
public function importLine($line)
{
$plugin = $this->getPlugin();
$classname = $this['import_type'];
if (!$classname) {
return array();
}
$data = $this->getMappedData($line);
$pk = $this->getPrimaryKey($data);
//Last chance to quit:
$error = $this->checkLine($line, $data, $pk);
$output = array();
$object = new $classname($pk);
if (!$object->isNew()) {
$output['found'] = true;
$output['pk'] = $pk;
foreach ((array) $this['tabledata']['ignoreonupdate'] as $fieldname) {
unset($data[$fieldname]);
}
} else {
$output['found'] = false;
}
foreach ($data as $fieldname => $value) {
if ($value !== false && in_array($fieldname, $this->getTargetFields())) {
$object[$fieldname] = $value;
if ($classname === "User" && $fieldname === "password") {
$object[$fieldname] = UserManagement::getPwdHasher()->HashPassword($value);
}
}
}
if (method_exists($object, "getFullName")) {
$error['name'] = $output['name'] = $object->getFullName();
} elseif ($object->isField("name")) {
$error['name'] = $output['name'] = $object['name'];
} elseif ($object->isField("title")) {
$error['name'] = $output['name'] = $object['title'];
}
if ($error && $error['errors']) {
//exit here to have the name of the object in the log
return $error;
}
if ($plugin) {
$plugin->beforeUpdate($object, $line, $data);
}
$object->store();
$output['pk'] = (array) $object->getId();
//Dynamic special fields:
switch ($classname) {
case "Course":
//fleximport_dozenten
foreach ($data['fleximport_dozenten'] as $dozent_id) {
$seminar = new Seminar($object->getId());
$seminar->addMember($dozent_id, 'dozent');
}
//fleximport_related_institutes
if (!$data['fleximport_related_institutes']) {
$data['fleximport_related_institutes'] = array($object['institut_id']);
} else {
if (!in_array($object['institut_id'], $data['fleximport_related_institutes'])) {
$data['fleximport_related_institutes'][] = $object['institut_id'];
}
}
foreach ($data['fleximport_related_institutes'] as $institut_id) {
$insert = DBManager::get()->prepare("\n INSERT IGNORE INTO seminar_inst\n SET seminar_id = :seminar_id,\n institut_id = :institut_id\n ");
$insert->execute(array('seminar_id' => $object->getId(), 'institut_id' => $institut_id));
}
if ($this['tabledata']['simplematching']["fleximport_course_userdomains"]['column'] || in_array("fleximport_course_userdomains", $this->fieldsToBeDynamicallyMapped())) {
$statement = DBManager::get()->prepare("\n SELECT userdomain_id\n FROM seminar_userdomains\n WHERE seminar_id = ?\n ");
$statement->execute(array($object->getId()));
$olddomains = $statement->fetchAll(PDO::FETCH_COLUMN, 0);
foreach (array_diff($data['fleximport_user_inst'], $olddomains) as $to_add) {
$domain = new UserDomain($to_add);
$domain->addSeminar($object->getId());
}
foreach (array_diff($olddomains, $data['fleximport_user_inst']) as $to_remove) {
$domain = new UserDomain($to_remove);
$domain->removeSeminar($object->getId());
}
}
break;
case "User":
if ($this['tabledata']['simplematching']["fleximport_user_inst"]['column'] || in_array("fleximport_user_inst", $this->fieldsToBeDynamicallyMapped())) {
if ($object['perms'] !== "root") {
foreach ($data['fleximport_user_inst'] as $institut_id) {
$member = new InstituteMember(array($object->getId(), $institut_id));
$member['inst_perms'] = $object['perms'];
$member->store();
}
}
}
if ($this['tabledata']['simplematching']["fleximport_userdomains"]['column'] || in_array("fleximport_userdomains", $this->fieldsToBeDynamicallyMapped())) {
$olddomains = UserDomain::getUserDomainsForUser($object->getId());
foreach ($olddomains as $olddomain) {
if (!in_array($olddomain->getID(), (array) $data['fleximport_userdomains'])) {
$olddomain->removeUser($object->getId());
}
}
foreach ($data['fleximport_userdomains'] as $userdomain) {
$domain = new UserDomain($userdomain);
$domain->addUser($object->getId());
}
AutoInsert::instance()->saveUser($object->getId());
foreach ($data['fleximport_userdomains'] as $domain_id) {
if (!in_array($domain_id, $olddomains)) {
$welcome = FleximportConfig::get("USERDOMAIN_WELCOME_" . $domain_id);
if ($welcome) {
foreach ($object->toArray() as $field => $value) {
$welcome = str_replace("{{" . $field . "}}", $value, $welcome);
}
foreach ($line as $field => $value) {
$welcome = str_replace("{{" . $field . "}}", $value, $welcome);
}
if (strpos($welcome, "\n") === false) {
$subject = _("Willkommen!");
} else {
$subject = strstr($welcome, "\n", true);
$welcome = substr($welcome, strpos($welcome, "\n") + 1);
}
$messaging = new messaging();
$count = $messaging->insert_message($welcome, $object->username, '____%system%____', null, null, null, null, $subject, true, 'normal');
}
}
}
}
if ($this['tabledata']['simplematching']["fleximport_expiration_date"]['column'] || in_array("fleximport_expiration_date", $this->fieldsToBeDynamicallyMapped())) {
if ($data['fleximport_expiration_date']) {
UserConfig::get($object->getId())->store("EXPIRATION_DATE", $data['fleximport_expiration_date']);
} else {
UserConfig::get($object->getId())->delete("EXPIRATION_DATE");
}
}
if ($output['found'] === false && $data['fleximport_welcome_message'] !== "none") {
$user_language = getUserLanguagePath($object->getId());
setTempLanguage(false, $user_language);
if ($data['fleximport_welcome_message'] && FleximportConfig::get($data['fleximport_welcome_message'])) {
$message = FleximportConfig::get($data['fleximport_welcome_message']);
foreach ($data as $field => $value) {
$message = str_replace("{{" . $field . "}}", $value, $message);
}
foreach ($line as $field => $value) {
if (!in_array($field, $data)) {
$message = str_replace("{{" . $field . "}}", $value, $message);
}
}
if (strpos($message, "\n") === false) {
$subject = dgettext($user_language, "Anmeldung Stud.IP-System");
} else {
$subject = strstr($message, "\n", true);
$message = substr($message, strpos($message, "\n") + 1);
}
} else {
$Zeit = date("H:i:s, d.m.Y", time());
$this->user_data = array('auth_user_md5.username' => $object['username'], 'auth_user_md5.perms' => $object['perms'], 'auth_user_md5.Vorname' => $object['vorname'], 'auth_user_md5.Nachname' => $object['nachname'], 'auth_user_md5.Email' => $object['email']);
$password = $data['password'];
//this is the not hashed password in cleartext
include "locale/{$user_language}/LC_MAILS/create_mail.inc.php";
$message = $mailbody;
}
if ($message) {
$mail = new StudipMail();
$mail->addRecipient($object['email'], $object->getFullName());
$mail->setSubject($subject);
$mail->setBodyText($message);
$mail->setBodyHtml(formatReady($message));
if (Config::get()->MAILQUEUE_ENABLE) {
MailQueueEntry::add($mail);
} else {
$mail->send();
}
}
restoreLanguage();
}
break;
}
//Datafields:
$datafields = array();
switch ($classname) {
case "Course":
$datafields = Datafield::findBySQL("object_type = 'sem'");
break;
case "User":
$datafields = Datafield::findBySQL("object_type = 'user'");
break;
case "CourseMember":
$datafields = Datafield::findBySQL("object_type = 'usersemdata'");
break;
}
foreach ($datafields as $datafield) {
$fieldname = $datafield['name'];
if (isset($data[$fieldname])) {
$entry = new DatafieldEntryModel(array($datafield->getId(), $object->getId(), ""));
$entry['content'] = $data[$fieldname];
$entry->store();
}
}
if ($classname === "Course") {
if ($this['tabledata']['simplematching']["fleximport_studyarea"]['column'] || in_array("fleximport_studyarea", $this->fieldsToBeDynamicallyMapped())) {
//Studienbereiche:
$remove = DBManager::get()->prepare("\n DELETE FROM seminar_sem_tree\n WHERE seminar_id = :seminar_id\n ");
$remove->execute(array('seminar_id' => $object->getId()));
if ($GLOBALS['SEM_CLASS'][$GLOBALS['SEM_TYPE'][$data['status']]['class']]['bereiche']) {
foreach ($data['fleximport_studyarea'] as $sem_tree_id) {
$insert = DBManager::get()->prepare("\n INSERT IGNORE INTO seminar_sem_tree\n SET sem_tree_id = :sem_tree_id,\n seminar_id = :seminar_id\n ");
$insert->execute(array('sem_tree_id' => $sem_tree_id, 'seminar_id' => $object->getId()));
}
}
}
if ($this['tabledata']['simplematching']["fleximport_locked"]['column'] || in_array("fleximport_locked", $this->fieldsToBeDynamicallyMapped())) {
//Lock or unlock course
if ($data['fleximport_locked']) {
CourseSet::addCourseToSet(CourseSet::getGlobalLockedAdmissionSetId(), $object->getId());
} elseif (in_array($data['fleximport_locked'], array("0", 0)) && $data['fleximport_locked'] !== "") {
CourseSet::removeCourseFromSet(CourseSet::getGlobalLockedAdmissionSetId(), $object->getId());
}
}
$folder_exist = DBManager::get()->prepare("\n SELECT 1 FROM folder WHERE range_id = ?\n ");
$folder_exist->execute(array($object->getId()));
if (!$folder_exist->fetch()) {
$insert_folder = DBManager::get()->prepare("\n INSERT IGNORE INTO folder\n SET folder_id = MD5(CONCAT(:seminar_id, 'allgemeine_dateien')),\n range_id = :seminar_id,\n user_id = :user_id,\n name = :name,\n description = :description,\n mkdate = UNIX_TIMESTAMP(),\n chdate = UNIX_TIMESTAMP()\n ");
$insert_folder->execute(array('seminar_id' => $object->getId(), 'user_id' => $GLOBALS['user']->id, 'name' => _("Allgemeiner Dateiordner"), 'description' => _("Ablage für allgemeine Ordner und Dokumente der Veranstaltung")));
}
}
if ($plugin && !$object->isNew()) {
$plugin->afterUpdate($object, $line);
}
return $output;
}
/**
* This sends an email to the user to recognize him/her that he/she was
* mentioned in a blubber.
* @param type $posting
*/
public function mention($posting)
{
$url = $GLOBALS['ABSOLUTE_URI_STUDIP'] . "plugins.php/blubber/streams/thread/" . $posting['root_id'] . ($posting['context_type'] === "course" ? '?cid=' . $posting['Seminar_id'] : "");
$message = sprintf(_("%s hat Sie in einem Blubber erwähnt. Zum Beantworten klicken auf Sie auf folgenen Link:\n\n%s\n"), get_fullname(), $url);
StudipMail::sendMessage($this['mail_identifier'], _("Sie wurden erwähnt."), $message);
}
function edit_email($user, $email, $force = False)
{
$msg = '';
$query = "SELECT email, username, auth_plugin\n FROM auth_user_md5\n WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($user->user_id));
$row = $statement->fetch(PDO::FETCH_ASSOC);
$email_cur = $row['email'];
$username = $row['username'];
$auth_plugin = $row['auth_plugin'];
if ($email_cur == $email && !$force) {
return array(True, $msg);
}
if (StudipAuthAbstract::CheckField("auth_user_md5.Email", $auth_plugin) || LockRules::check($user->user_id, 'email')) {
return array(False, $msg);
}
if (!$GLOBALS['ALLOW_CHANGE_EMAIL']) {
return array(False, $msg);
}
$validator = new email_validation_class();
## Klasse zum Ueberpruefen der Eingaben
$validator->timeout = 10;
$REMOTE_ADDR = $_SERVER["REMOTE_ADDR"];
$Zeit = date("H:i:s, d.m.Y", time());
// accept only registered domains if set
$email_restriction = trim(get_config('EMAIL_DOMAIN_RESTRICTION'));
if (!$validator->ValidateEmailAddress($email, $email_restriction)) {
if ($email_restriction) {
$email_restriction_msg_part = '';
$email_restriction_parts = explode(',', $email_restriction);
for ($email_restriction_count = 0; $email_restriction_count < count($email_restriction_parts); $email_restriction_count++) {
if ($email_restriction_count == count($email_restriction_parts) - 1) {
$email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . '<br>';
} else {
if (($email_restriction_count + 1) % 3) {
$email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . ', ';
} else {
$email_restriction_msg_part .= '@' . trim($email_restriction_parts[$email_restriction_count]) . ',<br>';
}
}
}
$msg .= 'error§' . sprintf(_("Die E-Mail-Adresse fehlt, ist falsch geschrieben oder gehört nicht zu folgenden Domains:%s"), '<br>' . $email_restriction_msg_part);
} else {
$msg .= "error§" . _("Die E-Mail-Adresse fehlt oder ist falsch geschrieben!") . "§";
}
return array(False, $msg);
// E-Mail syntaktisch nicht korrekt oder fehlend
}
if (!$validator->ValidateEmailHost($email)) {
// Mailserver nicht erreichbar, ablehnen
$msg .= "error§" . _("Der Mailserver ist nicht erreichbar. Bitte überprüfen Sie, ob Sie E-Mails mit der angegebenen Adresse verschicken können!") . "§";
return array(False, $msg);
} else {
// Server ereichbar
if (!$validator->ValidateEmailBox($email)) {
// aber user unbekannt. Mail an abuse!
StudipMail::sendAbuseMessage("edit_about", "Emailbox unbekannt\n\nUser: "******"\nEmail: {$email}\n\nIP: {$REMOTE_ADDR}\nZeit: {$Zeit}\n");
$msg .= "error§" . _("Die angegebene E-Mail-Adresse ist nicht erreichbar. Bitte überprüfen Sie Ihre Angaben!") . "§";
return array(False, $msg);
}
}
$query = "SELECT Vorname, Nachname\n FROM auth_user_md5\n WHERE Email = ? AND user_id != ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($email, $user->user_id));
$row = $statement->fetch(PDO::FETCH_ASSOC);
if ($row) {
$msg .= "error§" . sprintf(_("Die angegebene E-Mail-Adresse wird bereits von einem anderen Benutzer (%s %s) verwendet. Bitte geben Sie eine andere E-Mail-Adresse an."), htmlReady($row['Vorname']), htmlReady($row['Nachname'])) . "§";
return array(False, $msg);
}
// This already moved to the controller
// $query = "UPDATE auth_user_md5 SET Email = ? WHERE user_id = ?";
// $statement = DBManager::get()->prepare($query);
// $statement->execute(array($email, $uid));
if (StudipAuthAbstract::CheckField("auth_user_md5.validation_key", $auth_plugin)) {
$msg .= "msg§" . _("Ihre E-Mail-Adresse wurde geändert!") . "§";
return array(True, $msg);
} else {
// auth_plugin does not map validation_key (what if...?)
// generate 10 char activation key
$key = '';
mt_srand((double) microtime() * 1000000);
for ($i = 1; $i <= 10; $i++) {
$temp = mt_rand() % 36;
if ($temp < 10) {
$temp += 48;
} else {
$temp += 87;
}
// a = chr(97), z = chr(122)
$key .= chr($temp);
}
$user->validation_key = $key;
$activatation_url = $GLOBALS['ABSOLUTE_URI_STUDIP'] . 'activate_email.php?uid=' . $user->user_id . '&key=' . $user->validation_key;
// include language-specific subject and mailbody with fallback to german
$lang = $GLOBALS['_language_path'];
// workaround
if ($lang == '') {
$lang = 'de';
}
include_once "locale/{$lang}/LC_MAILS/change_self_mail.inc.php";
$mail = StudipMail::sendMessage($email, $subject, $mailbody);
if (!$mail) {
return array(True, $msg);
}
$query = "UPDATE auth_user_md5 SET validation_key = ? WHERE user_id = ?";
$statement = DBManager::get()->prepare($query);
$statement->execute(array($user->validation_key, $user->user_id));
$msg .= "info§<b>" . sprintf(_('An Ihre neue E-Mail-Adresse <b>%s</b> wurde ein Aktivierungslink geschickt, dem Sie folgen müssen bevor Sie sich das nächste mal einloggen können.'), $email) . '</b>§';
log_event("USER_NEWPWD", $user->user_id);
// logging
}
return array(True, $msg);
}
/**
* Change an existing user password
*
* @param string $password
* @return bool change successful?
*/
function changePassword($password)
{
global $perm;
$this->user_data['auth_user_md5.password'] = self::getPwdHasher()->HashPassword($password);
$this->storeToDatabase();
$this->msg .= "msg§" . _("Das Passwort wurde neu gesetzt.") . "§";
// include language-specific subject and mailbody
$user_language = getUserLanguagePath($this->user_data['auth_user_md5.user_id']);
$Zeit = date("H:i:s, d.m.Y", time());
include "locale/{$user_language}/LC_MAILS/password_mail.inc.php";
// send mail
StudipMail::sendMessage($this->user_data['auth_user_md5.Email'], $subject, $mailbody);
return TRUE;
}
function setPassword () {
// Can we reach the email?
if (!$this->checkMail($this->user_data['auth_user_md5.Email'])) {
return FALSE;
}
$password = $this->generate_password(6);
$this->user_data['auth_user_md5.password'] = self::getPwdHasher()->HashPassword($password);
if (!$this->storeToDatabase()) {
$this->msg .= "error§" . _("Die Änderung konnte nicht in die Datenbank geschrieben werden.") . "§";
return FALSE;
}
$this->msg .= "msg§" . sprintf(_("Passwort von Benutzer \"%s\" neu gesetzt."), $this->user_data['auth_user_md5.username']) . "§";
// include language-specific subject and mailbody
$user_language = getUserLanguagePath($this->user_data['auth_user_md5.user_id']);
include("locale/$user_language/LC_MAILS/password_mail.inc.php");
// send mail
StudipMail::sendMessage($this->user_data['auth_user_md5.Email'], $subject, $mailbody);
log_event("USER_NEWPWD",$this->user_data['auth_user_md5.user_id']);
return TRUE;
}
function delete_action($user_id = NULL)
{
//deleting one user
if (!is_null($user_id)) {
$user = UserModel::getUser($user_id);
//check user
if (!Request::getArray('user_ids') && empty($user)) {
PageLayout::postMessage(MessageBox::error(_('Fehler! Der zu löschende Benutzer ist nicht vorhanden oder Sie haben keinen Nutzer ausgewählt.')));
//antwort ja
} elseif (!empty($user)) {
//CSRFProtection::verifyUnsafeRequest();
//if deleting user, go back to mainpage
$parent = '';
//deactivate message
if (!Request::int('mail')) {
$dev_null = new blackhole_message_class();
$default_mailer = StudipMail::getDefaultTransporter();
StudipMail::setDefaultTransporter($dev_null);
}
//preparing delete
$umanager = new UserManagement();
$umanager->getFromDatabase($user_id);
//delete
if ($umanager->deleteUser(Request::option('documents', false))) {
$details = explode('§', str_replace(array('msg§', 'info§', 'error§'), '', substr($umanager->msg, 0, -1)));
PageLayout::postMessage(MessageBox::success(htmlReady(sprintf(_('Der Benutzer "%s %s (%s)" wurde erfolgreich gelöscht.'), $user['Vorname'], $user['Nachname'], $user['username'])), $details));
} else {
$details = explode('§', str_replace(array('msg§', 'info§', 'error§'), '', substr($umanager->msg, 0, -1)));
PageLayout::postMessage(MessageBox::error(htmlReady(sprintf(_('Fehler! Der Benutzer "%s %s (%s)" konnte nicht gelöscht werden.'), $user['Vorname'], $user['Nachname'], $user['username'])), $details));
}
//reavtivate messages
if (!Request::int('mail')) {
StudipMail::setDefaultTransporter($default_mailer);
}
//sicherheitsabfrage
} else {
$user_ids = Request::getArray('user_ids');
if (count($user_ids) == 0) {
PageLayout::postMessage(MessageBox::error(_('Bitte wählen Sie mindestens einen Benutzer zum Löschen aus.')));
$this->redirect('show' . $parent);
return;
}
//CSRFProtection::verifyUnsafeRequest();
//deactivate message
if (!Request::int('mail')) {
$dev_null = new blackhole_message_class();
$default_mailer = StudipMail::getDefaultTransporter();
StudipMail::setDefaultTransporter($dev_null);
}
foreach ($user_ids as $i => $user_id) {
$users[$i] = UserModel::getUser($user_id);
//preparing delete
$umanager = new UserManagement();
$umanager->getFromDatabase($user_id);
//delete
if ($umanager->deleteUser(Request::option('documents', false))) {
$details = explode('§', str_replace(array('msg§', 'info§', 'error§'), '', substr($umanager->msg, 0, -1)));
PageLayout::postMessage(MessageBox::success(htmlReady(sprintf(_('Der Benutzer "%s %s (%s)" wurde erfolgreich gelöscht'), $users[$i]['Vorname'], $users[$i]['Nachname'], $users[$i]['username'])), $details));
} else {
$details = explode('§', str_replace(array('msg§', 'info§', 'error§'), '', substr($umanager->msg, 0, -1)));
PageLayout::postMessage(MessageBox::error(htmlReady(sprintf(_('Fehler! Der Benutzer "%s %s (%s)" konnte nicht gelöscht werden'), $users[$i]['Vorname'], $users[$i]['Nachname'], $users[$i]['username'])), $details));
}
}
//reactivate messages
if (!Request::int('mail')) {
StudipMail::setDefaultTransporter($default_mailer);
}
}
}
}
/**
* convenience method for sending a qick, text based email message
* to the configured abuse adress
*
* @param string $subject
* @param string $text
* @return bool
*/
public static function sendAbuseMessage($subject, $text)
{
$mail = new StudipMail();
$abuse = $mail->getReplyToEmail();
return $mail->setSubject($subject)->setReplyToEmail('')->addRecipient($abuse)->setBodyText($text)->send();
}
/**
*
* @param $rec_user_id
* @param $snd_user_id
* @param $message
* @param $subject
* @param $message_id
*/
function sendingEmail($rec_user_id, $snd_user_id, $message, $subject, $message_id)
{
$receiver = User::find($rec_user_id);
$to = $receiver->Email;
// do not try to send mails to users without a mail address
if (!$to) {
return;
}
$rec_fullname = $receiver->getFullName();
setTempLanguage($rec_user_id);
$title = "[Stud.IP - " . $GLOBALS['UNI_NAME_CLEAN'] . "] " . kill_format(str_replace(array("\r", "\n"), '', $subject));
if ($snd_user_id != "____%system%____") {
$sender = User::find($snd_user_id);
$snd_fullname = $sender->getFullName();
$reply_to = $sender->Email;
}
$template = $GLOBALS['template_factory']->open('mail/text');
$template->set_attribute('message', kill_format($message));
$template->set_attribute('rec_fullname', $rec_fullname);
$mailmessage = $template->render();
$template = $GLOBALS['template_factory']->open('mail/html');
$template->set_attribute('lang', getUserLanguagePath($rec_user_id));
$template->set_attribute('message', $message);
$template->set_attribute('rec_fullname', $rec_fullname);
$mailhtml = $template->render();
restoreLanguage();
// Now, let us send the message
$mail = new StudipMail();
$mail->setSubject($title)->addRecipient($to, $rec_fullname)->setReplyToEmail('')->setBodyText($mailmessage);
if (strlen($reply_to)) {
$mail->setSenderEmail($reply_to)->setSenderName($snd_fullname);
}
$user_cfg = UserConfig::get($rec_user_id);
if ($user_cfg->getValue('MAIL_AS_HTML')) {
$mail->setBodyHtml($mailhtml);
}
if ($GLOBALS['ENABLE_EMAIL_ATTACHMENTS']) {
foreach (get_message_attachments($message_id) as $attachment) {
$mail->addStudipAttachment($attachment['dokument_id']);
}
}
if (!get_config("MAILQUEUE_ENABLE")) {
$mail->send();
} else {
MailQueueEntry::add($mail, $message_id, $rec_user_id);
}
}
public function share_action($range_id = null)
{
$this->range_id = $range_id ?: $this->range_id;
$this->calendar = new SingleCalendar($this->range_id);
$this->short_id = null;
if ($this->calendar->havePermission(Calendar::PERMISSION_OWN)) {
if (Request::submitted('delete_id')) {
CSRFProtection::verifySecurityToken();
IcalExport::deleteKey($GLOBALS['user']->id);
PageLayout::postMessage(MessageBox::success(_('Die Adresse, unter der Ihre Termine abrufbar sind, wurde gelöscht')));
}
if (Request::submitted('new_id')) {
CSRFProtection::verifySecurityToken();
$this->short_id = IcalExport::setKey($GLOBALS['user']->id);
PageLayout::postMessage(MessageBox::success(_('Eine Adresse, unter der Ihre Termine abrufbar sind, wurde erstellt.')));
} else {
$this->short_id = IcalExport::getKeyByUser($GLOBALS['user']->id);
}
if (Request::submitted('submit_email')) {
$email_reg_exp = '/^([-.0-9=?A-Z_a-z{|}~])+@([-.0-9=?A-Z_a-z{|}~])+\\.[a-zA-Z]{2,6}$/i';
if (preg_match($email_reg_exp, Request::get('email')) !== 0) {
$subject = '[' . get_config('UNI_NAME_CLEAN') . ']' . _('Exportadresse für Ihre Termine');
$text .= _("Diese Email wurde vom Stud.IP-System verschickt. Sie können\n auf diese Nachricht nicht antworten.") . "\n\n";
$text .= _('Über diese Adresse erreichen Sie den Export für Ihre Termine:') . "\n\n";
$text .= $GLOBALS['ABSOLUTE_URI_STUDIP'] . 'dispatch.php/ical/index/' . IcalExport::getKeyByUser($GLOBALS['user']->id);
StudipMail::sendMessage(Request::get('email'), $subject, $text);
PageLayout::postMessage(MessageBox::success(_('Die Adresse wurde verschickt!')));
} else {
PageLayout::postMessage(MessageBox::error(_('Bitte geben Sie eine gültige Email-Adresse an.')));
}
$this->short_id = IcalExport::getKeyByUser($GLOBALS['user']->id);
}
}
PageLayout::setTitle($this->getTitle($this->calendar, _('Kalender teilen oder einbetten')));
$this->createSidebar('share', $this->calendar);
$this->createSidebarFilter();
}
/**
* send out the notification messages for the passed topic. The contents
* and a link directly to the topic are added to the messages.
*
* @param string $topic_id
*/
static function notify($topic_id)
{
// send message to all abo-users
$db = DBManager::get();
$messaging = new ForumBulkMail();
// $messaging = new Messaging();
// get all parent topic-ids, to find out which users to notify
$path = ForumEntry::getPathToPosting($topic_id);
// fetch all users to notify, exlcude current user
$stmt = $db->prepare("SELECT DISTINCT user_id\n FROM forum_abo_users\n WHERE topic_id IN (:topic_ids)\n AND user_id != :user_id");
$stmt->bindParam(':topic_ids', array_keys($path), StudipPDO::PARAM_ARRAY);
$stmt->bindParam(':user_id', $GLOBALS['user']->id);
$stmt->execute();
// get details for topic
$topic = ForumEntry::getConstraints($topic_id);
$template_factory = new Flexi_TemplateFactory(dirname(__FILE__) . '/../views');
$template = $template_factory->open('index/_mail_notification');
// notify users
while ($data = $stmt->fetch(PDO::FETCH_ASSOC)) {
$user_id = $data['user_id'];
// create subject and content
setTempLanguage(get_userid($user_id));
// check if user wants an email for all or selected messages only
$force_email = false;
if ($messaging->user_wants_email($user_id)) {
$force_email = true;
}
$parent_id = ForumEntry::getParentTopicId($topic['topic_id']);
setTempLanguage($data['user_id']);
$notification = sprintf(_("%s hat einen Beitrag geschrieben"), $topic['anonymous'] ? _('Anonym') : $topic['author']);
restoreLanguage();
PersonalNotifications::add($user_id, UrlHelper::getUrl('plugins.php/coreforum/index/index/' . $topic['topic_id'] . '#' . $topic['topic_id'], array('cid' => $topic['seminar_id']), true), $notification, "forumposting_" . $topic['topic_id'], Icon::create('forum', 'clickable')->asImagePath(40));
if ($force_email) {
$title = implode(' >> ', ForumEntry::getFlatPathToPosting($topic_id));
$subject = addslashes(_('[Forum]') . ' ' . ($title ?: _('Neuer Beitrag')));
$htmlMessage = $template->render(compact('user_id', 'topic', 'path'));
$textMessage = trim(kill_format($htmlMessage));
$userWantsHtml = UserConfig::get($user_id)->getValue('MAIL_AS_HTML');
StudipMail::sendMessage(User::find($user_id)->email, $subject, addslashes($textMessage), $userWantsHtml ? $htmlMessage : null);
}
restoreLanguage();
}
$messaging->bulkSend();
}
public function triggerImport()
{
$processes = FleximportProcess::findBySQL("triggered_by_cronjob = '1' ORDER BY name ASC");
if ($GLOBALS['FLEXIMPORT_IS_CRONJOB']) {
echo "Starting Import at " . date("c") . "\n\n";
}
foreach ($processes as $process) {
foreach ($process->tables as $table) {
//import data if needed
$table->fetchData();
}
}
if ($GLOBALS['FLEXIMPORT_IS_CRONJOB']) {
echo "Fetching data finished at " . date("c") . "\n";
}
$protocol = array();
foreach ($processes as $process) {
foreach ($process->tables as $table) {
if ($GLOBALS['FLEXIMPORT_IS_CRONJOB']) {
echo "\nStarting Import of " . $table['name'] . " at " . date("c") . "\n";
}
$protocol = array_merge($protocol, $table->doImport());
}
}
if (count($protocol) && $GLOBALS['FLEXIMPORT_IS_CRONJOB'] && FleximportConfig::get("REPORT_CRONJOB_ERRORS")) {
$message = _("Es hat folgende Probleme beim Import gegeben:");
$message .= "\n" . implode("\n", $protocol);
$mail = new StudipMail();
$mail->setSubject(_("Fleximport Fehlerbericht von Stud.IP"));
$mail->setBodyText($message);
$emails = preg_split("/\\s*[,;\\s]+\\s*/", FleximportConfig::get("REPORT_CRONJOB_ERRORS"), null, PREG_SPLIT_NO_EMPTY);
foreach ($emails as $email) {
$mail->addRecipient($email);
}
$mail->send();
}
if ($GLOBALS['FLEXIMPORT_IS_CRONJOB']) {
echo implode("\n", $protocol);
}
if ($GLOBALS['FLEXIMPORT_IS_CRONJOB']) {
echo "\nImport ends at " . date("c") . "\n";
}
}
