/** * postEmail * * After some security and sanity checks, attaches the body and subject * of the message in reply to this thread item * * Parameters: * mailinfo - (array) of information about the email, with at least the * following keys * - mid - (string) email message-id * - name - (string) personal name of email originator * - email - (string<email>) originating email address * - subject - (string) email subject line (decoded) * - body - (string) email message body (decoded) */ function postEmail($mailinfo) { global $ost; // +==================+===================+=============+ // | Orig Thread-Type | Reply Thread-Type | Requires | // +==================+===================+=============+ // | * | Message (M) | From: Owner | // | * | Note (N) | From: Staff | // | Response (R) | Message (M) | | // | Message (M) | Response (R) | From: Staff | // +------------------+-------------------+-------------+ if (!($ticket = $this->getTicket())) { // Kind of hard to continue a discussion without a ticket ... return false; } elseif ($this->getEmailMessageId() == $mailinfo['mid']) { // Reporting success so the email can be moved or deleted. return true; } // Mail sent by this system will have a message-id format of // <*****@*****.**> // where code is a predictable string based on the SECRET_SALT of // this osTicket installation. If this incoming mail matches the // code, then it very likely originated from this system and looped $msgId_info = Mailer::decodeMessageId($mailinfo['mid']); if ($msgId_info['loopback']) { // This mail was sent by this system. It was received due to // some kind of mail delivery loop. It should not be considered // a response to an existing thread entry if ($ost) { $ost->log(LOG_ERR, _S('Email loop detected'), sprintf(_S('It appears as though <%s> is being used as a forwarded or fetched email account and is also being used as a user / system account. Please correct the loop or seek technical assistance.'), $mailinfo['email']), false, true); } return true; } $vars = array('mid' => $mailinfo['mid'], 'header' => $mailinfo['header'], 'ticketId' => $ticket->getId(), 'poster' => $mailinfo['name'], 'origin' => 'Email', 'source' => 'Email', 'ip' => '', 'reply_to' => $this, 'recipients' => $mailinfo['recipients'], 'to-email-id' => $mailinfo['to-email-id']); $errors = array(); if (isset($mailinfo['attachments'])) { $vars['attachments'] = $mailinfo['attachments']; } $body = $mailinfo['message']; // Disambiguate if the user happens also to be a staff member of the // system. The current ticket owner should _always_ post messages // instead of notes or responses if ($mailinfo['userId'] || strcasecmp($mailinfo['email'], $ticket->getEmail()) == 0) { $vars['message'] = $body; $vars['userId'] = $mailinfo['userId'] ?: $ticket->getUserId(); return $ticket->postMessage($vars, 'Email'); } elseif (($E = UserEmail::lookup($mailinfo['email'])) && ($C = Collaborator::lookup(array('ticketId' => $ticket->getId(), 'userId' => $E->user_id)))) { $vars['userId'] = $C->getUserId(); $vars['message'] = $body; return $ticket->postMessage($vars, 'Email'); } elseif ($mailinfo['staffId'] || ($mailinfo['staffId'] = Staff::getIdByEmail($mailinfo['email']))) { $vars['staffId'] = $mailinfo['staffId']; $poster = Staff::lookup($mailinfo['staffId']); $vars['note'] = $body; return $ticket->postNote($vars, $errors, $poster); } elseif (Email::getIdByEmail($mailinfo['email'])) { // Don't process the email -- it came FROM this system return true; } elseif (isset($mailinfo['thread-type'])) { switch ($mailinfo['thread-type']) { case 'N': $vars['note'] = $body; $poster = $mailinfo['email']; return $ticket->postNote($vars, $errors, $poster); } } else { //XXX: Are we potentially leaking the email address to // collaborators? $header = sprintf("Received From: %s <%s>\n\n", $mailinfo['name'], $mailinfo['email']); if ($body instanceof HtmlThreadBody) { $header = nl2br(Format::htmlchars($header)); } // Add the banner to the top of the message if ($body instanceof ThreadBody) { $body->prepend($header); } $vars['message'] = $body; $vars['userId'] = 0; //Unknown user! //XXX: Assume ticket owner? return $ticket->postMessage($vars, 'Email'); } // Currently impossible, but indicate that this thread object could // not append the incoming email. return false; }