// | Copyright (c) 2000-2010 WS Interactive | // +----------------------------------------------------------------------+ // | Automne is subject to version 2.0 or above of the GPL license. | // | The license text is bundled with this package in the file | // | LICENSE-GPL, and is available through the world-wide-web at | // | http://www.gnu.org/copyleft/gpl.html. | // +----------------------------------------------------------------------+ // | Author: Sébastien Pauchet <*****@*****.**> | // +----------------------------------------------------------------------+ // // $Id: no-rights.php,v 1.4 2010/03/08 16:41:19 sebastien Exp $ /** * PHP page : No page info * Return info when no visible page is available * * @package Automne * @subpackage admin * @author Sébastien Pauchet <*****@*****.**> */ require_once dirname(__FILE__) . '/../../cms_rc_admin.php'; define("MESSAGE_PAGE_NO_PAGE_RIGHT", 692); //load interface instance $view = CMS_view::getInstance(); $view->addCSSFile('main'); $view->addCSSFile('info'); $content = ' <div id="atm-center"> <div class="atm-alert atm-alert-green">' . $cms_language->getMessage(MESSAGE_PAGE_NO_PAGE_RIGHT) . (sensitiveIO::isValidEmail(APPLICATION_MAINTAINER_EMAIL) ? ' (<a href="mailto:' . APPLICATION_MAINTAINER_EMAIL . '">' . APPLICATION_MAINTAINER_EMAIL . '</a>)' : '') . '.</div> </div>'; $view->setContent($content); $view->show(CMS_view::SHOW_HTML);
/** * Module script task * @param array $parameters the task parameters * task : string task to execute * object : string module codename for the task * field : string module uid * ... : optional field relative parameters * @return Boolean true/false * @access public */ function scriptTask($parameters) { switch ($parameters['task']) { case 'emailNotification': @set_time_limit(300); $module = CMS_poly_object_catalog::getModuleCodenameForField($this->_field->getID()); //create a new script for all recipients $allUsers = $this->_getRecipients($parameters['object']); foreach ($allUsers as $userId) { //add script to send email for user if needed CMS_scriptsManager::addScript($module, array('task' => 'emailSend', 'user' => $userId, 'field' => $parameters['field'], 'object' => $parameters['object'])); } //then set sending date to current date $sendingDate = new CMS_date(); $sendingDate->setNow(); $this->_subfieldValues[1]->setValue($sendingDate->getDBValue()); $this->writeToPersistence(); break; case 'emailSend': @set_time_limit(300); $params = $this->getParamsValues(); if (!sensitiveIO::isPositiveInteger($parameters['user'])) { return false; } //instanciate script related item $item = CMS_poly_object_catalog::getObjectByID($parameters['object'], false, true); if (!is_object($item) || $item->hasError()) { return false; } //instanciate user $cms_user = new CMS_profile_user($parameters['user']); //check user if (!$cms_user || $cms_user->hasError() || !$cms_user->isActive() || $cms_user->isDeleted() || !sensitiveIO::isValidEmail($cms_user->getEmail())) { return false; } $cms_language = $cms_user->getLanguage(); //globalise cms_user and cms_language $GLOBALS['cms_language'] = $cms_user->getLanguage(); $GLOBALS['cms_user'] = $cms_user; //check user clearance on object if (!$item->userHasClearance($cms_user, CLEARANCE_MODULE_VIEW)) { return false; } //create email subject $parameters['item'] = $item; $parameters['public'] = true; $polymodParsing = new CMS_polymod_definition_parsing($params['emailSubject'], false); $subject = $polymodParsing->getContent(CMS_polymod_definition_parsing::OUTPUT_RESULT, $parameters); $body = ''; //create email body if ($params['emailBody']['type'] == 1) { //send body $parameters['module'] = CMS_poly_object_catalog::getModuleCodenameForField($this->_field->getID()); $polymodParsing = new CMS_polymod_definition_parsing($params['emailBody']['html'], true, CMS_polymod_definition_parsing::PARSE_MODE, $parameters['module']); $body = $polymodParsing->getContent(CMS_polymod_definition_parsing::OUTPUT_RESULT, $parameters); } elseif ($params['emailBody']['type'] == 2) { //send a page $page = CMS_tree::getPageById($params['emailBody']['pageID']); if (!$page || $page->hasError()) { $this->raiseError('Page ID is not a valid page : ' . $params['emailBody']['pageID']); return false; } $pageHTMLFile = new CMS_file($page->getHTMLURL(false, false, PATH_RELATIVETO_FILESYSTEM)); if (!$pageHTMLFile->exists()) { $this->raiseError('Page HTML file does not exists : ' . $page->getHTMLURL(false, false, PATH_RELATIVETO_FILESYSTEM)); return false; } $body = $pageHTMLFile->readContent(); //create page URL call $polymodParsing = new CMS_polymod_definition_parsing($params['emailBody']['pageURL'], false); $pageURL = $polymodParsing->getContent(CMS_polymod_definition_parsing::OUTPUT_RESULT, $parameters); parse_str($pageURL, $GLOBALS['_REQUEST']); //$GLOBALS['_REQUEST'] //parse and eval HTML page $cms_page_included = true; $GLOBALS['cms_page_included'] = $cms_page_included; //eval() the PHP code $body = sensitiveIO::evalPHPCode($body); $website = $page->getWebsite(); $webroot = $website->getURL(); //replace URLs values $replace = array('="/' => '="' . $webroot . '/', "='/" => "='" . $webroot . "/", "url(/" => "url(" . $webroot . "/"); $body = str_replace(array_keys($replace), $replace, $body); } else { $this->raiseError('No valid email type to send : ' . $params['emailBody']['type']); return false; } if (isset($sendmail)) { //$body .= print_r($sendmail,true); } //drop email sending if (isset($sendmail) && $sendmail === false) { return false; } //if no body for email or if sendmail var is set to false, quit if (!$body) { $this->raiseError('No email body to send ... Email parameters : user : '******'user'] . ' - object ' . $parameters['object']); return false; } //This code is for debug purpose only. //$testFile = new CMS_file('/test/test_'.$cms_user->getUserId().'.php', CMS_file::WEBROOT); //$testFile->setContent($body); //$testFile->writeToPersistence(); // Set email $email = new CMS_email(); $email->setSubject($subject); $email->setEmailHTML($body); $email->setEmailTo($cms_user->getEmail()); if ($params['includeFiles']) { //check for file fields attached to object $files = array(); $this->_getFieldsFiles($item, $files); if (sizeof($files)) { foreach ($files as $file) { $email->setFile($file); } } } //set email From if (!$params['emailFrom']) { $email->setFromName(APPLICATION_LABEL); $email->setEmailFrom(APPLICATION_POSTMASTER_EMAIL); } else { $email->setFromName($params['emailFrom']); $email->setEmailFrom($params['emailFrom']); } //Send if ($email->sendEmail()) { //store email sent number $this->_subfieldValues[2]->setValue($this->_subfieldValues[2]->getValue() + 1); $this->writeToPersistence(); return true; } else { return false; } break; default: $this->raiseError('No valid task given : ' . $parameters['task']); return false; break; } }
// | Copyright (c) 2000-2010 WS Interactive | // +----------------------------------------------------------------------+ // | Automne is subject to version 2.0 or above of the GPL license. | // | The license text is bundled with this package in the file | // | LICENSE-GPL, and is available through the world-wide-web at | // | http://www.gnu.org/copyleft/gpl.html. | // +----------------------------------------------------------------------+ // | Author: Sébastien Pauchet <*****@*****.**> | // +----------------------------------------------------------------------+ // // $Id: frame-error.php,v 1.2 2010/03/08 16:41:17 sebastien Exp $ /** * PHP page : No page info * Return info when no visible page is available * * @package Automne * @subpackage admin * @author Sébastien Pauchet <*****@*****.**> */ require_once dirname(__FILE__) . '/../../cms_rc_admin.php'; define("MESSAGE_PAGE_FRAME_ERROR", 1597); //load interface instance $view = CMS_view::getInstance(); $view->addCSSFile('main'); $view->addCSSFile('info'); $content = ' <div id="atm-center"> <div class="atm-alert atm-alert-green atm-frame-green">' . $cms_language->getMessage(MESSAGE_PAGE_FRAME_ERROR, array($_SERVER['HTTP_HOST'])) . (sensitiveIO::isValidEmail(APPLICATION_MAINTAINER_EMAIL) ? ' (<a href="mailto:' . APPLICATION_MAINTAINER_EMAIL . '">' . APPLICATION_MAINTAINER_EMAIL . '</a>)' : '') . '</div> </div>'; $view->setContent($content); $view->show(CMS_view::SHOW_HTML);
/** * set object Values * * @param array $values : the POST result values * @param string prefixname : the prefix used for post names * @return boolean true on success, false on failure * @access public */ function setValues($values, $prefixName) { $params = $this->getParamsValues(); if (isset($values[$prefixName . $this->_field->getID() . '_0']) && $values[$prefixName . $this->_field->getID() . '_0']) { //check string length parameter if (io::strlen($values[$prefixName . $this->_field->getID() . '_0']) > $params['maxLength']) { return false; } //check if value is a valid email (if needed) if ($values[$prefixName . $this->_field->getID() . '_0'] && $params['isEmail'] && !sensitiveIO::isValidEmail($values[$prefixName . $this->_field->getID() . '_0'])) { return false; } //check if value has no html tags if (strip_tags($values[$prefixName . $this->_field->getID() . '_0']) != $values[$prefixName . $this->_field->getID() . '_0']) { return false; } //check match expression if any if ($params['matchExp'] && !preg_match('#' . $params['matchExp'] . '#', $values[$prefixName . $this->_field->getID() . '_0'])) { return false; } } if (!$this->_subfieldValues[0]->setValue(io::htmlspecialchars(@$values[$prefixName . $this->_field->getID() . '_0']))) { return false; } return true; }
/** * Send the mail * * @return boolean true on success, false on failure * @access public */ function sendEmail() { if ($this->hasError()) { $this->raiseError('Cannot send email, error appened'); return false; } $emailSent = true; if (!$this->_emailTo) { $this->raiseError('emailTo can not be null'); return false; } $OB = "----=_OuterBoundary_000"; $IB = "----=_InnerBoundery_001"; $encoding = $this->_emailEncoding ? $this->_emailEncoding : APPLICATION_DEFAULT_ENCODING; if ($this->_template) { //if template is provided for email HTML, use it $template = new CMS_file($this->_template); $templateContent = $template->getContent(); $replace = array('{{subject}}' => $this->_subject, '{{body}}' => $this->_emailHTML ? $this->_emailHTML : $this->convertTextToHTML($this->_body), '{{footer}}' => $this->convertTextToHTML($this->_footer), '{{href}}' => CMS_websitesCatalog::getMainURL(), '{{charset}}' => strtoupper($encoding)); $Html = str_replace(array_keys($replace), $replace, $templateContent); } elseif ($this->_emailHTML) { //if HTML content is provided for email, use it //if this mail contain relative link, append default website address if (io::strpos($this->_emailHTML, 'href="/') !== false || io::strpos($this->_emailHTML, 'src="/') !== false) { $url = CMS_websitesCatalog::getMainURL(); $this->_emailHTML = str_replace(array('href="/', 'src="/'), array('href="' . $url . '/', 'src="' . $url . '/'), $this->_emailHTML); } $Html = $this->_emailHTML; } else { //else use text content converted to HTML $Html = $this->convertTextToHTML($this->_body . ($this->_footer ? "\n\n" . $this->_footer : '')); } $Text = $this->_body ? $this->_body . ($this->_footer ? "\n\n" . $this->_footer : '') : "Sorry, but you need an HTML compatible mailer to read this mail..."; $From = $this->_emailFrom ? $this->_emailFrom : APPLICATION_POSTMASTER_EMAIL; $FromName = $this->_fromName ? $this->_fromName : ''; $toUsers = is_array($this->_emailTo) && $this->_emailTo ? $this->_emailTo : array($this->_emailTo); $cc = is_array($this->_cc) && $this->_cc ? $this->_cc : ($this->_cc ? array($this->_cc) : ''); $bcc = is_array($this->_bcc) && $this->_bcc ? $this->_bcc : ($this->_bcc ? array($this->_bcc) : ''); $toNames = is_array($this->_toName) && $this->_toName ? $this->_toName : array($this->_toName); $Error = $this->_error ? $this->_error : ''; $Subject = $this->_subject; $AttmFiles = $this->_files; //Messages start with text/html alternatives in OB $Msg = "This is a multi-part message in MIME format.\n"; $Msg .= "\n--" . $OB . "\n"; $Msg .= "Content-Type: multipart/alternative;\n\tboundary=\"" . $IB . "\"\n\n"; //plaintext section $Msg .= "\n--" . $IB . "\n"; $Msg .= "Content-Type: text/plain;\n\tcharset=\"" . $encoding . "\"\n"; $Msg .= "Content-Transfer-Encoding: 8bit\n\n"; // plaintext goes here $Msg .= $Text . "\n\n"; // html section $Msg .= "\n--" . $IB . "\n"; $Msg .= "Content-Type: text/html;\n\tcharset=\"" . $encoding . "\"\n"; $Msg .= "Content-Transfer-Encoding: base64\n\n"; // html goes here $Msg .= chunk_split(base64_encode($Html), 76, "\n") . "\n\n"; // end of IB $Msg .= "\n--" . $IB . "--\n"; // attachments if (is_array($AttmFiles) && $AttmFiles) { foreach ($AttmFiles as $AttmFile) { $patharray = explode("/", $AttmFile); $FileName = $patharray[count($patharray) - 1]; $Msg .= "\n--" . $OB . "\n"; $Msg .= "Content-Type: application/octet-stream;\n\tname=\"" . $FileName . "\"\n"; $Msg .= "Content-Transfer-Encoding: base64\n"; $Msg .= "Content-Disposition: attachment;\n\tfilename=\"" . $FileName . "\"\n\n"; //file goes here $fd = fopen($AttmFile, "r"); $FileContent = fread($fd, filesize($AttmFile)); fclose($fd); $FileContent = chunk_split(base64_encode($FileContent), 76, "\n"); $Msg .= $FileContent; $Msg .= "\n\n"; } } if (LOG_SENDING_MAIL) { global $cms_user; $user = $cms_user ? $cms_user : CMS_profile_usersCatalog::getById(ROOT_PROFILEUSER_ID); } //message ends $Msg .= "\n--" . $OB . "--\n"; foreach ($toUsers as $key => $to) { if (sensitiveIO::isValidEmail($to)) { $headers = "MIME-Version: 1.0\n"; if ($FromName) { $headers .= "From: " . $this->EncodeHeader($FromName) . " <" . $From . ">\n"; $headers .= "Reply-To: " . $this->EncodeHeader($FromName) . " <" . $From . ">\n"; $headers .= "Return-Path: " . $this->EncodeHeader($FromName) . " <" . $From . ">\n"; $headers .= "X-Sender: " . $this->EncodeHeader($FromName) . " <" . $From . ">\n"; } else { $headers .= "From: " . $From . "\n"; $headers .= "Reply-To: " . $From . "\n"; $headers .= "Return-Path: " . $From . "\n"; $headers .= "X-Sender: " . $From . "\n"; } if (isset($toNames[$key]) && $toNames[$key]) { $to = $this->EncodeHeader($toNames[$key]) . " <" . $to . ">"; } if ($Error) { $headers .= "Errors-To: " . $Error . "\n"; } if ($cc) { $headers .= "Cc: " . implode(',', $cc) . "\n"; } if ($bcc) { $headers .= "Bcc: " . implode(',', $bcc) . "\n"; } /*$headers.="User-Agent: Automne (TM)\n";*/ //Cause email to be reported as spam $headers .= "X-Mailer: Automne (TM)\n"; $headers .= "X-Priority: 3\n"; $headers .= "Content-Type: multipart/mixed;\n\tboundary=\"" . $OB . "\"\n"; //Check drop emails list (Automne default emails) if (!in_array($to, $this->_drop) && !in_array($From, $this->_drop)) { //log in the cms_error_log the complete email if (LOG_APPLICATION_MAIL) { $this->log($to . "\n" . $this->EncodeHeader($Subject) . "\n\n" . $Msg); } //if mail deactivated always return true if (NO_APPLICATION_MAIL) { return $emailSent; } else { //send emails $sent = @mail($to, $this->EncodeHeader($Subject), $Msg, $headers); } $emailSent = $emailSent && $sent; if (LOG_SENDING_MAIL) { $log = new CMS_log(); $log->logMiscAction(CMS_log::LOG_ACTION_SEND_EMAIL, $user, 'Email To ' . $to . ', From : ' . $From . ', Subject : ' . $Subject . ', Sent : ' . ($sent ? 'Yes' : 'Error')); } } else { if (LOG_SENDING_MAIL) { $log = new CMS_log(); $log->logMiscAction(CMS_log::LOG_ACTION_SEND_EMAIL, $user, 'Email To ' . $to . ', From : ' . $From . ', Subject : ' . $Subject . ', Sent : No, Dropped because sender or receiver address is under Automne drop address list'); } else { $this->raiseError('Email to ' . $to . ', from : ' . $From . ' (subject : ' . $Subject . '), Dropped because sender or receiver address is under Automne drop address list'); } } } else { if (LOG_SENDING_MAIL) { $log = new CMS_log(); $log->logMiscAction(CMS_log::LOG_ACTION_SEND_EMAIL, $user, 'Email To ' . $to . ', From : ' . $From . ', Subject : ' . $Subject . ', Sent : No, Dropped because receiver address is not valid'); } else { $this->raiseError('Email to ' . $to . ', from : ' . $From . ' (subject : ' . $Subject . '), Dropped because receiver address is not valid'); } } } if (!$emailSent) { $this->raiseError('Email was not sent, please check your sendmail configuration or SMTP connection in php.ini'); } return $emailSent; }
} //do redirection to page if found if ($redirectTo) { CMS_view::redirect($redirectTo . (isset($_SERVER['REDIRECT_QUERY_STRING']) ? '?' . $_SERVER['REDIRECT_QUERY_STRING'] : ''), true, 301); } //then if no page found, display 404 error page header('HTTP/1.x 404 Not Found', true, 404); //Check if requested file is an image $imagesExtensions = array('jpg', 'jpeg', 'gif', 'png', 'ico'); if (isset($pathinfo['extension']) && in_array(strtolower($pathinfo['extension']), $imagesExtensions)) { if (file_exists(PATH_REALROOT_FS . '/img/404.png')) { CMS_file::downloadFile(PATH_REALROOT_FS . '/img/404.png'); } } //send an email if needed if (ERROR404_EMAIL_ALERT && sensitiveIO::isValidEmail(APPLICATION_MAINTAINER_EMAIL)) { $body = "A 404 Error occured on your website.\n"; $body .= "\n\n"; $body .= 'The requested file : ' . CMS_websitesCatalog::getMainURL() . $_SERVER['REQUEST_URI'] . ' was not found.' . "\n\n"; $body .= 'From (Referer) : ' . (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '') . "\n\n"; $body .= 'Date : ' . date('r') . "\n\n"; if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { $body .= 'User : '******'REMOTE_ADDR'] . ' (' . $_SERVER['HTTP_ACCEPT_LANGUAGE'] . ')' . "\n\n"; } else { $body .= 'User : '******'REMOTE_ADDR'] . "\n\n"; } if (isset($_SERVER['HTTP_USER_AGENT'])) { $body .= 'Browser : ' . $_SERVER['HTTP_USER_AGENT'] . "\n\n"; } $body .= 'Host : ' . $_SERVER['HTTP_HOST'] . ' (' . $_SERVER['SERVER_ADDR'] . ")\n\n"; $body .= 'This email is automaticaly sent from your website. You can stop this sending with the parameter ERROR404 EMAIL ALERT.';
/** * Sets an object value. * * @param string $valueName the name of the value to set * @param mixed $value the value to set * @return boolean true on success, false on failure * @access public */ function setValue($valueName, $value) { if (!in_array($valueName, array_keys($this->_objectValues))) { $this->raiseError("Unknown valueName to set :" . $valueName); return false; } if ($valueName == 'uuid') { $this->raiseError("Cannot change UUID"); return false; } if ($valueName == 'definition') { global $cms_language; //check definition parsing $module = CMS_poly_object_catalog::getModuleCodenameForObjectType($this->getValue('objectID')); $parsing = new CMS_polymod_definition_parsing($value, true, CMS_polymod_definition_parsing::CHECK_PARSING_MODE, $module); $errors = $parsing->getParsingError(); if ($errors) { return $errors; } } elseif ($valueName == 'email') { if (!sensitiveIO::isValidEmail($value)) { $this->raiseError("Email value must be a valid email :" . $value); return false; } } elseif ($valueName == 'link') { if ($value && io::substr($value, 0, 4) != "http") { $value = strip_tags('http://' . $value); } } else { $value = strip_tags(trim($value)); } $this->_objectValues[$valueName] = $value; if ($valueName == 'definition') { $this->compileDefinition(); } return true; }