case 'subject': if (gettype($body->contact->subject) != 'string' || strlen($body->contact->subject) > 280) { throw new InvalidField('subject'); } break; case 'message': if (gettype($body->contact->message) != 'string' || strlen($body->contact->message) > 16000) { throw new InvalidField('message'); } break; } } } // Sending mail $mailer = new Mailer(); $mailer->sendMail('user_message.html', Tool::getConfig()['msg_alerts']['local_admins'], '[MSG] ' . $body->contact->subject, ['firstname' => $body->contact->firstname, 'lastname' => $body->contact->lastname, 'email' => $body->contact->email, 'message' => $body->contact->message], [$body->contact->email => $body->contact->firstname . ' ' . $body->contact->lastname]); // also saving message in database $message = new Message(); $message->first_name = $body->contact->firstname; $message->last_name = $body->contact->lastname; $message->email = $body->contact->email; $message->subject = $body->contact->subject; $message->message = $body->contact->message; $message->sent = DB::raw('NOW()'); $message->save(); Tool::endWithJson(["success" => true]); }); // HTTP REST Map $app->post('/message', $send); $app->options('/message', function () { });
private function alertAdminsOfXMLErrors($plugin) { $errors = []; if ($plugin->xml_state == 'bad_xml_url') { $errors[] = ['reason' => 'url', 'url' => $plugin->xml_url]; } elseif ($plugin->xml_state == 'xml_error') { // Reevaluating Errors with previous plain-text xml, // using the collectMode of ValidableXMLPluginDescription $xml = new ValidableXMLPluginDescription($this->currentXml, true); $xml->validate(); foreach ($xml->errors as $_error) { $error = []; $error['reason'] = $_error->getInfo('reason'); switch ($error['reason']) { case 'parse': $error['line'] = $_error->getInfo('line'); $error['errstring'] = $_error->getInfo('errstring'); case 'field': $error['field'] = $_error->getInfo('field'); $error['errstring'] = $_error->getInfo('errstring'); } $errors[] = $error; } } else { return; } $permissions = $plugin->permissions; foreach ($permissions as $user) { if ($user->pivot->admin || $user->pivot->allowed_notifications) { $mailer = new Mailer(); $mailer->sendMail('xml_error.html', [$user->email], '"' . $plugin->key . '"' . ' Plugin\'s XML has turned invalid', ['errors' => $errors, 'plugin' => $plugin, 'user' => $user]); } } }
$user = User::where('id', '=', $user_id)->first(); // We ensure the recatpcha_response // is provided as a string if (!isset($body->recaptcha_response) || gettype($body->recaptcha_response) != 'string') { throw new InvalidRecaptcha(); } // and we verify it with recaptcha Tool::assertRecaptchaValid($body->recaptcha_response); if (!isset($body->author) || gettype($body->author) != 'string' || strlen($body->author) > 90) { throw new InvalidField('author'); } if (!($author = Author::where('name', '=', $body->author)->first())) { throw new ResourceNotFound('Author', $body->author); } $mailer = new Mailer(); $mailer->sendMail('authorship_claim.html', Tool::getConfig()['msg_alerts']['local_admins'], 'User ' . $user->username . ' claim authorship', ['user' => $user->toArray(), 'author' => $author->toArray()]); $app->halt(200); }); // HTTP REST Map $app->get('/author', $all); $app->get('/author/top', $top); $app->get('/author/:id', $single); $app->get('/author/:id/plugin', $author_plugins); $app->post('/claimauthorship', $claim_authorship); $app->options('/author', function () { }); $app->options('/author/top', function () { }); $app->options('/author/:id', function ($id) { }); $app->options('/author/:id/plugin', function ($id) {
// $recaptchaStuff = new ReCaptcha(Tool::getConfig()['recaptcha_secret']); // $resp = $recaptchaStuff->verify($body->recaptcha_response); // if (!$resp->isSuccess()) { // throw new InvalidRecaptcha; // } // -- </this_is_not_used_for_now> $user = User::where('email', '=', $body->email)->first(); if (!$user) { throw new AccountNotFound(); } $resetPasswordToken = new ResetPasswordToken(); $resetPasswordToken->token = Tool::randomSha1(); $resetPasswordToken->user_id = $user->id; $resetPasswordToken->save(); $mailer = new Mailer(); $mailer->sendMail('reset_your_password.html', [$user->email], 'Reset your GLPi Plugin Directory password', ['user' => $user, 'reset_password_token' => $resetPasswordToken->token]); $app->halt(200); }); $user_reset_password = Tool::makeEndpoint(function () use($app) { $body = Tool::getBody(); // rejecting if token not provided as a string if (!isset($body->token) || gettype($body->token) !== 'string') { throw new WrongPasswordResetToken(); } $token = ResetPasswordToken::where('token', '=', $body->token)->first(); // rejecting if no password given if (!isset($body->password) || gettype($body->password) !== 'string') { throw new InvalidField('password'); } // rejecting if request isn't signed by // a recaptcha captcha
$xml = $xml->contents; if (Plugin::where('key', '=', $xml->key)->count() > 0) { throw new UnavailableName('Plugin', $xml->key); } $plugin = new Plugin(); $plugin->xml_url = $body->plugin_url; $plugin->date_added = DB::raw('NOW()'); $plugin->active = false; $plugin->download_count = 0; $plugin->save(); $plugin->permissions()->attach($user); $user = $plugin->permissions()->where('user_id', '=', $user->id)->first(); $user->pivot['admin'] = true; $user->pivot->save(); $mailer = new Mailer(); $mailer->sendMail('plugin_submission.html', Tool::getConfig()['msg_alerts']['local_admins'], '[PLUGIN SUBMISSION] ' . $xml->name . ' (' . $xml->key . ')', ['plugin_xml' => (array) $xml]); Tool::endWithJson(["success" => true]); }); // HTTP REST Map $app->get('/plugin', $all); $app->post('/plugin', $submit); $app->get('/plugin/new', $new); $app->get('/plugin/popular', $popular); $app->get('/plugin/trending', $trending); $app->get('/plugin/updated', $updated); $app->get('/plugin/rss_new', $rss_new); $app->get('/plugin/rss_updated', $rss_updated); $app->post('/plugin/star', $star); $app->get('/plugin/:key', $single); $app->get('/panel/plugin/:key', $single_authormode_view); $app->post('/panel/plugin/:key', $single_authormode_edit);