3 * Implements Special:Emailuser
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
21 * @ingroup SpecialPage
23 use MediaWiki\MediaWikiServices
;
24 use MediaWiki\Preferences\MultiUsernameFilter
;
27 * A special page that allows users to send e-mails to other users
29 * @ingroup SpecialPage
31 class SpecialEmailUser
extends UnlistedSpecialPage
{
35 * @var User|string $mTargetObj
37 protected $mTargetObj;
39 public function __construct() {
40 parent
::__construct( 'Emailuser' );
43 public function doesWrites() {
47 public function getDescription() {
48 $target = self
::getTarget( $this->mTarget
, $this->getUser() );
49 if ( !$target instanceof User
) {
50 return $this->msg( 'emailuser-title-notarget' )->text();
53 return $this->msg( 'emailuser-title-target', $target->getName() )->text();
56 protected function getFormFields() {
57 $linkRenderer = $this->getLinkRenderer();
62 'default' => $linkRenderer->makeLink(
63 $this->getUser()->getUserPage(),
64 $this->getUser()->getName()
66 'label-message' => 'emailfrom',
67 'id' => 'mw-emailuser-sender',
72 'default' => $linkRenderer->makeLink(
73 $this->mTargetObj
->getUserPage(),
74 $this->mTargetObj
->getName()
76 'label-message' => 'emailto',
77 'id' => 'mw-emailuser-recipient',
81 'default' => $this->mTargetObj
->getName(),
85 'default' => $this->msg( 'defemailsubject',
86 $this->getUser()->getName() )->inContentLanguage()->text(),
87 'label-message' => 'emailsubject',
95 'label-message' => 'emailmessage',
100 'label-message' => 'emailccme',
101 'default' => $this->getUser()->getBoolOption( 'ccmeonemails' ),
106 public function execute( $par ) {
107 $out = $this->getOutput();
108 $request = $this->getRequest();
109 $out->addModuleStyles( 'mediawiki.special' );
111 $this->mTarget
= is_null( $par )
112 ?
$request->getVal( 'wpTarget', $request->getVal( 'target', '' ) )
115 // Make sure, that HTMLForm uses the correct target.
116 $request->setVal( 'wpTarget', $this->mTarget
);
118 // This needs to be below assignment of $this->mTarget because
119 // getDescription() needs it to determine the correct page title.
121 $this->outputHeader();
123 // error out if sending user cannot do this
124 $error = self
::getPermissionsError(
126 $this->getRequest()->getVal( 'wpEditToken' ),
135 throw new PermissionsError( 'sendemail' );
136 case 'blockedemailuser':
137 throw $this->getBlockedEmailError();
138 case 'actionthrottledtext':
139 throw new ThrottledError
;
141 case 'usermaildisabled':
142 throw new ErrorPageError( $error, "{$error}text" );
145 list( $title, $msg, $params ) = $error;
146 throw new ErrorPageError( $title, $msg, $params );
149 // Make sure, that a submitted form isn't submitted to a subpage (which could be
150 // a non-existing username)
151 $context = new DerivativeContext( $this->getContext() );
152 $context->setTitle( $this->getPageTitle() ); // Remove subpage
153 $this->setContext( $context );
155 // A little hack: HTMLForm will check $this->mTarget only, if the form was posted, not
156 // if the user opens Special:EmailUser/Florian (e.g.). So check, if the user did that
157 // and show the "Send email to user" form directly, if so. Show the "enter username"
159 $this->mTargetObj
= self
::getTarget( $this->mTarget
, $this->getUser() );
160 if ( !$this->mTargetObj
instanceof User
) {
161 $this->userForm( $this->mTarget
);
163 $this->sendEmailForm();
168 * Validate target User
170 * @param string $target Target user name
171 * @param User|null $sender User sending the email
172 * @return User|string User object on success or a string on error
174 public static function getTarget( $target, User
$sender = null ) {
175 if ( $sender === null ) {
176 wfDeprecated( __METHOD__
. ' without specifying the sending user', '1.30' );
179 if ( $target == '' ) {
180 wfDebug( "Target is empty.\n" );
185 $nu = User
::newFromName( $target );
186 $error = self
::validateTarget( $nu, $sender );
188 return $error ?
: $nu;
192 * Validate target User
194 * @param User $target Target user
195 * @param User|null $sender User sending the email
196 * @return string Error message or empty string if valid.
199 public static function validateTarget( $target, User
$sender = null ) {
200 if ( $sender === null ) {
201 wfDeprecated( __METHOD__
. ' without specifying the sending user', '1.30' );
204 if ( !$target instanceof User ||
!$target->getId() ) {
205 wfDebug( "Target is invalid user.\n" );
210 if ( !$target->isEmailConfirmed() ) {
211 wfDebug( "User has no valid email.\n" );
216 if ( !$target->canReceiveEmail() ) {
217 wfDebug( "User does not allow user emails.\n" );
219 return 'nowikiemail';
222 if ( $sender !== null && !$target->getOption( 'email-allow-new-users' ) &&
225 wfDebug( "User does not allow user emails from new users.\n" );
227 return 'nowikiemail';
230 if ( $sender !== null ) {
231 $blacklist = $target->getOption( 'email-blacklist', '' );
233 $blacklist = MultiUsernameFilter
::splitIds( $blacklist );
234 $lookup = CentralIdLookup
::factory();
235 $senderId = $lookup->centralIdFromLocalUser( $sender );
236 if ( $senderId !== 0 && in_array( $senderId, $blacklist ) ) {
237 wfDebug( "User does not allow user emails from this user.\n" );
239 return 'nowikiemail';
248 * Check whether a user is allowed to send email
251 * @param string $editToken Edit token
252 * @param Config|null $config optional for backwards compatibility
253 * @return string|null Null on success or string on error
255 public static function getPermissionsError( $user, $editToken, Config
$config = null ) {
256 if ( $config === null ) {
257 wfDebug( __METHOD__
. ' called without a Config instance passed to it' );
258 $config = MediaWikiServices
::getInstance()->getMainConfig();
260 if ( !$config->get( 'EnableEmail' ) ||
!$config->get( 'EnableUserEmail' ) ) {
261 return 'usermaildisabled';
264 // Run this before $user->isAllowed, to show appropriate message to anons (T160309)
265 if ( !$user->isEmailConfirmed() ) {
266 return 'mailnologin';
269 if ( !$user->isAllowed( 'sendemail' ) ) {
273 if ( $user->isBlockedFromEmailuser() ) {
274 wfDebug( "User is blocked from sending e-mail.\n" );
276 return "blockedemailuser";
279 // Check the ping limiter without incrementing it - we'll check it
280 // again later and increment it on a successful send
281 if ( $user->pingLimiter( 'emailuser', 0 ) ) {
282 wfDebug( "Ping limiter triggered.\n" );
284 return 'actionthrottledtext';
289 Hooks
::run( 'UserCanSendEmail', [ &$user, &$hookErr ] );
290 Hooks
::run( 'EmailUserPermissionsErrors', [ $user, $editToken, &$hookErr ] );
300 * Form to ask for target user name.
302 * @param string $name User name submitted.
303 * @return string Form asking for user name.
305 protected function userForm( $name ) {
306 $htmlForm = HTMLForm
::factory( 'ooui', [
310 'label' => $this->msg( 'emailusername' )->text(),
311 'id' => 'emailusertarget',
315 ], $this->getContext() );
318 ->setMethod( 'post' )
319 ->setSubmitCallback( [ $this, 'sendEmailForm' ] )
320 ->setFormIdentifier( 'userForm' )
321 ->setId( 'askusername' )
322 ->setWrapperLegendMsg( 'emailtarget' )
323 ->setSubmitTextMsg( 'emailusernamesubmit' )
327 public function sendEmailForm() {
328 $out = $this->getOutput();
330 $ret = $this->mTargetObj
;
331 if ( !$ret instanceof User
) {
332 if ( $this->mTarget
!= '' ) {
333 // Messages used here: notargettext, noemailtext, nowikiemailtext
334 $ret = ( $ret == 'notarget' ) ?
'emailnotarget' : ( $ret . 'text' );
335 return Status
::newFatal( $ret );
340 $htmlForm = HTMLForm
::factory( 'ooui', $this->getFormFields(), $this->getContext() );
341 // By now we are supposed to be sure that $this->mTarget is a user name
343 ->addPreText( $this->msg( 'emailpagetext', $this->mTarget
)->parse() )
344 ->setSubmitTextMsg( 'emailsend' )
345 ->setSubmitCallback( [ __CLASS__
, 'submit' ] )
346 ->setFormIdentifier( 'sendEmailForm' )
347 ->setWrapperLegendMsg( 'email-legend' )
350 if ( !Hooks
::run( 'EmailUserForm', [ &$htmlForm ] ) ) {
354 $result = $htmlForm->show();
356 if ( $result === true ||
( $result instanceof Status
&& $result->isGood() ) ) {
357 $out->setPageTitle( $this->msg( 'emailsent' ) );
358 $out->addWikiMsg( 'emailsenttext', $this->mTarget
);
359 $out->returnToMain( false, $ret->getUserPage() );
365 * Really send a mail. Permissions should have been checked using
366 * getPermissionsError(). It is probably also a good
367 * idea to check the edit token and ping limiter in advance.
370 * @param IContextSource $context
371 * @return Status|bool
373 public static function submit( array $data, IContextSource
$context ) {
374 $config = $context->getConfig();
376 $target = self
::getTarget( $data['Target'], $context->getUser() );
377 if ( !$target instanceof User
) {
378 // Messages used here: notargettext, noemailtext, nowikiemailtext
379 return Status
::newFatal( $target . 'text' );
382 $to = MailAddress
::newFromUser( $target );
383 $from = MailAddress
::newFromUser( $context->getUser() );
384 $subject = $data['Subject'];
385 $text = $data['Text'];
387 // Add a standard footer and trim up trailing newlines
388 $text = rtrim( $text ) . "\n\n-- \n";
389 $text .= $context->msg( 'emailuserfooter',
390 $from->name
, $to->name
)->inContentLanguage()->text();
392 // Check and increment the rate limits
393 if ( $context->getUser()->pingLimiter( 'emailuser' ) ) {
394 throw new ThrottledError();
398 if ( !Hooks
::run( 'EmailUser', [ &$to, &$from, &$subject, &$text, &$error ] ) ) {
399 if ( $error instanceof Status
) {
401 } elseif ( $error === false ||
$error === '' ||
$error === [] ) {
402 // Possibly to tell HTMLForm to pretend there was no submission?
404 } elseif ( $error === true ) {
405 // Hook sent the mail itself and indicates success?
406 return Status
::newGood();
407 } elseif ( is_array( $error ) ) {
408 $status = Status
::newGood();
409 foreach ( $error as $e ) {
410 $status->fatal( $e );
413 } elseif ( $error instanceof MessageSpecifier
) {
414 return Status
::newFatal( $error );
416 // Ugh. Either a raw HTML string, or something that's supposed
417 // to be treated like one.
418 $type = is_object( $error ) ?
get_class( $error ) : gettype( $error );
419 wfDeprecated( "EmailUser hook returning a $type as \$error", '1.29' );
420 return Status
::newFatal( new ApiRawMessage(
421 [ '$1', Message
::rawParam( (string)$error ) ], 'hookaborted'
426 if ( $config->get( 'UserEmailUseReplyTo' ) ) {
428 * Put the generic wiki autogenerated address in the From:
429 * header and reserve the user for Reply-To.
431 * This is a bit ugly, but will serve to differentiate
432 * wiki-borne mails from direct mails and protects against
433 * SPF and bounce problems with some mailers (see below).
435 $mailFrom = new MailAddress( $config->get( 'PasswordSender' ),
436 $context->msg( 'emailsender' )->inContentLanguage()->text() );
440 * Put the sending user's e-mail address in the From: header.
442 * This is clean-looking and convenient, but has issues.
443 * One is that it doesn't as clearly differentiate the wiki mail
444 * from "directly" sent mails.
446 * Another is that some mailers (like sSMTP) will use the From
447 * address as the envelope sender as well. For open sites this
448 * can cause mails to be flunked for SPF violations (since the
449 * wiki server isn't an authorized sender for various users'
450 * domains) as well as creating a privacy issue as bounces
451 * containing the recipient's e-mail address may get sent to
458 $status = UserMailer
::send( $to, $mailFrom, $subject, $text, [
459 'replyTo' => $replyTo,
462 if ( !$status->isGood() ) {
465 // if the user requested a copy of this mail, do this now,
466 // unless they are emailing themselves, in which case one
467 // copy of the message is sufficient.
468 if ( $data['CCMe'] && $to != $from ) {
471 $ccSubject = $context->msg( 'emailccsubject' )->rawParams(
472 $target->getName(), $subject )->text();
475 Hooks
::run( 'EmailUserCC', [ &$ccTo, &$ccFrom, &$ccSubject, &$ccText ] );
477 if ( $config->get( 'UserEmailUseReplyTo' ) ) {
478 $mailFrom = new MailAddress(
479 $config->get( 'PasswordSender' ),
480 $context->msg( 'emailsender' )->inContentLanguage()->text()
488 $ccStatus = UserMailer
::send(
489 $ccTo, $mailFrom, $ccSubject, $ccText, [
490 'replyTo' => $replyTo,
492 $status->merge( $ccStatus );
495 Hooks
::run( 'EmailUserComplete', [ $to, $from, $subject, $text ] );
502 * Return an array of subpages beginning with $search that this special page will accept.
504 * @param string $search Prefix to search for
505 * @param int $limit Maximum number of results to return (usually 10)
506 * @param int $offset Number of results to skip (usually 0)
507 * @return string[] Matching subpages
509 public function prefixSearchSubpages( $search, $limit, $offset ) {
510 $user = User
::newFromName( $search );
512 // No prefix suggestion for invalid user
515 // Autocomplete subpage as user list - public to allow caching
516 return UserNamePrefixSearch
::search( 'public', $search, $limit, $offset );
519 protected function getGroupName() {
524 * Builds an error message based on the block params
526 * @return ErrorPageError
528 private function getBlockedEmailError() {
529 $block = $this->getUser()->mBlock
;
530 $params = $block->getBlockErrorParams( $this->getContext() );
532 $msg = $block->isSitewide() ?
'blockedtext' : 'blocked-email-user';
533 return new ErrorPageError( 'blockedtitle', $msg, $params );