dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Added rate limiter for Special:Emailuser
[lhc/web/wiklou.git] / includes / SpecialEmailuser.php
1 <?php
2 /**
3 *
4 * @addtogroup SpecialPage
5 */
6
7 /**
8 *
9 */
10 require_once('UserMailer.php');
11
12 function wfSpecialEmailuser( $par ) {
13 global $wgUser, $wgOut, $wgRequest, $wgEnableEmail, $wgEnableUserEmail;
14
15 if( !( $wgEnableEmail && $wgEnableUserEmail ) ) {
16 $wgOut->showErrorPage( "nosuchspecialpage", "nospecialpagetext" );
17 return;
18 }
19
20 if( !$wgUser->canSendEmail() ) {
21 wfDebug( "User can't send.\n" );
22 $wgOut->showErrorPage( "mailnologin", "mailnologintext" );
23 return;
24 }
25
26 $action = $wgRequest->getVal( 'action' );
27 $target = isset($par) ? $par : $wgRequest->getVal( 'target' );
28 if ( "" == $target ) {
29 wfDebug( "Target is empty.\n" );
30 $wgOut->showErrorPage( "notargettitle", "notargettext" );
31 return;
32 }
33
34 $nt = Title::newFromURL( $target );
35 if ( is_null( $nt ) ) {
36 wfDebug( "Target is invalid title.\n" );
37 $wgOut->showErrorPage( "notargettitle", "notargettext" );
38 return;
39 }
40
41 $nu = User::newFromName( $nt->getText() );
42 if( is_null( $nu ) || !$nu->canReceiveEmail() ) {
43 wfDebug( "Target is invalid user or can't receive.\n" );
44 $wgOut->showErrorPage( "noemailtitle", "noemailtext" );
45 return;
46 }
47
48 # Check against the rate limiter
49 if( $wgUser->pingLimiter( 'emailuser' ) ) {
50 $wgOut->rateLimited();
51 return;
52 }
53
54 $f = new EmailUserForm( $nu );
55
56 if ( "success" == $action ) {
57 $f->showSuccess( $nu );
58 } else if ( "submit" == $action && $wgRequest->wasPosted() &&
59 $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) {
60 $f->doSubmit();
61 } else {
62 $f->showForm();
63 }
64 }
65
66 /**
67 * @todo document
68 * @addtogroup SpecialPage
69 */
70 class EmailUserForm {
71
72 var $target;
73 var $text, $subject;
74 var $cc_me; // Whether user requested to be sent a separate copy of their email.
75
76 /**
77 * @param User $target
78 */
79 function EmailUserForm( $target ) {
80 global $wgRequest;
81 $this->target = $target;
82 $this->text = $wgRequest->getText( 'wpText' );
83 $this->subject = $wgRequest->getText( 'wpSubject' );
84 $this->cc_me = $wgRequest->getBool( 'wpCCMe' );
85 }
86
87 function showForm() {
88 global $wgOut, $wgUser;
89
90 $wgOut->setPagetitle( wfMsg( "emailpage" ) );
91 $wgOut->addWikiText( wfMsg( "emailpagetext" ) );
92
93 if ( $this->subject === "" ) {
94 $this->subject = wfMsg( "defemailsubject" );
95 }
96
97 $emf = wfMsg( "emailfrom" );
98 $sender = $wgUser->getName();
99 $emt = wfMsg( "emailto" );
100 $rcpt = $this->target->getName();
101 $emr = wfMsg( "emailsubject" );
102 $emm = wfMsg( "emailmessage" );
103 $ems = wfMsg( "emailsend" );
104 $emc = wfMsg( "emailccme" );
105 $encSubject = htmlspecialchars( $this->subject );
106
107 $titleObj = SpecialPage::getTitleFor( "Emailuser" );
108 $action = $titleObj->escapeLocalURL( "target=" .
109 urlencode( $this->target->getName() ) . "&action=submit" );
110 $token = $wgUser->editToken();
111
112 $wgOut->addHTML( "
113 <form id=\"emailuser\" method=\"post\" action=\"{$action}\">
114 <table border='0' id='mailheader'><tr>
115 <td align='right'>{$emf}:</td>
116 <td align='left'><strong>" . htmlspecialchars( $sender ) . "</strong></td>
117 </tr><tr>
118 <td align='right'>{$emt}:</td>
119 <td align='left'><strong>" . htmlspecialchars( $rcpt ) . "</strong></td>
120 </tr><tr>
121 <td align='right'>{$emr}:</td>
122 <td align='left'>
123 <input type='text' size='60' maxlength='200' name=\"wpSubject\" value=\"{$encSubject}\" />
124 </td>
125 </tr>
126 </table>
127 <span id='wpTextLabel'><label for=\"wpText\">{$emm}:</label><br /></span>
128 <textarea name=\"wpText\" rows='20' cols='80' wrap='virtual' style=\"width: 100%;\">" . htmlspecialchars( $this->text ) .
129 "</textarea>
130 " . wfCheckLabel( $emc, 'wpCCMe', 'wpCCMe', $wgUser->getBoolOption( 'ccmeonemails' ) ) . "<br />
131 <input type='submit' name=\"wpSend\" value=\"{$ems}\" />
132 <input type='hidden' name='wpEditToken' value=\"$token\" />
133 </form>\n" );
134
135 }
136
137 function doSubmit() {
138 global $wgOut, $wgUser;
139
140 $to = new MailAddress( $this->target );
141 $from = new MailAddress( $wgUser );
142 $subject = $this->subject;
143
144 if( wfRunHooks( 'EmailUser', array( &$to, &$from, &$subject, &$this->text ) ) ) {
145
146 $mailResult = userMailer( $to, $from, $subject, $this->text );
147
148 if( WikiError::isError( $mailResult ) ) {
149 $wgOut->addHTML( wfMsg( "usermailererror" ) . $mailResult);
150 } else {
151
152 // if the user requested a copy of this mail, do this now,
153 // unless they are emailing themselves, in which case one copy of the message is sufficient.
154 if ($this->cc_me && $to != $from) {
155 $cc_subject = wfMsg('emailccsubject', $this->target->getName(), $subject);
156 if( wfRunHooks( 'EmailUser', array( &$from, &$from, &$cc_subject, &$this->text ) ) ) {
157 $ccResult = userMailer( $from, $from, $cc_subject, $this->text );
158 if( WikiError::isError( $ccResult ) ) {
159 // At this stage, the user's CC mail has failed, but their
160 // original mail has succeeded. It's unlikely, but still, what to do?
161 // We can either show them an error, or we can say everything was fine,
162 // or we can say we sort of failed AND sort of succeeded. Of these options,
163 // simply saying there was an error is probably best.
164 $wgOut->addHTML( wfMsg( "usermailererror" ) . $ccResult);
165 return;
166 }
167 }
168 }
169
170 $titleObj = SpecialPage::getTitleFor( "Emailuser" );
171 $encTarget = wfUrlencode( $this->target->getName() );
172 $wgOut->redirect( $titleObj->getFullURL( "target={$encTarget}&action=success" ) );
173 wfRunHooks( 'EmailUserComplete', array( $to, $from, $subject, $this->text ) );
174 }
175 }
176 }
177
178 function showSuccess( &$user ) {
179 global $wgOut;
180
181 $wgOut->setPagetitle( wfMsg( "emailsent" ) );
182 $wgOut->addHTML( wfMsg( "emailsenttext" ) );
183
184 $wgOut->returnToMain( false, $user->getUserPage() );
185 }
186 }
187 ?>
Wiklou, le Wiki du Wiklou