showErrorPage( "nosuchspecialpage", "nospecialpagetext" ); return; } if( !$wgUser->canSendEmail() ) { wfDebug( "User can't send.\n" ); $wgOut->showErrorPage( "mailnologin", "mailnologintext" ); return; } $action = $wgRequest->getVal( 'action' ); $target = isset($par) ? $par : $wgRequest->getVal( 'target' ); if ( "" == $target ) { wfDebug( "Target is empty.\n" ); $wgOut->showErrorPage( "notargettitle", "notargettext" ); return; } $nt = Title::newFromURL( $target ); if ( is_null( $nt ) ) { wfDebug( "Target is invalid title.\n" ); $wgOut->showErrorPage( "notargettitle", "notargettext" ); return; } $nu = User::newFromName( $nt->getText() ); if( is_null( $nu ) || !$nu->canReceiveEmail() ) { wfDebug( "Target is invalid user or can't receive.\n" ); $wgOut->showErrorPage( "noemailtitle", "noemailtext" ); return; } if ( $wgUser->isBlockedFromEmailUser() ) { // User has been blocked from sending e-mail. Show the std blocked form. wfDebug( "User is blocked from sending e-mail.\n" ); $wgOut->blockedPage(); return; } $f = new EmailUserForm( $nu ); if ( "success" == $action ) { $f->showSuccess( $nu ); } else if ( "submit" == $action && $wgRequest->wasPosted() && $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) { # Check against the rate limiter if( $wgUser->pingLimiter( 'emailuser' ) ) { $wgOut->rateLimited(); return; } $f->doSubmit(); } else { $f->showForm(); } } /** * Implements the Special:Emailuser web interface, and invokes userMailer for sending the email message. * @addtogroup SpecialPage */ class EmailUserForm { var $target; var $text, $subject; var $cc_me; // Whether user requested to be sent a separate copy of their email. /** * @param User $target */ function EmailUserForm( $target ) { global $wgRequest; $this->target = $target; $this->text = $wgRequest->getText( 'wpText' ); $this->subject = $wgRequest->getText( 'wpSubject' ); $this->cc_me = $wgRequest->getBool( 'wpCCMe' ); } function showForm() { global $wgOut, $wgUser; $wgOut->setPagetitle( wfMsg( "emailpage" ) ); $wgOut->addWikiMsg( "emailpagetext" ); if ( $this->subject === "" ) { $this->subject = wfMsg( "defemailsubject" ); } $emf = wfMsg( "emailfrom" ); $sender = $wgUser->getName(); $emt = wfMsg( "emailto" ); $rcpt = $this->target->getName(); $emr = wfMsg( "emailsubject" ); $emm = wfMsg( "emailmessage" ); $ems = wfMsg( "emailsend" ); $emc = wfMsg( "emailccme" ); $encSubject = htmlspecialchars( $this->subject ); $titleObj = SpecialPage::getTitleFor( "Emailuser" ); $action = $titleObj->escapeLocalURL( "target=" . urlencode( $this->target->getName() ) . "&action=submit" ); $token = htmlspecialchars( $wgUser->editToken() ); $wgOut->addHTML( "

{$emf}:	" . htmlspecialchars( $sender ) . "
{$emt}:	" . htmlspecialchars( $rcpt ) . "
{$emr}:

{$emm}:
" . htmlspecialchars( $this->text ) . " " . wfCheckLabel( $emc, 'wpCCMe', 'wpCCMe', $wgUser->getBoolOption( 'ccmeonemails' ) ) . "

\n" ); } function doSubmit() { global $wgOut, $wgUser, $wgUserEmailUseReplyTo; $to = new MailAddress( $this->target ); $from = new MailAddress( $wgUser ); $subject = $this->subject; if( wfRunHooks( 'EmailUser', array( &$to, &$from, &$subject, &$this->text ) ) ) { if( $wgUserEmailUseReplyTo ) { // Put the generic wiki autogenerated address in the From: // header and reserve the user for Reply-To. // // This is a bit ugly, but will serve to differentiate // wiki-borne mails from direct mails and protects against // SPF and bounce problems with some mailers (see below). global $wgPasswordSender; $mailFrom = new MailAddress( $wgPasswordSender ); $replyTo = $from; } else { // Put the sending user's e-mail address in the From: header. // // This is clean-looking and convenient, but has issues. // One is that it doesn't as clearly differentiate the wiki mail // from "directly" sent mails. // // Another is that some mailers (like sSMTP) will use the From // address as the envelope sender as well. For open sites this // can cause mails to be flunked for SPF violations (since the // wiki server isn't an authorized sender for various users' // domains) as well as creating a privacy issue as bounces // containing the recipient's e-mail address may get sent to // the sending user. $mailFrom = $from; $replyTo = null; } $mailResult = UserMailer::send( $to, $mailFrom, $subject, $this->text, $replyTo ); if( WikiError::isError( $mailResult ) ) { $wgOut->addHTML( wfMsg( "usermailererror" ) . ' ' . htmlspecialchars( $mailResult->getMessage() ) ); } else { // if the user requested a copy of this mail, do this now, // unless they are emailing themselves, in which case one copy of the message is sufficient. if ($this->cc_me && $to != $from) { $cc_subject = wfMsg('emailccsubject', $this->target->getName(), $subject); if( wfRunHooks( 'EmailUser', array( &$from, &$from, &$cc_subject, &$this->text ) ) ) { $ccResult = UserMailer::send( $from, $from, $cc_subject, $this->text ); if( WikiError::isError( $ccResult ) ) { // At this stage, the user's CC mail has failed, but their // original mail has succeeded. It's unlikely, but still, what to do? // We can either show them an error, or we can say everything was fine, // or we can say we sort of failed AND sort of succeeded. Of these options, // simply saying there was an error is probably best. $wgOut->addHTML( wfMsg( "usermailererror" ) . ' ' . htmlspecialchars( $ccResult->getMessage() ) ); return; } } } $titleObj = SpecialPage::getTitleFor( "Emailuser" ); $encTarget = wfUrlencode( $this->target->getName() ); $wgOut->redirect( $titleObj->getFullURL( "target={$encTarget}&action=success" ) ); wfRunHooks( 'EmailUserComplete', array( $to, $from, $subject, $this->text ) ); } } } function showSuccess( &$user ) { global $wgOut; $wgOut->setPagetitle( wfMsg( "emailsent" ) ); $wgOut->addHTML( wfMsg( "emailsenttext" ) ); $wgOut->returnToMain( false, $user->getUserPage() ); } }