Merge "Whitelist the <wbr> element."
[mediawiki.git] / includes / specials / SpecialEmailuser.php
blobd037d550a3711071443f7eace9f2e96122793edf
1 <?php
2 /**
3 * Implements Special:Emailuser
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
20 * @file
21 * @ingroup SpecialPage
24 /**
25 * A special page that allows users to send e-mails to other users
27 * @ingroup SpecialPage
29 class SpecialEmailUser extends UnlistedSpecialPage {
30 protected $mTarget;
32 /**
33 * @var User|string $mTargetObj
35 protected $mTargetObj;
37 public function __construct() {
38 parent::__construct( 'Emailuser' );
41 public function getDescription() {
42 $target = self::getTarget( $this->mTarget );
43 if ( !$target instanceof User ) {
44 return $this->msg( 'emailuser-title-notarget' )->text();
47 return $this->msg( 'emailuser-title-target', $target->getName() )->text();
50 protected function getFormFields() {
51 return array(
52 'From' => array(
53 'type' => 'info',
54 'raw' => 1,
55 'default' => Linker::link(
56 $this->getUser()->getUserPage(),
57 htmlspecialchars( $this->getUser()->getName() )
59 'label-message' => 'emailfrom',
60 'id' => 'mw-emailuser-sender',
62 'To' => array(
63 'type' => 'info',
64 'raw' => 1,
65 'default' => Linker::link(
66 $this->mTargetObj->getUserPage(),
67 htmlspecialchars( $this->mTargetObj->getName() )
69 'label-message' => 'emailto',
70 'id' => 'mw-emailuser-recipient',
72 'Target' => array(
73 'type' => 'hidden',
74 'default' => $this->mTargetObj->getName(),
76 'Subject' => array(
77 'type' => 'text',
78 'default' => $this->msg( 'defemailsubject',
79 $this->getUser()->getName() )->inContentLanguage()->text(),
80 'label-message' => 'emailsubject',
81 'maxlength' => 200,
82 'size' => 60,
83 'required' => true,
85 'Text' => array(
86 'type' => 'textarea',
87 'rows' => 20,
88 'cols' => 80,
89 'label-message' => 'emailmessage',
90 'required' => true,
92 'CCMe' => array(
93 'type' => 'check',
94 'label-message' => 'emailccme',
95 'default' => $this->getUser()->getBoolOption( 'ccmeonemails' ),
100 public function execute( $par ) {
101 $out = $this->getOutput();
102 $out->addModuleStyles( 'mediawiki.special' );
104 $this->mTarget = is_null( $par )
105 ? $this->getRequest()->getVal( 'wpTarget', $this->getRequest()->getVal( 'target', '' ) )
106 : $par;
108 // This needs to be below assignment of $this->mTarget because
109 // getDescription() needs it to determine the correct page title.
110 $this->setHeaders();
111 $this->outputHeader();
113 // error out if sending user cannot do this
114 $error = self::getPermissionsError(
115 $this->getUser(),
116 $this->getRequest()->getVal( 'wpEditToken' )
119 switch ( $error ) {
120 case null:
121 # Wahey!
122 break;
123 case 'badaccess':
124 throw new PermissionsError( 'sendemail' );
125 case 'blockedemailuser':
126 throw new UserBlockedError( $this->getUser()->mBlock );
127 case 'actionthrottledtext':
128 throw new ThrottledError;
129 case 'mailnologin':
130 case 'usermaildisabled':
131 throw new ErrorPageError( $error, "{$error}text" );
132 default:
133 # It's a hook error
134 list( $title, $msg, $params ) = $error;
135 throw new ErrorPageError( $title, $msg, $params );
137 // Got a valid target user name? Else ask for one.
138 $ret = self::getTarget( $this->mTarget );
139 if ( !$ret instanceof User ) {
140 if ( $this->mTarget != '' ) {
141 $ret = ( $ret == 'notarget' ) ? 'emailnotarget' : ( $ret . 'text' );
142 $out->wrapWikiMsg( "<p class='error'>$1</p>", $ret );
144 $out->addHTML( $this->userForm( $this->mTarget ) );
146 return false;
149 $this->mTargetObj = $ret;
151 $form = new HTMLForm( $this->getFormFields(), $this->getContext() );
152 // By now we are supposed to be sure that $this->mTarget is a user name
153 $form->addPreText( $this->msg( 'emailpagetext', $this->mTarget )->parse() );
154 $form->setSubmitTextMsg( 'emailsend' );
155 $form->setTitle( $this->getTitle() );
156 $form->setSubmitCallback( array( __CLASS__, 'uiSubmit' ) );
157 $form->setWrapperLegendMsg( 'email-legend' );
158 $form->loadData();
160 if ( !wfRunHooks( 'EmailUserForm', array( &$form ) ) ) {
161 return false;
164 $result = $form->show();
166 if ( $result === true || ( $result instanceof Status && $result->isGood() ) ) {
167 $out->setPageTitle( $this->msg( 'emailsent' ) );
168 $out->addWikiMsg( 'emailsenttext' );
169 $out->returnToMain( false, $this->mTargetObj->getUserPage() );
174 * Validate target User
176 * @param string $target target user name
177 * @return User object on success or a string on error
179 public static function getTarget( $target ) {
180 if ( $target == '' ) {
181 wfDebug( "Target is empty.\n" );
183 return 'notarget';
186 $nu = User::newFromName( $target );
187 if ( !$nu instanceof User || !$nu->getId() ) {
188 wfDebug( "Target is invalid user.\n" );
190 return 'notarget';
191 } elseif ( !$nu->isEmailConfirmed() ) {
192 wfDebug( "User has no valid email.\n" );
194 return 'noemail';
195 } elseif ( !$nu->canReceiveEmail() ) {
196 wfDebug( "User does not allow user emails.\n" );
198 return 'nowikiemail';
201 return $nu;
205 * Check whether a user is allowed to send email
207 * @param $user User object
208 * @param string $editToken edit token
209 * @return null on success or string on error
211 public static function getPermissionsError( $user, $editToken ) {
212 global $wgEnableEmail, $wgEnableUserEmail;
214 if ( !$wgEnableEmail || !$wgEnableUserEmail ) {
215 return 'usermaildisabled';
218 if ( !$user->isAllowed( 'sendemail' ) ) {
219 return 'badaccess';
222 if ( !$user->isEmailConfirmed() ) {
223 return 'mailnologin';
226 if ( $user->isBlockedFromEmailuser() ) {
227 wfDebug( "User is blocked from sending e-mail.\n" );
229 return "blockedemailuser";
232 if ( $user->pingLimiter( 'emailuser' ) ) {
233 wfDebug( "Ping limiter triggered.\n" );
235 return 'actionthrottledtext';
238 $hookErr = false;
240 wfRunHooks( 'UserCanSendEmail', array( &$user, &$hookErr ) );
241 wfRunHooks( 'EmailUserPermissionsErrors', array( $user, $editToken, &$hookErr ) );
243 if ( $hookErr ) {
244 return $hookErr;
247 return null;
251 * Form to ask for target user name.
253 * @param string $name user name submitted.
254 * @return String: form asking for user name.
256 protected function userForm( $name ) {
257 global $wgScript;
258 $string = Xml::openElement(
259 'form',
260 array( 'method' => 'get', 'action' => $wgScript, 'id' => 'askusername' )
262 Html::hidden( 'title', $this->getTitle()->getPrefixedText() ) .
263 Xml::openElement( 'fieldset' ) .
264 Html::rawElement( 'legend', null, $this->msg( 'emailtarget' )->parse() ) .
265 Xml::inputLabel(
266 $this->msg( 'emailusername' )->text(),
267 'target',
268 'emailusertarget',
270 $name
272 ' ' .
273 Xml::submitButton( $this->msg( 'emailusernamesubmit' )->text() ) .
274 Xml::closeElement( 'fieldset' ) .
275 Xml::closeElement( 'form' ) . "\n";
277 return $string;
281 * Submit callback for an HTMLForm object, will simply call submit().
283 * @since 1.20
284 * @param $data array
285 * @param $form HTMLForm object
286 * @return Status|string|bool
288 public static function uiSubmit( array $data, HTMLForm $form ) {
289 return self::submit( $data, $form->getContext() );
293 * Really send a mail. Permissions should have been checked using
294 * getPermissionsError(). It is probably also a good
295 * idea to check the edit token and ping limiter in advance.
297 * @param array $data
298 * @param IContextSource $context
299 * @return Mixed: Status object, or potentially a String on error
300 * or maybe even true on success if anything uses the EmailUser hook.
302 public static function submit( array $data, IContextSource $context ) {
303 global $wgUserEmailUseReplyTo;
305 $target = self::getTarget( $data['Target'] );
306 if ( !$target instanceof User ) {
307 return $context->msg( $target . 'text' )->parseAsBlock();
310 $to = new MailAddress( $target );
311 $from = new MailAddress( $context->getUser() );
312 $subject = $data['Subject'];
313 $text = $data['Text'];
315 // Add a standard footer and trim up trailing newlines
316 $text = rtrim( $text ) . "\n\n-- \n";
317 $text .= $context->msg( 'emailuserfooter',
318 $from->name, $to->name )->inContentLanguage()->text();
320 $error = '';
321 if ( !wfRunHooks( 'EmailUser', array( &$to, &$from, &$subject, &$text, &$error ) ) ) {
322 return $error;
325 if ( $wgUserEmailUseReplyTo ) {
326 // Put the generic wiki autogenerated address in the From:
327 // header and reserve the user for Reply-To.
329 // This is a bit ugly, but will serve to differentiate
330 // wiki-borne mails from direct mails and protects against
331 // SPF and bounce problems with some mailers (see below).
332 global $wgPasswordSender, $wgPasswordSenderName;
334 $mailFrom = new MailAddress( $wgPasswordSender, $wgPasswordSenderName );
335 $replyTo = $from;
336 } else {
337 // Put the sending user's e-mail address in the From: header.
339 // This is clean-looking and convenient, but has issues.
340 // One is that it doesn't as clearly differentiate the wiki mail
341 // from "directly" sent mails.
343 // Another is that some mailers (like sSMTP) will use the From
344 // address as the envelope sender as well. For open sites this
345 // can cause mails to be flunked for SPF violations (since the
346 // wiki server isn't an authorized sender for various users'
347 // domains) as well as creating a privacy issue as bounces
348 // containing the recipient's e-mail address may get sent to
349 // the sending user.
350 $mailFrom = $from;
351 $replyTo = null;
354 $status = UserMailer::send( $to, $mailFrom, $subject, $text, $replyTo );
356 if ( !$status->isGood() ) {
357 return $status;
358 } else {
359 // if the user requested a copy of this mail, do this now,
360 // unless they are emailing themselves, in which case one
361 // copy of the message is sufficient.
362 if ( $data['CCMe'] && $to != $from ) {
363 $cc_subject = $context->msg( 'emailccsubject' )->rawParams(
364 $target->getName(), $subject )->text();
365 wfRunHooks( 'EmailUserCC', array( &$from, &$from, &$cc_subject, &$text ) );
366 $ccStatus = UserMailer::send( $from, $from, $cc_subject, $text );
367 $status->merge( $ccStatus );
370 wfRunHooks( 'EmailUserComplete', array( $to, $from, $subject, $text ) );
372 return $status;
376 protected function getGroupName() {
377 return 'users';