| [ Index ] |
|
Code source de Typo3 4.1.3 |
1 <?php 2 /*************************************************************** 3 * Copyright notice 4 * 5 * (c) 1999-2007 Kasper Skaarhoj (kasperYYYY@typo3.com) 6 * All rights reserved 7 * 8 * This script is part of the TYPO3 project. The TYPO3 project is 9 * free software; you can redistribute it and/or modify 10 * it under the terms of the GNU General Public License as published by 11 * the Free Software Foundation; either version 2 of the License, or 12 * (at your option) any later version. 13 * 14 * The GNU General Public License can be found at 15 * http://www.gnu.org/copyleft/gpl.html. 16 * A copy is found in the textfile GPL.txt and important notices to the license 17 * from the author is found in LICENSE.txt distributed with these scripts. 18 * 19 * 20 * This script is distributed in the hope that it will be useful, 21 * but WITHOUT ANY WARRANTY; without even the implied warranty of 22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 23 * GNU General Public License for more details. 24 * 25 * This copyright notice MUST APPEAR in all copies of the script! 26 ***************************************************************/ 27 /** 28 * Contains a class for formmail 29 * 30 * $Id: class.t3lib_formmail.php 2583 2007-10-17 10:24:53Z mundaun $ 31 * Revised for TYPO3 3.6 July/2003 by Kasper Skaarhoj 32 * 33 * @author Kasper Skaarhoj <kasperYYYY@typo3.com> 34 */ 35 /** 36 * [CLASS/FUNCTION INDEX of SCRIPT] 37 * 38 * 39 * 40 * 69: class t3lib_formmail extends t3lib_htmlmail 41 * 95: function start($V,$base64=false) 42 * 172: function addAttachment($file, $filename) 43 * 44 * TOTAL FUNCTIONS: 2 45 * (This index is automatically created/updated by the extension "extdeveval") 46 * 47 */ 48 49 50 51 52 53 54 55 56 57 58 59 60 61 /** 62 * Formmail class, used by the TYPO3 "cms" extension (default frontend) to send email forms. 63 * 64 * @author Kasper Skaarhoj <kasperYYYY@typo3.com> 65 * @package TYPO3 66 * @subpackage t3lib 67 * @see tslib_fe::sendFormmail(), t3lib/formmail.php 68 */ 69 class t3lib_formmail extends t3lib_htmlmail { 70 var $reserved_names = 'recipient,recipient_copy,auto_respond_msg,redirect,subject,attachment,from_email,from_name,replyto_email,replyto_name,organisation,priority,html_enabled,quoted_printable,submit_x,submit_y'; 71 var $dirtyHeaders = array(); // collection of suspicious header data, used for logging 72 73 74 /** 75 * Start function 76 * This class is able to generate a mail in formmail-style from the data in $V 77 * Fields: 78 * 79 * [recipient]: email-adress of the one to receive the mail. If array, then all values are expected to be recipients 80 * [attachment]: .... 81 * 82 * [subject]: The subject of the mail 83 * [from_email]: Sender email. If not set, [email] is used 84 * [from_name]: Sender name. If not set, [name] is used 85 * [replyto_email]: Reply-to email. If not set [from_email] is used 86 * [replyto_name]: Reply-to name. If not set [from_name] is used 87 * [organisation]: Organisation (header) 88 * [priority]: Priority, 1-5, default 3 89 * [html_enabled]: If mail is sent as html 90 * [use_base64]: If set, base64 encoding will be used instead of quoted-printable 91 * 92 * @param array Contains values for the field names listed above (with slashes removed if from POST input) 93 * @param boolean Whether to base64 encode the mail content 94 * @return void 95 */ 96 function start($V,$base64=false) { 97 $convCharset = FALSE; // do we need to convert form data? 98 99 if ($GLOBALS['TSFE']->config['config']['formMailCharset']) { // Respect formMailCharset if it was set 100 $this->charset = $GLOBALS['TSFE']->csConvObj->parse_charset($GLOBALS['TSFE']->config['config']['formMailCharset']); 101 $convCharset = TRUE; 102 103 } elseif ($GLOBALS['TSFE']->metaCharset != $GLOBALS['TSFE']->renderCharset) { // Use metaCharset for mail if different from renderCharset 104 $this->charset = $GLOBALS['TSFE']->metaCharset; 105 $convCharset = TRUE; 106 } 107 108 parent::start(); 109 110 if ($base64 || $V['use_base64']) { $this->useBase64(); } 111 112 if (isset($V['recipient'])) { 113 // convert form data from renderCharset to mail charset 114 $val = ($V['subject']) ? $V['subject'] : 'Formmail on '.t3lib_div::getIndpEnv('HTTP_HOST'); 115 $this->subject = ($convCharset && strlen($val)) ? $GLOBALS['TSFE']->csConvObj->conv($val,$GLOBALS['TSFE']->renderCharset,$this->charset) : $val; 116 $this->subject = $this->sanitizeHeaderString($this->subject); 117 $val = ($V['from_name']) ? $V['from_name'] : (($V['name'])?$V['name']:''); // Be careful when changing $val! It is used again as the fallback value for replyto_name 118 $this->from_name = ($convCharset && strlen($val)) ? $GLOBALS['TSFE']->csConvObj->conv($val,$GLOBALS['TSFE']->renderCharset,$this->charset) : $val; 119 $this->from_name = $this->sanitizeHeaderString($this->from_name); 120 $this->from_name = preg_match( '/\s|,/', $this->from_name ) >= 1 ? '"'.$this->from_name.'"' : $this->from_name; 121 $val = ($V['replyto_name']) ? $V['replyto_name'] : $val; 122 $this->replyto_name = ($convCharset && strlen($val)) ? $GLOBALS['TSFE']->csConvObj->conv($val,$GLOBALS['TSFE']->renderCharset,$this->charset) : $val; 123 $this->replyto_name = $this->sanitizeHeaderString($this->replyto_name); 124 $this->replyto_name = preg_match( '/\s|,/', $this->replyto_name ) >= 1 ? '"'.$this->replyto_name.'"' : $this->replyto_name; 125 $val = ($V['organisation']) ? $V['organisation'] : ''; 126 $this->organisation = ($convCharset && strlen($val)) ? $GLOBALS['TSFE']->csConvObj->conv($val,$GLOBALS['TSFE']->renderCharset,$this->charset) : $val; 127 $this->organisation = $this->sanitizeHeaderString($this->organisation); 128 129 $this->from_email = ($V['from_email']) ? $V['from_email'] : (($V['email'])?$V['email']:''); 130 $this->from_email = t3lib_div::validEmail($this->from_email) ? $this->from_email : ''; 131 $this->replyto_email = ($V['replyto_email']) ? $V['replyto_email'] : $this->from_email; 132 $this->replyto_email = t3lib_div::validEmail($this->replyto_email) ? $this->replyto_email : ''; 133 $this->priority = ($V['priority']) ? t3lib_div::intInRange($V['priority'],1,5) : 3; 134 135 // Auto responder. 136 $this->auto_respond_msg = (trim($V['auto_respond_msg']) && $this->from_email) ? trim($V['auto_respond_msg']) : ''; 137 $this->auto_respond_msg = $this->sanitizeHeaderString($this->auto_respond_msg); 138 139 $Plain_content = ''; 140 $HTML_content = '<table border="0" cellpadding="2" cellspacing="2">'; 141 142 // Runs through $V and generates the mail 143 if (is_array($V)) { 144 reset($V); 145 while (list($key,$val)=each($V)) { 146 if (!t3lib_div::inList($this->reserved_names,$key)) { 147 $space = (strlen($val)>60)?chr(10):''; 148 $val = (is_array($val) ? implode($val,chr(10)) : $val); 149 150 // convert form data from renderCharset to mail charset (HTML may use entities) 151 $Plain_val = ($convCharset && strlen($val)) ? $GLOBALS['TSFE']->csConvObj->conv($val,$GLOBALS['TSFE']->renderCharset,$this->charset,0) : $val; 152 $HTML_val = ($convCharset && strlen($val)) ? $GLOBALS['TSFE']->csConvObj->conv(htmlspecialchars($val),$GLOBALS['TSFE']->renderCharset,$this->charset,1) : htmlspecialchars($val); 153 154 $Plain_content.= strtoupper($key).': '.$space.$Plain_val."\n".$space; 155 $HTML_content.= '<tr><td bgcolor="#eeeeee"><font face="Verdana" size="1"><b>'.strtoupper($key).'</b></font></td><td bgcolor="#eeeeee"><font face="Verdana" size="1">'.nl2br($HTML_val).' </font></td></tr>'; 156 } 157 } 158 } 159 $HTML_content.= '</table>'; 160 161 if ($V['html_enabled']) { 162 $this->setHTML($this->encodeMsg($HTML_content)); 163 } 164 $this->addPlain($Plain_content); 165 166 for ($a=0;$a<10;$a++) { 167 $varname = 'attachment'.(($a)?$a:''); 168 if (!is_uploaded_file($_FILES[$varname]['tmp_name'])) { 169 t3lib_div::sysLog('Possible abuse of t3lib_formmail: temporary file "'.$_FILES[$varname]['tmp_name'].'" ("'.$_FILES[$varname]['name'].'") was not an uploaded file.', 'Core', 3); 170 continue; 171 } 172 $theFile = t3lib_div::upload_to_tempfile($_FILES[$varname]['tmp_name']); 173 $theName = $_FILES[$varname]['name']; 174 175 if ($theFile && @file_exists($theFile)) { 176 if (filesize($theFile) < 250000) { 177 $this->addAttachment($theFile, $theName); 178 } 179 } 180 t3lib_div::unlink_tempfile($theFile); 181 } 182 183 $this->setHeaders(); 184 $this->setContent(); 185 $this->setRecipient($V['recipient']); 186 if ($V['recipient_copy']) { 187 $this->recipient_copy = trim($V['recipient_copy']); 188 } 189 // log dirty header lines 190 if ($this->dirtyHeaders) { 191 t3lib_div::sysLog( 'Possible misuse of t3lib_formmail: see TYPO3 devLog', 'Core', 3 ); 192 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['enable_DLOG']) { 193 t3lib_div::devLog( 't3lib_formmail: '. t3lib_div::arrayToLogString($this->dirtyHeaders, '', 200 ), 'Core', 3 ); 194 } 195 } 196 } 197 } 198 199 /** 200 * Adds an attachment to the mail 201 * 202 * @param string The absolute path to the file to add as attachment 203 * @param string The files original filename (not necessarily the same as the current since this could be uploaded files...) 204 * @return boolean True if the file existed and was added. 205 * @access private 206 */ 207 function addAttachment($file, $filename) { 208 $content = $this->getURL($file); // We fetch the content and the mime-type 209 $fileInfo = $this->split_fileref($filename); 210 if ($fileInfo['fileext'] == 'gif') {$content_type = 'image/gif';} 211 if ($fileInfo['fileext'] == 'bmp') {$content_type = 'image/bmp';} 212 if ($fileInfo['fileext'] == 'jpg' || $fileInfo['fileext'] == 'jpeg') {$content_type = 'image/jpeg';} 213 if ($fileInfo['fileext'] == 'html' || $fileInfo['fileext'] == 'htm') {$content_type = 'text/html';} 214 if (!$content_type) {$content_type = 'application/octet-stream';} 215 216 if ($content) { 217 $theArr['content_type']= $content_type; 218 $theArr['content']= $content; 219 $theArr['filename']= $filename; 220 $this->theParts['attach'][]=$theArr; 221 return true; 222 } else { return false;} 223 } 224 225 226 /** 227 * Checks string for suspicious characters 228 * 229 * @param string String to check 230 * @return string Valid or empty string 231 */ 232 function sanitizeHeaderString ($string) { 233 $pattern = '/[\r\n\f\e]/'; 234 if (preg_match($pattern, $string) > 0) { 235 $this->dirtyHeaders[] = $string; 236 $string = ''; 237 } 238 return $string; 239 } 240 } 241 242 243 if (defined('TYPO3_MODE') && $TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_formmail.php']) { 244 include_once($TYPO3_CONF_VARS[TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_formmail.php']); 245 } 246 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Nov 25 17:13:16 2007 | par Balluche grâce à PHPXref 0.7 |
|
|