1<?php
2/**
3 * @package tikiwiki
4 */
5// (c) Copyright by authors of the Tiki Wiki CMS Groupware Project
6//
7// All Rights Reserved. See copyright.txt for details and a complete list of authors.
8// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
9// $Id$
10
11$section = 'user_messages';
12require_once('tiki-setup.php');
13$messulib = TikiLib::lib('message');
14$access->check_user($user);
15$access->check_feature('feature_messages');
16$access->check_permission('tiki_p_messages');
17
18if ($prefs['allowmsg_is_optional'] == 'y') {
19	if ($tikilib->get_user_preference($user, 'allowMsgs', 'y') != 'y') {
20		$smarty->assign('msg', tra("You have to be able to receive messages in order to send them. Goto your user preferences and enable 'Allow messages from other users'"));
21		$smarty->display("error.tpl");
22		die;
23	}
24}
25if (($prefs['messu_sent_size'] > 0) && ($messulib->count_messages($user, 'sent') >= $prefs['messu_sent_size'])) {
26	$smarty->assign('msg', tra('Sent box is full. Archive or delete some sent messages first if you want to send more messages.'));
27	$smarty->display("error.tpl");
28	die;
29}
30if (! isset($_REQUEST['to'])) {
31	$_REQUEST['to'] = '';
32}
33if (! isset($_REQUEST['cc'])) {
34	$_REQUEST['cc'] = '';
35}
36if (! isset($_REQUEST['bcc'])) {
37	$_REQUEST['bcc'] = '';
38}
39if (! isset($_REQUEST['subject'])) {
40	$_REQUEST['subject'] = '';
41}
42if (! isset($_REQUEST['body'])) {
43	$_REQUEST['body'] = '';
44}
45if (! isset($_REQUEST['replyto_hash'])) {
46	$_REQUEST['replyto_hash'] = '';
47}
48if (! isset($_REQUEST['priority'])) {
49	$_REQUEST['priority'] = 3;
50}
51// Strip Re:Re:Re: from subject
52if (! empty($_REQUEST['reply']) || ! empty($_REQUEST['replyall'])) {
53	$_REQUEST['subject'] = tra("Re:") . preg_replace('/^(' . tra('Re:') . ')+/', '', $_REQUEST['subject']);
54	$smarty->assign('reply', 'y');
55}
56foreach ([
57	'to',
58	'cc',
59	'bcc'
60			  ] as $dest) {
61	if (is_array($_REQUEST[$dest])) {
62		$sep = strstr(implode('', $_REQUEST[$dest]), ',') === false ? ', ' : '; ';
63		$_REQUEST[$dest] = implode($sep, $_REQUEST[$dest]);
64	}
65}
66$smarty->assign('to', $_REQUEST['to']);
67$smarty->assign('cc', $_REQUEST['cc']);
68$smarty->assign('bcc', $_REQUEST['bcc']);
69$smarty->assign('subject', $_REQUEST['subject']);
70$smarty->assign('body', $_REQUEST['body']);
71$smarty->assign('priority', $_REQUEST['priority']);
72$smarty->assign('replyto_hash', $_REQUEST['replyto_hash']);
73$smarty->assign('mid', 'messu-compose.tpl');
74$smarty->assign('sent', 0);
75if ((isset($_POST['send']) && $access->checkCsrf()) || isset($_POST['preview'])) {
76	$message = [];
77	$users = [];
78	if (!empty($_POST['subject']) || !empty($_POST['body'])) {
79		// Parse the to, cc and bcc fields into an array
80		$arr_to = preg_split('/\s*(?<!\\\)[;,]\s*/', $_POST['to']);
81		$arr_cc = preg_split('/\s*(?<!\\\)[;,]\s*/', $_POST['cc']);
82		$arr_bcc = preg_split('/\s*(?<!\\\)[;,]\s*/', $_POST['bcc']);
83		if ($prefs['user_selector_realnames_messu'] == 'y') {
84			$groups = '';
85			$arr_to = $userlib->find_best_user($arr_to, $groups, 'login');
86			$arr_cc = $userlib->find_best_user($arr_cc, $groups);
87			$arr_bcc = $userlib->find_best_user($arr_bcc, $groups);
88		}
89		// Remove invalid users from the to, cc and bcc fields
90		foreach ($arr_to as $a_user) {
91			if (! empty($a_user)) {
92				$a_user = str_replace('\\;', ';', $a_user);
93				if ($userlib->user_exists($a_user)) {
94					// mail only to users with activated message feature
95					if ($prefs['allowmsg_is_optional'] != 'y' || $tikilib->get_user_preference($a_user, 'allowMsgs', 'y') == 'y') {
96						// only send mail if nox mailbox size is defined or not reached yet
97						if (($messulib->count_messages($a_user) < $prefs['messu_mailbox_size']) || ($prefs['messu_mailbox_size'] == 0)) {
98							$users[] = $a_user;
99						} else {
100							$message[]= sprintf(tra("User %s can not receive messages, mailbox is full"), $a_user);
101						}
102					} else {
103						$message[]= sprintf(tra("User %s can not receive messages"), $a_user);
104					}
105				} else {
106					$message[]= sprintf(tra("Invalid user: %s"), $a_user);
107				}
108			}
109		}
110		foreach ($arr_cc as $a_user) {
111			if (! empty($a_user)) {
112				$a_user = str_replace('\\;', ';', $a_user);
113				if ($userlib->user_exists($a_user)) {
114					// mail only to users with activated message feature
115					if ($prefs['allowmsg_is_optional'] != 'y' || $tikilib->get_user_preference($a_user, 'allowMsgs', 'y') == 'y') {
116						// only send mail if nox mailbox size is defined or not reached yet
117						if (($messulib->count_messages($a_user) < $prefs['messu_mailbox_size']) || ($prefs['messu_mailbox_size'] == 0)) {
118							$users[] = $a_user;
119						} else {
120							$message[]= sprintf(tra("User %s can not receive messages, mailbox is full"), $a_user);
121						}
122					} else {
123						$message[]= sprintf(tra("User %s can not receive messages"), $a_user);
124					}
125				} else {
126					$message[]= sprintf(tra("Invalid user: %s"), $a_user);
127				}
128			}
129		}
130		foreach ($arr_bcc as $a_user) {
131			if (! empty($a_user)) {
132				$a_user = str_replace('\\;', ';', $a_user);
133				if ($userlib->user_exists($a_user)) {
134					// mail only to users with activated message feature
135					if ($prefs['allowmsg_is_optional'] != 'y' || $tikilib->get_user_preference($a_user, 'allowMsgs', 'y') == 'y') {
136						// only send mail if nox mailbox size is defined or not reached yet
137						if (($messulib->count_messages($a_user) < $prefs['messu_mailbox_size']) || ($prefs['messu_mailbox_size'] == 0)) {
138							$users[] = $a_user;
139						} else {
140							$message[]= sprintf(tra("User %s can not receive messages, mailbox is full"), $a_user);
141						}
142					} else {
143						$message[]= sprintf(tra("User %s can not receive messages"), $a_user);
144					}
145				} else {
146					$message[]= sprintf(tra("Invalid user: %s"), $a_user);
147				}
148			}
149		}
150		$users = array_unique($users);
151		// Validation: either to, cc or bcc must have a valid user
152		if (count($users) > 0) {
153			foreach ($users as $rawuser) {
154				if ($prefs['user_selector_realnames_messu'] == 'y') {
155					$rawuser = $userlib->clean_user($rawuser, ! $check_user_show_realnames, $login_fallback);
156				}
157			}
158		} else {
159			$message[] = tra('No valid users to send the message to');
160		}
161	} else {
162		$message[] = tra('The message must have either a subject or a body');
163	}
164
165	////////////////////////////////////////////////////////////////////////
166	//                                                                    //
167	// hollmeer 2012-11-03: ADDED PGP/MIME ENCRYPTION PREPARATION      //
168	// USING lib/openpgp/opepgplib.php                                    //
169	//                                                                    //
170	// get publickey armor block for email                                //
171	//                                                                    //
172	if ($prefs['openpgp_gpg_pgpmimemail'] == 'y') {
173		global $openpgplib;
174		$aux_pgpmime_content = $openpgplib->getPublickeyArmorBlock($_REQUEST['priority'], $_REQUEST['to'], $_REQUEST['cc']);
175		$prepend_email_body = $aux_pgpmime_content[0];
176		$user_armor = $aux_pgpmime_content[1];
177	}
178	//                                                                    //
179	////////////////////////////////////////////////////////////////////////
180
181	// Insert the message in the inboxes of each user
182	if (! empty($users)) {
183		if ($prefs['user_selector_realnames_messu'] == 'y') {
184			$clean_users = array_map(array($userlib, 'clean_user'), $users);
185		} else {
186			$clean_users = $users;
187		}
188		if (isset($_POST['send'])) {
189			foreach ($users as $a_user) {
190				//////////////////////////////////////////////////////////////////////////////////
191				// hollmeer: send with gpg-armor block etc included				//
192				// A changed encryption-related version was copied from lib/messu/messulib.pgp  //
193				// into lib/openpgp/openpgplib.php for prepending/appending content into	//
194				// message body									//
195				if ($prefs['openpgp_gpg_pgpmimemail'] == 'y') {
196					// USE PGP/MIME MAIL VERSION
197					$result = $openpgplib->post_message_with_pgparmor_attachment(
198						$a_user,
199						$user,
200						$_REQUEST['to'],
201						$_REQUEST['cc'],
202						$_REQUEST['subject'],
203						$_REQUEST['body'],
204						$prepend_email_body, // NOTE THIS!
205						$user_armor, // NOTE THIS!
206						$_REQUEST['priority'],
207						$_REQUEST['replyto_hash'],
208						isset($_REQUEST['replytome']) ? 'y' : '',
209						isset($_REQUEST['bccme']) ? 'y' : ''
210					);
211				} else {
212					// USE ORIGINAL TIKI MAIL VERSION
213					$result = $messulib->post_message(
214						$a_user,
215						$user,
216						$_REQUEST['to'],
217						$_REQUEST['cc'],
218						$_REQUEST['subject'],
219						$_REQUEST['body'],
220						$_REQUEST['priority'],
221						$_REQUEST['replyto_hash'],
222						isset($_REQUEST['replytome']) ? 'y' : '',
223						isset($_REQUEST['bccme']) ? 'y' : ''
224					);
225				}
226				// 										//
227				//////////////////////////////////////////////////////////////////////////////////
228				if ($result) {
229					TikiLib::events()->trigger(
230						'tiki.user.message',
231						[
232							'type' => 'user',
233							'object' => $a_user,
234							'user' => $user,
235						]
236					);
237					// if this is a reply flag the original messages replied to
238					if ($_REQUEST['replyto_hash'] <> '') {
239						$messulib->mark_replied($a_user, $_REQUEST['replyto_hash']);
240					}
241					$smarty->assign('sent', 1);
242					$messulib->save_sent_message($user, $user, $_REQUEST['to'], $_REQUEST['cc'], $_REQUEST['subject'],
243						$_REQUEST['body'], $_REQUEST['priority'], $_REQUEST['replyto_hash']);
244					if ($prefs['feature_actionlog'] == 'y') {
245						if (isset($_REQUEST['reply']) && $_REQUEST['reply'] == 'y') {
246							$logslib->add_action('Replied', '', 'message', 'add=' . $tikilib->strlen_quoted($_REQUEST['body']));
247						} else {
248							$logslib->add_action('Posted', '', 'message', 'add=' . strlen($_REQUEST['body']));
249						}
250					}
251					$smarty->clear_assign(array('to', 'cc', 'bcc', 'subject', 'body', 'replytome', 'bccme'));
252					$smarty->assign('priority', 3);
253				} else {
254					Feedback::error(tra('An error occurred, please check your mail settings and try again'));
255				}
256			}
257			$message[] = tra('The message has been sent to:') . ' ' . implode(', ', $clean_users);
258			Feedback::success(['mes' => $message]);
259		} elseif (isset($_POST['preview'])) {
260			$message[] = tra('The message will be sent to:') . ' ' . implode(', ', $clean_users);
261			$smarty->assign('confirm_detail', $message);
262			$smarty->assign('confirmSubmitName', 'send');
263			$smarty->assign('confirmSubmitValue', 1);
264			unset($_POST['preview']);
265			$access->checkCsrfForm(tra('See below for how message will be handled upon confirmation'));
266		}
267	} else {
268		Feedback::error(['mes' => $message]);
269	}
270}
271$allowMsgs = $prefs['allowmsg_is_optional'] != 'y' || $tikilib->get_user_preference($user, 'allowMsgs', 'y');
272$smarty->assign('allowMsgs', $allowMsgs);
273include_once('tiki-section_options.php');
274include_once('tiki-mytiki_shared.php');
275$smarty->display("tiki.tpl");
276