[BUGFIX] Missing column in t3lib_TCEmain::getPreviousLocalizedRecordUid
[Packages/TYPO3.CMS.git] / t3lib / class.t3lib_formmail.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com)
6 * All rights reserved
7 *
8 * This script is part of the TYPO3 project. The TYPO3 project is
9 * free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * The GNU General Public License can be found at
15 * http://www.gnu.org/copyleft/gpl.html.
16 * A copy is found in the textfile GPL.txt and important notices to the license
17 * from the author is found in LICENSE.txt distributed with these scripts.
18 *
19 *
20 * This script is distributed in the hope that it will be useful,
21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 * GNU General Public License for more details.
24 *
25 * This copyright notice MUST APPEAR in all copies of the script!
26 ***************************************************************/
27 /**
28 * Contains a class for formmail
29 *
30 * Revised for TYPO3 3.6 July/2003 by Kasper Skårhøj
31 *
32 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
33 */
34
35
36 /**
37 * Formmail class, used by the TYPO3 "cms" extension (default frontend) to send email forms.
38 *
39 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
40 * @package TYPO3
41 * @subpackage t3lib
42 * @see tslib_fe::sendFormmail(), t3lib/formmail.php
43 */
44 class t3lib_formmail {
45 protected $reserved_names = 'recipient,recipient_copy,auto_respond_msg,auto_respond_checksum,redirect,subject,attachment,from_email,from_name,replyto_email,replyto_name,organisation,priority,html_enabled,quoted_printable,submit_x,submit_y';
46 protected $dirtyHeaders = array(); // collection of suspicious header data, used for logging
47
48 protected $characterSet;
49 protected $subject;
50 protected $fromName;
51 protected $replyToName;
52 protected $organisation;
53 protected $fromAddress;
54 protected $replyToAddress;
55 protected $priority;
56 protected $autoRespondMessage;
57 protected $encoding = 'quoted-printable';
58
59 /** @var t3lib_mail_Message */
60 protected $mailMessage;
61 protected $recipient;
62 protected $plainContent = '';
63
64 /** @var array Files to clean up at the end (attachments) */
65 protected $temporaryFiles = array();
66
67 /**
68 * Start function
69 * This class is able to generate a mail in formmail-style from the data in $V
70 * Fields:
71 *
72 * [recipient]: email-adress of the one to receive the mail. If array, then all values are expected to be recipients
73 * [attachment]: ....
74 *
75 * [subject]: The subject of the mail
76 * [from_email]: Sender email. If not set, [email] is used
77 * [from_name]: Sender name. If not set, [name] is used
78 * [replyto_email]: Reply-to email. If not set [from_email] is used
79 * [replyto_name]: Reply-to name. If not set [from_name] is used
80 * [organisation]: Organization (header)
81 * [priority]: Priority, 1-5, default 3
82 * [html_enabled]: If mail is sent as html
83 * [use_base64]: If set, base64 encoding will be used instead of quoted-printable
84 *
85 * @param array Contains values for the field names listed above (with slashes removed if from POST input)
86 * @param boolean Whether to base64 encode the mail content
87 * @return void
88 */
89 function start($valueList, $base64 = FALSE) {
90
91 $this->mailMessage = t3lib_div::makeInstance('t3lib_mail_Message');
92
93 if ($GLOBALS['TSFE']->config['config']['formMailCharset']) {
94 // Respect formMailCharset if it was set
95 $this->characterSet = $GLOBALS['TSFE']->csConvObj->parse_charset($GLOBALS['TSFE']->config['config']['formMailCharset']);
96 } elseif ($GLOBALS['TSFE']->metaCharset != $GLOBALS['TSFE']->renderCharset) {
97 // Use metaCharset for mail if different from renderCharset
98 $this->characterSet = $GLOBALS['TSFE']->metaCharset;
99 } else {
100 // Otherwise use renderCharset as default
101 $this->characterSet = $GLOBALS['TSFE']->renderCharset;
102 }
103
104 if ($base64 || $valueList['use_base64']) {
105 $this->encoding = 'base64';
106 }
107
108 if (isset($valueList['recipient'])) {
109 // convert form data from renderCharset to mail charset
110 $this->subject = ($valueList['subject'])
111 ? $valueList['subject']
112 : 'Formmail on ' . t3lib_div::getIndpEnv('HTTP_HOST');
113 $this->subject = $this->sanitizeHeaderString($this->subject);
114
115 $this->fromName = ($valueList['from_name'])
116 ? $valueList['from_name']
117 : (($valueList['name']) ? $valueList['name'] : '');
118 $this->fromName = $this->sanitizeHeaderString($this->fromName);
119
120 $this->replyToName = ($valueList['replyto_name']) ? $valueList['replyto_name'] : $this->fromName;
121 $this->replyToName = $this->sanitizeHeaderString($this->replyToName);
122
123 $this->organisation = ($valueList['organisation']) ? $valueList['organisation'] : '';
124 $this->organisation = $this->sanitizeHeaderString($this->organisation);
125
126 $this->fromAddress = ($valueList['from_email']) ? $valueList['from_email'] : (
127 ($valueList['email']) ? $valueList['email'] : ''
128 );
129 if (!t3lib_div::validEmail($this->fromAddress)) {
130 $this->fromAddress = t3lib_utility_Mail::getSystemFromAddress();
131 $this->fromName = t3lib_utility_Mail::getSystemFromName();
132 }
133
134 $this->replyToAddress = ($valueList['replyto_email']) ? $valueList['replyto_email'] : $this->fromAddress;
135
136 $this->priority = ($valueList['priority']) ? t3lib_utility_Math::forceIntegerInRange($valueList['priority'], 1, 5) : 3;
137
138 // auto responder
139 $this->autoRespondMessage = (trim($valueList['auto_respond_msg']) && $this->fromAddress)
140 ? trim($valueList['auto_respond_msg'])
141 : '';
142
143 if ($this->autoRespondMessage !== '') {
144 // Check if the value of the auto responder message has been modified with evil intentions
145 $autoRespondChecksum = $valueList['auto_respond_checksum'];
146 $correctHmacChecksum = t3lib_div::hmac($this->autoRespondMessage);
147 if ($autoRespondChecksum !== $correctHmacChecksum) {
148 t3lib_div::sysLog('Possible misuse of t3lib_formmail auto respond method. Subject: ' . $valueList['subject'],
149 'Core',
150 3);
151 return;
152 } else {
153 $this->autoRespondMessage = $this->sanitizeHeaderString($this->autoRespondMessage);
154 }
155 }
156
157 $plainTextContent = '';
158 $htmlContent = '<table border="0" cellpadding="2" cellspacing="2">';
159
160 // Runs through $V and generates the mail
161 if (is_array($valueList)) {
162 foreach ($valueList as $key => $val) {
163 if (!t3lib_div::inList($this->reserved_names, $key)) {
164 $space = (strlen($val) > 60) ? LF : '';
165 $val = (is_array($val) ? implode($val, LF) : $val);
166
167 // convert form data from renderCharset to mail charset (HTML may use entities)
168 $plainTextValue = $val;
169 $HtmlValue = htmlspecialchars($val);
170
171 $plainTextContent .= strtoupper($key) . ': ' . $space . $plainTextValue . LF . $space;
172 $htmlContent .= '<tr><td bgcolor="#eeeeee"><font face="Verdana" size="1"><strong>' . strtoupper($key)
173 . '</strong></font></td><td bgcolor="#eeeeee"><font face="Verdana" size="1">' . nl2br($HtmlValue)
174 . '&nbsp;</font></td></tr>';
175 }
176 }
177 }
178 $htmlContent .= '</table>';
179
180 $this->plainContent = $plainTextContent;
181
182 if ($valueList['html_enabled']) {
183 $this->mailMessage->setBody($htmlContent, 'text/html', $this->characterSet);
184 $this->mailMessage->addPart($plainTextContent, 'text/plain', $this->characterSet);
185 } else {
186 $this->mailMessage->setBody($plainTextContent, 'text/plain', $this->characterSet);
187 }
188
189 for ($a = 0; $a < 10; $a++) {
190 $variableName = 'attachment' . (($a) ? $a : '');
191 if (!isset($_FILES[$variableName])) {
192 continue;
193 }
194 if (!is_uploaded_file($_FILES[$variableName]['tmp_name'])) {
195 t3lib_div::sysLog('Possible abuse of t3lib_formmail: temporary file "' . $_FILES[$variableName]['tmp_name']
196 . '" ("' . $_FILES[$variableName]['name'] . '") was not an uploaded file.', 'Core', 3);
197 }
198 if ($_FILES[$variableName]['tmp_name']['error'] !== UPLOAD_ERR_OK) {
199 t3lib_div::sysLog('Error in uploaded file in t3lib_formmail: temporary file "'
200 . $_FILES[$variableName]['tmp_name'] . '" ("' . $_FILES[$variableName]['name'] . '") Error code: '
201 . $_FILES[$variableName]['tmp_name']['error'], 'Core', 3);
202 }
203 $theFile = t3lib_div::upload_to_tempfile($_FILES[$variableName]['tmp_name']);
204 $theName = $_FILES[$variableName]['name'];
205
206 if ($theFile && file_exists($theFile)) {
207 if (filesize($theFile) < $GLOBALS['TYPO3_CONF_VARS']['FE']['formmailMaxAttachmentSize']) {
208 $this->mailMessage->attach(Swift_Attachment::fromPath($theFile)->setFilename($theName));
209 }
210 }
211 $this->temporaryFiles[] = $theFile;
212 }
213
214 $from = $this->fromName ? array($this->fromAddress => $this->fromName) : array($this->fromAddress);
215 $this->recipient = $this->parseAddresses($valueList['recipient']);
216 $this->mailMessage->setSubject($this->subject)
217 ->setFrom($from)
218 ->setTo($this->recipient)
219 ->setPriority($this->priority);
220 $replyTo = $this->replyToName ? array($this->replyToAddress => $this->replyToName) : array($this->replyToAddress);
221 $this->mailMessage->setReplyTo($replyTo);
222 $this->mailMessage->getHeaders()->addTextHeader('Organization', $this->organisation);
223 if ($valueList['recipient_copy']) {
224 $this->mailMessage->setCc($this->parseAddresses($valueList['recipient_copy']));
225 }
226 $this->mailMessage->setCharset($this->characterSet);
227
228 // Ignore target encoding. This is handled automatically by Swift Mailer and overriding the defaults
229 // is not worth the trouble
230
231 // log dirty header lines
232 if ($this->dirtyHeaders) {
233 t3lib_div::sysLog('Possible misuse of t3lib_formmail: see TYPO3 devLog', 'Core', 3);
234 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['enable_DLOG']) {
235 t3lib_div::devLog('t3lib_formmail: ' . t3lib_div::arrayToLogString($this->dirtyHeaders, '', 200), 'Core', 3);
236 }
237 }
238 }
239 }
240
241 /**
242 * Checks string for suspicious characters
243 *
244 * @param string String to check
245 * @return string Valid or empty string
246 */
247 protected function sanitizeHeaderString($string) {
248 $pattern = '/[\r\n\f\e]/';
249 if (preg_match($pattern, $string) > 0) {
250 $this->dirtyHeaders[] = $string;
251 $string = '';
252 }
253 return $string;
254 }
255
256 /**
257 * Parses mailbox headers and turns them into an array.
258 *
259 * Mailbox headers are a comma separated list of 'name <email@example.org' combinations or plain email addresses (or a mix
260 * of these).
261 * The resulting array has key-value pairs where the key is either a number (no display name in the mailbox header) and the
262 * value is the email address, or the key is the email address and the value is the display name.
263 *
264 * @param string $rawAddresses Comma separated list of email addresses (optionally with display name)
265 * @return array Parsed list of addresses.
266 */
267 protected function parseAddresses($rawAddresses = '') {
268 /** @var $addressParser t3lib_mail_Rfc822AddressesParser */
269 $addressParser = t3lib_div::makeInstance('t3lib_mail_Rfc822AddressesParser', $rawAddresses);
270 $addresses = $addressParser->parseAddressList();
271 $addressList = array();
272 foreach ($addresses as $address) {
273 if ($address->personal) {
274 // item with name found ( name <email@example.org> )
275 $addressList[$address->mailbox . '@' . $address->host] = $address->personal;
276 } else {
277 // item without name found ( email@example.org )
278 $addressList[] = $address->mailbox . '@' . $address->host;
279 }
280 }
281 return $addressList;
282 }
283
284 /**
285 * Sends the actual mail and handles autorespond message
286 *
287 * @return boolean
288 */
289 public function sendTheMail() {
290
291 // Sending the mail requires the recipient and message to be set.
292 if (!$this->mailMessage->getTo() || !trim($this->mailMessage->getBody())) {
293 return FALSE;
294 }
295
296 $this->mailMessage->send();
297
298 // Auto response
299 if ($this->autoRespondMessage) {
300 $theParts = explode('/', $this->autoRespondMessage, 2);
301 $theParts[0] = str_replace('###SUBJECT###', $this->subject, $theParts[0]);
302 $theParts[1] = str_replace("/", LF, $theParts[1]);
303 $theParts[1] = str_replace("###MESSAGE###", $this->plainContent, $theParts[1]);
304
305 /** @var $autoRespondMail t3lib_mail_Message */
306 $autoRespondMail = t3lib_div::makeInstance('t3lib_mail_Message');
307 $autoRespondMail->setTo($this->fromAddress)
308 ->setSubject($theParts[0])
309 ->setFrom($this->recipient)
310 ->setBody($theParts[1]);
311 $autoRespondMail->send();
312 }
313 return $this->mailMessage->isSent();
314 }
315
316 /**
317 * Do some cleanup at the end (deleting attachment files)
318 */
319 public function __destruct() {
320 foreach ($this->temporaryFiles as $file) {
321 if (t3lib_div::isAllowedAbsPath($file) && t3lib_div::isFirstPartOfStr($file, PATH_site . 'typo3temp/upload_temp_')) {
322 t3lib_div::unlink_tempfile($file);
323 }
324 }
325 }
326 }
327
328
329 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_formmail.php'])) {
330 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/class.t3lib_formmail.php']);
331 }
332
333 ?>