send unverified private mail using zrl

2024-11-05 05:51:53 +01:00 · 2012-04-01 00:59:35 -07:00 · 2012-04-01 00:59:35 -07:00 · 5c2fdc795f
parent ea10bba147
commit 5c2fdc795f
10 changed files with 387 additions and 6 deletions
--- a/boot.php
+++ b/boot.php
@ -984,6 +984,12 @@ function profile_sidebar($profile, $block = 0) {
 	if((remote_user()) && ($_SESSION['visitor_visiting'] == $profile['uid']))
 		$connect = False; 

+	if(get_my_url() && $profile['unkmail'])
+		$wallmessage = t('Message');
+	else
+		$wallmessage = false;
+
+

 	// show edit profile to yourself
 	if ($profile['uid'] == local_user()) {
@ -1066,6 +1072,7 @@ function profile_sidebar($profile, $block = 0) {
 	$o .= replace_macros($tpl, array(
 		'$profile' => $profile,
 		'$connect'  => $connect,		
+		'$wallmessage' => $wallmessage,
 		'$location' => template_escape($location),
 		'$gender'   => $gender,
 		'$pdesc'	=> $pdesc,
--- a/include/message.php
+++ b/include/message.php
@ -1,4 +1,5 @@
 <?php
+
 	// send a private message
 	

@ -155,3 +156,87 @@ function send_message($recipient=0, $body='', $subject='', $replyto=''){
 	}

 }
+
+
+
+
+
+function send_wallmessage($recipient='', $body='', $subject='', $replyto=''){ 
+
+	$a = get_app();
+
+	if(! $recipient) return -1;
+	
+	if(! strlen($subject))
+		$subject = t('[no subject]');
+
+	$hash = random_string();
+ 	$uri = 'urn:X-dfrn:' . $a->get_baseurl() . ':' . local_user() . ':' . $hash ;
+
+	$convid = 0;
+	$reply = false;
+
+	require_once('include/Scrape.php');
+
+	$me = probe_url($replyto);
+
+	if(! $me['name'])
+		return -2;
+
+	$conv_guid = get_guid();
+
+	$recip_handle = $recipient['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
+
+	$sender_nick = basename($replyto);
+	$sender_host = substr($replyto,strpos($replyto,'://')+3);
+	$sender_host = substr($sender_host,0,strpos($sender_host,'/'));
+	$sender_handle = $sender_nick . '@' . $sender_host;
+
+	$handles = $recip_handle . ';' . $sender_handle;
+
+	$r = q("insert into conv (uid,guid,creator,created,updated,subject,recips) values(%d, '%s', '%s', '%s', '%s', '%s', '%s') ",
+		intval(local_user()),
+		dbesc($conv_guid),
+		dbesc($sender_handle),
+		dbesc(datetime_convert()),
+		dbesc(datetime_convert()),
+		dbesc($subject),
+		dbesc($handles)
+	);
+
+	$r = q("select * from conv where guid = '%s' and uid = %d limit 1",
+		dbesc($conv_guid),
+		intval($recipient['uid'])
+	);
+	if(count($r))
+		$convid = $r[0]['id'];
+
+	if(! $convid) {
+		logger('send message: conversation not found.');
+		return -4;
+	}
+
+	$r = q("INSERT INTO `mail` ( `uid`, `guid`, `convid`, `from-name`, `from-photo`, `from-url`, 
+		`contact-id`, `title`, `body`, `seen`, `reply`, `replied`, `uri`, `parent-uri`, `created`, `unknown`)
+		VALUES ( %d, '%s', %d, '%s', '%s', '%s', %d, '%s', '%s', %d, %d, %d, '%s', '%s', '%s', %d )",
+		intval($recipient['uid']),
+		dbesc(get_guid()),
+		intval($convid),
+		dbesc($me['name']),
+		dbesc($me['photo']),
+		dbesc($me['url']),
+		0,
+		dbesc($subject),
+		dbesc($body),
+		0,
+		0,
+		0,
+		dbesc($uri),
+		dbesc($replyto),
+		datetime_convert(),
+		1
+	);
+
+	return 0;
+
+}
--- a/mod/message.php
+++ b/mod/message.php
@ -223,9 +223,13 @@ function message_content(&$a) {

 		$tpl = get_markup_template('mail_list.tpl');
 		foreach($r as $rr) {
-			if (link_compare($rr['from-url'],$myprofile)){
+			if($rr['unknown']) {
+				$partecipants = sprintf( t("Unknown sender - %s"),$rr['from-name']);
+			}
+			elseif (link_compare($rr['from-url'],$myprofile)){
 				$partecipants = sprintf( t("You and %s"), $rr['name']);
-			} else {
+			}
+			else {
 				$partecipants = sprintf( t("%s and You"), $rr['from-name']);
 			}
 			
@ -234,7 +238,7 @@ function message_content(&$a) {
 				'$from_name' => $partecipants,
 				'$from_url' => (($rr['network'] === NETWORK_DFRN) ? $a->get_baseurl(true) . '/redir/' . $rr['contact-id'] : $rr['url']),
 				'$sparkle' => ' sparkle',
-				'$from_photo' => $rr['thumb'],
+				'$from_photo' => (($rr['thumb']) ? $rr['thumb'] : $rr['from-photo']),
 				'$subject' => template_escape((($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>')),
 				'$delete' => t('Delete conversation'),
 				'$body' => template_escape($rr['body']),
@ -297,7 +301,11 @@ function message_content(&$a) {

 		$mails = array();
 		$seen = 0;
+		$unknown = false;
+
 		foreach($messages as $message) {
+			if($message['unknown'])
+				$unknown = true;
 			if($message['from-url'] == $myprofile) {
 				$from_url = $myprofile;
 				$sparkle = '';
@ -323,7 +331,7 @@ function message_content(&$a) {
 		}
 		$select = $message['name'] . '<input type="hidden" name="messageto" value="' . $contact_id . '" />';
 		$parent = '<input type="hidden" name="replyto" value="' . $message['parent-uri'] . '" />';
-		
+			

 		$tpl = get_markup_template('mail_display.tpl');
 		$o = replace_macros($tpl, array(
@ -331,7 +339,8 @@ function message_content(&$a) {
 			'$thread_subject' => $message['title'],
 			'$thread_seen' => $seen,
 			'$delete' =>  t('Delete conversation'),
-			
+			'$canreply' => (($unknown) ? false : '1'),
+			'$unknown_text' => t("No secure communications available. You <strong>may</strong> be able to respond from the sender's profile page."),			
 			'$mails' => $mails,
 			
 			// reply
--- a/mod/settings.php
+++ b/mod/settings.php
@ -876,7 +876,7 @@ function settings_content(&$a) {


 	$unkmail = replace_macros($opt_tpl,array(
-			'$field' 	=> array('unkmail',  t('Permit unknown people to send you private messages?'), $unkmail, '', array(t('No'),t('Yes'))),
+			'$field' 	=> array('unkmail',  t('Permit unknown people to send you private mail?'), $unkmail, '', array(t('No'),t('Yes'))),

 	));

--- a/mod/wallmessage.php
+++ b/mod/wallmessage.php
@ -0,0 +1,149 @@
+<?php
+
+require_once('include/message.php');
+
+function wallmessage_post(&$a) {
+
+	$replyto = get_my_url();
+	if(! $replyto) {
+		notice( t('Permission denied.') . EOL);
+		return;
+	}
+
+	$subject   = ((x($_REQUEST,'subject'))   ? notags(trim($_REQUEST['subject']))   : '');
+	$body      = ((x($_REQUEST,'body'))      ? escape_tags(trim($_REQUEST['body'])) : '');
+
+	$recipient = (($a->argc > 1) ? notags($a->argv[1]) : '');
+	if((! $recipient) || (! $body)) {
+		return;
+	}
+
+	$r = q("select * from user where nickname = '%s' limit 1",
+		dbesc($recipient)
+	);
+
+	if(! count($r)) {
+		logger('wallmessage: no recipient');
+		return;
+	}
+
+	$user = $r[0];
+
+	if(! intval($user['unkmail'])) {
+		notice( t('Permission denied.') . EOL);
+		return;
+	}
+
+	$r = q("select count(*) as total from mail where uid = %d and created > UTC_TIMESTAMP() - INTERVAL 1 day and unknown = 1",
+			intval($user['uid'])
+	);
+
+	if($r[0]['total'] > $user['cntunkmail']) {
+		notice( sprintf( t('Number of daily wall messages for %s exceeded. Message failed.', $user['username'])));
+		return;
+	}
+
+	// Work around doubled linefeeds in Tinymce 3.5b2
+dbg(1);
+	$body = str_replace("\r\n","\n",$body);
+	$body = str_replace("\n\n","\n",$body);
+
+	
+	$ret = send_wallmessage($user, $body, $subject, $replyto);
+
+	switch($ret){
+		case -1:
+			notice( t('No recipient selected.') . EOL );
+			break;
+		case -2:
+			notice( t('Unable to check your home location.') . EOL );
+			break;
+		case -3:
+			notice( t('Message could not be sent.') . EOL );
+			break;
+		case -4:
+			notice( t('Message collection failure.') . EOL );
+			break;
+		default:
+			info( t('Message sent.') . EOL );
+	}
+dbg(0);
+//	goaway($a->get_baseurl() . '/profile/' . $user['nickname']);
+	
+}
+
+
+function wallmessage_content(&$a) {
+
+	if(! get_my_url()) {
+		notice( t('Permission denied.') . EOL);
+		return;
+	}
+
+	$recipient = (($a->argc > 1) ? $a->argv[1] : '');
+
+	if(! $recipient) {
+		notice( t('No recipient.') . EOL);
+		return;
+	}
+
+	$r = q("select * from user where nickname = '%s' limit 1",
+		dbesc($recipient)
+	);
+
+	if(! count($r)) {
+		notice( t('No recipient.') . EOL);
+		logger('wallmessage: no recipient');
+		return;
+	}
+
+	$user = $r[0];
+
+	if(! intval($user['unkmail'])) {
+		notice( t('Permission denied.') . EOL);
+		return;
+	}
+
+	$r = q("select count(*) as total from mail where uid = %d and created > UTC_TIMESTAMP() - INTERVAL 1 day and unknown = 1",
+			intval($user['uid'])
+	);
+
+	if($r[0]['total'] > $user['cntunkmail']) {
+		notice( sprintf( t('Number of daily wall messages for %s exceeded. Message failed.', $user['username'])));
+		return;
+	}
+
+
+
+	$tpl = get_markup_template('wallmsg-header.tpl');
+
+		$a->page['htmlhead'] .= replace_macros($tpl, array(
+			'$baseurl' => $a->get_baseurl(true),
+			'$editselect' => '/(profile-jot-text|prvmail-text)/',
+			'$nickname' => $user['nickname'],
+			'$linkurl' => t('Please enter a link URL:')
+		));
+	
+
+	
+		$tpl = get_markup_template('wallmessage.tpl');
+		$o .= replace_macros($tpl,array(
+			'$header' => t('Send Private Message'),
+			'$subheader' => sprintf( t('If you wish for %s to respond, please check that the privacy settings on your site allow private mail from unknown senders.'), $user['username']),
+			'$to' => t('To:'),
+			'$subject' => t('Subject:'),
+			'$recipname' => $user['username'],
+			'$nickname' => $user['nickname'],
+			'$subjtxt' => ((x($_REQUEST,'subject')) ? strip_tags($_REQUEST['subject']) : ''),
+			'$text' => ((x($_REQUEST,'body')) ? escape_tags(htmlspecialchars($_REQUEST['body'])) : ''),
+			'$readonly' => '',
+			'$yourmessage' => t('Your message:'),
+			'$select' => $select,
+			'$parent' => '',
+			'$upload' => t('Upload photo'),
+			'$insert' => t('Insert web link'),
+			'$wait' => t('Please wait')
+		));
+
+		return $o;
+	}
--- a/view/mail_display.tpl
+++ b/view/mail_display.tpl
@ -3,4 +3,8 @@
 	{{ inc mail_conv.tpl }}{{endinc}}
 {{ endfor }}

+{{ if $canreply }}
 {{ inc prv_message.tpl }}{{ endinc }}
+{{ else }}
+$unknown_text
+{{endif }}
--- a/view/profile_vcard.tpl
+++ b/view/profile_vcard.tpl
@ -38,6 +38,9 @@
 			{{ if $connect }}
 				<li><a id="dfrn-request-link" href="dfrn_request/$profile.nickname">$connect</a></li>
 			{{ endif }}
+			{{ if $wallmessage }}
+				<li><a id="wallmessage-link" href="wallmessage/$profile.nickname">$wallmessage</a></li>
+			{{ endif }}
 		</ul>
 	</div>
 </div>
--- a/view/theme/duepuntozero/style.css
+++ b/view/theme/duepuntozero/style.css
@ -194,6 +194,16 @@ aside {
 	font-weight: bold;
 	background: #3465a4 url('friendika-16.png') no-repeat 95% center;
 }
+#wallmessage-link {
+	display: block;
+	color: #FFFFFF;
+	-webkit-border-radius: 5px ;
+	-moz-border-radius: 5px;
+	border-radius: 5px;
+	padding: 5px;
+	font-weight: bold;
+	background-color: #3465a4;
+}

 /* section */
 section {
--- a/view/wallmessage.tpl
+++ b/view/wallmessage.tpl
@ -0,0 +1,32 @@
+
+<h3>$header</h3>
+
+<h4>$subheader</h4>
+
+<div id="prvmail-wrapper" >
+<form id="prvmail-form" action="wallmessage/$nickname" method="post" >
+
+$parent
+
+<div id="prvmail-to-label">$to</div>
+$recipname
+
+<div id="prvmail-subject-label">$subject</div>
+<input type="text" size="64" maxlength="255" id="prvmail-subject" name="subject" value="$subjtxt" $readonly tabindex="11" />
+
+<div id="prvmail-message-label">$yourmessage</div>
+<textarea rows="8" cols="72" class="prvmail-text" id="prvmail-text" name="body" tabindex="12">$text</textarea>
+
+
+<div id="prvmail-submit-wrapper" >
+	<input type="submit" id="prvmail-submit" name="submit" value="Submit" tabindex="13" />
+	<div id="prvmail-link-wrapper" >
+		<div id="prvmail-link" class="icon border link" title="$insert" onclick="jotGetLink();" ></div>
+	</div> 
+	<div id="prvmail-rotator-wrapper" >
+		<img id="prvmail-rotator" src="images/rotator.gif" alt="$wait" title="$wait" style="display: none;" />
+	</div> 
+</div>
+<div id="prvmail-end"></div>
+</form>
+</div>
--- a/view/wallmsg-header.tpl
+++ b/view/wallmsg-header.tpl
@ -0,0 +1,82 @@
+
+<script language="javascript" type="text/javascript" src="$baseurl/library/tinymce/jscripts/tiny_mce/tiny_mce_src.js"></script>
+<script language="javascript" type="text/javascript">
+
+var plaintext = '$editselect';
+
+if(plaintext != 'none') {
+	tinyMCE.init({
+		theme : "advanced",
+		mode : "specific_textareas",
+		editor_selector: /(profile-jot-text|prvmail-text)/,
+		plugins : "bbcode,paste",
+		theme_advanced_buttons1 : "bold,italic,underline,undo,redo,link,unlink,image,forecolor",
+		theme_advanced_buttons2 : "",
+		theme_advanced_buttons3 : "",
+		theme_advanced_toolbar_location : "top",
+		theme_advanced_toolbar_align : "center",
+		theme_advanced_blockformats : "blockquote,code",
+		gecko_spellcheck : true,
+		paste_text_sticky : true,
+		entity_encoding : "raw",
+		add_unload_trigger : false,
+		remove_linebreaks : false,
+		force_p_newlines : false,
+		force_br_newlines : true,
+		forced_root_block : '',
+		convert_urls: false,
+		content_css: "$baseurl/view/custom_tinymce.css",
+		     //Character count
+		theme_advanced_path : false,
+		setup : function(ed) {
+			ed.onInit.add(function(ed) {
+				ed.pasteAsPlainText = true;
+				var editorId = ed.editorId;
+				var textarea = $('#'+editorId);
+				if (typeof(textarea.attr('tabindex')) != "undefined") {
+					$('#'+editorId+'_ifr').attr('tabindex', textarea.attr('tabindex'));
+					textarea.attr('tabindex', null);
+				}
+			});
+		}
+	});
+}
+else
+	$("#prvmail-text").contact_autocomplete(baseurl+"/acl");
+
+
+</script>
+<script>
+
+	function jotGetLink() {
+		reply = prompt("$linkurl");
+		if(reply && reply.length) {
+			$('#profile-rotator').show();
+			$.get('parse_url?url=' + reply, function(data) {
+				tinyMCE.execCommand('mceInsertRawHTML',false,data);
+				$('#profile-rotator').hide();
+			});
+		}
+	}
+
+	function linkdropper(event) {
+		var linkFound = event.dataTransfer.types.contains("text/uri-list");
+		if(linkFound)
+			event.preventDefault();
+	}
+
+	function linkdrop(event) {
+		var reply = event.dataTransfer.getData("text/uri-list");
+		event.target.textContent = reply;
+		event.preventDefault();
+		if(reply && reply.length) {
+			$('#profile-rotator').show();
+			$.get('parse_url?url=' + reply, function(data) {
+				tinyMCE.execCommand('mceInsertRawHTML',false,data);
+				$('#profile-rotator').hide();
+			});
+		}
+	}
+
+</script>
+