Commit 835c6c90 authored by arildb's avatar arildb

[NEW] MailIn resolve inline images in html email.

Have tried to test several email clients. Most seem to have a slightly different scheme storing the attachment/email info.
Have adjusted the cases I found.
[MOD] MailIn HTML mail now creates wiki pages in HTML format
[FIX] Mailin logs the correct user
[SEC] Mailin checks the user permissions (of the sender). 
Previously the checks would have been for the user currently logged on, triggering the mailin check.
Updated for wiki mailIns, but not for article mailIns.
Note that senders email address can be spoofed. So, there is no real security in mailIn
[FIX] Mailin account "attachments" setting is checked.
parent 616c5724
......@@ -2086,6 +2086,7 @@ installer/schema/20130419_newsletters_clippings_tiki.sql -text
installer/schema/20130513_convert_tracker_field_parameters_tiki.php -text
installer/schema/20130530_category_log_tiki.sql -text
installer/schema/20130530_tracker_modification_log_tiki.sql -text
installer/schema/20130605_mailin_show_inline_tiki.sql -text
installer/schema/999999991_decode_pages_sources_tiki.php -text
installer/schema/99999999_image_plugins_kill_tiki.php -text
installer/schema/index.php -text
......
......@@ -1251,6 +1251,7 @@ CREATE TABLE `tiki_mailin_accounts` (
`article_topicId` int(4) default NULL,
`article_type` varchar(50) default NULL,
`discard_after` varchar(255) default NULL,
`show_inlineImages` char(1) NULL,
PRIMARY KEY (`accountId`)
) ENGINE=MyISAM AUTO_INCREMENT=1 ;
......
alter table tiki_mailin_accounts add column (show_inlineImages char(1));
\ No newline at end of file
......@@ -104,19 +104,20 @@ class MailinLib extends TikiLib
* @param null $article_topicId
* @param null $article_type
* @param null $discard_after
* @return bool
*/
function replace_mailin_account($accountId, $account, $pop, $port, $username, $pass, $smtp, $useAuth, $smtpPort, $type, $active, $anonymous, $attachments, $article_topicId = NULL, $article_type = NULL, $discard_after=NULL)
* @param null $show_inlineImages
* @return bool
*/
function replace_mailin_account($accountId, $account, $pop, $port, $username, $pass, $smtp, $useAuth, $smtpPort, $type, $active, $anonymous, $attachments, $article_topicId = NULL, $article_type = NULL, $discard_after=NULL, $show_inlineImages='n')
{
if ($accountId) {
$bindvars = array($account,$pop,(int)$port,(int)$smtpPort,$username,$pass,$smtp,$useAuth,$type,$active,$anonymous,$attachments,(int)$article_topicId,$article_type,$discard_after,(int)$accountId);
$query = "update `tiki_mailin_accounts` set `account`=?, `pop`=?, `port`=?, `smtpPort`=?, `username`=?, `pass`=?, `smtp`=?, `useAuth`=?, `type`=?, `active`=?, `anonymous`=?, `attachments`=?, `article_topicId`=?, `article_type`=? , `discard_after`=? where `accountId`=?";
$bindvars = array($account,$pop,(int)$port,(int)$smtpPort,$username,$pass,$smtp,$useAuth,$type,$active,$anonymous,$attachments,(int)$article_topicId,$article_type,$discard_after,$show_inlineImages, (int)$accountId);
$query = "update `tiki_mailin_accounts` set `account`=?, `pop`=?, `port`=?, `smtpPort`=?, `username`=?, `pass`=?, `smtp`=?, `useAuth`=?, `type`=?, `active`=?, `anonymous`=?, `attachments`=?, `article_topicId`=?, `article_type`=? , `discard_after`=?, `show_inlineImages`=? where `accountId`=?";
$result = $this->query($query, $bindvars);
} else {
$bindvars = array($account,$pop,(int)$port,(int)$smtpPort,$username,$pass,$smtp,$useAuth,$type,$active,$anonymous,$attachments,(int)$article_topicId,$article_type);
$query = "delete from `tiki_mailin_accounts` where `account`=? and `pop`=? and `port`=? and `smtpPort`=? and `username`=? and `pass`=? and `smtp`=? and `useAuth`=? and `type`=? and `active`=? and `anonymous`=? and `attachments`=? and `article_topicId`=?, `article_type`=?";
$bindvars = array($account,$pop,(int)$port,(int)$smtpPort,$username,$pass,$smtp,$useAuth,$type,$active,$anonymous,$attachments,(int)$article_topicId,$article_type, $show_inlineImages);
$query = "delete from `tiki_mailin_accounts` where `account`=? and `pop`=? and `port`=? and `smtpPort`=? and `username`=? and `pass`=? and `smtp`=? and `useAuth`=? and `type`=? and `active`=? and `anonymous`=? and `attachments`=? and `article_topicId`=?, `article_type`=?, `show_inlineImages`=?";
$result = $this->query($query, $bindvars, -1, -1, false);
$query = "insert into `tiki_mailin_accounts`(`account`,`pop`,`port`,`smtpPort`,`username`,`pass`,`smtp`,`useAuth`,`type`,`active`,`anonymous`,`attachments`,`article_topicId`,`article_type`) values(?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
$query = "insert into `tiki_mailin_accounts`(`account`,`pop`,`port`,`smtpPort`,`username`,`pass`,`smtp`,`useAuth`,`type`,`active`,`anonymous`,`attachments`,`article_topicId`,`article_type`) values(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
$result = $this->query($query, $bindvars);
}
return true;
......
......@@ -4471,7 +4471,7 @@ class TikiLib extends TikiDb_Bridge
// Update the log
if (strtolower($name) != 'sandbox') {
$logslib = TikiLib::lib('logs');
$logslib->add_action("Created", $name, 'wiki page', 'add='.strlen($data), '', '', '', '', $hash['contributions'], $hash2);
$logslib->add_action("Created", $name, 'wiki page', 'add='.strlen($data), $user, '', '', '', $hash['contributions'], $hash2);
//get_strings tra("Created");
// Deal with mail notifications.
......@@ -4513,8 +4513,8 @@ class TikiLib extends TikiDb_Bridge
if ($prefs['feature_wysiwyg'] == 'y' && $prefs['wysiwyg_htmltowiki'] != 'y') {
$wikilib = TikiLib::lib('wiki');
$temppage = md5($this->now . $name);
$wikilib->wiki_rename_page($name, $temppage, false);
$wikilib->wiki_rename_page($temppage, $name, false);
$wikilib->wiki_rename_page($name, $temppage, false, $user);
$wikilib->wiki_rename_page($temppage, $name, false, $user);
}
return true;
......@@ -6328,7 +6328,7 @@ JS;
* @param $old
* @param $new
*/
protected function rename_object( $type, $old, $new )
protected function rename_object( $type, $old, $new, $user = '' )
{
global $prefs;
......@@ -6360,7 +6360,7 @@ JS;
// Logs
if ($prefs['feature_actionlog'] == 'y') {
$logslib = TikiLib::lib('logs');
$logslib->add_action('Renamed', $new, 'wiki page', 'old='.$old.'&new='.$new, '', '', '', '', '', array(array('rename'=>$old)));
$logslib->add_action('Renamed', $new, 'wiki page', 'old='.$old.'&new='.$new, $user, '', '', '', '', array(array('rename'=>$old)));
$logslib->rename($type, $old, $new);
}
......
......@@ -540,7 +540,7 @@ class WikiLib extends TikiLib
$query = 'select `attId` from `tiki_wiki_attachments` where `page`=? and `filename`=? and `created`=? and `user`=?';
$attId = $this->getOne($query, array($page, $name, $now, $user));
}
$logslib->add_action('Created', $attId, 'wiki page attachment');
$logslib->add_action('Created', $attId, 'wiki page attachment', '', $user);
}
}
......
......@@ -124,6 +124,15 @@
<input type="radio" name="attachments" {if $info.attachments eq 'n'}checked="checked"{/if} value="n">
</td>
</tr>
<tr>
<td>{tr}Show inline images{/tr}</td>
<td colspan="3">
{tr}Yes{/tr}
<input type="radio" name="show_inlineImages" {if $info.show_inlineImages eq 'y'}checked="checked"{/if} value="y">
{tr}No{/tr}
<input type="radio" name="show_inlineImages" {if $info.show_inlineImages eq 'n' || $info.show_inlineImages eq '' }checked="checked"{/if} value="n">
</td>
</tr>
<tr>
<td>{tr}Discard to the end from{/tr}</td>
<td colspan="3">
......
......@@ -40,11 +40,12 @@ if (!isset($_REQUEST['accountId'])) $_REQUEST['accountId'] = 0;
$smarty->assign('accountId', $_REQUEST['accountId']);
if (isset($_REQUEST['new_acc'])) {
check_ticket('admin-mailin');
if (!account_ok($_REQUEST['pop'], $_REQUEST['username'], $_REQUEST['pass'])) $tikifeedback[] = array(
'num' => 1,
'mes' => sprintf(tra('Mail-in account %s incorrect'), $_REQUEST['account'])
);
else {
if (!account_ok($_REQUEST['pop'], $_REQUEST['username'], $_REQUEST['pass'])) {
$tikifeedback[] = array(
'num' => 1,
'mes' => sprintf(tra('Mail-in account %s incorrect'), $_REQUEST['account'])
);
} else {
$mailinlib->replace_mailin_account(
$_REQUEST['accountId'],
$_REQUEST['account'],
......@@ -61,7 +62,8 @@ if (isset($_REQUEST['new_acc'])) {
$_REQUEST['attachments'],
$_REQUEST['article_topicId'],
$_REQUEST['article_type'],
$_REQUEST['discard_after']
$_REQUEST['discard_after'],
$_REQUEST['show_inlineImages']
);
$tikifeedback[] = array(
......@@ -96,6 +98,7 @@ if ($_REQUEST['accountId']) {
$info['attachments'] = 'n';
$info['article_topicId'] = '';
$info['article_type'] = '';
$info['show_inlineImages'] = 'n';
}
$smarty->assign('info', $info);
......
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment