Skip to content

Commit

Permalink
fix: handle exception if admin user has no email address, closes #2172
Browse files Browse the repository at this point in the history
  • Loading branch information
@thorsten
thorsten committed Jul 1, 2022
1 parent 5c19075 commit e59ded5
Show file tree
Hide file tree
Showing 3 changed files with 75 additions and 79 deletions.
28 changes: 18 additions & 10 deletions phpmyfaq/admin/record.add.php
View file
Expand Up @@ -21,6 +21,7 @@
use phpMyFAQ\Category\CategoryPermission;
use phpMyFAQ\Category\CategoryRelation;
use phpMyFAQ\Changelog;
use phpMyFAQ\Core\Exception;
use phpMyFAQ\Faq\FaqPermission;
use phpMyFAQ\Filter;
use phpMyFAQ\Helper\CategoryHelper;
Expand Down Expand Up @@ -200,19 +201,26 @@
$oLink = new Link($url, $faqConfig);

// notify the user who added the question
$notifyEmail = Filter::filterInput(INPUT_POST, 'notifyEmail', FILTER_SANITIZE_EMAIL);
$notifyUser = Filter::filterInput(INPUT_POST, 'notifyUser', FILTER_UNSAFE_RAW);

$notification->sendOpenQuestionAnswered($notifyEmail, $notifyUser, $oLink->toString());
try {
$notifyEmail = Filter::filterInput(INPUT_POST, 'notifyEmail', FILTER_SANITIZE_EMAIL);
$notifyUser = Filter::filterInput(INPUT_POST, 'notifyUser', FILTER_UNSAFE_RAW);
$notification->sendOpenQuestionAnswered($notifyEmail, $notifyUser, $oLink->toString());
} catch (Exception $e) {
printf('<p class="alert alert-warning">%s</p>', $e->getMessage());
}
}

// Let the admin and the category owners to be informed by email of this new entry
$categoryHelper = new CategoryHelper();
$categoryHelper
->setCategory($category)
->setConfiguration($faqConfig);
$moderators = $categoryHelper->getModerators($categories['rubrik']);
$notification->sendNewFaqAdded($moderators, $recordId, $recordLang);
try {
$categoryHelper = new CategoryHelper();
$categoryHelper
->setCategory($category)
->setConfiguration($faqConfig);
$moderators = $categoryHelper->getModerators($categories['rubrik']);
$notification->sendNewFaqAdded($moderators, $recordId, $recordLang);
} catch (Exception $e) {
printf('<p class="alert alert-warning">%s</p>', $e->getMessage());
}

// Call Link Verification
LinkVerifierHelper::linkOndemandJavascript($recordId, $recordData['lang']);
Expand Down
115 changes: 50 additions & 65 deletions phpmyfaq/src/phpMyFAQ/Mail.php
View file
Expand Up @@ -35,7 +35,7 @@ class Mail
*
* @var string
*/
public $agent;
public string $agent;

/**
* Attached filed.
Expand All @@ -49,50 +49,50 @@ class Mail
*
* @var string
*/
public $body = '';
public string $body = '';

/**
* Boundary.
*
* @var string
*/
public $boundary = '----------';
public string $boundary = '----------';

/**
* Charset.
*
* @var string
*/
public $charset = 'utf-8';
public string $charset = 'utf-8';

/**
* Content disposition.
*
* @var string
*/
public $contentDisposition = 'inline';
public string $contentDisposition = 'inline';

/**
* Content type.
*
* @var string
*/
public $contentType = 'text/plain';
public string $contentType = 'text/plain';

/**
* Content transfer encoding.
*
* @var string
*/
public $contentTransferEncoding = '8bit';
public string $contentTransferEncoding = '8bit';

/**
* The one and only valid End Of Line sequence as per RFC 2822:
* carriage-return followed by line-feed.
*
* @var string
*/
public $eol = "\r\n";
public string $eol = "\r\n";

/**
* Array of headers of the e-mail
Expand All @@ -106,21 +106,21 @@ class Mail
*
* @var string
*/
public $message;
public string $message;

/**
* Alternate message of the e-mail: only plain text allowed.
*
* @var string
*/
public $messageAlt;
public string $messageAlt;

/**
* Message-ID of the e-mail.
*
* @var string
*/
public $messageId;
public string $messageId;

/**
* Priorities: 1 (Highest), 2 (High), 3 (Normal), 4 (Low), 5 (Lowest).
Expand All @@ -142,14 +142,14 @@ class Mail
*
* @see priorities
*/
public $priority;
public int $priority;

/**
* Subject of the e-mail.
*
* @var string
*/
public $subject;
public string $subject;

/**
* Recipients of the e-mail as <BCC>.
Expand Down Expand Up @@ -177,7 +177,7 @@ class Mail
*
* @var string
*/
private $mailer;
private string $mailer;

/**
* Recipient of the optional notification.
Expand Down Expand Up @@ -217,7 +217,7 @@ class Mail
/**
* @var Configuration
*/
private $config;
private Configuration $config;

/*
* Default constructor.
Expand Down Expand Up @@ -293,11 +293,11 @@ public static function getServerName(): string
* Set the "From" address.
*
* @param string $address User e-mail address.
* @param string|null $name User name (optional).
* @param string|null $name Username (optional).
* @return bool True if successful, false otherwise.
* @throws Exception
*/
public function setFrom(string $address, $name = null): bool
public function setFrom(string $address, string $name = null): bool
{
return $this->setEmailTo($this->from, 'From', $address, $name);
}
Expand All @@ -308,11 +308,11 @@ public function setFrom(string $address, $name = null): bool
* @param array<string> $target Target array.
* @param string $targetAlias Alias Target alias.
* @param string $address User e-mail address.
* @param string|null $name User name (optional).
* @param string|null $name Username (optional).
* @return bool True if successful, false otherwise.
* @throws Exception
*/
private function setEmailTo(array &$target, string $targetAlias, string $address, $name = null): bool
private function setEmailTo(array &$target, string $targetAlias, string $address, string $name = null): bool
{
// Check for the permitted number of items into the $target array
if (count($target) > 2) {
Expand Down Expand Up @@ -341,7 +341,7 @@ private function addEmailTo(array &$target, string $targetAlias, string $address
{
// Sanity check
if (!self::validateEmail($address)) {
throw new Exception('<strong>Mail Class</strong>: ' . $address . ' is not a valid e-mail address!');
throw new Exception('"' . $address . '" is not a valid email address!');
}

// Don't allow duplicated addresses
Expand Down Expand Up @@ -401,19 +401,19 @@ public static function validateEmail(string $address): bool
/**
* Add an attachment.
*
* @param string $path File path.
* @param string|null $name File name. Defaults to the basename.
* @param string $mimetype File MIME type. Defaults to 'application/octet-stream'.
* @param string $disposition Attachment disposition. Defaults to 'attachment'.
* @param string $cid Content ID, required when disposition is 'inline'. Defaults to ''.
* @param string $path File path.
* @param string|null $name File name. Defaults to the basename.
* @param string $mimetype File MIME type. Defaults to 'application/octet-stream'.
* @param string $disposition Attachment disposition. Defaults to 'attachment'.
* @param string $cid Content ID, required when disposition is 'inline'. Defaults to ''.
* @return bool True if successful, false otherwise.
*/
public function addAttachment(
string $path,
$name = null,
$mimetype = 'application/octet-stream',
$disposition = 'attachment',
$cid = ''
string $name = null,
string $mimetype = 'application/octet-stream',
string $disposition = 'attachment',
string $cid = ''
): bool {
if (!file_exists($path)) {
// File not found
Expand Down Expand Up @@ -441,57 +441,44 @@ public function addAttachment(
/**
* Add a recipient as <BCC>.
*
* @param string $address User e-mail address.
* @param string|null $name User name (optional).
* @param string $address User e-mail address.
* @param string|null $name Username (optional).
* @return bool True if successful, false otherwise.
* @throws Exception
*/
public function addBcc(string $address, $name = null): bool
public function addBcc(string $address, string $name = null): bool
{
return $this->addEmailTo($this->bcc, 'Bcc', $address, $name);
}

/**
* Add a recipient as <CC>.
*
* @param string $address User e-mail address.
* @param string|null $name User name (optional).
* @param string $address User e-mail address.
* @param string|null $name Username (optional).
* @return bool True if successful, false otherwise.
* @throws Exception
*/
public function addCc(string $address, $name = null): bool
public function addCc(string $address, string $name = null): bool
{
return $this->addEmailTo($this->cc, 'Cc', $address, $name);
}

/**
* Add an address to send a notification to.
*
* @param string $address User e-mail address.
* @param string|null $name User name (optional).
* @return bool True if successful, false otherwise.
* @throws Exception
*/
public function addNotificationTo(string $address, $name = null): bool
{
return $this->addEmailTo($this->notifyTo, 'Disposition-Notification-To', $address, $name);
}

/**
* Add a recipient as <TO>.
*
* @param string $address User e-mail address.
* @param string|null $name User name (optional).
* @param string $address User e-mail address.
* @param string|null $name Username (optional).
* @return bool True if successful, false otherwise.
* @throws Exception
*/
public function addTo(string $address, $name = null): bool
public function addTo(string $address, string $name = null): bool
{
return $this->addEmailTo($this->to, 'To', $address, $name);
}

/**
* Send the email according with the current settings.
* Send the email according to the current settings.
*
* @return int
* @throws Exception
Expand Down Expand Up @@ -674,7 +661,7 @@ private function createHeaders(): void
}

/**
* Returns the date according with RFC 2822.
* Returns the date according to RFC 2822.
*
* @static
*
Expand Down Expand Up @@ -801,7 +788,7 @@ private function createBody(): void
* @param bool $cut Cutting a word is allowed. Defaults to false.
* @return string The given message, wrapped as requested.
*/
public function wrapLines(string $message, $width = 72, $cut = false): string
public function wrapLines(string $message, int $width = 72, bool $cut = false): string
{
$message = $this->fixEOL($message);

Expand All @@ -817,7 +804,7 @@ public function wrapLines(string $message, $width = 72, $cut = false): string

/**
* Returns the given text being sure that any CR or LF has been fixed
* according with RFC 2822 EOL setting.
* according to RFC 2822 EOL setting.
*
* @param string $text Text with a mixed usage of CR, LF, CRLF.
* @return string The fixed text.
Expand All @@ -836,9 +823,7 @@ public function fixEOL(string $text): string
$text
);
// Set any LF to the RFC 2822 EOL
$text = str_replace("\n", $this->eol, $text);

return $text;
return str_replace("\n", $this->eol, $text);
}

/**
Expand All @@ -865,13 +850,13 @@ public static function getMUA(string $mua)
/**
* Set an HTML message providing also a plain text alternative message,
* if not already set using the $messageAlt property.
* Besides it is possible to put resources as inline attachments.
* Besides, it is possible to put resources as inline attachments.
*
* @param string $message HTML message.
* @param bool $sanitize Strip out potentially unsecured HTML tags. Defaults to false.
* @param bool $inline Add images as inline attachments. Defaults to false.
*/
public function setHTMLMessage(string $message, $sanitize = false, $inline = false): void
public function setHTMLMessage(string $message, bool $sanitize = false, bool $inline = false): void
{
// No Javascript at all
// 1/2. <script blahblahblah>blahblahblah</tag>
Expand Down Expand Up @@ -917,12 +902,12 @@ public function setHTMLMessage(string $message, $sanitize = false, $inline = fal
/**
* Set the "Reply-to" address.
*
* @param string $address User e-mail address.
* @param string|null $name User name (optional).
* @param string $address User e-mail address.
* @param string|null $name Username (optional).
* @return bool True if successful, false otherwise.
* @throws Exception
*/
public function setReplyTo(string $address, $name = null): bool
public function setReplyTo(string $address, string $name = null): bool
{
return $this->setEmailTo($this->replyTo, 'Reply-To', $address, $name);
}
Expand All @@ -943,7 +928,7 @@ public function setReturnPath(string $address): bool
* Set the "Sender" address.
*
* @param string $address User e-mail address.
* @param null $name User name (optional).
* @param null $name Username (optional).
* @return bool True if successful, false otherwise.
* @throws Exception
*/
Expand All @@ -967,7 +952,7 @@ public function unsetFrom(): bool
/**
* If the email spam protection has been activated from the general
* phpMyFAQ configuration this method converts an email address e.g.
* from "user@example.org" to "user_AT_example_DOT_org". Otherwise
* from "user@example.org" to "user_AT_example_DOT_org". Otherwise,
* it will return the plain email address.
*
* @param string $email E-mail address
Expand Down

0 comments on commit e59ded5

Please sign in to comment.