From 67e142f33197af955e179a1ad09b990ac80b6698 Mon Sep 17 00:00:00 2001 From: plegall Date: Mon, 4 Jan 2016 19:54:40 +0100 Subject: feature #392, add authentication key in NBM mails There are many links in NBM (Notification By Mail, see screen [Administration > Users > Notification]). I had to change several functions to take this authentication key into account. --- .../include/functions_notification_by_mail.inc.php | 14 ++--- admin/notification_by_mail.php | 18 +++++- include/functions_html.inc.php | 16 +++++- include/functions_mail.inc.php | 9 ++- include/functions_notification.inc.php | 67 ++++++++++++++++------ 5 files changed, 91 insertions(+), 33 deletions(-) diff --git a/admin/include/functions_notification_by_mail.inc.php b/admin/include/functions_notification_by_mail.inc.php index 8d0fe2621..7dc113b0f 100644 --- a/admin/include/functions_notification_by_mail.inc.php +++ b/admin/include/functions_notification_by_mail.inc.php @@ -125,12 +125,12 @@ select U.'.$conf['user_fields']['username'].' as username, U.'.$conf['user_fields']['email'].' as mail_address, N.enabled, - N.last_send -from - '.USER_MAIL_NOTIFICATION_TABLE.' as N, - '.USERS_TABLE.' as U -where - N.user_id = U.'.$conf['user_fields']['id']; + N.last_send, + UI.status +from '.USER_MAIL_NOTIFICATION_TABLE.' as N + JOIN '.USERS_TABLE.' as U on N.user_id = U.'.$conf['user_fields']['id'].' + JOIN '.USER_INFOS_TABLE.' as UI on UI.user_id = N.user_id +where 1=1'; if ($action == 'send') { @@ -159,7 +159,7 @@ order by'; else { $query .= ' - username;'; + username'; } $query .= ';'; diff --git a/admin/notification_by_mail.php b/admin/notification_by_mail.php index 38cadff6c..f146ba30f 100644 --- a/admin/notification_by_mail.php +++ b/admin/notification_by_mail.php @@ -289,13 +289,24 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l if ($is_action_send) { + $auth = null; + $add_url_params = array(); + + $auth_key = create_user_auth_key($nbm_user['user_id'], $nbm_user['status']); + + if ($auth_key !== false) + { + $auth = $auth_key['auth_key']; + $add_url_params['auth'] = $auth; + } + set_make_full_url(); // Fill return list of "treated" check_key for 'send' $return_list[] = $nbm_user['check_key']; if ($conf['nbm_send_detailed_content']) { - $news = news($nbm_user['last_send'], $dbnow, false, $conf['nbm_send_html_mail']); + $news = news($nbm_user['last_send'], $dbnow, false, $conf['nbm_send_html_mail'], $auth); $exist_data = count($news) > 0; } else @@ -362,7 +373,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l array ( 'TITLE' => get_title_recent_post_date($date_detail), - 'HTML_DATA' => get_html_description_recent_post_date($date_detail) + 'HTML_DATA' => get_html_description_recent_post_date($date_detail, $auth) ) ); } @@ -373,7 +384,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l array ( 'GOTO_GALLERY_TITLE' => $conf['gallery_title'], - 'GOTO_GALLERY_URL' => get_gallery_home_url(), + 'GOTO_GALLERY_URL' => add_url_params(get_gallery_home_url(), $add_url_params), 'SEND_AS_NAME' => $env_nbm['send_as_name'], ) ); @@ -389,6 +400,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l 'email_format' => $env_nbm['email_format'], 'content' => $env_nbm['mail_template']->parse('notification_by_mail', true), 'content_format' => $env_nbm['email_format'], + 'auth_key' => $auth, ) ); diff --git a/include/functions_html.inc.php b/include/functions_html.inc.php index 8668e68ad..59861c46d 100644 --- a/include/functions_html.inc.php +++ b/include/functions_html.inc.php @@ -103,10 +103,17 @@ function get_cat_display_name($cat_informations, $url='') function get_cat_display_name_cache($uppercats, $url = '', $single_link = false, - $link_class = null) + $link_class = null, + $auth_key=null) { global $cache, $conf; + $add_url_params = array(); + if (isset($auth_key)) + { + $add_url_params['auth'] = $auth_key; + } + if (!isset($cache['cat_names'])) { $query = ' @@ -119,7 +126,7 @@ SELECT id, name, permalink $output = ''; if ($single_link) { - $single_url = get_root_url().$url.array_pop(explode(',', $uppercats)); + $single_url = add_url_params(get_root_url().$url.array_pop(explode(',', $uppercats)), $add_url_params); $output.= ' $cat, ) + ), + $add_url_params ) .'">'.$cat['name'].''; } diff --git a/include/functions_mail.inc.php b/include/functions_mail.inc.php index 529f2da0d..01a65091b 100644 --- a/include/functions_mail.inc.php +++ b/include/functions_mail.inc.php @@ -579,6 +579,7 @@ SELECT * o theme: theme to use [default value $conf_mail['mail_theme']] * o mail_title: main title of the mail [default value $conf['gallery_title']] * o mail_subtitle: subtitle of the mail [default value subject] + * o auth_key: authentication key to add on footer link [default value null] * @param array $tpl - use these options to define a custom content template file * o filename * o dirname (optional) @@ -725,9 +726,15 @@ function pwg_mail($to, $args=array(), $tpl=array()) $template->set_filename('mail_header', 'header.tpl'); $template->set_filename('mail_footer', 'footer.tpl'); + $add_url_params = array(); + if (!empty($args['auth_key'])) + { + $add_url_params['auth'] = $args['auth_key']; + } + $template->assign( array( - 'GALLERY_URL' => get_gallery_home_url(), + 'GALLERY_URL' => add_url_params(get_gallery_home_url(), $add_url_params), 'GALLERY_TITLE' => isset($page['gallery_title']) ? $page['gallery_title'] : $conf['gallery_title'], 'VERSION' => $conf['show_version'] ? PHPWG_VERSION : '', 'PHPWG_URL' => defined('PHPWG_URL') ? PHPWG_URL : '', diff --git a/include/functions_notification.inc.php b/include/functions_notification.inc.php index bc4d1a374..c7bbb66b3 100644 --- a/include/functions_notification.inc.php +++ b/include/functions_notification.inc.php @@ -395,27 +395,45 @@ function add_news_line(&$news, $count, $singular_key, $plural_key, $url='', $add * @param bool $add_url add html link around news * @return array */ -function news($start=null, $end=null, $exclude_img_cats=false, $add_url=false) +function news($start=null, $end=null, $exclude_img_cats=false, $add_url=false, $auth_key=null) { $news = array(); - if (!$exclude_img_cats) + $add_url_params = array(); + if (isset($auth_key)) { - add_news_line( $news, - nb_new_elements($start, $end), '%d new photo', '%d new photos', - make_index_url(array('section'=>'recent_pics')), $add_url ); + $add_url_params['auth'] = $auth_key; } if (!$exclude_img_cats) { - add_news_line( $news, - nb_updated_categories($start, $end), '%d album updated', '%d albums updated', - make_index_url(array('section'=>'recent_cats')), $add_url ); + add_news_line( + $news, + nb_new_elements($start, $end), + '%d new photo', + '%d new photos', + add_url_params(make_index_url(array('section'=>'recent_pics')), $add_url_params), + $add_url + ); + + add_news_line( + $news, + nb_updated_categories($start, $end), + '%d album updated', + '%d albums updated', + add_url_params(make_index_url(array('section'=>'recent_cats')), $add_url_params), + $add_url + ); } - add_news_line( $news, - nb_new_comments($start, $end), '%d new comment', '%d new comments', - get_root_url().'comments.php', $add_url ); + add_news_line( + $news, + nb_new_comments($start, $end), + '%d new comment', + '%d new comments', + add_url_params(get_root_url().'comments.php', $add_url_params), + $add_url + ); if (is_admin()) { @@ -527,17 +545,23 @@ function get_recent_post_dates_array($args) * @param array $date_detail returned value of get_recent_post_dates() * @return string */ -function get_html_description_recent_post_date($date_detail) +function get_html_description_recent_post_date($date_detail, $auth_key=null) { global $conf; + $add_url_params = array(); + if (isset($auth_key)) + { + $add_url_params['auth'] = $auth_key; + } + $description = '