Project

General

Profile

Bug #20330 » workaround.txt

Administrator Admin, 2009-04-21 14:55

 
 /**
* Sends the emails from the formmail content object.
*
* @return void
* @access private
* @see checkDataSubmission()
*/
function sendFormmail() {
$formmail = t3lib_div::makeInstance('t3lib_formmail');

$EMAIL_VARS = t3lib_div::_POST();
$locationData = $EMAIL_VARS['locationData'];
unset($EMAIL_VARS['locationData']);
unset($EMAIL_VARS['formtype_mail'], $EMAIL_VARS['formtype_mail_x'], $EMAIL_VARS['formtype_mail_y']);

$integrityCheck = $this->TYPO3_CONF_VARS['FE']['strictFormmail'];

if (!$this->TYPO3_CONF_VARS['FE']['secureFormmail']) {
// Check recipient field:
$encodedFields = explode(',','recipient,recipient_copy'); // These two fields are the ones which contain recipient addresses that can be misused to send mail from foreign servers.
foreach ($encodedFields as $fieldKey) {
if (strlen($EMAIL_VARS[$fieldKey])) {
if ($res = $this->codeString($EMAIL_VARS[$fieldKey], TRUE)) { // Decode...
$EMAIL_VARS[$fieldKey] = $res; // Set value if OK
} elseif ($integrityCheck) { // Otherwise abort:
$GLOBALS['TT']->setTSlogMessage('"Formmail" discovered a field ('.$fieldKey.') which could not be decoded to a valid string. Sending formmail aborted due to security reasons!',3);
return false;
} else {
$GLOBALS['TT']->setTSlogMessage('"Formmail" discovered a field ('.$fieldKey.') which could not be decoded to a valid string. The security level accepts this, but you should consider a correct coding though!',2);
}
}
}
} else {
$locData = explode(':',$locationData);
$record = $this->sys_page->checkRecord($locData[1],$locData[2],1);
++++ // Versioning preview:
++++ $this->sys_page->versionOL($locData[1], $record);
++++ // Language Overlay:
++++ if (is_array($record) && $this->sys_language_contentOL) {
++++ $record = $this->sys_page->getRecordOverlay($locData[1], $record, $this->sys_language_content, $this->sys_language_contentOL);
++++ }
$EMAIL_VARS['recipient'] = $record['subheader'];
$EMAIL_VARS['recipient_copy'] = $this->extractRecipientCopy($record['bodytext']);
}

// Hook for preprocessing of the content for formmails:
if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['sendFormmail-PreProcClass'])) {
foreach($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/class.tslib_fe.php']['sendFormmail-PreProcClass'] as $_classRef) {
$_procObj = &t3lib_div::getUserObj($_classRef);
$EMAIL_VARS = $_procObj->sendFormmail_preProcessVariables($EMAIL_VARS,$this);
}
}

$formmail->start($EMAIL_VARS);
$formmail->sendtheMail();
$GLOBALS['TT']->setTSlogMessage('"Formmail" invoked, sending mail to '.$EMAIL_VARS['recipient'],0);
}
    (1-1/1)