From 5086450f35176f392485ea4739ccf8ebae50e162 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 2 Nov 2014 12:32:38 +0100
Subject: [PATCH] Fix: Forging email content must use dol_concatdesc.
---
htdocs/comm/propal.php | 9 +++---
htdocs/commande/card.php | 9 +++---
htdocs/compta/facture.php | 32 ++++++-------------
htdocs/compta/facture/impayees.php | 9 +++---
htdocs/core/actions_sendmails.inc.php | 11 ++++---
htdocs/core/class/interfaces.class.php | 3 +-
.../core/triggers/dolibarrtriggers.class.php | 3 +-
...terface_50_modAgenda_ActionsAuto.class.php | 2 +-
htdocs/expedition/card.php | 9 +++---
htdocs/fichinter/card.php | 9 +++---
htdocs/fourn/commande/card.php | 9 +++---
htdocs/fourn/facture/card.php | 9 +++---
12 files changed, 56 insertions(+), 58 deletions(-)
diff --git a/htdocs/comm/propal.php b/htdocs/comm/propal.php
index 6281b1f25f4..189f1f9c041 100644
--- a/htdocs/comm/propal.php
+++ b/htdocs/comm/propal.php
@@ -617,11 +617,12 @@ if ($action == 'send' && ! GETPOST('addfile') && ! GETPOST('removedfile') && ! G
else
$subject = $langs->transnoentities('Propal') . ' ' . $object->ref;
$actiontypecode = 'AC_PROP';
- $actionmsg = $langs->transnoentities('MailSentBy') . ' ' . $from . ' ' . $langs->transnoentities('To') . ' ' . $sendto . ".\n";
+ $actionmsg = $langs->transnoentities('MailSentBy') . ' ' . $from . ' ' . $langs->transnoentities('To') . ' ' . $sendto;
if ($message) {
- $actionmsg .= $langs->transnoentities('MailTopic') . ": " . $subject . "\n";
- $actionmsg .= $langs->transnoentities('TextUsedInTheMessageBody') . ":\n";
- $actionmsg .= $message;
+ if ($sendtocc) $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('Bcc') . ": " . $sendtocc);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('MailTopic') . ": " . $subject);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('TextUsedInTheMessageBody') . ":");
+ $actionmsg = dol_concatdesc($actionmsg, $message);
}
$actionmsg2 = $langs->transnoentities('Action' . $actiontypecode);
diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php
index d575c8089f0..792da64a923 100644
--- a/htdocs/commande/card.php
+++ b/htdocs/commande/card.php
@@ -1225,11 +1225,12 @@ if ($action == 'send' && ! GETPOST('addfile') && ! GETPOST('removedfile') && ! G
else
$subject = $langs->transnoentities('Order') . ' ' . $object->ref;
$actiontypecode = 'AC_COM';
- $actionmsg = $langs->transnoentities('MailSentBy') . ' ' . $from . ' ' . $langs->transnoentities('To') . ' ' . $sendto . ".\n";
+ $actionmsg = $langs->transnoentities('MailSentBy') . ' ' . $from . ' ' . $langs->transnoentities('To') . ' ' . $sendto;
if ($message) {
- $actionmsg .= $langs->transnoentities('MailTopic') . ": " . $subject . "\n";
- $actionmsg .= $langs->transnoentities('TextUsedInTheMessageBody') . ":\n";
- $actionmsg .= $message;
+ if ($sendtocc) $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('Bcc') . ": " . $sendtocc);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('MailTopic') . ": " . $subject);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('TextUsedInTheMessageBody') . ":");
+ $actionmsg = dol_concatdesc($actionmsg, $message);
}
$actionmsg2 = $langs->transnoentities('Action' . $actiontypecode);
}
diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php
index 8e618663237..2ba425f5a90 100644
--- a/htdocs/compta/facture.php
+++ b/htdocs/compta/facture.php
@@ -1627,31 +1627,19 @@ if (($action == 'send' || $action == 'relance') && ! $_POST['addfile'] && ! $_PO
$sendtobcc = (empty($conf->global->MAIN_MAIL_AUTOCOPY_INVOICE_TO)?'':$conf->global->MAIN_MAIL_AUTOCOPY_INVOICE_TO);
$deliveryreceipt = $_POST['deliveryreceipt'];
- if ($action == 'send') {
+ if ($action == 'send' || $action == 'relance')
+ {
if (dol_strlen($_POST['subject']))
$subject = $_POST['subject'];
else
$subject = $langs->transnoentities('Bill') . ' ' . $object->ref;
$actiontypecode = 'AC_FAC';
- $actionmsg = $langs->transnoentities('MailSentBy') . ' ' . $from . ' ' . $langs->transnoentities('To') . ' ' . $sendto . ".\n";
- if ($message) {
- $actionmsg .= $langs->transnoentities('MailTopic') . ": " . $subject . "\n";
- $actionmsg .= $langs->transnoentities('TextUsedInTheMessageBody') . ":\n";
- $actionmsg .= $message;
- }
- // $actionmsg2=$langs->transnoentities('Action'.$actiontypecode);
- }
- if ($action == 'relance') {
- if (dol_strlen($_POST['subject']))
- $subject = $_POST['subject'];
- else
- $subject = $langs->transnoentities('Relance facture ' . $object->ref);
- $actiontypecode = 'AC_FAC';
- $actionmsg = $langs->transnoentities('MailSentBy') . ' ' . $from . ' ' . $langs->transnoentities('To') . ' ' . $sendto . ".\n";
+ $actionmsg = $langs->transnoentities('MailSentBy') . ' ' . $from . ' ' . $langs->transnoentities('To') . ' ' . $sendto;
if ($message) {
- $actionmsg .= $langs->transnoentities('MailTopic') . ": " . $subject . "\n";
- $actionmsg .= $langs->transnoentities('TextUsedInTheMessageBody') . ":\n";
- $actionmsg .= $message;
+ if ($sendtocc) $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('Bcc') . ": " . $sendtocc);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('MailTopic') . ": " . $subject);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('TextUsedInTheMessageBody') . ":");
+ $actionmsg = dol_concatdesc($actionmsg, $message);
}
// $actionmsg2=$langs->transnoentities('Action'.$actiontypecode);
}
@@ -1661,9 +1649,9 @@ if (($action == 'send' || $action == 'relance') && ! $_POST['addfile'] && ! $_PO
$formmail = new FormMail($db);
$attachedfiles = $formmail->get_attached_files();
- $filepath = $attachedfiles ['paths'];
- $filename = $attachedfiles ['names'];
- $mimetype = $attachedfiles ['mimes'];
+ $filepath = $attachedfiles['paths'];
+ $filename = $attachedfiles['names'];
+ $mimetype = $attachedfiles['mimes'];
// Send mail
require_once DOL_DOCUMENT_ROOT . '/core/class/CMailFile.class.php';
diff --git a/htdocs/compta/facture/impayees.php b/htdocs/compta/facture/impayees.php
index ea0d896f5d1..320d86f3377 100644
--- a/htdocs/compta/facture/impayees.php
+++ b/htdocs/compta/facture/impayees.php
@@ -136,12 +136,13 @@ if ($action == 'presend' && GETPOST('sendmail'))
$message=make_substitutions($message, $substitutionarray);
$actiontypecode='AC_FAC';
- $actionmsg=$langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto.".\n";
+ $actionmsg=$langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto;
if ($message)
{
- $actionmsg.=$langs->transnoentities('MailTopic').": ".$subject."\n";
- $actionmsg.=$langs->transnoentities('TextUsedInTheMessageBody').":\n";
- $actionmsg.=$message;
+ if ($sendtocc) $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('Bcc') . ": " . $sendtocc);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('MailTopic') . ": " . $subject);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('TextUsedInTheMessageBody') . ":");
+ $actionmsg = dol_concatdesc($actionmsg, $message);
}
// Create form object
diff --git a/htdocs/core/actions_sendmails.inc.php b/htdocs/core/actions_sendmails.inc.php
index 337cf59c9b0..625376ace58 100644
--- a/htdocs/core/actions_sendmails.inc.php
+++ b/htdocs/core/actions_sendmails.inc.php
@@ -126,13 +126,14 @@ if (($action == 'send' || $action == 'relance') && ! $_POST['addfile'] && ! $_PO
if ($action == 'send' || $action == 'relance')
{
if (dol_strlen($_POST['subject'])) $subject = $_POST['subject'];
- $actionmsg2=$langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto.".\n";
+ $actionmsg2=$langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto;
if ($message)
{
- $actionmsg=$langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto.".\n";
- $actionmsg.=$langs->transnoentities('MailTopic').": ".$subject."\n";
- $actionmsg.=$langs->transnoentities('TextUsedInTheMessageBody').":\n";
- $actionmsg.=$message;
+ $actionmsg=$langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto;
+ if ($sendtocc) $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('Bcc') . ": " . $sendtocc);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('MailTopic') . ": " . $subject);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('TextUsedInTheMessageBody') . ":");
+ $actionmsg = dol_concatdesc($actionmsg, $message);
}
}
diff --git a/htdocs/core/class/interfaces.class.php b/htdocs/core/class/interfaces.class.php
index 407893021ef..199c342020d 100644
--- a/htdocs/core/class/interfaces.class.php
+++ b/htdocs/core/class/interfaces.class.php
@@ -31,7 +31,8 @@ require_once DOL_DOCUMENT_ROOT.'/core/triggers/dolibarrtriggers.class.php';
*/
class Interfaces
{
- var $dir; // Directory with all core and external triggers files
+ var $db;
+ var $dir; // Directory with all core and external triggers files
var $errors = array(); // Array for errors
/**
diff --git a/htdocs/core/triggers/dolibarrtriggers.class.php b/htdocs/core/triggers/dolibarrtriggers.class.php
index 1fd29359d74..0682bb76a71 100644
--- a/htdocs/core/triggers/dolibarrtriggers.class.php
+++ b/htdocs/core/triggers/dolibarrtriggers.class.php
@@ -83,7 +83,8 @@ abstract class DolibarrTriggers
$this->db = $db;
- if (!isset($this->name)) {
+ if (empty($this->name))
+ {
$this->name = preg_replace('/^Interface/i', '', get_class($this));
}
}
diff --git a/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php b/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php
index 632acf71b0e..d4fe47c0faa 100644
--- a/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php
+++ b/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php
@@ -222,7 +222,7 @@ class InterfaceActionsAuto extends DolibarrTriggers
$object->actionmsg=$langs->transnoentities("InvoiceSentByEMail",$object->ref);
$object->actionmsg.="\n".$langs->transnoentities("Author").': '.$user->login;
}
-
+
// Parameters $object->sendtoid defined by caller
//$object->sendtoid=0;
}
diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php
index 7db0ecc56b1..8984e4c5424 100644
--- a/htdocs/expedition/card.php
+++ b/htdocs/expedition/card.php
@@ -462,12 +462,13 @@ if ($action == 'send' && ! GETPOST('addfile','alpha') && ! GETPOST('removedfile'
if (dol_strlen(GETPOST('subject','alpha'))) $subject=GETPOST('subject','alpha');
else $subject = $langs->transnoentities('Shipping').' '.$object->ref;
$actiontypecode='AC_SHIP';
- $actionmsg = $langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto.".\n";
+ $actionmsg = $langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto;
if ($message)
{
- $actionmsg.=$langs->transnoentities('MailTopic').": ".$subject."\n";
- $actionmsg.=$langs->transnoentities('TextUsedInTheMessageBody').":\n";
- $actionmsg.=$message;
+ if ($sendtocc) $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('Bcc') . ": " . $sendtocc);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('MailTopic') . ": " . $subject);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('TextUsedInTheMessageBody') . ":");
+ $actionmsg = dol_concatdesc($actionmsg, $message);
}
$actionmsg2=$langs->transnoentities('Action'.$actiontypecode);
}
diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php
index b5e874d03a6..77c7e17ffb5 100644
--- a/htdocs/fichinter/card.php
+++ b/htdocs/fichinter/card.php
@@ -745,12 +745,13 @@ if ($action == 'send' && ! GETPOST('cancel','alpha') && (empty($conf->global->MA
if (strlen(GETPOST('subject','alphs'))) $subject = GETPOST('subject','alpha');
else $subject = $langs->transnoentities('Intervention').' '.$object->ref;
$actiontypecode='AC_OTH_AUTO';
- $actionmsg = $langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto.".\n";
+ $actionmsg = $langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto;
if ($message)
{
- $actionmsg.=$langs->transnoentities('MailTopic').": ".$subject."\n";
- $actionmsg.=$langs->transnoentities('TextUsedInTheMessageBody').":\n";
- $actionmsg.=$message;
+ if ($sendtocc) $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('Bcc') . ": " . $sendtocc);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('MailTopic') . ": " . $subject);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('TextUsedInTheMessageBody') . ":");
+ $actionmsg = dol_concatdesc($actionmsg, $message);
}
$actionmsg2=$langs->transnoentities("InterventionSentByEMail",$object->ref);
}
diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php
index 4ae8fb17754..0273dea94b9 100644
--- a/htdocs/fourn/commande/card.php
+++ b/htdocs/fourn/commande/card.php
@@ -944,12 +944,13 @@ if ($action == 'send' && ! GETPOST('addfile') && ! GETPOST('removedfile') && ! G
if (dol_strlen(GETPOST('subject'))) $subject=GETPOST('subject');
else $subject = $langs->transnoentities('CustomerOrder').' '.$object->ref;
$actiontypecode='AC_SUP_ORD';
- $actionmsg = $langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto.".\n";
+ $actionmsg = $langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto;
if ($message)
{
- $actionmsg.=$langs->transnoentities('MailTopic').": ".$subject."\n";
- $actionmsg.=$langs->transnoentities('TextUsedInTheMessageBody').":\n";
- $actionmsg.=$message;
+ if ($sendtocc) $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('Bcc') . ": " . $sendtocc);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('MailTopic') . ": " . $subject);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('TextUsedInTheMessageBody') . ":");
+ $actionmsg = dol_concatdesc($actionmsg, $message);
}
$actionmsg2=$langs->transnoentities('Action'.$actiontypecode);
}
diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php
index e88b5a37945..b88fd582400 100644
--- a/htdocs/fourn/facture/card.php
+++ b/htdocs/fourn/facture/card.php
@@ -903,12 +903,13 @@ if ($action == 'send' && ! $_POST['addfile'] && ! $_POST['removedfile'] && ! $_P
if (dol_strlen($_POST['subject'])) $subject=$_POST['subject'];
else $subject = $langs->transnoentities('CustomerOrder').' '.$object->ref;
$actiontypecode='AC_SUP_INV';
- $actionmsg = $langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto.".\n";
+ $actionmsg = $langs->transnoentities('MailSentBy').' '.$from.' '.$langs->transnoentities('To').' '.$sendto;
if ($message)
{
- $actionmsg.=$langs->transnoentities('MailTopic').": ".$subject."\n";
- $actionmsg.=$langs->transnoentities('TextUsedInTheMessageBody').":\n";
- $actionmsg.=$message;
+ if ($sendtocc) $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('Bcc') . ": " . $sendtocc);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('MailTopic') . ": " . $subject);
+ $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('TextUsedInTheMessageBody') . ":");
+ $actionmsg = dol_concatdesc($actionmsg, $message);
}
$actionmsg2=$langs->transnoentities('Action'.$actiontypecode);
}
--
GitLab