1
0
Fork 0
mirror of https://github.com/sbrl/Pepperminty-Wiki.git synced 2024-11-25 05:22:59 +00:00

Correctly handle utf-8 in email_user()

This commit is contained in:
Starbeamrainbowlabs 2019-12-23 17:39:18 +00:00
parent 8914bff594
commit 1602fab2c3
Signed by: sbrl
GPG key ID: 1BE5172E637709C2
5 changed files with 29 additions and 15 deletions

View file

@ -7,6 +7,8 @@ This file holds the changelog for Pepperminty Wiki. This is the master list of t
- Fixed weighted word support on search query analysis debug page - Fixed weighted word support on search query analysis debug page
- Added missing apostrophes to stop words in search system. Regenerating your search index will now yield a slightly smaller index - Added missing apostrophes to stop words in search system. Regenerating your search index will now yield a slightly smaller index
- Fixed link loop when logging in for crawlers - Fixed link loop when logging in for crawlers
- [security] Bugfix: Don't leak the PHP version in emails when expose_php is turned off
- Fixed handling of Unicode characters when emailing users - added new `email_subject_utf8` and `email_body_utf8` settings to control the new behaviour
## Changed ## Changed
- Improved the search indexing system performance - again - Improved the search indexing system performance - again

View file

@ -69,5 +69,5 @@ if(!is_dir($paths->cache_directory))
// Set the user agent string // Set the user agent string
$php_version = ini_get("expose_php") == "1" ? "PHP/".phpversion() : "PHP"; $php_version = ini_get("expose_php") == "1" ? "PHP/".phpversion() : "PHP";
ini_set("user_agent", "$php_version (".PHP_SAPI."; ".PHP_OS." ".php_uname("m")."; ".(PHP_INT_SIZE*8)." bits; rv:$version) Pepperminty-Wiki/$version-".substr($commit, 0, 7)); ini_set("user_agent", "$php_version ($settings->sitename; ".PHP_SAPI."; ".PHP_OS." ".php_uname("m")."; ".(PHP_INT_SIZE*8)." bits; rv:$version) Pepperminty-Wiki/$version-".substr($commit, 0, 7));
unset($php_version); unset($php_version);

View file

@ -696,18 +696,36 @@ function email_user($username, $subject, $body)
{ {
global $version, $settings; global $version, $settings;
static $literator = null;
if($literator == null) $literator = Transliterator::createFromRules(':: Any-Latin; :: Latin-ASCII; :: NFD; :: [:Nonspacing Mark:] Remove; :: NFC;', Transliterator::FORWARD);
// If the user doesn't have an email address, then we can't email them :P // If the user doesn't have an email address, then we can't email them :P
if(empty($settings->users->{$username}->emailAddress)) if(empty($settings->users->{$username}->emailAddress))
return false; return false;
$headers = [
"x-mailer" => ini_get("user_agent"),
"reply-to" => "$settings->admindetails_name <$settings->admindetails_email>"
];
// Correctly encode the subject
if($settings->email_subject_utf8)
$subject = "=?utf-8?B?" . base64_encode($username) . "?=";
else
$subject = $literator->transliterate($subject);
// Correctly encode the message body
if($settings->email_body_utf8)
$headers["content-type"] = "text/plain; charset=utf-8";
else {
$headers["content-type"] = "text/plain";
$body = $literator->transliterate($body);
}
$subject = str_replace("{username}", $username, $subject); $subject = str_replace("{username}", $username, $subject);
$body = str_replace("{username}", $username, $body); $body = str_replace("{username}", $username, $body);
$headers = [
"content-type" => "text/plain",
"x-mailer" => "$settings->sitename Pepperminty-Wiki/$version PHP/" . phpversion(),
"reply-to" => "$settings->admindetails_name <$settings->admindetails_email>"
];
$compiled_headers = ""; $compiled_headers = "";
foreach($headers as $header => $value) foreach($headers as $header => $value)
$compiled_headers .= "$header: $value\r\n"; $compiled_headers .= "$header: $value\r\n";

View file

@ -1,7 +1,7 @@
<?php <?php
register_module([ register_module([
"name" => "Page editor", "name" => "Page editor",
"version" => "0.17.6", "version" => "0.17.7",
"author" => "Starbeamrainbowlabs", "author" => "Starbeamrainbowlabs",
"description" => "Allows you to edit pages by adding the edit and save actions. You should probably include this one.", "description" => "Allows you to edit pages by adding the edit and save actions. You should probably include this one.",
"id" => "page-edit", "id" => "page-edit",
@ -38,17 +38,11 @@ register_module([
$filename = "$env->storage_prefix$env->page.md"; $filename = "$env->storage_prefix$env->page.md";
$creatingpage = !isset($pageindex->{$env->page}); $creatingpage = !isset($pageindex->{$env->page});
if((isset($_GET["newpage"]) and $_GET["newpage"] == "true") or $creatingpage) if((isset($_GET["newpage"]) and $_GET["newpage"] == "true") or $creatingpage)
{
$title = "Creating $env->page"; $title = "Creating $env->page";
}
else if(isset($_POST['preview-edit']) && isset($_POST['content'])) else if(isset($_POST['preview-edit']) && isset($_POST['content']))
{
$title = "Preview Edits for $env->page"; $title = "Preview Edits for $env->page";
}
else else
{
$title = "Editing $env->page"; $title = "Editing $env->page";
}
$pagetext = ""; $pagetext = "";
if(isset($pageindex->{$env->page})) if(isset($pageindex->{$env->page}))
@ -495,9 +489,7 @@ DIFFSCRIPT;
// Execute all the preprocessors // Execute all the preprocessors
foreach($save_preprocessors as $func) foreach($save_preprocessors as $func)
{
$func($pageindex->{$env->page}, $pagedata, $oldpagedata); $func($pageindex->{$env->page}, $pagedata, $oldpagedata);
}
if($pagedata !== $pagedata_orig) if($pagedata !== $pagedata_orig)
file_put_contents("$env->storage_prefix$env->page.md", $pagedata); file_put_contents("$env->storage_prefix$env->page.md", $pagedata);

View file

@ -228,6 +228,8 @@
"search_tags_matches_weighting": { "type": "number", "description": "The weighting to give to search term matches found in a page's tags.", "default": 3}, "search_tags_matches_weighting": { "type": "number", "description": "The weighting to give to search term matches found in a page's tags.", "default": 3},
"dynamic_page_suggestion_count": { "type": "number", "description": "The number of dynamic page name suggestions to fetch from the server when typing in the page search box. Note that lowering this number doesn't <em>really</em> improve performance. Set to 0 to disable.", "default": 7 }, "dynamic_page_suggestion_count": { "type": "number", "description": "The number of dynamic page name suggestions to fetch from the server when typing in the page search box. Note that lowering this number doesn't <em>really</em> improve performance. Set to 0 to disable.", "default": 7 },
"defaultaction": { "type": "text", "description": "The default action. This action will be performed if no other action is specified. It is recommended you set this to \"view\" - that way the user automatically views the default page (see above).", "default": "view" }, "defaultaction": { "type": "text", "description": "The default action. This action will be performed if no other action is specified. It is recommended you set this to \"view\" - that way the user automatically views the default page (see above).", "default": "view" },
"email_subject_utf8": { "type": "checkbox", "description": "Whether to encode the subject of emails sent to allow them to contain unicode characters. Without this, email subjects will be transliterated to ASCII. If utf-8 email subjects are disabled, page names may not be represented properly.", "default": true },
"email_body_utf8": { "type": "checkbox", "description": "Whether to send emails with utf-8 bodies. If set to false, email bodies will be transliterated to ASCII. If utf-8 email bodies are disabled, page names may not be represented properly.", "default": true },
"updateurl": { "type": "url", "description": "The url from which to fetch updates. Defaults to the master (development) branch. MAKE SURE THAT THIS POINTS TO A *HTTPS* URL, OTHERWISE SOMEONE COULD INJECT A VIRUS INTO YOUR WIKI!", "default": "https://raw.githubusercontent.com/sbrl/pepperminty-wiki/master/index.php" }, "updateurl": { "type": "url", "description": "The url from which to fetch updates. Defaults to the master (development) branch. MAKE SURE THAT THIS POINTS TO A *HTTPS* URL, OTHERWISE SOMEONE COULD INJECT A VIRUS INTO YOUR WIKI!", "default": "https://raw.githubusercontent.com/sbrl/pepperminty-wiki/master/index.php" },
"optimize_pages": { "type": "checkbox", "description": "Whether to optimise all webpages generated.", "default": true }, "optimize_pages": { "type": "checkbox", "description": "Whether to optimise all webpages generated.", "default": true },
"minify_pageindex": { "type": "checkbox", "description": "Whether to minify the page index when saving it. Improves performance slightly (especially on larger wikis), but can make debugging and quick ninja-edits more awkward. Note that this only takes effect when the page index is next saved.", "default": true }, "minify_pageindex": { "type": "checkbox", "description": "Whether to minify the page index when saving it. Improves performance slightly (especially on larger wikis), but can make debugging and quick ninja-edits more awkward. Note that this only takes effect when the page index is next saved.", "default": true },