web-base/core/Api/ContactAPI.class.php

310 lines
9.1 KiB
PHP
Raw Normal View History

2020-06-26 23:32:45 +02:00
<?php
namespace Api {
2021-04-10 00:44:34 +02:00
use Objects\User;
2020-07-01 21:10:25 +02:00
abstract class ContactAPI extends Request {
2020-06-26 23:32:45 +02:00
2021-04-10 00:44:34 +02:00
protected ?string $messageId;
public function __construct(User $user, bool $externalCall, array $params) {
parent::__construct($user, $externalCall, $params);
$this->messageId = null;
$this->csrfTokenRequired = false;
2021-04-10 00:44:34 +02:00
}
protected function sendMail(string $name, ?string $fromEmail, string $subject, string $message, ?string $to = null): bool {
$request = new \Api\Mail\Send($this->user);
$this->success = $request->execute(array(
"subject" => $subject,
"body" => $message,
"replyTo" => $fromEmail,
"replyName" => $name,
"to" => $to
));
$this->lastError = $request->getLastError();
2021-04-10 00:44:34 +02:00
if ($this->success) {
$this->messageId = $request->getResult()["messageId"];
}
return $this->success;
}
2020-06-26 23:32:45 +02:00
}
}
namespace Api\Contact {
use Api\ContactAPI;
use Api\Parameter\Parameter;
use Api\Parameter\StringType;
use Api\VerifyCaptcha;
2021-04-10 00:44:34 +02:00
use Driver\SQL\Condition\Compare;
use Driver\SQL\Condition\CondNot;
use Driver\SQL\Expression\CaseWhen;
use Driver\SQL\Expression\Sum;
2020-06-26 23:32:45 +02:00
use Objects\User;
class Request extends ContactAPI {
public function __construct(User $user, bool $externalCall = false) {
$parameters = array(
'fromName' => new StringType('fromName', 32),
'fromEmail' => new Parameter('fromEmail', Parameter::TYPE_EMAIL),
'message' => new StringType('message', 512),
);
$settings = $user->getConfiguration()->getSettings();
if ($settings->isRecaptchaEnabled()) {
$parameters["captcha"] = new StringType("captcha");
}
parent::__construct($user, $externalCall, $parameters);
}
2022-02-21 13:01:03 +01:00
public function _execute(): bool {
2020-06-26 23:32:45 +02:00
$settings = $this->user->getConfiguration()->getSettings();
if ($settings->isRecaptchaEnabled()) {
$captcha = $this->getParam("captcha");
$req = new VerifyCaptcha($this->user);
if (!$req->execute(array("captcha" => $captcha, "action" => "contact"))) {
return $this->createError($req->getLastError());
}
}
2021-04-10 00:44:34 +02:00
// parameter
$message = $this->getParam("message");
$name = $this->getParam("fromName");
$email = $this->getParam("fromEmail");
$sendMail = $this->sendMail($name, $email, "Contact Request", $message);
2021-04-09 16:05:36 +02:00
$mailError = $this->getLastError();
2020-06-26 23:32:45 +02:00
2021-04-09 16:05:36 +02:00
$insertDB = $this->insertContactRequest();
2021-04-10 00:44:34 +02:00
$dbError = $this->getLastError();
2020-06-26 23:32:45 +02:00
2021-04-09 16:05:36 +02:00
// Create a log entry
if (!$sendMail || $mailError) {
$message = "Error processing contact request.";
if (!$sendMail) {
$message .= " Mail: $mailError";
}
if (!$insertDB) {
$message .= " Mail: $dbError";
}
error_log($message);
}
if (!$sendMail && !$insertDB) {
return $this->createError("The contact request could not be sent. The Administrator is already informed. Please try again later.");
2020-06-26 23:32:45 +02:00
}
return $this->success;
}
2021-04-10 00:44:34 +02:00
private function insertContactRequest(): bool {
2020-06-26 23:32:45 +02:00
$sql = $this->user->getSQL();
$name = $this->getParam("fromName");
$email = $this->getParam("fromEmail");
$message = $this->getParam("message");
2021-04-09 16:05:36 +02:00
$messageId = $this->messageId ?? null;
2020-06-26 23:32:45 +02:00
2021-04-09 16:05:36 +02:00
$res = $sql->insert("ContactRequest", array("from_name", "from_email", "message", "messageId"))
->addRow($name, $email, $message, $messageId)
2020-06-26 23:32:45 +02:00
->returning("uid")
->execute();
$this->success = ($res !== FALSE);
$this->lastError = $sql->getLastError();
2021-04-10 00:44:34 +02:00
return $this->success;
}
}
class Respond extends ContactAPI {
public function __construct(User $user, bool $externalCall = false) {
parent::__construct($user, $externalCall, array(
"requestId" => new Parameter("requestId", Parameter::TYPE_INT),
'message' => new StringType('message', 512),
));
$this->loginRequired = true;
$this->csrfTokenRequired = false;
}
private function getSenderMail(): ?string {
$requestId = $this->getParam("requestId");
$sql = $this->user->getSQL();
$res = $sql->select("from_email")
->from("ContactRequest")
->where(new Compare("uid", $requestId))
->execute();
$this->success = ($res !== false);
$this->lastError = $sql->getLastError();
2020-06-26 23:32:45 +02:00
if ($this->success) {
2021-04-10 00:44:34 +02:00
if (empty($res)) {
return $this->createError("Request does not exist");
} else {
return $res[0]["from_email"];
}
2020-06-26 23:32:45 +02:00
}
2021-04-10 00:44:34 +02:00
return null;
2020-06-26 23:32:45 +02:00
}
2021-04-10 00:44:34 +02:00
private function insertResponseMessage(): bool {
2020-06-26 23:32:45 +02:00
$sql = $this->user->getSQL();
$message = $this->getParam("message");
2021-04-10 00:44:34 +02:00
$requestId = $this->getParam("requestId");
2020-06-26 23:32:45 +02:00
2021-04-10 00:44:34 +02:00
$this->success = $sql->insert("ContactMessage", ["request_id", "user_id", "message", "messageId", "read"])
->addRow($requestId, $this->user->getId(), $message, $this->messageId, true)
2020-06-26 23:32:45 +02:00
->execute();
$this->lastError = $sql->getLastError();
2021-04-10 00:44:34 +02:00
return $this->success;
}
2020-06-26 23:32:45 +02:00
2021-04-10 00:44:34 +02:00
private function updateEntity() {
$sql = $this->user->getSQL();
$requestId = $this->getParam("requestId");
$sql->update("EntityLog")
->set("modified", $sql->now())
->where(new Compare("entityId", $requestId))
->execute();
}
2022-02-21 13:01:03 +01:00
public function _execute(): bool {
2021-04-10 00:44:34 +02:00
$message = $this->getParam("message");
$senderMail = $this->getSenderMail();
if (!$this->success) {
return false;
}
$fromName = $this->user->getUsername();
$fromEmail = $this->user->getEmail();
if (!$this->sendMail($fromName, $fromEmail, "Re: Contact Request", $message, $senderMail)) {
return false;
}
2020-06-26 23:32:45 +02:00
2021-04-10 00:44:34 +02:00
if (!$this->insertResponseMessage()) {
return false;
2020-06-26 23:32:45 +02:00
}
2021-04-10 00:44:34 +02:00
$this->updateEntity();
2020-06-26 23:32:45 +02:00
return $this->success;
}
2021-04-10 00:44:34 +02:00
}
2021-01-07 15:54:19 +01:00
2021-04-10 00:44:34 +02:00
class Fetch extends ContactAPI {
2021-04-09 16:05:36 +02:00
2021-04-10 00:44:34 +02:00
public function __construct(User $user, bool $externalCall = false) {
parent::__construct($user, $externalCall, array());
$this->loginRequired = true;
$this->csrfTokenRequired = false;
}
2022-02-21 13:01:03 +01:00
public function _execute(): bool {
2021-04-10 00:44:34 +02:00
$sql = $this->user->getSQL();
$res = $sql->select("ContactRequest.uid", "from_name", "from_email", "from_name",
new Sum(new CaseWhen(new CondNot("ContactMessage.read"), 1, 0), "unread"))
2021-04-10 00:44:34 +02:00
->from("ContactRequest")
->groupBy("ContactRequest.uid")
2021-04-10 00:44:34 +02:00
->leftJoin("ContactMessage", "ContactRequest.uid", "ContactMessage.request_id")
->execute();
$this->success = ($res !== false);
$this->lastError = $sql->getLastError();
2021-04-09 16:05:36 +02:00
if ($this->success) {
2021-05-02 01:22:54 +02:00
$this->result["contactRequests"] = [];
foreach ($res as $row) {
$this->result["contactRequests"][] = array(
"uid" => intval($row["uid"]),
"from_name" => $row["from_name"],
"from_email" => $row["from_email"],
"unread" => intval($row["unread"]),
);
}
2021-04-09 16:05:36 +02:00
}
return $this->success;
2021-01-07 15:54:19 +01:00
}
2020-06-26 23:32:45 +02:00
}
2021-04-10 00:44:34 +02:00
class Get extends ContactAPI {
public function __construct(User $user, bool $externalCall = false) {
parent::__construct($user, $externalCall, array(
"requestId" => new Parameter("requestId", Parameter::TYPE_INT),
));
$this->loginRequired = true;
$this->csrfTokenRequired = false;
}
private function updateRead() {
$requestId = $this->getParam("requestId");
$sql = $this->user->getSQL();
$sql->update("ContactMessage")
->set("read", 1)
->where(new Compare("request_id", $requestId))
->execute();
}
2022-02-21 13:01:03 +01:00
public function _execute(): bool {
2021-04-10 00:44:34 +02:00
$requestId = $this->getParam("requestId");
$sql = $this->user->getSQL();
$res = $sql->select("from_name", "from_email", "message", "created_at")
->from("ContactRequest")
->where(new Compare("uid", $requestId))
->execute();
$this->success = ($res !== false);
$this->lastError = $sql->getLastError();
if ($this->success) {
if (empty($res)) {
return $this->createError("Request does not exist");
} else {
$row = $res[0];
$this->result["request"] = array(
"from_name" => $row["from_name"],
"from_email" => $row["from_email"],
"messages" => array(
["sender_id" => null, "message" => $row["message"], "timestamp" => $row["created_at"]]
)
);
$res = $sql->select("user_id", "message", "created_at")
->from("ContactMessage")
->where(new Compare("request_id", $requestId))
->orderBy("created_at")
->execute();
$this->success = ($res !== false);
$this->lastError = $sql->getLastError();
if ($this->success) {
foreach ($res as $row) {
$this->result["request"]["messages"][] = array(
"sender_id" => $row["user_id"], "message" => $row["message"], "timestamp" => $row["created_at"]
);
}
$this->updateRead();
}
}
}
return $this->success;
}
}
2020-06-26 23:32:45 +02:00
}