Skip to content
Permalink
Browse files Browse the repository at this point in the history
Merge pull request #525 from OCSInventory-NG/notification-improvement
Notification improvement
  • Loading branch information
damienbelliard committed Aug 2, 2018
2 parents 148d6bc + ba03a8d commit cc57281
Show file tree
Hide file tree
Showing 5 changed files with 68 additions and 16 deletions.
2 changes: 2 additions & 0 deletions plugins/language/en_GB/en_GB.txt 100755 → 100644
Expand Up @@ -1543,3 +1543,5 @@
8017 This file is not an html file
8018 Subject
8019 Notification OCSInventory
8020 WARNING : Mail template file not found
8021 The uploaded file need to have .html extension to be valid
2 changes: 2 additions & 0 deletions plugins/language/fr_FR/fr_FR.txt
Expand Up @@ -1541,3 +1541,5 @@
8016 Ici vous pouvez télécharger votre modèle de notification personnalisé:</br>• Le fichier doit être un fichier html.</br></br>Informations:</br>• Pour avoir les traduction mettez {{g.(numéro de la traduction)}} dans votre code html - Exemple: {{g.49}} = Nom</br>• Pour le moment vous disposez de deux choix de rapport d'inventaire: </br> {{Report.Software}} - Nombre de logiciels par catégorie de logiciel </br> {{Report.Asset}} - Nombre de machines par catégorie d'actifs
8017 Ce fichier n'est pas un fichier html
8018 Sujet
8020 WARNING : Fichier de template personnalisé non trouvé
8021 Le fichier upload doit avoir pour extension .html
5 changes: 4 additions & 1 deletion plugins/main_sections/ms_config/ms_notification.php
Expand Up @@ -192,10 +192,13 @@

//Perso
$info = $mail->get_all_information('PERSO');
$output = $mail->replace_value($mail->get_template_perso(), 'PERSO');
if(!$output){
$output = $l->g(8020);
}
echo "<div id=perso_mail ".$style_perso.">";
echo "<div class='form-group'><label class='control-label col-sm-2' for='subject'>".$l->g(8018)."</label><div class='col-sm-8'>
<input type='text' class='form-control' id='subject' name='subject' size='50' maxlength='255' value='".$info['PERSO']['SUBJECT']."'/></div></div>";
$output = $mail->replace_value($mail->get_template_perso(), 'PERSO');
echo $output;
echo "</div>";

Expand Down
64 changes: 49 additions & 15 deletions require/mail/NotificationMail.php
Expand Up @@ -48,6 +48,8 @@ class NotificationMail
);
private $week = array('MON' => 'MON', 'TUE' => 'TUE', 'WED' => 'WED', 'THURS' => 'THURS', 'FRI' => 'FRI', 'SAT' => 'SAT', 'SUN' => 'SUN');

const HTML_EXT = 'html';

public function __construct($language){
global $l;
$l = new language($language);
Expand Down Expand Up @@ -180,20 +182,27 @@ public function config_mailer(){
* @return void
*/
public function send_notification($subject, $body, $altBody = '', $selected, $isHtml = false ){
$body = $this->replace_value($body, $selected);
try{
// Content
$this->notif->isHTML(false);
$this->notif->Subject = $subject;
$this->notif->Body = $body;
$this->notif->AltBody = $altBody;

$this->notif->send();
error_log('Message has been sent');
} catch (Exception $e) {
$msg = 'Message could not be sent. Mailer Error: '. $mail->ErrorInfo;
error_log($msg);
}

$body = $this->replace_value($body, $selected);

if(!$body){
error_log('Error reading custom template');
return false;
}

try{
// Content
$this->notif->isHTML(false);
$this->notif->Subject = $subject;
$this->notif->Body = $body;
$this->notif->AltBody = $altBody;

$this->notif->send();
error_log('Message has been sent');
} catch (Exception $e) {
$msg = 'Message could not be sent. Mailer Error: '. $mail->ErrorInfo;
error_log($msg);
}
}

/**
Expand All @@ -214,7 +223,11 @@ public function replace_value($file, $selected){
if($selected == 'DEFAULT'){
$template = file_get_contents(TEMPLATE.'OCS_template.html', true);
}else{
$template = file_get_contents($file, true);
if(file_exists($file)){
$template = file_get_contents($file, true);
}else{
return false;
}
}

if(strpos($template, "{{") !== false){
Expand Down Expand Up @@ -263,6 +276,11 @@ public function replace_value($file, $selected){
public function upload_file($file, $subject){
global $l;
$uploadFile = TEMPLATE . basename($file['template']['name']);

if(!$this->is_html_extension($uploadFile)){
msg_error($l->g(8021));
return false;
}

if($file['template']['type'] == 'text/html'){
if (move_uploaded_file($_FILES['template']['tmp_name'], $uploadFile)) {
Expand All @@ -280,6 +298,22 @@ public function upload_file($file, $subject){
return false;
}
}

/**
* Check if file respect naming convention
* And have extension .html
*
* @param array $uploaded_file
*/
private function is_html_extension($uploaded_file_name){
$ext = end((explode(".", $uploaded_file_name)));
var_dump($ext);
if($ext == self::HTML_EXT){
return true;
}else{
return false;
}
}

/**
* Get directory template perso
Expand Down
11 changes: 11 additions & 0 deletions templates/.htaccess
@@ -0,0 +1,11 @@
# Prevent direct access to folder

# Apache 2.2
<IfModule !mod_authz_core.c>
Deny from all
</IfModule>

# Apache 2.4
<IfModule mod_authz_core.c>
Require all denied
</IfModule>

0 comments on commit cc57281

Please sign in to comment.