(* COCANWIKI - a wiki written in Objective CAML.
* Written by Richard W.M. Jones <rich@merjis.com>.
* Copyright (C) 2004 Merjis Ltd.
- * $Id: contact.ml,v 1.10 2006/03/27 18:09:46 rich Exp $
+ * $Id: contact.ml,v 1.14 2006/12/06 09:46:56 rich Exp $
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
open Cocanwiki_template
open Cocanwiki_ok
+let subj_rex = Pcre.regexp "\\$\\w+"
+
let run r (q : cgi) dbh hostid {hostname = hostname} user =
- let template = get_template dbh hostid "contact.txt" in
+ let template = get_template r dbh hostid "contact.txt" in
let fail msg =
error ~back_button:true ~title:"Bad form"
- dbh hostid q (msg ^ " Please contact the owner of the site by email.");
+ r dbh hostid q
+ (msg ^ " Please contact the owner of the site by email.");
return ()
in
| [] -> fail "There is no such contact form in the database."
| _ -> assert false in
- let emails =
+ let to_addrs =
PGSQL(dbh) "select email from contact_emails where contactid = $id" in
+ let to_addrs = List.map (fun email -> "", email) to_addrs in
- if emails = [] then
+ if to_addrs = [] then
fail "There are no email addresses associated with that contact id.";
(* Now process the strings passed as parameters to the script. Any
let not_empty name = (q#upload name).upload_value <> "" in
List.filter not_empty uploads in
+ (* Substitute any $Field fields in the subject line. The substitution
+ * is very simple-minded.
+ *)
+ let subst pat =
+ let n = String.length pat in
+ assert (n > 0 && pat.[0] = '$');
+ let fieldname = String.sub pat 1 (n-1) in
+ if List.mem fieldname names then
+ q#param fieldname
+ else
+ pat
+ in
+ let subject = Pcre.substitute ~rex:subj_rex ~subst subject in
+
(* Get the IP address for logging purposes. *)
let ip =
try Connection.remote_ip (Request.connection r) with Not_found -> "" in
template#set "nr_uploads" (string_of_int (List.length uploads));
(* Send the initial email. *)
+ let content_type =
+ "text/plain", ["charset", Mimestring.mk_param "UTF-8"] in
let body = template#to_string in
- Sendmail.send_mail ~subject ~to_addr:emails body;
+ let msg = Netsendmail.compose ~to_addrs ~subject ~content_type body in
+ Netsendmail.sendmail msg;
(* Send the following uploads by email. *)
List.iter (fun name ->
let upload = q#upload name in
let subject = upload.upload_filename in
- (* XXX This is insecure. *)
- let content_type = upload.upload_content_type in
+ let content_type = upload.upload_content_type, [] in
let body = upload.upload_value in
- Sendmail.send_mail ~subject ~to_addr:emails ~content_type body)
+ let msg =
+ Netsendmail.compose ~to_addrs ~subject ~content_type body in
+ Netsendmail.sendmail msg)
uploads;
(* Confirm. *)
ok ~title:"Thank you for your contact" ~buttons:[ok_button "/"]
- dbh hostid q "An email was sent and you should receive a reply shortly."
+ r dbh hostid q "An email was sent and you should receive a reply shortly."
let () =
register_script ~restrict:[CanView] run
git.annexia.org / cocanwiki.git / blobdiff