From a5b4308a517a66b320ba69be8604144ce74f417e Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Tue, 18 Apr 2017 15:44:20 +0200 Subject: [PATCH] Don't put the SMTP password into the HTML code Signed-off-by: Joas Schilling --- lib/private/Settings/Admin/Additional.php | 4 ++ .../Controller/MailSettingsController.php | 47 ++++---------- settings/js/admin.js | 36 ++++++++--- settings/templates/admin/additional-mail.php | 64 +++++++++---------- 4 files changed, 77 insertions(+), 74 deletions(-) diff --git a/lib/private/Settings/Admin/Additional.php b/lib/private/Settings/Admin/Additional.php index d133e4737a..59058851a6 100644 --- a/lib/private/Settings/Admin/Additional.php +++ b/lib/private/Settings/Admin/Additional.php @@ -65,6 +65,10 @@ class Additional implements ISettings { 'mail_smtppassword' => $this->config->getSystemValue('mail_smtppassword', ''), ]; + if ($parameters['mail_smtppassword'] !== '') { + $parameters['mail_smtppassword'] = '********'; + } + return new TemplateResponse('settings', 'admin/additional-mail', $parameters, ''); } diff --git a/settings/Controller/MailSettingsController.php b/settings/Controller/MailSettingsController.php index 8137b4da53..b66c63cfcb 100644 --- a/settings/Controller/MailSettingsController.php +++ b/settings/Controller/MailSettingsController.php @@ -25,6 +25,8 @@ namespace OC\Settings\Controller; use OCP\AppFramework\Controller; +use OCP\AppFramework\Http; +use OCP\AppFramework\Http\DataResponse; use OCP\IRequest; use OCP\IL10N; use OCP\IConfig; @@ -84,7 +86,7 @@ class MailSettingsController extends Controller { * @param string $mail_smtpauthtype * @param int $mail_smtpauth * @param string $mail_smtpport - * @return array + * @return DataResponse */ public function setMailSettings($mail_domain, $mail_from_address, @@ -109,12 +111,7 @@ class MailSettingsController extends Controller { $this->config->setSystemValues($configs); - return array('data' => - array('message' => - (string) $this->l10n->t('Saved') - ), - 'status' => 'success' - ); + return new DataResponse(); } /** @@ -124,25 +121,24 @@ class MailSettingsController extends Controller { * * @param string $mail_smtpname * @param string $mail_smtppassword - * @return array + * @return DataResponse */ public function storeCredentials($mail_smtpname, $mail_smtppassword) { + if ($mail_smtppassword === '********') { + return new DataResponse($this->l10n->t('Invalid SMTP password.'), Http::STATUS_BAD_REQUEST); + } + $this->config->setSystemValues([ 'mail_smtpname' => $mail_smtpname, 'mail_smtppassword' => $mail_smtppassword, ]); - return array('data' => - array('message' => - (string) $this->l10n->t('Saved') - ), - 'status' => 'success' - ); + return new DataResponse(); } /** * Send a mail to test the settings - * @return array + * @return array|DataResponse */ public function sendTestMail() { $email = $this->config->getUserValue($this->userSession->getUser()->getUID(), $this->appName, 'email', ''); @@ -158,28 +154,13 @@ class MailSettingsController extends Controller { throw new \RuntimeException($this->l10n->t('Mail could not be sent. Check your mail server log')); } } catch (\Exception $e) { - return [ - 'data' => [ - 'message' => (string) $this->l10n->t('A problem occurred while sending the email. Please revise your settings. (Error: %s)', [$e->getMessage()]), - ], - 'status' => 'error', - ]; + return new DataResponse($this->l10n->t('A problem occurred while sending the email. Please revise your settings. (Error: %s)', [$e->getMessage()])); } - return array('data' => - array('message' => - (string) $this->l10n->t('Email sent') - ), - 'status' => 'success' - ); + return new DataResponse(); } - return array('data' => - array('message' => - (string) $this->l10n->t('You need to set your user email before being able to send test emails.'), - ), - 'status' => 'error' - ); + return new DataResponse($this->l10n->t('You need to set your user email before being able to send test emails.')); } } diff --git a/settings/js/admin.js b/settings/js/admin.js index 985e318e34..475fecf604 100644 --- a/settings/js/admin.js +++ b/settings/js/admin.js @@ -186,11 +186,11 @@ $(document).ready(function(){ url: OC.generateUrl('/settings/admin/mailsettings'), type: 'POST', data: $('#mail_general_settings_form').serialize(), - success: function(data){ - OC.msg.finishedSaving('#mail_settings_msg', data); + success: function(){ + OC.msg.finishedSuccess('#mail_settings_msg', t('settings', 'Saved')); }, - error: function(data){ - OC.msg.finishedError('#mail_settings_msg', data.responseJSON.message); + error: function(xhr){ + OC.msg.finishedError('#mail_settings_msg', xhr.responseJSON); } }); }; @@ -206,21 +206,39 @@ $(document).ready(function(){ url: OC.generateUrl('/settings/admin/mailsettings/credentials'), type: 'POST', data: $('#mail_credentials_settings').serialize(), - success: function(data){ - OC.msg.finishedSaving('#mail_settings_msg', data); + success: function(){ + OC.msg.finishedSuccess('#mail_settings_msg', t('settings', 'Saved')); }, - error: function(data){ - OC.msg.finishedError('#mail_settings_msg', data.responseJSON.message); + error: function(xhr){ + OC.msg.finishedError('#mail_settings_msg', xhr.responseJSON); } }); }; $('#mail_general_settings_form').change(changeEmailSettings); $('#mail_credentials_settings_submit').click(toggleEmailCredentials); + $('#mail_smtppassword').click(function() { + if (this.type === 'text' && this.value === '********') { + this.type = 'password'; + this.value = ''; + } + }); $('#sendtestemail').click(function(event){ event.preventDefault(); - OC.msg.startAction('#sendtestmail_msg', t('settings', 'Sending...')); + OC.msg.startAction('#sendtestmail_msg', t('settings', 'Sending…')); + + $.ajax({ + url: OC.generateUrl('/settings/admin/mailtest'), + type: 'POST', + data: $('#mail_credentials_settings').serialize(), + success: function(){ + OC.msg.finishedSuccess('#sendtestmail_msg', t('settings', 'Email sent')); + }, + error: function(xhr){ + OC.msg.finishedError('#sendtestmail_msg', xhr.responseJSON); + } + }); $.post(OC.generateUrl('/settings/admin/mailtest'), '', function(data){ OC.msg.finishedAction('#sendtestmail_msg', data); }); diff --git a/settings/templates/admin/additional-mail.php b/settings/templates/admin/additional-mail.php index 23723a423c..7f8706274f 100644 --- a/settings/templates/admin/additional-mail.php +++ b/settings/templates/admin/additional-mail.php @@ -44,7 +44,7 @@ $mail_smtpmode = [ if ($_['sendmail_is_available']) { $mail_smtpmode[] = ['sendmail', 'Sendmail']; } -if ($_['mail_smtpmode'] == 'qmail') { +if ($_['mail_smtpmode'] === 'qmail') { $mail_smtpmode[] = ['qmail', 'qmail']; } @@ -60,81 +60,81 @@ if ($_['mail_smtpmode'] == 'qmail') {

t('This is used for sending out notifications.')); ?>

- - - +

- - ' />@ - ' /> + + @ +

- -
-

- t( 'Test email settings' )); ?> - + t('Test email settings')); ?> +