[civicrm-core.git] / CRM / Mailing / Page / View.php

<?php
/*
 +--------------------------------------------------------------------+
 | CiviCRM version 5                                                  |
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC (c) 2004-2019                                |
 +--------------------------------------------------------------------+
 | This file is a part of CiviCRM.                                    |
 |                                                                    |
 | CiviCRM is free software; you can copy, modify, and distribute it  |
 | under the terms of the GNU Affero General Public License           |
 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
 |                                                                    |
 | CiviCRM is distributed in the hope that it will be useful, but     |
 | WITHOUT ANY WARRANTY; without even the implied warranty of         |
 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
 | See the GNU Affero General Public License for more details.        |
 |                                                                    |
 | You should have received a copy of the GNU Affero General Public   |
 | License and the CiviCRM Licensing Exception along                  |
 | with this program; if not, contact CiviCRM LLC                     |
 | at info[AT]civicrm[DOT]org. If you have questions about the        |
 | GNU Affero General Public License or the licensing of CiviCRM,     |
 | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
 +--------------------------------------------------------------------+
 */

/**
 *
 * @package CRM
 * @copyright CiviCRM LLC (c) 2004-2019
 */

/**
 * A page for mailing preview.
 */
class CRM_Mailing_Page_View extends CRM_Core_Page {

  /**
   * @var Signal to Flexmailer that this version of the class is usable.
   */
  const USES_MAILING_PREVIEW_API = 1;

  protected $_mailingID;
  protected $_mailing;
  protected $_contactID;

  /**
   * Lets do permission checking here.
   * First check for valid mailing, if false return fatal.
   * Second check for visibility.
   * Call a hook to see if hook wants to override visibility setting.
   */
  public function checkPermission() {
    if (!$this->_mailing) {
      return FALSE;
    }

    // check for visibility, if visibility is Public Pages and they have the permission
    // return true
    if ($this->_mailing->visibility == 'Public Pages' &&
      CRM_Core_Permission::check('view public CiviMail content')
    ) {
      return TRUE;
    }

    // if user is an admin, return true
    if (CRM_Core_Permission::check('administer CiviCRM') ||
      CRM_Core_Permission::check('approve mailings') ||
      CRM_Core_Permission::check('access CiviMail')
    ) {
      return TRUE;
    }

    return FALSE;
  }

  /**
   * Run this page (figure out the action needed and perform it).
   *
   * @param int $id
   * @param int $contactID
   * @param bool $print
   * @param bool $allowID
   *
   * @return null|string
   *   Not really sure if anything should be returned - parent doesn't
   */
  public function run($id = NULL, $contactID = NULL, $print = TRUE, $allowID = FALSE) {
    if (is_numeric($id)) {
      $this->_mailingID = $id;
    }
    else {
      $print = TRUE;
      $this->_mailingID = CRM_Utils_Request::retrieve('id', 'String', CRM_Core_DAO::$_nullObject, TRUE);
    }

    // # CRM-7651
    // override contactID from the function level if passed in
    if (isset($contactID) &&
      is_numeric($contactID)
    ) {
      $this->_contactID = $contactID;
    }
    else {
      $this->_contactID = CRM_Core_Session::getLoggedInContactID();
    }

    // mailing key check
    if (Civi::settings()->get('hash_mailing_url')) {
      $this->_mailing = new CRM_Mailing_BAO_Mailing();

      if (!is_numeric($this->_mailingID)) {
        $this->_mailing->hash = $this->_mailingID;
      }
      elseif (is_numeric($this->_mailingID)) {
        $this->_mailing->id = $this->_mailingID;
        // if mailing is present and associated hash is present
        // while 'hash' is not been used for mailing view : throw 'permissionDenied'
        if ($this->_mailing->find() &&
          CRM_Core_DAO::getFieldValue('CRM_Mailing_BAO_Mailing', $this->_mailingID, 'hash', 'id') &&
          !$allowID
        ) {
          CRM_Utils_System::permissionDenied();
          return NULL;
        }
      }
    }
    else {
      $this->_mailing = new CRM_Mailing_BAO_Mailing();
      $this->_mailing->id = $this->_mailingID;
    }

    if (!$this->_mailing->find(TRUE) ||
      !$this->checkPermission()
    ) {
      CRM_Utils_System::permissionDenied();
      return NULL;
    }

    $contactId = isset($this->_contactID) ? $this->_contactID : 0;

    $result = civicrm_api3('Mailing', 'preview', [
      'id' => $this->_mailingID,
      'contact_id' => $contactId,
    ]);
    $mailing = \CRM_Utils_Array::value('values', $result);

    $title = NULL;
    if (isset($mailing['body_html']) && empty($_GET['text'])) {
      $header = 'text/html; charset=utf-8';
      $content = $mailing['body_html'];
      if (strpos($content, '<head>') === FALSE && strpos($content, '<title>') === FALSE) {
        $title = '<head><title>' . $mailing['subject'] . '</title></head>';
      }
    }
    else {
      $header = 'text/plain; charset=utf-8';
      $content = $mailing['body_text'];
    }
    CRM_Utils_System::setTitle($mailing['subject']);

    if (CRM_Utils_Array::value('snippet', $_GET) === 'json') {
      CRM_Core_Page_AJAX::returnJsonResponse($content);
    }
    if ($print) {
      CRM_Utils_System::setHttpHeader('Content-Type', $header);
      print $title;
      print $content;
      CRM_Utils_System::civiExit();
    }
    else {
      return $content;
    }
  }

}
Commit	Line	Data
6a488035 TO	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
fee14197	4	\| CiviCRM version 5 \|
6a488035	5	+--------------------------------------------------------------------+
6b83d5bd	6	\| Copyright CiviCRM LLC (c) 2004-2019 \|
6a488035 TO	7	+--------------------------------------------------------------------+
	8	\| This file is a part of CiviCRM. \|
	9	\| \|
	10	\| CiviCRM is free software; you can copy, modify, and distribute it \|
	11	\| under the terms of the GNU Affero General Public License \|
	12	\| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. \|
	13	\| \|
	14	\| CiviCRM is distributed in the hope that it will be useful, but \|
	15	\| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	16	\| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. \|
	17	\| See the GNU Affero General Public License for more details. \|
	18	\| \|
	19	\| You should have received a copy of the GNU Affero General Public \|
	20	\| License and the CiviCRM Licensing Exception along \|
	21	\| with this program; if not, contact CiviCRM LLC \|
	22	\| at info[AT]civicrm[DOT]org. If you have questions about the \|
	23	\| GNU Affero General Public License or the licensing of CiviCRM, \|
	24	\| see the CiviCRM license FAQ at http://civicrm.org/licensing \|
	25	+--------------------------------------------------------------------+
d25dd0ee	26	*/
6a488035 TO	27
	28	/**
	29	*
	30	* @package CRM
6b83d5bd	31	* @copyright CiviCRM LLC (c) 2004-2019
6a488035 TO	32	*/
	33
	34	/**
25606795	35	* A page for mailing preview.
6a488035 TO	36	*/
6a488035 TO	37	class CRM_Mailing_Page_View extends CRM_Core_Page {
640d3ea6 TO	38
	39	/**
	40	* @var Signal to Flexmailer that this version of the class is usable.
	41	*/
	42	const USES_MAILING_PREVIEW_API = 1;
	43
6a488035 TO	44	protected $_mailingID;
	45	protected $_mailing;
	46	protected $_contactID;
	47
	48	/**
fe482240	49	* Lets do permission checking here.
25606795 SB	50	* First check for valid mailing, if false return fatal.
	51	* Second check for visibility.
	52	* Call a hook to see if hook wants to override visibility setting.
6a488035	53	*/
00be9182	54	public function checkPermission() {
6a488035 TO	55	if (!$this->_mailing) {
	56	return FALSE;
	57	}
	58
	59	// check for visibility, if visibility is Public Pages and they have the permission
	60	// return true
	61	if ($this->_mailing->visibility == 'Public Pages' &&
	62	CRM_Core_Permission::check('view public CiviMail content')
	63	) {
	64	return TRUE;
	65	}
	66
	67	// if user is an admin, return true
	68	if (CRM_Core_Permission::check('administer CiviCRM') \|\|
cb7b73f0	69	CRM_Core_Permission::check('approve mailings') \|\|
6a488035 TO	70	CRM_Core_Permission::check('access CiviMail')
	71	) {
	72	return TRUE;
	73	}
	74
	75	return FALSE;
	76	}
	77
	78	/**
100fef9d	79	* Run this page (figure out the action needed and perform it).
6a488035	80	*
100fef9d CW	81	* @param int $id
100fef9d CW	82	* @param int $contactID
77b97be7 EM	83	* @param bool $print
77b97be7 EM	84	* @param bool $allowID
7535623a	85	*
7535623a	86	* @return null\|string
3b2bf3b5	87	* Not really sure if anything should be returned - parent doesn't
6a488035	88	*/
00be9182	89	public function run($id = NULL, $contactID = NULL, $print = TRUE, $allowID = FALSE) {
6a488035 TO	90	if (is_numeric($id)) {
	91	$this->_mailingID = $id;
	92	}
	93	else {
	94	$print = TRUE;
c57f36a1	95	$this->_mailingID = CRM_Utils_Request::retrieve('id', 'String', CRM_Core_DAO::$_nullObject, TRUE);
6a488035 TO	96	}
	97
	98	// # CRM-7651
	99	// override contactID from the function level if passed in
	100	if (isset($contactID) &&
	101	is_numeric($contactID)
	102	) {
	103	$this->_contactID = $contactID;
	104	}
	105	else {
3bdcd4ec	106	$this->_contactID = CRM_Core_Session::getLoggedInContactID();
6a488035 TO	107	}
6a488035 TO	108
c57f36a1	109	// mailing key check
aaffa79f	110	if (Civi::settings()->get('hash_mailing_url')) {
c57f36a1 PJ	111	$this->_mailing = new CRM_Mailing_BAO_Mailing();
	112
	113	if (!is_numeric($this->_mailingID)) {
	114	$this->_mailing->hash = $this->_mailingID;
	115	}
	116	elseif (is_numeric($this->_mailingID)) {
	117	$this->_mailing->id = $this->_mailingID;
	118	// if mailing is present and associated hash is present
	119	// while 'hash' is not been used for mailing view : throw 'permissionDenied'
	120	if ($this->_mailing->find() &&
303aa3b3	121	CRM_Core_DAO::getFieldValue('CRM_Mailing_BAO_Mailing', $this->_mailingID, 'hash', 'id') &&
c57f36a1 PJ	122	!$allowID
	123	) {
	124	CRM_Utils_System::permissionDenied();
3b2bf3b5	125	return NULL;
c57f36a1 PJ	126	}
	127	}
	128	}
	129	else {
	130	$this->_mailing = new CRM_Mailing_BAO_Mailing();
	131	$this->_mailing->id = $this->_mailingID;
	132	}
6a488035 TO	133
	134	if (!$this->_mailing->find(TRUE) \|\|
	135	!$this->checkPermission()
	136	) {
	137	CRM_Utils_System::permissionDenied();
3b2bf3b5	138	return NULL;
6a488035 TO	139	}
6a488035 TO	140
640d3ea6 TO	141	$contactId = isset($this->_contactID) ? $this->_contactID : 0;
	142
	143	$result = civicrm_api3('Mailing', 'preview', [
	144	'id' => $this->_mailingID,
	145	'contact_id' => $contactId,
	146	]);
	147	$mailing = \CRM_Utils_Array::value('values', $result);
6a488035	148
3f32bb8b	149	$title = NULL;
640d3ea6	150	if (isset($mailing['body_html']) && empty($_GET['text'])) {
956d2f84	151	$header = 'text/html; charset=utf-8';
640d3ea6	152	$content = $mailing['body_html'];
3f32bb8b	153	if (strpos($content, '<head>') === FALSE && strpos($content, '<title>') === FALSE) {
640d3ea6	154	$title = '<head><title>' . $mailing['subject'] . '</title></head>';
3f32bb8b	155	}
6a488035 TO	156	}
6a488035 TO	157	else {
956d2f84	158	$header = 'text/plain; charset=utf-8';
640d3ea6	159	$content = $mailing['body_text'];
6a488035	160	}
640d3ea6	161	CRM_Utils_System::setTitle($mailing['subject']);
6a488035	162
fc164be7 CW	163	if (CRM_Utils_Array::value('snippet', $_GET) === 'json') {
	164	CRM_Core_Page_AJAX::returnJsonResponse($content);
	165	}
6a488035	166	if ($print) {
956d2f84	167	CRM_Utils_System::setHttpHeader('Content-Type', $header);
3f32bb8b	168	print $title;
6a488035 TO	169	print $content;
	170	CRM_Utils_System::civiExit();
	171	}
	172	else {
	173	return $content;
	174	}
	175	}
96025800	176
6a488035	177	}