Rewrite xmlrpc jump links by regex in all email notifications; remove url from...

Rewrite xmlrpc jump links by regex in all email notifications; remove url from link contents in forum post html email (avoids thunderbird scam warning)
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>

htdocs/auth/xmlrpc/lib.php

@@ -969,27 +969,48 @@ class PluginAuthXmlrpc extends PluginAuth {
         return $values;
     }
 
-    public static function get_jump_link($hostwwwroot, $hostapp, $href) {
-        $jumpurl = $hostwwwroot . '/';
-        $jumpurl .= $hostapp == 'moodle' ? 'auth/mnet/jump.php' : 'auth/xmlrpc/jump.php';
-        // Remove trailing slash on wwwroot
-        $jumpurl .= '?hostwwwroot=' . substr(get_config('wwwroot'), 0, -1) . '&wantsurl=';
-        $localpart='';
-        $urlparts = parse_url($href);
-        if ($urlparts) {
-            if (isset($urlparts['path'])) {
-                $localpart .= $urlparts['path'];
-            }
-            if (isset($urlparts['query'])) {
-                $localpart .= '?'.$urlparts['query'];
-            }
-            if (isset($urlparts['fragment'])) {
-                $localpart .= '#'.$urlparts['fragment'];
-            }
+    public static function get_jump_url_prefix($hostwwwroot, $hostapp) {
+        return $hostwwwroot . '/' . ($hostapp == 'moodle' ? 'auth/mnet/jump.php' : 'auth/xmlrpc/jump.php')
+            . '?hostwwwroot=' . substr(get_config('wwwroot'), 0, -1) . '&wantsurl=';
+    }
+
+}
+
+/**
+ * Lifted from Moodle.
+ *
+ * Inline function to modify a url string so that mnet users are requested to
+ * log in at their mnet identity provider (if they are not already logged in)
+ * before ultimately being directed to the original url.
+ *
+ * uses global IDPJUMPURL - the url which user should initially be directed to
+ * @param array $url array with 3 elements
+ *     0 - context the url was taken from, possibly just the url, possibly href="url"
+ *     1 - the destination url
+ *     2 - the destination url, without the wwwroot part
+ * @return string the url the remote user should be supplied with.
+ */
+function localurl_to_jumpurl($url) {
+    global $IDPJUMPURL;
+    $localpart='';
+    $urlparts = parse_url($url[2]);
+    if ($urlparts) {
+        if (isset($urlparts['path'])) {
+            $localpart .= $urlparts['path'];
         }
-        $href = $jumpurl . urlencode($localpart);
-        return $href;
+        if (isset($urlparts['query'])) {
+            $localpart .= '?'.$urlparts['query'];
+        }
+        if (isset($urlparts['fragment'])) {
+            $localpart .= '#'.$urlparts['fragment'];
+        }
+    }
+    $indirecturl = $IDPJUMPURL . urlencode($localpart);
+    //If we matched on more than just a url (ie an html link), return the url to an href format
+    if ($url[0] != $url[1]) {
+        $indirecturl = 'href="'.$indirecturl.'"';
     }
+    return $indirecturl;
 }
 
 ?>

htdocs/interaction/forum/lang/en.utf8/interaction.forum.php

@@ -75,8 +75,8 @@ $string['forumposthtmltemplate'] = "<div style=\"padding: 0.5em 0; border-bottom
 <div style=\"margin: 1em 0;\">%s</div>
 
 <div style=\"font-size: smaller; border-top: 1px solid #999;\">
-<p>To see and reply to the post online, follow this link:<br><a href=\"%s\">%s</a></p>
-<p>To unsubscribe from this %s, visit: <a href=\"%s\">%s</a></p>
+<p><a href=\"%s\">Reply to this post online</a></p>
+<p><a href=\"%s\">Unsubscribe from this %s</a></p>
 </div>";
 $string['forumposttemplate'] = "%s by %s
 %s

htdocs/interaction/forum/lib.php

@@ -500,9 +500,7 @@ class ActivityTypeInteractionForumNewPost extends ActivityTypePlugin {
         $posttime = strftime(get_string('strftimedaydatetime'), $post->ctime);
         $htmlbody = $post->body;
         $textbody = trim(html2text($post->body));
-
-        $postlink = 'interaction/forum/topic.php?id=' . $post->topicid . '#post' . $this->postid;
-        $localpostlink = get_config('wwwroot') . $postlink;
+        $postlink = get_config('wwwroot') . 'interaction/forum/topic.php?id=' . $post->topicid . '#post' . $this->postid;
 
         foreach ($this->users as &$user) {
             $lang = (empty($user->lang) || $user->lang == 'default') ? get_config('lang') : $user->lang;
@@ -517,23 +515,12 @@ class ActivityTypeInteractionForumNewPost extends ActivityTypePlugin {
             $unsubscribeid = $post->{$type . 'id'};
             $unsubscribelink = get_config('wwwroot') . 'interaction/forum/unsubscribe.php?' . $type . '=' . $unsubscribeid . '&key=' . $subscribers[$user->id]->key;
 
-            if ($user->mnethostwwwroot) {
-                if (!isset($mnetpostlink)) {
-                    require_once(get_config('docroot') . 'auth/xmlrpc/lib.php');
-                }
-                $userpostlink = $mnetpostlink = PluginAuthXmlrpc::get_jump_link($user->mnethostwwwroot, $user->mnethostapp, $postlink);
-
-            }
-            else {
-                $userpostlink = $localpostlink;
-            }
-
             $user->message = get_string_from_language($lang, 'forumposttemplate', 'interaction.forum',
                 $post->subject ? $post->subject : get_string_from_language($lang, 're', 'interaction.forum', $post->topicsubject),
                 display_name($post->poster, $user),
                 $posttime,
                 $textbody,
-                $userpostlink,
+                $postlink,
                 $type,
                 $unsubscribelink
             );
@@ -542,9 +529,9 @@ class ActivityTypeInteractionForumNewPost extends ActivityTypePlugin {
                 display_name($post->poster, $user),
                 $posttime,
                 $htmlbody,
-                $userpostlink, $userpostlink,
-                $type,
-                $unsubscribelink, $unsubscribelink
+                $postlink,
+                $unsubscribelink,
+                $type
             );
         }
     }

htdocs/lib/user.php

@@ -269,6 +269,9 @@ function get_profile_field($userid, $field) {
  * @throws EmailException
  */ 
 function email_user($userto, $userfrom, $subject, $messagetext, $messagehtml='', $customheaders=null) {
+    global $IDPJUMPURL;
+    static $mnetjumps = array();
+
     if (!get_config('sendemail')) {
         // You can entirely disable Mahara from sending any e-mail via the 
         // 'sendemail' configuration variable
@@ -279,6 +282,29 @@ function email_user($userto, $userfrom, $subject, $messagetext, $messagehtml='',
         throw new InvalidArgumentException("empty user given to email_user");
     }
     
+    // If the user is a remote xmlrpc user, trawl through the email text for URLs
+    // to our wwwroot and modify the url to direct the user's browser to login at
+    // their home site before hitting the link on this site
+    if (!empty($userto->mnethostwwwroot) && !empty($userto->mnethostapp)) {
+        require_once(get_config('docroot') . 'auth/xmlrpc/lib.php');
+
+        // Form the request url to hit the idp's jump.php
+        if (isset($mnetjumps[$userto->mnethostwwwroot])) {
+            $IDPJUMPURL = $mnetjumps[$userto->mnethostwwwroot];
+        } else {
+            $mnetjumps[$userto->mnethostwwwroot] = $IDPJUMPURL = PluginAuthXmlrpc::get_jump_url_prefix($userto->mnethostwwwroot, $userto->mnethostapp);
+        }
+
+        $wwwroot = get_config('wwwroot');
+        $messagetext = preg_replace_callback('%(' . $wwwroot . '([\w_:\?=#&@/;.~-]*))%',
+            'localurl_to_jumpurl',
+            $messagetext);
+        $messagehtml = preg_replace_callback('%href=["\'`](' . $wwwroot . '([\w_:\?=#&@/;.~-]*))["\'`]%',
+            'localurl_to_jumpurl',
+            $messagehtml);
+    }
+
+
     require_once('phpmailer/class.phpmailer.php');
 
     $mail = new phpmailer();