Merge pull request #1065 from christer77/Like-Gmail-warn-if-you-are-a…

…bout-to-reply-to-a-new-contact-and-perhaps-disclose-sensitive-data [EHN]Like Gmail, warn if you are about to reply to a new contact (and perh…
cypht-org · Aug 22, 2024 · 2827438 · 2827438
2 parents 89cde3f + 174d6a2
commit 2827438
Show file tree

Hide file tree

Showing 3 changed files with 99 additions and 3 deletions.
diff --git a/modules/contacts/modules.php b/modules/contacts/modules.php
@@ -144,6 +144,8 @@ public function process() {
         }
         $this->out('contact_page', $page);
         $this->out('contact_store', $contacts, false);
+        $this->out('enable_warn_contacts_cc_not_exist_in_list_contact', $this->user_config->get('enable_warn_contacts_cc_not_exist_in_list_contact_setting', false));
+
     }
 }
 
@@ -429,6 +431,56 @@ protected function output() {
     }
 }
 
+/**
+ * @subpackage contacts/output
+ */
+class Hm_Output_load_contact_mails extends Hm_Output_Module {
+    protected function output() {
+        if (!$this->get("enable_warn_contacts_cc_not_exist_in_list_contact")) {
+            return "";
+        }
+        $contact_store = $this->get('contact_store');
+        $emails = [];
+        foreach ($contact_store->dump() as $contact) {
+            $email = $contact->value('email_address');
+            if ($email) {
+                $emails[] = $email;
+            }
+        }
+        $emails = json_encode($emails);        
+        return "<script>var list_emails = $emails; </script>";
+    }
+}
+
+/**
+ * @subpackage contacts/output
+ */
+class Hm_Output_enable_warn_contacts_cc_not_exist_in_list_contact extends Hm_Output_Module {
+    protected function output() {
+        $settings = $this->get('user_settings');
+        if (array_key_exists('enable_warn_contacts_cc_not_exist_in_list_contact', $settings) && $settings['enable_warn_contacts_cc_not_exist_in_list_contact']) {
+            $checked = ' checked="checked"';
+            $reset = '<span class="tooltip_restore" restore_aria_label="Restore default value"><i class="bi bi-arrow-counterclockwise fs-6 cursor-pointer refresh_list reset_default_value_checkbox"></i></span>';
+        }
+        else {
+            $checked = '';
+            $reset='';
+        }
+        return '<tr class="general_setting"><td><label class="form-check-label" for="enable_warn_contacts_cc_not_exist_in_list_contact">'.
+            $this->trans('Enable warn if contacts Cc not exist in list contact').'</label></td>'.
+            '<td><input class="form-check-input" type="checkbox" '.$checked.
+            ' value="1" id="enable_warn_contacts_cc_not_exist_in_list_contact" name="enable_warn_contacts_cc_not_exist_in_list_contact" />'.$reset.'</td></tr>';
+    }
+}
+
+class Hm_Handler_process_enable_warn_contacts_cc_not_exist_in_list_contact extends Hm_Handler_Module {
+    public function process() {
+        function enable_warn_contacts_cc_not_exist_in_list_contact_callback($val) { return $val; }
+        process_site_setting('enable_warn_contacts_cc_not_exist_in_list_contact', $this, 'enable_warn_contacts_cc_not_exist_in_list_contact_callback', false, true);
+    }
+}
+
+
 /**
  * @subpackage contacts/functions
  */

diff --git a/modules/contacts/setup.php b/modules/contacts/setup.php
@@ -47,6 +47,11 @@
 add_handler('export_contact', 'process_export_contacts', true, 'contacts', 'load_contacts', 'after');
 add_handler('settings', 'process_contact_auto_collect_setting', true, 'contacts', 'date', 'after');
 
+add_output('compose', 'load_contact_mails', true, 'contacts', 'compose_form_end', 'after');
+
+add_handler('settings', 'process_enable_warn_contacts_cc_not_exist_in_list_contact', true, 'contacts', 'save_user_settings', 'before');
+add_output('settings', 'enable_warn_contacts_cc_not_exist_in_list_contact', true, 'contacts', 'start_general_settings', 'after');
+
 return array(
     'allowed_pages' => array(
         'contacts',
@@ -75,7 +80,9 @@
         'add_contact' => FILTER_SANITIZE_FULL_SPECIAL_CHARS,
         'contact_source' => FILTER_SANITIZE_FULL_SPECIAL_CHARS,
         'contact_type' => FILTER_SANITIZE_FULL_SPECIAL_CHARS,
-        'contact_auto_collect' => FILTER_VALIDATE_BOOLEAN
+        'contact_auto_collect' => FILTER_VALIDATE_BOOLEAN,
+        'enable_warn_contacts_cc_not_exist_in_list_contact' => FILTER_VALIDATE_INT
+
     ),
     'allowed_get' => array(
         'contact_id' => FILTER_SANITIZE_FULL_SPECIAL_CHARS,

diff --git a/modules/smtp/site.js b/modules/smtp/site.js
@@ -419,6 +419,29 @@ var force_send_message = function() {
     }
 }
 
+var check_cc_exist_in_contacts_list = function(e) {
+        var compose_cc = $(".compose_cc").val().trim();
+        var list_cc = null;
+        var list_cc_not_exist_in_my_contact = [];
+        if (compose_cc.length > 0) {
+            list_cc = compose_cc.split(",");
+            var list_html = "<ol>";
+            list_cc.forEach(cc => {
+                cc = cc.trim().split(" ");
+                if (! list_emails.includes(cc.slice(-1)[0])) {
+                    list_cc_not_exist_in_my_contact.push(cc.slice(-1)[0])
+                    list_html += `<li>${cc.slice(-1)[0]}</li>`;
+                }
+            });
+            list_html += "</ol>";
+
+            if (list_cc_not_exist_in_my_contact) {
+                return list_html;
+            }
+        }
+    return "";
+};
+
 $(function () {
     if (!hm_is_logged()) {
         return;
@@ -467,6 +490,7 @@ $(function () {
 
             let modalContentHeadline = '';
             let dontWanValueInStorage = '';
+            let showBtnSendAnywayDontWarnFuture = true;
 
             // If the subject is empty, we should warn the user
             if (!subject) {
@@ -486,6 +510,17 @@ $(function () {
                 modalContentHeadline = "Your subject and body are empty!";
             }
 
+            // if contact_cc not exist in contact list for user
+            var checkInList = "";
+            if (list_emails) {
+                checkInList = check_cc_exist_in_contacts_list(e);
+                if (checkInList) {
+                    modalContentHeadline = "Adress mail not exist in your contact liste";
+                    showBtnSendAnywayDontWarnFuture = false;
+                }
+            }
+
+
             // If the user has disabled the warning, we should send the message
             if (Boolean(Hm_Utils.get_from_local_storage(dontWanValueInStorage))) {
                 handleSendAnyway();
@@ -508,9 +543,11 @@ $(function () {
             function showModal() {
                 if (! modal.modalContent.html()) {
                     modal.addFooterBtn(hm_trans('Send anyway'), 'btn-warning', handleSendAnyway);
-                    modal.addFooterBtn(hm_trans("Send anyway and don't warn in the future"), 'btn-warning', handleSendAnywayAndDontWarnMe);
+                    if (showBtnSendAnywayDontWarnFuture) {
+                        modal.addFooterBtn(hm_trans("Send anyway and don't warn in the future"), 'btn-warning', handleSendAnywayAndDontWarnMe);
+                    }
                 }
-                modal.setContent(modalContentHeadline + `<p>${hm_trans('Are you sure you want to send this message?')}</p>`);
+                modal.setContent(modalContentHeadline + checkInList + `<p>${hm_trans('Are you sure you want to send this message?')}</p>`);
                 modal.open();
             }