admin/Facilitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2aa489e0c7dec8f4192aac47ee84bff7098ac1c2
Facilitor/APPL/API/api_hmail.asp
Jos Groot Lipman 2aa489e0c7 FCLT#Recordsets die niet gesloten zijn beter detecteren 
svn path=/Website/trunk/; revision=47235
2020-06-24 15:42:24 +00:00

359 lines
14 KiB
Plaintext
Raw Blame History

<%@ language = "JavaScript" %>
<% /*
$Revision$
$Id$
File: api_hmail.asp
Description: API voor opvangen van hMailserver e-mails
Parameters: Een xml
Status:
Context: 1-op-1 met \UTILS\mail_receive\EventHandlers.js
Notes: Deze API krijgen we XML binnen, en geven JSON terug.
Dat was het eenvoudigst
*/
JSON_Result = true;
THIS_FILE = "appl/api/api_hmail.asp";
%>
<!-- #include file="../Shared/common.inc" -->
<!-- #include file="../Shared/xml_converter.inc" -->
<!-- #include file="../Shared/flexfiles.inc" -->
<!-- #include file="../api/api.inc" -->
<%
var authparams = user.checkAutorisation("WEB_FACHML");
var API = new API_func();
function abortRejectMail(tekst, maillog)
{
var result = { success: false,
message: tekst,
maillog: maillog||tekst
}
__Log(result.maillog); // komt altijd ook in hmail log
Response.Write(JSON.stringify(result));
Response.End;
}
function stripHtml(html)
{
html = (html||"");
html = stripStyle(html);
// verwijder html-tags
html = html.replace(/(<([^>]+)>)/ig,"");
// &nbsp; naar spatie
html = html.replace(/\&nbsp\;/ig, " ");
//verwijder leading spaces and tabs
html = html.replace(/^[ \t]+/gm,"");
// verwijder lege regels
html = html.replace(/[(\n\r)]+/g,"\n\r");
// zet een regel die begint met : maar achter de vorige
html = html.replace(/(\n\r:)/g,":");
return html;
}
function stripStyle(html)
{
html = (html||"");
html = html.replace(/<style>[^<]*<\/style>/igm, "");
return html;
}
function get_XMLval(psessionid, pxml, ptag, pindex)
{
var tag_value = XMLval(pxml, ptag);
var sql_ins = "INSERT INTO fac_result"
+ " (fac_result_sessionid, fac_result_naam, fac_result_waarde)"
+ " VALUES"
+ " (" + safe.quoted_sql(psessionid)
+ " ," + safe.quoted_sql(ptag + (pindex ? "_"+pindex : ""), 30) // Een mail kan meerdere bijlagen bevatten. Voor elke bijlage is er dan een filename en size.
+ " ," + safe.quoted_sql(tag_value, 4000)
+ " )";
Oracle.Execute(sql_ins);
return tag_value;
}
// puur intern gebruik dus geen stylesheet conversie nodig
var parsed = RequestXML(API);
if (parsed.error)
{
abortRejectMail("Error " + parsed.error);
}
var xmlReq = parsed.xml;
var psession_id = Session.SessionID;
// verwijder entries in de FAC_RESULT table zodat de action nieuwe resultaten kan schrijven
var sql = "DELETE fac_result WHERE fac_result_sessionid = " + safe.quoted_sql(psession_id);
Oracle.Execute(sql);
var Subject = get_XMLval(psession_id, xmlReq, "subject");
var fromAddr = get_XMLval(psession_id, xmlReq, "fromaddr"); // "Returns the address that the sender gave in the MAIL FROM SMTP-command."
var from = get_XMLval(psession_id, xmlReq, "from"); // "This property returns the content of the From MIME-header of the email."
var toAddr = get_XMLval(psession_id, xmlReq, "to");
var RecipientNr = get_XMLval(psession_id, xmlReq, "RecipientNr"); // 0 voor 1e recipient, soms 1 voor tweede
var htmlBody = get_XMLval(psession_id, xmlReq, "htmlbody");
var Body = get_XMLval(psession_id, xmlReq, "body");
var CC = get_XMLval(psession_id, xmlReq, "CC");
//htmlBody = stripStyle(htmlBody);
//Body = stripStyle(Body);
// functie om velden in fac_result te zetten
__Log("To: " + toAddr);
var mailuser = toAddr.split("@")[0];
sql = "SELECT fac_email_setting_key,"
+ " fac_email_setting_action,"
+ " fac_email_setting_expire,"
+ " fac_email_setting_from,"
+ " fac_email_setting_frommode,"
+ " fac_email_setting_attachpath,"
+ " fac_email_setting_attachext,"
+ " fac_email_setting_loglevel,"
+ " prs_perslid_key_auth"
+ " FROM fac_email_setting"
+ " WHERE upper(fac_email_setting_user) = upper("+safe.quoted_sql(mailuser)+")";
var oRs = Oracle.Execute(sql);
if (oRs.Eof)
{
abortRejectMail(L("lcl_fac_hmail_unknown_user").format(mailuser), "E-mail user niet ontvankelijk: " + mailuser);
}
var allowed_attachext = oRs("fac_email_setting_attachext").Value;
var email_setting_key = oRs("fac_email_setting_key").Value;
var prs_perslid_key_auth = oRs("prs_perslid_key_auth").Value;
var email_setting_loglevel = oRs("fac_email_setting_loglevel").Value;
if (email_setting_loglevel > 0)
/* global */ __Logging = email_setting_loglevel || __Logging || 0; // Voor de rest van dit bestand
__Log("Subject: " + Subject);
__Log("From: " + from);
__Log("FromAddr: " + fromAddr);
__Log("To: " + toAddr);
__Log("RecipientNr: " + RecipientNr);
__Log("htmlBody: " + htmlBody);
__Log("body: " + Body);
__Log("E-mail user ontvankelijk: " + mailuser);
if (oRs("fac_email_setting_expire").Value != null)
{
var expire = new Date(oRs("fac_email_setting_expire").Value);
if (expire.getTime() < (new Date).getTime())
{
abortRejectMail(L("lcl_fac_hmail_expired"), "Te laat, moest voor: " + expire);
}
}
var theFrom = fromAddr; // SMTP communicatie, werkt matig bij forwards
if (oRs("fac_email_setting_frommode").Value == 1)
theFrom = from; // uit email MIME-header
else if (oRs("fac_email_setting_frommode").Value == 2)
{
// example srs address: servicedesk+SRS=kWNyq=RW=manutan.nl=Paul.Gozeling@hsleiden.nl
// output groups of RegExp: 1. servicedesk 2. kWNyq 3. manutan.nl 4. Paul.Gozeling
// from e-mail address when SRS is detected: Paul.Gozeling@manutan.nl
var regExpr = RegExp("(.+)[+]SRS=(.+)[=].+=(.+)=(.+)[@]");
if (regExpr.test(fromAddr)) // test whether the fromAddr is a SRS address
theFrom = regExpr.exec(fromAddr)[4] + "@" + regExpr.exec(fromAddr)[3]; // concat (group-4 @ group-3) as the fromAddr
}
var shouldFrom = oRs("fac_email_setting_from").Value;
if (shouldFrom)
{
if (String(shouldFrom).toUpperCase() != String(theFrom).toUpperCase())
{
abortRejectMail(L("lcl_fac_hmail_wrong_sender").format(theFrom), "Foute afzender. Verwacht: " + shouldFrom + ", kreeg: " + theFrom);
}
}
var action = oRs("fac_email_setting_action").Value; // Package aanroep
var setting_attachpath = oRs("fac_email_setting_attachpath").Value;
var path = setting_attachpath;
if (path && path.substr(0,1) == "@") // @/?API=OPDR_VO&APIKEY=**** zet automatisch de huidige url ervoor
{
path = HTTP.urlzelf() + path.substr(1);
}
if (path && path.substr(0, 1) == "*") // Bijvoorbeeld '*flexfilespath'
{
path = S(path.substr(1)) + "/";
}
oRs.Close();
var result = { success: true
, path: path
, attachments: []
, tempfolder: shared.tempFolder()
, loglevel: email_setting_loglevel || 0
};
var kenmerkpath = "";
if (action) // Bijv "fac.processemail" of "uwva.closeorder-sample"
{
if (!Body || Body == "") // Voorkeur voor plaintekst
{
var v_body = L("lcl_fac_hmail_empty_body") + stripHtml(htmlBody);
}
else
{
var v_body = Body;
}
sql = "BEGIN " + action + " (" + safe.quoted_sql(theFrom) + ","
+ safe.quoted_sql(toAddr) + ","
+ safe.quoted_sql(Subject || L("lcl_fac_hmail_no_subject")) + "," // de actions kunnen slecht tegen lege subject
+ safe.quoted_sql(v_body, 3990) + "," // HSLE#33588 10 karakters speling
+ safe.quoted_sql(psession_id) + ","
+ email_setting_key + ");"
+ "END;";
Oracle.Execute(sql);
// Nog iets specifieks terug te melden voor de logging?
sql = "SELECT fac_result_waarde"
+ " FROM fac_result"
+ " WHERE fac_result_naam = 'maillog'"
+ " AND fac_result_sessionid = " + safe.quoted_sql(psession_id);
var oRs = Oracle.Execute(sql);
if (!oRs.Eof)
{
result.maillog = oRs("fac_result_waarde").Value;
}
else
result.maillog = "E-mail afgehandeld via: " + action;
oRs.Close();
sql = "SELECT fac_result_waarde"
+ " FROM fac_result"
+ " WHERE fac_result_naam = 'errormsg'"
+ " AND fac_result_sessionid = " + safe.quoted_sql(psession_id);
var oRs = Oracle.Execute(sql);
if (!oRs.Eof)
{
abortRejectMail(oRs("fac_result_waarde").Value, result.maillog);
}
oRs.Close();
sql = "SELECT fac_result_waarde"
+ " FROM fac_result"
+ " WHERE fac_result_naam = 'kenmerkpath'"
+ " AND fac_result_sessionid = " + safe.quoted_sql(psession_id);
var oRs = Oracle.Execute(sql);
if (!oRs.Eof)
{
kenmerkpath = oRs("fac_result_waarde").Value;
result.path = result.path + kenmerkpath;
}
oRs.Close();
}
else
result.maillog = "Verder geen e-mail action gedefinieerd";
// debug
//kenmerkpath = "MLD\\M1180___\\M1180706\\2803\\";
//result.path = result.path + kenmerkpath;
__Log(result.maillog);
var isUrl = false;
if (result.path && (result.path.substr(0,5) == "http:" || result.path.substr(0,6) == "https:"))
{
isUrl = true;
result.path = result.path.format(safe.url(theFrom), safe.url(toAddr), safe.url(Subject)); // supports &from={0}&to={1}&subject={2}
// bij de echte aanroep wordt &filename={filename} nog ingevuld met de echte filenaam
var fso = Server.CreateObject("Scripting.FileSystemObject");
if (!fso.FolderExists(result.tempfolder))
fso.CreateFolder(result.tempfolder);
}
// opruimen
var sql = "DELETE fac_result WHERE fac_result_sessionid = " + safe.quoted_sql(psession_id);
Oracle.Execute(sql);
if (result.path)
{
var Attachments = xmlReq.getElementsByTagName("attachment");
for (i=0; i < Attachments.length; i++)
{
var safefilename = safe.filename(XMLval(Attachments[i], "filename", i));
var attsize = parseInt(XMLval(Attachments[i], "size", i), 10);
if (safefilename == 'tmpl_logo.gif')
{ // Waarschijnlijk een FACILITOR bon gereply'd
__Log("Bijlage {0} genegeerd.".format(safefilename));
}
else if (attsize < S("flex_min_size"))
{
__Log("Bijlage {0} genegeerd, te klein met {1} bytes.".format(safefilename, attsize));
}
else if (!new RegExp(S("flexallowedext"), "ig").test(safefilename))
{
// TODO: Misschien ook terugkoppelen aan zender?
__DoLog("Onbekende extensie e-mail bijlage: {0} ({1} bytes) van {2}. Bestand is niet opgeslagen.".format(safefilename, attsize, theFrom));
}
else if (allowed_attachext && !new RegExp(allowed_attachext, "ig").test(safefilename))
{
__Log("Ongewenste extensie e-mail bijlage: {0} ({1} bytes) van {2}. Bestand is niet opgeslagen.".format(safefilename, attsize, theFrom));
}
else if (isUrl)
{
__Log('{0} bijlage ({1} bytes) verwerken met {2}'.format(safefilename, attsize, result.path));
var tempfilename = result.tempfolder + "\\" + shared.random(32);
__Log('Tijdelijk bewaard onder {0}'.format(tempfilename));
result.attachments.push ({ sequence: i,
safefilename: safefilename,
tempfilename: tempfilename,
safeurl: result.path,
headers: { "Content-Type": "application/json" } // meer extensies her/onderkennen?
})
}
else
{
if (setting_attachpath == "*flexfilespath" && kenmerkpath)
{ // Dan ook alvast registreren in fac_bijlagen.
// kenmerkpath zal iets zijn met MLD\M1180___\M1180707\2803\, helaas hier weer terugparsen
// naar module, kenmerkkey en melding_key
kenmerkpath = kenmerkpath.replace(/\\/g, "/"); // altijd forward slashed
kenmerkpath = kenmerkpath.replace(/\/$/, ""); // laatste er af
// Nu MLD/M1180___/M1180707/2803
var mm = kenmerkpath.match(/(.*)\/.*\/([A-Z])(\d+)\/(\d+)/);
__Log(mm);
if (mm && mm.length == 5)
{
var module = mm[1];
var niveau = mm[2];
var key = mm[3];
var kenmerk_key = mm[4];
var sql = "BEGIN "
+ " flx.setflexbijlage"
+ "(" + safe.quoted_sql(module)
+ ", " + kenmerk_key
+ ", " + key
+ ", " + safe.quoted_sql(kenmerkpath)
+ ", " + "NULL"
+ ", " + safe.quoted_sql(safefilename)
+ ", " + attsize
+ ", " + "SYSDATE"
+ ", " + "NULL" // Helaas (nog) zonder digest omdat we het bestand nog niet hebben
+ ");"
+ " END;";
Oracle.Execute(sql);
}
}
__Log('{0} bijlage ({1} bytes) mag naar {2}'.format(safefilename, attsize, result.path));
CreateFullPath(result.path); // Hoeft hMailserver dat niet meer te doen. Eist wel dat hMail op 'onze' webserver draait
result.attachments.push ({ sequence: i,
safefilename: result.path + safefilename
})
}
}
// Strikt genomen filtert allowed_attachext alleen maar. In de praktijk zetten we hem echter op XML
// als we een XML-bijlage ter importeren verwachten dan kan er maar beter ook eentje zijn ook!
if (allowed_attachext && !result.attachments.length)
{
__DoLog("Vreemd: ik had eigenlijk een '{0}' bijlage verwacht van {1}".format(allowed_attachext, theFrom), "#ff4");
}
}
__Log(result);
Response.Write(JSON.stringify(result));
Response.End;
%>
<% ASPPAGE_END(); %>
View Git Blame Copy Permalink