diff --git a/composer.json b/composer.json index 23298f4..ee568b2 100644 --- a/composer.json +++ b/composer.json @@ -7,7 +7,8 @@ "spomky-labs/otphp": "^8.3", "endroid/qrcode": "^1.9", "ldaptools/ldaptools": "^0.24.0", - "guzzlehttp/guzzle": "^6.2" + "guzzlehttp/guzzle": "^6.2", + "phpmailer/phpmailer": "^5.2" }, "authors": [ { diff --git a/composer.lock b/composer.lock index e5ec4b9..a8e3f44 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "4965262916e04d361db07e7f14ed06d6", + "content-hash": "0ca1975ebb0ba7d9d480257323a5d727", "packages": [ { "name": "beberlei/assert", @@ -520,6 +520,82 @@ ], "time": "2017-03-13T16:27:32+00:00" }, + { + "name": "phpmailer/phpmailer", + "version": "v5.2.23", + "source": { + "type": "git", + "url": "https://github.com/PHPMailer/PHPMailer.git", + "reference": "7115df4a6f76281109ebe352900c42403b728bb4" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/7115df4a6f76281109ebe352900c42403b728bb4", + "reference": "7115df4a6f76281109ebe352900c42403b728bb4", + "shasum": "" + }, + "require": { + "php": ">=5.0.0" + }, + "require-dev": { + "doctrine/annotations": "1.2.*", + "jms/serializer": "0.16.*", + "phpdocumentor/phpdocumentor": "2.*", + "phpunit/phpunit": "4.8.*", + "symfony/debug": "2.8.*", + "symfony/filesystem": "2.8.*", + "symfony/translation": "2.8.*", + "symfony/yaml": "2.8.*", + "zendframework/zend-cache": "2.5.1", + "zendframework/zend-config": "2.5.1", + "zendframework/zend-eventmanager": "2.5.1", + "zendframework/zend-filter": "2.5.1", + "zendframework/zend-i18n": "2.5.1", + "zendframework/zend-json": "2.5.1", + "zendframework/zend-math": "2.5.1", + "zendframework/zend-serializer": "2.5.*", + "zendframework/zend-servicemanager": "2.5.*", + "zendframework/zend-stdlib": "2.5.1" + }, + "suggest": { + "league/oauth2-google": "Needed for Google XOAUTH2 authentication" + }, + "type": "library", + "autoload": { + "classmap": [ + "class.phpmailer.php", + "class.phpmaileroauth.php", + "class.phpmaileroauthgoogle.php", + "class.smtp.php", + "class.pop3.php", + "extras/EasyPeasyICS.php", + "extras/ntlm_sasl_client.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "LGPL-2.1" + ], + "authors": [ + { + "name": "Jim Jagielski", + "email": "jimjag@gmail.com" + }, + { + "name": "Marcus Bointon", + "email": "phpmailer@synchromedia.co.uk" + }, + { + "name": "Andy Prevost", + "email": "codeworxtech@users.sourceforge.net" + }, + { + "name": "Brent R. Matzelle" + } + ], + "description": "PHPMailer is a full-featured email creation and transfer class for PHP", + "time": "2017-03-15T19:32:56+00:00" + }, { "name": "psr/http-message", "version": "1.0.1", diff --git a/index.php b/index.php index e3db8c8..f3130ba 100644 --- a/index.php +++ b/index.php @@ -40,7 +40,10 @@ if ($VARS['progress'] == "1") { $username_ok = true; break; case "ALERT_ON_ACCESS": - sendLoginAlertEmail($VARS['username']); + $mail_resp = sendLoginAlertEmail($VARS['username']); + if (DEBUG) { + var_dump($mail_resp); + } $username_ok = true; break; default: diff --git a/lang/en_us.php b/lang/en_us.php index 56eec98..300bcd0 100644 --- a/lang/en_us.php +++ b/lang/en_us.php @@ -51,5 +51,7 @@ $STRINGS = [ "open app" => "Open App", "sign in again" => "Please sign in again to continue.", "login failed try on web" => "There is a problem with your account. Visit Portal via a web browser for more information.", - "mobile login disabled" => "Mobile login has been disabled by your system administrator. Contact technical support for more information." + "mobile login disabled" => "Mobile login has been disabled by your system administrator. Contact technical support for more information.", + "admin alert email subject" => "Alert: User login notification", + "admin alert email message" => "You (or another administrator) requested to be notified when user \"{username}\" logged in, an event which happened just now.\r\n\r\nUsername: {username}\r\nDate/Time: {datetime}\r\nIP address: {ipaddr}", ]; diff --git a/lib/login.php b/lib/login.php index 0bb539b..6b715a4 100644 --- a/lib/login.php +++ b/lib/login.php @@ -280,9 +280,51 @@ function doLoginUser($username, $password) { * * Used when an account with the status ALERT_ON_ACCESS logs in * @param String $username the account username + * @return Mixed TRUE if successful, error string if not */ function sendLoginAlertEmail($username) { - // TODO: add email code + if (is_empty(ADMIN_EMAIL) || filter_var(ADMIN_EMAIL, FILTER_VALIDATE_EMAIL) === FALSE) { + return "false"; + } + if (is_empty(FROM_EMAIL) || filter_var(FROM_EMAIL, FILTER_VALIDATE_EMAIL) === FALSE) { + return "false"; + } + + $mail = new PHPMailer; + + if (DEBUG) { + $mail->SMTPDebug = 2; + } + + if (USE_SMTP) { + $mail->isSMTP(); + $mail->Host = SMTP_HOST; + $mail->SMTPAuth = SMTP_AUTH; + $mail->Username = SMTP_USER; + $mail->Password = SMTP_PASS; + $mail->SMTPSecure = SMTP_SECURE; + $mail->Port = SMTP_PORT; + if (SMTP_ALLOW_INVALID_CERTIFICATE) { + $mail->SMTPOptions = array( + 'ssl' => array( + 'verify_peer' => false, + 'verify_peer_name' => false, + 'allow_self_signed' => true + ) + ); + } + } + + $mail->setFrom(FROM_EMAIL, 'Account Alerts'); + $mail->addAddress(ADMIN_EMAIL, "System Admin"); + $mail->isHTML(false); + $mail->Subject = lang("admin alert email subject", false); + $mail->Body = lang2("admin alert email message", ["username" => $username, "datetime" => date("Y-m-d H:i:s"), "ipaddr" => getClientIP()], false); + + if (!$mail->send()) { + return $mail->ErrorInfo; + } + return TRUE; } function insertAuthLog($type, $uid = null, $data = "") { diff --git a/settings.template.php b/settings.template.php index 265d054..8e1df07 100644 --- a/settings.template.php +++ b/settings.template.php @@ -68,6 +68,18 @@ define('QWIKCLOCK_HOME', '/qwikclock/app.php'); // See lang folder for language options define('LANGUAGE', "en_us"); +// Email settings for receiving admin alerts. +define("USE_SMTP", TRUE); // if FALSE, will use PHP's mail() instead +define("ADMIN_EMAIL", ""); +define("FROM_EMAIL", "portal-noreply@apps.biz.netsyms.com"); +define("SMTP_HOST", ""); +define("SMTP_AUTH", true); +define("SMTP_PORT", 587); +define("SMTP_SECURE", 'tls'); +define("SMTP_USER", ""); +define("SMTP_PASS", ""); +define("SMTP_ALLOW_INVALID_CERTIFICATE", TRUE); + // Minimum length for new passwords // The system checks new passwords against the 500 worst passwords and rejects // any matches.