Implement SpamCop reporting feature with settings and AJAX handling

Author: Grandi0z

modules/core/functions.php

@@ -276,8 +276,17 @@ function process_site_setting($type, $handler, $callback=false, $default=false,
         }
     }
     else {
-        list($success, $form) = $handler->process_form(array('save_settings', $type));
+        list($success, $form) = $handler->process_form(array('save_settings'));
+        if ($success) {
+            if (array_key_exists($type, $handler->request->post)) {
+                $form[$type] = $handler->request->post[$type];
+            }
+            else {
+                $form[$type] = '';
+            }
+        }
     }
+    
     $new_settings = $handler->get('new_user_settings', array());
     $settings = $handler->get('user_settings', array());
 
@@ -291,7 +300,8 @@ function process_site_setting($type, $handler, $callback=false, $default=false,
         $new_settings[$type.'_setting'] = $result;
     }
     else {
-        $settings[$type] = $handler->user_config->get($type.'_setting', $default);
+        $value_from_config = $handler->user_config->get($type.'_setting', $default);
+        $settings[$type] = $value_from_config;
     }
     $handler->out('new_user_settings', $new_settings, false);
     $handler->out('user_settings', $settings, false);
@@ -785,3 +795,23 @@ function isPageConfigured($page) {
     return in_array($page, $pages);
 }
 
+/**
+ * Get setting value with fallback to _setting suffix
+ * @subpackage core/functions
+ * @param array $settings User settings array
+ * @param string $key Setting key without _setting suffix
+ * @param mixed $default Default value
+ * @return mixed Setting value
+ */
+if (!hm_exists('get_setting_value')) {
+    function get_setting_value($settings, $key, $default = '') {
+        if (array_key_exists($key, $settings)) {
+            return $settings[$key];
+        }
+        if (array_key_exists($key . '_setting', $settings)) {
+            return $settings[$key . '_setting'];
+        }
+        return $default;
+    }
+}
+

modules/core/handler_modules.php

@@ -1010,6 +1010,32 @@ public function process() {
     }
 }
 
+/**
+ * Process SpamCop reporting settings from the Report Spam section
+ * @subpackage core/handler
+ */
+class Hm_Handler_process_spam_report_settings extends Hm_Handler_Module {
+    public function process() {
+        list($success, $form) = $this->process_form(array('save_settings'));
+        if (!$success || !array_key_exists('spamcop_settings', $this->request->post)) {
+            return;
+        }
+
+        $new_settings = $this->get('new_user_settings', array());
+        $spamcop = $this->request->post['spamcop_settings'];
+
+        $set_email_setting = function($key, $value) use (&$new_settings) {
+            $new_settings[$key] = (!empty($value) && filter_var($value, FILTER_VALIDATE_EMAIL)) ? $value : '';
+        };
+
+        $new_settings['spamcop_enabled_setting'] = isset($spamcop['enabled']);
+        $set_email_setting('spamcop_submission_email_setting', $spamcop['submission_email'] ?? '');
+        $set_email_setting('spamcop_from_email_setting', $spamcop['from_email'] ?? '');
+        
+        $this->out('new_user_settings', $new_settings, false);
+    }
+}
+
 /**
  * Process warn for unsaved changes in the settings page
  * @subpackage core/handler

modules/core/output_modules.php

@@ -2315,6 +2315,70 @@ protected function output() {
     }
 }
 
+/**
+ * Starts the Report Spam section on the settings page
+ * @subpackage core/output
+ */
+class Hm_Output_start_report_spam_settings extends Hm_Output_Module {
+    /**
+     * Settings in this section control spam reporting features
+     */
+    protected function output() {
+        return '<tr><td data-target=".report_spam_setting" colspan="2" class="settings_subtitle cursor-pointer border-bottom p-2">'.
+            '<i class="bi bi-shield-exclamation fs-5 me-2"></i>'.
+            $this->trans('Report Spam').'</td></tr>';
+    }
+}
+
+/**
+ * Option to enable/disable SpamCop reporting
+ * @subpackage core/output
+ */
+class Hm_Output_spamcop_enabled_setting extends Hm_Output_Module {
+    protected function output() {
+        $settings = $this->get('user_settings', array());
+        $enabled = get_setting_value($settings, 'spamcop_enabled', false);
+        $checked = $enabled ? ' checked="checked"' : '';
+        $reset = $enabled ? '<span class="tooltip_restore" restore_aria_label="Restore default value"><i class="bi bi-arrow-counterclockwise refresh_list reset_default_value_checkbox"></i></span>' : '';
+        
+        return '<tr class="report_spam_setting"><td><label class="form-check-label" for="spamcop_enabled">'.
+            $this->trans('Enable SpamCop reporting').'</label></td>'.
+            '<td><input class="form-check-input" type="checkbox" '.$checked.' id="spamcop_enabled" name="spamcop_settings[enabled]" data-default-value="false" value="1" />'.$reset.'</td></tr>';
+    }
+}
+
+/**
+ * Option for SpamCop submission email address
+ * @subpackage core/output
+ */
+class Hm_Output_spamcop_submission_email_setting extends Hm_Output_Module {
+    protected function output() {
+        $settings = $this->get('user_settings', array());
+        $email = get_setting_value($settings, 'spamcop_submission_email', '');
+        $reset = !empty($email) ? '<span class="tooltip_restore" restore_aria_label="Restore default value"><i class="bi bi-arrow-counterclockwise refresh_list reset_default_value_input"></i></span>' : '';
+        
+        return '<tr class="report_spam_setting"><td><label for="spamcop_submission_email">'.
+            $this->trans('SpamCop submission email').'</label></td>'.
+            '<td class="d-flex"><input class="form-control form-control-sm" type="email" id="spamcop_submission_email" name="spamcop_settings[submission_email]" value="'.$this->html_safe($email).'" placeholder="[email protected]" />'.$reset.'</td></tr>';
+    }
+}
+
+/**
+ * Option for SpamCop from email address
+ * @subpackage core/output
+ */
+class Hm_Output_spamcop_from_email_setting extends Hm_Output_Module {
+    protected function output() {
+        $settings = $this->get('user_settings', array());
+        $email = get_setting_value($settings, 'spamcop_from_email', '');
+        $reset = !empty($email) ? '<span class="tooltip_restore" restore_aria_label="Restore default value"><i class="bi bi-arrow-counterclockwise refresh_list reset_default_value_input"></i></span>' : '';
+        
+        return '<tr class="report_spam_setting"><td><label for="spamcop_from_email">'.
+            $this->trans('From email address (optional)').'</label></td>'.
+            '<td class="d-flex"><input class="form-control form-control-sm" type="email" id="spamcop_from_email" name="spamcop_settings[from_email]" value="'.$this->html_safe($email).'" placeholder="'.$this->trans('Uses your IMAP email if not set').'" />'.$reset.'</td></tr>';
+    }
+}
+
 /**
  * Option to warn user when he has unsaved changes.
  * @subpackage imap/output

modules/core/setup.php

@@ -56,6 +56,7 @@
 add_handler('settings', 'process_trash_source_max_setting', true, 'core', 'date', 'after');
 add_handler('settings', 'process_drafts_since_setting', true, 'core', 'date', 'after');
 add_handler('settings', 'process_drafts_source_max_setting', true, 'core', 'date', 'after');
+add_handler('settings', 'process_spam_report_settings', true, 'core', 'save_user_settings', 'before');
 add_handler('settings', 'process_hide_folder_icons', true, 'core', 'date', 'after');
 add_handler('settings', 'process_delete_prompt_setting', true, 'core', 'date', 'after');
 add_handler('settings', 'process_delete_attachment_setting', true, 'core', 'date', 'after');
@@ -101,7 +102,11 @@
 add_output('settings', 'start_drafts_settings', true, 'core', 'trash_source_max_setting', 'after');
 add_output('settings', 'drafts_since_setting', true, 'core', 'start_drafts_settings', 'after');
 add_output('settings', 'drafts_source_max_setting', true, 'core', 'drafts_since_setting', 'after');
-add_output('settings', 'start_everything_settings', true, 'core', 'drafts_source_max_setting', 'after');
+add_output('settings', 'start_report_spam_settings', true, 'core', 'drafts_source_max_setting', 'after');
+add_output('settings', 'spamcop_enabled_setting', true, 'core', 'start_report_spam_settings', 'after');
+add_output('settings', 'spamcop_submission_email_setting', true, 'core', 'spamcop_enabled_setting', 'after');
+add_output('settings', 'spamcop_from_email_setting', true, 'core', 'spamcop_submission_email_setting', 'after');
+add_output('settings', 'start_everything_settings', true, 'core', 'spamcop_from_email_setting', 'after');
 add_output('settings', 'all_since_setting', true, 'core', 'start_everything_settings', 'after');
 add_output('settings', 'all_source_max_setting', true, 'core', 'all_since_setting', 'after');
 add_output('settings', 'start_all_email_settings', true, 'core', 'all_source_max_setting', 'after');
@@ -360,5 +365,6 @@
         'srv_setup_stepper_imap_hide_from_c_page' => FILTER_VALIDATE_BOOLEAN,
         'images_whitelist' => FILTER_UNSAFE_RAW,
         'update' => FILTER_VALIDATE_BOOLEAN,
+        'spamcop_settings' => array('filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FORCE_ARRAY),
     )
 );

modules/imap/functions.php

@@ -1673,3 +1673,133 @@ function is_imap_archive_folder($server_id, $user_config, $current_folder) {
 
     return false;
 }}
+
+/**
+ * Error messages from spam reporting services
+ * @subpackage imap/functions
+ * @param string $error_msg Raw error message from service
+ * @return string User-friendly error message
+ */
+if (!hm_exists('normalize_spam_report_error')) {
+function normalize_spam_report_error($error_msg) {
+    $error_mappings = array(
+        'not enabled' => 'SpamCop reporting is not enabled. Please enable it in Settings.',
+        'not configured' => 'SpamCop submission email is not configured. Please configure it in Settings.',
+        'submission email' => 'SpamCop submission email is not configured. Please configure it in Settings.',
+        'sender email' => 'No sender email address configured. Please configure it in Settings.',
+        'No sender' => 'No sender email address configured. Please configure it in Settings.',
+        'Failed to send email' => 'Failed to send email to SpamCop. Please check your server mail configuration.',
+        'send email' => 'Failed to send email to SpamCop. Please check your server mail configuration.'
+    );
+    
+    foreach ($error_mappings as $key => $message) {
+        if (strpos($error_msg, $key) !== false) {
+            return $message;
+        }
+    }
+    
+    return $error_msg;
+}}
+
+/**
+ * Report spam message to SpamCop
+ */
+if (!hm_exists('report_spam_to_spamcop')) {
+function report_spam_to_spamcop($message_source, $reasons, $user_config) {
+    $spamcop_enabled = $user_config->get('spamcop_enabled_setting', false);
+    if (!$spamcop_enabled) {
+        return array('success' => false, 'error' => 'SpamCop reporting is not enabled');
+    }
+
+    $spamcop_email = $user_config->get('spamcop_submission_email_setting', '');
+    if (empty($spamcop_email)) {
+        return array('success' => false, 'error' => 'SpamCop submission email not configured');
+    }
+
+    $sanitized_message = sanitize_message_for_spam_report($message_source, $user_config);
+
+    $from_email = $user_config->get('spamcop_from_email_setting', '');
+    if (empty($from_email)) {
+        // Try to get from IMAP servers
+        $imap_servers = $user_config->get('imap_servers', array());
+        if (!empty($imap_servers)) {
+            $first_server = reset($imap_servers);
+            $from_email = isset($first_server['user']) ? $first_server['user'] : '';
+        }
+    }
+
+    if (empty($from_email)) {
+        return array('success' => false, 'error' => 'No sender email address configured');
+    }
+
+    $reasons_text = implode(', ', $reasons);
+    
+    $subject = 'Spam Report: ' . $reasons_text;
+    
+    $body = "This email is being reported as spam for the following reasons:\n\n";
+    $body .= $reasons_text . "\n\n";
+    $body .= "--- Original Message ---\n\n";
+    $body .= $sanitized_message;
+
+    $timeout = 10; //dont foget to add it to UI
+    $old_timeout = ini_get('default_socket_timeout');
+    ini_set('default_socket_timeout', $timeout);
+
+    try {
+        $headers = array();
+        $headers[] = 'From: ' . $from_email;
+        $headers[] = 'Reply-To: ' . $from_email;
+        $headers[] = 'X-Mailer: Cypht Spam Reporter';
+        $headers[] = 'Content-Type: message/rfc822';
+        
+        $mail_sent = @mail($spamcop_email, $subject, $body, implode("\r\n", $headers));
+        
+        ini_set('default_socket_timeout', $old_timeout);
+        
+        if ($mail_sent) {
+            return array('success' => true);
+        } else {
+            return array('success' => false, 'error' => 'Failed to send email to SpamCop');
+        }
+    } catch (Exception $e) {
+        ini_set('default_socket_timeout', $old_timeout);
+        return array('success' => false, 'error' => $e->getMessage());
+    }
+}}
+
+/**
+ * Sanitize message source for spam reporting
+ */
+if (!hm_exists('sanitize_message_for_spam_report')) {
+function sanitize_message_for_spam_report($message_source, $user_config) {
+    $user_emails = array();
+    $imap_servers = $user_config->get('imap_servers', array());
+    foreach ($imap_servers as $server) {
+        if (isset($server['user'])) {
+            $user_emails[] = strtolower($server['user']);
+        }
+    }
+
+    // Split message into headers and body
+    $parts = explode("\r\n\r\n", $message_source, 2);
+    $headers = isset($parts[0]) ? $parts[0] : '';
+    $body = isset($parts[1]) ? $parts[1] : '';
+
+    if (!empty($user_emails)) {
+        foreach ($user_emails as $email) {
+            // Remove email from various headers
+            $headers = preg_replace('/\b' . preg_quote($email, '/') . '\b/i', '[REDACTED]', $headers);
+        }
+    }
+
+    // Remove sensitive headers
+    $sensitive_headers = array('X-Original-From', 'X-Forwarded-For', 'X-Real-IP');
+    foreach ($sensitive_headers as $header) {
+        $headers = preg_replace('/^' . preg_quote($header, '/') . ':.*$/mi', '', $headers);
+    }
+
+    // Clean up multiple blank lines
+    $headers = preg_replace('/\r\n\r\n+/', "\r\n\r\n", $headers);
+
+    return $headers . "\r\n\r\n" . $body;
+}}