/** * sendEmail * Function mapped to Laravel route. Defines variable arrays an

1. /**
2. * sendEmail
3. * Function mapped to Laravel route. Defines variable arrays and calls Email Class executeEmail.
4. *
5. * @param Request $request Request object passed via AJAX from client.
6. */
7. public static function sendPhishingEmail(Request $request)
8. {
9. if(Auth::check()) {
10. $fromEmail = Campaign_Email_Addresses::where('EmailAddress',$request->input('fromEmailText'))->first();
11. $template = Template::where('FileName',$request->input('templateText'))->first();
12. $campaign = Campaign::where('Id',$request->input('campaignText'))->first();
13. if(!empty($fromEmail) && !empty($template) && !empty($campaign)) {
14. putenv("MAIL_USERNAME=$fromEmail->EmailAddress");
15. putenv("MAIL_NAME=$fromEmail->Name");
16. $cryptor = new Cryptor();
17. $password = $cryptor->decrypt($fromEmail->Password);
18. putenv("MAIL_PASSWORD=$password");
19. $templateClass = "\App\Mail\$template->Mailable";
20. $sendingChoice = $request->input('sendingChoiceRadio');
21. if($sendingChoice == 'user') {
22. $user = Mailing_List_User::where('Id',$request->input('userIdText'))->first();
23. if(!empty($user)) {
24. Mail::to($user->Email,$user->FirstName . ' ' . $user->LastName)
25. ->send(new $templateClass($user,$campaign,$request->input('companyText')));
26. self::logSentEmail($user,$campaign);
27. }
28. } else {
29. $group = MLU_Departments::where('Id',$request->input('groupIdText'))->first();
30. if(!empty($group)) {
31. $bridge = Mailing_List_User_Department_Bridge::where('DepartmentId',$group->Id)->get();
32. foreach($bridge as $pair) {
33. $user = Mailing_List_User::where('Id',$pair->UserId)->first();
34. if(!empty($user)) {
35. Mail::to($user->Email,$user->FirstName . ' ' . $user->LastName)
36. ->send(new $templateClass($user,$campaign,$request->input('companyText')));
37. self::logSentEmail($user,$campaign);
38. }
39. }
40. }
41. }
42. }
43. }
44. return redirect()->route('generatePhish');
45. }
46.  
47. public static function sendNewAccountEmail(User $user, $password) {
48. if(Auth::adminCheck()) {
49. Mail::to($user->Email,$user->FirstName . ' ' . $user->LastName)
50. ->send(new NewUser($user,$password));
51. }
52. }
53.  
54. public static function sendTwoFactorEmail(User $user, $code) {
55. Mail::to($user->Email,$user->FirstName . ' ' . $user->LastName)
56. ->send(new TwoFactorCode($user,$code));
57. }
58.  
59. /**
60. * logSentEmail
61. * Logs to sent_email table info about this email and associated recipient.
62. *
63. * @param Mailing_List_User $user
64. */
65. private static function logSentEmail(Mailing_List_User $user, Campaign $campaign) {
66. Sent_Mail::create(
67. ['UserId'=>$user->Id,
68. 'CampaignId'=>$campaign->Id,
69. 'Timestamp'=>Carbon::now()]
70. );
71. }
72.  
73. protected $method = 'AES-256-CTR';
74. private $key;
75.  
76. protected function iv_bytes()
77. {
78. return openssl_cipher_iv_length($this->method);
79. }
80.  
81. public function __construct($key = false, $method = false)
82. {
83. if(!$key) {
84. $key = file_get_contents('../../' . getenv('CRYPTOR_SECRET_KEY'));
85. }
86. if(ctype_print($key)) {
87. $this->key = openssl_digest($key, 'SHA256', true);
88. } else {
89. $this->key = $key;
90. }
91. if($method) {
92. if(in_array($method, openssl_get_cipher_methods())) {
93. $this->method = $method;
94. } else {
95. die(__METHOD__ . ": unrecognised encryption method: {$method}");
96. }
97. }
98. }
99.  
100. public function encrypt($data)
101. {
102. $iv = openssl_random_pseudo_bytes($this->iv_bytes());
103. $encrypted_string = bin2hex($iv) . openssl_encrypt($data, $this->method, $this->key, 0, $iv);
104. return $encrypted_string;
105. }
106.  
107. public function decrypt($data)
108. {
109. $iv_strlen = 2 * $this->iv_bytes();
110. if(preg_match("/^(.{" . $iv_strlen . "})(.+)$/", $data, $regs)) {
111. list(, $iv, $crypted_string) = $regs;
112. $decrypted_string = openssl_decrypt($crypted_string, $this->method, $this->key, 0, hex2bin($iv));
113. return $decrypted_string;
114. }
115. return false;
116. }
117.  
118. protected $table = 'campaign_email_addresses';
119.  
120. protected $primaryKey = 'EmailAddress';
121.  
122. public $incrementing = false;
123.  
124. protected $fillable = ['EmailAddress',
125. 'Name',
126. 'Password'];
127.  
128. public static function insertEmail($email, $name, $password) {
129. $cryptor = new Cryptor();
130. $encrypted = $cryptor->encrypt($password);
131. unset($password);
132. $query = self::where('EmailAddress',$email)->first();
133. if(count($query)) {
134. throw new DuplicateKeyException("Email Address already exists.");
135. }
136. return self::create([
137. 'EmailAddress'=>$email,
138. 'Name'=>$name,
139. 'Password'=>$encrypted
140. ]);
141. }
142.  
143. public static function updateEmail($email, $name, $password) {
144. $cryptor = new Cryptor();
145. $encrypted = $cryptor->encrypt($password);
146. unset($password);
147. $query = self::query();
148. $query->where('EmailAddress',$email);
149. $query->update(['Password'=>$encrypted,'Name'=>$name]);
150. return $query->get();
151. }
152.  
153. public static function decryptPassword($email) {
154. $cryptor = new Cryptor();
155. $password = self::where('EmailAddress',$email)->first()->Password;
156. return $cryptor->decrypt($password);
157. }
158.  
159. protected $table = 'templates';
160.  
161. protected $fillable = ['EmailType',
162. 'FileName',
163. 'PublicName',
164. 'Mailable'
165. ];
166.  
167. protected $primaryKey = 'FileName';
168.  
169. public $incrementing = false;
170.  
171. protected $table = 'mailing_list';
172.  
173. protected $primaryKey = 'Id';
174.  
175. protected $fillable =
176. ['Email',
177. 'FirstName',
178. 'LastName',
179. 'UniqueURLId'
180. ];
181.  
182. public static function updateMailingListUser($mlu, $email, $fname, $lname, $uniqueURLId = '') {
183. $query = Mailing_List_User::query();
184. $query->where('Id',$mlu->Id);
185. $update = array();
186.  
187. if(!empty($email)) {
188. $update['Email'] = $email;
189. }
190. if(!empty($fname)) {
191. $update['FirstName'] = $fname;
192. }
193. if(!empty($lname)) {
194. $update['LastName'] = $lname;
195. }
196. if(!empty($uniqueURLId)) {
197. $update['UniqueURLId'] = $uniqueURLId;
198. }
199.  
200. $query->update($update);
201. $query->get();
202. }
203.  
204. protected $table = 'mailing_list_departments';
205.  
206. public $timestamps = false;
207.  
208. protected $primaryKey = 'Id';
209.  
210. protected $fillable =
211. ['Department'];
212.  
213. protected $table = 'mailing_list_users_departments_bridge';
214.  
215. protected $primaryKey = ['UserId','DepartmentId'];
216. public $incrementing = false;
217.  
218. public $timestamps = false;
219.  
220. use CompositeKeyTrait;
221.  
222. protected $fillable =
223. ['UserId',
224. 'DepartmentId'
225. ];
226.  
227. protected $table = 'campaigns';
228.  
229. protected $primaryKey = 'Id';
230.  
231. protected $fillable = ['Name',
232. 'Description',
233. 'Assignee',
234. 'Status'];
235.  
236. public static function updateCampaign($campaign,$description,$assignee,$status) {
237. $query = Campaign::query();
238. $query->where('Id',$campaign->Id);
239. $update = array();
240. if(!empty($description)) {
241. $update['Description'] = $description;
242. }
243. if(!empty($assignee)) {
244. $update['Assignee'] = $assignee;
245. }
246. if(!empty($status)) {
247. $update['Status'] = $status;
248. }
249.  
250. $query->update($update);
251. $query->get();
252. }
253.  
254. public static function getAllActiveCampaigns() {
255. return Campaign::where('Status','active')->get();
256. }
257.  
258. protected $table = 'sent_email';
259.  
260. public $timestamps = false;
261.  
262. protected $primaryKey = 'Id';
263.  
264. protected $fillable = ['UserId',
265. 'CampaignId',
266. 'Timestamp'];
267.  
268. if(Auth::check()) { ... }
269.  
270. if(!Auth::check()) {
271. // throw exception or return
272. }
273. // rest of method logic
274.  
275. if(!empty($fromEmail) && !empty($template) && !empty($campaign)) {
276.  
277. $password = $cryptor->decrypt($fromEmail->Password);
278.  
279. $templateClass = "\App\Mail\$template->Mailable";
280.  
281. $templateClass = 'AppMail' . $template->Mailable;
282.  
283. $templateClass = 'AppMail' . $template . '->Mailable';
284.  
285. $templateClass = "\App\Mail\{$template->Mailable}";
286.  
287. if($sendingChoice == 'user') {
288.  
289. protected function iv_bytes()
290. {
291. return openssl_cipher_iv_length($this->method);
292. }
293.  
294. public function __construct($key = false, $method = false)
295. {
296.  
297. file_get_contents('../../' . getenv('CRYPTOR_SECRET_KEY'));
298.  
299. file_get_contents(getenv('CRYPTOR_SECRET_KEY_PATH'));
300.  
301. protected $table = 'campaign_email_addresses';
302.  
303. protected $primaryKey = 'EmailAddress';
304.  
305. public $incrementing = false;
306.  
307. protected $fillable = ['EmailAddress',
308. 'Name',
309. 'Password'];
310.  
311. // a method that must be implemented in all inheriting classes
312. public abstract function update() {}
313.  
314. // a method with concrete implementation that can be overridden in inheriting class
315. public function getById($id) {
316. // validate id as int
317. // build query to show "visible" database fields
318. $query = 'SELECT' . [visible fields defined in inheriting class] .
319. 'FROM' . [table as defined in inheriting class] .
320. 'WHERE' . [primary key as defined in inheriting class] . '= ?';
321. // execute prepared statement
322. }