This is kind of similar to: #414294: Option to resend emails when submission is modified

However, this is more for adding a manual resend operation on the submission results table. Created a new function to handle the actual sending mail part and cleaned up a few things I noticed as I've been going through.

Comments

markhalliwell’s picture

Title: Allow administers to resend existing submissions » Allow administrators to resend existing submissions

Gotta love long work days and misspelled titles lol

quicksketch’s picture

Thanks for the patch. I think this could use a little more work in the way that e-mails are sent. The biggest problem I see is that the node/[nid]/submission/[sid]/resend path is vulnerable to CSRF attacks. If a URL performs an action directly, it needs to be protected by a unique token or hash of some kind. I definitely like the splitting out of the e-mail functionality into its own function, that's been on my clean-up list for a long time.

Rather than having the node/[nid]/submission/[sid]/resend URL send e-mails directly, I think it may be a good idea to change this URL into a form. Then the CSRF problem is fixed by Form API, and it gives you the flexibility necessary to handle sending multiple e-mails. I imagine that users may want to resend the e-mail to only one address rather than sending it to both the end user and the administrators (say if you have set up multiple e-mails under the Webform e-mail configuration). Perhaps a list of checkboxes that shows which e-mails it will be sent to?

markhalliwell’s picture

I don't see how it's vulnerable to a CSRF attack when that menu item access is checked to see if the user has permissions, which in this case it's simply the same as the report view. Could you explain?

That being said, I do like the idea of being able to select which emails you can resend it to instead of just going to town on all of them. So perhaps a simple checklist form would be more appropriate.

quicksketch’s picture

I don't see how it's vulnerable to a CSRF attack when that menu item access is checked to see if the user has permissions, which in this case it's simply the same as the report view. Could you explain?

A cross-site request forgery is done by having a user that *is already authenticated* hit that URL unintentionally. Say for example I were to put on this page an image like this: <img src="http://yoursite.com/node/10/submission/20/resend" /> and you were logged into yoursite.com. I would make it so that you would unintentionally resend the e-mail just by viewing this page, since your browser would send your session information to that URL.

markhalliwell’s picture

StatusFileSize
new18.5 KB

Ahhh, Ok. Well here's a new patch :) This is actually a better implementation anyway. One thing that I did forget to put in was some doxygen above the new functions.

markhalliwell’s picture

Status: Needs review » Reviewed & tested by the community
quicksketch’s picture

Status: Reviewed & tested by the community » Needs review

Heh, easy there cowboy. ;)

markhalliwell’s picture

Sorry

quicksketch’s picture

I'm reviewing this patch now, so far so good. There are a few things that I'd like to correct while we're "under the hood" on this particular topic. I'm planning on moving the e-mail submission code from webform.module to webform.submissions.inc, since this file is already loaded at the time submissions are being sent. That should save us around 100 lines of code that doesn't need to be parsed on every single Drupal request.

FYI, the only real "gotcha" I've found so far is that you used $form['#post'] instead of $form_state['values'], which is a huge no-no, since raw POST requests can be spoofed making it so that the user could utilized your server to send e-mails other than the ones specified in the form.

I'll continue looking over this and I expect I'll put up a revised patch (and a likely commit) after I get it polished. Thanks!

quicksketch’s picture

Status: Needs review » Fixed
StatusFileSize
new25.67 KB
new25.66 KB

Alright I've committed this patch which makes the following rather large-scale changes:

- E-mail submission code is moved to webform.submissions.inc from webform.module.
- All submission links other than view, edit, and delete have been remove from the submission listing. Instead things like print, download PDF, and this new "Resend e-mails" actions are now only accessible when viewing or editing a submission. This reduces the confusion on the overall listing of submissions, which was looking pretty silly when you had all these links at the same time.
- I added a new hook: hook_webform_submission_actions(), so any module can add additional actions to be performed on submissions. Hopefully we'll be able to move our print module integration out into print module utilizing this new hook, since I'm sort of regretting having such 3rd party code directly in the module.

Thanks Mark Carver for your work on this issue. I think this will be a valuable feature and it certainly wouldn't have happened without your effort.

markhalliwell’s picture

Awesome :) Just glad I could help!

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.