mirror of
https://github.com/itflow-org/itflow
synced 2026-06-25 11:11:06 +00:00
Bump PHPMailer from 7.0.2 to 7.1.1
This commit is contained in:
johnnyq
@@ -6,9 +6,9 @@
|
||||
|
||||
[](https://github.com/PHPMailer/PHPMailer/actions)
|
||||
[](https://codecov.io/gh/PHPMailer/PHPMailer)
|
||||
[](https://packagist.org/packages/phpmailer/phpmailer)
|
||||
[](https://packagist.org/packages/phpmailer/phpmailer)
|
||||
[](https://packagist.org/packages/phpmailer/phpmailer)
|
||||
[](https://packagist.org/packages/phpmailer/phpmailer)
|
||||
[](https://packagist.org/packages/phpmailer/phpmailer)
|
||||
[](https://packagist.org/packages/phpmailer/phpmailer)
|
||||
[](https://phpmailer.github.io/PHPMailer/)
|
||||
[](https://api.securityscorecards.dev/projects/github.com/PHPMailer/PHPMailer)
|
||||
|
||||
@@ -78,7 +78,7 @@ require 'path/to/PHPMailer/src/SMTP.php';
|
||||
If you're not using the `SMTP` class explicitly (you're probably not), you don't need a `use` line for it. Even if you're not using exceptions, you do still need to load the `Exception` class as it is used internally.
|
||||
|
||||
## Legacy versions
|
||||
PHPMailer 5.2 (which is compatible with PHP 5.0 — 7.0) is no longer supported, even for security updates. You will find the latest version of 5.2 in the [5.2-stable branch](https://github.com/PHPMailer/PHPMailer/tree/5.2-stable). If you're using PHP 5.5 or later (which you should be), switch to the 6.x releases.
|
||||
PHPMailer 5.2 (which is compatible with PHP 5.0 — 7.0) is no longer supported, even for security updates. You will find the latest version of 5.2 in the [5.2-stable branch](https://github.com/PHPMailer/PHPMailer/tree/5.2-stable). If you're using PHP 5.5 or later (which you should be), upgrade to a later release.
|
||||
|
||||
### Upgrading from 5.2
|
||||
The biggest changes are that source files are now in the `src/` folder, and PHPMailer now declares the namespace `PHPMailer\PHPMailer`. This has several important effects – [read the upgrade guide](https://github.com/PHPMailer/PHPMailer/tree/master/UPGRADING.md) for more details.
|
||||
|
||||
@@ -1 +1 @@
|
||||
7.0.2
|
||||
7.1.1
|
||||
|
||||
@@ -24,7 +24,7 @@
|
||||
$PHPMAILER_LANG['invalid_host'] = 'Ugyldig vert: ';
|
||||
$PHPMAILER_LANG['mailer_not_supported'] = ' sender er ikke støttet.';
|
||||
$PHPMAILER_LANG['provide_address'] = 'Du må oppgi minst én mottaker-e-postadresse.';
|
||||
$PHPMAILER_LANG['recipients_failed'] = 'SMTP Feil: Følgende mottakeradresse feilet: ';
|
||||
$PHPMAILER_LANG['recipients_failed'] = 'SMTP-feil: Følgende mottakeradresser feilet: ';
|
||||
$PHPMAILER_LANG['signing'] = 'Signeringsfeil: ';
|
||||
$PHPMAILER_LANG['smtp_code'] = 'SMTP-kode: ';
|
||||
$PHPMAILER_LANG['smtp_code_ex'] = 'Ytterligere SMTP-info: ';
|
||||
|
||||
@@ -8,6 +8,7 @@
|
||||
* @author Mehmet Benlioğlu
|
||||
* @author @yasinaydin
|
||||
* @author Ogün Karakuş
|
||||
* @author Mustafa Deniz Buksur
|
||||
*/
|
||||
|
||||
$PHPMAILER_LANG['authenticate'] = 'SMTP Hatası: Oturum açılamadı.';
|
||||
@@ -36,3 +37,7 @@ $PHPMAILER_LANG['smtp_connect_failed'] = 'SMTP connect() fonksiyonu başarısı
|
||||
$PHPMAILER_LANG['smtp_detail'] = 'SMTP SMTP Detayı: ';
|
||||
$PHPMAILER_LANG['smtp_error'] = 'SMTP sunucu hatası: ';
|
||||
$PHPMAILER_LANG['variable_set'] = 'Değişken ayarlanamadı ya da sıfırlanamadı: ';
|
||||
$PHPMAILER_LANG['no_smtputf8'] = 'Unicode adreslere gönderim için gereken SMTPUTF8 desteği sunucu tarafından desteklenmiyor.';
|
||||
$PHPMAILER_LANG['imap_recommended'] = 'Basitleştirilmiş adres ayrıştırıcısını kullanmanız önerilmez. ' .
|
||||
'Tam RFC822 ayrıştırma için PHP IMAP eklentisini yükleyin.';
|
||||
$PHPMAILER_LANG['deprecated_argument'] = 'Kullanımdan kaldırılmış argüman: ';
|
||||
|
||||
@@ -59,6 +59,7 @@ class PHPMailer
|
||||
const ICAL_METHOD_REFRESH = 'REFRESH';
|
||||
const ICAL_METHOD_COUNTER = 'COUNTER';
|
||||
const ICAL_METHOD_DECLINECOUNTER = 'DECLINECOUNTER';
|
||||
const RFC822_DATE_FORMAT = 'D, j M Y H:i:s O';
|
||||
|
||||
/**
|
||||
* Email priority.
|
||||
@@ -77,7 +78,7 @@ class PHPMailer
|
||||
public $CharSet = self::CHARSET_ISO88591;
|
||||
|
||||
/**
|
||||
* The MIME Content-type of the message.
|
||||
* The MIME Content-Type of the message.
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
@@ -159,7 +160,7 @@ class PHPMailer
|
||||
public $Ical = '';
|
||||
|
||||
/**
|
||||
* Value-array of "method" in Contenttype header "text/calendar"
|
||||
* Value-array of "method" in Content-Type header "text/calendar"
|
||||
*
|
||||
* @var string[]
|
||||
*/
|
||||
@@ -768,7 +769,7 @@ class PHPMailer
|
||||
*
|
||||
* @var string
|
||||
*/
|
||||
const VERSION = '7.0.2';
|
||||
const VERSION = '7.1.1';
|
||||
|
||||
/**
|
||||
* Error severity: message only, continue processing.
|
||||
@@ -1283,26 +1284,27 @@ class PHPMailer
|
||||
/**
|
||||
* Parse and validate a string containing one or more RFC822-style comma-separated email addresses
|
||||
* of the form "display name <address>" into an array of name/address pairs.
|
||||
* Uses the imap_rfc822_parse_adrlist function if the IMAP extension is available.
|
||||
* Uses the imap_rfc822_parse_adrlist function if the IMAP extension is available and
|
||||
* the deprecated $useimap argument is truthy.
|
||||
* Note that quotes in the name part are removed.
|
||||
*
|
||||
* @see https://www.andrew.cmu.edu/user/agreen1/testing/mrbs/web/Mail/RFC822.php A more careful implementation
|
||||
*
|
||||
* @param string $addrstr The address list string
|
||||
* @param null $useimap Unused. Argument has been deprecated in PHPMailer 6.11.0.
|
||||
* Previously this argument determined whether to use
|
||||
* the IMAP extension to parse the list and accepted a boolean value.
|
||||
* @param bool|null $useimap Deprecated in PHPMailer 6.11.0.
|
||||
* Truthy values request the deprecated IMAP parser
|
||||
* and trigger a deprecation warning.
|
||||
* @param string $charset The charset to use when decoding the address list string.
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public static function parseAddresses($addrstr, $useimap = null, $charset = self::CHARSET_ISO88591)
|
||||
{
|
||||
if ($useimap !== null) {
|
||||
if ($useimap == true) {
|
||||
trigger_error(self::lang('deprecated_argument') . '$useimap', E_USER_DEPRECATED);
|
||||
}
|
||||
$addresses = [];
|
||||
if (function_exists('imap_rfc822_parse_adrlist')) {
|
||||
if ($useimap == true && function_exists('imap_rfc822_parse_adrlist')) {
|
||||
//Use this built-in parser if it's available
|
||||
// phpcs:ignore PHPCompatibility.FunctionUse.RemovedFunctions.imap_rfc822_parse_adrlistRemoved -- wrapped in function_exists()
|
||||
$list = imap_rfc822_parse_adrlist($addrstr, '');
|
||||
@@ -1779,6 +1781,8 @@ class PHPMailer
|
||||
|
||||
//Trim subject consistently
|
||||
$this->Subject = trim($this->Subject);
|
||||
|
||||
|
||||
//Create body before headers in case body makes changes to headers (e.g. altering transfer encoding)
|
||||
$this->MIMEHeader = '';
|
||||
$this->MIMEBody = $this->createBody();
|
||||
@@ -1853,7 +1857,7 @@ class PHPMailer
|
||||
return $this->mailSend($this->MIMEHeader, $this->MIMEBody);
|
||||
default:
|
||||
$sendMethod = $this->Mailer . 'Send';
|
||||
if (method_exists($this, $sendMethod)) {
|
||||
if (!empty($this->Mailer) && method_exists($this, $sendMethod)) {
|
||||
return $this->{$sendMethod}($this->MIMEHeader, $this->MIMEBody);
|
||||
}
|
||||
|
||||
@@ -1911,7 +1915,7 @@ class PHPMailer
|
||||
|
||||
// CVE-2016-10033, CVE-2016-10045: Don't pass -f if characters will be escaped.
|
||||
// Also don't add the -f automatically unless it has been set either via Sender
|
||||
// or sendmail_path. Otherwise it can introduce new problems.
|
||||
// or sendmail_path. Otherwise, it can introduce new problems.
|
||||
// @see http://github.com/PHPMailer/PHPMailer/issues/2298
|
||||
if (!empty($this->Sender) && static::validateAddress($this->Sender) && self::isShellSafe($this->Sender)) {
|
||||
$sendmailArgs[] = '-f' . $this->Sender;
|
||||
@@ -2510,7 +2514,7 @@ class PHPMailer
|
||||
'authenticate' => 'SMTP Error: Could not authenticate.',
|
||||
'buggy_php' => 'Your version of PHP is affected by a bug that may result in corrupted messages.' .
|
||||
' To fix it, switch to sending using SMTP, disable the mail.add_x_header option in' .
|
||||
' your php.ini, switch to MacOS or Linux, or upgrade your PHP to version 7.0.17+ or 7.1.3+.',
|
||||
' your php.ini, switch to macOS or Linux, or upgrade your PHP to version 7.0.17+ or 7.1.3+.',
|
||||
'connect_host' => 'SMTP Error: Could not connect to SMTP host.',
|
||||
'data_not_accepted' => 'SMTP Error: data not accepted.',
|
||||
'empty_message' => 'Message body empty',
|
||||
@@ -2847,7 +2851,10 @@ class PHPMailer
|
||||
{
|
||||
$result = '';
|
||||
|
||||
$result .= $this->headerLine('Date', '' === $this->MessageDate ? self::rfcDate() : $this->MessageDate);
|
||||
$result .= $this->headerLine(
|
||||
'Date',
|
||||
self::sanitiseDate($this->MessageDate)
|
||||
);
|
||||
|
||||
//The To header is created automatically by mail(), so needs to be omitted here
|
||||
if ('mail' !== $this->Mailer) {
|
||||
@@ -2916,7 +2923,7 @@ class PHPMailer
|
||||
);
|
||||
} elseif (is_string($this->XMailer) && trim($this->XMailer) !== '') {
|
||||
//Some string
|
||||
$result .= $this->headerLine('X-Mailer', trim($this->XMailer));
|
||||
$result .= $this->headerLine('X-Mailer', $this->secureHeader(trim($this->XMailer)));
|
||||
} //Other values result in no X-Mailer header
|
||||
|
||||
if ('' !== $this->ConfirmReadingTo) {
|
||||
@@ -2966,13 +2973,20 @@ class PHPMailer
|
||||
break;
|
||||
default:
|
||||
//Catches case 'plain': and case '':
|
||||
$result .= $this->textLine('Content-Type: ' . $this->ContentType . '; charset=' . $this->CharSet);
|
||||
$result .= $this->textLine(
|
||||
'Content-Type: ' .
|
||||
$this->secureHeader($this->ContentType) .
|
||||
'; charset=' . $this->secureHeader($this->CharSet)
|
||||
);
|
||||
$ismultipart = false;
|
||||
break;
|
||||
}
|
||||
if (!$this->validateEncoding($this->Encoding)) {
|
||||
throw new Exception(self::lang('encoding') . $this->Encoding);
|
||||
}
|
||||
//RFC1341 part 5 says 7bit is assumed if not specified
|
||||
if (static::ENCODING_7BIT !== $this->Encoding) {
|
||||
//RFC 2045 section 6.4 says multipart MIME parts may only use 7bit, 8bit or binary CTE
|
||||
//RFC 2045 section 6.4 says multipart MIME parts may only use 7bit, 8bit, or binary CTE
|
||||
if ($ismultipart) {
|
||||
if (static::ENCODING_8BIT === $this->Encoding) {
|
||||
$result .= $this->headerLine('Content-Transfer-Encoding', static::ENCODING_8BIT);
|
||||
@@ -3047,6 +3061,9 @@ class PHPMailer
|
||||
|
||||
$this->setWordWrap();
|
||||
|
||||
if (!$this->validateEncoding($this->Encoding)) {
|
||||
throw new Exception(self::lang('encoding') . $this->Encoding);
|
||||
}
|
||||
$bodyEncoding = $this->Encoding;
|
||||
$bodyCharSet = $this->CharSet;
|
||||
//Can we do a 7-bit downgrade?
|
||||
@@ -4166,7 +4183,7 @@ class PHPMailer
|
||||
protected function validateEncoding($encoding)
|
||||
{
|
||||
return in_array(
|
||||
$encoding,
|
||||
strtolower($encoding),
|
||||
[
|
||||
self::ENCODING_7BIT,
|
||||
self::ENCODING_QUOTED_PRINTABLE,
|
||||
@@ -4426,7 +4443,7 @@ class PHPMailer
|
||||
}
|
||||
|
||||
/**
|
||||
* Return an RFC 822 formatted date.
|
||||
* Return the current date and time as an RFC 822 formatted date.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
@@ -4436,7 +4453,51 @@ class PHPMailer
|
||||
//Will default to UTC if it's not set properly in php.ini
|
||||
date_default_timezone_set(@date_default_timezone_get());
|
||||
|
||||
return date('D, j M Y H:i:s O');
|
||||
return date(self::RFC822_DATE_FORMAT);
|
||||
}
|
||||
|
||||
/**
|
||||
* Normalise a user-supplied date into a correctly-formatted RFC 5322 date value
|
||||
* string suitable for use in the Date header.
|
||||
*
|
||||
* Accepts:
|
||||
* - A {@see \DateTime} (or \DateTimeImmutable) object
|
||||
* - Any date/time string understood by PHP's DateTime constructor (RFC 5322, ISO 8601,
|
||||
* Unix timestamp with leading "@", natural-language strings, etc.)
|
||||
*
|
||||
* Dates in the future are not permitted for email headers; if the parsed date is later
|
||||
* than "now" the method falls back to the current time via {@see self::rfcDate()}.
|
||||
* An empty value, a non-string/non-DateTime argument, or any value that cannot be
|
||||
* parsed will likewise fall back to {@see self::rfcDate()}.
|
||||
*
|
||||
* @param \DateTime|\DateTimeImmutable|string $date The date to normalise
|
||||
*
|
||||
* @return string An RFC 5322-formatted date string
|
||||
*/
|
||||
private static function sanitiseDate($date)
|
||||
{
|
||||
try {
|
||||
//Ensure the default timezone is set properly
|
||||
date_default_timezone_set(@date_default_timezone_get());
|
||||
|
||||
if ($date instanceof \DateTimeInterface) {
|
||||
$dt = $date;
|
||||
} elseif (is_string($date) && $date !== '') {
|
||||
$dt = new \DateTime($date);
|
||||
} else {
|
||||
//Empty string, null, or any unsupported type
|
||||
return self::rfcDate();
|
||||
}
|
||||
|
||||
//Reject future dates — they are invalid for outgoing message headers
|
||||
if ($dt->getTimestamp() > time()) {
|
||||
return self::rfcDate();
|
||||
}
|
||||
|
||||
return $dt->format(self::RFC822_DATE_FORMAT);
|
||||
} catch (\Exception $e) {
|
||||
return self::rfcDate();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -47,7 +47,7 @@ class POP3
|
||||
* @var string
|
||||
* @deprecated This constant will be removed in PHPMailer 8.0. Use `PHPMailer::VERSION` instead.
|
||||
*/
|
||||
const VERSION = '7.0.2';
|
||||
const VERSION = '7.1.1';
|
||||
|
||||
/**
|
||||
* Default POP3 port number.
|
||||
@@ -212,9 +212,9 @@ class POP3
|
||||
} else {
|
||||
$this->tval = (int) $timeout;
|
||||
}
|
||||
$this->do_debug = $debug_level;
|
||||
$this->username = $username;
|
||||
$this->password = $password;
|
||||
$this->do_debug = (int) $debug_level;
|
||||
$this->username = self::stripControls($username);
|
||||
$this->password = self::stripControls($password);
|
||||
//Reset the error log
|
||||
$this->errors = [];
|
||||
//Connect
|
||||
@@ -319,7 +319,8 @@ class POP3
|
||||
if (empty($password)) {
|
||||
$password = $this->password;
|
||||
}
|
||||
|
||||
$username = self::stripControls($username);
|
||||
$password = self::stripControls($password);
|
||||
//Send the Username
|
||||
$this->sendString("USER $username" . static::LE);
|
||||
$pop3_response = $this->getResponse();
|
||||
@@ -407,7 +408,7 @@ class POP3
|
||||
|
||||
/**
|
||||
* Checks the POP3 server response.
|
||||
* Looks for for +OK or -ERR.
|
||||
* Looks for +OK or -ERR.
|
||||
*
|
||||
* @param string $string
|
||||
*
|
||||
@@ -467,4 +468,16 @@ class POP3
|
||||
"errno: $errno errstr: $errstr; errfile: $errfile; errline: $errline"
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Strip all control chars from a string.
|
||||
*
|
||||
* @param $string
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
protected static function stripControls($string)
|
||||
{
|
||||
return preg_replace('/[\x00-\x1F\x7F]/u', '', $string);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -36,7 +36,7 @@ class SMTP
|
||||
* @var string
|
||||
* @deprecated This constant will be removed in PHPMailer 8.0. Use `PHPMailer::VERSION` instead.
|
||||
*/
|
||||
const VERSION = '7.0.2';
|
||||
const VERSION = '7.1.1';
|
||||
|
||||
/**
|
||||
* SMTP line break constant.
|
||||
@@ -1289,7 +1289,7 @@ class SMTP
|
||||
* 3. EHLO has been sent -
|
||||
* $name == 'HELO'|'EHLO': returns the server name
|
||||
* $name == any other string: if extension $name exists, returns True
|
||||
* or its options (e.g. AUTH mechanisms supported). Otherwise returns False.
|
||||
* or its options (e.g. AUTH mechanisms supported). Otherwise, returns False.
|
||||
*
|
||||
* @param string $name Name of SMTP extension or 'HELO'|'EHLO'
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user