From c935faeff057ca7be262569c74283b2926d34894 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Tue, 17 Jan 2023 11:52:49 -0500 Subject: [PATCH] Bump PHPMailer from 6.5.3 to 6.7.1 --- plugins/PHPMailer/README.md | 25 ++- plugins/PHPMailer/VERSION | 1 + plugins/PHPMailer/VERSION.md | 1 - plugins/PHPMailer/composer.json | 23 +- plugins/PHPMailer/get_oauth_token.php | 64 ++++-- .../PHPMailer/language/phpmailer.lang-ch.php | 27 --- .../PHPMailer/language/phpmailer.lang-da.php | 10 +- .../PHPMailer/language/phpmailer.lang-el.php | 41 ++-- .../PHPMailer/language/phpmailer.lang-es.php | 4 + .../PHPMailer/language/phpmailer.lang-fr.php | 2 +- .../PHPMailer/language/phpmailer.lang-mn.php | 27 +++ .../PHPMailer/language/phpmailer.lang-pl.php | 13 +- plugins/PHPMailer/src/OAuth.php | 2 +- plugins/PHPMailer/src/OAuthTokenProvider.php | 44 ++++ plugins/PHPMailer/src/PHPMailer.php | 206 +++++++++++++----- plugins/PHPMailer/src/POP3.php | 9 +- plugins/PHPMailer/src/SMTP.php | 11 +- 17 files changed, 355 insertions(+), 155 deletions(-) create mode 100644 plugins/PHPMailer/VERSION delete mode 100644 plugins/PHPMailer/VERSION.md delete mode 100644 plugins/PHPMailer/language/phpmailer.lang-ch.php create mode 100644 plugins/PHPMailer/language/phpmailer.lang-mn.php create mode 100644 plugins/PHPMailer/src/OAuthTokenProvider.php diff --git a/plugins/PHPMailer/README.md b/plugins/PHPMailer/README.md index 81b08976..3bba8262 100644 --- a/plugins/PHPMailer/README.md +++ b/plugins/PHPMailer/README.md @@ -1,3 +1,5 @@ +[![SWUbanner](https://raw.githubusercontent.com/vshymanskyy/StandWithUkraine/main/banner2-direct.svg)](https://supportukrainenow.org/) + ![PHPMailer](https://raw.github.com/PHPMailer/PHPMailer/master/examples/images/phpmailer.png) # PHPMailer – A full-featured email creation and transfer class for PHP @@ -8,12 +10,13 @@ [![Total Downloads](https://poser.pugx.org/phpmailer/phpmailer/downloads)](https://packagist.org/packages/phpmailer/phpmailer) [![License](https://poser.pugx.org/phpmailer/phpmailer/license.svg)](https://packagist.org/packages/phpmailer/phpmailer) [![API Docs](https://github.com/phpmailer/phpmailer/workflows/Docs/badge.svg)](https://phpmailer.github.io/PHPMailer/) +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/PHPMailer/PHPMailer/badge)](https://api.securityscorecards.dev/projects/github.com/PHPMailer/PHPMailer) ## Features - Probably the world's most popular code for sending email from PHP! - Used by many open-source projects: WordPress, Drupal, 1CRM, SugarCRM, Yii, Joomla! and many more - Integrated SMTP support – send without a local mail server -- Send emails with multiple To, CC, BCC and Reply-to addresses +- Send emails with multiple To, CC, BCC, and Reply-to addresses - Multipart/alternative emails for mail clients that do not read HTML email - Add attachments, including inline - Support for UTF-8 content and 8bit, base64, binary, and quoted-printable encodings @@ -22,7 +25,7 @@ - Protects against header injection attacks - Error messages in over 50 languages! - DKIM and S/MIME signing support -- Compatible with PHP 5.5 and later, including PHP 8.1 +- Compatible with PHP 5.5 and later, including PHP 8.2 - Namespaced to prevent name clashes - Much more! @@ -35,7 +38,7 @@ The PHP `mail()` function usually sends via a local mail server, typically front *Please* don't be tempted to do it yourself – if you don't use PHPMailer, there are many other excellent libraries that you should look at before rolling your own. Try [SwiftMailer](https://swiftmailer.symfony.com/) -, [Laminas/Mail](https://docs.laminas.dev/laminas-mail/), [ZetaComponents](https://github.com/zetacomponents/Mail) etc. +, [Laminas/Mail](https://docs.laminas.dev/laminas-mail/), [ZetaComponents](https://github.com/zetacomponents/Mail), etc. ## License This software is distributed under the [LGPL 2.1](http://www.gnu.org/licenses/lgpl-2.1.html) license, along with the [GPL Cooperation Commitment](https://gplcc.github.io/gplcc/). Please read [LICENSE](https://github.com/PHPMailer/PHPMailer/blob/master/LICENSE) for information on the software availability and distribution. @@ -44,7 +47,7 @@ This software is distributed under the [LGPL 2.1](http://www.gnu.org/licenses/lg PHPMailer is available on [Packagist](https://packagist.org/packages/phpmailer/phpmailer) (using semantic versioning), and installation via [Composer](https://getcomposer.org) is the recommended way to install PHPMailer. Just add this line to your `composer.json` file: ```json -"phpmailer/phpmailer": "^6.5" +"phpmailer/phpmailer": "^6.7.1" ``` or run @@ -133,14 +136,14 @@ try { } ``` -You'll find plenty to play with in the [examples](https://github.com/PHPMailer/PHPMailer/tree/master/examples) folder, which covers many common scenarios including sending through gmail, building contact forms, sending to mailing lists, and more. +You'll find plenty to play with in the [examples](https://github.com/PHPMailer/PHPMailer/tree/master/examples) folder, which covers many common scenarios including sending through Gmail, building contact forms, sending to mailing lists, and more. If you are re-using the instance (e.g. when sending to a mailing list), you may need to clear the recipient list to avoid sending duplicate messages. See [the mailing list example](https://github.com/PHPMailer/PHPMailer/blob/master/examples/mailing_list.phps) for further guidance. That's it. You should now be ready to use PHPMailer! ## Localization -PHPMailer defaults to English, but in the [language](https://github.com/PHPMailer/PHPMailer/tree/master/language/) folder you'll find many translations for PHPMailer error messages that you may encounter. Their filenames contain [ISO 639-1](http://en.wikipedia.org/wiki/ISO_639-1) language code for the translations, for example `fr` for French. To specify a language, you need to tell PHPMailer which one to use, like this: +PHPMailer defaults to English, but in the [language](https://github.com/PHPMailer/PHPMailer/tree/master/language/) folder, you'll find many translations for PHPMailer error messages that you may encounter. Their filenames contain [ISO 639-1](http://en.wikipedia.org/wiki/ISO_639-1) language code for the translations, for example `fr` for French. To specify a language, you need to tell PHPMailer which one to use, like this: ```php //To load the French version @@ -175,9 +178,9 @@ Please disclose any vulnerabilities found responsibly – report security issues See [SECURITY](https://github.com/PHPMailer/PHPMailer/tree/master/SECURITY.md) and [PHPMailer's security advisories on GitHub](https://github.com/PHPMailer/PHPMailer/security). ## Contributing -Please submit bug reports, suggestions and pull requests to the [GitHub issue tracker](https://github.com/PHPMailer/PHPMailer/issues). +Please submit bug reports, suggestions, and pull requests to the [GitHub issue tracker](https://github.com/PHPMailer/PHPMailer/issues). -We're particularly interested in fixing edge-cases, expanding test coverage and updating translations. +We're particularly interested in fixing edge cases, expanding test coverage, and updating translations. If you found a mistake in the docs, or want to add something, go ahead and amend the wiki – anyone can edit it. @@ -201,7 +204,7 @@ Donations are very welcome, whether in beer 🍺, T-shirts 👕, or cold, hard c Available as part of the Tidelift Subscription. The maintainers of PHPMailer and thousands of other packages are working with Tidelift to deliver commercial -support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and +support and maintenance for the open-source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.](https://tidelift.com/subscription/pkg/packagist-phpmailer-phpmailer?utm_source=packagist-phpmailer-phpmailer&utm_medium=referral&utm_campaign=enterprise&utm_term=repo) @@ -219,9 +222,9 @@ See [changelog](changelog.md). ### What's changed since moving from SourceForge? - Official successor to the SourceForge and Google Code projects. - Test suite. -- Continuous integration with Github Actions. +- Continuous integration with GitHub Actions. - Composer support. - Public development. - Additional languages and language strings. - CRAM-MD5 authentication support. -- Preserves full repo history of authors, commits and branches from the original SourceForge project. +- Preserves full repo history of authors, commits, and branches from the original SourceForge project. diff --git a/plugins/PHPMailer/VERSION b/plugins/PHPMailer/VERSION new file mode 100644 index 00000000..1d420242 --- /dev/null +++ b/plugins/PHPMailer/VERSION @@ -0,0 +1 @@ +6.7.1 \ No newline at end of file diff --git a/plugins/PHPMailer/VERSION.md b/plugins/PHPMailer/VERSION.md deleted file mode 100644 index 73092f34..00000000 --- a/plugins/PHPMailer/VERSION.md +++ /dev/null @@ -1 +0,0 @@ -6.5.3 \ No newline at end of file diff --git a/plugins/PHPMailer/composer.json b/plugins/PHPMailer/composer.json index 28557f59..37e3d6e7 100644 --- a/plugins/PHPMailer/composer.json +++ b/plugins/PHPMailer/composer.json @@ -25,6 +25,11 @@ "type": "github" } ], + "config": { + "allow-plugins": { + "dealerdirect/phpcodesniffer-composer-installer": true + } + }, "require": { "php": ">=5.5.0", "ext-ctype": "*", @@ -32,21 +37,23 @@ "ext-hash": "*" }, "require-dev": { - "dealerdirect/phpcodesniffer-composer-installer": "^0.7.0", - "doctrine/annotations": "^1.2", - "php-parallel-lint/php-console-highlighter": "^0.5.0", - "php-parallel-lint/php-parallel-lint": "^1.3", + "dealerdirect/phpcodesniffer-composer-installer": "^0.7.2", + "doctrine/annotations": "^1.2.6 || ^1.13.3", + "php-parallel-lint/php-console-highlighter": "^1.0.0", + "php-parallel-lint/php-parallel-lint": "^1.3.2", "phpcompatibility/php-compatibility": "^9.3.5", "roave/security-advisories": "dev-latest", - "squizlabs/php_codesniffer": "^3.6.0", - "yoast/phpunit-polyfills": "^1.0.0" + "squizlabs/php_codesniffer": "^3.7.1", + "yoast/phpunit-polyfills": "^1.0.4" }, "suggest": { "ext-mbstring": "Needed to send email in multibyte encoding charset or decode encoded addresses", + "ext-openssl": "Needed for secure SMTP sending and DKIM signing", + "greew/oauth2-azure-provider": "Needed for Microsoft Azure XOAUTH2 authentication", "hayageek/oauth2-yahoo": "Needed for Yahoo XOAUTH2 authentication", "league/oauth2-google": "Needed for Google XOAUTH2 authentication", "psr/log": "For optional PSR-3 debug logging", - "stevenmaguire/oauth2-microsoft": "Needed for Microsoft XOAUTH2 authentication", + "thenetworg/oauth2-azure": "Needed for Microsoft XOAUTH2 authentication", "symfony/polyfill-mbstring": "To support UTF-8 if the Mbstring PHP extension is not enabled (^1.2)" }, "autoload": { @@ -65,7 +72,7 @@ "test": "./vendor/bin/phpunit --no-coverage", "coverage": "./vendor/bin/phpunit", "lint": [ - "@php ./vendor/php-parallel-lint/php-parallel-lint/parallel-lint . -e php,phps --exclude vendor --exclude .git --exclude build" + "@php ./vendor/php-parallel-lint/php-parallel-lint/parallel-lint . --show-deprecated -e php,phps --exclude vendor --exclude .git --exclude build" ] } } diff --git a/plugins/PHPMailer/get_oauth_token.php b/plugins/PHPMailer/get_oauth_token.php index befdc34a..cda0445c 100644 --- a/plugins/PHPMailer/get_oauth_token.php +++ b/plugins/PHPMailer/get_oauth_token.php @@ -44,14 +44,31 @@ use League\OAuth2\Client\Provider\Google; use Hayageek\OAuth2\Client\Provider\Yahoo; //@see https://github.com/stevenmaguire/oauth2-microsoft use Stevenmaguire\OAuth2\Client\Provider\Microsoft; +//@see https://github.com/greew/oauth2-azure-provider +use Greew\OAuth2\Client\Provider\Azure; -if (!isset($_GET['code']) && !isset($_GET['provider'])) { +if (!isset($_GET['code']) && !isset($_POST['provider'])) { ?> -Select Provider:
-Google
-Yahoo
-Microsoft/Outlook/Hotmail/Live/Office365
+ +
+

Select Provider

+ +
+ +
+ +
+ +
+

Enter id and secret

+

These details are obtained by setting up an app in your provider's developer console. +

+

ClientId:

+

ClientSecret:

+

TenantID (only relevant for Azure):

+ +
[ + 'https://outlook.office.com/SMTP.Send', + 'offline_access' + ] + ]; + break; } if (null === $provider) { diff --git a/plugins/PHPMailer/language/phpmailer.lang-ch.php b/plugins/PHPMailer/language/phpmailer.lang-ch.php deleted file mode 100644 index 500c9526..00000000 --- a/plugins/PHPMailer/language/phpmailer.lang-ch.php +++ /dev/null @@ -1,27 +0,0 @@ - - */ - -$PHPMAILER_LANG['authenticate'] = 'SMTP 错误:身份验证失败。'; -$PHPMAILER_LANG['connect_host'] = 'SMTP 错误: 不能连接SMTP主机。'; -$PHPMAILER_LANG['data_not_accepted'] = 'SMTP 错误: 数据不可接受。'; -//$PHPMAILER_LANG['empty_message'] = 'Message body empty'; -$PHPMAILER_LANG['encoding'] = '未知编码:'; -$PHPMAILER_LANG['execute'] = '不能执行: '; -$PHPMAILER_LANG['file_access'] = '不能访问文件:'; -$PHPMAILER_LANG['file_open'] = '文件错误:不能打开文件:'; -$PHPMAILER_LANG['from_failed'] = '下面的发送地址邮件发送失败了: '; -$PHPMAILER_LANG['instantiate'] = '不能实现mail方法。'; -//$PHPMAILER_LANG['invalid_address'] = 'Invalid address: '; -$PHPMAILER_LANG['mailer_not_supported'] = ' 您所选择的发送邮件的方法并不支持。'; -$PHPMAILER_LANG['provide_address'] = '您必须提供至少一个 收信人的email地址。'; -$PHPMAILER_LANG['recipients_failed'] = 'SMTP 错误: 下面的 收件人失败了: '; -//$PHPMAILER_LANG['signing'] = 'Signing Error: '; -//$PHPMAILER_LANG['smtp_connect_failed'] = 'SMTP Connect() failed.'; -//$PHPMAILER_LANG['smtp_error'] = 'SMTP server error: '; -//$PHPMAILER_LANG['variable_set'] = 'Cannot set or reset variable: '; -//$PHPMAILER_LANG['extension_missing'] = 'Extension missing: '; diff --git a/plugins/PHPMailer/language/phpmailer.lang-da.php b/plugins/PHPMailer/language/phpmailer.lang-da.php index 1edba1d7..8b7b38a6 100644 --- a/plugins/PHPMailer/language/phpmailer.lang-da.php +++ b/plugins/PHPMailer/language/phpmailer.lang-da.php @@ -14,16 +14,22 @@ $PHPMAILER_LANG['data_not_accepted'] = 'SMTP fejl: Data blev ikke accepteret. $PHPMAILER_LANG['empty_message'] = 'Meddelelsen er uden indhold'; $PHPMAILER_LANG['encoding'] = 'Ukendt encode-format: '; $PHPMAILER_LANG['execute'] = 'Kunne ikke afvikle: '; +$PHPMAILER_LANG['extension_missing'] = 'Udvidelse mangler: '; $PHPMAILER_LANG['file_access'] = 'Kunne ikke tilgå filen: '; $PHPMAILER_LANG['file_open'] = 'Fil fejl: Kunne ikke åbne filen: '; $PHPMAILER_LANG['from_failed'] = 'Følgende afsenderadresse er forkert: '; $PHPMAILER_LANG['instantiate'] = 'Email funktionen kunne ikke initialiseres.'; $PHPMAILER_LANG['invalid_address'] = 'Udgyldig adresse: '; +$PHPMAILER_LANG['invalid_header'] = 'Ugyldig header navn eller værdi'; +$PHPMAILER_LANG['invalid_hostentry'] = 'Ugyldig hostentry: '; +$PHPMAILER_LANG['invalid_host'] = 'Ugyldig vært: '; $PHPMAILER_LANG['mailer_not_supported'] = ' mailer understøttes ikke.'; $PHPMAILER_LANG['provide_address'] = 'Indtast mindst en modtagers email adresse.'; -$PHPMAILER_LANG['recipients_failed'] = 'SMTP fejl: Følgende modtagere er forkerte: '; +$PHPMAILER_LANG['recipients_failed'] = 'SMTP fejl: Følgende modtagere fejlede: '; $PHPMAILER_LANG['signing'] = 'Signeringsfejl: '; +$PHPMAILER_LANG['smtp_code'] = 'SMTP kode: '; +$PHPMAILER_LANG['smtp_code_ex'] = 'Yderligere SMTP info: '; $PHPMAILER_LANG['smtp_connect_failed'] = 'SMTP Connect() fejlede.'; +$PHPMAILER_LANG['smtp_detail'] = 'Detalje: '; $PHPMAILER_LANG['smtp_error'] = 'SMTP server fejl: '; $PHPMAILER_LANG['variable_set'] = 'Kunne ikke definere eller nulstille variablen: '; -$PHPMAILER_LANG['extension_missing'] = 'Udvidelse mangler: '; diff --git a/plugins/PHPMailer/language/phpmailer.lang-el.php b/plugins/PHPMailer/language/phpmailer.lang-el.php index b3d5ca94..339ee575 100644 --- a/plugins/PHPMailer/language/phpmailer.lang-el.php +++ b/plugins/PHPMailer/language/phpmailer.lang-el.php @@ -5,22 +5,29 @@ * @package PHPMailer */ -$PHPMAILER_LANG['authenticate'] = 'SMTP Σφάλμα: Αδυναμία πιστοποίησης (authentication).'; -$PHPMAILER_LANG['connect_host'] = 'SMTP Σφάλμα: Αδυναμία σύνδεσης στον SMTP-Host.'; -$PHPMAILER_LANG['data_not_accepted'] = 'SMTP Σφάλμα: Τα δεδομένα δεν έγιναν αποδεκτά.'; -$PHPMAILER_LANG['empty_message'] = 'Το E-Mail δεν έχει περιεχόμενο .'; -$PHPMAILER_LANG['encoding'] = 'Αγνωστο Encoding-Format: '; -$PHPMAILER_LANG['execute'] = 'Αδυναμία εκτέλεσης ακόλουθης εντολής: '; -$PHPMAILER_LANG['file_access'] = 'Αδυναμία προσπέλασης του αρχείου: '; -$PHPMAILER_LANG['file_open'] = 'Σφάλμα Αρχείου: Δεν είναι δυνατό το άνοιγμα του ακόλουθου αρχείου: '; -$PHPMAILER_LANG['from_failed'] = 'Η παρακάτω διεύθυνση αποστολέα δεν είναι σωστή: '; -$PHPMAILER_LANG['instantiate'] = 'Αδυναμία εκκίνησης Mail function.'; -$PHPMAILER_LANG['invalid_address'] = 'Το μήνυμα δεν εστάλη, η διεύθυνση δεν είναι έγκυρη: '; +$PHPMAILER_LANG['authenticate'] = 'Σφάλμα SMTP: Αδυναμία πιστοποίησης.'; +$PHPMAILER_LANG['buggy_php'] = 'Η έκδοση PHP που χρησιμοποιείτε παρουσιάζει σφάλμα που μπορεί να έχει ως αποτέλεσμα κατεστραμένα μηνύματα. Για να το διορθώσετε, αλλάξτε τον τρόπο αποστολής σε SMTP, απενεργοποιήστε την επιλογή mail.add_x_header στο αρχείο php.ini, αλλάξτε λειτουργικό σε MacOS ή Linux ή αναβαθμίστε την PHP σε έκδοση 7.0.17+ ή 7.1.3+.'; +$PHPMAILER_LANG['connect_host'] = 'Σφάλμα SMTP: Αδυναμία σύνδεσης με τον φιλοξενητή SMTP.'; +$PHPMAILER_LANG['data_not_accepted'] = 'Σφάλμα SMTP: Μη αποδεκτά δεδομένα.'; +$PHPMAILER_LANG['empty_message'] = 'Η ηλεκτρονική επιστολή δεν έχει περιεχόμενο.'; +$PHPMAILER_LANG['encoding'] = 'Άγνωστη μορφή κωδικοποίησης: '; +$PHPMAILER_LANG['execute'] = 'Αδυναμία εκτέλεσης: '; +$PHPMAILER_LANG['extension_missing'] = 'Απουσία επέκτασης: '; +$PHPMAILER_LANG['file_access'] = 'Αδυναμία πρόσβασης στο αρχείο: '; +$PHPMAILER_LANG['file_open'] = 'Σφάλμα Αρχείου: Αδυναμία ανοίγματος αρχείου: '; +$PHPMAILER_LANG['from_failed'] = 'Η ακόλουθη διεύθυνση αποστολέα δεν είναι σωστή: '; +$PHPMAILER_LANG['instantiate'] = 'Αδυναμία εκκίνησης συνάρτησης Mail.'; +$PHPMAILER_LANG['invalid_address'] = 'Μη έγκυρη διεύθυνση: '; +$PHPMAILER_LANG['invalid_header'] = 'Μη έγκυρο όνομα κεφαλίδας ή τιμή'; +$PHPMAILER_LANG['invalid_hostentry'] = 'Μη έγκυρη εισαγωγή φιλοξενητή: '; +$PHPMAILER_LANG['invalid_host'] = 'Μη έγκυρος φιλοξενητής: '; $PHPMAILER_LANG['mailer_not_supported'] = ' mailer δεν υποστηρίζεται.'; -$PHPMAILER_LANG['provide_address'] = 'Παρακαλούμε δώστε τουλάχιστον μια e-mail διεύθυνση παραλήπτη.'; -$PHPMAILER_LANG['recipients_failed'] = 'SMTP Σφάλμα: Οι παρακάτω διευθύνσεις παραλήπτη δεν είναι έγκυρες: '; +$PHPMAILER_LANG['provide_address'] = 'Δώστε τουλάχιστον μια ηλεκτρονική διεύθυνση παραλήπτη.'; +$PHPMAILER_LANG['recipients_failed'] = 'Σφάλμα SMTP: Οι παρακάτω διευθύνσεις παραλήπτη δεν είναι έγκυρες: '; $PHPMAILER_LANG['signing'] = 'Σφάλμα υπογραφής: '; -$PHPMAILER_LANG['smtp_connect_failed'] = 'Αποτυχία σύνδεσης στον SMTP Server.'; -$PHPMAILER_LANG['smtp_error'] = 'Σφάλμα από τον SMTP Server: '; -$PHPMAILER_LANG['variable_set'] = 'Αδυναμία ορισμού ή αρχικοποίησης μεταβλητής: '; -//$PHPMAILER_LANG['extension_missing'] = 'Extension missing: '; +$PHPMAILER_LANG['smtp_code'] = 'Κώδικάς SMTP: '; +$PHPMAILER_LANG['smtp_code_ex'] = 'Πρόσθετες πληροφορίες SMTP: '; +$PHPMAILER_LANG['smtp_connect_failed'] = 'Αποτυχία σύνδεσης SMTP.'; +$PHPMAILER_LANG['smtp_detail'] = 'Λεπτομέρεια: '; +$PHPMAILER_LANG['smtp_error'] = 'Σφάλμα με τον διακομιστή SMTP: '; +$PHPMAILER_LANG['variable_set'] = 'Αδυναμία ορισμού ή επαναφοράς μεταβλητής: '; diff --git a/plugins/PHPMailer/language/phpmailer.lang-es.php b/plugins/PHPMailer/language/phpmailer.lang-es.php index 6ba74627..69920418 100644 --- a/plugins/PHPMailer/language/phpmailer.lang-es.php +++ b/plugins/PHPMailer/language/phpmailer.lang-es.php @@ -4,6 +4,7 @@ * Spanish PHPMailer language file: refer to English translation for definitive list * @package PHPMailer * @author Matt Sturdy + * @author Crystopher Glodzienski Cardoso */ $PHPMAILER_LANG['authenticate'] = 'Error SMTP: Imposible autentificar.'; @@ -25,3 +26,6 @@ $PHPMAILER_LANG['smtp_connect_failed'] = 'SMTP Connect() falló.'; $PHPMAILER_LANG['smtp_error'] = 'Error del servidor SMTP: '; $PHPMAILER_LANG['variable_set'] = 'No se pudo configurar la variable: '; $PHPMAILER_LANG['extension_missing'] = 'Extensión faltante: '; +$PHPMAILER_LANG['smtp_code'] = 'Código del servidor SMTP: '; +$PHPMAILER_LANG['smtp_code_ex'] = 'Información adicional del servidor SMTP: '; +$PHPMAILER_LANG['invalid_header'] = 'Nombre o valor de encabezado no válido'; diff --git a/plugins/PHPMailer/language/phpmailer.lang-fr.php b/plugins/PHPMailer/language/phpmailer.lang-fr.php index 979e44b5..38a7a8e7 100644 --- a/plugins/PHPMailer/language/phpmailer.lang-fr.php +++ b/plugins/PHPMailer/language/phpmailer.lang-fr.php @@ -10,7 +10,7 @@ */ $PHPMAILER_LANG['authenticate'] = 'Erreur SMTP : échec de l’authentification.'; -$PHPMAILER_LANG['buggy_php'] = 'Votre version de PHP est affectée par un bogue qui peut entraîner des messages corrompus. Pour résoudre ce problème, passez à l’envoi par SMTP, désactivez l’option mail.add_x_header dans le fichier php.ini, passez à MacOS ou Linux, ou passez PHP à la version 7.0.17+ ou 7.1.3+.'; +$PHPMAILER_LANG['buggy_php'] = 'Votre version de PHP est affectée par un bug qui peut entraîner des messages corrompus. Pour résoudre ce problème, passez à l’envoi par SMTP, désactivez l’option mail.add_x_header dans le fichier php.ini, passez à MacOS ou Linux, ou passez PHP à la version 7.0.17+ ou 7.1.3+.'; $PHPMAILER_LANG['connect_host'] = 'Erreur SMTP : impossible de se connecter au serveur SMTP.'; $PHPMAILER_LANG['data_not_accepted'] = 'Erreur SMTP : données incorrectes.'; $PHPMAILER_LANG['empty_message'] = 'Corps du message vide.'; diff --git a/plugins/PHPMailer/language/phpmailer.lang-mn.php b/plugins/PHPMailer/language/phpmailer.lang-mn.php new file mode 100644 index 00000000..04d262c7 --- /dev/null +++ b/plugins/PHPMailer/language/phpmailer.lang-mn.php @@ -0,0 +1,27 @@ + */ -class OAuth +class OAuth implements OAuthTokenProvider { /** * An instance of the League OAuth Client Provider. diff --git a/plugins/PHPMailer/src/OAuthTokenProvider.php b/plugins/PHPMailer/src/OAuthTokenProvider.php new file mode 100644 index 00000000..11555074 --- /dev/null +++ b/plugins/PHPMailer/src/OAuthTokenProvider.php @@ -0,0 +1,44 @@ + + * @author Jim Jagielski (jimjag) + * @author Andy Prevost (codeworxtech) + * @author Brent R. Matzelle (original founder) + * @copyright 2012 - 2020 Marcus Bointon + * @copyright 2010 - 2012 Jim Jagielski + * @copyright 2004 - 2009 Andy Prevost + * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License + * @note This program is distributed in the hope that it will be useful - WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. + */ + +namespace PHPMailer\PHPMailer; + +/** + * OAuthTokenProvider - OAuth2 token provider interface. + * Provides base64 encoded OAuth2 auth strings for SMTP authentication. + * + * @see OAuth + * @see SMTP::authenticate() + * + * @author Peter Scopes (pdscopes) + * @author Marcus Bointon (Synchro/coolbru) + */ +interface OAuthTokenProvider +{ + /** + * Generate a base64-encoded OAuth token ensuring that the access token has not expired. + * The string to be base 64 encoded should be in the form: + * "user=\001auth=Bearer \001\001" + * + * @return string + */ + public function getOauth64(); +} diff --git a/plugins/PHPMailer/src/PHPMailer.php b/plugins/PHPMailer/src/PHPMailer.php index 20972c4a..e14cdbf5 100644 --- a/plugins/PHPMailer/src/PHPMailer.php +++ b/plugins/PHPMailer/src/PHPMailer.php @@ -350,17 +350,17 @@ class PHPMailer public $Password = ''; /** - * SMTP auth type. - * Options are CRAM-MD5, LOGIN, PLAIN, XOAUTH2, attempted in that order if not specified. + * SMTP authentication type. Options are CRAM-MD5, LOGIN, PLAIN, XOAUTH2. + * If not specified, the first one from that list that the server supports will be selected. * * @var string */ public $AuthType = ''; /** - * An instance of the PHPMailer OAuth class. + * An implementation of the PHPMailer OAuthTokenProvider interface. * - * @var OAuth + * @var OAuthTokenProvider */ protected $oauth; @@ -750,7 +750,7 @@ class PHPMailer * * @var string */ - const VERSION = '6.5.3'; + const VERSION = '6.7.1'; /** * Error severity: message only, continue processing. @@ -858,7 +858,7 @@ class PHPMailer private function mailPassthru($to, $subject, $body, $header, $params) { //Check overloading of mail function to avoid double-encoding - if (ini_get('mbstring.func_overload') & 1) { + if ((int)ini_get('mbstring.func_overload') & 1) { $subject = $this->secureHeader($subject); } else { $subject = $this->encodeHeader($this->secureHeader($subject)); @@ -1066,8 +1066,8 @@ class PHPMailer * Addresses that have been added already return false, but do not throw exceptions. * * @param string $kind One of 'to', 'cc', 'bcc', or 'ReplyTo' - * @param string $address The email address to send, resp. to reply to - * @param string $name + * @param string $address The email address + * @param string $name An optional username associated with the address * * @throws Exception * @@ -1075,9 +1075,11 @@ class PHPMailer */ protected function addOrEnqueueAnAddress($kind, $address, $name) { - $address = trim($address); - $name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim - $pos = strrpos($address, '@'); + $pos = false; + if ($address !== null) { + $address = trim($address); + $pos = strrpos($address, '@'); + } if (false === $pos) { //At-sign is missing. $error_message = sprintf( @@ -1094,8 +1096,14 @@ class PHPMailer return false; } + if ($name !== null && is_string($name)) { + $name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim + } else { + $name = ''; + } $params = [$kind, $address, $name]; //Enqueue addresses with IDN until we know the PHPMailer::$CharSet. + //Domain is assumed to be whatever is after the last @ symbol in the address if (static::idnSupported() && $this->has8bitChars(substr($address, ++$pos))) { if ('Reply-To' !== $kind) { if (!array_key_exists($address, $this->RecipientsQueue)) { @@ -1116,6 +1124,22 @@ class PHPMailer return call_user_func_array([$this, 'addAnAddress'], $params); } + /** + * Set the boundaries to use for delimiting MIME parts. + * If you override this, ensure you set all 3 boundaries to unique values. + * The default boundaries include a "=_" sequence which cannot occur in quoted-printable bodies, + * as suggested by https://www.rfc-editor.org/rfc/rfc2045#section-6.7 + * + * @return void + */ + public function setBoundaries() + { + $this->uniqueid = $this->generateId(); + $this->boundary[1] = 'b1=_' . $this->uniqueid; + $this->boundary[2] = 'b2=_' . $this->uniqueid; + $this->boundary[3] = 'b3=_' . $this->uniqueid; + } + /** * Add an address to one of the recipient arrays or to the ReplyTo array. * Addresses that have been added already return false, but do not throw exceptions. @@ -1185,6 +1209,7 @@ class PHPMailer * * @param string $addrstr The address list string * @param bool $useimap Whether to use the IMAP extension to parse the list + * @param string $charset The charset to use when decoding the address list string. * * @return array */ @@ -1279,7 +1304,7 @@ class PHPMailer */ public function setFrom($address, $name = '', $auto = true) { - $address = trim($address); + $address = trim((string)$address); $name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim //Don't validate now addresses with IDN. Will be done in send(). $pos = strrpos($address, '@'); @@ -1546,17 +1571,17 @@ class PHPMailer //Validate From, Sender, and ConfirmReadingTo addresses foreach (['From', 'Sender', 'ConfirmReadingTo'] as $address_kind) { - $this->$address_kind = trim($this->$address_kind); - if (empty($this->$address_kind)) { + $this->{$address_kind} = trim($this->{$address_kind}); + if (empty($this->{$address_kind})) { continue; } - $this->$address_kind = $this->punyencodeAddress($this->$address_kind); - if (!static::validateAddress($this->$address_kind)) { + $this->{$address_kind} = $this->punyencodeAddress($this->{$address_kind}); + if (!static::validateAddress($this->{$address_kind})) { $error_message = sprintf( '%s (%s): %s', $this->lang('invalid_address'), $address_kind, - $this->$address_kind + $this->{$address_kind} ); $this->setError($error_message); $this->edebug($error_message); @@ -1656,17 +1681,17 @@ class PHPMailer default: $sendMethod = $this->Mailer . 'Send'; if (method_exists($this, $sendMethod)) { - return $this->$sendMethod($this->MIMEHeader, $this->MIMEBody); + return $this->{$sendMethod}($this->MIMEHeader, $this->MIMEBody); } return $this->mailSend($this->MIMEHeader, $this->MIMEBody); } } catch (Exception $exc) { - if ($this->Mailer === 'smtp' && $this->SMTPKeepAlive == true) { - $this->smtp->reset(); - } $this->setError($exc->getMessage()); $this->edebug($exc->getMessage()); + if ($this->Mailer === 'smtp' && $this->SMTPKeepAlive == true && $this->smtp->connected()) { + $this->smtp->reset(); + } if ($this->exceptions) { throw $exc; } @@ -1742,7 +1767,7 @@ class PHPMailer fwrite($mail, $header); fwrite($mail, $body); $result = pclose($mail); - $addrinfo = static::parseAddresses($toAddr, true, $this->charSet); + $addrinfo = static::parseAddresses($toAddr, true, $this->CharSet); $this->doCallback( ($result === 0), [[$addrinfo['address'], $addrinfo['name']]], @@ -1797,7 +1822,13 @@ class PHPMailer */ protected static function isShellSafe($string) { - //Future-proof + //It's not possible to use shell commands safely (which includes the mail() function) without escapeshellarg, + //but some hosting providers disable it, creating a security problem that we don't want to have to deal with, + //so we don't. + if (!function_exists('escapeshellarg') || !function_exists('escapeshellcmd')) { + return false; + } + if ( escapeshellcmd($string) !== $string || !in_array(escapeshellarg($string), ["'$string'", "\"$string\""]) @@ -1848,7 +1879,7 @@ class PHPMailer if (!static::isPermittedPath($path)) { return false; } - $readable = file_exists($path); + $readable = is_file($path); //If not a UNC path (expected to start with \\), check read permission, see #2069 if (strpos($path, '\\\\') !== 0) { $readable = $readable && is_readable($path); @@ -1876,7 +1907,14 @@ class PHPMailer foreach ($this->to as $toaddr) { $toArr[] = $this->addrFormat($toaddr); } - $to = implode(', ', $toArr); + $to = trim(implode(', ', $toArr)); + + //If there are no To-addresses (e.g. when sending only to BCC-addresses) + //the following should be added to get a correct DKIM-signature. + //Compare with $this->preSend() + if ($to === '') { + $to = 'undisclosed-recipients:;'; + } $params = null; //This sets the SMTP envelope sender which gets turned into a return-path header by the receiver @@ -1905,7 +1943,7 @@ class PHPMailer if ($this->SingleTo && count($toArr) > 1) { foreach ($toArr as $toAddr) { $result = $this->mailPassthru($toAddr, $this->Subject, $body, $header, $params); - $addrinfo = static::parseAddresses($toAddr, true, $this->charSet); + $addrinfo = static::parseAddresses($toAddr, true, $this->CharSet); $this->doCallback( $result, [[$addrinfo['address'], $addrinfo['name']]], @@ -2079,6 +2117,9 @@ class PHPMailer $this->smtp->setDebugLevel($this->SMTPDebug); $this->smtp->setDebugOutput($this->Debugoutput); $this->smtp->setVerp($this->do_verp); + if ($this->Host === null) { + $this->Host = 'localhost'; + } $hosts = explode(';', $this->Host); $lastexception = null; @@ -2154,7 +2195,8 @@ class PHPMailer } if ($tls) { if (!$this->smtp->startTLS()) { - throw new Exception($this->lang('connect_host')); + $message = $this->getSmtpErrorMessage('connect_host'); + throw new Exception($message); } //We must resend EHLO after TLS negotiation $this->smtp->hello($hello); @@ -2185,6 +2227,11 @@ class PHPMailer if ($this->exceptions && null !== $lastexception) { throw $lastexception; } + if ($this->exceptions) { + // no exception was thrown, likely $this->smtp->connect() failed + $message = $this->getSmtpErrorMessage('connect_host'); + throw new Exception($message); + } return false; } @@ -2630,16 +2677,15 @@ class PHPMailer $result .= $this->headerLine('X-Priority', $this->Priority); } if ('' === $this->XMailer) { + //Empty string for default X-Mailer header $result .= $this->headerLine( 'X-Mailer', 'PHPMailer ' . self::VERSION . ' (https://github.com/PHPMailer/PHPMailer)' ); - } else { - $myXmailer = trim($this->XMailer); - if ($myXmailer) { - $result .= $this->headerLine('X-Mailer', $myXmailer); - } - } + } elseif (is_string($this->XMailer) && trim($this->XMailer) !== '') { + //Some string + $result .= $this->headerLine('X-Mailer', trim($this->XMailer)); + } //Other values result in no X-Mailer header if ('' !== $this->ConfirmReadingTo) { $result .= $this->headerLine('Disposition-Notification-To', '<' . $this->ConfirmReadingTo . '>'); @@ -2764,10 +2810,7 @@ class PHPMailer { $body = ''; //Create unique IDs and preset boundaries - $this->uniqueid = $this->generateId(); - $this->boundary[1] = 'b1_' . $this->uniqueid; - $this->boundary[2] = 'b2_' . $this->uniqueid; - $this->boundary[3] = 'b3_' . $this->uniqueid; + $this->setBoundaries(); if ($this->sign_key_file) { $body .= $this->getMailMIME() . static::$LE; @@ -2803,7 +2846,7 @@ class PHPMailer $altBodyEncoding = static::ENCODING_QUOTED_PRINTABLE; } //Use this as a preamble in all multipart message types - $mimepre = 'This is a multi-part message in MIME format.' . static::$LE . static::$LE; + $mimepre = ''; switch ($this->message_type) { case 'inline': $body .= $mimepre; @@ -3039,6 +3082,18 @@ class PHPMailer return $body; } + /** + * Get the boundaries that this message will use + * @return array + */ + public function getBoundaries() + { + if (empty($this->boundary)) { + $this->setBoundaries(); + } + return $this->boundary; + } + /** * Return the start of a message boundary. * @@ -3694,20 +3749,21 @@ class PHPMailer * These differ from 'regular' attachments in that they are intended to be * displayed inline with the message, not just attached for download. * This is used in HTML messages that embed the images - * the HTML refers to using the $cid value. + * the HTML refers to using the `$cid` value in `img` tags, for example ``. * Never use a user-supplied path to a file! * * @param string $path Path to the attachment * @param string $cid Content ID of the attachment; Use this to reference * the content when using an embedded image in HTML - * @param string $name Overrides the attachment name - * @param string $encoding File encoding (see $Encoding) - * @param string $type File MIME type - * @param string $disposition Disposition to use - * - * @throws Exception + * @param string $name Overrides the attachment filename + * @param string $encoding File encoding (see $Encoding) defaults to `base64` + * @param string $type File MIME type (by default mapped from the `$path` filename's extension) + * @param string $disposition Disposition to use: `inline` (default) or `attachment` + * (unlikely you want this – {@see `addAttachment()`} instead) * * @return bool True on successfully adding an attachment + * @throws Exception + * */ public function addEmbeddedImage( $path, @@ -4085,12 +4141,8 @@ class PHPMailer //Is it a valid IPv4 address? return filter_var($host, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false; } - if (filter_var('http://' . $host, FILTER_VALIDATE_URL) !== false) { - //Is it a syntactically valid hostname? - return true; - } - - return false; + //Is it a syntactically valid hostname (when embeded in a URL)? + return filter_var('http://' . $host, FILTER_VALIDATE_URL) !== false; } /** @@ -4121,6 +4173,26 @@ class PHPMailer return $key; } + /** + * Build an error message starting with a generic one and adding details if possible. + * + * @param string $base_key + * @return string + */ + private function getSmtpErrorMessage($base_key) + { + $message = $this->lang($base_key); + $error = $this->smtp->getError(); + if (!empty($error['error'])) { + $message .= ' ' . $error['error']; + if (!empty($error['detail'])) { + $message .= ' ' . $error['detail']; + } + } + + return $message; + } + /** * Check if an error occurred. * @@ -4139,6 +4211,7 @@ class PHPMailer * @param string $name Custom header name * @param string|null $value Header value * + * @return bool True if a header was set successfully * @throws Exception */ public function addCustomHeader($name, $value = null) @@ -4433,6 +4506,7 @@ class PHPMailer 'ics' => 'text/calendar', 'xml' => 'text/xml', 'xsl' => 'text/xml', + 'csv' => 'text/csv', 'wmv' => 'video/x-ms-wmv', 'mpeg' => 'video/mpeg', 'mpe' => 'video/mpeg', @@ -4540,7 +4614,7 @@ class PHPMailer public function set($name, $value = '') { if (property_exists($this, $name)) { - $this->$name = $value; + $this->{$name} = $value; return true; } @@ -4587,15 +4661,27 @@ class PHPMailer } /** - * Remove trailing breaks from a string. + * Remove trailing whitespace from a string. + * + * @param string $text + * + * @return string The text to remove whitespace from + */ + public static function stripTrailingWSP($text) + { + return rtrim($text, " \r\n\t"); + } + + /** + * Strip trailing line breaks from a string. * * @param string $text * * @return string The text to remove breaks from */ - public static function stripTrailingWSP($text) + public static function stripTrailingBreaks($text) { - return rtrim($text, " \r\n\t"); + return rtrim($text, "\r\n"); } /** @@ -4761,7 +4847,7 @@ class PHPMailer $body = static::normalizeBreaks($body, self::CRLF); //Reduce multiple trailing line breaks to a single one - return static::stripTrailingWSP($body) . self::CRLF; + return static::stripTrailingBreaks($body) . self::CRLF; } /** @@ -5021,9 +5107,9 @@ class PHPMailer } /** - * Get the OAuth instance. + * Get the OAuthTokenProvider instance. * - * @return OAuth + * @return OAuthTokenProvider */ public function getOAuth() { @@ -5031,9 +5117,9 @@ class PHPMailer } /** - * Set an OAuth instance. + * Set an OAuthTokenProvider instance. */ - public function setOAuth(OAuth $oauth) + public function setOAuth(OAuthTokenProvider $oauth) { $this->oauth = $oauth; } diff --git a/plugins/PHPMailer/src/POP3.php b/plugins/PHPMailer/src/POP3.php index ea5f9418..4ae52fb1 100644 --- a/plugins/PHPMailer/src/POP3.php +++ b/plugins/PHPMailer/src/POP3.php @@ -46,7 +46,7 @@ class POP3 * * @var string */ - const VERSION = '6.5.3'; + const VERSION = '6.7.1'; /** * Default POP3 port number. @@ -337,7 +337,12 @@ class POP3 */ public function disconnect() { - $this->sendString('QUIT'); + // If could not connect at all, no need to disconnect + if ($this->pop_conn === false) { + return; + } + + $this->sendString('QUIT' . static::LE); // RFC 1939 shows POP3 server sending a +OK response to the QUIT command. // Try to get it. Ignore any failures here. diff --git a/plugins/PHPMailer/src/SMTP.php b/plugins/PHPMailer/src/SMTP.php index 676dba29..95b0d0bb 100644 --- a/plugins/PHPMailer/src/SMTP.php +++ b/plugins/PHPMailer/src/SMTP.php @@ -35,7 +35,7 @@ class SMTP * * @var string */ - const VERSION = '6.5.3'; + const VERSION = '6.7.1'; /** * SMTP line break constant. @@ -187,6 +187,7 @@ class SMTP 'SendGrid' => '/[\d]{3} Ok: queued as (.*)/', 'CampaignMonitor' => '/[\d]{3} 2.0.0 OK:([a-zA-Z\d]{48})/', 'Haraka' => '/[\d]{3} Message Queued \((.*)\)/', + 'Mailjet' => '/[\d]{3} OK queued as (.*)/', ]; /** @@ -482,7 +483,7 @@ class SMTP * @param string $username The user name * @param string $password The password * @param string $authtype The auth type (CRAM-MD5, PLAIN, LOGIN, XOAUTH2) - * @param OAuth $OAuth An optional OAuth instance for XOAUTH2 authentication + * @param OAuthTokenProvider $OAuth An optional OAuthTokenProvider instance for XOAUTH2 authentication * * @return bool True if successfully authenticated */ @@ -681,7 +682,6 @@ class SMTP */ public function close() { - $this->setError(''); $this->server_caps = null; $this->helo_rply = null; if (is_resource($this->smtp_conn)) { @@ -1036,7 +1036,10 @@ class SMTP return false; } - $this->setError(''); + //Don't clear the error store when using keepalive + if ($command !== 'RSET') { + $this->setError(''); + } return true; }