AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 19:04:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Bump PHPMailer from 6.5.3 to 6.7.1

Browse Source
This commit is contained in:
johnnyq
2023-01-17 11:52:49 -05:00
parent 7c1b3c9c57
commit c935faeff0
17 changed files with 355 additions and 155 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/PHPMailer/src/OAuth.php
View File

@@ -33,7 +33,7 @@ use League\OAuth2\Client\Token\AccessToken;
*
* @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
*/
class OAuth
class OAuth implements OAuthTokenProvider
{
/**
* An instance of the League OAuth Client Provider.

44
plugins/PHPMailer/src/OAuthTokenProvider.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
/**
* PHPMailer - PHP email creation and transport class.
* PHP Version 5.5.
*
* @see https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
*
* @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
* @author Jim Jagielski (jimjag) <jimjag@gmail.com>
* @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
* @author Brent R. Matzelle (original founder)
* @copyright 2012 - 2020 Marcus Bointon
* @copyright 2010 - 2012 Jim Jagielski
* @copyright 2004 - 2009 Andy Prevost
* @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
* @note This program is distributed in the hope that it will be useful - WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE.
*/
namespace PHPMailer\PHPMailer;
/**
* OAuthTokenProvider - OAuth2 token provider interface.
* Provides base64 encoded OAuth2 auth strings for SMTP authentication.
*
* @see OAuth
* @see SMTP::authenticate()
*
* @author Peter Scopes (pdscopes)
* @author Marcus Bointon (Synchro/coolbru) <phpmailer@synchromedia.co.uk>
*/
interface OAuthTokenProvider
{
/**
* Generate a base64-encoded OAuth token ensuring that the access token has not expired.
* The string to be base 64 encoded should be in the form:
* "user=<user_email_address>\001auth=Bearer <access_token>\001\001"
*
* @return string
*/
public function getOauth64();
}

206
plugins/PHPMailer/src/PHPMailer.php
View File

@@ -350,17 +350,17 @@ class PHPMailer
public $Password = '';
/**
* SMTP auth type.
* Options are CRAM-MD5, LOGIN, PLAIN, XOAUTH2, attempted in that order if not specified.
* SMTP authentication type. Options are CRAM-MD5, LOGIN, PLAIN, XOAUTH2.
* If not specified, the first one from that list that the server supports will be selected.
*
* @var string
*/
public $AuthType = '';
/**
* An instance of the PHPMailer OAuth class.
* An implementation of the PHPMailer OAuthTokenProvider interface.
*
* @var OAuth
* @var OAuthTokenProvider
*/
protected $oauth;
@@ -750,7 +750,7 @@ class PHPMailer
*
* @var string
*/
const VERSION = '6.5.3';
const VERSION = '6.7.1';
/**
* Error severity: message only, continue processing.
@@ -858,7 +858,7 @@ class PHPMailer
private function mailPassthru($to, $subject, $body, $header, $params)
{
//Check overloading of mail function to avoid double-encoding
if (ini_get('mbstring.func_overload') & 1) {
if ((int)ini_get('mbstring.func_overload') & 1) {
$subject = $this->secureHeader($subject);
} else {
$subject = $this->encodeHeader($this->secureHeader($subject));
@@ -1066,8 +1066,8 @@ class PHPMailer
* Addresses that have been added already return false, but do not throw exceptions.
*
* @param string $kind One of 'to', 'cc', 'bcc', or 'ReplyTo'
* @param string $address The email address to send, resp. to reply to
* @param string $name
* @param string $address The email address
* @param string $name An optional username associated with the address
*
* @throws Exception
*
@@ -1075,9 +1075,11 @@ class PHPMailer
*/
protected function addOrEnqueueAnAddress($kind, $address, $name)
{
$address = trim($address);
$name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim
$pos = strrpos($address, '@');
$pos = false;
if ($address !== null) {
$address = trim($address);
$pos = strrpos($address, '@');
}
if (false === $pos) {
//At-sign is missing.
$error_message = sprintf(
@@ -1094,8 +1096,14 @@ class PHPMailer
return false;
}
if ($name !== null && is_string($name)) {
$name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim
} else {
$name = '';
}
$params = [$kind, $address, $name];
//Enqueue addresses with IDN until we know the PHPMailer::$CharSet.
//Domain is assumed to be whatever is after the last @ symbol in the address
if (static::idnSupported() && $this->has8bitChars(substr($address, ++$pos))) {
if ('Reply-To' !== $kind) {
if (!array_key_exists($address, $this->RecipientsQueue)) {
@@ -1116,6 +1124,22 @@ class PHPMailer
return call_user_func_array([$this, 'addAnAddress'], $params);
}
/**
* Set the boundaries to use for delimiting MIME parts.
* If you override this, ensure you set all 3 boundaries to unique values.
* The default boundaries include a "=_" sequence which cannot occur in quoted-printable bodies,
* as suggested by https://www.rfc-editor.org/rfc/rfc2045#section-6.7
*
* @return void
*/
public function setBoundaries()
{
$this->uniqueid = $this->generateId();
$this->boundary[1] = 'b1=_' . $this->uniqueid;
$this->boundary[2] = 'b2=_' . $this->uniqueid;
$this->boundary[3] = 'b3=_' . $this->uniqueid;
}
/**
* Add an address to one of the recipient arrays or to the ReplyTo array.
* Addresses that have been added already return false, but do not throw exceptions.
@@ -1185,6 +1209,7 @@ class PHPMailer
*
* @param string $addrstr The address list string
* @param bool $useimap Whether to use the IMAP extension to parse the list
* @param string $charset The charset to use when decoding the address list string.
*
* @return array
*/
@@ -1279,7 +1304,7 @@ class PHPMailer
*/
public function setFrom($address, $name = '', $auto = true)
{
$address = trim($address);
$address = trim((string)$address);
$name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim
//Don't validate now addresses with IDN. Will be done in send().
$pos = strrpos($address, '@');
@@ -1546,17 +1571,17 @@ class PHPMailer
//Validate From, Sender, and ConfirmReadingTo addresses
foreach (['From', 'Sender', 'ConfirmReadingTo'] as $address_kind) {
$this->$address_kind = trim($this->$address_kind);
if (empty($this->$address_kind)) {
$this->{$address_kind} = trim($this->{$address_kind});
if (empty($this->{$address_kind})) {
continue;
}
$this->$address_kind = $this->punyencodeAddress($this->$address_kind);
if (!static::validateAddress($this->$address_kind)) {
$this->{$address_kind} = $this->punyencodeAddress($this->{$address_kind});
if (!static::validateAddress($this->{$address_kind})) {
$error_message = sprintf(
'%s (%s): %s',
$this->lang('invalid_address'),
$address_kind,
$this->$address_kind
$this->{$address_kind}
);
$this->setError($error_message);
$this->edebug($error_message);
@@ -1656,17 +1681,17 @@ class PHPMailer
default:
$sendMethod = $this->Mailer . 'Send';
if (method_exists($this, $sendMethod)) {
return $this->$sendMethod($this->MIMEHeader, $this->MIMEBody);
return $this->{$sendMethod}($this->MIMEHeader, $this->MIMEBody);
}
return $this->mailSend($this->MIMEHeader, $this->MIMEBody);
}
} catch (Exception $exc) {
if ($this->Mailer === 'smtp' && $this->SMTPKeepAlive == true) {
$this->smtp->reset();
}
$this->setError($exc->getMessage());
$this->edebug($exc->getMessage());
if ($this->Mailer === 'smtp' && $this->SMTPKeepAlive == true && $this->smtp->connected()) {
$this->smtp->reset();
}
if ($this->exceptions) {
throw $exc;
}
@@ -1742,7 +1767,7 @@ class PHPMailer
fwrite($mail, $header);
fwrite($mail, $body);
$result = pclose($mail);
$addrinfo = static::parseAddresses($toAddr, true, $this->charSet);
$addrinfo = static::parseAddresses($toAddr, true, $this->CharSet);
$this->doCallback(
($result === 0),
[[$addrinfo['address'], $addrinfo['name']]],
@@ -1797,7 +1822,13 @@ class PHPMailer
*/
protected static function isShellSafe($string)
{
//Future-proof
//It's not possible to use shell commands safely (which includes the mail() function) without escapeshellarg,
//but some hosting providers disable it, creating a security problem that we don't want to have to deal with,
//so we don't.
if (!function_exists('escapeshellarg') || !function_exists('escapeshellcmd')) {
return false;
}
if (
escapeshellcmd($string) !== $string
|| !in_array(escapeshellarg($string), ["'$string'", "\"$string\""])
@@ -1848,7 +1879,7 @@ class PHPMailer
if (!static::isPermittedPath($path)) {
return false;
}
$readable = file_exists($path);
$readable = is_file($path);
//If not a UNC path (expected to start with \\), check read permission, see #2069
if (strpos($path, '\\\\') !== 0) {
$readable = $readable && is_readable($path);
@@ -1876,7 +1907,14 @@ class PHPMailer
foreach ($this->to as $toaddr) {
$toArr[] = $this->addrFormat($toaddr);
}
$to = implode(', ', $toArr);
$to = trim(implode(', ', $toArr));
//If there are no To-addresses (e.g. when sending only to BCC-addresses)
//the following should be added to get a correct DKIM-signature.
//Compare with $this->preSend()
if ($to === '') {
$to = 'undisclosed-recipients:;';
}
$params = null;
//This sets the SMTP envelope sender which gets turned into a return-path header by the receiver
@@ -1905,7 +1943,7 @@ class PHPMailer
if ($this->SingleTo && count($toArr) > 1) {
foreach ($toArr as $toAddr) {
$result = $this->mailPassthru($toAddr, $this->Subject, $body, $header, $params);
$addrinfo = static::parseAddresses($toAddr, true, $this->charSet);
$addrinfo = static::parseAddresses($toAddr, true, $this->CharSet);
$this->doCallback(
$result,
[[$addrinfo['address'], $addrinfo['name']]],
@@ -2079,6 +2117,9 @@ class PHPMailer
$this->smtp->setDebugLevel($this->SMTPDebug);
$this->smtp->setDebugOutput($this->Debugoutput);
$this->smtp->setVerp($this->do_verp);
if ($this->Host === null) {
$this->Host = 'localhost';
}
$hosts = explode(';', $this->Host);
$lastexception = null;
@@ -2154,7 +2195,8 @@ class PHPMailer
}
if ($tls) {
if (!$this->smtp->startTLS()) {
throw new Exception($this->lang('connect_host'));
$message = $this->getSmtpErrorMessage('connect_host');
throw new Exception($message);
}
//We must resend EHLO after TLS negotiation
$this->smtp->hello($hello);
@@ -2185,6 +2227,11 @@ class PHPMailer
if ($this->exceptions && null !== $lastexception) {
throw $lastexception;
}
if ($this->exceptions) {
// no exception was thrown, likely $this->smtp->connect() failed
$message = $this->getSmtpErrorMessage('connect_host');
throw new Exception($message);
}
return false;
}
@@ -2630,16 +2677,15 @@ class PHPMailer
$result .= $this->headerLine('X-Priority', $this->Priority);
}
if ('' === $this->XMailer) {
//Empty string for default X-Mailer header
$result .= $this->headerLine(
'X-Mailer',
'PHPMailer ' . self::VERSION . ' (https://github.com/PHPMailer/PHPMailer)'
);
} else {
$myXmailer = trim($this->XMailer);
if ($myXmailer) {
$result .= $this->headerLine('X-Mailer', $myXmailer);
}
}
} elseif (is_string($this->XMailer) && trim($this->XMailer) !== '') {
//Some string
$result .= $this->headerLine('X-Mailer', trim($this->XMailer));
} //Other values result in no X-Mailer header
if ('' !== $this->ConfirmReadingTo) {
$result .= $this->headerLine('Disposition-Notification-To', '<' . $this->ConfirmReadingTo . '>');
@@ -2764,10 +2810,7 @@ class PHPMailer
{
$body = '';
//Create unique IDs and preset boundaries
$this->uniqueid = $this->generateId();
$this->boundary[1] = 'b1_' . $this->uniqueid;
$this->boundary[2] = 'b2_' . $this->uniqueid;
$this->boundary[3] = 'b3_' . $this->uniqueid;
$this->setBoundaries();
if ($this->sign_key_file) {
$body .= $this->getMailMIME() . static::$LE;
@@ -2803,7 +2846,7 @@ class PHPMailer
$altBodyEncoding = static::ENCODING_QUOTED_PRINTABLE;
}
//Use this as a preamble in all multipart message types
$mimepre = 'This is a multi-part message in MIME format.' . static::$LE . static::$LE;
$mimepre = '';
switch ($this->message_type) {
case 'inline':
$body .= $mimepre;
@@ -3039,6 +3082,18 @@ class PHPMailer
return $body;
}
/**
* Get the boundaries that this message will use
* @return array
*/
public function getBoundaries()
{
if (empty($this->boundary)) {
$this->setBoundaries();
}
return $this->boundary;
}
/**
* Return the start of a message boundary.
*
@@ -3694,20 +3749,21 @@ class PHPMailer
* These differ from 'regular' attachments in that they are intended to be
* displayed inline with the message, not just attached for download.
* This is used in HTML messages that embed the images
* the HTML refers to using the $cid value.
* the HTML refers to using the `$cid` value in `img` tags, for example `<img src="cid:mylogo">`.
* Never use a user-supplied path to a file!
*
* @param string $path Path to the attachment
* @param string $cid Content ID of the attachment; Use this to reference
* the content when using an embedded image in HTML
* @param string $name Overrides the attachment name
* @param string $encoding File encoding (see $Encoding)
* @param string $type File MIME type
* @param string $disposition Disposition to use
*
* @throws Exception
* @param string $name Overrides the attachment filename
* @param string $encoding File encoding (see $Encoding) defaults to `base64`
* @param string $type File MIME type (by default mapped from the `$path` filename's extension)
* @param string $disposition Disposition to use: `inline` (default) or `attachment`
* (unlikely you want this {@see `addAttachment()`} instead)
*
* @return bool True on successfully adding an attachment
* @throws Exception
*
*/
public function addEmbeddedImage(
$path,
@@ -4085,12 +4141,8 @@ class PHPMailer
//Is it a valid IPv4 address?
return filter_var($host, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false;
}
if (filter_var('http://' . $host, FILTER_VALIDATE_URL) !== false) {
//Is it a syntactically valid hostname?
return true;
}
return false;
//Is it a syntactically valid hostname (when embeded in a URL)?
return filter_var('http://' . $host, FILTER_VALIDATE_URL) !== false;
}
/**
@@ -4121,6 +4173,26 @@ class PHPMailer
return $key;
}
/**
* Build an error message starting with a generic one and adding details if possible.
*
* @param string $base_key
* @return string
*/
private function getSmtpErrorMessage($base_key)
{
$message = $this->lang($base_key);
$error = $this->smtp->getError();
if (!empty($error['error'])) {
$message .= ' ' . $error['error'];
if (!empty($error['detail'])) {
$message .= ' ' . $error['detail'];
}
}
return $message;
}
/**
* Check if an error occurred.
*
@@ -4139,6 +4211,7 @@ class PHPMailer
* @param string $name Custom header name
* @param string|null $value Header value
*
* @return bool True if a header was set successfully
* @throws Exception
*/
public function addCustomHeader($name, $value = null)
@@ -4433,6 +4506,7 @@ class PHPMailer
'ics' => 'text/calendar',
'xml' => 'text/xml',
'xsl' => 'text/xml',
'csv' => 'text/csv',
'wmv' => 'video/x-ms-wmv',
'mpeg' => 'video/mpeg',
'mpe' => 'video/mpeg',
@@ -4540,7 +4614,7 @@ class PHPMailer
public function set($name, $value = '')
{
if (property_exists($this, $name)) {
$this->$name = $value;
$this->{$name} = $value;
return true;
}
@@ -4587,15 +4661,27 @@ class PHPMailer
}
/**
* Remove trailing breaks from a string.
* Remove trailing whitespace from a string.
*
* @param string $text
*
* @return string The text to remove whitespace from
*/
public static function stripTrailingWSP($text)
{
return rtrim($text, " \r\n\t");
}
/**
* Strip trailing line breaks from a string.
*
* @param string $text
*
* @return string The text to remove breaks from
*/
public static function stripTrailingWSP($text)
public static function stripTrailingBreaks($text)
{
return rtrim($text, " \r\n\t");
return rtrim($text, "\r\n");
}
/**
@@ -4761,7 +4847,7 @@ class PHPMailer
$body = static::normalizeBreaks($body, self::CRLF);
//Reduce multiple trailing line breaks to a single one
return static::stripTrailingWSP($body) . self::CRLF;
return static::stripTrailingBreaks($body) . self::CRLF;
}
/**
@@ -5021,9 +5107,9 @@ class PHPMailer
}
/**
* Get the OAuth instance.
* Get the OAuthTokenProvider instance.
*
* @return OAuth
* @return OAuthTokenProvider
*/
public function getOAuth()
{
@@ -5031,9 +5117,9 @@ class PHPMailer
}
/**
* Set an OAuth instance.
* Set an OAuthTokenProvider instance.
*/
public function setOAuth(OAuth $oauth)
public function setOAuth(OAuthTokenProvider $oauth)
{
$this->oauth = $oauth;
}

9
plugins/PHPMailer/src/POP3.php
View File

@@ -46,7 +46,7 @@ class POP3
*
* @var string
*/
const VERSION = '6.5.3';
const VERSION = '6.7.1';
/**
* Default POP3 port number.
@@ -337,7 +337,12 @@ class POP3
*/
public function disconnect()
{
$this->sendString('QUIT');
// If could not connect at all, no need to disconnect
if ($this->pop_conn === false) {
return;
}
$this->sendString('QUIT' . static::LE);
// RFC 1939 shows POP3 server sending a +OK response to the QUIT command.
// Try to get it. Ignore any failures here.

11
plugins/PHPMailer/src/SMTP.php
View File

@@ -35,7 +35,7 @@ class SMTP
*
* @var string
*/
const VERSION = '6.5.3';
const VERSION = '6.7.1';
/**
* SMTP line break constant.
@@ -187,6 +187,7 @@ class SMTP
'SendGrid' => '/[\d]{3} Ok: queued as (.*)/',
'CampaignMonitor' => '/[\d]{3} 2.0.0 OK:([a-zA-Z\d]{48})/',
'Haraka' => '/[\d]{3} Message Queued \((.*)\)/',
'Mailjet' => '/[\d]{3} OK queued as (.*)/',
];
/**
@@ -482,7 +483,7 @@ class SMTP
* @param string $username The user name
* @param string $password The password
* @param string $authtype The auth type (CRAM-MD5, PLAIN, LOGIN, XOAUTH2)
* @param OAuth $OAuth An optional OAuth instance for XOAUTH2 authentication
* @param OAuthTokenProvider $OAuth An optional OAuthTokenProvider instance for XOAUTH2 authentication
*
* @return bool True if successfully authenticated
*/
@@ -681,7 +682,6 @@ class SMTP
*/
public function close()
{
$this->setError('');
$this->server_caps = null;
$this->helo_rply = null;
if (is_resource($this->smtp_conn)) {
@@ -1036,7 +1036,10 @@ class SMTP
return false;
}
$this->setError('');
//Don't clear the error store when using keepalive
if ($command !== 'RSET') {
$this->setError('');
}
return true;
}