Make WordPress Core

Opened 12 years ago

Closed 12 years ago

#20970 closed defect (bug) (fixed)

PHPMailer 5.2.1 bundled with WordPress 3.4 can not send mail with php safe mode on.

Reported by: sumindmitriy's profile sumindmitriy Owned by: bpetty's profile bpetty
Milestone: 3.4.1 Priority: normal
Severity: major Version: 3.4
Component: Mail Keywords: has-patch commit
Focuses: Cc:

Description

When sending mail from WP 3.4 using php mail() function and with php safe mode on, receiving "PHP Warning: mail(): SAFE MODE Restriction in effect." and mail can not be send.
This bug described at http://code.google.com/a/apache-extras.org/p/phpmailer/issues/detail?id=68
Patch attached.

Attachments (2)

class_phpmailer-5.2.1.patch (529 bytes) - added by sumindmitriy 12 years ago.
20970.patch (1.2 KB) - added by SergeyBiryukov 12 years ago.

Download all attachments as: .zip

Change History (18)

#1 follow-up: @bpetty
12 years ago

This certainly works for a quick hack to get it working again in safe mode, however, this actually removes PHP Mailer's ability to set the envelope sender address and it will no longer use -oi with the sendmail binary changing the behavior of how it handles certain emails.

Optimally, it should only do this if safe_mode is in fact on since that is the only situation where those features won't be available.

I would attach a patch to do that, but I also think this is something that should come from an upstream PHP Mailer release where they have done the appropriate testing.

#2 in reply to: ↑ 1 @SergeyBiryukov
12 years ago

Replying to bpetty:

Optimally, it should only do this if safe_mode is in fact on

That's the case. There's a check for that earlier:
http://core.trac.wordpress.org/browser/tags/3.4/wp-includes/class-phpmailer.php#L744
The patch only removes $params from the else branch.

#3 @bpetty
12 years ago

  • Cc bpetty added
  • Owner set to bpetty
  • Status changed from new to accepted

Ah, you're right, it does. I didn't catch that earlier.

I'll leave this for core devs to look at, and apply assuming this doesn't need to wait for upstream first.

#4 @SergeyBiryukov
12 years ago

Yes, external libraries generally should be fixed upstream first.

Seems that the upstream repository hasn't been updated since January though.

#5 @bpetty
12 years ago

  • Owner bpetty deleted
  • Status changed from accepted to assigned

#6 @nacin
12 years ago

  • Milestone changed from Awaiting Review to 3.4.1

I'm fine with 20970.patch for 3.4.1. Let's see what we can do to get upstream to pay attention.

#7 @bpetty
12 years ago

It appears Jim Jagielski at Red Hat is the sole developer on the PHP Mailer project, so he would be the person to contact on this, however, there is an open ticket already (as noted in this ticket's description) with plenty of info necessary to address this, and I'll give him the benefit of the doubt and not bother him beyond that ticket for now.

If that ticket still hasn't been addressed when we come close to the 3.4.1 release, I would suggest poking him at his personal email address.

#8 @bpetty
12 years ago

  • Owner set to bpetty

Since this actually is high priority now, I've assigned this to myself since I have now reached out to Jim, however, someone with commit access needs to apply this in the meantime for 3.4.1 as discussed in the dev chat.

#10 @bpetty
12 years ago

Jim just got back to me, and he's taking a look at it now, so we should see something in upstream soon here.

#11 @nacin
12 years ago

I looked at [19849] and was trying to figure out why only one $params was added, but here we're adding two. So the first one (that already existed) is only when more than one email is sent, which is something wp_mail() supports (as of late) but core never uses. 20970.patch looks good. If for some reason it's not fixed upstream before we decide to release 3.4.1, we can go with it.

#12 @nacin
12 years ago

  • Keywords commit added

#13 @nacin
12 years ago

http://php.net/mail is clear as day: "The additional_parameters parameter is disabled in safe_mode and the mail() function will expose a warning message and return FALSE when used."

#14 @nacin
12 years ago

In [21128]:

Do not pass mail() a fourth argument when safe_mode is in effect.

Fixes the sending of mail when in safe_mode. There is a bug report being addressed upstream with PHPMailer.

props sumindmitriy. see #20970 for trunk.

#15 @nacin
12 years ago

In [21129]:

Do not pass mail() a fourth argument when safe_mode is in effect.

Fixes the sending of mail when in safe_mode. There is a bug report being addressed upstream with PHPMailer.

props sumindmitriy. see #20970 for 3.4.

#16 @nacin
12 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed

I opened #21074 to track upstream progress. Thanks sumindmitriy and bpetty.

Note: See TracTickets for help on using tickets.