WordPress.org

Make WordPress Core

Changeset 36083


Ignore:
Timestamp:
12/24/2015 01:58:33 AM (4 years ago)
Author:
pento
Message:

Upgrade PHPMailer from 5.2.10 to 5.2.14.

The full list of changes is available here: https://github.com/PHPMailer/PHPMailer/compare/v5.2.10...v5.2.14

Fixes #35212 for trunk.

Location:
trunk/src/wp-includes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/class-phpmailer.php

    r33142 r36083  
    3030    /**
    3131     * The PHPMailer Version number.
    32      * @type string
    33      */
    34     public $Version = '5.2.10';
     32     * @var string
     33     */
     34    public $Version = '5.2.14';
    3535
    3636    /**
    3737     * Email priority.
    38      * Options: 1 = High, 3 = Normal, 5 = low.
    39      * @type integer
    40      */
    41     public $Priority = 3;
     38     * Options: null (default), 1 = High, 3 = Normal, 5 = low.
     39     * When null, the header is not set at all.
     40     * @var integer
     41     */
     42    public $Priority = null;
    4243
    4344    /**
    4445     * The character set of the message.
    45      * @type string
     46     * @var string
    4647     */
    4748    public $CharSet = 'iso-8859-1';
     
    4950    /**
    5051     * The MIME Content-type of the message.
    51      * @type string
     52     * @var string
    5253     */
    5354    public $ContentType = 'text/plain';
     
    5657     * The message encoding.
    5758     * Options: "8bit", "7bit", "binary", "base64", and "quoted-printable".
    58      * @type string
     59     * @var string
    5960     */
    6061    public $Encoding = '8bit';
     
    6263    /**
    6364     * Holds the most recent mailer error message.
    64      * @type string
     65     * @var string
    6566     */
    6667    public $ErrorInfo = '';
     
    6869    /**
    6970     * The From email address for the message.
    70      * @type string
     71     * @var string
    7172     */
    7273    public $From = 'root@localhost';
     
    7475    /**
    7576     * The From name of the message.
    76      * @type string
     77     * @var string
    7778     */
    7879    public $FromName = 'Root User';
     
    8182     * The Sender email (Return-Path) of the message.
    8283     * If not empty, will be sent via -f to sendmail or as 'MAIL FROM' in smtp mode.
    83      * @type string
     84     * @var string
    8485     */
    8586    public $Sender = '';
     
    8889     * The Return-Path of the message.
    8990     * If empty, it will be set to either From or Sender.
    90      * @type string
     91     * @var string
    9192     * @deprecated Email senders should never set a return-path header;
    9293     * it's the receiver's job (RFC5321 section 4.4), so this no longer does anything.
     
    9798    /**
    9899     * The Subject of the message.
    99      * @type string
     100     * @var string
    100101     */
    101102    public $Subject = '';
     
    104105     * An HTML or plain text message body.
    105106     * If HTML then call isHTML(true).
    106      * @type string
     107     * @var string
    107108     */
    108109    public $Body = '';
     
    113114     * capability such as mutt & Eudora.
    114115     * Clients that can read HTML will view the normal Body.
    115      * @type string
     116     * @var string
    116117     */
    117118    public $AltBody = '';
     
    123124     * @link http://sprain.ch/blog/downloads/php-class-easypeasyics-create-ical-files-with-php/
    124125     * @link http://kigkonsult.se/iCalcreator/
    125      * @type string
     126     * @var string
    126127     */
    127128    public $Ical = '';
     
    130131     * The complete compiled MIME message body.
    131132     * @access protected
    132      * @type string
     133     * @var string
    133134     */
    134135    protected $MIMEBody = '';
     
    136137    /**
    137138     * The complete compiled MIME message headers.
    138      * @type string
     139     * @var string
    139140     * @access protected
    140141     */
     
    143144    /**
    144145     * Extra headers that createHeader() doesn't fold in.
    145      * @type string
     146     * @var string
    146147     * @access protected
    147148     */
     
    151152     * Word-wrap the message body to this number of chars.
    152153     * Set to 0 to not wrap. A useful value here is 78, for RFC2822 section 2.1.1 compliance.
    153      * @type integer
     154     * @var integer
    154155     */
    155156    public $WordWrap = 0;
     
    158159     * Which method to use to send mail.
    159160     * Options: "mail", "sendmail", or "smtp".
    160      * @type string
     161     * @var string
    161162     */
    162163    public $Mailer = 'mail';
     
    164165    /**
    165166     * The path to the sendmail program.
    166      * @type string
     167     * @var string
    167168     */
    168169    public $Sendmail = '/usr/sbin/sendmail';
     
    171172     * Whether mail() uses a fully sendmail-compatible MTA.
    172173     * One which supports sendmail's "-oi -f" options.
    173      * @type boolean
     174     * @var boolean
    174175     */
    175176    public $UseSendmailOptions = true;
     
    178179     * Path to PHPMailer plugins.
    179180     * Useful if the SMTP class is not in the PHP include path.
    180      * @type string
     181     * @var string
    181182     * @deprecated Should not be needed now there is an autoloader.
    182183     */
     
    184185
    185186    /**
    186      * The email address that a reading confirmation should be sent to.
    187      * @type string
     187     * The email address that a reading confirmation should be sent to, also known as read receipt.
     188     * @var string
    188189     */
    189190    public $ConfirmReadingTo = '';
    190191
    191192    /**
    192      * The hostname to use in Message-Id and Received headers
    193      * and as default HELO string.
    194      * If empty, the value returned
    195      * by SERVER_NAME is used or 'localhost.localdomain'.
    196      * @type string
     193     * The hostname to use in the Message-ID header and as default HELO string.
     194     * If empty, PHPMailer attempts to find one with, in order,
     195     * $_SERVER['SERVER_NAME'], gethostname(), php_uname('n'), or the value
     196     * 'localhost.localdomain'.
     197     * @var string
    197198     */
    198199    public $Hostname = '';
    199200
    200201    /**
    201      * An ID to be used in the Message-Id header.
     202     * An ID to be used in the Message-ID header.
    202203     * If empty, a unique id will be generated.
    203      * @type string
     204     * @var string
    204205     */
    205206    public $MessageID = '';
     
    208209     * The message Date to be used in the Date header.
    209210     * If empty, the current date will be added.
    210      * @type string
     211     * @var string
    211212     */
    212213    public $MessageDate = '';
     
    221222     * (e.g. "tls://smtp1.example.com:587;ssl://smtp2.example.com:465").
    222223     * Hosts will be tried in order.
    223      * @type string
     224     * @var string
    224225     */
    225226    public $Host = 'localhost';
     
    227228    /**
    228229     * The default SMTP server port.
    229      * @type integer
     230     * @var integer
    230231     * @TODO Why is this needed when the SMTP class takes care of it?
    231232     */
     
    234235    /**
    235236     * The SMTP HELO of the message.
    236      * Default is $Hostname.
    237      * @type string
     237     * Default is $Hostname. If $Hostname is empty, PHPMailer attempts to find
     238     * one with the same method described above for $Hostname.
     239     * @var string
    238240     * @see PHPMailer::$Hostname
    239241     */
     
    243245     * What kind of encryption to use on the SMTP connection.
    244246     * Options: '', 'ssl' or 'tls'
    245      * @type string
     247     * @var string
    246248     */
    247249    public $SMTPSecure = '';
     
    251253     * even if `SMTPSecure` is not set to 'tls'.
    252254     * Be aware that in PHP >= 5.6 this requires that the server's certificates are valid.
    253      * @type boolean
     255     * @var boolean
    254256     */
    255257    public $SMTPAutoTLS = true;
     
    258260     * Whether to use SMTP authentication.
    259261     * Uses the Username and Password properties.
    260      * @type boolean
     262     * @var boolean
    261263     * @see PHPMailer::$Username
    262264     * @see PHPMailer::$Password
     
    266268    /**
    267269     * Options array passed to stream_context_create when connecting via SMTP.
    268      * @type array
     270     * @var array
    269271     */
    270272    public $SMTPOptions = array();
     
    272274    /**
    273275     * SMTP username.
    274      * @type string
     276     * @var string
    275277     */
    276278    public $Username = '';
     
    278280    /**
    279281     * SMTP password.
    280      * @type string
     282     * @var string
    281283     */
    282284    public $Password = '';
     
    285287     * SMTP auth type.
    286288     * Options are LOGIN (default), PLAIN, NTLM, CRAM-MD5
    287      * @type string
     289     * @var string
    288290     */
    289291    public $AuthType = '';
     
    292294     * SMTP realm.
    293295     * Used for NTLM auth
    294      * @type string
     296     * @var string
    295297     */
    296298    public $Realm = '';
     
    299301     * SMTP workstation.
    300302     * Used for NTLM auth
    301      * @type string
     303     * @var string
    302304     */
    303305    public $Workstation = '';
     
    306308     * The SMTP server timeout in seconds.
    307309     * Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2
    308      * @type integer
     310     * @var integer
    309311     */
    310312    public $Timeout = 300;
     
    319321     * * `3` As 2 plus connection status
    320322     * * `4` Low-level data output
    321      * @type integer
     323     * @var integer
    322324     * @see SMTP::$do_debug
    323325     */
     
    335337     * $mail->Debugoutput = function($str, $level) {echo "debug level $level; message: $str";};
    336338     * </code>
    337      * @type string|callable
     339     * @var string|callable
    338340     * @see SMTP::$Debugoutput
    339341     */
     
    344346     * If this is set to true then to close the connection
    345347     * requires an explicit call to smtpClose().
    346      * @type boolean
     348     * @var boolean
    347349     */
    348350    public $SMTPKeepAlive = false;
     
    351353     * Whether to split multiple to addresses into multiple messages
    352354     * or send them all in one message.
    353      * @type boolean
     355     * @var boolean
    354356     */
    355357    public $SingleTo = false;
     
    357359    /**
    358360     * Storage for addresses when SingleTo is enabled.
    359      * @type array
     361     * @var array
    360362     * @TODO This should really not be public
    361363     */
     
    365367     * Whether to generate VERP addresses on send.
    366368     * Only applicable when sending via SMTP.
    367      * @link http://en.wikipedia.org/wiki/Variable_envelope_return_path
     369     * @link https://en.wikipedia.org/wiki/Variable_envelope_return_path
    368370     * @link http://www.postfix.org/VERP_README.html Postfix VERP info
    369      * @type boolean
     371     * @var boolean
    370372     */
    371373    public $do_verp = false;
     
    373375    /**
    374376     * Whether to allow sending messages with an empty body.
    375      * @type boolean
     377     * @var boolean
    376378     */
    377379    public $AllowEmpty = false;
     
    381383     * @note The default remains "\n". We force CRLF where we know
    382384     *        it must be used via self::CRLF.
    383      * @type string
     385     * @var string
    384386     */
    385387    public $LE = "\n";
     
    387389    /**
    388390     * DKIM selector.
    389      * @type string
     391     * @var string
    390392     */
    391393    public $DKIM_selector = '';
     
    394396     * DKIM Identity.
    395397     * Usually the email address used as the source of the email
    396      * @type string
     398     * @var string
    397399     */
    398400    public $DKIM_identity = '';
     
    401403     * DKIM passphrase.
    402404     * Used if your key is encrypted.
    403      * @type string
     405     * @var string
    404406     */
    405407    public $DKIM_passphrase = '';
     
    408410     * DKIM signing domain name.
    409411     * @example 'example.com'
    410      * @type string
     412     * @var string
    411413     */
    412414    public $DKIM_domain = '';
     
    414416    /**
    415417     * DKIM private key file path.
    416      * @type string
     418     * @var string
    417419     */
    418420    public $DKIM_private = '';
     
    434436     *   string  $body          the email body
    435437     *   string  $from          email address of sender
    436      * @type string
     438     * @var string
    437439     */
    438440    public $action_function = '';
     
    441443     * What to put in the X-Mailer header.
    442444     * Options: An empty string for PHPMailer default, whitespace for none, or a string to use
    443      * @type string
     445     * @var string
    444446     */
    445447    public $XMailer = '';
     
    447449    /**
    448450     * An instance of the SMTP sender class.
    449      * @type SMTP
     451     * @var SMTP
    450452     * @access protected
    451453     */
     
    453455
    454456    /**
    455      * The array of 'to' addresses.
    456      * @type array
     457     * The array of 'to' names and addresses.
     458     * @var array
    457459     * @access protected
    458460     */
     
    460462
    461463    /**
    462      * The array of 'cc' addresses.
    463      * @type array
     464     * The array of 'cc' names and addresses.
     465     * @var array
    464466     * @access protected
    465467     */
     
    467469
    468470    /**
    469      * The array of 'bcc' addresses.
    470      * @type array
     471     * The array of 'bcc' names and addresses.
     472     * @var array
    471473     * @access protected
    472474     */
     
    475477    /**
    476478     * The array of reply-to names and addresses.
    477      * @type array
     479     * @var array
    478480     * @access protected
    479481     */
     
    483485     * An array of all kinds of addresses.
    484486     * Includes all of $to, $cc, $bcc
    485      * @type array
     487     * @var array
    486488     * @access protected
     489     * @see PHPMailer::$to @see PHPMailer::$cc @see PHPMailer::$bcc
    487490     */
    488491    protected $all_recipients = array();
    489492
    490493    /**
     494     * An array of names and addresses queued for validation.
     495     * In send(), valid and non duplicate entries are moved to $all_recipients
     496     * and one of $to, $cc, or $bcc.
     497     * This array is used only for addresses with IDN.
     498     * @var array
     499     * @access protected
     500     * @see PHPMailer::$to @see PHPMailer::$cc @see PHPMailer::$bcc
     501     * @see PHPMailer::$all_recipients
     502     */
     503    protected $RecipientsQueue = array();
     504
     505    /**
     506     * An array of reply-to names and addresses queued for validation.
     507     * In send(), valid and non duplicate entries are moved to $ReplyTo.
     508     * This array is used only for addresses with IDN.
     509     * @var array
     510     * @access protected
     511     * @see PHPMailer::$ReplyTo
     512     */
     513    protected $ReplyToQueue = array();
     514
     515    /**
    491516     * The array of attachments.
    492      * @type array
     517     * @var array
    493518     * @access protected
    494519     */
     
    497522    /**
    498523     * The array of custom headers.
    499      * @type array
     524     * @var array
    500525     * @access protected
    501526     */
     
    504529    /**
    505530     * The most recent Message-ID (including angular brackets).
    506      * @type string
     531     * @var string
    507532     * @access protected
    508533     */
     
    511536    /**
    512537     * The message's MIME type.
    513      * @type string
     538     * @var string
    514539     * @access protected
    515540     */
     
    518543    /**
    519544     * The array of MIME boundary strings.
    520      * @type array
     545     * @var array
    521546     * @access protected
    522547     */
     
    525550    /**
    526551     * The array of available languages.
    527      * @type array
     552     * @var array
    528553     * @access protected
    529554     */
     
    532557    /**
    533558     * The number of errors encountered.
    534      * @type integer
     559     * @var integer
    535560     * @access protected
    536561     */
     
    539564    /**
    540565     * The S/MIME certificate file path.
    541      * @type string
     566     * @var string
    542567     * @access protected
    543568     */
     
    546571    /**
    547572     * The S/MIME key file path.
    548      * @type string
     573     * @var string
    549574     * @access protected
    550575     */
     
    553578    /**
    554579     * The optional S/MIME extra certificates ("CA Chain") file path.
    555      * @type string
     580     * @var string
    556581     * @access protected
    557582     */
     
    561586     * The S/MIME password for the key.
    562587     * Used only if the key is encrypted.
    563      * @type string
     588     * @var string
    564589     * @access protected
    565590     */
     
    568593    /**
    569594     * Whether to throw exceptions for errors.
    570      * @type boolean
     595     * @var boolean
    571596     * @access protected
    572597     */
     
    575600    /**
    576601     * Unique ID used for message ID and boundaries.
    577      * @type string
     602     * @var string
    578603     * @access protected
    579604     */
     
    602627    /**
    603628     * The maximum line length allowed by RFC 2822 section 2.1.1
    604      * @type integer
     629     * @var integer
    605630     */
    606631    const MAX_LINE_LENGTH = 998;
     
    764789    /**
    765790     * Add a "To" address.
    766      * @param string $address
     791     * @param string $address The email address to send to
    767792     * @param string $name
    768      * @return boolean true on success, false if address already used
     793     * @return boolean true on success, false if address already used or invalid in some way
    769794     */
    770795    public function addAddress($address, $name = '')
    771796    {
    772         return $this->addAnAddress('to', $address, $name);
     797        return $this->addOrEnqueueAnAddress('to', $address, $name);
    773798    }
    774799
     
    776801     * Add a "CC" address.
    777802     * @note: This function works with the SMTP mailer on win32, not with the "mail" mailer.
    778      * @param string $address
     803     * @param string $address The email address to send to
    779804     * @param string $name
    780      * @return boolean true on success, false if address already used
     805     * @return boolean true on success, false if address already used or invalid in some way
    781806     */
    782807    public function addCC($address, $name = '')
    783808    {
    784         return $this->addAnAddress('cc', $address, $name);
     809        return $this->addOrEnqueueAnAddress('cc', $address, $name);
    785810    }
    786811
     
    788813     * Add a "BCC" address.
    789814     * @note: This function works with the SMTP mailer on win32, not with the "mail" mailer.
    790      * @param string $address
     815     * @param string $address The email address to send to
    791816     * @param string $name
    792      * @return boolean true on success, false if address already used
     817     * @return boolean true on success, false if address already used or invalid in some way
    793818     */
    794819    public function addBCC($address, $name = '')
    795820    {
    796         return $this->addAnAddress('bcc', $address, $name);
    797     }
    798 
    799     /**
    800      * Add a "Reply-to" address.
    801      * @param string $address
     821        return $this->addOrEnqueueAnAddress('bcc', $address, $name);
     822    }
     823
     824    /**
     825     * Add a "Reply-To" address.
     826     * @param string $address The email address to reply to
    802827     * @param string $name
    803      * @return boolean
     828     * @return boolean true on success, false if address already used or invalid in some way
    804829     */
    805830    public function addReplyTo($address, $name = '')
    806831    {
    807         return $this->addAnAddress('Reply-To', $address, $name);
    808     }
    809 
    810     /**
    811      * Add an address to one of the recipient arrays.
    812      * Addresses that have been added already return false, but do not throw exceptions
    813      * @param string $kind One of 'to', 'cc', 'bcc', 'ReplyTo'
    814      * @param string $address The email address to send to
     832        return $this->addOrEnqueueAnAddress('Reply-To', $address, $name);
     833    }
     834
     835    /**
     836     * Add an address to one of the recipient arrays or to the ReplyTo array. Because PHPMailer
     837     * can't validate addresses with an IDN without knowing the PHPMailer::$CharSet (that can still
     838     * be modified after calling this function), addition of such addresses is delayed until send().
     839     * Addresses that have been added already return false, but do not throw exceptions.
     840     * @param string $kind One of 'to', 'cc', 'bcc', or 'ReplyTo'
     841     * @param string $address The email address to send, resp. to reply to
    815842     * @param string $name
    816843     * @throws phpmailerException
     
    818845     * @access protected
    819846     */
    820     protected function addAnAddress($kind, $address, $name = '')
    821     {
    822         if (!preg_match('/^(to|cc|bcc|Reply-To)$/', $kind)) {
    823             $this->setError($this->lang('Invalid recipient array') . ': ' . $kind);
    824             $this->edebug($this->lang('Invalid recipient array') . ': ' . $kind);
    825             if ($this->exceptions) {
    826                 throw new phpmailerException('Invalid recipient array: ' . $kind);
    827             }
    828             return false;
    829         }
     847    protected function addOrEnqueueAnAddress($kind, $address, $name)
     848    {
    830849        $address = trim($address);
    831850        $name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim
     851        if (($pos = strrpos($address, '@')) === false) {
     852            // At-sign is misssing.
     853            $error_message = $this->lang('invalid_address') . $address;
     854            $this->setError($error_message);
     855            $this->edebug($error_message);
     856            if ($this->exceptions) {
     857                throw new phpmailerException($error_message);
     858            }
     859            return false;
     860        }
     861        $params = array($kind, $address, $name);
     862        // Enqueue addresses with IDN until we know the PHPMailer::$CharSet.
     863        if ($this->has8bitChars(substr($address, ++$pos)) and $this->idnSupported()) {
     864            if ($kind != 'Reply-To') {
     865                if (!array_key_exists($address, $this->RecipientsQueue)) {
     866                    $this->RecipientsQueue[$address] = $params;
     867                    return true;
     868                }
     869            } else {
     870                if (!array_key_exists($address, $this->ReplyToQueue)) {
     871                    $this->ReplyToQueue[$address] = $params;
     872                    return true;
     873                }
     874            }
     875            return false;
     876        }
     877        // Immediately add standard addresses without IDN.
     878        return call_user_func_array(array($this, 'addAnAddress'), $params);
     879    }
     880
     881    /**
     882     * Add an address to one of the recipient arrays or to the ReplyTo array.
     883     * Addresses that have been added already return false, but do not throw exceptions.
     884     * @param string $kind One of 'to', 'cc', 'bcc', or 'ReplyTo'
     885     * @param string $address The email address to send, resp. to reply to
     886     * @param string $name
     887     * @throws phpmailerException
     888     * @return boolean true on success, false if address already used or invalid in some way
     889     * @access protected
     890     */
     891    protected function addAnAddress($kind, $address, $name = '')
     892    {
     893        if (!in_array($kind, array('to', 'cc', 'bcc', 'Reply-To'))) {
     894            $error_message = $this->lang('Invalid recipient kind: ') . $kind;
     895            $this->setError($error_message);
     896            $this->edebug($error_message);
     897            if ($this->exceptions) {
     898                throw new phpmailerException($error_message);
     899            }
     900            return false;
     901        }
    832902        if (!$this->validateAddress($address)) {
    833             $this->setError($this->lang('invalid_address') . ': ' . $address);
    834             $this->edebug($this->lang('invalid_address') . ': ' . $address);
     903            $error_message = $this->lang('invalid_address') . $address;
     904            $this->setError($error_message);
     905            $this->edebug($error_message);
    835906            if ($this->exceptions) {
    836                 throw new phpmailerException($this->lang('invalid_address') . ': ' . $address);
     907                throw new phpmailerException($error_message);
    837908            }
    838909            return false;
    839910        }
    840911        if ($kind != 'Reply-To') {
    841             if (!isset($this->all_recipients[strtolower($address)])) {
     912            if (!array_key_exists(strtolower($address), $this->all_recipients)) {
    842913                array_push($this->$kind, array($address, $name));
    843914                $this->all_recipients[strtolower($address)] = true;
     
    865936        $address = trim($address);
    866937        $name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim
    867         if (!$this->validateAddress($address)) {
    868             $this->setError($this->lang('invalid_address') . ': ' . $address);
    869             $this->edebug($this->lang('invalid_address') . ': ' . $address);
     938        // Don't validate now addresses with IDN. Will be done in send().
     939        if (($pos = strrpos($address, '@')) === false or
     940            (!$this->has8bitChars(substr($address, ++$pos)) or !$this->idnSupported()) and
     941            !$this->validateAddress($address)) {
     942            $error_message = $this->lang('invalid_address') . $address;
     943            $this->setError($error_message);
     944            $this->edebug($error_message);
    870945            if ($this->exceptions) {
    871                 throw new phpmailerException($this->lang('invalid_address') . ': ' . $address);
     946                throw new phpmailerException($error_message);
    872947            }
    873948            return false;
     
    899974     * @param string $address The email address to check
    900975     * @param string $patternselect A selector for the validation pattern to use :
    901      * * `auto` Pick strictest one automatically;
     976     * * `auto` Pick best pattern automatically;
    902977     * * `pcre8` Use the squiloople.com pattern, requires PCRE > 8.0, PHP >= 5.3.2, 5.2.14;
    903978     * * `pcre` Use old PCRE implementation;
    904      * * `php` Use PHP built-in FILTER_VALIDATE_EMAIL; same as pcre8 but does not allow 'dotless' domains;
     979     * * `php` Use PHP built-in FILTER_VALIDATE_EMAIL;
    905980     * * `html5` Use the pattern given by the HTML5 spec for 'email' type form input elements.
    906981     * * `noregex` Don't use a regex: super fast, really dumb.
     
    911986    public static function validateAddress($address, $patternselect = 'auto')
    912987    {
     988        //Reject line breaks in addresses; it's valid RFC5322, but not RFC5321
     989        if (strpos($address, "\n") !== false or strpos($address, "\r") !== false) {
     990            return false;
     991        }
    913992        if (!$patternselect or $patternselect == 'auto') {
    914993            //Check this constant first so it works when extension_loaded() is disabled by safe mode
     
    9911070
    9921071    /**
     1072     * Tells whether IDNs (Internationalized Domain Names) are supported or not. This requires the
     1073     * "intl" and "mbstring" PHP extensions.
     1074     * @return bool "true" if required functions for IDN support are present
     1075     */
     1076    public function idnSupported()
     1077    {
     1078        // @TODO: Write our own "idn_to_ascii" function for PHP <= 5.2.
     1079        return function_exists('idn_to_ascii') and function_exists('mb_convert_encoding');
     1080    }
     1081
     1082    /**
     1083     * Converts IDN in given email address to its ASCII form, also known as punycode, if possible.
     1084     * Important: Address must be passed in same encoding as currently set in PHPMailer::$CharSet.
     1085     * This function silently returns unmodified address if:
     1086     * - No conversion is necessary (i.e. domain name is not an IDN, or is already in ASCII form)
     1087     * - Conversion to punycode is impossible (e.g. required PHP functions are not available)
     1088     *   or fails for any reason (e.g. domain has characters not allowed in an IDN)
     1089     * @see PHPMailer::$CharSet
     1090     * @param string $address The email address to convert
     1091     * @return string The encoded address in ASCII form
     1092     */
     1093    public function punyencodeAddress($address)
     1094    {
     1095        // Verify we have required functions, CharSet, and at-sign.
     1096        if ($this->idnSupported() and
     1097            !empty($this->CharSet) and
     1098            ($pos = strrpos($address, '@')) !== false) {
     1099            $domain = substr($address, ++$pos);
     1100            // Verify CharSet string is a valid one, and domain properly encoded in this CharSet.
     1101            if ($this->has8bitChars($domain) and @mb_check_encoding($domain, $this->CharSet)) {
     1102                $domain = mb_convert_encoding($domain, 'UTF-8', $this->CharSet);
     1103                if (($punycode = defined('INTL_IDNA_VARIANT_UTS46') ?
     1104                    idn_to_ascii($domain, 0, INTL_IDNA_VARIANT_UTS46) :
     1105                    idn_to_ascii($domain)) !== false) {
     1106                    return substr($address, 0, $pos) . $punycode;
     1107                }
     1108            }
     1109        }
     1110        return $address;
     1111    }
     1112
     1113    /**
    9931114     * Create a message and send it.
    9941115     * Uses the sending method specified by $Mailer.
     
    10211142    {
    10221143        try {
     1144            $this->error_count = 0; // Reset errors
    10231145            $this->mailHeader = '';
     1146
     1147            // Dequeue recipient and Reply-To addresses with IDN
     1148            foreach (array_merge($this->RecipientsQueue, $this->ReplyToQueue) as $params) {
     1149                $params[1] = $this->punyencodeAddress($params[1]);
     1150                call_user_func_array(array($this, 'addAnAddress'), $params);
     1151            }
    10241152            if ((count($this->to) + count($this->cc) + count($this->bcc)) < 1) {
    10251153                throw new phpmailerException($this->lang('provide_address'), self::STOP_CRITICAL);
     1154            }
     1155
     1156            // Validate From, Sender, and ConfirmReadingTo addresses
     1157            foreach (array('From', 'Sender', 'ConfirmReadingTo') as $address_kind) {
     1158                $this->$address_kind = trim($this->$address_kind);
     1159                if (empty($this->$address_kind)) {
     1160                    continue;
     1161                }
     1162                $this->$address_kind = $this->punyencodeAddress($this->$address_kind);
     1163                if (!$this->validateAddress($this->$address_kind)) {
     1164                    $error_message = $this->lang('invalid_address') . $this->$address_kind;
     1165                    $this->setError($error_message);
     1166                    $this->edebug($error_message);
     1167                    if ($this->exceptions) {
     1168                        throw new phpmailerException($error_message);
     1169                    }
     1170                    return false;
     1171                }
    10261172            }
    10271173
     
    10311177            }
    10321178
    1033             $this->error_count = 0; // Reset errors
    10341179            $this->setMessageType();
    10351180            // Refuse to send an empty message unless we are specifically allowing it
     
    11721317            fputs($mail, $body);
    11731318            $result = pclose($mail);
    1174             $this->doCallback(($result == 0), $this->to, $this->cc, $this->bcc, $this->Subject, $body, $this->From);
     1319            $this->doCallback(
     1320                ($result == 0),
     1321                $this->to,
     1322                $this->cc,
     1323                $this->bcc,
     1324                $this->Subject,
     1325                $body,
     1326                $this->From
     1327            );
    11751328            if ($result != 0) {
    11761329                throw new phpmailerException($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL);
     
    14591612            'from_failed' => 'The following From address failed: ',
    14601613            'instantiate' => 'Could not instantiate mail function.',
    1461             'invalid_address' => 'Invalid address',
     1614            'invalid_address' => 'Invalid address: ',
    14621615            'mailer_not_supported' => ' mailer is not supported.',
    14631616            'provide_address' => 'You must provide at least one recipient email address.',
     
    17241877        $result .= $this->headerLine('Date', $this->MessageDate);
    17251878
    1726 
    17271879        // To be created automatically by mail()
    17281880        if ($this->SingleTo) {
     
    17701922            $this->lastMessageID = $this->MessageID;
    17711923        } else {
    1772             $this->lastMessageID = sprintf('<%s@%s>', $this->uniqueid, $this->ServerHostname());
     1924            $this->lastMessageID = sprintf('<%s@%s>', $this->uniqueid, $this->serverHostname());
    17731925        }
    17741926        $result .= $this->headerLine('Message-ID', $this->lastMessageID);
    1775         $result .= $this->headerLine('X-Priority', $this->Priority);
     1927        if (!is_null($this->Priority)) {
     1928            $result .= $this->headerLine('X-Priority', $this->Priority);
     1929        }
    17761930        if ($this->XMailer == '') {
    17771931            $result .= $this->headerLine(
    17781932                'X-Mailer',
    1779                 'PHPMailer ' . $this->Version . ' (https://github.com/PHPMailer/PHPMailer/)'
     1933                'PHPMailer ' . $this->Version . ' (https://github.com/PHPMailer/PHPMailer)'
    17801934            );
    17811935        } else {
     
    17871941
    17881942        if ($this->ConfirmReadingTo != '') {
    1789             $result .= $this->headerLine('Disposition-Notification-To', '<' . trim($this->ConfirmReadingTo) . '>');
     1943            $result .= $this->headerLine('Disposition-Notification-To', '<' . $this->ConfirmReadingTo . '>');
    17901944        }
    17911945
     
    22672421                $disposition = $attachment[6];
    22682422                $cid = $attachment[7];
    2269                 if ($disposition == 'inline' && isset($cidUniq[$cid])) {
     2423                if ($disposition == 'inline' && array_key_exists($cid, $cidUniq)) {
    22702424                    continue;
    22712425                }
     
    22732427
    22742428                $mime[] = sprintf('--%s%s', $boundary, $this->LE);
    2275                 $mime[] = sprintf(
    2276                     'Content-Type: %s; name="%s"%s',
    2277                     $type,
    2278                     $this->encodeHeader($this->secureHeader($name)),
    2279                     $this->LE
    2280                 );
     2429                //Only include a filename property if we have one
     2430                if (!empty($name)) {
     2431                    $mime[] = sprintf(
     2432                        'Content-Type: %s; name="%s"%s',
     2433                        $type,
     2434                        $this->encodeHeader($this->secureHeader($name)),
     2435                        $this->LE
     2436                    );
     2437                } else {
     2438                    $mime[] = sprintf(
     2439                        'Content-Type: %s%s',
     2440                        $type,
     2441                        $this->LE
     2442                    );
     2443                }
    22812444                // RFC1341 part 5 says 7bit is assumed if not specified
    22822445                if ($encoding != '7bit') {
     
    23022465                        );
    23032466                    } else {
    2304                         $mime[] = sprintf(
    2305                             'Content-Disposition: %s; filename=%s%s',
    2306                             $disposition,
    2307                             $encoded_name,
    2308                             $this->LE . $this->LE
    2309                         );
     2467                        if (!empty($encoded_name)) {
     2468                            $mime[] = sprintf(
     2469                                'Content-Disposition: %s; filename=%s%s',
     2470                                $disposition,
     2471                                $encoded_name,
     2472                                $this->LE . $this->LE
     2473                            );
     2474                        } else {
     2475                            $mime[] = sprintf(
     2476                                'Content-Disposition: %s%s',
     2477                                $disposition,
     2478                                $this->LE . $this->LE
     2479                            );
     2480                        }
    23102481                    }
    23112482                } else {
     
    23412512     * @param string $encoding The encoding to use; one of 'base64', '7bit', '8bit', 'binary', 'quoted-printable'
    23422513     * @throws phpmailerException
    2343      * @see EncodeFile(encodeFile
    23442514     * @access protected
    23452515     * @return string
     
    25612731        // Use native function if it's available (>= PHP5.3)
    25622732        if (function_exists('quoted_printable_encode')) {
    2563             return $this->fixEOL(quoted_printable_encode($string));
     2733            return quoted_printable_encode($string);
    25642734        }
    25652735        // Fall back to a pure PHP implementation
     
    25692739            rawurlencode($string)
    25702740        );
    2571         $string = preg_replace('/[^\r\n]{' . ($line_max - 3) . '}[^=\r\n]{2}/', "$0=\r\n", $string);
    2572         return $this->fixEOL($string);
     2741        return preg_replace('/[^\r\n]{' . ($line_max - 3) . '}[^=\r\n]{2}/', "$0=\r\n", $string);
    25732742    }
    25742743
     
    26392808    }
    26402809
    2641 
    26422810    /**
    26432811     * Add a string or binary attachment (non-filesystem).
     
    27452913    ) {
    27462914        // If a MIME type is not specified, try to work it out from the name
    2747         if ($type == '') {
     2915        if ($type == '' and !empty($name)) {
    27482916            $type = self::filenameToType($name);
    27492917        }
     
    28022970
    28032971    /**
     2972     * Clear queued addresses of given kind.
     2973     * @access protected
     2974     * @param string $kind 'to', 'cc', or 'bcc'
     2975     * @return void
     2976     */
     2977    public function clearQueuedAddresses($kind)
     2978    {
     2979        $RecipientsQueue = $this->RecipientsQueue;
     2980        foreach ($RecipientsQueue as $address => $params) {
     2981            if ($params[0] == $kind) {
     2982                unset($this->RecipientsQueue[$address]);
     2983            }
     2984        }
     2985    }
     2986
     2987    /**
    28042988     * Clear all To recipients.
    28052989     * @return void
     
    28112995        }
    28122996        $this->to = array();
     2997        $this->clearQueuedAddresses('to');
    28132998    }
    28142999
     
    28233008        }
    28243009        $this->cc = array();
     3010        $this->clearQueuedAddresses('cc');
    28253011    }
    28263012
     
    28353021        }
    28363022        $this->bcc = array();
     3023        $this->clearQueuedAddresses('bcc');
    28373024    }
    28383025
     
    28443031    {
    28453032        $this->ReplyTo = array();
     3033        $this->ReplyToQueue = array();
    28463034    }
    28473035
     
    28563044        $this->bcc = array();
    28573045        $this->all_recipients = array();
     3046        $this->RecipientsQueue = array();
    28583047    }
    28593048
     
    30123201
    30133202    /**
    3014      * Returns all custom headers
    3015      *
     3203     * Returns all custom headers.
    30163204     * @return array
    30173205     */
     
    30303218     * @param string $basedir baseline directory for path
    30313219     * @param boolean|callable $advanced Whether to use the internal HTML to text converter
    3032      *    or your own custom converter @see html2text()
     3220     *    or your own custom converter @see PHPMailer::html2text()
    30333221     * @return string $message
    30343222     */
     
    30363224    {
    30373225        preg_match_all('/(src|background)=["\'](.*)["\']/Ui', $message, $images);
    3038         if (isset($images[2])) {
     3226        if (array_key_exists(2, $images)) {
    30393227            foreach ($images[2] as $imgindex => $url) {
    30403228                // Convert data URIs into embedded images
     
    30473235                    }
    30483236                    $cid = md5($url) . '@phpmailer.0'; // RFC2392 S 2
    3049                     if ($this->addStringEmbeddedImage($data, $cid, '', 'base64', $match[1])) {
     3237                    if ($this->addStringEmbeddedImage($data, $cid, 'embed' . $imgindex, 'base64', $match[1])) {
    30503238                        $message = str_replace(
    30513239                            $images[0][$imgindex],
     
    30543242                        );
    30553243                    }
    3056                 } elseif (!preg_match('#^[A-z]+://#', $url)) {
     3244                } elseif (substr($url, 0, 4) !== 'cid:' && !preg_match('#^[A-z]+://#', $url)) {
    30573245                    // Do not change urls for absolute images (thanks to corvuscorax)
     3246                    // Do not change urls that are already inline images
    30583247                    $filename = basename($url);
    30593248                    $directory = dirname($url);
     
    31453334            'doc'   => 'application/msword',
    31463335            'word'  => 'application/msword',
     3336            'xlsx'  => 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
     3337            'xltx'  => 'application/vnd.openxmlformats-officedocument.spreadsheetml.template',
     3338            'potx'  => 'application/vnd.openxmlformats-officedocument.presentationml.template',
     3339            'ppsx'  => 'application/vnd.openxmlformats-officedocument.presentationml.slideshow',
     3340            'pptx'  => 'application/vnd.openxmlformats-officedocument.presentationml.presentation',
     3341            'sldx'  => 'application/vnd.openxmlformats-officedocument.presentationml.slide',
     3342            'docx'  => 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
     3343            'dotx'  => 'application/vnd.openxmlformats-officedocument.wordprocessingml.template',
     3344            'xlam'  => 'application/vnd.ms-excel.addin.macroEnabled.12',
     3345            'xlsb'  => 'application/vnd.ms-excel.sheet.binary.macroEnabled.12',
    31473346            'class' => 'application/octet-stream',
    31483347            'dll'   => 'application/octet-stream',
     
    33493548    }
    33503549
    3351 
    33523550    /**
    33533551     * Set the public and private key files and password for S/MIME signing.
     
    35183716            "\tb=";
    35193717        $toSign = $this->DKIM_HeaderC(
    3520             $from_header . "\r\n" . $to_header . "\r\n" . $subject_header . "\r\n" . $dkimhdrs
     3718            $from_header . "\r\n" .
     3719            $to_header . "\r\n" .
     3720            $subject_header . "\r\n" .
     3721            $dkimhdrs
    35213722        );
    35223723        $signed = $this->DKIM_Sign($toSign);
     
    35383739    /**
    35393740     * Allows for public read access to 'to' property.
     3741     * @note: Before the send() call, queued addresses (i.e. with IDN) are not yet included.
    35403742     * @access public
    35413743     * @return array
     
    35483750    /**
    35493751     * Allows for public read access to 'cc' property.
     3752     * @note: Before the send() call, queued addresses (i.e. with IDN) are not yet included.
    35503753     * @access public
    35513754     * @return array
     
    35583761    /**
    35593762     * Allows for public read access to 'bcc' property.
     3763     * @note: Before the send() call, queued addresses (i.e. with IDN) are not yet included.
    35603764     * @access public
    35613765     * @return array
     
    35683772    /**
    35693773     * Allows for public read access to 'ReplyTo' property.
     3774     * @note: Before the send() call, queued addresses (i.e. with IDN) are not yet included.
    35703775     * @access public
    35713776     * @return array
     
    35783783    /**
    35793784     * Allows for public read access to 'all_recipients' property.
     3785     * @note: Before the send() call, queued addresses (i.e. with IDN) are not yet included.
    35803786     * @access public
    35813787     * @return array
  • trunk/src/wp-includes/class-smtp.php

    r33124 r36083  
    2929    /**
    3030     * The PHPMailer SMTP version number.
    31      * @type string
    32      */
    33     const VERSION = '5.2.10';
     31     * @var string
     32     */
     33    const VERSION = '5.2.14';
    3434
    3535    /**
    3636     * SMTP line break constant.
    37      * @type string
     37     * @var string
    3838     */
    3939    const CRLF = "\r\n";
     
    4141    /**
    4242     * The SMTP port to use if one is not specified.
    43      * @type integer
     43     * @var integer
    4444     */
    4545    const DEFAULT_SMTP_PORT = 25;
     
    4747    /**
    4848     * The maximum line length allowed by RFC 2822 section 2.1.1
    49      * @type integer
     49     * @var integer
    5050     */
    5151    const MAX_LINE_LENGTH = 998;
     
    7878    /**
    7979     * The PHPMailer SMTP Version number.
    80      * @type string
     80     * @var string
    8181     * @deprecated Use the `VERSION` constant instead
    8282     * @see SMTP::VERSION
    8383     */
    84     public $Version = '5.2.10';
     84    public $Version = '5.2.14';
    8585
    8686    /**
    8787     * SMTP server port number.
    88      * @type integer
     88     * @var integer
    8989     * @deprecated This is only ever used as a default value, so use the `DEFAULT_SMTP_PORT` constant instead
    9090     * @see SMTP::DEFAULT_SMTP_PORT
     
    9494    /**
    9595     * SMTP reply line ending.
    96      * @type string
     96     * @var string
    9797     * @deprecated Use the `CRLF` constant instead
    9898     * @see SMTP::CRLF
     
    108108     * * self::DEBUG_CONNECTION (`3`) As DEBUG_SERVER plus connection status
    109109     * * self::DEBUG_LOWLEVEL (`4`) Low-level data output, all messages
    110      * @type integer
     110     * @var integer
    111111     */
    112112    public $do_debug = self::DEBUG_OFF;
     
    123123     * $smtp->Debugoutput = function($str, $level) {echo "debug level $level; message: $str";};
    124124     * </code>
    125      * @type string|callable
     125     * @var string|callable
    126126     */
    127127    public $Debugoutput = 'echo';
     
    131131     * @link http://en.wikipedia.org/wiki/Variable_envelope_return_path
    132132     * @link http://www.postfix.org/VERP_README.html Info on VERP
    133      * @type boolean
     133     * @var boolean
    134134     */
    135135    public $do_verp = false;
     
    140140     * This needs to be quite high to function correctly with hosts using greetdelay as an anti-spam measure.
    141141     * @link http://tools.ietf.org/html/rfc2821#section-4.5.3.2
    142      * @type integer
     142     * @var integer
    143143     */
    144144    public $Timeout = 300;
     
    147147     * How long to wait for commands to complete, in seconds.
    148148     * Default of 5 minutes (300sec) is from RFC2821 section 4.5.3.2
    149      * @type integer
     149     * @var integer
    150150     */
    151151    public $Timelimit = 300;
     
    153153    /**
    154154     * The socket for the server connection.
    155      * @type resource
     155     * @var resource
    156156     */
    157157    protected $smtp_conn;
     
    159159    /**
    160160     * Error information, if any, for the last SMTP command.
    161      * @type array
     161     * @var array
    162162     */
    163163    protected $error = array(
     
    171171     * The reply the server sent to us for HELO.
    172172     * If null, no HELO string has yet been received.
    173      * @type string|null
     173     * @var string|null
    174174     */
    175175    protected $helo_rply = null;
     
    182182     * Other values can be boolean TRUE or an array containing extension options.
    183183     * If null, no HELO/EHLO string has yet been received.
    184      * @type array|null
     184     * @var array|null
    185185     */
    186186    protected $server_caps = null;
     
    188188    /**
    189189     * The most recent reply received from the server.
    190      * @type string
     190     * @var string
    191191     */
    192192    protected $last_reply = '';
     
    352352     * Must be run after hello().
    353353     * @see hello()
    354      * @param string $username    The user name
    355      * @param string $password    The password
    356      * @param string $authtype    The auth type (PLAIN, LOGIN, NTLM, CRAM-MD5)
    357      * @param string $realm       The auth realm for NTLM
     354     * @param string $username The user name
     355     * @param string $password The password
     356     * @param string $authtype The auth type (PLAIN, LOGIN, NTLM, CRAM-MD5, XOAUTH2)
     357     * @param string $realm The auth realm for NTLM
    358358     * @param string $workstation The auth workstation for NTLM
    359      * @access public
    360      * @return boolean True if successfully authenticated.
     359     * @param null|OAuth $OAuth An optional OAuth instance (@see PHPMailerOAuth)
     360     * @return bool True if successfully authenticated.* @access public
    361361     */
    362362    public function authenticate(
     
    365365        $authtype = null,
    366366        $realm = '',
    367         $workstation = ''
     367        $workstation = '',
     368        $OAuth = null
    368369    ) {
    369370        if (!$this->server_caps) {
     
    674675        $this->server_caps = array();
    675676        $lines = explode("\n", $this->last_reply);
     677
    676678        foreach ($lines as $n => $s) {
     679            //First 4 chars contain response code followed by - or space
    677680            $s = trim(substr($s, 4));
    678             if (!$s) {
     681            if (empty($s)) {
    679682                continue;
    680683            }
     
    686689                } else {
    687690                    $name = array_shift($fields);
    688                     if ($name == 'SIZE') {
    689                         $fields = ($fields) ? $fields[0] : 0;
     691                    switch ($name) {
     692                        case 'SIZE':
     693                            $fields = ($fields ? $fields[0] : 0);
     694                            break;
     695                        case 'AUTH':
     696                            if (!is_array($fields)) {
     697                                $fields = array();
     698                            }
     699                            break;
     700                        default:
     701                            $fields = true;
    690702                    }
    691703                }
    692                 $this->server_caps[$name] = ($fields ? $fields : true);
     704                $this->server_caps[$name] = $fields;
    693705            }
    694706        }
     
    740752     * Returns true if the recipient was accepted false if it was rejected.
    741753     * Implements from rfc 821: RCPT <SP> TO:<forward-path> <CRLF>
    742      * @param string $toaddr The address the message is being sent to
    743      * @access public
    744      * @return boolean
    745      */
    746     public function recipient($toaddr)
     754     * @param string $address The address the message is being sent to
     755     * @access public
     756     * @return boolean
     757     */
     758    public function recipient($address)
    747759    {
    748760        return $this->sendCommand(
    749761            'RCPT TO',
    750             'RCPT TO:<' . $toaddr . '>',
     762            'RCPT TO:<' . $address . '>',
    751763            array(250, 251)
    752764        );
     
    767779    /**
    768780     * Send a command to an SMTP server and check its return code.
    769      * @param string $command       The command name - not sent to the server
     781     * @param string $command The command name - not sent to the server
    770782     * @param string $commandstring The actual command to send
    771      * @param integer|array $expect     One or more expected integer success codes
     783     * @param integer|array $expect One or more expected integer success codes
    772784     * @access protected
    773785     * @return boolean True on success.
     
    777789        if (!$this->connected()) {
    778790            $this->setError("Called $command without being connected");
     791            return false;
     792        }
     793        //Reject line breaks in all commands
     794        if (strpos($commandstring, "\n") !== false or strpos($commandstring, "\r") !== false) {
     795            $this->setError("Command '$command' contained line breaks");
    779796            return false;
    780797        }
     
    982999        while (is_resource($this->smtp_conn) && !feof($this->smtp_conn)) {
    9831000            $str = @fgets($this->smtp_conn, 515);
    984             $this->edebug("SMTP -> get_lines(): \$data was \"$data\"", self::DEBUG_LOWLEVEL);
    985             $this->edebug("SMTP -> get_lines(): \$str is \"$str\"", self::DEBUG_LOWLEVEL);
     1001            $this->edebug("SMTP -> get_lines(): \$data is \"$data\"", self::DEBUG_LOWLEVEL);
     1002            $this->edebug("SMTP -> get_lines(): \$str is  \"$str\"", self::DEBUG_LOWLEVEL);
    9861003            $data .= $str;
    987             $this->edebug("SMTP -> get_lines(): \$data is \"$data\"", self::DEBUG_LOWLEVEL);
    9881004            // If 4th character is a space, we are done reading, break the loop, micro-optimisation over strlen
    9891005            if ((isset($str[3]) and $str[3] == ' ')) {
Note: See TracChangeset for help on using the changeset viewer.