Changeset 49136
- Timestamp:
- 10/13/2020 01:58:15 PM (4 years ago)
- Location:
- trunk/src/wp-includes/PHPMailer
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/PHPMailer/Exception.php
r48033 r49136 10 10 * @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net> 11 11 * @author Brent R. Matzelle (original founder) 12 * @copyright 2012 - 20 17Marcus Bointon12 * @copyright 2012 - 2020 Marcus Bointon 13 13 * @copyright 2010 - 2012 Jim Jagielski 14 14 * @copyright 2004 - 2009 Andy Prevost -
trunk/src/wp-includes/PHPMailer/PHPMailer.php
r49034 r49136 10 10 * @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net> 11 11 * @author Brent R. Matzelle (original founder) 12 * @copyright 2012 - 20 19Marcus Bointon12 * @copyright 2012 - 2020 Marcus Bointon 13 13 * @copyright 2010 - 2012 Jim Jagielski 14 14 * @copyright 2004 - 2009 Andy Prevost … … 748 748 * @var string 749 749 */ 750 const VERSION = '6.1. 7';750 const VERSION = '6.1.8'; 751 751 752 752 /** … … 900 900 case 'error_log': 901 901 //Don't output, just log 902 /** @noinspection ForgottenDebugOutputInspection */ 902 903 error_log($str); 903 904 break; … … 1351 1352 * This is the pattern used in the HTML5 spec for validation of 'email' type form input elements. 1352 1353 * 1353 * @see http ://www.whatwg.org/specs/web-apps/current-work/#e-mail-state-(type=email)1354 * @see https://html.spec.whatwg.org/#e-mail-state-(type=email) 1354 1355 */ 1355 1356 return (bool) preg_match( … … 1612 1613 } 1613 1614 } catch (Exception $exc) { 1615 if ($this->Mailer === 'smtp' && $this->SMTPKeepAlive == true) { 1616 $this->smtp->reset(); 1617 } 1614 1618 $this->setError($exc->getMessage()); 1615 1619 $this->edebug($exc->getMessage()); … … 1753 1757 1754 1758 /** 1759 * Check whether a file path is safe, accessible, and readable. 1760 * 1761 * @param string $path A relative or absolute path to a file 1762 * 1763 * @return bool 1764 */ 1765 protected static function fileIsAccessible($path) 1766 { 1767 $readable = file_exists($path); 1768 //If not a UNC path (expected to start with \\), check read permission, see #2069 1769 if (strpos($path, '\\\\') !== 0) { 1770 $readable = $readable && is_readable($path); 1771 } 1772 return static::isPermittedPath($path) && $readable; 1773 } 1774 1775 /** 1755 1776 * Send mail using the PHP mail() function. 1756 1777 * … … 2005 2026 $host = $hostinfo[2]; 2006 2027 $port = $this->Port; 2007 if (array_key_exists(3, $hostinfo) && is_numeric($hostinfo[3]) && $hostinfo[3] > 0 && $hostinfo[3] < 65536) { 2028 if ( 2029 array_key_exists(3, $hostinfo) && 2030 is_numeric($hostinfo[3]) && 2031 $hostinfo[3] > 0 && 2032 $hostinfo[3] < 65536 2033 ) { 2008 2034 $port = (int) $hostinfo[3]; 2009 2035 } … … 2135 2161 if ('en' !== $langcode) { 2136 2162 // Make sure language file path is readable 2137 if (!static:: isPermittedPath($lang_file) || !file_exists($lang_file)) {2163 if (!static::fileIsAccessible($lang_file)) { 2138 2164 $foundlang = false; 2139 2165 } else { … … 2383 2409 $result .= $this->headerLine('Date', '' === $this->MessageDate ? self::rfcDate() : $this->MessageDate); 2384 2410 2385 // T o be created automatically by mail()2386 if ( $this->SingleTo) {2387 if ( 'mail' !== $this->Mailer) {2411 // The To header is created automatically by mail(), so needs to be omitted here 2412 if ('mail' !== $this->Mailer) { 2413 if ($this->SingleTo) { 2388 2414 foreach ($this->to as $toaddr) { 2389 2415 $this->SingleToArray[] = $this->addrFormat($toaddr); 2390 2416 } 2391 } 2392 } elseif (count($this->to) > 0) { 2393 if ('mail' !== $this->Mailer) { 2417 } elseif (count($this->to) > 0) { 2394 2418 $result .= $this->addrAppend('To', $this->to); 2395 } 2396 } elseif (count($this->cc) === 0) { 2397 $result .= $this->headerLine('To', 'undisclosed-recipients:;'); 2398 } 2399 2419 } elseif (count($this->cc) === 0) { 2420 $result .= $this->headerLine('To', 'undisclosed-recipients:;'); 2421 } 2422 } 2400 2423 $result .= $this->addrAppend('From', [[trim($this->From), $this->FromName]]); 2401 2424 … … 2952 2975 * @param string $name Overrides the attachment name 2953 2976 * @param string $encoding File encoding (see $Encoding) 2954 * @param string $type File extension (MIME) type2977 * @param string $type MIME type, e.g. `image/jpeg`; determined automatically from $path if not specified 2955 2978 * @param string $disposition Disposition to use 2956 2979 * … … 2967 2990 ) { 2968 2991 try { 2969 if (!static:: isPermittedPath($path) || !@is_file($path) || !is_readable($path)) {2992 if (!static::fileIsAccessible($path)) { 2970 2993 throw new Exception($this->lang('file_access') . $path, self::STOP_CONTINUE); 2971 2994 } … … 3141 3164 { 3142 3165 try { 3143 if (!static:: isPermittedPath($path) || !file_exists($path) || !is_readable($path)) {3166 if (!static::fileIsAccessible($path)) { 3144 3167 throw new Exception($this->lang('file_open') . $path, self::STOP_CONTINUE); 3145 3168 } … … 3527 3550 ) { 3528 3551 try { 3529 if (!static:: isPermittedPath($path) || !@is_file($path) || !is_readable($path)) {3552 if (!static::fileIsAccessible($path)) { 3530 3553 throw new Exception($this->lang('file_access') . $path, self::STOP_CONTINUE); 3531 3554 } … … 4218 4241 'tif' => 'image/tiff', 4219 4242 'webp' => 'image/webp', 4243 'avif' => 'image/avif', 4220 4244 'heif' => 'image/heif', 4221 4245 'heifs' => 'image/heif-sequence', -
trunk/src/wp-includes/PHPMailer/SMTP.php
r49034 r49136 10 10 * @author Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net> 11 11 * @author Brent R. Matzelle (original founder) 12 * @copyright 2012 - 20 19Marcus Bointon12 * @copyright 2012 - 2020 Marcus Bointon 13 13 * @copyright 2010 - 2012 Jim Jagielski 14 14 * @copyright 2004 - 2009 Andy Prevost … … 35 35 * @var string 36 36 */ 37 const VERSION = '6.1. 7';37 const VERSION = '6.1.8'; 38 38 39 39 /** … … 418 418 if (strpos(PHP_OS, 'WIN') !== 0) { 419 419 $max = (int)ini_get('max_execution_time'); 420 // Don't bother if unlimited 421 if (0 !== $max && $timeout > $max ) {420 // Don't bother if unlimited, or if set_time_limit is disabled 421 if (0 !== $max && $timeout > $max && strpos(ini_get('disable_functions'), 'set_time_limit') === false) { 422 422 @set_time_limit($timeout); 423 423 }
Note: See TracChangeset
for help on using the changeset viewer.