/**
* Tests this denial of service attack:
* https://sourceforge.net/p/phpmailer/bugs/383/
* According to the ticket, this should get stuck in a loop, though I can't make it happen.
*/
function test_DenialOfServiceAttack2()
{
//Encoding name longer than 68 chars
$this->Mail->Encoding = '1234567890123456789012345678901234567890123456789012345678901234567890';
//Call WrapText with a zero length value
$t = $this->Mail->WrapText(str_repeat('This should no longer cause a denial of service. ', 30), 0);
}
/**
* Sends an HTML email using the phpmailer class (and multipart/alternative to downgrade gracefully)
* Sender name and email can be specified, if not specified
* name and email of the platform admin are used
*
* @author Bert Vanderkimpen ICT&O UGent
* @author Yannick Warnier <*****@*****.**>
*
* @param string name of recipient
* @param string email of recipient
* @param string email subject
* @param string email body
* @param string sender name
* @param string sender e-mail
* @param array extra headers in form $headers = array($name => $value) to allow parsing
* @param array data file (path and filename)
* @param array data to attach a file (optional)
* @param bool True for attaching a embedded file inside content html (optional)
* @return returns true if mail was sent
* @see class.phpmailer.php
*/
function api_mail_html($recipient_name, $recipient_email, $subject, $message, $senderName = '', $senderEmail = '', $extra_headers = array(), $data_file = array(), $embedded_image = false, $additionalParameters = array())
{
global $platform_email;
$mail = new PHPMailer();
$mail->Mailer = $platform_email['SMTP_MAILER'];
$mail->Host = $platform_email['SMTP_HOST'];
$mail->Port = $platform_email['SMTP_PORT'];
$mail->CharSet = $platform_email['SMTP_CHARSET'];
// Stay far below SMTP protocol 980 chars limit.
$mail->WordWrap = 200;
if ($platform_email['SMTP_AUTH']) {
$mail->SMTPAuth = 1;
$mail->Username = $platform_email['SMTP_USER'];
$mail->Password = $platform_email['SMTP_PASS'];
}
// 5 = low, 1 = high
$mail->Priority = 3;
$mail->SMTPKeepAlive = true;
// Default values
$notification = new Notification();
$defaultEmail = $notification->getDefaultPlatformSenderEmail();
$defaultName = $notification->getDefaultPlatformSenderName();
// Error to admin.
$mail->AddCustomHeader('Errors-To: ' . $defaultEmail);
// If the parameter is set don't use the admin.
$senderName = !empty($senderName) ? $senderName : $defaultEmail;
$senderEmail = !empty($senderEmail) ? $senderEmail : $defaultName;
// Reply to first
if (isset($extra_headers['reply_to'])) {
$mail->AddReplyTo($extra_headers['reply_to']['mail'], $extra_headers['reply_to']['name']);
$mail->Sender = $extra_headers['reply_to']['mail'];
unset($extra_headers['reply_to']);
}
$mail->SetFrom($senderEmail, $senderName);
$mail->Subject = $subject;
$mail->AltBody = strip_tags(str_replace('<br />', "\n", api_html_entity_decode($message)));
// Send embedded image.
if ($embedded_image) {
// Get all images html inside content.
preg_match_all("/<img\\s+.*?src=[\"\\']?([^\"\\' >]*)[\"\\']?[^>]*>/i", $message, $m);
// Prepare new tag images.
$new_images_html = array();
$i = 1;
if (!empty($m[1])) {
foreach ($m[1] as $image_path) {
$real_path = realpath($image_path);
$filename = basename($image_path);
$image_cid = $filename . '_' . $i;
$encoding = 'base64';
$image_type = mime_content_type($real_path);
$mail->AddEmbeddedImage($real_path, $image_cid, $filename, $encoding, $image_type);
$new_images_html[] = '<img src="cid:' . $image_cid . '" />';
$i++;
}
}
// Replace origin image for new embedded image html.
$x = 0;
if (!empty($m[0])) {
foreach ($m[0] as $orig_img) {
$message = str_replace($orig_img, $new_images_html[$x], $message);
$x++;
}
}
}
$message = str_replace(array("\n\r", "\n", "\r"), '<br />', $message);
$mail->Body = '<html><head></head><body>' . $message . '</body></html>';
// Attachment ...
if (!empty($data_file)) {
$mail->AddAttachment($data_file['path'], $data_file['filename']);
}
// Only valid addresses are accepted.
if (is_array($recipient_email)) {
foreach ($recipient_email as $dest) {
if (api_valid_email($dest)) {
$mail->AddAddress($dest, $recipient_name);
}
}
} else {
if (api_valid_email($recipient_email)) {
$mail->AddAddress($recipient_email, $recipient_name);
} else {
return 0;
}
}
if (is_array($extra_headers) && count($extra_headers) > 0) {
foreach ($extra_headers as $key => $value) {
switch (strtolower($key)) {
case 'encoding':
case 'content-transfer-encoding':
$mail->Encoding = $value;
break;
case 'charset':
$mail->Charset = $value;
break;
case 'contenttype':
case 'content-type':
$mail->ContentType = $value;
break;
default:
$mail->AddCustomHeader($key . ':' . $value);
break;
}
}
} else {
if (!empty($extra_headers)) {
$mail->AddCustomHeader($extra_headers);
}
}
// WordWrap the html body (phpMailer only fixes AltBody) FS#2988
$mail->Body = $mail->WrapText($mail->Body, $mail->WordWrap);
// Send the mail message.
if (!$mail->Send()) {
error_log('ERROR: mail not sent to ' . $recipient_name . ' (' . $recipient_email . ') because of ' . $mail->ErrorInfo . '<br />');
return 0;
}
$plugin = new AppPlugin();
$installedPluginsList = $plugin->getInstalledPluginListObject();
foreach ($installedPluginsList as $installedPlugin) {
if ($installedPlugin->isMailPlugin and array_key_exists("smsType", $additionalParameters)) {
$clockworksmsObject = new Clockworksms();
$clockworksmsObject->send($additionalParameters);
}
}
// Clear all the addresses.
$mail->ClearAddresses();
return 1;
}
/**
* Sends an HTML email using the phpmailer class (and multipart/alternative to downgrade gracefully)
* Sender name and email can be specified, if not specified
* name and email of the platform admin are used
*
* @author Bert Vanderkimpen ICT&O UGent
* @author Yannick Warnier <*****@*****.**>
*
* @param string name of recipient
* @param string email of recipient
* @param string email subject
* @param string email body
* @param string sender name
* @param string sender e-mail
* @param array extra headers in form $headers = array($name => $value) to allow parsing
* @param array data file (path and filename)
* @param array data to attach a file (optional)
* @param bool True for attaching a embedded file inside content html (optional)
* @return returns true if mail was sent
* @see class.phpmailer.php
*/
function api_mail_html($recipient_name, $recipient_email, $subject, $message, $senderName = '', $senderEmail = '', $extra_headers = array(), $data_file = array(), $embedded_image = false, $additionalParameters = array())
{
// Default values
$notification = new Notification();
$defaultEmail = $notification->getDefaultPlatformSenderEmail();
$defaultName = $notification->getDefaultPlatformSenderName();
// If the parameter is set don't use the admin.
$senderName = !empty($senderName) ? $senderName : $defaultName;
$senderEmail = !empty($senderEmail) ? $senderEmail : $defaultEmail;
$link = isset($additionalParameters['link']) ? $additionalParameters['link'] : '';
$swiftMessage = \Swift_Message::newInstance()->setSubject($subject)->setFrom($senderEmail, $senderName)->setTo($recipient_email, $recipient_name)->setBody(Container::getTemplating()->render('ChamiloCoreBundle:default/mail:mail.html.twig', array('content' => $message, 'link' => $link)), 'text/html');
if (!empty($additionalParameters)) {
$plugin = new AppPlugin();
$smsPlugin = $plugin->getSMSPluginLibrary();
if ($smsPlugin) {
$smsPlugin->send($additionalParameters);
}
}
Container::getMailer()->send($swiftMessage);
return 1;
global $platform_email;
$mail = new PHPMailer();
$mail->Mailer = $platform_email['SMTP_MAILER'];
$mail->Host = $platform_email['SMTP_HOST'];
$mail->Port = $platform_email['SMTP_PORT'];
$mail->CharSet = $platform_email['SMTP_CHARSET'];
// Stay far below SMTP protocol 980 chars limit.
$mail->WordWrap = 200;
if ($platform_email['SMTP_AUTH']) {
$mail->SMTPAuth = 1;
$mail->Username = $platform_email['SMTP_USER'];
$mail->Password = $platform_email['SMTP_PASS'];
}
// 5 = low, 1 = high
$mail->Priority = 3;
$mail->SMTPKeepAlive = true;
// Default values
$notification = new Notification();
$defaultEmail = $notification->getDefaultPlatformSenderEmail();
$defaultName = $notification->getDefaultPlatformSenderName();
// Error to admin.
$mail->AddCustomHeader('Errors-To: ' . $defaultEmail);
// If the parameter is set don't use the admin.
$senderName = !empty($senderName) ? $senderName : $defaultName;
$senderEmail = !empty($senderEmail) ? $senderEmail : $defaultEmail;
// Reply to first
if (isset($extra_headers['reply_to'])) {
$mail->AddReplyTo($extra_headers['reply_to']['mail'], $extra_headers['reply_to']['name']);
$mail->Sender = $extra_headers['reply_to']['mail'];
unset($extra_headers['reply_to']);
}
//If the SMTP configuration only accept one sender
if ($platform_email['SMTP_UNIQUE_SENDER']) {
$senderName = $platform_email['SMTP_FROM_NAME'];
$senderEmail = $platform_email['SMTP_FROM_EMAIL'];
}
$mail->SetFrom($senderEmail, $senderName);
$mail->Subject = $subject;
$mail->AltBody = strip_tags(str_replace('<br />', "\n", api_html_entity_decode($message)));
// Send embedded image.
if ($embedded_image) {
// Get all images html inside content.
preg_match_all("/<img\\s+.*?src=[\"\\']?([^\"\\' >]*)[\"\\']?[^>]*>/i", $message, $m);
// Prepare new tag images.
$new_images_html = array();
$i = 1;
if (!empty($m[1])) {
foreach ($m[1] as $image_path) {
$real_path = realpath($image_path);
$filename = basename($image_path);
$image_cid = $filename . '_' . $i;
$encoding = 'base64';
$image_type = mime_content_type($real_path);
$mail->AddEmbeddedImage($real_path, $image_cid, $filename, $encoding, $image_type);
$new_images_html[] = '<img src="cid:' . $image_cid . '" />';
$i++;
}
}
// Replace origin image for new embedded image html.
$x = 0;
if (!empty($m[0])) {
foreach ($m[0] as $orig_img) {
$message = str_replace($orig_img, $new_images_html[$x], $message);
$x++;
}
}
}
$message = str_replace(array("\n\r", "\n", "\r"), '<br />', $message);
$mailView = new Template(null, false, false, false, false, false, false);
$mailView->assign('content', $message);
$link = $additionalParameters['link'];
$mailView->assign('link', $link);
$layout = $mailView->get_template('mail/mail.tpl');
$mail->Body = $mailView->fetch($layout);
// Attachment ...
if (!empty($data_file)) {
$mail->AddAttachment($data_file['path'], $data_file['filename']);
}
// Only valid addresses are accepted.
if (is_array($recipient_email)) {
foreach ($recipient_email as $dest) {
if (api_valid_email($dest)) {
$mail->AddAddress($dest, $recipient_name);
}
}
} else {
if (api_valid_email($recipient_email)) {
$mail->AddAddress($recipient_email, $recipient_name);
} else {
return 0;
}
}
if (is_array($extra_headers) && count($extra_headers) > 0) {
foreach ($extra_headers as $key => $value) {
switch (strtolower($key)) {
case 'encoding':
case 'content-transfer-encoding':
$mail->Encoding = $value;
break;
case 'charset':
$mail->Charset = $value;
break;
case 'contenttype':
case 'content-type':
$mail->ContentType = $value;
break;
default:
$mail->AddCustomHeader($key . ':' . $value);
break;
}
}
} else {
if (!empty($extra_headers)) {
$mail->AddCustomHeader($extra_headers);
}
}
// WordWrap the html body (phpMailer only fixes AltBody) FS#2988
$mail->Body = $mail->WrapText($mail->Body, $mail->WordWrap);
// Send the mail message.
if (!$mail->Send()) {
error_log('ERROR: mail not sent to ' . $recipient_name . ' (' . $recipient_email . ') because of ' . $mail->ErrorInfo . '<br />');
return 0;
}
if (!empty($additionalParameters)) {
$plugin = new AppPlugin();
$smsPlugin = $plugin->getSMSPluginLibrary();
if ($smsPlugin) {
$smsPlugin->send($additionalParameters);
}
}
// Clear all the addresses.
$mail->ClearAddresses();
return 1;
}
