dépôts / lhc / web / wiklou.git / blob
? search:


49ce21c7d229cde4531afedadd2ac374a8b0c018
[lhc/web/wiklou.git] / includes / mail / UserMailer.php
1 <?php
2 /**
3 * Classes used to send e-mails
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @author <brion@pobox.com>
22 * @author <mail@tgries.de>
23 * @author Tim Starling
24 * @author Luke Welling lwelling@wikimedia.org
25 */
26
27 /**
28 * Collection of static functions for sending mail
29 */
30 class UserMailer {
31 private static $mErrorString;
32
33 /**
34 * Send mail using a PEAR mailer
35 *
36 * @param UserMailer $mailer
37 * @param string $dest
38 * @param string $headers
39 * @param string $body
40 *
41 * @return Status
42 */
43 protected static function sendWithPear( $mailer, $dest, $headers, $body ) {
44 $mailResult = $mailer->send( $dest, $headers, $body );
45
46 // Based on the result return an error string,
47 if ( PEAR::isError( $mailResult ) ) {
48 wfDebug( "PEAR::Mail failed: " . $mailResult->getMessage() . "\n" );
49 return Status::newFatal( 'pear-mail-error', $mailResult->getMessage() );
50 } else {
51 return Status::newGood();
52 }
53 }
54
55 /**
56 * Creates a single string from an associative array
57 *
58 * @param array $headers Associative Array: keys are header field names,
59 * values are ... values.
60 * @param string $endl The end of line character. Defaults to "\n"
61 *
62 * Note RFC2822 says newlines must be CRLF (\r\n)
63 * but php mail naively "corrects" it and requires \n for the "correction" to work
64 *
65 * @return string
66 */
67 static function arrayToHeaderString( $headers, $endl = "\n" ) {
68 $strings = array();
69 foreach ( $headers as $name => $value ) {
70 // Prevent header injection by stripping newlines from value
71 $value = self::sanitizeHeaderValue( $value );
72 $strings[] = "$name: $value";
73 }
74 return implode( $endl, $strings );
75 }
76
77 /**
78 * Create a value suitable for the MessageId Header
79 *
80 * @return string
81 */
82 static function makeMsgId() {
83 global $wgSMTP, $wgServer;
84
85 $msgid = uniqid( wfWikiID() . ".", true ); /* true required for cygwin */
86 if ( is_array( $wgSMTP ) && isset( $wgSMTP['IDHost'] ) && $wgSMTP['IDHost'] ) {
87 $domain = $wgSMTP['IDHost'];
88 } else {
89 $url = wfParseUrl( $wgServer );
90 $domain = $url['host'];
91 }
92 return "<$msgid@$domain>";
93 }
94
95 /**
96 * This function will perform a direct (authenticated) login to
97 * a SMTP Server to use for mail relaying if 'wgSMTP' specifies an
98 * array of parameters. It requires PEAR:Mail to do that.
99 * Otherwise it just uses the standard PHP 'mail' function.
100 *
101 * @param MailAddress|MailAddress[] $to Recipient's email (or an array of them)
102 * @param MailAddress $from Sender's email
103 * @param string $subject Email's subject.
104 * @param string $body Email's text or Array of two strings to be the text and html bodies
105 * @param array $options:
106 * 'replyTo' MailAddress
107 * 'contentType' string default 'text/plain; charset=UTF-8'
108 * 'headers' array Extra headers to set
109 *
110 * Previous versions of this function had $replyto as the 5th argument and $contentType
111 * as the 6th. These are still supported for backwards compatability, but deprecated.
112 *
113 * @throws MWException
114 * @throws Exception
115 * @return Status
116 */
117 public static function send( $to, $from, $subject, $body, $options = array() ) {
118 global $wgAllowHTMLEmail;
119 $contentType = 'text/plain; charset=UTF-8';
120 if ( !is_array( $options ) ) {
121 // Old calling style
122 wfDeprecated( __METHOD__ . ' with $replyto as 5th parameter', '1.26' );
123 $options = array( 'replyTo' => $options );
124 if ( func_num_args() === 6 ) {
125 $options['contentType'] = func_get_arg( 5 );
126 }
127 }
128
129 if ( !is_array( $to ) ) {
130 $to = array( $to );
131 }
132
133 // mail body must have some content
134 $minBodyLen = 10;
135 // arbitrary but longer than Array or Object to detect casting error
136
137 // body must either be a string or an array with text and body
138 if (
139 !(
140 !is_array( $body ) &&
141 strlen( $body ) >= $minBodyLen
142 )
143 &&
144 !(
145 is_array( $body ) &&
146 isset( $body['text'] ) &&
147 isset( $body['html'] ) &&
148 strlen( $body['text'] ) >= $minBodyLen &&
149 strlen( $body['html'] ) >= $minBodyLen
150 )
151 ) {
152 // if it is neither we have a problem
153 return Status::newFatal( 'user-mail-no-body' );
154 }
155
156 if ( !$wgAllowHTMLEmail && is_array( $body ) ) {
157 // HTML not wanted. Dump it.
158 $body = $body['text'];
159 }
160
161 wfDebug( __METHOD__ . ': sending mail to ' . implode( ', ', $to ) . "\n" );
162
163 // Make sure we have at least one address
164 $has_address = false;
165 foreach ( $to as $u ) {
166 if ( $u->address ) {
167 $has_address = true;
168 break;
169 }
170 }
171 if ( !$has_address ) {
172 return Status::newFatal( 'user-mail-no-addy' );
173 }
174
175 // give a chance to UserMailerTransformContents subscribers who need to deal with each
176 // target differently to split up the address list
177 if ( count( $to ) > 1 ) {
178 $oldTo = $to;
179 Hooks::run( 'UserMailerSplitTo', array( &$to ) );
180 if ( $oldTo != $to ) {
181 $splitTo = array_diff( $oldTo, $to );
182 $to = array_diff( $oldTo, $splitTo ); // ignore new addresses added in the hook
183 // first send to non-split address list, then to split addresses one by one
184 $status = Status::newGood();
185 if ( $to ) {
186 $status->merge( UserMailer::sendInternal(
187 $to, $from, $subject, $body, $options ) );
188 }
189 foreach ( $splitTo as $newTo ) {
190 $status->merge( UserMailer::sendInternal(
191 array( $newTo ), $from, $subject, $body, $options ) );
192 }
193 return $status;
194 }
195 }
196
197 return UserMailer::sendInternal( $to, $from, $subject, $body, $options );
198 }
199
200 /**
201 * Helper function fo UserMailer::send() which does the actual sending. It expects a $to
202 * list which the UserMailerSplitTo hook would not split further.
203 * @param MailAddress[] $to Array of recipients' email addresses
204 * @param MailAddress $from Sender's email
205 * @param string $subject Email's subject.
206 * @param string $body Email's text or Array of two strings to be the text and html bodies
207 * @param array $options:
208 * 'replyTo' MailAddress
209 * 'contentType' string default 'text/plain; charset=UTF-8'
210 * 'headers' array Extra headers to set
211 *
212 * @throws MWException
213 * @throws Exception
214 * @return Status
215 */
216 protected static function sendInternal(
217 array $to,
218 MailAddress $from,
219 $subject,
220 $body,
221 $options = array()
222 ) {
223 global $wgSMTP, $wgEnotifMaxRecips, $wgAdditionalMailParams;
224 $mime = null;
225
226 $replyto = isset( $options['replyTo'] ) ? $options['replyTo'] : null;
227 $contentType = isset( $options['contentType'] ) ?
228 $options['contentType'] : 'text/plain; charset=UTF-8';
229 $headers = isset( $options['headers'] ) ? $options['headers'] : array();
230
231 // Allow transformation of content, such as encrypting/signing
232 $error = false;
233 if ( !Hooks::run( 'UserMailerTransformContent', array( $to, $from, &$body, &$error ) ) ) {
234 if ( $error ) {
235 return Status::newFatal( 'php-mail-error', $error );
236 } else {
237 return Status::newFatal( 'php-mail-error-unknown' );
238 }
239 }
240
241 /**
242 * Forge email headers
243 * -------------------
244 *
245 * WARNING
246 *
247 * DO NOT add To: or Subject: headers at this step. They need to be
248 * handled differently depending upon the mailer we are going to use.
249 *
250 * To:
251 * PHP mail() first argument is the mail receiver. The argument is
252 * used as a recipient destination and as a To header.
253 *
254 * PEAR mailer has a recipient argument which is only used to
255 * send the mail. If no To header is given, PEAR will set it to
256 * to 'undisclosed-recipients:'.
257 *
258 * NOTE: To: is for presentation, the actual recipient is specified
259 * by the mailer using the Rcpt-To: header.
260 *
261 * Subject:
262 * PHP mail() second argument to pass the subject, passing a Subject
263 * as an additional header will result in a duplicate header.
264 *
265 * PEAR mailer should be passed a Subject header.
266 *
267 * -- hashar 20120218
268 */
269
270 $headers['From'] = $from->toString();
271 $returnPath = $from->address;
272 $extraParams = $wgAdditionalMailParams;
273
274 // Hook to generate custom VERP address for 'Return-Path'
275 Hooks::run( 'UserMailerChangeReturnPath', array( $to, &$returnPath ) );
276 // Add the envelope sender address using the -f command line option when PHP mail() is used.
277 // Will default to the $from->address when the UserMailerChangeReturnPath hook fails and the
278 // generated VERP address when the hook runs effectively.
279 $extraParams .= ' -f ' . $returnPath;
280
281 $headers['Return-Path'] = $returnPath;
282
283 if ( $replyto ) {
284 $headers['Reply-To'] = $replyto->toString();
285 }
286
287 $headers['Date'] = MWTimestamp::getLocalInstance()->format( 'r' );
288 $headers['Message-ID'] = self::makeMsgId();
289 $headers['X-Mailer'] = 'MediaWiki mailer';
290 $headers['List-Unsubscribe'] = '<' . SpecialPage::getTitleFor( 'Preferences' )
291 ->getFullURL( '', false, PROTO_CANONICAL ) . '>';
292
293 // Line endings need to be different on Unix and Windows due to
294 // the bug described at http://trac.wordpress.org/ticket/2603
295 if ( wfIsWindows() ) {
296 $endl = "\r\n";
297 } else {
298 $endl = "\n";
299 }
300
301 if ( is_array( $body ) ) {
302 // we are sending a multipart message
303 wfDebug( "Assembling multipart mime email\n" );
304 if ( !stream_resolve_include_path( 'Mail/mime.php' ) ) {
305 wfDebug( "PEAR Mail_Mime package is not installed. Falling back to text email.\n" );
306 // remove the html body for text email fall back
307 $body = $body['text'];
308 } else {
309 // Check if pear/mail_mime is already loaded (via composer)
310 if ( !class_exists( 'Mail_mime' ) ) {
311 require_once 'Mail/mime.php';
312 }
313 if ( wfIsWindows() ) {
314 $body['text'] = str_replace( "\n", "\r\n", $body['text'] );
315 $body['html'] = str_replace( "\n", "\r\n", $body['html'] );
316 }
317 $mime = new Mail_mime( array(
318 'eol' => $endl,
319 'text_charset' => 'UTF-8',
320 'html_charset' => 'UTF-8'
321 ) );
322 $mime->setTXTBody( $body['text'] );
323 $mime->setHTMLBody( $body['html'] );
324 $body = $mime->get(); // must call get() before headers()
325 $headers = $mime->headers( $headers );
326 }
327 }
328 if ( $mime === null ) {
329 // sending text only, either deliberately or as a fallback
330 if ( wfIsWindows() ) {
331 $body = str_replace( "\n", "\r\n", $body );
332 }
333 $headers['MIME-Version'] = '1.0';
334 $headers['Content-type'] = ( is_null( $contentType ) ?
335 'text/plain; charset=UTF-8' : $contentType );
336 $headers['Content-transfer-encoding'] = '8bit';
337 }
338
339 // allow transformation of MIME-encoded message
340 if ( !Hooks::run( 'UserMailerTransformMessage',
341 array( $to, $from, &$subject, &$headers, &$body, &$error ) )
342 ) {
343 if ( $error ) {
344 return Status::newFatal( 'php-mail-error', $error );
345 } else {
346 return Status::newFatal( 'php-mail-error-unknown' );
347 }
348 }
349
350 $ret = Hooks::run( 'AlternateUserMailer', array( $headers, $to, $from, $subject, $body ) );
351 if ( $ret === false ) {
352 // the hook implementation will return false to skip regular mail sending
353 return Status::newGood();
354 } elseif ( $ret !== true ) {
355 // the hook implementation will return a string to pass an error message
356 return Status::newFatal( 'php-mail-error', $ret );
357 }
358
359 if ( is_array( $wgSMTP ) ) {
360 // Check if pear/mail is already loaded (via composer)
361 if ( !class_exists( 'Mail' ) ) {
362 // PEAR MAILER
363 if ( !stream_resolve_include_path( 'Mail.php' ) ) {
364 throw new MWException( 'PEAR mail package is not installed' );
365 }
366 require_once 'Mail.php';
367 }
368
369 MediaWiki\suppressWarnings();
370
371 // Create the mail object using the Mail::factory method
372 $mail_object =& Mail::factory( 'smtp', $wgSMTP );
373 if ( PEAR::isError( $mail_object ) ) {
374 wfDebug( "PEAR::Mail factory failed: " . $mail_object->getMessage() . "\n" );
375 MediaWiki\restoreWarnings();
376 return Status::newFatal( 'pear-mail-error', $mail_object->getMessage() );
377 }
378
379 wfDebug( "Sending mail via PEAR::Mail\n" );
380
381 $headers['Subject'] = self::quotedPrintable( $subject );
382
383 // When sending only to one recipient, shows it its email using To:
384 if ( count( $to ) == 1 ) {
385 $headers['To'] = $to[0]->toString();
386 }
387
388 // Split jobs since SMTP servers tends to limit the maximum
389 // number of possible recipients.
390 $chunks = array_chunk( $to, $wgEnotifMaxRecips );
391 foreach ( $chunks as $chunk ) {
392 $status = self::sendWithPear( $mail_object, $chunk, $headers, $body );
393 // FIXME : some chunks might be sent while others are not!
394 if ( !$status->isOK() ) {
395 MediaWiki\restoreWarnings();
396 return $status;
397 }
398 }
399 MediaWiki\restoreWarnings();
400 return Status::newGood();
401 } else {
402 // PHP mail()
403 if ( count( $to ) > 1 ) {
404 $headers['To'] = 'undisclosed-recipients:;';
405 }
406 $headers = self::arrayToHeaderString( $headers, $endl );
407
408 wfDebug( "Sending mail via internal mail() function\n" );
409
410 self::$mErrorString = '';
411 $html_errors = ini_get( 'html_errors' );
412 ini_set( 'html_errors', '0' );
413 set_error_handler( 'UserMailer::errorHandler' );
414
415 try {
416 $safeMode = wfIniGetBool( 'safe_mode' );
417
418 foreach ( $to as $recip ) {
419 if ( $safeMode ) {
420 $sent = mail( $recip, self::quotedPrintable( $subject ), $body, $headers );
421 } else {
422 $sent = mail(
423 $recip,
424 self::quotedPrintable( $subject ),
425 $body,
426 $headers,
427 $extraParams
428 );
429 }
430 }
431 } catch ( Exception $e ) {
432 restore_error_handler();
433 throw $e;
434 }
435
436 restore_error_handler();
437 ini_set( 'html_errors', $html_errors );
438
439 if ( self::$mErrorString ) {
440 wfDebug( "Error sending mail: " . self::$mErrorString . "\n" );
441 return Status::newFatal( 'php-mail-error', self::$mErrorString );
442 } elseif ( !$sent ) {
443 // mail function only tells if there's an error
444 wfDebug( "Unknown error sending mail\n" );
445 return Status::newFatal( 'php-mail-error-unknown' );
446 } else {
447 return Status::newGood();
448 }
449 }
450 }
451
452 /**
453 * Set the mail error message in self::$mErrorString
454 *
455 * @param int $code Error number
456 * @param string $string Error message
457 */
458 static function errorHandler( $code, $string ) {
459 self::$mErrorString = preg_replace( '/^mail\(\)(\s*\[.*?\])?: /', '', $string );
460 }
461
462 /**
463 * Strips bad characters from a header value to prevent PHP mail header injection attacks
464 * @param string $val String to be santizied
465 * @return string
466 */
467 public static function sanitizeHeaderValue( $val ) {
468 return strtr( $val, array( "\r" => '', "\n" => '' ) );
469 }
470
471 /**
472 * Converts a string into a valid RFC 822 "phrase", such as is used for the sender name
473 * @param string $phrase
474 * @return string
475 */
476 public static function rfc822Phrase( $phrase ) {
477 // Remove line breaks
478 $phrase = self::sanitizeHeaderValue( $phrase );
479 // Remove quotes
480 $phrase = str_replace( '"', '', $phrase );
481 return '"' . $phrase . '"';
482 }
483
484 /**
485 * Converts a string into quoted-printable format
486 * @since 1.17
487 *
488 * From PHP5.3 there is a built in function quoted_printable_encode()
489 * This method does not duplicate that.
490 * This method is doing Q encoding inside encoded-words as defined by RFC 2047
491 * This is for email headers.
492 * The built in quoted_printable_encode() is for email bodies
493 * @param string $string
494 * @param string $charset
495 * @return string
496 */
497 public static function quotedPrintable( $string, $charset = '' ) {
498 // Probably incomplete; see RFC 2045
499 if ( empty( $charset ) ) {
500 $charset = 'UTF-8';
501 }
502 $charset = strtoupper( $charset );
503 $charset = str_replace( 'ISO-8859', 'ISO8859', $charset ); // ?
504
505 $illegal = '\x00-\x08\x0b\x0c\x0e-\x1f\x7f-\xff=';
506 $replace = $illegal . '\t ?_';
507 if ( !preg_match( "/[$illegal]/", $string ) ) {
508 return $string;
509 }
510 $out = "=?$charset?Q?";
511 $out .= preg_replace_callback( "/([$replace])/",
512 array( __CLASS__, 'quotedPrintableCallback' ), $string );
513 $out .= '?=';
514 return $out;
515 }
516
517 protected static function quotedPrintableCallback( $matches ) {
518 return sprintf( "=%02X", ord( $matches[1] ) );
519 }
520 }
Wiklou, le Wiki du Wiklou