search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix use of RawMessage in Status::getMessage()
[mediawiki.git] / includes / mail / UserMailer.php
blob1c7fb9857b9b4f67b2345e8d261df191a969363e
1 <?php
2 /**
3 * Classes used to send e-mails
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @author <brion@pobox.com>
22 * @author <mail@tgries.de>
23 * @author Tim Starling
24 * @author Luke Welling lwelling@wikimedia.org
25 */
26
27 /**
28 * Collection of static functions for sending mail
29 */
30 class UserMailer {
31 private static $mErrorString;
32
33 /**
34 * Send mail using a PEAR mailer
35 *
36 * @param Mail_smtp $mailer
37 * @param string $dest
38 * @param string $headers
39 * @param string $body
40 *
41 * @return Status
42 */
43 protected static function sendWithPear( $mailer, $dest, $headers, $body ) {
44 $mailResult = $mailer->send( $dest, $headers, $body );
45
46 // Based on the result return an error string,
47 if ( PEAR::isError( $mailResult ) ) {
48 wfDebug( "PEAR::Mail failed: " . $mailResult->getMessage() . "\n" );
49 return Status::newFatal( 'pear-mail-error', $mailResult->getMessage() );
50 } else {
51 return Status::newGood();
52 }
53 }
54
55 /**
56 * Creates a single string from an associative array
57 *
58 * @param array $headers Associative Array: keys are header field names,
59 * values are ... values.
60 * @param string $endl The end of line character. Defaults to "\n"
61 *
62 * Note RFC2822 says newlines must be CRLF (\r\n)
63 * but php mail naively "corrects" it and requires \n for the "correction" to work
64 *
65 * @return string
66 */
67 static function arrayToHeaderString( $headers, $endl = PHP_EOL ) {
68 $strings = [];
69 foreach ( $headers as $name => $value ) {
70 // Prevent header injection by stripping newlines from value
71 $value = self::sanitizeHeaderValue( $value );
72 $strings[] = "$name: $value";
73 }
74 return implode( $endl, $strings );
75 }
76
77 /**
78 * Create a value suitable for the MessageId Header
79 *
80 * @return string
81 */
82 static function makeMsgId() {
83 global $wgSMTP, $wgServer;
84
85 $msgid = uniqid( wfWikiID() . ".", true ); /* true required for cygwin */
86 if ( is_array( $wgSMTP ) && isset( $wgSMTP['IDHost'] ) && $wgSMTP['IDHost'] ) {
87 $domain = $wgSMTP['IDHost'];
88 } else {
89 $url = wfParseUrl( $wgServer );
90 $domain = $url['host'];
91 }
92 return "<$msgid@$domain>";
93 }
94
95 /**
96 * This function will perform a direct (authenticated) login to
97 * a SMTP Server to use for mail relaying if 'wgSMTP' specifies an
98 * array of parameters. It requires PEAR:Mail to do that.
99 * Otherwise it just uses the standard PHP 'mail' function.
100 *
101 * @param MailAddress|MailAddress[] $to Recipient's email (or an array of them)
102 * @param MailAddress $from Sender's email
103 * @param string $subject Email's subject.
104 * @param string $body Email's text or Array of two strings to be the text and html bodies
105 * @param array $options:
106 * 'replyTo' MailAddress
107 * 'contentType' string default 'text/plain; charset=UTF-8'
108 * 'headers' array Extra headers to set
109 *
110 * Previous versions of this function had $replyto as the 5th argument and $contentType
111 * as the 6th. These are still supported for backwards compatability, but deprecated.
112 *
113 * @throws MWException
114 * @throws Exception
115 * @return Status
116 */
117 public static function send( $to, $from, $subject, $body, $options = [] ) {
118 global $wgAllowHTMLEmail;
119
120 if ( !is_array( $options ) ) {
121 // Old calling style
122 wfDeprecated( __METHOD__ . ' with $replyto as 5th parameter', '1.26' );
123 $options = [ 'replyTo' => $options ];
124 if ( func_num_args() === 6 ) {
125 $options['contentType'] = func_get_arg( 5 );
126 }
127 }
128 if ( !isset( $options['contentType'] ) ) {
129 $options['contentType'] = 'text/plain; charset=UTF-8';
130 }
131
132 if ( !is_array( $to ) ) {
133 $to = [ $to ];
134 }
135
136 // mail body must have some content
137 $minBodyLen = 10;
138 // arbitrary but longer than Array or Object to detect casting error
139
140 // body must either be a string or an array with text and body
141 if (
142 !(
143 !is_array( $body ) &&
144 strlen( $body ) >= $minBodyLen
145 )
146 &&
147 !(
148 is_array( $body ) &&
149 isset( $body['text'] ) &&
150 isset( $body['html'] ) &&
151 strlen( $body['text'] ) >= $minBodyLen &&
152 strlen( $body['html'] ) >= $minBodyLen
153 )
154 ) {
155 // if it is neither we have a problem
156 return Status::newFatal( 'user-mail-no-body' );
157 }
158
159 if ( !$wgAllowHTMLEmail && is_array( $body ) ) {
160 // HTML not wanted. Dump it.
161 $body = $body['text'];
162 }
163
164 wfDebug( __METHOD__ . ': sending mail to ' . implode( ', ', $to ) . "\n" );
165
166 // Make sure we have at least one address
167 $has_address = false;
168 foreach ( $to as $u ) {
169 if ( $u->address ) {
170 $has_address = true;
171 break;
172 }
173 }
174 if ( !$has_address ) {
175 return Status::newFatal( 'user-mail-no-addy' );
176 }
177
178 // give a chance to UserMailerTransformContents subscribers who need to deal with each
179 // target differently to split up the address list
180 if ( count( $to ) > 1 ) {
181 $oldTo = $to;
182 Hooks::run( 'UserMailerSplitTo', [ &$to ] );
183 if ( $oldTo != $to ) {
184 $splitTo = array_diff( $oldTo, $to );
185 $to = array_diff( $oldTo, $splitTo ); // ignore new addresses added in the hook
186 // first send to non-split address list, then to split addresses one by one
187 $status = Status::newGood();
188 if ( $to ) {
189 $status->merge( UserMailer::sendInternal(
190 $to, $from, $subject, $body, $options ) );
191 }
192 foreach ( $splitTo as $newTo ) {
193 $status->merge( UserMailer::sendInternal(
194 [ $newTo ], $from, $subject, $body, $options ) );
195 }
196 return $status;
197 }
198 }
199
200 return UserMailer::sendInternal( $to, $from, $subject, $body, $options );
201 }
202
203 /**
204 * Helper function fo UserMailer::send() which does the actual sending. It expects a $to
205 * list which the UserMailerSplitTo hook would not split further.
206 * @param MailAddress[] $to Array of recipients' email addresses
207 * @param MailAddress $from Sender's email
208 * @param string $subject Email's subject.
209 * @param string $body Email's text or Array of two strings to be the text and html bodies
210 * @param array $options:
211 * 'replyTo' MailAddress
212 * 'contentType' string default 'text/plain; charset=UTF-8'
213 * 'headers' array Extra headers to set
214 *
215 * @throws MWException
216 * @throws Exception
217 * @return Status
218 */
219 protected static function sendInternal(
220 array $to,
221 MailAddress $from,
222 $subject,
223 $body,
224 $options = []
225 ) {
226 global $wgSMTP, $wgEnotifMaxRecips, $wgAdditionalMailParams;
227 $mime = null;
228
229 $replyto = isset( $options['replyTo'] ) ? $options['replyTo'] : null;
230 $contentType = isset( $options['contentType'] ) ?
231 $options['contentType'] : 'text/plain; charset=UTF-8';
232 $headers = isset( $options['headers'] ) ? $options['headers'] : [];
233
234 // Allow transformation of content, such as encrypting/signing
235 $error = false;
236 if ( !Hooks::run( 'UserMailerTransformContent', [ $to, $from, &$body, &$error ] ) ) {
237 if ( $error ) {
238 return Status::newFatal( 'php-mail-error', $error );
239 } else {
240 return Status::newFatal( 'php-mail-error-unknown' );
241 }
242 }
243
244 /**
245 * Forge email headers
246 * -------------------
247 *
248 * WARNING
249 *
250 * DO NOT add To: or Subject: headers at this step. They need to be
251 * handled differently depending upon the mailer we are going to use.
252 *
253 * To:
254 * PHP mail() first argument is the mail receiver. The argument is
255 * used as a recipient destination and as a To header.
256 *
257 * PEAR mailer has a recipient argument which is only used to
258 * send the mail. If no To header is given, PEAR will set it to
259 * to 'undisclosed-recipients:'.
260 *
261 * NOTE: To: is for presentation, the actual recipient is specified
262 * by the mailer using the Rcpt-To: header.
263 *
264 * Subject:
265 * PHP mail() second argument to pass the subject, passing a Subject
266 * as an additional header will result in a duplicate header.
267 *
268 * PEAR mailer should be passed a Subject header.
269 *
270 * -- hashar 20120218
271 */
272
273 $headers['From'] = $from->toString();
274 $returnPath = $from->address;
275 $extraParams = $wgAdditionalMailParams;
276
277 // Hook to generate custom VERP address for 'Return-Path'
278 Hooks::run( 'UserMailerChangeReturnPath', [ $to, &$returnPath ] );
279 // Add the envelope sender address using the -f command line option when PHP mail() is used.
280 // Will default to the $from->address when the UserMailerChangeReturnPath hook fails and the
281 // generated VERP address when the hook runs effectively.
282 $extraParams .= ' -f ' . $returnPath;
283
284 $headers['Return-Path'] = $returnPath;
285
286 if ( $replyto ) {
287 $headers['Reply-To'] = $replyto->toString();
288 }
289
290 $headers['Date'] = MWTimestamp::getLocalInstance()->format( 'r' );
291 $headers['Message-ID'] = self::makeMsgId();
292 $headers['X-Mailer'] = 'MediaWiki mailer';
293 $headers['List-Unsubscribe'] = '<' . SpecialPage::getTitleFor( 'Preferences' )
294 ->getFullURL( '', false, PROTO_CANONICAL ) . '>';
295
296 // Line endings need to be different on Unix and Windows due to
297 // the bug described at http://trac.wordpress.org/ticket/2603
298 $endl = PHP_EOL;
299
300 if ( is_array( $body ) ) {
301 // we are sending a multipart message
302 wfDebug( "Assembling multipart mime email\n" );
303 if ( !stream_resolve_include_path( 'Mail/mime.php' ) ) {
304 wfDebug( "PEAR Mail_Mime package is not installed. Falling back to text email.\n" );
305 // remove the html body for text email fall back
306 $body = $body['text'];
307 } else {
308 // Check if pear/mail_mime is already loaded (via composer)
309 if ( !class_exists( 'Mail_mime' ) ) {
310 require_once 'Mail/mime.php';
311 }
312 if ( wfIsWindows() ) {
313 $body['text'] = str_replace( "\n", "\r\n", $body['text'] );
314 $body['html'] = str_replace( "\n", "\r\n", $body['html'] );
315 }
316 $mime = new Mail_mime( [
317 'eol' => $endl,
318 'text_charset' => 'UTF-8',
319 'html_charset' => 'UTF-8'
320 ] );
321 $mime->setTXTBody( $body['text'] );
322 $mime->setHTMLBody( $body['html'] );
323 $body = $mime->get(); // must call get() before headers()
324 $headers = $mime->headers( $headers );
325 }
326 }
327 if ( $mime === null ) {
328 // sending text only, either deliberately or as a fallback
329 if ( wfIsWindows() ) {
330 $body = str_replace( "\n", "\r\n", $body );
331 }
332 $headers['MIME-Version'] = '1.0';
333 $headers['Content-type'] = $contentType;
334 $headers['Content-transfer-encoding'] = '8bit';
335 }
336
337 // allow transformation of MIME-encoded message
338 if ( !Hooks::run( 'UserMailerTransformMessage',
339 [ $to, $from, &$subject, &$headers, &$body, &$error ] )
340 ) {
341 if ( $error ) {
342 return Status::newFatal( 'php-mail-error', $error );
343 } else {
344 return Status::newFatal( 'php-mail-error-unknown' );
345 }
346 }
347
348 $ret = Hooks::run( 'AlternateUserMailer', [ $headers, $to, $from, $subject, $body ] );
349 if ( $ret === false ) {
350 // the hook implementation will return false to skip regular mail sending
351 return Status::newGood();
352 } elseif ( $ret !== true ) {
353 // the hook implementation will return a string to pass an error message
354 return Status::newFatal( 'php-mail-error', $ret );
355 }
356
357 if ( is_array( $wgSMTP ) ) {
358 // Check if pear/mail is already loaded (via composer)
359 if ( !class_exists( 'Mail' ) ) {
360 // PEAR MAILER
361 if ( !stream_resolve_include_path( 'Mail.php' ) ) {
362 throw new MWException( 'PEAR mail package is not installed' );
363 }
364 require_once 'Mail.php';
365 }
366
367 MediaWiki\suppressWarnings();
368
369 // Create the mail object using the Mail::factory method
370 $mail_object =& Mail::factory( 'smtp', $wgSMTP );
371 if ( PEAR::isError( $mail_object ) ) {
372 wfDebug( "PEAR::Mail factory failed: " . $mail_object->getMessage() . "\n" );
373 MediaWiki\restoreWarnings();
374 return Status::newFatal( 'pear-mail-error', $mail_object->getMessage() );
375 }
376
377 wfDebug( "Sending mail via PEAR::Mail\n" );
378
379 $headers['Subject'] = self::quotedPrintable( $subject );
380
381 // When sending only to one recipient, shows it its email using To:
382 if ( count( $to ) == 1 ) {
383 $headers['To'] = $to[0]->toString();
384 }
385
386 // Split jobs since SMTP servers tends to limit the maximum
387 // number of possible recipients.
388 $chunks = array_chunk( $to, $wgEnotifMaxRecips );
389 foreach ( $chunks as $chunk ) {
390 $status = self::sendWithPear( $mail_object, $chunk, $headers, $body );
391 // FIXME : some chunks might be sent while others are not!
392 if ( !$status->isOK() ) {
393 MediaWiki\restoreWarnings();
394 return $status;
395 }
396 }
397 MediaWiki\restoreWarnings();
398 return Status::newGood();
399 } else {
400 // PHP mail()
401 if ( count( $to ) > 1 ) {
402 $headers['To'] = 'undisclosed-recipients:;';
403 }
404 $headers = self::arrayToHeaderString( $headers, $endl );
405
406 wfDebug( "Sending mail via internal mail() function\n" );
407
408 self::$mErrorString = '';
409 $html_errors = ini_get( 'html_errors' );
410 ini_set( 'html_errors', '0' );
411 set_error_handler( 'UserMailer::errorHandler' );
412
413 try {
414 foreach ( $to as $recip ) {
415 $sent = mail(
416 $recip,
417 self::quotedPrintable( $subject ),
418 $body,
419 $headers,
420 $extraParams
421 );
422 }
423 } catch ( Exception $e ) {
424 restore_error_handler();
425 throw $e;
426 }
427
428 restore_error_handler();
429 ini_set( 'html_errors', $html_errors );
430
431 if ( self::$mErrorString ) {
432 wfDebug( "Error sending mail: " . self::$mErrorString . "\n" );
433 return Status::newFatal( 'php-mail-error', self::$mErrorString );
434 } elseif ( !$sent ) {
435 // mail function only tells if there's an error
436 wfDebug( "Unknown error sending mail\n" );
437 return Status::newFatal( 'php-mail-error-unknown' );
438 } else {
439 return Status::newGood();
440 }
441 }
442 }
443
444 /**
445 * Set the mail error message in self::$mErrorString
446 *
447 * @param int $code Error number
448 * @param string $string Error message
449 */
450 static function errorHandler( $code, $string ) {
451 self::$mErrorString = preg_replace( '/^mail\(\)(\s*\[.*?\])?: /', '', $string );
452 }
453
454 /**
455 * Strips bad characters from a header value to prevent PHP mail header injection attacks
456 * @param string $val String to be santizied
457 * @return string
458 */
459 public static function sanitizeHeaderValue( $val ) {
460 return strtr( $val, [ "\r" => '', "\n" => '' ] );
461 }
462
463 /**
464 * Converts a string into a valid RFC 822 "phrase", such as is used for the sender name
465 * @param string $phrase
466 * @return string
467 */
468 public static function rfc822Phrase( $phrase ) {
469 // Remove line breaks
470 $phrase = self::sanitizeHeaderValue( $phrase );
471 // Remove quotes
472 $phrase = str_replace( '"', '', $phrase );
473 return '"' . $phrase . '"';
474 }
475
476 /**
477 * Converts a string into quoted-printable format
478 * @since 1.17
479 *
480 * From PHP5.3 there is a built in function quoted_printable_encode()
481 * This method does not duplicate that.
482 * This method is doing Q encoding inside encoded-words as defined by RFC 2047
483 * This is for email headers.
484 * The built in quoted_printable_encode() is for email bodies
485 * @param string $string
486 * @param string $charset
487 * @return string
488 */
489 public static function quotedPrintable( $string, $charset = '' ) {
490 // Probably incomplete; see RFC 2045
491 if ( empty( $charset ) ) {
492 $charset = 'UTF-8';
493 }
494 $charset = strtoupper( $charset );
495 $charset = str_replace( 'ISO-8859', 'ISO8859', $charset ); // ?
496
497 $illegal = '\x00-\x08\x0b\x0c\x0e-\x1f\x7f-\xff=';
498 $replace = $illegal . '\t ?_';
499 if ( !preg_match( "/[$illegal]/", $string ) ) {
500 return $string;
501 }
502 $out = "=?$charset?Q?";
503 $out .= preg_replace_callback( "/([$replace])/",
504 function ( $matches ) {
505 return sprintf( "=%02X", ord( $matches[1] ) );
506 },
507 $string
508 );
509 $out .= '?=';
510 return $out;
511 }
512 }
MediaWiki Core