MediaWiki  1.28.0
UserMailer.php
Go to the documentation of this file.
1 <?php
30 class UserMailer {
31  private static $mErrorString;
32 
43  protected static function sendWithPear( $mailer, $dest, $headers, $body ) {
44  $mailResult = $mailer->send( $dest, $headers, $body );
45 
46  // Based on the result return an error string,
47  if ( PEAR::isError( $mailResult ) ) {
48  wfDebug( "PEAR::Mail failed: " . $mailResult->getMessage() . "\n" );
49  return Status::newFatal( 'pear-mail-error', $mailResult->getMessage() );
50  } else {
51  return Status::newGood();
52  }
53  }
54 
67  static function arrayToHeaderString( $headers, $endl = PHP_EOL ) {
68  $strings = [];
69  foreach ( $headers as $name => $value ) {
70  // Prevent header injection by stripping newlines from value
71  $value = self::sanitizeHeaderValue( $value );
72  $strings[] = "$name: $value";
73  }
74  return implode( $endl, $strings );
75  }
76 
82  static function makeMsgId() {
84 
85  $msgid = uniqid( wfWikiID() . ".", true ); /* true required for cygwin */
86  if ( is_array( $wgSMTP ) && isset( $wgSMTP['IDHost'] ) && $wgSMTP['IDHost'] ) {
87  $domain = $wgSMTP['IDHost'];
88  } else {
89  $url = wfParseUrl( $wgServer );
90  $domain = $url['host'];
91  }
92  return "<$msgid@$domain>";
93  }
94 
114  public static function send( $to, $from, $subject, $body, $options = [] ) {
116 
117  if ( !isset( $options['contentType'] ) ) {
118  $options['contentType'] = 'text/plain; charset=UTF-8';
119  }
120 
121  if ( !is_array( $to ) ) {
122  $to = [ $to ];
123  }
124 
125  // mail body must have some content
126  $minBodyLen = 10;
127  // arbitrary but longer than Array or Object to detect casting error
128 
129  // body must either be a string or an array with text and body
130  if (
131  !(
132  !is_array( $body ) &&
133  strlen( $body ) >= $minBodyLen
134  )
135  &&
136  !(
137  is_array( $body ) &&
138  isset( $body['text'] ) &&
139  isset( $body['html'] ) &&
140  strlen( $body['text'] ) >= $minBodyLen &&
141  strlen( $body['html'] ) >= $minBodyLen
142  )
143  ) {
144  // if it is neither we have a problem
145  return Status::newFatal( 'user-mail-no-body' );
146  }
147 
148  if ( !$wgAllowHTMLEmail && is_array( $body ) ) {
149  // HTML not wanted. Dump it.
150  $body = $body['text'];
151  }
152 
153  wfDebug( __METHOD__ . ': sending mail to ' . implode( ', ', $to ) . "\n" );
154 
155  // Make sure we have at least one address
156  $has_address = false;
157  foreach ( $to as $u ) {
158  if ( $u->address ) {
159  $has_address = true;
160  break;
161  }
162  }
163  if ( !$has_address ) {
164  return Status::newFatal( 'user-mail-no-addy' );
165  }
166 
167  // give a chance to UserMailerTransformContents subscribers who need to deal with each
168  // target differently to split up the address list
169  if ( count( $to ) > 1 ) {
170  $oldTo = $to;
171  Hooks::run( 'UserMailerSplitTo', [ &$to ] );
172  if ( $oldTo != $to ) {
173  $splitTo = array_diff( $oldTo, $to );
174  $to = array_diff( $oldTo, $splitTo ); // ignore new addresses added in the hook
175  // first send to non-split address list, then to split addresses one by one
177  if ( $to ) {
179  $to, $from, $subject, $body, $options ) );
180  }
181  foreach ( $splitTo as $newTo ) {
183  [ $newTo ], $from, $subject, $body, $options ) );
184  }
185  return $status;
186  }
187  }
188 
189  return UserMailer::sendInternal( $to, $from, $subject, $body, $options );
190  }
191 
208  protected static function sendInternal(
209  array $to,
211  $subject,
212  $body,
213  $options = []
214  ) {
216  $mime = null;
217 
218  $replyto = isset( $options['replyTo'] ) ? $options['replyTo'] : null;
219  $contentType = isset( $options['contentType'] ) ?
220  $options['contentType'] : 'text/plain; charset=UTF-8';
221  $headers = isset( $options['headers'] ) ? $options['headers'] : [];
222 
223  // Allow transformation of content, such as encrypting/signing
224  $error = false;
225  if ( !Hooks::run( 'UserMailerTransformContent', [ $to, $from, &$body, &$error ] ) ) {
226  if ( $error ) {
227  return Status::newFatal( 'php-mail-error', $error );
228  } else {
229  return Status::newFatal( 'php-mail-error-unknown' );
230  }
231  }
232 
262  $headers['From'] = $from->toString();
263  $returnPath = $from->address;
264  $extraParams = $wgAdditionalMailParams;
265 
266  // Hook to generate custom VERP address for 'Return-Path'
267  Hooks::run( 'UserMailerChangeReturnPath', [ $to, &$returnPath ] );
268  // Add the envelope sender address using the -f command line option when PHP mail() is used.
269  // Will default to the $from->address when the UserMailerChangeReturnPath hook fails and the
270  // generated VERP address when the hook runs effectively.
271  $extraParams .= ' -f ' . $returnPath;
272 
273  $headers['Return-Path'] = $returnPath;
274 
275  if ( $replyto ) {
276  $headers['Reply-To'] = $replyto->toString();
277  }
278 
279  $headers['Date'] = MWTimestamp::getLocalInstance()->format( 'r' );
280  $headers['Message-ID'] = self::makeMsgId();
281  $headers['X-Mailer'] = 'MediaWiki mailer';
282  $headers['List-Unsubscribe'] = '<' . SpecialPage::getTitleFor( 'Preferences' )
283  ->getFullURL( '', false, PROTO_CANONICAL ) . '>';
284 
285  // Line endings need to be different on Unix and Windows due to
286  // the bug described at http://trac.wordpress.org/ticket/2603
287  $endl = PHP_EOL;
288 
289  if ( is_array( $body ) ) {
290  // we are sending a multipart message
291  wfDebug( "Assembling multipart mime email\n" );
292  if ( !stream_resolve_include_path( 'Mail/mime.php' ) ) {
293  wfDebug( "PEAR Mail_Mime package is not installed. Falling back to text email.\n" );
294  // remove the html body for text email fall back
295  $body = $body['text'];
296  } else {
297  // Check if pear/mail_mime is already loaded (via composer)
298  if ( !class_exists( 'Mail_mime' ) ) {
299  require_once 'Mail/mime.php';
300  }
301  if ( wfIsWindows() ) {
302  $body['text'] = str_replace( "\n", "\r\n", $body['text'] );
303  $body['html'] = str_replace( "\n", "\r\n", $body['html'] );
304  }
305  $mime = new Mail_mime( [
306  'eol' => $endl,
307  'text_charset' => 'UTF-8',
308  'html_charset' => 'UTF-8'
309  ] );
310  $mime->setTXTBody( $body['text'] );
311  $mime->setHTMLBody( $body['html'] );
312  $body = $mime->get(); // must call get() before headers()
313  $headers = $mime->headers( $headers );
314  }
315  }
316  if ( $mime === null ) {
317  // sending text only, either deliberately or as a fallback
318  if ( wfIsWindows() ) {
319  $body = str_replace( "\n", "\r\n", $body );
320  }
321  $headers['MIME-Version'] = '1.0';
322  $headers['Content-type'] = $contentType;
323  $headers['Content-transfer-encoding'] = '8bit';
324  }
325 
326  // allow transformation of MIME-encoded message
327  if ( !Hooks::run( 'UserMailerTransformMessage',
328  [ $to, $from, &$subject, &$headers, &$body, &$error ] )
329  ) {
330  if ( $error ) {
331  return Status::newFatal( 'php-mail-error', $error );
332  } else {
333  return Status::newFatal( 'php-mail-error-unknown' );
334  }
335  }
336 
337  $ret = Hooks::run( 'AlternateUserMailer', [ $headers, $to, $from, $subject, $body ] );
338  if ( $ret === false ) {
339  // the hook implementation will return false to skip regular mail sending
340  return Status::newGood();
341  } elseif ( $ret !== true ) {
342  // the hook implementation will return a string to pass an error message
343  return Status::newFatal( 'php-mail-error', $ret );
344  }
345 
346  if ( is_array( $wgSMTP ) ) {
347  // Check if pear/mail is already loaded (via composer)
348  if ( !class_exists( 'Mail' ) ) {
349  // PEAR MAILER
350  if ( !stream_resolve_include_path( 'Mail.php' ) ) {
351  throw new MWException( 'PEAR mail package is not installed' );
352  }
353  require_once 'Mail.php';
354  }
355 
356  MediaWiki\suppressWarnings();
357 
358  // Create the mail object using the Mail::factory method
359  $mail_object =& Mail::factory( 'smtp', $wgSMTP );
360  if ( PEAR::isError( $mail_object ) ) {
361  wfDebug( "PEAR::Mail factory failed: " . $mail_object->getMessage() . "\n" );
362  MediaWiki\restoreWarnings();
363  return Status::newFatal( 'pear-mail-error', $mail_object->getMessage() );
364  }
365 
366  wfDebug( "Sending mail via PEAR::Mail\n" );
367 
368  $headers['Subject'] = self::quotedPrintable( $subject );
369 
370  // When sending only to one recipient, shows it its email using To:
371  if ( count( $to ) == 1 ) {
372  $headers['To'] = $to[0]->toString();
373  }
374 
375  // Split jobs since SMTP servers tends to limit the maximum
376  // number of possible recipients.
377  $chunks = array_chunk( $to, $wgEnotifMaxRecips );
378  foreach ( $chunks as $chunk ) {
379  $status = self::sendWithPear( $mail_object, $chunk, $headers, $body );
380  // FIXME : some chunks might be sent while others are not!
381  if ( !$status->isOK() ) {
382  MediaWiki\restoreWarnings();
383  return $status;
384  }
385  }
386  MediaWiki\restoreWarnings();
387  return Status::newGood();
388  } else {
389  // PHP mail()
390  if ( count( $to ) > 1 ) {
391  $headers['To'] = 'undisclosed-recipients:;';
392  }
393  $headers = self::arrayToHeaderString( $headers, $endl );
394 
395  wfDebug( "Sending mail via internal mail() function\n" );
396 
397  self::$mErrorString = '';
398  $html_errors = ini_get( 'html_errors' );
399  ini_set( 'html_errors', '0' );
400  set_error_handler( 'UserMailer::errorHandler' );
401 
402  try {
403  foreach ( $to as $recip ) {
404  $sent = mail(
405  $recip,
406  self::quotedPrintable( $subject ),
407  $body,
408  $headers,
409  $extraParams
410  );
411  }
412  } catch ( Exception $e ) {
413  restore_error_handler();
414  throw $e;
415  }
416 
417  restore_error_handler();
418  ini_set( 'html_errors', $html_errors );
419 
420  if ( self::$mErrorString ) {
421  wfDebug( "Error sending mail: " . self::$mErrorString . "\n" );
422  return Status::newFatal( 'php-mail-error', self::$mErrorString );
423  } elseif ( !$sent ) {
424  // mail function only tells if there's an error
425  wfDebug( "Unknown error sending mail\n" );
426  return Status::newFatal( 'php-mail-error-unknown' );
427  } else {
428  return Status::newGood();
429  }
430  }
431  }
432 
439  static function errorHandler( $code, $string ) {
440  self::$mErrorString = preg_replace( '/^mail\(\)(\s*\[.*?\])?: /', '', $string );
441  }
442 
448  public static function sanitizeHeaderValue( $val ) {
449  return strtr( $val, [ "\r" => '', "\n" => '' ] );
450  }
451 
457  public static function rfc822Phrase( $phrase ) {
458  // Remove line breaks
459  $phrase = self::sanitizeHeaderValue( $phrase );
460  // Remove quotes
461  $phrase = str_replace( '"', '', $phrase );
462  return '"' . $phrase . '"';
463  }
464 
478  public static function quotedPrintable( $string, $charset = '' ) {
479  // Probably incomplete; see RFC 2045
480  if ( empty( $charset ) ) {
481  $charset = 'UTF-8';
482  }
483  $charset = strtoupper( $charset );
484  $charset = str_replace( 'ISO-8859', 'ISO8859', $charset ); // ?
485 
486  $illegal = '\x00-\x08\x0b\x0c\x0e-\x1f\x7f-\xff=';
487  $replace = $illegal . '\t ?_';
488  if ( !preg_match( "/[$illegal]/", $string ) ) {
489  return $string;
490  }
491  $out = "=?$charset?Q?";
492  $out .= preg_replace_callback( "/([$replace])/",
493  function ( $matches ) {
494  return sprintf( "=%02X", ord( $matches[1] ) );
495  },
496  $string
497  );
498  $out .= '?=';
499  return $out;
500  }
501 }
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output $out
Definition: hooks.txt:802
the array() calling protocol came about after MediaWiki 1.4rc1.
address of the mail
Collection of static functions for sending mail.
Definition: UserMailer.php:30
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses & $ret
Definition: hooks.txt:1936
static getTitleFor($name, $subpage=false, $fragment= '')
Get a localised Title object for a specified special page name If you don't need a full Title object...
Definition: SpecialPage.php:82
div flags Integer display flags(NO_ACTION_LINK, NO_EXTRA_USER_LINKS) 'LogException'returning false will NOT prevent logging $e
Definition: hooks.txt:2102
static newFatal($message)
Factory function for fatal errors.
Definition: StatusValue.php:63
$wgAdditionalMailParams
Additional email parameters, will be passed as the last argument to mail() call.
$value
if($ext== 'php'||$ext== 'php5') $mime
Definition: router.php:65
when a variable name is used in a it is silently declared as a new local masking the global
Definition: design.txt:93
wfIsWindows()
Check if the operating system is Windows.
static sendWithPear($mailer, $dest, $headers, $body)
Send mail using a PEAR mailer.
Definition: UserMailer.php:43
wfDebug($text, $dest= 'all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
static getLocalInstance($ts=false)
Get a timestamp instance in the server local timezone ($wgLocaltimezone)
static send($to, $from, $subject, $body, $options=[])
This function will perform a direct (authenticated) login to a SMTP Server to use for mail relaying i...
Definition: UserMailer.php:114
$wgSMTP
SMTP Mode.
static sanitizeHeaderValue($val)
Strips bad characters from a header value to prevent PHP mail header injection attacks.
Definition: UserMailer.php:448
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set and then return false from the hook function Ensure you consume the ChangeTagAfterDelete hook to carry out custom deletion actions as context called by AbstractContent::getParserOutput May be used to override the normal model specific rendering of page content as context as context $options
Definition: hooks.txt:1046
Stores a single person's name and email address.
Definition: MailAddress.php:32
toString()
Return formatted and quoted address to insert into SMTP headers.
Definition: MailAddress.php:67
static newGood($value=null)
Factory function for good results.
Definition: StatusValue.php:76
static run($event, array $args=[], $deprecatedVersion=null)
Call hook functions defined in Hooks::register and $wgHooks.
Definition: Hooks.php:131
wfWikiID()
Get an ASCII string identifying this wiki This is used as a prefix in memcached keys.
static makeMsgId()
Create a value suitable for the MessageId Header.
Definition: UserMailer.php:82
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such as
Definition: distributors.txt:9
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output modifiable & $code
Definition: hooks.txt:802
static arrayToHeaderString($headers, $endl=PHP_EOL)
Creates a single string from an associative array.
Definition: UserMailer.php:67
$from
static sendInternal(array $to, MailAddress $from, $subject, $body, $options=[])
Helper function fo UserMailer::send() which does the actual sending.
Definition: UserMailer.php:208
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
const PROTO_CANONICAL
Definition: Defines.php:227
$wgEnotifMaxRecips
Maximum number of users to mail at once when using impersonal mail.
$wgAllowHTMLEmail
For parts of the system that have been updated to provide HTML email content, send both text and HTML...
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set $status
Definition: hooks.txt:1046
$wgServer
URL of the server.
wfParseUrl($url)
parse_url() work-alike, but non-broken.
static quotedPrintable($string, $charset= '')
Converts a string into quoted-printable format.
Definition: UserMailer.php:478
static errorHandler($code, $string)
Set the mail error message in self::$mErrorString.
Definition: UserMailer.php:439
static rfc822Phrase($phrase)
Converts a string into a valid RFC 822 "phrase", such as is used for the sender name.
Definition: UserMailer.php:457
static $mErrorString
Definition: UserMailer.php:31
$matches
Allows to change the fields on the form that will be generated $name
Definition: hooks.txt:300