MediaWiki  1.28.3
UserMailer.php
Go to the documentation of this file.
1 <?php
30 class UserMailer {
31  private static $mErrorString;
32 
43  protected static function sendWithPear( $mailer, $dest, $headers, $body ) {
44  $mailResult = $mailer->send( $dest, $headers, $body );
45 
46  // Based on the result return an error string,
47  if ( PEAR::isError( $mailResult ) ) {
48  wfDebug( "PEAR::Mail failed: " . $mailResult->getMessage() . "\n" );
49  return Status::newFatal( 'pear-mail-error', $mailResult->getMessage() );
50  } else {
51  return Status::newGood();
52  }
53  }
54 
67  static function arrayToHeaderString( $headers, $endl = PHP_EOL ) {
68  $strings = [];
69  foreach ( $headers as $name => $value ) {
70  // Prevent header injection by stripping newlines from value
71  $value = self::sanitizeHeaderValue( $value );
72  $strings[] = "$name: $value";
73  }
74  return implode( $endl, $strings );
75  }
76 
82  static function makeMsgId() {
84 
85  $msgid = uniqid( wfWikiID() . ".", true ); /* true required for cygwin */
86  if ( is_array( $wgSMTP ) && isset( $wgSMTP['IDHost'] ) && $wgSMTP['IDHost'] ) {
87  $domain = $wgSMTP['IDHost'];
88  } else {
89  $url = wfParseUrl( $wgServer );
90  $domain = $url['host'];
91  }
92  return "<$msgid@$domain>";
93  }
94 
114  public static function send( $to, $from, $subject, $body, $options = [] ) {
116 
117  if ( !isset( $options['contentType'] ) ) {
118  $options['contentType'] = 'text/plain; charset=UTF-8';
119  }
120 
121  if ( !is_array( $to ) ) {
122  $to = [ $to ];
123  }
124 
125  // mail body must have some content
126  $minBodyLen = 10;
127  // arbitrary but longer than Array or Object to detect casting error
128 
129  // body must either be a string or an array with text and body
130  if (
131  !(
132  !is_array( $body ) &&
133  strlen( $body ) >= $minBodyLen
134  )
135  &&
136  !(
137  is_array( $body ) &&
138  isset( $body['text'] ) &&
139  isset( $body['html'] ) &&
140  strlen( $body['text'] ) >= $minBodyLen &&
141  strlen( $body['html'] ) >= $minBodyLen
142  )
143  ) {
144  // if it is neither we have a problem
145  return Status::newFatal( 'user-mail-no-body' );
146  }
147 
148  if ( !$wgAllowHTMLEmail && is_array( $body ) ) {
149  // HTML not wanted. Dump it.
150  $body = $body['text'];
151  }
152 
153  wfDebug( __METHOD__ . ': sending mail to ' . implode( ', ', $to ) . "\n" );
154 
155  // Make sure we have at least one address
156  $has_address = false;
157  foreach ( $to as $u ) {
158  if ( $u->address ) {
159  $has_address = true;
160  break;
161  }
162  }
163  if ( !$has_address ) {
164  return Status::newFatal( 'user-mail-no-addy' );
165  }
166 
167  // give a chance to UserMailerTransformContents subscribers who need to deal with each
168  // target differently to split up the address list
169  if ( count( $to ) > 1 ) {
170  $oldTo = $to;
171  Hooks::run( 'UserMailerSplitTo', [ &$to ] );
172  if ( $oldTo != $to ) {
173  $splitTo = array_diff( $oldTo, $to );
174  $to = array_diff( $oldTo, $splitTo ); // ignore new addresses added in the hook
175  // first send to non-split address list, then to split addresses one by one
177  if ( $to ) {
179  $to, $from, $subject, $body, $options ) );
180  }
181  foreach ( $splitTo as $newTo ) {
183  [ $newTo ], $from, $subject, $body, $options ) );
184  }
185  return $status;
186  }
187  }
188 
189  return UserMailer::sendInternal( $to, $from, $subject, $body, $options );
190  }
191 
208  protected static function sendInternal(
209  array $to,
211  $subject,
212  $body,
213  $options = []
214  ) {
216  $mime = null;
217 
218  $replyto = isset( $options['replyTo'] ) ? $options['replyTo'] : null;
219  $contentType = isset( $options['contentType'] ) ?
220  $options['contentType'] : 'text/plain; charset=UTF-8';
221  $headers = isset( $options['headers'] ) ? $options['headers'] : [];
222 
223  // Allow transformation of content, such as encrypting/signing
224  $error = false;
225  if ( !Hooks::run( 'UserMailerTransformContent', [ $to, $from, &$body, &$error ] ) ) {
226  if ( $error ) {
227  return Status::newFatal( 'php-mail-error', $error );
228  } else {
229  return Status::newFatal( 'php-mail-error-unknown' );
230  }
231  }
232 
262  $headers['From'] = $from->toString();
263  $returnPath = $from->address;
264  $extraParams = $wgAdditionalMailParams;
265 
266  // Hook to generate custom VERP address for 'Return-Path'
267  Hooks::run( 'UserMailerChangeReturnPath', [ $to, &$returnPath ] );
268  // Add the envelope sender address using the -f command line option when PHP mail() is used.
269  // Will default to the $from->address when the UserMailerChangeReturnPath hook fails and the
270  // generated VERP address when the hook runs effectively.
271 
272  // PHP runs this through escapeshellcmd(). However that's not sufficient
273  // escaping (e.g. due to spaces). MediaWiki's email sanitizer should generally
274  // be good enough, but just in case, put in double quotes, and remove any
275  // double quotes present (" is not allowed in emails, so should have no
276  // effect, although this might cause apostrophees to be double escaped)
277  $returnPathCLI = '"' . str_replace( '"', '', $returnPath ) . '"';
278  $extraParams .= ' -f ' . $returnPathCLI;
279 
280  $headers['Return-Path'] = $returnPath;
281 
282  if ( $replyto ) {
283  $headers['Reply-To'] = $replyto->toString();
284  }
285 
286  $headers['Date'] = MWTimestamp::getLocalInstance()->format( 'r' );
287  $headers['Message-ID'] = self::makeMsgId();
288  $headers['X-Mailer'] = 'MediaWiki mailer';
289  $headers['List-Unsubscribe'] = '<' . SpecialPage::getTitleFor( 'Preferences' )
290  ->getFullURL( '', false, PROTO_CANONICAL ) . '>';
291 
292  // Line endings need to be different on Unix and Windows due to
293  // the bug described at http://trac.wordpress.org/ticket/2603
294  $endl = PHP_EOL;
295 
296  if ( is_array( $body ) ) {
297  // we are sending a multipart message
298  wfDebug( "Assembling multipart mime email\n" );
299  if ( !stream_resolve_include_path( 'Mail/mime.php' ) ) {
300  wfDebug( "PEAR Mail_Mime package is not installed. Falling back to text email.\n" );
301  // remove the html body for text email fall back
302  $body = $body['text'];
303  } else {
304  // Check if pear/mail_mime is already loaded (via composer)
305  if ( !class_exists( 'Mail_mime' ) ) {
306  require_once 'Mail/mime.php';
307  }
308  if ( wfIsWindows() ) {
309  $body['text'] = str_replace( "\n", "\r\n", $body['text'] );
310  $body['html'] = str_replace( "\n", "\r\n", $body['html'] );
311  }
312  $mime = new Mail_mime( [
313  'eol' => $endl,
314  'text_charset' => 'UTF-8',
315  'html_charset' => 'UTF-8'
316  ] );
317  $mime->setTXTBody( $body['text'] );
318  $mime->setHTMLBody( $body['html'] );
319  $body = $mime->get(); // must call get() before headers()
320  $headers = $mime->headers( $headers );
321  }
322  }
323  if ( $mime === null ) {
324  // sending text only, either deliberately or as a fallback
325  if ( wfIsWindows() ) {
326  $body = str_replace( "\n", "\r\n", $body );
327  }
328  $headers['MIME-Version'] = '1.0';
329  $headers['Content-type'] = $contentType;
330  $headers['Content-transfer-encoding'] = '8bit';
331  }
332 
333  // allow transformation of MIME-encoded message
334  if ( !Hooks::run( 'UserMailerTransformMessage',
335  [ $to, $from, &$subject, &$headers, &$body, &$error ] )
336  ) {
337  if ( $error ) {
338  return Status::newFatal( 'php-mail-error', $error );
339  } else {
340  return Status::newFatal( 'php-mail-error-unknown' );
341  }
342  }
343 
344  $ret = Hooks::run( 'AlternateUserMailer', [ $headers, $to, $from, $subject, $body ] );
345  if ( $ret === false ) {
346  // the hook implementation will return false to skip regular mail sending
347  return Status::newGood();
348  } elseif ( $ret !== true ) {
349  // the hook implementation will return a string to pass an error message
350  return Status::newFatal( 'php-mail-error', $ret );
351  }
352 
353  if ( is_array( $wgSMTP ) ) {
354  // Check if pear/mail is already loaded (via composer)
355  if ( !class_exists( 'Mail' ) ) {
356  // PEAR MAILER
357  if ( !stream_resolve_include_path( 'Mail.php' ) ) {
358  throw new MWException( 'PEAR mail package is not installed' );
359  }
360  require_once 'Mail.php';
361  }
362 
363  MediaWiki\suppressWarnings();
364 
365  // Create the mail object using the Mail::factory method
366  $mail_object =& Mail::factory( 'smtp', $wgSMTP );
367  if ( PEAR::isError( $mail_object ) ) {
368  wfDebug( "PEAR::Mail factory failed: " . $mail_object->getMessage() . "\n" );
369  MediaWiki\restoreWarnings();
370  return Status::newFatal( 'pear-mail-error', $mail_object->getMessage() );
371  }
372 
373  wfDebug( "Sending mail via PEAR::Mail\n" );
374 
375  $headers['Subject'] = self::quotedPrintable( $subject );
376 
377  // When sending only to one recipient, shows it its email using To:
378  if ( count( $to ) == 1 ) {
379  $headers['To'] = $to[0]->toString();
380  }
381 
382  // Split jobs since SMTP servers tends to limit the maximum
383  // number of possible recipients.
384  $chunks = array_chunk( $to, $wgEnotifMaxRecips );
385  foreach ( $chunks as $chunk ) {
386  $status = self::sendWithPear( $mail_object, $chunk, $headers, $body );
387  // FIXME : some chunks might be sent while others are not!
388  if ( !$status->isOK() ) {
389  MediaWiki\restoreWarnings();
390  return $status;
391  }
392  }
393  MediaWiki\restoreWarnings();
394  return Status::newGood();
395  } else {
396  // PHP mail()
397  if ( count( $to ) > 1 ) {
398  $headers['To'] = 'undisclosed-recipients:;';
399  }
400  $headers = self::arrayToHeaderString( $headers, $endl );
401 
402  wfDebug( "Sending mail via internal mail() function\n" );
403 
404  self::$mErrorString = '';
405  $html_errors = ini_get( 'html_errors' );
406  ini_set( 'html_errors', '0' );
407  set_error_handler( 'UserMailer::errorHandler' );
408 
409  try {
410  foreach ( $to as $recip ) {
411  $sent = mail(
412  $recip,
413  self::quotedPrintable( $subject ),
414  $body,
415  $headers,
416  $extraParams
417  );
418  }
419  } catch ( Exception $e ) {
420  restore_error_handler();
421  throw $e;
422  }
423 
424  restore_error_handler();
425  ini_set( 'html_errors', $html_errors );
426 
427  if ( self::$mErrorString ) {
428  wfDebug( "Error sending mail: " . self::$mErrorString . "\n" );
429  return Status::newFatal( 'php-mail-error', self::$mErrorString );
430  } elseif ( !$sent ) {
431  // mail function only tells if there's an error
432  wfDebug( "Unknown error sending mail\n" );
433  return Status::newFatal( 'php-mail-error-unknown' );
434  } else {
435  return Status::newGood();
436  }
437  }
438  }
439 
446  static function errorHandler( $code, $string ) {
447  self::$mErrorString = preg_replace( '/^mail\(\)(\s*\[.*?\])?: /', '', $string );
448  }
449 
455  public static function sanitizeHeaderValue( $val ) {
456  return strtr( $val, [ "\r" => '', "\n" => '' ] );
457  }
458 
464  public static function rfc822Phrase( $phrase ) {
465  // Remove line breaks
466  $phrase = self::sanitizeHeaderValue( $phrase );
467  // Remove quotes
468  $phrase = str_replace( '"', '', $phrase );
469  return '"' . $phrase . '"';
470  }
471 
485  public static function quotedPrintable( $string, $charset = '' ) {
486  // Probably incomplete; see RFC 2045
487  if ( empty( $charset ) ) {
488  $charset = 'UTF-8';
489  }
490  $charset = strtoupper( $charset );
491  $charset = str_replace( 'ISO-8859', 'ISO8859', $charset ); // ?
492 
493  $illegal = '\x00-\x08\x0b\x0c\x0e-\x1f\x7f-\xff=';
494  $replace = $illegal . '\t ?_';
495  if ( !preg_match( "/[$illegal]/", $string ) ) {
496  return $string;
497  }
498  $out = "=?$charset?Q?";
499  $out .= preg_replace_callback( "/([$replace])/",
500  function ( $matches ) {
501  return sprintf( "=%02X", ord( $matches[1] ) );
502  },
503  $string
504  );
505  $out .= '?=';
506  return $out;
507  }
508 }
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output $out
Definition: hooks.txt:806
the array() calling protocol came about after MediaWiki 1.4rc1.
address of the mail
Collection of static functions for sending mail.
Definition: UserMailer.php:30
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses & $ret
Definition: hooks.txt:1940
static getTitleFor($name, $subpage=false, $fragment= '')
Get a localised Title object for a specified special page name If you don't need a full Title object...
Definition: SpecialPage.php:82
div flags Integer display flags(NO_ACTION_LINK, NO_EXTRA_USER_LINKS) 'LogException'returning false will NOT prevent logging $e
Definition: hooks.txt:2106
static newFatal($message)
Factory function for fatal errors.
Definition: StatusValue.php:63
$wgAdditionalMailParams
Additional email parameters, will be passed as the last argument to mail() call.
$value
if($ext== 'php'||$ext== 'php5') $mime
Definition: router.php:65
when a variable name is used in a it is silently declared as a new local masking the global
Definition: design.txt:93
wfIsWindows()
Check if the operating system is Windows.
static sendWithPear($mailer, $dest, $headers, $body)
Send mail using a PEAR mailer.
Definition: UserMailer.php:43
wfDebug($text, $dest= 'all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
static getLocalInstance($ts=false)
Get a timestamp instance in the server local timezone ($wgLocaltimezone)
static send($to, $from, $subject, $body, $options=[])
This function will perform a direct (authenticated) login to a SMTP Server to use for mail relaying i...
Definition: UserMailer.php:114
$wgSMTP
SMTP Mode.
static sanitizeHeaderValue($val)
Strips bad characters from a header value to prevent PHP mail header injection attacks.
Definition: UserMailer.php:455
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set and then return false from the hook function Ensure you consume the ChangeTagAfterDelete hook to carry out custom deletion actions as context called by AbstractContent::getParserOutput May be used to override the normal model specific rendering of page content as context as context $options
Definition: hooks.txt:1050
Stores a single person's name and email address.
Definition: MailAddress.php:32
toString()
Return formatted and quoted address to insert into SMTP headers.
Definition: MailAddress.php:67
static newGood($value=null)
Factory function for good results.
Definition: StatusValue.php:76
static run($event, array $args=[], $deprecatedVersion=null)
Call hook functions defined in Hooks::register and $wgHooks.
Definition: Hooks.php:131
wfWikiID()
Get an ASCII string identifying this wiki This is used as a prefix in memcached keys.
static makeMsgId()
Create a value suitable for the MessageId Header.
Definition: UserMailer.php:82
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such as
Definition: distributors.txt:9
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output modifiable & $code
Definition: hooks.txt:806
static arrayToHeaderString($headers, $endl=PHP_EOL)
Creates a single string from an associative array.
Definition: UserMailer.php:67
$from
static sendInternal(array $to, MailAddress $from, $subject, $body, $options=[])
Helper function fo UserMailer::send() which does the actual sending.
Definition: UserMailer.php:208
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
const PROTO_CANONICAL
Definition: Defines.php:227
$wgEnotifMaxRecips
Maximum number of users to mail at once when using impersonal mail.
$wgAllowHTMLEmail
For parts of the system that have been updated to provide HTML email content, send both text and HTML...
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set $status
Definition: hooks.txt:1050
$wgServer
URL of the server.
wfParseUrl($url)
parse_url() work-alike, but non-broken.
static quotedPrintable($string, $charset= '')
Converts a string into quoted-printable format.
Definition: UserMailer.php:485
static errorHandler($code, $string)
Set the mail error message in self::$mErrorString.
Definition: UserMailer.php:446
static rfc822Phrase($phrase)
Converts a string into a valid RFC 822 "phrase", such as is used for the sender name.
Definition: UserMailer.php:464
static $mErrorString
Definition: UserMailer.php:31
$matches
Allows to change the fields on the form that will be generated $name
Definition: hooks.txt:304