MediaWiki REL1_28
UserMailer.php
Go to the documentation of this file.
1<?php
30class UserMailer {
31 private static $mErrorString;
32
43 protected static function sendWithPear( $mailer, $dest, $headers, $body ) {
44 $mailResult = $mailer->send( $dest, $headers, $body );
45
46 // Based on the result return an error string,
47 if ( PEAR::isError( $mailResult ) ) {
48 wfDebug( "PEAR::Mail failed: " . $mailResult->getMessage() . "\n" );
49 return Status::newFatal( 'pear-mail-error', $mailResult->getMessage() );
50 } else {
51 return Status::newGood();
52 }
53 }
54
67 static function arrayToHeaderString( $headers, $endl = PHP_EOL ) {
68 $strings = [];
69 foreach ( $headers as $name => $value ) {
70 // Prevent header injection by stripping newlines from value
71 $value = self::sanitizeHeaderValue( $value );
72 $strings[] = "$name: $value";
73 }
74 return implode( $endl, $strings );
75 }
76
82 static function makeMsgId() {
83 global $wgSMTP, $wgServer;
84
85 $msgid = uniqid( wfWikiID() . ".", true ); /* true required for cygwin */
86 if ( is_array( $wgSMTP ) && isset( $wgSMTP['IDHost'] ) && $wgSMTP['IDHost'] ) {
87 $domain = $wgSMTP['IDHost'];
88 } else {
89 $url = wfParseUrl( $wgServer );
90 $domain = $url['host'];
91 }
92 return "<$msgid@$domain>";
93 }
94
114 public static function send( $to, $from, $subject, $body, $options = [] ) {
115 global $wgAllowHTMLEmail;
116
117 if ( !isset( $options['contentType'] ) ) {
118 $options['contentType'] = 'text/plain; charset=UTF-8';
119 }
120
121 if ( !is_array( $to ) ) {
122 $to = [ $to ];
123 }
124
125 // mail body must have some content
126 $minBodyLen = 10;
127 // arbitrary but longer than Array or Object to detect casting error
128
129 // body must either be a string or an array with text and body
130 if (
131 !(
132 !is_array( $body ) &&
133 strlen( $body ) >= $minBodyLen
134 )
135 &&
136 !(
137 is_array( $body ) &&
138 isset( $body['text'] ) &&
139 isset( $body['html'] ) &&
140 strlen( $body['text'] ) >= $minBodyLen &&
141 strlen( $body['html'] ) >= $minBodyLen
142 )
143 ) {
144 // if it is neither we have a problem
145 return Status::newFatal( 'user-mail-no-body' );
146 }
147
148 if ( !$wgAllowHTMLEmail && is_array( $body ) ) {
149 // HTML not wanted. Dump it.
150 $body = $body['text'];
151 }
152
153 wfDebug( __METHOD__ . ': sending mail to ' . implode( ', ', $to ) . "\n" );
154
155 // Make sure we have at least one address
156 $has_address = false;
157 foreach ( $to as $u ) {
158 if ( $u->address ) {
159 $has_address = true;
160 break;
161 }
162 }
163 if ( !$has_address ) {
164 return Status::newFatal( 'user-mail-no-addy' );
165 }
166
167 // give a chance to UserMailerTransformContents subscribers who need to deal with each
168 // target differently to split up the address list
169 if ( count( $to ) > 1 ) {
170 $oldTo = $to;
171 Hooks::run( 'UserMailerSplitTo', [ &$to ] );
172 if ( $oldTo != $to ) {
173 $splitTo = array_diff( $oldTo, $to );
174 $to = array_diff( $oldTo, $splitTo ); // ignore new addresses added in the hook
175 // first send to non-split address list, then to split addresses one by one
176 $status = Status::newGood();
177 if ( $to ) {
178 $status->merge( UserMailer::sendInternal(
179 $to, $from, $subject, $body, $options ) );
180 }
181 foreach ( $splitTo as $newTo ) {
182 $status->merge( UserMailer::sendInternal(
183 [ $newTo ], $from, $subject, $body, $options ) );
184 }
185 return $status;
186 }
187 }
188
189 return UserMailer::sendInternal( $to, $from, $subject, $body, $options );
190 }
191
208 protected static function sendInternal(
209 array $to,
210 MailAddress $from,
211 $subject,
212 $body,
213 $options = []
214 ) {
215 global $wgSMTP, $wgEnotifMaxRecips, $wgAdditionalMailParams;
216 $mime = null;
217
218 $replyto = isset( $options['replyTo'] ) ? $options['replyTo'] : null;
219 $contentType = isset( $options['contentType'] ) ?
220 $options['contentType'] : 'text/plain; charset=UTF-8';
221 $headers = isset( $options['headers'] ) ? $options['headers'] : [];
222
223 // Allow transformation of content, such as encrypting/signing
224 $error = false;
225 if ( !Hooks::run( 'UserMailerTransformContent', [ $to, $from, &$body, &$error ] ) ) {
226 if ( $error ) {
227 return Status::newFatal( 'php-mail-error', $error );
228 } else {
229 return Status::newFatal( 'php-mail-error-unknown' );
230 }
231 }
232
262 $headers['From'] = $from->toString();
263 $returnPath = $from->address;
264 $extraParams = $wgAdditionalMailParams;
265
266 // Hook to generate custom VERP address for 'Return-Path'
267 Hooks::run( 'UserMailerChangeReturnPath', [ $to, &$returnPath ] );
268 // Add the envelope sender address using the -f command line option when PHP mail() is used.
269 // Will default to the $from->address when the UserMailerChangeReturnPath hook fails and the
270 // generated VERP address when the hook runs effectively.
271
272 // PHP runs this through escapeshellcmd(). However that's not sufficient
273 // escaping (e.g. due to spaces). MediaWiki's email sanitizer should generally
274 // be good enough, but just in case, put in double quotes, and remove any
275 // double quotes present (" is not allowed in emails, so should have no
276 // effect, although this might cause apostrophees to be double escaped)
277 $returnPathCLI = '"' . str_replace( '"', '', $returnPath ) . '"';
278 $extraParams .= ' -f ' . $returnPathCLI;
279
280 $headers['Return-Path'] = $returnPath;
281
282 if ( $replyto ) {
283 $headers['Reply-To'] = $replyto->toString();
284 }
285
286 $headers['Date'] = MWTimestamp::getLocalInstance()->format( 'r' );
287 $headers['Message-ID'] = self::makeMsgId();
288 $headers['X-Mailer'] = 'MediaWiki mailer';
289 $headers['List-Unsubscribe'] = '<' . SpecialPage::getTitleFor( 'Preferences' )
290 ->getFullURL( '', false, PROTO_CANONICAL ) . '>';
291
292 // Line endings need to be different on Unix and Windows due to
293 // the bug described at http://trac.wordpress.org/ticket/2603
294 $endl = PHP_EOL;
295
296 if ( is_array( $body ) ) {
297 // we are sending a multipart message
298 wfDebug( "Assembling multipart mime email\n" );
299 if ( !stream_resolve_include_path( 'Mail/mime.php' ) ) {
300 wfDebug( "PEAR Mail_Mime package is not installed. Falling back to text email.\n" );
301 // remove the html body for text email fall back
302 $body = $body['text'];
303 } else {
304 // Check if pear/mail_mime is already loaded (via composer)
305 if ( !class_exists( 'Mail_mime' ) ) {
306 require_once 'Mail/mime.php';
307 }
308 if ( wfIsWindows() ) {
309 $body['text'] = str_replace( "\n", "\r\n", $body['text'] );
310 $body['html'] = str_replace( "\n", "\r\n", $body['html'] );
311 }
312 $mime = new Mail_mime( [
313 'eol' => $endl,
314 'text_charset' => 'UTF-8',
315 'html_charset' => 'UTF-8'
316 ] );
317 $mime->setTXTBody( $body['text'] );
318 $mime->setHTMLBody( $body['html'] );
319 $body = $mime->get(); // must call get() before headers()
320 $headers = $mime->headers( $headers );
321 }
322 }
323 if ( $mime === null ) {
324 // sending text only, either deliberately or as a fallback
325 if ( wfIsWindows() ) {
326 $body = str_replace( "\n", "\r\n", $body );
327 }
328 $headers['MIME-Version'] = '1.0';
329 $headers['Content-type'] = $contentType;
330 $headers['Content-transfer-encoding'] = '8bit';
331 }
332
333 // allow transformation of MIME-encoded message
334 if ( !Hooks::run( 'UserMailerTransformMessage',
335 [ $to, $from, &$subject, &$headers, &$body, &$error ] )
336 ) {
337 if ( $error ) {
338 return Status::newFatal( 'php-mail-error', $error );
339 } else {
340 return Status::newFatal( 'php-mail-error-unknown' );
341 }
342 }
343
344 $ret = Hooks::run( 'AlternateUserMailer', [ $headers, $to, $from, $subject, $body ] );
345 if ( $ret === false ) {
346 // the hook implementation will return false to skip regular mail sending
347 return Status::newGood();
348 } elseif ( $ret !== true ) {
349 // the hook implementation will return a string to pass an error message
350 return Status::newFatal( 'php-mail-error', $ret );
351 }
352
353 if ( is_array( $wgSMTP ) ) {
354 // Check if pear/mail is already loaded (via composer)
355 if ( !class_exists( 'Mail' ) ) {
356 // PEAR MAILER
357 if ( !stream_resolve_include_path( 'Mail.php' ) ) {
358 throw new MWException( 'PEAR mail package is not installed' );
359 }
360 require_once 'Mail.php';
361 }
362
363 MediaWiki\suppressWarnings();
364
365 // Create the mail object using the Mail::factory method
366 $mail_object =& Mail::factory( 'smtp', $wgSMTP );
367 if ( PEAR::isError( $mail_object ) ) {
368 wfDebug( "PEAR::Mail factory failed: " . $mail_object->getMessage() . "\n" );
369 MediaWiki\restoreWarnings();
370 return Status::newFatal( 'pear-mail-error', $mail_object->getMessage() );
371 }
372
373 wfDebug( "Sending mail via PEAR::Mail\n" );
374
375 $headers['Subject'] = self::quotedPrintable( $subject );
376
377 // When sending only to one recipient, shows it its email using To:
378 if ( count( $to ) == 1 ) {
379 $headers['To'] = $to[0]->toString();
380 }
381
382 // Split jobs since SMTP servers tends to limit the maximum
383 // number of possible recipients.
384 $chunks = array_chunk( $to, $wgEnotifMaxRecips );
385 foreach ( $chunks as $chunk ) {
386 $status = self::sendWithPear( $mail_object, $chunk, $headers, $body );
387 // FIXME : some chunks might be sent while others are not!
388 if ( !$status->isOK() ) {
389 MediaWiki\restoreWarnings();
390 return $status;
391 }
392 }
393 MediaWiki\restoreWarnings();
394 return Status::newGood();
395 } else {
396 // PHP mail()
397 if ( count( $to ) > 1 ) {
398 $headers['To'] = 'undisclosed-recipients:;';
399 }
400 $headers = self::arrayToHeaderString( $headers, $endl );
401
402 wfDebug( "Sending mail via internal mail() function\n" );
403
404 self::$mErrorString = '';
405 $html_errors = ini_get( 'html_errors' );
406 ini_set( 'html_errors', '0' );
407 set_error_handler( 'UserMailer::errorHandler' );
408
409 try {
410 foreach ( $to as $recip ) {
411 $sent = mail(
412 $recip,
413 self::quotedPrintable( $subject ),
414 $body,
415 $headers,
416 $extraParams
417 );
418 }
419 } catch ( Exception $e ) {
420 restore_error_handler();
421 throw $e;
422 }
423
424 restore_error_handler();
425 ini_set( 'html_errors', $html_errors );
426
427 if ( self::$mErrorString ) {
428 wfDebug( "Error sending mail: " . self::$mErrorString . "\n" );
429 return Status::newFatal( 'php-mail-error', self::$mErrorString );
430 } elseif ( !$sent ) {
431 // mail function only tells if there's an error
432 wfDebug( "Unknown error sending mail\n" );
433 return Status::newFatal( 'php-mail-error-unknown' );
434 } else {
435 return Status::newGood();
436 }
437 }
438 }
439
446 static function errorHandler( $code, $string ) {
447 self::$mErrorString = preg_replace( '/^mail\‍(\‍)(\s*\[.*?\])?: /', '', $string );
448 }
449
455 public static function sanitizeHeaderValue( $val ) {
456 return strtr( $val, [ "\r" => '', "\n" => '' ] );
457 }
458
464 public static function rfc822Phrase( $phrase ) {
465 // Remove line breaks
466 $phrase = self::sanitizeHeaderValue( $phrase );
467 // Remove quotes
468 $phrase = str_replace( '"', '', $phrase );
469 return '"' . $phrase . '"';
470 }
471
485 public static function quotedPrintable( $string, $charset = '' ) {
486 // Probably incomplete; see RFC 2045
487 if ( empty( $charset ) ) {
488 $charset = 'UTF-8';
489 }
490 $charset = strtoupper( $charset );
491 $charset = str_replace( 'ISO-8859', 'ISO8859', $charset ); // ?
492
493 $illegal = '\x00-\x08\x0b\x0c\x0e-\x1f\x7f-\xff=';
494 $replace = $illegal . '\t ?_';
495 if ( !preg_match( "/[$illegal]/", $string ) ) {
496 return $string;
497 }
498 $out = "=?$charset?Q?";
499 $out .= preg_replace_callback( "/([$replace])/",
500 function ( $matches ) {
501 return sprintf( "=%02X", ord( $matches[1] ) );
502 },
503 $string
504 );
505 $out .= '?=';
506 return $out;
507 }
508}
mail
address of the mail
Definition All_system_messages.txt:1386
$wgEnotifMaxRecips
$wgEnotifMaxRecips
Maximum number of users to mail at once when using impersonal mail.
Definition DefaultSettings.php:1722
$wgAdditionalMailParams
$wgAdditionalMailParams
Additional email parameters, will be passed as the last argument to mail() call.
Definition DefaultSettings.php:1647
$wgAllowHTMLEmail
$wgAllowHTMLEmail
For parts of the system that have been updated to provide HTML email content, send both text and HTML...
Definition DefaultSettings.php:1653
$wgSMTP
$wgSMTP
SMTP Mode.
Definition DefaultSettings.php:1642
$wgServer
$wgServer
URL of the server.
Definition DefaultSettings.php:109
wfDebug
wfDebug( $text, $dest='all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
Definition GlobalFunctions.php:998
wfParseUrl
wfParseUrl( $url)
parse_url() work-alike, but non-broken.
Definition GlobalFunctions.php:817
wfIsWindows
wfIsWindows()
Check if the operating system is Windows.
Definition GlobalFunctions.php:2047
wfWikiID
wfWikiID()
Get an ASCII string identifying this wiki This is used as a prefix in memcached keys.
Definition GlobalFunctions.php:3025
MWException
MediaWiki exception.
Definition MWException.php:26
MWTimestamp\getLocalInstance
static getLocalInstance( $ts=false)
Get a timestamp instance in the server local timezone ($wgLocaltimezone)
Definition MWTimestamp.php:203
MailAddress
Stores a single person's name and email address.
Definition MailAddress.php:32
SpecialPage\getTitleFor
static getTitleFor( $name, $subpage=false, $fragment='')
Get a localised Title object for a specified special page name If you don't need a full Title object,...
Definition SpecialPage.php:82
UserMailer
Collection of static functions for sending mail.
Definition UserMailer.php:30
UserMailer\errorHandler
static errorHandler( $code, $string)
Set the mail error message in self::$mErrorString.
Definition UserMailer.php:446
UserMailer\rfc822Phrase
static rfc822Phrase( $phrase)
Converts a string into a valid RFC 822 "phrase", such as is used for the sender name.
Definition UserMailer.php:464
UserMailer\sanitizeHeaderValue
static sanitizeHeaderValue( $val)
Strips bad characters from a header value to prevent PHP mail header injection attacks.
Definition UserMailer.php:455
UserMailer\send
static send( $to, $from, $subject, $body, $options=[])
This function will perform a direct (authenticated) login to a SMTP Server to use for mail relaying i...
Definition UserMailer.php:114
UserMailer\$mErrorString
static $mErrorString
Definition UserMailer.php:31
UserMailer\sendWithPear
static sendWithPear( $mailer, $dest, $headers, $body)
Send mail using a PEAR mailer.
Definition UserMailer.php:43
UserMailer\quotedPrintable
static quotedPrintable( $string, $charset='')
Converts a string into quoted-printable format.
Definition UserMailer.php:485
UserMailer\arrayToHeaderString
static arrayToHeaderString( $headers, $endl=PHP_EOL)
Creates a single string from an associative array.
Definition UserMailer.php:67
UserMailer\sendInternal
static sendInternal(array $to, MailAddress $from, $subject, $body, $options=[])
Helper function fo UserMailer::send() which does the actual sending.
Definition UserMailer.php:208
UserMailer\makeMsgId
static makeMsgId()
Create a value suitable for the MessageId Header.
Definition UserMailer.php:82
global
when a variable name is used in a it is silently declared as a new local masking the global
Definition design.txt:95
as
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such as
Definition distributors.txt:22
PROTO_CANONICAL
const PROTO_CANONICAL
Definition Defines.php:227
$status
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set $status
Definition hooks.txt:1049
array
the array() calling protocol came about after MediaWiki 1.4rc1.
$options
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set and then return false from the hook function Ensure you consume the ChangeTagAfterDelete hook to carry out custom deletion actions as context called by AbstractContent::getParserOutput May be used to override the normal model specific rendering of page content as context as context $options
Definition hooks.txt:1096
$ret
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses & $ret
Definition hooks.txt:1949
$out
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output $out
Definition hooks.txt:886
$name
Allows to change the fields on the form that will be generated $name
Definition hooks.txt:304
$e
returning false will NOT prevent logging $e
Definition hooks.txt:2110
$code
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output modifiable & $code
Definition hooks.txt:887
$from
$from
Definition importImages.php:98
php
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition injection.txt:37
$mime
if( $ext=='php'|| $ext=='php5') $mime
Definition router.php:65