diff options
Diffstat (limited to 'system/libraries/Email.php')
| -rw-r--r-- | system/libraries/Email.php | 57 |
1 files changed, 42 insertions, 15 deletions
diff --git a/system/libraries/Email.php b/system/libraries/Email.php index 6d192a6e2..b01e44a63 100644 --- a/system/libraries/Email.php +++ b/system/libraries/Email.php @@ -6,7 +6,7 @@ * * This content is released under the MIT License (MIT) * - * Copyright (c) 2014 - 2017, British Columbia Institute of Technology + * Copyright (c) 2014 - 2019, British Columbia Institute of Technology * * Permission is hereby granted, free of charge, to any person obtaining a copy * of this software and associated documentation files (the "Software"), to deal @@ -29,8 +29,8 @@ * @package CodeIgniter * @author EllisLab Dev Team * @copyright Copyright (c) 2008 - 2014, EllisLab, Inc. (https://ellislab.com/) - * @copyright Copyright (c) 2014 - 2017, British Columbia Institute of Technology (http://bcit.ca/) - * @license http://opensource.org/licenses/MIT MIT License + * @copyright Copyright (c) 2014 - 2019, British Columbia Institute of Technology (https://bcit.ca/) + * @license https://opensource.org/licenses/MIT MIT License * @link https://codeigniter.com * @since Version 1.0.0 * @filesource @@ -46,7 +46,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); * @subpackage Libraries * @category Libraries * @author EllisLab Dev Team - * @link https://codeigniter.com/user_guide/libraries/email.html + * @link https://codeigniter.com/userguide3/libraries/email.html */ class CI_Email { @@ -174,7 +174,7 @@ class CI_Email { * Newline character sequence. * Use "\r\n" to comply with RFC 822. * - * @link http://www.ietf.org/rfc/rfc822.txt + * @link https://www.ietf.org/rfc/rfc822.txt * @var string "\r\n" or "\n" */ public $newline = "\n"; // Default newline. "\r\n" or "\n" (Use "\r\n" to comply with RFC 822) @@ -188,7 +188,7 @@ class CI_Email { * switching to "\n", while improper, is the only solution * that seems to work for all environments. * - * @link http://www.ietf.org/rfc/rfc822.txt + * @link https://www.ietf.org/rfc/rfc822.txt * @var string */ public $crlf = "\n"; @@ -389,7 +389,7 @@ class CI_Email { $this->charset = config_item('charset'); $this->initialize($config); - isset(self::$func_overload) OR self::$func_overload = (extension_loaded('mbstring') && ini_get('mbstring.func_overload')); + isset(self::$func_overload) OR self::$func_overload = ( ! is_php('8.0') && extension_loaded('mbstring') && @ini_get('mbstring.func_overload')); log_message('info', 'Email Class Initialized'); } @@ -1012,9 +1012,16 @@ class CI_Email { */ public function valid_email($email) { - if (function_exists('idn_to_ascii') && $atpos = strpos($email, '@')) + if (function_exists('idn_to_ascii') && preg_match('#\A([^@]+)@(.+)\z#', $email, $matches)) { - $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos), 0, INTL_IDNA_VARIANT_UTS46); + $domain = defined('INTL_IDNA_VARIANT_UTS46') + ? idn_to_ascii($matches[2], 0, INTL_IDNA_VARIANT_UTS46) + : idn_to_ascii($matches[2]); + + if ($domain !== FALSE) + { + $email = $matches[1].'@'.$domain; + } } return (bool) filter_var($email, FILTER_VALIDATE_EMAIL); @@ -1460,7 +1467,7 @@ class CI_Email { * Prep Quoted Printable * * Prepares string for Quoted-Printable Content-Transfer-Encoding - * Refer to RFC 2045 http://www.ietf.org/rfc/rfc2045.txt + * Refer to RFC 2045 https://www.ietf.org/rfc/rfc2045.txt * * @param string * @return string @@ -1469,7 +1476,7 @@ class CI_Email { { // ASCII code numbers for "safe" characters that can always be // used literally, without encoding, as described in RFC 2049. - // http://www.ietf.org/rfc/rfc2049.txt + // https://www.ietf.org/rfc/rfc2049.txt static $ascii_safe_chars = array( // ' ( ) + , - . / : = ? 39, 40, 41, 43, 44, 45, 46, 47, 58, 61, 63, @@ -1821,7 +1828,15 @@ class CI_Email { { if (function_exists('idn_to_ascii') && $atpos = strpos($email, '@')) { - $email = self::substr($email, 0, ++$atpos).idn_to_ascii(self::substr($email, $atpos), 0, INTL_IDNA_VARIANT_UTS46); + list($account, $domain) = explode('@', $email, 2); + $domain = defined('INTL_IDNA_VARIANT_UTS46') + ? idn_to_ascii($domain, 0, INTL_IDNA_VARIANT_UTS46) + : idn_to_ascii($domain); + + if ($domain !== FALSE) + { + $email = $account.'@'.$domain; + } } return (filter_var($email, FILTER_VALIDATE_EMAIL) === $email && preg_match('#\A[a-z0-9._+-]+@[a-z0-9.-]{1,253}\z#i', $email)); @@ -2027,7 +2042,19 @@ class CI_Email { $this->_send_command('hello'); $this->_send_command('starttls'); - $crypto = stream_socket_enable_crypto($this->_smtp_connect, TRUE, STREAM_CRYPTO_METHOD_TLS_CLIENT); + /** + * STREAM_CRYPTO_METHOD_TLS_CLIENT is quite the mess ... + * + * - On PHP <5.6 it doesn't even mean TLS, but SSL 2.0, and there's no option to use actual TLS + * - On PHP 5.6.0-5.6.6, >=7.2 it means negotiation with any of TLS 1.0, 1.1, 1.2 + * - On PHP 5.6.7-7.1.* it means only TLS 1.0 + * + * We want the negotiation, so we'll force it below ... + */ + $method = is_php('5.6') + ? STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT + : STREAM_CRYPTO_METHOD_TLS_CLIENT; + $crypto = stream_socket_enable_crypto($this->_smtp_connect, TRUE, $method); if ($crypto !== TRUE) { @@ -2191,7 +2218,7 @@ class CI_Email { { break; } - // See https://bugs.php.net/bug.php?id=39598 and http://php.net/manual/en/function.fwrite.php#96951 + // See https://bugs.php.net/bug.php?id=39598 and https://secure.php.net/manual/en/function.fwrite.php#96951 elseif ($result === 0) { if ($timestamp === 0) @@ -2254,7 +2281,7 @@ class CI_Email { * (eg: "[1.2.3.4]"). * * @link https://tools.ietf.org/html/rfc5321#section-2.3.5 - * @link http://cbl.abuseat.org/namingproblems.html + * @link https://cbl.abuseat.org/namingproblems.html * @return string */ protected function _get_hostname() |