Skip to content

Commit

Permalink
Fix salesagility#3226 Upgrade Sugar version to 6.5.25
Browse files Browse the repository at this point in the history 
Upgrades Phpmailer to version 5.2.23
  • Loading branch information
@mattlorimer
mattlorimer committed Mar 30, 2017
1 parent 0272273 commit 397c274
Show file tree
Hide file tree
Showing 6 changed files with 110 additions and 91 deletions.
1 change: 1 addition & 0 deletions include/phpmailer/VERSION
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
5.2.23
32 changes: 23 additions & 9 deletions include/phpmailer/class.phpmailer.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ class PHPMailer
* The PHPMailer Version number.
* @var string
*/
public $Version = '5.2.21';
public $Version = '5.2.23';

/**
* Email priority.
Expand Down Expand Up @@ -2492,6 +2492,7 @@ public function textLine($value)

/**
* Add an attachment from a path on the filesystem.
* Never use a user-supplied path to a file!
* Returns false if the file could not be found or read.
* @param string $path Path to the attachment.
* @param string $name Overrides the attachment name.
Expand Down Expand Up @@ -3017,6 +3018,7 @@ public function addStringAttachment(
* displayed inline with the message, not just attached for download.
* This is used in HTML messages that embed the images
* the HTML refers to using the $cid value.
* Never use a user-supplied path to a file!
* @param string $path Path to the attachment.
* @param string $cid Content ID of the attachment; Use this to reference
* the content when using an embedded image in HTML.
Expand Down Expand Up @@ -3380,12 +3382,14 @@ public function getCustomHeaders()
* Create a message body from an HTML string.
* Automatically inlines images and creates a plain-text version by converting the HTML,
* overwriting any existing values in Body and AltBody.
* $basedir is used when handling relative image paths, e.g. <img src="images/a.png">
* Do not source $message content from user input!
* $basedir is prepended when handling relative URLs, e.g. <img src="/images/a.png"> and must not be empty
* will look for an image file in $basedir/images/a.png and convert it to inline.
* If you don't want to apply these transformations to your HTML, just set Body and AltBody yourself.
* If you don't provide a $basedir, relative paths will be left untouched (and thus probably break in email)
* If you don't want to apply these transformations to your HTML, just set Body and AltBody directly.
* @access public
* @param string $message HTML message string
* @param string $basedir base directory for relative paths to images
* @param string $basedir Absolute path to a base directory to prepend to relative paths to images
* @param boolean|callable $advanced Whether to use the internal HTML to text converter
* or your own custom converter @see PHPMailer::html2text()
* @return string $message The transformed message Body
Expand All @@ -3394,6 +3398,10 @@ public function msgHTML($message, $basedir = '', $advanced = false)
{
preg_match_all('/(src|background)=["\'](.*)["\']/Ui', $message, $images);
if (array_key_exists(2, $images)) {
if (strlen($basedir) > 1 && substr($basedir, -1) != '/') {
// Ensure $basedir has a trailing /
$basedir .= '/';
}
foreach ($images[2] as $imgindex => $url) {
// Convert data URIs into embedded images
if (preg_match('#^data:(image[^;,]*)(;base64)?,#', $url, $match)) {
Expand All @@ -3411,18 +3419,24 @@ public function msgHTML($message, $basedir = '', $advanced = false)
$message
);
}
} elseif (substr($url, 0, 4) !== 'cid:' && !preg_match('#^[a-z][a-z0-9+.-]*://#i', $url)) {
// Do not change urls for absolute images (thanks to corvuscorax)
continue;
}
if (
// Only process relative URLs if a basedir is provided (i.e. no absolute local paths)
!empty($basedir)
// Ignore URLs containing parent dir traversal (..)
&& (strpos($url, '..') === false)
// Do not change urls that are already inline images
&& substr($url, 0, 4) !== 'cid:'
// Do not change absolute URLs, including anonymous protocol
&& !preg_match('#^[a-z][a-z0-9+.-]*:?//#i', $url)
) {
$filename = basename($url);
$directory = dirname($url);
if ($directory == '.') {
$directory = '';
}
$cid = md5($url) . '@phpmailer.0'; // RFC2392 S 2
if (strlen($basedir) > 1 && substr($basedir, -1) != '/') {
$basedir .= '/';
}
if (strlen($directory) > 1 && substr($directory, -1) != '/') {
$directory .= '/';
}
Expand Down
106 changes: 54 additions & 52 deletions include/phpmailer/class.smtp.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ class SMTP
* The PHPMailer SMTP version number.
* @var string
*/
const VERSION = '5.2.21';
const VERSION = '5.2.23';

/**
* SMTP line break constant.
Expand Down Expand Up @@ -81,7 +81,7 @@ class SMTP
* @deprecated Use the `VERSION` constant instead
* @see SMTP::VERSION
*/
public $Version = '5.2.21';
public $Version = '5.2.23';

/**
* SMTP server port number.
Expand Down Expand Up @@ -150,16 +150,16 @@ class SMTP
*/
public $Timelimit = 300;

/**
* @var array patterns to extract smtp transaction id from smtp reply
* Only first capture group will be use, use non-capturing group to deal with it
* Extend this class to override this property to fulfil your needs.
*/
protected $smtp_transaction_id_patterns = array(
'exim' => '/[0-9]{3} OK id=(.*)/',
'sendmail' => '/[0-9]{3} 2.0.0 (.*) Message/',
'postfix' => '/[0-9]{3} 2.0.0 Ok: queued as (.*)/'
);
/**
* @var array patterns to extract smtp transaction id from smtp reply
* Only first capture group will be use, use non-capturing group to deal with it
* Extend this class to override this property to fulfil your needs.
*/
protected $smtp_transaction_id_patterns = array(
'exim' => '/[0-9]{3} OK id=(.*)/',
'sendmail' => '/[0-9]{3} 2.0.0 (.*) Message/',
'postfix' => '/[0-9]{3} 2.0.0 Ok: queued as (.*)/'
);

/**
* The socket for the server connection.
Expand Down Expand Up @@ -231,8 +231,7 @@ protected function edebug($str, $level = 0)
preg_replace('/[\r\n]+/', '', $str),
ENT_QUOTES,
'UTF-8'
)
. "<br>\n";
) . "<br>\n";
break;
case 'echo':
default:
Expand All @@ -242,7 +241,7 @@ protected function edebug($str, $level = 0)
"\n",
"\n \t ",
trim($str)
)."\n";
) . "\n";
}
}

Expand Down Expand Up @@ -276,7 +275,8 @@ public function connect($host, $port = null, $timeout = 30, $options = array())
}
// Connect to the SMTP server
$this->edebug(
"Connection: opening to $host:$port, timeout=$timeout, options=".var_export($options, true),
"Connection: opening to $host:$port, timeout=$timeout, options=" .
var_export($options, true),
self::DEBUG_CONNECTION
);
$errno = 0;
Expand Down Expand Up @@ -362,14 +362,14 @@ public function startTLS()
}

// Begin encrypted connection
if (!stream_socket_enable_crypto(
set_error_handler(array($this, 'errorHandler'));
$crypto_ok = stream_socket_enable_crypto(
$this->smtp_conn,
true,
$crypto_method
)) {
return false;
}
return true;
);
restore_error_handler();
return $crypto_ok;
}

/**
Expand Down Expand Up @@ -398,8 +398,7 @@ public function authenticate(
}

if (array_key_exists('EHLO', $this->server_caps)) {
// SMTP extensions are available. Let's try to find a proper authentication method

// SMTP extensions are available; try to find a proper authentication method
if (!array_key_exists('AUTH', $this->server_caps)) {
$this->setError('Authentication is not allowed at this stage');
// 'at this stage' means that auth may be allowed after the stage changes
Expand All @@ -424,7 +423,7 @@ public function authenticate(
$this->setError('No supported authentication methods found');
return false;
}
self::edebug('Auth method selected: '.$authtype, self::DEBUG_LOWLEVEL);
self::edebug('Auth method selected: ' . $authtype, self::DEBUG_LOWLEVEL);
}

if (!in_array($authtype, $this->server_caps['AUTH'])) {
Expand Down Expand Up @@ -550,7 +549,7 @@ public function authenticate(
* Works like hash_hmac('md5', $data, $key)
* in case that function is not available
* @param string $data The data to hash
* @param string $key The key to hash with
* @param string $key The key to hash with
* @access protected
* @return string
*/
Expand Down Expand Up @@ -893,7 +892,8 @@ protected function sendCommand($command, $commandstring, $expect)
$code_ex = (count($matches) > 2 ? $matches[2] : null);
// Cut off error code from each response line
$detail = preg_replace(
"/{$code}[ -]".($code_ex ? str_replace('.', '\\.', $code_ex).' ' : '')."/m",
"/{$code}[ -]" .
($code_ex ? str_replace('.', '\\.', $code_ex) . ' ' : '') . "/m",
'',
$this->last_reply
);
Expand Down Expand Up @@ -1105,7 +1105,7 @@ protected function get_lines()
// Now check if reads took too long
if ($endtime and time() > $endtime) {
$this->edebug(
'SMTP -> get_lines(): timelimit reached ('.
'SMTP -> get_lines(): timelimit reached (' .
$this->Timelimit . ' sec)',
self::DEBUG_LOWLEVEL
);
Expand Down Expand Up @@ -1208,42 +1208,44 @@ public function getTimeout()
* Reports an error number and string.
* @param integer $errno The error number returned by PHP.
* @param string $errmsg The error message returned by PHP.
* @param string $errfile The file the error occurred in
* @param integer $errline The line number the error occurred on
*/
protected function errorHandler($errno, $errmsg)
protected function errorHandler($errno, $errmsg, $errfile = '', $errline = 0)
{
$notice = 'Connection: Failed to connect to server.';
$notice = 'Connection failed.';
$this->setError(
$notice,
$errno,
$errmsg
);
$this->edebug(
$notice . ' Error number ' . $errno . '. "Error notice: ' . $errmsg,
$notice . ' Error #' . $errno . ': ' . $errmsg . " [$errfile line $errline]",
self::DEBUG_CONNECTION
);
}

/**
* Will return the ID of the last smtp transaction based on a list of patterns provided
* in SMTP::$smtp_transaction_id_patterns.
* If no reply has been received yet, it will return null.
* If no pattern has been matched, it will return false.
* @return bool|null|string
*/
public function getLastTransactionID()
{
$reply = $this->getLastReply();

if (empty($reply)) {
return null;
}

foreach($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) {
if(preg_match($smtp_transaction_id_pattern, $reply, $matches)) {
return $matches[1];
}
}

return false;
/**
* Will return the ID of the last smtp transaction based on a list of patterns provided
* in SMTP::$smtp_transaction_id_patterns.
* If no reply has been received yet, it will return null.
* If no pattern has been matched, it will return false.
* @return bool|null|string
*/
public function getLastTransactionID()
{
$reply = $this->getLastReply();

if (empty($reply)) {
return null;
}

foreach ($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) {
if (preg_match($smtp_transaction_id_pattern, $reply, $matches)) {
return $matches[1];
}
}

return false;
}
}
10 changes: 5 additions & 5 deletions include/phpmailer/extras/htmlfilter.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ function tln_tagprint($tagname, $attary, $tagtype)
$fulltag = '<' . $tagname;
if (is_array($attary) && sizeof($attary)) {
$atts = array();
while (list($attname, $attvalue) = each($attary)) {
foreach($attary as $attname => $attvalue) {
array_push($atts, "$attname=$attvalue");
}
$fulltag .= ' ' . join(' ', $atts);
Expand Down Expand Up @@ -433,7 +433,7 @@ function tln_getnxtag($body, $offset)
*
* @param string $attvalue the by-ref value to check.
* @param string $regex the regular expression to check against.
* @param boolean $hex whether the entites are hexadecimal.
* @param boolean $hex whether the entities are hexadecimal.
* @return boolean True or False depending on whether there were matches.
*/
function tln_deent(&$attvalue, $regex, $hex = false)
Expand Down Expand Up @@ -520,7 +520,7 @@ function tln_fixatts(
$trans_image_path,
$block_external_images
) {
while (list($attname, $attvalue) = each($attary)) {
foreach($attary as $attname => $attvalue) {
/**
* See if this attribute should be removed.
*/
Expand Down Expand Up @@ -772,15 +772,15 @@ function tln_fixstyle($body, $pos, $trans_image_path, $block_external_images)
tln_defang($contentTemp);
tln_unspace($contentTemp);

$match = Array('/\/\*.*\*\//',
$match = array('/\/\*.*\*\//',
'/expression/i',
'/behaviou*r/i',
'/binding/i',
'/include-source/i',
'/javascript/i',
'/script/i',
'/position/i');
$replace = Array('','idiocy', 'idiocy', 'idiocy', 'idiocy', 'idiocy', 'idiocy', '');
$replace = array('','idiocy', 'idiocy', 'idiocy', 'idiocy', 'idiocy', 'idiocy', '');
$contentNew = preg_replace($match, $replace, $contentTemp);
if ($contentNew !== $contentTemp) {
$content = $contentNew;
Expand Down
8 changes: 4 additions & 4 deletions sugar_version.json
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"sugar_version": "6.5.24",
"sugar_db_version": "6.5.24",
"sugar_version": "6.5.25",
"sugar_db_version": "6.5.25",
"sugar_flavor": "CE",
"sugar_build": "509",
"sugar_timestamp": "2016-07-14 06:10AM"
"sugar_build": "344",
"sugar_timestamp": "2017-02-06 12:07PM"
}
Loading

0 comments on commit 397c274

Please sign in to comment.