enmi-conf.org: comparison wp/wp-includes/PHPMailer/PHPMailer.php

equal deleted inserted replaced

-:48c4eec2b7e6
+:8c2e4d02f4ef
 * @author    Andy Prevost (codeworxtech) <codeworxtech@users.sourceforge.net>
 * @author    Brent R. Matzelle (original founder)
 * @copyright 2012 - 2020 Marcus Bointon
 * @copyright 2010 - 2012 Jim Jagielski
 * @copyright 2004 - 2009 Andy Prevost
-* @license   http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
+* @license   https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html GNU Lesser General Public License
 * @note      This program is distributed in the hope that it will be useful - WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.
 */
 /**
 * An iCal message part body.
 * Only supported in simple alt or alt_inline message types
 * To generate iCal event structures, use classes like EasyPeasyICS or iCalcreator.
 *
-* @see http://sprain.ch/blog/downloads/php-class-easypeasyics-create-ical-files-with-php/
+* @see https://kigkonsult.se/iCalcreator/
-* @see http://kigkonsult.se/iCalcreator/
 *
 * @var string
 */
 public $Ical = '';
 * An ID to be used in the Message-ID header.
 * If empty, a unique id will be generated.
 * You can set your own, but it must be in the format "<id@domain>",
 * as defined in RFC5322 section 3.6.4 or it will be ignored.
 *
-* @see https://tools.ietf.org/html/rfc5322#section-3.6.4
+* @see https://www.rfc-editor.org/rfc/rfc5322#section-3.6.4
 *
 * @var string
 */
 public $MessageID = '';
 * @var string
 */
 public $AuthType = '';
 /**
-* SMTP SMTPXClient command attibutes
+* SMTP SMTPXClient command attributes
 *
 * @var array
 */
 protected $SMTPXClient = [];
 * 'SUCCESS' will notify you when your mail has arrived at its destination.
 * 'FAILURE' will arrive if an error occurred during delivery.
 * 'DELAY'   will notify you if there is an unusual delay in delivery, but the actual
 *           delivery's outcome (success or failure) is not yet decided.
 *
-* @see https://tools.ietf.org/html/rfc3461 See section 4.1 for more information about NOTIFY
+* @see https://www.rfc-editor.org/rfc/rfc3461.html#section-4.1 for more information about NOTIFY
 */
 public $dsn = '';
 /**
 * SMTP class debug output mode.
 /**
 * Whether to generate VERP addresses on send.
 * Only applicable when sending via SMTP.
 *
 * @see https://en.wikipedia.org/wiki/Variable_envelope_return_path
-* @see http://www.postfix.org/VERP_README.html Postfix VERP info
+* @see https://www.postfix.org/VERP_README.html Postfix VERP info
 *
 * @var bool
 */
 public $do_verp = false;
 * Callback Action function name.
 *
 * The function that handles the result of the send email action.
 * It is called out by send() for each email sent.
 *
-* Value can be any php callable: http://www.php.net/is_callable
+* Value can be any php callable: https://www.php.net/is_callable
 *
 * Parameters:
-*   bool $result        result of the send action
+*   bool $result           result of the send action
 *   array   $to            email addresses of the recipients
 *   array   $cc            cc email addresses
 *   array   $bcc           bcc email addresses
 *   string  $subject       the subject
 *   string  $body          the email body
 /**
 * The PHPMailer Version number.
 *
 * @var string
 */
-const VERSION = '6.9.1';
+const VERSION = '6.9.3';
 /**
 * Error severity: message only, continue processing.
 *
 * @var int
 if ($this->SMTPDebug <= 0) {
 return;
 }
 //Is this a PSR-3 logger?
 if ($this->Debugoutput instanceof \Psr\Log\LoggerInterface) {
-$this->Debugoutput->debug($str);
+$this->Debugoutput->debug(rtrim($str, "\r\n"));
 return;
 }
 //Avoid clash with built-in function names
 if (is_callable($this->Debugoutput) && !in_array($this->Debugoutput, ['error_log', 'html', 'echo'])) {
 * Add an address to one of the recipient arrays or to the ReplyTo array. Because PHPMailer
 * can't validate addresses with an IDN without knowing the PHPMailer::$CharSet (that can still
 * be modified after calling this function), addition of such addresses is delayed until send().
 * Addresses that have been added already return false, but do not throw exceptions.
 *
-* @param string $kind    One of 'to', 'cc', 'bcc', or 'ReplyTo'
+* @param string $kind    One of 'to', 'cc', 'bcc', or 'Reply-To'
 * @param string $address The email address
 * @param string $name    An optional username associated with the address
 *
 * @throws Exception
 *
 * Parse and validate a string containing one or more RFC822-style comma-separated email addresses
 * of the form "display name <address>" into an array of name/address pairs.
 * Uses the imap_rfc822_parse_adrlist function if the IMAP extension is available.
 * Note that quotes in the name part are removed.
 *
-* @see http://www.andrew.cmu.edu/user/agreen1/testing/mrbs/web/Mail/RFC822.php A more careful implementation
+* @see https://www.andrew.cmu.edu/user/agreen1/testing/mrbs/web/Mail/RFC822.php A more careful implementation
 *
 * @param string $addrstr The address list string
 * @param bool   $useimap Whether to use the IMAP extension to parse the list
 * @param string $charset The charset to use when decoding the address list string.
 *
 *  * numeric TLDs: `a@b.123`
 *  * unbracketed IPv4 literals: `a@192.168.0.1`
 *  * IPv6 literals: 'first.last@[IPv6:a1::]'
 * Not all of these will necessarily work for sending!
 *
-* @see       http://squiloople.com/2009/12/20/email-address-validation/
 * @copyright 2009-2010 Michael Rushton
 * Feel free to use and redistribute this code. But please keep this copyright notice.
 */
 return (bool) preg_match(
 '/^(?!(?>(?1)"?(?>\\\[ -~]|[^"])"?(?1)){255,})(?!(?>(?1)"?(?>\\\[ -~]|[^"])"?(?1)){65,}@)' .
 }
 $header = static::stripTrailingWSP($header) . static::$LE . static::$LE;
 //This sets the SMTP envelope sender which gets turned into a return-path header by the receiver
 //A space after `-f` is optional, but there is a long history of its presence
 //causing problems, so we don't use one
-//Exim docs: http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html
+//Exim docs: https://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html
-//Sendmail docs: http://www.sendmail.org/~ca/email/man/sendmail.html
+//Sendmail docs: https://www.sendmail.org/~ca/email/man/sendmail.html
-//Qmail docs: http://www.qmail.org/man/man8/qmail-inject.html
 //Example problem: https://www.drupal.org/node/1057954
 //PHP 5.6 workaround
 $sendmail_from_value = ini_get('sendmail_from');
 if (empty($this->Sender) && !empty($sendmail_from_value)) {
 *
 * @return bool
 */
 protected static function isPermittedPath($path)
 {
-//Matches scheme definition from https://tools.ietf.org/html/rfc3986#section-3.1
+//Matches scheme definition from https://www.rfc-editor.org/rfc/rfc3986#section-3.1
 return !preg_match('#^[a-z][a-z\d+.-]*://#i', $path);
 }
 /**
 * Check whether a file path is safe, accessible, and readable.
 }
 /**
 * Send mail using the PHP mail() function.
 *
-* @see http://www.php.net/manual/en/book.mail.php
+* @see https://www.php.net/manual/en/book.mail.php
 *
 * @param string $header The message headers
 * @param string $body   The message body
 *
 * @throws Exception
 $params = null;
 //This sets the SMTP envelope sender which gets turned into a return-path header by the receiver
 //A space after `-f` is optional, but there is a long history of its presence
 //causing problems, so we don't use one
-//Exim docs: http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html
+//Exim docs: https://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_exim_command_line.html
-//Sendmail docs: http://www.sendmail.org/~ca/email/man/sendmail.html
+//Sendmail docs: https://www.sendmail.org/~ca/email/man/sendmail.html
-//Qmail docs: http://www.qmail.org/man/man8/qmail-inject.html
 //Example problem: https://www.drupal.org/node/1057954
 //CVE-2016-10033, CVE-2016-10045: Don't pass -f if characters will be escaped.
 //PHP 5.6 workaround
 $sendmail_from_value = ini_get('sendmail_from');
 if ('mail' !== $this->Mailer) {
 $result .= $this->headerLine('Subject', $this->encodeHeader($this->secureHeader($this->Subject)));
 }
 //Only allow a custom message ID if it conforms to RFC 5322 section 3.6.4
-//https://tools.ietf.org/html/rfc5322#section-3.6.4
+//https://www.rfc-editor.org/rfc/rfc5322#section-3.6.4
 if (
 '' !== $this->MessageID &&
 preg_match(
 '/^<((([a-z\d!#$%&\'*+\/=?^_`{|}~-]+(\.[a-z\d!#$%&\'*+\/=?^_`{|}~-]+)*)' .
 '|("(([\x01-\x08\x0B\x0C\x0E-\x1F\x7F]|[\x21\x23-\x5B\x5D-\x7E])' .
 /**
 * Encode and wrap long multibyte strings for mail headers
 * without breaking lines within a character.
 * Adapted from a function by paravoid.
 *
-* @see http://www.php.net/manual/en/function.mb-encode-mimeheader.php#60283
+* @see https://www.php.net/manual/en/function.mb-encode-mimeheader.php#60283
 *
 * @param string $str       multi-byte text to wrap encode
 * @param string $linebreak string to use as linefeed/end-of-line
 *
 * @return string
 }
 /**
 * Encode a string using Q encoding.
 *
-* @see http://tools.ietf.org/html/rfc2047#section-4.2
+* @see https://www.rfc-editor.org/rfc/rfc2047#section-4.2
 *
 * @param string $str      the text to encode
 * @param string $position Where the text is going to be used, see the RFC for what that means
 *
 * @return string
 $result = $this->Hostname;
 } elseif (isset($_SERVER) && array_key_exists('SERVER_NAME', $_SERVER)) {
 $result = $_SERVER['SERVER_NAME'];
 } elseif (function_exists('gethostname') && gethostname() !== false) {
 $result = gethostname();
-} elseif (php_uname('n') !== false) {
+} elseif (php_uname('n') !== '') {
 $result = php_uname('n');
 }
 if (!static::isValidHost($result)) {
 return 'localhost.localdomain';
 }
 //Simple syntax limits
 if (
 empty($host)
 || !is_string($host)
 || strlen($host) > 256
-|| !preg_match('/^([a-zA-Z\d.-]*|\[[a-fA-F\d:]+\])$/', $host)
+|| !preg_match('/^([a-z\d.-]*|\[[a-f\d:]+\])$/i', $host)
 ) {
 return false;
 }
 //Looks like a bracketed IPv6 address
 if (strlen($host) > 2 && substr($host, 0, 1) === '[' && substr($host, -1, 1) === ']') {
 //Need to check this first because otherwise things like `999.0.0.0` are considered valid host names
 if (is_numeric(str_replace('.', '', $host))) {
 //Is it a valid IPv4 address?
 return filter_var($host, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false;
 }
-//Is it a syntactically valid hostname (when embeded in a URL)?
+//Is it a syntactically valid hostname (when embedded in a URL)?
-return filter_var('http://' . $host, FILTER_VALIDATE_URL) !== false;
+return filter_var('https://' . $host, FILTER_VALIDATE_URL) !== false;
 }
 /**
 * Get an error message in the current language.
 *
 /**
 * Multi-byte-safe pathinfo replacement.
 * Drop-in replacement for pathinfo(), but multibyte- and cross-platform-safe.
 *
-* @see http://www.php.net/manual/en/function.pathinfo.php#107461
+* @see https://www.php.net/manual/en/function.pathinfo.php#107461
 *
 * @param string     $path    A filename or path, does not need to exist as a file
 * @param int|string $options Either a PATHINFO_* constant,
 *                            or a string name to return only the specified piece
 *
 /**
 * Generate a DKIM canonicalization header.
 * Uses the 'relaxed' algorithm from RFC6376 section 3.4.2.
 * Canonicalized headers should *always* use CRLF, regardless of mailer setting.
 *
-* @see https://tools.ietf.org/html/rfc6376#section-3.4.2
+* @see https://www.rfc-editor.org/rfc/rfc6376#section-3.4.2
 *
 * @param string $signHeader Header
 *
 * @return string
 */
 {
 //Normalize breaks to CRLF (regardless of the mailer)
 $signHeader = static::normalizeBreaks($signHeader, self::CRLF);
 //Unfold header lines
 //Note PCRE \s is too broad a definition of whitespace; RFC5322 defines it as `[ \t]`
-//@see https://tools.ietf.org/html/rfc5322#section-2.2
+//@see https://www.rfc-editor.org/rfc/rfc5322#section-2.2
 //That means this may break if you do something daft like put vertical tabs in your headers.
 $signHeader = preg_replace('/\r\n[ \t]+/', ' ', $signHeader);
 //Break headers out into an array
 $lines = explode(self::CRLF, $signHeader);
 foreach ($lines as $key => $line) {
 /**
 * Generate a DKIM canonicalization body.
 * Uses the 'simple' algorithm from RFC6376 section 3.4.3.
 * Canonicalized bodies should *always* use CRLF, regardless of mailer setting.
 *
-* @see https://tools.ietf.org/html/rfc6376#section-3.4.3
+* @see https://www.rfc-editor.org/rfc/rfc6376#section-3.4.3
 *
 * @param string $body Message Body
 *
 * @return string
 */
 $DKIMsignatureType = 'rsa-sha256'; //Signature & hash algorithms
 $DKIMcanonicalization = 'relaxed/simple'; //Canonicalization methods of header & body
 $DKIMquery = 'dns/txt'; //Query method
 $DKIMtime = time();
 //Always sign these headers without being asked
-//Recommended list from https://tools.ietf.org/html/rfc6376#section-5.4.1
+//Recommended list from https://www.rfc-editor.org/rfc/rfc6376#section-5.4.1
 $autoSignHeaders = [
 'from',
 'to',
 'cc',
 'date',
 if ('' !== $this->DKIM_identity) {
 $ident = ' i=' . $this->DKIM_identity . ';' . static::$LE;
 }
 //The DKIM-Signature header is included in the signature *except for* the value of the `b` tag
 //which is appended after calculating the signature
-//https://tools.ietf.org/html/rfc6376#section-3.5
+//https://www.rfc-editor.org/rfc/rfc6376#section-3.5
 $dkimSignatureHeader = 'DKIM-Signature: v=1;' .
 ' d=' . $this->DKIM_domain . ';' .
 ' s=' . $this->DKIM_selector . ';' . static::$LE .
 ' a=' . $DKIMsignatureType . ';' .
 ' q=' . $DKIMquery . ';' .

changeset 22	8c2e4d02f4ef
parent 21	48c4eec2b7e6