Update htmLawed (1.2.4) and PHPMailer (5.2.25)

a0956bdf · Scott · cfb12b79 · a0956bdf · a0956bdf · a0956bdf
Commit a0956bdf authored Sep 02, 2017 by Scott
Showing with 88 additions and 47 deletions

class.phpmailer.php qa-include/vendor/PHPMailer/class.phpmailer.php +13 -10

class.smtp.php qa-include/vendor/PHPMailer/class.smtp.php +45 -20

htmLawed.php qa-include/vendor/htmLawed.php +30 -17

No files found.
--- a/qa-include/vendor/PHPMailer/class.phpmailer.php
+++ b/qa-include/vendor/PHPMailer/class.phpmailer.php
@@ -31,7 +31,7 @@ class PHPMailer
     * The PHPMailer Version number.
     * @var string
     */
-    public $Version = '5.2.23';
+    public $Version = '5.2.25';
    /**
     * Email priority.
@@ -440,9 +440,9 @@ class PHPMailer
     *
     * Parameters:
     *   boolean $result        result of the send action
-     *   string  $to            email address of the recipient
+     *   array   $to            email addresses of the recipients
-     *   string  $cc            cc email addresses
+     *   array   $cc            cc email addresses
-     *   string  $bcc           bcc email addresses
+     *   array   $bcc           bcc email addresses
     *   string  $subject       the subject
     *   string  $body          the email body
     *   string  $from          email address of sender
@@ -1622,8 +1622,13 @@ class PHPMailer
        foreach ($hosts as $hostentry) {
            $hostinfo = array();
-            if (!preg_match('/^((ssl|tls):\/\/)*([a-zA-Z0-9\.-]*):?([0-9]*)$/', trim($hostentry), $hostinfo)) {
+            if (!preg_match(
+                '/^((ssl|tls):\/\/)*([a-zA-Z0-9\.-]*|\[[a-fA-F0-9:]+\]):?([0-9]*)$/',
+                trim($hostentry),
+                $hostinfo
+            )) {
                // Not a valid host entry
+                $this->edebug('Ignoring invalid host: ' . $hostentry);
                continue;
            }
            // $hostinfo[2]: optional ssl or tls prefix
@@ -1742,6 +1747,7 @@ class PHPMailer
            'dk' => 'da',
            'no' => 'nb',
            'se' => 'sv',
+            'sr' => 'rs'
        );
        if (isset($renamed_langcodes[$langcode])) {
@@ -2024,10 +2030,7 @@ class PHPMailer
    {
        $result = '';
-        if ($this->MessageDate == '') {
+        $result .= $this->headerLine('Date', $this->MessageDate == '' ? self::rfcDate() : $this->MessageDate);
-            $this->MessageDate = self::rfcDate();
-        }
-        $result .= $this->headerLine('Date', $this->MessageDate);
        // To be created automatically by mail()
        if ($this->SingleTo) {
@@ -4033,7 +4036,7 @@ class phpmailerException extends Exception
     */
    public function errorMessage()
    {
-        $errorMsg = '<strong>' . $this->getMessage() . "</strong><br />\n";
+        $errorMsg = '<strong>' . htmlspecialchars($this->getMessage()) . "</strong><br />\n";
        return $errorMsg;
    }
 }
--- a/qa-include/vendor/PHPMailer/class.smtp.php
+++ b/qa-include/vendor/PHPMailer/class.smtp.php
@@ -30,7 +30,7 @@ class SMTP
     * The PHPMailer SMTP version number.
     * @var string
     */
-    const VERSION = '5.2.23';
+    const VERSION = '5.2.25';
    /**
     * SMTP line break constant.
@@ -81,7 +81,7 @@ class SMTP
     * @deprecated Use the `VERSION` constant instead
     * @see SMTP::VERSION
     */
-    public $Version = '5.2.23';
+    public $Version = '5.2.25';
    /**
     * SMTP server port number.
@@ -151,9 +151,8 @@ class SMTP
    public $Timelimit = 300;
    /**
-     * @var array patterns to extract smtp transaction id from smtp reply
+     * @var array Patterns to extract an SMTP transaction id from reply to a DATA command.
-     * Only first capture group will be use, use non-capturing group to deal with it
+     * The first capture group in each regex will be used as the ID.
-     * Extend this class to override this property to fulfil your needs.
     */
    protected $smtp_transaction_id_patterns = array(
        'exim' => '/[0-9]{3} OK id=(.*)/',
@@ -162,6 +161,12 @@ class SMTP
    );
    /**
+     * @var string The last transaction ID issued in response to a DATA command,
+     * if one was detected
+     */
+    protected $last_smtp_transaction_id;
+    /**
     * The socket for the server connection.
     * @var resource
     */
@@ -227,7 +232,7 @@ class SMTP
                break;
            case 'html':
                //Cleans up output a bit for a better looking, HTML-safe output
-                echo htmlentities(
+                echo gmdate('Y-m-d H:i:s') . ' ' . htmlentities(
                    preg_replace('/[\r\n]+/', '', $str),
                    ENT_QUOTES,
                    'UTF-8'
@@ -709,6 +714,7 @@ class SMTP
        $savetimelimit = $this->Timelimit;
        $this->Timelimit = $this->Timelimit * 2;
        $result = $this->sendCommand('DATA END', '.', 250);
+        $this->recordLastTransactionID();
        //Restore timelimit
        $this->Timelimit = $savetimelimit;
        return $result;
@@ -989,7 +995,10 @@ class SMTP
    public function client_send($data)
    {
        $this->edebug("CLIENT -> SERVER: $data", self::DEBUG_CLIENT);
-        return fwrite($this->smtp_conn, $data);
+        set_error_handler(array($this, 'errorHandler'));
+        $result = fwrite($this->smtp_conn, $data);
+        restore_error_handler();
+        return $result;
    }
    /**
@@ -1089,8 +1098,10 @@ class SMTP
            $this->edebug("SMTP -> get_lines(): \$data is \"$data\"", self::DEBUG_LOWLEVEL);
            $this->edebug("SMTP -> get_lines(): \$str is  \"$str\"", self::DEBUG_LOWLEVEL);
            $data .= $str;
-            // If 4th character is a space, we are done reading, break the loop, micro-optimisation over strlen
+            // If response is only 3 chars (not valid, but RFC5321 S4.2 says it must be handled),
-            if ((isset($str[3]) and $str[3] == ' ')) {
+            // or 4th character is a space, we are done reading, break the loop,
+            // string array access is a micro-optimisation over strlen
+            if (!isset($str[3]) or (isset($str[3]) and $str[3] == ' ')) {
                break;
            }
            // Timed-out? Log and break
@@ -1226,26 +1237,40 @@ class SMTP
    }
    /**
-     * Will return the ID of the last smtp transaction based on a list of patterns provided
+     * Extract and return the ID of the last SMTP transaction based on
-     * in SMTP::$smtp_transaction_id_patterns.
+     * a list of patterns provided in SMTP::$smtp_transaction_id_patterns.
+     * Relies on the host providing the ID in response to a DATA command.
     * If no reply has been received yet, it will return null.
-     * If no pattern has been matched, it will return false.
+     * If no pattern was matched, it will return false.
     * @return bool|null|string
     */
-    public function getLastTransactionID()
+    protected function recordLastTransactionID()
    {
        $reply = $this->getLastReply();
        if (empty($reply)) {
-            return null;
+            $this->last_smtp_transaction_id = null;
-        }
+        } else {
+            $this->last_smtp_transaction_id = false;
-        foreach ($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) {
+            foreach ($this->smtp_transaction_id_patterns as $smtp_transaction_id_pattern) {
-            if (preg_match($smtp_transaction_id_pattern, $reply, $matches)) {
+                if (preg_match($smtp_transaction_id_pattern, $reply, $matches)) {
-                return $matches[1];
+                    $this->last_smtp_transaction_id = $matches[1];
+                }
            }
        }
-        return false;
+        return $this->last_smtp_transaction_id;
+    }
+    /**
+     * Get the queue/transaction ID of the last SMTP transaction
+     * If no reply has been received yet, it will return null.
+     * If no pattern was matched, it will return false.
+     * @return bool|null|string
+     * @see recordLastTransactionID()
+     */
+    public function getLastTransactionID()
+    {
+        return $this->last_smtp_transaction_id;
    }
 }
--- a/qa-include/vendor/htmLawed.php
+++ b/qa-include/vendor/htmLawed.php
 <?php
 /*
-htmLawed 1.2, 11 February 2017
+htmLawed 1.2.4, 31 August 2017
 Copyright Santosh Patnaik
 Dual licensed with LGPL 3 and GPL 2+
 A PHP Labware internal utility - www.bioinformatics.org/phplabware/internal_utilities/htmLawed
@@ -143,7 +143,7 @@ foreach($t as $tk=>$tv){
 }
 if($o){$r[] = $tv;}
 }
-if($s == ','){$s = ', ';} 
+if($s == ','){$s = ', ';}
 $r = implode($s, $r);
 return (isset($r[0]) ? $r : (isset($p['default']) ? $p['default'] : 0));
 }
@@ -219,7 +219,7 @@ for($i=-1, $ci=count($t); ++$i<$ci;){
  if(isset($cE[$e]) or !in_array($e, $q)){continue;} // Empty/unopen
  if($p == $e){array_pop($q); echo '</', $e, '>'; unset($e); continue;} // Last open
  $add = ''; // Nesting - close open tags that need to be
-  for($j=-1, $cj=count($q); ++$j<$cj;){  
+  for($j=-1, $cj=count($q); ++$j<$cj;){
   if(($d = array_pop($q)) == $e){break;}
   else{$add .= "</{$d}>";}
  }
@@ -308,7 +308,7 @@ $t = $t[0];
 global $C;
 if(!($v = $C[$n = $t[3] == '-' ? 'comment' : 'cdata'])){return $t;}
 if($v == 1){return '';}
-if($n == 'comment'){
+if($n == 'comment' && $v < 4){
 if(substr(($t = preg_replace('`--+`', '-', substr($t, 4, -3))), -1) != ' '){$t .= ' ';}
 }
 else{$t = substr($t, 1, -1);}
@@ -366,28 +366,37 @@ return "{$b}{$p}{$a}";
 function hl_regex($p){
 // check regex
 if(empty($p)){return 0;}
-if($t = ini_get('track_errors')){$o = isset($php_errormsg) ? $php_errormsg : null;}
+if($v = function_exists('error_clear_last') && function_exists('error_get_last')){error_clear_last();}
-else{ini_set('track_errors', 1);}
+else{
-unset($php_errormsg);
+ if($t = ini_get('track_errors')){$o = isset($php_errormsg) ? $php_errormsg : null;}
+ else{ini_set('track_errors', 1);}
+ unset($php_errormsg);
+}
 if(($d = ini_get('display_errors'))){ini_set('display_errors', 0);}
 preg_match($p, '');
+if($v){$r = error_get_last() == null ? 1 : 0; }
+else{
+ $r = isset($php_errormsg) ? 0 : 1;
+ if($t){$php_errormsg = isset($o) ? $o : null;}
+ else{ini_set('track_errors', 0);}
+}
 if($d){ini_set('display_errors', 1);}
-$r = isset($php_errormsg) ? 0 : 1;
-if($t){$php_errormsg = isset($o) ? $o : null;}
-else{ini_set('track_errors', 0);}
 return $r;
 }
 function hl_spec($t){
 // final $spec
 $s = array();
-$t = str_replace(array("\t", "\r", "\n", ' '), '', preg_replace_callback('/"(?>(`.|[^"])*)"/sm', create_function('$m', 'return substr(str_replace(array(";", "|", "~", " ", ",", "/", "(", ")", \'`"\'), array("\x01", "\x02", "\x03", "\x04", "\x05", "\x06", "\x07", "\x08", "\""), $m[0]), 1, -1);'), trim($t))); 
+function hl_aux1($m){
+ return substr(str_replace(array(";", "|", "~", " ", ",", "/", "(", ")", '`"'), array("\x01", "\x02", "\x03", "\x04", "\x05", "\x06", "\x07", "\x08", '"'), $m[0]), 1, -1);
+}
+$t = str_replace(array("\t", "\r", "\n", ' '), '', preg_replace_callback('/"(?>(`.|[^"])*)"/sm', 'hl_aux1', trim($t)));
 for($i = count(($t = explode(';', $t))); --$i>=0;){
 $w = $t[$i];
 if(empty($w) or ($e = strpos($w, '=')) === false or !strlen(($a =  substr($w, $e+1)))){continue;}
 $y = $n = array();
 foreach(explode(',', $a) as $v){
-  if(!preg_match('`^([a-z][^=/()]+)(?:\((.*?)\))?`i', $v, $m)){continue;}
+  if(!preg_match('`^([a-z:\-\*]+)(?:\((.*?)\))?`i', $v, $m)){continue;}
  if(($x = strtolower($m[1])) == '-*'){$n['*'] = 1; continue;}
  if($x[0] == '-'){$n[substr($x, 1)] = 1; continue;}
  if(!isset($m[2])){$y[$x] = 1; continue;}
@@ -401,8 +410,8 @@ for($i = count(($t = explode(';', $t))); --$i>=0;){
 if(!count($y) && !count($n)){continue;}
 foreach(explode(',', substr($w, 0, $e)) as $v){
  if(!strlen(($v = strtolower($v)))){continue;}
-  if(count($y)){$s[$v] = $y;}
+  if(count($y)){if(!isset($s[$v])){$s[$v] = $y;} else{$s[$v] = array_merge($s[$v], $y);}}
-  if(count($n)){$s[$v]['n'] = $n;}
+  if(count($n)){if(!isset($s[$v]['n'])){$s[$v]['n'] = $n;} else{$s[$v]['n'] = array_merge($s[$v]['n'], $n);}}
 }
 }
 return $s;
@@ -562,6 +571,7 @@ if($depTr){
 $c = array();
 foreach($a as $k=>$v){
  if($k == 'style' or !isset($aND[$k][$e])){continue;}
+  $v = str_replace(array('\\', ':', ';', '&#'), '', $v);
  if($k == 'align'){
   unset($a['align']);
   if($e == 'img' && ($v == 'left' or $v == 'right')){$c[] = 'float: '. $v;}
@@ -659,7 +669,10 @@ return '';
 function hl_tidy($t, $w, $p){
 // tidy/compact HTM
 if(strpos(' pre,script,textarea', "$p,")){return $t;}
-$t = preg_replace(array('`(<\w[^>]*(?<!/)>)\s+`', '`\s+`', '`(<\w[^>]*(?<!/)>) `'), array(' $1', ' ', '$1'), preg_replace_callback(array('`(<(!\[CDATA\[))(.+?)(\]\]>)`sm', '`(<(!--))(.+?)(-->)`sm', '`(<(pre|script|textarea)[^>]*?>)(.+?)(</\2>)`sm'), create_function('$m', 'return $m[1]. str_replace(array("<", ">", "\n", "\r", "\t", " "), array("\x01", "\x02", "\x03", "\x04", "\x05", "\x07"), $m[3]). $m[4];'), $t));
+function hl_aux2($m){
+ return $m[1]. str_replace(array("<", ">", "\n", "\r", "\t", ' '), array("\x01", "\x02", "\x03", "\x04", "\x05", "\x07"), $m[3]). $m[4];
+}
+$t = preg_replace(array('`(<\w[^>]*(?<!/)>)\s+`', '`\s+`', '`(<\w[^>]*(?<!/)>) `'), array(' $1', ' ', '$1'), preg_replace_callback(array('`(<(!\[CDATA\[))(.+?)(\]\]>)`sm', '`(<(!--))(.+?)(-->)`sm', '`(<(pre|script|textarea)[^>]*?>)(.+?)(</\2>)`sm'), 'hl_aux2', $t));
 if(($w = strtolower($w)) == -1){
 return str_replace(array("\x01", "\x02", "\x03", "\x04", "\x05", "\x07"), array('<', '>', "\n", "\r", "\t", ' '), $t);
 }
@@ -682,7 +695,7 @@ while($X){
  $r = ''; list($e, $r) = explode('>', $t[$i]);
  $x = $e[0] == '/' ? 0 : (substr($e, -1) == '/' ? 1 : ($e[0] != '!' ? 2 : -1));
  $y = !$x ? ltrim($e, '/') : ($x > 0 ? substr($e, 0, strcspn($e, ' ')) : 0);
-  $e = "<$e>"; 
+  $e = "<$e>";
  if(isset($d[$y])){
   if(!$x){
    if($n){echo "\n", str_repeat($s, --$n), "$e\n", str_repeat($s, $n);}
@@ -712,5 +725,5 @@ return str_replace(array("\x01", "\x02", "\x03", "\x04", "\x05", "\x07"), array(
 function hl_version(){
 // version
-return '1.2';
+return '1.2.4';
 }