1: <?php
  2: 
  3: /*****************************************************************************************
  4:  * X2Engine Open Source Edition is a customer relationship management program developed by
  5:  * X2Engine, Inc. Copyright (C) 2011-2016 X2Engine Inc.
  6:  * 
  7:  * This program is free software; you can redistribute it and/or modify it under
  8:  * the terms of the GNU Affero General Public License version 3 as published by the
  9:  * Free Software Foundation with the addition of the following permission added
 10:  * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
 11:  * IN WHICH THE COPYRIGHT IS OWNED BY X2ENGINE, X2ENGINE DISCLAIMS THE WARRANTY
 12:  * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
 13:  * 
 14:  * This program is distributed in the hope that it will be useful, but WITHOUT
 15:  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 16:  * FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
 17:  * details.
 18:  * 
 19:  * You should have received a copy of the GNU Affero General Public License along with
 20:  * this program; if not, see http://www.gnu.org/licenses or write to the Free
 21:  * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
 22:  * 02110-1301 USA.
 23:  * 
 24:  * You can contact X2Engine, Inc. P.O. Box 66752, Scotts Valley,
 25:  * California 95067, USA. or at email address [email protected].
 26:  * 
 27:  * The interactive user interfaces in modified source and object code versions
 28:  * of this program must display Appropriate Legal Notices, as required under
 29:  * Section 5 of the GNU Affero General Public License version 3.
 30:  * 
 31:  * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
 32:  * these Appropriate Legal Notices must retain the display of the "Powered by
 33:  * X2Engine" logo. If the display of the logo is not reasonably feasible for
 34:  * technical reasons, the Appropriate Legal Notices must display the words
 35:  * "Powered by X2Engine".
 36:  *****************************************************************************************/
 37: 
 38: /**
 39:  * Email delivery methods.
 40:  *
 41:  * @package application.components
 42:  * @property Credentials $credentials (read-only) The SMTP account to use for
 43:  *  delivery, if applicable.
 44:  * @property array $from The sender of the email.
 45:  * @property PHPMailer $mailer PHPMailer instance
 46:  * @property Profile $userProfile Profile, i.e. for email sender and signature
 47:  * @author Demitri Morgan <[email protected]>
 48:  */
 49: class EmailDeliveryBehavior extends CBehavior {
 50: 
 51:     /**
 52:      * Stores the email credentials, if an account has been defined and is used.
 53:      * @var mixed
 54:      */
 55:     private $_credentials;
 56: 
 57:     /**
 58:      * ID of the credentials record to use for SMTP authentication
 59:      * @var integer
 60:      */
 61:     private $_credId = null;
 62: 
 63:     /**
 64:      * @var array Sender address
 65:      */
 66:     private $_from;
 67: 
 68:     /**
 69:      * Stores an instance of PHPMailer
 70:      * @var PHPMailer
 71:      */
 72:     private $_mailer;
 73: 
 74:     /**
 75:      * Stores value of {@link userProfile}
 76:      * @var Profile
 77:      */
 78:     private $_userProfile;
 79:         
 80:     /**
 81:      * @var array Status codes
 82:      */
 83:     public $status = array();
 84: 
 85: 
 86:     /**
 87:      * Parses a To, CC, or BCC header into an array compatible with PHPMailer.
 88:      * 
 89:      * Each element of the array corresponds to an email addressee; the first
 90:      * element is the name, the second, the value.
 91:      *
 92:      * The special case of "LastName, FirstName" is covered (splitting on commas
 93:      * will break in this case) is covered by using a bit of RegExp from an idea
 94:      * shared here:
 95:      * 
 96:      * http://stackoverflow.com/a/2202489/1325798
 97:      * 
 98:      * @param type $header
 99:      */
100:     public static function addressHeaderToArray($header,$ignoreInvalidAddresses=false) {
101:         // First, tokenize all pieces of the header to avoid splitting inside of
102:         // recipient names:
103:         preg_match_all('/"(?:\\\\.|[^\\\\"])*"|[^,\s]+/', $header, $matches);
104:         $tokenCount = 0;
105:         $values = array();
106:         foreach($matches[0] as $matchedPiece) {
107:             $piece = trim($matchedPiece,',');
108:             $token = "\{token_$tokenCount\}";
109:             $values[$token] = $piece;
110:             $tokenCount++;
111:         }
112:         $tokens = array_flip($values);
113:         $delimiter = '-&@&-'; // Something highly unlikely to ever appear in an email header
114:         $tokenizedHeader = str_replace(',',$delimiter,strtr($header,$tokens));
115:         $headerPieces = explode($delimiter,strtr($tokenizedHeader,$values));
116:         $headerArray = array();
117:         foreach($headerPieces as $recipient){
118:             $recipient = trim($recipient);
119:             if(empty($recipient))
120:                 continue;
121:             $matches = array();
122:             $emailValidator = new CEmailValidator;
123: 
124:             // if it's just a simple email, we're done!
125:             if($emailValidator->validateValue($recipient)) {
126:                 $headerArray[] = array('', $recipient);
127:             } elseif(strlen($recipient) < 255 && 
128: 
129:                 preg_match('/^"?((?:\\\\"|[^"])*)"?\s*<(.+)>$/i', $recipient, $matches)){
130:                 // otherwise, it must be of the variety <[email protected]> "Bob Slydel"
131: 
132:                 // (with or without quotes)
133:                 if(count($matches) == 3 && $emailValidator->validateValue($matches[2])){  
134:                     $headerArray[] = array($matches[1], $matches[2]);
135:                 }else{
136:                     if (!$ignoreInvalidAddresses)
137:                         throw new CException(Yii::t('app', 'Invalid email address list.'));
138:                 }
139:             }else{
140:                 if (!$ignoreInvalidAddresses)
141:                     throw new CException(Yii::t('app', 'Invalid email address list:'.$recipient));
142:             }
143:         }
144:         return $headerArray;            
145:     }
146: 
147:     /**
148:      * Adds email addresses to a PHPMail object
149:      * @param type $phpMail
150:      * @param type $addresses
151:      */
152:     public function addEmailAddresses(&$phpMail, $addresses){
153: 
154:         if(isset($addresses['to'])){
155:             foreach($addresses['to'] as $target){
156:                 if(count($target) == 2)
157:                     $phpMail->AddAddress($target[1], $target[0]);
158:             }
159:         } else{
160:             if(count($addresses) == 2 && !is_array($addresses[0])){ 
161:                 // this is just an array of [name, address], not an array of arrays
162:                 $phpMail->AddAddress($addresses[1], $addresses[0]); 
163:             }else{
164:                 foreach($addresses as $target){ //this is an array of [name, address] subarrays
165:                     if(count($target) == 2)
166:                         $phpMail->AddAddress($target[1], $target[0]);
167:                 }
168:             }
169:         }
170:         if(isset($addresses['cc'])){
171:             foreach($addresses['cc'] as $target){
172:                 if(count($target) == 2)
173:                     $phpMail->AddCC($target[1], $target[0]);
174:             }
175:         }
176:         if(isset($addresses['bcc'])){
177:             foreach($addresses['bcc'] as $target){
178:                 if(count($target) == 2)
179:                     $phpMail->AddBCC($target[1], $target[0]);
180:             }
181:         }
182:     }
183: 
184:     /**
185:      * @param int size
186:      * @throws Exception if size exceeds limit 
187:      * @return true if file size is acceptable
188:      */
189:     public function validateFileSize ($size) {
190:         if($size > (10 * 1024 * 1024)) { // 10mb file size limit
191:             throw new Exception(
192:                 "Attachment '{$attachment['filename']}' exceeds size ".
193:                 "limit of 10mb.");
194:         }
195:         return true;
196:     }
197: 
198:     /**
199:      * Perform the email delivery with PHPMailer.
200:      *
201:      * Any special authentication and security should take place in here.
202:      *
203:      * @param array $addresses This array must contain "to", "cc" and/or "bcc"
204:      *  keys, and values must be arrays of recipients. Each recipient is expressed
205:      *  as a 2-element array with the first element being the name, and the second
206:      *  the email address.
207:      * @throws Exception
208:      * @return array
209:      */
210:     public function deliverEmail($addresses, $subject, $message, $attachments = array(), $unsubLink = null){
211:         if(YII_UNIT_TESTING && defined ('X2_DEBUG_EMAIL') && X2_DEBUG_EMAIL) {
212:             // Fake a successful send
213:             /**/AuxLib::debugLog(
214:                 'Faking an email delivery to address(es): '.var_export($addresses,1));
215:             return $this->status = $this->getDebugStatus();
216:         }
217: 
218:         try {
219:             $phpMail = $this->mailer;
220:         }catch (phpmailerException $e){
221:             // escalate error to force campaigns to halt
222:             $escalated = new phpmailerException (
223:                 $e->getMessage (), PHPMailer::STOP_CRITICAL);
224:             $this->status['code'] = '500';
225:             $this->status['exception'] = $escalated;
226:             $this->status['message'] = $e->getMessage ();
227:             return $this->status;
228:         }
229: 
230:         // attempt smpt connect before attempting to send so that we can escalate exception 
231:         // severity if connection fails. Ideally we would be able to detect exactly the type of
232:         // exception that PHPMailer throws but unfortunately the only way at the time of this
233:         // writing would be to use its translated exception messages (brittle).
234:         if ($this->credentials) {
235:             try {
236:                 $phpMail->smtpConnect ();
237:             } catch (phpmailerException $e) {
238:                 $escalated = new phpmailerException (
239:                     $e->getMessage (), PHPMailer::STOP_CRITICAL);
240:                 $this->status['code'] = '500';
241:                 $this->status['exception'] = $escalated;
242:                 $this->status['message'] = $phpMail->ErrorInfo." ".$e->getFile()." L".$e->getLine();
243:                 return $this->status;
244:             }
245:         }
246: 
247:         try{
248:             $this->addEmailAddresses($phpMail, $addresses);
249: 
250:             $phpMail->Subject = $subject;
251:             // $phpMail->AltBody = $message;
252:             $phpMail->MsgHTML($message);
253:             // $phpMail->Body = $message;
254:             // add attachments, if any
255:             if($attachments){
256:                 foreach($attachments as $attachment){
257:                     $type = $attachment['type'];
258:                     switch ($type) {
259:                         case 'temp': // stored as a temp file?
260:                             $file = 'uploads/protected/media/temp/'.$attachment['folder'].'/'.
261:                                 $attachment['filename'];
262:                             if(file_exists($file)) // check file exists
263:                                 if ($this->validateFileSize (filesize ($file))) {
264:                                     $phpMail->AddAttachment($file);
265:                                 }
266:                             break;
267:                         case 'media': // stored in media library
268:                             $file = 'uploads/protected/media/'.$attachment['folder'].'/'.
269:                                 $attachment['filename'];
270:                             if(file_exists($file)) // check file exists
271:                                 if ($this->validateFileSize (filesize ($file))) {
272:                                     $phpMail->AddAttachment($file);
273:                                 }
274:                             break;
275:                          
276:                         default:
277:                             throw new CException ('Invalid attachment type');
278:                     }
279:                 }
280:             }
281: 
282:             // Add the List-Unsubscribe header if enabled and an unsubscribe link is provided
283:             if (Yii::app()->settings->enableUnsubscribeHeader && !empty($unsubLink)) {
284:                 $phpMail->AddCustomHeader ('List-Unsubscribe:<'.$unsubLink.'>');
285:             }
286:             $phpMail->Send();
287: 
288:             $this->status['code'] = '200';
289:             $this->status['exception'] = null;
290:             $this->status['message'] = Yii::t('app', 'Email Sent!');
291:         }catch (phpmailerException $e){
292:             // Catch PHPMailer specific exceptions for pretty error printing
293:             $this->status['code'] = '500';
294:             $this->status['exception'] = $e;
295:             $this->status['message'] = $phpMail->ErrorInfo." ".$e->getFile()." L".$e->getLine();
296:         }catch (Exception $e){
297:             $this->status['code'] = '500';
298:             $this->status['exception'] = $e;
299:             $this->status['message'] = $e->getMessage()." ".$e->getFile()." L".$e->getLine();
300:         }
301:         return $this->status;
302:     }
303: 
304:     public function clearTemporaryFiles (array $attachments = array ()) {
305:         foreach($attachments as $attachment){
306:             $type = $attachment['type'];
307:             if($type === 'temp'){
308:                 $file = 'uploads/protected/media/temp/'.$attachment['folder'].'/'.
309:                     $attachment['filename'];
310:                 $folder = 'uploads/protected/media/temp/'.$attachment['folder'];
311:                 if(file_exists($file))
312:                     unlink($file); // delete temp file
313:                 if(file_exists($folder))
314:                     rmdir($folder); // delete temp folder
315:                 TempFile::model()->deleteByPk($attachment['id']);
316:             }
317:         }
318:     }
319: 
320:     /**
321:      * Getter for {@link credentials}
322:      * returns Credentials
323:      */
324:     public function getCredentials(){
325:         if(!isset($this->_credentials)){
326:             if($this->credId == Credentials::LEGACY_ID)
327:                 $this->_credentials = false;
328:             else{
329:                 $cred = Credentials::model()->findByPk($this->credId);
330:                 $this->_credentials = empty($cred) ? false : $cred;
331:             }
332:         }
333:         return $this->_credentials;
334:     }
335: 
336:     public function getCredId() {
337:         return $this->_credId;
338:     }
339: 
340:     /**
341:      * Gets the status used when "faking" an email send.
342:      */
343:     public function getDebugStatus() {
344:         return require(implode(DIRECTORY_SEPARATOR,array(
345:             Yii::app()->basePath,
346:             'tests',
347:             'data',
348:             'marketing',
349:             'debugStatus.php'
350:         )));
351:     }
352: 
353:     /**
354:      * Getter for {@link from}
355:      * @return array
356:      */
357:     public function getFrom(){
358:         if(!isset($this->_from)) {
359:             if($this->credentials) {
360:                 $this->_from = array(
361:                     'name' => $this->credentials->auth->senderName,
362:                     'address' => $this->credentials->auth->email
363:                 );
364:             } else {
365:                 if(empty($this->userProfile) ||
366:                         $this->userProfile->username === Profile::GUEST_PROFILE_USERNAME) {
367:                     // The application:
368:                     $this->_from = array(
369:                         'name' => Yii::app()->settings->appName,
370:                         'address' => Yii::app()->settings->emailFromAddr
371:                     );
372:                 }else{
373:                     // Current acting user:
374:                     $this->_from = array(
375:                         'name' => $this->userProfile->fullName,
376:                         'address' => $this->userProfile->emailAddress
377:                     );
378:                 }
379:             }
380:         }
381:         return $this->_from;
382:     }
383: 
384:     /**
385:      * Magic getter for {@link phpMailer}
386:      * @return \PHPMailer
387:      */
388:     public function getMailer(){
389:         if(!isset($this->_mailer)){
390:             require_once(
391:                 realpath(Yii::app()->basePath.'/components/phpMailer/PHPMailerAutoload.php'));
392: 
393:             // the true param means it will throw exceptions on errors, which we need to catch
394:             $phpMail = new PHPMailer(true); 
395:             $phpMail->CharSet = 'utf-8';
396: 
397:             $cred = $this->credentials;
398:             if($cred){ // Use an individual user email account if specified and valid
399:                 $phpMail->IsSMTP();
400:                 $phpMail->Host = $cred->auth->server;
401:                 $phpMail->Port = $cred->auth->port;
402:                 $phpMail->SMTPSecure = $cred->auth->security;
403:                 if(!empty($cred->auth->password)){
404:                     $phpMail->SMTPAuth = true;
405:                     $cred->auth->emailUser('user');
406:                     $phpMail->Username = $cred->auth->user;
407:                     $phpMail->Password = $cred->auth->password;
408:                 }
409:                 // Use the specified credentials (which should have the sender name):
410:                 $phpMail->AddReplyTo($cred->auth->email, $cred->auth->senderName);
411:                 $phpMail->SetFrom($cred->auth->email, $cred->auth->senderName);
412:                 $this->from = array(
413:                     'address' => $cred->auth->email, 'name' => $cred->auth->senderName);
414:             }else{ // Use the system default (legacy method)
415:                 switch(Yii::app()->settings->emailType){
416:                     case 'sendmail':
417:                         $phpMail->IsSendmail();
418:                         break;
419:                     case 'qmail':
420:                         $phpMail->IsQmail();
421:                         break;
422:                     case 'smtp':
423:                         $phpMail->IsSMTP();
424: 
425:                         $phpMail->Host = Yii::app()->settings->emailHost;
426:                         $phpMail->Port = Yii::app()->settings->emailPort;
427:                         $phpMail->SMTPSecure = Yii::app()->settings->emailSecurity;
428:                         if(Yii::app()->settings->emailUseAuth == 'admin'){
429:                             $phpMail->SMTPAuth = true;
430:                             $phpMail->Username = Yii::app()->settings->emailUser;
431:                             $phpMail->Password = Yii::app()->settings->emailPass;
432:                         }
433: 
434: 
435:                         break;
436:                     case 'mail':
437:                     default:
438:                         $phpMail->IsMail();
439:                 }
440:                 // Use sender specified in attributes/system (legacy method):
441:                 $from = $this->from;
442:                 if($from == null){ // if no from address (or not formatted properly)
443:                     if(empty($this->userProfile->emailAddress))
444:                         throw new Exception('Your profile doesn\'t have a valid email address.');
445: 
446:                     $phpMail->AddReplyTo(
447:                         $this->userProfile->emailAddress, $this->userProfile->fullName);
448:                     $phpMail->SetFrom(
449:                         $this->userProfile->emailAddress, $this->userProfile->fullName);
450:                 } else{
451:                     $phpMail->AddReplyTo($from['address'], $from['name']);
452:                     $phpMail->SetFrom($from['address'], $from['name']);
453:                 }
454:             }
455: 
456:             $this->_mailer = $phpMail;
457:         }
458:         return $this->_mailer;
459:     }
460: 
461:     /**
462:      * Magic getter for {@link userProfile}
463:      * @return Profile
464:      */
465:     public function getUserProfile(){
466:         if(!isset($this->_userProfile)){
467:             if(empty($this->_userProfile)){
468:                 if(Yii::app()->params->noSession){
469:                     // As a last resort: use admin
470:                     $this->_userProfile = Profile::model()->findByPk(1);
471:                 }else{
472:                     // By default: if no profile was defined, and it's in a web
473:                     // session, use the current user's profile.
474:                     $this->_userProfile = Yii::app()->params->profile;
475:                 }
476:             }
477:         }
478:         return $this->_userProfile;
479:     }
480: 
481:     public function setCredId($value) {
482:         $this->_credId = $value;
483:     }
484: 
485:     public function setFrom($from){
486:         $this->_from = $from;
487:     }
488: 
489:     /**
490:      * Magic setter for {@link userProfile}
491:      * @param Profile $profile
492:      */
493:     public function setUserProfile(Profile $profile){
494:         $this->_userProfile = $profile;
495:     }
496: 
497:     public function testUserCredentials($email, $password, $server, $port, $security) {
498:         require_once(
499:             realpath(Yii::app()->basePath.'/components/phpMailer/PHPMailerAutoload.php'));
500:         $phpMail = new PHPMailer(true);
501: 
502:         $phpMail->isSMTP();
503:         $phpMail->SMTPAuth = true;
504:         $phpMail->Username = $email;
505:         $phpMail->Password = $password;
506:         $phpMail->Host = $server;
507:         $phpMail->Port = $port;
508:         $phpMail->SMTPSecure = $security;
509: 
510:         try {
511:             $validCredentials = $phpMail->SmtpConnect();
512:         } catch(phpmailerException $error) {
513:             $validCredentials = false;
514:         }
515:         return $validCredentials;
516:     }
517: 
518: }
519: 
520: ?>
521: