bn8/ldapsaisie
1
0
Fork 0
mirror of https://gitlab.easter-eggs.com/ee/ldapsaisie.git synced 2024-05-14 01:35:28 +02:00
Code Issues Projects Releases Wiki Activity

LSaddon :: mail: Improve mail forging method by using PEAR Mail_mime lib

Browse source
This commit is contained in:
Benjamin Renard 2020-04-29 15:26:15 +02:00
parent de3adbbffb
commit c63040203d
4 changed files with 79 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
debian/control vendored
View file

@ -6,7 +6,7 @@ Maintainer: Benjamin Renard <brenard@easter-eggs.com>
Package: ldapsaisie
Architecture: all
Depends: apache2 | httpd, php-ldap | php5-ldap, php-fpm | libapache2-mod-php5 | libapache2-mod-php | php5-cli | php-cli, smarty | smarty3, php-net-ldap2, php-net-ftp, php-mail, php-file-csv-datasource
Depends: apache2 | httpd, php-ldap | php5-ldap, php-fpm | libapache2-mod-php5 | libapache2-mod-php | php5-cli | php-cli, smarty | smarty3, php-net-ldap2, php-net-ftp, php-mail, php-mail-mime, php-file-csv-datasource
Recommends: php-mbstring, php-phpseclib
Description: web based interface for managing LDAP servers content
LdapSaisie is a Web application developed to manage LDAP directory.

35
doc/conf/LSaddon/LSaddon_mail.docbook
View file

@ -1,9 +1,9 @@
<sect2 id="config-LSaddon_mail">
<title>LSaddon_mail</title>
<para>Cet &LSaddon; est utilisé pour gérer l'envoie de mail. Le module
&PEAR; Mail doit être installé. Il doit être configuré en éditant son
&PEAR; Mail doit être installé. Il doit être configuré en éditant son
fichier de configuration <literal>config.LSaddons.mail.php</literal>.</para>
<programlisting linenumbering="unnumbered">
<citetitle>Structure du fichier</citetitle>/*
***********************************************
@ -14,6 +14,9 @@
// Pear :: Mail
define('PEAR_MAIL','/usr/share/php/Mail.php');
// Pear :: Mail_mime
define('PEAR_MAIL_MIME','/usr/share/php/Mail/mime.php');
/*
* Méthode d'envoie :
* - mail : envoie avec la méthode PHP mail()
@ -27,32 +30,32 @@ define('MAIL_SEND_METHOD','smtp');
* Ces paramètres dépende de la méthode utilisé. Repporté vous à la documentation
* de PEAR :: Mail pour plus d'information.
* Lien : http://pear.php.net/manual/en/package.mail.mail.factory.php
* Infos :
* Infos :
* List of parameter for the backends
* mail
* o If safe mode is disabled, $params will be passed as the fifth
* argument to the PHP mail() function. If $params is an array,
* its elements will be joined as a space-delimited string.
* o If safe mode is disabled, $params will be passed as the fifth
* argument to the PHP mail() function. If $params is an array,
* its elements will be joined as a space-delimited string.
* sendmail
* o $params["sendmail_path"] - The location of the sendmail program
* o $params["sendmail_path"] - The location of the sendmail program
* on the filesystem. Default is /usr/bin/sendmail.
* o $params["sendmail_args"] - Additional parameters to pass to the
* sendmail. Default is -i.
* o $params["sendmail_args"] - Additional parameters to pass to the
* sendmail. Default is -i.
* smtp
* o $params["host"] - The server to connect. Default is localhost.
* o $params["port"] - The port to connect. Default is 25.
* o $params["auth"] - Whether or not to use SMTP authentication.
* o $params["auth"] - Whether or not to use SMTP authentication.
* Default is FALSE.
* o $params["username"] - The username to use for SMTP authentication.
* o $params["password"] - The password to use for SMTP authentication.
* o $params["localhost"] - The value to give when sending EHLO or HELO.
* Default is localhost
* o $params["timeout"] - The SMTP connection timeout.
* o $params["timeout"] - The SMTP connection timeout.
* Default is NULL (no timeout).
* o $params["verp"] - Whether to use VERP or not. Default is FALSE.
* o $params["debug"] - Whether to enable SMTP debug mode or not.
* o $params["debug"] - Whether to enable SMTP debug mode or not.
* Default is FALSE.
* o $params["persist"] - Indicates whether or not the SMTP connection
* o $params["persist"] - Indicates whether or not the SMTP connection
* should persist over multiple calls to the send() method.
*/
$MAIL_SEND_PARAMS = NULL;
@ -61,9 +64,6 @@ $MAIL_SEND_PARAMS = NULL;
* Headers :
*/
$MAIL_HEARDERS = array(
"Content-Type" => "text/plain",
"charset" => "UTF-8",
"format" => "flowed"
);
</programlisting>
@ -76,6 +76,9 @@ $MAIL_HEARDERS = array(
<paramdef>string <parameter>$subject</parameter></paramdef>
<paramdef>string <parameter>$msg</parameter></paramdef>
<paramdef>array <parameter>$headers</parameter></paramdef>
<paramdef>array <parameter>$attachments</parameter></paramdef>
<paramdef>string <parameter>$eol</parameter></paramdef>
<paramdef>string <parameter>$encoding</parameter></paramdef>
</funcprototype>
</funcsynopsis>
</para>

6
public_html/conf/LSaddons/config.LSaddons.mail.php
View file

@ -29,6 +29,9 @@
// Pear :: Mail
define('PEAR_MAIL','/usr/share/php/Mail.php');
// Pear :: Mail_mime
define('PEAR_MAIL_MIME','/usr/share/php/Mail/mime.php');
/*
* Méthode d'envoie :
* - mail : envoie avec la méthode PHP mail()
@ -76,8 +79,5 @@ $MAIL_SEND_PARAMS = NULL;
* Headers :
*/
$MAIL_HEARDERS = array(
"Content-Type" => "text/plain",
"charset" => "UTF-8",
"format" => "flowed"
);

71
public_html/includes/addons/LSaddons.mail.php
View file

@ -26,6 +26,9 @@
LSerror :: defineError('MAIL_SUPPORT_01',
_("MAIL Support : Pear::MAIL is missing.")
);
LSerror :: defineError('MAIL_SUPPORT_02',
_("MAIL Support : Pear::MAIL_MIME is missing.")
);
// Autres erreurs
LSerror :: defineError('MAIL_00',
@ -35,10 +38,10 @@ LSerror :: defineError('MAIL_00',
LSerror :: defineError('MAIL_01',
_("MAIL : Error sending your email")
);
/**
* Verification du support MAIL par ldapSaisie
*
*
* @author Benjamin Renard <brenard@easter-eggs.com>
*
* @retval boolean true si MAIL est pleinement supporté, false sinon
@ -53,30 +56,43 @@ LSerror :: defineError('MAIL_01',
$retval=false;
}
}
if (!class_exists('Mail_mime')) {
if(!LSsession::includeFile(PEAR_MAIL_MIME, true)) {
LSerror :: addErrorCode('MAIL_SUPPORT_02');
$retval=false;
}
}
return $retval;
}
/**
* Envoie d'un mail
*
*
* @author Benjamin Renard <brenard@easter-eggs.com>
*
* @retval boolean true si MAIL est pleinement supporté, false sinon
*/
function sendMail($to,$subject,$msg,$headers=array()) {
function sendMail($to, $subject, $msg, $headers=array(), $attachments=array(), $eol="\n", $encoding="utf8") {
global $MAIL_SEND_PARAMS, $MAIL_HEARDERS;
$mail_obj = Mail::factory(MAIL_SEND_METHOD, (isset($MAIL_SEND_PARAMS)?$MAIL_SEND_PARAMS:null));
if (isset($MAIL_HEARDERS) && is_array($MAIL_HEARDERS)) {
$headers = array_merge($headers,$MAIL_HEARDERS);
}
if ($subject) {
$headers["Subject"] = $subject;
if (isset($headers['From'])) {
$from = $headers['From'];
unset($headers['From']);
}
if (!isset($headers['From']) && (LSsession :: getEmailSender() != "")) {
$headers['From'] = LSsession :: getEmailSender();
elseif (LSsession :: getEmailSender() != "") {
$from = LSsession :: getEmailSender();
}
else {
$from = null;
}
$headers["To"] = $to;
$to = array (
@ -92,13 +108,38 @@ LSerror :: defineError('MAIL_01',
}
}
$ret = $mail_obj -> send($to,$headers,$msg);
$mime = new Mail_mime(
array(
'eol' => $eol,
'text_charset' => $encoding,
'head_charset' => $encoding,
)
);
if ($from)
$mime->setFrom($from);
if ($subject)
$mime->setSubject($subject);
$mime->setTXTBody($msg);
if (is_array($attachments) && !empty($attachments)) {
$finfo = new finfo(FILEINFO_MIME_TYPE);
foreach ($attachments as $file => $filename) {
$mime->addAttachment($file, $finfo->file($file), $filename);
}
}
$body = $mime->get();
$headers = $mime->headers($headers);
$ret = $mail_obj -> send($to, $headers, $body);
if ($ret instanceof PEAR_Error) {
LSerror :: addErrorCode('MAIL_01');
LSerror :: addErrorCode('MAIL_00',$ret -> getMessage());
LSerror :: addErrorCode('MAIL_00', $ret -> getMessage());
return;
}
return true;
}