admin/39564-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: make mail service robust without system PHPMa

Browse Source
This commit is contained in:
Flatlogic Bot 2026-04-12 04:52:31 +00:00
parent 8264cf4677
commit 861955cd7d
1 changed files with 227 additions and 152 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

379
mail/MailService.php
View File

@ -13,94 +13,18 @@ class MailService
public static function sendMail($to, string $subject, string $htmlBody, ?string $textBody = null, array $opts = [])
{
$cfg = self::loadConfig();
$transport = strtolower((string)($cfg['transport'] ?? 'smtp'));
$autoload = __DIR__ . '/../vendor/autoload.php';
if (file_exists($autoload)) {
require_once $autoload;
}
if (!class_exists('PHPMailer\\PHPMailer\\PHPMailer')) {
@require_once 'libphp-phpmailer/autoload.php';
if (!class_exists('PHPMailer\\PHPMailer\\PHPMailer')) {
@require_once 'libphp-phpmailer/src/Exception.php';
@require_once 'libphp-phpmailer/src/SMTP.php';
@require_once 'libphp-phpmailer/src/PHPMailer.php';
}
if (!class_exists('PHPMailer\\PHPMailer\\PHPMailer')) {
@require_once 'PHPMailer/src/Exception.php';
@require_once 'PHPMailer/src/SMTP.php';
@require_once 'PHPMailer/src/PHPMailer.php';
}
if (!class_exists('PHPMailer\\PHPMailer\\PHPMailer')) {
@require_once 'PHPMailer/Exception.php';
@require_once 'PHPMailer/SMTP.php';
@require_once 'PHPMailer/PHPMailer.php';
if ($transport === 'smtp') {
if (!self::ensurePHPMailerLoaded()) {
return [ 'success' => false, 'error' => 'PHPMailer not available for SMTP transport' ];
}
return self::sendSmtpMail($cfg, $to, $subject, $htmlBody, $textBody, $opts);
}
if (!class_exists('PHPMailer\\PHPMailer\\PHPMailer')) {
return [ 'success' => false, 'error' => 'PHPMailer not available' ];
}
$mail = new PHPMailer\PHPMailer\PHPMailer(true);
try {
$mail->CharSet = 'UTF-8';
$mail->Encoding = PHPMailer\PHPMailer\PHPMailer::ENCODING_BASE64;
$mail->isSMTP();
$mail->Host = $cfg['smtp_host'] ?? '';
$mail->Port = (int)($cfg['smtp_port'] ?? 587);
$secure = $cfg['smtp_secure'] ?? 'tls';
if ($secure === 'ssl') $mail->SMTPSecure = PHPMailer\PHPMailer\PHPMailer::ENCRYPTION_SMTPS;
elseif ($secure === 'tls') $mail->SMTPSecure = PHPMailer\PHPMailer\PHPMailer::ENCRYPTION_STARTTLS;
else $mail->SMTPSecure = false;
$mail->SMTPAuth = true;
$mail->Username = $cfg['smtp_user'] ?? '';
$mail->Password = $cfg['smtp_pass'] ?? '';
$fromEmail = $opts['from_email'] ?? ($cfg['from_email'] ?? 'no-reply@localhost');
$fromName = $opts['from_name'] ?? ($cfg['from_name'] ?? 'App');
$mail->setFrom($fromEmail, $fromName);
if (!empty($opts['reply_to']) && filter_var($opts['reply_to'], FILTER_VALIDATE_EMAIL)) {
$mail->addReplyTo($opts['reply_to']);
} elseif (!empty($cfg['reply_to'])) {
$mail->addReplyTo($cfg['reply_to']);
}
// Recipients
$toList = [];
if ($to) {
if (is_string($to)) $toList = array_map('trim', explode(',', $to));
elseif (is_array($to)) $toList = $to;
} elseif (!empty(getenv('MAIL_TO'))) {
$toList = array_map('trim', explode(',', getenv('MAIL_TO')));
}
$added = 0;
foreach ($toList as $addr) {
if (filter_var($addr, FILTER_VALIDATE_EMAIL)) { $mail->addAddress($addr); $added++; }
}
if ($added === 0) {
return [ 'success' => false, 'error' => 'No recipients defined (set MAIL_TO or pass $to)' ];
}
foreach ((array)($opts['cc'] ?? []) as $cc) { if (filter_var($cc, FILTER_VALIDATE_EMAIL)) $mail->addCC($cc); }
foreach ((array)($opts['bcc'] ?? []) as $bcc){ if (filter_var($bcc, FILTER_VALIDATE_EMAIL)) $mail->addBCC($bcc); }
// Optional DKIM
if (!empty($cfg['dkim_domain']) && !empty($cfg['dkim_selector']) && !empty($cfg['dkim_private_key_path'])) {
$mail->DKIM_domain = $cfg['dkim_domain'];
$mail->DKIM_selector = $cfg['dkim_selector'];
$mail->DKIM_private = $cfg['dkim_private_key_path'];
}
$mail->isHTML(true);
$mail->Subject = $subject;
$mail->Body = $htmlBody;
$mail->AltBody = $textBody ?? strip_tags($htmlBody);
$ok = $mail->send();
return [ 'success' => $ok ];
} catch (\Throwable $e) {
return [ 'success' => false, 'error' => 'PHPMailer error: ' . $e->getMessage() ];
}
return self::sendNativeMail($cfg, $to, $subject, $htmlBody, $textBody, $opts);
}
private static function loadConfig(): array
{
$configPath = __DIR__ . '/config.php';
@ -114,89 +38,136 @@ class MailService
return $cfg;
}
// Send a contact message
// $to can be: a single email string, a comma-separated list, an array of emails, or null (fallback to MAIL_TO/MAIL_FROM)
public static function sendContactMessage(string $name, string $email, string $message, $to = null, string $subject = 'New contact form')
private static function ensurePHPMailerLoaded(): bool
{
$cfg = self::loadConfig();
// Try Composer autoload if available (for PHPMailer)
$autoload = __DIR__ . '/../vendor/autoload.php';
if (file_exists($autoload)) {
require_once $autoload;
if (class_exists('PHPMailer\PHPMailer\PHPMailer', false)) {
return true;
}
// Fallback to system-wide PHPMailer (installed via apt: libphp-phpmailer)
if (!class_exists('PHPMailer\\PHPMailer\\PHPMailer')) {
// Debian/Ubuntu package layout (libphp-phpmailer)
@require_once 'libphp-phpmailer/autoload.php';
if (!class_exists('PHPMailer\\PHPMailer\\PHPMailer')) {
@require_once 'libphp-phpmailer/src/Exception.php';
@require_once 'libphp-phpmailer/src/SMTP.php';
@require_once 'libphp-phpmailer/src/PHPMailer.php';
}
// Alternative layout (older PHPMailer package names)
if (!class_exists('PHPMailer\\PHPMailer\\PHPMailer')) {
@require_once 'PHPMailer/src/Exception.php';
@require_once 'PHPMailer/src/SMTP.php';
@require_once 'PHPMailer/src/PHPMailer.php';
}
if (!class_exists('PHPMailer\\PHPMailer\\PHPMailer')) {
@require_once 'PHPMailer/Exception.php';
@require_once 'PHPMailer/SMTP.php';
@require_once 'PHPMailer/PHPMailer.php';
$autoloadCandidates = [
__DIR__ . '/../vendor/autoload.php',
'libphp-phpmailer/autoload.php',
'PHPMailer/PHPMailerAutoload.php',
];
foreach ($autoloadCandidates as $candidate) {
$resolved = self::resolveIncludePath($candidate);
if ($resolved) {
require_once $resolved;
if (class_exists('PHPMailer\PHPMailer\PHPMailer', false)) {
return true;
}
}
}
$transport = $cfg['transport'] ?? 'smtp';
if ($transport === 'smtp' && class_exists('PHPMailer\\PHPMailer\\PHPMailer')) {
return self::sendViaPHPMailer($cfg, $name, $email, $message, $to, $subject);
$classFileSets = [
[
'libphp-phpmailer/src/Exception.php',
'libphp-phpmailer/src/SMTP.php',
'libphp-phpmailer/src/PHPMailer.php',
],
[
'PHPMailer/src/Exception.php',
'PHPMailer/src/SMTP.php',
'PHPMailer/src/PHPMailer.php',
],
[
'PHPMailer/Exception.php',
'PHPMailer/SMTP.php',
'PHPMailer/PHPMailer.php',
],
];
foreach ($classFileSets as $files) {
$resolvedFiles = [];
foreach ($files as $file) {
$resolved = self::resolveIncludePath($file);
if (!$resolved) {
$resolvedFiles = [];
break;
}
$resolvedFiles[] = $resolved;
}
if (!$resolvedFiles) {
continue;
}
foreach ($resolvedFiles as $resolvedFile) {
require_once $resolvedFile;
}
if (class_exists('PHPMailer\PHPMailer\PHPMailer', false)) {
return true;
}
}
// Fallback: attempt native mail() — works only if MTA is configured on the VM
return self::sendViaNativeMail($cfg, $name, $email, $message, $to, $subject);
return class_exists('PHPMailer\PHPMailer\PHPMailer', false);
}
private static function sendViaPHPMailer(array $cfg, string $name, string $email, string $body, $to, string $subject)
private static function resolveIncludePath(string $path): ?string
{
if (is_file($path)) {
return $path;
}
$resolved = stream_resolve_include_path($path);
if ($resolved && is_file($resolved)) {
return $resolved;
}
return null;
}
private static function buildRecipientList($to): array
{
if ($to) {
if (is_string($to)) {
return array_map('trim', explode(',', $to));
}
if (is_array($to)) {
return $to;
}
}
$defaultTo = getenv('MAIL_TO');
if (!empty($defaultTo)) {
return array_map('trim', explode(',', $defaultTo));
}
return [];
}
private static function sendSmtpMail(array $cfg, $to, string $subject, string $htmlBody, ?string $textBody, array $opts): array
{
$mail = new PHPMailer\PHPMailer\PHPMailer(true);
try {
$mail->CharSet = 'UTF-8';
$mail->Encoding = PHPMailer\PHPMailer\PHPMailer::ENCODING_BASE64;
$mail->isSMTP();
$mail->Host = $cfg['smtp_host'] ?? '';
$mail->Port = (int)($cfg['smtp_port'] ?? 587);
$secure = $cfg['smtp_secure'] ?? 'tls';
if ($secure === 'ssl') $mail->SMTPSecure = PHPMailer\PHPMailer\PHPMailer::ENCRYPTION_SMTPS;
elseif ($secure === 'tls') $mail->SMTPSecure = PHPMailer\PHPMailer\PHPMailer::ENCRYPTION_STARTTLS;
else $mail->SMTPSecure = false;
$secure = strtolower((string)($cfg['smtp_secure'] ?? 'tls'));
if ($secure === 'ssl') {
$mail->SMTPSecure = PHPMailer\PHPMailer\PHPMailer::ENCRYPTION_SMTPS;
} elseif ($secure === 'tls') {
$mail->SMTPSecure = PHPMailer\PHPMailer\PHPMailer::ENCRYPTION_STARTTLS;
} else {
$mail->SMTPSecure = false;
}
$mail->SMTPAuth = true;
$mail->Username = $cfg['smtp_user'] ?? '';
$mail->Password = $cfg['smtp_pass'] ?? '';
$fromEmail = $cfg['from_email'] ?? 'no-reply@localhost';
$fromName = $cfg['from_name'] ?? 'App';
$fromEmail = $opts['from_email'] ?? ($cfg['from_email'] ?? 'no-reply@localhost');
$fromName = $opts['from_name'] ?? ($cfg['from_name'] ?? 'App');
$mail->setFrom($fromEmail, $fromName);
// Use Reply-To for the user's email to avoid spoofing From
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
$mail->addReplyTo($email, $name ?: $email);
}
if (!empty($cfg['reply_to'])) {
if (!empty($opts['reply_to']) && filter_var($opts['reply_to'], FILTER_VALIDATE_EMAIL)) {
$mail->addReplyTo($opts['reply_to']);
} elseif (!empty($cfg['reply_to']) && filter_var($cfg['reply_to'], FILTER_VALIDATE_EMAIL)) {
$mail->addReplyTo($cfg['reply_to']);
}
// Destination: prefer dynamic recipients ($to), fallback to MAIL_TO; no silent FROM fallback
$toList = [];
if ($to) {
if (is_string($to)) {
// allow comma-separated list
$toList = array_map('trim', explode(',', $to));
} elseif (is_array($to)) {
$toList = $to;
}
} elseif (!empty(getenv('MAIL_TO'))) {
$toList = array_map('trim', explode(',', getenv('MAIL_TO')));
}
$toList = self::buildRecipientList($to);
$added = 0;
foreach ($toList as $addr) {
if (filter_var($addr, FILTER_VALIDATE_EMAIL)) {
@ -208,7 +179,17 @@ class MailService
return [ 'success' => false, 'error' => 'No recipients defined (set MAIL_TO or pass $to)' ];
}
// DKIM (optional)
foreach ((array)($opts['cc'] ?? []) as $cc) {
if (filter_var($cc, FILTER_VALIDATE_EMAIL)) {
$mail->addCC($cc);
}
}
foreach ((array)($opts['bcc'] ?? []) as $bcc) {
if (filter_var($bcc, FILTER_VALIDATE_EMAIL)) {
$mail->addBCC($bcc);
}
}
if (!empty($cfg['dkim_domain']) && !empty($cfg['dkim_selector']) && !empty($cfg['dkim_private_key_path'])) {
$mail->DKIM_domain = $cfg['dkim_domain'];
$mail->DKIM_selector = $cfg['dkim_selector'];
@ -217,23 +198,117 @@ class MailService
$mail->isHTML(true);
$mail->Subject = $subject;
$safeName = htmlspecialchars($name, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
$safeEmail = htmlspecialchars($email, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
$safeBody = nl2br(htmlspecialchars($body, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8'));
$mail->Body = "<p><strong>Name:</strong> {$safeName}</p><p><strong>Email:</strong> {$safeEmail}</p><hr>{$safeBody}";
$mail->AltBody = "Name: {$name}\nEmail: {$email}\n\n{$body}";
$mail->Body = $htmlBody;
$mail->AltBody = $textBody ?? trim(strip_tags($htmlBody));
$ok = $mail->send();
return [ 'success' => $ok ];
return [ 'success' => $mail->send() ];
} catch (\Throwable $e) {
return [ 'success' => false, 'error' => 'PHPMailer error: ' . $e->getMessage() ];
}
}
private static function sendViaNativeMail(array $cfg, string $name, string $email, string $body, $to, string $subject)
private static function sendNativeMail(array $cfg, $to, string $subject, string $htmlBody, ?string $textBody, array $opts): array
{
$opts = ['reply_to' => $email];
$html = nl2br(htmlspecialchars($body, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8'));
return self::sendMail($to, $subject, $html, $body, $opts);
$toList = self::buildRecipientList($to);
$validTo = [];
foreach ($toList as $addr) {
if (filter_var($addr, FILTER_VALIDATE_EMAIL)) {
$validTo[] = $addr;
}
}
if (empty($validTo)) {
return [ 'success' => false, 'error' => 'No recipients defined (set MAIL_TO or pass $to)' ];
}
$fromEmail = $opts['from_email'] ?? ($cfg['from_email'] ?? 'no-reply@localhost');
$fromName = $opts['from_name'] ?? ($cfg['from_name'] ?? 'App');
$replyTo = $opts['reply_to'] ?? ($cfg['reply_to'] ?? null);
$textBody = $textBody ?? trim(strip_tags($htmlBody));
$boundary = 'flmail_' . md5((string)microtime(true) . $subject);
$encodedSubject = '=?UTF-8?B?' . base64_encode($subject) . '?=';
$safeFromName = mb_encode_mimeheader($fromName, 'UTF-8');
$headers = [
'MIME-Version: 1.0',
'From: ' . $safeFromName . ' <' . $fromEmail . '>',
'Content-Type: multipart/alternative; boundary="' . $boundary . '"',
];
if ($replyTo && filter_var($replyTo, FILTER_VALIDATE_EMAIL)) {
$headers[] = 'Reply-To: ' . $replyTo;
}
$ccList = [];
foreach ((array)($opts['cc'] ?? []) as $cc) {
if (filter_var($cc, FILTER_VALIDATE_EMAIL)) {
$ccList[] = $cc;
}
}
if ($ccList) {
$headers[] = 'Cc: ' . implode(', ', $ccList);
}
$bccList = [];
foreach ((array)($opts['bcc'] ?? []) as $bcc) {
if (filter_var($bcc, FILTER_VALIDATE_EMAIL)) {
$bccList[] = $bcc;
}
}
if ($bccList) {
$headers[] = 'Bcc: ' . implode(', ', $bccList);
}
$message = "--{$boundary}
"
. "Content-Type: text/plain; charset=UTF-8
"
. "Content-Transfer-Encoding: 8bit
"
. $textBody . "
"
. "--{$boundary}
"
. "Content-Type: text/html; charset=UTF-8
"
. "Content-Transfer-Encoding: 8bit
"
. $htmlBody . "
"
. "--{$boundary}--
";
$ok = @mail(implode(', ', $validTo), $encodedSubject, $message, implode("
", $headers));
if (!$ok) {
return [ 'success' => false, 'error' => 'Native mail() failed' ];
}
return [ 'success' => true ];
}
// Send a contact message
// $to can be: a single email string, a comma-separated list, an array of emails, or null (fallback to MAIL_TO/MAIL_FROM)
public static function sendContactMessage(string $name, string $email, string $message, $to = null, string $subject = 'New contact form')
{
$safeName = htmlspecialchars($name, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
$safeEmail = htmlspecialchars($email, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
$safeBody = nl2br(htmlspecialchars($message, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8'));
$html = "<p><strong>Name:</strong> {$safeName}</p><p><strong>Email:</strong> {$safeEmail}</p><hr>{$safeBody}";
$text = "Name: {$name}
Email: {$email}
{$message}";
$opts = [];
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
$opts['reply_to'] = $email;
}
return self::sendMail($to, $subject, $html, $text, $opts);
}
}