refactor: improve authorization validation flow and email error response messages

ip-qi · ip-qi · commit 40656ce852f8 · 2025-02-26T08:35:34.000+01:00
diff --git a/system/Email/Email.php b/system/Email/Email.php
@@ -2019,16 +2019,28 @@ protected function SMTPAuthenticate()
             return false;
         }
 
-        // send initial 'handshake' command
+        // normalize in case user entered capital words LOGIN/PLAIN
+        $this->SMTPAuthMethod = strtolower($this->SMTPAuthMethod);
+
+        // Validate supported authentication methods
+        $validMethods = ['login', 'plain'];
+        if (! in_array($this->SMTPAuthMethod, $validMethods, true)) {
+            $this->setErrorMessage(lang('Email.invalidSMTPAuthMethod', [$this->SMTPAuthMethod]));
+
+            return false;
+        }
+
+        // send initial 'AUTH' command
         $this->sendData('AUTH ' . strtoupper($this->SMTPAuthMethod));
         $reply = $this->getSMTPData();
 
         if (str_starts_with($reply, '503')) {    // Already authenticated
             return true;
         }
 
+        // if 'AUTH' command is unsuported by the server
         if (! str_starts_with($reply, '334')) {
-            $this->setErrorMessage(lang('Email.failedSMTPLogin', [$reply]));
+            $this->setErrorMessage(lang('Email.failureSMTPAuthMethod', [strtoupper($this->SMTPAuthMethod)]));
 
             return false;
         }
@@ -2053,16 +2065,11 @@ protected function SMTPAuthenticate()
 
                 $this->sendData(base64_encode($authString));
                 break;
-
-            default:
-                $this->setErrorMessage(lang('Email.noSMTPAuthMethod'));
-
-                return false;
         }
 
         $reply = $this->getSMTPData();
         if (! str_starts_with($reply, '235')) {  // Authentication failed
-            $errorMessage = $this->SMTPAuthMethod === 'plain' ? 'Email.failedSMTPLogin' : 'Email.SMTPAuthPassword';
+            $errorMessage = $this->SMTPAuthMethod === 'plain' ? 'Email.SMTPAuthCredentials' : 'Email.SMTPAuthPassword';
 
             $this->setErrorMessage(lang($errorMessage, [$reply]));
 
diff --git a/system/Language/en/Email.php b/system/Language/en/Email.php
@@ -13,24 +13,25 @@
 
 // Email language settings
 return [
-    'mustBeArray'          => 'The email validation method must be passed an array.',
-    'invalidAddress'       => 'Invalid email address: "{0}"',
-    'attachmentMissing'    => 'Unable to locate the following email attachment: "{0}"',
-    'attachmentUnreadable' => 'Unable to open this attachment: "{0}"',
-    'noFrom'               => 'Cannot send mail with no "From" header.',
-    'noRecipients'         => 'You must include recipients: To, Cc, or Bcc',
-    'sendFailurePHPMail'   => 'Unable to send email using PHP mail(). Your server might not be configured to send mail using this method.',
-    'sendFailureSendmail'  => 'Unable to send email using Sendmail. Your server might not be configured to send mail using this method.',
-    'sendFailureSmtp'      => 'Unable to send email using SMTP. Your server might not be configured to send mail using this method.',
-    'sent'                 => 'Your message has been successfully sent using the following protocol: {0}',
-    'noSocket'             => 'Unable to open a socket to Sendmail. Please check settings.',
-    'noHostname'           => 'You did not specify a SMTP hostname.',
-    'SMTPError'            => 'The following SMTP error was encountered: {0}',
-    'noSMTPAuth'           => 'Error: You must assign an SMTP username and password.',
-    'noSMTPAuthMethod'     => 'Error: you must assign an SMTP authentication method ("LOGIN" or "PLAIN")',
-    'failedSMTPLogin'      => 'Failed to send AUTH LOGIN command. Error: {0}',
-    'SMTPAuthUsername'     => 'Failed to authenticate username. Error: {0}',
-    'SMTPAuthPassword'     => 'Failed to authenticate password. Error: {0}',
-    'SMTPDataFailure'      => 'Unable to send data: {0}',
-    'exitStatus'           => 'Exit status code: {0}',
+    'mustBeArray'           => 'The email validation method must be passed an array.',
+    'invalidAddress'        => 'Invalid email address: "{0}"',
+    'attachmentMissing'     => 'Unable to locate the following email attachment: "{0}"',
+    'attachmentUnreadable'  => 'Unable to open this attachment: "{0}"',
+    'noFrom'                => 'Cannot send mail with no "From" header.',
+    'noRecipients'          => 'You must include recipients: To, Cc, or Bcc',
+    'sendFailurePHPMail'    => 'Unable to send email using PHP mail(). Your server might not be configured to send mail using this method.',
+    'sendFailureSendmail'   => 'Unable to send email using Sendmail. Your server might not be configured to send mail using this method.',
+    'sendFailureSmtp'       => 'Unable to send email using SMTP. Your server might not be configured to send mail using this method.',
+    'sent'                  => 'Your message has been successfully sent using the following protocol: {0}',
+    'noSocket'              => 'Unable to open a socket to Sendmail. Please check settings.',
+    'noHostname'            => 'You did not specify a SMTP hostname.',
+    'SMTPError'             => 'The following SMTP error was encountered: {0}',
+    'noSMTPAuth'            => 'Error: You must assign an SMTP username and password.',
+    'invalidSMTPAuthMethod' => 'Error: SMTP authorization method "{0}" is not supported in codeigniter, set either "login" or "plain" authorization method',
+    'failureSMTPAuthMethod' => 'Unable to initiate AUTH command. Your server might not be configured to use AUTH {0} authentication method.',
+    'SMTPAuthCredentials'   => 'Failed to authenticate user credentials. Error: {0}',
+    'SMTPAuthUsername'      => 'Failed to authenticate username. Error: {0}',
+    'SMTPAuthPassword'      => 'Failed to authenticate password. Error: {0}',
+    'SMTPDataFailure'       => 'Unable to send data: {0}',
+    'exitStatus'            => 'Exit status code: {0}',
 ];
