Add SMTP PLAIN Authentication method

ip-qi · ip-qi · commit cfd2a60d4453 · 2025-02-24T15:53:33.000+01:00
diff --git a/system/Email/Email.php b/system/Email/Email.php
@@ -23,7 +23,7 @@
  *
  * Permits email to be sent using Mail, Sendmail, or SMTP.
  *
- * @see \CodeIgniter\Email\EmailTest
+ * @see EmailTest
  */
 class Email
 {
@@ -279,6 +279,13 @@ class Email
      */
     protected $SMTPAuth = false;
 
+    /**
+     * Which SMTP atuh method to use ('LOGIN', 'PLAIN')
+     *
+     * @var bool
+     */
+    protected $SMTPAuthMethod = 'LOGIN';
+
     /**
      * Whether to send a Reply-To header
      *
@@ -1080,10 +1087,8 @@ public function wordWrap($str, $charlim = null)
 
     /**
      * Build final headers
-     *
-     * @return void
      */
-    protected function buildHeaders()
+    protected function buildHeaders(): void
     {
         $this->setHeader('User-Agent', $this->userAgent);
         $this->setHeader('X-Sender', $this->cleanEmail($this->headers['From']));
@@ -1095,10 +1100,8 @@ protected function buildHeaders()
 
     /**
      * Write Headers as a string
-     *
-     * @return void
      */
-    protected function writeHeaders()
+    protected function writeHeaders(): void
     {
         if ($this->protocol === 'mail' && isset($this->headers['Subject'])) {
             $this->subject = $this->headers['Subject'];
@@ -1123,10 +1126,8 @@ protected function writeHeaders()
 
     /**
      * Build Final Body and attachments
-     *
-     * @return void
      */
-    protected function buildMessage()
+    protected function buildMessage(): void
     {
         if ($this->wordWrap === true && $this->mailType !== 'html') {
             $this->body = $this->wordWrap($this->body);
@@ -1287,10 +1288,8 @@ protected function attachmentsHaveMultipart($type)
      * @param string      $body      Message body to append to
      * @param string      $boundary  Multipart boundary
      * @param string|null $multipart When provided, only attachments of this type will be processed
-     *
-     * @return void
      */
-    protected function appendAttachments(&$body, $boundary, $multipart = null)
+    protected function appendAttachments(&$body, $boundary, $multipart = null): void
     {
         foreach ($this->attachments as $attachment) {
             if (isset($multipart) && $attachment['multipart'] !== $multipart) {
@@ -1605,10 +1604,8 @@ public function send($autoClear = true)
 
     /**
      * Batch Bcc Send. Sends groups of BCCs in batches
-     *
-     * @return void
      */
-    public function batchBCCSend()
+    public function batchBCCSend(): void
     {
         $float = $this->BCCBatchSize - 1;
         $set   = '';
@@ -1651,10 +1648,8 @@ public function batchBCCSend()
 
     /**
      * Unwrap special elements
-     *
-     * @return void
      */
-    protected function unwrapSpecials()
+    protected function unwrapSpecials(): void
     {
         $this->finalBody = preg_replace_callback(
             '/\{unwrap\}(.*?)\{\/unwrap\}/si',
@@ -1867,10 +1862,8 @@ protected function sendWithSmtp()
 
     /**
      * Shortcut to send RSET or QUIT depending on keep-alive
-     *
-     * @return void
      */
-    protected function SMTPEnd()
+    protected function SMTPEnd(): void
     {
         $this->sendCommand($this->SMTPKeepAlive ? 'reset' : 'quit');
     }
@@ -1920,9 +1913,9 @@ protected function SMTPConnect()
                 $this->SMTPConnect,
                 true,
                 STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT
-                | STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT
-                | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT
-                | STREAM_CRYPTO_METHOD_TLSv1_3_CLIENT,
+                    | STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT
+                    | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT
+                    | STREAM_CRYPTO_METHOD_TLSv1_3_CLIENT,
             );
 
             if ($crypto !== true) {
@@ -2019,45 +2012,73 @@ protected function SMTPAuthenticate()
             return true;
         }
 
-        if ($this->SMTPUser === '' && $this->SMTPPass === '') {
+        // If no username or password is set
+        if ($this->SMTPUser === '' || $this->SMTPPass === '') {
             $this->setErrorMessage(lang('Email.noSMTPAuth'));
 
             return false;
         }
 
-        $this->sendData('AUTH LOGIN');
-        $reply = $this->getSMTPData();
+        switch ($this->SMTPAuthMethod) {
+            case 'LOGIN':
+                $this->sendData('AUTH LOGIN');
+                $reply = $this->getSMTPData();
 
-        if (str_starts_with($reply, '503')) {    // Already authenticated
-            return true;
-        }
+                if (str_starts_with($reply, '503')) {    // Already authenticated
+                    return true;
+                }
 
-        if (! str_starts_with($reply, '334')) {
-            $this->setErrorMessage(lang('Email.failedSMTPLogin', [$reply]));
+                if (! str_starts_with($reply, '334')) {
+                    $this->setErrorMessage(lang('Email.failedSMTPLogin', [$reply]));
 
-            return false;
-        }
+                    return false;
+                }
 
-        $this->sendData(base64_encode($this->SMTPUser));
-        $reply = $this->getSMTPData();
+                $this->sendData(base64_encode($this->SMTPUser));
+                $reply = $this->getSMTPData();
 
-        if (! str_starts_with($reply, '334')) {
-            $this->setErrorMessage(lang('Email.SMTPAuthUsername', [$reply]));
+                if (! str_starts_with($reply, '334')) {
+                    $this->setErrorMessage(lang('Email.SMTPAuthUsername', [$reply]));
 
-            return false;
-        }
+                    return false;
+                }
 
-        $this->sendData(base64_encode($this->SMTPPass));
-        $reply = $this->getSMTPData();
+                $this->sendData(base64_encode($this->SMTPPass));
+                $reply = $this->getSMTPData();
 
-        if (! str_starts_with($reply, '235')) {
-            $this->setErrorMessage(lang('Email.SMTPAuthPassword', [$reply]));
+                if (! str_starts_with($reply, '235')) {
+                    $this->setErrorMessage(lang('Email.SMTPAuthPassword', [$reply]));
 
-            return false;
+                    return false;
+                }
+                break;
+
+            case 'PLAIN':
+                // Generate single command for PLAIN authentication
+                $authString = "\0" . $this->SMTPUser . "\0" . $this->SMTPPass;
+
+                $this->sendData('AUTH PLAIN ' . base64_encode($authString));
+
+                if (str_starts_with($this->getSMTPData(), '503')) {    // Already authenticated
+                    return true;
+                }
+
+                if (! str_starts_with($this->getSMTPData(), '235')) {
+                    $this->setErrorMessage(lang('Email.failedSMTPLogin', [$this->getSMTPData()]));
+
+                    return false;
+                }
+
+                break;
+
+            default:
+                $this->setErrorMessage(lang('Email.noSMTPAuthMethod'));
+
+                return false;
         }
 
         if ($this->SMTPKeepAlive) {
-            $this->SMTPAuth = false;
+            $this->SMTPAuth = false; // Prevent re-authentication for keep-alive sessions
         }
 
         return true;
@@ -2192,10 +2213,8 @@ private function printDebuggerRaw(): string
 
     /**
      * @param string $msg
-     *
-     * @return void
      */
-    protected function setErrorMessage($msg)
+    protected function setErrorMessage($msg): void
     {
         $this->debugMessage[]    = $msg . '<br>';
         $this->debugMessageRaw[] = $msg;
diff --git a/system/Language/en/Email.php b/system/Language/en/Email.php
@@ -27,6 +27,7 @@
     'noHostname'           => 'You did not specify a SMTP hostname.',
     'SMTPError'            => 'The following SMTP error was encountered: {0}',
     'noSMTPAuth'           => 'Error: You must assign an SMTP username and password.',
+    'noSMTPAuthMethod'     => 'Error: you must assign an SMTP authentication method ("LOGIN" or "PLAIN")',
     'failedSMTPLogin'      => 'Failed to send AUTH LOGIN command. Error: {0}',
     'SMTPAuthUsername'     => 'Failed to authenticate username. Error: {0}',
     'SMTPAuthPassword'     => 'Failed to authenticate password. Error: {0}',
diff --git a/user_guide_src/source/libraries/email.rst b/user_guide_src/source/libraries/email.rst
@@ -39,7 +39,7 @@ Here is a basic example demonstrating how you might send email:
 Setting Email Preferences
 =========================
 
-There are 21 different preferences available to tailor how your email
+There are 22 different preferences available to tailor how your email
 messages are sent. You can either set them manually as described here,
 or automatically via preferences stored in your config file, described
 in `Email Preferences`_.
@@ -120,6 +120,7 @@ Preference          Default Value       Options                      Description
                                         or ``smtp``
 **mailPath**        /usr/sbin/sendmail                               The server path to Sendmail.
 **SMTPHost**                                                         SMTP Server Hostname.
+**SMTPAuthMethod**  LOGIN               ``LOGIN``, ``PLAIN``         SMTP Authentication Method.
 **SMTPUser**                                                         SMTP Username.
 **SMTPPass**                                                         SMTP Password.
 **SMTPPort**        25                                               SMTP Port. (If set to ``465``, TLS will be used for the connection
