@@ -279,6 +279,13 @@ class Email
279279 */
280280 protected $ SMTPAuthfalse ;
281281
282+ /**
283+ * Which SMTP atuh method to use ('LOGIN', 'PLAIN')
284+ *
285+ * @var bool
286+ */
287+ protected $ SMTPAuthMethod'LOGIN ' ;
288+
282289 /**
283290 * Whether to send a Reply-To header
284291 *
@@ -1920,9 +1927,9 @@ protected function SMTPConnect()
19201927 $ this SMTPConnect ,
19211928 true ,
19221929 STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT
1923- | STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT
1924- | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT
1925- | STREAM_CRYPTO_METHOD_TLSv1_3_CLIENT,
1930+ | STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT
1931+ | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT
1932+ | STREAM_CRYPTO_METHOD_TLSv1_3_CLIENT,
19261933 );
19271934
19281935 if ($ cryptotrue ) {
@@ -2015,49 +2022,72 @@ protected function sendCommand($cmd, $data = '')
20152022 */
20162023 protected function SMTPAuthenticate ()
20172024 {
2018- if (! $ this SMTPAuth ) {
2025+ if (!$ this SMTPAuth ) {
20192026 return true ;
20202027 }
20212028
2022- if ($ this SMTPUser === '' && $ this SMTPPass === '' ) {
2029+ // If no username or password is set
2030+ if ($ this SMTPUser === '' || $ this SMTPPass === '' ) {
20232031 $ this setErrorMessage (lang ('Email.noSMTPAuth ' ));
20242032
20252033 return false ;
20262034 }
20272035
2028- $ this sendData ('AUTH LOGIN ' );
2029- $ reply$ this getSMTPData ();
2036+ switch ($ this SMTPAuthMethod ) {
2037+ case 'LOGIN ' :
2038+ $ this sendData ('AUTH LOGIN ' );
2039+ $ reply$ this getSMTPData ();
20302040
2031- if (str_starts_with ($ reply'503 ' )) { // Already authenticated
2032- return true ;
2033- }
2041+ if (str_starts_with ($ reply'503 ' )) { // Already authenticated
2042+ return true ;
2043+ }
20342044
2035- if (! str_starts_with ($ reply'334 ' )) {
2036- $ this setErrorMessage (lang ('Email.failedSMTPLogin ' , [$ reply
2045+ if (! str_starts_with ($ reply'334 ' )) {
2046+ $ this setErrorMessage (lang ('Email.failedSMTPLogin ' , [$ reply
20372047
2038- return false ;
2039- }
2048+ return false ;
2049+ }
20402050
2041- $ this sendData (base64_encode ($ this SMTPUser ));
2042- $ reply$ this getSMTPData ();
2051+ $ this sendData (base64_encode ($ this SMTPUser ));
2052+ $ reply$ this getSMTPData ();
20432053
2044- if (! str_starts_with ($ reply'334 ' )) {
2045- $ this setErrorMessage (lang ('Email.SMTPAuthUsername ' , [$ reply
2054+ if (! str_starts_with ($ reply'334 ' )) {
2055+ $ this setErrorMessage (lang ('Email.SMTPAuthUsername ' , [$ reply
20462056
2047- return false ;
2048- }
2057+ return false ;
2058+ }
20492059
2050- $ this sendData (base64_encode ($ this SMTPPass ));
2051- $ reply$ this getSMTPData ();
2060+ $ this sendData (base64_encode ($ this SMTPPass ));
2061+ $ reply$ this getSMTPData ();
20522062
2053- if (! str_starts_with ($ reply'235 ' )) {
2054- $ this setErrorMessage (lang ('Email.SMTPAuthPassword ' , [$ reply
2063+ if (!str_starts_with ($ reply'235 ' )) {
2064+ $ this setErrorMessage (lang ('Email.SMTPAuthPassword ' , [$ reply
20552065
2056- return false ;
2066+ return false ;
2067+ }
2068+ break ;
2069+ case 'PLAIN ' :
2070+ // Generate single command for PLAIN authentication
2071+ $ authString"\0" . $ this SMTPUser . "\0" . $ this SMTPPass ;
2072+
2073+ $ this sendData ('AUTH PLAIN ' . base64_encode ($ authString
2074+ $ reply$ this getSMTPData ();
2075+
2076+ if (! str_starts_with ($ reply'235 ' ) || ! str_starts_with ($ reply'503 ' )) {
2077+ $ this setErrorMessage (lang ('Email.failedSMTPLogin ' , [$ reply
2078+
2079+ return false ;
2080+ }
2081+
2082+ break ;
2083+ default :
2084+ $ this setErrorMessage (lang ('Email.noSMTPAuthMethod ' ));
2085+
2086+ return false ;
20572087 }
20582088
20592089 if ($ this SMTPKeepAlive ) {
2060- $ this SMTPAuth = false ;
2090+ $ this SMTPAuth = false ; // Prevent re-authentication for keep-alive sessions
20612091 }
20622092
20632093 return true ;
0 commit comments