-revert: auto corrected (composer cs-fix) comments and auto added function return types

ip-qi · ip-qi · commit f3b64ed1ee87 · 2025-02-26T14:50:46.000+01:00
-comment: add depreceation comment for failedSMTPLogin email error message
-refactor: improve authorization validation flow and email error response messages
-added $SMTPAuthMethod in Config\Email file with default value of login
diff --git a/app/Config/Email.php b/app/Config/Email.php
@@ -30,6 +30,11 @@ class Email extends BaseConfig
      */
     public string $SMTPHost = '';
 
+    /**
+     * Which SMTP authentication method to use: login, plain
+     */
+    public string $SMTPAuthMethod = 'login';
+
     /**
      * SMTP Username
      */
diff --git a/system/Email/Email.php b/system/Email/Email.php
@@ -279,6 +279,13 @@ class Email
      */
     protected $SMTPAuth = false;
 
+    /**
+     * Which SMTP authentication method to use: login, plain
+     *
+     * @var string
+     */
+    protected $SMTPAuthMethod = 'login';
+
     /**
      * Whether to send a Reply-To header
      *
@@ -2019,45 +2026,72 @@ protected function SMTPAuthenticate()
             return true;
         }
 
-        if ($this->SMTPUser === '' && $this->SMTPPass === '') {
+        // If no username or password is set
+        if ($this->SMTPUser === '' || $this->SMTPPass === '') {
             $this->setErrorMessage(lang('Email.noSMTPAuth'));
 
             return false;
         }
 
-        $this->sendData('AUTH LOGIN');
+        // normalize in case user entered capital words LOGIN/PLAIN
+        $this->SMTPAuthMethod = strtolower($this->SMTPAuthMethod);
+
+        // Validate supported authentication methods
+        $validMethods = ['login', 'plain'];
+        if (! in_array($this->SMTPAuthMethod, $validMethods, true)) {
+            $this->setErrorMessage(lang('Email.invalidSMTPAuthMethod', [$this->SMTPAuthMethod]));
+
+            return false;
+        }
+
+        // send initial 'AUTH' command
+        $this->sendData('AUTH ' . strtoupper($this->SMTPAuthMethod));
         $reply = $this->getSMTPData();
 
         if (str_starts_with($reply, '503')) {    // Already authenticated
             return true;
         }
 
+        // if 'AUTH' command is unsuported by the server
         if (! str_starts_with($reply, '334')) {
-            $this->setErrorMessage(lang('Email.failedSMTPLogin', [$reply]));
+            $this->setErrorMessage(lang('Email.failureSMTPAuthMethod', [strtoupper($this->SMTPAuthMethod)]));
 
             return false;
         }
 
-        $this->sendData(base64_encode($this->SMTPUser));
-        $reply = $this->getSMTPData();
+        switch ($this->SMTPAuthMethod) {
+            case 'login':
+                $this->sendData(base64_encode($this->SMTPUser));
+                $reply = $this->getSMTPData();
 
-        if (! str_starts_with($reply, '334')) {
-            $this->setErrorMessage(lang('Email.SMTPAuthUsername', [$reply]));
+                if (! str_starts_with($reply, '334')) {
+                    $this->setErrorMessage(lang('Email.SMTPAuthUsername', [$reply]));
 
-            return false;
+                    return false;
+                }
+
+                $this->sendData(base64_encode($this->SMTPPass));
+                break;
+
+            case 'plain':
+                // send credentials as the single second command
+                $authString = "\0" . $this->SMTPUser . "\0" . $this->SMTPPass;
+
+                $this->sendData(base64_encode($authString));
+                break;
         }
 
-        $this->sendData(base64_encode($this->SMTPPass));
         $reply = $this->getSMTPData();
+        if (! str_starts_with($reply, '235')) {  // Authentication failed
+            $errorMessage = $this->SMTPAuthMethod === 'plain' ? 'Email.SMTPAuthCredentials' : 'Email.SMTPAuthPassword';
 
-        if (! str_starts_with($reply, '235')) {
-            $this->setErrorMessage(lang('Email.SMTPAuthPassword', [$reply]));
+            $this->setErrorMessage(lang($errorMessage, [$reply]));
 
             return false;
         }
 
         if ($this->SMTPKeepAlive) {
-            $this->SMTPAuth = false;
+            $this->SMTPAuth = false; // Prevent re-authentication for keep-alive sessions
         }
 
         return true;
diff --git a/system/Language/en/Email.php b/system/Language/en/Email.php
@@ -13,23 +13,27 @@
 
 // Email language settings
 return [
-    'mustBeArray'          => 'The email validation method must be passed an array.',
-    'invalidAddress'       => 'Invalid email address: "{0}"',
-    'attachmentMissing'    => 'Unable to locate the following email attachment: "{0}"',
-    'attachmentUnreadable' => 'Unable to open this attachment: "{0}"',
-    'noFrom'               => 'Cannot send mail with no "From" header.',
-    'noRecipients'         => 'You must include recipients: To, Cc, or Bcc',
-    'sendFailurePHPMail'   => 'Unable to send email using PHP mail(). Your server might not be configured to send mail using this method.',
-    'sendFailureSendmail'  => 'Unable to send email using Sendmail. Your server might not be configured to send mail using this method.',
-    'sendFailureSmtp'      => 'Unable to send email using SMTP. Your server might not be configured to send mail using this method.',
-    'sent'                 => 'Your message has been successfully sent using the following protocol: {0}',
-    'noSocket'             => 'Unable to open a socket to Sendmail. Please check settings.',
-    'noHostname'           => 'You did not specify a SMTP hostname.',
-    'SMTPError'            => 'The following SMTP error was encountered: {0}',
-    'noSMTPAuth'           => 'Error: You must assign an SMTP username and password.',
-    'failedSMTPLogin'      => 'Failed to send AUTH LOGIN command. Error: {0}',
-    'SMTPAuthUsername'     => 'Failed to authenticate username. Error: {0}',
-    'SMTPAuthPassword'     => 'Failed to authenticate password. Error: {0}',
-    'SMTPDataFailure'      => 'Unable to send data: {0}',
-    'exitStatus'           => 'Exit status code: {0}',
+    'mustBeArray'           => 'The email validation method must be passed an array.',
+    'invalidAddress'        => 'Invalid email address: "{0}"',
+    'attachmentMissing'     => 'Unable to locate the following email attachment: "{0}"',
+    'attachmentUnreadable'  => 'Unable to open this attachment: "{0}"',
+    'noFrom'                => 'Cannot send mail with no "From" header.',
+    'noRecipients'          => 'You must include recipients: To, Cc, or Bcc',
+    'sendFailurePHPMail'    => 'Unable to send email using PHP mail(). Your server might not be configured to send mail using this method.',
+    'sendFailureSendmail'   => 'Unable to send email using Sendmail. Your server might not be configured to send mail using this method.',
+    'sendFailureSmtp'       => 'Unable to send email using SMTP. Your server might not be configured to send mail using this method.',
+    'sent'                  => 'Your message has been successfully sent using the following protocol: {0}',
+    'noSocket'              => 'Unable to open a socket to Sendmail. Please check settings.',
+    'noHostname'            => 'You did not specify a SMTP hostname.',
+    'SMTPError'             => 'The following SMTP error was encountered: {0}',
+    'noSMTPAuth'            => 'Error: You must assign an SMTP username and password.',
+    'invalidSMTPAuthMethod' => 'Error: SMTP authorization method "{0}" is not supported in codeigniter, set either "login" or "plain" authorization method',
+    'failureSMTPAuthMethod' => 'Unable to initiate AUTH command. Your server might not be configured to use AUTH {0} authentication method.',
+    'SMTPAuthCredentials'   => 'Failed to authenticate user credentials. Error: {0}',
+    'SMTPAuthUsername'      => 'Failed to authenticate username. Error: {0}',
+    'SMTPAuthPassword'      => 'Failed to authenticate password. Error: {0}',
+    'SMTPDataFailure'       => 'Unable to send data: {0}',
+    'exitStatus'            => 'Exit status code: {0}',
+    // @deprecated
+    'failedSMTPLogin' => 'Failed to send AUTH LOGIN command. Error: {0}',
 ];
diff --git a/user_guide_src/source/libraries/email.rst b/user_guide_src/source/libraries/email.rst
@@ -39,7 +39,7 @@ Here is a basic example demonstrating how you might send email:
 Setting Email Preferences
 =========================
 
-There are 21 different preferences available to tailor how your email
+There are 22 different preferences available to tailor how your email
 messages are sent. You can either set them manually as described here,
 or automatically via preferences stored in your config file, described
 in `Email Preferences`_.
@@ -120,6 +120,7 @@ Preference          Default Value       Options                      Description
                                         or ``smtp``
 **mailPath**        /usr/sbin/sendmail                               The server path to Sendmail.
 **SMTPHost**                                                         SMTP Server Hostname.
+**SMTPAuthMethod**  login               ``login``, ``plain``         SMTP Authentication Method.
 **SMTPUser**                                                         SMTP Username.
 **SMTPPass**                                                         SMTP Password.
 **SMTPPort**        25                                               SMTP Port. (If set to ``465``, TLS will be used for the connection
