LOOP-1158: Changed stuff after code review

Author: martinyde

web/profiles/custom/os2loop/modules/os2loop_mail_notifications/src/Plugin/Mail/PhpMail.php

@@ -3,44 +3,18 @@
 namespace Drupal\os2loop_mail_notifications\Plugin\Mail;
 
 use Drupal\Core\Mail\MailInterface;
-use Drupal\Core\Site\Settings;
-use Symfony\Component\Mime\Header\Headers;
-use Symfony\Component\Mime\Header\UnstructuredHeader;
+use Drupal\Core\Mail\Plugin\Mail\PhpMail as PhpMailBase;
 
 /**
  * Copy of the default Drupal mail backend, using PHP's native mail() function.
  *
- * The only thing changed is the namespace, id, format() method and
- * $message['headers']['Content-Type'] in mail() method.
- *
  * @Mail(
  *   id = "os2loop_mail_notifications",
  *   label = @Translation("Custom PHP mailer"),
  *   description = @Translation("Sends the message as plain text, using PHP's native mail() function.")
  * )
  */
-class PhpMail implements MailInterface {
-
-  /**
-   * A list of headers that can contain multiple email addresses.
-   *
-   * @see \Symfony\Component\Mime\Header\Headers::HEADER_CLASS_MAP
-   */
-  private const MAILBOX_LIST_HEADERS = ['from', 'to', 'reply-to', 'cc', 'bcc'];
-
-  /**
-   * The configuration factory.
-   *
-   * @var \Drupal\Core\Config\ConfigFactoryInterface
-   */
-  protected $configFactory;
-
-  /**
-   * PhpMail constructor.
-   */
-  public function __construct() {
-    $this->configFactory = \Drupal::configFactory();
-  }
+class PhpMail extends PhpMailBase implements MailInterface {
 
   /**
    * Concatenates and wraps the email body for plain-text mails.
@@ -70,104 +44,8 @@ public function format(array $message) {
    * @see \Drupal\Core\Mail\MailManagerInterface::mail()
    */
   public function mail(array $message) {
-    // If 'Return-Path' isn't already set in php.ini, we pass it separately
-    // as an additional parameter instead of in the header.
-    if (isset($message['headers']['Return-Path'])) {
-      $return_path_set = strpos(ini_get('sendmail_path'), ' -f');
-      if (!$return_path_set) {
-        $message['Return-Path'] = $message['headers']['Return-Path'];
-        unset($message['headers']['Return-Path']);
-      }
-    }
-
-    $headers = new Headers();
     $message['headers']['Content-Type'] = 'text/html; charset=iso-8859-1;';
-    foreach ($message['headers'] as $name => $value) {
-      if (in_array(strtolower($name), self::MAILBOX_LIST_HEADERS, TRUE)) {
-        $value = explode(',', $value);
-      }
-      $headers->addHeader($name, $value);
-    }
-    $line_endings = Settings::get('mail_line_endings', PHP_EOL);
-    // Prepare mail commands.
-    $mail_subject = (new UnstructuredHeader('subject', $message['subject']))->getBodyAsString();
-    // Note: email uses CRLF for line-endings. PHP's API requires LF
-    // on Unix and CRLF on Windows. Drupal automatically guesses the
-    // line-ending format appropriate for your system. If you need to
-    // override this, adjust $settings['mail_line_endings'] in settings.php.
-    $mail_body = preg_replace('@\r?\n@', $line_endings, $message['body']);
-    // For headers, PHP's API suggests that we use CRLF normally,
-    // but some MTAs incorrectly replace LF with CRLF. See #234403.
-    $mail_headers = str_replace("\r\n", "\n", $headers->toString());
-    $mail_subject = str_replace("\r\n", "\n", $mail_subject);
-
-    $request = \Drupal::request();
-
-    // We suppress warnings and notices from mail() because of issues on some
-    // hosts. The return value of this method will still indicate whether mail
-    // was sent successfully.
-    if (!$request->server->has('WINDIR') && strpos($request->server->get('SERVER_SOFTWARE'), 'Win32') === FALSE) {
-      // On most non-Windows systems, the "-f" option to the sendmail command
-      // is used to set the Return-Path. There is no space between -f and
-      // the value of the return path.
-      // We validate the return path, unless it is equal to the site mail, which
-      // we assume to be safe.
-      $site_mail = $this->configFactory->get('system.site')->get('mail');
-      $additional_headers = isset($message['Return-Path']) && ($site_mail === $message['Return-Path'] || static::isShellSafe($message['Return-Path'])) ? '-f' . $message['Return-Path'] : '';
-      $mail_result = @mail(
-        $message['to'],
-        $mail_subject,
-        $mail_body,
-        $mail_headers,
-        $additional_headers
-      );
-    }
-    else {
-      // On Windows, PHP will use the value of sendmail_from for the
-      // Return-Path header.
-      $old_from = ini_get('sendmail_from');
-      ini_set('sendmail_from', $message['Return-Path']);
-      $mail_result = @mail(
-        $message['to'],
-        $mail_subject,
-        $mail_body,
-        $mail_headers
-      );
-      ini_set('sendmail_from', $old_from);
-    }
-
-    return $mail_result;
-  }
-
-  /**
-   * Disallows potentially unsafe shell characters.
-   *
-   * Functionally similar to PHPMailer::isShellSafe() which resulted from
-   * CVE-2016-10045. Note that escapeshellarg and escapeshellcmd are inadequate
-   * for this purpose.
-   *
-   * @param string $string
-   *   The string to be validated.
-   *
-   * @return bool
-   *   True if the string is shell-safe.
-   *
-   * @see https://github.com/PHPMailer/PHPMailer/issues/924
-   * @see https://github.com/PHPMailer/PHPMailer/blob/v5.2.21/class.phpmailer.php#L1430
-   *
-   * @todo Rename to ::isShellSafe() and/or discuss whether this is the correct
-   *   location for this helper.
-   */
-  protected static function isShellSafe($string) {
-    if (escapeshellcmd($string) !== $string ||
-      !in_array(escapeshellarg($string), ["'$string'", "\"$string\""])
-    ) {
-      return FALSE;
-    }
-    if (preg_match('/[^a-zA-Z0-9@_\-.]/', $string) !== 0) {
-      return FALSE;
-    }
-    return TRUE;
+    return parent::mail($message);
   }
 
 }