richp10 · February 4, 2018 14:18
diff --git a/bugRepMailer.php b/bugRepMailer.php
 <?php
    declare(strict_types=1);

 // ***************************************************************
 //  bugRepMailer.php          version:  1.2   ·  date: 2012-05-06
 //  -------------------------------------------------------------
 //  exception handling
 //  -------------------------------------------------------------
 //  Copyright (C) 1999 - 2012 www.madshi.net, All Rights Reserved
 // ***************************************************************

 // 2018-02-04 1.3  php 7 and latest phpmailer compatability fixes
 // 2012-05-06 1.2  (1) added "Basic" and "Digest" authentication scheme
 //                 (2) added download link to recommended phpmailer version
 // 2006-09-06 1.1  (1) added "MailFrom" field evaluation
 //                 (2) added failure indication, if mailing failed
 // 2006-09-02 1.0  initial version donated by David Perkins (thank you!)

 // Install latest phpmailer using composer. 

 // CAUTION: authentication can be troublesome, see here for tips:
 // http://www.besthostratings.com/articles/http-auth-php-cgi.html

 // ***************************************************************

 // enter your email address here
 // it's hard coded so the script can't be misused by anyone for spamming
    $send_to = '[email protected]';

 // choose the authentication user/password
    $user     = 'user';
    $password = 'password';

 // the following fields should be overwritten by madExcept
 // but you can still initialize them, just in case
    $subject    = 'bug report';
    $body       = 'please find the bug report attached';
    $from_email = '[email protected]';
    $from_name  = 'sender name';
    $SMTP_USER  = 'smtpusername';
    $SMTP_PASSW = 'smtppassword';
    $SMTP_HOST  = 'smtphost';
    $SMTP_PORT  = 587; // adjust to your needs

 // ***************************************************************

    // latest php mailer installed using composer..
    // composer require phpmailer/phpmailer
    // or in composer.json
    require_once 'vendor/autoload.php';

 // ***************************************************************

    $realm = 'madExcept upload script';

 // ***************************************************************

    if (($user !== '') && (($_SERVER['PHP_AUTH_USER'] !== $user) || ($_SERVER['PHP_AUTH_PW'] !== $password))) {
 // read the Digest response
        $needed_parts = ['nonce' => 1, 'nc' => 1, 'cnonce' => 1, 'qop' => 1, 'username' => 1, 'uri' => 1, 'response' => 1];
        $data         = [];
        $keys         = implode('|', array_keys($needed_parts));
        $matches = [];

        if ($_SERVER['PHP_AUTH_DIGEST'] !== null) {
            preg_match_all('@(' . $keys . ')=(?:([\'"])([^\2]+?)\2|([^\s,]+))@', $_SERVER['PHP_AUTH_DIGEST'], $matches, PREG_SET_ORDER);
        }

        foreach ($matches as $m) {
            $data[$m[1]] = $m[3] ?: $m[4];
            unset($needed_parts[$m[1]]);
        }
 // generate the valid response
        $A1             = md5($user . ':' . $realm . ':' . $password);
        $A2             = md5($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']);
        $valid_response = md5($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2);
 // compare the response
        if ($needed_parts || ($data['username'] !== $user) || ($data['response'] !== $valid_response)) {
            header('WWW-Authenticate: Digest realm="' . $realm .
                '",qop="auth",nonce="' . uniqid('', true) . '",opaque="' . md5($realm) . '"');
            header('HTTP/1.0 401 Unauthorized');
            exit;
        }
    }

 // setup a new PHPMailer instance and fill all needed fields
    $mailer = new PHPMailer\PHPMailer\PHPMailer();
    $mailer->isSMTP();
    $mailer->SMTPAuth   = true;
    $mailer->SMTPSecure = 'tls';
    $mailer->Host       = $SMTP_HOST;
    $mailer->Mailer     = 'smtp';
    $mailer->Port       = $SMTP_PORT;
    $mailer->Username   = $SMTP_USER;
    $mailer->Password   = $SMTP_PASSW;

    try {
        $mailer->setFrom($from_email, $from_name, 0); //notice the third parameter
    } catch (\Exception $e) {
        // Maybe Log this
        echo $e->getMessage();
    }

    $mailer->addAddress($send_to);
    $mailer->Subject = $subject;
    $mailer->Body    = $body;

    if (isset($_POST['MailSubject'])) {
        $mailer->Subject = $_POST['MailSubject'];
    }
    if (isset($_POST['MailBody'])) {
        $mailer->Body = $_POST['MailBody'];
    }

 // let's parse a couple of fields which madExcept should have set
    if (isset($_POST['MailFrom'])) {
        $mailFrom = $_POST['MailFrom'];
        $i1       = strpos($mailFrom, '<');
        $i2       = strrpos($mailFrom, '>');
        if (!(($i1 === false) || ($i2 === false) || ($i1 >= $i2))) {
            $mailer->FromName = trim(substr($mailFrom, 0, $i1));
            $mailer->addReplyTo(trim(substr($mailFrom, $i1 + 1, $i2 - $i1 - 1)), $mailer->FromName);
        } else {
            // assume only address without name is passed (ME bug as of 4.0.15)
            $mailer->addReplyTo(trim($mailFrom));
        }
    }

 // add all attachments to the mail
    $found = false;
    foreach ($_FILES as $arr) {
        try {
            $mailer->addAttachment($arr['tmp_name'], $arr['name']);
        } catch (\Exception $e) {
            // Maybe Log this
            echo $e->getMessage();
        }
        $found = true;
    }

    if ($found || isset($_POST['MailSubject']) || isset($_POST['MailBody'])) {
 // we've found an attachment, or at least the mail subject or body was set
 // so we send the email
        try {
            if (!$mailer->send()) {
                echo $mailer->ErrorInfo;
                header('HTTP/1.0 500 Mailing failed');
            } else {
                // Maybe log Success here..
                echo 'Failed to send';
            }
        } catch (\Exception $e) {
            // Maybe log this..
            echo $e->getMessage();
            exit;
        }
    } else {
        if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
            header('HTTP/1.0 500 Bad request method');
        } else {
            header('HTTP/1.0 500 No report received');
        }
    }
	<?php
	declare(strict_types=1);

	// ***************************************************************
	// bugRepMailer.php version: 1.2 · date: 2012-05-06
	// -------------------------------------------------------------
	// exception handling
	// -------------------------------------------------------------
	// Copyright (C) 1999 - 2012 www.madshi.net, All Rights Reserved
	// ***************************************************************

	// 2018-02-04 1.3 php 7 and latest phpmailer compatability fixes
	// 2012-05-06 1.2 (1) added "Basic" and "Digest" authentication scheme
	// (2) added download link to recommended phpmailer version
	// 2006-09-06 1.1 (1) added "MailFrom" field evaluation
	// (2) added failure indication, if mailing failed
	// 2006-09-02 1.0 initial version donated by David Perkins (thank you!)

	// Install latest phpmailer using composer.

	// CAUTION: authentication can be troublesome, see here for tips:
	// http://www.besthostratings.com/articles/http-auth-php-cgi.html

	// ***************************************************************

	// enter your email address here
	// it's hard coded so the script can't be misused by anyone for spamming
	$send_to = '[email protected]';

	// choose the authentication user/password
	$user = 'user';
	$password = 'password';

	// the following fields should be overwritten by madExcept
	// but you can still initialize them, just in case
	$subject = 'bug report';
	$body = 'please find the bug report attached';
	$from_email = '[email protected]';
	$from_name = 'sender name';
	$SMTP_USER = 'smtpusername';
	$SMTP_PASSW = 'smtppassword';
	$SMTP_HOST = 'smtphost';
	$SMTP_PORT = 587; // adjust to your needs

	// ***************************************************************

	// latest php mailer installed using composer..
	// composer require phpmailer/phpmailer
	// or in composer.json
	require_once 'vendor/autoload.php';

	// ***************************************************************

	$realm = 'madExcept upload script';

	// ***************************************************************

	if (($user !== '') && (($_SERVER['PHP_AUTH_USER'] !== $user) \|\| ($_SERVER['PHP_AUTH_PW'] !== $password))) {
	// read the Digest response
	$needed_parts = ['nonce' => 1, 'nc' => 1, 'cnonce' => 1, 'qop' => 1, 'username' => 1, 'uri' => 1, 'response' => 1];
	$data = [];
	$keys = implode('\|', array_keys($needed_parts));
	$matches = [];

	if ($_SERVER['PHP_AUTH_DIGEST'] !== null) {
	preg_match_all('@(' . $keys . ')=(?:([\'"])([^\2]+?)\2\|([^\s,]+))@', $_SERVER['PHP_AUTH_DIGEST'], $matches, PREG_SET_ORDER);
	}

	foreach ($matches as $m) {
	$data[$m[1]] = $m[3] ?: $m[4];
	unset($needed_parts[$m[1]]);
	}
	// generate the valid response
	$A1 = md5($user . ':' . $realm . ':' . $password);
	$A2 = md5($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']);
	$valid_response = md5($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2);
	// compare the response
	if ($needed_parts \|\| ($data['username'] !== $user) \|\| ($data['response'] !== $valid_response)) {
	header('WWW-Authenticate: Digest realm="' . $realm .
	'",qop="auth",nonce="' . uniqid('', true) . '",opaque="' . md5($realm) . '"');
	header('HTTP/1.0 401 Unauthorized');
	exit;
	}
	}

	// setup a new PHPMailer instance and fill all needed fields
	$mailer = new PHPMailer\PHPMailer\PHPMailer();
	$mailer->isSMTP();
	$mailer->SMTPAuth = true;
	$mailer->SMTPSecure = 'tls';
	$mailer->Host = $SMTP_HOST;
	$mailer->Mailer = 'smtp';
	$mailer->Port = $SMTP_PORT;
	$mailer->Username = $SMTP_USER;
	$mailer->Password = $SMTP_PASSW;

	try {
	$mailer->setFrom($from_email, $from_name, 0); //notice the third parameter
	} catch (\Exception $e) {
	// Maybe Log this
	echo $e->getMessage();
	}

	$mailer->addAddress($send_to);
	$mailer->Subject = $subject;
	$mailer->Body = $body;

	if (isset($_POST['MailSubject'])) {
	$mailer->Subject = $_POST['MailSubject'];
	}
	if (isset($_POST['MailBody'])) {
	$mailer->Body = $_POST['MailBody'];
	}

	// let's parse a couple of fields which madExcept should have set
	if (isset($_POST['MailFrom'])) {
	$mailFrom = $_POST['MailFrom'];
	$i1 = strpos($mailFrom, '<');
	$i2 = strrpos($mailFrom, '>');
	if (!(($i1 === false) \|\| ($i2 === false) \|\| ($i1 >= $i2))) {
	$mailer->FromName = trim(substr($mailFrom, 0, $i1));
	$mailer->addReplyTo(trim(substr($mailFrom, $i1 + 1, $i2 - $i1 - 1)), $mailer->FromName);
	} else {
	// assume only address without name is passed (ME bug as of 4.0.15)
	$mailer->addReplyTo(trim($mailFrom));
	}
	}

	// add all attachments to the mail
	$found = false;
	foreach ($_FILES as $arr) {
	try {
	$mailer->addAttachment($arr['tmp_name'], $arr['name']);
	} catch (\Exception $e) {
	// Maybe Log this
	echo $e->getMessage();
	}
	$found = true;
	}

	if ($found \|\| isset($_POST['MailSubject']) \|\| isset($_POST['MailBody'])) {
	// we've found an attachment, or at least the mail subject or body was set
	// so we send the email
	try {
	if (!$mailer->send()) {
	echo $mailer->ErrorInfo;
	header('HTTP/1.0 500 Mailing failed');
	} else {
	// Maybe log Success here..
	echo 'Failed to send';
	}
	} catch (\Exception $e) {
	// Maybe log this..
	echo $e->getMessage();
	exit;
	}
	} else {
	if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
	header('HTTP/1.0 500 Bad request method');
	} else {
	header('HTTP/1.0 500 No report received');
	}
	}