This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | namespace Redaxscript; |
||
3 | |||
4 | use function base64_encode; |
||
5 | use function chunk_split; |
||
6 | use function current; |
||
7 | use function function_exists; |
||
8 | use function implode; |
||
9 | use function is_array; |
||
10 | use function is_file; |
||
11 | use function key; |
||
12 | use function mail; |
||
13 | use function trim; |
||
14 | use function uniqid; |
||
15 | |||
16 | /** |
||
17 | * parent class to send an mail |
||
18 | * |
||
19 | * @since 2.0.0 |
||
20 | * |
||
21 | * @package Redaxscript |
||
22 | * @category Mailer |
||
23 | * @author Henry Ruhs |
||
24 | */ |
||
25 | |||
26 | class Mailer |
||
27 | { |
||
28 | /** |
||
29 | * array of the recipient |
||
30 | * |
||
31 | * @var array |
||
32 | */ |
||
33 | |||
34 | protected $_toArray = []; |
||
35 | |||
36 | /** |
||
37 | * array of the sender |
||
38 | * |
||
39 | * @var array |
||
40 | */ |
||
41 | |||
42 | protected $_fromArray = []; |
||
43 | |||
44 | /** |
||
45 | * subject of the email |
||
46 | * |
||
47 | * @var string |
||
48 | */ |
||
49 | |||
50 | protected $_subject; |
||
51 | |||
52 | /** |
||
53 | * body of the email |
||
54 | * |
||
55 | * @var string|array |
||
56 | */ |
||
57 | |||
58 | protected $_body; |
||
59 | |||
60 | /** |
||
61 | * array of the attachments |
||
62 | * |
||
63 | * @var array |
||
64 | */ |
||
65 | |||
66 | protected $_attachmentArray = []; |
||
67 | |||
68 | /** |
||
69 | * built recipient contents |
||
70 | * |
||
71 | * @var string |
||
72 | */ |
||
73 | |||
74 | protected $_fromString; |
||
75 | |||
76 | /** |
||
77 | * built subject contents |
||
78 | * |
||
79 | * @var string |
||
80 | */ |
||
81 | |||
82 | protected $_subjectString; |
||
83 | |||
84 | /** |
||
85 | * built body contents |
||
86 | * |
||
87 | * @var string |
||
88 | */ |
||
89 | |||
90 | protected $_bodyString; |
||
91 | |||
92 | /** |
||
93 | * built header contents |
||
94 | * |
||
95 | * @var string |
||
96 | */ |
||
97 | |||
98 | protected $_headerString; |
||
99 | |||
100 | /** |
||
101 | * init the class |
||
102 | * |
||
103 | * @since 2.4.0 |
||
104 | * |
||
105 | * @param array $toArray array of the recipient |
||
106 | * @param array $fromArray array of the sender |
||
107 | * @param string $subject subject of the email |
||
108 | * @param string|array $body body of the email |
||
109 | * @param array|null $attachmentArray array of the attachments |
||
110 | */ |
||
111 | |||
112 | 4 | public function init(array $toArray = [], array $fromArray = [], string $subject = null, $body = null, ?array $attachmentArray = []) : void |
|
113 | { |
||
114 | 4 | $this->_toArray = $toArray; |
|
115 | 4 | $this->_fromArray = $fromArray; |
|
116 | 4 | $this->_subject = $subject; |
|
117 | 4 | $this->_body = $body; |
|
118 | 4 | $this->_attachmentArray = $attachmentArray; |
|
0 ignored issues
–
show
|
|||
119 | |||
120 | /* create as needed */ |
||
121 | |||
122 | 4 | $this->_createFromString(); |
|
123 | 4 | $this->_createSubjectString(); |
|
124 | 4 | $this->_createBodyString(); |
|
125 | 4 | $this->_createHeaderString(); |
|
126 | 4 | } |
|
127 | |||
128 | /** |
||
129 | * create the recipient contents |
||
130 | * |
||
131 | * @since 2.0.0 |
||
132 | */ |
||
133 | |||
134 | 4 | protected function _createFromString() : void |
|
135 | { |
||
136 | /* create from string */ |
||
137 | |||
138 | 4 | $from = current($this->_fromArray); |
|
139 | 4 | $fromName = key($this->_fromArray); |
|
140 | |||
141 | /* from name fallback */ |
||
142 | |||
143 | 4 | if (!$fromName) |
|
144 | { |
||
145 | 2 | $fromName = $from; |
|
146 | } |
||
147 | 4 | $this->_fromString = $fromName . ' <' . $from . '>'; |
|
148 | 4 | } |
|
149 | |||
150 | /** |
||
151 | * create the subject contents |
||
152 | * |
||
153 | * @since 2.0.0 |
||
154 | */ |
||
155 | |||
156 | 4 | protected function _createSubjectString() : void |
|
157 | { |
||
158 | 4 | $settingModel = new Model\Setting(); |
|
159 | |||
160 | /* collect subject string */ |
||
161 | |||
162 | 4 | $subject = $settingModel->get('subject'); |
|
163 | |||
164 | /* extended subject string */ |
||
165 | |||
166 | 4 | if ($subject) |
|
167 | { |
||
168 | 4 | $this->_subjectString = $subject; |
|
169 | 4 | if ($this->_subject) |
|
170 | { |
||
171 | 4 | $this->_subjectString .= $settingModel->get('divider'); |
|
172 | } |
||
173 | } |
||
174 | 4 | $this->_subjectString .= $this->_subject; |
|
175 | 4 | } |
|
176 | |||
177 | /** |
||
178 | * create the body contents |
||
179 | * |
||
180 | * @since 2.0.0 |
||
181 | */ |
||
182 | |||
183 | 4 | protected function _createBodyString() : void |
|
184 | { |
||
185 | 4 | $this->_bodyString = is_array($this->_body) ? implode(PHP_EOL, $this->_body) : $this->_body; |
|
186 | 4 | } |
|
187 | |||
188 | /** |
||
189 | * create the header contents |
||
190 | * |
||
191 | * @since 2.0.0 |
||
192 | */ |
||
193 | |||
194 | 4 | protected function _createHeaderString() : void |
|
195 | { |
||
196 | 4 | $settingModel = new Model\Setting(); |
|
197 | |||
198 | /* collect header string */ |
||
199 | |||
200 | 4 | $this->_headerString = 'MIME-Version: 1.0' . PHP_EOL; |
|
201 | |||
202 | /* handle attachment */ |
||
203 | |||
204 | 4 | if ($this->_attachmentArray) |
|
205 | { |
||
206 | 2 | foreach ($this->_attachmentArray as $attachment) |
|
207 | { |
||
208 | 2 | if (is_file($attachment)) |
|
209 | { |
||
210 | 2 | $content = trim(chunk_split(base64_encode($attachment))); |
|
211 | 2 | $boundary = uniqid(); |
|
212 | 2 | $this->_headerString .= 'Content-Type: multipart/mixed; boundary="' . $boundary . '"' . PHP_EOL; |
|
213 | 2 | $this->_headerString .= '--' . $boundary . PHP_EOL; |
|
214 | |||
215 | /* handle body string */ |
||
216 | |||
217 | 2 | if ($this->_bodyString) |
|
218 | { |
||
219 | 2 | $this->_headerString .= 'Content-Type: text/html; charset=' . $settingModel->get('charset') . PHP_EOL; |
|
220 | 2 | $this->_headerString .= 'Content-Transfer-Encoding: 8bit' . PHP_EOL; |
|
221 | 2 | $this->_headerString .= $this->_bodyString . PHP_EOL; |
|
222 | 2 | $this->_headerString .= '--' . $boundary . PHP_EOL; |
|
223 | |||
224 | /* reset body string */ |
||
225 | |||
226 | 2 | $this->_bodyString = null; |
|
227 | } |
||
228 | 2 | $this->_headerString .= 'Content-Type: application/octet-stream; name="' . $attachment . '"' . PHP_EOL; |
|
229 | 2 | $this->_headerString .= 'Content-Transfer-Encoding: base64' . PHP_EOL; |
|
230 | 2 | $this->_headerString .= 'Content-Disposition: attachment; filename="' . $attachment . '"' . PHP_EOL; |
|
231 | 2 | $this->_headerString .= $content . PHP_EOL; |
|
232 | 2 | $this->_headerString .= '--' . $boundary . '--'; |
|
233 | } |
||
234 | } |
||
235 | } |
||
236 | else |
||
237 | { |
||
238 | 2 | $this->_headerString .= 'Content-Type: text/html; charset=' . $settingModel->get('charset') . PHP_EOL; |
|
239 | } |
||
240 | |||
241 | /* collect header string */ |
||
242 | |||
243 | 4 | $this->_headerString .= 'From: ' . $this->_fromString . PHP_EOL; |
|
244 | 4 | $this->_headerString .= 'Reply-To: ' . $this->_fromString . PHP_EOL; |
|
245 | 4 | $this->_headerString .= 'Return-Path: ' . $this->_fromString . PHP_EOL; |
|
246 | 4 | } |
|
247 | |||
248 | /** |
||
249 | * send the email |
||
250 | * |
||
251 | * @since 2.6.2 |
||
252 | * |
||
253 | * @return bool |
||
254 | */ |
||
255 | |||
256 | 4 | public function send() : bool |
|
257 | { |
||
258 | 4 | foreach ($this->_toArray as $to) |
|
259 | { |
||
260 | 4 | if (!function_exists('mail') || !mail($to, $this->_subjectString, $this->_bodyString, $this->_headerString)) |
|
261 | { |
||
262 | return false; |
||
263 | } |
||
264 | } |
||
265 | 4 | return true; |
|
266 | } |
||
267 | } |
||
268 |
Our type inference engine has found an assignment of a scalar value (like a string, an integer or null) to a property which is an array.
Either this assignment is in error or the assigned type should be added to the documentation/type hint for that property.
To type hint that a parameter can be either an array or null, you can set a type hint of array and a default value of null. The PHP interpreter will then accept both an array or null for that parameter.
The function can be called with either null or an array for the parameter
$needle
but will only accept an array as$haystack
.