Initial commit

.gitattributes

@@ -0,0 +1,2 @@
+# Auto detect text files and perform LF normalization
+* text=auto

PHPMailer/SECURITY.md

@@ -0,0 +1,26 @@
+# Security notices relating to PHPMailer
+
+Please disclose any vulnerabilities found responsibly - report any security problems found to the maintainers privately.
+
+PHPMailer versions prior to 5.2.24 (released July 26th 2017) have an XSS vulnerability in one of the code examples, [CVE-2017-11503](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-11503). The `code_generator.phps` example did not filter user input prior to output. This file is distributed with a `.phps` extension, so it it not normally executable unless it is explicitly renamed, so it is safe by default. There was also an undisclosed potential XSS vulnerability in the default exception handler (unused by default). Patches for both issues kindly provided by Patrick Monnerat of the Fedora Project.
+
+PHPMailer versions prior to 5.2.22 (released January 9th 2017) have a local file disclosure vulnerability, [CVE-2017-5223](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5223). If content passed into `msgHTML()` is sourced from unfiltered user input, relative paths can map to absolute local file paths and added as attachments. Also note that `addAttachment` (just like `file_get_contents`, `passthru`, `unlink`, etc) should not be passed user-sourced params either! Reported by Yongxiang Li of Asiasecurity.
+
+PHPMailer versions prior to 5.2.20 (released December 28th 2016) are vulnerable to [CVE-2016-10045](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10045) a remote code execution vulnerability, responsibly reported by [Dawid Golunski](https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10045-Vuln-Patch-Bypass.html), and patched by Paul Buonopane (@Zenexer).
+
+PHPMailer versions prior to 5.2.18 (released December 2016) are vulnerable to [CVE-2016-10033](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10033) a remote code execution vulnerability, responsibly reported by [Dawid Golunski](http://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html).
+
+PHPMailer versions prior to 5.2.14 (released November 2015) are vulnerable to [CVE-2015-8476](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8476) an SMTP CRLF injection bug permitting arbitrary message sending.
+
+PHPMailer versions prior to 5.2.10 (released May 2015) are vulnerable to [CVE-2008-5619](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5619), a remote code execution vulnerability in the bundled html2text library. This file was removed in 5.2.10, so if you are using a version prior to that and make use of the html2text function, it's vitally important that you upgrade and remove this file.
+
+PHPMailer versions prior to 2.0.7 and 2.2.1 are vulnerable to [CVE-2012-0796](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0796), an email header injection attack.
+
+Joomla 1.6.0 uses PHPMailer in an unsafe way, allowing it to reveal local file paths, reported in [CVE-2011-3747](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3747).
+
+PHPMailer didn't sanitise the `$lang_path` parameter in `SetLanguage`. This wasn't a problem in itself, but some apps (PHPClassifieds, ATutor) also failed to sanitise user-provided parameters passed to it, permitting semi-arbitrary local file inclusion, reported in [CVE-2010-4914](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4914), [CVE-2007-2021](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2021) and [CVE-2006-5734](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5734).
+
+PHPMailer 1.7.2 and earlier contained a possible DDoS vulnerability reported in [CVE-2005-1807](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1807).
+
+PHPMailer 1.7 and earlier (June 2003) have a possible vulnerability in the `SendmailSend` method where shell commands may not be sanitised. Reported in [CVE-2007-3215](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3215).
+

PHPMailer/VERSION

@@ -0,0 +1 @@
+6.0.5

PHPMailer/get_oauth_token.php

@@ -0,0 +1,144 @@
+<?php
+/**
+ * PHPMailer - PHP email creation and transport class.
+ * PHP Version 5.5
+ * @package PHPMailer
+ * @see https://github.com/PHPMailer/PHPMailer/ The PHPMailer GitHub project
+ * @author Marcus Bointon (Synchro/coolbru) <[email protected]>
+ * @author Jim Jagielski (jimjag) <[email protected]>
+ * @author Andy Prevost (codeworxtech) <[email protected]>
+ * @author Brent R. Matzelle (original founder)
+ * @copyright 2012 - 2017 Marcus Bointon
+ * @copyright 2010 - 2012 Jim Jagielski
+ * @copyright 2004 - 2009 Andy Prevost
+ * @license http://www.gnu.org/copyleft/lesser.html GNU Lesser General Public License
+ * @note This program is distributed in the hope that it will be useful - WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.
+ */
+/**
+ * Get an OAuth2 token from an OAuth2 provider.
+ * * Install this script on your server so that it's accessible
+ * as [https/http]://<yourdomain>/<folder>/get_oauth_token.php
+ * e.g.: http://localhost/phpmailer/get_oauth_token.php
+ * * Ensure dependencies are installed with 'composer install'
+ * * Set up an app in your Google/Yahoo/Microsoft account
+ * * Set the script address as the app's redirect URL
+ * If no refresh token is obtained when running this file,
+ * revoke access to your app and run the script again.
+ */
+
+namespace PHPMailer\PHPMailer;
+
+/**
+ * Aliases for League Provider Classes
+ * Make sure you have added these to your composer.json and run `composer install`
+ * Plenty to choose from here:
+ * @see http://oauth2-client.thephpleague.com/providers/thirdparty/
+ */
+// @see https://github.com/thephpleague/oauth2-google
+use League\OAuth2\Client\Provider\Google;
+// @see https://packagist.org/packages/hayageek/oauth2-yahoo
+use Hayageek\OAuth2\Client\Provider\Yahoo;
+// @see https://github.com/stevenmaguire/oauth2-microsoft
+use Stevenmaguire\OAuth2\Client\Provider\Microsoft;
+
+if (!isset($_GET['code']) && !isset($_GET['provider'])) {
+?>
+<html>
+<body>Select Provider:<br/>
+<a href='?provider=Google'>Google</a><br/>
+<a href='?provider=Yahoo'>Yahoo</a><br/>
+<a href='?provider=Microsoft'>Microsoft/Outlook/Hotmail/Live/Office365</a><br/>
+</body>
+</html>
+<?php
+exit;
+}
+
+require 'vendor/autoload.php';
+
+session_start();
+
+$providerName = '';
+
+if (array_key_exists('provider', $_GET)) {
+    $providerName = $_GET['provider'];
+    $_SESSION['provider'] = $providerName;
+} elseif (array_key_exists('provider', $_SESSION)) {
+    $providerName = $_SESSION['provider'];
+}
+if (!in_array($providerName, ['Google', 'Microsoft', 'Yahoo'])) {
+    exit('Only Google, Microsoft and Yahoo OAuth2 providers are currently supported in this script.');
+}
+
+//These details are obtained by setting up an app in the Google developer console,
+//or whichever provider you're using.
+$clientId = 'RANDOMCHARS-----duv1n2.apps.googleusercontent.com';
+$clientSecret = 'RANDOMCHARS-----lGyjPcRtvP';
+
+//If this automatic URL doesn't work, set it yourself manually to the URL of this script
+$redirectUri = (isset($_SERVER['HTTPS']) ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
+//$redirectUri = 'http://localhost/PHPMailer/redirect';
+
+$params = [
+    'clientId' => $clientId,
+    'clientSecret' => $clientSecret,
+    'redirectUri' => $redirectUri,
+    'accessType' => 'offline'
+];
+
+$options = [];
+$provider = null;
+
+switch ($providerName) {
+    case 'Google':
+        $provider = new Google($params);
+        $options = [
+            'scope' => [
+                'https://mail.google.com/'
+            ]
+        ];
+        break;
+    case 'Yahoo':
+        $provider = new Yahoo($params);
+        break;
+    case 'Microsoft':
+        $provider = new Microsoft($params);
+        $options = [
+            'scope' => [
+                'wl.imap',
+                'wl.offline_access'
+            ]
+        ];
+        break;
+}
+
+if (null === $provider) {
+    exit('Provider missing');
+}
+
+if (!isset($_GET['code'])) {
+    // If we don't have an authorization code then get one
+    $authUrl = $provider->getAuthorizationUrl($options);
+    $_SESSION['oauth2state'] = $provider->getState();
+    header('Location: ' . $authUrl);
+    exit;
+// Check given state against previously stored one to mitigate CSRF attack
+} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
+    unset($_SESSION['oauth2state']);
+    unset($_SESSION['provider']);
+    exit('Invalid state');
+} else {
+    unset($_SESSION['provider']);
+    // Try to get an access token (using the authorization code grant)
+    $token = $provider->getAccessToken(
+        'authorization_code',
+        [
+            'code' => $_GET['code']
+        ]
+    );
+    // Use this to interact with an API on the users behalf
+    // Use this to get a new access token if the old one expires
+    echo 'Refresh Token: ', $token->getRefreshToken();
+}

PHPMailer/language/phpmailer.lang-am.php

@@ -0,0 +1,26 @@
+<?php
+/**
+ * Armenian PHPMailer language file: refer to English translation for definitive list
+ * @package PHPMailer
+ * @author Hrayr Grigoryan <[email protected]>
+ */
+
+$PHPMAILER_LANG['authenticate']         = 'SMTP -ի սխալ: չհաջողվեց ստուգել իսկությունը.';
+$PHPMAILER_LANG['connect_host']         = 'SMTP -ի սխալ: չհաջողվեց կապ հաստատել SMTP սերվերի հետ.';
+$PHPMAILER_LANG['data_not_accepted']    = 'SMTP -ի սխալ: տվյալները ընդունված չեն.';
+$PHPMAILER_LANG['empty_message']        = 'Հաղորդագրությունը դատարկ է';
+$PHPMAILER_LANG['encoding']             = 'Կոդավորման անհայտ տեսակ: ';
+$PHPMAILER_LANG['execute']              = 'Չհաջողվեց իրականացնել հրամանը: ';
+$PHPMAILER_LANG['file_access']          = 'Ֆայլը հասանելի չէ: ';
+$PHPMAILER_LANG['file_open']            = 'Ֆայլի սխալ: ֆայլը չհաջողվեց բացել: ';
+$PHPMAILER_LANG['from_failed']          = 'Ուղարկողի հետևյալ հասցեն սխալ է: ';
+$PHPMAILER_LANG['instantiate']          = 'Հնարավոր չէ կանչել mail ֆունկցիան.';
+$PHPMAILER_LANG['invalid_address']      = 'Հասցեն սխալ է: ';
+$PHPMAILER_LANG['mailer_not_supported'] = ' փոստային սերվերի հետ չի աշխատում.';
+$PHPMAILER_LANG['provide_address']      = 'Անհրաժեշտ է տրամադրել գոնե մեկ ստացողի e-mail հասցե.';
+$PHPMAILER_LANG['recipients_failed']    = 'SMTP -ի սխալ: չի հաջողվել ուղարկել հետևյալ ստացողների հասցեներին: ';
+$PHPMAILER_LANG['signing']              = 'Ստորագրման սխալ: ';
+$PHPMAILER_LANG['smtp_connect_failed']  = 'SMTP -ի connect() ֆունկցիան չի հաջողվել';
+$PHPMAILER_LANG['smtp_error']           = 'SMTP սերվերի սխալ: ';
+$PHPMAILER_LANG['variable_set']         = 'Չի հաջողվում ստեղծել կամ վերափոխել փոփոխականը: ';
+$PHPMAILER_LANG['extension_missing']    = 'Հավելվածը բացակայում է: ';

PHPMailer/language/phpmailer.lang-ar.php

@@ -0,0 +1,27 @@
+<?php
+/**
+ * Arabic PHPMailer language file: refer to English translation for definitive list
+ * @package PHPMailer
+ * @author bahjat al mostafa <[email protected]>
+ */
+
+$PHPMAILER_LANG['authenticate']         = 'خطأ SMTP : لا يمكن تأكيد الهوية.';
+$PHPMAILER_LANG['connect_host']         = 'خطأ SMTP: لا يمكن الاتصال بالخادم SMTP.';
+$PHPMAILER_LANG['data_not_accepted']    = 'خطأ SMTP: لم يتم قبول المعلومات .';
+$PHPMAILER_LANG['empty_message']        = 'نص الرسالة فارغ';
+$PHPMAILER_LANG['encoding']             = 'ترميز غير معروف: ';
+$PHPMAILER_LANG['execute']              = 'لا يمكن تنفيذ : ';
+$PHPMAILER_LANG['file_access']          = 'لا يمكن الوصول للملف: ';
+$PHPMAILER_LANG['file_open']            = 'خطأ في الملف: لا يمكن فتحه: ';
+$PHPMAILER_LANG['from_failed']          = 'خطأ على مستوى عنوان المرسل : ';
+$PHPMAILER_LANG['instantiate']          = 'لا يمكن توفير خدمة البريد.';
+$PHPMAILER_LANG['invalid_address']      = 'الإرسال غير ممكن لأن عنوان البريد الإلكتروني غير صالح: ';
+$PHPMAILER_LANG['mailer_not_supported'] = ' برنامج الإرسال غير مدعوم.';
+$PHPMAILER_LANG['provide_address']      = 'يجب توفير عنوان البريد الإلكتروني لمستلم واحد على الأقل.';
+$PHPMAILER_LANG['recipients_failed']    = 'خطأ SMTP: الأخطاء التالية ' .
+                                          'فشل في الارسال لكل من : ';
+$PHPMAILER_LANG['signing']              = 'خطأ في التوقيع: ';
+$PHPMAILER_LANG['smtp_connect_failed']  = 'SMTP Connect() غير ممكن.';
+$PHPMAILER_LANG['smtp_error']           = 'خطأ على مستوى الخادم SMTP: ';
+$PHPMAILER_LANG['variable_set']         = 'لا يمكن تعيين أو إعادة تعيين متغير: ';
+$PHPMAILER_LANG['extension_missing']    = 'الإضافة غير موجودة: ';

PHPMailer/language/phpmailer.lang-az.php

@@ -0,0 +1,26 @@
+<?php
+/**
+ * Azerbaijani PHPMailer language file: refer to English translation for definitive list
+ * @package PHPMailer
+ * @author @mirjalal
+ */
+
+$PHPMAILER_LANG['authenticate']         = 'SMTP xətası: Giriş uğursuz oldu.';
+$PHPMAILER_LANG['connect_host']         = 'SMTP xətası: SMTP serverinə qoşulma uğursuz oldu.';
+$PHPMAILER_LANG['data_not_accepted']    = 'SMTP xətası: Verilənlər qəbul edilməyib.';
+$PHPMAILER_LANG['empty_message']        = 'Boş mesaj göndərilə bilməz.';
+$PHPMAILER_LANG['encoding']             = 'Qeyri-müəyyən kodlaşdırma: ';
+$PHPMAILER_LANG['execute']              = 'Əmr yerinə yetirilmədi: ';
+$PHPMAILER_LANG['file_access']          = 'Fayla giriş yoxdur: ';
+$PHPMAILER_LANG['file_open']            = 'Fayl xətası: Fayl açıla bilmədi: ';
+$PHPMAILER_LANG['from_failed']          = 'Göstərilən poçtlara göndərmə uğursuz oldu: ';
+$PHPMAILER_LANG['instantiate']          = 'Mail funksiyası işə salına bilmədi.';
+$PHPMAILER_LANG['invalid_address']      = 'Düzgün olmayan e-mail adresi: ';
+$PHPMAILER_LANG['mailer_not_supported'] = ' - e-mail kitabxanası dəstəklənmir.';
+$PHPMAILER_LANG['provide_address']      = 'Ən azı bir e-mail adresi daxil edilməlidir.';
+$PHPMAILER_LANG['recipients_failed']    = 'SMTP xətası: Aşağıdakı ünvanlar üzrə alıcılara göndərmə uğursuzdur: ';
+$PHPMAILER_LANG['signing']              = 'İmzalama xətası: ';
+$PHPMAILER_LANG['smtp_connect_failed']  = 'SMTP serverinə qoşulma uğursuz oldu.';
+$PHPMAILER_LANG['smtp_error']           = 'SMTP serveri xətası: ';
+$PHPMAILER_LANG['variable_set']         = 'Dəyişənin quraşdırılması uğursuz oldu: ';
+//$PHPMAILER_LANG['extension_missing']    = 'Extension missing: ';

PHPMailer/language/phpmailer.lang-ba.php

@@ -0,0 +1,26 @@
+<?php
+/**
+ * Bosnian PHPMailer language file: refer to English translation for definitive list
+ * @package PHPMailer
+ * @author Ermin Islamagić <[email protected]>
+ */
+
+$PHPMAILER_LANG['authenticate']         = 'SMTP Greška: Neuspjela prijava.';
+$PHPMAILER_LANG['connect_host']         = 'SMTP Greška: Nije moguće spojiti se sa SMTP serverom.';
+$PHPMAILER_LANG['data_not_accepted']    = 'SMTP Greška: Podatci nisu prihvaćeni.';
+$PHPMAILER_LANG['empty_message']        = 'Sadržaj poruke je prazan.';
+$PHPMAILER_LANG['encoding']             = 'Nepoznata kriptografija: ';
+$PHPMAILER_LANG['execute']              = 'Nije moguće izvršiti naredbu: ';
+$PHPMAILER_LANG['file_access']          = 'Nije moguće pristupiti datoteci: ';
+$PHPMAILER_LANG['file_open']            = 'Nije moguće otvoriti datoteku: ';
+$PHPMAILER_LANG['from_failed']          = 'SMTP Greška: Slanje sa navedenih e-mail adresa nije uspjelo: ';
+$PHPMAILER_LANG['recipients_failed']    = 'SMTP Greška: Slanje na navedene e-mail adrese nije uspjelo: ';
+$PHPMAILER_LANG['instantiate']          = 'Ne mogu pokrenuti mail funkcionalnost.';
+$PHPMAILER_LANG['invalid_address']      = 'E-mail nije poslan. Neispravna e-mail adresa: ';
+$PHPMAILER_LANG['mailer_not_supported'] = ' mailer nije podržan.';
+$PHPMAILER_LANG['provide_address']      = 'Definišite barem jednu adresu primaoca.';
+$PHPMAILER_LANG['signing']              = 'Greška prilikom prijave: ';
+$PHPMAILER_LANG['smtp_connect_failed']  = 'Spajanje na SMTP server nije uspjelo.';
+$PHPMAILER_LANG['smtp_error']           = 'SMTP greška: ';
+$PHPMAILER_LANG['variable_set']         = 'Nije moguće postaviti varijablu ili je vratiti nazad: ';
+$PHPMAILER_LANG['extension_missing']    = 'Nedostaje ekstenzija: ';

PHPMailer/language/phpmailer.lang-be.php

@@ -0,0 +1,26 @@
+<?php
+/**
+ * Belarusian PHPMailer language file: refer to English translation for definitive list
+ * @package PHPMailer
+ * @author Aleksander Maksymiuk <[email protected]>
+ */
+
+$PHPMAILER_LANG['authenticate']         = 'Памылка SMTP: памылка ідэнтыфікацыі.';
+$PHPMAILER_LANG['connect_host']         = 'Памылка SMTP: нельга ўстанавіць сувязь з SMTP-серверам.';
+$PHPMAILER_LANG['data_not_accepted']    = 'Памылка SMTP: звесткі непрынятыя.';
+$PHPMAILER_LANG['empty_message']        = 'Пустое паведамленне.';
+$PHPMAILER_LANG['encoding']             = 'Невядомая кадыроўка тэксту: ';
+$PHPMAILER_LANG['execute']              = 'Нельга выканаць каманду: ';
+$PHPMAILER_LANG['file_access']          = 'Няма доступу да файла: ';
+$PHPMAILER_LANG['file_open']            = 'Нельга адкрыць файл: ';
+$PHPMAILER_LANG['from_failed']          = 'Няправільны адрас адпраўніка: ';
+$PHPMAILER_LANG['instantiate']          = 'Нельга прымяніць функцыю mail().';
+$PHPMAILER_LANG['invalid_address']      = 'Нельга даслаць паведамленне, няправільны email атрымальніка: ';
+$PHPMAILER_LANG['provide_address']      = 'Запоўніце, калі ласка, правільны email атрымальніка.';
+$PHPMAILER_LANG['mailer_not_supported'] = ' - паштовы сервер не падтрымліваецца.';
+$PHPMAILER_LANG['recipients_failed']    = 'Памылка SMTP: няправільныя атрымальнікі: ';
+$PHPMAILER_LANG['signing']              = 'Памылка подпісу паведамлення: ';
+$PHPMAILER_LANG['smtp_connect_failed']  = 'Памылка сувязі з SMTP-серверам.';
+$PHPMAILER_LANG['smtp_error']           = 'Памылка SMTP: ';
+$PHPMAILER_LANG['variable_set']         = 'Нельга ўстанавіць або перамяніць значэнне пераменнай: ';
+//$PHPMAILER_LANG['extension_missing']    = 'Extension missing: ';