I have been looking a lot online but I didn't find an answer, is it possible to send encrypted emails S/MIME using PHP? if it is, how? (im using cakephp 2.x)
Thank you very much in advance
I managed to find a solution to this using PHPMailer, It applies to regular PHP as well. It will sign and encrypt the email, I couldn't find a way to do both with PHPMailer (sign and encrypt) only sign so I added some code to class.phpmailer.php. It stills need to add some error handling in case of an encryption error but so far works good.
for CakePHP 2.x:
Download PHPMailer and add it to your Vendors folder (project_name/app/vendor)
Add this line at the beginning of your function:
App::import('Vendor','PHPMailer/PHPMailerAutoload');
From here its the same for PHP or CakePHP:
$mail = new PHPMailer();
$mail->setFrom('from_who#email', 'Intranet');
//Set who the message is to be sent to
$mail->addAddress('to_who#email', 'Ricardo V');
//Set the subject line
$mail->Subject = 'PHPMailer signing test';
//Replace the plain text body with one created manually
$mail->Body = "some encrypted text...";
//Attach an image file
$mail->addAttachment('D:/path_to_file/test.pdf');
$mail->sign(
'app/webroot/cert/cert.crt', //The location of your certificate file
'app/webroot/cert/private.key', //The location of your private key
file
'password', //The password you protected your private key with (not
//the Import Password! may be empty but parameter must not be omitted!)
'app/webroot/cert/certchain.pem', //the certificate chain.
'1', //Encrypt the email as well, (1 = encrypt, 0 = dont encrypt)
'app/webroot/cert/rvarilias.crt'//The location of public certificate
//to encrypt the email with.
);
if (!$mail->send()) {
echo "Mailer Error: " . $mail->ErrorInfo;
} else {
echo "Message sent!";
}
Then we need to make some changes to class.phpmailer.php
replace the lines from 2368 to 2390 with:
$sign = #openssl_pkcs7_sign(
$file,
$signed,
'file://' . realpath($this->sign_cert_file),
array('file://' . realpath($this->sign_key_file),
$this->sign_key_pass),
null,
PKCS7_DETACHED,
$this->sign_extracerts_file
);
if ($this->encrypt_file == 1) {
$encrypted = tempnam(sys_get_temp_dir(), 'encrypted');
$encrypt = #openssl_pkcs7_encrypt(
$signed,
$encrypted,
file_get_contents($this->encrypt_cert_file),
null,
0,
1
);
if ($encrypted) {
#unlink($file);
$body = file_get_contents($encrypted);
#unlink($signed);
#unlink($encrypted);
//The message returned by openssl contains both headers
and body, so need to split them up
$parts = explode("\n\n", $body, 2);
$this->MIMEHeader .= $parts[0] . $this->LE . $this->LE;
$body = $parts[1];
} else {
#unlink($file);
#unlink($signed);
#unlink($encrypted);
throw new phpmailerException($this->lang('signing') .
openssl_error_string());
}
} else {
if ($signed) {
#unlink($file);
$body = file_get_contents($signed);
#unlink($signed);
//The message returned by openssl contains both headers
and body, so need to split them up
$parts = explode("\n\n", $body, 2);
$this->MIMEHeader .= $parts[0] . $this->LE . $this->LE;
$body = $parts[1];
} else {
#unlink($file);
#unlink($signed);
throw new phpmailerException($this->lang('signing') .
openssl_error_string());
}
}
}
then look for:
public function sign($cert_filename, $key_filename, $key_pass,
$extracerts_filename = '')
{
$this->sign_cert_file = $cert_filename;
$this->sign_key_file = $key_filename;
$this->sign_key_pass = $key_pass;
$this->sign_extracerts_file = $extracerts_filename;
}
and change it for:
public function sign($cert_filename, $key_filename, $key_pass,
$extracerts_filename = '', $and_encrypt ='0', $encrypt_cert = '')
{
$this->sign_cert_file = $cert_filename;
$this->sign_key_file = $key_filename;
$this->sign_key_pass = $key_pass;
$this->sign_extracerts_file = $extracerts_filename;
$this->encrypt_file = $and_encrypt;
$this->encrypt_cert_file = $encrypt_cert;
}
look for:
protected $sign_extracerts_file = '';
and add these lines after it:
protected $encrypt_cert = '';
protected $and_encrypt = '';
With these changes to phpmailer you can send a signed email or a signed and encrypted email. It works with attachments too.
I hope it is help ful to somebody.
*for regular php just don't add the line:
App::import('Vendor','PHPMailer/PHPMailerAutoload');
Related
I am using PHPMailer to send email to my clients. But I am not satisfied with the output of the
I want to remove <michael#gmail.com> at the end of my name but not sure how to do it.
My current script:
$mail->SetFrom("michael#gmail.com",'Michael Chu');
$mail->XMailer = 'Microsoft Mailer';
$mail->AddAddress($email);
$mail->Subject = "TEST Email";
$mail->Body = "<p>TEST Email<p>";
The relevant parts in the PHPMailer code is in the Pre Send routine, which assembles the mail (and which is obviously called internally always before send):
public function preSend() {
...
try {
$this->error_count = 0; // Reset errors
$this->mailHeader = '';
...
// Create body before headers in case body makes changes to headers (e.g. altering transfer encoding)
$this->MIMEHeader = '';
$this->MIMEBody = $this->createBody();
// createBody may have added some headers, so retain them
$tempheaders = $this->MIMEHeader;
$this->MIMEHeader = $this->createHeader();
$this->MIMEHeader .= $tempheaders;
...
return true;
This will be called always. Now: when we look at the createHeader-function we see this:
public function createHeader()
{
$result = '';
...
$result .= $this->addrAppend('From', [[trim($this->From), $this->FromName]]);
...
return $result;
}
So: Create Header always adds the From Address part, but it relies on addrAppend to format it (passing 'From' and an array containing one address-array [email, name])
public function addrAppend($type, $addr)
{
$addresses = [];
foreach ($addr as $address) {
$addresses[] = $this->addrFormat($address);
}
return $type . ': ' . implode(', ', $addresses) . static::$LE;
}
The address-array is passed on:
public function addrFormat($addr)
{
if (empty($addr[1])) { // No name provided
return $this->secureHeader($addr[0]);
}
return $this->encodeHeader($this->secureHeader($addr[1]), 'phrase') .
' <' .
$this->secureHeader($addr[0])
. '>';
}
and formatted with the email... Nothing you can do about it.
So with phpmailer you can't do it. But you can write your own subclass.
Probably something along those lines
<?php
//Import PHPMailer classes into the global namespace
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\Exception;
require '../vendor/autoload.php';
/**
* Use PHPMailer as a base class and extend it
*/
class myPHPMailer extends PHPMailer
{
public function addrFormat($addr)
{
if (empty($addr[1])) { // No name provided
return $this->secureHeader($addr[0]);
}
else {
return $this->secureHeader($addr[1]);
}
}
}
I have a google apps scripts app that gets Gmail message attachments, posts it to DB using JDBC. then on the server, a PHP script gets the data and puts in into a file and attaches it to an email.
the problem is that the files are corrupt when email arrives
here is the google apps script function that gets the attachment content
function getMessageAttachmentsArray(msg){
var GmailAttachments = msg.GmailMessage.getAttachments();
var validAttachments = [];
var attachmentNames = [];
if(GmailAttachments)
{
for(i in GmailAttachments)
{
var gName = GmailAttachments[i].getName();
attachmentNames.push(gName);
var mimeType = GmailAttachments[i].getContentType();
var size = GmailAttachments[i].getSize();
var content = Utilities.base64Encode(GmailAttachments[i].getDataAsString(), Utilities.Charset.UTF_8);
var push = {"content":content,"mimeType":mimeType,"fileName":gName,"size":size,"id":""};
validAttachments.push(push);
}
}
return [validAttachments, attachmentNames];
}
here is the PHP code that generated the email from the file data:
require_once 'smtpmail/classes/class.phpmailer.php';
$mail = new PHPmailer(true);
$email = $argv[1];
$messageid = $argv[2];
$fax_number = $argv[3];
$attachments = array();
//get the attachments for this email
$Sql = "select * from user_attachments where email = '$email' and messageid like '$messageid%'";
$res = mysql_query($Sql);
while($row = mysql_fetch_array($res)){
$return['filename'] = $row['name'];
$return['mime'] = $row['mime_type'];
$content = base64_decode(str_pad(strtr($row['raw_data'], '-_', '+/'), strlen($row['raw_data']) % 4, '=', STR_PAD_RIGHT));
$temp_file = tempnam(sys_get_temp_dir(), 'Fax');
file_put_contents($temp_file, $content);
$return['file'] = $temp_file;
array_push($attachments, $return);
}
try{
$mail->IsSMTP();
$mail->SMTPDebug = 1;
$mail->SetFrom("example#example.com", "example email");
$mail->Subject = '';
$mail->Body = ' '; //put in a blank body to avoid smtp error
$mail->AddAddress($email);
foreach($attachments as $file){
$mail->AddAttachment($file['file'], $file['filename'], 'base64' ,mime_content_type($file['file']));
}
if($mail->send()){
echo "email to $email sent successfully\n";
}else{
echo "error sending email to $email\n";
}
}catch(phpmailerException $e){
echo $e->errorMessage();
}catch(Exception $e){
echo $e->getMessage();
}
When the message is received it shows the attachments but when downloaded I can not open them and there is a message that the file is corrupt or the file extension does not match the file format
what am I doing wrong?
Thanks in advance.
EDIT:
I tried emailing the attachment without posting to the DB, by posting to the server with UrlFetchApp() and the results are the same. clearly, I am doing something wrong with Base64_encode / decode...
maybe the google apps scripts :
Utilities.base64Encode(GmailAttachments[i].getDataAsString(), Utilities.Charset.UTF_8);
creates a different base64 format than PHP base64_decode expects?
p.s.
I tried also with and without 'str_pad' and I still got the same results.
I changed:
Utilities.base64Encode(GmailAttachments[i].getDataAsString(), Utilities.Charset.UTF_8);
to:
Utilities.base64Encode(GmailAttachments[i].getBytes());
and it works
I am trying to send attachments with SendGrid through PHP, but keep getting a corrupted file error when I open the attachment. The error message "We're sorry. We can't open 'file.docx' because we found a problem with its contents" and when I click on the details of the error I see "The file is corrupt and cannot be opened"
My code looks like the below:
$sendGridLoginInfo = $contactViaEmail->getSendGridLoginInfo();
$sendgrid = new SendGrid($sendGridLoginInfo['Username'], $sendGridLoginInfo['Password']);
$mail = new SendGrid\Mail();
//Add the tracker args
$mail->addUniqueArgument("EmailID", $emailID);
$mail->addUniqueArgument("EmailGroupID", $emailGroupID);
/*
* INSERT THE SUBSITUTIONS FOR SEND GRID
*/
foreach ($availableSubstitutions as $availableSubstitution)
{
$mail->addSubstitution("[[" . $availableSubstitution . "]]", $substitutions[$availableSubstitution]);
}
/*
* ADD EACH EMAIL AS A NEW ADD TO
* This makes it BCC (because each person gets their own copy) and each person gets their own individualized email.
*/
foreach ($emailInfo['SendToEmailAddress'] as $toEmail)
{
if ($sendToLoggedInUser)
{
$mail->addTo($adminEmailAddress);
}
else
{
$mail->addTo($toEmail);
}
$trashCount++;
}
//Set the subject
$mail->setSubject($emailInfo['EmailSubject']);
//Instantiate the HTML Purifier (for removing the html)
$config = HTMLPurifier_Config::createDefault();
$config->set('HTML', 'Allowed', '');
$purifier = new HTMLPurifier($config);
$mail->setText($purifier->purify($emailBody));
$mail->setHtml($emailBody);
if ($emailInfo['AttachmentID'])
{
$sql = "SELECT
AttachmentPath
FROM
EmailAttachments
WHERE
EmailAttachments.AttachmentID = :attachmentID";
if ($query = $pdoLink->prepare($sql))
{
$bindValues = array();
$bindValues[":attachmentID"] = $emailInfo['AttachmentID'];
if ($query->execute($bindValues))
{
if ($row = $query->fetch(\PDO::FETCH_ASSOC))
{
$attachment = "";
$mail->addAttachment($sitedb . $row['AttachmentPath']);
}
}
}
}
if ($sendToLoggedInUser)
{
$mail->setFrom($adminEmailAddress);
$mail->setReplyTo($adminEmailAddress);
}
else
{
$mail->setFrom($emailInfo['FromAddress']);
$mail->setReplyTo($emailInfo['ReplyTo']);
}
$mail->setFromName($emailInfo['FromName']);
$sendgrid->web->send($mail);
I've played with the content type and everything else that I can think of and just cannot find out what is causing the attachments to be corrupted.
You need to create an attachment object to add an attachment, you can't use the path directly like you are. SendGrid requires files to be sent as base64 encoded strings.
You'll need to create the attachment object, you could do this as a method:
public function getAttachment($path)
{
if (!file_exists($path)) {
return false;
}
$attachment = new SendGrid\Attachment;
$attachment->setContent(base64_encode(file_get_contents($path)));
$attachment->setType(mime_content_type($path));
$attachment->setFilename(basename($path));
$attachment->setDisposition('attachment');
return $attachment;
}
Then add it to your email:
$attachment = $this->getAttachment($sitedb . $row['AttachmentPath']);
if ($attachment instanceof SendGrid\Attachment) {
$mail->addAttachment($attachment);
}
private function mailToClient($file, $customer, $trans_id = "")
{
if(!$customer["email"]) return;
$mail = &$this->getMailObject();
$country = $_SESSION[PROJECT]["user"]["details"]["country"];
$lang = getLanguage();
if( empty($trans_id))
{
//get header
$set = getContentByCode("client_email_header");
if(!$set->EOF)
$msg_html = $set->fields["content_$lang"];
}
else
{
//get header
$set = getContentByCode("client_email_with_card_header");
if(!$set->EOF)
$msg_html = $set->fields["content_$lang"];
}
if( $country != "Schweiz" && !empty($trans_id))
{
//get header
$set = getContentByCode("client_email_nonswiss_card");
if(!$set->EOF)
$msg_html = $set->fields["content_$lang"];
}
$msg_html = $this->replacePlaceHolders($msg_html, $customer);
$msg_plain = strip_tags($msg_html);
//get footer
$set = getContentByCode("client_email_footer");
if(!$set->EOF)
$msg_html2 = $set->fields["content_$lang"];
$msg_html2 = $this->replacePlaceHolders($msg_html2, $customer);
$msg_plain2 = strip_tags($msg_html2);
//get order
$order = file_get_contents($file);
$mail->Subject = (EMAIL_SUBJECT_PREFIX ? EMAIL_SUBJECT_PREFIX." " : "")."Order from TERRA KERAMIK";
$mail->Body = $msg_html."<br />".$order."<br />".$msg_html2;
$mail->AltBody = $msg_plain.$msg_plain2;
//$mail->AddAttachment($file, date("d.m.Y H_i")." order.xls");
$mail->AddAttachment($file, date("d.m.Y H_i")." ".mn_transliterate($customer["name"]." ".$customer["surname"].".pdf", $encoding = 'base64', $type = 'application/pdf'));
$mail->AddAddress($customer["email"], $customer["name"]." ".$customer["surname"]);
$mail->Send();
I know there are similar questions, however the solutions they are offering don't help. Just trying my luck.
So, I've got this code which send a client an email plus adds an attachment. The attachment itself is a html table. It is also added into the email and looks like this
When I receive an email the attachment is there but is corrupted or damaged. Other solutions advised to add "$encoding = 'base64', $type = 'application/pdf'" along with file path and name.
This doesn't change situation at all. At the same time this code, which is currently commented
//$mail->AddAttachment($file, date("d.m.Y H_i")." order.xls"); works pretty fine, I do receive an excel file with information.
Any thoughts?
I ma trying to send arabic text from the clickatell sms provider using php, but all i have been able to send yet is garbled text. The text I am using for testing is "غثس هفس ".
I have tried encoding the message text to Windows-1256,1250 and ISO-8859-6 formats using iconv but everytimeit just sends garbled texts.
Can anyone please give me some pointers to what I am missing?
Thanks in advance
Ok, this is for whoever comes on this path later. Found the solution here
Retaining code from Esailija's answer
<?php
$text = "غثس هفس خن";
$arr = unpack('H*hex', iconv('UTF-8', 'UCS-2BE', $text));
$message = strtoupper($arr['hex']);
$username = '';
$password = '';
$API_ID = '';
$to = '';
$url = "http://api.clickatell.com/http/auth?user=$username&password=$password&api_id=$API_ID";
$ret = file($url);
$sess = explode(":",$ret[0]);
if ($sess[0] == "OK") {
$sess_id = trim($sess[1]);
$url = "http://api.clickatell.com/http/sendmsg?session_id=$sess_id&to=$to&text=$message&unicode=1";
$ret = file($url);
$send = explode(":",$ret[0]);
if ($send[0] == "ID") {
echo "success - message ID: ". $send[1];
} else {
echo "send message failed";
}
} else {
echo "Authentication failure: ". $ret[0];
}
Based on this, the default is GSM but you can also choose UCS2.
So:
<?php
//Make sure the PHP source file is physically
//saved in utf-8
$text = rawurlencode(iconv( "UTF-8", "UCS-2", "غثس هفس "));
$url = "http://api.clickatell.com/http/auth?user=username&password=password&api_id=API_ID&encoding=UCS2";
$ret = file($url);
$sess = explode(":",$ret[0]);
if ($sess[0] == "OK") {
$sess_id = trim($sess[1]);
$url = "http://api.clickatell.com/http/sendmsg?session_id=$sess_id&to=$to&text=$text&encoding=UCS2";
$ret = file($url);
$send = explode(":",$ret[0]);
if ($send[0] == "ID") {
echo "successnmessage ID: ". $send[1];
} else {
echo "send message failed";
}
} else {
echo "Authentication failure: ". $ret[0];
}
I rewrote ClickATell code for Vtiger 6 so that it can accommodate UTF-8 Extended characters. I use Turkish. I use the below code for conversion. I hope you can port.
/**
* Function to handle UTF-8 Check and conversion
* #author Nuri Unver
*
*/
public function smstxtcode($data){
$mb_hex = '';
$utf = 0;
for($i = 0 ; $i<mb_strlen($data,'UTF-8') ; $i++){
$c = mb_substr($data,$i,1,'UTF-8');
$o = unpack('N',mb_convert_encoding($c,'UCS-4BE','UTF-8'));
$hx = sprintf('%04X',$o[1]);
$utf += intval(substr($hx,0,2));
$mb_hex .= $hx;
}
if ($utf>0)
{
$return=$mb_hex;
$utf=1;
}
else
{
$return=utf8_decode($data);
$utf=0;
}
return array($utf,$return);
}
The you call this function with your message. The response you get it is an array saying wheter to send unicode or normal text depending on the message and also the text to be sent. If there are no extended characters, it just sends it as plain text with unicode=0 in order to save characters. If message contains extended characters, it converts the message to hexcode and sends it as unicode.
This code just does the calculations. You need to implement your own code to port it to your system. For demonstration this is the code I use for Vtiger to extract data and send the message:
/**
* Function to handle SMS Send operation
* #param <String> $message
* #param <Mixed> $toNumbers One or Array of numbers
*/
public function send($message, $toNumbers) {
if(!is_array($toNumbers)) {
$toNumbers = array($toNumbers);
}
$params = $this->prepareParameters();
$smsarray = $this->smstxtcode($message);
$params['text'] = $smsarray[1];
$params['unicode'] = $smsarray[0];
$params['to'] = implode(',', $toNumbers);
$serviceURL = $this->getServiceURL(self::SERVICE_SEND);
Short answer: you need to do two things:
a) Convert your Arabic message:
$data = iconv("UTF-8", "UCS-2BE", $data);
$data = bin2hex($data);
Use the resulting string as your message text
b) When sending via the HTTP API, include the unicode parameter:
&unicode=1