Easy WP SMTP - Version 1.3.6

Version Description

  • SMTP Username and SMTP Host fields are no longer multiplying slashes (thanks to jstepak for reporting).
  • Added option to encrypt password using AES-256 encryption. This requires PHP 5.3+ and OpenSSL PHP extension to be enabled on the server.
  • Added clear message to indicate if test email was successfully sent or not. Now you don't have to figure this out from debug log :-)
  • Disabled browser autocomplete for username and password fields to prevent them from being replaced by WP login credentials (if those were saved in browser).
  • Removed duplicate items IDs from settings page to comply with HTML standards.
Download this release

Release Info

Developer mra13
Plugin Icon 128x128 Easy WP SMTP
Version 1.3.6
Comparing to
See all releases

Code changes from version 1.3.5 to 1.3.6

Files changed (5) hide show
  1. easy-wp-smtp-admin-menu.php +127 -30
  2. easy-wp-smtp-utils.php +45 -0
  3. easy-wp-smtp.php +114 -72
  4. inc/Cryptor.php +173 -0
  5. readme.txt +8 -1
easy-wp-smtp-admin-menu.php CHANGED
@@ -10,7 +10,7 @@ function swpsmtp_admin_default_setup() {
10
  }
11
 
12
  /**
13
- * Sanitizes textarea. Tries to use wp sanitize_textarea_field() function. If that's now available, uses its own methods
14
  * @return string
15
  */
16
  function swpsmtp_sanitize_textarea( $str ) {
@@ -50,6 +50,12 @@ function swpsmtp_sanitize_textarea( $str ) {
50
  * @return void
51
  */
52
  function swpsmtp_settings() {
 
 
 
 
 
 
53
  echo '<div class="wrap" id="swpsmtp-mail">';
54
  echo '<h2>' . __( "Easy WP SMTP Settings", 'easy-wp-smtp' ) . '</h2>';
55
  echo '<div id="poststuff"><div id="post-body">';
@@ -87,17 +93,29 @@ function swpsmtp_settings() {
87
  $swpsmtp_options[ 'email_ignore_list' ] = sanitize_text_field( $_POST[ 'swpsmtp_email_ignore_list' ] );
88
  }
89
 
90
- $swpsmtp_options[ 'smtp_settings' ][ 'host' ] = sanitize_text_field( $_POST[ 'swpsmtp_smtp_host' ] );
91
  $swpsmtp_options[ 'smtp_settings' ][ 'type_encryption' ] = ( isset( $_POST[ 'swpsmtp_smtp_type_encryption' ] ) ) ? sanitize_text_field( $_POST[ 'swpsmtp_smtp_type_encryption' ] ) : 'none';
92
  $swpsmtp_options[ 'smtp_settings' ][ 'autentication' ] = ( isset( $_POST[ 'swpsmtp_smtp_autentication' ] ) ) ? sanitize_text_field( $_POST[ 'swpsmtp_smtp_autentication' ] ) : 'yes';
93
- $swpsmtp_options[ 'smtp_settings' ][ 'username' ] = sanitize_text_field( $_POST[ 'swpsmtp_smtp_username' ] );
94
- $smtp_password = $_POST[ 'swpsmtp_smtp_password' ];
95
- if ( $smtp_password !== $gag_password ) {
96
- $swpsmtp_options[ 'smtp_settings' ][ 'password' ] = base64_encode( $smtp_password );
97
- }
98
  $swpsmtp_options[ 'smtp_settings' ][ 'enable_debug' ] = isset( $_POST[ 'swpsmtp_enable_debug' ] ) ? 1 : false;
99
  $swpsmtp_options[ 'smtp_settings' ][ 'insecure_ssl' ] = isset( $_POST[ 'swpsmtp_insecure_ssl' ] ) ? 1 : false;
100
- $swpsmtp_options[ 'enable_domain_check' ] = isset( $_POST[ 'swpsmtp_enable_domain_check' ] ) ? 1 : false;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
101
  if ( isset( $_POST[ 'swpsmtp_allowed_domains' ] ) ) {
102
  $swpsmtp_options[ 'block_all_emails' ] = isset( $_POST[ 'swpsmtp_block_all_emails' ] ) ? 1 : false;
103
  $swpsmtp_options[ 'allowed_domains' ] = base64_encode( sanitize_text_field( $_POST[ 'swpsmtp_allowed_domains' ] ) );
@@ -126,7 +144,7 @@ function swpsmtp_settings() {
126
 
127
  /* Send test letter */
128
  $swpsmtp_to = '';
129
- if ( isset( $_POST[ 'swpsmtp_test_submit' ] ) && check_admin_referer( plugin_basename( __FILE__ ), 'swpsmtp_nonce_name' ) ) {
130
  if ( isset( $_POST[ 'swpsmtp_to' ] ) ) {
131
  $to_email = sanitize_text_field( $_POST[ 'swpsmtp_to' ] );
132
  if ( is_email( $to_email ) ) {
@@ -145,23 +163,27 @@ function swpsmtp_settings() {
145
  update_option( 'smtp_test_mail', $smtp_test_mail );
146
 
147
  if ( ! empty( $swpsmtp_to ) ) {
148
- $result = swpsmtp_test_mail( $swpsmtp_to, $swpsmtp_subject, $swpsmtp_message );
149
  }
150
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
151
  ?>
152
  <style>
153
  div.swpsmtp-tab-container, #swpsmtp-save-settings-notice {
154
  display: none;
155
  }
156
- #swpsmtp-save-settings-notice {
157
- padding: 10px 0;
158
- }
159
- #swpsmtp-save-settings-notice span {
160
- background-color: #ffff76;
161
- padding: 7px;
162
- border: 1px dashed red;
163
- display: block;
164
- }
165
  .swpsmtp-stars-container {
166
  text-align: center;
167
  margin-top: 10px;
@@ -183,6 +205,25 @@ function swpsmtp_settings() {
183
  width: 19%;
184
  float: right;
185
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
186
  @media (max-width: 782px) {
187
  .swpsmtp-settings-grid {
188
  display: block;
@@ -210,7 +251,7 @@ function swpsmtp_settings() {
210
  <div class="swpsmtp-settings-container">
211
  <div class="swpsmtp-settings-grid swpsmtp-settings-main-cont">
212
 
213
- <form id="swpsmtp_settings_form" method="post" action="">
214
 
215
  <input type="hidden" id="swpsmtp-urlHash" name="swpsmtp-urlHash" value="">
216
 
@@ -284,14 +325,14 @@ function swpsmtp_settings() {
284
  <tr class="ad_opt swpsmtp_smtp_options">
285
  <th><?php _e( 'SMTP Username', 'easy-wp-smtp' ); ?></th>
286
  <td>
287
- <input id='swpsmtp_smtp_username' type='text' name='swpsmtp_smtp_username' value='<?php echo isset( $swpsmtp_options[ 'smtp_settings' ][ 'username' ] ) ? esc_attr( $swpsmtp_options[ 'smtp_settings' ][ 'username' ] ) : ''; ?>' /><br />
288
  <p class="description"><?php _e( "The username to login to your mail server", 'easy-wp-smtp' ); ?></p>
289
  </td>
290
  </tr>
291
  <tr class="ad_opt swpsmtp_smtp_options">
292
  <th><?php _e( 'SMTP Password', 'easy-wp-smtp' ); ?></th>
293
  <td>
294
- <input id = 'swpsmtp_smtp_password' type='password' name='swpsmtp_smtp_password' value='<?php echo (swpsmtp_get_password() !== '' ? $gag_password : ''); ?>' /><br />
295
  <p class="description"><?php _e( "The password to login to your mail server", 'easy-wp-smtp' ); ?></p>
296
  <p class="description"><b><?php _e( 'Note', 'easy-wp-smtp' ); ?></b>: <?php _e( 'when you click "Save Changes", your actual password is stored in the database and then used to send emails. This field is replaced with a gag (#easywpsmtpgagpass#). This is done to prevent someone with the access to Settings page from seeing your password (using password fields unmasking programs, for example).', 'easy-wp-smtp' ); ?></p>
297
  </td>
@@ -332,6 +373,17 @@ function swpsmtp_settings() {
332
  <p class="description"><?php _e( "When enabled, plugin attempts to block ALL emails from being sent out if domain mismtach." ); ?></p>
333
  </td>
334
  </tr>
 
 
 
 
 
 
 
 
 
 
 
335
  <tr valign="top">
336
  <th scope="row"><?php _e( "Allow Insecure SSL Certificates", 'easy-wp-smtp' ); ?></th>
337
  <td>
@@ -349,9 +401,7 @@ function swpsmtp_settings() {
349
  </tr>
350
  </table>
351
  <p class="submit">
352
- <input type="submit" id="settings-form-submit" class="button-primary" value="<?php _e( 'Save Changes', 'easy-wp-smtp' ) ?>" />
353
- <input type="hidden" name="swpsmtp_form_submit" value="submit" />
354
- <?php wp_nonce_field( plugin_basename( __FILE__ ), 'swpsmtp_nonce_name' ); ?>
355
  </p>
356
 
357
  </div><!-- end of inside -->
@@ -363,11 +413,59 @@ function swpsmtp_settings() {
363
  <div class="postbox">
364
  <h3 class="hndle"><label for="title"><?php _e( 'Test Email', 'easy-wp-smtp' ); ?></label></h3>
365
  <div class="inside">
366
- <div id="swpsmtp-save-settings-notice"><span><b><?php _e( 'Notice:', 'easy-wp-smtp' ); ?></b> <?php _e( 'You have unsaved settings. In order to send a test email, you need to go back to previous tab and click "Save Changes" button first.', 'easy-wp-smtp' ); ?></span></div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
367
  <p><?php _e( 'You can use this section to send an email from your server using the above configured SMTP details to see if the email gets delivered.', 'easy-wp-smtp' ); ?></p>
368
  <p><b><?php _ex( 'Note:', '"Note" as in "Note: keep this in mind"', 'easy-wp-smtp' ); ?></b> <?php _e( 'debug log for this test email will be automatically displayed right after you send it. Test email also ignores "Enable Domain Check" option.', 'easy-wp-smtp' ); ?></p>
369
 
370
- <form id="swpsmtp_settings_form" method="post" action="">
371
  <table class="form-table">
372
  <tr valign="top">
373
  <th scope="row"><?php _e( "To", 'easy-wp-smtp' ); ?>:</th>
@@ -392,9 +490,9 @@ function swpsmtp_settings() {
392
  </tr>
393
  </table>
394
  <p class="submit">
395
- <input type="submit" id="settings-form-submit" class="button-primary" value="<?php _e( 'Send Test Email', 'easy-wp-smtp' ) ?>" />
396
  <input type="hidden" name="swpsmtp_test_submit" value="submit" />
397
- <?php wp_nonce_field( plugin_basename( __FILE__ ), 'swpsmtp_nonce_name' ); ?>
398
  </p>
399
  </form>
400
  </div><!-- end of inside -->
@@ -432,7 +530,6 @@ function swpsmtp_settings() {
432
  var hashObj = [];
433
 
434
  hash.split('&').forEach(function (q) {
435
- console.log(q);
436
  if (typeof q !== 'undefined') {
437
  hashObj.push(q);
438
  }
10
  }
11
 
12
  /**
13
+ * Sanitizes textarea. Tries to use wp sanitize_textarea_field() function. If that's not available, uses its own methods
14
  * @return string
15
  */
16
  function swpsmtp_sanitize_textarea( $str ) {
50
  * @return void
51
  */
52
  function swpsmtp_settings() {
53
+ //check if OpenSSL PHP extension is loaded and display warning if it's not
54
+ if ( ! extension_loaded( 'openssl' ) ) {
55
+ $class = 'notice notice-warning';
56
+ $message = __( "PHP OpenSSL extension is not installed on the server. It's required by Easy WP SMTP plugin to operate properly. Please contact your server administrator or hosting provider and ask them to install it.", 'easy-wp-smtp' );
57
+ printf( '<div class="%1$s"><p>%2$s</p></div>', esc_attr( $class ), esc_html( $message ) );
58
+ }
59
  echo '<div class="wrap" id="swpsmtp-mail">';
60
  echo '<h2>' . __( "Easy WP SMTP Settings", 'easy-wp-smtp' ) . '</h2>';
61
  echo '<div id="poststuff"><div id="post-body">';
93
  $swpsmtp_options[ 'email_ignore_list' ] = sanitize_text_field( $_POST[ 'swpsmtp_email_ignore_list' ] );
94
  }
95
 
96
+ $swpsmtp_options[ 'smtp_settings' ][ 'host' ] = stripslashes( $_POST[ 'swpsmtp_smtp_host' ] );
97
  $swpsmtp_options[ 'smtp_settings' ][ 'type_encryption' ] = ( isset( $_POST[ 'swpsmtp_smtp_type_encryption' ] ) ) ? sanitize_text_field( $_POST[ 'swpsmtp_smtp_type_encryption' ] ) : 'none';
98
  $swpsmtp_options[ 'smtp_settings' ][ 'autentication' ] = ( isset( $_POST[ 'swpsmtp_smtp_autentication' ] ) ) ? sanitize_text_field( $_POST[ 'swpsmtp_smtp_autentication' ] ) : 'yes';
99
+ $swpsmtp_options[ 'smtp_settings' ][ 'username' ] = stripslashes( $_POST[ 'swpsmtp_smtp_username' ] );
100
+
 
 
 
101
  $swpsmtp_options[ 'smtp_settings' ][ 'enable_debug' ] = isset( $_POST[ 'swpsmtp_enable_debug' ] ) ? 1 : false;
102
  $swpsmtp_options[ 'smtp_settings' ][ 'insecure_ssl' ] = isset( $_POST[ 'swpsmtp_insecure_ssl' ] ) ? 1 : false;
103
+ $swpsmtp_options[ 'smtp_settings' ][ 'encrypt_pass' ] = isset( $_POST[ 'swpsmtp_encrypt_pass' ] ) ? 1 : false;
104
+
105
+ $smtp_password = $_POST[ 'swpsmtp_smtp_password' ];
106
+ if ( $smtp_password !== $gag_password ) {
107
+ $swpsmtp_options[ 'smtp_settings' ][ 'password' ] = swpsmtp_encrypt_password( $smtp_password );
108
+ }
109
+
110
+ if ( $swpsmtp_options[ 'smtp_settings' ][ 'encrypt_pass' ] && ! get_option( 'swpsmtp_pass_encrypted', false ) ) {
111
+ update_option( 'swpsmtp_options', $swpsmtp_options );
112
+ $pass = swpsmtp_get_password();
113
+ $swpsmtp_options[ 'smtp_settings' ][ 'password' ] = swpsmtp_encrypt_password( $pass );
114
+ update_option( 'swpsmtp_options', $swpsmtp_options );
115
+ }
116
+
117
+
118
+ $swpsmtp_options[ 'enable_domain_check' ] = isset( $_POST[ 'swpsmtp_enable_domain_check' ] ) ? 1 : false;
119
  if ( isset( $_POST[ 'swpsmtp_allowed_domains' ] ) ) {
120
  $swpsmtp_options[ 'block_all_emails' ] = isset( $_POST[ 'swpsmtp_block_all_emails' ] ) ? 1 : false;
121
  $swpsmtp_options[ 'allowed_domains' ] = base64_encode( sanitize_text_field( $_POST[ 'swpsmtp_allowed_domains' ] ) );
144
 
145
  /* Send test letter */
146
  $swpsmtp_to = '';
147
+ if ( isset( $_POST[ 'swpsmtp_test_submit' ] ) && check_admin_referer( plugin_basename( __FILE__ ), 'swpsmtp_test_nonce_name' ) ) {
148
  if ( isset( $_POST[ 'swpsmtp_to' ] ) ) {
149
  $to_email = sanitize_text_field( $_POST[ 'swpsmtp_to' ] );
150
  if ( is_email( $to_email ) ) {
163
  update_option( 'smtp_test_mail', $smtp_test_mail );
164
 
165
  if ( ! empty( $swpsmtp_to ) ) {
166
+ $test_res = swpsmtp_test_mail( $swpsmtp_to, $swpsmtp_subject, $swpsmtp_message );
167
  }
168
  }
169
+
170
+ //check if server meets encryption requirements
171
+ $enc_req_met = true;
172
+ $enc_req_err = '';
173
+ if ( ! extension_loaded( 'openssl' ) ) {
174
+ $enc_req_err .= __( "PHP OpenSSL extension is not installed on the server. It is required for encryption to work properly. Please contact your server administrator or hosting provider and ask them to install it.", 'easy-wp-smtp' ) . '<br />';
175
+ $enc_req_met = false;
176
+ }
177
+ if ( version_compare( PHP_VERSION, '5.3.0' ) < 0 ) {
178
+ $enc_req_err = ! empty( $enc_req_err ) ? $enc_req_err .= '<br />' : '';
179
+ $enc_req_err .= sprintf( __( 'Your PHP version is %s, encryption function requires PHP version 5.3.0 or higher.', 'easy-wp-smtp' ), PHP_VERSION );
180
+ $enc_req_met = false;
181
+ }
182
  ?>
183
  <style>
184
  div.swpsmtp-tab-container, #swpsmtp-save-settings-notice {
185
  display: none;
186
  }
 
 
 
 
 
 
 
 
 
187
  .swpsmtp-stars-container {
188
  text-align: center;
189
  margin-top: 10px;
205
  width: 19%;
206
  float: right;
207
  }
208
+
209
+ div.swpsmtp-msg-cont {
210
+ clear: both;
211
+ margin-bottom: 10px;
212
+ padding: 5px 10px;
213
+ border-radius: 2px;
214
+ background-color: #ffffe0;
215
+ }
216
+ div.swpsmtp-msg-cont.msg-error {
217
+ border-left: 5px solid red;
218
+ }
219
+ div.swpsmtp-msg-cont.msg-success {
220
+ border-left: 5px solid green;
221
+ }
222
+
223
+ #swpsmtp-debug-log-cont {
224
+ display: none;
225
+ }
226
+
227
  @media (max-width: 782px) {
228
  .swpsmtp-settings-grid {
229
  display: block;
251
  <div class="swpsmtp-settings-container">
252
  <div class="swpsmtp-settings-grid swpsmtp-settings-main-cont">
253
 
254
+ <form autocomplete="off" id="swpsmtp_settings_form" method="post" action="">
255
 
256
  <input type="hidden" id="swpsmtp-urlHash" name="swpsmtp-urlHash" value="">
257
 
325
  <tr class="ad_opt swpsmtp_smtp_options">
326
  <th><?php _e( 'SMTP Username', 'easy-wp-smtp' ); ?></th>
327
  <td>
328
+ <input id='swpsmtp_smtp_username' type='text' name='swpsmtp_smtp_username' value='<?php echo isset( $swpsmtp_options[ 'smtp_settings' ][ 'username' ] ) ? esc_attr( $swpsmtp_options[ 'smtp_settings' ][ 'username' ] ) : ''; ?>'/><br />
329
  <p class="description"><?php _e( "The username to login to your mail server", 'easy-wp-smtp' ); ?></p>
330
  </td>
331
  </tr>
332
  <tr class="ad_opt swpsmtp_smtp_options">
333
  <th><?php _e( 'SMTP Password', 'easy-wp-smtp' ); ?></th>
334
  <td>
335
+ <input id='swpsmtp_smtp_password' type='password' name='swpsmtp_smtp_password' value='<?php echo (swpsmtp_get_password() !== '' ? $gag_password : ''); ?>' autocomplete='new-password' /><br />
336
  <p class="description"><?php _e( "The password to login to your mail server", 'easy-wp-smtp' ); ?></p>
337
  <p class="description"><b><?php _e( 'Note', 'easy-wp-smtp' ); ?></b>: <?php _e( 'when you click "Save Changes", your actual password is stored in the database and then used to send emails. This field is replaced with a gag (#easywpsmtpgagpass#). This is done to prevent someone with the access to Settings page from seeing your password (using password fields unmasking programs, for example).', 'easy-wp-smtp' ); ?></p>
338
  </td>
373
  <p class="description"><?php _e( "When enabled, plugin attempts to block ALL emails from being sent out if domain mismtach." ); ?></p>
374
  </td>
375
  </tr>
376
+ <tr valign="top">
377
+ <th scope="row"><?php _e( "Encrypt Password", 'easy-wp-smtp' ); ?></th>
378
+ <td>
379
+ <?php if ( $enc_req_met ) { ?>
380
+ <input id="swpsmtp_encrypt_pass" type="checkbox" name="swpsmtp_encrypt_pass" value="1" <?php echo (isset( $swpsmtp_options[ 'smtp_settings' ][ 'encrypt_pass' ] ) && ($swpsmtp_options[ 'smtp_settings' ][ 'encrypt_pass' ])) ? 'checked' : ''; ?>/>
381
+ <p class="description"><?php _e( "When enabled, your SMTP password is stored in the database using AES-256 encryption.", 'easy-wp-smtp' ); ?></p>
382
+ <?php } else { ?>
383
+ <p style="color: red;"><?php echo $enc_req_err; ?></p>
384
+ <?php } ?>
385
+ </td>
386
+ </tr>
387
  <tr valign="top">
388
  <th scope="row"><?php _e( "Allow Insecure SSL Certificates", 'easy-wp-smtp' ); ?></th>
389
  <td>
401
  </tr>
402
  </table>
403
  <p class="submit">
404
+ <input type="submit" id="additional-settings-form-submit" class="button-primary" value="<?php _e( 'Save Changes', 'easy-wp-smtp' ) ?>" />
 
 
405
  </p>
406
 
407
  </div><!-- end of inside -->
413
  <div class="postbox">
414
  <h3 class="hndle"><label for="title"><?php _e( 'Test Email', 'easy-wp-smtp' ); ?></label></h3>
415
  <div class="inside">
416
+ <div id="swpsmtp-save-settings-notice" class="swpsmtp-msg-cont msg-error"><b><?php _e( 'Notice:', 'easy-wp-smtp' ); ?></b> <?php _e( 'You have unsaved settings. In order to send a test email, you need to go back to previous tab and click "Save Changes" button first.', 'easy-wp-smtp' ); ?></div>
417
+
418
+ <?php
419
+ if ( isset( $test_res ) && is_array( $test_res ) ) {
420
+ if ( isset( $test_res[ 'error' ] ) ) {
421
+ $errmsg_class = ' msg-error';
422
+ $errmsg_text = '<b>' . __( 'Following error occured when attempting to send test email:', 'easy-wp-smtp' ) . '</b><br />' . $test_res[ 'error' ];
423
+ } else {
424
+ $errmsg_class = ' msg-success';
425
+ $errmsg_text = '<b>' . __( 'Test email was successfully sent. No errors occured during the process.', 'easy-wp-smtp' ) . '</b>';
426
+ }
427
+ ?>
428
+
429
+ <div class="swpsmtp-msg-cont<?php echo $errmsg_class; ?>">
430
+ <?php echo $errmsg_text; ?>
431
+
432
+ <?php
433
+ if ( isset( $test_res[ 'debug_log' ] ) ) {
434
+ ?>
435
+ <br /><br />
436
+ <a id="swpsmtp-show-hide-log-btn" href="#0"><?php _e( 'Show Debug Log', 'easy-wp-smtp' ); ?></a>
437
+ <p id="swpsmtp-debug-log-cont"><textarea rows="20" style="width: 100%;"><?php echo $test_res[ 'debug_log' ]; ?></textarea></p>
438
+ <script>
439
+ jQuery(function ($) {
440
+ $('#swpsmtp-show-hide-log-btn').click(function (e) {
441
+ e.preventDefault();
442
+ var logCont = $('#swpsmtp-debug-log-cont');
443
+ if (logCont.is(':visible')) {
444
+ $(this).html('<?php echo esc_attr( __( 'Show Debug Log', 'easy-wp-smtp' ) ); ?>');
445
+ } else {
446
+ $(this).html('<?php echo esc_attr( __( 'Hide Debug Log', 'easy-wp-smtp' ) ); ?>');
447
+ }
448
+ logCont.toggle();
449
+ });
450
+ <?php if ( isset( $test_res[ 'error' ] ) ) {
451
+ ?>
452
+ $('#swpsmtp-show-hide-log-btn').click();
453
+ <?php }
454
+ ?>
455
+ });
456
+ </script>
457
+ <?php
458
+ }
459
+ ?>
460
+ </div>
461
+ <?php
462
+ }
463
+ ?>
464
+
465
  <p><?php _e( 'You can use this section to send an email from your server using the above configured SMTP details to see if the email gets delivered.', 'easy-wp-smtp' ); ?></p>
466
  <p><b><?php _ex( 'Note:', '"Note" as in "Note: keep this in mind"', 'easy-wp-smtp' ); ?></b> <?php _e( 'debug log for this test email will be automatically displayed right after you send it. Test email also ignores "Enable Domain Check" option.', 'easy-wp-smtp' ); ?></p>
467
 
468
+ <form id="swpsmtp_settings_test_email_form" method="post" action="">
469
  <table class="form-table">
470
  <tr valign="top">
471
  <th scope="row"><?php _e( "To", 'easy-wp-smtp' ); ?>:</th>
490
  </tr>
491
  </table>
492
  <p class="submit">
493
+ <input type="submit" id="test-email-form-submit" class="button-primary" value="<?php _e( 'Send Test Email', 'easy-wp-smtp' ) ?>" />
494
  <input type="hidden" name="swpsmtp_test_submit" value="submit" />
495
+ <?php wp_nonce_field( plugin_basename( __FILE__ ), 'swpsmtp_test_nonce_name' ); ?>
496
  </p>
497
  </form>
498
  </div><!-- end of inside -->
530
  var hashObj = [];
531
 
532
  hash.split('&').forEach(function (q) {
 
533
  if (typeof q !== 'undefined') {
534
  hashObj.push(q);
535
  }
easy-wp-smtp-utils.php ADDED
@@ -0,0 +1,45 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ use ioncube\phpOpensslCryptor\Cryptor;
4
+
5
+ class SWPSMTPUtils {
6
+
7
+ var $enc_key;
8
+ protected static $instance = null;
9
+
10
+ function __construct() {
11
+ require_once('inc/Cryptor.php');
12
+ $key = get_option( 'swpsmtp_enc_key', false );
13
+ if ( empty( $key ) ) {
14
+ $key = wp_salt();
15
+ update_option( 'swpsmtp_enc_key', $key );
16
+ }
17
+ $this->enc_key = $key;
18
+ }
19
+
20
+ public static function get_instance() {
21
+
22
+ // If the single instance hasn't been set, set it now.
23
+ if ( null == self::$instance ) {
24
+ self::$instance = new self;
25
+ }
26
+
27
+ return self::$instance;
28
+ }
29
+
30
+ function encrypt_password( $pass ) {
31
+ if ( $pass === '' ) {
32
+ return '';
33
+ }
34
+
35
+ $password = Cryptor::Encrypt( $pass, $this->enc_key );
36
+ return $password;
37
+ }
38
+
39
+ function decrypt_password( $pass ) {
40
+
41
+ $password = Cryptor::Decrypt( $pass, $this->enc_key );
42
+ return $password;
43
+ }
44
+
45
+ }
easy-wp-smtp.php CHANGED
@@ -1,9 +1,9 @@
1
  <?php
2
  /*
3
  Plugin Name: Easy WP SMTP
4
- Version: 1.3.5
5
  Plugin URI: https://wp-ecommerce.net/easy-wordpress-smtp-send-emails-from-your-wordpress-site-using-a-smtp-server-2197
6
- Author: wpecommerce
7
  Author URI: https://wp-ecommerce.net/
8
  Description: Send email via SMTP from your WordPress Blog
9
  Text Domain: easy-wp-smtp
@@ -227,101 +227,135 @@ if ( ! function_exists( 'swpsmtp_init_smtp' ) ) {
227
  if ( ! function_exists( 'swpsmtp_test_mail' ) ) {
228
 
229
  function swpsmtp_test_mail( $to_email, $subject, $message ) {
 
230
  if ( ! swpsmtp_credentials_configured() ) {
231
- return;
232
  }
233
- $errors = '';
234
 
235
  $swpsmtp_options = get_option( 'swpsmtp_options' );
236
 
237
  require_once( ABSPATH . WPINC . '/class-phpmailer.php' );
238
- $mail = new PHPMailer();
239
 
240
- $charset = get_bloginfo( 'charset' );
241
- $mail->CharSet = $charset;
242
 
243
- $from_name = $swpsmtp_options[ 'from_name_field' ];
244
- $from_email = $swpsmtp_options[ 'from_email_field' ];
245
 
246
- $mail->IsSMTP();
 
247
 
248
- // send plain text test email
249
- $mail->ContentType = 'text/plain';
250
- $mail->IsHTML( false );
251
 
252
- /* If using smtp auth, set the username & password */
253
- if ( 'yes' == $swpsmtp_options[ 'smtp_settings' ][ 'autentication' ] ) {
254
- $mail->SMTPAuth = true;
255
- $mail->Username = $swpsmtp_options[ 'smtp_settings' ][ 'username' ];
256
- $mail->Password = swpsmtp_get_password();
257
- }
258
 
259
- /* Set the SMTPSecure value, if set to none, leave this blank */
260
- if ( $swpsmtp_options[ 'smtp_settings' ][ 'type_encryption' ] !== 'none' ) {
261
- $mail->SMTPSecure = $swpsmtp_options[ 'smtp_settings' ][ 'type_encryption' ];
262
- }
 
 
263
 
264
- /* PHPMailer 5.2.10 introduced this option. However, this might cause issues if the server is advertising TLS with an invalid certificate. */
265
- $mail->SMTPAutoTLS = false;
 
 
266
 
267
- if ( isset( $swpsmtp_options[ 'smtp_settings' ][ 'insecure_ssl' ] ) && $swpsmtp_options[ 'smtp_settings' ][ 'insecure_ssl' ] !== false ) {
268
- // Insecure SSL option enabled
269
- $mail->SMTPOptions = array(
270
- 'ssl' => array(
271
- 'verify_peer' => false,
272
- 'verify_peer_name' => false,
273
- 'allow_self_signed' => true
274
- ) );
275
- }
 
 
 
276
 
277
- /* Set the other options */
278
- $mail->Host = $swpsmtp_options[ 'smtp_settings' ][ 'host' ];
279
- $mail->Port = $swpsmtp_options[ 'smtp_settings' ][ 'port' ];
280
- if ( ! empty( $swpsmtp_options[ 'reply_to_email' ] ) ) {
281
- $mail->AddReplyTo( $swpsmtp_options[ 'reply_to_email' ], $from_name );
282
- }
283
- $mail->SetFrom( $from_email, $from_name );
284
- //This should set Return-Path header for servers that are not properly handling it, but needs testing first
285
- //$mail->Sender = $mail->From;
286
- $mail->Subject = $subject;
287
- $mail->Body = $message;
288
- $mail->AddAddress( $to_email );
289
- global $debugMSG;
290
- $debugMSG = '';
291
- $mail->Debugoutput = function($str, $level) {
292
  global $debugMSG;
293
- $debugMSG .= $str;
294
- };
295
- $mail->SMTPDebug = 1;
 
 
 
 
 
 
 
 
 
 
 
296
 
297
- /* Send mail and return result */
298
- if ( ! $mail->Send() )
299
- $errors = $mail->ErrorInfo;
300
 
301
- $mail->ClearAddresses();
302
- $mail->ClearAllRecipients();
303
 
304
- echo '<div class="swpsmtp-yellow-box"><h3>Debug Info</h3>';
305
- echo '<textarea rows="20" style="width: 100%;">' . $debugMSG . '</textarea>';
306
- echo '</div>';
307
 
308
- if ( ! empty( $errors ) ) {
309
- return $errors;
310
- } else {
311
- return 'Test mail was sent';
312
- }
313
  }
314
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
315
  }
316
 
317
  if ( ! function_exists( 'swpsmtp_get_password' ) ) {
318
 
319
  function swpsmtp_get_password() {
320
  $swpsmtp_options = get_option( 'swpsmtp_options' );
321
- $temp_password = isset( $swpsmtp_options[ 'smtp_settings' ][ 'password' ] ) ? $swpsmtp_options[ 'smtp_settings' ][ 'password' ] : '';
 
322
  if ( $temp_password == '' ) {
323
  return '';
324
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
325
  $password = "";
326
  $decoded_pass = base64_decode( $temp_password );
327
  /* no additional checks for servers that aren't configured with mbstring enabled */
@@ -368,7 +402,6 @@ if ( ! function_exists( 'swpsmtp_credentials_configured' ) ) {
368
  }
369
  if ( ! isset( $swpsmtp_options[ 'from_name_field' ] ) || empty( $swpsmtp_options[ 'from_name_field' ] ) ) {
370
  $credentials_configured = false;
371
- ;
372
  }
373
  return $credentials_configured;
374
  }
@@ -376,7 +409,7 @@ if ( ! function_exists( 'swpsmtp_credentials_configured' ) ) {
376
  }
377
 
378
  /**
379
- * Performed at uninstal.
380
  * @return void
381
  */
382
  if ( ! function_exists( 'swpsmtp_send_uninstall' ) ) {
@@ -394,21 +427,21 @@ function swpsmtp_activate() {
394
  $swpsmtp_options_default = array(
395
  'from_email_field' => '',
396
  'from_name_field' => '',
397
- 'force_from_name_replace' => 1,
398
  'smtp_settings' => array(
399
  'host' => 'smtp.example.com',
400
  'type_encryption' => 'none',
401
  'port' => 25,
402
  'autentication' => 'yes',
403
- 'username' => 'yourusername',
404
- 'password' => 'yourpassword'
405
  )
406
  );
407
 
408
  /* install the default plugin options if needed */
409
  $swpsmtp_options = get_option( 'swpsmtp_options' );
410
  if ( ! $swpsmtp_options ) {
411
- $swpsmtp_options = array();
412
  }
413
  $swpsmtp_options = array_merge( $swpsmtp_options_default, $swpsmtp_options );
414
  update_option( 'swpsmtp_options', $swpsmtp_options, 'yes' );
@@ -427,6 +460,15 @@ function swpsmtp_activate() {
427
  }
428
  }
429
  }
 
 
 
 
 
 
 
 
 
430
  }
431
 
432
  function swpsmtp_is_domain_blocked() {
1
  <?php
2
  /*
3
  Plugin Name: Easy WP SMTP
4
+ Version: 1.3.6
5
  Plugin URI: https://wp-ecommerce.net/easy-wordpress-smtp-send-emails-from-your-wordpress-site-using-a-smtp-server-2197
6
+ Author: wpecommerce, alexanderfoxc
7
  Author URI: https://wp-ecommerce.net/
8
  Description: Send email via SMTP from your WordPress Blog
9
  Text Domain: easy-wp-smtp
227
  if ( ! function_exists( 'swpsmtp_test_mail' ) ) {
228
 
229
  function swpsmtp_test_mail( $to_email, $subject, $message ) {
230
+ $ret = array();
231
  if ( ! swpsmtp_credentials_configured() ) {
232
+ return false;
233
  }
 
234
 
235
  $swpsmtp_options = get_option( 'swpsmtp_options' );
236
 
237
  require_once( ABSPATH . WPINC . '/class-phpmailer.php' );
238
+ $mail = new PHPMailer( true );
239
 
240
+ try {
 
241
 
242
+ $charset = get_bloginfo( 'charset' );
243
+ $mail->CharSet = $charset;
244
 
245
+ $from_name = $swpsmtp_options[ 'from_name_field' ];
246
+ $from_email = $swpsmtp_options[ 'from_email_field' ];
247
 
248
+ $mail->IsSMTP();
 
 
249
 
250
+ // send plain text test email
251
+ $mail->ContentType = 'text/plain';
252
+ $mail->IsHTML( false );
 
 
 
253
 
254
+ /* If using smtp auth, set the username & password */
255
+ if ( 'yes' == $swpsmtp_options[ 'smtp_settings' ][ 'autentication' ] ) {
256
+ $mail->SMTPAuth = true;
257
+ $mail->Username = $swpsmtp_options[ 'smtp_settings' ][ 'username' ];
258
+ $mail->Password = swpsmtp_get_password();
259
+ }
260
 
261
+ /* Set the SMTPSecure value, if set to none, leave this blank */
262
+ if ( $swpsmtp_options[ 'smtp_settings' ][ 'type_encryption' ] !== 'none' ) {
263
+ $mail->SMTPSecure = $swpsmtp_options[ 'smtp_settings' ][ 'type_encryption' ];
264
+ }
265
 
266
+ /* PHPMailer 5.2.10 introduced this option. However, this might cause issues if the server is advertising TLS with an invalid certificate. */
267
+ $mail->SMTPAutoTLS = false;
268
+
269
+ if ( isset( $swpsmtp_options[ 'smtp_settings' ][ 'insecure_ssl' ] ) && $swpsmtp_options[ 'smtp_settings' ][ 'insecure_ssl' ] !== false ) {
270
+ // Insecure SSL option enabled
271
+ $mail->SMTPOptions = array(
272
+ 'ssl' => array(
273
+ 'verify_peer' => false,
274
+ 'verify_peer_name' => false,
275
+ 'allow_self_signed' => true
276
+ ) );
277
+ }
278
 
279
+ /* Set the other options */
280
+ $mail->Host = $swpsmtp_options[ 'smtp_settings' ][ 'host' ];
281
+ $mail->Port = $swpsmtp_options[ 'smtp_settings' ][ 'port' ];
282
+ if ( ! empty( $swpsmtp_options[ 'reply_to_email' ] ) ) {
283
+ $mail->AddReplyTo( $swpsmtp_options[ 'reply_to_email' ], $from_name );
284
+ }
285
+ $mail->SetFrom( $from_email, $from_name );
286
+ //This should set Return-Path header for servers that are not properly handling it, but needs testing first
287
+ //$mail->Sender = $mail->From;
288
+ $mail->Subject = $subject;
289
+ $mail->Body = $message;
290
+ $mail->AddAddress( $to_email );
 
 
 
291
  global $debugMSG;
292
+ $debugMSG = '';
293
+ $mail->Debugoutput = function($str, $level) {
294
+ global $debugMSG;
295
+ $debugMSG .= $str;
296
+ };
297
+ $mail->SMTPDebug = 1;
298
+
299
+ /* Send mail and return result */
300
+ $mail->Send();
301
+ $mail->ClearAddresses();
302
+ $mail->ClearAllRecipients();
303
+ } catch ( Exception $e ) {
304
+ $ret[ 'error' ] = $mail->ErrorInfo;
305
+ }
306
 
307
+ $ret[ 'debug_log' ] = $debugMSG;
 
 
308
 
309
+ return $ret;
310
+ }
311
 
312
+ }
 
 
313
 
314
+ function swpsmtp_encrypt_password( $pass ) {
315
+ if ( $pass === '' ) {
316
+ return '';
 
 
317
  }
318
 
319
+ $swpsmtp_options = get_option( 'swpsmtp_options' );
320
+
321
+ if ( empty( $swpsmtp_options[ 'smtp_settings' ][ 'encrypt_pass' ] ) || ! extension_loaded( 'openssl' ) ) {
322
+ // no openssl extension loaded - we can't encrypt the password
323
+ $password = base64_encode( $pass );
324
+ update_option( 'swpsmtp_pass_encrypted', false );
325
+ } else {
326
+ // let's encrypt password
327
+ require_once('easy-wp-smtp-utils.php');
328
+ $cryptor = SWPSMTPUtils::get_instance();
329
+ $password = $cryptor->encrypt_password( $pass );
330
+ update_option( 'swpsmtp_pass_encrypted', true );
331
+ }
332
+ return $password;
333
  }
334
 
335
  if ( ! function_exists( 'swpsmtp_get_password' ) ) {
336
 
337
  function swpsmtp_get_password() {
338
  $swpsmtp_options = get_option( 'swpsmtp_options' );
339
+
340
+ $temp_password = isset( $swpsmtp_options[ 'smtp_settings' ][ 'password' ] ) ? $swpsmtp_options[ 'smtp_settings' ][ 'password' ] : '';
341
  if ( $temp_password == '' ) {
342
  return '';
343
  }
344
+
345
+ if ( get_option( 'swpsmtp_pass_encrypted' ) ) {
346
+ //this is encrypted password
347
+ require_once('easy-wp-smtp-utils.php');
348
+ $cryptor = SWPSMTPUtils::get_instance();
349
+ $decrypted = $cryptor->decrypt_password( $temp_password );
350
+ //check if encryption option is disabled
351
+ if ( empty( $swpsmtp_options[ 'smtp_settings' ][ 'encrypt_pass' ] ) ) {
352
+ //it is. let's save decrypted password
353
+ $swpsmtp_options[ 'smtp_settings' ][ 'password' ] = swpsmtp_encrypt_password( addslashes( $decrypted ) );
354
+ update_option( 'swpsmtp_options', $swpsmtp_options );
355
+ }
356
+ return $decrypted;
357
+ }
358
+
359
  $password = "";
360
  $decoded_pass = base64_decode( $temp_password );
361
  /* no additional checks for servers that aren't configured with mbstring enabled */
402
  }
403
  if ( ! isset( $swpsmtp_options[ 'from_name_field' ] ) || empty( $swpsmtp_options[ 'from_name_field' ] ) ) {
404
  $credentials_configured = false;
 
405
  }
406
  return $credentials_configured;
407
  }
409
  }
410
 
411
  /**
412
+ * Performed at uninstall.
413
  * @return void
414
  */
415
  if ( ! function_exists( 'swpsmtp_send_uninstall' ) ) {
427
  $swpsmtp_options_default = array(
428
  'from_email_field' => '',
429
  'from_name_field' => '',
430
+ 'force_from_name_replace' => 0,
431
  'smtp_settings' => array(
432
  'host' => 'smtp.example.com',
433
  'type_encryption' => 'none',
434
  'port' => 25,
435
  'autentication' => 'yes',
436
+ 'username' => '',
437
+ 'password' => ''
438
  )
439
  );
440
 
441
  /* install the default plugin options if needed */
442
  $swpsmtp_options = get_option( 'swpsmtp_options' );
443
  if ( ! $swpsmtp_options ) {
444
+ $swpsmtp_options = $swpsmtp_options_default;
445
  }
446
  $swpsmtp_options = array_merge( $swpsmtp_options_default, $swpsmtp_options );
447
  update_option( 'swpsmtp_options', $swpsmtp_options, 'yes' );
460
  }
461
  }
462
  }
463
+ // Encrypt password if needed
464
+ if ( ! get_option( 'swpsmtp_pass_encrypted' ) ) {
465
+ if ( extension_loaded( 'openssl' ) ) {
466
+ if ( $swpsmtp_options[ 'smtp_settings' ][ 'password' ] !== '' ) {
467
+ $swpsmtp_options[ 'smtp_settings' ][ 'password' ] = swpsmtp_encrypt_password( swpsmtp_get_password() );
468
+ update_option( 'swpsmtp_options', $swpsmtp_options );
469
+ }
470
+ }
471
+ }
472
  }
473
 
474
  function swpsmtp_is_domain_blocked() {
inc/Cryptor.php ADDED
@@ -0,0 +1,173 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * Simple example of using the openssl encrypt/decrypt functions that
5
+ * are inadequately documented in the PHP manual.
6
+ *
7
+ * Available under the MIT License
8
+ *
9
+ * The MIT License (MIT)
10
+ * Copyright (c) 2016 ionCube Ltd.
11
+ *
12
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated
13
+ * documentation files (the "Software"), to deal in the Software without restriction, including without limitation the
14
+ * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
15
+ * permit persons to whom the Software is furnished to do so, subject to the following conditions:
16
+ *
17
+ * The above copyright notice and this permission notice shall be included in all copies or substantial portions of
18
+ * the Software.
19
+ *
20
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO
21
+ * THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
22
+ * OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT
23
+ * OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
24
+ */
25
+
26
+ namespace ioncube\phpOpensslCryptor;
27
+
28
+ class Cryptor {
29
+
30
+ private $cipher_algo;
31
+ private $hash_algo;
32
+ private $iv_num_bytes;
33
+ private $format;
34
+
35
+ const FORMAT_RAW = 0;
36
+ const FORMAT_B64 = 1;
37
+ const FORMAT_HEX = 2;
38
+
39
+ /**
40
+ * Construct a Cryptor, using aes256 encryption, sha256 key hashing and base64 encoding.
41
+ * @param string $cipher_algo The cipher algorithm.
42
+ * @param string $hash_algo Key hashing algorithm.
43
+ * @param [type] $fmt Format of the encrypted data.
44
+ */
45
+ public function __construct( $cipher_algo = 'aes-256-ctr', $hash_algo = 'sha256', $fmt = Cryptor::FORMAT_B64 ) {
46
+ $this->cipher_algo = $cipher_algo;
47
+ $this->hash_algo = $hash_algo;
48
+ $this->format = $fmt;
49
+
50
+ if ( ! in_array( $cipher_algo, openssl_get_cipher_methods( true ) ) ) {
51
+ throw new \Exception( "Cryptor:: - unknown cipher algo {$cipher_algo}" );
52
+ }
53
+
54
+ if ( ! in_array( $hash_algo, openssl_get_md_methods( true ) ) ) {
55
+ throw new \Exception( "Cryptor:: - unknown hash algo {$hash_algo}" );
56
+ }
57
+
58
+ $this->iv_num_bytes = openssl_cipher_iv_length( $cipher_algo );
59
+ }
60
+
61
+ /**
62
+ * Encrypt a string.
63
+ * @param string $in String to encrypt.
64
+ * @param string $key Encryption key.
65
+ * @param int $fmt Optional override for the output encoding. One of FORMAT_RAW, FORMAT_B64 or FORMAT_HEX.
66
+ * @return string The encrypted string.
67
+ */
68
+ public function encryptString( $in, $key, $fmt = null ) {
69
+ if ( $fmt === null ) {
70
+ $fmt = $this->format;
71
+ }
72
+
73
+ // Build an initialisation vector
74
+ $iv = openssl_random_pseudo_bytes( $this->iv_num_bytes, $isStrongCrypto );
75
+ if ( ! $isStrongCrypto ) {
76
+ throw new \Exception( "Cryptor::encryptString() - Not a strong key" );
77
+ }
78
+
79
+ // Hash the key
80
+ $keyhash = openssl_digest( $key, $this->hash_algo, true );
81
+
82
+ // and encrypt
83
+ $opts = OPENSSL_RAW_DATA;
84
+ $encrypted = openssl_encrypt( $in, $this->cipher_algo, $keyhash, $opts, $iv );
85
+
86
+ if ( $encrypted === false ) {
87
+ throw new \Exception( 'Cryptor::encryptString() - Encryption failed: ' . openssl_error_string() );
88
+ }
89
+
90
+ // The result comprises the IV and encrypted data
91
+ $res = $iv . $encrypted;
92
+
93
+ // and format the result if required.
94
+ if ( $fmt == Cryptor::FORMAT_B64 ) {
95
+ $res = base64_encode( $res );
96
+ } else if ( $fmt == Cryptor::FORMAT_HEX ) {
97
+ $unp = unpack( 'H*', $res );
98
+ $res = $unp[ 1 ];
99
+ }
100
+
101
+ return $res;
102
+ }
103
+
104
+ /**
105
+ * Decrypt a string.
106
+ * @param string $in String to decrypt.
107
+ * @param string $key Decryption key.
108
+ * @param int $fmt Optional override for the input encoding. One of FORMAT_RAW, FORMAT_B64 or FORMAT_HEX.
109
+ * @return string The decrypted string.
110
+ */
111
+ public function decryptString( $in, $key, $fmt = null ) {
112
+ if ( $fmt === null ) {
113
+ $fmt = $this->format;
114
+ }
115
+
116
+ $raw = $in;
117
+
118
+ // Restore the encrypted data if encoded
119
+ if ( $fmt == Cryptor::FORMAT_B64 ) {
120
+ $raw = base64_decode( $in );
121
+ } else if ( $fmt == Cryptor::FORMAT_HEX ) {
122
+ $raw = pack( 'H*', $in );
123
+ }
124
+
125
+ // and do an integrity check on the size.
126
+ if ( strlen( $raw ) < $this->iv_num_bytes ) {
127
+ throw new \Exception( 'Cryptor::decryptString() - ' .
128
+ 'data length ' . strlen( $raw ) . " is less than iv length {$this->iv_num_bytes}" );
129
+ }
130
+
131
+ // Extract the initialisation vector and encrypted data
132
+ $iv = substr( $raw, 0, $this->iv_num_bytes );
133
+ $raw = substr( $raw, $this->iv_num_bytes );
134
+
135
+ // Hash the key
136
+ $keyhash = openssl_digest( $key, $this->hash_algo, true );
137
+
138
+ // and decrypt.
139
+ $opts = OPENSSL_RAW_DATA;
140
+ $res = openssl_decrypt( $raw, $this->cipher_algo, $keyhash, $opts, $iv );
141
+
142
+ if ( $res === false ) {
143
+ throw new \Exception( 'Cryptor::decryptString - decryption failed: ' . openssl_error_string() );
144
+ }
145
+
146
+ return $res;
147
+ }
148
+
149
+ /**
150
+ * Static convenience method for encrypting.
151
+ * @param string $in String to encrypt.
152
+ * @param string $key Encryption key.
153
+ * @param int $fmt Optional override for the output encoding. One of FORMAT_RAW, FORMAT_B64 or FORMAT_HEX.
154
+ * @return string The encrypted string.
155
+ */
156
+ public static function Encrypt( $in, $key, $fmt = null ) {
157
+ $c = new Cryptor();
158
+ return $c->encryptString( $in, $key, $fmt );
159
+ }
160
+
161
+ /**
162
+ * Static convenience method for decrypting.
163
+ * @param string $in String to decrypt.
164
+ * @param string $key Decryption key.
165
+ * @param int $fmt Optional override for the input encoding. One of FORMAT_RAW, FORMAT_B64 or FORMAT_HEX.
166
+ * @return string The decrypted string.
167
+ */
168
+ public static function Decrypt( $in, $key, $fmt = null ) {
169
+ $c = new Cryptor();
170
+ return $c->decryptString( $in, $key, $fmt );
171
+ }
172
+
173
+ }
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: https://wp-ecommerce.net/easy-wordpress-smtp-send-emails-from-your-
4
  Tags: mail, wordpress smtp, phpmailer, smtp, wp_mail, email, gmail, outgoing mail, privacy, security, sendmail, ssl, tls, wp-phpmailer, mail smtp, wp smtp
5
  Requires at least: 4.3
6
  Tested up to: 4.9
7
- Stable tag: 1.3.5
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
@@ -77,6 +77,13 @@ Inspired by [WP Mail SMTP](http://wordpress.org/plugins/wp-mail-smtp/) plugin
77
 
78
  == Changelog ==
79
 
 
 
 
 
 
 
 
80
  = 1.3.5 =
81
  * Added configurable option to force replace From Name. The plugin was force-replacing it regardless before, now you can configure this (thanks to daymobrew).
82
 
4
  Tags: mail, wordpress smtp, phpmailer, smtp, wp_mail, email, gmail, outgoing mail, privacy, security, sendmail, ssl, tls, wp-phpmailer, mail smtp, wp smtp
5
  Requires at least: 4.3
6
  Tested up to: 4.9
7
+ Stable tag: 1.3.6
8
  License: GPLv2 or later
9
  License URI: http://www.gnu.org/licenses/gpl-2.0.html
10
 
77
 
78
  == Changelog ==
79
 
80
+ = 1.3.6 =
81
+ * SMTP Username and SMTP Host fields are no longer multiplying slashes (thanks to jstepak for reporting).
82
+ * Added option to encrypt password using AES-256 encryption. This requires PHP 5.3+ and OpenSSL PHP extension to be enabled on the server.
83
+ * Added clear message to indicate if test email was successfully sent or not. Now you don't have to figure this out from debug log :-)
84
+ * Disabled browser autocomplete for username and password fields to prevent them from being replaced by WP login credentials (if those were saved in browser).
85
+ * Removed duplicate items IDs from settings page to comply with HTML standards.
86
+
87
  = 1.3.5 =
88
  * Added configurable option to force replace From Name. The plugin was force-replacing it regardless before, now you can configure this (thanks to daymobrew).
89