Version Description
- 2022-08-30 =
- FIX
- Server side request forgery
Download this release
Release Info
Developer | wpexpertsio |
Plugin | Post SMTP Mailer/Email Log |
Version | 2.1.7 |
Comparing to | |
See all releases |
Code changes from version 2.1.6 to 2.1.7
Postman/Postman-Connectivity-Test/PostmanConnectivityTestController.php
CHANGED
@@ -278,7 +278,7 @@ class PostmanPortTestAjaxController {
|
|
278 |
|
279 |
check_admin_referer('post-smtp', 'security');
|
280 |
|
281 |
-
if( !current_user_can(
|
282 |
wp_send_json_error(
|
283 |
array(
|
284 |
'Message' => 'Unauthorized.'
|
@@ -317,7 +317,7 @@ class PostmanPortTestAjaxController {
|
|
317 |
|
318 |
check_admin_referer('post-smtp', 'security');
|
319 |
|
320 |
-
if( !current_user_can(
|
321 |
wp_send_json_error(
|
322 |
array(
|
323 |
'Message' => 'Unauthorized.'
|
278 |
|
279 |
check_admin_referer('post-smtp', 'security');
|
280 |
|
281 |
+
if( !current_user_can( 'edit_plugins' ) ) {
|
282 |
wp_send_json_error(
|
283 |
array(
|
284 |
'Message' => 'Unauthorized.'
|
317 |
|
318 |
check_admin_referer('post-smtp', 'security');
|
319 |
|
320 |
+
if( !current_user_can( 'edit_plugins' ) ) {
|
321 |
wp_send_json_error(
|
322 |
array(
|
323 |
'Message' => 'Unauthorized.'
|
Postman/PostmanViewController.php
CHANGED
@@ -404,6 +404,12 @@ if ( ! class_exists( 'PostmanViewController' ) ) {
|
|
404 |
<?php echo esc_html( 'Twilio Notifications' ); ?>
|
405 |
</a>
|
406 |
</div>
|
|
|
|
|
|
|
|
|
|
|
|
|
407 |
</div>
|
408 |
<div class="ps-setting-box">
|
409 |
<div>
|
404 |
<?php echo esc_html( 'Twilio Notifications' ); ?>
|
405 |
</a>
|
406 |
</div>
|
407 |
+
<div>
|
408 |
+
<a href="<?php echo esc_url( 'https://postmansmtp.com/extensions/post-smtp-mail-control/' ); ?>" target="_blank">
|
409 |
+
<img src="<?php echo esc_url( POST_SMTP_ASSETS . 'images/icons/finger.png' ) ?>" width="15" />
|
410 |
+
<?php echo esc_html( 'Mail Control' ); ?>
|
411 |
+
</a>
|
412 |
+
</div>
|
413 |
</div>
|
414 |
<div class="ps-setting-box">
|
415 |
<div>
|
postman-smtp.php
CHANGED
@@ -6,7 +6,7 @@ if ( ! defined( 'ABSPATH' ) ) {
|
|
6 |
* Plugin Name: Post SMTP
|
7 |
* Plugin URI: https://wordpress.org/plugins/post-smtp/
|
8 |
* Description: Email not reliable? Post SMTP is the first and only WordPress SMTP plugin to implement OAuth 2.0 for Gmail, Hotmail and Yahoo Mail. Setup is a breeze with the Configuration Wizard and integrated Port Tester. Enjoy worry-free delivery even if your password changes!
|
9 |
-
* Version: 2.1.
|
10 |
* Author: Post SMTP
|
11 |
* Text Domain: post-smtp
|
12 |
* Author URI: https://postmansmtp.com
|
@@ -76,7 +76,7 @@ if ( ! function_exists( 'ps_fs' ) ) {
|
|
76 |
define( 'POST_SMTP_BASE', __FILE__ );
|
77 |
define( 'POST_SMTP_PATH', __DIR__ );
|
78 |
define( 'POST_SMTP_URL', plugins_url('', POST_SMTP_BASE ) );
|
79 |
-
define( 'POST_SMTP_VER', '2.1.
|
80 |
define( 'POST_SMTP_ASSETS', plugin_dir_url( __FILE__ ) . 'assets/' );
|
81 |
|
82 |
$postman_smtp_exist = in_array( 'postman-smtp/postman-smtp.php', (array) get_option( 'active_plugins', array() ) );
|
6 |
* Plugin Name: Post SMTP
|
7 |
* Plugin URI: https://wordpress.org/plugins/post-smtp/
|
8 |
* Description: Email not reliable? Post SMTP is the first and only WordPress SMTP plugin to implement OAuth 2.0 for Gmail, Hotmail and Yahoo Mail. Setup is a breeze with the Configuration Wizard and integrated Port Tester. Enjoy worry-free delivery even if your password changes!
|
9 |
+
* Version: 2.1.7
|
10 |
* Author: Post SMTP
|
11 |
* Text Domain: post-smtp
|
12 |
* Author URI: https://postmansmtp.com
|
76 |
define( 'POST_SMTP_BASE', __FILE__ );
|
77 |
define( 'POST_SMTP_PATH', __DIR__ );
|
78 |
define( 'POST_SMTP_URL', plugins_url('', POST_SMTP_BASE ) );
|
79 |
+
define( 'POST_SMTP_VER', '2.1.7' );
|
80 |
define( 'POST_SMTP_ASSETS', plugin_dir_url( __FILE__ ) . 'assets/' );
|
81 |
|
82 |
$postman_smtp_exist = in_array( 'postman-smtp/postman-smtp.php', (array) get_option( 'active_plugins', array() ) );
|
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Contributors: wpexpertsio
|
|
4 |
Tags: email, mail, smtp, wordpress smtp, email log, postman smtp, postman, gmail, google apps, hotmail, yahoo, mandrill api, sendgrid api, elastic email, office365, mailgun
|
5 |
Requires at least: 3.9
|
6 |
Tested up to: 6.0.1
|
7 |
-
Stable tag: 2.1.
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
@@ -28,7 +28,7 @@ Post SMTP replaces the default WordPress SMTP library, PHPMailer, with the heavy
|
|
28 |
* The built-in Email log is an invaluable resource for diagnosing problems with emails.
|
29 |
* OAuth 2.0 increase the security and protection of email password by discouraging the idea of storing your email password in the WordPress database where it might be found.
|
30 |
|
31 |
-
Even hosts that block the standard SMTP ports, like GoDaddy or Bluehost, can
|
32 |
|
33 |
https://www.youtube.com/watch?v=mXDEEE9jnfw
|
34 |
|
@@ -76,7 +76,7 @@ In essence, SMTP is a set of commands that authenticates and directs the transfe
|
|
76 |
[Better Email Logger Pro extension](https://postmansmtp.com/extensions/the-better-email/) allows you to design email marketing campaigns and improve email deliverability for your WordPress site.
|
77 |
|
78 |
**Mail Control Pro Extension**
|
79 |
-
[Mail Control Pro Extension](https://postmansmtp.com/extensions/post-smtp-mail-control/) allows you to control Post SMTP
|
80 |
|
81 |
= Post SMTP Membership Plans =
|
82 |
[Post SMTP membership plans](https://postmansmtp.com/membership-plan/) offer access to all pro extensions along with other benefits including 1-year extension updates and support, Email Reporting, Logging, and Tracking, all other SMTP Services and a 30-day money-back guarantee.
|
@@ -285,9 +285,13 @@ To avoid being flagged as spam, you need to prove your email isn't forged. On a
|
|
285 |
|
286 |
== Changelog ==
|
287 |
|
|
|
|
|
|
|
|
|
288 |
= 2.1.6 - 2022-08-29 =
|
289 |
-
|
290 |
-
* Server side forgery
|
291 |
|
292 |
= 2.1.5 - 2022-08-25 =
|
293 |
* **FIX**
|
@@ -608,310 +612,4 @@ Syntx stupid mistake
|
|
608 |
* [[Ticket](https://wordpress.org/support/topic/fatal-error-internal-zend-error-missing-class-information?replies=2#post-7092317)] User reported error "Fatal error: Internal Zend error - Missing class information" - Whoops, used 'require' PostState.php instead of 'require_once' PostState.php which was causing errors. Fixed.
|
609 |
* [[Ticket](https://wordpress.org/support/topic/error-send-mymail-email-marketing?replies=5)] [[Ticket](https://wordpress.org/support/topic/how-configure-mymail-in-plugin?replies=6)] MyMail Newsletter Plugin for WordPress refuses to use wp_mail. I don't want to make this a habit, but I've integrated Post with MyMail's proprietary delivery mechanism.
|
610 |
* [[Ticket](https://wordpress.org/support/topic/cant-send-error-500?replies=11#post-7103035)] Found an environment where the plugin's call to new Exception was creating PHP Fatal errors. Fixed.
|
611 |
-
* [[Ticket](https://wordpress.org/support/topic/error-calling-post-400-invalid-to-header?replies=4)] Perform validation on all email headers before
|
612 |
-
* The Gmail API transport displays a copy of the payload during the Send Email Test and saves this payload to the Email Log
|
613 |
-
* No longer shows the Javascript pop-up if the error is caused by the user cancelling everything (by checking JSON response.responseText for null)
|
614 |
-
|
615 |
-
= 1.6.22 - 2015-06-14 =
|
616 |
-
* Finally realized that for the last five months I've been relying on register_activation_hook to fire during plugin updates - [and it doesn't](https://make.wordpress.org/core/2010/10/27/plugin-activation-hooks-no-longer-fire-for-updates/). Lovely. Well this change should eliminate all the "update doesn't work!" bugs for good.
|
617 |
-
* [[Ticket](https://wordpress.org/support/topic/latest-update-conflicting-with-theme?replies=3#post-7066897)] I enable Strict mode when I code Post to ensure it's error free and I forgot to turn it off. This was causing all plugins and themes to show their warnings. Fixed.
|
618 |
-
* [[Ticket](https://wordpress.org/support/topic/upgrade-to-1619-broke-contact-form?replies=2#post-7067673)] I didn't thoroughly test the Gmail API, causing "Catchable fatal error: Argument 1 passed to PostGmailApiModuleTransport::getAuthenticationType() must be an instance of PostOptions, none given." Fixed.
|
619 |
-
* [[Ticket](https://wordpress.org/support/topic/gmail-api-assertion-failed-and-cannot-modify-header-information?replies=4#post-7068833)] I didn't thoroughly test the Gmail API, it wasn't warning the user if the Envelope Sender Address is missing. Fixed.
|
620 |
-
* [[Ticket](https://wordpress.org/support/topic/password-corruption-issue?replies=1)][[Ticket](https://wordpress.org/support/topic/password-corruption-issue?replies=4#post-7068839)] Found a problem in the Activation Handler. It was re-encoding passwords when it shouldn't have been. Fixed.
|
621 |
-
|
622 |
-
= 1.6.18 - 2015-06-13 =
|
623 |
-
* 8,000 installations! Big milestone! The author of [Contact Form 7](https://wordpress.org/plugins/contact-form-7/) has [officially endorsed Post SMTP](http://contactform7.com/faq/i-get-an-error-message-with-a-red-border-so-how-can-i-solve-this/) as the SMTP plugin of choice! You can't wipe the smile from my face :D
|
624 |
-
* [[Ticket](https://wordpress.org/support/topic/subscriber-registration?replies=6)] Post is determining the current user's admin capability incorrectly. Fixed.
|
625 |
-
* [[Ticket](https://wordpress.org/support/topic/using-a-google-apps-group-as-sender?replies=3)] Added an additional From field, the Envelope From Address, so users can use a different From address than the Account address (for example, to use a Google Apps' Group email address)
|
626 |
-
* Added a uniqueness (based on site URL) to the lock filename in case this is shared hosting
|
627 |
-
* Persistence-level updates now run across all subsites on a multisite installation
|
628 |
-
|
629 |
-
= 1.6.17 - 2015-06-08 =
|
630 |
-
* You know you're having a really bad day when you have to have do three releases. Fix for "Fatal error: Call to a member function addError() on a non-object". This happens when wp_mail is blocked by another plugin and a non-admin user accesses the site.
|
631 |
-
* [[Ticket](https://wordpress.org/support/topic/error-after-latest-upgrade?replies=2#post-7044181)] Fixed a bug "Fatal error: Cannot redeclare IsNullOrEmptyString()" I introduced in v1.6.15
|
632 |
-
* Added Cc and Bcc addresses to Email Log
|
633 |
-
* [[Ticket](https://wordpress.org/support/topic/email-errors?replies=16)][[Ticket](https://wordpress.org/support/topic/Post-smtp-on-contact-form-7?replies=2#post-7043223)] Force a Logout of Google before launching the Developers Console so it's obvious to the user which account is being used
|
634 |
-
* Now using Google Developers Console Gmail Wizard URL in place of Google Developers Console URL to simplify Client ID creation
|
635 |
-
* [[Ticket](https://wordpress.org/support/topic/fixed-my-problem-but-broke-bbpress-notifications?replies=7#post-7038255)] Removing the BCC header in the case of the Gmail API was incorrect and causing lost recipients. Fixed.
|
636 |
-
* Fixed a compatibility issue (PHP Fatal Error) with the Post Gmail API Extension
|
637 |
-
|
638 |
-
= 1.6.14 - 2015-06-05 =
|
639 |
-
* [[Ticket](https://wordpress.org/support/topic/large-warnings-on-site?replies=1#post-7036030)] Fixed a bug (PHP Warning) I introduced in v1.6.13
|
640 |
-
* 7,000 installations!
|
641 |
-
* Translated into Dutch, thank-you Louise
|
642 |
-
* [[Ticket](https://wordpress.org/support/topic/bad-requestinvalid_grant?replies=13#post-6991435)] Add process-locking to make sure the OAuth2 token is refreshed synchronously
|
643 |
-
* Use the Zend_Mail setReturnPath option to communicate the Mail-From and Sender as the SMTP account, allowing arbitrary addresses in the From header
|
644 |
-
* [[Ticket](https://wordpress.org/support/topic/smtp-authentication-security?replies=1#post-7025445)] Added Emoji lock icons to Dashboard and Main Setting screens to indicate security
|
645 |
-
* [[Ticket](https://wordpress.org/support/topic/problem-sending-mail-with-other-users?replies=19)] Emails from the [Email Users](https://wordpress.org/plugins/email-users/) plugin were causing undeliverable errors - fixed by removing the SMTP Return-Path header that *Email Users* injects
|
646 |
-
|
647 |
-
= 1.6.12 - 2015-05-30 =
|
648 |
-
* 6,000 installations! - 2015-05-26
|
649 |
-
* Post now calls wp_mail when sending a test email. This marks the beginning of the "Post API"
|
650 |
-
* Shaved admin memory use from ~6MB to ~4MB; Non-admin memory use holds at ~2MB
|
651 |
-
* Now loading the Sent Email post type for all admin screens, in case other custom post type-related plugins (e.g. WordPress Importer) need it
|
652 |
-
* Wasn't comfortable how plugin_data was being retrieved, so reverted back to hard-coded plugin name and version
|
653 |
-
* Save original wp_mail parameters to Email Log so that a Resend action can be implemented
|
654 |
-
* [[Ticket](https://wordpress.org/support/topic/578-error-authentication-failed-ugfzc3dvcmq6?replies=4#post-7008516)] Removed sanitize_text_field from the PostSanitizer to prevent corruption of some passwords
|
655 |
-
* [[Ticket](https://wordpress.org/support/topic/fatal-error-after-the-latest-update?replies=9#post-6963805)] Removed the WordPress function call wp_slash - systems that don't support it can now use logging
|
656 |
-
* A lot of general code clean-up and memory optimizations
|
657 |
-
|
658 |
-
= 1.6.11 - 2015-05-22 =
|
659 |
-
* [[Ticket](https://wordpress.org/support/topic/call-to-undefined-function-spritnf?replies=2#post-6977557)] Fix for "Fatal error: Call to undefined function spritnf() in PostEmailLogController.php on line 284" - sometimes PHP really sucks compared to Java
|
660 |
-
* Added a link to a HowTo Video for configuring Google OAuth 2.0 in the OAuth2 authentication section
|
661 |
-
|
662 |
-
= 1.6.10 - 2015-05-18 =
|
663 |
-
* 5,000 installations!
|
664 |
-
* Looks for php_openssl and php_socket in the Pre-Requisites check
|
665 |
-
* [[Ticket](https://wordpress.org/support/topic/email-log-doesnt-show-up-after-upgrade?replies=2)] I hate when you have to have a fix for a fix. It means you need to hire more testers.
|
666 |
-
* [[Ticket](https://wordpress.org/support/topic/send-email-failed?replies=17#post-6954616)] Changed the way Post performs the API Connectivity Test to more resemble how Google does it
|
667 |
-
* [[Ticket](https://wordpress.org/support/topic/the-result-was-boolfalse-1?replies=1)] Found a host that the Connectivity Test gets confused on : send.one.com. STARTTLS detection was failing. Fixed.
|
668 |
-
* [[Ticket](https://wordpress.org/support/topic/fatal-error-after-the-latest-update?replies=9#post-6963805)] Some users insist on running Post in WordPress < 3.6 which has no wp_slash function. Logging is disabled in this case.
|
669 |
-
|
670 |
-
= 1.6.8 - 2015-05-14 =
|
671 |
-
* [[Ticket](https://wordpress.org/support/topic/fatal-error-after-the-latest-update?replies=2#post-6948880)] Found a PHP envrionment that choked in the catch block trying to call a function (get transcript) on an object instantiated in the try (mail engine). Fixed.
|
672 |
-
* [[Ticket](https://wordpress.org/support/topic/a-valid-address-is-required-issue-with-contact-form-builder-plugin?replies=2)] If wp_mail is called with a recipient list that ends in a comma, Post tries to add an empty address to the message. Fixed.
|
673 |
-
* The SMTP Session Transcript was not being saved for errors! Fixed.
|
674 |
-
|
675 |
-
= 1.6.6 - 2015-05-12 =
|
676 |
-
* [[Ticket](https://wordpress.org/support/topic/requesting-permission?replies=14)][[Ticket](https://wordpress.org/support/topic/status-Post-is-not-sending-mail?replies=42)][[Ticket](https://wordpress.org/support/topic/Post-is-not-handling-email-delivery?replies=4)][[Ticket](https://wordpress.org/support/topic/google-request-isnt-acceptable?replies=10)][[Ticket](https://wordpress.org/support/topic/google-wont-grant-permission?replies=7)] Fixed a long-standing bug where Post would ignore the Grant Code from an OAuth provider if it wasn't in the very next HttpRequest that the site received. Changed this to use a three-minute window.
|
677 |
-
|
678 |
-
= 1.6.5 - 2015-05-10 =
|
679 |
-
* [[Ticket](https://wordpress.org/support/topic/problem-using-wizard?replies=4)] Fixed a Javascript bug
|
680 |
-
* Added an Ajax failure handler to every Ajax post
|
681 |
-
|
682 |
-
= 1.6.4 - 2015-05-08 =
|
683 |
-
* SMTP transport requires a Sender Email Address be set
|
684 |
-
* Wizard will not clear the hostname if it comes back null
|
685 |
-
* If the host does not support "humanTime", the Email Log will fall back to an ISO date
|
686 |
-
* Added a new advanced option: Transcript size to adjust how much of the transcript is saved in the log
|
687 |
-
* The wizard gets confused if the user specified auth type is undefined for the newly chosen socket. for example, a gmail address, with a mailtrap.io server, toggling between the gmailapi socket and the mailtrap socket. Fixed.
|
688 |
-
* Show a warning on the main setting screen if the Delivery mode is not set to Production
|
689 |
-
|
690 |
-
= 1.6.2 - 2015-05-06 =
|
691 |
-
* 4,000 installations!
|
692 |
-
* [[Ticket](https://wordpress.org/plugins/Post-gmail-extension/)] Some of the changes released in v1.6 broke the Gmail Extension. Fixed.
|
693 |
-
* [[Ticket](https://wordpress.org/support/topic/x-mailer?replies=9)] Added a new advanced option: Stealth Mode to hide the Post X-Mailer signature
|
694 |
-
* Added a Transcript option in the Email Log
|
695 |
-
* Fixed how the Wizard handles new GoDaddy Office-365 supported email
|
696 |
-
|
697 |
-
= 1.6.1 - 2015-05-04 =
|
698 |
-
* You test and test and test, and there's always a bug. Fixed a problem in the Port Recommender where it thought STARTTLS was offered when it isn't (test case: test@aol.com)
|
699 |
-
|
700 |
-
= 1.6 - 2015-05-03 =
|
701 |
-
* Fold all code from the Post Gmail Extension back into Post
|
702 |
-
* Remove warning from main screen for sender override if it's already on
|
703 |
-
* Delivery mode - production, logging, test
|
704 |
-
* Help screens
|
705 |
-
* Log all email attempts with error messages (if any)
|
706 |
-
* Truncate logs to max amount
|
707 |
-
* View all the email attempts, and view a single entry
|
708 |
-
* Delete single, delete batch, and delete the entire log on pugin data purge
|
709 |
-
* Highlight Logging option to users
|
710 |
-
* Obscure password from front-end
|
711 |
-
* Ask to see password when typing
|
712 |
-
* When the wizard is looking up details on the email address, disable the smtp hostname field
|
713 |
-
* Wizard check server ID and warn for MITM 'attack'
|
714 |
-
* Check for GoDaddy SMTP server during Wizard and use that SMTP server
|
715 |
-
* Check for Gmail during wizard and remember for gmail api option.
|
716 |
-
* Present choices to user when select the auth type and socket in wizard more elegantly (radio buttons?)
|
717 |
-
* Warn when using AUTH with NO encryption - done with padlock emoji
|
718 |
-
* Add hostname to connectivity test table.
|
719 |
-
* Remove hard-coded plugin version number
|
720 |
-
|
721 |
-
= 1.5.13 - 2015-04-22 =
|
722 |
-
* 3,000 installations!
|
723 |
-
|
724 |
-
= 1.5.13 - 2015-04-18 =
|
725 |
-
* Minor fix in Wizard: OAuth labels weren't updating dynamically (since v1.5.11)
|
726 |
-
* Lots of changes at Yahoo's Developer Network required changes here: updated format of Callback Domain; updated Yahoo Developer Network portal launch link; renamed Consumer Key/Secret to Client ID/Client Secret; updated FAQ for Yahoo Client ID instructions
|
727 |
-
* [[Ticket](https://wordpress.org/support/topic/re-initializing-the-plugin?replies=5)] Updated stylesheet to avoid interference from Dating Solutions Plugin (DSP)
|
728 |
-
|
729 |
-
= 1.5.12 - 2015-04-14 - The Jamaican release! =
|
730 |
-
* [[Ticket](https://wordpress.org/support/topic/help-mail-is-failing-in-test?replies=9)] PHP 5.2 users: fix test messages that show failures but still get delivered; fix Contact Form 7 submission freezes
|
731 |
-
* Translated into Turkish, thank-you ercan yaris
|
732 |
-
|
733 |
-
= 1.5.11 - 2015-04-05 =
|
734 |
-
* 2,000 installations! :D
|
735 |
-
* Commercial-grade improvements to Connectivity Test and Setup Wizard. The new wizard prevents misconfiguration by interrogating the MTA for capabilities and intelligently suggests the best settings for the user. Steve Jobs would be proud.
|
736 |
-
* Fixed Wizard's MSA hostname guess for GoDaddy addresses (smtp.secureserver.net is the MTA not the MSA)
|
737 |
-
* Fixed Wizard's MSA hostname guess for Outlook 365 addresses (smtp.live.com is for their free Hotmail service)
|
738 |
-
* Added French/Italian translation for JQuery Validation
|
739 |
-
|
740 |
-
= 1.5.10 - 2015-03-29 =
|
741 |
-
* Fix for Fatal error: Cannot redeclare class PEAR_Common in C:\PHP5\PEAR\PEAR\Common.php - similar to [this error](https://wordpress.org/support/topic/plugin-wp-minify-cant-activate-plugin-fatal-error?replies=6) in WP Minify
|
742 |
-
|
743 |
-
= 1.5.9 - 2015-03-26 =
|
744 |
-
* Added JQuery tabbed UI for manual configuration screen
|
745 |
-
* Added functionality to add to, cc, and bcc recipients to every message
|
746 |
-
* Added functionality to add custom headers to every message - useful for [Mandrill "SMTP" headers](http://help.mandrill.com/entries/21688056-Using-SMTP-Headers-to-customize-your-messages)
|
747 |
-
* [[Ticket](https://wordpress.org/support/topic/invalid-redirect-uri?replies=7)] The Setup Wizard will check for IP addresses in the site URL and warn the user when they are about to configure OAuth 2.0 that this will fail.
|
748 |
-
* [[Ticket](https://wordpress.org/support/topic/from-address-for-new-site-registration-email?replies=3)] Added functionality to prevent plugins and themes from overriding both the sender name and sender email address
|
749 |
-
* [[Ticket](https://wordpress.org/support/topic/problem-with-responding?replies=7#post-6723830)] Hide PHP warnings from `stream_set_timeout()` in case the host has disabled this function.
|
750 |
-
|
751 |
-
= 1.5.8 - 2015-03-16 =
|
752 |
-
* 1,000 installations! :D
|
753 |
-
* [[Ticket](https://wordpress.org/support/topic/openssl-error-after-upgrading?replies=2#post-6699480)] Post will not shut down if it can't find OpenSSL. It will just display a warning to the user.
|
754 |
-
|
755 |
-
= 1.5.7 - 2015-03-14 =
|
756 |
-
* [[Ticket](https://wordpress.org/support/topic/conflict-when-used-in-conjunction-with-advanced-access-manager-by-vasyl-martyn?replies=9)] renamed Zend framework classes to prevent errors with other plugins using the Zend framework
|
757 |
-
* [[Ticket](https://wordpress.org/support/topic/test-email-hangs?replies=5)] Added ajax error checks, especially for Error 502 : Bad Gateway (from WPEngine.com) when sending test e-mail
|
758 |
-
* Multipart/Alternative was horribly broken, clearly no-one was using it. It's working now, and Post's new Test Message is Multipart/Alternative. Thanks to Victor Hung of [poofytoo](http://poofytoo.com) for the use of his cartoon.
|
759 |
-
* Add PHP library pre-requisite checks to Binder, Dashboard widget, Admin screen and Admin screen error messages.
|
760 |
-
* Translated into Italian, thank-you Andrea Greco
|
761 |
-
* Obfuscated e-mail address in Diagnostic Info
|
762 |
-
* Fixed Wizard's SMTP hostname guess for Apple addresses (icloud.com, me.com, mac.com)
|
763 |
-
|
764 |
-
= 1.5.5 - 2015-03-11 =
|
765 |
-
* Added a Dashboard Widget to display Post status
|
766 |
-
* [[Ticket](https://wordpress.org/support/topic/sending-test-email-hangs?replies=9)] Added diagnostics check for iconv library
|
767 |
-
* Moved the SMTP transcript to it's own step in the Send Email Test
|
768 |
-
* Moved 3rd-party plugin import to the Setup Wizard
|
769 |
-
* [[Ticket](https://wordpress.org/support/topic/language-file-errors-in-debug-log?replies=3)|[Ticket](https://wordpress.org/support/topic/cant-activate-plugin-37?replies=6)] Stopped writing to error log if a language file can't be found
|
770 |
-
* Added the Http User Agent string to the diagnostics
|
771 |
-
|
772 |
-
= 1.5.4 - 2015-03-04 - the Birthday Release =
|
773 |
-
* [[Ticket](https://wordpress.org/support/topic/status-Post-is-not-sending-mail?replies=42)] Added support for the [wp_mail](http://codex.wordpress.org/Plugin_API/Filter_Reference/wp_mail) filter - this adds compatibility with plugins like email-log
|
774 |
-
* Better diagnostics - includes a port check on the currently configured host:port
|
775 |
-
* Fixed a bug where multiple error messages at once overwrite each other
|
776 |
-
* [[Ticket](https://wordpress.org/support/topic/incorrect-authentication-data-error-220?replies=9)] Fixed a bug in Sanitizer for cases where WordPress calls sanitize twice in a row - [known WP bug](https://core.trac.wordpress.org/ticket/21989)
|
777 |
-
|
778 |
-
= 1.5.3 - 2015-02-28 =
|
779 |
-
* Added a dedicated screen for Diagnostics (so that I can add more intensive, slower-running checks like DNS)
|
780 |
-
* Fixed port-testing race condition bug in Post Setup Wizard when using Gmail API Extension
|
781 |
-
* Fix for error "Fatal error: Cannot redeclare class PostOAuthTokenInterface" when using Gmail API Extension
|
782 |
-
* Checks to make sure that the hostname used for SMTP/OAuth 2.0 is one that is supported
|
783 |
-
* Removed display_errors=On, Mr. Space Cadet here left it in the previous release by accident
|
784 |
-
|
785 |
-
= 1.5.1 - 2015-02-23 =
|
786 |
-
* Bugs slipped through. In the Wizard, choosing port 465 was not hiding the authentication label. Worse, choosing port 587 was not showing the authentication buttons.
|
787 |
-
* In the wizard, if no ports are available for use, the error message was not being displayed.
|
788 |
-
|
789 |
-
= 1.5 - 2015-02-22 =
|
790 |
-
* [[Ticket](https://wordpress.org/support/topic/oh-bother-connection-refused?replies=12)|[Ticket](https://wordpress.org/support/topic/impossible-to-send-mail?replies=6)] Added support for modular transports. The first external transport is the Post Gmail Extension, which uses the Gmail API to send mail out on the HTTPS port, a convenient way around traditional TCP port blocks for Gmail users
|
791 |
-
* [[Ticket](https://wordpress.org/support/topic/display-error-on-plugin-activation?replies=33)] Made my debug logging "less agressive" so that broken systems (those that pipe warning messages to STDOUT regardless of the WordPress WP_DEBUG_DISPLAY setting or PHP's display_errors settings) will no longer experience the Port Test hanging during a check
|
792 |
-
* Fixed a bug in the Setup Wizard where it would not use OAuth 2.0 on port 587
|
793 |
-
* Fixed a bug where Post refused to send mail with Password authentication and no encryption (who does that??)
|
794 |
-
|
795 |
-
= 1.4.1 - 2015-02-17 =
|
796 |
-
* All text has been [externalized](http://plugins.svn.wordpress.org/Post-smtp/trunk/Post/languages/Post-smtp.pot) in prep for [I18N Internationalization and localization](http://codex.wordpress.org/I18n_for_WordPress_Developers)
|
797 |
-
* Fixed a bug where the Setup Wizard would force OAuth 2.0 configuration, instead of falling back to Password, even if the required port was closed
|
798 |
-
* Added more error checking, and more warning messages.
|
799 |
-
* Translated into French, thank-you Etienne Provost
|
800 |
-
|
801 |
-
= 1.4 - 2015-02-15 =
|
802 |
-
* Happy Valentine's Day! Sending Yahoo email now supported with OAuth 2.0 authentication! If the Wizard detects that a Yahoo server has been entered, it automatically configures OAuth 2.0
|
803 |
-
* First time users may choose to import settings from any of the Big Four WordPress SMTP plugins (five if you count Easy SMTP Mail, a clone of WP Mail SMTP): Easy WP SMTP, WP Mail Bank, WP Mail SMTP and WP SMTP
|
804 |
-
* [[Ticket](https://wordpress.org/support/topic/display-error-on-plugin-activation?replies=33)] Suppressed warning messages generated by calls to fsockopen - they were causing the remote Ajax queries to hang
|
805 |
-
* The wizard was resetting some settings by accident, namely Connection Timeout, Read Timeout and Reply-To
|
806 |
-
* [[Ticket](https://wordpress.org/support/topic/display-error-on-plugin-activation?replies=33)] Found an environment where calls to error_log were being displayed in the HTML even after display_errors was disabled. Therefore, disabled error_log calls by default. The log may be re-enabled in Advanced Settings
|
807 |
-
* The Bad, Post! screen was messing with the Port Test Ajax call when fsockopen generated an error and debug level is set to E_ALL in php.ini. Therefore added a switch in the configuration "Show Error Screen" that is off by default. When it is off, Port Test works perfect but errors generate a WSOD. When it is on, errors are displayed in the "Bad, Post!" screen but Port Test fails.
|
808 |
-
* I heard that some hosts, like WPEngine, do not allow writing to the Http Session. Well that's balls. I've modified the code to write to the database instead.
|
809 |
-
|
810 |
-
= 1.3.4 - 2015-02-11 =
|
811 |
-
* 500 downloads and six 5-star ratings in only three weeks! Cool! 8-)
|
812 |
-
* Replaced the Google OAuth API with pure PHP code. No more unexpected Google API errors.
|
813 |
-
* [[Ticket](https://wordpress.org/support/topic/contact-7-and-activation-error?replies=16)] Enabled overriding of the timeouts in the configuration screen. If Post is intermittently sending mail, doubling the TCP Read Timeout may help
|
814 |
-
* Added the SMTP session transcript output when a test message fails to send.
|
815 |
-
* Fixed the error: Class 'Zend_Mail_Protocol_Smtp_Auth_Plain' not found in /Post/Post-Mail/Zend-1.12.10/Mail/Transport/Smtp.php on line 198
|
816 |
-
* Passwords in the database are now Base64-encoded so casual viewing of the database won't reveal them
|
817 |
-
* Fixed a couple minor database upgrade bugs: for new users who use Password Authentication, and for old users that don't have an expiry token stored
|
818 |
-
* Added a version shortcode, mostly for promotion of Post on my own websites
|
819 |
-
* Serveal minor tweaks to the user interface, including focus, style, validation, and enabling/disabling inputs where applicable
|
820 |
-
|
821 |
-
= 1.3.2 - 2015-02-10 =
|
822 |
-
* [[Ticket](https://wordpress.org/support/topic/contact-7-and-activation-error?replies=16)] Fixed the error: PHP Fatal error: Call to private PostAuthorizationToken::__construct() This occurs when upgrading from a pre-v1.0 version of Post (when PostAuthorizationToken had a public constructor) to v1.0 or higher
|
823 |
-
* [[Ticket](https://wordpress.org/support/topic/404-not-found-79?replies=17)] Fixed the error PHP Fatal error: Class 'Google_IO_Stream' not found in /Post/Post-Auth/google-api-php-client-1.1.2/src/Google/Client.php on line 600 by including Google/IO/Stream.php
|
824 |
-
* Post now has a modest fatal error screen, rather than a dreaded white screen of death
|
825 |
-
|
826 |
-
= 1.3 - 2015-02-09 =
|
827 |
-
* Sending Hotmail/Windows Live/Outlook.com email now supported with OAuth 2.0 authentication! If Wizard detects that a Hotmail server has been entered, it automatically configures OAuth 2.0.
|
828 |
-
* Separated Authentication input from Encryption input for finer configuration control
|
829 |
-
* Added additional authentication types: plain and CRAM-MD5. 'basic' became 'login'
|
830 |
-
* Added Ajax to manual config and wizard screens to allow dynamic OAuth2 redirect url + help text changes in response to hostname changes
|
831 |
-
* Removed 'Allow Plugin to Override Sender' user input
|
832 |
-
* Added Online Support link in menu
|
833 |
-
* Clarified text in 'Run a Port Test' so people won't continue to ask me about connection problems (hopefully)
|
834 |
-
|
835 |
-
= 1.2 - 2015-02-04 =
|
836 |
-
* Support for Sender Name and Reply-To. Turns out Google no longer honours the MUA Return-Path header due to Spam. Makes sense, so I've decided not to add a Return-Path field to Post's configuration.
|
837 |
-
* Support for WordPress filters [wp_mail_from](http://codex.wordpress.org/Plugin_API/Filter_Reference/wp_mail_from) and [wp_mail_from_name](http://codex.wordpress.org/Plugin_API/Filter_Reference/wp_mail_from_name)
|
838 |
-
* Disable stats-keeping for email sent by the test function
|
839 |
-
* Minor tweaks to the Wizard to support WordPress v3.9
|
840 |
-
|
841 |
-
= 1.1.1 - 2015-02-03 =
|
842 |
-
* [[Ticket](https://wordpress.org/support/topic/contact-form-7-not-sending-after-update-of-Post-smtp?replies=5)] Fixed a bug I introduced in 1.1. Thanks to user derrey for catching this one. Zend_Mail crashes when attempting to throw an exception when the 'from' standard header was added as a header : "Zend_Mail_Exception code=0 message=Cannot set standard header from addHeader()"
|
843 |
-
|
844 |
-
= 1.1 - 2015-02-03 =
|
845 |
-
* [[Ticket](https://wordpress.org/support/topic/charset-problem-6?replies=4)] Added support for international characters (the WordPress default is UTF-8) which can be specified with headers or the [wp_mail_charset](http://codex.wordpress.org/Plugin_API/Filter_Reference/wp_mail_charset) filter
|
846 |
-
* Added support for multi-part content type which can be specified with headers or the [wp_mail_content_type](http://codex.wordpress.org/Plugin_API/Filter_Reference/wp_mail_content_type) filter
|
847 |
-
|
848 |
-
= 1.0 - 2015-02-02 =
|
849 |
-
* Overhaul of the UI - A navigation pane is shown at the top of each page and each major function has been separated into its own screen
|
850 |
-
* Post now supports sending with basic auth and no auth just like the other SMTP plugins
|
851 |
-
* Added a Port Test function so users can have peace of mind whether the plugin is failing (never!) or whether the host has firewalled them
|
852 |
-
* [[Ticket](https://wordpress.org/support/topic/emails-not-sending-in-html-format?replies=5)] Now supports email headers, such as a text/html content-type
|
853 |
-
* Now supports email attachments
|
854 |
-
* Added a warning if the user has configured OAuth but not requested permission from Google
|
855 |
-
* Added a warning if the user is using Google with Basic auth (or worse) and a suggestion to enable OAuth 2.0
|
856 |
-
* Recording of successful/failure tally
|
857 |
-
|
858 |
-
= 0.2.7 - 2015-01-29 =
|
859 |
-
* Fixed error: "Undefined variable: authorizationToken" was preventing mail delivery outside of the admin screen.
|
860 |
-
* Fixed warning message that Post couldn't bind to wp_mail immediately after Activation
|
861 |
-
* Added prerequisite checks to make sure the PHP environment can handle Post
|
862 |
-
* Moved the screenshots and icons out of /trunk and into /assets
|
863 |
-
|
864 |
-
= 0.2.6 - 2015-01-28 =
|
865 |
-
* [[Ticket](https://wordpress.org/support/topic/parse-error-syntax-error-unexpected-t_string-63?replies=24)] Fixed "Configure and Authorize the plugin" missing the link address. Thanks to user kaorw for catching ths one.
|
866 |
-
* [[Ticket](https://wordpress.org/support/topic/parse-error-syntax-error-unexpected-t_string-63?replies=24)] Fixed "Warning: Missing argument 2 for update_option()". Thanks to user kaorw for catching ths one. Fixed by calling delete_option instead of update_option().
|
867 |
-
* [[Ticket](https://wordpress.org/support/topic/call-to-undefined-function-str_getcsv?replies=12)] Fixed "Fatal error: Call to undefined function str_getcsv()". Thanks to user micb for catching ths one. This function is not available before PHP 5.3. Fixed by replacing str_getdsv() with custom implementation.
|
868 |
-
|
869 |
-
= 0.2.5 - 2015-01-27 =
|
870 |
-
* [[Ticket](https://wordpress.org/support/topic/parse-error-syntax-error-unexpected-t_string-63?replies=24)] Removed the namespace for users with older version of PHP
|
871 |
-
* Changed the Post Redirect URI (now includes a trailing ?page=Post) - this means Client ID's from 0.2.4 or earlier MUST be updated with the new Redirect URI or re-created from scratch.
|
872 |
-
|
873 |
-
= 0.2.4 - 2015-01-25 =
|
874 |
-
* Fixed issues on servers where the plugin is installed as a symbolic link.
|
875 |
-
* Better error handling/debugging with php logging and assertions.
|
876 |
-
|
877 |
-
= 0.2.1 - 2015-01-23 =
|
878 |
-
* Fixed an environment-specific error that prevented Post reloading the setting screen after sending a test email
|
879 |
-
|
880 |
-
= 0.2 - 2015-01-20 =
|
881 |
-
* wp_mail() accepts multiple recipients (array and string)
|
882 |
-
* display a warning to the user if another plugin is preventing Post from overriding wp_mail
|
883 |
-
* paired down the external libraries to only what was required - from 3,700 files to just 75
|
884 |
-
* default Gmail port corrected to 465 - previously 465 was hardcoded but 587 was saved to the database
|
885 |
-
* Added 'Delete All Data' button to erase the stored tokens
|
886 |
-
* OpenShift production problem: This environment didn't like the callback and there were possibly invalid characters in the source script
|
887 |
-
|
888 |
-
= 0.1 - 2015-01-19 =
|
889 |
-
* First release. Happy Fig Newton Day! It was a grueling week-end, studying PHP and OAuth and Googling like a Boss, but it's done and it works!
|
890 |
-
|
891 |
-
|
892 |
-
|
893 |
-
== Upgrade Notice ==
|
894 |
-
|
895 |
-
= 1.7 =
|
896 |
-
Integration with Mandrill API, SendGrid API, Import/Export, Resend Emails
|
897 |
-
|
898 |
-
= 1.6 =
|
899 |
-
Introducing Email Logging.
|
900 |
-
|
901 |
-
= 1.5 =
|
902 |
-
Added support for external transports, such as the new Post Gmail Extension.
|
903 |
-
|
904 |
-
= 1.4 =
|
905 |
-
Now supporting Yahoo Mail via OAuth 2.0!
|
906 |
-
|
907 |
-
= 1.3 =
|
908 |
-
Now supporting Hotmail via OAuth 2.0!
|
909 |
-
|
910 |
-
= 1.2 =
|
911 |
-
Support for Sender Name and the Reply-To header.
|
912 |
-
|
913 |
-
= 1.1 =
|
914 |
-
Support for international characters and multipart/mime mail
|
915 |
-
|
916 |
-
= 1.0 =
|
917 |
-
Major overhaul of the UI including a Setup Wizard and a TCP Port Tester!
|
4 |
Tags: email, mail, smtp, wordpress smtp, email log, postman smtp, postman, gmail, google apps, hotmail, yahoo, mandrill api, sendgrid api, elastic email, office365, mailgun
|
5 |
Requires at least: 3.9
|
6 |
Tested up to: 6.0.1
|
7 |
+
Stable tag: 2.1.7
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
28 |
* The built-in Email log is an invaluable resource for diagnosing problems with emails.
|
29 |
* OAuth 2.0 increase the security and protection of email password by discouraging the idea of storing your email password in the WordPress database where it might be found.
|
30 |
|
31 |
+
Even hosts that block the standard SMTP ports, like GoDaddy or Bluehost, can’t stop your email as Post SMTP can deliver via HTTPS if it can’t use SMTP.
|
32 |
|
33 |
https://www.youtube.com/watch?v=mXDEEE9jnfw
|
34 |
|
76 |
[Better Email Logger Pro extension](https://postmansmtp.com/extensions/the-better-email/) allows you to design email marketing campaigns and improve email deliverability for your WordPress site.
|
77 |
|
78 |
**Mail Control Pro Extension**
|
79 |
+
[Mail Control Pro Extension](https://postmansmtp.com/extensions/post-smtp-mail-control/) allows you to control Post SMTP’s email actions like sending email alerts to authors, webmasters, and new users.
|
80 |
|
81 |
= Post SMTP Membership Plans =
|
82 |
[Post SMTP membership plans](https://postmansmtp.com/membership-plan/) offer access to all pro extensions along with other benefits including 1-year extension updates and support, Email Reporting, Logging, and Tracking, all other SMTP Services and a 30-day money-back guarantee.
|
285 |
|
286 |
== Changelog ==
|
287 |
|
288 |
+
= 2.1.7 - 2022-08-30 =
|
289 |
+
* **FIX**
|
290 |
+
* Server side request forgery
|
291 |
+
|
292 |
= 2.1.6 - 2022-08-29 =
|
293 |
+
* **FIX**
|
294 |
+
* Server side request forgery
|
295 |
|
296 |
= 2.1.5 - 2022-08-25 =
|
297 |
* **FIX**
|
612 |
* [[Ticket](https://wordpress.org/support/topic/fatal-error-internal-zend-error-missing-class-information?replies=2#post-7092317)] User reported error "Fatal error: Internal Zend error - Missing class information" - Whoops, used 'require' PostState.php instead of 'require_once' PostState.php which was causing errors. Fixed.
|
613 |
* [[Ticket](https://wordpress.org/support/topic/error-send-mymail-email-marketing?replies=5)] [[Ticket](https://wordpress.org/support/topic/how-configure-mymail-in-plugin?replies=6)] MyMail Newsletter Plugin for WordPress refuses to use wp_mail. I don't want to make this a habit, but I've integrated Post with MyMail's proprietary delivery mechanism.
|
614 |
* [[Ticket](https://wordpress.org/support/topic/cant-send-error-500?replies=11#post-7103035)] Found an environment where the plugin's call to new Exception was creating PHP Fatal errors. Fixed.
|
615 |
+
* [[Ticket](https://wordpress.org/support/topic/error-calling-post-400-invalid-to-header?replies=4)] Perform validation on all email headers before s
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|