iliaa Fri Jan 9 14:59:30 2009 UTC Modified files: (Branch: PHP_5_3) /php-src php.ini-dist php.ini-recommended NEWS /php-src/main main.c php_globals.h /php-src/ext/standard mail.c Log: [DOC] Added mail logging functionality that allows logging of mail sent via mail() function THe logging functionality is disabled by default but can be enabled on a per-directory or globaly via 2 INI settings. The mail.log directive allows you to specify the file where each call to mail() will be logged. The log file will contain the path and line # of the calling script in addition to all of the headers indicated by the user. The mail.add_x_header directive will introduce a X-PHP-Originating-Script header that will contain the file name (no path) of the calling script and the uid of the script. This combination should be sufficient for the admin to locate the sending script.
http://cvs.php.net/viewvc.cgi/php-src/php.ini-dist?r1=1.231.2.10.2.22.2.15&r2=1.231.2.10.2.22.2.16&diff_format=u Index: php-src/php.ini-dist diff -u php-src/php.ini-dist:1.231.2.10.2.22.2.15 php-src/php.ini-dist:1.231.2.10.2.22.2.16 --- php-src/php.ini-dist:1.231.2.10.2.22.2.15 Sat Dec 27 21:03:53 2008 +++ php-src/php.ini-dist Fri Jan 9 14:59:29 2009 @@ -747,6 +747,12 @@ ; the 5th parameter to mail(), even in safe mode. ;mail.force_extra_parameters = +; Add X-PHP-Originaiting-Script: that will include uid of the script followed by the filename +mail.add_x_header = Off + +; Log all mail() calls including the full path of the script, line #, to address and headers +mail.log = + [SQL] sql.safe_mode = Off http://cvs.php.net/viewvc.cgi/php-src/php.ini-recommended?r1=1.179.2.11.2.23.2.16&r2=1.179.2.11.2.23.2.17&diff_format=u Index: php-src/php.ini-recommended diff -u php-src/php.ini-recommended:1.179.2.11.2.23.2.16 php-src/php.ini-recommended:1.179.2.11.2.23.2.17 --- php-src/php.ini-recommended:1.179.2.11.2.23.2.16 Sat Dec 27 21:03:53 2008 +++ php-src/php.ini-recommended Fri Jan 9 14:59:30 2009 @@ -799,6 +799,12 @@ ; the 5th parameter to mail(), even in safe mode. ;mail.force_extra_parameters = +; Add X-PHP-Originaiting-Script: that will include uid of the script followed by the filename +mail.add_x_header = On + +; Log all mail() calls including the full path of the script, line #, to address and headers +mail.log = + [SQL] sql.safe_mode = Off http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.965.2.439&r2=1.2027.2.547.2.965.2.440&diff_format=u Index: php-src/NEWS diff -u php-src/NEWS:1.2027.2.547.2.965.2.439 php-src/NEWS:1.2027.2.547.2.965.2.440 --- php-src/NEWS:1.2027.2.547.2.965.2.439 Fri Jan 9 14:30:00 2009 +++ php-src/NEWS Fri Jan 9 14:59:30 2009 @@ -15,6 +15,8 @@ - Changed open_basedir to allow tightening in runtime contexts. (Sara) - Re-enabled socket_create_pair() on Windows (Kalle) +- Added mail logging functionality that allows logging of mail sent via + mail() function. (Ilia) - Added json_last_error() to return any error information from json_decode(). (Scott) - Added gethostname() to return the current system host name. (Ilia) http://cvs.php.net/viewvc.cgi/php-src/main/main.c?r1=1.640.2.23.2.57.2.41&r2=1.640.2.23.2.57.2.42&diff_format=u Index: php-src/main/main.c diff -u php-src/main/main.c:1.640.2.23.2.57.2.41 php-src/main/main.c:1.640.2.23.2.57.2.42 --- php-src/main/main.c:1.640.2.23.2.57.2.41 Wed Dec 31 14:27:09 2008 +++ php-src/main/main.c Fri Jan 9 14:59:30 2009 @@ -18,7 +18,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: main.c,v 1.640.2.23.2.57.2.41 2008/12/31 14:27:09 helly Exp $ */ +/* $Id: main.c,v 1.640.2.23.2.57.2.42 2009/01/09 14:59:30 iliaa Exp $ */ /* {{{ includes */ @@ -447,6 +447,8 @@ PHP_INI_ENTRY("SMTP", "localhost",PHP_INI_ALL, NULL) PHP_INI_ENTRY("smtp_port", "25", PHP_INI_ALL, NULL) + STD_PHP_INI_BOOLEAN("mail.add_x_header", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateBool, mail_x_header, php_core_globals, core_globals) + STD_PHP_INI_ENTRY("mail.log", NULL, PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateString, mail_log, php_core_globals, core_globals) PHP_INI_ENTRY("browscap", NULL, PHP_INI_SYSTEM, NULL) PHP_INI_ENTRY("memory_limit", "128M", PHP_INI_ALL, OnChangeMemoryLimit) PHP_INI_ENTRY("precision", "14", PHP_INI_ALL, OnSetPrecision) http://cvs.php.net/viewvc.cgi/php-src/main/php_globals.h?r1=1.98.2.1.2.7.2.6&r2=1.98.2.1.2.7.2.7&diff_format=u Index: php-src/main/php_globals.h diff -u php-src/main/php_globals.h:1.98.2.1.2.7.2.6 php-src/main/php_globals.h:1.98.2.1.2.7.2.7 --- php-src/main/php_globals.h:1.98.2.1.2.7.2.6 Wed Dec 31 11:15:47 2008 +++ php-src/main/php_globals.h Fri Jan 9 14:59:30 2009 @@ -16,7 +16,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: php_globals.h,v 1.98.2.1.2.7.2.6 2008/12/31 11:15:47 sebastian Exp $ */ +/* $Id: php_globals.h,v 1.98.2.1.2.7.2.7 2009/01/09 14:59:30 iliaa Exp $ */ #ifndef PHP_GLOBALS_H #define PHP_GLOBALS_H @@ -165,6 +165,9 @@ long user_ini_cache_ttl; char *request_order; + + zend_bool mail_x_header; + char *mail_log; }; http://cvs.php.net/viewvc.cgi/php-src/ext/standard/mail.c?r1=1.87.2.1.2.7.2.6&r2=1.87.2.1.2.7.2.7&diff_format=u Index: php-src/ext/standard/mail.c diff -u php-src/ext/standard/mail.c:1.87.2.1.2.7.2.6 php-src/ext/standard/mail.c:1.87.2.1.2.7.2.7 --- php-src/ext/standard/mail.c:1.87.2.1.2.7.2.6 Wed Dec 31 11:15:45 2008 +++ php-src/ext/standard/mail.c Fri Jan 9 14:59:30 2009 @@ -16,13 +16,15 @@ +----------------------------------------------------------------------+ */ -/* $Id: mail.c,v 1.87.2.1.2.7.2.6 2008/12/31 11:15:45 sebastian Exp $ */ +/* $Id: mail.c,v 1.87.2.1.2.7.2.7 2009/01/09 14:59:30 iliaa Exp $ */ #include <stdlib.h> #include <ctype.h> #include <stdio.h> #include "php.h" #include "ext/standard/info.h" +#include "ext/standard/php_string.h" +#include "ext/standard/basic_functions.h" #if HAVE_SYSEXITS_H #include <sysexits.h> @@ -67,6 +69,8 @@ *p = ' '; \ } \ +extern long php_getuid(void); + /* {{{ proto int ezmlm_hash(string addr) Calculate EZMLM list hash value. */ PHP_FUNCTION(ezmlm_hash) @@ -199,25 +203,61 @@ int ret; char *sendmail_path = INI_STR("sendmail_path"); char *sendmail_cmd = NULL; + char *mail_log = INI_STR("mail.log"); + char *hdr = headers; #if PHP_SIGCHILD void (*sig_handler)() = NULL; #endif +#define MAIL_RET(val) \ + if (hdr != headers) { \ + efree(hdr); \ + } \ + return val; \ + + if (mail_log) { + char *tmp; + int l = spprintf(&tmp, 0, "mail() on [%s:%d]: To: %s -- Headers: %s\n", zend_get_executed_filename(TSRMLS_C), zend_get_executed_lineno(TSRMLS_C), to, hdr ? hdr : ""); + if (hdr) { /* find all \r\n instances and replace them with spaces, so a log line is always one line long */ + char *p = tmp; + while ((p = strpbrk(p, "\r\n"))) { + *p = ' '; + } + tmp[l - 1] = '\n'; + } + _php_error_log(3, tmp, mail_log, NULL TSRMLS_CC); + efree(tmp); + } + if (PG(mail_x_header)) { + char *tmp = zend_get_executed_filename(TSRMLS_C); + char *f; + size_t f_len; + + php_basename(tmp, strlen(tmp), NULL, 0,&f, &f_len); + + if (headers != NULL) { + spprintf(&hdr, 0, "%s\r\nX-PHP-Originating-Script: %ld:%s\n", headers, php_getuid(), f); + } else { + spprintf(&hdr, 0, "X-PHP-Originating-Script: %ld:%s\n", php_getuid(), f); + } + efree(f); + } + if (!sendmail_path) { #if (defined PHP_WIN32 || defined NETWARE) /* handle old style win smtp sending */ - if (TSendMail(INI_STR("SMTP"), &tsm_err, &tsm_errmsg, headers, subject, to, message, NULL, NULL, NULL TSRMLS_CC) == FAILURE) { + if (TSendMail(INI_STR("SMTP"), &tsm_err, &tsm_errmsg, hdr, subject, to, message, NULL, NULL, NULL TSRMLS_CC) == FAILURE) { if (tsm_errmsg) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "%s", tsm_errmsg); efree(tsm_errmsg); } else { php_error_docref(NULL TSRMLS_CC, E_WARNING, "%s", GetSMErrorText(tsm_err)); } - return 0; + MAIL_RET(0); } - return 1; + MAIL_RET(1); #else - return 0; + MAIL_RET(0); #endif } if (extra_cmd != NULL) { @@ -261,13 +301,13 @@ signal(SIGCHLD, sig_handler); } #endif - return 0; + MAIL_RET(0); } #endif fprintf(sendmail, "To: %s\n", to); fprintf(sendmail, "Subject: %s\n", subject); - if (headers != NULL) { - fprintf(sendmail, "%s\n", headers); + if (hdr != NULL) { + fprintf(sendmail, "%s\n", hdr); } fprintf(sendmail, "\n%s\n", message); ret = pclose(sendmail); @@ -290,9 +330,9 @@ #endif #endif { - return 0; + MAIL_RET(0); } else { - return 1; + MAIL_RET(1); } } else { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not execute mail delivery program '%s'", sendmail_path); @@ -301,10 +341,10 @@ signal(SIGCHLD, sig_handler); } #endif - return 0; + MAIL_RET(0); } - return 1; /* never reached */ + MAIL_RET(1); /* never reached */ } /* }}} */
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php