feature: Separate SMTP Credentials

This feature adds the ability to separate the IMAP/POP and SMTP credentials
for a System Email. This adds a checkbox next to the Authentication Required
setting where, if Enabled, will show two additional inputs for the SMTP
Username and Password. If Authentication Required is set to No the SMTP
Username and Password inputs will disappear as they are not needed. If the
checkbox is Disabled the system will use the IMAP/POP credentials for SMTP.

include/class.email.php

@@ -112,6 +112,12 @@ function getPasswd() {
         return Crypto::decrypt($this->userpass, SECRET_SALT, $this->userid);
     }
 
+    function getSMTPPasswd() {
+        if (!$this->smtp_userpass)
+            return '';
+        return Crypto::decrypt($this->smtp_userpass, SECRET_SALT, $this->smtp_userid);
+    }
+
     function getHashtable() {
         return $this->ht;
     }
@@ -160,13 +166,16 @@ function allowSpoofing() {
     }
 
     function getSMTPInfo() {
+        $smtpcreds = $this->smtp_auth_creds;
+        $username = $smtpcreds ? $this->smtp_userid : $this->userid;
+        $passwd = $smtpcreds ? $this->smtp_userpass : $this->userpass;
 
         $info = array (
                 'host' => $this->smtp_host,
                 'port' => $this->smtp_port,
                 'auth' => (bool) $this->smtp_auth,
-                'username' => $this->userid,
-                'password' => Crypto::decrypt($this->userpass, SECRET_SALT, $this->userid)
+                'username' => $username,
+                'password' => Crypto::decrypt($passwd, SECRET_SALT, $username)
                 );
 
         return $info;
@@ -249,6 +258,7 @@ function update($vars, &$errors=false) {
 
         // very basic checks
         $vars['cpasswd']=$this->getPasswd(); //Current decrypted password.
+        $vars['smtp_cpasswd']=$this->getSMTPPasswd(); // Current decrypted SMTP password.
         $vars['name']=Format::striptags(trim($vars['name']));
         $vars['email']=trim($vars['email']);
         $vars['mail_folder']=Format::striptags(trim($vars['mail_folder']));
@@ -279,7 +289,8 @@ function update($vars, &$errors=false) {
         if($topic && !$topic->isActive())
           $errors['topic_id'] = '';
 
-        if($vars['mail_active'] || ($vars['smtp_active'] && $vars['smtp_auth'])) {
+        if($vars['mail_active'] || ($vars['smtp_active'] && $vars['smtp_auth']
+                && !$vars['smtp_auth_creds'])) {
             if(!$vars['userid'])
                 $errors['userid']=__('Username missing');
 
@@ -292,6 +303,17 @@ function update($vars, &$errors=false) {
                 $errors['passwd'] = sprintf('%s - %s', __('Unable to encrypt password'), __('Get technical help!'));
         }
 
+        if ($vars['smtp_active'] && $vars['smtp_auth'] && $vars['smtp_auth_creds']) {
+            if (!$vars['smtp_userid'])
+                $errors['smtp_userid'] = __('Username missing');
+
+            if (!$vars['smtp_passwd'])
+                $errors['smtp_passwd'] = __('Password Required');
+            elseif ($vars['smtp_passwd'] && $vars['smtp_userid']
+                    && !Crypto::encrypt($vars['smtp_passwd'], SECRET_SALT, $vars['smtp_userid']))
+                $errors['smtp_passwd'] = sprintf('%s - %s', __('Unable to encrypt password'), __('Get technical help!'));
+        }
+
         list($vars['mail_protocol'], $encryption) = explode('/', $vars['mail_proto']);
         $vars['mail_encryption'] = $encryption ?: 'NONE';
 
@@ -377,14 +399,16 @@ function update($vars, &$errors=false) {
             }
         }
 
+        $smtppasswd = $vars['smtp_passwd'] ?: $vars['smtp_cpasswd'];
         if(!$errors && $vars['smtp_active']) { //Check SMTP login only.
+            $smtpcreds = $vars['smtp_auth_creds'];
             require_once 'Mail.php'; // PEAR Mail package
             $smtp = mail::factory('smtp',
                     array ('host' => $vars['smtp_host'],
                            'port' => $vars['smtp_port'],
                            'auth' => (bool) $vars['smtp_auth'],
-                           'username' =>$vars['userid'],
-                           'password' =>$passwd,
+                           'username' => $smtpcreds ? $vars['smtp_userid'] : $vars['userid'],
+                           'password' => $smtpcreds ? $smtppasswd : $passwd,
                            'timeout'  =>20,
                            'debug' => false,
                            ));
@@ -420,6 +444,8 @@ function update($vars, &$errors=false) {
         $this->smtp_host = $vars['smtp_host'];
         $this->smtp_port = $vars['smtp_port'] ?: 0;
         $this->smtp_auth = $vars['smtp_auth'];
+        $this->smtp_auth_creds = isset($vars['smtp_auth_creds']) ? 1 : 0;
+        $this->smtp_userid = $vars['smtp_userid'];
         $this->smtp_spoofing = $vars['smtp_spoofing'];
         $this->notes = Format::sanitize($vars['notes']);
 
@@ -440,6 +466,9 @@ function update($vars, &$errors=false) {
         if ($vars['passwd']) //New password - encrypt.
             $this->userpass = Crypto::encrypt($vars['passwd'],SECRET_SALT, $vars['userid']);
 
+        if ($vars['smtp_passwd']) // New SMTP password - encrypt.
+            $this->smtp_userpass = Crypto::encrypt($vars['smtp_passwd'], SECRET_SALT, $vars['smtp_userid']);
+
         if ($this->save())
             return true;
 

include/i18n/en_US/help/tips/emails.email.yaml

@@ -92,6 +92,14 @@ protocol:
         Select the mail box protocol supported by your remote mail server.
         IMAP is recommended and SSL is encouraged if at all possible.
 
+smtp_auth_creds:
+    title: Use Separate Authentication
+    content: >
+        If this setting is Disabled the system will use the same Authentication
+        Credentials as entered above. If you require separate credentials for
+        Fetching and SMTP, you can Enable this setting and enter your SMTP
+        Authentication Credentails.
+
 fetch_frequency:
     title: Fetch Frequency
     content: >

include/staff/email.inc.php

@@ -334,9 +334,28 @@
                   
                  <label><input type="radio" name="smtp_auth"  value="0"
                      <?php echo !$info['smtp_auth']?'checked':''; ?> /> <?php echo __('No'); ?></label>
+                 &nbsp;
+                 <label><input type="checkbox" name="smtp_auth_creds" value="1"
+                     <?php echo $info['smtp_auth_creds']?'checked':''; ?> /> <?php echo __('Use Separate Authentication'); ?></label>
+                       <i class="help-tip icon-question-sign" href="#smtp_auth_creds"></i>
                 <font class="error">&nbsp;<?php echo $errors['smtp_auth']; ?></font>
             </td>
         </tr>
+        <tr style="display:none;" class="smtp"><td><?php echo __('Username'); ?></td>
+            <td>
+                <input type="text" size="35" name="smtp_userid" value="<?php echo $info['smtp_userid']; ?>"
+                    autocomplete="off" autocorrect="off">
+                &nbsp;<span class="error">&nbsp;<?php echo $errors['smtp_userid']; ?>&nbsp;</span>
+            </td>
+        </tr>
+        <tr style="display:none;" class="smtp"><td><?php echo __('Password'); ?></td>
+            <td>
+                <input type="password" size="35" name="smtp_passwd" value="<?php echo $info['smtp_passwd']; ?>"
+                    autocomplete="off">
+                &nbsp;<span class="error">&nbsp;<?php echo $errors['smtp_passwd']; ?>&nbsp;</span>
+                <br><em><?php if ($info['smtp_userpass']) echo $passwdtxt; ?></em>
+            </td>
+        </tr>
         <tr>
             <td><?php echo __('Header Spoofing'); ?></td>
             <td>
@@ -365,3 +384,23 @@
     <input type="button" name="cancel" value="<?php echo __('Cancel');?>" onclick='window.location.href="emails.php"'>
 </p>
 </form>
+<script type="text/javascript">
+// SMTP Authentication Credentials
+$(document).ready(function(){
+    $('input[name=smtp_auth], input[name=smtp_auth_creds]').bind('change', function(){
+        // Toggle Auth Checkbox
+        if ($('input[name=smtp_auth]:checked').val() == 1) {
+            $('input[name=smtp_auth_creds]').removeAttr('disabled');
+        } else {
+            $('input[name=smtp_auth_creds]').attr('disabled', true);
+        }
+        // Toggle Auth Input Visibility
+        if ($('input[name=smtp_auth_creds]:checked').val() == 1
+              && $('input[name=smtp_auth]:checked').val() == 1)
+            $('.smtp').show();
+        else
+            $('.smtp').hide();
+    });
+    $('input[name=smtp_auth], input[name=smtp_auth_creds]').trigger('change');
+});
+</script>

include/upgrader/streams/core.sig

@@ -1 +1 @@
-914098f4a7022c558038471e7f9eec62
+87d4a3233469728d83b86d3ee2f066e1

include/upgrader/streams/core/914098f4-87d4a323.patch.sql

@@ -0,0 +1,15 @@
+/**
+ * @signature 87d4a3233469728d83b86d3ee2f066e1
+ * @version v1.14-rc3
+ * @title Add new SMTP Settings to emails
+ *
+ */
+ALTER TABLE `%TABLE_PREFIX%email`
+    ADD `smtp_auth_creds` int(11) DEFAULT '0' AFTER `smtp_auth`,
+    ADD `smtp_userid` varchar(255) NOT NULL AFTER `smtp_auth_creds`,
+    ADD `smtp_userpass` varchar(255) CHARACTER SET ascii NOT NULL AFTER `smtp_userid`;
+
+-- Finished with patch
+UPDATE `%TABLE_PREFIX%config`
+    SET `value` = '87d4a3233469728d83b86d3ee2f066e1'
+    WHERE `key` = 'schema_signature' AND `namespace` = 'core';

setup/inc/streams/core/install-mysql.sql

@@ -266,6 +266,9 @@ CREATE TABLE `%TABLE_PREFIX%email` (
   `smtp_port` int(6) default NULL,
   `smtp_secure` tinyint(1) NOT NULL default '1',
   `smtp_auth` tinyint(1) NOT NULL default '1',
+  `smtp_auth_creds` int(11) DEFAULT '0',
+  `smtp_userid` varchar(255) NOT NULL,
+  `smtp_userpass` varchar(255) CHARACTER SET ascii NOT NULL,
   `smtp_spoofing` tinyint(1) unsigned NOT NULL default '0',
   `notes` text,
   `created` datetime NOT NULL,