• DE
  • ES
  • EN
  • NL
Google+twitterfacebook

Blog

Automatically upgrade PHPMailer on your server


This article originally appeared on the Magentron Blog as 'Automatically upgrade all PHPMailer installs on your server'.

Published on Thursday December 29, 2016 by Jeroen Derks.

In the last week two critical issues where discovered by Dawid Golunski in PHPMailer, a library to facilitate sending email messages using PHP.

The disclosures can be found here:

You can read the response of the programmers of PHPMailer about it in the PHPMailer Wiki article "About the CVE 2016 10033 and CVE 2016 10045 vulnerabilities".

In order to prevent me from having to write all my customers to have them update the library and hope that they are going to do so, I wrote a simple shell script that updates the PHPMailer core files (class.phpmailer.php, class.pop3.php, class.smtp.php) that are found in the directories that you supply.

The script is called upgrade-phpmailer.sh and can be found as GitHub gist upgrade-phpmailer.sh (download upgrade-phpmailer.sh [use right-click and Save]).

The usage output of the script upgrade-phpmailer.sh:

phpmailer-upgrade.sh v1.0.0 - Copyright (c) 2016 Derks.IT / Jeroen Derks
Upgrades PHPMailer files automatically to last version

usage: upgrade-phpmailer.sh [-d] [-n] [-v] [-x] [-B branch] [-C checkout] [-D backup ] [-K] [-M extension]
[-N] [-O] directory [ directory [...] ]
    -d    Enable debug output
    -n    Dry-run mode
    -v    Enable verbose output
    -x    Enable shell debug output
    -B    PHPMailer GitHub branch name to use (default: master)
    -C    Directory containing cloned repository with branch to use
    -D    Backup directory to use (default: /phpmailer.backup)
    -K    Keep temporary directory
    -M    Rename original files using supplied extension (default: .BACKUP)
    -N    Do not create backup directory
    -O    Compare only, do not actually upgrade

If you have any improvements or suggestions, please leave a message below or create a pull request.

Please let me know if this article has been useful to you! (or not)