はじめに
WordPressには沢山のpluginがあります.e-mailを飛ばすにもWP Mail SMTPというpluginがあります.現在,このプラグインを使っていますが,自分でもphpを書けないかと思い立ちました.
blogを始めた当初は,珍しさもあって必要以上に複数のpluginを並行してつかっていました.有料のpluginも4つほど試しました.
月日が経つと飽きてきます.セキュリティ的にも複数のpluginは,それぞれでリスクがあるため,pluginのスンストール数が増えれば増えるほどリスクが高まります.例えば,1つのプラグインにリスクがあるため,安全性が99%だと仮定します.1つでも安全性がとこなわれると,それはもう安全ではないので直列のイメージで計算します.すなわち,4つのプラグインがあると99%の4乗が安全率になります.1つのプラグインの場合99%安全,2つのプラグインの場合99^2% = 98%,同様に3つで97%,4つで96%というように,プラグイン数が多くなると安全性が低下していくのが理解できます.
「Simple is best」がやかりよろしかろう,ということですね.すでに,pluginは極力減らすという方針を立てているので実践していきましょうか.今日は,情報収集まで...
構築手順の概要
- メールサーバーのsmtp設定
- MRHARIKIRのサイトは,Synology NASなのでそれを立ち上げるか,gmailでもいい
- phpコードを書く
- phpにはsmptに関するAPIがあるので,それを使う.
- それを使ってメールを送信
- phpコードにメッセージを送ってもらう.
1. smtp設定
コードは,functions.php内に配置する.
function my_phpmailer_example( $phpmailer ) {
$phpmailer->isSMTP();
$phpmailer->Host = 'smtp.example.com';
$phpmailer->SMTPAuth = true; // Ask it to use authenticate using the Username and Password properties
$phpmailer->Port = 25;
$phpmailer->Username = 'yourusername';
$phpmailer->Password = 'yourpassword';
// Additional settings…
//$phpmailer->SMTPSecure = 'tls'; // Choose 'ssl' for SMTPS on port 465, or 'tls' for SMTP+STARTTLS on port 25 or 587
//$phpmailer->From = "you@yourdomail.com";
//$phpmailer->FromName = "Your Name";
}
add_action( 'phpmailer_init', 'my_phpmailer_example' );Developer Resources / by Steven Lin
phpmailer_init | Hook | WordPress Developer Resources
WordPressからsmtpでメール送信する2つの設定方法を解説
WordPressからsmtpでメール送信する2つの設定方法を解説 | Fukuro Press (fukuro-press.com)
2. メール送信phpコード
メールとして送信したい文字列をwp_mail()を使ってコードを書く
wp_mail()関数の書式
wp_mail( $to, $subject, $message, $headers, $attachments );メール送信コード
function wp_mail( $to, $subject, $message, $headers = '', $attachments = array() ) {
// Compact the input, apply the filters, and extract them back out.
/**
* Filters the wp_mail() arguments.
*
* @since 2.2.0
*
* @param array $args {
* Array of the `wp_mail()` arguments.
*
* @type string|string[] $to Array or comma-separated list of email addresses to send message.
* @type string $subject Email subject.
* @type string $message Message contents.
* @type string|string[] $headers Additional headers.
* @type string|string[] $attachments Paths to files to attach.
* }
*/
$atts = apply_filters( 'wp_mail', compact( 'to', 'subject', 'message', 'headers', 'attachments' ) );
/**
* Filters whether to preempt sending an email.
*
* Returning a non-null value will short-circuit {@see wp_mail()}, returning
* that value instead. A boolean return value should be used to indicate whether
* the email was successfully sent.
*
* @since 5.7.0
*
* @param null|bool $return Short-circuit return value.
* @param array $atts {
* Array of the `wp_mail()` arguments.
*
* @type string|string[] $to Array or comma-separated list of email addresses to send message.
* @type string $subject Email subject.
* @type string $message Message contents.
* @type string|string[] $headers Additional headers.
* @type string|string[] $attachments Paths to files to attach.
* }
*/
$pre_wp_mail = apply_filters( 'pre_wp_mail', null, $atts );
if ( null !== $pre_wp_mail ) {
return $pre_wp_mail;
}
if ( isset( $atts['to'] ) ) {
$to = $atts['to'];
}
if ( ! is_array( $to ) ) {
$to = explode( ',', $to );
}
if ( isset( $atts['subject'] ) ) {
$subject = $atts['subject'];
}
if ( isset( $atts['message'] ) ) {
$message = $atts['message'];
}
if ( isset( $atts['headers'] ) ) {
$headers = $atts['headers'];
}
if ( isset( $atts['attachments'] ) ) {
$attachments = $atts['attachments'];
}
if ( ! is_array( $attachments ) ) {
$attachments = explode( "\n", str_replace( "\r\n", "\n", $attachments ) );
}
global $phpmailer;
// (Re)create it, if it's gone missing.
if ( ! ( $phpmailer instanceof PHPMailer\PHPMailer\PHPMailer ) ) {
require_once ABSPATH . WPINC . '/PHPMailer/PHPMailer.php';
require_once ABSPATH . WPINC . '/PHPMailer/SMTP.php';
require_once ABSPATH . WPINC . '/PHPMailer/Exception.php';
$phpmailer = new PHPMailer\PHPMailer\PHPMailer( true );
$phpmailer::$validator = static function ( $email ) {
return (bool) is_email( $email );
};
}
// Headers.
$cc = array();
$bcc = array();
$reply_to = array();
if ( empty( $headers ) ) {
$headers = array();
} else {
if ( ! is_array( $headers ) ) {
/*
* Explode the headers out, so this function can take
* both string headers and an array of headers.
*/
$tempheaders = explode( "\n", str_replace( "\r\n", "\n", $headers ) );
} else {
$tempheaders = $headers;
}
$headers = array();
// If it's actually got contents.
if ( ! empty( $tempheaders ) ) {
// Iterate through the raw headers.
foreach ( (array) $tempheaders as $header ) {
if ( ! str_contains( $header, ':' ) ) {
if ( false !== stripos( $header, 'boundary=' ) ) {
$parts = preg_split( '/boundary=/i', trim( $header ) );
$boundary = trim( str_replace( array( "'", '"' ), '', $parts[1] ) );
}
continue;
}
// Explode them out.
list( $name, $content ) = explode( ':', trim( $header ), 2 );
// Cleanup crew.
$name = trim( $name );
$content = trim( $content );
switch ( strtolower( $name ) ) {
// Mainly for legacy -- process a "From:" header if it's there.
case 'from':
$bracket_pos = strpos( $content, '<' );
if ( false !== $bracket_pos ) {
// Text before the bracketed email is the "From" name.
if ( $bracket_pos > 0 ) {
$from_name = substr( $content, 0, $bracket_pos );
$from_name = str_replace( '"', '', $from_name );
$from_name = trim( $from_name );
}
$from_email = substr( $content, $bracket_pos + 1 );
$from_email = str_replace( '>', '', $from_email );
$from_email = trim( $from_email );
// Avoid setting an empty $from_email.
} elseif ( '' !== trim( $content ) ) {
$from_email = trim( $content );
}
break;
case 'content-type':
if ( str_contains( $content, ';' ) ) {
list( $type, $charset_content ) = explode( ';', $content );
$content_type = trim( $type );
if ( false !== stripos( $charset_content, 'charset=' ) ) {
$charset = trim( str_replace( array( 'charset=', '"' ), '', $charset_content ) );
} elseif ( false !== stripos( $charset_content, 'boundary=' ) ) {
$boundary = trim( str_replace( array( 'BOUNDARY=', 'boundary=', '"' ), '', $charset_content ) );
$charset = '';
}
// Avoid setting an empty $content_type.
} elseif ( '' !== trim( $content ) ) {
$content_type = trim( $content );
}
break;
case 'cc':
$cc = array_merge( (array) $cc, explode( ',', $content ) );
break;
case 'bcc':
$bcc = array_merge( (array) $bcc, explode( ',', $content ) );
break;
case 'reply-to':
$reply_to = array_merge( (array) $reply_to, explode( ',', $content ) );
break;
default:
// Add it to our grand headers array.
$headers[ trim( $name ) ] = trim( $content );
break;
}
}
}
}
// Empty out the values that may be set.
$phpmailer->clearAllRecipients();
$phpmailer->clearAttachments();
$phpmailer->clearCustomHeaders();
$phpmailer->clearReplyTos();
$phpmailer->Body = '';
$phpmailer->AltBody = '';
// Set "From" name and email.
// If we don't have a name from the input headers.
if ( ! isset( $from_name ) ) {
$from_name = 'WordPress';
}
/*
* If we don't have an email from the input headers, default to wordpress@$sitename
* Some hosts will block outgoing mail from this address if it doesn't exist,
* but there's no easy alternative. Defaulting to admin_email might appear to be
* another option, but some hosts may refuse to relay mail from an unknown domain.
* See https://core.trac.wordpress.org/ticket/5007.
*/
if ( ! isset( $from_email ) ) {
// Get the site domain and get rid of www.
$sitename = wp_parse_url( network_home_url(), PHP_URL_HOST );
$from_email = 'wordpress@';
if ( null !== $sitename ) {
if ( str_starts_with( $sitename, 'www.' ) ) {
$sitename = substr( $sitename, 4 );
}
$from_email .= $sitename;
}
}
/**
* Filters the email address to send from.
*
* @since 2.2.0
*
* @param string $from_email Email address to send from.
*/
$from_email = apply_filters( 'wp_mail_from', $from_email );
/**
* Filters the name to associate with the "from" email address.
*
* @since 2.3.0
*
* @param string $from_name Name associated with the "from" email address.
*/
$from_name = apply_filters( 'wp_mail_from_name', $from_name );
try {
$phpmailer->setFrom( $from_email, $from_name, false );
} catch ( PHPMailer\PHPMailer\Exception $e ) {
$mail_error_data = compact( 'to', 'subject', 'message', 'headers', 'attachments' );
$mail_error_data['phpmailer_exception_code'] = $e->getCode();
/** This filter is documented in wp-includes/pluggable.php */
do_action( 'wp_mail_failed', new WP_Error( 'wp_mail_failed', $e->getMessage(), $mail_error_data ) );
return false;
}
// Set mail's subject and body.
$phpmailer->Subject = $subject;
$phpmailer->Body = $message;
// Set destination addresses, using appropriate methods for handling addresses.
$address_headers = compact( 'to', 'cc', 'bcc', 'reply_to' );
foreach ( $address_headers as $address_header => $addresses ) {
if ( empty( $addresses ) ) {
continue;
}
foreach ( (array) $addresses as $address ) {
try {
// Break $recipient into name and address parts if in the format "Foo <bar@baz.com>".
$recipient_name = '';
if ( preg_match( '/(.*)<(.+)>/', $address, $matches ) ) {
if ( count( $matches ) === 3 ) {
$recipient_name = $matches[1];
$address = $matches[2];
}
}
switch ( $address_header ) {
case 'to':
$phpmailer->addAddress( $address, $recipient_name );
break;
case 'cc':
$phpmailer->addCc( $address, $recipient_name );
break;
case 'bcc':
$phpmailer->addBcc( $address, $recipient_name );
break;
case 'reply_to':
$phpmailer->addReplyTo( $address, $recipient_name );
break;
}
} catch ( PHPMailer\PHPMailer\Exception $e ) {
continue;
}
}
}
// Set to use PHP's mail().
$phpmailer->isMail();
// Set Content-Type and charset.
// If we don't have a Content-Type from the input headers.
if ( ! isset( $content_type ) ) {
$content_type = 'text/plain';
}
/**
* Filters the wp_mail() content type.
*
* @since 2.3.0
*
* @param string $content_type Default wp_mail() content type.
*/
$content_type = apply_filters( 'wp_mail_content_type', $content_type );
$phpmailer->ContentType = $content_type;
// Set whether it's plaintext, depending on $content_type.
if ( 'text/html' === $content_type ) {
$phpmailer->isHTML( true );
}
// If we don't have a charset from the input headers.
if ( ! isset( $charset ) ) {
$charset = get_bloginfo( 'charset' );
}
/**
* Filters the default wp_mail() charset.
*
* @since 2.3.0
*
* @param string $charset Default email charset.
*/
$phpmailer->CharSet = apply_filters( 'wp_mail_charset', $charset );
// Set custom headers.
if ( ! empty( $headers ) ) {
foreach ( (array) $headers as $name => $content ) {
// Only add custom headers not added automatically by PHPMailer.
if ( ! in_array( $name, array( 'MIME-Version', 'X-Mailer' ), true ) ) {
try {
$phpmailer->addCustomHeader( sprintf( '%1$s: %2$s', $name, $content ) );
} catch ( PHPMailer\PHPMailer\Exception $e ) {
continue;
}
}
}
if ( false !== stripos( $content_type, 'multipart' ) && ! empty( $boundary ) ) {
$phpmailer->addCustomHeader( sprintf( 'Content-Type: %s; boundary="%s"', $content_type, $boundary ) );
}
}
if ( ! empty( $attachments ) ) {
foreach ( $attachments as $filename => $attachment ) {
$filename = is_string( $filename ) ? $filename : '';
try {
$phpmailer->addAttachment( $attachment, $filename );
} catch ( PHPMailer\PHPMailer\Exception $e ) {
continue;
}
}
}
/**
* Fires after PHPMailer is initialized.
*
* @since 2.2.0
*
* @param PHPMailer $phpmailer The PHPMailer instance (passed by reference).
*/
do_action_ref_array( 'phpmailer_init', array( &$phpmailer ) );
$mail_data = compact( 'to', 'subject', 'message', 'headers', 'attachments' );
// Send!
try {
$send = $phpmailer->send();
/**
* Fires after PHPMailer has successfully sent an email.
*
* The firing of this action does not necessarily mean that the recipient(s) received the
* email successfully. It only means that the `send` method above was able to
* process the request without any errors.
*
* @since 5.9.0
*
* @param array $mail_data {
* An array containing the email recipient(s), subject, message, headers, and attachments.
*
* @type string[] $to Email addresses to send message.
* @type string $subject Email subject.
* @type string $message Message contents.
* @type string[] $headers Additional headers.
* @type string[] $attachments Paths to files to attach.
* }
*/
do_action( 'wp_mail_succeeded', $mail_data );
return $send;
} catch ( PHPMailer\PHPMailer\Exception $e ) {
$mail_data['phpmailer_exception_code'] = $e->getCode();
/**
* Fires after a PHPMailer\PHPMailer\Exception is caught.
*
* @since 4.4.0
*
* @param WP_Error $error A WP_Error object with the PHPMailer\PHPMailer\Exception message, and an array
* containing the mail recipient, subject, message, headers, and attachments.
*/
do_action( 'wp_mail_failed', new WP_Error( 'wp_mail_failed', $e->getMessage(), $mail_data ) );
return false;
}
}
Developer Resources
wp_mail() | Function | WordPress Developer Resources
編集履歴
2023/11/24 MRHARIKIR (情報収集のところまで)
関連記事:
[Synology] NAS – WordPressからサイト外にメールを送信する [2020/09/13]
[WP] WordPressの機能/表示を追加/変更するには,どのファイルにコードを書くの? 今は昔![2023/11/11]
[WP] WordPressの投稿編集画面にカスタムフィールドを配置して同じタグを持つ他の投稿のURLを自動挿入すPHPコード[2023/11/26]
[Synology] Threat Preventionが検知したWordPressへの連続Loginアタックは全てIPアドレスが異なっているBrute Force Attack – reCAPTCHAプラグインで対策する [2020/03/20]
[Synology] NAS (DS918+/DS920+)の バックアップを考える – システム構成は「Hyper Backup」、「Snapshot Replication」および「Synology Drive」- Smartプラグによる外付けHDDケース電源の管理によるセキュリティ向上、最後にシステムコンフィグレーション /クラウドバックアップも考え [2023/11/15]
WordPress 5.3 標準テーマ Twenty Twentyに完全移行
[Synology] NASに装着した新品SSDが1年後にエラーを吐いた – 修復・復旧方法 – △[2020/05/03]
[WP]プラグイン- PhastPress Ver.1.33はDatabaseを不適正にいじってしまう
[WordPress] Flex Posts – Widget and Gutenberg Block プラグイン – Gutenberg エディター対応 [2020/02/07]
[WorPress] dashicons.min.css、headerからfooterに移動してページ速度改善を模索する