I’ve been trying to track down why my s3 bucket files are no longer being attached to automated emails being sent out by WordPress (using the Gravity Forms Entry Automation plugin).
I’ve been able to identify the latest version of PHPMailer being the reason why the attachments no longer get added. From the PHPMailer ticket response:
This is due to a bug fix that also closed a major security hole. PHPMailer deliberately avoids being a client for HTTP or other protocols for file attachments because it is far too risky. The solution is to take on responsibility for fetching remote files yourself.
Instead of:
$mail->addAttachment('s3://file.txt', 'file.txt');
Do this:
$mail->addStringAttachment(file_get_contents('s3://file.txt'), 'file.txt');
I reached out to the Gravity Forms authors as well as the Entry Automation authors and they both have said their plugins just generate raw notification objects and then use wp_mail() to pass the generated mail object off to the rest of my server to actually handle the sending.
Is there a way to get this working again without having to roll my WP version back? Or do y’all know how others are handling this issue?
One option would be to try to use the phpmailer_init hook, but I can’t quite figure out how to do this to force using addStringAttachment.
Any suggestions? I’m kind of in a bind because the files that get attach must remain on S3 and not the local file system.
Core ticket submitted here
