@mail help

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
cdnmama
Forum Newbie
Posts: 5
Joined: Thu Jan 24, 2008 11:37 am
Location: Ontario, Canada

@mail help

Post by cdnmama »

I am using a tell a friend script and wondered if anyone has a solution for me. The script will send up to 3 email addresses. When the email is received, the 3 email addresses show in the TO: field. Is it possible to alter the script so the addresses do not show, but are added to the BCC: field instead?

This is the current code....

Code: Select all

@mail("$_POST[fmail1],$_POST[fmail2],$_POST[fmail3]", $tsubject, $ttext, "FROM: $_POST[email]");
Someone suggested this, but it gives a syntax error....

Code: Select all

@mail(”", $tsubject, $ttext, “FROM: $_POST[email]”, “Bcc: $_POST[friendmail1],$_POST[friendmail2],$_POST[friendmail3]”);
 
Thanks for any help :)

Deb
User avatar
Oren
DevNet Resident
Posts: 1640
Joined: Fri Apr 07, 2006 5:13 am
Location: Israel

Re: @mail help

Post by Oren »

User avatar
Kieran Huggins
DevNet Master
Posts: 3635
Joined: Wed Dec 06, 2006 4:14 pm
Location: Toronto, Canada
Contact:

Re: @mail help

Post by Kieran Huggins »

are you coding in Word or something? I ask because the quotes from the example are "fancy quotes" rather than the normal kind. That would certainly mess up the parsing.

Also: swift++, but it might be a bit of a learning curve for you. I'd stick with the example your friend sent, but retype it in a proper editor to get rid of all the odd characters.
User avatar
Jonah Bron
DevNet Master
Posts: 2764
Joined: Thu Mar 15, 2007 6:28 pm
Location: Redding, California

Re: @mail help

Post by Jonah Bron »

Just stick with mail() until you get really good at php.

Use nodepad for editing php, if on win.
this is what you are looking for:

Code: Select all

 
mail($_POST[fmail1] .', '. $_POST[fmail2] .', '. $_POST[fmail3], $tsubject, $ttext, 'FROM: '. $_POST[email]) or die('couldn\'t sent mail');
 
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Re: @mail help

Post by Chris Corbyn »

PHPyoungster wrote:Just stick with mail() until you get really good at php.

Use nodepad for editing php, if on win.
this is what you are looking for:

Code: Select all

 
mail($_POST[fmail1] .', '. $_POST[fmail2] .', '. $_POST[fmail3], $tsubject, $ttext, 'FROM: '. $_POST[email]) or die('couldn\'t sent mail');
 
That will throw warnings since your array keys are not in strings.

Code: Select all

mail($_POST['fmail1'] .', '. $_POST['fmail2'] .', '. $_POST['fmail3'], $tsubject, $ttext, 'FROM: '. $_POST['email']) or die('couldn\'t sent mail');
However, I'd strongly discourage putting $_POST data right into mail() like that since this is a known way to inject headers into emails and subsequently, a perfect way for evil spammers to send spam to the masses via your server.

http://www.securephpwiki.com/index.php/Email_Injection
http://www.securephpwiki.com/index.php/Email_Injection wrote:Swift Mailer class is not vulnerable to this attack. ...
http://phpsense.com/php/php-mail.html
cdnmama
Forum Newbie
Posts: 5
Joined: Thu Jan 24, 2008 11:37 am
Location: Ontario, Canada

Re: @mail help

Post by cdnmama »

Kieran Huggins wrote:are you coding in Word or something? I ask because the quotes from the example are "fancy quotes" rather than the normal kind. That would certainly mess up the parsing.
I don't write PHP code but I do copy and paste it into Notepad. I did not notice the "fancy quotes" in Notepad as the font was so small. I changed it to the proper quotes....

Code: Select all

@mail("", $tsubject, $ttext, "FROM: $_POST[email]", "Bcc: $_POST[friendmail1],$_POST[friendmail2],$_POST[friendmail3]");
I don't get the syntax error anymore, I receive the emails but the email addresses are still in the TO: field. I took a chance and altered the code to....

Code: Select all

@mail("", $tsubject, $ttext, "FROM: $_POST[email]", "Bcc: $_POST[friendmail1],Bcc: $_POST[friendmail2],Bcc: $_POST[friendmail3]");
same thing happened.
Thanks Chris....I've looked at both of these pages as well as your Swift Mailer. I downloaded and looked at the zipfile. After reading some of the wikidocs on your site, it seems quite complicated to me. What I'm looking for is a tell a friend script that allows for referral urls and will send the page to more than one email address at a time. I will read more about Swift Mailer and give it a try soon.

Deb
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Re: @mail help

Post by Chris Corbyn »

Yup, that's fair enough ;) At the very least check that those email addresses posted contain "@" signs and don't contain any newlines.

Code: Select all

foreach (array('email', 'friendemail1', 'friendemail2', 'friendemail3') as $key) {
  $address = $_POST[$key];
  if (!strpos($address, '@')) {
    //not a valid email address
  } elseif (false !== strpos($address, "\n") || false !== strpos($address, "\r")) {
    //not a valid email address
  }
}
cdnmama
Forum Newbie
Posts: 5
Joined: Thu Jan 24, 2008 11:37 am
Location: Ontario, Canada

Re: @mail help

Post by cdnmama »

Chris Corbyn wrote:Yup, that's fair enough ;) At the very least check that those email addresses posted contain "@" signs and don't contain any newlines.
Do you mean make sure that the email addresses posted into the form have the @ sign?

What should I do with the code from your last post?

Deb
Post Reply