FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » FORMS, validating mail was sent
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: FORMS, validating mail was sent [message #181893 is a reply to message #181874] Fri, 21 June 2013 09:11 Go to previous messageGo to previous message
Tim Streater is currently offline  Tim Streater
Messages: 328
Registered: September 2010
Karma:
Senior Member
In article <51c37641$0$6623$9b4e6d93(at)newsspool2(dot)arcor-online(dot)net>,
Christoph Michael Becker <cmbecker69(at)arcor(dot)de> wrote:

> Am 20.06.2013 22:46, schrieb Gordon Burditt:
>>> I'm a PHP near-newbie working fairly successfully on creating a secure
>>> PHP e-mail (mail()) function. It occurs to me that the only way a user
>>> knows (thinks) a form has been sent, is that I tell him so either in a
>>> line of code or with a Thank You page.
>>
>> Since you're a near-newbie, please save the world from having to
>> block email from your server, and DO NOT put any variables in email
>> headers, DO NOT put any variables from the user in email headers,
>> and DO NOT put any variables set in your form in email headers.
>> Put them in the body of the mail.
>
> Or use at least a good email library which caters for security issues
> and other "details" regarding correct headers.
>
> And one should not forget that not everything could be put in the
> message body--at least not without proper setting of some headers.
>
>> Wrong: From: $email
>> Right: From: www-data(at)myserver(dot)hostingco(dot)com
>>
>> Some servers are going to require that (a) the From: address is
>> local, (b) the From: address is a valid local user, and perhaps (c)
>> the user name must match the user id of the code that called the
>> MTA. In other words, there might be only one correct From: line
>> you're allowed to use.
>
> Indeed, but the OP may *try* if custom From headers are allowed on his
> webspace.
>
>> (For a mailing list to customers, you're stuck with a variable
>> in the To:, Cc:, or Bcc: headers. )
>
> In my limited experience Cc and Bcc headers *might* be blocked by the ISP.

Well you shouldn't be sending a Bcc: header, now, should you? :-)

And why should it block a cc: header anyway? It's just part of the data.

--
Tim

"That excessive bail ought not to be required, nor excessive fines imposed,
nor cruel and unusual punishments inflicted" -- Bill of Rights 1689
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: strange one
Next Topic: how to change old ereg?
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sun Nov 24 11:25:24 GMT 2024

Total time taken to generate the page: 0.05400 seconds