FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » FORMS, validating mail was sent
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: FORMS, validating mail was sent [message #181901 is a reply to message #181900] Fri, 21 June 2013 17:25 Go to previous messageGo to previous message
Tim Streater is currently offline  Tim Streater
Messages: 328
Registered: September 2010
Karma:
Senior Member
In article <kq20q8$9cc$1(at)news(dot)albasani(dot)net>,
The Natural Philosopher <tnp(at)invalid(dot)invalid> wrote:

> On 21/06/13 12:27, Tim Streater wrote:
>> In article <kq19lv$pqa$1(at)news(dot)albasani(dot)net>,
>> The Natural Philosopher <tnp(at)invalid(dot)invalid> wrote:
>>
>>> On 21/06/13 10:11, Tim Streater wrote:
>>>> In article <51c37641$0$6623$9b4e6d93(at)newsspool2(dot)arcor-online(dot)net>,
>>>> Christoph Michael Becker <cmbecker69(at)arcor(dot)de> wrote:
>>>>
>>>> > Am 20.06.2013 22:46, schrieb Gordon Burditt:
>>>> > >> I'm a PHP near-newbie working fairly successfully on creating a
>>>> > secure >> PHP e-mail (mail()) function. It occurs to me that the
>>> only >> way a user >> knows (thinks) a form has been sent, is that I
>>> tell him >> so either in a >> line of code or with a Thank You page.
>>>> > > > Since you're a near-newbie, please save the world from having to
>>>> > > block email from your server, and DO NOT put any variables in email
>>>> > > headers, DO NOT put any variables from the user in email headers,
>>>> > > and DO NOT put any variables set in your form in email headers.
>>>> > > Put them in the body of the mail.
>>>> >
>>>> > Or use at least a good email library which caters for security issues
>>>> > and other "details" regarding correct headers.
>>>> >
>>>> > And one should not forget that not everything could be put in the
>>>> > message body--at least not without proper setting of some headers.
>>>> >
>>>> > > Wrong: From: $email
>>>> > > Right: From: www-data(at)myserver(dot)hostingco(dot)com
>>>> > > > Some servers are going to require that (a) the From: address is
>>>> > > local, (b) the From: address is a valid local user, and perhaps (c)
>>>> > > the user name must match the user id of the code that called the
>>>> > > MTA. In other words, there might be only one correct From: line
>>>> > > you're allowed to use.
>>>> >
>>>> > Indeed, but the OP may *try* if custom From headers are allowed on
>>> his
>>>> > webspace.
>>>> >
>>>> > > (For a mailing list to customers, you're stuck with a variable
>>>> > > in the To:, Cc:, or Bcc: headers. )
>>>> >
>>>> > In my limited experience Cc and Bcc headers *might* be blocked by
>>> the >> ISP.
>>>>
>>>> Well you shouldn't be sending a Bcc: header, now, should you? :-)
>>>
>>> well there is no there way other than sending EACH message
>>> INDIVIDULLY that you can hide other members of the mailing list from
>>> the intended recipient.
>>
>> Here's how I do it in my email client wot I rote.
>>
>> 1) The user (i.e, just me at this point) composes a mail and adds a
>> certain number of destination addresses in the To:, cc:, and bcc: fields.
>>
>> 2) These are then checked for being properly formatted and stored in
>> three strings.
>>
>> 3) At the point the mail is sent, logon to the mail host. Send "MAIL
>> FROM <address>" where 'address' is whatever the user types into the
>> From field or gets put there automatically if the user selects it.
>>
>> 4) The three strings from (2) are converted to arrays of addresses and
>> sent to the host as a series of "RCPT TO <address>".
>>
>> 5) Then send "DATA" followed by the headers such as From:, Subject:
>> Date:, cc:, any content-type and so on, then a blank line and the
>> actual body, encoded and in parts as necessary.
>>
>>
>> So that's one mail sent for all the addresses (above I've left out
>> checking returned statuses, timeouts, etc) with no bcc: line sent. So
>> all the addresses *could* be put in the bcc: field, with no
>> inter-recipient consciousness.
>>
> in MTA terms there is no Bcc: field at all. That's an MUA masking of the
> underlying way SMTP mail works.

Quite.

> The To: and CC: and BBC: headers are parsed to get a list of addresses
> which become the envelope address.

I may do some experiments where I'll do the RCPT-TO correctly but put
junk in the To: and cc: headers to see what happens. I have found that
it doesn't always matter what the From: header says. I was able to
change it to mickey(dot)mouse(at)example(dot)com and the mail arrived at the
destination.

> mail('', $subject, $body, $headers, "-f ".$return_path );

I don't use mail(). I've rolled my own, which seems to work.

--
Tim

"That excessive bail ought not to be required, nor excessive fines imposed,
nor cruel and unusual punishments inflicted" -- Bill of Rights 1689
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: strange one
Next Topic: how to change old ereg?
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sun Nov 24 13:11:35 GMT 2024

Total time taken to generate the page: 0.05424 seconds