FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » FORMS, validating mail was sent
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: FORMS, validating mail was sent [message #181911 is a reply to message #181871] Sat, 22 June 2013 16:02 Go to previous messageGo to previous message
bill is currently offline  bill
Messages: 310
Registered: October 2010
Karma:
Senior Member
On 2013-06-20 4:46 PM, Gordon Burditt wrote:
>> I'm a PHP near-newbie working fairly successfully on creating a secure
>> PHP e-mail (mail()) function. It occurs to me that the only way a user
>> knows (thinks) a form has been sent, is that I tell him so either in a
>> line of code or with a Thank You page.
>
> Since you're a near-newbie, please save the world from having to
> block email from your server, and DO NOT put any variables in email
> headers, DO NOT put any variables from the user in email headers,
> and DO NOT put any variables set in your form in email headers.
> Put them in the body of the mail.

All good information. FWIW, I'm not new to websites and contact forms. I
have a couple I've used for years and never had a hack or any kind of
problem with them.
Due to a brain concussion I've lost all my PHP capabilities to
memory loss and I'm currently using this query as a way to keep on
relearning it. I've gotten some back, but not nearly enough to be
considered as knowledgeable. I remember a lot of the concepts, but C or
PHP actual coding just left for parts unknown.

>
> Wrong: From: $email
> Right: From: www-data(at)myserver(dot)hostingco(dot)com
>
> Some servers are going to require that (a) the From: address is
> local, (b) the From: address is a valid local user, and perhaps (c)
> the user name must match the user id of the code that called the
> MTA. In other words, there might be only one correct From: line
> you're allowed to use.

Correct.
>
> (For a mailing list to customers, you're stuck with a variable
> in the To:, Cc:, or Bcc: headers. )

To only: cc and bcc are not possible - on purpose.
>
> Wrong: Subject: Contact form from $email
> Right: Subject: Contact form - read body to tell who it's from.
>
> Wrong: Subject: Order for $itemname
> Right: Subject: Order

Done those, too.
>
>
>
> (Consider what happens if $email='me(at)gmail(dot)com\rCc: victim1(at)gmail(dot)com,
> victim2(at)gmail(dot)com, victim3(at)gmail(dot)com, ..., victim99(at)gmail(dot)com', and
> $address (used in the body) contains a 5-page-long ad for body part
> enlargement)

Can't (shouldn't) happen without something pretty clever: Filters limit
it to only one To: address, no code, etc. etc..

>
>> With that in mind, is there any way with PHP to actually tell that a
>> message was actually sent? That it at least was mailed out?D

Depends on your viewpoint: If you're the one filling out the form, the
mail is "sent". If you're on the other end of the tunnel, the mail is
"accepted"; THAT is the ACK I want to detect.

>
> The return value from the mail() function is about as good as you
> can get. The mail was handed off to the MTA.
>
>> I came across retval() and thought that might be way to do it, but I
>> misinterpreted it, thinking it was a PHP function, which it turns out to
>> not be. Therefore I'm looking for some way to authenticate that the
>> e-mail actually left the server.
>
> It can actually take an incredible number of DNS lookups and alias
> file searches to determine if the mail is even *SUPPOSED* to leave
> the server (that is, the destination is not local to the server),
> especially since shared hosted web servers tend to have lots of
> different DNS hostnames all pointing at them.
>

No argument for a larger site; but it's only the "ACK" that a mail was
accepted that I am looking for. Not that it was or will be delivered.

You have an interesting attitude & viewpoint; I think I like that.

Regards,

Twayne`
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: strange one
Next Topic: how to change old ereg?
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Mon Jun 17 19:13:02 GMT 2024

Total time taken to generate the page: 0.04779 seconds