I have a button to send a div as html to email on a website.
I would like to avoid rebuilding the html using just the variables associated but I think about the risk of doing this as someone could send anything to my php script.
Also is it enough to remove <script> tags ?
This is how I get and send the email:
$subject = 'Some title';
$message = $html_mail;
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
$headers .= 'To: '. $to . "\r\n";
$headers .= 'From: My name <'.$admin_mail.'>' . "\r\n";
$response = mail($to, $subject, $message, $headers);
Almost all the email clients such as gmail, yahoo, outlook, thunderbird, mail etc do not run javascript at all. Javascript and other scripts are disabled by default. So <script> tags are not at all security threat. However, abusive language or images that users might embed in HTML emails can be a serious issue in your case if it is not handled appropriately. If you think that your users are sophisticated and it is not the case then there are no worries.
Related
The mail() function in PHP works fine when sending to Gmail if I don't specify any headers. However, as soon as I try to add in headers, the function still returns true but I never get the email. The Gmail server seems to reject the delivery.
These are the headers I'm using:
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'To: ' . $username . ' <' . $email . '>' . "\r\n";
$headers .= 'From: Blahblah <email#example.com>' . "\r\n";
mail($email, 'Subject', '<html><body>Body of message</body></html>', $headers);
I was hoping that someone could point out to me the flaw? I grabbed most of this code straight from the PHP manual, so one could understand my confusion and frustration. Thanks!
The bigger email services will not deliver mail sent from your own personal server in this manner.
Due to SPAM issues. All the big mail providers require SPF records, DKIM, and reverse DNS before they will accept your mail.
Some live/hotmail user's are not receiving html mail
Personally I prefer to be rid of that hassle and use a 3rd party mail server for all of my outgoing mails to my users.
$Headers .= "From: $Yourname <$YourEmail>\r\n";
or
$Headers .= 'From: '.$Yourname.'<'.$Youremail.'>'."\r\n";
or
$Headers .= 'From: '.$Yourname.' <".$Youremail.">' . "\r\n";
Give a try if any of this work?
I am trying to set the mail body to display the links in email for the user to download pdf in case if they need to download again in future. It is not html body as it doesn't work on most email showing html codes. So I decide on plain text for email instead.
$umessage .='<a href="'.home_url('/download.php?f=pdffiles/'.$filename).'">'.$title.'';
}}
What is wrong with single quotes? It displays in email:
file name
I don't think double quote will help, right?
EDIT #2
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"
seems that it won't work well in any email application except apple mail.
Any idea on that or maybe it is incorrect?
EDIT #3
$umessage = "Thank you for downloading pdf. \r\n\r\n";
$umessage .= "Please click on the link below to download\r\n";
if(count($selectfiles)>0)
{
foreach($selectfiles as $key)
{
$keyArray = explode('#',$key);
$filename = $keyArray[1];
$title = $keyArray[0];
$umessage .='<p>Download '. '<a href="'.home_url('/download.php?f=pdffiles/'.$filename).'">'.$title.'</p>';
}}
$fm ='xxxx';
$to='xxx';
$subject = "Download Request from ". $name;
$headers .= 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'From:<'.$fm.'> ' . "\r\n" . 'Reply-To: ' . $to;
$uto = $email;
$usubject = "Thank you for Downloading our PDF";
wp_mail($to, $subject, $message, $headers);
wp_mail($uto, $usubject, $umessage, $headers);
If you're sending the email as plain text, then any HTML formatting you send will be displayed as plain text. It's as simple as removing the html formatting from your email
$umessage .= 'download link: '.home_url('/download.php?f=pdffiles/'.$filename);
Relative links only work in the context of a web page. Within the email, a link of "/download.php?yadda" is meaningless, because there is no host to attach it to.
You can get around this by using full URLs within the links in email:
$umessage .='<a href="'.home_url('http://example.com/download.php?...
You MAY also be able to deal with this using a <base> tag in your HTML, but that may not be interpreted properly by all email clients. You'd need to test.
you can send a status update to a facebook page you own by sending it to a cretin (secret) email address. this is described here:
http://www.facebook.com/help/pages/mobile
the problem is I cant make it work from php
function page_publish_by_mail($page_mail, $status){
$to = $page_mail;
$subject = $status;
$message = "";
$headers = "From: my#mail.address";
return mail($to, $subject, $message, $headers);
}
I can send mail to my email address and I can post by mail from my email address but I can't seem to post by mail from PHP.
I haven't tried to send to facebook mail before, however I feel like it is being filtered out due to lack of header information. Try adding some more header details.
I always send headers like this:
$headers = 'From: Your Name <youremail#domain.com>' . "\r\n";
$headers .= 'Content-type: text/html' . "\r\n";
$headers .= 'MIME-Version: 1.0' . "\r\n";
This is set up to send an html email, but you might try other content-types if that doesn't work.
It may be a good idea to look in the documentation and see if there are other headers that are required as well.
i am using this code :
$to = "someone#example.com";
$subject = "Test mail";
$message = "Hello! This is a simple email message.";
$from = "someonelse#example.com";
$headers = "From:" . $from;
mail($to,$subject,$message,$headers);
echo "Mail Sent.";
it sends email to my gmail's SPAM folder .
Suggest any solution .
i dont want to use any PEAR MAIL type way to send email or dont want to require and include any file.
This functions works without including/requiring any additional php file.
You should use proper header like this from PHP manual
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
$headers .= 'To: Mary <mary#example.com>, Kelly <kelly#example.com>' . "\r\n";
$headers .= 'From: Birthday Reminder <birthday#example.com>' . "\r\n";
$headers .= 'Cc: birthdayarchive#example.com' . "\r\n";
$headers .= 'Bcc: birthdaycheck#example.com' . "\r\n";
// Mail it
mail($to, $subject, $message, $headers);
The Gmail spam filter has lots of parts to it which determine the spamminess of mail. You could start by seeing the SPF record for your domain. Avoid using sales language, HTML and colours where possible in your email.
There's also an old but fun video from Google about how their spam filtering works.
It's all in the headers. I don't know how GMail works internally, but I've found on my projects that setting Reply-To can Content-Type headers seems to fix this.
See PHP mail() docs for an example of doing this.
(Note: I've got a PHP questionnaire/response system that sets these headers and the e-mails come through correctly to GMail, Hotmail and Yahoo! Mail).
Most email clients have problems reading CSS in HTML emails (including Gmail and Hotmail). I often use this service to convert my HTML/CSS to proper email format so that everything looks normal on the user's end. Basically what it does is convert all CSS to inline styles:
http://premailer.dialect.ca/
Do any of you have any other methods for sending CSS in your HTML emails? I automatically generate the emails, and due to some restrictions, I can't modify the the inline styles.
As for direct format, I've always done inline CSS styling, however I use SwiftMailer (http://swiftmailer.org/) for PHP5 to handle email functionality and it has helped immensely.
You can send multipart messages with different formats so if the email client doesn't like the HTML version, you can always default to the text version so you know at least something is getting through clean.
In your "views" folder, you can set apart routes for different email formats (I use smarty too, hence the .tpl extension). Here's what a typical SwiftMailer::sendTemplate() function would look like when you're setting up the templates:
$email_templates = array('text/html' => 'email/html/' . $template . '.en.html.tpl',
'text/plain' => 'email/text/' . $template . '.en.txt.tpl');
foreach ($email_templates as $type => $file) {
if ($email->template_exists($file)) {
$message->attach(new Swift_Message_Part($email->fetch($file), $type));
} elseif ($type == 'text/plain') {
throw new Exception('Could not send email -- no text version was found');
}
}
You get the idea. SwiftMailer has a bunch of other good stuff, including returning "undeliverable" addresses, logging delivery errors, and throttling large email batches. I'd suggest you check it out.
You need to add a header that says the content is HTML. When you use the mail() function, one of the headers should be: Content Type: html/text (That might not be the 'exact' header).
Let me find you an example: (From the php.net/mail page)
// To send HTML mail, the Content-type header must be set
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
$headers .= 'To: Mary <mary#example.com>, Kelly <kelly#example.com>' . "\r\n";
$headers .= 'From: Birthday Reminder <birthday#example.com>' . "\r\n";
$headers .= 'Cc: birthdayarchive#example.com' . "\r\n";
$headers .= 'Bcc: birthdaycheck#example.com' . "\r\n";
// Mail it
mail($to, $subject, $message, $headers);
To add to the above example, (in case you don't know PHP very well), you just have to build the "email" using the variables: to, subject, message, and headers
Let me know if you want to know how to create a form to fill and run this PHP script, otherwise, you can simply enter everything in this file manually, save as a PHP file, throw it up on a server that supports PHP, and navigate to the file in your browser.
Here's the code:
// Setup recipients
$to = 'johndoe#google.com' . ',' // comma separates multiple addresses
$to .= 'janedoe#msn.com';
// subject
$subject = 'PHP Email Script - Test Email';
// message (to use single quotes in the 'message' variable, supercede them with a back slash like this--> \'
$message = '
<html>
<head>
<title>PHP Email Script</title>
</head>
<body>
<p style="background: #ccc; width: 100%;">Test Email Script</p>
</body>
</html>
';
// To send HTML mail, the Content-type header must be set
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
$headers .= 'To: Mary <mary#example.com>, Kelly <kelly#example.com>' . "\r\n";
$headers .= 'From: Birthday Reminder <birthday#example.com>' . "\r\n";
$headers .= 'Cc: birthdayarchive#example.com' . "\r\n";
$headers .= 'Bcc: birthdaycheck#example.com' . "\r\n";
// Send the email
mail($to, $subject, $message, $headers);
the easiest way is to write a html page with embedded css and push it through automated styling machine