I want that in PHPMailer, the SetFrom is a filled in field.
$mail->setFrom('filled-in#field.com', 'Smaragd Express');
Does anyone know how I accomplish that?
Regards,
Joren
To get a form field into your script is very simple. In your HTML:
<input type="text" name="from">
When that's submitted it will turn up in your PHP script in the $_POST super global, and you can pass it to the setFrom method:
$mail->setFrom($_POST['name'], 'Smaragd Express');
However, you should not do this. Setting the From address to arbitrary values like this is forgery which will cause CPF checks to fail and your messages will either be rejected entirely or end up in spam folders. Instead, put your own address in the from address and the submitted address in a reply-to:
$mail->setFrom('me#example.com', 'Smaragd Express');
$mail->addReplyTo($_POST['name'], 'Smaragd Express');
Related
Note: email address structure is local-part#domain.
For example I am asking user to provide his email:
<label>Your Gmail:</label><input type="email" name="emailaddress"><label>#gmail.com</label>
But instead of letting him/her type the complete email address (e.g. user#gmail.com), I want to let user type only local-part without domain. But how can I send this email to MySql database now? Basically I need to append custom input to #gmail.com every time user submits the form. For example, records in my database would look like user1#gmail.com, user2#gmail.com etc.
Can anyone help?
In PHP build a String like this.
$email = $_REQUEST['emailaddress'];
echo "$email#gmail.com";
if the value submitted by the form was john.smith, the output would be
john.smith#gmail.com
Read PHP 5 Form Handling to understand how to retrieve the parameters parsed by the form.
Tried in my local works perfect.
$email = $_POST['email'] //Text box value
$email = $email."#gmail.com";
You are required to do some concatenation like above
So I am sending an email in codeigniter where the message is coming from the database.
What I am wanting to do, is put the posted variables into the html formatted email in the database.
For sending the email I have the following in my controller:
$this->load->library('email');
$this->load->model('cms');
$message = $this->cms->Order_Email();
$this->email->from('info#candykingdom.org', 'Candy Kingdom');
$this->email->to($this->input->post('billingEmail'));
$this->email->subject('Order Confirmation');
$this->email->message($message->content);
$this->email->send();
Now a portion of my email that comes from the database is:
<td>
<p>Hi</p>
<p>Sometimes all you want is to send a simple HTML email with a basic design.</p>
<h1>Really simple HTML email template</h1>
...
I am trying to make the <p>Hi</p> line turn into: <p>Hi John,</p> I have tried changing that line to the following:
<p>Hi <?php echo $this->input->post('billingFname'); ?>,</p>
as well as:
<p>Hi '.$this->input->post('billingFName").',</p>
But in the completed and sent email it displays just like the above in the email. Without replacing the php with the actual variable.
So what I am asking is, what do I type in the stored email message to make the php code replace the php with the actual variable?
For examples, let's use John as $this->input->post('billingFName');
Just a thought
Maybe this would be better achieved with a templating library? like this:
https://github.com/philsturgeon/codeigniter-template
A common approach I've seen is using vars you substitute via str_replace:
The html of your email has some vars you know to substitute, as #USERNAME#. In your db you store
<td>
<p>Hi #USERNAME#</p>
<p>Sometimes all you want is to send a simple HTML email with a basic design.</p>
<h1>Really simple HTML email template</h1>
Then, you change #USERNAME# via a str_replace when you get it from the DB:
$message->content = str_replace( '#USERNAME#', $var_with_username, $message->content );
You may even use arrays in your str_replace, to subsitute as many vars as you want, check http://www.php.net/manual/en/function.str-replace.php#refsect1-function.str-replace-examples for more info.
I want to have the "From" part of a php generated email be just from the company name. Apparently that makes spam filters sad. So, my code is...
$mail->FromName = 'Company Name <some_email#domain.com>';
My issue is that gmail and aol keep returning these emails and the from part looks like this...
From: "Company Name <some_email#domain.com>" <>
Any thoughts about the "<>" at the end?
The <>at the end of "Company Name <some_email#domain.com>" <> indicates that the address is interpreted as containing only the associated name part,with no real email address.
Try generating the From address as 'Company Name' <some_email#domain.com> or as some_email#domain.com (Company Name)
Edit:
Another possible reason for this problem is that your mailer is using separate fields for the name part and the address part of the From header. If so:
$mail->From = "some_email#domain.com";
$mail->FromName = "Company Name";
should solve the problem.
In any decent mail program (MUA) you should be able to see the raw content and headers of emails you've sent and which have been sent to you. If you have a look at some of the latter you'll see that the correct way to do it is:
$from='"Human readable version of address" <mailbox#domain.com>';
BTW: The title of your post says you are using the mail() function but your example code does not call an functions. Your code implies that you are some sort of class to implement your email, but you've provided no details of what that class is - and AFAIK there is no standard class bundled in PHP. Therefore we've no idea what your code is actually doing with the address you feed to it - if it's an off the shelf package it should have come with documentation.
So, basically, I'm creating a page where a user can visit, and enter in the following information:
1. Their First Name
2. Their Email
3. Recipient's Email
They then can send a pre-defined email, saying something like the following...
"Hello, {Recipient's email}. {First name} ({Email}) has just sent you a slurp! You can ignore this message, or slurp them back.
[Slurp Them Back] [Slurp Someone Else] [What's A Slurp?]"
The whole part about the Slurp is something that doesn't really matter, it's just the text from the pre-defined email. The text in {...} is taken from the fields on the page, and the text in [...] are just links.
Does anyone have any idea on how to do this? Even if you can't customize the email, and it would just be without the information from the site, help would be appreciated. Thanks.!
Here's an example of what I'm going for...
Example Layout
It's possible to do using the php mail function. You can take input for everything you specified, then use the example here. They show it in a basic and more advanced form.
Interestingly, the first chapter of Head First PHP describes almost exactly this scenario (except that the recipient is fixed). If you want to learn more about PHP you can look into the book; otherwise, their code is online at http://www.headfirstlabs.com/books/hfphp/ (actual code link: http://www.headfirstlabs.com/books/hfphp/code/HeadFirstPHPMySQL_code_ch01.zip)
Sending an email by itself can be done by using the mail() command
mail('to.address#host.com', 'subject', 'message', 'From: from.address#host.com');
The whole code would look something like this:
HTML:
<form action="slurping.php" method="post">
Your name: <input type="text" name="name" /><br />
Your email: <input type="text" name="email" /><br />
Recipient: <input type="text" name="recipient" /><br />
<input type="submit" />
</form>
PHP (slurp.php):
// order of parameters is: to, subject, message body, additional headers
mail(
$_POST['recipient'],
'You just got slurped',
'You\'ve been slurped by '.$_POST['name'].'. Slurp him/her back by visiting http://slurp.com/',
"From: {$_POST['email']}\r\n"
);
This will send out an email like it's coming from the senders email address to the recipient.
There's a lot missing there, though. What you normally want to include is:
Validation of input on the client side (javascript)
Validation of input on the serverside
Clear out and handle right encodings etc
If you want to do it properly however, so that a greater percentage of your users actually receive the email, you should use a 3rd party library to send out emails. I recommend PHP Mailer or Swift Mailer.
Those libraries provide an easy mechanism for you to include HTML in your emails, attachments, allow for easily connecting to SMTP servers and handle all escaping and encoding issues for you.
On top of that they encapsulate everything within an Object oriented approach, so if that's your cup of tea, you'll be happy. Se their websites for more info.
It's pretty funny, I wrote a blog post about the very issue of email deliverability (getting through spam filters) etc: http://arnorhs.com/2011/02/21/delivering-email-with-php/ - It might be helpful to you.
Cheers
On submit you can send a predefine email in php
following is the code sample
assumed that you will have a html page and following is the sample html code
Send Slurp
Enter Your Name:
Enter Your Email:
Enter Recipient's Email:
following is the php code in "="send_email.php"
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
$your_name = $_POST['your_name'];
$your_email = $_POST['your_email'];
$recipients_email= $_POST['recipient_email'];
$email_subject = 'My Slurp';
$email_body = "Hello, $recipients_email. $your_name ($your_email) has just sent you a slurp! You can ignore this message, or slurp them back.
[Slurp Them Back] [Slurp Someone Else] [What's A Slurp?]";
echo $email_body;
// Send Email
mail($recipients_email, $email_subject, $email_body);
}
?>
I have a classifieds website, and inside each classified, there is a small form.
This form is for users to be able to tip their "friends":
<form action="/bincgi/tip.php" method="post" name="tipForm" id="tipForm">
Tip: <input name="email2" id="email2" type="text" size="30 />
<input type="submit" value="Skicka Tips"/>
<input type="hidden" value="<?php echo $ad_id;?>" name="ad_id2" id="ad_id2" />
<input type="hidden" value="<?php echo $headline;?>" name="headline2" id="headline2" />
</form>
The form is then submitted to a tip.php page, and here is my Q, is this below code safe, ie is it good enough or do I need to make some sanitations and more safety details?
$to = filter_var($_POST['email2'], FILTER_SANITIZE_EMAIL);
$ad_id = $_POST['ad_id2'];
$headline = $_POST['headline2'];
$subject = 'You got a tip';
$message ='Hi. You got a tip: '.$headline.'.\n';
$headers = 'From: Tips#domain.com\r\n';
mail($to, $subject, $message, $headers);
I haven't tested the above yet.
You are passing $ad_id and $headline to the HTML only to have it passed right back, unchanged. Since ad_id and headline are not editable in the form, don't put them on the form, keep them on the server. That's the most secure.
Regardless of what filtering you do, you'll need to rate limit the sending of these emails. Even if they look to be from you and have some site-specific text, an automated bot could spam several hundred thousand of them and get some kind of response (and blacklist your email server). Only let them send a handful every hour and you won't cut out legitimate traffic.
It's a good idea to sanitise the input before you use it. Check to ensure the two post variables are in the correct format (e.g. only text or numeric (using Regex or is_numeric etc))
It looks like you have XSS in $ad_id = $_POST['ad_id2']; and $headline = $_POST['headline2'];.
There is a security concern with mail(). You must be careful of CRLF injection \r\n in $headers. in this case $headers is not controlled by the attacker, so you have nothing to worry about. Another point although its called CRLF injection, it could also be called LF injection because a new line is all you really need because SMTP is a forgiving protocol.
If $headline comes from your own database, I would not put the text in a hidden field, but the id of the headline and retrieve the actual text from the database before sending the mail.
That way you can A. simply check if the id is really an integer and B. know for sure only valid headlines get sent; now someone can post your form replacing your headline with any text they want.