I have a script that sends data to a table in mysql database and now I've wanted to generate an email everytime someone adds new data. It works, but as you may know, it lasts almost 20-30 secs to complete and get the response.
I´ve read that exec function would have been good for executing mail() in a separate file, but at my shared server exec is disabled. Also are disabled these others:
symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,passthru,escapeshellarg,escapeshellcmd,show_source,pcntl_exec
Anybody can show how can I make this posible without blocking webpage until email is sent?
Thankyou!
the mail function looks like this. Is something in it making it slow??
$to = "xxx#gmail.com";
$subject = "xxxxx";
$message = "xxxxxxxxx: \n";
$message .= "\n";
$message .= " $getuser\n";
$message .= "\n";
$headers = 'From: xxxx#gmail.com' . "\r\n" .
'Reply-To: xxx#gmail.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headerxs);
Related
I have a problem with sending mail from PHP.
$to = 'admin#****';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster#****' . "\r\n".
'Reply-To: webmaster#****' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers)
When I run this simple example script, or basically any tutorial script, I get the following error from hMailServer 554 Rejected - Message containing bare lf's.
I know this is due to a setting in hMailServer, but I don't want to turn off the RFC compliance check, I want to send correctly formatted mails.
Can you help me figure out what's wrong?
When using the below code I am able to send (and receive) email to my Yahoo account, but when sending to my Gmail account, nothing shows up
(and yes, I have monitored the Spam folder for over 4hrs - nothing!).
public function sendEmail($email_addy, $temp_pass)
{
$website_name = $this->website_name;
$message = <<<MESSAGE
Greetings!
Your password is:
$temp_pass
Your friends at: $website_name !
MESSAGE;
$headers = 'From: ' . $this->email_from . "\r\n" . 'Reply-To: ' . $this->email_from . "\r\n" . 'X-Mailer: PHP/' . phpversion ();
mail ( $email_addy, $this->email_subject, $message, $headers );
}
Any ideas why Gmail just deletes the email? I thought that the message body text might be too small so I even added to the message with no different results...
I have one php file which sends me an email every time it's loaded. There is no user input fields, it is not contact form or any other form. It's just a redirect php file and I want to receive email each time it is loaded. I have included following php mail function in it and wonder if there are any security issues with it (since there are no user input fields I am hoping I can leave it like this):
$to = 'myemail#gmail.com';
$subject = 'the file is loaded';
$message = 'the file loaded, check it out';
$headers = 'From: webmaster#mywebsite.com' . "\r\n" .
'Reply-To: webmaster#mywebsite.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
From functionality perspective this is perfectly safe. Your e-mail can't be altered.
However, if one person decides to troll you, he can send you an incredible amount of e-mails in a very short time. Your host or ISP will get pissed over this.
You can avoid this with queueing. Get a database or a file, save the amount of times the page is called and when the last e-mail is sent.
If the script is called AND the last sent e-mail is x minutes ago, you can send yourself a message that the page has been called x times. Then, you just empty the database and restart counting :)
Here's a script to get your started (haven't tested)
// Duration in seconds
$duration = 60 * 15;
$now = time();
$file = 'tmp.json';
$json = json_decode(file_get_contents($file));
array_push($json['calls'], $now);
// It appears it's time to send the content
if($json['sent'] + $duration > $now) {
$to = 'myemail#gmail.com';
$subject = 'the file is loaded';
$headers = 'From: webmaster#mywebsite.com' . "\r\n" .
'Reply-To: webmaster#mywebsite.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
$message = '';
// Generate message
foreach($json['calls'] as $c) {
$message .= sprintf("File loaded at: %s\r\n", date('r', $c));
}
if(mail($to, $subject, $message, $headers)) {
// Reset the file but ONLY if the mail was sent
file_put_contents($file, json_encode(array(
'calls' => array(),
'sent' => $now
)));
}
} else {
file_put_contents($file, json_encode($json));
}
What security issues may there be with an email that has static content which you posses full control over. Anyway I believe it would be better if you just kept track of your file loads in a local file or a database. Good luck! :P
The title explains itself. It is a website for in-house employees to buy and sell from each other. Its based solely around Microsoft Outlook emailing addresses. All the emails are supposed to be sent from the seller's email as they post items. Except when I enter <php phpinfo(); ?> on the action php page it tells me that the sendmail_from attribute thing is sending from a bogus email on the server. It seems to be the automatic email for the php script to send from. This may be why the emails are getting sent to spam, because the email is not valid. Also, I read online about having full and valid headers but most headers seem optional and i cant find anywhere that explains optimal headers. My mailing code:
//send approval email to the approver
$from = isset($_POST['from'])? $_POST['from']:1;
$message = isset($_POST['message'])? $_POST['message']:1;
$message = $message . '<a href="http://dev-corkboard/newapproval.php?id='
.$result[0][0].'"> Click here to approve website post.</a>';
// In case any of our lines are larger than 70 characters, we should use
// wordwrap()
$message = wordwrap($message, 70);
$to = 'clehane#eatonvance.com';
$replyto = isset($_POST['replyto'])? $_POST['replyto']:1;
$subject = isset($_POST['subject'])? $_POST['subject']:1;
$headers = "MIME-Version: 1.0" . "\r\n" . 'From: "'.$from.'"' . "\r\n" .
'Reply-To: "'.$replyto.'"' . "\r\n" .
'Content-Type:text/html;charset=iso-8859-1' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
if (mail($to, $subject, $message, $headers)) {
//test message for email
}
header ("location: newindex.php"); `
Any ideas?
And bam! Solved it, needed to put email addresses as such:
$from = 'MyName <myemail#mycompany.com>';
And I also included these headers:
"X-Priority: 0\r\n".
"X-MSMail-Priority: Normal\r\n".
"X-Mailer: mycompany.com
I'm using PHP's mail() function and noticing that my mail is being shown from being sent by 'My Website' in my inbox, but when I click on the actual email it shows it being sent from mywebsite#sitename.localdomain.
Ideally I'd like to have it say being sent from 'My Website', but the reply email being 'no-reply#mywebsite.com', and not to have it say anything about #sitename.localdomain.
$to = trim(strtolower($_POST['to']));
$from = trim($_POST['from']);
$message = trim($_POST['message']);
$subject = $from . ' has shared a link with you';
$headers = 'From: My Website' . "\r\n" .
'Reply-To:' . $to . "\r\n" .
'X-Mailer: PHP/';
mail($to, $subject, $message, $headers);
Is this an issue that I need to fix in Apache, or can I modify the headers within PHP?
Try this:
$to = trim(strtolower($_POST['to']));
$from = trim($_POST['from']);
$message = trim($_POST['message']);
$subject = $from . ' has shared a link with you';
$headers = 'From: My Website <no-reply#mywebsite.com>' . "\r\n" . // <- change your email here
'Reply-To:' . $to . "\r\n" .
'X-Mailer: PHP/';
mail($to, $subject, $message, $headers);
The Question and Answer #1 contains a serious security vulnerability -
$to = trim(strtolower($_POST['to']));
Will allow an attacker to use your website to email arbitrary spam and your site will be blocked from most search engines.
See
https://www.owasp.org/index.php/Top_10_2010-A1
My recommendation is to
Sanitize the to and from fields
Never ever ever copy the message in the post to the output unless carefully sanitized.