Is there another way to detect if a HTML email was opened by the target besides that strategy of adding a <img src="site.com/someScript.php?var=email"/> in the body of the message? I'm for some hours looking for this at the internet but all sites I found was about using this strategy which is almost certain that is gonna be blocked by a good portion of users (outlook for example).
I mean, there must be a guaranteed way, if mailChimp does it, I wanna do it too! Thanks in advance.
Related
Is it possible to include a separate html page in a php email?
Example, create a separate page that has all the content on it I want to email it and then include it in a php mail() on another page as the message?
Thanks
If you meant sending HTML email, yes. You can do that. You just need to add additional headers in the fourth parameter of mail() and pull the information from the HTML file you have using file_get_contents(). Please check this:
http://css-tricks.com/sending-nice-html-email-with-php/
Yes, it's possible exactly how rationalboss explained. Personally I use PEAR for html emails. It's a pain to get started with if you're not familiar to PEAR, but life has improved once I got it going.
Careful though, html/css does not have the same support in email clients that it does in browsers. You can create a beautiful page and find out that most people receive it with huge glitches due to certain CSS rules being ignored.
Best practice last I heard is to keep it simple and use inline styles for everything. Avoid floats and positioning. In fact, I believe it is actually still safer to use tables when dealing with email layouts if you need things to sit next to each other.
And then test in as many email clients as you can. Then cry and try to fix things.
I hear good things about Email on Acid for testing. It's a pay service but they offer a limited test for 3 clients as well.
If you're just doing a relatively simple email then it shouldn't be too bad. But if you're trying to make something that really looks great I recommend doing some googling on styling html specifically for emails.
I'm building an PHP email mailbox script.
How would I make html emails display cleanly as they do in gmail/hotmail.
If I just echo it out it affects the whole page layout.
I could use iframes but surely that isn't the best solution.
If you are looking for the 'best solution' get on board with another open source email library that is doing the same thing you are. Maintaining an email renderer on your own that is safe against script injection and other hacks will simply be too much work for one person.
One example: https://github.com/afterlogic/webmail-lite
Another: http://trac.roundcube.net/
You get the benefit of other developers who use the library maintaining the code base, so if something is broken, all you have to do is pull the latest update (hopefully) and you get the fix. If you find something that needs improving, you can fix it or build it, and make the code better for everyone. I'm really just pitching open source libraries here, however in any commercial context, building your own email renderer without a big team, is a bad idea.
As Marc B stated, I believe an IFrame would be your best bet... but please realize that if you just dump any email HTML code you risk exposing yourself to viruses, Trojans, and malicious HTML/JavaScript code - Your opening Pandora's box on your computer unless you find a good way to sandbox/strip that HTML.
Here's a simple Regex to clean JavaScript at least :
"(?s)<script.*?(/>|</script>)"
Consider the use of some HTML Tidy library (i.e.: PHP.Tidy).
You can pass the text through the library to get well formatted html.
A good practice would be to define a CSS standard behaviour for most tags in the div you're using.
Create a DIV container that you assign width (and height if needed) to, and make sure you add an overflow property to match your design. This should keep your email HTML from interfering with your layout.
UPDATE
A DIV container still assures you that you can constrain the size of the display box and with appropriate CSS acts similar to an iframe without all the baggage.
If you are worried about the code in the email, strip_tags would seem a better solution than the regex. You can define a list of tags to leave alone and still be confident of stripping the rest.
I am looking for creative heuristics to detect if an HTML email was not just opened, but also likely read.
Currently, we embed an img tag linking to a PHP script, which marks anonymously in the database that the email was opened. (We can assume here that the users we're interested in told Outlook it was OK to display the images.)
This method is okay, but it's hard to tell what it means - if they clicked the email just to get it marked as read, if they keyed through it while skipping through other mails, or if they genuinely read and enjoyed the email.
My latest try was to implement a delay of 10 seconds on the image download before making the database call marking the mail as read, however it seems that Outlook finishes the request in the background, even if they skip out of the email. Does anyone have any creative recommendations that may work better?
It's kind of unethical in my opinion to do this without your user's knowing. That's why so many email clients go to measures to protect against this.
I know this might not really help you, but if your user genuinely read and enjoyed the email couldn't you just add an HTML anchor in the email that they can click on to go to your website and you can add a tracking code to that to figure out who it was / which email address clicked on the link at the bottom of your email. Something along those lines just seems like a better method to me. Maybe that's just me though.
Hmm, tough one without the use of javascript, and as we know, most email clients have their security too high to use javascript.
Not putting much thought into it, could you use PHP's shutdown function, and have the image "loop" load....basically meaning that the image will never completely load because we are stopping it on the server side with a loop. Will Outlook still try and download the image after a timeout - will it timeout?
It seems like you are dealing with two different issues...trying to harness Outlook and trying to do something that most people don't want.
This is why there are offers and links like "click here for 10% off coupon" or "read more".
From a marketing standpoint this would be a true test if people are interested in your emails....but I guess that wasn't your question ;)
I have seen a few companies recently that are releasing "live" email content. This basically means that each time you open the email the content changes. I have looked into this and it appears that not only the image, but the text of these emails is also changing. . .
The only possibility that I have thought of to do this is with an iframe or changing images with the same url.
Does anyone have an idea of how this is being accomplished ? \
It would be easiest to find out if you just looked into the source code of one of those live emails.
Otherwise the most likely solution are <iframe>s. The support in mail clients is not encompassing however: http://www.campaignmonitor.com/blog/post/3219/do-iframes-work-in-email/
So I would assume this is mostly used for small areas, and/or with an <iframe ..><p>alternative content</p></iframe> area. That's the most likely approach to follow in lieu of scripting support.
The exchanging <img> variant is more widely supported, but harder to implement. You would need to take a screenshot of your website, and link it remotely in the mail. You can mitigate the non-clickability with an <area> but would have to ensure that your website screenshot doesn't change the layout then - because you can only ever adapt the remote image, not the sent html emails.
It's quite possible that both approaches might be combined. But it's quite some effort to provide an iframe and a static img screenshot as alternative. Only one thing is for sure, embedded Flash content can be ruled out for your "live" emails. http://www.campaignmonitor.com/blog/post/1974/the-truth-about-1/
I am working on a PHP site that allows users to post a listing for their business related to the sites theme. This includes a single link URL, some text, and an optional URL for an image file.
Example:
<img src="http://www.somesite.com" width="40" />
ABC Business
<p>
Some text about how great abc business is...
</p>
The HTML in the text is filtered using the class from htmlpurifier.org and the content is checked for bad words, so I feel pretty good about that part.
The image file URL is always placed inside a <img src="" /> tag with a fixed width and validated to be an actual HTTP URL, so that should be Ok.
The dangerous part is the link.
Question:
How can I be sure that the link does not point to some SPAM, unsafe, or porn site (using code)?
I can check headers for 404, etc... but is there a quick and easy way to validate a sites content from a link.
EDIT:
I am using a CAPTCHA and do require registration before posting is allowed.
Its going to be very hard to try and determine this yourself by scraping the site URL's in question. You'll probably want to rely on some 3rd party API which can check for you.
http://code.google.com/apis/safebrowsing/
Check out that API, you can send it a URL and it will tell you what it thinks. This one is mainly checking for malware and phishing... not so much porn and spam. There are others that do the same thing, just search around on google.
is there a quick and easy way to validate a sites content from a link.
No. There is no global white/blacklist of URLs which you can use to somehow filter out "bad" sites, especially since your definition of a "bad" site is so unspecific.
Even if you could look at a URL and tell whether the page it points to has bad content, it's trivially easy to disguise a URL these days.
If you really need to prevent this, you should moderate your content. Any automated solution is going to be imperfect and you're going to wind up manually moderating anyways.
Manual moderation, perhaps. I can't think of any way to automate this other than using some sort of blacklist, but even then that is not always reliable as newer sites might not be on the list.
Additionally, you could try using cURL and downloading the index page and looking for certain keywords that would raise a red flag, and then perhaps hold those for manual validation.
I would suggest having a list of these keywords in array (porn, sex, etc). If the index page that you downloaded with cURL has any of those keywords, reject or flag for moderation.
This is not reliable nor is it the most optimized way of approving links.
Ultimately, you should have manual moderation regardless, but if you wish to automate it, this is a possible route for you to take.
you can create a little monitoring system that will transfer this content created by user
to an approval queue that only administrators can access to approve the content that should
displayed at the site