I have a contact form, with mail() function.
For a long time it worked correctly. Suddenly now it doesn't work.
I have checked, but all is correct. But if I delete the sender parameter, it works, with sender parameters it doesn't work:
mail($destinatario_1,$oggetto_1,$messaggio_1,'');
WORKS
Instead:
mail($destinatario_1,$oggetto_1,$messaggio_1,'From: "My Name" <thisisanexample#gmail.com> \r\n');
Thanks
Try this instead:
mail($destinatario_1, $oggetto_1, $messaggio_1, "From: My Name <thisisanexample#gmail.com>");
Note that I leave our the \r\n which should just be \n on most servers and must be in double quotes not single quotes, and "My Name" shouldn't be in quotes.
Mail servers can be configured to not accept mail when certain information is set. The PHP mail() function more or less directly talks to the local mail server and passes the mail to it. Whether the mail server accepts it or not is not really part of the communication and cannot be detected by a PHP script.
Consult your web hosting company to find out if there are any restrictions.
Related
I have read the following comment in the official documentation of php about mail() function:
Although it is not documented, for the parameters $to and $subject the mail() function changes at least \r and \n to space. So these parameters are safe against injection of additional headers. But you might want to check $to for commas as these separate multiple addresses and you might not want to send to more than one recipient.
Is it correct? Also, I have always considered the $message parameter safe against injection, is it also correct?
I know how to protect myself against injection, I just want to know if I can avoid to filter those parameters.
Yes, that's true, but it's also incomplete. In the engine source code, the function php_mail_build_headers ensures headers comply with RFC 2822 § 3.6 requirements for maximum number of values. Particularly, the following headers are checked for single value:
orig-date
from
sender
reply-to
to
bcc
message-id
in-reply-to
subject
Yes, the message parameter is safe from header injection by definition: the message part is inserted after the separating new line between headers and body, so any header-like text inserted as part of the message will appear as literal text within the message body.
For your comment that you don't want to apply those filters.
I think you can get it done automatically by using Zend_Mail as I commented.
$ composer require zendframework/zend-mail
I'm pasting this from their documentation:
use Zend\Mail\Message;
use Zend\Mail\Transport\Sendmail as SendmailTransport;
$message = new Message();
$message->addTo('matthew#example.org');
$message->addFrom('ralph#example.org');
$message->setSubject('Greetings and Salutations!');
$message->setBody("Sorry, I'm going to be late today!");
$transport = new SendmailTransport();
$transport->send($message);
Im using php's mail() function to send an e-mail to multiple receivers.
If i enter as the first parameter of the "mail" function something like "example1#example.com,example2#example.com,example3#example.com,example4#example.com,example5#example.com,example6#example.com........" a string of more than 1000 characters, when I receive the e-mail I see a " "(an empty space) being inserted at about the 995th character and whatever e-mail was at that position is broken.
I read that this is because the mail server doesn't accept very long lines of string so you should insert a "\n" at every 70 or so characters.
Therefore, I tried using wordwrap($emailList) that should insert line-breaks.
Unfortunately this doesn't solve my problem and I'm running out of ideas right now.
Finally I was able to solve this problem like this:
I have the to list in a $strTo variable which contains the emails like this "email1, email2, email3, email4, "... with each email separated by ", " .
Before doing the mail() function I did this:
if($strTo != ""){
$strTo = wordwrap($strTo,900,"\r\n ");
$strTo .= "\r\n";
}
Which means I put carriage return, new line and a white space at every 900 characters(without breaking any words) and finally, at the end of the string I inserta carriage return and line feed.
wordwrap did not work for me. I guess it depends upon whether your mail server honor it or not. Also in my case the fold was occurring every 998th character.
I was able to solve using multiple 'To:' fields in message header. e.g.
header = <<EOF
From: xyz#xyz.com
To: abc1#abc.com, abc2#abc.com, abc3#abc.com, ...abc100#abc.com
CC: prq1#prq.com
Subject: 'my subject'
EOF
constructed multiple arrays of 20 each using array.each_slice(20). Then formed the header such that
header = <<EOF
From: xyz#xyz.com
To: abc1#abc.com, abc2#abc.com, abc3#abc.com, ...abc20#abc.com
To: abc21#abc.com, abc22#abc.com, abc23#abc.com, ...abc30#abc.com
To: abc31#abc.com, abc32#abc.com, abc33#abc.com, ...abc40#abc.com
CC: prq1#prq.com
Subject: 'my subject'
EOF
my mail server honored it.
I am sending users an activation link via php, I only have a regex in place to check if the email consists of *#*.* which is fine, but I would like to check if the email actually sends also.
I tried to do this with
if (mail(....)) {
// success
} else {
// error
}
But when I enter an email of a#a.a it still goes through to the success step.
How can I actually check if it is a correct email in php, thanks.
validate the email address preoperly with
if (filter_var($email_a, FILTER_VALIDATE_EMAIL)) {
echo "VALID";
}
the email server will return true on accepting the email it does not know if it will get to the user the only way to do this , and i'm sure you have seen it, is to get the recipient to click on a link in the email that sends them back to your site, then you know its valid\used address.
From the PHP docs
bool mail( string $to , string $subject , string $message [, string $additional_headers [, string $additional_parameters ]] )
Returns TRUE if the mail was successfully accepted for delivery, FALSE
otherwise.
It is important to note that just because the mail was accepted for
delivery, it does NOT mean the mail will actually reach the intended
destination.
Just because an email address is formatted properly does not mean that there is an actual mailbox at that location. There is no way in PHP to "check" if a email address exists/is active. That is the entire purpose of activation links, to verify that someone is checking that email address.
+1 for filter_var(). Use it instead of a simple regexp. Even the most complex regexp can't get every possible way of putting together an RFC 5322 compliant address. Your attempt to come up with something is pretty much guaranteed to fail.
But you didn't ask about address format verification, you asked about checking to see that the mail was sent. The whole purpose of an activation link is to validate the email address. If you clean up unvalidated accounts on a regular basis, it doesn't matter whether the email address is structured correctly. By sending a link, you're doing a full-circuit test that bypasses any possible format misinterpretations that filter_var() might have.
How can i put commas in the 'From:' field of the mail headers??
For example with "From:Javier, My Site" when i read the email sended with any mail client like outlook, in the From only appears Javier#myinternalserverurl.com.
It cuts the from field by the comma... All the things that i found about 'From' field in php mails says that if you put commas automatically is treated like a list of mails.. any suggestion?
Thanks in adevice!
"From: \"Javier, My Site\" <email#domain.com>" should work
Zend Mail throws an exception (because mail() returns false) when the to name is set to something with both a foreign character (like "å") and a comma (","). Re-produce with code below.
$mail = new Zend_Mail('utf-8');
$mail
->setFrom('info#myhost', 'My company')
->setSubject('hi')
->addTo('MYEMAIL#SOMEHOST.COM', 'aå,a')
->setBodyHtml('<p>asd</p>')
->send();
If I change the addTo call to something of the below, no error occurs.
->addTo('znarkus#gmail.com', 'aåa')
->addTo('znarkus#gmail.com', 'a,a')
->addTo('znarkus#gmail.com', 'aa')
The weird thing is, even though it throws an exception ("Unable to send mail"), the mail is delivered. I'm running the latest Zend Mail (1.9.5?). Please halp!
It's just a bug in Zend_Framework:
http://framework.zend.com/issues/browse/ZF-10792
a comma is allowed in the name part of the e-mail:
"Smith, Frank"
this is okay
The problem is that mail() function for $to accepts
User <user#example.com>, Another User <anotheruser#example.com>
and I guess that PHP internally splits the string on commas to separate multiple recipients but you are providing only one email address.
If you think this is a Zend_Mail, or PHP bug you should post this to the appropriate issue tracker.
The comma is a reserved literal in the "to" part of a mail header (and you should never use it though), separating different targets. Even if your "first" mail gets sent, imho it creates a header like this:
aå, a <znarkus#gmail.com>
With this header i assume your mta tries to send two mails: one to aå, which fails (badly), and a second one to znarkus#gmail.com, which should make its way.
You could try to look into the mail headers to confirm this theory.