I'm using PHP's mail() function and noticing that my mail is being shown from being sent by 'My Website' in my inbox, but when I click on the actual email it shows it being sent from mywebsite#sitename.localdomain.
Ideally I'd like to have it say being sent from 'My Website', but the reply email being 'no-reply#mywebsite.com', and not to have it say anything about #sitename.localdomain.
$to = trim(strtolower($_POST['to']));
$from = trim($_POST['from']);
$message = trim($_POST['message']);
$subject = $from . ' has shared a link with you';
$headers = 'From: My Website' . "\r\n" .
'Reply-To:' . $to . "\r\n" .
'X-Mailer: PHP/';
mail($to, $subject, $message, $headers);
Is this an issue that I need to fix in Apache, or can I modify the headers within PHP?
Try this:
$to = trim(strtolower($_POST['to']));
$from = trim($_POST['from']);
$message = trim($_POST['message']);
$subject = $from . ' has shared a link with you';
$headers = 'From: My Website <no-reply#mywebsite.com>' . "\r\n" . // <- change your email here
'Reply-To:' . $to . "\r\n" .
'X-Mailer: PHP/';
mail($to, $subject, $message, $headers);
The Question and Answer #1 contains a serious security vulnerability -
$to = trim(strtolower($_POST['to']));
Will allow an attacker to use your website to email arbitrary spam and your site will be blocked from most search engines.
See
https://www.owasp.org/index.php/Top_10_2010-A1
My recommendation is to
Sanitize the to and from fields
Never ever ever copy the message in the post to the output unless carefully sanitized.
Related
I'm using iPage for my website, and I'm using a simple mail() method to send test mails from my page. On iPage, I have email capabilities via mark#domain.com. But when I send an email out, it comes from the iPage server and is sent from ipg.domain#boscustweb3506.eigbox.net, which is quite ugly looking!
Is there a way I can use the mail() method in php to send an email from my page that will use the shorter sender above? Thanks for any and all help!
you need to add a header named From. this code will send with the mail address webmaster#example.com:
$to = 'nobody#example.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster#example.com' . "\r\n" .
'Reply-To: webmaster#example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
Try this, You can add the From header to customise the sender address.
$from ='mark#domain.com';
$headers = 'From: ' . $from . "\r\n";
...
mail($to, $subject, $message, $headers);
my site is hosted on name.com, and to test this I uploaded a simple file called contact.php with this at the top.
<?php
$to = '~~~~';
$subject = 'enquiry from ';
$name = $_POST['name'];
$email - $_POST['email'];
$message = $_POST['message'];
if ($_POST){
mail($to, $subject, $message, $header);
$feedback = "Sent";
}
?>
So, when I click the submit button it sends the mail. Inside a p tag I have echo $feedback, which shows up after I click submit.
The mail does not send? Anything I'm doing wrong here, or do I need to configure my cPanel in some way?
Since header is optional and is left undefined, removing it should resolve your issue.
Be aware that using the $_POST content directly into a email is a security risk for you!
THere are good email libraries that have tools to avoid abuses. (For example: ZendMail, PHPmailer)
Having said that, on your code you are missing the header and have a small mistake on $email = (not -) $_POST['email'];, you can use this:
$header = 'From: from#name.com' . "\r\n" .
'Reply-To: from#name.com' . "\r\n" .
'Content-type: text/html; charset=iso-8859-1' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
You have not set header variable which is optional, there is a typo while setting $email variable, you've use - instead of =
your updated code,
<?php
$to = 'a#a.com';
$subject = 'enquiry from ';
$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['message'];
if ($_POST){
mail($to, $subject, $message);
$feedback = "Sent";
}
?>
I am having a problem sending emails when I add header information.
However when I just remove the header parameter it works. What is wrong? Is it the code? Or some setting I need to change on the web server admin panel to say "Allow-Headers" or something?
I am trying to send to hotmail in case this has any relavance in determining the problem.
Any help would be greatly appreciated. Thanks.
Below Doesn't Send Email:
<?php
$to = 'iputmyrealemailhere#hotmail.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster#example.com';
mail($to, $subject, $message, $headers);
?>
Below Sends Email:
<?php
$to = 'iputmyrealemailhere#hotmail.com';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: webmaster#example.com';
mail($to, $subject, $message);
?>
I use these headers in my php mailing function and it works well. Note: I also use a third party mail-routing service to avoid having my mails marked as coming from a spammy IP. You might want to look into that also.
$headers = 'From: '.$from.'#foo.net' . "\r\n" .
'Reply-To: '.$from.'#foo.net' . "\r\n" .
'X-Mailer: PHP/' . phpversion() . "\r\n" .
'MIME-Version: 1.0' . "\r\n" .
'Content-type: text/html; charset=iso-8859-1' . "\r\n";
I also use the optional fifth parameter to mail() to set the envelope address, e.g.:
$parameters = '-f '.$from.'#foo.net';
so the final call is:
mail($to, $subject, $message, $headers, $parameters);
You can just delete the "FROM:" from the headers list .. it prevents it in some hosts .But the real question then will be how ca I change the sent from email address to a specific email that I want
I'm using dreamhost for my mailing.
I'm having an issue with php mail function additional headers parameters.
This code works, and the email is sent:
$to = 'myemail#gmail.com';
$name = $_POST['name'];
$email = $_POST['email'];
$subject = $_POST['subject'];
$message = $_POST['message'];
$headers = "From: $name <**webmaster#example.com**>\r\n" .
"Reply-To: $name <**webmaster#example.com**>\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($to, $subject, $message, $headers);
but when I replace webmaster#example.com to the variable $email
$headers = "From: $name <**$email**>\r\n" .
"Reply-To: $name <**$email**>\r\n" .
'X-Mailer: PHP/' . phpversion();
The email doesn't get sent. I did do a print_r($_POST), and the elements are there. I also did another test where I typed the email: webmaster#example.com into the form, to see if it would send, and it did. So my question is, how do I remedy this issue, if a user types their email address into the form with another mailing extension, that mail will not get sent, but if the extension is #example.com, then the mail will get sent.
$name variable should be the full emailaddress:
"$name = " 'a name' email#whatever.com> "
$headers = "From: $from \r\n";
works on my servers. Add the leading < to the email addtress. This system won't display the string at all if I include it. If your form has different variables for the responders nam and email address you'll have to concatenate them to get $name in the right formate.
The title explains itself. It is a website for in-house employees to buy and sell from each other. Its based solely around Microsoft Outlook emailing addresses. All the emails are supposed to be sent from the seller's email as they post items. Except when I enter <php phpinfo(); ?> on the action php page it tells me that the sendmail_from attribute thing is sending from a bogus email on the server. It seems to be the automatic email for the php script to send from. This may be why the emails are getting sent to spam, because the email is not valid. Also, I read online about having full and valid headers but most headers seem optional and i cant find anywhere that explains optimal headers. My mailing code:
//send approval email to the approver
$from = isset($_POST['from'])? $_POST['from']:1;
$message = isset($_POST['message'])? $_POST['message']:1;
$message = $message . '<a href="http://dev-corkboard/newapproval.php?id='
.$result[0][0].'"> Click here to approve website post.</a>';
// In case any of our lines are larger than 70 characters, we should use
// wordwrap()
$message = wordwrap($message, 70);
$to = 'clehane#eatonvance.com';
$replyto = isset($_POST['replyto'])? $_POST['replyto']:1;
$subject = isset($_POST['subject'])? $_POST['subject']:1;
$headers = "MIME-Version: 1.0" . "\r\n" . 'From: "'.$from.'"' . "\r\n" .
'Reply-To: "'.$replyto.'"' . "\r\n" .
'Content-Type:text/html;charset=iso-8859-1' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
if (mail($to, $subject, $message, $headers)) {
//test message for email
}
header ("location: newindex.php"); `
Any ideas?
And bam! Solved it, needed to put email addresses as such:
$from = 'MyName <myemail#mycompany.com>';
And I also included these headers:
"X-Priority: 0\r\n".
"X-MSMail-Priority: Normal\r\n".
"X-Mailer: mycompany.com