Equivalent of CDOSYS with Apache?
May 12, 2006 7:55 PM
Although I've created sites hosted on Apache servers before, I've never had to take form results from a page and send them to a specific email (i.e. a standard form request) with Apache/PHP. Done it many times with CDONTS/CDOSYS or similar mail objects. Is there an equivalent object with Apache? I can't get an answer from the host provider (yet.)
Or, if you like teh OO, PHPMailer.
(If you're just looking to mail the results of a form to a given address, there are a billion scripts out there that do this. I wrote one that I use here and there and give out to clients or coworkers or whoever asks.)
posted by weston at 8:47 PM on May 12, 2006
(If you're just looking to mail the results of a form to a given address, there are a billion scripts out there that do this. I wrote one that I use here and there and give out to clients or coworkers or whoever asks.)
posted by weston at 8:47 PM on May 12, 2006
Yeah, Apache isn't involved. You send mail in php with the mail() function. The Endâ„¢.
posted by evariste at 9:15 PM on May 12, 2006
posted by evariste at 9:15 PM on May 12, 2006
Well, Apache is involved, just not relevant.
Is someone going to make reference to the insecurity and exploitability of a lot of PHP mailer scripts?
posted by AmbroseChapel at 2:56 AM on May 13, 2006
Is someone going to make reference to the insecurity and exploitability of a lot of PHP mailer scripts?
posted by AmbroseChapel at 2:56 AM on May 13, 2006
Here's a good article on avoiding mail injection when using PHP for mail. Linked on that site is the Zend_Mail package (part of the Zend framework) which does a lot of the security related checks for you. Other helpful advice (which does involve Apache, and is a really good idea that I've never heard of before) is to use the mod_security module and add the following line to your mod_security rules (more information):
SecFilterSelective ARGS_VALUES "\n[[:space:]]*(to|bcc|cc)[[:space:]]*:.*@"
An example using the Zend_Mail classes (taken from the Zend_Mail site):
<?php
// Check for XSS and other bad stuff in your POST vars prior to proceeding to this code.
require_once 'Zend/Mail.php';
$mail = new Zend_Mail();
$mail->setBodyText($_POST['message_text']);
$mail->setFrom($_POST['sender_email'], $_POST['sender_name']);
$mail->addTo($_POST['recipient_email'], $_POST['recipient_name']);
$mail->setSubject($_POST['subject']);
$mail->send();
?>
(For security reasons, it's also assumed that you've run through the POST variables checking for any XSS attacks and inappropriate use.)
posted by purephase at 6:07 AM on May 13, 2006
SecFilterSelective ARGS_VALUES "\n[[:space:]]*(to|bcc|cc)[[:space:]]*:.*@"
An example using the Zend_Mail classes (taken from the Zend_Mail site):
<?php
// Check for XSS and other bad stuff in your POST vars prior to proceeding to this code.
require_once 'Zend/Mail.php';
$mail = new Zend_Mail();
$mail->setBodyText($_POST['message_text']);
$mail->setFrom($_POST['sender_email'], $_POST['sender_name']);
$mail->addTo($_POST['recipient_email'], $_POST['recipient_name']);
$mail->setSubject($_POST['subject']);
$mail->send();
?>
(For security reasons, it's also assumed that you've run through the POST variables checking for any XSS attacks and inappropriate use.)
posted by purephase at 6:07 AM on May 13, 2006
This thread is closed to new comments.
posted by purephase at 7:56 PM on May 12, 2006