Equivalent of CDOSYS with Apache?
May 12, 2006 7:55 PM   Subscribe

Although I've created sites hosted on Apache servers before, I've never had to take form results from a page and send them to a specific email (i.e. a standard form request) with Apache/PHP. Done it many times with CDONTS/CDOSYS or similar mail objects. Is there an equivalent object with Apache? I can't get an answer from the host provider (yet.)
posted by juiceCake to Computers & Internet (6 answers total) 1 user marked this as a favorite
Nothing to do with Apache. If you've got PHP installed, then check out the Mail functions.
posted by purephase at 7:56 PM on May 12, 2006

Or, if you like teh OO, PHPMailer.

(If you're just looking to mail the results of a form to a given address, there are a billion scripts out there that do this. I wrote one that I use here and there and give out to clients or coworkers or whoever asks.)
posted by weston at 8:47 PM on May 12, 2006

Yeah, Apache isn't involved. You send mail in php with the mail() function. The Endâ„¢.
posted by evariste at 9:15 PM on May 12, 2006

Well, Apache is involved, just not relevant.

Is someone going to make reference to the insecurity and exploitability of a lot of PHP mailer scripts?
posted by AmbroseChapel at 2:56 AM on May 13, 2006

Here's a good article on avoiding mail injection when using PHP for mail. Linked on that site is the Zend_Mail package (part of the Zend framework) which does a lot of the security related checks for you. Other helpful advice (which does involve Apache, and is a really good idea that I've never heard of before) is to use the mod_security module and add the following line to your mod_security rules (more information):

SecFilterSelective ARGS_VALUES "\n[[:space:]]*(to|bcc|cc)[[:space:]]*:.*@"

An example using the Zend_Mail classes (taken from the Zend_Mail site):

// Check for XSS and other bad stuff in your POST vars prior to proceeding to this code.

require_once 'Zend/Mail.php';
$mail = new Zend_Mail();
$mail->setFrom($_POST['sender_email'], $_POST['sender_name']);
$mail->addTo($_POST['recipient_email'], $_POST['recipient_name']);

(For security reasons, it's also assumed that you've run through the POST variables checking for any XSS attacks and inappropriate use.)
posted by purephase at 6:07 AM on May 13, 2006

Merci to all.
posted by juiceCake at 8:05 AM on May 13, 2006

« Older New York City suggestions?   |   charAt vs startsWith Newer »
This thread is closed to new comments.