mail us  |  mail this page

contact us
training  | 
tech stuff  | 

Tech Stuff - PHP Mail Kit

This mail kit is used to provide both our 'mail this page' feature in the header of all pages and by the addition of a hidden field it also handles our 'mail us', 'feedback' and 'bug report' mail functions (OK, so we're cheap). There are many PHP email functions around - we don't think ours is particularly special and it is presented here in case it has some interesting aspects that you may find useful.

During early 2006 we discovered that we were getting occasional abuse of the 'mail this page' feature which we fixed in a very trivial way, then in May 2006 we got hammered with a full-scale SPAM injection attack and had to drastically rework all our mail capabilities to check for a variety of abuses. The lesson was clear - we had survived for over 5 years without any real problems - but we had been lucky, perhaps even naive.

Health-Warning: This is made available at your risk, we make no warranty that the code has no bugs in it or that it will even do what we think or say it will. Like all downloaded software we urge caution if you use it.

Background

We wanted a 'mail this page' feature and we'd played around previously with href=mailto directives and briefly with Javascript mail features none of which gave us what we wanted. Javascript mail and 'mailto' are very useful and trivial because they do not use any server (CGI) features .. but if the user's PC is not configured with a local mail client they do not work - we wanted to provide a PC independent method of getting mail to us - though our webmaster link at the foot of the page will continue to use mailto. Moreover, all the articles we had read indicated that PHP is a real breeze for mailing.

However:

HTML Mail this Page

We wanted (and still do) the option to send the entire page as a mail item not just a link in our 'mail this page' feature. Most of our pages are generated using Apache Server Side Includes (SSIs) and contain 'relative' references to other pages and embedded images, for example, '../images/logo.gif' etc.. Big deal .. so what. Here's so what:

Relative Addressing

There are a couple solutions to 'relative' addressing (none of which fit our circumstances) which may work for you.

SSI Page Expansion

The only way we can figure to do this is to issue the GET request from PHP. This would provide a raw string containing the expanded page. We would then change the 'relative' references to 'absolute' references with a couple of PHP regular expression function calls and then mail the resulting modified string.

We decided not to do this on very tenuous grounds. It didn't feel right (oh really!!). Actually we could see a whole host of additional applications for this relative to absolute addressing and currently believe that the best way is to modify PHP virtual function. Perhaps one day Real Soon Now™. For the time being we use a simple text mail web page reference.

Configuring PHP for Mail

Configuring PHP for mail is a breeze if you are running an SMTP server on the same server as your web. We weren't and so had to install an SMTP agent. The relevant configuration directives (in the php.ini file) are these:

;;;;;;;;
; MAIL ;
;;;;;;;;

[mail function]
SMTP          =                      ;for win32 only
sendmail_from =                      ;for win32 only
sendmail_path = /usr/sbin/sendmail  ;typical sendmail path for Linux distros
sendmail_path = /usr/local/sbin/sendmail  ;typical sendmail path for bsd

We were running Linux Web Servers (now replaced with FreeBSD) which had no configured mail package. Soooo.... we had to install and run at least an SMTP mail server 'cos PHP mail needs a sendmail wrapper program and our standard mail package did not have one that runs between hosts. For lots of reasons we did not want to run our normal mail software on our web server. So we looked around for a suitable e-mail package with an eye mostly for ease of configuration but with the possibility of implementing the e-mail solution more widely in the future.

We reviewed sendmail (the 'de facto' standard but too much documentation and too complicated for our trivial requirement), qmail (better but no simple explanation to configure as SMTP only) and then we stumbled across postfix and it was up and running within 24 hours. We had to make some configuration changes but the parameters are very well documented and exceptionally logical so it took very little effort. Very impressive. It even puts the sendmail wrapper application in the right place so we did not have to change the php.ini file at all!! In fact the sum total or our PHP changes to implement mail was nil. Now that's what we call integration.

<warning> We upgraded to Postfix 2.1.1 and everything stopped working. Seems as if you have to supply a -t argument to sendmail so your php.ini file must now look like this.

sendmail_path = /usr/sbin/sendmail -t ;postfix sendmail path

We could find nothing about this in the documentation. </warning>

Mail Functions

Until we have completed our proposed extensions to PHP our 'mail this page' function only works with a mailed page reference (Click 'mail this page' at the top of the screen to see the actual interface). The mail function consists of two php pages:

Notes:

  1. To capture the modules just click 'save as' a php module in an appropriate directory. If you are using netscape (4.x) you may have to 'copy' and 'paste' into a suitable text editor.

  2. You are right the modules mailpage.php and mailthispage.php should have their names swapped to make more sense! Satisfied.

  3. We just made a number of changes to the PHP mail() function call to add "\r\n\" at the end of each section (was just "\n") and "\r\n\r\n" to the end of the header section to prevent SMTP injection problems. We also added MIME-Version: and Content-Type: parameters to the header since we will be adding MTML versions of the mail function One Day Real Soon™.

Notes and Explanations

Parameter-less calls

The 'mail this page' is a parameter-less call since the calling page is available via the use of the CGI environmental variable $HTTP_REFERRER (available to SSI, PHP and any CGI environment). We also use this variable in the hidden form to take the user back to the original calling page (see below).

Common Mail Page

All mail requests are processed by the same PHP module through the use of two hidden elements embedded in the forms. The following example will serve to illustrate the technique:

<form name="mailForm" method="post" action="/cgi/mail.php">
<input type="hidden" name="op" value="m">
<input type="hidden" name="s" value="<!--#echo var="HTTP_REFERER" -->">
<table border="0" width="100%">
 <tr>
  <td width="120" valign="middle" align="right"></td>
  <td>(<font color="#FF0000">*</font> denotes
      required field in form below)</font></td>
 </tr>
 <tr>
  <td valign="middle" align="right">First
      Name <font color="#FF0000">*</font>:</td>
  <td><INPUT type="text" name="fname" size="50"></td>
 </tr>
 <tr>
  <td valign="middle" align="right">Last
      Name <font color="#FF0000">*</font>:</td>
  <td><INPUT type="text" name="lname" size="50"></td>
 </tr>
 <tr>
  <td valign="middle" align="right">E-Mail
    <font color="#FF0000">*</font>:</td>
  <td><INPUT type="text" name="email" size="50"></td>
 </tr>
 <tr>
  <td valign="middle" align="right">Comment:</td>
  <td><TEXTAREA name="comments" rows=10 cols=50></TEXTAREA></td>
 </tr>
 <tr>
  <td></td>
  <td>
   <input type="submit" VALUE="Send">
<!--#if expr="${isJS}" -->
   <input type="reset" VALUE="Clear" onClick="clearform();">
<!--#endif -->
  </td>
 </tr>
</table>
</FORM>

Notes

Briefly on the subject of vetting (or parameter checking). We don't as we have said. Our reasons apart from laziness are these:



Problems, comments, suggestions, corrections (including broken links) or something to add? Please take the time from a busy life to 'mail us' (at top of screen), the webmaster (below) or info-support at zytrax. You will have a warm inner glow for the rest of the day.

Tech Stuff

If you are happy it's OK - but your browser is giving a less than optimal experience on our site. You could, at no charge, upgrade to a W3C standards compliant browser such as Firefox

Search

web zytrax.com

Share

share page via facebook tweet this page

Page

email us Send to a friend feature print this page Decrease font size Increase font size Display full width page

Resources

HTML Stuff

W3C HTML 4.01
HTML5 (WHATWG)
HTML4 vs HTML5
HTML5 Reference
W3C Page Validator
W3C DOCTYPE

CSS Stuff

W3C CSS2.1
W3C CSS2.2
Default Styles
CSS3 Selectors
CSS 3 Media Queries
CSS 3 Colors

DOM Stuff

W3C DOM
W3C DOM 3 Core
W3C 3 Events

Accessibility

usability.gov
W3C - WAI
Web Style Guide
WebAim.org

Useful Stuff

Peter-Paul Koch
A List Apart
Eric Meyer on CSS
glish.com

Our Stuff

Our DOM Pages
DOM Navigation
Liquid Layout
CSS Short Cuts
CSS overview
CSS One Page

Javascript Stuff

ECMA-262

Site

CSS Technology SPF Record Conformant Domain
Copyright © 1994 - 2017 ZyTrax, Inc.
All rights reserved. Legal and Privacy
site by zytrax
Hosted by super.net.sg
web-master at zytrax
Page modified: October 21 2015.