|
|
Posted by Malcolm Dew-Jones on 06/05/05 00:57
Nigo (nikolajkyndbyholm@gmail.com) wrote:
: Hi there
: Is it posible to make a link (to a php-file on a server) in an email
: that, when you click on it, sends info about who the reciver of the
: email is?
One comon technique used by mail lists is to put a unique id in each mail
message "href='http:/my/server.com/responder?id=12345'". The id is first
saved in your database. When the user follows the link then you know
which user is responding by looking at the id. The id should be some kind
of random number to prevent possible abuse from little kid hackerholics.
That works well for things like maillist signup confirmations since each
confirmation message is sent out one at a time. It doesn't work so well
for checking who is responding to a typical mail list message.
If you want to identify a person and that person is an _already_ signed up
member of a web site, then you can try to use cookies to identify them.
They follow the link, which opens their browser, which visits the page.
The cookie (which has to have been set earlier when they signed up) will
be returned to the php script, and from that cookie you know who it is.
You can also simply ask them who they are. Again, if they already have a
membership at your site then asking them to login when they visit may not
be too onerous a task. For example I think my paypal account asks me to
login each time I reach it via a mail message link. Since it has my
money, I don't mind having to login. If it was some boring message board
I regret joining then of course I won't login if they ask, I'll just
leave.
Otherwise you would have to examine the various headers sent from the
browser, and the ip address etc, but that is a fools game since it doesn't
really tell you anything much.
: Lets say I send out an email thru an alias to a group of people and I
: want to give them the opportunity to sign up for an event using that
: link. Those that click the link are added to a post in a database
: (MySQL), eg. with their email adress, initials, name... whatever. I
: guess that it would be easy if it just takes the contest of the
: to-field in the emails headerinfo? If a spammer can do it, so can I :o)
There is no way to "copy" the mail headers from the mail message into the
browser. The mail message will contain a link, and that link "informs"
the mail program to open the user's browser, and the browser then follows
the link. The only thing the browser will know about the original mail
message is what you can stuff into the text of the link.
If you look closely, you'll see that each spam message that does this sort
of thing is sent individually, and each will have an id, similar to the
way I described above.
--
This space not for rent.
Navigation:
[Reply to this message]
|