|
|
Posted by George Doka on 10/31/06 02:03
> Headers go at the beginning of the message, not the end.
>
> Note that it's imperative that you not permit *ANY* user-entered
> data to go in any headers (including To:, From:, Subject:, Cc:, and
> Bcc:) unless you have checked that this data does not contain
> carriage return or line feeds. If you see this in the data, don't
> send the mail (and don't fix it, either). Otherwise your form will
> be abused by spammers.
thanks Shelly & Gordon,
I tried moving the new headers up top of the message code,
but all I get now is 4 identical emails all sent to the primary email;
ie, none to CC or BCC addresses.
here's my code:
================================
/* recipients */
$to1 = $_POST['to'];
/* message */
$name1 = $_POST['name'];
$from1 = $_POST['from'];
$subject1 = $_POST['subject'];
$messagebody1= $_POST['messagebody'];
/* add cc and bcc var's */
$cc1 = $_POST['cc'];
$bcc1 = $_POST['bcc'];
/* To send HTML mail, you can set the Content-type header. */
$headers1 = "MIME-Version: 1.0\r\n";
$headers1 .= "Content-type: text/html; charset=iso-8859-1\r\n";
/* additional headers */
$headers1 .= "To: ".$to1."\r\n";
$headers1 .= "From: ".$from1."\r\n";
$headers1 .= "Reply-To: ".$from1."\r\n";
$headers1 .= "CC: " . $cc1 . "\r\n";
$headers1 .= "BCC: " . $bcc1 . "\r\n";
$messagebody1= str_replace("\\\\","",$messagebody1);
$messagebody1= str_replace("\'","'",$messagebody1);
$messagebody1= str_replace("\\\"","\"",$messagebody1);
$message1 .= $messagebody1."\r\n";
$subject1 = "$subject1";
===============================================
Navigation:
[Reply to this message]
|