PHP Mailing

[gsmith]

I've been sending e-mail within PHP scripts using the following basic commands:

$to="someemailaddress";$message="message";$subject="subject";mail($to, $subject, $message);

However, now I have an array with several e-mail addresses in it. Using that same format won't send my mail. How can I send an e-mail using multiple e-mail addresses inside an array instead of one defined variable?

[justsomeguy]

If you want to send the exact same message to all of them, then according to RFC #WTF-123, you can use a semicolon-delimited list of addresses. You can join the array on semicolons, and voila:

$email_list = "";if (count($to_addresses) > 1)  $email_list = implode(";", $to_addresses);elseif (count($to_addresses) > 0)  $email_list = $to_addresses[0];if ($email_list != "")  mail($email_list, $subject, $message);

[gsmith]

Thank you!No time to try it now, but I'm sure it will work.

[zanfranceschi]

if you want to send one email at a time, you can do this:// $mail_list is the arrayforeach($mail_list as $mail) mail($mail, $subject, $message);This prevents your mail to be confused with spam. Eventhough it is... hehe

[gsmith]

haha. Thanks.It actually isn't spam though - I promise. :)It's for a website that has a user log-in system and the e-mails are being sent from a user to a selected user(s), hence the potential for an array of several e-mail addresses.

[zanfranceschi]

if you're really serious about mailing programmes, PHP doesn't recommend the mail() function. They point you to http://pear.php.net/package/MailBut I don't know really what the difference is, i'm just telling you cause i remembered that.

[ThePsion5]

But I don't know really what the difference is, i'm just telling you cause i remembered that.

<{POST_SNAPBACK}>

I'm not positive, but I think that the PEAR package offers improved security and other nifty functions like custom header information...I've never used it myself though.

[gsmith]

Haven't looked at that new one yet, but I know you can specify all your header info with the mail() function too.

[justsomeguy]

I've heard a lot about PEAR, but I've never actually met anyone that uses it. I have seen some good code made with it though, I forgot which application I was looking at though. But it was definately easy to make changes to it, the package does a good job of abstracting out a lot of the little details.

[bubazoo]

Also, when writing FormMail scripts, make sure to remember about theMail Injection Volnerabilitymost of the time, you can fix this problem by having your host install mod_security for you,but that doesn't always work. so I tend to use the eregi example for checking for a valid emailaddress. That way, a spammer cannot use your form for its lame advertising and mass mailing.This will also prevent your web hosting provider from suspending your accountwhich in my view is really stupid since all the hosting provder really has to do is install mod_security to prevent this from happening,

[justsomeguy]

mod_security puts some pretty stupid restrictions on the server though, like not being able to open files that have 'temp' in the path.It's probably best to just validate the from address using a regexp.