• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 406
  • Last Modified:

Share webpage by email and grab sended emails

Hello Experts.

I have a "share by email" link in my page which is currently using a normal email client, do you know any service without the need of email client such as outlook, to present on the page just like sharethis works with emails, but when a user sends and email we could grab both emails (the person who sends the email and the one that receives)?

Working with php and jquery in my website.

Thank you
0
joao_c
Asked:
joao_c
  • 2
  • 2
1 Solution
 
Minh Võ CôngCommented:
0
 
joao_cAuthor Commented:
Sorry, not email client. In the website I have a "share by email" link, and I want to grab the email adresses from both the sender and receiver.
0
 
Ray PaseurCommented:
Can you please post a link to the page that contains the "share by email" link?  Thanks, ~Ray
0
 
joao_cAuthor Commented:
Here is the html:

<li class="email"><a href="mailto:?subject=text_here&amp;body=Body text">E-mail</a></li>

Open in new window


Instead of launching a client email program like outlook, windows live mail.. I just want a pop-up window, with an email from, email to send and message,. When the users use that I want to grab the info sended.

Thank you Ray
0
 
Ray PaseurCommented:
The general design would work something like this...

1. JavaScript (perhaps jQuery) would be used to create the pop-up window.  Something like window.open() could be used to start a PHP script in that window.
2. The PHP script would present a form to request the email addresses (both from and to) and a message.
3. When the form is submitted the action script would record the email addresses, along with the text of the message and the URL of the web page, in your data base logging table.
4. Then the action script would use the PHP mail() function to send the email message.

Some things to be VERY careful about... Sanitize your data with great care.  Form-to-email scripts are considered a target-rich environment by the script-kiddie hacker community, and as soon as they identify your pop-up script you can bet it will be bombarded by attacks.  Suggest your script sleep() at least two seconds between executions, and perhaps most importantly, implement a CAPTCHA test in the popup window.  Details about how to make CAPTCHA suck less are available in this article.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_9849-Making-CAPTCHA-Friendlier-with-PHP-Image-Manipulation.html

Sanitization would mean ensuring that the from and to email addresses pass the test of being actual, individual, well-formed email addresses, that they are routable via the DNS.  This code snippet can help with that.

<?php // RAY_email_validation.php
error_reporting(E_ALL);


// A FUNCTION TO TEST FOR A VALID EMAIL ADDRESS, RETURN TRUE OR FALSE
// SEE MAN PAGE: http://php.net/manual/en/intro.filter.php
function check_valid_email($email, $rout=TRUE)
{
    // LIST OF BLOCKED DOMAINS
    $bogus = array
    ( '@unknown.com'
    , '@example.com'
    , '@gooseball.org'
    )
    ;

    // IF PHP 5.2 OR ABOVE, WE CAN USE THE FILTER
    if (strnatcmp(phpversion(),'5.2') >= 0)
    {
        if(filter_var($email, FILTER_VALIDATE_EMAIL) === FALSE) return FALSE;
    }

    // IF LOWER-LEVEL PHP, WE CAN CONSTRUCT A REGULAR EXPRESSION
    else
    {
        $regex
        = '/'                        // START REGEX DELIMITER
        . '^'                        // START STRING
        . '[A-Z0-9_-]'               // AN EMAIL - SOME CHARACTER(S)
        . '[A-Z0-9._-]*'             // AN EMAIL - SOME CHARACTER(S) PERMITS DOT
        . '@'                        // A SINGLE AT-SIGN
        . '([A-Z0-9][A-Z0-9-]*\.)+'  // A DOMAIN NAME PERMITS DOT, ENDS DOT
        . '[A-Z\.]'                  // A TOP-LEVEL DOMAIN PERMITS DOT
        . '{2,6}'                    // TLD LENGTH >= 2 AND =< 6
        . '$'                        // ENDOF STRING
        . '/'                        // ENDOF REGEX DELIMITER
        . 'i'                        // CASE INSENSITIVE
        ;
        // TEST THE STRING FORMAT
        if (!preg_match($regex, $email)) return FALSE;
    }

    // TEST TO SEE IF THE DOMAIN IS IN OUR BLOCKED LIST
    foreach ($bogus as $badguy)
    {
        if (stripos($email, $badguy)) return FALSE;
    }

    // FILTER_VAR OR PREG_MATCH DOES NOT TEST IF THE DOMAIN IS ROUTABLE
    if ($rout)
    {
        $domain = explode('@', $email);

        // MAN PAGE: http://php.net/manual/en/function.checkdnsrr.php
        if ( checkdnsrr($domain[1], "MX") || checkdnsrr($domain[1], "A") ) return TRUE;

        // EMAIL IS NOT ROUTABLE
        return FALSE;
    }
    return TRUE;
}



// DEMONSTRATE THE FUNCTION IN ACTION
$e = NULL;
if (!empty($_GET["e"]))
{
    $e = $_GET["e"];
    if (check_valid_email($e))
    {
        echo "<br/>VALID: $e \n";
    }
    else
    {
        echo "<br/>BOGUS: $e \n";
    }
}


// END OF PROCESSING - CREATE THE FORM USING HEREDOC NOTATION
$form = <<<ENDFORM
<form>
TEST A STRING FOR A VALID EMAIL ADDRESS:
<input name="e" value="$e" />
<input type="submit" />
</form>
ENDFORM;

echo $form;

Open in new window

And finally, do not send the message "from" the from email address that was entered on the form.  You'll quickly fail an SPF test  and your server will be marked as a spammer.  Instead, send it from noReply at your domain.  Include the from email in the message.

Best of luck with your project, ~Ray
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now