Phpmailer
From Phpmaniac
What is the phpmailer
phpmailer is an easy object oriented approach to sending email with PHP.
It can allow you to send multi-part MIME email without needing to know how things like boundaries and mime types work.
Why
PHP already has the command mail which can send email, and it's already built into the base of PHP.
This method is works, but in order to send complex emails including attachments and protect against mail header injection attacks, you need to have an in depth understanding of how email and MIME works.
phpmailer allows us to do this easily, quickly, and more importantly, it has been tested thoroughly, probably more so than any email code that we write.
Security
One of the major concerns of people sending automated emails using PHP is header injection. Mail header injection is the process of inserting additional fields into the mail headers such as extra "bcc" and "to" fields. This can be used by spammers to utilize your server to send spam and consequently having your server blacklisted by real time blacklists.
phpmailer automatically sanitizes the headers you pass to it so that we don't have to worry about it. The following code is what is used to sanitize the headers.
- /**
- * Strips newlines to prevent header injection.
- * @access public
- * @param string $str String
- * @return string
- */
- public function SecureHeader($str) {
- $str = trim($str);
- $str = str_replace("\r", "", $str);
- $str = str_replace("\n", "", $str);
- return $str;
- }
Taken from class.phpmailer.php authored by Andy Prevost Copyright (c) 2004-2008 LGPL
del.icio.us
facebook
reddit
stumble it|
|
