[RESOLVED] Email to Submitter using mail()

sys4dm1n

I have tried different ways to get a carbon copy sent to the person who enters their email address in my web form.

I tried adding Cc: $email to the end of the mail() function:

mail("$emailaddress", "$subjectheader $subject", "$message", "From: $email \nReply-To: $email\nCc: $email");

I also tried a different approach by doing:

$to = "$emailaddress;$email";
mail("$to", "$subjectheader $subject", "$message", "From: $email \nReply-To: $email");

Both $emailaddress and $email are correctly identified so there is no issue there (and have been passed correctly).

Any suggestions or tips?

wmhop

I remember reading some where that the "c"'s have to be the same case in certain situations. I can't remember where I read it or the situations so maybe give "cc:" and "CC:" a try.

Bobulous

I see a few problems with this code:

Firstly, any user who receives an email from your script will also be gifted your email address, because you've put it in a reply-to header right above the CC header. I recommend using two separate mail function calls, so that one call contains only your email address, and the second contains only their email address.

Secondly, you don't seem to be using a carriage-return character at the end of each header, only a newline. I'm fairly sure a carriage-return character \r is also needed in emails. Check the email format RFC, or look for examples of working code online.

Thirdly, are you checking the value provided to you by the visitor to your site? If not, a junk mailer can (and eventually will) post header injection data to your script, and your innocent mail function call will become a spam engine that sends unsolicited mail to hundreds of addresses. This happened to me:

Mailform abuse by header injection.

The mail function has to be treated very carefully to avoid big problems. Especially when you use third-party data in the headers section of the function.