Skip to main content
A
Anonymous
December 13, 2010
Question

mail($to, $subject, $message, $headers);

  • December 13, 2010
  • 1 reply
  • 1238 views

Hello, Everyone:

I am having difficulties in applying the "Cc" and "Bcc" to the $headers.  I am not sure what is going on.  What my optimum objective is to e-mail more than one e-mail under the "Bcc".  I did have $headers .= 'Cc: "me@me.com'; however it did not work.

Here is what I have.

$user_username = $row_getUser['username'];
$user_firstName = $row_getUser['f_name'];
$user_lastName = $row_getUser['l_name'];

//Send E-mail to let know someone has registered
if (array_key_exists('send', $_POST)) {
  //mail processing script
  $to = "me_1@me.com"; // use your own email address
  $subject = "New User $user_firstName $user_lastName (a.k.a $user_username)";
  $headers = "From: no-reply@me.com";
 
  // process the $_POST variables
  $username = $row_getUser['username'];
  $f_name = $row_getUser['f_name'];
  $l_name = $row_getUser['l_name'];
  $email = $row_getUser['email'];
  $dateOfRegistration = date("D, M j, Y", strtotime($row_getUser['dateofreg']));
 
  // build the message
  $message = "New Registrant\n\n";
  $message .= "Hello,\n\n";
  $message .= "You have received this message because you have a new registered user on $dateOfRegistration to your website named $f_name $l_name under the username $username.\n\n\n";
  $message .= "Thank you.\n";


  // send it 
  $mailSent = mail($to, $subject, $message, $headers);
  if ($mailSent) {
        // $missing is no longer needed if the email is sent, so unset it
        unset($missing);
    }
  }

How do I apply the "Cc" and "Bcc".

Thank you.

This topic has been closed for replies.

1 reply

A
Anonymous
December 13, 2010

concactenate the values into the headers:

$headers = "From: no-reply@me.com\r\n";

$headers .= "BCC: other_address@me.com, someone_else@website.com, one_more_person@website.com\r\n";

$headers .= "CC: yet_another_address@me.com";

Your address is hard-coded into the header value. If you were using a form to add the from: address without sanitation you could inject the BCC: and CC: into the headers. For instace, if you had a form that sent an email and the user had an email field in the form to apply the From: address then the user could inject the BCC: and CC: into the header by entereing something like this into the email form field:

email: no-reply@me.com\r\nBCC: other_address@me.com, hacker@some-website.com, another_hacker@website.com\r\nCC: your_address@website.com

This is why form field sanitation is important because if you don't filter the input correctly then a spammer could inject addresses into the header and essentially use YOUR host and YOUR email script to host their spam!

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices