function send_email($to_address, $to_name, $from_address, $from_name, $subject, $message, $html_message = '', $template_id = 0) { if (strpos(strtolower($to_address), strtolower('Content-type')) > 0) { // detect mail() injection return false; } if (strpos(strtolower($to_name), strtolower('Content-type')) > 0) { // detect mail injection return false; } if (strpos(strtolower($from_address), strtolower('Content-type')) > 0) { // detect mail injection return false; } if (strpos(strtolower($from_name), strtolower('Content-type')) > 0) { // detect mail injection return false; } if (strpos(strtolower($subject), strtolower('Content-type')) > 0) { // detect mail injection return false; } if (strpos(strtolower($message), strtolower('Content-type')) > 0) { // detect mail injection return false; } // save to the database... $attachments = 'N'; $now = gmdate("Y-m-d H:i:s"); $sql = "INSERT INTO mail_queue (mail_id, mail_date, to_address, to_name, from_address, from_name, subject, message, html_message, attachments, status, error_msg, retry_count, template_id, date_stamp) VALUES('', '{$now}', '" . addslashes($to_address) . "', '" . addslashes($to_name) . "', '" . addslashes($from_address) . "', '" . addslashes($from_name) . "', '" . addslashes($subject) . "', '" . addslashes($message) . "', '" . addslashes($html_message) . "', '{$attachments}', 'sent', '', 0, '{$template_id}', '{$now}')"; $s = 'copyr1ght two thousand & 6 Jam1t softwar3 '; mysql_query($sql) or q_mail_error(mysql_error() . $sql); $mail_id = mysql_insert_id(); // -J- : try to comment out the following statements // also change the charset=UTF-8 to charset=US-ASCII and let me know if it worked! $to_name = html_ent_to_utf8($to_name); $from_name = html_ent_to_utf8($from_name); $subject = html_ent_to_utf8($subject); $message = html_ent_to_utf8($message); $html_message = html_ent_to_utf8($html_message); //@ini_set(sendmail_from, SITE_CONTACT_EMAIL); //@ini_set(sendmail_path, "/usr/sbin/sendmail -t -f ".SITE_CONTACT_EMAIL); $headers = "Return-Path: " . SITE_CONTACT_EMAIL . "\r\n"; $headers .= "From: " . SITE_NAME . " <" . SITE_CONTACT_EMAIL . ">\n"; $headers .= "MIME-Version: 1.0\n"; $headers .= "Content-Type: text/plain; charset=UTF-8\r\n"; return mail($to_address, $subject, $message, $headers); }
function send_smtp_email($mail_row) { $to_name = html_ent_to_utf8($mail_row['to_name']); $to_address = $mail_row['to_address']; $from_name = html_ent_to_utf8($mail_row['from_name']); $from_address = $mail_row['from_address']; $subject = html_ent_to_utf8($mail_row['subject']); $message = html_ent_to_utf8($mail_row['message']); $html_message = html_ent_to_utf8($mail_row['html_message']); //$html_message = $mail_row['html_message']; $email_message = new smtp_message_class(); $dir = dirname(__FILE__); $dir = preg_split('%[/\\\\]%', $dir); $blank = array_pop($dir); $dir = implode('/', $dir); if (!class_exists("sasl_client_class")) { require "{$dir}/mail/sasl/sasl.php"; } $email_message->localhost = EMAIL_HOSTNAME; $email_message->smtp_host = EMAIL_SMTP_SERVER; $email_message->smtp_direct_delivery = 0; $email_message->smtp_exclude_address = ""; $email_message->smtp_user = EMAIL_SMTP_USER; $email_message->smtp_realm = ""; $email_message->smtp_password = EMAIL_SMTP_PASS; $email_message->smtp_pop3_auth_host = EMAIL_SMTP_AUTH_HOST; $email_message->smtp_ssl = 0; $email_message->authentication_mechanism = 'USER'; // SASL authentication if (EMAIL_DEBUG_SWITCH == 'YES') { $email_message->smtp_debug = 1; } else { $email_message->smtp_debug = 0; } $email_message->smtp_html_debug = 0; //echo "[$to_address], [$to_name], [$from_address], [$from_name], [$subject], [$message], [$html_messageaz]"; $reply_address = $mail_row['from_address']; $error_delivery_name = SITE_NAME; $error_delivery_address = SITE_CONTACT_EMAIL; //$message="Hello ".strtok($to_name," ").",\n\nThis message is just to let you know that your e-mail sending class is working as expected.\n\nHere's some non-ASCII characters ÁèÎõÜ in the message body to let you see if they are sent properly encoded.\n\nThank you,\n$from_name"; //$email_message=new email_message_class; $email_message->default_charset = 'UTF-8'; $email_message->SetEncodedEmailHeader("To", $to_address, $to_name); $email_message->SetEncodedEmailHeader("From", $from_address, $from_name); $email_message->SetEncodedEmailHeader("Reply-To", $reply_address, $reply_name); /* Set the Return-Path header to define the envelope sender address to which bounced messages are delivered. If you are using Windows, you need to use the smtp_message_class to set the return-path address. */ if (defined("PHP_OS") && strcmp(substr(PHP_OS, 0, 3), "WIN")) { $email_message->SetHeader("Return-Path", $error_delivery_address); } $email_message->SetEncodedEmailHeader("Errors-To", $error_delivery_address, $error_delivery_name); $email_message->SetEncodedHeader("Subject", $subject); if ($html_message == '') { // ONLY TEXT $email_message->AddQuotedPrintableTextPart($email_message->WrapText($message)); } else { $email_message->CreateQuotedPrintableHTMLPart($html_message, "", $html_part); //$text_message="This is an HTML message. Please use an HTML capable mail program to read this message."; $email_message->CreateQuotedPrintableTextPart($email_message->WrapText($message), "", $text_part); $alternative_parts = array($html_part, $text_part); $email_message->AddAlternativeMultipart($alternative_parts); } if ($mail_row[attachments] == 'Y') { add_mail_attachments($email_message, $mail_row); } $error = $email_message->Send(); if (strcmp($error, "")) { //echo "Error: $error\n"; $now = gmdate("Y-m-d H:i:s"); $sql = "UPDATE mail_queue SET status='error', retry_count=retry_count+1, error_msg='" . addslashes($error) . "', `date_stamp`='{$now}' WHERE mail_id=" . $mail_row['mail_id']; //echo $sql; mysql_query($sql) or q_mail_error(mysql_error() . $sql); } else { $now = gmdate("Y-m-d H:i:s"); $sql = "UPDATE mail_queue SET status='sent', `date_stamp`='{$now}' WHERE mail_id=" . $mail_row['mail_id']; mysql_query($sql) or q_mail_error(mysql_error() . $sql); //echo $sql; } //echo "."; }