php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #251 Bug with the mail() function
Submitted: 1998-04-06 22:27 UTC Modified: 1998-05-22 19:02 UTC
From: vborrego at plustek dot com Assigned: shane (profile)
Status: Closed Package: Misbehaving function
PHP Version: 3.0 Release Candidate 3 OS: Windows NT 4.0 SP3
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: vborrego at plustek dot com
New email:
PHP Version: OS:

 

 [1998-04-06 22:27 UTC] vborrego at plustek dot com
To whom this may concern,

OS:      WinNT 4.0
SP Ver:  Service Pack 3
HTTP SW: Microsoft Internet Information Server 4.0


Comment:
After struggling with trying to get IIS 4.0 and PHP3 to work for a week (finally they both work together), I have run into the following bug with the mail() function.

Purpose:
PHP/FI 2.0 was previously used on a Unix machine for 3 important functions.  1.  Technical Support Email Form, 2.  Sales Email form and 3.  Registration entries to be latter transfered into Access 97 (using a simple CRON job).

This bug arose while coding the Technical Support Email form.

In the past, I had used sendmail to email the data to our support department.  With NT, having a mail() function is much easier... 


Objective:
To fool the mail() function into thinking that the FROM: email address corresponds to the customers email address supplied in the Tech Support Form.  To recreate the bug, I tracked the problem down to the following situation:

---------------------

<?php

 /* This is my sample code where the bug arose */

mail("id10t@pacbell.net", "Test", "Test", "From: id10t@pacbell.net");

?>

---------------------

Below is the message source that is produced from this function:

Return-Path: id10t@pacbell.net
Received: from mail-gw2.pacbell.net (mail-gw2.pacbell.net [206.13.28.53]) by mail-sf1.pacbell.net (8.8.8/8.7.1) with ESMTP id SAA27491 for <id10t@mail-sf1.pacbell.net>; Mon, 6 Apr 1998 18:54:20 -0700 (PDT)
Received: from 209-0-28-163.plustek.com (209-0-28-163.plustek.com [209.0.28.163] (may be forged)) by mail-gw2.pacbell.net (8.8.8/8.7.1+antispam) with ESMTP id SAA19199 for <id10t@pacbell.net>; Mon, 6 Apr 1998 18:54:19 -0700 (PDT)
Received: from www - 209.0.28.163 by 209-0-28-163.plustek.com  with Microsoft SMTPSVC(5.5.1774.114.11);
	 Mon, 6 Apr 1998 18:56:19 -0700
X-Sender: id10t@pacbell.net
X-Mailer: From: id10t@pacbell.net
Content-Type: text/plain; charset=us-ascii
Date: Mon, 06 Apr 1998 18:56:19 +0800
From: id10t@pacbell.net
Subject: Test
To: id10t@pacbell.net
Message-ID: <001641956010748WWW@209-0-28-163.plustek.com>
X-UIDL: 16c160d128edb17e1c1388005eaa76e5

id10t@pacbell.net (null)
Test

----------------------


From this situation the following lines are not desirable in the Message Source:

id10t@pacbell.net (null)

and

X-Mailer: From: id10t@pacbell.net

-----------------------

Below is the php3.ini

[PHP_3]
engine = 1  ; enable PHP 3.0 parser

max_execution_time = 30     ; Maximum execution time of each script, in seconds
memory_limit = 8388608		; Maximum amount of memory a script may consume (4MB)

; error_reporting is a bit-field.  Add each number up to get desired error reporting level
;  1 = Normal errors
;  2 = Normal warnings
;  4 = Parser errors
;  8 = Really picky warnings - ie. using a variable before defining it
error_reporting=7
display_errors=1           ; Print out errors (as a part of the HTML script)
log_errors=0			   ; Log errors into a log file (server-specific log, stderr, or error_log (below))
track_errors=0             ; Store the last error/warning message in $php_errormsg (boolean)
;error_log=filename		; log errors to specified file
;error_log=syslog		; log errors to syslog (Event Log on NT, not valid in Windows 95)

warn_plus_overloading=0		; warn if the + operator is used with strings

magic_quotes_gpc = 1       ; magic quotes for incoming GET/POST/Cookie data
magic_quotes_runtime = 0   ; magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc.
magic_quotes_sybase = 0    ; Use Sybase-style magic quotes (escape ' with '' instead of \')
track_vars=1               ; enable $PHP_GET_VARS[], $PHP_POST_VARS[] and $PHP_COOKIE_VARS[] arrays
short_open_tag=1           ; allow the <? tag.  otherwise, only <?php is recognized.

precision = 6		; number of decimal digits displayed in floating point numbers
; paths and directories
include_path=
doc_root=                     ; the root of the php pages, used only if nonempty
user_dir=                     ; the directory under which php opens the script using /~username, used only if nonempty
upload_tmp_dir=\windows\temp  ; temporary directory for HTTP uploaded files
extension_dir=./              ; directory in which the loadable extensions (modules) reside


; file extensions (meaningless in UNIX)
cgi_ext=php3
isapi_ext=php3
nsapi_ext=php3


; automatically add files before or after any PHP 3.0 document
auto_prepend_file=
auto_append_file=


[mail function]
SMTP=209.0.28.163                  ;for win32 only
sendmail_from=nobody@plustek.com  ;for win32 only
sendmail_path=                  ;for unix only

[safemode]
safe_mode=0
safe_mode_exec_dir=

[Debugger]
debugger.host=localhost
debugger.port=7869
debugger.enabled=0

[Logging]
logging=0
log_DBM=0
log_DBM_dir=.
log_SQL=0

[LoadExtensions]
; if you wish to have an extension loaded automaticly, use the
; following syntax:  extension=modulename.extension
; for example, on windows,
; extension=msql.dll

[Highlight]
; Colors for Syntax Highlighting mode.  Anything that's acceptable in <font color=???> would work.
highlight.string	=	#DD0000
highlight.comment	=	#FF8000
highlight.keyword	=	#007700
highlight.bg		=	#FFFFFF
highlight.default	=	#0000BB
highlight.html		=	#000000


[SQL]
sql.safe_mode=0

[MySQL]
mysql.allow_persistent=1 ; allow or prevent persistent link
mysql.max_persistent=-1  ; maximum number of persistent links. -1 means no limit
mysql.max_links=-1       ; maximum number of links (persistent+non persistent).  -1 means no limit

[mSQL]
msql.allow_persistent=1 ; allow or prevent persistent link
msql.max_persistent=-1  ; maximum number of persistent links. -1 means no limit
msql.max_links=-1       ; maximum number of links (persistent+non persistent).  -1 means no limit

[PostgresSQL]
pgsql.allow_persistent=1 ; allow or prevent persistent link
pgsql.max_persistent=-1  ; maximum number of persistent links. -1 means no limit
pgsql.max_links=-1       ; maximum number of links (persistent+non persistent).  -1 means no limit

[Sybase]
sybase.allow_persistent=1 ; allow or prevent persistent link
sybase.max_persistent=-1  ; maximum number of persistent links. -1 means no limit
sybase.max_links=-1       ; maximum number of links (persistent+non persistent).  -1 means no limit
;sybase.interface_file = "/usr/sybase/interfaces"
sybase.min_error_severity=10   ; minimum error severity to display
sybase.min_message_severity=10 ; minimum message severity to display


[Sybase-CT]
sybct.allow_persistent=1 ; allow or prevent persistent link
sybct.max_persistent=-1  ; maximum number of persistent links. -1 means no limit
sybct.max_links=-1       ; maximum number of links (persistent+non persistent).  -1 means no limit
sybct.min_server_severity=10 ; minimum server message severity to display
sybct.min_client_severity=10 ; minimum client message severity to display


[bcmath]
bcmath.scale = 3    ; number of decimal digits for all bcmath functions

[browscap]
;browscap = extra/browscap.ini



Note that the only lines that were changed from the default were the following:

[mail function]
SMTP=209.0.28.163                  ;for win32 only
sendmail_from=nobody@plustek.com  ;for win32 only



Basically, the problem is that I am trying to disguse the sendmail_from= setting in the php3.ini and set it to the customers email address that they manually typed in the form.

IF I remove the last section "From: id10t@pacbell.net" the problem does not arise.  Unfortuntely, sends the message as being sent from nobody@plustek.com and a pain for the person handling the customer support email.


Is there a way around this situation or is this a bug that needs to be addressed?


If need be, you can contact me directly at vborrego@plustek.com concerning this situation.

Thank you.

Vince Borrego
Internet Systems Engineer
Plustek USA, Inc.
Email:    vborrego@plustek.com
          webmaster@plustek.com
          id10t@pacbell.net
WWW:      http://www.plustek.com/
          http://www.plustekusa.com/
          http://www.plustek.com.tw/
          http://www.plustek.de/


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [1998-05-22 19:02 UTC] shane
This problem has been resolved in the cvs tree
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Mar 19 10:01:30 2024 UTC