Forum Moderators: phranque
Where can I find or buy a script that will allow me to do this on standard .html pages, rather than php ones?
To send it from the server it has to be processed by something like a php script.
Marshall
<script type="text/javascript">
<!-- Begin
function isPPC() {
if (navigator.appVersion.indexOf("PPC")!= -1) return true;
else return false;
}
if(isPPC()) {
document.write('A HREF=\"mailto:\?subject\=Take a look at this page I found, ' + document.title + '?body=You can see this page at: ' + window.location + '\" OnMouseOver="status=\' \'; return true;" TITLE="Send your friends an e-mail about this page">Email this page to a friend<\/A>');
}
else { document.write('<A HREF=\"mailto:\?body\=Take a look at this page I found, ' + document.title + '. You can see this page at: ' + window.location + '\" OnMouseOver="status=\' \'; return true;" TITLE="Send your friends an e-mail about this page">Email this page to a friend<\/A>');
}
// End -->
</script>
Try [google.com...]
Not very helpful considering I Googled it beforehand and only found scripts related to php programs or sites that were willing to do it for me given they place my ads in the emails received.Marshall, that's a useful script (tested it). The only downside is that it relies on someone's default email program, and not everyone uses Outlook. I guess I'm looking for something more along the lines of a program that will simply ask for the email of the user, email or name of the sender and then be sent via my server.
Here's also a thought: I use server side includes on some sites. Could I get away with doing a blank php-driven "tell a friend page" and simply reference it as a footer include on all my regular html pages (just as I use ads or footer links as includes)? Maybe that way the php form could work on an html page.
[edited by: DXL at 8:55 am (utc) on July 29, 2007]
Here's an example:
<a href="#" onClick="javascript:window.open('tellafriend.php?title='+escape(document.title)+'&url='+escape(window.location), 'taf_dialogue', 'height=200,width=300', false);">Tell a friend</a>This is the tellafriend.php script:
<?php
if ($_POST['toemail')
{
//do validation here as required
mail($_POST[to],"Recommended page","Your friend, $_POST[fromname], recommends $_GET[title], a page found at $_GET[url]","From: $_POST[fromname] <$_POST[fromemail]>");
print "<center>We have let your friend know</center>";
}
else
{
print "<form method=\"POST\">
<label for=\"fromname\">Your name: </label><input type=\"text\" name=\"fromname\"><br>
<label for=\"fromname\">Your email: </label><input type=\"text\" name=\"fromemail\"><br>
<label for=\"fromname\">Friend's email address: </label><input type=\"text\" name=\"to\"><br>
<input type=\"submit\"></form>";
}
?>
I'm no php expert but the script posted above for example appears to be vulnerable under any circumstances becsue it doesn't check for header injections, even if you specified the "to:" field in the script. Using Cc a bot could send out a massive amount spam in one post:
[securephpwiki.com...]
Whatever the case you better do some heavy duty research on securing it and limiting its usage.
I'm no php expert but the script posted above for example appears to be vulnerable under any circumstances
I deliberately didn't post validation methods as to do so would reveal those which I use, making it easy for my own forms to be hacked...
My thought on these is that fake "tell a friend" messages used to be a major route for spam and viruses although I haven't noticed any recently. Anybody who is reasonably web savvy will have their filters set to zap them unopened.
Not very helpful considering I Googled it beforehand
Very sorry for not being helpful, perhaps I better stop trying?
