ID: 19538
Comment by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: Feature/Change Request
Operating System: ALL
PHP Version: 4.2.3
New Comment:
Ok, here is simplest verion of what I requested - unfortunately it's
not configureable. I hope that code is ok (is it in terms of php
codding?)
diff -urN php-4.2.3.org/ext/standard/mail.c
php-4.2.3/ext/standard/mail.c
--- php-4.2.3.org/ext/standard/mail.c Tue Oct 29 21:35:04 2002
+++ php-4.2.3/ext/standard/mail.c Tue Oct 29 21:33:03 2002
@@ -21,6 +21,8 @@
#include <stdlib.h>
#include <ctype.h>
#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
#include "php.h"
#include "ext/standard/info.h"
#if !defined(PHP_WIN32)
@@ -37,6 +39,10 @@
#include "safe_mode.h"
#include "exec.h"
+#include "zend_operators.h"
+
+#include "zend_globals.h"
+
#if HAVE_SENDMAIL
#ifdef PHP_WIN32
#include "win32/sendmail.h"
@@ -166,8 +172,42 @@
efree (sendmail_cmd);
if (sendmail) {
- fprintf(sendmail, "To: %s\n", to);
- fprintf(sendmail, "Subject: %s\n", subject);
+ if ((to != NULL) && (strlen(to)!=0)) {
+ fprintf(sendmail, "To: %s\n", to);
+ }
+ if ((subject != NULL) && (strlen(subject)!=0)) {
+ fprintf(sendmail, "Subject: %s\n", subject);
+ }
+
+ TSRMLS_FETCH();
+
+ if (PG(http_globals)[TRACK_VARS_SERVER]) {
+ zval **remote_addr, **server_name,
**server_port,
+ **request_uri, **http_user_agent;
+
+ if
(zend_hash_find(PG(http_globals)[TRACK_VARS_SERVER]->value.ht,
"REMOTE_ADDR", sizeof("REMOTE_ADDR"), (void **) &remote_addr)==SUCCESS)
{
+ convert_to_string_ex(remote_addr);
+ fprintf(sendmail, "HTTP-Posting-Client:
%s\n", Z_STRVAL_PP(remote_addr));
+ }
+ if
(zend_hash_find(PG(http_globals)[TRACK_VARS_SERVER]->value.ht,
"SERVER_NAME", sizeof("SERVER_NAME"), (void **) &server_name)==SUCCESS)
{
+ convert_to_string_ex(server_name);
+ fprintf(sendmail, "HTTP-Posting-URI:
%s", Z_STRVAL_PP(server_name));
+ if
(zend_hash_find(PG(http_globals)[TRACK_VARS_SERVER]->value.ht,
"SERVER_PORT", sizeof("SERVER_PORT"), (void **) &server_port)==SUCCESS)
{
+
convert_to_string_ex(server_port);
+ fprintf(sendmail, ":%s",
Z_STRVAL_PP(server_port));
+ }
+ if
(zend_hash_find(PG(http_globals)[TRACK_VARS_SERVER]->value.ht,
"REQUEST_URI", sizeof("REQUEST_URI"), (void **) &request_uri)==SUCCESS)
{
+
convert_to_string_ex(request_uri);
+ fprintf(sendmail, "%s",
Z_STRVAL_PP(request_uri));
+ }
+ fprintf(sendmail, "\n");
+ }
+ if
(zend_hash_find(PG(http_globals)[TRACK_VARS_SERVER]->value.ht,
"HTTP_USER_AGENT", sizeof("HTTP_USER_AGENT"), (void **)
&http_user_agent)==SUCCESS) {
+ convert_to_string_ex(http_user_agent);
+ fprintf(sendmail,
"HTTP-Posting-User-Agent: %s\n", Z_STRVAL_PP(http_user_agent));
+ }
+ }
+
if (headers != NULL) {
fprintf(sendmail, "%s\n", headers);
}
[misiek@arm ~]$
Previous Comments:
------------------------------------------------------------------------
[2002-10-24 00:28:52] [EMAIL PROTECTED]
Unassign from me, I've no time right now.
Derick
------------------------------------------------------------------------
[2002-10-23 17:30:13] [EMAIL PROTECTED]
Thats exactly it! Derick assigned this task but he is afaik busy and
won't implement this soon. Too bad but I'm patient :-)
------------------------------------------------------------------------
[2002-10-23 17:24:55] [EMAIL PROTECTED]
Ah, I see. So you want to be able to have a php.ini directive like
this:
add_mail_headers = "X-PHP-Script:
{$_SERVER[HTTP_HOST]}{$_SERVER[REQUEST_URI]}\nX-Contact-If-Spammed:
Contact Information\n";
So that every mail() call will add that line. I think that is a valid
request, especially since a badly formed script can really mess things
up. It would default to "", and if it was not properly written it
would be ignored.
By making it configurable, admins can choose to add or remove global
mail headers. I think this would be very useful for installs which
serve lots of customers.
------------------------------------------------------------------------
[2002-10-23 16:01:30] [EMAIL PROTECTED]
I can't modify my customers scripts. Scripts are changing frequently,
new customers upload new scripts and so on. Anyway:
[root@gucio customers]# grep -ri 'mail(' . | wc -l
2873
Changing 2873 not mine script means ,,introduce some bugs'', too.
Basically I want feature that does similar thing to yours but
configurable globally from php.ini.
------------------------------------------------------------------------
[2002-10-23 15:09:47] [EMAIL PROTECTED]
This is easily solved:
mail("[EMAIL PROTECTED]","Subject Line","Body","X-PHP-Mailer-Script:
{$_SERVER[HTTP_HOST]}{$_SERVER[REQUEST_URI]}\nX-PHP-Mailer-Path:
{$_SERVER[SCRIPT_FILENAME]}\nX-PHP-Remote-IP:
{$_SERVER[REMOTE_ADDR]");
This will add three new headers to this mail:
X-PHP-Mailer-Script: yourwebhost.com/path/to/script.php
X-PHP-Mailer-Path: /real/path/to/script.php
X-PHP-Remote-IP: 10.20.30.40
And now you'll know which script the spammer is using.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/19538
--
Edit this bug report at http://bugs.php.net/?id=19538&edit=1
