How To Send Email Using Php Mail Function

The mail function accepts the following parameters:

	Email address

	Subject

	Message

	CC or BC email addresses


			It’s a cost effective way of notifying users on important events.

			Let users contact you via email by providing a contact us form on the website that emails the provided content.

			Developers can use it to receive system errors by email

			You can use it to email your newsletter subscribers.

			You can use it to send password reset links to users who forget their passwords

			You can use it to email activation/confirmation links. This is useful when registering users and verifying their email addresses

In this tutorial, you will learn-

Why/When to use the PHP mail Simple Mail Transmission Protocol Sanitizing email user inputs Secure Mail

Why/When to use the mail PHP

Sending mail using PHP

The PHP mail function has the following basic syntax HERE,

	“$to_email_address” is the email address of the mail recipient

	“$subject” is the email subject

	“$message” is the message to be sent.

	“[$headers]” is optional, it can be used to include information such as CC, BCC


			CC is the acronym for carbon copy. It’s used when you want to send a copy to an interested person i.e. a complaint email sent to a company can also be sent as CC to the complaints board.

			BCC is the acronym for blind carbon copy. It is similar to CC. The email addresses included in the BCC section will not be shown to the other recipients.

Simple Mail Transmission Protocol (SMTP)

PHP mailer uses Simple Mail Transmission Protocol (SMTP) to send mail. On a hosted server, the SMTP settings would have already been set. The SMTP mail settings can be configured from “php.ini” file in the PHP installation folder. Configuring SMTP settings on your localhost Assuming you are using xampp on windows, locate the “php.ini” in the directory “C:\xampp\php”.

	Open it using notepad or any text editor. We will use notepad in this example. Click on the edit menu








	Click on Find… menu








	The find dialog menu will appear








	Click on Find Next button








	Locate the entries

[mail function]

; XAMPP: Don’t remove the semi column if you want to work with an SMTP Server like Mercury

			; SMTP = localhost

			; smtp_port = 25

			Remove the semi colons before SMTP and smtp_port and set the SMTP to your smtp server and the port to your smtp port. Your settings should look as follows


					SMTP = smtp.example.com

					smtp_port = 25

Note the SMTP settings can be gotten from your web hosting providers.

					If the server requires authentication, then add the following lines.


							auth_username = example_username@example.com

							auth_password = example_password

							Save the new changes.

							Restart Apache server.

PHP Mail Example Let’s now look at an example that sends a simple mail. Output:

Note: the above example only takes the 4 mandatory parameters. You should replace the above fictitious email address with a real email address.

Sanitizing email user inputs

The above example uses hard coded values in the source code for the email address and other details for simplicity. Let’s assume you have to create a contact us form for users fill in the details and then submit.

	Users can accidently or intentional inject code in the headers which can result in sending spam mail

	To protect your system from such attacks, you can create a custom function that sanitizes and validates the values before the mail is sent.

Let’s create a custom function that validates and sanitizes the email address using the filter_var built in function. Filter_var function The filter_var function is used to sanitize and validate the user input data. It has the following basic syntax. HERE,

	“filter_var(…)” is the validation and sanitization function

	“$field” is the value of the field to be filtered.

	“SANITIZATION TYPE” is the type of sanitization to be performed on the field such as;

FILTER_VALIDATE_EMAIL – it returns true for valid email addresses and false for invalid email addresses.

FILTER_SANITIZE_EMAIL – it removes illegal characters from email addresses. info@domain.(com) returns info@domain.com.

FILTER_SANITIZE_URL – it removes illegal characters from URLs. http://www.example@.comé returns >http://www.example@.com

FILTER_SANITIZE_STRING – it removes tags from string values. am bold becomes am bold.

The code below implements uses a custom function to send secure mail. Output:

Secure Mail

Emails can be intercepted during transmission by unintended recipients. This can exposure the contents of the email to unintended recipients. Secure mail solves this problem by transmitting emails via Hypertext Transfer Protocol Secure (HTTPS). HTTPS encrypts messages before sending them.

Summary

	The PHP built in function mail() is used to send mail from PHP scripts

	Validation and sanitization checks on the data are essential to sending secure mail

	The PHP built in function filter_var() provides an easy to use and efficient way of performing data sanitization and validation