Security suggestion for custom email system made on JS and PHP

  • Resolved southcast

    (@southcast)


    11 years, 10 months ago

    I have finally put together a custom email system utilizing JS and PHP, in which the content within a specific div is mailed to me from my website. I have given the Javascript, Html and php mail script below so you could get a clear idea, how it works. It works just fine. FYI I am no expert on codes and I just copy paste stuff which works for me.

    Please suggest me a few codes to make this system a bit more secure.

    JAVASCRIPT

    <script type="text/javascript">
jQuery(document).ready(function($) {
    $('#sendEmail').click(function(){
             $.ajax({
                 type: 'POST',
                 url: 'https://xxxxxxxxxxxxxxx/email.php',
                 data: { content: $('#email-data').html()},
                 success:function(data) {
                        alert('You data has been successfully e-mailed');
                }
           });
     });
});
</script>

    HTML

    <div id="email-data">
    <div id="content">
        some php generated content
    </div>
</div>
<a id="sendEmail"> SEND EMAIL</a>

    PHP MAIL CODE :

    <?php
  $to = "[email protected]";
  $subject = "FROM WEBSITE";
  $message = $_POST['content'];
  $headers = "From: company <[email protected]>" . "\r\n" .
             "Content-type: text/html" . "\r\n";
  mail($to, $subject, $message, $headers);
?>

  • The topic ‘Security suggestion for custom email system made on JS and PHP’ is closed to new replies.