Mega Code Archive
Email a user with out exposing email address
<![CDATA[
Keeping emails hidden is an increasing concern with all the spam floating around. Here is a way using MySQL and a contact form to allow a group of users on a site to contact each other safely...
<?php
//select the email address' from your db
/*
CREATE TABLE `contacts` (
`id` int(10) NOT NULL auto_increment,
`first_name` varchar(30) NOT NULL default '',
`last_name` varchar(50) NOT NULL default '',
`email` varchar(75) default NULL,
`contact_status` tinyint(1) NOT NULL default '0',
PRIMARY KEY (`id`)
) TYPE=MyISAM AUTO_INCREMENT=2 ;
*/
if (isset($_POST['submit']))
{
//submit button pushed call the send_email function
send_email();
}else{
//nothing has been pushed so show the form
show_form();
}//end if
/*send_mail function */
function send_email()
{
//default values for elements
$subject = '';
$id = '';
$message = '';
$your_name = '';
$your_email = '';
$err_msg = '';
$headers = '';
//get the values from the form handle any errors
if(isset($_POST['subject']))
{
$subject = $_POST['subject'];
}
if(isset($_POST['email']))
{
$id = $_POST['email'];
}
if(isset($_POST['message']))
{
$message = $_POST['message'];
}
if(isset($_POST['your_name']))
{
$your_name = $_POST['your_name'];
}
if(isset($_POST['your_email']))
{
$your_email = $_POST['your_email'];
}
if ($id == "" )
{
$err_msg = "No person chosen.";
}
//sender's email
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $your_email))
{
$err_msg .= "Your email is not valid. Please re-enter it<br />";
$your_email = '';
}
//check to see if the other elements have values
if(empty($message))
{
$err_msg .= "No message set. Please enter a message.<br />";
}
if(empty($subject))
{
$err_msg .= "No subject set. Please enter a subject.<br />";
}
if(empty($your_name))
{
$err_msg .= "No sender name set. Please enter a your name.<br />";
}
//check the err_msg to see if there are any messages
if ($err_msg != ''){
//there is an error so build the data into a pipe delimited string and pass it back to the form
$data = "$id|$subject|$message|$your_email|$your_name";
show_form($data,$err_msg);
die();
}//end if
//get the email from the db and send it
$sql = "select email from contacts where id = $id";
$result = conn($sql);
if(mysql_num_rows($result)==1)
{
$row = mysql_fetch_array($result);
$email = $row['email'];
}
//send the email
//build the headers
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\n";
$headers .= "X-Priority: 1\n";
$headers .= "X-MSMail-Priority: High\n";
$headers .= "X-Mailer: PHP\n";
$headers .= "From: \"".$your_name."\" <".$your_email.">\n";
if (!mail($email, $subject, $message, $headers))
{
echo "Email failed!\nTry again";
show_form();
}else{
echo "<script language='javascript'>alert('Mail sent');</script>";
echo "<script language='javascript'>window.location='thankyou.htm';</script>";
}//end if
}//end function
/*show_form function */
function show_form($data='',$msg='')
{
//show the form for the email
//the $data='' and $msg='' constructs allow for no information to be passed to the function
//set defaults for function
$subject = '';
$email = '';
$message = '';
$your_name = '';
$your_email = '';
//explode the string passed back from the send_mail function if there is an error
if (($data !="" )&&($msg != ""))
{
$elements = explode("|",$data);
$email = $elements[0];
$subject = $elements[1];
$message = $elements[2];
$your_email = $elements[3];
$your_name = $elements[4];
}//end if
/*
optional where clauses could include:
1. only active users
2. check to see if the user wants to allow contact from others on the site
3. only new users (signed up within a certain date)
*/
$sql = "SELECT * FROM contacts";//[optional where clause to show only people who choose to allow contact]
$result = conn($sql);
echo "<head><title>Make A Friend</title></head><body>\n";
echo "<table width='100%' cellpadding='0' cellspacing='0'>\n";
echo "<form name='email' action='".$_SERVER['PHP_SELF']."' method='post'>\n";
echo "<tr><td colspan='2' align='center'><h2>Email A Friend</h2></td></tr>\n";
echo "<tr><td colspan='2' align='center'> </td></tr>\n";
echo "<tr><td colspan='2' align='center' style='color:red; font-weight:bold;'>$msg</td></tr>\n";
//produce the email drop down
if (mysql_num_rows($result)>0){
//produce the drop down list
echo "<tr><td width='50%' align='right'>Name: </td><td><select name='email'>\n"; //optionally add MULTIPLE to allow sending to multiple addresses
echo "<option value=''>Choose One</option>\n";
while ($rows = mysql_fetch_array($result)){
echo "<option value='".$rows['id']."'>".$rows['first_name'].' '.$rows['last_name']."</option>\n";
}//end while
echo "</select></td></tr>";
}else{
//if there is a problem, have the user manually enter the email address
echo "<tr><td colspan='2' align='center' style='color:red; font-weight:bold;'><br />Currently unable to locate email addresses. There maybe a problem with the database.</td></tr>";
echo "<tr><td colspan='2'> </td></tr>";
echo "<tr><td colspan='2' align='center' style='color:red; font-weight:bold;'>Please enter the email address manually</td></tr>\n";
echo "<tr><td width='40%' align='right'>Email Address: </td><td><input type='text' name='email' size='50' value='$email'></td></tr>\n";
}//end if
echo "<tr><td align='right'>Subject: </td> <td><input type='text' name='subject' size='50' value='$subject'></td></tr>\n";
echo "<tr><td align='right' valign='top'>Message: </td> <td><textarea name='message' cols='25' rows='10'>$message</textarea></td></tr>\n";
echo "<tr><td align='right'>Your name: </td> <td><input type='text' name='your_name' cols='25' rows='10' value='$your_name' ></td></tr>\n";
echo "<tr><td align='right'>Your Email: </td> <td><input type='text' name='your_email' cols='25' rows='10' value='$your_email'></td></tr>\n";
echo "<tr><td colspan='2' align='center'><input type='submit' value='Send Email' name='submit'><input type='reset' value='Reset'></td></tr>\n";
echo "</form></table></body>\n";
}//end function
/* db connection function */
function conn($sql)
{
$host = "localhost";
$user = "user";
$pass = "pass";
$db = "my_db";
//echo "commnecing connection to local db<br>";
if (!($conn=mysql_connect($host, $user, $pass))) {
printf("error connecting to DB by user = $user and pwd=$pass");
exit;
}
$db3=mysql_select_db($db,$conn) or die("Unable to connect to local database");
$result = mysql_query($sql) or die ("Can't run query because ". mysql_error());
return $result;
}//end function
?>
]]>