Registration to newsletter

[ebba]

I have a page where people can submit to a newsletter. At this point they must send an email to me whith their email address. Can I in somehow make a php-script so they only can enter their email address and I get it via e-mail?

[webmaster]

Try something like this:

[php]<?php

if(isset($_POST['submit'])) {

$to = "your@email.com";
$subject = "Registration to newsletter";
$message = $_POST['email'];
mail($to, $subject, $message);

echo "You are now registered to the newsletter!";

} else { ?>

<form method="post">
Your e-mail address: <input type="text" name="email" />
<input type="submit" name="submit" value="send the mail" />

<?php } ?>[/php]

[Protege]

Remember: before you go adding that to a 'live' site it needs some security. If it gets abused then you're up a certain creek without a paddle.

[webmaster]

Remember: before you go adding that to a 'live' site it needs some security. If it gets abused then you're up a certain creek without a paddle.

Exactly, some use forms like this to send out spam. I'm not very good at e-mail security and what's possible to do with email-injections in forms. But this is what I use, are there anything I've missed?

[php]<?php
$message = str_replace(array("","Content-Type:","bcc:","cc:","MIME-Version:",
"Content-Transfer-Encoding:","%"),"",$message);
?>[/php]

[Phate]

what exactly does that do?

[webmaster]

what exactly does that do?

If someone writes "Content-Type:", "bcc:","cc:", "MIME-Version:", "Content-Transfer-Encoding:" or "%" in the message, They will be removed.

[Phate]

oh!

thanks very much!