By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,776 Members | 1,322 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,776 IT Pros & Developers. It's quick & easy.

A link in an email that, on click, sends the headerinfo to a server

P: n/a
Hi there

Is it posible to make a link (to a php-file on a server) in an email
that, when you click on it, sends info about who the reciver of the
email is?

Lets say I send out an email thru an alias to a group of people and I
want to give them the opportunity to sign up for an event using that
link. Those that click the link are added to a post in a database
(MySQL), eg. with their email adress, initials, name... whatever. I
guess that it would be easy if it just takes the contest of the
to-field in the emails headerinfo? If a spammer can do it, so can I :o)

And... if you have an answer please assume that I know practicly
nothing about php :o) I have made a few sites with php and MySQL, but
nothing fancy - just simple guestbooks etc.

thanks in advance

/Nigo

Jul 17 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
Nigo (ni***************@gmail.com) wrote:
: Hi there

: Is it posible to make a link (to a php-file on a server) in an email
: that, when you click on it, sends info about who the reciver of the
: email is?

One comon technique used by mail lists is to put a unique id in each mail
message "href='http:/my/server.com/responder?id=12345'". The id is first
saved in your database. When the user follows the link then you know
which user is responding by looking at the id. The id should be some kind
of random number to prevent possible abuse from little kid hackerholics.

That works well for things like maillist signup confirmations since each
confirmation message is sent out one at a time. It doesn't work so well
for checking who is responding to a typical mail list message.

If you want to identify a person and that person is an _already_ signed up
member of a web site, then you can try to use cookies to identify them.
They follow the link, which opens their browser, which visits the page.
The cookie (which has to have been set earlier when they signed up) will
be returned to the php script, and from that cookie you know who it is.

You can also simply ask them who they are. Again, if they already have a
membership at your site then asking them to login when they visit may not
be too onerous a task. For example I think my paypal account asks me to
login each time I reach it via a mail message link. Since it has my
money, I don't mind having to login. If it was some boring message board
I regret joining then of course I won't login if they ask, I'll just
leave.

Otherwise you would have to examine the various headers sent from the
browser, and the ip address etc, but that is a fools game since it doesn't
really tell you anything much.

: Lets say I send out an email thru an alias to a group of people and I
: want to give them the opportunity to sign up for an event using that
: link. Those that click the link are added to a post in a database
: (MySQL), eg. with their email adress, initials, name... whatever. I
: guess that it would be easy if it just takes the contest of the
: to-field in the emails headerinfo? If a spammer can do it, so can I :o)

There is no way to "copy" the mail headers from the mail message into the
browser. The mail message will contain a link, and that link "informs"
the mail program to open the user's browser, and the browser then follows
the link. The only thing the browser will know about the original mail
message is what you can stuff into the text of the link.

If you look closely, you'll see that each spam message that does this sort
of thing is sent individually, and each will have an id, similar to the
way I described above.

--

This space not for rent.
Jul 17 '05 #2

P: n/a
>You can also simply ask them who they are. Again, if they already have a
membership at your site then asking them to login when they visit may not
be too onerous a task.


Ok thanks... I think I'll go for that - after all there's onl about 10
people on the mailing list, so some kind of check-box system on the
site (eg sign person A up for this event) will propably do the trick

best regards
Nigo

Jul 17 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.