scotttyz

I use 1st Page 2K (not front page) from eversoft.com and write my code be hand. I found most WYSIWYG editor wrote nasty code, and I had to hand edit some of it on most pages anyways. I imagine the editors have gotten much better in the last few years but now I am hooked on hand coding.

I need to set up 2 sets of email (acccounts? lists? forwards?) We have about 12 email addresses (@****) I need to set up a (whatever) that send an email to 4 of them and another that emails about 8 of them. Anyone should be able to send an email to these. If i set up forwards it looks like I am going to have to also set up an email account that would require me to "empty" on a regular basis. Am I wrong on this?? Mailman looks like it would not allow non-list members to send emails to "the list" The other hosts I have been with have all had a "forwards to" type of email accounts that did not store the messages but allowed us to send out emails to our different groups.

Rookie here too. But here goes... I think if you disable annon FTP access in cPanel this would allow only users you set up to get in. IS the answer this simple? Probably not.

Thanks for the input Charlie. Unfortunately I have 2 php scripts that do other things in addition to sending out an email (append or modify a .htaccess style file) and it would take way to much work to try to include a script like that into my pages, but thanks for the info on a secure PHP form mailer!! Rock Sign

Sorry, that REALLY made me laught

I think the late night web gods are smillling on me. No idea why, but it is working

I need to MANUALLY configure .htaccess files to protect some directories. I have some "add user forms" that update this via PHP so the cPanel stuff will not work for me. I may be missing something stupid, is there anyone that can help?? >AuthUserFile "/home/******/rep_users/REP.user" AuthGroupFile "/dev/null" AuthName "All About Play" AuthType Basic <Limit GET POST> require valid-user </Limit> the files seems to be in the right place. And I get challanged by the webbrowser for authentication but it will not acceot any of my old dot ht password file.

trying to secure form submited info to disalow spammers. Any other PHP'ers out there with suggestions?? ><?php // set up variables $redirect = "thanks.url"; \\your thank you URL $subject = "Enter a subject here"; \\your subject $mailingto = "you@******"; \\hardcoded to: field $headers = "From: webserver@******\r\n" . "Reply-to: webserver@******\r\n" . "X-Mailer: PHP-" . phpversion(); \\change who you want the emails from $message = ""; \\just clearing anything a spammer tried to pass $tmessage = ""; \\just clearing anything a spammer tried to pass $securemessage ""; \\just clearing anything a spammer tried to pass $welcome = "enter message to send to form submittal recipient \n" \\start your email $footer = "this will apear after the form data\n" \\ this will end the email //parse form submittal - enters each field submitted on a new line "name : value" foreach($HTTP_POST_VARS as $key => $value) { $message .= $key ." : " .$value ."\n"; } //eliminate any email at's $securemessage = srt_replace('@', "at", $message); //build email $tmessage = "$welcome\n\n$message\n$footer"; $ret = mail($mailingto, $subject, $securemessage ,$headers); //make sure we sent email and redirect if ($ret) { header("Location: $redirect"); } else { echo('<h1>Enter your WOOPS form did not work here</h1>'); } ?> I have not checked the script yet, but wanted to get some input. I am aware of some spammers trying to send cc:'s thru form subbmitions and want to make a simple php script that had every place there could be an email either hardcoded or check and remove any @'s. Thoughts? Suggestions? Martini's??

I posted this as a reply to another message but want to make sure the Dev's see it ASAP The issue I have heard about it that you can include a "\n cc: name@host.com, etc" in the first "form variable" in the email because RFC822 isn't specific about what order the mail headers have to be in, only that the requisite minimum are there. So a spamer could pull the passed variable (form contents) and inlcude a list of cc:........ to your script. IE: (for php) mail ($to$, $subject, $message, $headers) you hard code the to: and headers: fields but the spammer uses the $ subject (or $message) field to pass a: \n cc: name@mail.com;name@mail.com;name@mail.com;name@mail.com; and on in almost any place in your form subbmitted variables. I am working on a php mail script that checks the non hard coded variables for "@" and replaces with "at" That should do it, If I am wrong please poke holes in my theory!!!! Some hosts are already have a big issue with this.

The issue I have heard about it that you can include a "\n cc: name@host.com, etc" in the first "form variable" in the email because RFC822 isn't specific about what order the mail headers have to be in, only that the requisite minimum are there. So a spamer could pull the passed variable (form contents) and inlcude a list of cc:........ to your script. IE: (for php) mail ($to$, $subject, $message, $headers) you hard code the to: and headers: fields but the spammer uses the $ subject (or $message) field to pass a: \n cc: name@mail.com;name@mail.com;name@mail.com;name@mail.com; and on in almost any place in your form subbmitted variables. I am working on a php mail script that checks the non hard coded variables for "@" and replaces with "at" That should do it, If I am wrong please poke holes in my theory!!!! Some hosts are already have a big issue with this.

If you are getting the following from php on a "header Location:" in php:: Cannot modify header information - headers already sent by ......... add a .htaccess file to the directory with the following: PHP_FLAG output_buffering on This will fix your problem!!!! Rock Sign

surprissingly clean after trying to find a new host all weekend

Welcome to the family!! Rock Sign From a newborn myself..

My guestimation is : /home/**insert user name***/public_html (/home/asdfqwert/public_html) is this correct??

Thanks for the heads up Glen. We acually have no list. Only 1 email is sent upon sign up to our password protected site, but the user has to be added one of our (total of 10) employees thru a .htaccess protected page. None of it is public. signed ------ waiting for my email with user name and password -------- PS SO happy to be here!!!

thanks HCSS, Just got to get my bosses arse on the phone in the AM.

I looked for tutorial or "howTO:" but could not find one, if I missed it forgive me, been on my pute almost all day looking for www.totalchoicehosting.com lmao We have a currently hosted domain name listed at tocows. Will I be able to transfer my web pages and MySQL phpbb, files and such then have a day or two to make everything (bit of php stuff) work? then migrate email and send tocows to dns.tch.com? I am unsure how this would work without a dedicated IP (to be able to veryify scripts and such). Gotta grab the boss to set up account, then do my stuff. But I am in outside sales also, not a ton of time for me to get it done ASAP.

and that solves it. Thanks

ThinkI might have narrowed the list to 1 Been a pain in the rear weekend. I have heard problems with the following from another i was looking at: If a file on my server (even just outside public_html) is chmod'd to 777 would other sites on my server be able to get access?? I guess it depends on apache set up or something. Not a hosting guru myself, lmao

Yes the "other guy" does hence the knowledge about some pissed customers about have their pearl/php mailto: scripts being taken down on the fly. One last question (ya right): If a file on my server (even just outside public_html) is chmod'd to 777 would other site on my server be able to get access??

one more question. We seem to email a few .exe files a year that are already compressed. Is there a way to disable the .exe blocking on email?

Hiho Bill, Ya I gather these guys (and gals) are serious. That is why I am down to 2 from about 30 I was looking at. and FWIW I could care less about $50 bucks a year, even $75. I am looking for service. Most every host that was "inexpensive" did not make the cut.

Well I am down to the short list of possible new webhosts (2 now). Have heard great things about TCH so here goes: 1) Use of PHP mail() scripts. Are there any restrictions? My scrips are either in a password protected (.htaccess) section or have the domain name hard coded into the "to:" section. The other host is currently yanking many (some very secure) on the fly, with some pissed customers. 2) any restrictions on using php classes to work with files? I am using Htaccess.class.php3 to edit a user.file (like .htpasswd) via a webpage. 3) Any file restrictions? .exe files? (for download) 4) dedicated IP's? 5) can we limit ftp access with different ftp usernames? 6) What is your biggest fault? (got to be one out there) signed, very angry at current host (lol)