Hello everyone,
I want to make sure I’m using the most up to date standards to securely send out mail with PHP. Actually, I’m using Amazon SES currently as a wrapper around PHP.
Everyone I’ve tried asking has given me very vague one sentence answers, a la “Sanitize your emails”. However, I’m really new to PHP, but really quick to learn, and I don’t just want to throw awful code together.
So, I have a backend DB (WP) that is filling in the recipient portion of the email in a comma separated string. I’m sending from a no-reply email.
I get the recipients as such:
[php]$emails = $_POST[‘mailto’];
$to = explode(’,’, $emails);[/php]
$emails will be "[email protected],[email protected]", we’ll say. For SES, I need to turn it into an array, which explains line two.
Now, I know I should be sanitizing the emails - something like this:
[php]filter_var($_POST[‘mailto’], FILTER_SANITIZE_EMAIL);[/php]
But that doesn’t work for a comma separated string.
Also, I’m not sure what the correct, up to date headers to use would be, especially if I want to send a custom Reply-to email. If anyone could point me in the right direction, I’d be grateful! Thank you!