[nycphp-talk] Encoding text/html for mailto:
Ben Sgro (ProjectSkyLine)
ben at projectskyline.com
Fri Aug 10 10:51:46 EDT 2007
Good point. I like your idea, but it adds a little more processing since I'd
be handling these pages w/sessions, to thwart potential misuse/abuse.
I like the attachment as a .pdf idea as well.
I'll have to see if its something the client wants before I get too far with
The code snippet you send me works for some, but doesn't work for others.
are still breaking it. Or maybe, mailto has a limit for body size.
Ben Sgro, Chief Engineer
ProjectSkyLine - Defining New Horizons
This e-mail is confidential information intended only for the use of the
individual to whom it is addressed.
----- Original Message -----
From: "Dan Cech" <dcech at phpwerx.net>
To: "NYPHP Talk" <talk at lists.nyphp.org>
Sent: Friday, August 10, 2007 10:18 AM
Subject: Re: [nycphp-talk] Encoding text/html for mailto:
> Ben Sgro (ProjectSkyLine) wrote:
>> Hello All,
>> I've created a "Mail this section" option for a FAQ/Information Center
>> type page I'm working on.
>> It enables visitors to email themselves the contents of a particular
>> section. But I'm running into trouble
>> when foreign/non a-zA-Z0-9 characters are present in the code (which is
>> being pulled from the database).
>> Heres' a code snippet:
>> $body .= "<a href=\"mailto:?Subject=Information Center&body="
>> . html_entity_decode(strip_tags(
>> str_replace(array("&", '"', "\\"), "",
>> $dbObject->result['body']))) . "\""
>> . " class=\"email\">Email this section</a>";
>> Let me reformat that, heh:
>> $body = "<a href=\"mailto:?Subject=Information Center&body=".
>> $dbObject->result['body'] . "\">Email me</a>";
>> So, what can I use on $dbObject->result['body'] to clean/strip away the
>> text? You can see I was messing
>> with a few different options..I know & will break it, as well as " ...
>> but lets just clear out everything (HTML, and all other characters EXCEPT
>> aA-zZ 0-9 and maybe .,-
>> Any help, greatly appreaciated!
> Personally, I think you're probably approaching this the wrong way.
> Not only are you going to be generating huge links (which will cause all
> kinds of grief), but your email will be horribly formatted and the user
> still has to email it to themselves manually from their own mail
> client...very confusing.
> Why not have the link trigger a server-side process to send the mail?
> You may need an input for the user to enter their email address, but
> then you can format the mail in any way you like, using whatever
> character set is appropriate for the content.
> For bonus marks, attach it as a nicely formatted pdf!
> As an aside, when creating any kind of url, there are 2 forms of
> formatting you need to consider.
> 1. urlencode any query strings
> 2. html encode the entire url to make it html-safe
> for example:
> echo '<a href="'. htmlspecialchars('test.php?arg1='. urlencode('val1')
> .'&arg2='. urlencode('value 2 with some odd characters & +'))
> I define functions h() and u() as shortcuts for htmlspecialchars and
> urlencode respectively, as I use them everywhere.
> If you did want to make your current approach work, you would want to do
> something like:
> $body = '<a href="'. h('mailto:?Subject='. u('Information Center')
> .'&body='. u($dbObject->result['body'])) .'">Email me</a>';
> New York PHP Community Talk Mailing List
> NYPHPCon 2006 Presentations Online
> Show Your Participation in New York PHP
More information about the talk