-1

In the following function, the $aFrom variable sets the "from" field to be an email address to which the recipient can reply. However, what if I want to add a "from" name. For example, my email address is johndoe@gmail.com, but when the person gets the email I want them to see that the email is from "John Doe". They should still be able to reply to johndoe@gmail.com though.

public static function SendMail_HTML($aFrom, $aTo, $aSubject, $aMessage) {
    $theHeaders =
        'MIME-Version: 1.0' . "\r\n" .
        'Content-type: text/html; charset=UTF-8' . "\r\n" .
        'From: ' . $aFrom . '' . "\r\n" .
        'Reply-To: ' . $aFrom . "\r\n" .
        'X-Mailer: PHP/' . phpversion();

    mail($aTo, $aSubject, $aMessage, $theHeaders);

}
Vikrant Gupta
  • 25
  • 2
  • You'll want it to be `From: John Doe `. – ceejayoz May 29 '16 at 03:03
  • 1
    Possible duplicate of [Change the sender name php mail instead of sitename@hostname.com](http://stackoverflow.com/questions/8365754/change-the-sender-name-php-mail-instead-of-sitenamehostname-com) – Ani Menon May 29 '16 at 03:13

2 Answers2

0

The 'From' header can contain a name as well as the email address of the intended recipient. All you need to do is format it correctly.

Change:

'From: ' . $aFrom . '' . "\r\n" .

into

'From: John Doe <' . $aFrom . '>' . '' . "\r\n" .

by wrapping the email address in <> characters. Then, just replace the "John Doe" portion with the correct name, either directly or with a variable.

Note: Make sure to sanitize any values you accept from users that you are planning on using directly in email headers.

badandyomega
  • 252
  • 1
  • 4
  • What is `. '' .` all about? – Mike May 29 '16 at 03:12
  • How do I sanitize the email fields? – Vikrant Gupta May 29 '16 at 03:17
  • @Mike, the ". '' . " part was in the original code posted by the op. It's not necessary and can be removed. – badandyomega May 29 '16 at 03:27
  • @VikrantGupta, The most important thing is to prevent any extra "\r\n" characters from ending up in your header value. In email-header-land, the "\r\n" (sometimes just "\n") is used to delimit headers, so if someone were to maliciously try to enter a name like 'John Doe' . "\r\n" . 'My nasty evil header' . "\r\n", they could potentially hijack your email and send it to whomever they want. It's called header injection, and it's best to avoid it at all costs. I would use str_replace(array("\r","\n"), '', $name) or something similar. – badandyomega May 29 '16 at 03:32
0

You can try this variant. Here is new $aFromName argument, you can use it for pass sender name to your function, and in this case receiver get email from for example John Doe <john@doe.com>. Email client show only 'John Doe' and if you reply to this email it will be sended to john@doe.com

function SendMail_HTML($aFrom, $aTo, $aSubject, $aMessage, $aFromName = '')
{
    $aFrom = $aFromName === '' ? $aFrom : "$aFromName <$aFrom>";
    $theHeaders =
      'MIME-Version: 1.0' . "\r\n" .
      'Content-type: text/html; charset=UTF-8' . "\r\n" .
      'From: ' . $aFrom . '' . "\r\n" .
      'Reply-To: ' . $aFrom . "\r\n" .
      'X-Mailer: PHP/' . phpversion();
    mail($aTo, $aSubject, $aMessage, $theHeaders);
}
errogaht
  • 303
  • 1
  • 4
  • 12
  • **Why** should the OP try this variant? What's different about it? Add some text explaining what you've done. – Mike May 29 '16 at 03:30