0

I send emails to my clients with an "Answer survey" link, and I'm not sure what HTTP method to use to add the user's email to each link, my options are to use the email as a GET parameter in the URL or to add a form to the email with the user's email as a POST parameter.

What is the pros/cons of each ? and what is the best way to accomplish this? I'm concerned about security.

Mostafa Berg
  • 3,211
  • 22
  • 36
Sydowh
  • 99
  • 2
  • 11

1 Answers1

1

You cannot post post in email also javascript will not run email client , the best why is to make the secure email link for that you need to encrypt the email and put that in link

like that http://{link-to-surveypage}/{encrypt-email}

on that page you decrypt that and get the user email in safe and secure why here is the function you can use

<?php
function encrypt_decrypt($action, $string)
{
    $output = false;

    $key = 'P0Qst@163!#';

    // initialization vector 
    $iv = md5(md5($key));

    if ($action == 'encrypt') {
        $output = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, $iv);
        $output = base64_encode($output);
    } else {
        if ($action == 'decrypt') {
            $output = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($string), MCRYPT_MODE_CBC, $iv);
            $output = rtrim($output, "");
        }
    }
    return $output;
}
iainn
  • 16,826
  • 9
  • 33
  • 40
Mukesh Prajapat
  • 118
  • 2
  • The `mcrypt` extension is deprecated from PHP 7.1, it's not advisable to write code using it any more. You should be using the [OpenSSL](http://php.net/manual/en/book.openssl.php) library instead. – iainn May 05 '17 at 08:53