Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    Senior Coder doubledee's Avatar
    Join Date
    Mar 2011
    Location
    Arizona
    Posts
    1,109
    Thanks
    27
    Thanked 0 Times in 0 Posts

    Where to store Admin E-mail

    I'm in the process of streamlining my Error-Handling code, and I would like to put things like the Admin's E-mail in one location, so that I don't have to track it down in multiple places/scripts.

    If I place it in a PHP Constant, would that cause any security issues?

    Furthermore, where would be the best place to store things like E-mail Headers and so on?

    For example...
    PHP Code:
        $headers  "From: Admin <admin@MySite.com>\r\n";
        
    $headers .= "MIME-Version: 1.0\r\n";
        
    $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n"
    Thanks,


    Debbie

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    It depends on what you are referring to as security. Using a defined constant will potentially create a privacy leak between scripts as it will be globally readable in any scope. That's only a problem if you say its a problem; given constant's readonly nature, I'd say there's no problem with that. You wouldn't want to create a defined constant for authentication information if you allow third party addons, but I don't see an issue with an email address (unless you're concerned about spam).

    Email headers should be dynamically and conditionally created within the script handling all the emails. These aren't configuration based data, they are manipulation based on data, so creating a global location for them doesn't make any sense.

  • #3
    Senior Coder doubledee's Avatar
    Join Date
    Mar 2011
    Location
    Arizona
    Posts
    1,109
    Thanks
    27
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Fou-Lu View Post
    It depends on what you are referring to as security. Using a defined constant will potentially create a privacy leak between scripts as it will be globally readable in any scope. That's only a problem if you say its a problem; given constant's readonly nature, I'd say there's no problem with that. You wouldn't want to create a defined constant for authentication information if you allow third party addons, but I don't see an issue with an email address (unless you're concerned about spam).

    Email headers should be dynamically and conditionally created within the script handling all the emails. These aren't configuration based data, they are manipulation based on data, so creating a global location for them doesn't make any sense.
    Right now I have a script called "results.php" which is where I display my Error-Messages and where I log and send out e-mail notifications to the Admin.

    I tweaked my code a bit and added these variables to my script to make it slightly easier to modify...

    PHP Code:
        // ************************
        // Initialize Variables.    *
        // ************************
        
    $emailTo 'JoeTheAdmin@mail.com';

        
    $headers  "From: Admin <admin@MySite.com>\r\n";
        
    $headers .= "MIME-Version: 1.0\r\n";
        
    $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n"

    I guess I was wondering if those should be assigned to Constants, and maybe go into a global "config" file instead?!

    Or are they okay like they are? (Of course, if I need to refer to the Admin E-mail in other scripts, then I'd have a maintenance issue...)


    Debbie

  • #4
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    If its configurable data, put it into a configuration file. An email that can change IMO warrants placing into configuration data.
    Whether its a constant or a variable is up to you.

  • #5
    New Coder
    Join Date
    Apr 2010
    Posts
    55
    Thanks
    0
    Thanked 4 Times in 4 Posts
    Global config file is a good place. If you believe this is something that need to be editable and chnagable by the user, a config table and an option to edit the same from admin interface would be better. However, that is not needed in most custom made scripts. If this is a product that would installed by many people, making it editable would be good.
    Hosting Reviews and Discounts: Bluehost Coupon and Hostmonster Coupon

  • #6
    Banned
    Join Date
    Oct 2012
    Posts
    81
    Thanks
    0
    Thanked 4 Times in 4 Posts
    I store all config. parameters (email address, compnay name, home page url etc etc etc) in a database table and in the Admin account's menu somewhere I will have a "Configure Site" menu option which presents all the config params in a html form from which the admin user can edit them.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •