|
|
» PHP Mail Header Patch |
| php mail header patch |
| Introduction |
This is a patch to add an informational header to messages sent from PHP via the mail()
function. This can help to track which script on a server was used to send a message,
and which client caused it to be sent.
The header added has the form:
Code:
X-PHP-Script: <servername><php-self> for <remote-addr>
For example:
Code:
X-PHP-Script: www.example.com/~user/testapp/send-mail.php for 10.0.0.1
If the connection appears to have come via a proxy cache (i.e. has an "X-Forwarded-For"
header), is a list of addresses (the addresses in X-Forwarded-For, then
the 'real' remote address).
Read more at Steve Bennett's patch
as I created my patches according to his patch with a little tweak/modification since
his patch only available for version 4.3.4 and also won't be working for mail function
example 1 as listed at php manual.
Steve Bennett's original patch can be found here.
If you have downloaded the old patch (before 12 Nov 2006), you are strongly adviced to re-download and patch your php using the new patch as it fixed one potential security risk.
|
| Disclaimer |
YOU ARE FREE TO USE THIS SCRIPT/PATCHES/GUIDE BUT I AM NOT RESPONSIBLE FOR ANY DAMAGE CAUSED!
YOU HAVE BEEN WARNED!!!
|
| Changes |
09 May 2008 GMT +8
Updated to support version 5.2.6
07 Jan 2008 GMT +8
Updated to support version 4.4.8
11 Nov 2007 GMT +8
Updated to support version 5.2.5
03 Sep 2007 GMT +8
Updated to support version 5.2.4
04 Jun 2007 GMT +8
Updated to support version 5.2.3
06 May 2007 GMT +8
Updated to support version 4.4.7 and 5.2.2
04 Mar 2007 GMT +8
Updated to support version 4.4.6
20 Feb 2007 GMT +8
Updated to support version 4.4.5 and 5.2.1
12 Nov 2006 GMT +8
Updated to support version 5.2.0
Many thanks to Stefan Esser from hardened-php.net to report a security issue regarding PHP_SELF in headers thus I have included an extra check for \n and \r string
25 Aug 2006 GMT +8
Updated to support version 5.1.6
23 Aug 2006 GMT +8
Updated to support version 4.4.4 and 5.1.5
05 Aug 2006 GMT +8
Updated to support version 4.4.3
16 Jan 2006 GMT +8
Updated to support version 4.4.2
03 Nov 2005 GMT +8
Updated to support version 4.4.1
11 Sep 2005 GMT +8
Updated to support version 5.0.5
12 Jul 2005 GMT +8
Updated to support version 4.4.0
02 Apr 2005 GMT +8
Updated to support version 5.0.4 and 4.3.11
17 Dec 2004 GMT +8
Updated to support version 5.0.3 and 4.3.10
26 Nov 2004 GMT +8
Updated to support version 5.0.2
2 Oct 2004 GMT +8
Updated to support version 4.3.9
17 Jul 2004 GMT +8
Updated to support version 4.3.8
|
| Patches |
4.4.4
4.4.5
4.4.6
4.4.7
4.4.8
5.1.6
5.2.0
5.2.1
5.2.2
5.2.3
5.2.4
5.2.5
5.2.6
|
| How to apply the above patch? |
1. Download the php source then unpack the source:
wget URL to php-version.tar.bz2
tar xvfj php-version.tar.bz2 -C /usr/local/src
2. Then download my patch according to your version.
3. Patch the source:
cd /usr/local/src
patch -p0 < /path/to/my/patch/you/downloaded
OR
cd /usr/local/src/php-version
patch -p1 < /path/to/my/patch/you/downloaded
4. Configure and compile and install as usual which I am not going to cover here.
|
| How to test? |
Download this example and rename it as ended in .php on your server then point your
browser to it provided you have changed the variable to your email address:
Example php test mail script
|
|
All times are GMT +8. The time now is 05:53 PM.
