Introduction

Last Updated: 22 Jun 2013 GMT +8.

This is a patch to add an informational header to messages sent from PHP via the mail() function. This can help to track which script on a server was used to send a message, and which client caused it to be sent.

The header added has the form:

X-PHP-Script: <servername><php-self> for <remote-addr>

For example:

X-PHP-Script: www.example.com/~user/testapp/send-mail.php for 10.0.0.1

If the connection appears to have come via a proxy cache (i.e. has an "X-Forwarded-For" header), is a list of addresses (the addresses in X-Forwarded-For, then the 'real' remote address).

Read more at Steve Bennett's patch as I created my patches according to his patch with a little tweak/modification since his patch only available for version 4.3.4 during the time I checked and also won't be working for mail function example 1 as listed at php manual. Steve Bennett's original patch can be found here.


Disclaimer

YOU ARE FREE TO USE THIS SCRIPT/PATCHES/GUIDE BUT I AM NOT RESPONSIBLE FOR ANY DAMAGE CAUSED! YOU HAVE BEEN WARNED!!!

Changes

  • 22 Jun 2013 GMT +8
  • Updated to support version 5.5.x
  • 06 Mar 2012 GMT +8
  • Updated to support version 5.4.x
  • 11 Dec 2010 GMT +8
  • Updated to support version 5.2.15
  • Updated to support version 5.3.4
  • 08 Aug 2010 GMT +8
  • Updated to support version 5.2.14
  • Updated to support version 5.3.3
  • 20 Mar 2010 GMT +8
  • Updated to support version 5.2.13
  • Updated to support version 5.3.2
  • 18 Dec 2009 GMT +8
  • Updated to support version 5.2.12
  • 02 Dec 2009 GMT +8
  • Updated to support version 5.3.1
  • 30 Sep 2009 GMT +8
  • Updated to support version 5.2.11
  • 02 Jul 2009 GMT +8
  • Updated to support version 5.2.10
  • Updated to support version 5.3.0
  • 31 Mar 2009 GMT +8
  • Updated to support version 5.2.9
  • 09 Dec 2008 GMT +8
  • Updated to support version 5.2.8
  • 15 Sep 2008 GMT +8
  • Updated to support version 4.4.9
  • 09 May 2008 GMT +8
  • Updated to support version 5.2.6
  • 07 Jan 2008 GMT +8
  • Updated to support version 4.4.8
  • 11 Nov 2007 GMT +8
  • Updated to support version 5.2.5
  • 03 Sep 2007 GMT +8
  • Updated to support version 5.2.4
  • 04 Jun 2007 GMT +8
  • Updated to support version 5.2.3
  • 06 May 2007 GMT +8
  • Updated to support version 4.4.7 and 5.2.2
  • 04 Mar 2007 GMT +8
  • Updated to support version 4.4.6
  • 20 Feb 2007 GMT +8
  • Updated to support version 4.4.5 and 5.2.1
  • 12 Nov 2006 GMT +8
  • Updated to support version 5.2.0
  • Many thanks to Stefan Esser from hardened-php.net to report a security issue regarding PHP_SELF in headers thus I have included an extra check for \n and \r string
  • 25 Aug 2006 GMT +8
  • Updated to support version 5.1.6
  • 23 Aug 2006 GMT +8
  • Updated to support version 4.4.4 and 5.1.5
  • 05 Aug 2006 GMT +8
  • Updated to support version 4.4.3
  • 16 Jan 2006 GMT +8
  • Updated to support version 4.4.2
  • 03 Nov 2005 GMT +8
  • Updated to support version 4.4.1
  • 11 Sep 2005 GMT +8
  • Updated to support version 5.0.5
  • 12 Jul 2005 GMT +8
  • Updated to support version 4.4.0
  • 02 Apr 2005 GMT +8
  • Updated to support version 5.0.4 and 4.3.11
  • 17 Dec 2004 GMT +8
  • Updated to support version 5.0.3 and 4.3.10
  • 26 Nov 2004 GMT +8
  • Updated to support version 5.0.2
  • 2 Oct 2004 GMT +8
  • Updated to support version 4.3.9
  • 17 Jul 2004 GMT +8
  • Updated to support version 4.3.8

Download Patches

  • 5.2.x md5sum e6cb9d562ecd1d8858ad883cb4d8b87e
  • 5.3.x md5sum d13ef4c0f426d16325db5cd8c04066df
  • 5.4.x md5sum d4a3c0c8038a5fb7085263f3d6a54339
  • 5.5.x md5sum cb07f703e5dced1ec03e4b2ccf5534f3

Looking for old patches? → Please Help Yourself


How to Apply the Above Patch?

Example for php version 5.4.18:

cd /usr/local/src
wget http://us2.php.net/get/php-5.4.18.tar.bz2/from/this/mirror
wget http://choon.net/opensource/php/php-5.4.x-mail-header.patch
tar jxvfp php-5.4.18.tar.bz2
cd php-5.4.18
patch -p1 < ../php-5.4.x-mail-header.patch

  • Line 1: Change current working directory to /usr/local/src
  • Line 2: Download php version 5.4.18 source
  • Line 3: Download php mail header patch for version 5.4.18
  • Line 4: Unpack php version 5.4.18 source
  • Line 5: Change current working directory to the newly unpacked php source
  • Line 6: Apply php mail header patch

Configure and compile and install as usual which I am not going to cover here.


How to Test?

Download this example php script and rename it to ended as .php extension in your server then point your browser to it provided you have changed the variable $to in the example script to your valid email address:

Portal Log In/Sign In

Log In/Sign In to the Portal requires cookies and javascript.

×
×