Support > cpg1.5 email

Contact from option - copy to self

<< < (2/2)

Αndré:
I'll review your patch soon. Adding it as hidden feature to cpg1.5.x and new config option to cpg1.6.x was exactly what I had in mind ;)

Αndré:
I re-considered about that feature while I came across

--- Code: ---$CONFIG['contact_form_guest_email_field']
--- End code ---

If we display that option for guests, spammers could easily use the contact form to send spam via a Coppermine gallery. Even if we enable it just for registered users, we cannot say without fail if the email address entered during the registration really belongs to the user, as the admin has the choice if he wants his users to validate the email address during registration. I introduced a database column "user_email_valid" in cpg1.5.10, which is the only way to determine without fail if an email address is valid, and it won't work in bridged galleries. This results in a situation that the option isn't displayed for all users for sure or at all.

For that reason I don't want to add this feature to the core code.

Of course it could be implemented as plugin. We could use captcha_contact_print to display the option and probably another existing hook like page_start to send the email (instead of using the Cc option, just send a separate email). If not, we need to add a new plugin hook. To make this clear, I've no interest in creating such a plugin, but am ready to help to find/create the plugin needed hook(s).

gmc:

--- Quote from: Αndré on January 30, 2014, 12:25:10 pm ---If we display that option for guests, spammers could easily use the contact form to send spam via a Coppermine gallery. Even if we enable it just for registered users, we cannot say without fail if the email address entered during the registration really belongs to the user, as the admin has the choice if he wants his users to validate the email address during registration. I introduced a database column "user_email_valid" in cpg1.5.10, which is the only way to determine without fail if an email address is valid, and it won't work in bridged galleries. This results in a situation that the option isn't displayed for all users for sure or at all.

--- End quote ---
Leave it to spammers to ruin a perfectly good idea... sigh... You are right of course - any valid email entered by a guest would be used - and most certainly result in spam... I know I've had many registrations from spammers - I happen to force validation so they never get activated (but I didn't check that in the sample provided)... (I've now either turned off registrations or added a master password so they have to ask me first (or auto register members in the background..) Got tired of cleaning out the garbage...)


--- Quote ---Of course it could be implemented as plugin. We could use captcha_contact_print to display the option and probably another existing hook like page_start to send the email (instead of using the Cc option, just send a separate email). If not, we need to add a new plugin hook. To make this clear, I've no interest in creating such a plugin, but am ready to help to find/create the plugin needed hook(s).

--- End quote ---
If going down the plugin route - two hooks in cpg_mail already: cpg_mail_to_email and cpg_mail_sender_email.
cpg_mail_to_email filters the 'to' array - would be simple to add a recipient here.. at least for a registered verified email (for unbridged...) It will get added to the email To field upon return.
cpg_mail_sender_email filters the sender email... but the mail object hasn't been instantiated yet.

I like the idea from twoclones... but now I'm not seeing a safe way to implement.

Navigation

[0] Message Index

[*] Previous page