Right now I'm building a php MySql app that will provide a form for those wishing to sign up for a mailing list. The info will go in to a DB and then the site owner will be able to access the list in the DB and send out emails (right now he does all this by hand!) to those wishing to receive them.
Not overly complicated.
I'm wondering what the potential for spammer abuse would be with this, and what I should do to counter it in the app. I'm assuming that if I limit the input fields to nothing more than name and email address it shouldn't be a problem.
Any thoughts or advice?
Automated Email DB And Spammers
Dan Medley
Registered User
28 posts
The Philosopher
Registered User
2,038 posts
You should be fine if the email stuff is setup through the database itself and not through the php, or whatever code you are using. So, I guess the question is, where is the email generated - through the database or through the coding? You will have a problem if its through the coding.
The philosopher has not done philosophy until he has acted upon the mere conviction of his idea; for proof of the theory is in the act, not the idea.
My Web Development Company: http://www.innovatewebdevelopment.com (Created with Coffee Cup Software).
My Personal Website: http://www.EricSEnglish.com
My Web Development Company: http://www.innovatewebdevelopment.com (Created with Coffee Cup Software).
My Personal Website: http://www.EricSEnglish.com
Dan Medley
Registered User
28 posts
Well, I'll be using an html form and using php to process it to the db. The form will have three fields: First name, last name, and email address. When it's submitted, the php shoots it to the db. The owner will be able to access the list in the db and send out his own mass emails to those on the list.
The owner will use an html form to send an email to the list powered by php, but it'll be on a password protected area. That form will consist of a subject field and a msg field. He'll type it, submit it, and it'll go out to everyone on the list in the db.
To me, it sounds like it shouldn't be a problem, but I'm not completely sure. I can't imagine spammers putting themselves on a list, but every time I think I have the spammer mentality figured out I get blind-sided.
Daniel
The owner will use an html form to send an email to the list powered by php, but it'll be on a password protected area. That form will consist of a subject field and a msg field. He'll type it, submit it, and it'll go out to everyone on the list in the db.
To me, it sounds like it shouldn't be a problem, but I'm not completely sure. I can't imagine spammers putting themselves on a list, but every time I think I have the spammer mentality figured out I get blind-sided.
Daniel
Fe Pixie
Registered User
2,900 posts
You should be fine Dan - just remember to strip any weird characters and possible SQL from the public form after submission and before inserting to the database
And keep the admin side behind htaccess protection - note that if its a particularly large email list and you send all the mails at once you may be tagged as a spammer though - if you can - send the emails out in batches of 100 or less... If its huge - set it to start a timed cron job...
Eric - as far as i'm aware a database dont DO anything but store data - putting the data in and getting it out will always be a code task...
And keep the admin side behind htaccess protection - note that if its a particularly large email list and you send all the mails at once you may be tagged as a spammer though - if you can - send the emails out in batches of 100 or less... If its huge - set it to start a timed cron job...
Eric - as far as i'm aware a database dont DO anything but store data - putting the data in and getting it out will always be a code task...
Have fun
~ Fe Pixie ~
~ Fe Pixie ~
Have something to add? We’d love to hear it!
You must have an account to participate. Please Sign In Here, then join the conversation.
