I am making an app that creates a custom PDF, mails it and then deletes it. I have tested all 3 components separately and they work but when I put them together the email doesn't send.
Is it possible that the attachment gets deleted before the email is sent even though the delete is after it in the script?
Here is my code.
<!---Get the PDF--->
<cfscript>
PDFBuilder = createobject("component", "form_admin.email.PDFBuilder" );
pdf = PDFBuilder.createPDF(form_id);
</cfscript>
<!---Create link to the pdf --->
<cfscript>
foo = expandPath('../email/tmp/') & pdf & '.pdf';
</cfscript>
<!---Create email--->
<cfmail to="will#hazardousfrog.com"
from="will#hazardoufrog.com"
subject="Jag intrest form. "
type="text/html" >
<cfmailparam file="#foo#">
Dear #getEmail.title#, #getEmail.first_name# #getEmail.surname# <br />
Attached is a PDF boucher telling you more information about the cars you were interested in. <br />
Best wishes <br />
Jaguar <br /><br /><br /><br /><br /><br /><br /><br />
This is not actually jaguar this is a test application by Hazardousfrog.
</cfmail>
<!---Delete the file after it has been sent --->
<cfif FileExists(#foo#)>
<cffile action="delete"
file="#foo#">
<cfelse>
<cfoutput >
error
</cfoutput>
<cfabort>
</cfif>
Sorry if the code isn't great I have only been doing CF for like 2 weeks.
Ok I managed to get the answer from a work friend.
When cfmail is processed the mail is saved into a spool and periodically sent out after about 3 mins.
In my case it meant that the email PDF attachment was being deleted before the message could be sent so the mail was not sending.
The coldFusion mail tag has an attribute to send it straight away or keep it spooled.
spoolenable : Whether to spool mail or always send it Immediately.
So to get it to get my code to work I added this line to my mail attributes.
spoolenable="false"
One other option would be to use the remove attribute of the cfmailparam tag which will tell CF to remove the file after it is sent. This way your spoolenable attribute can be true and it should work as desired. The remove attribute was introduced in version 8.0.1.
I would also place a fileExists() around the cfmail code on whether the pdf file indeed has been created.
Related
I'm trying to get a conditional to work in a Magento email template, but for whatever reason, I can't get the 'if' to evaluate to true. In my template, I have:
Shipping Method:{{var order.shipping_method}}<br /><br />
{{if order.shipping_method=="wsastorepickup_wsastorepickup"}}
Run this<br /><br />
{{else}}
WTF, OVER?<br /><br />
{{/if}}
When Magento sends the email it has:
Shipping Method:wsastorepickup_wsastorepickup
WTF, OVER?
I've tried it with and without the 'var' in the conditional. What am I missing?
I am trying to send a file from my form, but I receive only the name of the file. According to this article it seems that I have done the things properly, but in the end I get only the file's name.
<input type="file" name="files" value="[[!+fi.files]]"/> // form's field
[[+files]] // calling in &emailTpl
Perhaps, I have to do some transformation, but I have no idea...
There is a chunk including
[[!FormIt?
&hooks=`recaptchav2,spam,email`
&emailTo=`[[#1.mailto]]`
&emailFrom=`[[#1.mailfrom]]`
&emailSubject=`Заявка на расчет с сайта [[++site_url]]`
&emailTpl=`401-calculate-project-tpl`
&successMessage=`1`
&clearFieldsOnSuccess=`1`
&errTpl=`[[+error]]`
&validate=`email-3:required`
]]
There was a trouble in a version of FormIt. I should update it to 3.0.3, so I envolved this trouble. Congratulation.
In researching an idea I came across a good YouTube video on security (with nodejs) which covered a lot more than the usual SQL injection. One such was simple script and html injection through html encoding. javascript buffers etc.
In researching this for a project I'm working on I came across this script from the php.net documentation website:
<?php
if ($_POST) {
echo '<pre>';
echo htmlspecialchars(print_r($_POST, true));
echo '</pre>';
}
?>
<form action="" method="post">
Name: <input type="text" name="personal[name]" /><br />
Email: <input type="text" name="personal[email]" /><br />
Beer: <br />
<select multiple name="beer[]">
<option value="warthog">Warthog</option>
<option value="guinness">Guinness</option>
<option value="stuttgarter">Stuttgarter Schwabenbräu</option>
</select><br />
<input type="submit" value="submit me!" />
</form>
Looking at the code, I believed the html injection was safe and as I didn't have somewhere to test this script out, I just uploaded it to a hosting domain I have and played with it remotely. When I tried a basic alert injection:
<script>alert("test");</script>
I got an error from the server (a 403 Forbidden). I thought I malformed the html so I tried some minor variations and before I knew it I was banned from my server :D (I was able to reset it, that's not the concern).
Tonight I deployed a VM with apache and php and started playing with it, and when I used the same code, I actually saw what I'd originally expected to see. The array output is presented as expected because of the htmlspecialchars.
Array
(
[personal] => Array
(
[name] => <b>bold</bold>
[email] => <script>alert("test");</script>
)
[beer] => Array
(
[0] => stuttgarter
)
)
What I'd like to know is:
1. Does the browser do some manipulation that nullifies the script tags since there's nothing in the form that does that? My guess is that nothing is an issue until it's attempted to be parsed by the page on form submission. Correct?
2. When I ran it locally the output was as expected (ie, no alert box and correct parsing) which infers that the values are somewhat "safe" until php attempts to parse them via the print_r. If I remove the htmlspecialchars the page fails to load ERR_BLOCKED_BY_XSS_AUDITOR (so that's good). If the original page never parses the raw code, why would the remote server ban my IP if it's correctly escaped within the output code? Again, I'm guessing, but would it be the host is just preemptively trying to prevent attacks and processing all $_POST vars for XSS?
i would like to send the notification (or alert) email to additional addresses.
thats what i did:
/index.php?route=setting/setting
Tab "Email"
Add additional emails (comma seperated)
i found a lot of topics about exactly this problem. but the solution always was to change protocol from SMTP to mail(). in my case that's not an option. dose some one know how to get to send the alerts to multiple addresses?
thank you...
Save the following [VQMOD] Bug fix: "Additional Alert Email" field not sending email issue in Opencart v.2.3.0.2 as knns_bug_fix_additional_alert_mail_field_not_sending_email_issue_v2302.xml and upload it to /vqmod/xml/ folder
<?xml version="1.0" encoding="UTF-8"?>
<modification
xmlns="https://github.com/vqmod/vqmod"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="https://github.com/vqmod/vqmod https://raw.githubusercontent.com/vqmod/vqmod/master/vqmod.xsd">
>
<id><![CDATA[[VQMOD] Bug fix: "Additional Alert Email" field not sending email issue in Opencart v.2.3.0.2]]></id>
<version>0.1.0</version>
<vqmver>2.6.3</vqmver>
<author>kanenas.net (aka Nikolas Branis) - nbran#kanenas.net</author>
<file path="admin/view/template/setting/" name="setting.tpl" error="log">
<operation error="skip">
<search position="replace"><![CDATA[<textarea name="config_mail_alert_email" rows="5" placeholder="<?php echo $entry_mail_alert_email; ?>" id="input-alert-email" class="form-control"><?php echo $config_alert_email; ?></textarea>]]></search>
<add><![CDATA[
<textarea name="config_alert_email" rows="5" placeholder="<?php echo $entry_mail_alert_email; ?>" id="input-alert-email" class="form-control"><?php echo $config_alert_email; ?></textarea>
]]></add>
</operation>
</file>
</modification>
Note: vQmod is required!
I am a beginner at ASP programming. I am trying to figure out a simple script to send an email. This is my HTML Code:
<form method="POST" action="email.aspx">
To <input type="text" name="To"/> <br />
From <input type="text" name="From"/> <br />
Subject <input type="text" name="Subject"/> <br />
Body <textarea name="Body" rows="5" cols="20" wrap="physical" >
</textarea>
<input type="submit" />
</form>
This is my ASP code:
Dim mail
mail = Server.CreateObject('CDO.Message')
mail.To = Request.Form("To")
mail.From = Request.Form("From")
mail.Subject = Request.Form("Subject")
mail.TextBody = Request.Form("Body")
mail.Send()
Response.Write("Mail Sent!")
mail = Nothing
I know the set method is no longer supported, I am getting errors with the ASP code, are there any solutions to sending a simple email in ASP? Thank you all in advance!
Your code will only work if CDO or CDONTS is installed and available on your server - though most webhosts that support Classic ASP will make this available.
In VBScript, all objects (i.e. things that aren't numbers or strings) must be assigned using the Set operator. It's silly, I know, but this is what you need to do:
Dim mail
Set mail = Server.CreateObject("CDO.Message")
mail.To = Request.Form("To")
mail.From = Request.Form("From")
mail.Subject = Request.Form("Subject")
mail.TextBody = Request.Form("Body")
mail.Send
Response.Write "Mail Sent!"
Set mail = Nothing
If your server doesn't have CDO or CDONTS installed then you'll get an error message when you call CreateObject, but you haven't listed any error messages in your original question.