1 
$from = 'no-reply@'.htmlspecialchars($_SERVER['HTTP_HOST'], ENT_COMPAT, 'UTF-8');

Especially what's ENT_COMPAT for?

Anyone knows?

Improve this question

3 Answers 3

Reset to default
1

htmlspecialchars encodes all characters than can be encoded as entities. This is especially important for angle brackets and ampersands. ENT_COMPAT will leave single quotes in place and only convert double quotes. 'UTF-8' will treat the input as UTF-8 encoded (instead of the default iso-latin1 encoding).

In this case, the htmlspecialchars makes only sense if the mail address will be put into a "mailto:" href attribute. Normal server names don't have characters that must be encoded, so I'm not sure if htmlspecialchars is needed.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

i doubt such an address can be used in the "mailto:" href attribute :)
Has anyone tested what's the value of $_SERVER['HTTP_HOST'] in case of internationalized domain names? This is the only instance where escaping could make sense
0

forming a email address, quite stupid way

For the answer to the question Especially what's ENT_COMPAT for? you can browse PHP documentation for the htmlspecialchars, because it's this function's parameter

Improve this answer

Comments

0

Creating a valid looking email semi-auotmatic. The email username is 'no-reply' and the domain is whatever the servers hostname is. With a 'no-reply' the recipient usually does not reply to these emails.

ENT_COMPAT is explained here: http://php.net/manual/en/function.htmlspecialchars.php

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.