Extra characters in reading emails from imap_search()

StackOverflow https://stackoverflow.com/questions/22574986

  •  19-06-2023
  •  | 
  •  

Question

I've code that scans my inbox & find email address which got delivery failure. What I need to do is if these email addresses match already existing email addresses in Database, it should do the stuff. When I get output of email addresses from my inbox, it contains some extra characters which I can not get rid of. Here's my code:

include 'dbconnect.php';
$hostname = "XXXXXX";
$inbox = imap_open($hostname, 'XXXXX', 'XXXXX');
if ($inbox) 
{
function getBetween($message,$start,$end){
    $temp= substr($message, 0, strpos($message, $end));
    return substr($temp, strpos($temp, $start));
}

$date = date( "d-M-Y", strToTime( "-1 days" ));
$email=imap_search($inbox, 'SUBJECT "Mail delivery failed" SINCE "'.$date.'"',
       SE_UID);

foreach($email as $email_number) {
    $message = imap_fetchbody($inbox,$email_number,1);    
    $output.= '<div class="body">'.$message.'</div>';
    $start = "The following address(es) failed:";
    $end = "No Such User Here";
    $newcontent = getBetween($message,$start,$end);
    $final=str_replace("$start","","$newcontent");
    $array=explode(' ',$final);

    foreach($array as $value){
    echo $value;
    $data = mysql_fetch_array(mysql_query("SELECT * FROM invitations WHERE
            email_invited='".$value."'"));
    if($data[0] != NULL){
    mysql_query("update invitations set invalid_email=1,success=0 where
                 email_invited='".$value."' limit 1") or die(mysql_error());
    }
}
}
}

If you want to look at the output of echo $value under foreach($array as $value), it's exactly like below:

hello@test.com hello@test.com hello@test.com hello@test.com hello@test.com soni.shanil@test.com sonishanil19@test.com

It seems due to these spaces, it's not able to search through the query. I also tried doing str_replace(" ","","$final"), but that didn't work as well. Any help in this?

Was it helpful?

Solution 2

After looking all over, I managed to get it was trim() function that I missed. I used it & everything worked perfectly fine.

OTHER TIPS

Wow, what a nice SQL injection. Please, consider using parametrized queries. It's 2014 and this was was already broken ten years ago. Your application is vulnerable and someone will hack you through that.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top