Keeping emails hidden is an increasing concern with all the spam floating around. Here is a way using MySQL and a contact form to allow a group of users on a site to contact each other safely...
//select the email address' from your db
/*
CREATE TABLE `contacts` (
`id` int(10) NOT NULL auto_increment,
`first_name` varchar(30) NOT NULL default '',
`last_name` varchar(50) NOT NULL default '',
`email` varchar(75) default NULL,
`contact_status` tinyint(1) NOT NULL default '0',
PRIMARY KEY (`id`)
) TYPE=MyISAM AUTO_INCREMENT=2 ;
*/
if (isset($_POST['submit']))
{
//submit button pushed call the send_email function
send_email();
}else{
//nothing has been pushed so show the form
show_form();
}//end if
/*send_mail function */
function send_email()
{
//default values for elements
$subject = '';
$id = '';
$message = '';
$your_name = '';
$your_email = '';
$err_msg = '';
$headers = '';
//get the values from the form handle any errors
if(isset($_POST['subject']))
{
$subject = $_POST['subject'];
}
if(isset($_POST['email']))
{
$id = $_POST['email'];
}
if(isset($_POST['message']))
{
$message = $_POST['message'];
}
if(isset($_POST['your_name']))
{
$your_name = $_POST['your_name'];
}
if(isset($_POST['your_email']))
{
$your_email = $_POST['your_email'];
}
if ($id == "" )
{
$err_msg = "No person chosen.";
}
//sender's email
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $your_email))
{
$err_msg .= "Your email is not valid. Please re-enter it
";
$your_email = '';
}
//check to see if the other elements have values
if(empty($message))
{
$err_msg .= "No message set. Please enter a message.
";
}
if(empty($subject))
{
$err_msg .= "No subject set. Please enter a subject.
";
}
if(empty($your_name))
{
$err_msg .= "No sender name set. Please enter a your name.
";
}
//check the err_msg to see if there are any messages
if ($err_msg != ''){
//there is an error so build the data into a pipe delimited string and pass it back to the form
$data = "$id|$subject|$message|$your_email|$your_name";
show_form($data,$err_msg);
die();
}//end if
//get the email from the db and send it
$sql = "select email from contacts where id = $id";
$result = conn($sql);
if(mysql_num_rows($result)==1)
{
$row = mysql_fetch_array($result);
$email = $row['email'];
}
//send the email
//build the headers
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=iso-8859-1\n";
$headers .= "X-Priority: 1\n";
$headers .= "X-MSMail-Priority: High\n";
$headers .= "X-Mailer: PHP\n";
$headers .= "From: \"".$your_name."\" <".$your_email.">\n";
if (!mail($email, $subject, $message, $headers))
{
echo "Email failed!\nTry again";
show_form();
}else{
echo "";
echo "";
}//end if
}//end function
/*show_form function */
function show_form($data='',$msg='')
{
//show the form for the email
//the $data='' and $msg='' constructs allow for no information to be passed to the function
//set defaults for function
$subject = '';
$email = '';
$message = '';
$your_name = '';
$your_email = '';
//explode the string passed back from the send_mail function if there is an error
if (($data !="" )&&($msg != ""))
{
$elements = explode("|",$data);
$email = $elements[0];
$subject = $elements[1];
$message = $elements[2];
$your_email = $elements[3];
$your_name = $elements[4];
}//end if
/*
optional where clauses could include:
1. only active users
2. check to see if the user wants to allow contact from others on the site
3. only new users (signed up within a certain date)
*/
$sql = "SELECT * FROM contacts";//[optional where clause to show only people who choose to allow contact]
$result = conn($sql);
echo "Make A Friend \n";
echo "\n";
echo "
\n";
}//end function
/* db connection function */
function conn($sql)
{
$host = "localhost";
$user = "user";
$pass = "pass";
$db = "my_db";
//echo "commnecing connection to local db
";
if (!($conn=mysql_connect($host, $user, $pass))) {
printf("error connecting to DB by user = $user and pwd=$pass");
exit;
}
$db3=mysql_select_db($db,$conn) or die("Unable to connect to local database");
$result = mysql_query($sql) or die ("Can't run query because ". mysql_error());
return $result;
}//end function
?>