问题
I am working on theapplication that fetches clients emails from DB, stores them in a array, loop through the array and send email to each client individually.
The problem occurred when PHPMailer is sending a double email to clients and also in and in one of emails "to" field contains both recepient address and in second email there is also a second clients emails as well.
I consider this as a vulnerability.
Here is my code: $array = [ 0 => 'email@gmail.com' , 1 => 'email2@gmail.com' ]; //Example
foreach ($array as $key => $value) {
$mail->addAddress($value);
if (!$mail->send())
{
throw new Exception($mail->ErrorInfo);
} else
{
$mail->addAddress(NULL); //Attempt to unset
header('Location: ../public/email.php'); //Redirect to start page
}
}
So to sum it up: When this is run, it sends email to 'email@gmail.com' and 'email2@gmail.com'.
First email will get one copy of email. Second email will get two copies of the same email, first with showing itself as recipient, and second one with itself recipient + other clients email.
I've tested this with only 2 fetched clients, with even more I guess there will be even more repetitions. Thank you guys!
回答1:
There are two problems here:
- You are not removing the address from the mail, so when you add a second one, the first one is still there and both will see the other address.
- You are using a
headerredirect in your loop without terminating your script. This can cause code after the redirect to run, but there is no guarantee for how much and how long.
The first problem you can solve by clearing the recipients at the end of the loop:
$mail->ClearAllRecipients();
As for the second problem, you should not redirect anywhere inside the loop and when you redirect after all messages have been sent, you should exit your scipt using exit; so that nothing gets executed after that.
回答2:
I think you're re-using $value. Try using unset($value); see if it helps. You can also look here
Warning Reference of a $value and the last array element remain even after the foreach loop. It is recommended to destroy it by unset(). Otherwise you will experience the following behavior:
来源:https://stackoverflow.com/questions/39398782/phpmailer-sending-double-emails