I have an jquery ajax request that calls a PHP script that will send an email. This email is happening from the admin, so a user must be authenticated in order to be able to do this. I've got two questions:
PHP:
$emailer = new GiftCardEmailer();
$emailer->SendGiftCardEmail($gift_card);
jQuery:
$(document).ready(function() {
var status = $('p#status');
status.hide();
$('#sendemail').click(function() {
$.ajax({
url: 'mail-handler.php',
beforeSend: function() {
status.fadeIn();
status.html('<img src="images/ajax-loader.gif" />');
},
success: function( data ) {
if (console && console.log){
console.log( 'Sample of data:', data.slice(0,100) );
}
status.html('Email Sent Successfully.');
setTimeout(function() {
status.fadeOut();
}, 4000);
}
});
});
});
One approach would be to check for a valid session at the head of the file containing the actual mail code. If no session exists then simply terminate the script.
Check out ajax and security, might be helpful.
I do all of mine with session_start() at the top of a php page and then check for my specific session variables for authentication.
No session, no access.