Specifications
If you have GPG set up so that the user your PHP scripts run as can use it from the command
line, you are most of the way there. If this is not working, see your system administrator or the
GPG documentation.
Listings 15.1 and 15.2 enable people to send encrypted email by using PHP to call GPG.
LISTING 15.1 private_mail.php—Our HTML Form to Send Encrypted Email
<html>
<body>
<h1>Send Me Private Mail</h1>
<?
// you might need to change this line, if you do not use
// the default ports, 80 for normal traffic and 443 for SSL
if($HTTP_SERVER_VARS[“SERVER_PORT”]!=443)
echo “<p><font color = red>
WARNING: you have not connected to this page using SSL.
Your message could be read by others.</font></p>”;
?>
<form method = post action = send_private_mail.php><br>
Your email address:<br>
<input type = text name = from size = 38><br>
Subject:<br>
<input type = text name = title size = 38><br>
Your message:<br>
<textarea name = body cols = 30 rows = 10>
</textarea><br>
<input type = submit value = “Send!”>
</form>
</body>
</html>
LISTING 15.2 send_private_mail.php—Our PHP Script to Call GPG and Send Encrypted
Email
<?
$to_email = “luke@localhost”;
// Tell gpg where to find the key ring
// On this system, user nobody’s home directory is /tmp/
putenv(“GNUPGHOME=/tmp/.gnupg”);
Implementing Secure Transactions with PHP and MySQL
C
HAPTER 15
15
I
MPLEMENTING
S
ECURE
TRANSACTIONS
343
19 7842 CH15 3/6/01 3:40 PM Page 343