GMaps related JS changed to use new google namespace.
Google is going to change permanently in the future the way to
load its services, so better stay safe.
Also this commit shows uses of the new melange.js module.
Fixes Issue 634.
==============
Sending e-mail
==============
Although Python makes sending e-mail relatively easy via the `smtplib library`_,
Django provides a couple of light wrappers over it, to make sending e-mail
extra quick.
The code lives in a single module: ``django.core.mail``.
.. _smtplib library: http://www.python.org/doc/current/lib/module-smtplib.html
Quick example
=============
In two lines::
from django.core.mail import send_mail
send_mail('Subject here', 'Here is the message.', 'from@example.com',
['to@example.com'], fail_silently=False)
.. note::
The character set of email sent with ``django.core.mail`` will be set to
the value of your `DEFAULT_CHARSET setting`_.
.. _DEFAULT_CHARSET setting: ../settings/#DEFAULT_CHARSET
send_mail()
===========
The simplest way to send e-mail is using the function
``django.core.mail.send_mail()``. Here's its definition::
send_mail(subject, message, from_email, recipient_list,
fail_silently=False, auth_user=None,
auth_password=None)
The ``subject``, ``message``, ``from_email`` and ``recipient_list`` parameters
are required.
* ``subject``: A string.
* ``message``: A string.
* ``from_email``: A string.
* ``recipient_list``: A list of strings, each an e-mail address. Each
member of ``recipient_list`` will see the other recipients in the "To:"
field of the e-mail message.
* ``fail_silently``: A boolean. If it's ``False``, ``send_mail`` will raise
an ``smtplib.SMTPException``. See the `smtplib docs`_ for a list of
possible exceptions, all of which are subclasses of ``SMTPException``.
* ``auth_user``: The optional username to use to authenticate to the SMTP
server. If this isn't provided, Django will use the value of the
``EMAIL_HOST_USER`` setting.
* ``auth_password``: The optional password to use to authenticate to the
SMTP server. If this isn't provided, Django will use the value of the
``EMAIL_HOST_PASSWORD`` setting.
.. _smtplib docs: http://www.python.org/doc/current/lib/module-smtplib.html
send_mass_mail()
================
``django.core.mail.send_mass_mail()`` is intended to handle mass e-mailing.
Here's the definition::
send_mass_mail(datatuple, fail_silently=False,
auth_user=None, auth_password=None):
``datatuple`` is a tuple in which each element is in this format::
(subject, message, from_email, recipient_list)
``fail_silently``, ``auth_user`` and ``auth_password`` have the same functions
as in ``send_mail()``.
Each separate element of ``datatuple`` results in a separate e-mail message.
As in ``send_mail()``, recipients in the same ``recipient_list`` will all see
the other addresses in the e-mail messages's "To:" field.
send_mass_mail() vs. send_mail()
--------------------------------
The main difference between ``send_mass_mail()`` and ``send_mail()`` is that
``send_mail()`` opens a connection to the mail server each time it's executed,
while ``send_mass_mail()`` uses a single connection for all of its messages.
This makes ``send_mass_mail()`` slightly more efficient.
mail_admins()
=============
``django.core.mail.mail_admins()`` is a shortcut for sending an e-mail to the
site admins, as defined in the `ADMINS setting`_. Here's the definition::
mail_admins(subject, message, fail_silently=False)
``mail_admins()`` prefixes the subject with the value of the
`EMAIL_SUBJECT_PREFIX setting`_, which is ``"[Django] "`` by default.
The "From:" header of the e-mail will be the value of the `SERVER_EMAIL setting`_.
This method exists for convenience and readability.
.. _ADMINS setting: ../settings/#admins
.. _EMAIL_SUBJECT_PREFIX setting: ../settings/#email-subject-prefix
.. _SERVER_EMAIL setting: ../settings/#server-email
mail_managers() function
========================
``django.core.mail.mail_managers()`` is just like ``mail_admins()``, except it
sends an e-mail to the site managers, as defined in the `MANAGERS setting`_.
Here's the definition::
mail_managers(subject, message, fail_silently=False)
.. _MANAGERS setting: ../settings/#managers
Examples
========
This sends a single e-mail to john@example.com and jane@example.com, with them
both appearing in the "To:"::
send_mail('Subject', 'Message.', 'from@example.com',
['john@example.com', 'jane@example.com'])
This sends a message to john@example.com and jane@example.com, with them both
receiving a separate e-mail::
datatuple = (
('Subject', 'Message.', 'from@example.com', ['john@example.com']),
('Subject', 'Message.', 'from@example.com', ['jane@example.com']),
)
send_mass_mail(datatuple)
Preventing header injection
===========================
`Header injection`_ is a security exploit in which an attacker inserts extra
e-mail headers to control the "To:" and "From:" in e-mail messages that your
scripts generate.
The Django e-mail functions outlined above all protect against header injection
by forbidding newlines in header values. If any ``subject``, ``from_email`` or
``recipient_list`` contains a newline (in either Unix, Windows or Mac style),
the e-mail function (e.g. ``send_mail()``) will raise
``django.core.mail.BadHeaderError`` (a subclass of ``ValueError``) and, hence,
will not send the e-mail. It's your responsibility to validate all data before
passing it to the e-mail functions.
If a ``message`` contains headers at the start of the string, the headers will
simply be printed as the first bit of the e-mail message.
Here's an example view that takes a ``subject``, ``message`` and ``from_email``
from the request's POST data, sends that to admin@example.com and redirects to
"/contact/thanks/" when it's done::
from django.core.mail import send_mail, BadHeaderError
def send_email(request):
subject = request.POST.get('subject', '')
message = request.POST.get('message', '')
from_email = request.POST.get('from_email', '')
if subject and message and from_email:
try:
send_mail(subject, message, from_email, ['admin@example.com'])
except BadHeaderError:
return HttpResponse('Invalid header found.')
return HttpResponseRedirect('/contact/thanks/')
else:
# In reality we'd use a manipulator
# to get proper validation errors.
return HttpResponse('Make sure all fields are entered and valid.')
.. _Header injection: http://securephp.damonkohler.com/index.php/Email_Injection