Tell a friend

#1 Eyal,

There are many ways to do this. There is a TCPObject and HTTPObject in Torque2D that can be used to send information to the internet. There are some ways to achieve what you want, the simplest i can see if a simple php script, hosted somewhere, that accepts a id/email address combo, and emails the recipient.

You could go about this a million different ways, and there are some clauses and things to watch out for (wifi/radio/3g connection availability, notifying the user of their information being propagated online, networking disabled perhaps, etc).

There are other ways, im sure, but all of which will require the internet i assume, and any of that might encounter these problems. If you do choose a route similar to above, ill be glad to go into more detail on the catches with networking on the iPhone.

#2 I guess I need to learn some basic php to do that.
Would it make it much harder to pass the appStore QA because of that? are they very strict about sending info? Also, do you have to display iPhone notification or you can make your own tgb notification. I have absolutely no experience doing anything in the iPhone that is not tgb :(

#3 You can display a notification however you choose, as long as the USABILITY conforms to their rules :)

For the tell a friend - a simple php script would probably be about 3 lines, to be able to send an email from a script. For example :

<?php
mail("someemail@somewhere.com","message");
?>

Obviously to configure that script, you have GET messages, sent from TGB to the server... So $_GET["mailto"] and $_GET["message"] can be sent via your game, to the server like this :

server.com/tellAFriend.php?mailto=someone@somewhere.com&message=something!

As you can tell, this is a really simple script. If you google php and mail sending, theres probably a million good examples. You would just need to learn the TGB side - TCPObject or HTTPObject to send messages over to the server. (Its nothing too complex either). Try searching the forums for an example of this, i have seen a few.

#4 Mail settings might differ from server to server, and the requirements for headers can be strict. I find that to, from, subject and a message body is sufficient in most cases. Some servers might use a different system where you have to supply SMTP settings, but generally mail() works.

Here's an example I made with a little help from my friend, The Internet (in active use somewhere):

<?php
error_reporting(E_NONE); // We don't want anything to be reported back by PHP itself

function valid_email($str) {
	return ( ! preg_match("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/ix", $str)) ? FALSE : TRUE;
}

$malice = false;

// Remove unnecessary whitespace
$username = trim($_REQUEST['username']);
$useremail = trim($_REQUEST['useremail']);
$message = trim($_REQUEST['message']);

// Best not to stare yourself blind at these
$illegalname = '/;|:|&|<|>|\n|\r/i';
$illegalmail = '/(;|\||`|>|<|&|:|^|"|'."\n|\r|'".'|{|}|[|]|\)|\()/i';
$username = preg_replace($illegalname, "", $username);
$useremail = preg_replace($illegalmail, "", $useremail);

$illegal = array("/bcc\:/i","/Content\-Type\:/i","/cc\:/i","/to\:/i");
$username = preg_replace($illegal, "**bogus header removed**", $username);
$useremail = preg_replace($illegal, "**bogus header removed**", $useremail);
$message = preg_replace($illegal, "**bogus header removed**", $message);

$find_bogus = "**bogus header removed**";
if(stristr($username, $find_bogus) !== FALSE) {
	$malice = true;
}
if(stristr($useremail, $find_bogus) !== FALSE) {
	$malice = true;
}
if(stristr($message, $find_bogus) !== FALSE) {
	$malice = true;
}

if($malice) exit(0);

if($username!='' && $useremail!='' && strlen($username)>2 &&
	valid_email($useremail)==TRUE && strlen($message)>10) {

	$to = "post@example.com";
	$headers =  'From: '.$useremail.''. "\r\n" .
	'Reply-To: '.$useremail.'' . "\r\n" .
	'X-Mailer: PHP/' . phpversion();
	$subject = "[Sitename goes here] Message from ".$username;
	$message = htmlspecialchars($message);

	if(mail($to, $subject, $message, $headers)) {
		echo "<p>Message sent.</p>"; //SUCCESS - put a return code instead HTML here if needed
	} else {
		echo "<p>Problems sending. Please try again later.</p>"; //FAILURE - server failure
	}
} else { // Epic fail
	echo "<p>Name requires more than two letters, and the message more than 10.</p>";
}

Notes:
*The data can come from POST or GET requests with fields named username, useremail and message.
Usage: "script.php?username=Somebody&useremail=whatever@something.com&message goes here"
(POST recommended)
*No need to close with "?>", as this is pure PHP, so it auto-closes.
*Change the subject to some sort of reference to the program or site the message comes from.
*Return values could be changed to something easier for an iPhone app to digest, like numeric return codes.

#5 Very cool, Ronny!

I would suggest closing the ?> as its good practice.. And as you already wisely suggested its preferable to use $_POST, in place of $_REQUEST. The reason being spambots have an AWESOME ability to find these php mail scripts and end up sending out massive amounts of messages via the scripts. $_POST lowers this number significantly.

#6 Yeah, that's just my simple script. The advanced version has IP-lookup and lockout to ensure people don't send too often :)

It might not be 100% sure against abuse, but the clunky regular expressions are supposed to block attempts to add fake header entries to mail to odd places. Adding "one message per customer" checking should be all they need, and of course you should make the to: field contain the address of whatever friend you are telling about this.

Extra protection could probably be gained by adding some cryptic ID to the POST request, to ensure it isn't coming from a web browser some spammer is trying to abuse.

#7 Thanks guys, this is really helpful.
I'm gonna start looking into that since I'm getting close to finishing my game.

#8 Glad to have helped :)