I'm writing a shopping cart application for a family member's online seed business.
It's a fairly straight-forward workflow - users select what they want to order, type in their contact information, and the application generates an HTML E-Mail receipt and sends it to the contact address.
Now, here's the rub - I've implemented the application in a MVC pattern.
I've got the AJAX front-end that only concerns itself with navigating through the workflow, and displaying forms/the currently placed order/etc. I generate all HTML displayed to the user through AJAX.
The PHP backend simply generates the catalog, validates all user input, and does a bit of bookkeeping. My PHP scripts only return XML which gets parsed by my AJAX.
Since the HTML E-mail receipt I send to the customer looks very much like the application itself, it makes sense for me to re-use the same AJAX code that displays order information within the application.
However, since I cannot send an E-mail through AJAX alone, I have to make a call to a PHP script, pass in the string of HTML I want to send as an E-mail, have the PHP add proper headers to it, and send it on its way.
A nasty side effect of this is that I essentially have an exposed PHP script that will... Send an arbitrary string to an arbitrary E-Mail address.
How should I go about securing this, while still keeping to the MVC pattern? I want to keep the presentation out of my PHP, and avoid code duplication - as such, I don't want to have my PHP generate HTML that will go in the E-mail.
Thank you in advance.