Re: Injection in mail() — All PHP — IT news, forums, messages

You are here: Re: Injection in mail() « All PHP « IT news, forums, messages

Posted by flamer die.spam@hotmail.com on 11/24/06 00:10

moosus wrote:
> G'day Guys,
>
> Do I need to worry about cleaning my $_POST[comments] field before using it
> in a mail() function?
>
> Cheers
> moosus

you mean incase someone inserts malicious code into your web forms??
yes you should use striptags(), look at http://www.php.net/striptags
there are example scripts there that do a pretty good job of cleaning
anything slightly malicious - striptags on its own isnt 100% surefire.

Flamer.

Navigation:

Next in forum: Injection in mail()
Prev in forum: Re: How to get the modifcation date of an uploaded file
Thread view: Re: Injection in mail()

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация