You are here: Re: query string passing woes........ help... please.... « All PHP « IT news, forums, messages
Re: query string passing woes........ help... please....

Posted by Steve on 02/28/07 19:40

<rcoan@chaparralboats.com> wrote in message
news:1172689166.982574.260870@p10g2000cwp.googlegroups.com...
| On Feb 28, 1:37 pm, "Steve" <no....@example.com> wrote:
| > <r...@chaparralboats.com> wrote in message
| >
| > news:1172686432.967755.6850@h3g2000cwc.googlegroups.com...
| > | >>You form as it stands can
| > | >>be used to spam anyone.
| > |
| > | Actually I don't really see a way of it being used to send spam to
| > | anyone really. Unless they actually key in the query string. The
| > | email address that's being passed via the query string is from a
| > | database of email addresses that are location specific. In other
| > | words these people are expecting the emails and for there to be some
| > | junk mail possibly. So I'm not too worried about the spam issue as of
| > | right now but I will keep an eye out for it. Thanks.
| >
| > you're kidding, right?
| >
| > i could drop anyone's email address onto your query string in such rapid
| > successesion that your domain (and/or isp) could be liable for a class
| > action lawsuit...regardless of what email address your db intended to
| > send/receive it. further, i could add cc, bcc and other directives to
your
| > email that your script is sending...again, your db addresses are of NO
| > concern. 'as of right now', give me your url and i'll spread your site's
| > ass-cheecks wide...THAT would be the 'eye' you're keeping out for it.
;^)
| >
| > i'd also work on your validation. it needs to be FAR more graceful than
it
| > is now. i'm sure most people would like to know why something went wrong
| > rather than the mere fact that something did go wrong.
|
|
|
| project abandoned, I guess b/c of spammers and people with skills like
| steve you just can't setup an easy email form anymore. And steve you
| did open my eyes to what could happen, thanks, but you didn't really
| offer any help other than saying that my validation could be FAR more
| graceful. It validated fine for me. And about spreading my sites ass
| wide open. I wouldn't want that to happen.

project abandoned?!!! do you always give up if something is too complicated
or may take some work to understand and then address?

yes, it is painfully easy to set up an email form. easy, though being a
wholly relative term, enough to be handled in a few lines of code...which i
DID provide, if you'd check the thread again!

as for your validation...you call this graceful and explicitly explaining
what went wrong?

if (!$validationOK) {
print "<meta http-equiv=\"refresh\" content=\"0;URL=error.htm\">";
exit;
}

does error.htm just show 'oops!' in the browser? it may as well you know.
and this:

if ($success){
print "<meta http-equiv=\"refresh\" content=\"0;URL=ok.htm\">";
}
else{
print "<meta http-equiv=\"refresh\" content=\"0;URL=er.htm\">";
}

does ok.htm confirm to whom the message was sent, when (as in they may want
to print it as confirmation), and what it said. HOLD ON...did you even give
them the opportunity to review the full message before sending it?

finally, does er.htm tell why the message couldn't be sent? oh yeah, it just
says 'oops!' too...so either it was invalid input or it was a transmission
error...lol.

one must learn to be a critical planner before one ever thinks about writing
a single line of code.

hth.

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация