Posted by Geoff Berrow on 02/28/07 23:44

Message-ID: <1172697912.534051.87520@q2g2000cwa.googlegroups.com> from
rcoan@chaparralboats.com contained the following:

>Ok, now on to security measures.... Could someone explain to me what
>this code does, how it secures the emails and where in my code I
>should implement it?
>
>$emailInput = array($to, $from, $cc, $bcc, $subject, $message);
>$injections = array('to', 'from', 'cc', 'bcc');
>foreach ($emailInput as $input)
>{
> foreach ($injections as $injection)
> {
> $input = preg_replace("/n?" . $injection . "\s*?:.*?\n/i", '',
>$input);
> }
>
>}

What it does is it fixes spamming attempts. Which is rather stupid
since you don't really need mail from people who are attempting to hack
your system.

Rather than fix them, better to simply drop them silently.

--
Geoff Berrow 0110001001101100010000000110
001101101011011001000110111101100111001011
100110001101101111001011100111010101101011

• Next in forum: Recommend a book on web application design
• Prev in forum: Re: query string passing woes........ help... please....
• Thread view: Re: query string passing woes........ help... please....

[Reply to this message]