Mail Injection- Which Mail function Parameters — PHP

You are here: Mail Injection- Which Mail function Parameters « PHP « IT news, forums, messages

Posted by Chris Drozdowski on 11/18/05 02:06

Hello,

When using the mail() function to send a simple mail message, which
specific parameters of the function need to cleaned to prevent mail
injection?

First of all I am already validating the $to parameter to be a valid
email address.

After reading http://securephp.damonkohler.com/index.php/
Email_Injection, I gather the parameters that need to be cleaned to
prevent mail injection are the $headers and the $additional_parameters.

Is this correct?

Do I also need to clean the $subject parameter to prevent mail
injection?

What about the $message parameter?

Thanks,

C Drozdowski

Navigation:

Next in forum: Mail Injection- Which Mail function Parameters CORRECTED
Prev in forum: Re: php + cURL issue
Thread view: Mail Injection- Which Mail function Parameters

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация