You are here: Mail Injection- Which Mail function Parameters CORRECTED « PHP « IT news, forums, messages
Mail Injection- Which Mail function Parameters CORRECTED

Posted by Chris Drozdowski on 11/18/05 02:10

Hello,

When using the mail() function to send a simple mail message, which
specific parameters of the function need to cleaned to prevent mail
injection?

First of all I am already validating the $to parameter to be a valid
email address.

After reading http://securephp.damonkohler.com/index.php/
Email_Injection, I gather the parameters that need to be cleaned to
prevent mail injection are the $headers and the $additional_headers.

Is this correct?

Do I also need to clean the $subject parameter to prevent mail
injection?

What about the $message parameter?

Thanks,

C Drozdowski

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация