Re: mail() injection, am i safe? — PHP Programming Language

You are here: Re: mail() injection, am i safe? « PHP Programming Language « IT news, forums, messages

Posted by Lisa Pearlson on 11/11/05 20:58

> If you haven't checked that $subject contains no HTML tags, then the
> hacker
> can insert whatever he likes into your HTML, such as a link to some other
> website, or piece of Javascript that redirects the page automatically.
> That
> would be a serious problem if the page was part of an online banking site
> (Google for "phishing" if you can't figure out why).

Yes, so after "isUnsafe" I actually call htmlspecialchars()

Navigation:

Next in forum: Re: Comparison of board software
Prev in forum: Re: Number of days in 1/1/2000
Thread view: Re: mail() injection, am i safe?

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация