You are here: Re: Script Being Hacked « All PHP « IT news, forums, messages
Re: Script Being Hacked

Posted by J.O. Aho on 10/02/40 11:34

Matt wrote:
> I have a have a webform on a website that has a a php script that contains
> the following code that is used for submitting data by email. Problem is
> spammers are using it to relay spam. I altered it to not use the from
> address but the website user does not like that since they cannot simply hit
> reply to the email it generates.
>
> Can someone tell me how to alter this code to keep spammers from altering or
> adding headers? I imagaine something as simple as making sure $name is not
> over so long would almost do. Or making sure it does not contain any CR or
> LF's.
>
> Matt
>
>
> $headers = "MIME-Version: 1.0\r\n";
> $headers .= "Content-type: text/html; charset=iso-8859-1\r\n";
> /* additional headers */
> $headers .= "From: $name<$email>\r\n";
>
> mail( me@mydomain.com, "Mail from mydoamin.com", $data, $headers);
> header ("Location: http://thankyou.html");
> ?>

I think you should check for things like cc: and bcc: and remove those in the
sent data.


//Aho

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация