Posted by Lammi on 09/10/07 09:08

> You will need a { after the if and a } after the mail().

of course he need, my fault. sorry.

> I would do some validation of the POST data before sending possibly
> malicious data to myself.

i would do such validation too - but john asked only for a way to
transfer the data :-)

> Also, he added a value for the action attribute of the form, though
> using $_SERVER['PHP_SELF'] is no longer considered a good idea due to
> XSS exploits.

i wouldn't realize the validation, emailing and form in one single
page, i would create a simple html-file containing the form and
nothing else, a small validation-class and a class to create the
email. it's never a good idea to mix html- and php-code i think.

[Back to original message]