Reply to Re: PHP form processor

Your name:

Reply:


Posted by Ben Bacarisse on 02/05/06 18:46

On Sun, 05 Feb 2006 07:12:47 -0800, abixalmon wrote:

> $headers = "From: email@sender.com\n"; $headers .= "Reply-To: $name
> <$email>\n\n"; mail("to_email","Subject",$message,$headers);

Eek! If I understand what you intend, this allows spammers to use address
injection to send mail from your server. Putting this online is very
risky.

All you need do to secure it (I think) is to remove anything "suspicious"
from the $email (the most suspicious being a newline!).

--
Ben.

[Back to original message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация