|
Posted by Aidan on 10/14/53 11:33
Hi PHP guru's,
I've been working on creating a PHP formmail script. I have a working
version, but I'd like to get feed back on what security holes I may have
opened, and what I could do better. Here's the code:
<?php
// $to - set this to where form contents should be sent
$to = 'someone@somewhere.com';
// $subject - the subject of the message to send to $to
$subject = 'Yay FormMail!';
// $from - who the email should appear to be from
$from = 'formmail@example.com';
// $thanks_page - URL of page to redirect to when the mail is sent
successfully
$thanks_page = 'http://www.example.com/thanks.html';
// $error_page - URL of page to redirect to when there is an error
$error_page = 'http://www.example.com/error.html';
// $allowed_referers - comma separated list of hostnames where form
contents can originate.
// POST's or GET's comming from anywhere else will be rejected.
$allowed_referers = 'example.com,www.example.com';
/*//////////////////////////
// DONT EDIT BELOW HERE!!!//
//////////////////////////*/
//Check that the referer is valid
$referers = explode(',', $allowed_referers);
preg_match('/http*\:\/\/(.*)\/.*/', $_SERVER[HTTP_REFERER], $matches);
$referer = $matches[1];
// if not, redirect to $error_page
if(!array_search($referer, $referers)) {
header("Location: $error_page");
}
// Check which method was used to send data, and sanitise it
if(count($_POST) > 0 || count($_GET) > 0) {
if(count($_POST) > 0) {
foreach($_POST as $k => $v) {
$form[strval($k)] = strip_tags(strval($v));
}
} else {
foreach($_GET as $k => $v) {
$form[strval($k)] = strip_tags(strval($v));
}
}
} else {
header("Location: $error_page");
exit();
}
$message = "Form submitted from $_SERVER[HTTP_REFERER] at " . date('h:ia D
jS F Y') . "\n\n";
// Convert the form data from an array into a string, ready for sending
foreach($form as $k => $v) {
$message .= "$k\t==>\t$v\n";
}
if(mail($to, $subject, $message, "From: $from")) {
header("Location: $thanks_page");
} else {
header("Location: $error_page");
}
?>
What do you think? Thanks in advance...
Regards,
Aidan
[Back to original message]
|