Re: [Q] mail() & security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Eric Gorr wrote:

Shouldn't strip_tags be enough? What dangerous/annoying things might happen if I replaced htmlentities with strip_tags in the above function and then passed the body text to the mail() function?

Nothing, but with htmlentities() you can be sure if the user has tried to inject something malicious :-).

--
Josip Dzolonga
http://josip.dotgeek.org

jdzolonga[at]gmail.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux