I have been working on making my contact forms more secure. In my research, the occurence of the new line character \n at the end of the $headers variable in the mail function seems to be a security risk and opens one up to injection of spam email. This part I understand. I have been unable to find out this same information about the message variable. If I have a variable defining the message like this, can I use the new line character or am I opening myself up to more spam injection. $usermailmsg = "This is the information you submitted.\n If this is not correct, please contact us at mailto:$my_email.\n\n Name: $name\n Phone: $phone\n ... Please feel free to write us with any comments or suggestions so that we may better serve you.\n mailto:$my_email\n\n";; mail("$user_mail", "$subject", "$usermailmsg", "$headers"); Thanks in advance for any help.
