Re: mail function-new line-security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Peppy wrote:
> AJ,
> 
> So what your reply means is that I should not have a new line character in any variable on my page???

Of course you can have newlines in your email message, just make sure
that any user input is received through POST, and that you run a regular
expression to validate that only one email has been specified in the
recipient field (whatever you call that on your form I don't know) to
ensure that it is only sent to one person.

Other than that you ought to be pretty secure. Make sure that the user
cannot enter any type of header information in the beginning of their
message, so, for instance you could do what you did:

$usermailmsg = "This is the information you submitted.\n" // ...

It will ensure that other text appears before the user submitted data.
Hope that helps.

Regards,
Torgny

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux