Mail Injection- Which Mail function Parameters CORRECTED

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,
When using the mail() function to send a simple mail message, which specific parameters of the function need to cleaned to prevent mail injection?
First of all I am already validating the $to parameter to be a valid email address.
After reading http://securephp.damonkohler.com/index.php/ Email_Injection, I gather the parameters that need to be cleaned to prevent mail injection are the $headers and the $additional_headers. 

Is this correct?
Do I also need to clean the $subject parameter to prevent mail injection? 

What about the $message parameter?

Thanks,

C Drozdowski

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux