Hello,
When using the mail() function to send a simple mail message, which
specific parameters of the function need to cleaned to prevent mail
injection?
First of all I am already validating the $to parameter to be a valid
email address.
After reading http://securephp.damonkohler.com/index.php/
Email_Injection, I gather the parameters that need to be cleaned to
prevent mail injection are the $headers and the $additional_headers.
Is this correct?
Do I also need to clean the $subject parameter to prevent mail
injection?
What about the $message parameter?
Thanks,
C Drozdowski
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php