Hello, on 03/13/2006 06:38 AM Merlin said the following: > Hello Manuel, > > this seems to be the right track. However I do not have linebrakes in > there, but the message gets passed by POST. This is my script error.php: Notice these two lines of your script: > $from = $_POST[from]; > $mail->AddReplyTo($from); Personally I think the solution is not filtering the values but rather use proper from validation. The way I implement these things is to check whether the user enters valid e-mail addresses. If not, present the form again with an error message. Usually I use this class for performing form generation and validation. It can be used to do the form presentation, validation and processing with the the same script. It can perform server side validation and also client side validation using Javascript generated automatically by the class for you. E-mail address validation is one of the built-in types of validation that it supports. For other fields like Subject and even person name, I suggest using regular expression based validation, which is also built in. Take a look at the example scripts: http://www.phpclasses.org/formsgeneration -- Regards, Manuel Lemos Metastorage - Data object relational mapping layer generator http://www.metastorage.net/ PHP Classes - Free ready to use OOP components written in PHP http://www.phpclasses.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
