Re: [PBML] Email header injection
- To: email@example.com
From: Gilles Beauregard <gilles@...>
Date sent: Mon, 28 Nov 2005 19:56:52 -0500
Subject: Re: [PBML] Email header injection
Send reply to: firstname.lastname@example.org
> Allo!What did I say? DON'T REMOVE THE BAD CHARACTERS! MAKE SURE YOU ACCEPT
> >It's hard to help much without seeing your code so just a few
> Just need a simple routine to remove the bad caracters.
ONLY THE GOOD ONES.
> The problem is at the "body" level of the form submit. When aHOW DO YOU SEND THE EMAIL???
> TO: CC: or BCC: is included and some escape caracters,
> the spammer can use the script.
> The problem is explain here:Beg your pardon? This is a Perl list, not a PHP one.
Show us your code!
P.S.: The PHP's mail() function is apparently illdesigned.
===== Jenda@... === http://Jenda.Krynicky.cz =====
When it comes to wine, women and song, wizards are allowed
to get drunk and croon as much as they like.
-- Terry Pratchett in Sourcery