Daniele Cruciani
Programmatore Developer PHP/MySQL Freelance
mobile: +39 3489215204

icq skype msn linkedin fb t ff youtube picasa google
seconds to the end of World
End of World 21 December, 2012 11:11:00
Hire me before that day! | don't bother

Tu sei qui

Home

mail

    Email from your host you are banned (mail php security matter)

    Inviato da daniele il Mar, 06/30/2009 - 15:29

    I found this in a server: 

    $header = "From: <".$_REQUEST['email'].">\n";
#... 
mail($from,$subjet,$message,$header);

    $_REQUEST['email'] came from a form input ...

    Here $_REQUEST['email'] should be, at least, stripped by all \n no matter on how you trust to js code.. 

    $from = $_REQUEST['email'];
$from = str_replace("\n","",$from);
$header = "From: <$from>\n";
    Undefined
    Iscriviti a RSS - mail