PHP mailform code

**mwinter** · 11-04-2006, 10:32 PM

Originally Posted by chechu

... if the above code doesn't work, it means that there is no coding problem, but an external problem (like hosting) ?

It's a potential problem, but far from the only one. The tweaks by codeexploiter still don't address the most grievous error: injection. Malformed user input, whether it be intentional or not, can cause the code to fail or to become a tool for sending spam.

Either use a third-party to handle sending mail, or use a well-established library to validate and process input. The current code should be scrapped.

Mike

**codeexploiter** · 11-06-2006, 06:47 AM

Originally Posted by Mwinter

he tweaks by codeexploiter still don't address the most grievous error: injection. Malformed user input, whether it be intentional or not, can cause the code to fail or to become a tool for sending spam

The code that I've provided was just a skelton using which the other user can build themselves into whatever they are looking for.

**chechu** · 11-06-2006, 12:09 PM

So if I need the following in the .php:
- name, email, subject and message
- error notification in new page when data are not all filled in
- thanks message in new page
- send notification mail to sender
- in the <form>: sending with <img>

How would it look like ?

Thread: PHP mailform code

Thread Tools

Search Thread

Bookmarks

Bookmarks

Posting Permissions