PHP - Web to Mail

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
unplugme71
Forum Newbie
Posts: 13
Joined: Wed Jul 13, 2011 2:39 pm

PHP - Web to Mail

Post by unplugme71 »

I have a contact form that visitors fill out. The form takes the contents and submits it to my email as a message.

Do I need to put addslashes() in front of each value ? I thought addslashes() was only for enterting into a database but I see other sites using addslashes() so I wanted to get some input.

Reason I ask, it'll be annoying to see / in front of ' and " when reading a message.
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: PHP - Web to Mail

Post by social_experiment »

unplugme71 wrote:Do I need to put addslashes() in front of each value ?
For email you should use htmlentities() with the ENT_QUOTES flag. ;) It's better to be annoyed with security measures than wishing you had used them.
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
unplugme71
Forum Newbie
Posts: 13
Joined: Wed Jul 13, 2011 2:39 pm

Re: PHP - Web to Mail

Post by unplugme71 »

htmlentities() doesn't seem to do anything

I'm running PHP 5.x
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: PHP - Web to Mail

Post by social_experiment »

htmlentities() converts unsafe html characters to html safe characters. You won't see the results unless you view the source of the page / message. Although the characters look the same they are created by alternate methods; instead of & you should see &
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
Post Reply