What checks need to be made to avoid Email Injection?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
spartan7
Forum Commoner
Posts: 29
Joined: Sun Jun 19, 2005 12:09 am

What checks need to be made to avoid Email Injection?

Post by spartan7 »

Hi there

I have been getting very strange Emails lately and it fits the profile of somebody trying to use my forms for spamming.

I have just added a regular expression that does a full variable check for "MIME-Version"

What is the full list of things I must look out for to prevent Email Injection?

Thanks
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

any place they can add stuff to your headers is where I'd likely concentrate my filtering and fixing.. The From field is a likely candidate.
Post Reply