PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
I have been using a mail script that sends an email with all the form data from HTML forms. Now, 2 of my clients have reported getting hundreds of bouncebacks of someome who is hijacking the script to send spam emails. The mail script is extremely simple, which is obvious why it got hijacked. I was wondering if you guys could assist me in stopping this, and ASAP...
Deemo wrote:I have been using a mail script that sends an email with all the form data from HTML forms. Now, 2 of my clients have reported getting hundreds of bouncebacks of someome who is hijacking the script to send spam emails. The mail script is extremely simple, which is obvious why it got hijacked. I was wondering if you guys could assist me in stopping this, and ASAP...
First of all, the user can choose the recipient - he or she does not have to "hijack" the script. If you really need
several choices, check them (e.g. put all possible/desired email addresses in an array and check their existence / their validity with in_array).
If you don't validate the recipient's email address, you shouldn't put it into the header (idem for the sender's address).