PHP Email Security
Posted: Sun Feb 19, 2006 8:29 am
feyd | Please use
feyd | Please use
Code: Select all
andCode: Select all
tags where appropriate when posting code. Read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]
I recently rec'd a message from my hosting company saying that they disabled one of my clients email accounts because they were getting hammered with incomming SPAM. Also they had to rename the comments.php page because the code had security holes allowing Spam to be sent through the page. I am new to PHP and am not sure what to do at this point. It was suggested by them that I use ASPEmail instead. Any help would be greatly appreicated. Below is how my page is coded:Code: Select all
<?php
if (($_POST['name'] == "") || ($_POST['email'] == "") || ($_POST['comments'] == "")) {
header("Location: comments.htm");
exit;
}
$msg = "E-MAIL SENT FROM FDNY COMMENT SECTION\n";
$msg .= "Name: ".$_POST['name']."\n";
$msg .= "E-Mail: ".$_POST['email']."\n";
$msg .= "Comments: ".$_POST['comments']."\n";
$to = "ravenwax@ptd.net";
$subject = "Web Site Feedback";
$mailheaders = "From: Whatever Wesite <http://www.whatever.com>\n";
$mailheaders .= "Reply-To: ".$_POST['email']."\n";
mail ($to, $subject, $msg, $mailheaders);
?>Code: Select all
<?php
echo $_POST['name'];
?>
<p><strong>E-Mail Address:</strong>
<?php
echo $_POST['email'];
?>
<p><strong>Comments:</strong><br>
<?php
echo $_POST['comments'];
?>feyd | Please use
Code: Select all
andCode: Select all
tags where appropriate when posting code. Read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]