How secure is unauthorised PHP email and comments???

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
savvy
Forum Newbie
Posts: 2
Joined: Thu Oct 26, 2006 4:41 pm

How secure is unauthorised PHP email and comments???

Post by savvy »

Hi, I'm at the design stages of design a portfolio site and am thinking of incorporating a PHP "email this link" function, so that users can email the page url to friend and maybe even include as short message.

My question is how secure is this function? can I expect for spammers to hack my site and abuse this function or am I being paranoid? I've noticed on some sites that allow anonymous commenting that they sometimes become populated by drug adds and the usuall crap. I don't really want to include an image verification script, would it make any difference if the "email this link" function had a flash front-end?

Any advice or suggestions for further reading would be appreciated as i'm pretty new to PHP.

Cheers
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

With that system th main concern would be header injection. Have a google around for it :)
savvy
Forum Newbie
Posts: 2
Joined: Thu Oct 26, 2006 4:41 pm

Post by savvy »

Will do, cheers
Post Reply