Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
I presume they were attempting to run the page through my brother-in-laws site and spam under his domain and IP? It doesn't show anything on his site when called. Is this due to a built-in security measure of PHP or of the code on his site (my brother-in-laws site).
That wouldn't cause spam, and doesn't have anything to do with a built-in security measure. His code likely is at least semi-secure and knows what pages it accepts as valid.