Page 1 of 1

Securing "Tell a friend" form

Posted: Thu Nov 29, 2007 7:21 am
by Sindarin
How can I secure my 'tell to a friend' form from email injection?
A client has requested this but I am afraid to do it because the user is able to enter his own "send to" email address, which with a simple injection it can result to massive spam. Please help.

Posted: Thu Nov 29, 2007 10:03 am
by feyd
Stick some filtration on the input. Simple enough.

Posted: Tue Dec 04, 2007 6:19 am
by Sindarin
Do you mean something like checking for a valid email elements "@ and .com" ?
I had done something like that last time with no success.

Posted: Tue Dec 04, 2007 6:28 am
by s.dot
Have a look at this: http://www.devshed.com/c/a/PHP/Email-Ad ... ith-PHP/1/

or search these boards for an email validation regular expression. there are lots of them, some better than others!