On Tue, Dec 06, 2005 at 02:37:18PM -0600, Bill Stephenson wrote: > >What tests must be in place in order to keep your perl scripts from > >being hijacked from spammers? Any help would be greatly appreciated. > > For forms that send email, you don't want to let the user enter a "To, > CC, or BCC" address.
Nor should you allow new lines ... $subject = "User entered data with\nBCC: spam victim <[EMAIL PROTECTED]>" -- David Dorward http://dorward.me.uk -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <http://learn.perl.org/> <http://learn.perl.org/first-response>
