Use the V1.2 email component it has so far proved to be email header injection safe and it does so automagically.
That said, if i am not mistaken PHPMailier also has a method for sanitizing headers.... HTH Tarique On Jan 16, 2008 8:59 AM, squidliberty <[EMAIL PROTECTED]> wrote: > > I have reason to believe that my contact form is being used to send > bulk spam via an injection exploit. I'm using the PHPMailer component > outlined at > http://bakery.cakephp.org/articles/view/sending-email-with-phpmailer. > > Can anyone tell me whether or not a simple cleanArray() is sufficient > sanitization for posted data? My headers are all hard-coded, so > everything submitted is going into the email body. > > Any advice would be appreciated! > > > -- ============================================================= Cheesecake-Photoblog: http://cheesecake-photoblog.org PHP for E-Biz: http://sanisoft.com ============================================================= --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
