> -----Original Message-----
> From: Tiji varghese [mailto:tij...@yahoo.co.in]
> Sent: Tuesday, July 14, 2009 7:47 AM
> To: PHP General
> Subject: [PHP] Email security
> Hello,
> I've implemented a contact form on my website that would email me the
> contents of the form and also add it to the database. Its working
> perfectly but I'm not too sure about the security part. I don't know
> much about the security issues concerned with email forms and the
> measures to check it. Please help.
> Thanks,
> Tiji

[Dewey Williams]

There are a number of easy to use sanitizing scripts available for processing forms for email and database use - find and use one! Forms are notoriously easy to compromise for sending spam and corrupting web sites.

A program I have used in the past is FormMail by http://www.tectite.com. There are many other FormMail programs available by the same name - this one is well documented and easy to set up. It doesn't provide as much database security as you may want, but it does a good job of hiding email and preventing cross-site scripting attacks.

Dewey Williams

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to