2009/3/16 Nigel Peck nigel.p...@miswebdesign.com:
I'd appreciate hearing (reading!) people's thoughts on making web form data
safe for using to compose an email via sendmail.
Basically, see comments in pseudo-code below, what should I be doing to the
data to make it safe
I'd appreciate hearing (reading!) people's thoughts on making web form
data safe for using to compose an email via sendmail.
Basically, see comments in pseudo-code below, what should I be doing to
the data to make it safe?
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
use strict;
use CGI;
my
Nigel Peck wrote:
I'd appreciate hearing (reading!) people's thoughts on making web form
data safe for using to compose an email via sendmail.
Basically, see comments in pseudo-code below, what should I be doing to
the data to make it safe?
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
use strict
Gunnar Hjalmarsson wrote:
Nigel Peck wrote:
I'd appreciate hearing (reading!) people's thoughts on making web form
data safe for using to compose an email via sendmail.
Basically, see comments in pseudo-code below, what should I be doing
to the data to make it safe
Nigel Peck wrote:
Gunnar Hjalmarsson wrote:
Nigel Peck wrote:
I'd appreciate hearing (reading!) people's thoughts on making web
form data safe for using to compose an email via sendmail.
Basically, see comments in pseudo-code below, what should I be doing
to the data to make it safe
Gunnar Hjalmarsson wrote:
For the body of the message, one thing that occurs to me is \n.\n as
that would end the message? But presumably nothing else could be entered
after that as sendmail would close?
True. But that's not exactly a security issue, right?
No, not as long as it does close
Nigel Peck wrote:
I do some basic email validation:
/ ^ [...@]+ \@ (?: [^.]+ \. )+ [a-zA-Z]{2,3} $ /x
What about someb...@mail.example.com or someb...@example.info? Maybe you
ought to use a module for that.
The only header I use user submitted data for is the reply-to header (so
I can hit