We had a discussion on this a few years back.
Check out http://www.nyphp.org/phundamentals/email_header_injection.php
This is a wonderful tutorial, thank you for pointing it out.
I've made one little addition to the filtering after submit code.
$FormVariables = ($_POST) ? $_POST : $_GET;
foreach( $FormVariables as $value ){...stuff }
Since most forms use post and URL encoded variables are get this alleviates
the need to have two different functions.
Urb
Dr. Urban A. LeJeune, President
E-Government.com
800-204-9545_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
