> From: "Ufuk M. Fakioglu" <[EMAIL PROTECTED]>
> Here's the piece of code that composes and sends the e-mails:
>
> $row=mysql_fetch_array($sql);
> $name=$row[1];
> $email=$row[2];
> $subject=$_POST["subject"];
Bad idea here. You're script is vulnerable to mail header injection attacks. Malicious
On Thu, 19 Aug 2004 21:33:22 +0300, Ufuk M. Fakioglu <[EMAIL PROTECTED]> wrote:
> Here's the piece of code that composes and sends the e-mails:
>
> $row=mysql_fetch_array($sql);
> $name=$row[1];
> $email=$row[2];
> $subject=$_POST["subject"];
> $msg=stripslashes($_POST["msg"]);
> $msg=str_replace(
Here's the piece of code that composes and sends the e-mails:
$row=mysql_fetch_array($sql);
$name=$row[1];
$email=$row[2];
$subject=$_POST["subject"];
$msg=stripslashes($_POST["msg"]);
$msg=str_replace("RCPT_NAME", $name, $msg);
mail($email, $subject, $msg, "From: Mozaik <[EMAIL PROTECTED]>\r\n".
On Thu, 19 Aug 2004 19:33:11 +0300, Ufuk M. Fakioglu <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I am using mail() with php 4.3.8 on FreeBSD 4.10 to send bulk mail.
> Although I use \r\n in the header parameters, some mail servers
> respond with "Nonstandard SMTP line terminator."
>
> What can I do?
>
Hi,
I am using mail() with php 4.3.8 on FreeBSD 4.10 to send bulk mail.
Although I use \r\n in the header parameters, some mail servers
respond with "Nonstandard SMTP line terminator."
What can I do?
Thanks,
Ufuk
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://
5 matches
Mail list logo
