Some time ago, it was discoved that many PHP pages that have anything to do with eMailing could be used to send out Spam. As many Free scripts provide this feature and most people are not familar with how to fix the problem, here is some code that anyone can use.
Quote:
<?php
foreach ( $_POST as $key => $value ) {
if ( stristr( $value, "cc:" ) ) { echo "Sorry, we do not allow cc: in the form."; exit; }
if ( stristr( $value, "bcc:" ) ) { echo "Sorry, we do not allow bcc: in the form."; exit; }
if ( stristr( $value, "content-type:" ) ) { echo "Sorry, we do not allow content-type: in the form."; exit; }
if ( stristr( $value, "mime-version:" ) ) { echo "Sorry, we do not allow mime-version: in the form."; exit; }
}
?>
|
Put the code at the very beginning of any PHP page that can send eMail. You can also customize it by leaving out the line for 'cc' for example, if your script does have the ability to send 'cc' and you want that option.
This code is not something I came up but did see at another Forum. Seemed like it was easy enough for anyone to use and hope you find it handy.
Also,
Free Feedback Form Wizard is an excellent place to go and have a personlized Form made for you. Takes 5 minutes and designed with Security in mind. Both PHP and Perl versions are available and the site comes highly recommended.
If you like the idea of usiing a CAPTCHA image,
Mike's Contact script is also available for Free, but somewhat detailed to install.
Linear Mode
