On Tue, Jan 17, 2012 at 2:34 AM, ma...@behnke.biz <ma...@behnke.biz> wrote: > You should not write the recipients email address in a hidden form, but > instead > read it from a config file. This way you can make sure, that no one alters it. > Although this won't stop anyone from using the mailform.
Cannot emphasize this enough -- don't allow anyone to submit the destination addresses to your script. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
