- strip_tags() will remove HTML and PHP code from a string - there is a great function set which validates email address' to ensure the email address is in the correct format available from killersoft: http://killersoft.com/modules.php?op=modload&name=News&file=article&sid=2
- ensuring there are no newlines (\n) in the email address, subject, etc etc will ensure that they aren't sneaking another email header into an existing header. Justin French on 28/07/02 1:54 PM, Dennis Gearon ([EMAIL PROTECTED]) wrote: > What I meant was, how to sanitize the input on the forms so that > malicious stuff cannot be put as commands, etc. in the email address, or > body, or 'extra' field of the 'mail()' function in PHP. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
