No, but thanks, the other input is more towards what I was looking for. I want to take in an email address, and various other fields. Then, send an email using 'mail()' with the other fields as the 'body', and the email address as the 'reply_to' address, to someone in my company. That way, they can read the submitted information, and then just hit 'reply' on their mail program when they want to comment on the material.
"Tech Support" <[EMAIL PROTECTED]> wrote: > > I think you are looking for something different. > > do this: > > print "<pre>"; > print_r($_SERVER); > print "</pre>"; > > You will see a whole bunch of useful globals. As a matter of fact, try this > one out too: > > print "<pre>"; > print_r($GLOBALS); > print "</pre>"; > > Jim Grill > Support > Web-1 Hosting > http://www.web-1hosting.net > ----- Original Message ----- > From: "Bob Lockie" <[EMAIL PROTECTED]> > To: "Dennis Gearon" <[EMAIL PROTECTED]>; "Tech Support" > <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Sunday, July 28, 2002 1:19 PM > Subject: Re: [PHP] php 'mail()' security > > > > > >There is no substitute for good data verification such as strip_tags() or > > >some regular expressions to limit valid input. I also would recomend > > >checking the referrer to be sure someone doesn't hijack you form and try > to > > >modify it and submit it from a remote location. Here is an example: > > > > > >if (validReferrer() === false) > > > die("invalid referrer"); > > > > > >function validReferrer() > > >{ > > > $_valid_referrers = > > >array("www.yoursite.com","www2.yoursite.com","yoursite.com"); > > > $referer = str_replace('//', '/', $_SERVER['HTTP_REFERER']); > > > $ref = explode('/', $referer); > > > if ( in_array($ref[1], $_valid_referrers) ) > > > return true; > > > else > > > return false; > > >} > > > > That is a good idea. > > $_SERVER['HTTP_REFERER'] is the web server identifier, right? > > My web server is 10.0.0.5 from the internal LAN. > > I am hesitant to allow HTTP_REFERERs from 10.0.0.5 because it seems to me > that it would be easy enough to configure a strange box > > to imitate 10.0.0.5. > > Can I somehow check that the HTTP_REFERER = localhost? > > > > > > > > > > ----------------------------------------------------------------- Joy is just a thing (to be).. raised on, Love is just the way to Live and Die, John Denver. ----------------------------------------------------------------- He lost a friend, but kept his Memory (also John Denver), Thank you...John Corones...my friend always. ----------------------------------------------------------------- Look lovingly upon the present, for it holds the only things that are forever true. ----------------------------------------------------------------- Sincerely, Dennis Gearon (Kegley) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
