On Fri, Nov 18, 2005 at 05:06:36PM -0800, Ligaya Turmelle wrote:
>
> >$message - yes
> >---
> >This usually can go without any special escaping, unless you have
> >certain headers (the Boundary: header) or allow an injection into
> >the $additional_headers field. If this is the case a
$message - yes
---
This usually can go without any special escaping, unless you have
certain headers (the Boundary: header) or allow an injection into
the $additional_headers field. If this is the case a malicious
user could attach a virus to be sent anonymously.
Shouldn't you als
On Thu, Nov 17, 2005 at 07:10:06PM -0500, Chris Drozdowski wrote:
> Hello,
>
> When using the mail() function to send a simple mail message, which
> specific parameters of the function need to cleaned to prevent mail
> injection?
This is a good topic. I'm in the process of writing an article
Hello,
When using the mail() function to send a simple mail message, which
specific parameters of the function need to cleaned to prevent mail
injection?
First of all I am already validating the $to parameter to be a valid
email address.
After reading http://securephp.damonkohler.com/in
Hello,
When using the mail() function to send a simple mail message, which
specific parameters of the function need to cleaned to prevent mail
injection?
First of all I am already validating the $to parameter to be a valid
email address.
After reading http://securephp.damonkohler.com/in
5 matches
Mail list logo
