Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- mail() injection, am i safe?
Re: mail() injection, am i safe?
on 11/17/2005 11:55 PM juglesh said the following:
No, after you pass the data to the class for headers or body parts, it
is encoded properly so certain characters are escaped to remove their
special meaning that could be exploited.
Only some functions that take e-mail address do not do anything with
those address. So, you should validate those addresses with a regular
expression or something more complete like this other class:
Metastorage - Data object relational mapping layer generator
PHP Classes - Free ready to use OOP components written in PHP