On 2/6/06, Jim Moseby wrote:
Is it time to abandon using mail() for all user contributed data?
Sort of. Don't write any user input to the headers.
Send the data to a default address, don't include anything in the
subject or the headers from the input and you'll avoid the problems.
--
Kind
On 10/10/05, Richard Lynch [EMAIL PROTECTED] wrote:
$email_body is a free form text field, and he wants to be able to type
in anything he desires and have it pulled from the contact table.
Firstly please accept my aplogies for the deay in responding to your
questions, I;ve had the most
.
I've tried with and without addslashes, and htmlentities. Is there a
solution or I will I have to resort to getting him to use
{{$first_name}} etc.
Lastly, if I have to use {{whatever}} then what's the reason I can't
use $field_name in the database?
--
Kind regards,
Liam Delahunty
--
PHP General
3 matches
Mail list logo