One trick is not cakePHP related, but you can check to be certain the request came from a page or domain that hosts the form. I've done that in the past and had no problems. You can also pass to the form a key that you validate prior to sending the mail. Again, non-cakePHP related, but definitely will stop spammers.
- Keith On Jan 15, 10:29 pm, squidliberty <[EMAIL PROTECTED]> wrote: > I have reason to believe that my contact form is being used to send > bulk spam via an injection exploit. I'm using the PHPMailer component > outlined > athttp://bakery.cakephp.org/articles/view/sending-email-with-phpmailer. > > Can anyone tell me whether or not a simple cleanArray() is sufficient > sanitization for posted data? My headers are all hard-coded, so > everything submitted is going into the email body. > > Any advice would be appreciated! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---