><?php > @extract($_POST); One thing to be aware of is that there are security implications to using extract(); if you use it (like here) to grab post and get variables, you've essentially returned to a "register_globals = TRUE" regime. A malicious user could inject suspect data into your global space, or overwrite legitimate globals with new data.
At the very least, use the "EXTR_SKIP" parameter to avoid the overwrite issue. In the case of your script here, it's probably not a big deal, but in general, I'd avoid using extract() on untrusted data. One other thing -- spammers are on the lookout for unauthenticated mailscripts like this, so you might want to throw an extra "magic" parameter to provide a deterrent to casual reuse. Something like this is better then nothing: if (!($unlock_key == "mySecretValue")){ exit; } Hope this is useful... [To remove yourself from this list, or to change to digest mode, go to http://www.penworks.com/lingo-l.cgi To post messages to the list, email lingo-l@penworks.com (Problems, email [EMAIL PROTECTED]). Lingo-L is for learning and helping with programming Lingo. Thanks!]