Hi Rick I have advised my client of all of the risk you mention. They still want to go ahead. They feel that the bulk of their website visitors are trustworthy (huge assumption on their part), and they tell me they will assume all responsibility for virus checking, etc. I still need to know how to do it - technically - to allow an attachment of the kind they desire.... thanks -jen . [EMAIL PROTECTED] wrote: > Addressed to: Jen Hall <[EMAIL PROTECTED]> > [EMAIL PROTECTED] > > ** Reply to note from Jen Hall <[EMAIL PROTECTED]> Tue, 20 Mar 2001 19:59:26 >-0500 > > > > Hi there > > I am trying to build an application where a user can use an > > HTML form, fill out some fields, select a file from their > > hard drive, and have it emailed as an attachment with the > > contents of the form. (essentially, fill in your name and > > address, use my module to attach ms-word file of your > > resume, send email of all). > > > > I am able to make it work with an image as the attachment, > > but when I select an MS-WORD document, which is the goal of > > this application, it still thinks it's an image, and doesn't > > work properly. > > Emailing a .doc file is a VERY BAD idea. VB for applications which is > embedded in word is very powerful. What happens when some hacker > decides to use your page to send a vba script like the naked wife virus > thru your program? > > Oh, here is a resume... lets take a look. > > Open the attachemnt. > > A burst of network activity while the vb script sends a > copy of itself to everyone in the victim's address book. > > Then the hard drive light comes on as the program deletes > a bunch of important files from the \windows\system directory. > > Finally the computer crashes because windows can't run > without the missing files. Even though the machine won't > boot, the computer forensics people recover the email, and > trace it back to you. > > The victim's lawyers come knocking on your door asking for > damages because you let some hacker release a virus thru > your program that wiped out several computers at the victim's > company, some of their customers, as well as several of > his friends. > > You are forced out of business because the damages are more > than the value of your entire company. > > Not good. > > Don't believe me? How about one of them: > > http://www.gcn.com/state/vol5_no11/enterprise/491-1.html > > http://members.door.net/kls/virusinfo.htm > > http://venus.soci.niu.edu/~cudigest/CUDS11/cud1120.html > > http://www.jwolsen.com/wtip035.htm > > Want more? - search for 'macro virus' on your favorite search engine. > > NEVER send .doc, .exe, .com, .bat or .vbs files as attachments, and > never - ever open them if one is sent to you. Not even from someone you > trust. Melissa, Anna and Naked Wife all depend on the fact that the > virus often comes from a trusted individual as part of their tactics, > and it works! Are you sure your anti-virus software is up to date? > > Rick Widmer > Internet Marketing Specialists > http://www.developersdesk.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
