I just had blow up with a sys. adm. who said my script (see below)
is potentialy unsecure and dangerous and therefor unacceptable.
They are going with this one :)
http://dtheatre.com/scripts/formmail.php
note the line from my script:
print MAIL TO: [EMAIL PROTECTED];
Is there away some
David Gilden wrote:
Is there away some could hijack my script, if so how, or is this
sys. adm. not living in the real world?
Yes, this script can be hijacked =/ Sorry.
print MAIL TO: [EMAIL PROTECTED];
print MAIL From: $name $email\n;
print MAIL Subject: $subject\n\n;
Here is
David Gilden wrote:
I just had blow up with a sys. adm. who said my script (see below)
is potentialy unsecure and dangerous and therefor unacceptable.
...
Is there away some could hijack my script, if so how, or is this
sys. adm. not living in the real world?
You are passing form parameters
David Gilden wrote:
They are going with this one :)
http://dtheatre.com/scripts/formmail.php
I wanted to specifically address this FormMail issue separately - so
there is no miscommunications.
All FormMail programs and their derivatives are BAD -- worse then what
you wanted to write in my
Sx- Jones.
Yes, this script can be hijacked =/ Sorry.
print MAIL TO: [EMAIL PROTECTED];
print MAIL From: $name $email\n;
print MAIL Subject: $subject\n\n;
The From is Hard wired so I dont understand you mention below.
print MAIL From: $name $email\n;
This is
On Tue, 2004-02-24 at 15:52 -0600, David Gilden wrote:
Sx- Jones.
Yes, this script can be hijacked =/ Sorry.
print MAIL TO: [EMAIL PROTECTED];
print MAIL From: $name $email\n;
print MAIL Subject: $subject\n\n;
The From is Hard wired so I dont understand you
David Gilden wrote:
print MAIL TO: [EMAIL PROTECTED];
print MAIL From: $name $email\n;
print MAIL Subject: $subject\n\n;
The From is Hard wired so I dont understand you mention below.
In your orginal post it was evaluated as a PARAM CGI input -- therefore
it is not hard-wired.