tehcypress

Well I read about header injection and was worried about that. I am not worried about my client getting spam, I am worried about spammers using my server and sending emails to others, not no my client through the mail() function.

This is my first trip into the magical land of PHP. I successfully wrote 2 different forms for a friend of mine, and they both use the mail(). They work correctly. Now that the scripts work, I am wondering how to make them secure. I just want to make sure that my server is not used to send SPAM. Here is the code for the one form: <?php $name=$_REQUEST['name']; $cell=$_REQUEST['cell']; $email=$_REQUEST['email']; $address=$_REQUEST['address']; $city=$_REQUEST['city']; $state=$_REQUEST['state']; $zip=$_REQUEST['zip']; $areas=$_REQUEST['areas']; $propertytype=$_REQUEST['propertytype']; $pricerange=$_REQUEST['pricerange']; $timeframe=$_REQUEST['timeframe']; $questions=$_REQUEST['questions']; $toaddress = 'toaddress@mailserver.com'; $subject = 'Ideal Home Client Response '.$name; $mailcontent = 'Customer name: '.$name."\n" .'Customer cell: '.$cell. "\n" .'Customer email: '.$email."\n" .'Customer address: '.$address."\n" .'Customer city: '.$city."\n" .'Customer state: '.$state."\n" .'Customer zip: '.$zip."\n" .'Customer areas of interest: '.$areas."\n" .'Customer looking for: '.$propertytype."\n" .'Customer price range: '.$pricerange."\n" .'Customer timeframe: '.$timeframe."\n" .'Customer questions / comments: '.$questions."\n"; $fromaddress = 'From: IdealHome'; mail($toaddress, $subject, $mailcontent, $fromaddress); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Thank You</title> </head> <body> <h3>Thank You!</h3> <p>Your Ideal Home request has been sent successfully!</p> </body> </html>