Search the Community

Hi all ! I used the following script to send a test mail which works fine. <?php require_once('PHPMailer-master/class.phpmailer.php'); require_once('PHPMailer-master/PHPMailerAutoload.php'); define('USER', 'mymail@gmail.com'); // GMail username define('PWD', 'myPassword'); // GMail password $to = 'mee@gmail.com'; $from = 'mymail@gmail.com'; $from_name = 'Ajoo'; $subject = 'Test Message'; $body = 'This is PHP Mailer in Action'; smtpmailer($to, $from, $from_name, $subject, $body); function smtpmailer($to, $from, $from_name, $subject, $body) { global $error; $mail = new PHPMailer(); // create a new object $mail->IsSMTP(); // enable SMTP $mail->SMTPDebug = 0; // debugging: 1 = errors and messages, 2 = messages only $mail->SMTPAuth = true; // authentication enabled $mail->SMTPSecure = 'ssl'; // secure transfer enabled REQUIRED for GMail $mail->Host = 'smtp.gmail.com'; $mail->Port = 465; $mail->Username = USER; $mail->Password = PWD; $mail->SetFrom($from, $from_name); $mail->Subject = $subject; $mail->Body = $body; $mail->AddAddress($to); if(!$mail->Send()) { $error = 'Mail error: '.$mail->ErrorInfo; echo 'Mail error'; return false; } else { echo 'Message Sent'; $error = 'Message sent!'; return true; } } ?> I just want to know if this is secure enough. It was pointed out in a previous mail that the php mail() function was not secure by itself and the variables were vulnerable to various mail injections. So is this safe now just by virtue of the fact that it's using a library and that takes care of the security ? Or Do we need to take some precautions here too. Thanks all !