MmmVomit Posted June 12, 2008 Share Posted June 12, 2008 I'm putting together a simple HTML form with a PHP back end. The user submitted data will be compiled and sent as an email to a hard coded email address. One mantra I've learned for programming secure applications is "filter input, escape output". In this case, my output is an email message. Is there any type of escaping I need to worry about when compiling the email? Are there other security concerns I need to be aware of when sending an email using PHP? I'll be using the mail function. Link to comment https://forums.phpfreaks.com/topic/109945-solved-php-email-and-security/ Share on other sites More sharing options...
rhodesa Posted June 12, 2008 Share Posted June 12, 2008 nope, you should be fine, especially if you are sending a plain-text email pretty much every email client already handles the blocking of malicious code anyways Link to comment https://forums.phpfreaks.com/topic/109945-solved-php-email-and-security/#findComment-564233 Share on other sites More sharing options...
MmmVomit Posted June 12, 2008 Author Share Posted June 12, 2008 Perfect. Thank you. I've got the PHP security book by Chris Shiflett. He doesn't mention email anywhere in the book, which made me think it wouldn't be a big concern. Link to comment https://forums.phpfreaks.com/topic/109945-solved-php-email-and-security/#findComment-564257 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.