tehcypress Posted August 22, 2008 Share Posted August 22, 2008 This is my first trip into the magical land of PHP. I successfully wrote 2 different forms for a friend of mine, and they both use the mail(). They work correctly. Now that the scripts work, I am wondering how to make them secure. I just want to make sure that my server is not used to send SPAM. Here is the code for the one form: <?php $name=$_REQUEST['name']; $cell=$_REQUEST['cell']; $email=$_REQUEST['email']; $address=$_REQUEST['address']; $city=$_REQUEST['city']; $state=$_REQUEST['state']; $zip=$_REQUEST['zip']; $areas=$_REQUEST['areas']; $propertytype=$_REQUEST['propertytype']; $pricerange=$_REQUEST['pricerange']; $timeframe=$_REQUEST['timeframe']; $questions=$_REQUEST['questions']; $toaddress = '[email protected]'; $subject = 'Ideal Home Client Response '.$name; $mailcontent = 'Customer name: '.$name."\n" .'Customer cell: '.$cell. "\n" .'Customer email: '.$email."\n" .'Customer address: '.$address."\n" .'Customer city: '.$city."\n" .'Customer state: '.$state."\n" .'Customer zip: '.$zip."\n" .'Customer areas of interest: '.$areas."\n" .'Customer looking for: '.$propertytype."\n" .'Customer price range: '.$pricerange."\n" .'Customer timeframe: '.$timeframe."\n" .'Customer questions / comments: '.$questions."\n"; $fromaddress = 'From: IdealHome'; mail($toaddress, $subject, $mailcontent, $fromaddress); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Thank You</title> </head> <body> <h3>Thank You!</h3> <p>Your Ideal Home request has been sent successfully!</p> </body> </html> Link to comment https://forums.phpfreaks.com/topic/120871-securing-an-email-form/ Share on other sites More sharing options...
Maq Posted August 22, 2008 Share Posted August 22, 2008 I'm no expert in the spam department but, I think spam has to do with what words/phrases you have in your email and if your black-listed or not white-listed. Isn't the mail() function all ready secure? Link to comment https://forums.phpfreaks.com/topic/120871-securing-an-email-form/#findComment-623064 Share on other sites More sharing options...
tehcypress Posted August 22, 2008 Author Share Posted August 22, 2008 Well I read about header injection and was worried about that. I am not worried about my client getting spam, I am worried about spammers using my server and sending emails to others, not no my client through the mail() function. Link to comment https://forums.phpfreaks.com/topic/120871-securing-an-email-form/#findComment-623117 Share on other sites More sharing options...
mmoxley Posted August 25, 2008 Share Posted August 25, 2008 I to am no SPAM expert, but why use $_request when $_post is more secure? Link to comment https://forums.phpfreaks.com/topic/120871-securing-an-email-form/#findComment-624888 Share on other sites More sharing options...
mmoxley Posted August 25, 2008 Share Posted August 25, 2008 Side note for any viewers here. I think that a tut on secure mail would be great, as there are a ton of questions on how to get it done that best way. I'd love to start, but that's security is not my thing. Link to comment https://forums.phpfreaks.com/topic/120871-securing-an-email-form/#findComment-624890 Share on other sites More sharing options...
coldfiretech Posted August 25, 2008 Share Posted August 25, 2008 I found a great tutorial on secure emails at http://www.w3schools.com/php/php_secure_mail.asp Hope this helps guys! -Matt Link to comment https://forums.phpfreaks.com/topic/120871-securing-an-email-form/#findComment-624968 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.