tehcypress Posted August 22, 2008 Share Posted August 22, 2008 This is my first trip into the magical land of PHP. I successfully wrote 2 different forms for a friend of mine, and they both use the mail(). They work correctly. Now that the scripts work, I am wondering how to make them secure. I just want to make sure that my server is not used to send SPAM. Here is the code for the one form: <?php $name=$_REQUEST['name']; $cell=$_REQUEST['cell']; $email=$_REQUEST['email']; $address=$_REQUEST['address']; $city=$_REQUEST['city']; $state=$_REQUEST['state']; $zip=$_REQUEST['zip']; $areas=$_REQUEST['areas']; $propertytype=$_REQUEST['propertytype']; $pricerange=$_REQUEST['pricerange']; $timeframe=$_REQUEST['timeframe']; $questions=$_REQUEST['questions']; $toaddress = 'toaddress@mailserver.com'; $subject = 'Ideal Home Client Response '.$name; $mailcontent = 'Customer name: '.$name."\n" .'Customer cell: '.$cell. "\n" .'Customer email: '.$email."\n" .'Customer address: '.$address."\n" .'Customer city: '.$city."\n" .'Customer state: '.$state."\n" .'Customer zip: '.$zip."\n" .'Customer areas of interest: '.$areas."\n" .'Customer looking for: '.$propertytype."\n" .'Customer price range: '.$pricerange."\n" .'Customer timeframe: '.$timeframe."\n" .'Customer questions / comments: '.$questions."\n"; $fromaddress = 'From: IdealHome'; mail($toaddress, $subject, $mailcontent, $fromaddress); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Thank You</title> </head> <body> <h3>Thank You!</h3> <p>Your Ideal Home request has been sent successfully!</p> </body> </html> Quote Link to comment https://forums.phpfreaks.com/topic/120871-securing-an-email-form/ Share on other sites More sharing options...
Maq Posted August 22, 2008 Share Posted August 22, 2008 I'm no expert in the spam department but, I think spam has to do with what words/phrases you have in your email and if your black-listed or not white-listed. Isn't the mail() function all ready secure? Quote Link to comment https://forums.phpfreaks.com/topic/120871-securing-an-email-form/#findComment-623064 Share on other sites More sharing options...
tehcypress Posted August 22, 2008 Author Share Posted August 22, 2008 Well I read about header injection and was worried about that. I am not worried about my client getting spam, I am worried about spammers using my server and sending emails to others, not no my client through the mail() function. Quote Link to comment https://forums.phpfreaks.com/topic/120871-securing-an-email-form/#findComment-623117 Share on other sites More sharing options...
mmoxley Posted August 25, 2008 Share Posted August 25, 2008 I to am no SPAM expert, but why use $_request when $_post is more secure? Quote Link to comment https://forums.phpfreaks.com/topic/120871-securing-an-email-form/#findComment-624888 Share on other sites More sharing options...
mmoxley Posted August 25, 2008 Share Posted August 25, 2008 Side note for any viewers here. I think that a tut on secure mail would be great, as there are a ton of questions on how to get it done that best way. I'd love to start, but that's security is not my thing. Quote Link to comment https://forums.phpfreaks.com/topic/120871-securing-an-email-form/#findComment-624890 Share on other sites More sharing options...
coldfiretech Posted August 25, 2008 Share Posted August 25, 2008 I found a great tutorial on secure emails at http://www.w3schools.com/php/php_secure_mail.asp Hope this helps guys! -Matt Quote Link to comment https://forums.phpfreaks.com/topic/120871-securing-an-email-form/#findComment-624968 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.