Jump to content


Photo

How secure is unauthorised PHP email and comments???


  • Please log in to reply
1 reply to this topic

#1 bubster119

bubster119
  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 26 October 2006 - 10:14 PM

Hi, I'm at the design stages of design a portfolio site and am thinking of incorporating a PHP "email this link" function, so that users can email the page url to friend etc.

My question is how secure is this function? can I expect for spammers to hack my site and abuse this function or am I being paranoid? I've noticed on some sites that allow anonymous commenting that they sometimes become populated by viagra adds and the usuall crap. I don't really want to include an image verification script, would it make any difference if the "email this link" function had a flash front-end?

Any advice or suggestions for further reading would be appreciated as i'm pretty new to PHP.

Cheers

#2 Psycho

Psycho
  • Moderators
  • Move along, nothing to see here
  • 11,892 posts
  • LocationCanada

Posted 26 October 2006 - 10:34 PM

I don't see an issue. As long as the mail function is handled on the back end and you only allow them to email the link (and possibly a very short message) I don't see why a spammer would want to use it. Why would they be interested in sending a link to your site to thousands of people. Just make sure that any user input text is short, is stripped of html formatting,  and cannot be injected.
The quality of the responses received is directly proportional to the quality of the question asked.

I do not always test the code I provide, so there may be some syntax errors. In 99% of all cases I found the solution to your problem here: http://www.php.net




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users