Jump to content


Photo

MAIL() Security


  • Please log in to reply
No replies to this topic

#1 theflea912

theflea912
  • Members
  • PipPip
  • Member
  • 11 posts

Posted 27 March 2006 - 02:03 PM

Let me try posting again because me last post couldn't be found or whatever. So I have a form. I than have a script that mails me the form. The script looks like this:

An email has been sent to the Director of Human Resources.
Thank you for apply, you will hear back in a bit.

<?php
$body = "Application Alert!\n\n";
foreach($_POST as $field => $value) {
$body .= sprintf("%s = %s\n", $field, $value);
}

mail("theflea912@gmail.com", "APPLYING PILOT!", $body,
'From: "APPLY" <apply@qantasva.com');
?>

My friend at least acts like he knows what he is doing, and told me that somebody could delete all the files on the webserver by useing a UNIX command. Is this true?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users