Jump to content

Archived

This topic is now archived and is closed to further replies.

theflea912

MAIL() Security

Recommended Posts

Let me try posting again because me last post couldn't be found or whatever. So I have a form. I than have a script that mails me the form. The script looks like this:

An email has been sent to the Director of Human Resources.
Thank you for apply, you will hear back in a bit.

<?php
$body = "Application Alert!\n\n";
foreach($_POST as $field => $value) {
$body .= sprintf("%s = %s\n", $field, $value);
}

mail("theflea912@gmail.com", "APPLYING PILOT!", $body,
'From: "APPLY" <apply@qantasva.com');
?>

My friend at least acts like he knows what he is doing, and told me that somebody could delete all the files on the webserver by useing a UNIX command. Is this true?

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.