Jump to content

php web form


GreatName

Recommended Posts

 

I am very, very new to php and I though that I found this great one size fits all php script that will handle all my forms no matter what the field name is.

 

<?php
if ($_SERVER['REQUEST_METHOD']=="POST"){
if (strpos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])>8 ¦¦
!strpos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST']))
die("Bad referer");
$msg="Values submitted by the user:\n";
foreach($_POST as $key => $val){
if (is_array($val)){
$msg.="Item: $key\n";
foreach($val as $v){
$v = stripslashes($v);
$msg.=" $v\n";
}
} else {
$val = stripslashes($val);
$msg.="$key: $val\n";
}
}
$recipient="[email protected]";
$subject="Subject line of email";
error_reporting(0);
if (mail($recipient, $subject, $msg)){
echo "<h1>Thank you</h1><p>Response message</p>\n";
echo nl2br($input);
} else
echo "An error occurred and the message could not be sent.";
} else
echo "Bad request method";
?>

 

However, I am worried that my form may get hijacked and therefore I wanted to place some security.

 

So I found

 

function clean_input_4email($value, $check_all_patterns = true)
{
$patterns[0] = '/content-type:/';
$patterns[1] = '/to:/';
$patterns[2] = '/cc:/';
$patterns[3] = '/bcc:/';
if ($check_all_patterns)
{
$patterns[4] = '/\r/';
$patterns[5] = '/\n/';
$patterns[6] = '/%0a/';
$patterns[7] = '/%0d/';
}
}

 

however I cannot figure out how to call this function or even if this is the best solution.

 

If anybody can help me, I would be most thankfull.

Link to comment
https://forums.phpfreaks.com/topic/63801-php-web-form/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.