discern Posted January 14, 2008 Share Posted January 14, 2008 Is it really necessary to check for newline characters in form a injection function? I mean, if you are searching for everything else spammers seem to use, like content-type, mime-version, href, cc:, multipart/, content-transfer-encoding, http://, just to name a few, would it still be possible for the spammer to inject headers if you did not check for newline characters? I have a form with several textareas, some of which will vary depending on previous selections, and not having to check for newlines would speed up coding a bit. Link to comment https://forums.phpfreaks.com/topic/85947-form-injection-question/ Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.