[Nottingham] php mail function character escapes
Martin
martin at ml1.co.uk
Tue Oct 5 22:37:37 UTC 2010
Folks,
(Using php5)
I'm trying to use:
mail(FORM_mailto, FORM_mailsubj, stripslashes($mailbody), FORM_mailhead);
for mailing out user entered form data. "mailbody" is collected from a
textbox on the form.
I'm using:
if (filter_var(FORM_email, FILTER_VALIDATE_EMAIL))
to wipe out silly email addresses and spamming attempts.
So...
Is the "stripslashes($mailbody)" safe against spammers?
Even so, I still see such as quotes and various shift-characters escaped
or even converted to their escaped octal codes. Not pretty to look at in
the resultant email!
So what bit of detail am I missing? How can I avoid the email escapes?
Cheers,
Martin
--
----------------
Martin Lomas
martin at ml1.co.uk
----------------
More information about the Nottingham
mailing list