[Phpwm] Securing feedback forms
Ian Munday
ian.munday at illumen.co.uk
Tue Oct 31 16:19:32 GMT 2006
On 31 Oct 2006, at 15:51, David Johnson wrote:
> I've got a few sites that have a simple feedback form to allow
> visitors to
> send feedback to a hard-coded recipient. I thought the form was
> secure such
> that spammers couldn't use it to send spam, but it seems I was
> wrong. Only
> one spam actually got sent (and it bounced) but a spammer has
> evidently found
> a way to insert arbitrary headers into the mails my form is
> generating (BCC
> etc.).
>
> My current code is here:
> http://pastebin.co.uk/4915
>
> (btw, what happened to the PHPWM pastebin?)
>
> I'm intending to add addslashes() to it, but apart from that is
> there anything
> else I can/should do to sanitise input?
>
> TIA,
> David.
I haven't, but has anyone used http://akismet.com ?
It's geared for blogs (e.g. WordPress), but I wonder if it can be
extended for general form spam filtering (the FAQ seem to elude to
this).
Regards,
Ian
More information about the Phpwm
mailing list