[Sussex] FW: Important message regarding PHP contact scripts

[Mark Harrison (Groups)]

On Thu, 2005-12-08 at 12:13 +0000, Jon Fautley wrote:
> 
> I would hope that this message doesn't apply to anyone here.
> 
> Passing user input straight to a function such as mail(), system()
> etc? 
> Jeez...

Quite.

I've just had a look through my code, and I see 34 lines of validation
code, including a complete write of all the arguments that I end up
passing to the mail() function.

M.