[nycphp-talk] Header Injection
Urb LeJeune
urb at e-government.com
Sun Sep 23 10:04:30 EDT 2007
>We had a discussion on this a few years back.
>Check out http://www.nyphp.org/phundamentals/email_header_injection.php
This is a wonderful tutorial, thank you for pointing it out.
I've made one little addition to the filtering after submit code.
$FormVariables = ($_POST) ? $_POST : $_GET;
foreach( $FormVariables as $value ){...stuff }
Since most forms use post and URL encoded variables are get this alleviates
the need to have two different functions.
Urb
Dr. Urban A. LeJeune, President
E-Government.com
800-204-9545
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20070923/2d86c44d/attachment.html>
More information about the talk
mailing list