email form injection?

blanius

Hasn't anyone come up with a simple function for processing a form email to handle the dang spammers injecting headers into form emails?

I'm using one that seems to work but I'm not confident that it's complete.

Bobulous

Well, I had spammers attacking a stupid hole in my mailform script. See my page on the subject:

Mailform abuse by header injection.

It includes my method for checking user-provided names and email addresses using a whitelist approach. It's not wrapped in a function because I only use each piece of code once, but you could wrap it in a function if you were going to check a lot of data the same way.