Hi,
I would be grateful for some help. I have a script that works, but I need to beef up the security. Any pointers would be great.
The script just takes the content from a webpage and emails it to one email address. Nothing needs to be entered by any user.
How can I make it secure, to stop any chance of spammers using it?
I will put the connections file outside public_html.
What else can I do?
Thank you for your help
Jonathan
<?php
//define the receiver of the email
$to = 'MY EMAIL ADDRESS';
//define the subject of the email
$subject = 'SUBJECT';
//define the message to be sent. Each line should be separated with \n
$message = $content ;
//define the headers we want passed. Note that they are separated with \r\n
$headers = "From: from-email \r\nReply-To: replyto-email";
//send the email
$from = urldecode($subject);
if (eregi("\r",$from) || eregi("\n",$from)){
die("Spammer detected");
}
if ( preg_match( "/[\r\n]/", $to) || preg_match( "/[\r\n]/", $subject )) {
die("Spammer detected");
}
$mail_sent = @mail( $to, $subject, $message, $headers );
//if the message is sent successfully print "Mail sent". Otherwise print "Mail failed"
echo $mail_sent ? "Mail sent" : "Mail failed";
?>
