PHP mail function safety

From: PiedmontBiz (piedmontbiz_at_aol.com)
Date: 01/05/05 

Date: 05 Jan 2005 07:51:28 GMT

Greetings

I have recently begun to code with PHP. I have used with the mail() function
and I like it a log compared to FormMail.pl. (FormMail is a great program don't
get me wrong)

Recently I have been going over my code to make sure I am trapping tainted
$_POST data from the forms I used.

I notice that FormMail.pl does checks for tainted input. Does the builtin
mail() do do the same? Or should I setup my own tests before submitting to
mail()?

Or is this even an issue with PHP?
Allen.

Relevant Pages

  • FreeBSD 4.10 problems sending mail with web form scripts
    ... I have got a problem with a FreeBSD 4.10 system. ... Perl and PHP do work. ... If someone fills out the web form, Formmail switches to the redirect ...
    (comp.unix.bsd.freebsd.misc)
  • Re: formmail
    ... firstly formmail is perl not php, second it is very outdated and ... insecure. ...
    (alt.php)
  • Re: WHAT IS THE POINT OF FORMMAIL ?
    ... No one needs this outdated crap anymore. ... > 3 lines of PHP can do what shitty formmail does and better and more ... > Formmail is the spammers choice, formmail is so controversial that many ... Totally pointless useless shit. ...
    (comp.lang.perl.misc)
  • Re: Sendmail not sending WAS email app i can use
    ... > you need to do some debugging to see what's going on. ... print out the variables that you're submitting to the mail ... > check the sendmail man page to find the commands necessary to check ... > messages it may be giving if/when it gets a message from php. ...
    (Fedora)
  • Re: PHP page get executed twice
    ... I am running PHP5 ISAPI on 2003 server. ... The script is a PHP page with a form. ... after submitting the form there are tworecords inserted so it looks ...
    (comp.lang.php)