[thelist] form field safety

Joel D Canfield joel at bizba6.com
Sun Oct 26 21:20:50 CDT 2008

> Just have the server email it to you as plain text. And make sure
> isn't any way that the submitted could "inject" a header into the SMTP
> message - everything they submit must go into the SMTP body. When it
> to your mail client, it's just a bunch of plain text...
> Cheers
> Ken

straightforward enough; I think my fevered mind was trying to complicate
it based on my recent database debacles. no db involved here, so lesser



More information about the thelist mailing list