Hi,
I have a .php script which I used in conjuction with a flash interface so users of my site can “send my site” to a friend.
ftp access to my hosting account was closed for a while this week, due to a spammer abusing my script. How do I protect against this in the future, it has caused major headaches this week.
Many thanks in advance.
devinstar
ps.
This is the current script, (I named it email.php which I am sure was an error on my part, I will change this to a less “vunerale name”. What else can I do?)
<?php
$sendTo1 = $_POST[“email1”];
$sendTo2 = $_POST[“email2”];
$sendTo3 = $_POST[“email3”];
$uemail = $_POST[“uemail”];
$alwaysSendTo = "me@myemailadress.com";
$subject = $_POST[“name”] . " thinks you should check out this awesome surf site!";
$headers = "From: " . $_POST[“name”];
$headers .= “<” . $_POST[“email”] . ">
";
$headers .= "Reply-To: " . $_POST[“email”] . "
";
$headers .= "Return-Path: " . $_POST[“email”];
$message = "Your friend " . $_POST[“name”] . " thinks you should check out this site!
" ;
$message .= "Message from your friend
" .$_POST[“message”] . "
";
$message .= “mywebsite is a revolutionary surf report website with an animated surf report, how waves work page, surf games and more!”;
$message .= "
Thanks
SURFSIZENOW Team";
$emails = $_POST[“email1”] . "
";
$emails .= $_POST[“email2”] . "
";
$emails .= $_POST[“email3”] . "
";
$emails .= $_POST[“uemail”]. "
";
mail($sendTo1, $subject, $message, $headers);
mail($sendTo2, $subject, $message, $headers);
mail($sendTo3, $subject, $message, $headers);
mail($alwaysSendTo, $subject, $message, $emails, $headers);
?>
