i posted this a while ago but got no replies…:*(
anyway, i thought id give it another go.
I am running a contact form in my flash website that uses a php file to send an email to me containing certain variables. Since i put this online, i have recieved a lot of spam mail to this address. I have been told that my code is vulnerable to attack form spammers by php injection??? Im not very clever and dont really know how to safeguard against this. I have looked a few articles about this but i am a young naieve newbie and dont really understand them. Could anyone help me secure my php code? It is fairly simple as below:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>untitled</title>
</head>
<body>
<?
$name = $_POST["name"];
$email = $_POST["email"];
$number = $_POST["number"];
$message = $_POST["message"];
$to = "myemail@somewhere.com";
$subject = "website enquiry";
$msg = "$name has contacted you regarding your website. Their contact details are below:
email address- $email contact phone number- $number
";
$msg .= "Message from $name:
$message
";
mail($to, $subject, $msg, "From: apryan website
Reply-To:$email
");
?>
</body>
</html>
