Beefy Boxes and Bandwidth Generously Provided by pair Networks
good chemistry is complicated,
and a little bit messy -LW
 
PerlMonks  

不ecurity alert TWO, was Re: Re: Contact Form

by merlyn (Sage)
on Mar 23, 2002 at 02:22 UTC ( [id://153705]=note: print w/replies, xml ) Need Help??


in reply to Re: Contact Form
in thread Contact Form

Oops. Twice in a row: 
open MAIL,'|/usr/lib/sendmail -t' or die "error with email"; 
 
print MAIL "To: youremail@somewhere.com\n"; 
print MAIL "From: theiremail@somewhere.com\n"; 
print MAIL "Subject: form stuff\n"; 
 
print MAIL "name: ", $query->param(name), "\n"; 
print MAIL "subject: ", $query->param(subject), "\n"; 
print MAIL "email: ", $query->param(emailaddy), "\n"; 
print MAIL "message: ", $query->param(message), "\n";

[download]
You aren't ending your header with a blank line, so what you think is in the body is still in the header, and hence could be used for spam! Also, you have an "@" inside a double-quoted string, and you're using barewords for "name" and "subject", etc, so "use strict" will be all over your ass for both of those, and rightfully so.

Maybe you should just concede at this point.

-- Randal L. Schwartz, Perl hacker

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://153705]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others wandering the Monastery: (4)
As of 2024-04-24 13:03 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found