PHP 保险的电子邮件
PHP 安全的电子邮件
PHP 安全的电子邮件PHP E-mailPHP Error在上一节中的 PHP e-mail 脚本中,存在着一个漏洞。PHP E-mail 注入首先,请看上一节中的 PHP 代码:<html><body><?phpif (isset($_REQUEST['email']))//if "email" is filled out, send email { //send email $email = $_REQUEST['email'] ; $subject = $_REQUEST['subject'] ; $message = $_REQUEST['message'] ; mail("[email protected]", "Subject: $subject", $message, "From: $email" ); echo "Thank you for using our mail form"; }else//if "email" is not filled out, display the form { echo "<form method='post' action='mailform.php'> Email: <input name='email' type='text' /><br /> Subject: <input name='subject' type='text' /><br /> Message:<br /> <textarea name='message' rows='15' cols='40'> </textarea><br /> <input type='submit' /> </form>"; }?></body></html>以上代码存在的问题是,未经授权的用户可通过输入表单在邮件头部插入数据。假如用户在表单中的输入框内加入这些文本,会出现什么情况呢?[email protected]%0ACc:[email protected]%0ABcc:[email protected],[email protected],[email protected],[email protected]%0ABTo:[email protected]与往常一样,mail() 函数把上面的文本放入邮件头部,那么现在头部有了额外的 Cc:, Bcc: 以及 To: 字段。当用户点击提交按钮时,这封 e-mail 会被发送到上面所有的地址!PHP 防止 E-mail 注入防止 e-mail 注入的最好方法是对输入进行验证。下面的代码与上一节类似,不过我们已经增加了检测表单中 email 字段的输入验证程序:<html><body><?phpfunction spamcheck($field) { //filter_var() sanitizes the e-mail //address using FILTER_SANITIZE_EMAIL $field=filter_var($field, FILTER_SANITIZE_EMAIL); //filter_var() validates the e-mail //address using FILTER_VALIDATE_EMAIL if(filter_var($field, FILTER_VALIDATE_EMAIL)) { return TRUE; } else { return FALSE; } }if (isset($_REQUEST['email'])) {//if "email" is filled out, proceed //check if the email address is invalid $mailcheck = spamcheck($_REQUEST['email']); if ($mailcheck==FALSE) { echo "Invalid input"; } else {//send email $email = $_REQUEST['email'] ; $subject = $_REQUEST['subject'] ; $message = $_REQUEST['message'] ; mail("[email protected]", "Subject: $subject", $message, "From: $email" ); echo "Thank you for using our mail form"; } }else {//if "email" is not filled out, display the form echo "<form method='post' action='mailform.php'> Email: <input name='email' type='text' /><br /> Subject: <input name='subject' type='text' /><br /> Message:<br /> <textarea name='message' rows='15' cols='40'> </textarea><br /> <input type='submit' /> </form>"; }?></body></html>在上面的代码中,我们使用了 PHP 过滤器来对输入进行验证:FILTER_SANITIZE_EMAIL 从字符串中删除电子邮件的非法字符FILTER_VALIDATE_EMAIL 验证电子邮件地址
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1387
52
What are the differences between Huawei GT3 Pro and GT4?
Dec 29, 2023 pm 02:27 PM
Many users will choose the Huawei brand when choosing smart watches. Among them, Huawei GT3pro and GT4 are very popular choices. Many users are curious about the difference between Huawei GT3pro and GT4. Let’s introduce the two to you. . What are the differences between Huawei GT3pro and GT4? 1. Appearance GT4: 46mm and 41mm, the material is glass mirror + stainless steel body + high-resolution fiber back shell. GT3pro: 46.6mm and 42.9mm, the material is sapphire glass + titanium body/ceramic body + ceramic back shell 2. Healthy GT4: Using the latest Huawei Truseen5.5+ algorithm, the results will be more accurate. GT3pro: Added ECG electrocardiogram and blood vessel and safety
How to use email, smtplib, poplib, imaplib modules to send and receive emails in Python
May 16, 2023 pm 11:44 PM
The journey of an email is: MUA: MailUserAgent - Mail User Agent. (i.e. email software similar to Outlook) MTA: MailTransferAgent - Mail transfer agent, which is those email service providers, such as NetEase, Sina, etc. MDA: MailDeliveryAgent - Mail delivery agent. A server of the Email service provider sender->MUA->MTA->MTA->if
Fix: Snipping tool not working in Windows 11
Aug 24, 2023 am 09:48 AM
Why Snipping Tool Not Working on Windows 11 Understanding the root cause of the problem can help find the right solution. Here are the top reasons why the Snipping Tool might not be working properly: Focus Assistant is On: This prevents the Snipping Tool from opening. Corrupted application: If the snipping tool crashes on launch, it might be corrupted. Outdated graphics drivers: Incompatible drivers may interfere with the snipping tool. Interference from other applications: Other running applications may conflict with the Snipping Tool. Certificate has expired: An error during the upgrade process may cause this issu simple solution. These are suitable for most users and do not require any special technical knowledge. 1. Update Windows and Microsoft Store apps
How to Fix Can't Connect to App Store Error on iPhone
Jul 29, 2023 am 08:22 AM
Part 1: Initial Troubleshooting Steps Checking Apple’s System Status: Before delving into complex solutions, let’s start with the basics. The problem may not lie with your device; Apple's servers may be down. Visit Apple's System Status page to see if the AppStore is working properly. If there's a problem, all you can do is wait for Apple to fix it. Check your internet connection: Make sure you have a stable internet connection as the "Unable to connect to AppStore" issue can sometimes be attributed to a poor connection. Try switching between Wi-Fi and mobile data or resetting network settings (General > Reset > Reset Network Settings > Settings). Update your iOS version:
php提交表单通过后,弹出的对话框怎样在当前页弹出,该如何解决
Jun 13, 2016 am 10:23 AM
php提交表单通过后,弹出的对话框怎样在当前页弹出php提交表单通过后,弹出的对话框怎样在当前页弹出而不是在空白页弹出?想实现这样的效果:而不是空白页弹出:------解决方案--------------------如果你的验证用PHP在后端,那么就用Ajax;仅供参考:HTML code
Is watch4pro better or gt?
Sep 26, 2023 pm 02:45 PM
Watch4pro and gt each have different features and applicable scenarios. If you focus on comprehensive functions, high performance and stylish appearance, and are willing to bear a higher price, then Watch 4 Pro may be more suitable. If you don’t have high functional requirements and pay more attention to battery life and reasonable price, then the GT series may be more suitable. The final choice should be decided based on personal needs, budget and preferences. It is recommended to carefully consider your own needs before purchasing and refer to the reviews and comparisons of various products to make a more informed choice.
In Java, can we declare a top-level class as protected or private?
Sep 12, 2023 pm 07:21 PM
No, we cannot declare top-level classes as private or protected. It can be public or default (no modifiers). If there are no modifiers, there should be default access. Syntax //Atoplevelclass publicclassTopLevelClassTest{ //Classbody} If a top-level class is declared as private, the compiler will report an error, prompting "The modifier private is not allowed here." This means that top-level classes cannot be private, the same applies to protected access
How to optimize iPad battery life with iPadOS 17.4
Mar 21, 2024 pm 10:31 PM
How to Optimize iPad Battery Life with iPadOS 17.4 Extending battery life is key to the mobile device experience, and the iPad is a good example. If you feel like your iPad's battery is draining too quickly, don't worry, there are a number of tricks and tweaks in iPadOS 17.4 that can significantly extend the run time of your device. The goal of this in-depth guide is not just to provide information, but to change the way you use your iPad, enhance your overall battery management, and ensure you can rely on your device for longer without having to charge it. By adopting the practices outlined here, you take a step toward more efficient and mindful use of technology that is tailored to your individual needs and usage patterns. Identify major energy consumers
