Results 1 to 2 of 2
  1. #1
    Join Date
    Jun 2003
    Washington, DC

    PHP to send email: security question

    We have jailed PHP on a separate virtual machine to restrict fallout from any insecure customer scripts (we do try to vet them, but ...). One of our PHP-using customers wants to generate emails from his PHP form, much as standard CGI scripts can post form contents to email.

    The PHP resources that we have don't specifically address security issues related to this, so we wondered if the collective wisdom of the forum could assist us in deciding if this is a good use of PHP.

    [email protected]

  2. #2

    Most mail scripts in PHP require global_variables to be turned on, which presents a security risk. There are a couple of workarounds for global_variables. Is this customer going to be sending attachments as well?


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts