do you use php's mail() command in any of your scripts?

cd34 · 2005-11-23, 01:14 PM

Another very good suggestion. Remember though that DNS lookups in PHP are serialized and not multi-threaded. Get hit with a bunch of form submits at the wrong time and you've got a small Denial of Service problem on your machine.

Also, if you are putting other headers in that 4th argument, you will want to validate them to ensure good values as well.

Simple checks to check for \r, \n might give you a head start. I prefer to validate a field to make sure it contains what I want, rather than to try and figure out what I don't want.

2005-11-23, 01:14 PM	#1
cd34 a.k.a. Sparky Join Date: Sep 2004 Location: West Palm Beach, FL, USA Posts: 2,396	Another very good suggestion. Remember though that DNS lookups in PHP are serialized and not multi-threaded. Get hit with a bunch of form submits at the wrong time and you've got a small Denial of Service problem on your machine. Also, if you are putting other headers in that 4th argument, you will want to validate them to ensure good values as well. Simple checks to check for \r, \n might give you a head start. I prefer to validate a field to make sure it contains what I want, rather than to try and figure out what I don't want. __________________ SnapReplay.com a different way to share photos - iPhone & Android