I use php to mail me from any forms submitted on my website, but due to some code injection attacks I've locked them all down by stopping the code and returning an error when certain characters/symbols etc are used. So my question is, is it possible to write this information to a text file or other should it not send an email? Thanks Ian
Store it in a database and check messages at your leisure. Use PHP to reply to the messages via email. That's about as secure as it gets... wait a sec... I feel a script coming on *gets to work*
Hi George, Thanks for that.... I'm happy with the way it works, just I'd like to view the information that they were trying to send when it reports an error message, mainly to check that they where not valued customers but only robots/spam. Ian
Try tutorials like this one. Instead of echoing the error, just write the message as normal and pretend it was sent to fool them.
Thanks for that TOPS, God they love G ads on that site! According to the code does that mean I could do this... Change this: fwrite($fp, $your_data); Code (markup): TO fwrite($fp, $tel); Code (markup): With $tel being a post command $tel = $_POST['tel'];
Yeah, that should do the trick if $tel holds your data. You might want to add \n\n and and a whole line of ################## and \n\n again to separate entries.