My webhost sent the following email and request: How do I correct or modify to protect against this? Isn't that what this is? } elseif(!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) { print " <h3 >Sorry the email address you entered looks like it's invalid.</h3>"; } HTML: Help! Thanks
No, that line just checks to see if the email address looks like an email address. You likely need to check your script to ensure it is hardened against Email Injection attacks. You can find instructions for how to do this at this PHP Email Injection Attacks page.