Hi
I actually have my email submission written in a Perl script. I hesitate to use it because I'm not sure if it is secure enough from people using the form for SPAM.
If you would like, and I would be greatly appreciative, you can look at my email code and let me know what you think about the security issue. I could use some guidance. I'm fairly new to Perl so I know there's a lot to learn.
I'm trying to be responsible with my coding so innocent people are hassled.
I only posted the code up to the email confirmations. The rest of the code is an HTML page for confirming the registration as well as the paying online subroutine.
Here's my code:
#!/usr/bin/perl -Tw
use CGI qw(:standard);
use strict;
use lib qw(/home/brmaster/www/);
use CGI::Carp qw(fatalsToBrowser);
use CGI qw(:standard escape escapeHTML);
use Mail::Sendmail;
my ($player, $parent, $memberid, $phone, $email, $dates, $event, $stre
+et, $city, $state, $zip, $payment, $message);
$player = param("player");
$parent = param("parent");
$memberid = param("memberid");
$phone = param("phone");
$email = param("email");
$dates = param("dates");
$event = param("event");
$street = param("street");
$city = param("city");
$state = param("state");
$zip = param("zip");
$message = param("message");
$payment = param("payment");
print header,
start_html "\n";
my $choice = param ("choice");
if (($choice eq "Submit") && ($payment eq "Please bill my Bridgemill a
+ccount")|| ($payment eq
"Prefer to mail payment with this form"))
{
send_confirmation_email ();
reg_form_info_page ();
send_submit_email ();
}
elsif (($choice eq "Submit") && ($payment eq "Pay online with credit c
+ard"))
{
send_confirmation_email ();
send_submit_email ();
paypal_page ();
}
else
{
print p ("Logic error, unknown choice: $choice");
}
#@ SEND_CONFIRMATION_EMAIL
sub send_confirmation_email
{
my %mail = (
From => "support\@bridgemilltennis.com", # YOU SHOU
+LD CHANGE THIS!
To => $email,
Subject => "Registration for Power Tennis Summer Camp Submitte
+d",
Message => ""
);
my $page;
$mail{Message} = <<EOF;
Thank you for registering for the BridgeMill Power Tennis Summer Camp.
This is the information you submitted.
Player's Name: $player
Parent's Name: $parent
Telephone: $phone
Email Address: $email
Camp Date(s): $dates
Event: $event
Street: $street
City: $city
State: $state
Zip Code: $zip
Method of Payment: $payment
Message: $message
EOF
sendmail (%mail)
or $page .= p (escapeHTML ("Oops, failure sending mail to $mai
+l{To}"));
return (defined ($page) ? $page : "");
}
#@ SEND_CONFIRMATION_EMAIL
#@ SEND_SUBMIT_EMAIL
sub send_submit_email
{
my %mail = (
From => $email,
To => "support\@bridgemilltennis.com", # YOU SHOULD CHA
+NGE THIS!
Subject => "Power Tennis Summer Camp Registration Submitted",
Message => ""
);
my $page;
$mail{Message} = <<EOF;
The following player, $player, has submitted the Power Tennis Summer C
+amp registration form.
Player's Name: $player
Parent's Name: $parent
Telephone: $phone
Email Address: $email
Camp Date(s): $dates
Event: $event
Street: $street
City: $city
State: $state
Zip Code: $zip
Method of Payment: $payment
Message: $message
EOF
sendmail (%mail)
or $page .= p (escapeHTML ("Oops, failure sending mail to $mai
+l{To}"));
return (defined ($page) ? $page : "");
}
#@ SEND_SUBMIT_EMAIL
|