Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses

Re: Using The Mail::Sendmail module in CGI Script

by b10m (Vicar)
on Jul 19, 2006 at 08:31 UTC ( #562223=note: print w/replies, xml ) Need Help??

in reply to Using The Mail::Sendmail module in CGI Script

This is not really answering your question, but I noticed you just blindly use the user's input. Never trust your users! ;-) What if I craft my POST or GET request so that the recipient variable looks something like:\nBcc:,,
Please run some tests over the values you receive, before spitting them to a mail process.

Spammers will love your script ;-)


All code is usually tested, but rarely trusted.

Replies are listed 'Best First'.
Re^2: Using The Mail::Sendmail module in CGI Script
by msk_0984 (Friar) on Jul 19, 2006 at 09:00 UTC
    yeah but i am just trying out this program and not yet tried to complete it . But what u have said is that my script is having security risk so how can i enable it.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://562223]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (3)
As of 2022-12-03 23:29 GMT
Find Nodes?
    Voting Booth?

    No recent polls found