Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl-Sensitive Sunglasses
 
PerlMonks  

Re: Using The Mail::Sendmail module in CGI Script

by b10m (Vicar)
on Jul 19, 2006 at 08:31 UTC ( #562223=note: print w/replies, xml ) Need Help??


in reply to Using The Mail::Sendmail module in CGI Script

This is not really answering your question, but I noticed you just blindly use the user's input. Never trust your users! ;-) What if I craft my POST or GET request so that the recipient variable looks something like:

recip1@doma.in\nBcc: recip2@doma.in, recip3@doma.in, recip4@doma.in
Please run some tests over the values you receive, before spitting them to a mail process.

Spammers will love your script ;-)

--
b10m

All code is usually tested, but rarely trusted.

Replies are listed 'Best First'.
Re^2: Using The Mail::Sendmail module in CGI Script
by msk_0984 (Friar) on Jul 19, 2006 at 09:00 UTC
    yeah but i am just trying out this program and not yet tried to complete it . But what u have said is that my script is having security risk so how can i enable it.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://562223]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (3)
As of 2022-12-03 23:29 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found

    Notices?