LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 01-17-2013, 08:02 AM   #1
alfred_e_neuman
LQ Newbie
 
Registered: Jan 2013
Posts: 11

Rep: Reputation: Disabled
PHP contact form help


Hi to all. This seems to be my week for asking questions, I guess.

Yesterday, we had a massive email attack which we believe was caused by a bot that harvested the email address from the contact form on our Web site. The file is named mail.php, and contains the following lines:

Code:
<?php
$ToEmail = 'recipient@ourcompany.com';
$EmailSubject = 'Company website contact form ';
$mailheader = "From: ".$_POST["email"]."\r\n";
~
I thought that simply replacing the email address of the recipient with the ascii equivalent in "$ToEmail", so as to obfuscate the address, would do the trick. Unfortunately, that fails. Can anyone show me how to do this correctly?

Many thanks.
 
Old 01-17-2013, 09:11 AM   #2
thesnow
Member
 
Registered: Nov 2010
Location: Minneapolis, MN
Distribution: Ubuntu, Red Hat, Mint
Posts: 113

Rep: Reputation: 25
Can you post the error message and any other relevant lines of code?
 
Old 01-17-2013, 09:13 AM   #3
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 13,772

Rep: Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346
Quote:
Originally Posted by alfred_e_neuman View Post
Hi to all. This seems to be my week for asking questions, I guess.
Yesterday, we had a massive email attack which we believe was caused by a bot that harvested the email address from the contact form on our Web site. The file is named mail.php, and contains the following lines:

I thought that simply replacing the email address of the recipient with the ascii equivalent in "$ToEmail", so as to obfuscate the address, would do the trick. Unfortunately, that fails. Can anyone show me how to do this correctly?
Why do you say it fails? If it's because you continue to get spam....well, they already HAVE your address. Changing the address on the form won't do much, unless you know they're shoveling it through your PHP form, which is a possibility. You could always rename the page with the contact form on it, which would break any links/programs that spam bots are using, but it would be invisible to your users, since all they'll do is click the "Contact Us" button.

First thing I'd do is to create another mail address for that user, and just forward all emails from the original, compromised user to it, through your spam filter. That should cut things down dramatically (what spam filter are you using?) There are lots of good ways to hid addresses in PHP, some simple, some harder. These two pages have some good ideas:
http://csarven.ca/hiding-email-addresses
http://www.givegoodweb.com/post/67/php-email-obfuscate

The second link is my preferred method.
 
Old 01-17-2013, 11:44 AM   #4
alfred_e_neuman
LQ Newbie
 
Registered: Jan 2013
Posts: 11

Original Poster
Rep: Reputation: Disabled
I'm not getting any more spam; I took care of that part by changing the email address. I obviously don't want a repeat of what we encountered earlier.

What I mean by "it fails" is that, if I substitute in the recipient email address sales@tld.com in ascii rather than text, the contact form info isn't mailed. Can I put ascii in "$ToEmail =" and, if so, how do I need to enter it?

Last edited by alfred_e_neuman; 01-17-2013 at 11:53 AM.
 
Old 01-17-2013, 01:59 PM   #5
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 13,772

Rep: Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346
Quote:
Originally Posted by alfred_e_neuman View Post
I'm not getting any more spam; I took care of that part by changing the email address. I obviously don't want a repeat of what we encountered earlier.

What I mean by "it fails" is that, if I substitute in the recipient email address sales@tld.com in ascii rather than text, the contact form info isn't mailed. Can I put ascii in "$ToEmail =" and, if so, how do I need to enter it?
Yes, you can put it in ASCII or hex...the first link I posted has examples on how to do it. Also, you may want to try this handy little PHP function, hide_email:

Call it with:
Code:
<?php echo hide_email('sales@ltd.com'); ?>
...and the function itself:
Code:
function hide_email($email) { $character_set = '+-.0123456789@ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz'; 
$key = str_shuffle($character_set); 
$cipher_text = ''; 
$id = 'e'.rand(1,999999999); 
for ($i=0;$i<strlen($email);$i+=1) $cipher_text.= $key[strpos($character_set,$email[$i])]; 
$script = 'var a="'.$key.'";var b=a.split("").sort().join("");var c="'.$cipher_text.'";var d="";'; 
$script.= 'for(var e=0;e<c.length;e++)d+=b.charAt(a.indexOf(c.charAt(e)));'; 
$script.= 'document.getElementById("'.$id.'").innerHTML="<a href=\\"mailto:"+d+"\\">"+d+"</a>"'; 
$script = "eval(\"".str_replace(array("\\",'"'),array("\\\\",'\"'), $script)."\")"; 
$script = '<script type="text/javascript">/*<![CDATA[*/'.$script.'/*]]>*/</script>'; 
return '<span id="'.$id.'">[javascript protected email address]</span>'.$script; }
If you use that, the link on your page will be just "sales@ltd.com". If someone tries to view the source of the page to scrape the address, however, it'll look something like:
Code:
<span id="e790368416">[javascript protected email address]</span>
<script type="text/javascript">/*<![CDATA[*/eval("var a=\"nfcI46vymj8-W7aRh0pigQqoK329ruH.
skSLtGFwxDYXb+EO@ZUAlCJPT_dVez51NMB\";var b=a.split(\"\").sort().join(\"\");var c=\"e+Ve7e+VecXPC\";
var d=\"\";for(var e=0;e<c.length;e++)d+=b.charAt(a.indexOf(c.charAt(e)));
document.getElementById(\"e790368416\").innerHTML=\"<a href=\\\"mailto:\"+d+\"\\\">\"+d+\"</a>\"")/*]]>*/
</script>

Last edited by TB0ne; 01-17-2013 at 02:03 PM.
 
Old 01-17-2013, 02:25 PM   #6
YankeePride13
Member
 
Registered: Aug 2012
Distribution: Ubuntu 10.04, CentOS 6.3, Windows 7
Posts: 166

Rep: Reputation: 34
@OP

If you have a mailto link on your page, remove it and substitute it for a form that will send the e-mail via hidden server-side PHP scripts to the address that will then be undisclosed. Place a captcha on this page so that you can restrict form submissions to those that can properly read the captcha and submit the accurate captcha response and not page-scraping bots.
 
Old 01-17-2013, 02:31 PM   #7
alfred_e_neuman
LQ Newbie
 
Registered: Jan 2013
Posts: 11

Original Poster
Rep: Reputation: Disabled
TBone, forgive my stupidity, but where would those lines go in my php file?
 
Old 01-17-2013, 03:50 PM   #8
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 13,772

Rep: Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346Reputation: 2346
Quote:
Originally Posted by alfred_e_neuman View Post
TBone, forgive my stupidity, but where would those lines go in my php file?
That's up to you. Put the "echo" line that calls the routine wherever you put your mail address now. Put the rest of it somewhere on your current PHP page.
 
Old 01-17-2013, 04:18 PM   #9
alfred_e_neuman
LQ Newbie
 
Registered: Jan 2013
Posts: 11

Original Poster
Rep: Reputation: Disabled
I think I've provided incomplete and unclear information to you about my issue. Apologies. Oh, and did I say that I didn't write this (programmer long gone, and out-of-touch), am tasked with fixing it, and am not really a programmer. There, I've come out! :-)

On our Web site, we have a contact page. Here's a code snippet from it:

Code:
    <h1>CONTACT FORM
    </h1><br />
      <br />
     <form action="mail.php" method="POST" name="contact_form" onsubmit="return validate()"  style="margin:0px;">
     <span class="fields"><strong>Dealership Name</strong> (required):</span>
        <input name="dealership" type="text" class="frmField1" id="dealership" />

	  <span class="fields"><strong>Contact Name</strong> (required):</span>
        <input name="contact_name" type="text" class="frmField1" id="contact_name" />

 <span class="fields"><strong>Address</strong> (required):</span>
       <input name="address" type="text" class="frmField1" id="address"/>

 <span class="fields"><strong>City</strong> (required):</span>
       <input name="city" type="text" class="frmField1" id="city"/>

	 <span class="fields"><strong>State</strong> (required):</span>
      <input name="state" type="text" class="frmField1" id="state" />

	  <span class="fields"><strong>ZIP</strong> (required):</span>
      <input name="zip" type="text" class="frmField1" id="zip" maxlength="5"  />

 <span class="fields"><strong>Phone</strong> (required):</span>
      <input name="phone" type="text" class="frmField1" id="phone" />

 <span class="fields"><strong>E-mail</strong> (required):</span>
     <input name="email" type="text" class="frmField1" id="email" />

	 <span class="fields"><strong>Comments:</strong></span>
       <textarea name="comments" cols="45" rows="5" class="frmField2" id="comments"></textarea>


      <input type="image" src="http://www.linuxquestions.org/questions/images/send.jpg" width="152" height="40" alt="Submit Form" border="0">

      </form>
	  <br />
  </div>
  </div>
As can be seen in the snippet, there's a form submission button. Also, there's reference to mail.php, which looks like this:

Code:
<?php
$ToEmail = 'sales@mycompany.com';
$EmailSubject = 'Mycompany website contact form ';
$mailheader = "From: ".$_POST["email"]."\r\n";
$mailheader .= "Reply-To: ".$_POST["email"]."\r\n";
$mailheader .= "Content-type: text/html; charset=iso-8859-1\r\n";
$MESSAGE_BODY .= "Dealership: ".$_POST["dealership"]."<br>";
$MESSAGE_BODY .= "Name: ".$_POST["contact_name"]."<br>";
$MESSAGE_BODY .= "Address: ".$_POST["address"]."<br>";
$MESSAGE_BODY .= "City: ".$_POST["city"]."<br>";
$MESSAGE_BODY .= "State: ".$_POST["state"]."<br>";
$MESSAGE_BODY .= "Zip: ".$_POST["zip"]."<br>";
$MESSAGE_BODY .= "Phone: ".$_POST["phone"]."<br>";
$MESSAGE_BODY .= "Email: ".$_POST["email"]."<br>";
$MESSAGE_BODY .= "Comments: ".nl2br($_POST["comments"])."<br>";
mail($ToEmail, $EmailSubject, $MESSAGE_BODY, $mailheader) or die ("Failure");
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Mycompany Corporation</title>
<link href="script-css/style_inner.css" rel="stylesheet" type="text/css" />
<link href="script-css/slider.css" rel="stylesheet" type="text/css" />
<link rel="stylesheet" href="script-css/nivo-slider.css" type="text/css" media="screen" />

<script src="script-css/jquery.js"></script>
<script src="script-css/modernizr.js"></script>

<script>
$(document).ready(function(){

if(!Modernizr.input.placeholder){

	$('[placeholder]').focus(function() {
	  var input = $(this);
	  if (input.val() == input.attr('placeholder')) {
		input.val('');
		input.removeClass('placeholder');
	  }
	}).blur(function() {
	  var input = $(this);
	  if (input.val() == '' || input.val() == input.attr('placeholder')) {
		input.addClass('placeholder');
		input.val(input.attr('placeholder'));
	  }
	}).blur();
	$('[placeholder]').parents('form').submit(function() {
	  $(this).find('[placeholder]').each(function() {
		var input = $(this);
		if (input.val() == input.attr('placeholder')) {
		  input.val('');
		}
	  })
	});

}

});
</script>

<script type="text/javascript" src="script-css/lytebox.js"></script>
<link rel="stylesheet" type="text/css" href="script-css/lytebox.css" media="screen" />
<script type="text/javascript">

			$(function() {

				$("#tabs").tabs({ selected: 0 });

			});



			function initalizeGoogleMaps() {

				frames['lbIframe'].initialize();

			}



			var bMobileDevice = $lb.isMobile();



			// Show the Steve Jobs tribute.

			function showTribute() {

				$lb.launch({

					url: "steve_jobs.png",

					options: "showPrint:true",

					title: "Steve Jobs, 1955-2011",

					description: '<a href="https://www.cancer.org/Involved/Donate/index" target="_blank" onclick="trackDownload(\'ACS Donate\')">Click here to make a donation to the American Cancer Society</a>'

				});

			}



			// This will reparse the page to enable FB Like buttons that were added after page load (dynamically, that is).

			function fbParse() {

				// <fb:like href='http://lytebox.com' send='true' width='50' layout='button_count' show_faces='false' action='like' font=''></fb:like>

				FB.XFBML.parse();

			}

		</script>
</head>

<body>
<div id="warper">
  <div id="header1">
    <div class="logo"><img src="http://www.linuxquestions.org/questions/images/logo.jpg" width="290" height="135" alt="" /></div>
    <div id="login"><a href="login.html" class="c">Login Here</a></div>
    <div id="tag_line">At Mycompany Corporation, our goal is to<br>be successful.</div>
    <div id="nav">
             <ul id="sddm">
              <li><a href="index.html">HOME</a></li>
              <li><a href="about.html">ABOUT US</a></li>
              <li><a href="#">DEALERS</a></li>
              <li><a href="#">CUSTOMERS</a></li>
              <li><a href="contact_us.html">CONTACT US</a></li>
            </ul>
    </div>
  </div>

  <div id="content1">

  <div class="left">
    <div class="left_txt"><h1>OUR ADDRESS</h1><br />
<br />
<h2>P.O. Box 1111
<br />
Somewhere, USA 00000.</h2>

<span class="maintxt1">Telephone: 888 888 8888 <br />
FAX: 888 8888 8889
<br />
E-mail: <a href="mailto:THIS IS WRITTEN IN ASCII" class="d">THIS IS WRITTEN IN ASCII</a></span><br />
<br />
<h2>Borrowers can contact our Customer Service Department here: <a href="mailto:THIS IS WRITTEN IN ASCII" class="d">THIS IS WRITTEN IN ASCII</a></h2></div>
  </div>

  <div class="right">

      <h6>Thank you for contacting us! We'll be in touch soon.</h6>

  </div>

  </div>

</div>

<div id="footer">
  <div id="f_txt"><table width="100%" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td align="center">Copyright © 2012 Mycompany Corporation.  All Rights Reserved.    <a href="privacy_policy.html" class="lytebox" data-lyte-options="width:600 height:440">Privacy Policy</a> |  <a href="terms_of_use.html" class="lytebox" data-lyte-options="width:600 height:440">Terms of Use</a>

       </td>
  </tr>
</table>
</div>


</div>

</body>
</html>
Given this, I need for the submit button to work, but for the email address in mail.php to be obfuscated. Hope I'm being clear, and not being to big a pita.

Last edited by alfred_e_neuman; 01-17-2013 at 04:20 PM.
 
Old 01-18-2013, 07:36 AM   #10
YankeePride13
Member
 
Registered: Aug 2012
Distribution: Ubuntu 10.04, CentOS 6.3, Windows 7
Posts: 166

Rep: Reputation: 34
Quote:
Originally Posted by alfred_e_neuman View Post
I think I've provided incomplete and unclear information to you about my issue. Apologies. Oh, and did I say that I didn't write this (programmer long gone, and out-of-touch), am tasked with fixing it, and am not really a programmer. There, I've come out! :-)

On our Web site, we have a contact page. Here's a code snippet from it:

Code:
    <h1>CONTACT FORM
    </h1><br />
      <br />
     <form action="mail.php" method="POST" name="contact_form" onsubmit="return validate()"  style="margin:0px;">
     <span class="fields"><strong>Dealership Name</strong> (required):</span>
        <input name="dealership" type="text" class="frmField1" id="dealership" />

	  <span class="fields"><strong>Contact Name</strong> (required):</span>
        <input name="contact_name" type="text" class="frmField1" id="contact_name" />

 <span class="fields"><strong>Address</strong> (required):</span>
       <input name="address" type="text" class="frmField1" id="address"/>

 <span class="fields"><strong>City</strong> (required):</span>
       <input name="city" type="text" class="frmField1" id="city"/>

	 <span class="fields"><strong>State</strong> (required):</span>
      <input name="state" type="text" class="frmField1" id="state" />

	  <span class="fields"><strong>ZIP</strong> (required):</span>
      <input name="zip" type="text" class="frmField1" id="zip" maxlength="5"  />

 <span class="fields"><strong>Phone</strong> (required):</span>
      <input name="phone" type="text" class="frmField1" id="phone" />

 <span class="fields"><strong>E-mail</strong> (required):</span>
     <input name="email" type="text" class="frmField1" id="email" />

	 <span class="fields"><strong>Comments:</strong></span>
       <textarea name="comments" cols="45" rows="5" class="frmField2" id="comments"></textarea>


      <input type="image" src="http://www.linuxquestions.org/questions/images/send.jpg" width="152" height="40" alt="Submit Form" border="0">

      </form>
	  <br />
  </div>
  </div>
As can be seen in the snippet, there's a form submission button. Also, there's reference to mail.php, which looks like this:

Code:
<?php
$ToEmail = 'sales@mycompany.com';
$EmailSubject = 'Mycompany website contact form ';
$mailheader = "From: ".$_POST["email"]."\r\n";
$mailheader .= "Reply-To: ".$_POST["email"]."\r\n";
$mailheader .= "Content-type: text/html; charset=iso-8859-1\r\n";
$MESSAGE_BODY .= "Dealership: ".$_POST["dealership"]."<br>";
$MESSAGE_BODY .= "Name: ".$_POST["contact_name"]."<br>";
$MESSAGE_BODY .= "Address: ".$_POST["address"]."<br>";
$MESSAGE_BODY .= "City: ".$_POST["city"]."<br>";
$MESSAGE_BODY .= "State: ".$_POST["state"]."<br>";
$MESSAGE_BODY .= "Zip: ".$_POST["zip"]."<br>";
$MESSAGE_BODY .= "Phone: ".$_POST["phone"]."<br>";
$MESSAGE_BODY .= "Email: ".$_POST["email"]."<br>";
$MESSAGE_BODY .= "Comments: ".nl2br($_POST["comments"])."<br>";
mail($ToEmail, $EmailSubject, $MESSAGE_BODY, $mailheader) or die ("Failure");
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Mycompany Corporation</title>
<link href="script-css/style_inner.css" rel="stylesheet" type="text/css" />
<link href="script-css/slider.css" rel="stylesheet" type="text/css" />
<link rel="stylesheet" href="script-css/nivo-slider.css" type="text/css" media="screen" />

<script src="script-css/jquery.js"></script>
<script src="script-css/modernizr.js"></script>

<script>
$(document).ready(function(){

if(!Modernizr.input.placeholder){

	$('[placeholder]').focus(function() {
	  var input = $(this);
	  if (input.val() == input.attr('placeholder')) {
		input.val('');
		input.removeClass('placeholder');
	  }
	}).blur(function() {
	  var input = $(this);
	  if (input.val() == '' || input.val() == input.attr('placeholder')) {
		input.addClass('placeholder');
		input.val(input.attr('placeholder'));
	  }
	}).blur();
	$('[placeholder]').parents('form').submit(function() {
	  $(this).find('[placeholder]').each(function() {
		var input = $(this);
		if (input.val() == input.attr('placeholder')) {
		  input.val('');
		}
	  })
	});

}

});
</script>

<script type="text/javascript" src="script-css/lytebox.js"></script>
<link rel="stylesheet" type="text/css" href="script-css/lytebox.css" media="screen" />
<script type="text/javascript">

			$(function() {

				$("#tabs").tabs({ selected: 0 });

			});



			function initalizeGoogleMaps() {

				frames['lbIframe'].initialize();

			}



			var bMobileDevice = $lb.isMobile();



			// Show the Steve Jobs tribute.

			function showTribute() {

				$lb.launch({

					url: "steve_jobs.png",

					options: "showPrint:true",

					title: "Steve Jobs, 1955-2011",

					description: '<a href="https://www.cancer.org/Involved/Donate/index" target="_blank" onclick="trackDownload(\'ACS Donate\')">Click here to make a donation to the American Cancer Society</a>'

				});

			}



			// This will reparse the page to enable FB Like buttons that were added after page load (dynamically, that is).

			function fbParse() {

				// <fb:like href='http://lytebox.com' send='true' width='50' layout='button_count' show_faces='false' action='like' font=''></fb:like>

				FB.XFBML.parse();

			}

		</script>
</head>

<body>
<div id="warper">
  <div id="header1">
    <div class="logo"><img src="http://www.linuxquestions.org/questions/images/logo.jpg" width="290" height="135" alt="" /></div>
    <div id="login"><a href="login.html" class="c">Login Here</a></div>
    <div id="tag_line">At Mycompany Corporation, our goal is to<br>be successful.</div>
    <div id="nav">
             <ul id="sddm">
              <li><a href="index.html">HOME</a></li>
              <li><a href="about.html">ABOUT US</a></li>
              <li><a href="#">DEALERS</a></li>
              <li><a href="#">CUSTOMERS</a></li>
              <li><a href="contact_us.html">CONTACT US</a></li>
            </ul>
    </div>
  </div>

  <div id="content1">

  <div class="left">
    <div class="left_txt"><h1>OUR ADDRESS</h1><br />
<br />
<h2>P.O. Box 1111
<br />
Somewhere, USA 00000.</h2>

<span class="maintxt1">Telephone: 888 888 8888 <br />
FAX: 888 8888 8889
<br />
E-mail: <a href="mailto:THIS IS WRITTEN IN ASCII" class="d">THIS IS WRITTEN IN ASCII</a></span><br />
<br />
<h2>Borrowers can contact our Customer Service Department here: <a href="mailto:THIS IS WRITTEN IN ASCII" class="d">THIS IS WRITTEN IN ASCII</a></h2></div>
  </div>

  <div class="right">

      <h6>Thank you for contacting us! We'll be in touch soon.</h6>

  </div>

  </div>

</div>

<div id="footer">
  <div id="f_txt"><table width="100%" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td align="center">Copyright © 2012 Mycompany Corporation.  All Rights Reserved.    <a href="privacy_policy.html" class="lytebox" data-lyte-options="width:600 height:440">Privacy Policy</a> |  <a href="terms_of_use.html" class="lytebox" data-lyte-options="width:600 height:440">Terms of Use</a>

       </td>
  </tr>
</table>
</div>


</div>

</body>
</html>
Given this, I need for the submit button to work, but for the email address in mail.php to be obfuscated. Hope I'm being clear, and not being to big a pita.
The variables in mail.php, and the code to send the mail, will never be seen to someone who visits your contact page. PHP scripts are executed on the server and only html/javascript will be seen by the user in your case. To see this, visit your contact page hit submit and then do a View Source on your browser and see if you can find the e-mail address.
 
Old 01-19-2013, 12:18 PM   #11
hpfeil
Member
 
Registered: Nov 2010
Location: Tucson, Arizona US
Distribution: Slackware Current, custom kernel, amd64, Beyond LinuxFromScratch
Posts: 109

Rep: Reputation: Disabled
You can start by upgrading PHP to Version 5.4.11.
They fixed over a dozen security-related bugs on 17Jan2013.

http://www.php.net/ChangeLog-5.php
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Contact form using PHP is not working in IE but works in FF. jamesmage Programming 3 09-21-2009 10:24 AM
how to design interactive contact form for web page? bezdomny Linux - General 3 09-06-2007 10:03 AM
PHP: build query from form entry, then display results in the same form tonedeaf1969 Programming 4 06-22-2007 07:55 AM
Need a contact form vafe Linux - Software 2 05-23-2007 07:58 AM
Contact form on HTML Gerardoj Linux - General 1 03-26-2004 02:08 AM


All times are GMT -5. The time now is 04:46 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration