Form Security
Anyone have any advice for form security? I've been trying to use the advice from this page, but it doesn't seem to be working... Specifically, what happens is I get the error page and then the email shows up anyways...
if (ereg( "[\r\n\\r\\n]", $lastname ) || ereg( "[\r\n\\r\\n]", $email ) || ereg( "[\r\n\\r\\n]", $firstname )|| empty($email) || empty($firstname) || empty($lastname) || empty($zipcode) ) { header( "Location: error.php" ); }
else { mail( "blah@blah.com", "Website Form Request", $message, "From: $email" ); header( "Location: thankyou.php" ); }
I added the \\n and \\r because that was what was displaying when I'd test with a \n in the fields. This is my first time working with a form, so I'm sure I have a lot to learn...
I added the \\n and \\r because that was what was displaying when I'd test with a \n in the fields. This is my first time working with a form, so I'm sure I have a lot to learn...
