Home/ Questions/Q 8429097
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T05:14:23+00:00

what are some steps I can use to make this more secure? <?php foreach

  • 0

what are some steps I can use to make this more secure?

<?php
foreach ($_POST as $field=>$value)
{
$formcontent .= "$field: $value\n";
}
$formcontent .= 'User-Agent: '.$_SERVER['HTTP_USER_AGENT'];


$recipient = "****.***y@***********.co.uk";
$subject = "Event feedback form";
$mailheader = "From: web.form@**********.co.uk\r\n";
$mailheader .= "Reply-To: $email\r\n";
$mailheader .= "MIME-Version: 1.0\r\n";


mail($recipient, $subject, $formcontent, $mailheader) or die("Failure!");
header("location:http://www.**********.co.uk");
?>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You may want to apply htmlentities to $value to prevent cross site scripting. 

    $formcontent .= "$field: " . htmlentites($value) . "\n";

    Otherwise, its okay, as your values don’t go into DB.

    • 0