Re^2: Email form

Please do not recommend random Perl scripts on the web without having verified them. The script that you recommended contains ugly errors that make it easy to send spam via the script:


...

$Email = $in{'Email'};
$Message = $in{'Message'};

...

sub SendAutoReply {
open (MAIL,"|$MailProgram -t");
print MAIL "To: $Email\n";
print MAIL "From: $YourEmail\n";
print MAIL "Subject: $Subject\n";
print MAIL "$Header\n";
print MAIL "$Date\n\n";
print MAIL "$Subject\n\n";
print MAIL "You sent the following:\n\n";
print MAIL "==============================\n\n";
print MAIL "Name: $Name\n";
print MAIL "Email: $Email\n\n";
print MAIL "Message:\n\n";
print MAIL "$Message\n\n";
print MAIL "==============================\n\n";
print MAIL "$TailMessage\n\n";
print MAIL "Best regards,\n\n\n";
print MAIL "$Signature1\n";
print MAIL "$Signature2\n\n";
close (MAIL);
}
[download]

If $Email contains a newline, you can spam any address through this form (and it is nowhere verified that $Email doesn't contain a newline and more data). Of course, there will be some fluff data trailing the spammers message, but if the spammer cared, he would have a different profession.

Update: Finished incomplete sentence about verification of $Email

Comment on Re^2: Email form Download Code

Replies are listed 'Best First'.
Re^3: Email form by jbrugger (Parson) on Mar 07, 2005 at 18:12 UTC
Anyway, a search would have been nice... when using Super Search, you could find enough info to create a simple scritp, and if it is to hard, the Perl Babysteps 1: Your First Simple Script would be a nice start.	[reply]
Re^3: Email form by RazorbladeBidet (Friar) on Mar 07, 2005 at 17:29 UTC
The intent was to show the OP how easy it was to find information on the subject through Google. I neither recommended nor endorsed the script. Update: Ending digressive conversation here. -------------- It's sad that a family can be torn apart by such a such a simple thing as a pack of wild dogs	[reply]
Re^4: Email form by Corion (Patriarch) on Mar 07, 2005 at 17:34 UTC
Say you enter a restaurant, tell the waiter that you would like some wine, but don't know how to choose a good wine and ask him what's on offer. Do you expect the waiter to tell you that some people drink fermented yak urine? Of course, you don't. You expect the waiter to either tell you that they don't have anything suitable for your tastes, because you've entered a beer bar, but there's a winery around the corner, and if the budget allows for a bit more, they can reserve you a nice table somewhere. Or the waiter should tell you what the open wines are and what he recommends. Often the recommendations here are more akin to instructions on how to select a good area and acre, and which kinds of grapes to plant instead of which wine to choose, but your reply isn't even that. Update: Fixed typo (chose -> choose)	[reply]