|
Web Contractors Web Developer Jobs Join Us / Log in Discussion |
Check for header injection attack and spam in your php form script
Submitted by rimian on Sun, 07/22/2007 - 04:58
I wrote this to check for header injection attempts when processing a form that sends an email with php. (and I'll put it here so I can find it)
function is_spam( $message, $threshold = 1 ){
return _count_spam_body($message, $threshold) >= $threshold;
}
function _count_spam_body( $message, $threshold = 1 ){
$message = trim(strtolower($message));
//check the body of the message for spam or header injection attempts
$matches_bad = array(
"bcc:",
"cc:",
"to:",
"content-type:",
"mime-version:",
"multipart/mixed",
"content-transfer-encoding:",
"viagra",
);
$spam = 0;
foreach($matches_bad as $str){
if(strstr($message, $str)){
$spam++;
}
if($spam >= $threshold){
//stop counting if it's above the threshold
break;
}
}
return $spam;
}
- Slashdot it!
- Digg it:
- Del.icio.us
New forum topics
- Crystal Reports developer needed
- web applications/ e-commerce/ web marketing
- Freelance web developers team with great prices
- designer in need of developer
- SOAP (PHP, MySQL) Programmer/Developer
- Ruby on Rails Mac OS X - Leopard
- Freelance Web developer wanted
- Ringtone fatigue
- web developer looking for more project
- PHP website maintenance
- Desk available for hire - Rushcutters Bay location
- ZAMP?
- Don't hack the Drupal Core. Make a patch!
- What to charge for site updates
- Start New Website or CMS business. Business Partner / designer
Post new comment