Liam Delahunty: Home Tips Web Contact
Recommended laptop
under £500
.

Think I deserve a present? See my Amazon Wish List

Contact Form to combat Email Injection Spam

Simply wrap your form handling in the followng clause to test if the form was submitted locally or by a remote script.

if ($submit){
  if ($HTTP_REFERER != $SCRIPT_URI){
    reset($HTTP_POST_VARS);
    while (list($key,$val) = each($HTTP_POST_VARS)){
      $message .= "$key: $val\n";
    }
    // email admin or ignore...
  }else{
    // deal with email normally...
  }
}

Share this!