Is there any risk of an injection in the PHP mail () functions?

Question

Is there any risk of an injection in the PHP mail () functions?

I am wondering if there is any potential security risk from the following code. I use this on my blog whenever a user posts a comment, he will send me a text message:

mail('cellnumber@messaging.sprintpcs.com', '',
     "Comment posted by $name: $comment",
     "From: comments@example.com");

Where $nameand $commentare user-entered values that were not actually sanitized in any way. Is there a chance that the user can do something evil here? The mail () documentation says nothing about this, but it is simply incorrect to enter user-entered values directly into a string. Is there a real risk or am I just paranoid?

+3

php email code-injection

Jenni Jan 2 '09 at 21:21

source share

3

. (erm.. pardon my English, ) newlines " " SMTP.

, `\n.\n '( ) " ".

EDIT: , ! , $:

 someonesName
 CC: spamsubject@domain.com; anotherspamsubject@domain.com

(, -, )?

EDIT2: , "" "" . .

+3

naivists 02 . '09 21:40

PHP , , .

, , . , , .

PHP $XXX , XXX, ? $XXX - eval(), , , .

If SMTP does this internally, then .on one line, followed by an empty line, it will signal the end of the mail, and theoretically, an attacker could follow this text in the following lines to capture your mailbox, send another message to someone else. This is if PHP does not recognize and run away from such a string in the first place. This is what I would like to learn.

+2

Carl Smotricz Jan 2 '09 at 21:38

source share

Michael Madsen · Accepted Answer · 2010-01-02T21:36:23+0000

, , , .

, , , , .

, , , , . SMTP CRLF , AFAIK, Unix , LF ( ). , .

Is there any risk of an injection in the PHP mail () functions?

More articles: