11-20-2007, 08:45 PM
|
#11 (permalink)
|
|
The Contributor
Join Date: Oct 2007
Location: Argentina
Posts: 72
Thanks: 18
|
Quote:
Originally Posted by Wildhoney
You really will be banging your head against the wall, Matt. It's not at all easy, even for someone who would consider themselves quite experienced with the way of the web - such as me. I learnt numerous things from reading that site I've given you. Pain in the arse, really is. No better phrase for it!
|
oh boy i should consider going back to mailto: haha :D
Thanks for the advice guys, i appreciate your feedback. I have to say that i always validate and escape all data when its going to a database, but since this is a contact form i didnt care much here to know if the data was inadequate, as long as all the required fields where complete i was ok.
Anyways, this could make the script more solid, possibly against spam and stuff, so ill see what i can do and update it.
Quote:
Originally Posted by DragonBe
This is a good example form submission script, but I would like to suggest you use both HTML and TEXT e-mails, since I know that many companies disable receiving html-rich mails. By providing a text-based alternative, these recipients will be grateful.
|
Now i couldn't figure out how to send an alternative version of the email in plain text. Should i send the email two times? or theres a way to specify in the headers that it should ship out with a plain text alternative version. Any help/link/guidance on that would be much appreciated.
thanks again.
Quote:
Originally Posted by Wildhoney
Have yourself a read over this article, and then construct yourself a safe MySQL parse value function to take into consideration the annoyance of GPC, and then add slashes and throw the values through mysql_real_escape_string(). |
great tut WH, helped me a lot. |
|
|
|