Code:
<?
$website="www.sajt.net";
$youremail="[email protected]";
$sendersname=$_POST['sendersname'];
$sendersemail=$_POST['sendersemail'];
$sendersphone=$_POST['sendersphone'];
$message=$_POST['message'];
$messagetext="$sendersname just sent a message from our website,
$website.\n\nTheir e-mail address was: $sendersemail and their phone:
$sendersphone\n\nTheir message:\n\n $message";
if(mail($youremail,"$website website feedback",$messagetext,"From: $sendersemail\n")) {
header( "Location: http://$website/thankyou.php" );
} else {
header( "Location: http://$website/error.php" );
}
?>
<?
$website="www.sajt.net";
$youremail="[email protected]";
$sendersname=$_POST['sendersname'];
$sendersemail=$_POST['sendersemail'];
$sendersphone=$_POST['sendersphone'];
$message=$_POST['message'];
$messagetext="$sendersname just sent a message from our website,
$website.\n\nTheir e-mail address was: $sendersemail and their phone:
$sendersphone\n\nTheir message:\n\n $message";
if(mail($youremail,"$website website feedback",$messagetext,"From: $sendersemail\n")) {
header( "Location: http://$website/thankyou.php" );
} else {
header( "Location: http://$website/error.php" );
}
?>
Problem je u tome sto mi stize na stotine mailova iste sadrzine:
Citat:
From: --><script>alert(\'wvs-xss-magic-string-485586978\');</script>
Sent: 31 January 2006 20:58
To: [email protected]
Subject: www.sajt.net website feedback
1 just sent a message from our website, www.sajt.net.
Their e-mail address was: --> alert(\'wvs-xss-magic-string-485586978\'); and their phone: 1
Their message:
1
Sent: 31 January 2006 20:58
To: [email protected]
Subject: www.sajt.net website feedback
1 just sent a message from our website, www.sajt.net.
Their e-mail address was: --> alert(\'wvs-xss-magic-string-485586978\'); and their phone: 1
Their message:
1
Kako da se zastitim od ovoga?