MyBB Community Forums
[plugins] Contact Us 1.0 - Printable Version

+- MyBB Community Forums (https://community.mybb.com)
+-- Forum: Extensions (https://community.mybb.com/forum-201.html)
+--- Forum: Plugins (https://community.mybb.com/forum-73.html)
+---- Forum: Plugin Releases (https://community.mybb.com/forum-102.html)
+---- Thread: [plugins] Contact Us 1.0 (/thread-51577.html)



[plugins] Contact Us 1.0 - svr2009wwe - 2009-06-19

Download Contact Us 1.0 Plugins For MyBB 1.4x here.

Click Here


RE: [plugins] Contact Us 1.0 - labrocca - 2009-06-19

FYI...your script is vulnerable to a number of exploits.

You have to properly sanitize the input before sending it to the mail function. Also it's best to use the mybb function my_mail() isntead. It will allow for more control and standardize headers.


RE: [plugins] Contact Us 1.0 - Pingo - 2009-06-19

I used it, made a test e-mail send and got the e-mail 20 minutes later. Confused


RE: [plugins] Contact Us 1.0 - labrocca - 2009-06-19

Oh it will work...just be aware that spammers could use this to send thousands of emails from your hosting account and get you suspended or your IP blacklisted.


RE: [plugins] Contact Us 1.0 - ghazal - 2009-06-19

We should encourage Our new developers rather to discourage them
Any way... Good Start...!
Keep it up


RE: [plugins] Contact Us 1.0 - svr2009wwe - 2009-06-22

that was my first PHP script..but thanks.


RE: [plugins] Contact Us 1.0 - Spyda - 2009-06-22

(2009-06-19, 03:35 PM)ghazal Wrote: We should encourage Our new developers rather to discourage them
Any way... Good Start...!
Keep it up

What? Labrocca was just pointing the exploits in this guys plugins. How is that in anyway discouragement.


RE: [plugins] Contact Us 1.0 - labrocca - 2009-06-22

(2009-06-22, 03:22 PM)svr2009wwe Wrote: that was my first PHP script..but thanks.

It's a fine little plugin...just sanitize the input. Even starting out it's important to understand basic security.

http://www.thesitewizard.com/php/protect-script-from-email-injection.shtml

Read that for starters. A few more lines and your plugin won't be exploitable.


RE: [plugins] Contact Us 1.0 - svr2009wwe - 2009-06-24

thnx again...