How can PHP mail() function be used securely to avoid vulnerabilities?

To use the PHP mail() function securely and avoid vulnerabilities, it is important to validate and sanitize user input to prevent injection attacks. Additionally, it is recommended to set the "From" header explicitly to prevent email header injection. Finally, consider using a library like PHPMailer for more advanced email functionalities and better security.

$to = &quot;recipient@example.com&quot;;
$subject = &quot;Test email&quot;;
$message = &quot;This is a test email.&quot;;
$headers = &quot;From: sender@example.com\r\n&quot;;
$headers .= &quot;Reply-To: sender@example.com\r\n&quot;;

// Sanitize user input
$to = filter_var($to, FILTER_SANITIZE_EMAIL);
$subject = filter_var($subject, FILTER_SANITIZE_STRING);
$message = filter_var($message, FILTER_SANITIZE_STRING);

// Send email
if (mail($to, $subject, $message, $headers)) {
    echo &quot;Email sent successfully.&quot;;
} else {
    echo &quot;Email sending failed.&quot;;
}

Keywords

PHP mail() security vulnerabilities secure coding

How can PHP mail() function be used securely to avoid vulnerabilities?

Keywords

Related Questions