What are the potential issues with using the mail() function in PHP for sending emails from a website form?

One potential issue with using the mail() function in PHP for sending emails from a website form is that it can be vulnerable to email injection attacks if user input is not properly sanitized. To solve this issue, you should always validate and sanitize user input before using it in the mail() function to prevent malicious code injection.

// Validate and sanitize user input before using it in the mail() function
$name = filter_var($_POST[&#039;name&#039;], FILTER_SANITIZE_STRING);
$email = filter_var($_POST[&#039;email&#039;], FILTER_SANITIZE_EMAIL);
$message = filter_var($_POST[&#039;message&#039;], FILTER_SANITIZE_STRING);

// Use the sanitized user input in the mail() function
$to = &#039;recipient@example.com&#039;;
$subject = &#039;Website Contact Form&#039;;
$headers = &#039;From: &#039; . $email;

$mail_sent = mail($to, $subject, $message, $headers);

if($mail_sent) {
    echo &#039;Email sent successfully&#039;;
} else {
    echo &#039;Failed to send email&#039;;
}

Keywords

mail function PHP email spam security

What are the potential issues with using the mail() function in PHP for sending emails from a website form?

Keywords

Related Questions