•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the PHP section within the Web Development category of DaniWeb, a massive community of 391,694 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 3,200 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our PHP advertiser: Lunarpages PHP Web Hosting
Views: 979 | Replies: 2
 |
•
•
Join Date: Dec 2006
Posts: 3
Reputation: 
Rep Power: 0
Solved Threads: 0
Newbie Poster
Hi -
I have had a message today from my hosting company to tell me that one of the sites on my hosting account is having it's php code abused. Apparently someone is manipulating the php code from the contact form to allow them
to add Bcc addresses.
Any ideas on what I need to do to close this loop hole?
Thanks.
I have had a message today from my hosting company to tell me that one of the sites on my hosting account is having it's php code abused. Apparently someone is manipulating the php code from the contact form to allow them
to add Bcc addresses.
Any ideas on what I need to do to close this loop hole?
Thanks.
•
•
Join Date: Sep 2006
Location: Michigan
Posts: 22
Reputation:
Rep Power: 2
Solved Threads: 0
Newbie Poster
Post the content of the file, please. Enclose it in the [code] tags. 
Simple PHP Pagination - No Database Required.
If you like it, give me some props. ;)
If you like it, give me some props. ;)
•
•
Join Date: Dec 2006
Location: GermanyMunich
Posts: 33
Reputation:
Rep Power: 2
Solved Threads: 0
Light Poster
First thing you need to do is disable the script that is being comprimised. I have dealt with this issue and you do not want to be blacklisted
The problem is that they inject line feeds and the code for the up and left arrow key to insert for example a bcc. Take a look here, to solve the line feed. http://www.gerd-riesselmann.net/arch...-contact-forms
The up arrow and stuff is a little bit harder to fix. I can't give out the code unfortunatly cause I did not write it.... But with some Googleling you could find something.
I hope you get your forms safe again.
The problem is that they inject line feeds and the code for the up and left arrow key to insert for example a bcc. Take a look here, to solve the line feed. http://www.gerd-riesselmann.net/arch...-contact-forms
The up arrow and stuff is a little bit harder to fix. I can't give out the code unfortunatly cause I did not write it.... But with some Googleling you could find something.
I hope you get your forms safe again.
|
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
•
•
•
•
•
•
•
•
DaniWeb PHP Marketplace
Linear Mode
Similar Threads
- Help please - php CAPTCHA script (PHP)
- Abuse Of A Php Contact Script, someone is the bcc to send out emails (PHP)
- Learning PHP but problem with script (PHP)
- MerT Contact Script (Existing Scripts)
Other Threads in the PHP Forum
- Previous Thread: Forcing an Exit From PHP
- Next Thread: Who can make files open automatically with PHP?
