forked from science-ation/science-ation
Cleanify the subject, and strip slashes from the message body
This commit is contained in:
parent
2d052c056f
commit
a7dad33da3
@ -40,7 +40,14 @@
|
|||||||
if($md5email == md5($r->email)) {
|
if($md5email == md5($r->email)) {
|
||||||
$from=cleanify($_POST['from'])." <".cleanify($_POST['fromemail']).">";
|
$from=cleanify($_POST['from'])." <".cleanify($_POST['fromemail']).">";
|
||||||
$extra="Return-Path: $from\r\nFrom: $from\r\nReply-To: $from\r\n";
|
$extra="Return-Path: $from\r\nFrom: $from\r\nReply-To: $from\r\n";
|
||||||
mail("$r->firstname $r->lastname <$r->email>",$_POST['subject'],$_POST['message'],$extra);
|
|
||||||
|
//make sure they dont do anything funky with the subject header
|
||||||
|
$subject=cleanify($_POST['subject']);
|
||||||
|
|
||||||
|
//and strip the slashes from the message
|
||||||
|
$message=stripslashes($_POST['message']);
|
||||||
|
|
||||||
|
mail("$r->firstname $r->lastname <$r->email>",$subject,$message,$extra);
|
||||||
echo happy(i18n("Contact email successfully sent"));
|
echo happy(i18n("Contact email successfully sent"));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
Loading…
Reference in New Issue
Block a user