web常见漏洞

PHP e-mail 注入

未经授权的用户可以在代码表头插入数据

#在e-mail的message部分写入：someone@example.com%0ACc:person2@example.com%0ABcc:person3@example.com,person3@example.com,anotherperson4@example.com,person5@example.com%0ABTo:person6@example.com

使用PHP过滤器，检测表单中email字段

function spamcheck($field)  {  //FILTER_SANITIZE_EMAIL 从字符串中删除电子邮件的非法字符  $field=filter_var($field, FILTER_SANITIZE_EMAIL);  //FILTER_VALIDATE_EMAIL 验证电子邮件地址  if(filter_var($field, FILTER_VALIDATE_EMAIL))    return TRUE;  else    return FALSE;  }if (isset($_REQUEST['email']))  {//if "email" is filled out, proceed  //check if the email address is invalid  $mailcheck = spamcheck($_REQUEST['email']);  if ($mailcheck==FALSE)    {    echo "Invalid input";    }  else    {//send email    $email = $_REQUEST['email'] ;     $subject = $_REQUEST['subject'] ;    $message = $_REQUEST['message'] ;    mail("someone@example.com", "Subject: $subject",    $message, "From: $email" );    echo "Thank you for using our mail form";    }  }else  {//if "email" is not filled out, display the form  echo "<form method='post' action='mailform.php'>  Email: <input name='email' type='text' /><br />  Subject: <input name='subject' type='text' /><br />  Message:<br />  <textarea name='message' rows='15' cols='40'>  </textarea><br />  <input type='submit' />  </form>";  }