From 56c808c98423144fd13bfa792c51099376a3362c Mon Sep 17 00:00:00 2001 From: Paul Date: Wed, 10 May 2023 23:20:48 -0500 Subject: [PATCH] Updated filtering to modernize it a bit --- README.md | 0 contactform.php | 18 +++++++----------- 2 files changed, 7 insertions(+), 11 deletions(-) mode change 100644 => 100755 README.md mode change 100644 => 100755 contactform.php diff --git a/README.md b/README.md old mode 100644 new mode 100755 diff --git a/contactform.php b/contactform.php old mode 100644 new mode 100755 index 2f9ebe7..23547a4 --- a/contactform.php +++ b/contactform.php @@ -13,6 +13,9 @@ class antibot { function __constructor(){ $passfail = 0; + // beter way to filter input data + $_POST = filter_var_array($_POST, FILTER_UNSAFE_RAW); + $_GET = filter_var_array($_GET, FILTER_UNSAFE_RAW); } private function fromtest() { @@ -49,19 +52,12 @@ class antibot { return $passfail; } - private function test_input($data) { // Cleans the input - $data = trim($data); - $data = stripslashes($data); - $data = htmlspecialchars($data); - return $data; - } - private function sndmsg($target) { // First clean the data - $fname = $this->test_input($_POST["fname"]); - $lname = $this->test_input($_POST["lname"]); - $email = $this->test_input($_POST["email"]); - $comments = $this->test_input($_POST["comments"]); + $fname = $_POST["fname"]; + $lname = $_POST["lname"]; + $email = $_POST["email"]; + $comments = $_POST["comments"]; // compile cleaned message $msg = "From $fname Subject $lname email $email with message $comments"; mail($target,"Website Form Submission",$msg);