FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » My contact form is not emailed to me
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: My contact form is not emailed to me [message #173637 is a reply to message #173633] Thu, 21 April 2011 17:42 Go to previous messageGo to previous message
P E Schoen is currently offline  P E Schoen
Messages: 86
Registered: January 2011
Karma:
Member
"crankypuss" wrote in message
news:p810r6d6kaa5b6mhqo98f8d53qgno7neh9(at)4ax(dot)com...

> "P E Schoen" <paul(at)pstech-inc(dot)com> wrote:

>> I still don't think anyone would be that much
>> interested in hacking this site.

> There are people out there who will swerve to run over a cat just
> because they can, why spend any more time in the middle of the
> road than you have to?

I agree, but most of this thread became an argument with Jerry based on his
false assumptions, and now he agrees that the site does not have the
vulnerability he asserted. This is a special purpose script, functioning
only to allow a few people to add content to a database, and the email is
only a notification to me that someone has done so. As such, the subject
line consists only of hard coded text and a fully authenticated name. Jerry
may say that it is user-unfriendly, but not for the purpose intended.

Certainly I have a lot to learn about security and hacking, but given the
knowledge of what kinds of attacks are possible, I still believe my site to
be just about as secure as is reasonable. If the data were sensitive, or if
hacking could allow someone to use it as a spam portal, then I would
certainly use more elaborate means to assure security.

Along with the general purpose free PHP script for a secure form mailer
http://www.dagondesign.com/articles/secure-php-form-mailer-script/, I also
found this form mail script which uses encryption and has a seven year
history of security, for $99. http://www.tectite.com/formmailpage.php

There is also the issue of what is "reasonable" security. If I wanted to
feel totally safe, I could lock myself in my house, and when I went out I
could wear full body armor, lead shielding, and a gas mask, or I could hire
a bodyguard. But unless the environment were far more dangerous than it is,
taking all these precautions would be overkill and diminish my ability to
enjoy life. The internet is a dangerous place, but for the most part there
are safe and inexpensive ways to protect against threats without extreme
limitation of its use and enjoyment.

I have learned a lot from this discussion, and I appreciate the helpful
responses.

Paul
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: doctype not found?
Next Topic: Re: Weird stuff
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Fri Nov 29 03:37:58 GMT 2024

Total time taken to generate the page: 0.04170 seconds