anthony.bourguignon/SiteWebAstrolabe
1
0
Fork 0
forked from AstrolabeCAE/SiteWebAstrolabe
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(contact-form-handler-php): capture wantedContact and sanitize it rigthly

Browse Source
This commit is contained in:
Jérémy Dufraisse 2024-03-20 12:48:36 +01:00
parent b3b5ee6377
commit 4380a086db
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/form/contact-form-handler.php
View File

@ -14,11 +14,12 @@ $domainFromMyEmail = (
) ? '' ) ? ''
: $myEmailSplitted[1]; : $myEmailSplitted[1];
$wantedContact = filter_input(INPUT_POST, 'contactTo', FILTER_VALIDATE_EMAIL); $wantedContact = filter_input(INPUT_POST, 'contactTo', FILTER_SANITIZE_SPECIAL_CHARS);
$wantedContact = ( $wantedContact = (
empty($wantedContact) empty($wantedContact)
|| strpos($wantedContact, '@') !== false
|| strpos($wantedContact, '&') !== false
|| empty($domainFromMyEmail) || empty($domainFromMyEmail)
|| substr($wantedContact, -strlen($domainFromMyEmail)) != $domainFromMyEmail
) ? $myEmail : "$wantedContact@$domainFromMyEmail" ; ) ? $myEmail : "$wantedContact@$domainFromMyEmail" ;
if(empty($_POST['namezzz']) || empty($_POST['emailzzz']) || empty($_POST['message'])) { if(empty($_POST['namezzz']) || empty($_POST['emailzzz']) || empty($_POST['message'])) {