fix(contact-form-handler-php): capture wantedContact and sanitize it rigthly
This commit is contained in:
parent
b3b5ee6377
commit
4380a086db
@ -14,11 +14,12 @@ $domainFromMyEmail = (
|
||||
) ? ''
|
||||
: $myEmailSplitted[1];
|
||||
|
||||
$wantedContact = filter_input(INPUT_POST, 'contactTo', FILTER_VALIDATE_EMAIL);
|
||||
$wantedContact = filter_input(INPUT_POST, 'contactTo', FILTER_SANITIZE_SPECIAL_CHARS);
|
||||
$wantedContact = (
|
||||
empty($wantedContact)
|
||||
|| strpos($wantedContact, '@') !== false
|
||||
|| strpos($wantedContact, '&') !== false
|
||||
|| empty($domainFromMyEmail)
|
||||
|| substr($wantedContact, -strlen($domainFromMyEmail)) != $domainFromMyEmail
|
||||
) ? $myEmail : "$wantedContact@$domainFromMyEmail" ;
|
||||
|
||||
if(empty($_POST['namezzz']) || empty($_POST['emailzzz']) || empty($_POST['message'])) {
|
||||
|
Loading…
Reference in New Issue
Block a user