1

Hi I'm developing an application with HTML and javascript (jquery), the HTML has a form that later sends an email passing the data by get method.

The email is being sent by php on the server, but until I validated the fields of the form I received mail service notifications with mails undisclosed-recipients:; and all the fields null. My concern is that someone or something is trying to get info. Could anybody help with this.

Note if you need to put my code I can post it but what I want to know is how somebody is passing data null to my php.

Improve this question

3 Answers 3

Reset to default
2

You can't rely on javascript alone to do your validation, you MUST validate server side.

You're probably getting visits from bots. Make sure to validate the presence of AND validity of all your fields, and use $_POST instead of $_GET.

Make sure the script that sends the email cannot be accessed by $_GET, meaning by simply typing in the url. If I type in:

http://yoursite.com/contact?email=oops&sendmail=true

It should not be able to send an email, that's why I say to use $_POST. However, if you validate properly it should not be sending you empty values no matter which method you use.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Without server side validation even if you use $_POST,i don't think it makes much difference.Without server side validation one can still post whatever he/she wants to. Any web debugger will reveal where does your page post to and what fields it does.Anyone can create his own page to submit to your server with fields set to values they want.

Improve this answer

Comments

0

Based on the information provided, I don't necessarily see a data security risk, however I do see the potential for spam programs to exploit your page and send you thousands of spam messages.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.