WSR Contact Form

  • wilrushmer

    (@wilrushmer)


    20 years ago

    WSR Contact Form is a two part plugin. The first part replaces a keyword with a link to a page you specify to display your contact form. The second part creates the actual contact form. No javascript is required, plugin is browser independant and works either with permalinks on, or off.

    Compatible with WordPress 2.x

Viewing 2 replies - 1 through 2 (of 2 total)
  • Dickie

    (@dickie)

    20 years ago

    Looks nice… but…
    You have left yourself open to spammers using your form as a way of sending email to any address they choose with command injections…
    You need to protect the user email address and name from anthing other than a name and email address.

    See Ryans wp-contactform plugin to see examples of what needs to be done.

    You need to be sooo carefull when it comes to anything that sends emails from user submitted information.

    Basically if someone puts extra mail headers in their email address field then they can send to anyone they like.

    See http://uk2.php.net/function.mail for more info and also some ways to avoid the problems.

    Hope this helps

    Thread Starter wilrushmer

    (@wilrushmer)

    20 years ago

    fixed, thanks…

    knew i forgot a function

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘WSR Contact Form’ is closed to new replies.

Tags