Convert PHP Eclipse projects into PDT projects

Found a great quick tip on converting existing Eclipse projects into PDT projects from the globalways Developer Blog.

Essentially you just add a few elements to the .project XML file, and then you have a PDT project! I’d recommend running the “Clean Project” task afterwards just to make sure your project is refreshed.

Email injection with PHP

SecurePHP has a very well written article on how to manipulate a PHP form with e-mail injection. The article goes step-by-step and builds up to how show a malicious user could send spam or worse through your form. If you use PHP to send e-mails, you should read this article.

Update: I just tested the outlined injections on a form I wrote that uses PEAR’s Mail package, and it appears that most of the injections fail.

In specific, as part of the validation routine, I check to see if the e-mail address is valid using the parseAddressList() method. However, that could still allow multiple recipients, and I will probably look at changing the validation to use isValidInetAddress().

Search for:

Recent Posts

• Microsoft update problems; Yay for my backup plans!
• Free FamilyShield filtering from OpenDNS
• Zune – Reserved Space fixed with a device restart
• Web Browsers – Trackable without cookies
• SharePoint/Office 2010 RTM Downloads

Categories

• Current Events (26)
• Entertainment (23)
• General (46)
• Security (18)
• SharePoint (9)
• Web Dev/Tech (129)

Del.icio.us Bookmarks

• How to set up People Search in SharePoint 2010 - Corey Roth - DotNetMafia.com - Tip of the Day
• Microsoft SharePoint Server 2010 - Getting Started: Backups | TechNet
• SharePoint Help — Blog — SharePoint 2010's New Configuration Restore Capability
• SharePoint Help — Blog — SharePoint 2010's New Granular Content Restore Capability
• Use Email to Send Text Messages (SMS) to Mobile Phones for Free - How-To Geek

Experts Exchange Badge

meta

• RSS
• Comments RSS