Hello...and you are? » php http://www.collicott.net/jess The web site of Jess Collicott Sun, 11 Jul 2010 20:01:02 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 Convert PHP Eclipse projects into PDT projects http://www.collicott.net/jess/2008/05/20/convert-php-eclipse-projects-into-pdt-projects/ http://www.collicott.net/jess/2008/05/20/convert-php-eclipse-projects-into-pdt-projects/#comments Tue, 20 May 2008 14:46:41 +0000 jess http://www.collicott.net/jess/2008/05/20/convert-php-eclipse-projects-into-pdt-projects/ Found a great quick tip on converting existing Eclipse projects into PDT projects from the globalways Developer Blog.

Essentially you just add a few elements to the .project XML file, and then you have a PDT project! I’d recommend running the “Clean Project” task afterwards just to make sure your project is refreshed.

]]> http://www.collicott.net/jess/2008/05/20/convert-php-eclipse-projects-into-pdt-projects/feed/ 0 Email injection with PHP http://www.collicott.net/jess/2005/09/27/email-injection-with-php/ http://www.collicott.net/jess/2005/09/27/email-injection-with-php/#comments Tue, 27 Sep 2005 20:55:43 +0000 jess http://cybertron/wordpress/?p=69 SecurePHP has a very well written article on how to manipulate a PHP form with e-mail injection. The article goes step-by-step and builds up to how show a malicious user could send spam or worse through your form. If you use PHP to send e-mails, you should read this article.

Update: I just tested the outlined injections on a form I wrote that uses PEAR’s Mail package, and it appears that most of the injections fail.

In specific, as part of the validation routine, I check to see if the e-mail address is valid using the parseAddressList() method. However, that could still allow multiple recipients, and I will probably look at changing the validation to use isValidInetAddress().

]]> http://www.collicott.net/jess/2005/09/27/email-injection-with-php/feed/ 0