Menu
Is there an equivalent to mysql_real_escape_string() for email injection? I have a form where the user submits their email. I am afraid that someone could insert a comma separated list of emails and use my site for spamming.
851
You can use filter_var to validate the e-mail address:
if (!filter_var($address, FILTER_VALIDATE_EMAIL)) {
// invalid e-mail address
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
