Necron99
01-10-2009, 05:59 PM
I have a theory, but I'd like your opinion. Here's the problem:
HTML form gathers data and submits to a PHP file. PHP file extracts POST data and emails it to recipients contained in a static string (i.e., $string = "name1@host.com, name2@otherhost.net"; ). Someone is, at some point, appending different email addresses onto the "To:" field. The resulting list is "name1@host.com, name2@otherhost.net,bogusname@bogus.com".
It's not being done directly (I checked the two files). The mail is being intercepted and fooled with (or so it seems to me).
Anybody got any ideas? How would you do it?
Dave
HTML form gathers data and submits to a PHP file. PHP file extracts POST data and emails it to recipients contained in a static string (i.e., $string = "name1@host.com, name2@otherhost.net"; ). Someone is, at some point, appending different email addresses onto the "To:" field. The resulting list is "name1@host.com, name2@otherhost.net,bogusname@bogus.com".
It's not being done directly (I checked the two files). The mail is being intercepted and fooled with (or so it seems to me).
Anybody got any ideas? How would you do it?
Dave