Dado que solo comencé a aprender sobre la inyección de cabecera en la función de correo () de PHP, no estoy seguro de si el formulario / código a continuación es vulnerable al ataque y estoy pidiendo consejo.
He estado construyendo esto lentamente durante un largo período de tiempo, y no sería un "Camper Feliz" si estuviera sujeto a ataques.
Formulario integrado de PHP y envío
<?php
$target_site = 'http://www.somewhere.xxx/some_folder/try_to_access.php';
if (isset($_SERVER['HTTP_REFERER']) && preg_match("/".preg_quote($target_site,"/")."/i",$_SERVER['HTTP_REFERER'])) {
$file = "good_emails.txt";
$lines = count(file($file));
if ($lines > 100) {
header("Location: not_available_to_submit.php");
}
else {
if(isset($_POST['submit'])) {
if(trim($_POST['email']) == '') {
$hasError = true;
} else if (!eregi("^[A-Z0-9._%-]+@[A-Z0-9._%-]+\.[A-Z]{2,4}$", trim($_POST['email']))) {
$hasError = true;
echo "<font color=\"#CC3300\"><b>ERROR! Please enter a valid E-mail address.</b></font>";
}
else {
if(trim($_POST['accept_terms']) == '') {
$hasError = true;
echo "<font color=\"#CC3300\"><b>ERROR! Please accept the terms and conditions.</b></font>";
} else {
$accept_terms = trim($_POST['accept_terms']);
}
$email = trim($_POST['email']);
}
if(!isset($hasError)) {
include 'form_validater.php';
}
}
}
}
else {
header("Location: improper_referer.php");
}
?>
<!DOCTYPE html>
<head>
</head>
<body>
<h2>Enter your E-mail address.</h2>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="checkbox" name="accept_terms" value="accepted-terms" id="accept_terms" />
<i>Check the box if you accept the terms and conditions.</i>
<br><br>
<input type="text" size="35" name="email">
<input id="button" type="submit" name="submit" value="Submit" />
</form>
<br>
<b><u>Privacy policy:</u></b>
<br>
Email remains safe and not resold. You will receive an E-mail shortly after your submission, in order to <b>confirm.</b>
</body>
</html>
Y mi script de validación de formularios: form_validater.php
<?php
$emails = file_get_contents("good_emails.txt");
$email = $_POST['email'];
if ( preg_match( "/(?:^|\W){$email}(?:\W|$)/", $emails ) ) {
header('Location: exists_sorry.php');
}
else {
header('Location: thank_you.php');
$server_address = $_SERVER['SERVER_ADDR'];
$port_used = $_SERVER['SERVER_PORT'];
$ip_address = $_SERVER['REMOTE_ADDR'];
$today = mktime(0, 0, 0, date("m"), date("d"), date("y"));
$today2 = date('Y-m-d H:i:s', time() );
$currenttime = date('h:i:s:u');
list($hrs,$mins,$secs,$msecs) = split(':',$currenttime);
$email = $_POST['email'];
$to = "[email protected]";
$subject = "New Email Address sent";
$headers = "From: $email\n";
$message = "A visitor to your site has sent the following email address to be added.\n
Email Address: $email
Used on Date: $today2
IP Address: $ip_address
Server address: $server_address
Port used: $port_used";
$user = "$email";
$usersubject = "Please confirm your email.";
$userheaders = "From: ".$_POST['email'];
$hash = hash('sha256', "mysalt".$email."addingmoresalt");
$usermessage = "Please click the link below to confirm your E-mail address: \n\nhttp://www.somewhere.xxx/confirm.php?email=".urlencode($email)."&hasher=$hash
\n
If you feel that you did not authorize this, simply ignore this message.";
mail($to,$subject,$message,$headers);
mail($user,$usersubject,$usermessage,$userheaders);
$f = fopen('tmp_emails.txt', 'a+');
fwrite($f, $email." ");
fwrite($f, "Used on ".date("m/d/Y", $today). (" $hrs:$mins:$secs")." ");
fwrite($f, "IP address: ".$ip_address."\n");
fclose($f);
}
?>