Hello Webmaster Forum --
I am looking for a little help with Formmail. I'm using the updated NMS Perlscript (used to be "Matt's formmail" with security updates). It seems to be the only one that works on this site that I can find.
I'm not a programmer, and am concerned about setting up the formmail variables SAFELY, for a simple site w/ one email recipient.
The README file has me confused.
It states to populate "@allow_mail_to" and also has a "@recipients" variable.
It states that if confused (and already using the @allow_mail_to) it is best "NOT to put anything" for "@recipients" -- which by default, displays as this:
@recipients = ();
Is " (); " the same as "not putting anything"?
I ask because the same value " (); " for "@referers" is described in the same README file as No Referrer Checking, thus - allowing ANY other website to process your form.pl for THEIR web forms. And This value was also the default!
The README also states that there is risk in putting an address like firstname.lastname@example.org because the "." can be faked, but then uses such addresses in it's examples. ((Is there a better way I should be writing URLs? I am using the "^")
Below are the fields I am confused about-- and Ask if you will kindly tell me if my syntax is producing the desired result. (safety for delivering form to one designated email address)
Many thanks in advance :)
$postmaster = 'email@example.com';
@referers = qw(nn.nn.nn.nn);
@allow_mail_to = ('^kathy\@domain\.com');
@recipients = ('^kathy\@domain\.com');
%recipient_alias = (); <<?
[edited by: phranque at 11:49 am (utc) on Oct. 7, 2009]
[edit reason] obscured ip [/edit]