Proper prevention of mail injection in PHP
问题 Could you advise me how do I go about preventing email injection in PHP mail() without losing original message data? E.g. if I need to allow user to use \\r\\n , To , CC etc, so I do not want to completely strip them away from the message - I still want them delivered, but without adding any additional headers or somehow allowing mail injection to happen. Most of the advices on internet suggest stripping that data away completely - but I do not want to do that. I am sending plain text (non