I'm just starting with php. And I made a simple mail script.

I'm just wondering if it's legal? You can e-mail from each e-mail adres you want to another!

What can the 'internet police' do against you if you put this script online?
Can they judge you for that?
Why has php no security around these things, they allow you to create fraud?


sendmail.php:

<?
$sender = $_REQUEST['sender'] ;
$receiver = $_REQUEST['receiver'] ;
$subj = $_REQUEST['subj'] ;
$message = $_REQUEST['message'] ;

mail( "$receiver", "$onderwerp",
$message, "From: $sender" );
?>


and the html file:

<html>
<head>
<title>
</title>
</head>
<body>
<form method="post" action="sendmail.php">
From (email): <input name="sender" type="text"><br>
To (email): <input name="receiver" type="text"><br>
Subject: <input name="subj" type="text"><br>

Message:<br>
<textarea name="message" rows="15" cols="40">
</textarea><br>
<input type="submit">
</form>
</body>
</html>

It allows you to do that because some people need to be able to do that. Just because you can't see a legal reason to do it doesn't mean there isn't one and besides, why should a programming language set up artificial constraints purely for legal reasons?

Other than that... this is not a PHP thing. You've been able to fake mails for years through various options (hell, I believe my mail client can do it all through the GUI). The 'sender' value on an email has NEVER been secure or reliable (there's a reason spam is so hard to stop...).

Finally, saying 'the internet police' is just stupid and makes you sound naive. No-one will really care if you put the script on your server except for the hosting company (it's probably against their TOS)...

Well, thanks anyway for your information.
I'm just a n00b in php, trying things out (what you guys already did years ago).
But for me it's new, and I was just wondering if someone can put you responsible for putting bad scripts online.

You can not make a set of given instructions illegal and if they did make it illegal it would do no good.