|
|
|
|
|
|
by DeathArrow
1190 days ago
|
|
|
> Never include any user-input text in welcome emails, or any other type of emails triggered by submitting publicly accessible forms, where the receiver’s email address is part of the submitted data. Isn't it better to validate input data? If you don't do it you can have bigger problems then sending spam, regardless if you use user input data into welcome emails or not. It amazes me to see the kind of code at some startups. Such code would never pass manual testing when working for a software company. But likely it won't reach testing phase because it won't pass code reviews. |
|
|