Anti-Spam Injection Mail

This script provides the as_mail() function, which is a replacement for PHP's mail() function. Use as_mail() anywhere you would normally use mail() and don't worry about spam injection anymore.

Download

Click Here for the Source Code This is saved as a .txt file so the web server won't mess with it. You will want to save it with a .php or .inc extension.

Description

The as_mail function is written to be functionally identical to PHP's mail() function. It has the same parameters and return values. Include the as_mail.php script in your code. Then, replace all occurrences of mail() with as_mail(), leaving the parameters as they are.
You may want to check the return value of as_mail() to ensure it is true (meaning the mail was sent). If it is false, then either as_mail() blocked it or mail() failed. Check the global variable $AS_MAIL_ERROR to see if as_mail() blocked it (and why).

Limitations

As a trade-off for easy anti-spam injection detection, the following are not allowed:

1. The mail may be sent to one and only one email address. Call as_mail multiple times if you need to send the email to multiple people.
2. The subject cannot contain newlines (which is invalid anyway).
3. The subject and message cannot contain headers, such as Content-Type or MIME-Type.
4. All hexadecimal encoding is decoded.
5. The additional headers cannot contain the headers To, CC, or BCC.