Let’s suppose I want to give a full admin demo of our software to the public. Our software includes email functions, and many other activities that a hacker or spammer would have a field day with. Are there any good methods to “sandbox” or otherwise block all activities that send messages outside the site? That way people can enjoy the full functionality of the demo without us having to worry. Any idea?
Fairly sure this should be under the Application Design subforum but…
Off the top of my head, throw in a couple of lines to change the ini settings to invalid email senders?
Replace the object that sends your mail with an inert version- this is the Null Object Pattern I believe.
<?php
class Mailer implements IMailer
{
public function send($mail){
return mail($mail->to, $mail->subject, $mail->message);
}
}
class NullMailer implements IMailer
{
public function send($mail){
return true;
}
}
?>
Thank you for your recommendations. We are going to be doing this soon, and just want to do it cleanly so we don’t have to contend with hackers. It’s a much bigger deal granting access to the admin for the public, and we have literally hundreds of forms.