I have the following code which sends emails out.
Is this good/secure enough for a production environment. i.e. will it stop bots, curl scripts sending spam using it, and stop email injections etc etc?
<?php
require_once('recaptchalib.php');
$privatekey = "private keys goes here";
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again. " .
"(reCAPTCHA said: " . $resp->error . ")");
} else {
require 'class.phpmailer.php';
//Create a new PHPMailer instance
$mail = new PHPMailer();
//Set who the message is to be sent from
$mail->SetFrom('oshirowanen@localhost.com');
//Set who the message is to be sent to
$mail->AddAddress($_POST['email']);
//Set the subject line
$mail->Subject = 'subject goes here';
//Replace the plain text body with one created manually
$mail->Body = $_POST['message'];
//Send the message, check for errors
if(!$mail->Send()) {
die ("Mailer Error: " . $mail->ErrorInfo);
} else {
echo "Message sent!";
}
}
?>
So basically, what I am asking is, is the above code safe enough, secure enough, good enough for a production environment?