PHPFormMail 1.07.1 Released

1.07.1 is primarily a bug fix release.

The main bug that was fixed involved a security vulnerability for version 1.07.0 (only that version) that would allow the script to be an open relay if the webmaster had CHECK_REFERER set to false (and only if it was set to false) and did not use the $recipient_array. If you use 1.07.0 and CHECK_REFERER is set to false and you don't use the $recipient_array you should upgrade immediately. All other configurations should not be affected by this vulnerability but upgrading to the latest version is always recommended.

I've also changed the HTML and the e-mail output to be in UTF-8 to allow more international users to be able to use the script. There is no change that has to be done to take advantage of this.

One note about UTF-8: While the email and the HTML will display the UTF-8 properly, I haven't had a chance to modify the script to optionally use the multi byte extension for the regex calls. If you have a form and it uses a _regex field expect the regex to always fail the user on multi-byte languages. While adding UTF-8 might seem pointless right now, it's not. Users can still fill in the other fields in their native language.