First, let me say thanks, I've found your PHP book (4th ed.) very useful for a beginner.
In your section on form submission, you give the example of checking a submitted email address in a form, to confirm that it only has one "@" symbol. You mention that, of course, this is only the tip of the iceberg as far as form security.
Now, I have a real-world project where I need a contact form to be fairly hack-resistant, and was wondering if you could point me to a "best practice" PHP script that is up-to-date in terms of validation and security. Something I could study, learn from, etc. There are of course gobs of these posted on various forums, but most are old, oversimple, and seem to lack any real security precautions.
The most useful, complete-seeming contact form script I've come across is here:
http://css-tricks.co...-functionality/
Can you comment/advise/direct on this topic? I know you're not in the business of cookbook-style examples but I need to get this right the first time!