mirror of
https://bitbucket.org/jsuto/piler.git
synced 2024-12-25 08:40:12 +01:00
193 lines
7.9 KiB
PHP
193 lines
7.9 KiB
PHP
<?php
|
|
session_start(); // this MUST be called prior to any output including whitespaces and line breaks!
|
|
|
|
$GLOBALS['DEBUG_MODE'] = 1;
|
|
// CHANGE TO 0 TO TURN OFF DEBUG MODE
|
|
// IN DEBUG MODE, ONLY THE CAPTCHA CODE IS VALIDATED, AND NO EMAIL IS SENT
|
|
|
|
$GLOBALS['ct_recipient'] = 'YOU@EXAMPLE.COM'; // Change to your email address!
|
|
$GLOBALS['ct_msg_subject'] = 'Securimage Test Contact Form';
|
|
|
|
?>
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
|
<head>
|
|
<meta http-equiv="Content-type" content="text/html;charset=UTF-8" />
|
|
<title>Securimage Example Form</title>
|
|
<style type="text/css">
|
|
<!--
|
|
.error { color: #f00; font-weight: bold; font-size: 1.2em; }
|
|
.success { color: #00f; font-weight: bold; font-size: 1.2em; }
|
|
fieldset { width: 90%; }
|
|
legend { font-size: 24px; }
|
|
.note { font-size: 18px;
|
|
-->
|
|
</style>
|
|
</head>
|
|
<body>
|
|
|
|
<fieldset>
|
|
<legend>Example Form</legend>
|
|
|
|
<p class="note">
|
|
This is an example PHP form that processes user information, checks for errors, and validates the captcha code.<br />
|
|
This example form also demonstrates how to submit a form to itself to display error messages.
|
|
</p>
|
|
|
|
<?php
|
|
|
|
process_si_contact_form(); // Process the form, if it was submitted
|
|
|
|
if (isset($_SESSION['ctform']['error']) && $_SESSION['ctform']['error'] == true): /* The last form submission had 1 or more errors */ ?>
|
|
<span class="error">There was a problem with your submission. Errors are displayed below in red.</span><br /><br />
|
|
<?php elseif (isset($_SESSION['ctform']['success']) && $_SESSION['ctform']['success'] == true): /* form was processed successfully */ ?>
|
|
<span class="success">The captcha was correct and the message has been sent!</span><br /><br />
|
|
<?php endif; ?>
|
|
|
|
<form method="post" action="<?php echo htmlspecialchars($_SERVER['REQUEST_URI'] . $_SERVER['QUERY_STRING']) ?>" id="contact_form">
|
|
<input type="hidden" name="do" value="contact" />
|
|
|
|
<p>
|
|
<strong>Name*:</strong> <?php echo @$_SESSION['ctform']['name_error'] ?><br />
|
|
<input type="text" name="ct_name" size="35" value="<?php echo htmlspecialchars(@$_SESSION['ctform']['ct_name']) ?>" />
|
|
</p>
|
|
|
|
<p>
|
|
<strong>Email*:</strong> <?php echo @$_SESSION['ctform']['email_error'] ?><br />
|
|
<input type="text" name="ct_email" size="35" value="<?php echo htmlspecialchars(@$_SESSION['ctform']['ct_email']) ?>" />
|
|
</p>
|
|
|
|
<p>
|
|
<strong>URL:</strong> <?php echo @$_SESSION['ctform']['URL_error'] ?><br />
|
|
<input type="text" name="ct_URL" size="35" value="<?php echo htmlspecialchars(@$_SESSION['ctform']['ct_URL']) ?>" />
|
|
</p>
|
|
|
|
<p>
|
|
<strong>Message*:</strong> <?php echo @$_SESSION['ctform']['message_error'] ?><br />
|
|
<textarea name="ct_message" rows="12" cols="60"><?php echo htmlspecialchars(@$_SESSION['ctform']['ct_message']) ?></textarea>
|
|
</p>
|
|
|
|
<p>
|
|
<img id="siimage" style="border: 1px solid #000; margin-right: 15px" src="./securimage_show.php?sid=<?php echo md5(uniqid()) ?>" alt="CAPTCHA Image" align="left" />
|
|
<object type="application/x-shockwave-flash" data="./securimage_play.swf?bgcol=#ffffff&icon_file=./images/audio_icon.png&audio_file=./securimage_play.php" height="32" width="32">
|
|
<param name="movie" value="./securimage_play.swf?bgcol=#ffffff&icon_file=./images/audio_icon.png&audio_file=./securimage_play.php" />
|
|
</object>
|
|
|
|
<a tabindex="-1" style="border-style: none;" href="#" title="Refresh Image" onclick="document.getElementById('siimage').src = './securimage_show.php?sid=' + Math.random(); this.blur(); return false"><img src="./images/refresh.png" alt="Reload Image" height="32" width="32" onclick="this.blur()" align="bottom" border="0" /></a><br />
|
|
<strong>Enter Code*:</strong><br />
|
|
<?php echo @$_SESSION['ctform']['captcha_error'] ?>
|
|
<input type="text" name="ct_captcha" size="12" maxlength="16" />
|
|
</p>
|
|
|
|
<p>
|
|
<br />
|
|
<input type="submit" value="Submit Message" />
|
|
</p>
|
|
|
|
</form>
|
|
</fieldset>
|
|
|
|
</body>
|
|
</html>
|
|
|
|
<?php
|
|
|
|
// The form processor PHP code
|
|
function process_si_contact_form()
|
|
{
|
|
$_SESSION['ctform'] = array(); // re-initialize the form session data
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] == 'POST' && @$_POST['do'] == 'contact') {
|
|
// if the form has been submitted
|
|
|
|
foreach($_POST as $key => $value) {
|
|
if (!is_array($key)) {
|
|
// sanitize the input data
|
|
if ($key != 'ct_message') $value = strip_tags($value);
|
|
$_POST[$key] = htmlspecialchars(stripslashes(trim($value)));
|
|
}
|
|
}
|
|
|
|
$name = @$_POST['ct_name']; // name from the form
|
|
$email = @$_POST['ct_email']; // email from the form
|
|
$URL = @$_POST['ct_URL']; // url from the form
|
|
$message = @$_POST['ct_message']; // the message from the form
|
|
$captcha = @$_POST['ct_captcha']; // the user's entry for the captcha code
|
|
$name = substr($name, 0, 64); // limit name to 64 characters
|
|
|
|
$errors = array(); // initialize empty error array
|
|
|
|
if (isset($GLOBALS['DEBUG_MODE']) && $GLOBALS['DEBUG_MODE'] == false) {
|
|
// only check for errors if the form is not in debug mode
|
|
|
|
if (strlen($name) < 3) {
|
|
// name too short, add error
|
|
$errors['name_error'] = 'Your name is required';
|
|
}
|
|
|
|
if (strlen($email) == 0) {
|
|
// no email address given
|
|
$errors['email_error'] = 'Email address is required';
|
|
} else if ( !preg_match('/^(?:[\w\d]+\.?)+@(?:(?:[\w\d]\-?)+\.)+\w{2,4}$/i', $email)) {
|
|
// invalid email format
|
|
$errors['email_error'] = 'Email address entered is invalid';
|
|
}
|
|
|
|
if (strlen($message) < 20) {
|
|
// message length too short
|
|
$errors['message_error'] = 'Please enter a message';
|
|
}
|
|
}
|
|
|
|
// Only try to validate the captcha if the form has no errors
|
|
// This is especially important for ajax calls
|
|
if (sizeof($errors) == 0) {
|
|
require_once dirname(__FILE__) . '/securimage.php';
|
|
$securimage = new Securimage();
|
|
|
|
if ($securimage->check($captcha) == false) {
|
|
$errors['captcha_error'] = 'Incorrect security code entered<br />';
|
|
}
|
|
}
|
|
|
|
if (sizeof($errors) == 0) {
|
|
// no errors, send the form
|
|
$time = date('r');
|
|
$message = "A message was submitted from the contact form. The following information was provided.<br /><br />"
|
|
. "Name: $name<br />"
|
|
. "Email: $email<br />"
|
|
. "URL: $URL<br />"
|
|
. "Message:<br />"
|
|
. "<pre>$message</pre>"
|
|
. "<br /><br />IP Address: {$_SERVER['REMOTE_ADDR']}<br />"
|
|
. "Time: $time<br />"
|
|
. "Browser: {$_SERVER['HTTP_USER_AGENT']}<br />";
|
|
|
|
$message = wordwrap($message, 70);
|
|
|
|
if (isset($GLOBALS['DEBUG_MODE']) && $GLOBALS['DEBUG_MODE'] == false) {
|
|
// send the message with mail()
|
|
mail($GLOBALS['ct_recipient'], $GLOBALS['ct_msg_subject'], $message, "From: {$GLOBALS['ct_recipient']}\r\nReply-To: {$email}\r\nContent-type: text/html; charset=ISO-8859-1\r\nMIME-Version: 1.0");
|
|
}
|
|
|
|
$_SESSION['ctform']['error'] = false; // no error with form
|
|
$_SESSION['ctform']['success'] = true; // message sent
|
|
} else {
|
|
// save the entries, this is to re-populate the form
|
|
$_SESSION['ctform']['ct_name'] = $name; // save name from the form submission
|
|
$_SESSION['ctform']['ct_email'] = $email; // save email
|
|
$_SESSION['ctform']['ct_URL'] = $URL; // save URL
|
|
$_SESSION['ctform']['ct_message'] = $message; // save message
|
|
|
|
foreach($errors as $key => $error) {
|
|
// set up error messages to display with each field
|
|
$_SESSION['ctform'][$key] = "<span style=\"font-weight: bold; color: #f00\">$error</span>";
|
|
}
|
|
|
|
$_SESSION['ctform']['error'] = true; // set error floag
|
|
}
|
|
} // POST
|
|
}
|
|
|
|
$_SESSION['ctform']['success'] = false; // clear success value after running
|