2016-11-23 22:01:33 -05:00
|
|
|
<?php
|
|
|
|
|
session_start();
|
2022-03-09 20:52:27 -05:00
|
|
|
require_once("sendform.conf");
|
2016-11-23 22:01:33 -05:00
|
|
|
|
2022-03-09 20:52:27 -05:00
|
|
|
if ($conf['defaultReq'] != "") $conf['defaultReq'] .= ", recipient";
|
|
|
|
|
else $conf['defaultReq'] = "recipient";
|
2016-11-23 22:01:33 -05:00
|
|
|
|
2022-03-09 20:52:27 -05:00
|
|
|
$conf['referrals'] = explode(",", $conf['referrals']);
|
|
|
|
|
$conf['excludeFields'] = explode(",", "recipient, ccrecipient, bccrecipient, subject, required, redirect, mailtemplate, mailtemplatehtml, submit, submit_x, submit_y, verification, ignoreempty, g-recaptcha-response, " . $conf['excludeFields']);
|
|
|
|
|
$srequired = explode(",", $conf['defaultReq']);
|
2016-11-23 22:01:33 -05:00
|
|
|
|
|
|
|
|
$errMsgStyle = "font-family: Arial;
|
|
|
|
|
font-size: 14px;
|
|
|
|
|
color: #FF0000;
|
|
|
|
|
font-weight: bold;
|
|
|
|
|
width: 100%;
|
|
|
|
|
text-align: center;";
|
|
|
|
|
$errDetStyle = "font-family: Arial;
|
|
|
|
|
font-size: 12px;
|
|
|
|
|
color: #FF0000;
|
|
|
|
|
width: 100%;
|
|
|
|
|
text-align: center;";
|
|
|
|
|
|
|
|
|
|
$theDomain = getdomain($_SERVER['HTTP_REFERER']);
|
|
|
|
|
checkreferal();
|
2020-08-12 19:55:48 -04:00
|
|
|
|
|
|
|
|
// Google reCaptcha v2
|
2022-03-09 20:52:27 -05:00
|
|
|
if(isset($conf['reCaptchaSecret'])){
|
2020-08-12 19:55:48 -04:00
|
|
|
if(isset($_POST['g-recaptcha-response'])) $captcha=$_POST['g-recaptcha-response'];
|
|
|
|
|
else errormsg("Verification failed. Please try again.");
|
|
|
|
|
|
|
|
|
|
// post request to server
|
2022-03-09 20:52:27 -05:00
|
|
|
$url = 'https://www.google.com/recaptcha/api/siteverify?secret=' . urlencode($conf['reCaptchaSecret']) . '&response=' . urlencode($captcha);
|
2020-08-12 19:55:48 -04:00
|
|
|
$ch = curl_init();
|
|
|
|
|
|
|
|
|
|
curl_setopt($ch, CURLOPT_AUTOREFERER, TRUE);
|
|
|
|
|
curl_setopt($ch, CURLOPT_HEADER, 0);
|
|
|
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
|
|
|
|
|
curl_setopt($ch, CURLOPT_URL, $url);
|
|
|
|
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
|
|
|
|
|
|
|
|
|
|
$response = curl_exec($ch);
|
|
|
|
|
curl_close($ch);
|
|
|
|
|
|
|
|
|
|
$responseKeys = json_decode($response,true);
|
|
|
|
|
// should return JSON with success as true
|
|
|
|
|
if(!$responseKeys["success"]) errormsg("Verification failed. Please try again.");
|
|
|
|
|
}
|
|
|
|
|
|
2016-11-23 22:01:33 -05:00
|
|
|
checkrequired();
|
2022-03-09 20:52:27 -05:00
|
|
|
if(!validemail($conf['defaultFrom']) && !isset($_POST['email'])) bademail($conf['defaultFrom']);
|
2016-11-23 22:01:33 -05:00
|
|
|
fillrecipients();
|
|
|
|
|
|
|
|
|
|
if(isset($_POST['subject']))
|
|
|
|
|
$subject = $_POST['subject'];
|
|
|
|
|
else
|
2022-03-09 20:52:27 -05:00
|
|
|
$subject = $conf['defaultSubject'];
|
2016-11-23 22:01:33 -05:00
|
|
|
|
2017-10-30 21:13:43 -04:00
|
|
|
if(isset($_POST['ignoreempty']) && ($_POST('ignoreempty') === true || $_POST('ignoreempty') === false))
|
|
|
|
|
$ignoreempty = $_POST['ignoreempty'];
|
|
|
|
|
else
|
2022-03-09 20:52:27 -05:00
|
|
|
$ignoreempty = $conf['defaultIgnoreEmpty'];
|
2017-10-30 21:13:43 -04:00
|
|
|
|
2016-11-23 22:01:33 -05:00
|
|
|
if(isset($_POST['email']) && trim($_POST['email']) != "")
|
|
|
|
|
$fromemail = $_POST['email'];
|
|
|
|
|
else
|
2022-03-09 20:52:27 -05:00
|
|
|
$fromemail = $conf['defaultFrom'];
|
2016-11-23 22:01:33 -05:00
|
|
|
|
|
|
|
|
|
|
|
|
|
if(isset($_POST['redirect']))
|
|
|
|
|
$redirectURL = $_POST['redirect'];
|
|
|
|
|
else
|
|
|
|
|
$redirectURL = $_SERVER['HTTP_REFERER'];
|
|
|
|
|
|
|
|
|
|
if(isset($_POST['mailtemplate']) && $_POST['mailtemplate'] != "")
|
|
|
|
|
writetemplate($_POST['mailtemplate']);
|
|
|
|
|
else {
|
|
|
|
|
if(isset($_POST['mailtemplatehtml']) && $_POST['mailtemplatehtml'] != "") {
|
|
|
|
|
$headers = 'MIME-Version: 1.0' . "\r\n";
|
|
|
|
|
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
|
|
|
|
|
writetemplate($_POST['mailtemplatehtml']);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
writestandard();
|
|
|
|
|
}
|
|
|
|
|
$headers .= "From: $fromemail" . "\r\n";
|
|
|
|
|
if(isset($_POST['ccrecipient']) && $_POST['ccrecipient'] != ""){
|
|
|
|
|
$ccemail = $_POST['ccrecipient'];
|
|
|
|
|
$headers .= "Cc: $ccemail" . "\r\n";
|
|
|
|
|
}
|
|
|
|
|
if(isset($_POST['bccrecipient']) && $_POST['bccrecipient'] != ""){
|
|
|
|
|
$bccemail = $_POST['bccrecipient'];
|
|
|
|
|
$headers .= "Bcc: $bccemail" . "\r\n";
|
|
|
|
|
}
|
|
|
|
|
sendit();
|
|
|
|
|
redirect();
|
|
|
|
|
|
|
|
|
|
function checkrequired() {
|
|
|
|
|
global $recipients, $subject, $phone, $fax, $email,$redirectURL, $message, $srequired, $urequired;
|
|
|
|
|
// Check for all script required fields
|
|
|
|
|
foreach($srequired as $req) {
|
|
|
|
|
$req = trim($req);
|
|
|
|
|
if(!isset($_POST[$req]))
|
|
|
|
|
missingfield($req);
|
|
|
|
|
}
|
|
|
|
|
// Check for all user required fields
|
|
|
|
|
if(isset($_POST['required'])) {
|
2017-10-13 10:29:21 -04:00
|
|
|
$urequired = explode(",", "recipient, " . $_POST['required']);
|
2016-11-23 22:01:33 -05:00
|
|
|
foreach($urequired as $req) {
|
|
|
|
|
$req = trim($req);
|
|
|
|
|
if($req == "email" && isset($_POST[$req]) && !validemail($_POST[$req]))
|
|
|
|
|
bademail($_POST[$req]);
|
|
|
|
|
else
|
|
|
|
|
if(!isset($_POST[$req]) || trim($_POST[$req]) == "")
|
|
|
|
|
missingfield($req);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function sendit() {
|
2022-03-09 20:52:27 -05:00
|
|
|
global $recipients, $subject, $message, $fromemail, $headers, $conf['smtpHost'], $conf['smtpUser'], $conf['smtpPass'], $conf['smtpEnable'];
|
2016-11-23 22:01:33 -05:00
|
|
|
foreach($recipients as $to) {
|
2022-03-09 20:52:27 -05:00
|
|
|
if($conf['smtpEnable'] == 1){
|
2016-11-23 22:01:33 -05:00
|
|
|
require_once "Mail.php";
|
|
|
|
|
|
|
|
|
|
$headers = array ('From' => $fromemail, 'To' => $to, 'Subject' => $subject);
|
2022-03-09 20:52:27 -05:00
|
|
|
$smtp = Mail::factory('smtp', array ('host' => $host, 'auth' => true, 'username' => $conf['smtpUser'], 'password' => $conf['smtpPass']));
|
2016-11-23 22:01:33 -05:00
|
|
|
|
|
|
|
|
$mail = $smtp->send($to, $headers, $message);
|
|
|
|
|
|
|
|
|
|
if (PEAR::isError($mail)) errormsg($mail->getMessage());
|
|
|
|
|
}
|
2022-03-09 20:52:27 -05:00
|
|
|
elseif($conf['smtpEnable'] == 0){
|
2016-11-23 22:01:33 -05:00
|
|
|
if(trim($to) != "")
|
|
|
|
|
mail(trim($to), stripslashes($subject), stripslashes($message), $headers);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function writestandard() {
|
2017-10-30 21:13:43 -04:00
|
|
|
global $message, $theDomain, $ignoreempty;
|
2016-11-23 22:01:33 -05:00
|
|
|
$message="Here is the information collected:\n\n";
|
|
|
|
|
foreach($_POST as $varname => $varval) {
|
2017-10-30 21:13:43 -04:00
|
|
|
if($ignoreempty===true && empty($varval)) continue;
|
2016-11-23 22:01:33 -05:00
|
|
|
if(is_array($varval)) $varval = implode(", ",$varval);
|
|
|
|
|
if(!exclude($varname)) {
|
|
|
|
|
$message .= "$varname: ";
|
|
|
|
|
if(count($varval) > 1) {
|
|
|
|
|
for($i = 0; $i < count($varval); $i++)
|
|
|
|
|
if($i < count($varval) - 1)
|
|
|
|
|
$message .= "$varval[$i], ";
|
|
|
|
|
else
|
|
|
|
|
$message .= "$varval[$i]";
|
|
|
|
|
} else {
|
|
|
|
|
$message .= "$varval";
|
|
|
|
|
}
|
|
|
|
|
$message .= "\n";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function writetemplate($thefile) {
|
2017-10-30 21:13:43 -04:00
|
|
|
global $message, $theDomain, $ignoreempty;
|
2016-11-23 22:01:33 -05:00
|
|
|
$thearray = Array();
|
|
|
|
|
if($fp = @fopen($thefile, 'r')) {
|
|
|
|
|
while($data = fgets($fp, 1024)) {
|
|
|
|
|
$data = chop($data);
|
|
|
|
|
foreach($_POST as $varname => $varval) {
|
2017-10-30 21:13:43 -04:00
|
|
|
if($ignoreempty===true && empty($varval)) continue;
|
2016-11-23 22:01:33 -05:00
|
|
|
if(is_array($varval)) $varval = implode(", ",$varval);
|
|
|
|
|
$data = str_replace("[$varname]", $varval, $data);
|
|
|
|
|
}
|
|
|
|
|
$message .= $data . "\n";
|
|
|
|
|
}
|
|
|
|
|
fclose($fp);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function redirect() {
|
|
|
|
|
global $redirectURL;
|
|
|
|
|
header("Location: " . $redirectURL);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function exclude($theVar) {
|
|
|
|
|
$req = false;
|
2022-03-09 20:52:27 -05:00
|
|
|
global $conf['excludeFields'];
|
|
|
|
|
foreach($conf['excludeFields'] as $field) {
|
2016-11-23 22:01:33 -05:00
|
|
|
$field = trim($field);
|
|
|
|
|
if(strcmp(strtolower($field), strtolower($theVar)) == 0)
|
|
|
|
|
$req = true;
|
|
|
|
|
}
|
|
|
|
|
return $req;
|
|
|
|
|
}
|
|
|
|
|
function checkreferal() {
|
2022-03-09 20:52:27 -05:00
|
|
|
global $conf['referrals'], $theDomain;
|
2016-11-23 22:01:33 -05:00
|
|
|
$valid = false;
|
2022-03-09 20:52:27 -05:00
|
|
|
foreach($conf['referrals'] as $ref) {
|
2016-11-23 22:01:33 -05:00
|
|
|
$ref = trim($ref);
|
|
|
|
|
if(strcmp($theDomain, $ref) == 0) {
|
|
|
|
|
$valid = true;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if(!$valid)
|
|
|
|
|
badreferer($theDomain);
|
|
|
|
|
}
|
|
|
|
|
function errormail($errormsg) {
|
2022-03-09 20:52:27 -05:00
|
|
|
if (validemail($conf['errorTo'])) mail($conf['errorTo'], 'Error on form', $errormsg, $headers);
|
2016-11-23 22:01:33 -05:00
|
|
|
}
|
|
|
|
|
function fillrecipients() {
|
|
|
|
|
global $recipients;
|
2017-11-06 13:13:01 -05:00
|
|
|
$recipients = explode(",", $_POST['recipient']);
|
2016-11-23 22:01:33 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function missingfield($field) {
|
|
|
|
|
writeStyles();
|
|
|
|
|
echo "<h4>Missing Required Field</h4>\n";
|
|
|
|
|
echo "<p>";
|
|
|
|
|
echo "The Missing Field:";
|
|
|
|
|
echo "<strong>$field</strong>";
|
|
|
|
|
echo "</p>";
|
|
|
|
|
errormail("The Missing Field:".$field);
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
function badreferer($ref) {
|
|
|
|
|
writeStyles();
|
|
|
|
|
echo "<h4>Bad Referer</h4>\n";
|
|
|
|
|
echo "<p>";
|
|
|
|
|
echo "This domain is not authorized for use of this script:";
|
|
|
|
|
echo "<strong>$ref</strong>";
|
|
|
|
|
echo "</p>";
|
|
|
|
|
errormail("This domain is not authorized for use of this script:".$ref);
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
function bademail($email) {
|
|
|
|
|
writeStyles();
|
|
|
|
|
echo "<h4>Bad EMail Address</h4>";
|
|
|
|
|
echo "<p>";
|
|
|
|
|
echo "The email address you provided is not a valid email address:";
|
|
|
|
|
echo "<strong>$email</strong>";
|
|
|
|
|
echo "</p>";
|
|
|
|
|
errormail("The email address you provided is not a valid email address:".$email);
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
function errormsg($msg) {
|
|
|
|
|
writeStyles();
|
|
|
|
|
echo "<h4>An Error Has Occured</h4>";
|
|
|
|
|
echo "<p>";
|
|
|
|
|
echo "<strong>$msg</strong>";
|
|
|
|
|
echo "</p>";
|
|
|
|
|
errormail("An Error Has Occured:".$msg);
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
function getdomain($url) {
|
|
|
|
|
$host = parse_url($url, PHP_URL_HOST);
|
|
|
|
|
$host = preg_replace("(www\.)","",$host);
|
|
|
|
|
return $host;
|
|
|
|
|
#preg_match("/^(http:\/\/)?([^\/]+)/i", $url, $matches);
|
|
|
|
|
#$host = $matches[2];
|
|
|
|
|
#preg_match("/[^\.\/]+\.[^\.\/]+$/", $host, $matches);
|
|
|
|
|
#return $matches[0];
|
|
|
|
|
}
|
|
|
|
|
function validemail($email) {
|
2017-10-17 13:20:55 -04:00
|
|
|
if (filter_var($email, FILTER_VALIDATE_EMAIL)) return true;
|
2016-11-23 22:01:33 -05:00
|
|
|
else return false;
|
|
|
|
|
}
|
|
|
|
|
function writeStyles() {
|
|
|
|
|
global $errMsgStyle, $errDetStyle;
|
|
|
|
|
echo "<style type=\"text/css\">";
|
|
|
|
|
echo "h4 {";
|
|
|
|
|
echo $errMsgStyle;
|
|
|
|
|
echo "}";
|
|
|
|
|
echo "p {";
|
|
|
|
|
echo $errDetStyle;
|
|
|
|
|
echo "}";
|
|
|
|
|
echo "</style>";
|
|
|
|
|
|
|
|
|
|
}
|
2017-10-13 10:23:11 -04:00
|
|
|
?>
|
