Add files via upload

captcha/randomimage.php

@@ -0,0 +1,52 @@
+<?php
+session_start();
+
+// make a string with all the characters that we 
+// want to use as the verification code
+$alphanum  = "ABCDEFGHJKMNPQRSTUVWXYZ23456789";
+
+// generate the verication code 
+$rand = substr(str_shuffle($alphanum), 0, 5);
+
+// choose one of four background images
+$bgNum = rand(1, 4);
+
+// create an image object using the chosen background
+$image = imagecreatefromjpeg("background$bgNum.jpg");
+
+$textColor = imagecolorallocate ($image, 0, 0, 0); 
+
+// write the code on the background image
+imagestring ($image, 5, 5, 8,  $rand, $textColor); 
+	
+
+// create the hash for the verification code
+// and put it in the session
+$_SESSION['image_random_value'] = md5($rand);
+	
+// send several headers to make sure the image is not cached	
+// taken directly from the PHP Manual
+	
+// Date in the past 
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); 
+
+// always modified 
+header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); 
+
+// HTTP/1.1 
+header("Cache-Control: no-store, no-cache, must-revalidate"); 
+header("Cache-Control: post-check=0, pre-check=0", false); 
+
+// HTTP/1.0 
+header("Pragma: no-cache"); 	
+
+
+// send the content type header so the image is displayed properly
+header('Content-type: image/jpeg');
+
+// send the image to the browser
+imagejpeg($image);
+
+// destroy the image to free up the memory
+imagedestroy($image);
+?>

sendform.php

@@ -0,0 +1,307 @@
+<?php
+	/************************************************************************
+	 *	SendForm Version 0.99												*
+	 *	Created 10 May 2005													*
+	 *	Modified 04 Nov 2010							    				*
+	 *	Questions/Comments: eric.fawcett@gmail.com   						*
+	 *																		*
+	 *	COPYRIGHT NOTICE													*
+	 *	Copyright 2010 Eric T. Fawcett										*
+	 *																		*
+	 *	Any part of SendForm can be used or modified in anyway so long  	*
+	 *	as this copyright notice and the above comments stay intact.		*
+	 *																		*
+	 *	By using this code you agree to indemnify Eric T. Fawcett 			*
+	 *	from any liability that might arise from its use.					*
+	 ************************************************************************/
+	session_start();
+	// $referals is a list of web site domains seperated by commas.  Only requests originating from
+	// these domains will be processed.
+	$referals = "domain.com";
+
+	// $excludeFields is a list of field names seperated by commas.  Field names listed here will not
+	// be included in the resulting email of this script.
+	// NOTE: The fields "recipient, subject, required, redirect, mailtemplate, mailtemplatehtml" are
+	//       used by this script and are automagically added later in the script.
+	$excludeFields = "";
+
+	// $defaultFrom is an email address in proper form. This is the default from address used to send
+	// mail if there is no field "email" sent to this script.
+	$defaultFrom = 'sendform@domain.com';
+
+	// $defaultSubject is a String. This is the default subject used if there is no field "subject"
+	// sent to this script.
+	$defaultSubject = "SendForm Results";
+	
+	// $defaultReq is a list of field names seperated by commas.  Field names listed here are assumed
+	// required for the script to run.
+	// NOTE: The field "recipient" is required by this script and will always be checked.
+	$defaultReq = "";
+	
+	// $smtpEnable enables or disables the SMTP sending method. enter 1 to turn it on or 0 to turn it off
+	// $smtpHost, $smtpUser, $smtpPass only need to be filled if $smtpEnable is set to 1
+	$smtpEnable = "0";
+	$smtpHost = "mail.server.com";
+	$smtpUser = "johndoe@domain.com";
+	$smtpPass = "passwerd";
+	
+	// $errorTo is a valid email address that will receive a simple notification for each error that occurs.
+	// Leave blank to turn off. NOTE: this function does not support the SMTP sending method.
+	$errorTo = "";
+
+	/************************************************************************
+	 * DO NOT EDIT BELOW THIS LINE                                          *
+	 * unless you know what you are doing                                   *
+	 ************************************************************************/
+	if ($defaultReq != "") $defaultReq .= ", recipient";
+	else $defaultReq = "recipient";
+	
+	$referals = explode(",", $referals);
+	$excludeFields = explode(",", "recipient, ccrecipient, bccrecipient, subject, required, redirect, mailtemplate, mailtemplatehtml, submit, submit_x, submit_y, verification, " . $excludeFields);
+	$srequired = explode(",", $defaultReq);
+
+	$errMsgStyle = "font-family: Arial;
+					font-size: 14px;
+					color: #FF0000;
+					font-weight: bold;
+					width: 100%;
+					text-align: center;";
+	$errDetStyle = "font-family: Arial;
+					font-size: 12px;
+					color: #FF0000;
+					width: 100%;
+					text-align: center;";
+
+	$theDomain = getdomain($_SERVER['HTTP_REFERER']);
+	checkreferal();
+	if(isset($_SESSION['image_random_value']) && strcasecmp(md5(strtoupper($_REQUEST['verification'])), $_SESSION['image_random_value']) != 0) {
+		die("Verification box did not match image");
+	}
+	checkrequired();
+	if(!validemail($defaultFrom) && !isset($_POST['email'])) bademail($defaultFrom);
+	fillrecipients();
+
+	if(isset($_POST['subject']))
+		$subject = $_POST['subject'];
+	else
+		$subject = $defaultSubject;
+		
+	if(isset($_POST['email']) && trim($_POST['email']) != "")
+		$fromemail = $_POST['email'];
+	else
+		$fromemail = $defaultFrom;
+	
+		
+	if(isset($_POST['redirect']))
+		$redirectURL = $_POST['redirect'];
+	else
+		$redirectURL = $_SERVER['HTTP_REFERER'];
+	
+	if(isset($_POST['mailtemplate']) && $_POST['mailtemplate'] != "")
+		writetemplate($_POST['mailtemplate']);
+	else {
+		if(isset($_POST['mailtemplatehtml']) && $_POST['mailtemplatehtml'] != "") {
+			$headers = 'MIME-Version: 1.0' . "\r\n";
+			$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
+			writetemplate($_POST['mailtemplatehtml']);
+		}
+		else
+			writestandard();
+	}
+	$headers .= "From: $fromemail" . "\r\n";
+	if(isset($_POST['ccrecipient']) && $_POST['ccrecipient'] != ""){
+		$ccemail = $_POST['ccrecipient'];
+		$headers .= "Cc: $ccemail" . "\r\n";
+		}
+	if(isset($_POST['bccrecipient']) && $_POST['bccrecipient'] != ""){
+		$bccemail = $_POST['bccrecipient'];
+		$headers .= "Bcc: $bccemail" . "\r\n";
+		}
+	sendit();
+	redirect();
+	
+	function checkrequired() {
+		global $recipients, $subject, $phone, $fax, $email,$redirectURL, $message, $srequired, $urequired;
+		// Check for all script required fields
+		foreach($srequired as $req) {
+			$req = trim($req);
+			if(!isset($_POST[$req]))
+				missingfield($req);
+		}
+		// Check for all user required fields
+		if(isset($_POST['required'])) {
+			$urequired = split(",", "recipient, " . $_POST['required']);
+			foreach($urequired as $req) {
+				$req = trim($req);
+				if($req == "email" && isset($_POST[$req]) && !validemail($_POST[$req]))
+					bademail($_POST[$req]);
+				else
+					if(!isset($_POST[$req]) || trim($_POST[$req]) == "")
+						missingfield($req);
+			}
+		}
+	}
+	
+	function sendit() {
+		global $recipients, $subject, $message, $fromemail, $headers, $smtpHost, $smtpUser, $smtpPass, $smtpEnable;
+		foreach($recipients as $to) {
+			if($smtpEnable == 1){
+				require_once "Mail.php";
+
+				$headers = array ('From' => $fromemail, 'To' => $to, 'Subject' => $subject);
+				$smtp = Mail::factory('smtp', array ('host' => $host, 'auth' => true, 'username' => $smtpUser, 'password' => $smtpPass));
+
+				$mail = $smtp->send($to, $headers, $message);
+
+				if (PEAR::isError($mail)) errormsg($mail->getMessage());
+			}
+			elseif($smtpEnable == 0){
+				if(trim($to) != "")
+					mail(trim($to), stripslashes($subject), stripslashes($message), $headers);
+			}
+		}
+	}
+	
+	function writestandard() {
+		global $message, $theDomain;
+		$message="Here is the information collected:\n\n";
+		foreach($_POST as $varname => $varval) {
+			if(is_array($varval)) $varval = implode(", ",$varval);
+			if(!exclude($varname)) {
+				$message .= "$varname: ";
+				if(count($varval) > 1) {
+					for($i = 0; $i < count($varval); $i++)
+						if($i < count($varval) - 1)
+							$message .= "$varval[$i], ";
+						else
+							$message .= "$varval[$i]";
+				} else {
+					$message .= "$varval";
+				}
+				$message .= "\n";
+			}
+		}
+	}
+
+	function writetemplate($thefile) {
+		global $message, $theDomain;
+		$thearray = Array();
+	    if($fp = @fopen($thefile, 'r')) {
+	        while($data = fgets($fp, 1024)) {
+				$data = chop($data);
+				foreach($_POST as $varname => $varval) {
+					if(is_array($varval)) $varval = implode(", ",$varval);
+					$data = str_replace("[$varname]", $varval, $data);
+				}
+				$message .= $data . "\n";
+            }
+			fclose($fp);
+        }
+	}
+
+	function redirect() {
+		global $redirectURL;
+		header("Location: " . $redirectURL);
+	}
+
+	function exclude($theVar) {
+		$req = false;
+		global $excludeFields;
+		foreach($excludeFields as $field) {
+			$field = trim($field);
+			if(strcmp(strtolower($field), strtolower($theVar)) == 0)
+				$req = true;
+		}		
+		return $req;
+	}
+	function checkreferal() {
+		global $referals, $theDomain;
+		$valid = false;
+		foreach($referals as $ref) {
+			$ref = trim($ref);
+			if(strcmp($theDomain, $ref) == 0) {
+				$valid = true;
+				break;
+			}
+		}
+		if(!$valid)
+			badreferer($theDomain);
+	}
+	function errormail($errormsg) {
+		if (validemail($errorTo)) mail($errorTo, 'Error on Accu-Trim Form', $errormsg, $headers);
+	}
+	function fillrecipients() {
+		global $recipients;
+		$recipients = split(",", $_POST['recipient']);
+	}
+
+	function missingfield($field) {
+		writeStyles();
+		echo "<h4>Missing Required Field</h4>\n";
+		echo "<p>";
+		echo "The Missing Field:";
+		echo "<strong>$field</strong>";
+		echo "</p>";
+		errormail("The Missing Field:".$field);
+		exit; 
+	}
+	function badreferer($ref) {
+		writeStyles();
+		echo "<h4>Bad Referer</h4>\n";
+		echo "<p>";
+		echo "This domain is not authorized for use of this script:";
+		echo "<strong>$ref</strong>";
+		echo "</p>";
+		errormail("This domain is not authorized for use of this script:".$ref);
+		exit; 
+	}
+	function bademail($email) {
+		writeStyles();
+		echo "<h4>Bad EMail Address</h4>";
+		echo "<p>";
+		echo "The email address you provided is not a valid email address:";
+		echo "<strong>$email</strong>";
+		echo "</p>";
+		errormail("The email address you provided is not a valid email address:".$email);
+		exit; 
+	}
+	function errormsg($msg) {
+		writeStyles();
+		echo "<h4>An Error Has Occured</h4>";
+		echo "<p>";
+		echo "<strong>$msg</strong>";
+		echo "</p>";
+		errormail("An Error Has Occured:".$msg);
+		exit; 
+	}
+	function getdomain($url) {
+		$host = parse_url($url, PHP_URL_HOST);
+		$host = preg_replace("(www\.)","",$host);
+		return $host;
+		#preg_match("/^(http:\/\/)?([^\/]+)/i", $url, $matches);
+		#$host = $matches[2];
+		#preg_match("/[^\.\/]+\.[^\.\/]+$/", $host, $matches);
+		#return $matches[0];
+	}
+	function validemail($email) {
+		// define a regular expression for "normal" addresses
+		$normal = "^[a-z0-9_\+-]+(\.[a-z0-9_\+-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*\.([a-z]{2,4})$"; 
+		// define a regular expression for "strange looking" but syntactically valid addresses
+		$validButRare = "^[a-z0-9,!#\$%&'\*\+/=\?\^_`\{\|}~-]+(\.[a-z0-9,!#\$%&'\*\+/=\?\^_`\{\|}~-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*\.([a-z]{2,})$";
+		if (eregi($normal, $email)) return true;
+		else if (eregi($validButRare, $email)) return true;
+		else return false;
+	}
+	function writeStyles() {
+		global $errMsgStyle, $errDetStyle;
+		echo "<style type=\"text/css\">";
+		echo "h4 {";
+		echo $errMsgStyle;
+		echo "}";
+		echo "p {";
+		echo $errDetStyle;
+		echo "}";
+		echo "</style>";
+		
+	}
+?>