ericfawcett
/
sendform-php
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: ericfawcett:e854c4ef19be603339e2f2c6c8e16e27703ac3d3
Branches Tags
ericfawcett:master
..
compare: ericfawcett:24af2c2a21d85ab0540851245031afdecb46dea7
Branches Tags
ericfawcett:master

No commits in common. "e854c4ef19be603339e2f2c6c8e16e27703ac3d3" and "24af2c2a21d85ab0540851245031afdecb46dea7" have entirely different histories.
e854c4ef19 ... 24af2c2a21

6 changed files with 67 additions and 33 deletions
Show Stats Expand all files Collapse all files

BIN
captcha/background1.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.8 KiB

BIN
captcha/background2.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
captcha/background3.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.1 KiB

BIN
captcha/background4.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.6 KiB

52
captcha/randomimage.php Normal file
View File

@ -0,0 +1,52 @@
<?php
session_start();
// make a string with all the characters that we
// want to use as the verification code
$alphanum = "ABCDEFGHJKMNPQRSTUVWXYZ23456789";
// generate the verication code
$rand = substr(str_shuffle($alphanum), 0, 5);
// choose one of four background images
$bgNum = rand(1, 4);
// create an image object using the chosen background
$image = imagecreatefromjpeg("background$bgNum.jpg");
$textColor = imagecolorallocate ($image, 0, 0, 0);
// write the code on the background image
imagestring ($image, 5, 5, 8, $rand, $textColor);
// create the hash for the verification code
// and put it in the session
$_SESSION['image_random_value'] = md5($rand);
// send several headers to make sure the image is not cached
// taken directly from the PHP Manual
// Date in the past
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
// always modified
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
// HTTP/1.1
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
// HTTP/1.0
header("Pragma: no-cache");
// send the content type header so the image is displayed properly
header('Content-type: image/jpeg');
// send the image to the browser
imagejpeg($image);
// destroy the image to free up the memory
imagedestroy($image);
?>

48
sendform.php
View File

@ -1,18 +1,21 @@
<?php <?php
/************************************************************************
* Questions/Comments: eric.fawcett@gmail.com *
* *
* COPYRIGHT NOTICE *
* Copyright 2017 Eric T. Fawcett *
* *
* Any part of SendForm can be used or modified in anyway so long *
* as this copyright notice and the above comments stay intact. *
* *
* By using this code you agree to indemnify Eric T. Fawcett *
* from any liability that might arise from its use. *
************************************************************************/
session_start(); session_start();
// $referals is a list of web site domains seperated by commas. Only requests originating from // $referals is a list of web site domains seperated by commas. Only requests originating from
// these domains will be processed. // these domains will be processed.
$referals = "domain.com"; $referals = "domain.com";
// Google reCaptcha v2 secret. Obtain your key from https://www.google.com/recaptcha/admin/create
// Enter your secret key below and be sure to integrate reCaptcha into your site with your site key.
//
// <script src="https://www.google.com/recaptcha/api.js"></script>
// <div class="g-recaptcha" data-sitekey="your_site_key"></div>
//
// Leave blank to disable (Not a good idea).
$reCaptchaSecret = "";
// $excludeFields is a list of field names seperated by commas. Field names listed here will not // $excludeFields is a list of field names seperated by commas. Field names listed here will not
// be included in the resulting email of this script. // be included in the resulting email of this script.
// NOTE: The fields "recipient, subject, required, redirect, mailtemplate, mailtemplatehtml" are // NOTE: The fields "recipient, subject, required, redirect, mailtemplate, mailtemplatehtml" are
@ -73,30 +76,9 @@
$theDomain = getdomain($_SERVER['HTTP_REFERER']); $theDomain = getdomain($_SERVER['HTTP_REFERER']);
checkreferal(); checkreferal();
if(isset($_SESSION['image_random_value']) && strcasecmp(md5(strtoupper($_REQUEST['verification'])), $_SESSION['image_random_value']) != 0) {
// Google reCaptcha v2 die("Verification box did not match image");
if(isset($reCaptchaSecret)){ }
if(isset($_POST['g-recaptcha-response'])) $captcha=$_POST['g-recaptcha-response'];
else errormsg("Verification failed. Please try again.");
// post request to server
$url = 'https://www.google.com/recaptcha/api/siteverify?secret=' . urlencode($reCaptchaSecret) . '&response=' . urlencode($captcha);
$ch = curl_init();
curl_setopt($ch, CURLOPT_AUTOREFERER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
$response = curl_exec($ch);
curl_close($ch);
$responseKeys = json_decode($response,true);
// should return JSON with success as true
if(!$responseKeys["success"]) errormsg("Verification failed. Please try again.");
}
checkrequired(); checkrequired();
if(!validemail($defaultFrom) && !isset($_POST['email'])) bademail($defaultFrom); if(!validemail($defaultFrom) && !isset($_POST['email'])) bademail($defaultFrom);
fillrecipients(); fillrecipients();