<?php
	/************************************************************************
	 *	SendForm Version 0.99												*
	 *	Created 10 May 2005													*
	 *	Modified 04 Nov 2010							    				*
	 *	Questions/Comments: eric.fawcett@gmail.com   						*
	 *																		*
	 *	COPYRIGHT NOTICE													*
	 *	Copyright 2010 Eric T. Fawcett										*
	 *																		*
	 *	Any part of SendForm can be used or modified in anyway so long  	*
	 *	as this copyright notice and the above comments stay intact.		*
	 *																		*
	 *	By using this code you agree to indemnify Eric T. Fawcett 			*
	 *	from any liability that might arise from its use.					*
	 ************************************************************************/
	session_start();
	// $referals is a list of web site domains seperated by commas.  Only requests originating from
	// these domains will be processed.
	$referals = "domain.com";

	// $excludeFields is a list of field names seperated by commas.  Field names listed here will not
	// be included in the resulting email of this script.
	// NOTE: The fields "recipient, subject, required, redirect, mailtemplate, mailtemplatehtml" are
	//       used by this script and are automagically added later in the script.
	$excludeFields = "";

	// $defaultFrom is an email address in proper form. This is the default from address used to send
	// mail if there is no field "email" sent to this script.
	$defaultFrom = 'sendform@domain.com';

	// $defaultSubject is a String. This is the default subject used if there is no field "subject"
	// sent to this script.
	$defaultSubject = "SendForm Results";
	
	// $defaultReq is a list of field names seperated by commas.  Field names listed here are assumed
	// required for the script to run.
	// NOTE: The field "recipient" is required by this script and will always be checked.
	$defaultReq = "";
	
	// $smtpEnable enables or disables the SMTP sending method. enter 1 to turn it on or 0 to turn it off
	// $smtpHost, $smtpUser, $smtpPass only need to be filled if $smtpEnable is set to 1
	$smtpEnable = "0";
	$smtpHost = "mail.server.com";
	$smtpUser = "johndoe@domain.com";
	$smtpPass = "passwerd";
	
	// $errorTo is a valid email address that will receive a simple notification for each error that occurs.
	// Leave blank to turn off. NOTE: this function does not support the SMTP sending method.
	$errorTo = "";

	/************************************************************************
	 * DO NOT EDIT BELOW THIS LINE                                          *
	 * unless you know what you are doing                                   *
	 ************************************************************************/
	if ($defaultReq != "") $defaultReq .= ", recipient";
	else $defaultReq = "recipient";
	
	$referals = explode(",", $referals);
	$excludeFields = explode(",", "recipient, ccrecipient, bccrecipient, subject, required, redirect, mailtemplate, mailtemplatehtml, submit, submit_x, submit_y, verification, " . $excludeFields);
	$srequired = explode(",", $defaultReq);

	$errMsgStyle = "font-family: Arial;
					font-size: 14px;
					color: #FF0000;
					font-weight: bold;
					width: 100%;
					text-align: center;";
	$errDetStyle = "font-family: Arial;
					font-size: 12px;
					color: #FF0000;
					width: 100%;
					text-align: center;";

	$theDomain = getdomain($_SERVER['HTTP_REFERER']);
	checkreferal();
	if(isset($_SESSION['image_random_value']) && strcasecmp(md5(strtoupper($_REQUEST['verification'])), $_SESSION['image_random_value']) != 0) {
		die("Verification box did not match image");
	}
	checkrequired();
	if(!validemail($defaultFrom) && !isset($_POST['email'])) bademail($defaultFrom);
	fillrecipients();

	if(isset($_POST['subject']))
		$subject = $_POST['subject'];
	else
		$subject = $defaultSubject;
		
	if(isset($_POST['email']) && trim($_POST['email']) != "")
		$fromemail = $_POST['email'];
	else
		$fromemail = $defaultFrom;
	
		
	if(isset($_POST['redirect']))
		$redirectURL = $_POST['redirect'];
	else
		$redirectURL = $_SERVER['HTTP_REFERER'];
	
	if(isset($_POST['mailtemplate']) && $_POST['mailtemplate'] != "")
		writetemplate($_POST['mailtemplate']);
	else {
		if(isset($_POST['mailtemplatehtml']) && $_POST['mailtemplatehtml'] != "") {
			$headers = 'MIME-Version: 1.0' . "\r\n";
			$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
			writetemplate($_POST['mailtemplatehtml']);
		}
		else
			writestandard();
	}
	$headers .= "From: $fromemail" . "\r\n";
	if(isset($_POST['ccrecipient']) && $_POST['ccrecipient'] != ""){
		$ccemail = $_POST['ccrecipient'];
		$headers .= "Cc: $ccemail" . "\r\n";
		}
	if(isset($_POST['bccrecipient']) && $_POST['bccrecipient'] != ""){
		$bccemail = $_POST['bccrecipient'];
		$headers .= "Bcc: $bccemail" . "\r\n";
		}
	sendit();
	redirect();
	
	function checkrequired() {
		global $recipients, $subject, $phone, $fax, $email,$redirectURL, $message, $srequired, $urequired;
		// Check for all script required fields
		foreach($srequired as $req) {
			$req = trim($req);
			if(!isset($_POST[$req]))
				missingfield($req);
		}
		// Check for all user required fields
		if(isset($_POST['required'])) {
			$urequired = split(",", "recipient, " . $_POST['required']);
			foreach($urequired as $req) {
				$req = trim($req);
				if($req == "email" && isset($_POST[$req]) && !validemail($_POST[$req]))
					bademail($_POST[$req]);
				else
					if(!isset($_POST[$req]) || trim($_POST[$req]) == "")
						missingfield($req);
			}
		}
	}
	
	function sendit() {
		global $recipients, $subject, $message, $fromemail, $headers, $smtpHost, $smtpUser, $smtpPass, $smtpEnable;
		foreach($recipients as $to) {
			if($smtpEnable == 1){
				require_once "Mail.php";

				$headers = array ('From' => $fromemail, 'To' => $to, 'Subject' => $subject);
				$smtp = Mail::factory('smtp', array ('host' => $host, 'auth' => true, 'username' => $smtpUser, 'password' => $smtpPass));

				$mail = $smtp->send($to, $headers, $message);

				if (PEAR::isError($mail)) errormsg($mail->getMessage());
			}
			elseif($smtpEnable == 0){
				if(trim($to) != "")
					mail(trim($to), stripslashes($subject), stripslashes($message), $headers);
			}
		}
	}
	
	function writestandard() {
		global $message, $theDomain;
		$message="Here is the information collected:\n\n";
		foreach($_POST as $varname => $varval) {
			if(is_array($varval)) $varval = implode(", ",$varval);
			if(!exclude($varname)) {
				$message .= "$varname: ";
				if(count($varval) > 1) {
					for($i = 0; $i < count($varval); $i++)
						if($i < count($varval) - 1)
							$message .= "$varval[$i], ";
						else
							$message .= "$varval[$i]";
				} else {
					$message .= "$varval";
				}
				$message .= "\n";
			}
		}
	}

	function writetemplate($thefile) {
		global $message, $theDomain;
		$thearray = Array();
	    if($fp = @fopen($thefile, 'r')) {
	        while($data = fgets($fp, 1024)) {
				$data = chop($data);
				foreach($_POST as $varname => $varval) {
					if(is_array($varval)) $varval = implode(", ",$varval);
					$data = str_replace("[$varname]", $varval, $data);
				}
				$message .= $data . "\n";
            }
			fclose($fp);
        }
	}

	function redirect() {
		global $redirectURL;
		header("Location: " . $redirectURL);
	}

	function exclude($theVar) {
		$req = false;
		global $excludeFields;
		foreach($excludeFields as $field) {
			$field = trim($field);
			if(strcmp(strtolower($field), strtolower($theVar)) == 0)
				$req = true;
		}		
		return $req;
	}
	function checkreferal() {
		global $referals, $theDomain;
		$valid = false;
		foreach($referals as $ref) {
			$ref = trim($ref);
			if(strcmp($theDomain, $ref) == 0) {
				$valid = true;
				break;
			}
		}
		if(!$valid)
			badreferer($theDomain);
	}
	function errormail($errormsg) {
		if (validemail($errorTo)) mail($errorTo, 'Error on Accu-Trim Form', $errormsg, $headers);
	}
	function fillrecipients() {
		global $recipients;
		$recipients = split(",", $_POST['recipient']);
	}

	function missingfield($field) {
		writeStyles();
		echo "<h4>Missing Required Field</h4>\n";
		echo "<p>";
		echo "The Missing Field:";
		echo "<strong>$field</strong>";
		echo "</p>";
		errormail("The Missing Field:".$field);
		exit; 
	}
	function badreferer($ref) {
		writeStyles();
		echo "<h4>Bad Referer</h4>\n";
		echo "<p>";
		echo "This domain is not authorized for use of this script:";
		echo "<strong>$ref</strong>";
		echo "</p>";
		errormail("This domain is not authorized for use of this script:".$ref);
		exit; 
	}
	function bademail($email) {
		writeStyles();
		echo "<h4>Bad EMail Address</h4>";
		echo "<p>";
		echo "The email address you provided is not a valid email address:";
		echo "<strong>$email</strong>";
		echo "</p>";
		errormail("The email address you provided is not a valid email address:".$email);
		exit; 
	}
	function errormsg($msg) {
		writeStyles();
		echo "<h4>An Error Has Occured</h4>";
		echo "<p>";
		echo "<strong>$msg</strong>";
		echo "</p>";
		errormail("An Error Has Occured:".$msg);
		exit; 
	}
	function getdomain($url) {
		$host = parse_url($url, PHP_URL_HOST);
		$host = preg_replace("(www\.)","",$host);
		return $host;
		#preg_match("/^(http:\/\/)?([^\/]+)/i", $url, $matches);
		#$host = $matches[2];
		#preg_match("/[^\.\/]+\.[^\.\/]+$/", $host, $matches);
		#return $matches[0];
	}
	function validemail($email) {
		// define a regular expression for "normal" addresses
		$normal = "^[a-z0-9_\+-]+(\.[a-z0-9_\+-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*\.([a-z]{2,4})$"; 
		// define a regular expression for "strange looking" but syntactically valid addresses
		$validButRare = "^[a-z0-9,!#\$%&'\*\+/=\?\^_`\{\|}~-]+(\.[a-z0-9,!#\$%&'\*\+/=\?\^_`\{\|}~-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*\.([a-z]{2,})$";
		if (eregi($normal, $email)) return true;
		else if (eregi($validButRare, $email)) return true;
		else return false;
	}
	function writeStyles() {
		global $errMsgStyle, $errDetStyle;
		echo "<style type=\"text/css\">";
		echo "h4 {";
		echo $errMsgStyle;
		echo "}";
		echo "p {";
		echo $errDetStyle;
		echo "}";
		echo "</style>";
		
	}
?>