# SETUP
# To send results by e-mail, all you have to do is set your e-mail address here:
-$GLOBALS['contact_form_recipient'] = 'fixme@example.com';
-$GLOBALS['contact_robot_answer'] = 1002;
+$GLOBALS['contact_to'] = 'fixme@example.com';
+$GLOBALS['contact_from'] = 'noreply@example.com';
+$GLOBALS['contact_cc'] = '';
+$GLOBALS['contact_subject'] = '';
-require_once(INC_WFPL . 'format.php');
-require_once(INC_WFPL . 'email.php');
+require_once(__DIR__.'/'.'inc/wfpl/format.php');
+require_once(__DIR__.'/'.'inc/wfpl/email.php');
+
+# generate a new random 16-character string
+function contact_new_field_key() {
+ $character_set = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+ $id = " ";
+
+ # PHP 4.2.0 and up seed the random number generator for you.
+ # Lets hope that it seeds with something harder to guess than the clock.
+ for($i = 0; $i < 16; ++$i) {
+ $id{$i} = $character_set{mt_rand(0, 61)};
+ }
+
+ return $id;
+}
function contact_get_fields() {
- $data = array();
+ $data = array();
+
- $data['name'] = format_oneline(_REQUEST_cut('name'));
- $data['email'] = format_email(_REQUEST_cut('email'));
- $data['robot'] = format_oneline(_REQUEST_cut('robot'));
- $data['comments'] = format_unix(_REQUEST_cut('comments'));
+ $data['name'] = format_oneline(_REQUEST_cut('name'));
+ $data['comments'] = format_unix(_REQUEST_cut('comments'));
- return $data;
+ $fields = _REQUEST_cut('fields');
+ if (preg_match('/^[a-zA-Z0-9]{32}$/', $fields)) {
+ $data['robot'] = format_oneline(_REQUEST_cut(substr($fields, 0, 16)));
+ $data['email'] = format_email(_REQUEST_cut(substr($fields, 16)));
+ }
+
+ return $data;
}
function contact_main() {
- return contact_main_form();
+ return contact_main_form();
}
-function contact_main_form($id = false) {
- $robot_correct = "" . $GLOBALS['contact_robot_answer'];
- $robot_minus_one = "" . ($GLOBALS['contact_robot_answer'] - 1);
- $robot_plus_one = "" . ($GLOBALS['contact_robot_answer'] + 1);
- tem_set('robot_minus_one', $robot_minus_one);
- tem_set('robot_plus_one', $robot_plus_one);
-
- if(isset($_POST['name'])) {
- $data = contact_get_fields();
- $host = this_host();
-
- if(!$data['name'] && !$data['email'] && !$data['comments']) {
- // message("you didn't fill anything out")
- } elseif($data['robot'] !== $robot_correct) {
- message("Please type $robot_correct into the Robot Barrier field");
- } else {
- if($GLOBALS['contact_form_recipient'] != 'fixme@example.com') {
- $to = $GLOBALS['contact_form_recipient'];
- $from = "$host/contact <noreply@cmstest.com>";
- $reply_to = $to;
- if(isset($data['email']) and valid_email($data['email'])) {
- $reply_to = $data['email'];
- if($data['name'] and ereg('^[a-zA-Z0-9_\' -]*$', $data['name']) !== false) {
- $reply_to = "$data[name] <$reply_to>";
- }
- }
- $subject = "Your message via $host/contact";
- $email_template = new tem();
- $email_template->load('contact.email.txt');
- $email_template->sets($data);
- $email_template->set('$host', $host);
- $message = $email_template->run();
- $cc = '';
- $bcc = '';
- if(email($from, $to, $subject, $message, $reply_to, $cc, $bcc)) {
- message('Due to an internal error, your message could not be sent. Please try again later.');
- $error = true;
- } else {
- message('Message sent');
- }
- }
- if($error !== true) {
- # FIXME create this page or change this to go elsewhere
- return './contact_thanks';
- }
- }
- # otherwise, we display the form again. We've got the form field
- # values in $data and will put those back in the filds below. You
- # should add some message asking people to fix their entry in
- # whatever way you require.
- } else {
- # form not submitted, you can set default values like so:
- #$data = array('name' => 'Yes');
- $data = array();
- }
-
- tem_set('form', $data);
+function contact_main_form() {
+ if (isset($_POST['name'])) {
+ $data = contact_get_fields();
+ $host = this_host();
+
+ # gj robot, you did it ;)
+ if ($data['robot'] !== '') {
+ return './contact_thanks';
+ }
+
+ if (!$data['name'] && !$data['email'] && !$data['comments']) {
+ // message("you didn't fill anything out")
+ } elseif (!$data['email']) {
+ message("Error: Please fill out the email field.");
+ } else {
+ $error = false;
+ if ($data['robot'] === '' && $GLOBALS['contact_to'] != 'fixme@example.com') {
+ $to = $GLOBALS['contact_to'];
+ if ($GLOBALS['contact_from'] === '') {
+ $from = "$host/contact <noreply@$host>";
+ } else {
+ $from = $GLOBALS['contact_from'];
+ }
+ $reply_to = $to;
+ if (isset($data['email']) and valid_email($data['email'])) {
+ $reply_to = $data['email'];
+ if ($data['name'] and preg_match('/^[a-zA-Z0-9_\'. -]*$/', $data['name']) !== false) {
+ $reply_to = "$data[name] <$reply_to>";
+ }
+ }
+ if ($GLOBALS['contact_subject'] === '') {
+ $subject = "Your message via $host/contact";
+ } else {
+ $subject = $GLOBALS['contact_subject'];
+ }
+ $email_template = new tem();
+ $email_template->load('contact.email.txt');
+ $email_template->sets($data);
+ $email_template->set('$host', $host);
+ $message = $email_template->run();
+ $cc = $GLOBALS['contact_cc'];
+ $bcc = '';
+ if (email($from, $to, $subject, $message, $reply_to, $cc, $bcc)) {
+ message('Due to an internal error, your message could not be sent. Please try again later.');
+ $error = true;
+ } else {
+ message('Message sent');
+ }
+ }
+ if ($error !== true) {
+ # FIXME create this page or change this to go elsewhere
+ return './contact_thanks';
+ }
+ }
+ # otherwise, we display the form again. We've got the form field
+ # values in $data and will put those back in the filds below. You
+ # should add some message asking people to fix their entry in
+ # whatever way you require.
+ } else {
+ # form not submitted, you can set default values like so:
+ #$data = array('name' => 'Yes');
+ $data = array();
+ }
+
+ $data['robot_field'] = contact_new_field_key();
+ $data['email_field'] = contact_new_field_key();
+
+ tem_set('form', $data);
}
Got questions, comments, patches, etc.? Contact Jason Woofenden