X-Git-Url: https://jasonwoof.com/gitweb/?p=wfpl-cms.git;a=blobdiff_plain;f=contact.php;h=ff5cb42706dadc50a47b3260246f6007507e80cd;hp=00176d7f4b68c32e7fcfa52f854f7624181ba211;hb=HEAD;hpb=abf27e3dd23a8fb52d766be615ebaa19a9dfc389

diff --git a/contact.php b/contact.php
index 00176d7..ff5cb42 100644
--- a/contact.php
+++ b/contact.php
@@ -5,84 +5,116 @@
 # SETUP
 
 # To send results by e-mail, all you have to do is set your e-mail address here:
-$GLOBALS['contact_form_recipient'] = 'fixme@example.com';
-$GLOBALS['contact_robot_answer'] = 1002;
+$GLOBALS['contact_to'] = 'fixme@example.com';
+$GLOBALS['contact_from'] = 'noreply@example.com';
+$GLOBALS['contact_cc'] = '';
+$GLOBALS['contact_subject'] = '';
 
 
-require_once(DOCROOT . 'inc/wfpl/format.php');
-require_once(DOCROOT . 'inc/wfpl/email.php');
+require_once(__DIR__.'/'.'inc/wfpl/format.php');
+require_once(__DIR__.'/'.'inc/wfpl/email.php');
+
+# generate a new random 16-character string
+function contact_new_field_key() {
+    $character_set = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+    $id = "                ";
+
+    # PHP 4.2.0 and up seed the random number generator for you.
+    # Lets hope that it seeds with something harder to guess than the clock.
+    for($i = 0; $i < 16; ++$i) {
+        $id{$i} = $character_set{mt_rand(0, 61)};
+    }
+
+    return $id;
+}
 
 function contact_get_fields() {
-	$data = array();
+    $data = array();
+
 
-	$data['name'] = format_oneline(_REQUEST_cut('name'));
-	$data['email'] = format_email(_REQUEST_cut('email'));
-	$data['robot'] = format_oneline(_REQUEST_cut('robot'));
-	$data['comments'] = format_unix(_REQUEST_cut('comments'));
+    $data['name'] = format_oneline(_REQUEST_cut('name'));
+    $data['comments'] = format_unix(_REQUEST_cut('comments'));
 
-	return $data;
+    $fields = _REQUEST_cut('fields');
+    if (preg_match('/^[a-zA-Z0-9]{32}$/', $fields)) {
+        $data['robot'] = format_oneline(_REQUEST_cut(substr($fields, 0, 16)));
+        $data['email'] = format_email(_REQUEST_cut(substr($fields, 16)));
+    }
+
+    return $data;
 }
 
 
 function contact_main() {
-	return contact_main_form();
+    return contact_main_form();
 }
 
-function contact_main_form($id = false) {
-	$robot_correct = "" . $GLOBALS['contact_robot_answer'];
-	$robot_minus_one = "" . ($GLOBALS['contact_robot_answer'] - 1);
-	$robot_plus_one = "" . ($GLOBALS['contact_robot_answer'] + 1);
-	tem_set('robot_minus_one', $robot_minus_one);
-	tem_set('robot_plus_one', $robot_plus_one);
-
-	if(isset($_POST['name'])) {
-		$data = contact_get_fields();
-		$host = this_host();
-
-		if(!$data['name'] && !$data['email'] && !$data['comments']) {
-			// message("you didn't fill anything out")
-		} elseif($data['robot'] !== $robot_correct) {
-			message("Please type $robot_correct into the Robot Barrier field");
-		} else {
-			if($GLOBALS['contact_form_recipient'] != 'fixme@example.com') {
-				$to = $GLOBALS['contact_form_recipient'];
-				$from = "$host/contact <noreply@cmstest.com>";
-				$reply_to = $to;
-				if(isset($data['email']) and valid_email($data['email'])) {
-					$reply_to = $data['email'];
-					if($data['name'] and ereg('^[a-zA-Z0-9_\' -]*$', $data['name']) !== false) {
-						$reply_to = "$data[name] <$reply_to>";
-					}
-				}
-				$subject = "Your message via $host/contact";
-				$email_template = new tem();
-				$email_template->load('contact.email.txt');
-				$email_template->sets($data);
-				$email_template->set('$host', $host);
-				$message = $email_template->run();
-				$cc = '';
-				$bcc = '';
-				if(email($from, $to, $subject, $message, $reply_to, $cc, $bcc)) {
-					message('Due to an internal error, your message could not be sent. Please try again later.');
-					$error = true;
-				} else {
-					message('Message sent');
-				}
-			}
-			if($error !== true) {
-				# FIXME create this page or change this to go elsewhere
-				return './contact_thanks';
-			}
-		}
-		# otherwise, we display the form again. We've got the form field
-		# values in $data and will put those back in the filds below. You
-		# should add some message asking people to fix their entry in
-		# whatever way you require.
-	} else {
-		# form not submitted, you can set default values like so:
-		#$data = array('name' => 'Yes');
-		$data = array();
-	}
-
-	tem_set('form', $data);
+function contact_main_form() {
+    if (isset($_POST['name'])) {
+        $data = contact_get_fields();
+        $host = this_host();
+
+        # gj robot, you did it ;)
+        if ($data['robot'] !== '') {
+            return './contact_thanks';
+        }
+
+        if (!$data['name'] && !$data['email'] && !$data['comments']) {
+            // message("you didn't fill anything out")
+        } elseif (!$data['email']) {
+            message("Error: Please fill out the email field.");
+        } else {
+            $error = false;
+            if ($data['robot'] === '' && $GLOBALS['contact_to'] != 'fixme@example.com') {
+                $to = $GLOBALS['contact_to'];
+                if ($GLOBALS['contact_from'] === '') {
+                    $from = "$host/contact <noreply@$host>";
+                } else {
+                    $from = $GLOBALS['contact_from'];
+                }
+                $reply_to = $to;
+                if (isset($data['email']) and valid_email($data['email'])) {
+                    $reply_to = $data['email'];
+                    if ($data['name'] and preg_match('/^[a-zA-Z0-9_\'. -]*$/', $data['name']) !== false) {
+                        $reply_to = "$data[name] <$reply_to>";
+                    }
+                }
+                if ($GLOBALS['contact_subject'] === '') {
+                    $subject = "Your message via $host/contact";
+                } else {
+                    $subject = $GLOBALS['contact_subject'];
+                }
+                $email_template = new tem();
+                $email_template->load('contact.email.txt');
+                $email_template->sets($data);
+                $email_template->set('$host', $host);
+                $message = $email_template->run();
+                $cc = $GLOBALS['contact_cc'];
+                $bcc = '';
+                if (email($from, $to, $subject, $message, $reply_to, $cc, $bcc)) {
+                    message('Due to an internal error, your message could not be sent. Please try again later.');
+                    $error = true;
+                } else {
+                    message('Message sent');
+                }
+            }
+            if ($error !== true) {
+                # FIXME create this page or change this to go elsewhere
+                return './contact_thanks';
+            }
+        }
+        # otherwise, we display the form again. We've got the form field
+        # values in $data and will put those back in the filds below. You
+        # should add some message asking people to fix their entry in
+        # whatever way you require.
+    } else {
+        # form not submitted, you can set default values like so:
+        #$data = array('name' => 'Yes');
+        $data = array();
+    }
+
+    $data['robot_field'] = contact_new_field_key();
+    $data['email_field'] = contact_new_field_key();
+
+    tem_set('form', $data);
 }