<?
/*
##############################################################################
# PLEASE DO NOT REMOVE THIS HEADER!!!
#
# COPYRIGHT NOTICE
#
# FormMail.php v5.0
# Copyright 2000-2004 Ai Graphics and Joe Lumbroso (c) All rights reserved.
# Created 07/06/2000 Last Modified 10/28/2003
# Joseph Lumbroso, [URL]http://www.aigraphics.com[/URL], [URL]http://www.dtheatre.com[/URL]
# [URL]http://www.dtheatre.com/scripts/[/URL]
##############################################################################
#
# This cannot and will not be inforced but I would appreciate a link back
# to any of these sites:
# [URL]http://www.dtheatre.com[/URL]
# [URL]http://www.aigraphics.com[/URL]
# [URL]http://www.dtheatre.com/scripts/[/URL]
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
#
##############################################################################
*/
// for ultimate security, use this instead of using the form
$recipient = "name@domain.de"; // [EMAIL="youremail@domain.com"]youremail@domain.com[/EMAIL]
// bcc emails (separate multiples with commas (,))
$bcc = "";
// referers.. domains/ips that you will allow forms to
// reside on.
$referers = array ('www.your-domain.de');
// banned emails, these will be email addresses of people
// who are blocked from using the script (requested)
$banlist = array ('bastard@domain.de');
// field / value seperator
define("SEPARATOR", ($separator)?$separator:": ");
// content newline
define("NEWLINE", ($newline)?$newline:"\n");
// formmail version (for debugging mostly)
define("VERSION", "5.0");
// our mighty error function..
function print_error($reason,$type = 0) {
build_body($title, $bgcolor, $text_color, $link_color, $vlink_color, $alink_color, $style_sheet);
// for missing required data
if ($type == "missing") {
if ($missing_field_redirect) {
header("Location: $missing_field_redirect?error=$reason");
exit;
} else {
?>
The form was not submitted for the following reasons:<p>
<ul><?
echo $reason."\n";
?></ul>
Please use your browser's back button to return to the form and try again.<?
}
} else { // every other error
?>
The form was not submitted because of the following reasons:<p>
<?
}
echo "<br><br>\n";
echo "<small>This form is powered by <a href=\"http://www.dtheatre.com/scripts/\">Jack's Formmail.php ".VERSION."</a></small>\n\n";
exit;
}
// function to check the banlist
// suggested by a whole lot of people.. Thanks
function check_banlist($banlist, $email) {
if (count($banlist)) {
$allow = true;
foreach($banlist as $banned) {
$temp = explode("@", $banned);
if ($temp[0] == "*") {
$temp2 = explode("@", $email);
if (trim(strtolower($temp2[1])) == trim(strtolower($temp[1])))
$allow = false;
} else {
if (trim(strtolower($email)) == trim(strtolower($banned)))
$allow = false;
}
}
}
if (!$allow) {
print_error("You are using from a <b>banned email address.</b>");
}
}
// function to check the referer for security reasons.
// contributed by some one who's name got lost.. Thanks
// goes out to him any way.
function check_referer($referers) {
if (count($referers)) {
$found = false;
$temp = explode("/",getenv("HTTP_REFERER"));
$referer = $temp[2];
if ($referer=="") {$referer = $_SERVER['HTTP_REFERER'];
list($remove,$stuff)=split('//',$referer,2);
list($home,$stuff)=split('/',$stuff,2);
$referer = $home;
}
for ($x=0; $x < count($referers); $x++) {
if (eregi ($referers[$x], $referer)) {
$found = true;
}
}
if ($referer =="")
$found = false;
if (!$found){
print_error("You are coming from an <b>unauthorized domain.</b>");
error_log("[FormMail.php] Illegal Referer. (".getenv("HTTP_REFERER").")", 0);
}
return $found;
} else {
return true; // not a good idea, if empty, it will allow it.
}
}
if ($referers)
check_referer($referers);
if ($banlist)
check_banlist($banlist, $email);
// This function takes the sorts, excludes certain keys and
// makes a pretty content string.
function parse_form($array, $sort = "") {
// build reserved keyword array
$reserved_keys[] = "MAX_FILE_SIZE";
$reserved_keys[] = "required";
$reserved_keys[] = "redirect";
$reserved_keys[] = "require";
$reserved_keys[] = "path_to_file";
$reserved_keys[] = "recipient";
$reserved_keys[] = "subject";
$reserved_keys[] = "sort";
$reserved_keys[] = "style_sheet";
$reserved_keys[] = "bgcolor";
$reserved_keys[] = "text_color";
$reserved_keys[] = "link_color";
$reserved_keys[] = "vlink_color";
$reserved_keys[] = "alink_color";
$reserved_keys[] = "title";
$reserved_keys[] = "missing_fields_redirect";
$reserved_keys[] = "env_report";
$reserved_keys[] = "submit";
if (count($array)) {
if (is_array($sort)) {
foreach ($sort as $field) {
$reserved_violation = 0;
for ($ri=0; $ri<count($reserved_keys); $ri++)
if ($array[$field] == $reserved_keys[$ri]) $reserved_violation = 1;
if ($reserved_violation != 1) {
if (is_array($array[$field])) {
for ($z=0;$z<count($array[$field]);$z++)
$content .= $field.SEPARATOR.$array[$field][$z].NEWLINE;
} else
$content .= $field.SEPARATOR.$array[$field].NEWLINE;
}
}
}
while (list($key, $val) = each($array)) {
$reserved_violation = 0;
for ($ri=0; $ri<count($reserved_keys); $ri++)
if ($key == $reserved_keys[$ri]) $reserved_violation = 1;
for ($ri=0; $ri<count($sort); $ri++)
if ($key == $sort[$ri]) $reserved_violation = 1;
// prepare content
if ($reserved_violation != 1) {
if (is_array($val)) {
for ($z=0;$z<count($val);$z++)
$content .= $key.SEPARATOR.$val[$z].NEWLINE;
} else
$content .= $key.SEPARATOR.$val.NEWLINE;
}
}
}
return $content;
}