I am using the following code to get user's IP and get it sent to my email address (I'm using a third party email API):
<?php
$ip1 = $_SERVER['REMOTE_ADDR'];
$ip2 = $_SERVER['HTTP_X_FORWARDED_FOR']
$ip3 = $_SERVER['HTTP_FORWARDED'];
$ua = $_SERVER['HTTP_USER_AGENT'];
$to = 'abc#xyz.com';
$sub = 'test';
$msg = "$ip1, $ip2 and $ip3 on $ua \n ...other texts...";
$post = "key=blah&to=$to&sub=$sub&msg=$msg";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://example.com');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURL_POSTFIELDS, $post);
curl_setopt($ch, CURL_RETURNTRANSFER, 1);
$mailres = curl_exec ($ch);
?>
The API just retrieves the $_POST data and uses mail() to send email.
But when I execute the code I get the mail with the user's IP stored in $ip1 only. For eg, if user's IP is 1.1.1.1 then I get only:
1.1.1.1,
No user agent and other texts are sent.What could be the problem?
try this way first, just to be sure that you debug something real:
$text = '';
if (isset($_SERVER['REMOTE_ADDR'])) {
$text .= $_SERVER['REMOTE_ADDR'].', ';
} else {
$text .= 'NO _SERVER[\'REMOTE_ADDR\'] HERE, ';
}
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$text .= $_SERVER['HTTP_X_FORWARDED_FOR'].', ';
} else {
$text .= 'NO _SERVER[\'HTTP_X_FORWARDED_FOR\'] HERE, ';
}
if (isset($_SERVER['HTTP_FORWARDED'])) {
$text .= $_SERVER['HTTP_FORWARDED'].', ';
} else {
$text .= 'NO _SERVER[\'HTTP_FORWARDED\'] HERE, ';
}
if (isset($_SERVER['HTTP_USER_AGENT'])) {
$text .= ' on '.$_SERVER['HTTP_USER_AGENT'].', ';
} else {
$text .= 'NO _SERVER[\'HTTP_USER_AGENT\'] HERE, ';
}
$text .= "\n ...other texts...";
mail ($to, $sub, $text );
but with curl it should be:
$post = array("key"=>'blah',
'to'=>$to,
'sub'=>$sub,
'msg'=>$msg);
and
curl_setopt($ch, CURL_POSTFIELDS, json_encode($post));
Related
I am trying to implement spam checks for websites, Like I have website A,B,C,D... I am creating a centralized spam check filter say xyz.com/spamcheck.php
I am using CURL to post the data from website A to xyz.com/spamcheck.php
and in my spamcheck.php I am using Akismet Fuspam library to validate it and return the response back to my website A, based on the response from my spamcheck i will decide to send mail or discard.
So far i am not able to post values to my spamcheck.php through CURL and get response back from it.
// DATA PROCESSING
$data = array();
$data['ip'] = get_client_ip();
$data['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
$data['referrer'] = $_SERVER['HTTP_REFERER'];
$data['comment_author'] = $_POST['first_name'];
$data['comment_author_email'] = $_POST['email'];
$data['comment_content'] = $_POST['message'];
$params = json_encode($data);
$url = "https://www.my-spam-check-url.com/spamcheck.php";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); // On dev server only!
$spamResult = curl_exec($ch);
curl_close($ch);
$spamResult = json_decode($spamResult,true);
print_r($spamResult);
I expect the output to be TRUE or FALSE. I am getting Blank response
spamcheck.php
// Include Akismet F-U-Spam function.
include 'includes/akismet.fuspam.php';
// Function to get the client IP address
function get_client_ip() {
$ipaddress = '';
if (isset($_SERVER['HTTP_CLIENT_IP']))
$ipaddress = $_SERVER['HTTP_CLIENT_IP'];
else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
$ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR'];
else if(isset($_SERVER['HTTP_X_FORWARDED']))
$ipaddress = $_SERVER['HTTP_X_FORWARDED'];
else if(isset($_SERVER['HTTP_FORWARDED_FOR']))
$ipaddress = $_SERVER['HTTP_FORWARDED_FOR'];
else if(isset($_SERVER['HTTP_FORWARDED']))
$ipaddress = $_SERVER['HTTP_FORWARDED'];
else if(isset($_SERVER['REMOTE_ADDR']))
$ipaddress = $_SERVER['REMOTE_ADDR'];
else
$ipaddress = 'UNKNOWN';
return $ipaddress;
}
/*API KEY - 123XYZ*/
$comment = array();
$key = "123XYZ";
$type = "check-spam";
/* Get Posted Data from website */
$postedIp = $data['ip'];
$postedUserAgent = $data['user_agent'];
$postedReferrer = $data['referrer'];
$postedcomment_author = $data['comment_author'];
$postedcomment_author_email = $data['comment_author_email'];
$postedcomment_content = $data['comment_content'] ;
/* Data Processing End */
if(empty($postedIp) || $postedIp == 'UNKNOWN' || $postedIp == ''){
$ip = get_client_ip();
}
if(empty($postedUserAgent) || $postedUserAgent == ''){
$user_agent = $_SERVER['HTTP_USER_AGENT'];
}
if(empty($postedReferrer) || $postedReferrer == ''){
$referrer = $_SERVER['HTTP_REFERER'];
}
$permalink = $blog = $authUrl = "https://www.example.net/";
$comment['blog'] = $blog;
$comment['user_ip'] = $ip;
$comment['user_agent'] = $user_agent;
$comment['referrer'] = $referrer;
$comment['permalink'] = $permalink;
$comment['comment_type'] = "ContactUs";
$comment['comment_author'] = $postedcomment_author;
$comment['comment_author_email'] = $postedcomment_author_email;
$comment['comment_author_url'] = $authUrl;
$comment['comment_content'] = $postedcomment_content;
$spamCheckResult = fuspam( $comment , $type , $key );
echo $spamCheckResult;
I am looking at your code, I cant be sure if print_r is how you are checking but if so, keep in mind that:
print_r(true) will output 1, while print_r(false) will output "", blank.
Maybe use var_dump instead for debugging?
BR
If your spamcheck.php is working as per your written code than before echo in last use ob_clean();. so i will remove space or any other before return your actual result.
Here is my code, I have two cURL statements in the same program. The first one uses $ch and second uses $ch1. The problem is first one is getting executed and showing the output but second one does nothing.
<?php
include ('DBconnect.php');
if (isset($_POST['submit'])) {
$verified = "1";
$error = array();
if (empty($_POST['name'])) {
$error[] = 'I am sure you have a name!';
}
else {
$name = $_POST['name'];
}
if (empty($_POST['phone'])) {
$error[] = 'Please enter your phone number with country code';
}
else {
$Phone = $_POST['phone'];
}
if (empty($_POST['Password'])) {
$error[] = 'Please choose a password ';
}
else {
$Password = $_POST['Password'];
}
if (empty($error)) //send to Database if there's no error '
{ // If everything's OK...
// Make sure the phone number is available:
$query_verify_phone = "SELECT * FROM members WHERE Phone ='$Phone'";
$result_verify_phone = mysqli_query($dbc, $query_verify_phone);
if (!$result_verify_phone) { //if the Query Failed ,similar to if($result_verify_phone==false)
echo ' Database Error Occured ';
}
if (mysqli_num_rows($result_verify_phone) == 0) { // IF no previous user is using this phone number.
$query_insert_user = "INSERT INTO `members` ( `Name`, `Phone`, `Password`, `Verified`) VALUES ( '$name', '$Phone', '$Password', '$verified')";
$result_insert_user = mysqli_query($dbc, $query_insert_user);
if (!$result_insert_user) {
echo 'Query Failed ';
}
if (mysqli_affected_rows($dbc) == 1) { //If the Insert Query was successfull.
$customerToken = "TOKEN HERE";
$clientTransactionId = rand(55555, 77777);
$duration = "180";
$countryCode = "91";
$z2vToken = "TOKEN HERE";
$postData = array(
'customerToken' => $customerToken,
'clientTransactionId' => $clientTransactionId,
'callerid' => $Phone,
'duration' => $duration,
'countryCode' => $countryCode,
'z2vToken' => $z2vToken,
);
// create post body
$post_body = '';
foreach($postData as $key => $value) {
$post_body.= urlencode($key) . '=' . urlencode($value) . '&';
}
$post_body = rtrim($post_body, '&');
// Initialize CURL data to send via POST to the API
// FIRST ONE CURL REQUEST- WORKING
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.zipdial.com/z2v/startTransaction.action");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_body);
// Execute CURL command and return into variable ch
$string = curl_exec($ch);
curl_close($ch);
$json = json_decode($string);
// now the json has been decoded
// echo "Please do a missed call on: ";
// echo "<img src=' ".$json->img."'>";
$pf = 'fl' . uniqid();
$un = uniqid($pf);
$fpl = 'img' . $un . '.png';
file_put_contents($fpl, file_get_contents($json->img));
Everything above goes fine but the second curl request is not working:
// EVERYTHING ABOVE GOES FINE. BELOW IS SECOND REQUEST- NOT WORKING
$url = "https://api.idolondemand.com/1/api/sync/ocrdocument/v1";
$post = array(
'apikey' => "MY KEY HERE",
'url' => "http://site.ext/users/$fpl",
'mode' => "document_photo"
);
$ch1 = curl_init();
curl_setopt($ch1, CURLOPT_URL, $url);
curl_setopt($ch1, CURLOPT_POST, 1);
curl_setopt($ch1, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch1, CURLOPT_RETURNTRANSFER, 1);
$ocr = curl_exec($ch1);
$jsonocr = json_decode($ocr, true);
$textblock = $jsonocr['text'][0];
echo '<div class="success">Please give a missed call to ' . $textblock['text'] . ' from your registered phone number to activate account. </div>';
curl_close($ch1);
}
else { // If it did not run OK.
echo '<div class="errormsgbox">You could not be registered due to a system error. We apologize for any inconvenience.</div>';
}
}
else { // The phone number is not available.
echo '<div class="errormsgbox" >That phone number has already been registered. </div>';
}
}
else { //If the "error" array contains error msg , display them
echo '<div class="errormsgbox"> <ol>';
foreach($error as $key => $values) {
echo ' <li>' . $values . '</li>';
}
echo '</ol></div>';
}
mysqli_close($dbc); //Close the DB Connection
} // End of the main Submit conditional.
?>
I can make request to second curl request manually from my browser and it works but it isn't working here. What's wrong?
I think you get this error when you dump curl_error($ch1) :
Unknown SSL protocol error in connection to api.idolondemand.com
You can add this line when you curl https if you have no sensitive transiting data :
curl_setopt($ch1, CURLOPT_SSL_VERIFYPEER, false);
Here is the code which works for me :
$ch1 = curl_init();
curl_setopt($ch1, CURLOPT_URL, $url);
curl_setopt($ch1, CURLOPT_POST, 1);
curl_setopt($ch1, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch1, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch1, CURLOPT_SSL_VERIFYHOST, 1);
$ocr = curl_exec($ch1);
var_dump($ocr);
var_dump(curl_error($ch1));
When I do this, I get :
string(97) "{ "message": "Unknown API key", "detail": { "error": 2002, "key": "MY KEY HERE" } }" string(0) ""
I have set VERIFYPEER to false and VERIFYHOST to 1 and it worked.
I'm new to cURL. I'm trying to send a XML request and get its response as XML to a rest web application in a remote server.
Below is the code I'm trying to send :
<?php
//header("refresh:5;url=form.html");
if(isset($_POST['create_xml'])){
$contact = "contact";
$first_name = $_POST["element_1"];
$last_name = $_POST["element_2"];
$email = $_POST["element_3"];
$country_code=$_POST["element_4_1"];
$contact_number=$_POST["element_4_2"].$_POST["element_4_3"];
$comments = $_POST["element_5"];
//if ($first_name && $last_name && $email && $contact_number && $comments) {
//echo "Thank you for submitting your form. You may submit email service requests to our Support Center at:";
//} else {
//exit("You have not filled out all the required fields. Place hit your back button and fill out all the required fields.");
//}
$xml = '<?xml version="1.0" encoding="UTF-8"?>';
$xml .= "<command>";
$xml .= "ADD_NEW_CONTACT";
$xml .= "</command>";
$xml .= "<data>";
$xml .= "<name>";
$xml .= $first_name.''.$last_name;
$xml .= "</name>";
$xml .= "<username>";
$xml .= $email;
$xml .= "</username>";
$xml .= "<preferredemail>";
$xml .= $email;
$xml .= "</preferredemail>";
$xml .= "<mobile>";
$xml .= "<countrycode>";
$xml .= $country_code;
$xml .= "</countrycode>";
$xml .= "<mobilenumber>";
$xml .= $contact_number;
$xml .= "</mobilenumber>";
$xml .= "</mobile>";
$xml .= "<gender>";
$xml .= "TBD";
$xml .= "</gender>";
$xml .= "</data>";
$xml .= "</groupzsyncreq>";
$xml =htmlentities($xml);
//echo $xml;
/**
* Define POST URL and also payload
*/
define('XML_POST_URL', 'http://www.testapp.com/test?request=');
/**
* Initialize handle and set options
*/
$ch = curl_init();
set_time_limit(0);
curl_setopt($ch, CURLOPT_URL, XML_POST_URL);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 100);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Connection: close'));
/**
* Execute the request and also time the transaction
*/
$start = array_sum(explode(' ', microtime()));
$result = curl_exec($ch);
$stop = array_sum(explode(' ', microtime()));
$totalTime = $stop - $start;
/**
* Check for errors
*/
if ( curl_errno($ch) ) {
$result = 'ERROR -> ' . curl_errno($ch) . ': ' . curl_error($ch);
} else {
$returnCode = (int)curl_getinfo($ch, CURLINFO_HTTP_CODE);
switch($returnCode){
case 404:
$result = 'ERROR -> 404 Not Found';
break;
default:
break;
}
}
/**
* Close the handle
*/
curl_close($ch);
/**
* Output the results and time
*/
echo 'Total time for request: ' . $totalTime . "\n";
echo $result;
/**
* Exit the script
*/
exit(0);
}
?>
Now, when I try to send the XML request from my local system , I get this error
Total time for request: 20.308043956757 ERROR -> 6: Couldn't resolve host 'www.testapp.com'. But, `www.testapp.com` is fine and is up. How to solve this error.
define('XML_POST_URL', 'http://www.testapp.com/test?request=');
I think , this is not complete.
Can you check your end point url under service tag at end of wsdl.
Change this http header as you are using xml
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/xml'));
Also use this curl option for http POST
curl_setopt($ch, CURLOPT_POST, true);
Hi I'm trying to add some another field to this php contact form
I have a checkbox for "do you agree to our terms of business", but how do I add another one for opt in for Marketing.
Thanks for your help
Regards
Judi
<?php
$adminemail = 'lis#blue.co.uk'; // type your actual email address in place of you#yourdomain.com
$usesecimage = ''; // the path to a WSN Links, Gallery, KB or Forum install if you wish to borrow its security image prompt
$autoresponse = ''; // type the URL of a text file which should be used as the autoresponder body text
$controlvars = ' thankspage submitteremail ccsubmitter messagetosubmitter ';
$messagetoadmin = "A user has filled out a form with this content:
";
if (!isset($_POST['messagetosubmitter'])) $messagetosubmitter = "You have submitted a form with the content listed below. Your submission will be reviewed, please be patient in awaiting a response.
";
else $messagetosubmitter = $_POST['messagetosubmitter'];
while(list($key, $value) = each($_POST))
{
if (!stristr($controlvars, ' '. $key .' '))
{
$messagetoadmin .= $key .': '. $value .'
';
$messagetosubmitter .= $key .': '. $value .'
';
}
}
$submitter = $_POST['submitteremail'];
if ($submitter == '') $submitter = 'enquiry#blue.co.uk';
if (strstr($submitter, "\n") || strlen($submitter) > 50) die("Begone, foul spammer.");
if ($usesecimage)
{
$curr_path = getcwd();
chdir($usesecimage); // Go to the WSN directory
require 'start.php';
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
$correct = securityimagevalue($seed);
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
chdir($curr_path); // Return to original directory
}
session_start();
if(empty($_POST['TermsOfBusiness']))
{
error_reporting(0);
echo "You must agree to our Terms of Business. Please <a href='javascript: history.go(-1)'>click here</a> to return to the form";
}
elseif(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
mail("$adminemail, terry#blue.co.uk", 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetoadmin), 'From: '. $submitter);
unset($_SESSION['security_code']);
} else {
error_reporting(0);
echo "The security code you entered was incorrect, please click the back button on your browser to try again.";
}
if ($_POST['ccsubmitter'] == 'yes')
{
mail($submitteremail, 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetosubmitter), 'From: '. $adminemail);
}
if ($autoresponse != '')
{
$body = geturl($autoresponse);
mail($submitteremail, 'Re: '. stripslashes($_POST['subject']), stripslashes($body), 'From: '. $adminemail);
}
header('Location: '. $_POST['thankspage']);
// just in case redirect doesn't work
die('<meta http-eqiv="refresh" content="0;url='. $_POST['thankspage'] .'">');
if (!function_exists('geturl'))
{
function geturl($url)
{
if (extension_loaded('curl'))
{
$user_agent = 'Mozilla/4.0 (compatible; MSIE 6.02; PHP)';
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt ($ch, CURLOPT_HEADER, false);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_TIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
$result = curl_exec ($ch);
curl_close ($ch);
// curl_error($ch); // for debugging
return $result;
}
if (version_compare("4.3.0", phpversion(), "<"))
{
$filecontents = #file_get_contents($url);
}
else
{
$fd = #fopen($url, 'rb');
$filecontents = "";
do
{
$data = #fread($fd, 8192);
if (strlen($data) == 0)
{
break;
}
$filecontents .= $data;
} while(true);
#fclose ($fd);
}
return $filecontents;
}
}
?>
if(empty($_POST['TermsOfBusiness']))
{
error_reporting(0);
echo "You must agree to our Terms of Business. Please click here to return to the form";
}
This block checks Terms of Business as required. You can simply duplicate it while changing the input's name:
if(empty($_POST['Marketing']))
{
error_reporting(0);
echo "(Place here your text for Marketing checkbox validation). Please click here to return to the form";
}
this is not the inputform, this script handles the input from the form.
I'm trying to find the security code in this php for a mailer.
Please could you tell me which parts of the code I need to delete to remove this.
Thanks for your help
<?php
$adminemail = 'info#blue.co.uk'; // type your actual email address in place of you#yourdomain.com
$usesecimage = ''; // the path to a WSN Links, Gallery, KB or Forum install if you wish to borrow its security image prompt
$autoresponse = ''; // type the URL of a text file which should be used as the autoresponder body text
$controlvars = ' thankspage submitteremail ccsubmitter messagetosubmitter ';
$messagetoadmin = "A user has filled out a form with this content:
";
if (!isset($_POST['messagetosubmitter'])) $messagetosubmitter = "You have submitted a form with the content listed below. Your submission will be reviewed, please be patient in awaiting a response.
";
else $messagetosubmitter = $_POST['messagetosubmitter'];
while(list($key, $value) = each($_POST))
{
if (!stristr($controlvars, ' '. $key .' '))
{
$messagetoadmin .= $key .': '. $value .'
';
$messagetosubmitter .= $key .': '. $value .'
';
}
}
$submitter = $_POST['submitteremail'];
if ($submitter == '') $submitter = 'info#innco.uk';
if (strstr($submitter, "\n") || strlen($submitter) > 50) die("Begone, foul spammer.");
if ($usesecimage)
{
$curr_path = getcwd();
chdir($usesecimage); // Go to the WSN directory
require 'start.php';
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
$correct = securityimagevalue($seed);
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
chdir($curr_path); // Return to original directory
}
session_start();
if(empty($_POST['TermsOfBusiness']))
{
error_reporting(0);
echo "You must agree to our Terms of Business. Please <a href='javascript: history.go(-1)'>click here</a> to return to the form";
}
elseif(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
mail("$adminemail, kat#cat.com", 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetoadmin), 'From: '. $submitter);
unset($_SESSION['security_code']);
} else {
error_reporting(0);
echo "The security code you entered was incorrect, please click the back button on your browser to try again.";
}
if ($_POST['ccsubmitter'] == 'yes')
{
mail($submitteremail, 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetosubmitter), 'From: '. $adminemail);
}
if ($autoresponse != '')
{
$body = geturl($autoresponse);
mail($submitteremail, 'Re: '. stripslashes($_POST['subject']), stripslashes($body), 'From: '. $adminemail);
}
header('Location: '. $_POST['thankspage']);
// just in case redirect doesn't work
die('<meta http-eqiv="refresh" content="0;url='. $_POST['thankspage'] .'">');
if (!function_exists('geturl'))
{
function geturl($url)
{
if (extension_loaded('curl'))
{
$user_agent = 'Mozilla/4.0 (compatible; MSIE 6.02; PHP)';
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt ($ch, CURLOPT_HEADER, false);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_TIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
$result = curl_exec ($ch);
curl_close ($ch);
// curl_error($ch); // for debugging
return $result;
}
if (version_compare("4.3.0", phpversion(), "<"))
{
$filecontents = #file_get_contents($url);
}
else
{
$fd = #fopen($url, 'rb');
$filecontents = "";
do
{
$data = #fread($fd, 8192);
if (strlen($data) == 0)
{
break;
}
$filecontents .= $data;
} while(true);
#fclose ($fd);
}
return $filecontents;
}
}
?>
The binary-search method can be used here, which starts like this:
Delete the bottom half of the file; check: Did that contain the "security code"?
No: Delete the top half of the file; check: Did that contain the "security code"?
No: Retest-assumption: Are you sure the security code is in this file?
Once you've found which half the "security code" is in:
Delete the bottom half of that half of the file; check: Did that contain the "security code"?
No: Delete the top half of that half of the file; check: Did that contain the "security code"?
No: Retest-assumption: Are you sure the security code is in this half of this file?
Repeat until you have found the line (or lines) that you are interested in.
remove this :)
EDIT: the elseif.. wasn't showing as code, corrected.
elseif(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
mail("$adminemail, kat#cat.com", 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetoadmin), 'From: '. $submitter);
unset($_SESSION['security_code']);
} else {
error_reporting(0);
echo "The security code you entered was incorrect, please click the back button on your browser to try again.";
}
and this (by Cameron Conner)
if ($usesecimage)
{
$curr_path = getcwd();
chdir($usesecimage); // Go to the WSN directory
require 'start.php';
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
$correct = securityimagevalue($seed);
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
chdir($curr_path); // Return to original directory
}
so, your file should stay like this:
<?php
$adminemail = 'info#blueriverwm.co.uk'; // type your actual email address in place of you#yourdomain.com
$usesecimage = ''; // the path to a WSN Links, Gallery, KB or Forum install if you wish to borrow its security image prompt
$autoresponse = ''; // type the URL of a text file which should be used as the autoresponder body text
$controlvars = ' thankspage submitteremail ccsubmitter messagetosubmitter ';
$messagetoadmin = "A user has filled out a form with this content:
";
if (!isset($_POST['messagetosubmitter'])) $messagetosubmitter = "You have submitted a form with the content listed below. Your submission will be reviewed, please be patient in awaiting a response.
";
else $messagetosubmitter = $_POST['messagetosubmitter'];
while(list($key, $value) = each($_POST))
{
if (!stristr($controlvars, ' '. $key .' '))
{
$messagetoadmin .= $key .': '. $value .'
';
$messagetosubmitter .= $key .': '. $value .'
';
}
}
$submitter = $_POST['submitteremail'];
if ($submitter == '') $submitter = 'info#innco.uk';
if (strstr($submitter, "\n") || strlen($submitter) > 50) die("Begone, foul spammer.");
session_start();
if(empty($_POST['TermsOfBusiness']))
{
error_reporting(0);
echo "You must agree to our Terms of Business. Please <a href='javascript: history.go(-1)'>click here</a> to return to the form";
}
if ($_POST['ccsubmitter'] == 'yes')
{
mail($submitteremail, 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetosubmitter), 'From: '. $adminemail);
}
if ($autoresponse != '')
{
$body = geturl($autoresponse);
mail($submitteremail, 'Re: '. stripslashes($_POST['subject']), stripslashes($body), 'From: '. $adminemail);
}
header('Location: '. $_POST['thankspage']);
// just in case redirect doesn't work
die('<meta http-eqiv="refresh" content="0;url='. $_POST['thankspage'] .'">');
if (!function_exists('geturl'))
{
function geturl($url)
{
if (extension_loaded('curl'))
{
$user_agent = 'Mozilla/4.0 (compatible; MSIE 6.02; PHP)';
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt ($ch, CURLOPT_HEADER, false);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_TIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
$result = curl_exec ($ch);
curl_close ($ch);
// curl_error($ch); // for debugging
return $result;
}
if (version_compare("4.3.0", phpversion(), "<"))
{
$filecontents = #file_get_contents($url);
}
else
{
$fd = #fopen($url, 'rb');
$filecontents = "";
do
{
$data = #fread($fd, 8192);
if (strlen($data) == 0)
{
break;
}
$filecontents .= $data;
} while(true);
#fclose ($fd);
}
return $filecontents;
}
}
?>
Expanding on CuSS's answer.. This is unnecessary as well.
if ($usesecimage)
{
$curr_path = getcwd();
chdir($usesecimage); // Go to the WSN directory
require 'start.php';
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
$correct = securityimagevalue($seed);
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
chdir($curr_path); // Return to original directory
}