I'm trying to find the security code in this php for a mailer.
Please could you tell me which parts of the code I need to delete to remove this.
Thanks for your help
<?php
$adminemail = 'info#blue.co.uk'; // type your actual email address in place of you#yourdomain.com
$usesecimage = ''; // the path to a WSN Links, Gallery, KB or Forum install if you wish to borrow its security image prompt
$autoresponse = ''; // type the URL of a text file which should be used as the autoresponder body text
$controlvars = ' thankspage submitteremail ccsubmitter messagetosubmitter ';
$messagetoadmin = "A user has filled out a form with this content:
";
if (!isset($_POST['messagetosubmitter'])) $messagetosubmitter = "You have submitted a form with the content listed below. Your submission will be reviewed, please be patient in awaiting a response.
";
else $messagetosubmitter = $_POST['messagetosubmitter'];
while(list($key, $value) = each($_POST))
{
if (!stristr($controlvars, ' '. $key .' '))
{
$messagetoadmin .= $key .': '. $value .'
';
$messagetosubmitter .= $key .': '. $value .'
';
}
}
$submitter = $_POST['submitteremail'];
if ($submitter == '') $submitter = 'info#innco.uk';
if (strstr($submitter, "\n") || strlen($submitter) > 50) die("Begone, foul spammer.");
if ($usesecimage)
{
$curr_path = getcwd();
chdir($usesecimage); // Go to the WSN directory
require 'start.php';
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
$correct = securityimagevalue($seed);
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
chdir($curr_path); // Return to original directory
}
session_start();
if(empty($_POST['TermsOfBusiness']))
{
error_reporting(0);
echo "You must agree to our Terms of Business. Please <a href='javascript: history.go(-1)'>click here</a> to return to the form";
}
elseif(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
mail("$adminemail, kat#cat.com", 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetoadmin), 'From: '. $submitter);
unset($_SESSION['security_code']);
} else {
error_reporting(0);
echo "The security code you entered was incorrect, please click the back button on your browser to try again.";
}
if ($_POST['ccsubmitter'] == 'yes')
{
mail($submitteremail, 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetosubmitter), 'From: '. $adminemail);
}
if ($autoresponse != '')
{
$body = geturl($autoresponse);
mail($submitteremail, 'Re: '. stripslashes($_POST['subject']), stripslashes($body), 'From: '. $adminemail);
}
header('Location: '. $_POST['thankspage']);
// just in case redirect doesn't work
die('<meta http-eqiv="refresh" content="0;url='. $_POST['thankspage'] .'">');
if (!function_exists('geturl'))
{
function geturl($url)
{
if (extension_loaded('curl'))
{
$user_agent = 'Mozilla/4.0 (compatible; MSIE 6.02; PHP)';
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt ($ch, CURLOPT_HEADER, false);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_TIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
$result = curl_exec ($ch);
curl_close ($ch);
// curl_error($ch); // for debugging
return $result;
}
if (version_compare("4.3.0", phpversion(), "<"))
{
$filecontents = #file_get_contents($url);
}
else
{
$fd = #fopen($url, 'rb');
$filecontents = "";
do
{
$data = #fread($fd, 8192);
if (strlen($data) == 0)
{
break;
}
$filecontents .= $data;
} while(true);
#fclose ($fd);
}
return $filecontents;
}
}
?>
The binary-search method can be used here, which starts like this:
Delete the bottom half of the file; check: Did that contain the "security code"?
No: Delete the top half of the file; check: Did that contain the "security code"?
No: Retest-assumption: Are you sure the security code is in this file?
Once you've found which half the "security code" is in:
Delete the bottom half of that half of the file; check: Did that contain the "security code"?
No: Delete the top half of that half of the file; check: Did that contain the "security code"?
No: Retest-assumption: Are you sure the security code is in this half of this file?
Repeat until you have found the line (or lines) that you are interested in.
remove this :)
EDIT: the elseif.. wasn't showing as code, corrected.
elseif(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
mail("$adminemail, kat#cat.com", 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetoadmin), 'From: '. $submitter);
unset($_SESSION['security_code']);
} else {
error_reporting(0);
echo "The security code you entered was incorrect, please click the back button on your browser to try again.";
}
and this (by Cameron Conner)
if ($usesecimage)
{
$curr_path = getcwd();
chdir($usesecimage); // Go to the WSN directory
require 'start.php';
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
$correct = securityimagevalue($seed);
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
chdir($curr_path); // Return to original directory
}
so, your file should stay like this:
<?php
$adminemail = 'info#blueriverwm.co.uk'; // type your actual email address in place of you#yourdomain.com
$usesecimage = ''; // the path to a WSN Links, Gallery, KB or Forum install if you wish to borrow its security image prompt
$autoresponse = ''; // type the URL of a text file which should be used as the autoresponder body text
$controlvars = ' thankspage submitteremail ccsubmitter messagetosubmitter ';
$messagetoadmin = "A user has filled out a form with this content:
";
if (!isset($_POST['messagetosubmitter'])) $messagetosubmitter = "You have submitted a form with the content listed below. Your submission will be reviewed, please be patient in awaiting a response.
";
else $messagetosubmitter = $_POST['messagetosubmitter'];
while(list($key, $value) = each($_POST))
{
if (!stristr($controlvars, ' '. $key .' '))
{
$messagetoadmin .= $key .': '. $value .'
';
$messagetosubmitter .= $key .': '. $value .'
';
}
}
$submitter = $_POST['submitteremail'];
if ($submitter == '') $submitter = 'info#innco.uk';
if (strstr($submitter, "\n") || strlen($submitter) > 50) die("Begone, foul spammer.");
session_start();
if(empty($_POST['TermsOfBusiness']))
{
error_reporting(0);
echo "You must agree to our Terms of Business. Please <a href='javascript: history.go(-1)'>click here</a> to return to the form";
}
if ($_POST['ccsubmitter'] == 'yes')
{
mail($submitteremail, 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetosubmitter), 'From: '. $adminemail);
}
if ($autoresponse != '')
{
$body = geturl($autoresponse);
mail($submitteremail, 'Re: '. stripslashes($_POST['subject']), stripslashes($body), 'From: '. $adminemail);
}
header('Location: '. $_POST['thankspage']);
// just in case redirect doesn't work
die('<meta http-eqiv="refresh" content="0;url='. $_POST['thankspage'] .'">');
if (!function_exists('geturl'))
{
function geturl($url)
{
if (extension_loaded('curl'))
{
$user_agent = 'Mozilla/4.0 (compatible; MSIE 6.02; PHP)';
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt ($ch, CURLOPT_HEADER, false);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_TIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
$result = curl_exec ($ch);
curl_close ($ch);
// curl_error($ch); // for debugging
return $result;
}
if (version_compare("4.3.0", phpversion(), "<"))
{
$filecontents = #file_get_contents($url);
}
else
{
$fd = #fopen($url, 'rb');
$filecontents = "";
do
{
$data = #fread($fd, 8192);
if (strlen($data) == 0)
{
break;
}
$filecontents .= $data;
} while(true);
#fclose ($fd);
}
return $filecontents;
}
}
?>
Expanding on CuSS's answer.. This is unnecessary as well.
if ($usesecimage)
{
$curr_path = getcwd();
chdir($usesecimage); // Go to the WSN directory
require 'start.php';
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
$correct = securityimagevalue($seed);
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
chdir($curr_path); // Return to original directory
}
Related
I use the following to convert a doc file to pdf in PHP:
function CallToApi($fileToConvert, $pathToSaveOutputFile, $apiKey, &$message,$unique_filename)
{
try
{
$fileName = $unique_filename.".pdf";
$postdata = array('OutputFileName' => $fileName, 'ApiKey' => $apiKey, 'file'=>"#".$fileToConvert);
$ch = curl_init("http://do.convertapi.com/word2pdf");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
$result = curl_exec($ch);
$headers = curl_getinfo($ch);
$header=ParseHeader(substr($result,0,$headers["header_size"]));
$body=substr($result, $headers["header_size"]);
curl_close($ch);
if ( 0 < $headers['http_code'] && $headers['http_code'] < 400 )
{
// Check for Result = true
if (in_array('Result',array_keys($header)) ? !$header['Result']=="True" : true)
{
$message = "Something went wrong with request, did not reach ConvertApi service.<br />";
return false;
}
// Check content type
if ($headers['content_type']<>"application/pdf")
{
$message = "Exception Message : returned content is not PDF file.<br />";
return false;
}
$fp = fopen($pathToSaveOutputFile.$fileName, "wbx");
fwrite($fp, $body);
$message = "The conversion was successful! The word file $fileToConvert converted to PDF and saved at $pathToSaveOutputFile$fileName";
return true;
}
else
{
$message = "Exception Message : ".$result .".<br />Status Code :".$headers['http_code'].".<br />";
return false;
}
}
catch (Exception $e)
{
$message = "Exception Message :".$e.Message."</br>";
return false;
}
}
I now want to use the same to convert a ppt to pdf. For which I change
$ch = curl_init("http://do.convertapi.com/word2pdf");
to
$ch = curl_init("http://do.convertapi.com/PowerPoint2Pdf");
but I am not sure why it isnt converting the given input. Is there something that I may be missing?
It's due to PHP 5.6.
You need to add this line to your code as well
curl_setopt($ch, CURLOPT_SAFE_UPLOAD, false);
See:Backward incompatible changes (at the bottom).
I am using the following code to get user's IP and get it sent to my email address (I'm using a third party email API):
<?php
$ip1 = $_SERVER['REMOTE_ADDR'];
$ip2 = $_SERVER['HTTP_X_FORWARDED_FOR']
$ip3 = $_SERVER['HTTP_FORWARDED'];
$ua = $_SERVER['HTTP_USER_AGENT'];
$to = 'abc#xyz.com';
$sub = 'test';
$msg = "$ip1, $ip2 and $ip3 on $ua \n ...other texts...";
$post = "key=blah&to=$to&sub=$sub&msg=$msg";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://example.com');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURL_POSTFIELDS, $post);
curl_setopt($ch, CURL_RETURNTRANSFER, 1);
$mailres = curl_exec ($ch);
?>
The API just retrieves the $_POST data and uses mail() to send email.
But when I execute the code I get the mail with the user's IP stored in $ip1 only. For eg, if user's IP is 1.1.1.1 then I get only:
1.1.1.1,
No user agent and other texts are sent.What could be the problem?
try this way first, just to be sure that you debug something real:
$text = '';
if (isset($_SERVER['REMOTE_ADDR'])) {
$text .= $_SERVER['REMOTE_ADDR'].', ';
} else {
$text .= 'NO _SERVER[\'REMOTE_ADDR\'] HERE, ';
}
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$text .= $_SERVER['HTTP_X_FORWARDED_FOR'].', ';
} else {
$text .= 'NO _SERVER[\'HTTP_X_FORWARDED_FOR\'] HERE, ';
}
if (isset($_SERVER['HTTP_FORWARDED'])) {
$text .= $_SERVER['HTTP_FORWARDED'].', ';
} else {
$text .= 'NO _SERVER[\'HTTP_FORWARDED\'] HERE, ';
}
if (isset($_SERVER['HTTP_USER_AGENT'])) {
$text .= ' on '.$_SERVER['HTTP_USER_AGENT'].', ';
} else {
$text .= 'NO _SERVER[\'HTTP_USER_AGENT\'] HERE, ';
}
$text .= "\n ...other texts...";
mail ($to, $sub, $text );
but with curl it should be:
$post = array("key"=>'blah',
'to'=>$to,
'sub'=>$sub,
'msg'=>$msg);
and
curl_setopt($ch, CURL_POSTFIELDS, json_encode($post));
Here is my code, I have two cURL statements in the same program. The first one uses $ch and second uses $ch1. The problem is first one is getting executed and showing the output but second one does nothing.
<?php
include ('DBconnect.php');
if (isset($_POST['submit'])) {
$verified = "1";
$error = array();
if (empty($_POST['name'])) {
$error[] = 'I am sure you have a name!';
}
else {
$name = $_POST['name'];
}
if (empty($_POST['phone'])) {
$error[] = 'Please enter your phone number with country code';
}
else {
$Phone = $_POST['phone'];
}
if (empty($_POST['Password'])) {
$error[] = 'Please choose a password ';
}
else {
$Password = $_POST['Password'];
}
if (empty($error)) //send to Database if there's no error '
{ // If everything's OK...
// Make sure the phone number is available:
$query_verify_phone = "SELECT * FROM members WHERE Phone ='$Phone'";
$result_verify_phone = mysqli_query($dbc, $query_verify_phone);
if (!$result_verify_phone) { //if the Query Failed ,similar to if($result_verify_phone==false)
echo ' Database Error Occured ';
}
if (mysqli_num_rows($result_verify_phone) == 0) { // IF no previous user is using this phone number.
$query_insert_user = "INSERT INTO `members` ( `Name`, `Phone`, `Password`, `Verified`) VALUES ( '$name', '$Phone', '$Password', '$verified')";
$result_insert_user = mysqli_query($dbc, $query_insert_user);
if (!$result_insert_user) {
echo 'Query Failed ';
}
if (mysqli_affected_rows($dbc) == 1) { //If the Insert Query was successfull.
$customerToken = "TOKEN HERE";
$clientTransactionId = rand(55555, 77777);
$duration = "180";
$countryCode = "91";
$z2vToken = "TOKEN HERE";
$postData = array(
'customerToken' => $customerToken,
'clientTransactionId' => $clientTransactionId,
'callerid' => $Phone,
'duration' => $duration,
'countryCode' => $countryCode,
'z2vToken' => $z2vToken,
);
// create post body
$post_body = '';
foreach($postData as $key => $value) {
$post_body.= urlencode($key) . '=' . urlencode($value) . '&';
}
$post_body = rtrim($post_body, '&');
// Initialize CURL data to send via POST to the API
// FIRST ONE CURL REQUEST- WORKING
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://www.zipdial.com/z2v/startTransaction.action");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_body);
// Execute CURL command and return into variable ch
$string = curl_exec($ch);
curl_close($ch);
$json = json_decode($string);
// now the json has been decoded
// echo "Please do a missed call on: ";
// echo "<img src=' ".$json->img."'>";
$pf = 'fl' . uniqid();
$un = uniqid($pf);
$fpl = 'img' . $un . '.png';
file_put_contents($fpl, file_get_contents($json->img));
Everything above goes fine but the second curl request is not working:
// EVERYTHING ABOVE GOES FINE. BELOW IS SECOND REQUEST- NOT WORKING
$url = "https://api.idolondemand.com/1/api/sync/ocrdocument/v1";
$post = array(
'apikey' => "MY KEY HERE",
'url' => "http://site.ext/users/$fpl",
'mode' => "document_photo"
);
$ch1 = curl_init();
curl_setopt($ch1, CURLOPT_URL, $url);
curl_setopt($ch1, CURLOPT_POST, 1);
curl_setopt($ch1, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch1, CURLOPT_RETURNTRANSFER, 1);
$ocr = curl_exec($ch1);
$jsonocr = json_decode($ocr, true);
$textblock = $jsonocr['text'][0];
echo '<div class="success">Please give a missed call to ' . $textblock['text'] . ' from your registered phone number to activate account. </div>';
curl_close($ch1);
}
else { // If it did not run OK.
echo '<div class="errormsgbox">You could not be registered due to a system error. We apologize for any inconvenience.</div>';
}
}
else { // The phone number is not available.
echo '<div class="errormsgbox" >That phone number has already been registered. </div>';
}
}
else { //If the "error" array contains error msg , display them
echo '<div class="errormsgbox"> <ol>';
foreach($error as $key => $values) {
echo ' <li>' . $values . '</li>';
}
echo '</ol></div>';
}
mysqli_close($dbc); //Close the DB Connection
} // End of the main Submit conditional.
?>
I can make request to second curl request manually from my browser and it works but it isn't working here. What's wrong?
I think you get this error when you dump curl_error($ch1) :
Unknown SSL protocol error in connection to api.idolondemand.com
You can add this line when you curl https if you have no sensitive transiting data :
curl_setopt($ch1, CURLOPT_SSL_VERIFYPEER, false);
Here is the code which works for me :
$ch1 = curl_init();
curl_setopt($ch1, CURLOPT_URL, $url);
curl_setopt($ch1, CURLOPT_POST, 1);
curl_setopt($ch1, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch1, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch1, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch1, CURLOPT_SSL_VERIFYHOST, 1);
$ocr = curl_exec($ch1);
var_dump($ocr);
var_dump(curl_error($ch1));
When I do this, I get :
string(97) "{ "message": "Unknown API key", "detail": { "error": 2002, "key": "MY KEY HERE" } }" string(0) ""
I have set VERIFYPEER to false and VERIFYHOST to 1 and it worked.
I'm wanted to read a rss feed and store it.for this I m using:-
<?php
$homepage = file_get_contents('http://www.forbes.com/news/index.xml');
$xml = simplexml_load_string($homepage);
echo '<pre>';
print_r($xml);
?>
but first I want to check
1.URL is valid or not ,means if its response time of
$homepage = file_get_contents('http://www.forbes.com/news/index.xml');
is less than 1 minutes and the url address is correct
2.Then check the File(http://www.forbes.com/news/index.xml) have a valid XML data or not.
if valid XML then show response time else show error.
answer Of MY QUESTION:
Thanks everybody for your help and suggestion.I solved this problem. for this I wrote this code
<?php
// function() for valid XML or not
function XmlIsWellFormed($xmlContent, $message) {
libxml_use_internal_errors(true);
$doc = new DOMDocument('1.0', 'utf-8');
$doc->loadXML($xmlContent);
$errors = libxml_get_errors();
if (empty($errors))
{
return true;
}
$error = $errors[ 0 ];
if ($error->level < 3)
{
return true;
}
$lines = explode("r", $xmlContent);
$line = $lines[($error->line)-1];
$message = $error->message . ' at line ' . $error->line . ': ' . htmlentities($line);
return false;
}
//function() for checking URL is valid or not
function Visit($url){
$agent = $ch=curl_init();
curl_setopt ($ch, CURLOPT_URL,$url );
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch,CURLOPT_VERBOSE,false);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch,CURLOPT_SSLVERSION,3);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST, FALSE);
$page=curl_exec($ch);
//echo curl_error($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if($httpcode>=200 && $httpcode<300) return true;
else return false;
}
$url='http://www.forbes.com/news/index.xml';
if (Visit($url)){
$xmlContent = file_get_contents($url);
$errorMessage = '';
if (XmlIsWellFormed($xmlContent, $errorMessage)) {
echo 'xml is valid';
$xml = simplexml_load_string($xmlContent);
echo '<pre>';
print_r($xml);
}
}
?>
If the url is not valid file_get_contents would fail.
To check if the xml is valid
simplexml_load_string(file_get_contents('http://www.forbes.com/news/index.xml'))
That would return true if its and would fail entirely if it isn't.
if(simplexml_load_string(file_get_contents('http://www.forbes.com/news/index.xml'))){
echo "yeah";
}else { echo "nah";}
This page has a snippet with a validator for a URL using regular expressions. The function and usage:
function isValidURL($url)
{
return preg_match('|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $url);
}
if(!isValidURL($fldbanner_url))
{
$errMsg .= "* Please enter valid URL including http://<br>";
}
if (!filter_var('anyurl',FILTER_VALIDATE_URL))
echo "Wrong url";
end;
http://php.net/manual/en/filter.filters.validate.php
Hi I'm trying to add some another field to this php contact form
I have a checkbox for "do you agree to our terms of business", but how do I add another one for opt in for Marketing.
Thanks for your help
Regards
Judi
<?php
$adminemail = 'lis#blue.co.uk'; // type your actual email address in place of you#yourdomain.com
$usesecimage = ''; // the path to a WSN Links, Gallery, KB or Forum install if you wish to borrow its security image prompt
$autoresponse = ''; // type the URL of a text file which should be used as the autoresponder body text
$controlvars = ' thankspage submitteremail ccsubmitter messagetosubmitter ';
$messagetoadmin = "A user has filled out a form with this content:
";
if (!isset($_POST['messagetosubmitter'])) $messagetosubmitter = "You have submitted a form with the content listed below. Your submission will be reviewed, please be patient in awaiting a response.
";
else $messagetosubmitter = $_POST['messagetosubmitter'];
while(list($key, $value) = each($_POST))
{
if (!stristr($controlvars, ' '. $key .' '))
{
$messagetoadmin .= $key .': '. $value .'
';
$messagetosubmitter .= $key .': '. $value .'
';
}
}
$submitter = $_POST['submitteremail'];
if ($submitter == '') $submitter = 'enquiry#blue.co.uk';
if (strstr($submitter, "\n") || strlen($submitter) > 50) die("Begone, foul spammer.");
if ($usesecimage)
{
$curr_path = getcwd();
chdir($usesecimage); // Go to the WSN directory
require 'start.php';
if (isset($_REQUEST['seed'])) $seed = $_REQUEST['seed']; else $seed = false;
$correct = securityimagevalue($seed);
if (strtolower($_POST['securityimage']) != $correct) die("You did not type the value from the image correctly. Press the back button.");
chdir($curr_path); // Return to original directory
}
session_start();
if(empty($_POST['TermsOfBusiness']))
{
error_reporting(0);
echo "You must agree to our Terms of Business. Please <a href='javascript: history.go(-1)'>click here</a> to return to the form";
}
elseif(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
mail("$adminemail, terry#blue.co.uk", 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetoadmin), 'From: '. $submitter);
unset($_SESSION['security_code']);
} else {
error_reporting(0);
echo "The security code you entered was incorrect, please click the back button on your browser to try again.";
}
if ($_POST['ccsubmitter'] == 'yes')
{
mail($submitteremail, 'Form Submitted: '. stripslashes($_POST['subject']), stripslashes($messagetosubmitter), 'From: '. $adminemail);
}
if ($autoresponse != '')
{
$body = geturl($autoresponse);
mail($submitteremail, 'Re: '. stripslashes($_POST['subject']), stripslashes($body), 'From: '. $adminemail);
}
header('Location: '. $_POST['thankspage']);
// just in case redirect doesn't work
die('<meta http-eqiv="refresh" content="0;url='. $_POST['thankspage'] .'">');
if (!function_exists('geturl'))
{
function geturl($url)
{
if (extension_loaded('curl'))
{
$user_agent = 'Mozilla/4.0 (compatible; MSIE 6.02; PHP)';
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_USERAGENT, $user_agent);
curl_setopt ($ch, CURLOPT_HEADER, false);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_TIMEOUT, 15); // timeout after 5 seconds
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
$result = curl_exec ($ch);
curl_close ($ch);
// curl_error($ch); // for debugging
return $result;
}
if (version_compare("4.3.0", phpversion(), "<"))
{
$filecontents = #file_get_contents($url);
}
else
{
$fd = #fopen($url, 'rb');
$filecontents = "";
do
{
$data = #fread($fd, 8192);
if (strlen($data) == 0)
{
break;
}
$filecontents .= $data;
} while(true);
#fclose ($fd);
}
return $filecontents;
}
}
?>
if(empty($_POST['TermsOfBusiness']))
{
error_reporting(0);
echo "You must agree to our Terms of Business. Please click here to return to the form";
}
This block checks Terms of Business as required. You can simply duplicate it while changing the input's name:
if(empty($_POST['Marketing']))
{
error_reporting(0);
echo "(Place here your text for Marketing checkbox validation). Please click here to return to the form";
}
this is not the inputform, this script handles the input from the form.