and */ $thank_you_message = <<

Thank you for your referral. Please look around, and see what Masterfolio can do for you.

EOD; /* URL to be redirected to after the form is submitted. If this is specified, then the above message will not be shown and user will be redirected to this page after the form is submitted */ /* Example: $thank_you_url = 'http://www.yourwebsite.com/thank_you.html'; */ $thank_you_url = ''; //$thank_you_url = 'http://www.masterfolio.com/company/thankyou_email.html'; /******************************************************************************* * Do not change anything below, unless of course you know very well * what you are doing :) *******************************************************************************/ $name = array('Name','name',NULL,NULL); $email = array('Email','email',NULL,NULL,NULL); $subject = array('Subject','subject',NULL,NULL); $message = array('Message','message',NULL,NULL); $code = array('Code','captcha_code',NULL,NULL,NULL); $error_message = ''; if (!isset($_POST['submit'])) { showForm(); } else { //form submitted $error = 0; if(!empty($_POST['name'])) { $name[2] = clean_var($_POST['name']); if (function_exists('htmlspecialchars')) $name[2] = htmlspecialchars($name[2], ENT_QUOTES); } else { $error = 1; $name[3] = 'color:#FF0000;'; } if(!empty($_POST['to'])) { $to = clean_var($_POST['to']); if (function_exists('htmlspecialchars')) $to = htmlspecialchars($to, ENT_QUOTES); } else { $error = 1; $name[3] = 'color:#FF0000;'; } if(!empty($_POST['email'])) { $email[2] = clean_var($_POST['email']); if (!validEmail($email[2])) { $error = 1; $email[3] = 'color:#FF0000;'; $email[4] = 'Invalid email'; } } else { $error = 1; $email[3] = 'color:#FF0000;'; } if(!empty($_POST['subject'])) { $subject[2] = clean_var($_POST['subject']); if (function_exists('htmlspecialchars')) $subject[2] = htmlspecialchars($subject[2], ENT_QUOTES); } else { $error = 1; $subject[3] = 'color:#FF0000;'; } if(!empty($_POST['message'])) { $message[2] = clean_var($_POST['message']); if (function_exists('htmlspecialchars')) $message[2] = htmlspecialchars($message[2], ENT_QUOTES); } else { $error = 1; $message[3] = 'color:#FF0000;'; } if(empty($_POST['captcha_code'])) { $error = 1; $code[3] = 'color:#FF0000;'; } else { include SECUREMAIL."/securimage.php"; // include $_SERVER['DOCUMENT_ROOT']."/class/securimage.php"; $securimage = new Securimage(); $valid = $securimage->check($_POST['captcha_code']); if(!$valid) { $error = 1; $code[3] = 'color:#FF0000;'; $code[4] = 'Incorrect code'; } } if ($error == 1) { $error_message = 'Please correct/enter field(s) in red.'; showForm(); } else { if (function_exists('htmlspecialchars_decode')) $to = htmlspecialchars_decode($to, ENT_QUOTES); if (function_exists('htmlspecialchars_decode')) $name[2] = htmlspecialchars_decode($name[2], ENT_QUOTES); if (function_exists('htmlspecialchars_decode')) $subject[2] = htmlspecialchars_decode($subject[2], ENT_QUOTES); if (function_exists('htmlspecialchars_decode')) $message[2] = htmlspecialchars_decode($message[2], ENT_QUOTES); $message = "$name[0]: $name[2]\r\n$email[0]: $email[2]\r\n\r\n$message[0]:\r\n$message[2]\r\n"; if (!$from) $from_value = $email[2]; else $from_value = $from; $headers = "From: $from_value" . "\r\n" . "Reply-To: $email[2]" . "\r\n" . "bcc: $bccMail"; // $headers = "From: $from_value" . "\r\n" . "Reply-To: $email[2]"; mail($to,"$subject_prefix - $subject[2]", $message, $headers); if (!$thank_you_url) { include $header_file; echo $GLOBALS['thank_you_message']; echo "\n"; include $footer_file; } else { header("Location: $thank_you_url"); } } } //else submitted function showForm() { global $name, $email, $subject, $message, $code, $header_file, $footer_file, $form_width, $form_background, $form_border_color, $form_border_width, $form_border_style, $cell_padding, $left_col_width, $font_size; include $header_file; echo $GLOBALS['error_message']; echo <<

{$name[0]}
{$to}	{to eMail:}
{$email[0]}	{$email[4]}
{$subject[0]}
{$message[0]}	{$message[2]}

{$code[0]}	{$code[4]} Please enter the text shown in the image above. It is NOT case sensitive. Click here to refresh the image
All fields are required.

EOD; include $footer_file; } function clean_var($variable) { $variable = strip_tags(stripslashes(trim(rtrim($variable)))); return $variable; } /** Email validation function. Thanks to http://www.linuxjournal.com/article/9585 */ function validEmail($email) { $isValid = true; $atIndex = strrpos($email, "@"); if (is_bool($atIndex) && !$atIndex) { $isValid = false; } else { $domain = substr($email, $atIndex+1); $local = substr($email, 0, $atIndex); $localLen = strlen($local); $domainLen = strlen($domain); if ($localLen < 1 || $localLen > 64) { // local part length exceeded $isValid = false; } else if ($domainLen < 1 || $domainLen > 255) { // domain part length exceeded $isValid = false; } else if ($local[0] == '.' || $local[$localLen-1] == '.') { // local part starts or ends with '.' $isValid = false; } else if (preg_match('/\\.\\./', $local)) { // local part has two consecutive dots $isValid = false; } else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)) { // character not valid in domain part $isValid = false; } else if (preg_match('/\\.\\./', $domain)) { // domain part has two consecutive dots $isValid = false; } else if (!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', str_replace("\\\\","",$local))) { // character not valid in local part unless // local part is quoted if (!preg_match('/^"(\\\\"|[^"])+"$/', str_replace("\\\\","",$local))) { $isValid = false; } } if ($isValid && function_exists('checkdnsrr')) { if (!(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))) { // domain not found in DNS $isValid = false; } } } return $isValid; } ?>