// send an email to Water Dude from a visitor
ob_start();
$typer = "Water";
$myEmail="waterfilterdude@waterfilterdude.com";
$nogoogle=1;
$mytitle=$typer." Dude Mail";
$mykeys="";
$mydesc=$typer." Dude Mail";
$hidHeading="Send Mail";
$visHeading="";
$mypage=$_SERVER["SCRIPT_NAME"];
// data sanitization patterns to validate user input
// these are for Server-side validation - client-side validation should be done as well
function CheckStr($myString,$myPattern)
{
extract($GLOBALS);
if (!isset($myString))
{
if ($myPattern==$integerPat) $CheckStr=0;
else $CheckStr="";
}
else
{
$tmpstring=trim($myString);
$tmpstring=str_replace("'","''",$tmpstring);
$tmpstring=str_replace("\"","''''",$tmpstring);
$tmpstring=str_replace("\\'","'",$tmpstring);
$tmpstring=str_replace("--",":",$tmpstring);
if (preg_match($myPattern, $tmpstring)) $CheckStr=$tmpstring;
else
{
if ($myPattern==$integerPat) $CheckStr=0;
else $CheckStr="";
}
}
return $CheckStr;
}
// // matches any character - at least one char long
$anyPat="/^([\s\S\w\W]*$){1}/";
// // matches e-mail addresses anything@anything.anything or blank
$mailPat="/^(((\w|\.|-)*\@(\w|\.|-)*\.\w{2,3})$){1}/";
print "".
"".
"
".
"".
"
".$visHeading."
";
function mailok($str2)
{
extract($GLOBALS);
if (strlen($str2)<5) return false;
$tick=strlen($str2);
for ($i=1; $i<=strlen($str2); $i=$i+1) { if (substr($str2,$i-1,1)==chr(64)) $tick=$i; }
if ($tick==strlen($str2)) return false;
for ($i=$tick; $i<=strlen($str2); $i=$i+1) { if (substr($str2,$i-1,1)==chr(46)) return true; }
return false;
}
$frommail=$_POST["frommail"];
if ($frommail=="" || !isset($frommail)) $frommail=$_GET["frommail"];
$subject=$_POST["subject"];
if ($subject=="" || !isset($subject)) $subject=$_GET["subject"];
$body=$_POST["body"];
if ($body=="" || !isset($body)) $body=$_GET["body"];
$subject=str_replace("\\","",$subject);
$body=str_replace("\\","",$body);
$body=str_replace("\"",""",$body);
if ($_GET["sendit"] =="confirmed") $sendit = "confirmed";
if ($_POST["sendit"] =="confirmed") $sendit = "confirmed";
if ($_GET["sendit"] =="yes") $sendit = "yes";
if ($_POST["sendit"] =="yes") $sendit = "yes";
if ( $sendit == "yes")
{
?>
I can not email a reply to:
echo $frommail; ?>
unless that is your correct email address.
|
}
if ( $sendit =="confirmed")
{
$frommail=CheckStr($frommail,$mailPat);
if (eregi("\r",$frommail) || eregi("\n",$frommail)) die("error in sending mail");
if (eregi("MIME-Version: ", $subject.$body.$frommail)) die('error in sending mail');
$subject=CheckStr($subject,$anyPat);
$subject=str_replace("''","'",$subject);
$body=CheckStr($body,$anyPat);
$body=str_replace("''","'",$body);
$body=str_replace(""","\"",$body);
if (!mailok($frommail))
{
print "
".
"You must supply your valid return email address |
";
}
else
{
$header = "Return-Path: ".$frommail."\r\n";
$header .= "X-Sender: ".$frommail."\r\n";
$header .= "From: ".$frommail."\r\n";
$header .= "X-Mailer:PHP 5.1\r\n";
$header .= "MIME-Version: 1.0\r\n";
mail($myEmail, substr($typer." - ".$subject,0,100), substr($body,0,5000), $header);
print "
Thank you for your message. The ".$typer." Dude will receive it shortly.
";
}
// from mailok
}
if (( $sendit != "confirmed" && $sendit != "yes" ) || !mailok($frommail))
{
?>
I DO value your feedback and questions.
I will respond to questions as best I can and as quickly as I can.
|
Please enter your mail below.
}
include("includes/foot.html");
?>