");
if ($err_array[$fieldname]) {
print ("
");
}else{
print (" | ");
}
}
function check_required($required,$fieldname){
global $err_array;
if (in_array($fieldname,$required)){
if ($_POST[$fieldname] == ""){
$err_array[$fieldname] = "Sorry $fieldname is required. ";
}
}
return $err_array;
}
if (!function_exists("stripos")) {
function stripos($str,$needle,$offset=0)
{
return strpos(strtolower($str),strtolower($needle),$offset);
}
}
if ($submit){
// do some testing?
if ($email != "" ){
$email = trim($email);
if(!ereg("([_a-z0-9A-Z\d\-\.]+@[_a-z0-9A-Z\d\-]+(\.[_a-z0-9A-Z\d\-]+)+)",$email,$regs)){
$err_array[email] = "Sorry your email address ($email) doesn't appear to be valid ";
}
}
$nasties[] = "Content-Type:";
$nasties[] = "To:";
$nasties[] = "Cc:";
$nasties[] = "Bcc:";
// lets check all the fields
foreach ($_POST as $key => $value){
$$key = $value;
// Annoying URL spams in comments any field
$http = substr_count($value, "http");
$href = substr_count($value, "href");
$url = substr_count($value, "[url");
if ($http > 1 OR $href > 1 OR $url > 1){
$err_array[$key] = "Sorry That looks a bit spammy. Rewrite it please. $key - $http $href $url";
}
foreach($nasties as $nasty){
if(stripos($value,$nasty) !== FALSE){
// die or report
$err_array[$key] = "Error No need for $nasty in $key.";
}
}
// Check if the field is required
check_required($required,$key);
}
// hard coded testing list form fields for CR and LF characters - all the fields that SHOULDN'T have them in
if (eregi("\r",$crlftest) || eregi("\n",$crlftest)){
// die or report
$err_array[] = "Error One of more fields has a suspect content.";
}
if (eregi_replace("\?.*", "", $HTTP_REFERER) != $SCRIPT_URI){
// referer could be masked or via a translation script such as via google, so use at your own risk
// die or report
$err_array[] = "Error Referer is not from this page. Your form can not be sent. Please contact via the email link below.";
}
$err_count = count($err_array);
if ($err_count != 0){
print ("Please correct the $err_count error(s): ");
while (list($index,$value) = each($err_array)){
print ("$value ");
}
print (" ");
}
if ($err_count == 0){// no errors send message
reset($HTTP_POST_VARS);
foreach ($_POST as $key => $value){
$$key = $value;
$message .= "$key:\n$value\n\n";
}
if($send_server_data){
$message .= "\n\nSERVER:\n";
foreach ($_SERVER as $key => $value){
$$key = $value;
$message .= "$key:\n$value\n\n";
}
}
$email_headers = "From: $email\n";
@mail($email_to, $email_subject, $message, $email_headers);
print ("Thank you $name. ");
}
}
if (!$submit OR $err_count != "0"){
print ("Please use the form to send us a message. ");
}
print ("");
?>
$encoded");
?>
|