-
Notifications
You must be signed in to change notification settings - Fork 0
/
contact.php
103 lines (76 loc) · 2.91 KB
/
contact.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
<?php
//Page Initializers
ini_set('display_errors', 1);
error_reporting(E_ALL);
date_default_timezone_set('US/Pacific');
//Include global variables - information that does not change regardless of current page
include('includes/global_var.php');
//Page Specific Variables and Functions
define("TITLE", "Contact");
//Include header (important - contains opening <body> tag)
include('includes/header.php');
//Body Contents
?>
<?php
//check for header injection attempt by looking matching an input form string to a regex
function has_header_injection($str)
{
return preg_match("/[\r\n]/", $str); //Look for a line break in case someone
//tries to enter several emails
}
if (isset($_POST['contact-submit'])) //contact-submit is the name of the sbmit button
{
$name = trim($_POST['name']); //We create values using the name attributes of each form object
$email = trim($_POST['email']);
$message = $_POST['msg'];
//check to see if $name or $email have header injections
if (has_header_injection($name) || has_header_injection($email))
{
die();
}
//check to see if name or email are empty
if (!$name || ! $email)
{
echo "<h4>what's wrong with you? I need those fields</h4>";
exit; //Takes the form away
}
//Add the recipient email to a variable
$mailto = "[email protected]";
//Create a subject
$subject = "$name sent you a message via your contact form.";
//Construct the message
$message = "Name: $name\r\n"; // \r\n is a line break
$message .= "Email: $email\r\n";
$message .= "Message: \r\n$message";
//Check if the sender checked the subscribe button
if (isset($_POST['subscribe']) && $_POST['subscribe']=="Subscribe?")
{
$message .= "\r\n\r\nPlease add $email to the list.\r\n";
}
$message = wordwrap($message, 72); //Wraps the message to 72 characters per line.
//set mail headers into a variable
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/plain; charset=iso-8859-1\r\n";
$headers .= "From: $name <$email>\r\n";
$headers .= "X-Priority: 1\r\n"; //makes sure this goes to inbox , not your spam
$headers .= "X-MSMail-Priority: High\r\n\r\n";
//Send the email
mail($mailto, $subject, $message, $headers);
}
?>
<h1>Contact me</h1>
<form method="post" action="" id="contact-form">
<label for="name">Name</label>
<input type="text" id="name" name="name"></input>
<label for="email">Email</label>
<input type="text" id="email" name="email"></input>
<label for="message">Your message</label>
<textarea id="message" name="msg"></textarea>
<label for="subscribe">Subscribe?</label>
<input type="checkbox" id="subscribe" name="subscribe"></input>
<input type="submit" value="submit" name="contact-submit"></input>
</form>
<?php
//Include footer (important - contains closing </body> tag)
include('includes/footer.php');
?>