<?php
/**
* @author: Erik Roelofs
* @created: 4 jan 2009
* @email:
erik@ruigekonijnen.nl
* @desc: This simple script allows users to make simple contact forms, using a .txt template file.
*/
// make sure data is sent in.
if ( $_SERVER['REQUEST_METHOD'] !== 'POST' || !isset ( $_POST['template'] ) ) {
redirect();
}
// make sure the template input is directory safe; no back-skipping.
if ( strpos ( $_POST['template'], '..' ) !== false ) {
// contains a reference to '..', trying to change directories. this is NOT allowed.
redirect();
}
// make sure this template exists
if ( !file_exists ( $_POST['template'] . '.txt' ) ) {
// this appears to be a bad template?
redirect();
}
// recover the template we're going to use
$aTemplate = file ( $_POST['template'] . '.txt' );
// determine the length of the template
$iLengthOfTemplate = count ( $aTemplate );
// at the beginning, we have not yet reached the template itself.
$bTemplate = false;
// these will be the receivers of the mail
$aReceivers = array();
// this is the mail subject
$sSubject = 'Default subject';
// this is the mail template to use.
$sTemplate = 'Default template';
// this is where we send the user after he filled in the contact form
$sGoto = '';
// run over the file to collect the neccesary information
for ( $i = 0 ; $i < $iLengthOfTemplate ; $i++ ) {
$sLineValue = $aTemplate[ $i ];
if ( strpos ( $sLineValue, '>>RECEIVERS>>' ) !== false ) {
// this is the line that shows we are in the receivers section; skip it over.
unset ( $aTemplate[ $i ] );
continue;
}
if ( strpos ( $sLineValue, '>>SUBJECT>>' ) !== false ) {
// we reached the subject.
$sSubject = $aTemplate[ $i + 1 ];
unset ( $aTemplate[ $i ] );
unset ( $aTemplate[ $i + 1 ] );
// move to the next entry; since we need to skip over it
$i++;
$bTemplate = true;
continue;
}
if ( strpos ( $sLineValue, '>>MESSAGE>>' ) !== false ) {
// the message starts here
unset ( $aTemplate[ $i ] );
// we have a real template; so drop the dummy
$sTemplate = '';
$bTemplate = true;
continue;
}
if ( strpos ( $sLineValue, '>>GOTO>>' ) !== false ) {
// this is where we go on a success
$sGoto = $aTemplate[ $i + 1 ];
unset ( $aTemplate[ $i ] );
unset ( $aTemplate[ $i + 1 ] );
// move to the next entry; since we need to skip over it
$i++;
continue;
}
if ( $bTemplate ) {
// this is part of the template
$sTemplate .= $sLineValue;
}
else {
// this is one of the receivers
// strip out whitespace, return, newlines, and spaces.
$sAddress = str_replace ( array ( "\n", "\r", "\t", " " ), '', $sLineValue );
$aReceivers[] = $sAddress;
}
}
// no receivers, means nothing to do? whatever; success!
if ( count ( $aReceivers ) == 0 ) {
success( $sGoto );
}
// get all the keys and values from the form sent in
foreach ( $_POST as $sKey => $sValue ) {
$aSearch[] = '##' . $sKey . '##';
$aReplace[] = $sValue;
}
// replace the markers in the template file with their values
$sTemplate = str_replace ( $aSearch, $aReplace, $sTemplate );
// send the mail to each of these people
foreach ( $aReceivers as $sReceiver ) {
mail ( $sReceiver, $sSubject, $sTemplate );
}
// and we're done.
success( $sGoto );
/**
* Two functions; one to redirect to the main host for bad requests and one to send the user back to the previous page it the mail was sent properly
*/
function redirect () {
header ( 'Location:
http://' . $_SERVER["HTTP_HOST"] . '/' );
exit;
}
function success ( $sGoto ) {
if ( empty ( $sGoto ) ) {
if ( isset ( $_SERVER["HTTP_REFERER"] ) ) {
// determine whether a query string was already present
if ( strpos ( $_SERVER["HTTP_REFERER"], '?' ) !== false ) {
// it was
$sSendTo = $_SERVER["HTTP_REFERER"] . '&sent=true';
}
else {
// it wasn't
$sSendTo = $_SERVER["HTTP_REFERER"] . '?sent=true';
}
}
else {
// no referer? send back to index, then.
$sSendTo = 'http://' . $_SERVER["HTTP_HOST"] . '/?sent=true';
}
}
else {
// the user set a Goto for after the form. go there now.
$sSendTo = $sGoto;
}
header ( 'Location: ' . $sSendTo );
exit;
}
?>
