Beste mensen, daar ben ik weer,
mijn vrouw en ik vonden ons vorig contact formulier niet voldoen qua functies,
zodoende hebben we het afgelopen weekend zitten stoeien met een nieuw script dat we gevonden hadden op het net., deze hebben we zover als in ons bereik lag aangepast, echter we lopen weervast
waar we tevens bang voor zijn: is het wel veilig?
we hebben een aantal vastlopers:
1 bij dit formulier is het mogeljk om een bijlage toetevoegen, echter deze willen we maximaliseren op 1 mb, dit lukt ons dus niet
2 degene die het contact formulier invult willen we een kopie laten krijgen, van hetgene wat hij heeft ingevult, tevens willen we hem/haar een respons mail laten krijgen. (lukt dus ook niet)
een voobeeld van het werkende script kunt u hier zien:
http://www.lovelysiberians.nl/test/contact.php
de scripts heb ik maar gelijk toegevoegd:
in iedergeval bedankt voor het lezen,
groetjes erik
contact.php
cotact.lib.php
mijn vrouw en ik vonden ons vorig contact formulier niet voldoen qua functies,
zodoende hebben we het afgelopen weekend zitten stoeien met een nieuw script dat we gevonden hadden op het net., deze hebben we zover als in ons bereik lag aangepast, echter we lopen weervast
waar we tevens bang voor zijn: is het wel veilig?
we hebben een aantal vastlopers:
1 bij dit formulier is het mogeljk om een bijlage toetevoegen, echter deze willen we maximaliseren op 1 mb, dit lukt ons dus niet
2 degene die het contact formulier invult willen we een kopie laten krijgen, van hetgene wat hij heeft ingevult, tevens willen we hem/haar een respons mail laten krijgen. (lukt dus ook niet)
een voobeeld van het werkende script kunt u hier zien:
http://www.lovelysiberians.nl/test/contact.php
de scripts heb ik maar gelijk toegevoegd:
in iedergeval bedankt voor het lezen,
groetjes erik
contact.php
PHP:
<?php include_once( "contact.lib.php" ); ?>
<html>
<head>
<title>contact formulier</title>
<meta http-equiv="Content-type" content="text/html; charset=iso-8859-1">
<meta name="keywords" content="Room for the lovely siberians">
<meta name="description" content="Siberische kat">
<style type='text/css'>
.form_title{
color : #000000;
font-size: 13px;
font-family: verdana, Geneva, Arial, Helvetica, sans-serif;
font-weight : bold;
}
.form_field {
font-size : 13px;
font-family : Verdana, Arial, Helvetica, sans-serif;
color : #474747;
font-weight : bold;
text-align:left;
}
.form_text{
font-size : 11px;
font-family : Verdana, Arial, Helvetica, sans-serif;
color : #000000;
}
.text_box{
font-size : 11px;
font-family : Verdana, Arial, Helvetica, sans-serif;
color : #000000;
width:200px;
}
.text_area{
font-size : 11px;
font-family : Verdana, Arial, Helvetica, sans-serif;
color : #000000;
width:200px;
height:60px;
}
.text_select{
font-size : 11px;
font-family : Verdana, Arial, Helvetica, sans-serif;
color : #000000;
}
.form_error{
font-size : 11px;
font-family : Verdana, Arial, Helvetica, sans-serif;
color : #ff0000;
font-weight : bold;
}
.copyright{
font-size : 11px;
font-family : Verdana, Arial, Helvetica, sans-serif;
color : #000000;
}
</style>
</head>
<body marginheight="0" marginwidth="0" leftmargin="0" topmargin="0">
<center>
<meta http-equiv="content-type" content="text/html; charset=">
<!-- Begin: Form Description -->
<br><br><br>
<table cellspacing='16' cellpadding='0' border='0' align='center' ><tr><td>
<font class='form_title'></font>
</td></tr></table>
<!-- End: Your FormMail's Description -->
<!-- Begin: Form -->
<?php
if( !$isHideForm ):
global $sErr ;
if( $sErr ) print "<br><a name='error'></a><center><font class='form_error' >$sErr</font></center><br>";
$starColor = $sErr ? "#ff0000" : "#000000";
$style=" class='form_text' ";
?>
<form name="frmFormMail" action="<?php print PHP_SELF ?>" method='post' enctype='multipart/form-data'>
<input type='hidden' name='formmail_submit' value='Y'>
<input type='hidden' name='esh_formmail_subject' value="mail van de site">
<input type='hidden' name='esh_formmail_return_subject' value="Bedankt voor uw e-mail">
<input type='hidden' name='esh_formmail_return_msg' value="Wij zullen uw bericht zo spoedig mogelijk in behandeling nemen.">
<table cellspacing='16' cellpadding='0' border='0' >
<tr>
<td class="form_field" valign='top' align='right'>Uw Naam </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td>
<td class="form_text">
<input type="text" name="uw_Naam" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "uw_Naam" ] ); ?>" class='text_box'>
</td>
</tr>
<tr>
<td class="form_field" valign='top' align='right'>Uw telefoonnummer </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td>
<td class="form_text">
<input type="text" name="uw_telefoonnummer" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "uw_telefoonnummer" ] ); ?>" class='text_box'>
</td>
</tr>
<tr>
<td class="form_field" valign='top' align='right'>Heeft u huisdieren? </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td>
<td class="form_text">
<input type="checkbox" name="Checkbox01_heeft_u_huisdieren" value="Ja" <?php formChecked( $HTTP_POST_VARS[ "Checkbox01_heeft_u_huisdieren" ], "Ja" ); ?> > Ja<br>
<input type="checkbox" name="Checkbox02_heeft_u_huisdieren" value="Nee" <?php formChecked( $HTTP_POST_VARS[ "Checkbox02_heeft_u_huisdieren" ], "Nee" ); ?> > Nee<br>
</td>
</tr>
<tr>
<td class="form_field" valign='top' align='right'>Zo ja wat dan? </td><td width='10' aligh='right' valign='top'></td>
<td class="form_text">
<input type="text" name="zo_ja_wat_dan" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "zo_ja_wat_dan" ] ); ?>" class='text_box'>
</td>
</tr>
<tr>
<td class="form_field" valign='top' align='right'>Heeft u een cattery? </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td>
<td class="form_text">
<input type="checkbox" name="Checkbox01_heeft_u_een_cattery" value="Ja" <?php formChecked( $HTTP_POST_VARS[ "Checkbox01_heeft_u_een_cattery" ], "Ja" ); ?> > Ja<br>
<input type="checkbox" name="Checkbox02_heeft_u_een_cattery" value="Nee" <?php formChecked( $HTTP_POST_VARS[ "Checkbox02_heeft_u_een_cattery" ], "Nee" ); ?> > Nee<br>
</td>
</tr>
<tr>
<td class="form_field" valign='top' align='right'>Zo ja hoe heet de cattery? </td><td width='10' aligh='right' valign='top'></td>
<td class="form_text">
<input type="text" name="zo_ja_hoe_heet_de_cattery" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "zo_ja_hoe_heet_de_cattery" ] ); ?>" class='text_box'>
</td>
</tr>
<tr>
<td class="form_field" valign='top' align='right'>Uw e-mail adres </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td>
<td class="form_text">
<input type="email" name="uw_e-mail_adres" value="<?php print HtmlSpecialChars( $HTTP_POST_VARS[ "uw_e-mail_adres" ] ); ?>" class='text_box'>
</td>
</tr>
<tr>
<td class="form_field" valign='top' align='right'>Bijlage </td><td width='10' aligh='right' valign='top'></td>
<td class="form_text">
<input type="file" name="bijlage" value="" class='text_box'>
</td>
</tr>
<tr>
<td class="form_field" valign='top' align='right'>Bericht </td><td width='10' aligh='right' valign='top'> <font size='2' color='#ff0000'>*</font> </td>
<td class="form_text">
<textarea name="bericht" rows=5 cols=22 ><?php print HtmlSpecialChars( $HTTP_POST_VARS[ "bericht" ] ); ?></textarea>
</td>
</tr>
<tr><td colspan=3 align='center'><input type='submit' value='Submit'> <input type='button' value='Cancel' onClick="location.href='/';"></td></tr>
</table>
</form>
<!-- End: -->
<?php
if( $sErr ) print "<script language='javascript' type='text/javascript'>location.href='#error';</script>";;;
else: //!$isHideForm
print( "<br><br><hr><center><b>Your form has been sent. Thank you.</b><br><br><input type='button' value='Home' onclick=\"location.href='/';\"></center><br><br>" );
endif; //!$isHideForm
?>
</body>
</html>cotact.lib.php
PHP:
<?php
error_reporting(E_PARSE);
define("ADMIN_MAIL", "exroom@msn.com");
define("HOST_NAME", $_SERVER['HTTP_HOST']);
define("PHP_SELF", $_SERVER['PHP_SELF']);
define("ERR_MISSING", "Missing required field : ");
define("ERR_EMAIL", "Please enter a valid e-mail address : ");
define("ERR_SELECT_UPLOAD", "Please select file : ");// recipient
define('FORM_RECIPIENT', 'exroom@msn.com');
// --- Array of Form Elements ---
$form_mail[] = array( "name" => "uw_Naam", "text" => "Uw Naam", "type" => "text", "required" => "Required" ) ;
$form_mail[] = array( "name" => "uw_telefoonnummer", "text" => "Uw telefoonnummer", "type" => "text", "required" => "Required" ) ;
$form_mail[] = array( "name" => "heeft_u_huisdieren", "text" => "Heeft u huisdieren?", "type" => "checkbox", "required" => "Required" ) ;
$form_mail[] = array( "name" => "zo_ja_wat_dan", "text" => "Zo ja wat dan?", "type" => "text", "required" => "" ) ;
$form_mail[] = array( "name" => "heeft_u_een_cattery", "text" => "Heeft u een cattery?", "type" => "checkbox", "required" => "Required" ) ;
$form_mail[] = array( "name" => "zo_ja_hoe_heet_de_cattery", "text" => "Zo ja hoe heet de cattery?", "type" => "text", "required" => "" ) ;
$form_mail[] = array( "name" => "uw_e-mail_adres", "text" => "Uw e-mail adres", "type" => "email", "required" => "Required" ) ;
$form_mail[] = array( "name" => "bijlage", "text" => "Bijlage", "type" => "attachment", "required" => "" ) ;
$form_mail[] = array( "name" => "bericht", "text" => "Bericht", "type" => "textarea", "required" => "Required" ) ;
// -- Create new vars for checkPass() & sendFormMail() --
$heeft_u_huisdieren = array();
$heeft_u_huisdieren[0]=$HTTP_POST_VARS[ "Checkbox01_heeft_u_huisdieren"];
$heeft_u_huisdieren[1]=$HTTP_POST_VARS[ "Checkbox02_heeft_u_huisdieren"];
$HTTP_POST_VARS[ "heeft_u_huisdieren" ] = join( "\n", $heeft_u_huisdieren);
$heeft_u_een_cattery = array();
$heeft_u_een_cattery[0]=$HTTP_POST_VARS[ "Checkbox01_heeft_u_een_cattery"];
$heeft_u_een_cattery[1]=$HTTP_POST_VARS[ "Checkbox02_heeft_u_een_cattery"];
$HTTP_POST_VARS[ "heeft_u_een_cattery" ] = join( "\n", $heeft_u_een_cattery);
// -- Detech Submit & SendMail --
$isHideForm = false;
if( $HTTP_POST_VARS["formmail_submit"] ){
$sErr = checkPass();
if( ! $sErr ){
sendFormMail( $form_mail, "") ;
$isHideForm = true;
$redirect = "";
if( strlen(trim($redirect)) ):
header( "Location:$redirect" );
exit;
endif;
}
}
?>
<?
// ===============================================
function sendFormMail( $form_mail, $sFileName = "" )
{
global $HTTP_POST_VARS ;
if (ereg('/lovelysiberians.nl/', HOST_NAME))
{
return;
}
$to = FORM_RECIPIENT;
$from = "NO_REPLY@" . HOST_NAME;
$subject = $HTTP_POST_VARS["esh_formmail_subject"];
// first stage keep it simple:
$sWhatToDo = $sFileName ? "mailandfile" : "" ; //$HTTP_POST_VARS["esh_formmail_mail_and_file"];
//$sFileName = $HTTP_POST_VARS["esh_formmail_save_record_file"];
$cc = $HTTP_POST_VARS["esh_formmail_cc"];
$bcc = $HTTP_POST_VARS["esh_formmail_bcc"];
$charset = $HTTP_POST_VARS["esh_formmail_charset"];
for( $i = 0; $i < count( $form_mail ); $i ++ ){
$value = trim( $HTTP_POST_VARS[ $form_mail[ $i ][ "name" ] ] );
$content .= $form_mail[ $i ][ "text" ] . " \t : " . $value ."\n";
$line .= remove_newline( $value ) . "\t" ;
if( strtolower("Sender's email") == strtolower($form_mail[ $i ][ "type" ]) ) {
//print "Type:[" . $form_mail[ $i ][ "type" ] . "] $value <br>\n";
$from = $value ;
}
};
$content .= "\n\nIP:" . getEnv( "REMOTE_ADDR" );
switch( strtolower($sWhatToDo) ){
case "mailandfile" :
mailAttachments( $to , $subject , $content, $from, $charset, $cc , $bcc ) ;
if( ! appendToFile( $sFileName, $line ) )
mailReport( $content . "\n\nWrite Form Mail to File Fail." );
break;
case "fileonly" :
if( ! appendToFile( $sFileName, $line ) )
mailReport( $content . "\n\nWrite Form Mail to File Fail.", $from );
break;
default :
mailAttachments( $to , $subject , $content, $from, $charset, $cc , $bcc ) ;
}
mailAutoResponse( $from ) ;
}
//------------------------------------------------------------------------------------------
function mailAutoResponse( $to ){
global $HTTP_POST_VARS ;
$subject = $HTTP_POST_VARS["esh_formmail_return_subject"];
$responseMsg = $HTTP_POST_VARS["esh_formmail_return_msg"];
if( $to && $responseMsg )
mail( $to, $subject, $responseMsg, "From: " . FORM_RECIPIENT);
}
//------------------------------------------------------------------------------------------
function mailReport( $content = "", $from = "" ){
mail( ADMIN_MAIL, "Error@" . HOST_NAME . PHP_SELF, $content, "From:$from" );
}
//------------------------------------------------------------------------------------------
function remove_newline( $str = "" ){
$newliner = "<!--esh_newline-->" ; // replace \r\n with $newliner ;
$newtaber = "<!--esh_newtaber-->" ; // replace \t with $newtaber ;
$str = ereg_replace( "\t", $newtaber, $str );
$str = ereg_replace( "\r\n", $newliner, $str );
return ereg_replace( "\n", $newliner, $str );
}
//------------------------------------------------------------------------------------------
function checkPass()
{
global $form_mail ;
global $HTTP_POST_VARS ;
global $HTTP_POST_FILES ;
for( $i = 0; $i < count( $form_mail ); $i ++ ){
$type = strtolower( $form_mail[ $i ][ "type" ] );
$value = trim( $HTTP_POST_VARS[ $form_mail[ $i ][ "name" ] ] );
$required = $form_mail[ $i ][ "required" ] ;
$text = stripslashes( $form_mail[ $i ][ "text" ] );
// simple check the field has something keyed in.
if( !strlen($value) && ( $required == "Required" ) && $type != "attachment" )
return ERR_MISSING . $text ;
// verify the special case
/*if(
( strlen($value) || $type == "attachment" )
&& $required == "Required"
):
*/
switch( $type ){
case strtolower("Sender's Name") :
break;
case strtolower("Generic email"):
//case strtolower("Sender's email"):
case "email":
if( ! formIsEMail($value) ) return ERR_EMAIL . $text ;
break;
case "text" :
break;
case "textarea" :
break;
case "checkbox" :
case "radio" :
break;
case "select" :
break;
case strtolower("Date(MM-DD-YYYY)"):
break;
case strtolower("Date(MM-YYYY)"):
break;
case strtolower("Time(HH:MM:SS)"):
break;
case strtolower("Time(HH:MM)"):
break;
default :
//return $sErrRequired . $form_mail[ $i ][ "text" ];
} // switch
//endif;
} // for
return "" ;
}
//------------------------------------------------------------------------------------------
function formSelected( $var, $val )
{
echo ( $var == $val ) ? "selected" : "";
}
//------------------------------------------------------------------------------------------
function formChecked( $var, $val )
{
echo ( $var == $val ) ? "checked" : "";
}
//------------------------------------------------------------------------------------------
function formIsEMail( $email ){
return ereg( "^(.+)@(.+)\\.(.+)$", $email );
}
//------------------------------------------------------------------------------------------
function selectList( $name, $selectedValue, $start, $end, $prompt = "-Select-", $style = "" )
{
$tab = "\t" ;
print "<select name=\"$name\" $style>\n" ;
print $tab . "<option value=''>$prompt</option>\n" ;
$nLen = strlen( "$end" ) ;
$prefix_zero = str_repeat( "0", $nLen );
for( $i = $start; $i <= $end ; $i ++ ){
$stri = substr( $prefix_zero . $i, strlen($prefix_zero . $i)-$nLen, $nLen );
$selected = ( $stri == $selectedValue ) ? " selected " : "" ;
print $tab . "<option value=\"$stri\" $selected >$stri</option>\n" ;
}
print "</select>\n\n" ;
}
// -------------------------- Begin Mail Attachment Functions -----------------------------------------------------------------
function mailAttachments( $to = "" , $subject = "" , $message = "" , $from = "support@lynx.net" , $charset = "iso-8859-1", $cc = "" , $bcc = "" ){
global $HTTP_POST_FILES ;
if( ! strlen( trim( $to ) ) ) return "Missing \"To\" Field." ;
$boundary = "====_My_PHP_Form_Generator_" . md5( uniqid( srand( time() ) ) ) . "====";
// setup mail header infomation
$headers = "From: $from\r\n";
if ($cc) $headers .= "CC: $cc\r\n";
if ($bcc) $headers .= "BCC: $bcc\r\n";
$plainHeaders = $headers ; // for no attachments header
$headers .= "MIME-Version: 1.0\nContent-type: multipart/mixed;\n\tboundary=\"$boundary\"\n";
$txtMsg = "\nThis is a multi-part message in MIME format.\n" .
"\n--$boundary\n" .
"Content-Type: text/plain;\n\tcharset=\"$charset\"\n\n" . $message . "\n";
//create mulitipart attachments boundary
$sError = "" ;
$nFound = 0;
foreach( $HTTP_POST_FILES as $aFile ){
$sFileName = $aFile[ "tmp_name" ] ;
$sFileRealName = $aFile[ "name" ] ;
if( is_file( $sFileName ) ):
if( $fp = fopen( $sFileName, "rb" ) ) :
$sContent = fread( $fp, filesize( $sFileName ) );
$sFName = basename( $sFileRealName ) ;
$sMIME = getMIMEType( $sFName ) ;
$bPlainText = ( $sMIME == "text/plain" ) ;
if( $bPlainText ) :
$encoding = "" ;
else:
$encoding = "Content-Transfer-Encoding: base64\n";
$sContent = chunk_split( base64_encode( $sContent ) );
endif;
$sEncodeBody .= "\n--$boundary\n" .
"Content-Type: $sMIME;\n" .
"\tname=\"$sFName\"\n" .
$encoding .
"Content-Disposition: attachment;\n" .
"\tfilename=\"$sFName\"\n\n" .
$sContent . "\n" ;
$nFound ++;
else:
$sError .= "<br>File $sFileName can not open.\n" ;
endif; // if( $fp = fopen( $sFileName, "rb" ) ) :
else:
$sError .= "<br>File $sFileName doesn't exist.\n" ;
endif; //if( file_exists( $sFileName ) ):
}; // end foreach
$sEncodeBody .= "\n\n--$boundary--" ;
$sSource = $txtMsg . $sEncodeBody ;
$nFound ? mail( $to, $subject, $sSource, $headers )
: mail( $to, $subject, $message, $plainHeaders );
return $sError ;
}
/* ---------------------------------------------------------------------------------------------------
Parameters: $sFileName
Return :
1. "" : no extendsion name, or sFileName is empty
2. string: MIME Type name of array aMimeType's definition.
---------------------------------------------------------------------------------------------------*/
function getMIMEType( $sFileName = "" ) {
$sFileName = strtolower( trim( $sFileName ) );
if( ! strlen( $sFileName ) ) return "";
$aMimeType = array(
"txt" => "text/plain" ,
"pdf" => "application/pdf" ,
"zip" => "application/x-compressed" ,
"html" => "text/html" ,
"htm" => "text/html" ,
"avi" => "video/avi" ,
"mpg" => "video/mpeg " ,
"wav" => "audio/wav" ,
"jpg" => "image/jpeg " ,
"gif" => "image/gif" ,
"tif" => "image/tiff " ,
"png" => "image/x-png" ,
"bmp" => "image/bmp"
);
$aFile = split( "\.", basename( $sFileName ) ) ;
$nDiminson = count( $aFile ) ;
$sExt = $aFile[ $nDiminson - 1 ] ; // get last part: like ".tar.zip", return "zip"
return ( $nDiminson > 1 ) ? $aMimeType[ $sExt ] : "";
}
// End Mail Attachment Functions
//------------------------------------------------------------------------------------------
function appendToFile( $sFileName = "", $line = "" ){
if( !$sFileName || !$line ) return 0;
$hFile = fopen( "$sFileName", "a+w" );
$nBytes = 0;
if( $hFile ){
$nBytes = fputs( $hFile , trim($line)."\r\n" );
fclose( $hFile );
};
return $nBytes ;
}
?>
Laatst bewerkt:
