This week only. Pastebin PRO Accounts Christmas Special! Don't miss out!Want more features on Pastebin? Sign Up, it's FREE!
Guest

webman

By: a guest on May 27th, 2011  |  syntax: None  |  size: 8.17 KB  |  views: 20  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. <?php
  2. // OPTIONS - PLEASE CONFIGURE THESE BEFORE USE!
  3.  
  4. $yourEmail = "--"; // the email address you wish to receive these mails through
  5. $yourWebsite = "The Sports Letter - Achievement submission"; // the name of your website
  6. $thanksPage = ''; // URL to 'thanks for sending mail' page; leave empty to keep message on the same page
  7. $maxPoints = 4; // max points a person can hit before it refuses to submit - recommend 4
  8. $requiredFields = "name,email,tutorgroup,pupilssportactivity,pupilsachievement"; // names of the fields you'd like to be required as a minimum, separate each field with a comma
  9.  
  10.  
  11. // DO NOT EDIT BELOW HERE
  12. $error_msg = null;
  13. $result = null;
  14.  
  15. $requiredFields = explode(",", $requiredFields);
  16.  
  17. function clean($data) {
  18.         $data = trim(stripslashes(strip_tags($data)));
  19.         return $data;
  20. }
  21. function isBot() {
  22.         $bots = array("Indy", "Blaiz", "Java", "libwww-perl", "Python", "OutfoxBot", "User-Agent", "PycURL", "AlphaServer", "T8Abot", "Syntryx", "WinHttp", "WebBandit", "nicebot", "Teoma", "alexa", "froogle", "inktomi", "looksmart", "URL_Spider_SQL", "Firefly", "NationalDirectory", "Ask Jeeves", "TECNOSEEK", "InfoSeek", "WebFindBot", "girafabot", "crawler", "www.galaxy.com", "Googlebot", "Scooter", "Slurp", "appie", "FAST", "WebBug", "Spade", "ZyBorg", "rabaz");
  23.  
  24.         foreach ($bots as $bot)
  25.                 if (stripos($_SERVER['HTTP_USER_AGENT'], $bot) !== false)
  26.                         return true;
  27.  
  28.         if (empty($_SERVER['HTTP_USER_AGENT']) || $_SERVER['HTTP_USER_AGENT'] == " ")
  29.                 return true;
  30.        
  31.         return false;
  32. }
  33.  
  34. if ($_SERVER['REQUEST_METHOD'] == "POST") {
  35.         if (isBot() !== false)
  36.                 $error_msg .= "No bots please! UA reported as: ".$_SERVER['HTTP_USER_AGENT'];
  37.                
  38.         // lets check a few things - not enough to trigger an error on their own, but worth assigning a spam score..
  39.         // score quickly adds up therefore allowing genuine users with 'accidental' score through but cutting out real spam :)
  40.         $points = (int)0;
  41.        
  42.         $badwords = array("adult", "beastial", "bestial", "blowjob", "clit", "cum", "cunilingus", "cunillingus", "cunnilingus", "cunt", "ejaculate", "fag", "felatio", "fellatio", "fuck", "fuk", "fuks", "gangbang", "gangbanged", "gangbangs", "hotsex", "hardcode", "jism", "jiz", "orgasim", "orgasims", "orgasm", "orgasms", "phonesex", "phuk", "phuq", "pussies", "pussy", "spunk", "xxx", "viagra", "phentermine", "tramadol", "adipex", "advai", "alprazolam", "ambien", "ambian", "amoxicillin", "antivert", "blackjack", "backgammon", "texas", "holdem", "poker", "carisoprodol", "ciara", "ciprofloxacin", "debt", "dating", "porn", "link=", "voyeur", "content-type", "bcc:", "cc:", "document.cookie", "onclick", "onload", "javascript");
  43.  
  44.         foreach ($badwords as $word)
  45.                 if (
  46.                         strpos(strtolower($_POST['message']), $word) !== false ||
  47.                         strpos(strtolower($_POST['name']), $word) !== false
  48.                 )
  49.                         $points += 2;
  50.        
  51.         if (strpos($_POST['pupilssportachievement'], "http://") !== false || strpos($_POST['pupilssportachievement'], "www.") !== false)
  52.                 $points += 2;
  53.         if (isset($_POST['nojs']))
  54.                 $points += 1;
  55.         if (preg_match("/(<.*>)/i", $_POST['pupilssportachievement']))
  56.                 $points += 2;
  57.         if (strlen($_POST['name']) < 3)
  58.                 $points += 1;
  59.         if (strlen($_POST['message']) < 15 || strlen($_POST['pupilssportachievement'] > 1500))
  60.                 $points += 2;
  61.         // end score assignments
  62.  
  63.         foreach($requiredFields as $field) {
  64.                 trim($_POST[$field]);
  65.                
  66.                 if (!isset($_POST[$field]) || empty($_POST[$field]))
  67.                         $error_msg .= "Please fill in all the required fields and submit again.\r\n";
  68.         }
  69.  
  70.         if (!preg_match("/^[a-zA-Z-'\s]*$/", stripslashes($_POST['name'])))
  71.                 $error_msg .= "The name field must not contain special characters.\r\n";
  72.         if (!preg_match('/^([a-z0-9])(([-a-z0-9._])*([a-z0-9]))*\@([a-z0-9])(([a-z0-9-])*([a-z0-9]))+' . '(\.([a-z0-9])([-a-z0-9_-])?([a-z0-9])+)+$/i', strtolower($_POST['email'])))
  73.                 $error_msg .= "That is not a valid e-mail address.\r\n";
  74.         if (!empty($_POST['url']) && !preg_match('/^(http|https):\/\/(([A-Z0-9][A-Z0-9_-]*)(\.[A-Z0-9][A-Z0-9_-]*)+)(:(\d+))?\/?/i', $_POST['url']))
  75.                 $error_msg .= "Invalid website url.\r\n";
  76.        
  77.         if ($error_msg == NULL && $points <= $maxPoints) {
  78.                 $subject = "Automatic Form Email";
  79.                
  80.                 $message = "You received this e-mail message through your website: \n\n";
  81.                 foreach ($_POST as $key => $val) {
  82.                         $message .= ucwords($key) . ": " . clean($val) . "\r\n";
  83.                 }
  84.                 $message .= "\r\n";
  85.                 $message .= 'IP: '.$_SERVER['REMOTE_ADDR']."\r\n";
  86.                 $message .= 'Browser: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
  87.                 $message .= 'Points: '.$points;
  88.  
  89.                 if (strstr($_SERVER['SERVER_SOFTWARE'], "Win")) {
  90.                         $headers   = "From: $yourEmail\n";
  91.                         $headers  .= "Reply-To: {$_POST['email']}";
  92.                 } else {
  93.                         $headers   = "From: $yourWebsite <$yourEmail>\n";
  94.                         $headers  .= "Reply-To: {$_POST['email']}";
  95.                 }
  96.  
  97.                 if (mail($yourEmail,$subject,$message,$headers)) {
  98.                         if (!empty($thanksPage)) {
  99.                                 header("Location: $thanksPage");
  100.                                 exit;
  101.                         } else {
  102.                                 $result = 'Your mail was successfully sent.';
  103.                                 $disable = true;
  104.                         }
  105.                 } else {
  106.                         $error_msg = 'Your mail could not be sent this time. ['.$points.']';
  107.                 }
  108.         } else {
  109.                 if (empty($error_msg))
  110.                         $error_msg = 'Your mail looks too much like spam, and could not be sent this time. ['.$points.']';
  111.         }
  112. }
  113. function get_data($var) {
  114.         if (isset($_POST[$var]))
  115.                 echo htmlspecialchars($_POST[$var]);
  116. }
  117. ?>
  118.  
  119. <?php
  120. if ($error_msg != NULL) {
  121.         echo '<p class="error">ERROR: '. nl2br($error_msg) . "</p>";
  122. }
  123. if ($result != NULL) {
  124.         echo '<p class="success">'. $result . "</p>";
  125. }
  126. ?>
  127.  
  128. <style type="text/css">
  129. /*Contact form*/
  130. label {
  131. width:12em;
  132. float:left;
  133. text-align:right;
  134. margin-right:1.5em;
  135. display:block
  136. }
  137. .submit input {
  138. margin-left:4.5em;
  139. }
  140. input.text {
  141. border:1px solid #232a15;
  142. margin:2px;
  143. border:1px solid #A8A8A8;
  144. font-family:Verdana,Arial,Helvetica,sans-serif;
  145. }
  146. textarea {
  147. border: 1px solid #232a15;
  148. margin: 2px;
  149. border:1px solid #A8A8A8;
  150. font-family:Verdana,Arial,Helvetica,sans-serif;
  151. }
  152. fieldset {
  153. border:1px solid #232a15;
  154. padding: 4px;
  155. border:1px solid #A8A8A8;
  156. }
  157. p.error, p.success {
  158.    font-weight: bold;
  159.    padding: 10px;
  160.    border: 1px solid;
  161.   }
  162.   p.error {
  163.    background: #ffc0c0;
  164.    color: #900;
  165.   }
  166.   p.success {
  167.    background: #b3ff69;
  168.    color: #4fa000;
  169.   }
  170. </style>
  171. <form name="sports" action="<?php echo basename(__FILE__); ?>" method="post" onSubmit
  172. ="javascript:document.sports.reset();" >
  173. <noscript>
  174.   <p><input type="hidden" name="nojs" id="nojs" /></p>
  175. </noscript>
  176.      <fieldset>
  177.      <div>
  178.      <label for="name">Your name</label>
  179.      <input type="text" class="text" name="name" id="name" size="30" value="<?php if (isset($_POST['name']) && !empty($_POST['name'])) echo $_POST['name']; ?>" />
  180.     </div>
  181.      <div>
  182.      <label for="pupilsname">Pupils name (if different)</label>
  183.      <input type="text" class="text" name="pupilsname" id="pupilsname" size="30" value="<?php if (isset($_POST['pupilsname']) && !empty($_POST['pupilsname'])) echo $_POST
  184. ['pupilsname']; ?>" />
  185.     </div>
  186.      <div>
  187.      <label for="tutorgroup">Tutor group</label>
  188.      <input type="text" class="text" name="tutorgroup" id="tutorgroup" size="30" value="<?php if (isset($_POST['tutorgroup']) && !empty($_POST['tutorgroup'])) echo $_POST
  189. ['tutorgroup']; ?>" />
  190.     </div>
  191.     <div>
  192.      <label for="pupilssportactivity">Pupils sport/activity</label>
  193.      <input type="text" class="text" name="pupilssportactivity" id="pupilssportactivity" size="30" value="<?php if (isset($_POST['pupilssportactivity']) && !empty($_POST
  194. ['pupilssportactivity'])) echo $_POST['pupilssportactivity']; ?>" />
  195.     </div>
  196.     <div>
  197.      <label for="pupilsachievement">Pupils achievement</label>
  198.      <textarea rows="6" cols="40" name="pupilsachievement" id="pupilsachievement" value="<?php if (isset($_POST['pupilsachievement']) && !empty($_POST['pupilsachievement']))
  199. echo $_POST['pupilsachievement']; ?>" /></textarea>
  200.     </div>
  201.      <div>
  202.      <label for="email">Your email address</label>
  203.      <input type="text" class="text" name="email" id="email" size="30" value="<?php if (isset($_POST['email']) && !empty($_POST['email']))
  204. echo $_POST['pupilsachievement']; ?>" />
  205.     </div>
  206.     <div class="submit">
  207.      <input type="submit" name="submit" id="submit" value="Submit" />
  208.     </div>
  209.     </fieldset>
  210.    </form>
clone this paste RAW Paste Data