Don't like ads? PRO users don't see any ads ;-)
Public Pastes
Guest

Untitled

By: a guest on May 22nd, 2012  |  syntax: None  |  size: 17.05 KB  |  hits: 17  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. Multiple Checkbox Values not showing
  2. FULL FORM:
  3.  
  4. <form id='contactus' action='<?php echo $formproc->GetSelfScript(); ?>' method='post' enctype="multipart/form-data" accept-charset='UTF-8'>
  5.  
  6. <input type='hidden' name='submitted' id='submitted' value='1'/>
  7. <input type='hidden' name='<?php echo $formproc->GetFormIDInputName(); ?>' value='<?php echo $formproc->GetFormIDInputValue(); ?>'/>
  8. <input type='hidden'  class='spmhidip' name='<?php echo $formproc->GetSpamTrapInputName(); ?>' />
  9.  
  10.  
  11. <fieldset >
  12.  
  13. <dl>
  14. <dd>*Name (last, first)
  15. <input type="text" name="name" size="33" value='<?php echo $formproc->SafeDisplay('name') ?>'>
  16.   <span id='contactus_name_errorloc' class='error'></span>
  17. </dd>
  18. </dl>
  19.  
  20. <dl>
  21. <dd>*Email Address <input type="text" name="email" size="35" value='<?php echo $formproc->SafeDisplay('email') ?>'>    <span id='contactus_email_errorloc' class='error'>    </span>
  22. </dd></dl>
  23.  
  24. <dl>
  25. <dd>*Construction Experience <input type="radio" name="construction_experience" id="construction_experience" value="Yes<?php echo $formproc->SafeDisplay('experience') ?>">Yes<input type="radio" name="construction_experience" id="construction_experience" value="No<?php echo $formproc->SafeDisplay('experience') ?>">No </dd></dl>
  26.  
  27. <dl>
  28. <dd>*You must have valid drivers license, please select all that apply: <br />
  29. <input type=checkbox name="valid_license[]" id="valid_licenseD" value="D<?php echo $formproc->SafeDisplay('valid_license') ?>">D license
  30. <input type=checkbox name="valid_license[]" id="valid_licenseG" value="G<?php echo $formproc->SafeDisplay('valid_license') ?>">G license
  31. <input type=checkbox name="valid_license[]" id="valid_licenseG2" value="G2<?php echo $formproc->SafeDisplay('valid_license') ?>">G2 license
  32. </dd></dl>
  33.  
  34. <p><strong>Enter additional comments in the space provided below:</strong></p>
  35.  
  36.  <dl>
  37. <dd> <span id='contactus_message_errorloc' class='error'></span><textarea name="message" id="message" cols="60" rows="8"><?php echo $formproc->SafeDisplay('message') ?></textarea></dd></dl>
  38.  
  39. <dl>
  40. <dd>*Resume (insert attachment) <input type="file" name="resume" id="resume" value="" size="30">
  41. <div><span class='error'><?php echo $formproc->GetErrorMessage(); ?></span></div>
  42.    <span id='contactus_photo_errorloc' class='error'></span>
  43. </dd></dl>
  44.  
  45. <p style="padding-left:60px;"><input type="submit" class="button primary" value="Submit Application" />   <input type="reset" class="button primary" value="Clear Form" name"clear" />
  46.  
  47. </fieldset>
  48. </form>
  49.        
  50. require_once("class.phpmailer.php");
  51.  
  52. /*
  53. Interface to Captcha handler
  54. */
  55. class FG_CaptchaHandler
  56. {
  57. function Validate() { return false;}
  58. function GetError(){ return '';}
  59. }
  60. /*
  61. FGContactForm is a general purpose contact form class
  62. It supports Captcha, HTML Emails, sending emails
  63. conditionally, File atachments and more.
  64. */
  65. class FGContactForm
  66. {
  67. var $receipients;
  68. var $errors;
  69. var $error_message;
  70. var $name;
  71. var $email;
  72. var $message;
  73. var $from_address;
  74. var $form_random_key;
  75. var $conditional_field;
  76. var $arr_conditional_receipients;
  77. var $fileupload_fields;
  78. var $captcha_handler;
  79.  
  80. var $mailer;
  81.  
  82. function FGContactForm()
  83. {
  84.     $this->receipients = array();
  85.     $this->errors = array();
  86.     $this->form_random_key = 'HTgsjhartag';
  87.     $this->conditional_field='';
  88.     $this->arr_conditional_receipients=array();
  89.     $this->fileupload_fields=array();
  90.  
  91.     $this->mailer = new PHPMailer();
  92.     $this->mailer->CharSet = 'utf-8';
  93. }
  94.  
  95. function EnableCaptcha($captcha_handler)
  96. {
  97.     $this->captcha_handler = $captcha_handler;
  98.     session_start();
  99. }
  100.  
  101. function AddRecipient($email,$name="")
  102. {
  103.     $this->mailer->AddAddress($email,$name);
  104. }
  105.  
  106. function SetFromAddress($from)
  107. {
  108.     $this->from_address = $from;
  109. }
  110. function SetFormRandomKey($key)
  111. {
  112.     $this->form_random_key = $key;
  113. }
  114. function GetSpamTrapInputName()
  115. {
  116.     return 'sp'.md5('KHGdnbvsgst'.$this->GetKey());
  117. }
  118. function SafeDisplay($value_name)
  119. {
  120.     if(empty($_POST[$value_name]))
  121.     {
  122.         return'';
  123.     }
  124.     return htmlentities($_POST[$value_name]);
  125. }
  126. function GetFormIDInputName()
  127. {
  128.     $rand = md5('TygshRt'.$this->GetKey());
  129.  
  130.     $rand = substr($rand,0,20);
  131.     return 'id'.$rand;
  132. }
  133.  
  134.  
  135. function GetFormIDInputValue()
  136. {
  137.     return md5('jhgahTsajhg'.$this->GetKey());
  138. }
  139.  
  140. function SetConditionalField($field)
  141. {
  142.     $this->conditional_field = $field;
  143. }
  144. function AddConditionalReceipent($value,$email)
  145. {
  146.     $this->arr_conditional_receipients[$value] =  $email;
  147. }
  148.  
  149. function AddFileUploadField($file_field_name,$accepted_types,$max_size)
  150. {
  151.  
  152.     $this->fileupload_fields[] =
  153.         array("name"=>$file_field_name,
  154.         "file_types"=>$accepted_types,
  155.         "maxsize"=>$max_size);
  156. }
  157.  
  158. function ProcessForm()
  159. {
  160.     if(!isset($_POST['submitted']))
  161.     {
  162.        return false;
  163.     }
  164.     if(!$this->Validate())
  165.     {
  166.         $this->error_message = implode('<br/>',$this->errors);
  167.         return false;
  168.     }
  169.     $this->CollectData();
  170.  
  171.     $ret = $this->SendFormSubmission();
  172.  
  173.     return $ret;
  174. }
  175.  
  176. function RedirectToURL($url)
  177. {
  178.     header("Location: $url");
  179.     exit;
  180. }
  181.  
  182. function GetErrorMessage()
  183. {
  184.     return $this->error_message;
  185. }
  186. function GetSelfScript()
  187. {
  188.     return htmlentities($_SERVER['PHP_SELF']);
  189. }
  190.  
  191. function GetName()
  192. {
  193.     return $this->name;
  194. }
  195. function GetEmail()
  196. {
  197.     return $this->email;
  198. }
  199. function GetMessage()
  200. {
  201.     return htmlentities($this->message,ENT_QUOTES,"UTF-8");
  202. }
  203.        
  204. function SendFormSubmission()
  205. {
  206.     $this->CollectConditionalReceipients();
  207.  
  208.     $this->mailer->CharSet = 'utf-8';
  209.  
  210.     $this->mailer->Subject = "Online Application from $this->name";
  211.  
  212.     $this->mailer->From = $this->GetFromAddress();
  213.  
  214.     $this->mailer->FromName = "thermosealinsulation.ca";
  215.  
  216.     $this->mailer->AddReplyTo($this->email);
  217.  
  218.     $message = $this->ComposeFormtoEmail();
  219.  
  220.     $textMsg = trim(strip_tags(preg_replace('/<(head|title|style|script)[^>]*>.*?</\1>/s','',$message)));
  221.     $this->mailer->AltBody = @html_entity_decode($textMsg,ENT_QUOTES,"UTF-8");
  222.     $this->mailer->MsgHTML($message);
  223.  
  224.     $this->AttachFiles();
  225.  
  226.     if(!$this->mailer->Send())
  227.     {
  228.         $this->add_error("Failed sending email!");
  229.         return false;
  230.     }
  231.  
  232.     return true;
  233. }
  234.  
  235. function CollectConditionalReceipients()
  236. {
  237.     if(count($this->arr_conditional_receipients)>0 &&
  238.       !empty($this->conditional_field) &&
  239.       !empty($_POST[$this->conditional_field]))
  240.     {
  241.         foreach($this->arr_conditional_receipients as $condn => $rec)
  242.         {
  243.             if(strcasecmp($condn,$_POST[$this->conditional_field])==0 &&
  244.             !empty($rec))
  245.             {
  246.                 $this->AddRecipient($rec);
  247.             }
  248.         }
  249.     }
  250. }
  251.  
  252. /*
  253. Internal variables, that you donot want to appear in the email
  254. Add those variables in this array.
  255. */
  256. function IsInternalVariable($varname)
  257. {
  258.     $arr_interanl_vars = array('scaptcha',
  259.                         'submitted',
  260.                         $this->GetSpamTrapInputName(),
  261.                         $this->GetFormIDInputName()
  262.                         );
  263.     if(in_array($varname,$arr_interanl_vars))
  264.     {
  265.         return true;
  266.     }
  267.     return false;
  268. }
  269.  
  270. function FormSubmissionToMail()
  271. {
  272. $ret_str='';
  273. foreach($_POST as $key=>$value)
  274. {
  275.     if(!$this->IsInternalVariable($key))
  276.     {
  277.         $value = htmlentities($value,ENT_QUOTES,"UTF-8");
  278.         $value = nl2br($value);
  279.         $key = ucfirst($key);
  280.  
  281.         // CHANGES BEGIN HERE.....
  282.         // This loop looks over all the $_POST values. Need to isolate the `valid_licenses` and do something special with it.
  283.         if ($key == "valid_license") {
  284.            $value = implode(", ", $value);
  285.            // Now $value will output as the comma-separated values list.
  286.         }
  287.         // CHANGES END HERE
  288.  
  289.         $ret_str .= "<div class='label'>$key :</div><div class='value'>$value </div>n";
  290.     }
  291.  
  292. }
  293. foreach($this->fileupload_fields as $upload_field)
  294. {
  295.     $field_name = $upload_field["name"];
  296.     if(!$this->IsFileUploaded($field_name))
  297.     {
  298.         continue;
  299.     }        
  300.  
  301.     $filename = basename($_FILES[$field_name]['name']);
  302.  
  303.     $ret_str .= "";
  304. }
  305. return $ret_str;
  306. }
  307. function ExtraInfoToMail()
  308. {
  309.     $ret_str='';
  310.  
  311.     $ip = $_SERVER['REMOTE_ADDR'];
  312.     $ret_str = "<div class='label'>IP address of the submitter:</div><div class='value'>$ip</div>n";
  313.  
  314.     return $ret_str;
  315. }
  316.  
  317. function GetMailStyle()
  318. {
  319.     $retstr = "n<style>".
  320.     "body,.label,.value { font-family:Arial,Verdana; } ".
  321.     ".label {font-weight:bold; margin-top:5px; font-size:1.2em; color:#333;} ".
  322.     ".value {margin-bottom:15px;font-size:1.2em;padding-left:20px;} ".
  323.     "</style>n";
  324.  
  325.     return $retstr;
  326. }
  327. function GetHTMLHeaderPart()
  328. {
  329.      $retstr = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">'."n".
  330.                '<html><head><title></title>'.
  331.                '<meta http-equiv=Content-Type content="text/html; charset=utf-8">';
  332.      $retstr .= $this->GetMailStyle();
  333.      $retstr .= '</head><body>';
  334.      return $retstr;
  335. }
  336. function GetHTMLFooterPart()
  337. {
  338.     $retstr ='</body></html>';
  339.     return $retstr ;
  340. }
  341.  function ComposeFormtoEmail()
  342. {
  343.     $header = $this->GetHTMLHeaderPart();
  344. $formsubmission = $this->FormSubmissionToMail();
  345. $extra_info = $this->ExtraInfoToMail();
  346. $footer = $this->GetHTMLFooterPart();
  347.  
  348. $message = $header."<div class='label'>Job Application Submission From thermosealinsulation.ca: </div><p>$formsubmission</p><hr/>$extra_info".$footer;
  349.  
  350. return $message;
  351. }
  352.  
  353. function AttachFiles()
  354. {
  355.     foreach($this->fileupload_fields as $upld_field)
  356.     {
  357.         $field_name = $upld_field["name"];
  358.         if(!$this->IsFileUploaded($field_name))
  359.         {
  360.             continue;
  361.         }
  362.  
  363.         $filename =basename($_FILES[$field_name]['name']);
  364.  
  365.         $this->mailer->AddAttachment($_FILES[$field_name]["tmp_name"],$filename);
  366.     }
  367. }
  368.  
  369. function GetFromAddress()
  370. {
  371.     if(!empty($this->from_address))
  372.     {
  373.         return $this->from_address;
  374.     }
  375.  
  376.     $host = $_SERVER['SERVER_NAME'];
  377.  
  378.     $from ="nobody@$host";
  379.     return $from;
  380. }
  381.  
  382. function Validate()
  383. {
  384.     $ret = true;
  385.     //security validations
  386.     if(empty($_POST[$this->GetFormIDInputName()]) ||
  387.       $_POST[$this->GetFormIDInputName()] != $this->GetFormIDInputValue() )
  388.     {
  389.         //The proper error is not given intentionally
  390.         $this->add_error("Automated submission prevention: case 1 failed");
  391.         $ret = false;
  392.     }
  393.  
  394.     //This is a hidden input field. Humans won't fill this field.
  395.     if(!empty($_POST[$this->GetSpamTrapInputName()]) )
  396.     {
  397.         //The proper error is not given intentionally
  398.         $this->add_error("Automated submission prevention: case 2 failed");
  399.         $ret = false;
  400.     }
  401.  
  402.     //name validations
  403.     if(empty($_POST['name']))
  404.     {
  405.         $this->add_error("Please provide your name");
  406.         $ret = false;
  407.     }
  408.     else
  409.     if(strlen($_POST['name'])>50)
  410.     {
  411.         $this->add_error("Name is too big!");
  412.         $ret = false;
  413.     }
  414.  
  415.     //email validations
  416.     if(empty($_POST['email']))
  417.     {
  418.         $this->add_error("Please provide your email address");
  419.         $ret = false;
  420.     }
  421.     else
  422.     if(strlen($_POST['email'])>50)
  423.     {
  424.         $this->add_error("Email address is too big!");
  425.         $ret = false;
  426.     }
  427.     else
  428.     if(!$this->validate_email($_POST['email']))
  429.     {
  430.         $this->add_error("Please provide a valid email address");
  431.         $ret = false;
  432.     }
  433.  
  434.     //message validaions
  435.     if(strlen($_POST['message'])>2048)
  436.     {
  437.         $this->add_error("Message is too big!");
  438.         $ret = false;
  439.     }
  440.  
  441.     //captcha validaions
  442.     if(isset($this->captcha_handler))
  443.     {
  444.         if(!$this->captcha_handler->Validate())
  445.         {
  446.             $this->add_error($this->captcha_handler->GetError());
  447.             $ret = false;
  448.         }
  449.     }
  450.     //file upload validations
  451.     if(!empty($this->fileupload_fields))
  452.     {
  453.      if(!$this->ValidateFileUploads())
  454.      {
  455.         $ret = false;
  456.      }
  457.     }
  458.     return $ret;
  459. }
  460.  
  461. function ValidateFileType($field_name,$valid_filetypes)
  462. {
  463.     $ret=true;
  464.     $info = pathinfo($_FILES[$field_name]['name']);
  465.     $extn = $info['extension'];
  466.     $extn = strtolower($extn);
  467.  
  468.     $arr_valid_filetypes= explode(',',$valid_filetypes);
  469.     if(!in_array($extn,$arr_valid_filetypes))
  470.     {
  471.         $this->add_error("Valid file types are: $valid_filetypes");
  472.         $ret=false;
  473.     }
  474.     return $ret;
  475. }
  476.  
  477. function ValidateFileSize($field_name,$max_size)
  478. {
  479.     $size_of_uploaded_file =
  480.             $_FILES[$field_name]["size"]/1024;//size in KBs
  481.     if($size_of_uploaded_file > $max_size)
  482.     {
  483.         $this->add_error("The file is too big. File size should be less than $max_size KB");
  484.         return false;
  485.     }
  486.     return true;
  487. }
  488.  
  489. function IsFileUploaded($field_name)
  490. {
  491.     if(empty($_FILES[$field_name]['name']))
  492.     {
  493.         return false;
  494.     }
  495.     if(!is_uploaded_file($_FILES[$field_name]['tmp_name']))
  496.     {
  497.         return false;
  498.     }
  499.     return true;
  500. }
  501. function ValidateFileUploads()
  502. {
  503.     $ret=true;
  504.     foreach($this->fileupload_fields as $upld_field)
  505.     {
  506.         $field_name = $upld_field["name"];
  507.  
  508.         $valid_filetypes = $upld_field["file_types"];
  509.  
  510.         if(!$this->IsFileUploaded($field_name))
  511.         {
  512.             continue;
  513.         }
  514.  
  515.         if($_FILES[$field_name]["error"] != 0)
  516.         {
  517.             $this->add_error("Error in file upload; Error code:".$_FILES[$field_name]["error"]);
  518.             $ret=false;
  519.         }
  520.  
  521.         if(!empty($valid_filetypes) &&
  522.          !$this->ValidateFileType($field_name,$valid_filetypes))
  523.         {
  524.             $ret=false;
  525.         }
  526.  
  527.         if(!empty($upld_field["maxsize"]) &&
  528.         $upld_field["maxsize"]>0)
  529.         {
  530.             if(!$this->ValidateFileSize($field_name,$upld_field["maxsize"]))
  531.             {
  532.                 $ret=false;
  533.             }
  534.         }
  535.  
  536.     }
  537.     return $ret;
  538. }
  539.  
  540. function StripSlashes($str)
  541. {
  542.     if(get_magic_quotes_gpc())
  543.     {
  544.         $str = stripslashes($str);
  545.     }
  546.     return $str;
  547. }
  548. /*
  549. Sanitize() function removes any potential threat from the
  550. data submitted. Prevents email injections or any other hacker attempts.
  551. if $remove_nl is true, newline chracters are removed from the input.
  552. */
  553. function Sanitize($str,$remove_nl=true)
  554. {
  555.     $str = $this->StripSlashes($str);
  556.  
  557.     if($remove_nl)
  558.     {
  559.         $injections = array('/(n+)/i',
  560.             '/(r+)/i',
  561.             '/(t+)/i',
  562.             '/(%0A+)/i',
  563.             '/(%0D+)/i',
  564.             '/(%08+)/i',
  565.             '/(%09+)/i'
  566.             );
  567.         $str = preg_replace($injections,'',$str);
  568.     }
  569.  
  570.     return $str;
  571. }
  572.  
  573. /*Collects clean data from the $_POST array and keeps in internal variables.*/
  574. function CollectData()
  575. {
  576.     $this->name = $this->Sanitize($_POST['name']);
  577.     $this->email = $this->Sanitize($_POST['email']);
  578.     $this->ConstructionExperience = $this->Sanitize($_POST['ConstructionExperience']);
  579.     foreach ($_POST['valid_license'] as $license) {
  580. // Append each sanitized element onto valid_license[]
  581.     $this->valid_license[] = $this->Sanitize($license) ;
  582. }
  583.  
  584.     /*newline is OK in the message.*/
  585.     $this->message = $this->StripSlashes($_POST['message']);
  586. }
  587.  
  588. function add_error($error)
  589. {
  590.     array_push($this->errors,$error);
  591. }
  592. function validate_email($email)
  593. {
  594.     return eregi("^[_.0-9a-zA-Z-]+@([0-9a-zA-Z][0-9a-zA-Z-]+.)+[a-zA-Z]{2,6}$", $email);
  595. }
  596.  
  597. function GetKey()
  598. {
  599.     return $this->form_random_key.$_SERVER['SERVER_NAME'].$_SERVER['REMOTE_ADDR'];
  600. }
  601.  
  602. }
  603.  
  604. ?>`
  605.        
  606. <input type=checkbox name="valid_license[]" id="valid_license" ... />
  607.        
  608. // Something like
  609. foreach ($_POST['valid_license'] as $license) {
  610.   // Append each sanitized element onto valid_license[]
  611.   $this->valid_license[] = $this->Sanitize($license);
  612. }
  613.        
  614. function ComposeFormtoEmail() {
  615.   $header = $this->GetHTMLHeaderPart();
  616.   $formsubmission = $this->FormSubmissionToMail();
  617.   $extra_info = $this->ExtraInfoToMail();
  618.   $footer = $this->GetHTMLFooterPart();
  619.  
  620.   // Assign this to a variable
  621.   $licenses = implode(", ", $this->valid_license);
  622.  
  623.   // Then insert that variable into `$message`
  624.   $message = $header."Job Application Submission From thermosealinsulation.ca :<p>$licenses</p><p>$formsubmission</p><hr/>$extra_info".$footer;
  625.   //---------------------------------------------------------------------------^^^^^^^^^^^^^^^^
  626.  
  627.   return $message;
  628. }
  629.        
  630. function FormSubmissionToMail()
  631. {
  632.     $ret_str='';
  633.     foreach($_POST as $key=>$value)
  634.     {
  635.         if(!$this->IsInternalVariable($key))
  636.         {
  637.             // MOVED THIS BLOCK FROM BELOW...
  638.             // CHANGES BEGIN HERE.....
  639.             // This loop looks over all the $_POST values. Need to isolate the `valid_licenses` and do something special with it.
  640.             if ($key == "valid_license") {
  641.                $value = implode(", ", $value);
  642.                // Now $value will output as the comma-separated values list.
  643.             }
  644.             // CHANGES END HERE
  645.  
  646.             $value = htmlentities($value,ENT_QUOTES,"UTF-8");
  647.             $value = nl2br($value);
  648.             $key = ucfirst($key);
  649.  
  650.             $ret_str .= "<div class='label'>$key :</div><div class='value'>$value </div>n";
  651.         }
  652.  
  653.     }
  654.     foreach($this->fileupload_fields as $upload_field)
  655.     {
  656.         $field_name = $upload_field["name"];
  657.         if(!$this->IsFileUploaded($field_name))
  658.         {
  659.             continue;
  660.         }        
  661.  
  662.         $filename = basename($_FILES[$field_name]['name']);
  663.  
  664.         $ret_str .= "<div class='label'>File upload '$field_name' :</div><div class='value'>$filename </div>n";
  665.     }
  666.     return $ret_str;
  667. }
  668.  
  669. ### Now that this is the correct location, go back and remove the changes we made to `ComposeFormToEmail()`
create a new version of this paste RAW Paste Data