php contact form

1. <?php
2. include('SMTPClass.php');
3.  
4. $use_smtp = '0';
5. $emailto = 'adres@email.xyz';
6.  
7. // retrieve from parameters
8. $emailfrom = isset($_POST["email"]) ? $_POST["email"] : "";
9. $nocomment = isset($_POST["nocomment"]) ? $_POST["nocomment"] : "";
10. $subject = 'Subject';
11. $message = '';
12. $response = '';
13. $response_fail = 'There was an error verifying your details.';
14.  
15. // Honeypot captcha
16. if($nocomment == '') {
17.  
18. $params = $_POST;
19. foreach ( $params as $key=>$value ){
20.  
21. if(!($key == 'ip' || $key == 'emailsubject' || $key == 'url' || $key == 'emailto' || $key == 'nocomment' || $key == 'v_error' || $key == 'v_email')){
22.  
23. $key = ucwords(str_replace("-", " ", $key));
24.  
25. if ( gettype( $value ) == "array" ){
26. $message .= "$key: \n";
27. foreach ( $value as $two_dim_value )
28. $message .= "...$two_dim_value<br>";
29. }else {
30. $message .= $value != '' ? "$key: $value\n" : '';
31. }
32. }
33. }
34.  
35. $response = sendEmail($subject, $message, $emailto, $emailfrom);
36.  
37. } else {
38.  
39. $response = $response_fail;
40.  
41. }
42.  
43. echo $response;
44.  
45. // Run server-side validation
46. function sendEmail($subject, $content, $emailto, $emailfrom) {
47.  
48. $from = $emailfrom;
49. $response_sent = 'OK';
50. $response_error = 'ERROR';
51. $subject = filter($subject);
52. $url = "Site: ".$_SERVER['HTTP_REFERER'];
53. $ip = "IP: ".$_SERVER["REMOTE_ADDR"];
54. $message = $content."\n$ip\r\n$url";
55.  
56. // Validate return email & inform admin
57. $emailto = filter($emailto);
58.  
59. // Setup final message
60. $body = wordwrap($message);
61.  
62. if($use_smtp == '1'){
63.  
64. $SmtpServer = 'SMTP SERVER';
65. $SmtpPort = 'SMTP PORT';
66. $SmtpUser = 'SMTP USER';
67. $SmtpPass = 'SMTP PASSWORD';
68.  
69. $to = $emailto;
70. $SMTPMail = new SMTPClient ($SmtpServer, $SmtpPort, $SmtpUser, $SmtpPass, $from, $to, $subject, $body);
71. $SMTPChat = $SMTPMail->SendMail();
72. $response = $SMTPChat ? $response_sent : $response_error;
73.  
74. } else {
75.  
76. // Create header
77. $headers = "From: $from\r\n";
78. $headers .= "MIME-Version: 1.0\r\n";
79. $headers .= "Content-type: text/plain; charset=utf-8\r\n";
80. $headers .= "Content-Transfer-Encoding: quoted-printable\r\n";
81.  
82. // Send email
83. $mail_sent = @mail($emailto, $subject, $body, $headers);
84. $response = $mail_sent ? $response_sent : $response_error;
85.  
86. }
87. return $response;
88. }
89.  
90. // Remove any un-safe values to prevent email injection
91. function filter($value) {
92. $pattern = array("/\n/", "/\r/", "/content-type:/i", "/to:/i", "/from:/i", "/cc:/i");
93. $value = preg_replace($pattern, "", $value);
94. return $value;
95. }
96.  
97. exit;
98.  
99. ?>