Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

updated version

By: a guest on May 27th, 2011  |  syntax: PHP  |  size: 8.52 KB  |  views: 56  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
This paste has a previous version, view the difference. Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. <?php
  2. // OPTIONS - PLEASE CONFIGURE THESE BEFORE USE!
  3.  
  4. $yourEmail = "--"; // the email address you wish to receive these mails through
  5. $yourWebsite = "The Sports Letter - Achievement submission"; // the name of your website
  6. $thanksPage = ''; // URL to 'thanks for sending mail' page; leave empty to keep message on the same page
  7. $maxPoints = 4; // max points a person can hit before it refuses to submit - recommend 4
  8. $requiredFields = "name,email,tutorgroup,pupilssportactivity,pupilsachievement"; // names of the fields you'd like to be required as a minimum, separate each field with a comma
  9.  
  10. // Field names and "display" names
  11. $fields['name'] = 'Your name';
  12. $fields['pupilsname'] = "Pupil's name";
  13. $fields['tutorgroup'] = 'Tutor group';
  14. $fields['pupilssportactivity'] = "Pupil's sport/activity";
  15. $fields['pupilsachievement'] = "Pupil's achievement";
  16. $fields['email'] = 'Email';
  17.  
  18.  
  19. // DO NOT EDIT BELOW HERE
  20. $error_msg = null;
  21. $result = null;
  22.  
  23. $requiredFields = explode(",", $requiredFields);
  24.  
  25. function clean($data) {
  26.         $data = trim(stripslashes(strip_tags($data)));
  27.         return $data;
  28. }
  29. function isBot() {
  30.         $bots = array("Indy", "Blaiz", "Java", "libwww-perl", "Python", "OutfoxBot", "User-Agent", "PycURL", "AlphaServer", "T8Abot", "Syntryx", "WinHttp", "WebBandit", "nicebot", "Teoma", "alexa", "froogle", "inktomi", "looksmart", "URL_Spider_SQL", "Firefly", "NationalDirectory", "Ask Jeeves", "TECNOSEEK", "InfoSeek", "WebFindBot", "girafabot", "crawler", "www.galaxy.com", "Googlebot", "Scooter", "Slurp", "appie", "FAST", "WebBug", "Spade", "ZyBorg", "rabaz");
  31.  
  32.         foreach ($bots as $bot)
  33.                 if (stripos($_SERVER['HTTP_USER_AGENT'], $bot) !== false)
  34.                         return true;
  35.  
  36.         if (empty($_SERVER['HTTP_USER_AGENT']) || $_SERVER['HTTP_USER_AGENT'] == " ")
  37.                 return true;
  38.  
  39.         return false;
  40. }
  41.  
  42. if ($_SERVER['REQUEST_METHOD'] == "POST") {
  43.         if (isBot() !== false)
  44.                 $error_msg .= "No bots please! UA reported as: ".$_SERVER['HTTP_USER_AGENT'];
  45.  
  46.         // lets check a few things - not enough to trigger an error on their own, but worth assigning a spam score..
  47.         // score quickly adds up therefore allowing genuine users with 'accidental' score through but cutting out real spam :)
  48.         $points = (int)0;
  49.  
  50.         $badwords = array("adult", "beastial", "bestial", "blowjob", "clit", "cum", "cunilingus", "cunillingus", "cunnilingus", "cunt", "ejaculate", "fag", "felatio", "fellatio", "fuck", "fuk", "fuks", "gangbang", "gangbanged", "gangbangs", "hotsex", "hardcode", "jism", "jiz", "orgasim", "orgasims", "orgasm", "orgasms", "phonesex", "phuk", "phuq", "pussies", "pussy", "spunk", "xxx", "viagra", "phentermine", "tramadol", "adipex", "advai", "alprazolam", "ambien", "ambian", "amoxicillin", "antivert", "blackjack", "backgammon", "texas", "holdem", "poker", "carisoprodol", "ciara", "ciprofloxacin", "debt", "dating", "porn", "link=", "voyeur", "content-type", "bcc:", "cc:", "document.cookie", "onclick", "onload", "javascript");
  51.  
  52.         foreach ($badwords as $word)
  53.                 if (
  54.                         strpos(strtolower($_POST['pupilsachievement']), $word) !== false ||
  55.                         strpos(strtolower($_POST['name']), $word) !== false
  56.                 )
  57.                         $points += 2;
  58.  
  59.         if (strpos($_POST['pupilsachievement'], "http://") !== false || strpos($_POST['pupilsachievement'], "www.") !== false)
  60.                 $points += 2;
  61.         if (isset($_POST['nojs']))
  62.                 $points += 1;
  63.         if (preg_match("/(<.*>)/i", $_POST['pupilsachievement']))
  64.                 $points += 2;
  65.         if (strlen($_POST['name']) < 3)
  66.                 $points += 1;
  67.         if (strlen($_POST['pupilsachievement']) < 15 || strlen($_POST['pupilsachievement'] > 1500))
  68.                 $points += 2;
  69.         // end score assignments
  70.  
  71.         foreach($requiredFields as $field) {
  72.                 trim($_POST[$field]);
  73.  
  74.                 if (!isset($_POST[$field]) || empty($_POST[$field]))
  75.                         //$error_msg .= "Please fill in all the required fields and submit again.\r\n";
  76.                         // Get the display name of the field and show it
  77.                         $error_msg .= "Please fill in the '" . $fields[$field] . "' field and submit again.\r\n";
  78.         }
  79.  
  80.         if (!preg_match("/^[a-zA-Z-'\s]*$/", stripslashes($_POST['name'])))
  81.                 $error_msg .= "The name field must not contain special characters.\r\n";
  82.         if (!preg_match('/^([a-z0-9])(([-a-z0-9._])*([a-z0-9]))*\@([a-z0-9])(([a-z0-9-])*([a-z0-9]))+' . '(\.([a-z0-9])([-a-z0-9_-])?([a-z0-9])+)+$/i', strtolower($_POST['email'])))
  83.                 $error_msg .= "That is not a valid e-mail address.\r\n";
  84.         if (!empty($_POST['url']) && !preg_match('/^(http|https):\/\/(([A-Z0-9][A-Z0-9_-]*)(\.[A-Z0-9][A-Z0-9_-]*)+)(:(\d+))?\/?/i', $_POST['url']))
  85.                 $error_msg .= "Invalid website url.\r\n";
  86.  
  87.         if ($error_msg == NULL && $points <= $maxPoints) {
  88.                 $subject = "Automatic Form Email";
  89.  
  90.                 $message = "You received this e-mail message through your website: \n\n";
  91.                 foreach ($_POST as $key => $val) {
  92.                         $message .= ucwords($key) . ": " . clean($val) . "\r\n";
  93.                 }
  94.                 $message .= "\r\n";
  95.                 $message .= 'IP: '.$_SERVER['REMOTE_ADDR']."\r\n";
  96.                 $message .= 'Browser: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
  97.                 $message .= 'Points: '.$points;
  98.  
  99.                 if (strstr($_SERVER['SERVER_SOFTWARE'], "Win")) {
  100.                         $headers   = "From: $yourEmail\n";
  101.                         $headers  .= "Reply-To: {$_POST['email']}";
  102.                 } else {
  103.                         $headers   = "From: $yourWebsite <$yourEmail>\n";
  104.                         $headers  .= "Reply-To: {$_POST['email']}";
  105.                 }
  106.  
  107.                 if (mail($yourEmail,$subject,$message,$headers)) {
  108.                         if (!empty($thanksPage)) {
  109.                                 header("Location: $thanksPage");
  110.                                 exit;
  111.                         } else {
  112.                                 $result = 'Your mail was successfully sent.';
  113.                                 $disable = true;
  114.                         }
  115.                 } else {
  116.                         $error_msg = 'Your mail could not be sent this time. ['.$points.']';
  117.                 }
  118.         } else {
  119.                 if (empty($error_msg))
  120.                         $error_msg = 'Your mail looks too much like spam, and could not be sent this time. ['.$points.']';
  121.         }
  122. }
  123. function get_data($var) {
  124.         if (isset($_POST[$var]))
  125.                 echo htmlspecialchars($_POST[$var]);
  126. }
  127. ?>
  128.  
  129. <?php
  130.  
  131. // Create an array to hold the values that should be displayed in the form fields
  132. $form = array();
  133. // Loop through all available fields and set form value to empty to begin with
  134. foreach ($fields as $fname => $display) {
  135.         $form[$fname] = '';
  136. }
  137.  
  138.  
  139. if ($error_msg != NULL) {
  140.         // Error
  141.         echo '<p class="error">ERROR: '. nl2br($error_msg) . "</p>";
  142.        
  143.         // Re-populate form
  144.         // Loop through all fields and set to the suibmitted value, or empty.
  145.         foreach($fields as $fname => $display)
  146.         {
  147.                 $form[$fname] = (!empty($_POST[$fname])) ? $_POST[$fname] : '';
  148.         }
  149. }
  150. if ($result != NULL) {
  151.         // Success
  152.         echo '<p class="success">'. $result . "</p>";
  153. }
  154. ?>
  155.  
  156.  
  157.  
  158. <style type="text/css">
  159. /*Contact form*/
  160. label {
  161. width:12em;
  162. float:left;
  163. text-align:right;
  164. margin-right:1.5em;
  165. display:block
  166. }
  167. .submit input {
  168. margin-left:4.5em;
  169. }
  170. input.text {
  171. border:1px solid #232a15;
  172. margin:2px;
  173. border:1px solid #A8A8A8;
  174. font-family:Verdana,Arial,Helvetica,sans-serif;
  175. }
  176. textarea {
  177. border: 1px solid #232a15;
  178. margin: 2px;
  179. border:1px solid #A8A8A8;
  180. font-family:Verdana,Arial,Helvetica,sans-serif;
  181. }
  182. fieldset {
  183. border:1px solid #232a15;
  184. padding: 4px;
  185. border:1px solid #A8A8A8;
  186. }
  187. p.error, p.success {
  188.    font-weight: bold;
  189.    padding: 10px;
  190.    border: 1px solid;
  191.   }
  192.   p.error {
  193.    background: #ffc0c0;
  194.    color: #900;
  195.   }
  196.   p.success {
  197.    background: #b3ff69;
  198.    color: #4fa000;
  199.   }
  200. </style>
  201. <form name="sports" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
  202. <noscript>
  203.   <p><input type="hidden" name="nojs" id="nojs" /></p>
  204. </noscript>
  205.          <fieldset>
  206.          <div>
  207.          <label for="name">Your name</label>
  208.          <input type="text" class="text" name="name" id="name" size="30" value="<?php echo $form['name']; ?>" />
  209.         </div>
  210.          <div>
  211.          <label for="pupilsname">Pupils name (if different)</label>
  212.          <input type="text" class="text" name="pupilsname" id="pupilsname" size="30" value="<?php echo $form['pupilsname']; ?>" />
  213.         </div>
  214.          <div>
  215.          <label for="tutorgroup">Tutor group</label>
  216.          <input type="text" class="text" name="tutorgroup" id="tutorgroup" size="30" value="<?php echo $form['tutorgroup']; ?>" />
  217.         </div>
  218.         <div>
  219.          <label for="pupilssportactivity">Pupils sport/activity</label>
  220.          <input type="text" class="text" name="pupilssportactivity" id="pupilssportactivity" size="30" value="<?php echo $form['pupilssportactivity']; ?>" />
  221.         </div>
  222.         <div>
  223.          <label for="pupilsachievement">Pupils achievement</label>
  224.          <textarea rows="6" cols="40" name="pupilsachievement" id="pupilsachievement"><?php echo $form['pupilsachievement']; ?></textarea>
  225.         </div>
  226.          <div>
  227.          <label for="email">Your email address</label>
  228.          <input type="text" class="text" name="email" id="email" size="30" value="<?php echo $form['email']; ?>" />
  229.         </div>
  230.         <div class="submit">
  231.          <input type="submit" name="submit" id="submit" value="Submit" />
  232.         </div>
  233.         </fieldset>
  234.    </form>