Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- function ValidateEmail($email)
- {
- $pattern = '/^([0-9a-z]([-.\w]*[0-9a-z])*@(([0-9a-z])+([-\w]*[0-9a-z])*\.)+[a-z]{2,6})$/i';
- return preg_match($pattern, $email);
- }
- if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['formid']) && $_POST['formid'] == 'borang_log')
- {
- $mailto = 'yourname@yourdomain.com';
- $mailfrom = isset($_POST['email']) ? $_POST['email'] : $mailto;
- $subject = 'Website form';
- $message = 'Values submitted from web site form:';
- $success_url = './success.php';
- $error_url = './failed.php';
- $csvFile = "./formdata.csv";
- $error = '';
- $mysql_server = 'localhost';
- $mysql_database = '';
- $mysql_table = '';
- $mysql_username = '';
- $mysql_password = '';
- $eol = "\n";
- $boundary = md5(uniqid(time()));
- $header = 'From: '.$mailfrom.$eol;
- $header .= 'Reply-To: '.$mailfrom.$eol;
- $header .= 'MIME-Version: 1.0'.$eol;
- $header .= 'Content-Type: multipart/mixed; boundary="'.$boundary.'"'.$eol;
- $header .= 'X-Mailer: PHP v'.phpversion().$eol;
- if (!ValidateEmail($mailfrom))
- {
- $error .= "The specified email address is invalid!\n<br>";
- }
- if (!empty($error))
- {
- $errorcode = file_get_contents($error_url);
- $replace = "##error##";
- $errorcode = str_replace($replace, $error, $errorcode);
- echo $errorcode;
- exit;
- }
- $internalfields = array ("submit", "reset", "send", "filesize", "formid", "captcha_code", "recaptcha_challenge_field", "recaptcha_response_field", "g-recaptcha-response");
- $message .= $eol;
- $message .= "IP Address : ";
- $message .= $_SERVER['REMOTE_ADDR'];
- $message .= $eol;
- $logdata = '';
- foreach ($_POST as $key => $value)
- {
- if (!in_array(strtolower($key), $internalfields))
- {
- $logdata .= ';';
- if (!is_array($value))
- {
- $message .= ucwords(str_replace("_", " ", $key)) . " : " . $value . $eol;
- $value = str_replace(";", " ", $value);
- $logdata .= $value;
- }
- else
- {
- $message .= ucwords(str_replace("_", " ", $key)) . " : " . implode(",", $value) . $eol;
- $logdata .= implode("|", $value);
- }
- }
- }
- $logdata = str_replace("\r", "", $logdata);
- $logdata = str_replace("\n", " ", $logdata);
- $logdata .= "\r\n";
- $handle = fopen($csvFile, 'a') or die("can't open file");
- $logtime = date("Y-m-d H:i:s;");
- fwrite($handle, $logtime);
- fwrite($handle, $_SERVER['REMOTE_ADDR']);
- fwrite($handle, $logdata);
- fclose($handle);
- $body = 'This is a multi-part message in MIME format.'.$eol.$eol;
- $body .= '--'.$boundary.$eol;
- $body .= 'Content-Type: text/plain; charset=ISO-8859-1'.$eol;
- $body .= 'Content-Transfer-Encoding: 8bit'.$eol;
- $body .= $eol.stripslashes($message).$eol;
- if (!empty($_FILES))
- {
- foreach ($_FILES as $key => $value)
- {
- if ($_FILES[$key]['error'] == 0)
- {
- $body .= '--'.$boundary.$eol;
- $body .= 'Content-Type: '.$_FILES[$key]['type'].'; name='.$_FILES[$key]['name'].$eol;
- $body .= 'Content-Transfer-Encoding: base64'.$eol;
- $body .= 'Content-Disposition: attachment; filename='.$_FILES[$key]['name'].$eol;
- $body .= $eol.chunk_split(base64_encode(file_get_contents($_FILES[$key]['tmp_name']))).$eol;
- }
- }
- }
- $body .= '--'.$boundary.'--'.$eol;
- if ($mailto != '')
- {
- mail($mailto, $subject, $body, $header);
- }
- $search = array("ä", "Ä", "ö", "Ö", "ü", "Ü", "ß", "!", "§", "$", "%", "&", "/", "\x00", "^", "°", "\x1a", "-", "\"", " ", "\\", "\0", "\x0B", "\t", "\n", "\r", "(", ")", "=", "?", "`", "*", "'", ":", ";", ">", "<", "{", "}", "[", "]", "~", "²", "³", "~", "µ", "@", "|", "<", "+", "#", ".", "´", "+", ",");
- $replace = array("ae", "Ae", "oe", "Oe", "ue", "Ue", "ss");
- foreach($_POST as $name=>$value)
- {
- $name = str_replace($search, $replace, $name);
- $name = strtoupper($name);
- $form_data[$name] = $value;
- }
- $db = mysqli_connect($mysql_server, $mysql_username, $mysql_password) or die('Failed to connect to database server!<br>'.mysqli_error($db));
- mysqli_query($db, "CREATE DATABASE IF NOT EXISTS $mysql_database");
- mysqli_select_db($db, $mysql_database) or die('Failed to select database<br>'.mysqli_error($db));
- mysqli_query($db, "CREATE TABLE IF NOT EXISTS $mysql_table (ID int(9) NOT NULL auto_increment, `DATESTAMP` DATE, `TIME` VARCHAR(8), `IP` VARCHAR(15), `BROWSER` TINYTEXT, PRIMARY KEY (id))");
- foreach($form_data as $name=>$value)
- {
- mysqli_query($db ,"ALTER TABLE $mysql_table ADD $name VARCHAR(255)");
- }
- mysqli_query($db, "INSERT INTO $mysql_table (`DATESTAMP`, `TIME`, `IP`, `BROWSER`)
- VALUES ('".date("Y-m-d")."',
- '".date("G:i:s")."',
- '".$_SERVER['REMOTE_ADDR']."',
- '".$_SERVER['HTTP_USER_AGENT']."')")or die('Failed to insert data into table!<br>'.mysqli_error($db));
- $id = mysqli_insert_id($db);
- foreach($form_data as $name=>$value)
- {
- mysqli_query($db, "UPDATE $mysql_table SET $name='".mysqli_real_escape_string($db, $value)."' WHERE ID=$id") or die('Failed to update table!<br>'.mysqli_error($db));
- }
- mysqli_close($db);
- header('Location: '.$success_url);
- exit;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement