API tools faq
paste
Guest User

Untitled

a guest
Nov 23rd, 2018
148
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.41 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. $_YEAR;
  4.  
  5. class Config {
  6. public $CONFIG;
  7. public $parsed;
  8. public function __construct($file) {
  9. define('ON', '1');
  10. define('OFF', '2');
  11. define('AUTOMATIC', 'A');
  12. $this->CONFIG = parse_ini_file($file, true);
  13. }
  14. public function result() {
  15. return $this->CONFIG;
  16. }
  17. public function get($section, $field) {
  18. return $this->CONFIG[$section][$field];
  19. }
  20. public function parse($section, $field) {
  21. if(isset($this->parsed[$section]))
  22. if(isset($this->parsed[$section][$field]))
  23. return $this->parsed[$section][$field];
  24. else
  25. $this->parsed[$section] = array();
  26. $value = $this->CONFIG[$section][$field];
  27. switch($field) {
  28. case 'start':
  29. $match = array('',date('m'),date('d'),date('y'));
  30. preg_match('/^([0-9]{1,2})\/([0-9]{1,2})\/([0-9]{2})$/', $value, $match);
  31. $value = max($now-3600*24*7, mktime(1,1,1,$match[1],$match[2],'20'.$match[3]));
  32. break;
  33. case 'table':
  34. if($value === 'A') {
  35. $year = max(date('y'), date('y', $this->parse('Range','start')));
  36. $value = $this->get('Database','prefix').$year;
  37. }
  38. break;
  39. }
  40. $this->parsed[$section][$field] = $value;
  41. return $value;
  42. }
  43. }
  44.  
  45. class DateCode {
  46. public function unix($d) {
  47. global $_YEAR;
  48. return mktime(substr($d,4,2),0,0,substr($d,0,2),substr($d,2,2),$_YEAR);
  49. }
  50. }
  51.  
  52. class DB {
  53. public function select($dbname) {
  54. $host = ("localhost");
  55. $dbuser = ("root");
  56. $dbpass = ("");
  57. $db = mysql_connect("$host", "$dbuser", "$dbpass") or die(mysql_error());
  58. mysql_select_db("$dbname",$db) or die(mysql_error());
  59. }
  60. public function QCount($table, $where=FALSE) {
  61. $query = "SELECT * FROM `".$table."`";
  62. if($where!==FALSE)
  63. $query .= " WHERE ".$where;
  64. $result = mysql_query($query);
  65. if($result)
  66. return mysql_num_rows($result);
  67. return FALSE;
  68. }
  69. public function Remove($table, $where) {
  70. $query = "DELETE FROM `".$table."` WHERE ".$where;
  71. return mysql_query($query);
  72. }
  73. public function Update($table, $set, $to, $where) {
  74. $query = "UPDATE `" . $table . "` SET `" . $set . "` = '" . $to . "' WHERE " . $where;
  75. $result = mysql_query($query);
  76. if(false !== $result)
  77. return mysql_affected_rows();
  78. else return false;
  79. }
  80. public function Insert($database, $table, $values, $error="Critical sytem error.") {
  81. $field = implode('`,`',array_keys($values));
  82. $value = implode("','",$values);
  83. $query = "INSERT INTO `".$database."`.`".$table."` (`".$field."`) VALUES('".$value."')";
  84. $result = mysql_query($query) or die($error);
  85. }
  86. }
  87.  
  88. if(!isset($_COOKIE['who']) || !isset($_POST['code'])) {
  89. header('Location: /');
  90. exit;
  91. }
  92.  
  93. $who = $_COOKIE['who'];
  94. $code = $_POST['code'];
  95.  
  96. $fields = array(
  97. 'firstname' => '/^\s*[a-z\-]+( [a-z\.\-]+)?\s*$/i',
  98. 'lastname' => '/^\s*[a-z\-]+( [a-z\.\-]+)?\s*$/i',
  99. 'phone' => '/^1?[\.\- ]{0,3}\(?[2-9][0-9]{2}\)?[\.\- ]{0,3}[2-9][0-9]{2}[\.\- ]{0,3}[0-9]{4}([\.\- ]{0,3}[ext]{0,3}[0-9]{4})?$/',
  100. 'Email' => '/^[a-z0-9._%+-]+@[a-z0-9.-]+\.[a-z]{2,4}$/i',
  101. );
  102.  
  103. $accept = array();
  104. $reject = array();
  105.  
  106. foreach($fields as $field => $regex) {
  107. if(!isset($_POST[$field]) || $_POST[$field] === '') {
  108. $user[] = '';
  109. $reject[] = 'no_'.$field;
  110. }
  111. else {
  112. $value = $_POST[$field];
  113. $user[] = preg_replace('/;/','',$value);
  114. if(preg_match($regex,$value))
  115. $accept[] = $field;
  116. else
  117. $reject[] = 'invalid_'.$field;
  118. }
  119. }
  120. setcookie('user',implode(';',$user));
  121.  
  122. if(sizeof($reject) !== 0) {
  123. setcookie('fields',implode(';',$accept));
  124. setcookie('errors',implode(';',$reject));
  125.  
  126. header('Location: /submit.'.$code);
  127. exit;
  128. }
  129.  
  130. $ini = new Config('../config.ini');
  131. $_CONFIG = $ini->result();
  132. $_YEAR = date('Y', $ini->parse('Range','start'));
  133.  
  134. $date = DateCode::unix($code);
  135.  
  136. $confirmation = $_CONFIG['Confirm']['confirmation'];
  137. $email_sent = $_CONFIG['Confirm']['email_sent'];
  138. $automatic_email = $_CONFIG['Email']['automatic_email'];
  139. $php_path = $_CONFIG['Email']['php_path'];
  140. $subject = $_CONFIG['Email']['subject'];
  141. $body = $_CONFIG['Email']['body'];
  142.  
  143. $key = FALSE;
  144. foreach($_CONFIG['Users']['name'] as $index => $user) {
  145. if($user == $who) {
  146. $key = $index;
  147. break;
  148. }
  149. }
  150. if($key === FALSE || !preg_match('/[0-9\.]+/',$_SERVER['REMOTE_ADDR']))
  151. die('Hacking attempt');
  152.  
  153. $email = $_CONFIG['Users']['email'][$key];
  154. $password = $_CONFIG['Users']['password'][$key];
  155. $user_firstname = $_POST['firstname'];
  156. $user_lastname = $_POST['lastname'];
  157. $user_phone = $_POST['phone'];
  158. $user_email = $_POST['Email'];
  159. $user_comments = $_POST['comments'];
  160.  
  161. $database = $ini->parse('Database','table');
  162. DB::select($database);
  163. $table = $who.'-avail';
  164. $where = "`DateId`='".$code."'";
  165. if(DB::QCount($table,$where) === 0) {
  166. readfile('./pages/error');
  167. exit;
  168. }
  169. if(DB::Remove($table,$where) === FALSE) {
  170. readfile('./page/error');
  171. exit;
  172. }
  173. if(DB::QCount($who.'-appts',$where) === FALSE) {
  174. readfile('./page/error');
  175. exit;
  176. }
  177.  
  178. $user_phone = preg_replace('/^1?[\.\- ]{0,3}\(?([2-9][0-9]{2})\)?[\.\- ]{0,3}([2-9][0-9]{2})[\.\- ]{0,3}([0-9]{4})(?:[\.\- ]{0,3}[ext]{0,3}([0-9]{4}))?$/',
  179. '$1$2$3$4', $user_phone);
  180. $user_comments = preg_replace("/'/", "\\'", $user_comments);
  181. $insert = array(
  182. 'DateId' => $code,
  183. 'ip' => $_SERVER['REMOTE_ADDR'],
  184. 'email' => $user_email,
  185. 'firstname' => $user_firstname,
  186. 'lastname' => $user_lastname,
  187. 'phone' => $user_phone,
  188. 'comments' => $user_comments,
  189. 'date' => time(),
  190. );
  191.  
  192. DB::Insert($database, $who.'-appts', $insert);
  193.  
  194. $i = 0;
  195. $date_match = explode('.',date('n.j.jS.y.M.F.D.l.Y.g.a', $date));
  196. $replace = array(
  197. '/%who%/' => ucfirst($who),
  198. '/%email%/' => $user_email,
  199. '/%first%/' => $user_firstname,
  200. '/%last%/' => $user_lastname,
  201. '/%m%/' => $date_match[$i++],
  202. '/%d%/' => $date_match[$i++],
  203. '/%dd%/' => $date_match[$i++],
  204. '/%y%/' => $date_match[$i++],
  205. '/%month%/' => $date_match[$i++],
  206. '/%Month%/' => $date_match[$i++],
  207. '/%day%/' => $date_match[$i++],
  208. '/%Day%/' => $date_match[$i++],
  209. '/%[yY]ear%/' => $date_match[$i++],
  210. '/%hour%/' => $date_match[$i++],
  211. '/%ampm%/i' => $date_match[$i++],
  212. );
  213.  
  214. $confirmation = preg_replace(array_keys($replace), $replace, $confirmation);
  215. $email_sent = preg_replace(array_keys($replace), $replace, $email_sent);
  216.  
  217. if($automatic_email == TRUE) {
  218. require_once $php_path;
  219.  
  220. $subject = preg_replace(array_keys($replace), $replace, $subject);
  221. $body = preg_replace(array_keys($replace), $replace, $body);
  222.  
  223. $headers = array(
  224. 'From' => $email,
  225. 'To' => $user_firstname.' '.$user_lastname.' <'.$user_email.'>',
  226. 'Subject' => $subject,
  227. );
  228.  
  229. $host = $_CONFIG['Email']['smtp'];
  230. $username = preg_replace('/[^<]*<([^>]+)>/','$1',$email);
  231.  
  232. $smtp = Mail::factory('smtp', array(
  233. 'host' => $host,
  234. 'auth' => TRUE,
  235. 'username' => $username,
  236. 'password' => $password,
  237. ));
  238.  
  239. $mail = @$smtp->send($user_email, $headers, $body);
  240.  
  241. if(PEAR::isError($mail)) {
  242. $email_confirmation = $mail->getMessage();
  243. } else {
  244. $email_confirmation = $email_sent;
  245. }
  246. }
  247.  
  248. echo '
  249. <html>
  250. <head>
  251. <title>Regalia & Associates CPAs</title>
  252. <style>
  253. body {
  254. background-color: darkSlateGray;
  255. font: 12pt Arial;
  256. }
  257. div {
  258. margin-left: 150px;
  259. margin-top: 30pt;
  260. border: 2px solid #A0A0A0;
  261. padding: 35px;
  262. background-color: beige;
  263. width: 500pt;
  264. padding-left: 10pt;
  265. padding-right: 10pt;
  266. padding-top: 10pt;
  267. padding-bottom: 15pt;
  268. }
  269. span {
  270. color: blue;
  271. margin-left: 5px;
  272. font: 15pt Arial;
  273. }
  274. </style></head><body>
  275. <div>
  276. '.$confirmation.'
  277. <br><br>
  278. '.$email_confirmation.'
  279. </div>
  280. </body>
  281. </html>';
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!