Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $request = array_map('trim',($_SERVER['REQUEST_METHOD'] == "POST") ? $_POST : $_GET) ;
- $to=$request['email'];
- $subject=$request['subject'];
- $name = $request['name'];
- $message = $request['message'];
- //check for spam injection
- $allfields = implode('',$request) ;
- $nontext = $request ;
- unset($nontext['message'] );
- $nontextfields = implode ('',$nontext) ;
- if (
- (!$name) ||
- (!$to) ||
- (!$message) ||
- (strpos($nontextfields,"\\r")!==false) ||
- (strpos($nontextfields,"\\r")!==false) ||
- (strpos($nontextfields,"\\n")!==false) ||
- (stripos($allfields,"Content-Transfer-Encoding")!==false) ||
- (stripos($allfields,"MIME-Version")!==false) ||
- (stripos($allfields,"Content-Type")!==false) ||
- (stripos($allfields,"BCC")!==false) ||
- (stripos($allfields,"CC")!==false) ||
- (stripos($allfields,"From")!==false) ||
- (empty($_SERVER['HTTP_USER_AGENT']))) die('Incorrect request') ; //stop spammers
- $headers = 'MIME-Version: 1.0' . PHP_EOL;
- $headers .= 'Content-type: text/html; charset=iso-8859-1' . PHP_EOL;
- $headers .= 'From: ' . $_POST['email'] . PHP_EOL;
- if(mail($to, $subject, $message, $headers)){
- echo 'Email Sent';
- }else{
- echo 'Email Could not be sent';
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement