Advertisement
Guest User

Untitled

a guest
Jul 1st, 2017
80
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.58 KB | None | 0 0
  1. filter_var($myVar, FILTER_SANITIZE_STRING);
  2.  
  3. <?php
  4. session_start();
  5.  
  6. $firstName = $_SESSION['inputs']['firstName'];
  7. $lastName = $_SESSION['inputs']['lastName'];
  8. $email = $_SESSION['inputs']['email'];
  9. $subject = $_SESSION['inputs']['subject'];
  10. $message = $_SESSION['inputs']['message'];
  11. ?><!DOCTYPE html>
  12.  
  13. <!-- ... -->
  14.  
  15. <?php
  16. // Display errors
  17. if (array_key_exists('errors', $_SESSION)) {
  18. echo
  19. '<div class="alert alert-error">
  20. <ul>
  21. <li>'.implode('</li>
  22. <li>', $_SESSION['errors']).'</li>
  23. </ul>
  24. </div>';
  25.  
  26. // Display 'success' message
  27. } elseif (array_key_exists('success', $_SESSION)) {
  28. echo
  29. '<div class="alert alert-success">
  30. <p>Your message has been successfully sent.</p>
  31. </div>';
  32. }
  33. ?>
  34. <form class="form" action="process_form.php" method="POST">
  35. <div class="form_details">
  36. <input type="text" name="firstName" placeholder="First name" value="<?php echo htmlspecialchars($firstName, ENT_QUOTES, 'utf-8'); ?>"/>
  37. <input type="text" name="lastName" placeholder="Last name" value="<?php echo htmlspecialchars($lastName, ENT_QUOTES, 'utf-8'); ?>"/>
  38. <input type="email" name="email" placeholder="E-mail" value="<?php echo htmlspecialchars($email, ENT_QUOTES, 'utf-8'); ?>"/>
  39. <input type="text" name="subject" maxlength="100" placeholder="Subject" value="<?php echo htmlspecialchars($subject, ENT_QUOTES, 'utf-8'); ?>"/>
  40. </div>
  41. <div class="form_message">
  42. <textarea name="message" placeholder="Your message"><?php echo htmlspecialchars($message, ENT_QUOTES, 'utf-8'); ?></textarea>
  43. </div>
  44. <input type="submit" name="submit" value="Submit"/>
  45. </form>
  46.  
  47. <!-- ... -->
  48.  
  49. <?php
  50.  
  51. function sanitize_input($input) {
  52. $input = str_ireplace(array('r', 'n', '%0a', '%0d', '0x0A'), '', $input);
  53. $input = trim($input);
  54. return $input;
  55. }
  56.  
  57. # ---- DEFINE VARIABLES ---- #
  58.  
  59. $errors = [];
  60. $firstName = $inputs['firstName'] = sanitize_input($_POST['firstName']);
  61. $lastName = $inputs['lastName'] = sanitize_input($_POST['lastName']);
  62. $email = $inputs['email'] = sanitize_input($_POST['email']);
  63. $subject = $inputs['subject'] = sanitize_input($_POST['subject']);
  64. $message = $inputs['message'] = sanitize_input($_POST['message']);
  65. $name = [$firstName, $lastName];
  66.  
  67. # ---- PROCESS THE INPUTS AND GENERATE ERRORS ---- #
  68.  
  69. if ($firstName == '' && $lastName == '') {
  70. $errors['name'] = 'Your name is required.';
  71. } elseif ($firstName == '') {
  72. $errors['name'] = 'Your first name is required.';
  73. } elseif ($lastName == '') {
  74. $errors['name'] = 'Your last name is required.';
  75. } elseif (preg_grep("/^p{L}*(?>[- ']p{L}*)*$/u", $name, PREG_GREP_INVERT)) {
  76. $errors['name'] = "Your name may only contain letters, whitespaces, - or '.";
  77. }
  78.  
  79. if ($email == '') {
  80. $errors['email'] = 'Your e-mail address is required.';
  81. } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
  82. $errors['email'] = 'Please enter a valid e-mail address.';
  83. }
  84.  
  85. if ($subject == '') {
  86. $errors['subject'] = 'A subject is required.';
  87. }
  88.  
  89. if ($message == '') {
  90. $errors['message'] = 'A message is required.';
  91. }
  92.  
  93. # ---- SEND ERRORS TO USER IF THERE IS ANY, OTHERWISE SEND MESSAGE ---- #
  94.  
  95. session_start();
  96.  
  97. if (!empty($errors)) {
  98. $_SESSION['errors'] = $errors;
  99. $_SESSION['inputs'] = $inputs;
  100. header('Location: contact.php');
  101. exit;
  102. } else {
  103. require_once('phpmailer/PHPMailerAutoload.php');
  104. $config = include('../config.ini.php');
  105. date_default_timezone_set($config['mail']['timezone']);
  106.  
  107. $mail = new PHPMailer();
  108.  
  109. $mail->isSMTP();
  110. $mail->Host = $config['mail']['host'];
  111. $mail->SMTPAuth = true;
  112. $mail->Username = $config['mail']['username'];
  113. $mail->Password = $config['mail']['password'];
  114. $mail->SMTPDebug = 0;
  115. $mail->SMTPSecure = $config['mail']['connection'];
  116. $mail->Port = $config['mail']['port'];
  117.  
  118. $mail->AddAddress($config['mail']['mailAddress']);
  119. $mail->AddReplyTo($email, $firstName.' '.$lastName);
  120. $mail->FromName = $firstName.' '.$lastName;
  121. $mail->Subject = $subject;
  122. $mail->Body = $message;
  123.  
  124. if (!$mail->Send()) {
  125. $errors['notSent'] = 'The message could not be sent.';
  126. $errors['errorInfo'] = 'Error returned: '.'"'.$mail->ErrorInfo.'".';
  127. $_SESSION['errors'] = $errors;
  128. $_SESSION['inputs'] = $inputs;
  129. header('Location: contact.php');
  130. exit;
  131. } else {
  132. $_SESSION['success'] = 1;
  133. header('Location: contact.php');
  134. }
  135. }
  136.  
  137. if ($firstName == '' && $lastName == '') [...]
  138.  
  139. if (!isset($firstName) || empty(trim($firstName)) && !isset($lastName) || empty(trim($lastName))) {}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement