\n"; echo "This form is powered by Sheck Technologies\n\n"; exit; } function check_banlist($banlist, $email) { if (count($banlist)) { $allow = true; foreach($banlist as $banned) { $temp = explode("@", $banned); if ($temp[0] == "*") { $temp2 = explode("@", $email); if (trim(strtolower($temp2[1])) == trim(strtolower($temp[1]))) $allow = false; } else { if (trim(strtolower($email)) == trim(strtolower($banned))) $allow = false; } } } if (!$allow) { print_error("You are using from a banned email address."); } } // function to check the referer for security reasons. // contributed by some one who's name got lost.. Thanks // goes out to him any way. function check_referer($referers) { if (count($referers)) { $found = false; $temp = explode("/",getenv("HTTP_REFERER")); $referer = $temp[2]; for ($x=0; $x unauthorized domain."); error_log("[shoporder.php] Illegal Referer. (".getenv("HTTP_REFERER").")", 0); } return $found; } else { return true; // not a good idea, if empty, it will allow it. } } if ($referers) check_referer($referers); if ($banlist) check_banlist($banlist, $email); // parse the form and create the content string which we will send function parse_form($array) { // build reserved keyword array $reserved_keys[] = "MAX_FILE_SIZE"; $reserved_keys[] = "required"; $reserved_keys[] = "redirect"; $reserved_keys[] = "email"; $reserved_keys[] = "require"; $reserved_keys[] = "path_to_file"; $reserved_keys[] = "recipient"; $reserved_keys[] = "subject"; $reserved_keys[] = "bgcolor"; $reserved_keys[] = "text_color"; $reserved_keys[] = "link_color"; $reserved_keys[] = "vlink_color"; $reserved_keys[] = "alink_color"; $reserved_keys[] = "title"; $reserved_keys[] = "missing_fields_redirect"; $reserved_keys[] = "env_report"; if (count($array)) { while (list($key, $val) = each($array)) { // exclude reserved keywords $reserved_violation = 0; for ($ri=0; $ri\n"; if ($title) echo "\n"; if (!$bgcolor) $bgcolor = "#FFFFFF"; if (!$text_color) $text_color = "#000000"; if (!$link_color) $link_color = "#0000FF"; if (!$vlink_color) $vlink_color = "#FF0000"; if (!$alink_color) $alink_color = "#000088"; if ($background) $background = "background=\"$background\""; echo "\n\n"; } $recipient_in = split(',',$recipient); for ($i=0;$iI NEED VALID RECIPIENT EMAIL ADDRESS ($recipient_to_test) TO CONTINUE"); } } if ($required) $require = $required; // handle the required fields if ($require) { // seperate at the commas $require = ereg_replace( " +", "", $require); $required = split(",",$require); for ($i=0;$iemail address is invalid"); } $EMAIL = $email; } if (($ZIP_CODE) || ($zip_code)) { $zip_code = trim($zip_code); if ($ZIP_CODE) $zip_code = trim($ZIP_CODE); if (!ereg("(^[0-9]{5})-([0-9]{4}$)", trim($zip_code)) && (!ereg("^[a-zA-Z][0-9][a-zA-Z][[:space:]][0-9][a-zA-Z][0-9]$", trim($zip_code))) && (!ereg("(^[0-9]{5})", trim($zip_code)))) { print_error("your zip/postal code is invalid"); } } if (($PHONE_NO) || ($phone_no)) { $phone_no = trim($phone_no); if ($PHONE_NO) $phone_no = trim($PHONE_NO); if (!ereg("(^(.*)[0-9]{3})(.*)([0-9]{3})(.*)([0-9]{4}$)", $phone_no)) { print_error("your phone number is invalid"); } } if (($FAX_NO) || ($fax_no)) { $fax_no = trim($fax_no); if ($FAX_NO) $fax_no = trim($FAX_NO); if (!ereg("(^(.*)[0-9]{3})(.*)([0-9]{3})(.*)([0-9]{4}$)", $fax_no)) { print_error("your fax number is invalid"); } } $content = parse_form($HTTP_POST_VARS); if ($file_name) { if ($file_size > 0) { if (!ereg("/$", $path_to_file)) $path_to_file = $path_to_file."/"; $location = $path_to_file.$file_name; if (file_exists($path_to_file.$file_name)) $location .= ".new"; copy($file,$location); unlink($file); $content .= "Uploaded File: ".$location."\n"; } } if ($file2_name) { if ($file_size > 0) { if (!ereg("/$", $path_to_file)) $path_to_file = $path_to_file."/"; $location = $path_to_file.$file2_name; if (file_exists($path_to_file.$file2_name)) $location .= ".new"; copy($file2,$location); unlink($file2); $content .= "Uploaded File: ".$location."\n"; } } if ($env_report) { $env_report = ereg_replace( " +", "", $env_report); $env_reports = split(",",$env_report); $content .= "\n------ eviromental variables ------\n"; for ($i=0;$i
\n"; echo "This form is powered by Sheck.com\n\n"; exit; } // <---------- THE END ----------> //