Test Dawnwatch Email form

[insert_php]

if (!session_is_registered(‘turing_string’)){
session_start();
}

if (!isset($_SESSION[‘turing_guesses’])){
$_SESSION[‘turing_guesses’] = 0;
}

include (“./configsbf.php”);
include (“./funcsbf.php”);

$is_iframe = “”;

if (isset($_GET[‘iframe’])){
$is_iframe = trim($_GET[‘iframe’]);
}else if (isset($_POST[‘iframe’])){
$is_iframe = trim($_POST[‘iframe’]);
}

if (isset($_GET[‘f’])){
$form_get_short = trim($_GET[‘f’]);
}else if (isset($_POST[‘f’])){
$form_get_short = trim($_POST[‘f’]);
}

if (isset($_GET[‘form’])){
$form_get_long = trim($_GET[‘form’]);
}else if (isset($_POST[‘form’])){
$form_get_long = trim($_POST[‘form’]);
}

if (isset($_SERVER[‘PATH_INFO’])){
$form_server_path = $_SERVER[‘PATH_INFO’];
$form_server_path = preg_replace(“/^\//”,””,$form_server_path);
}

$f = “”;

if (isset ($form_get_short) && $form_get_short != “”){
$f = $form_get_short;
}else if (isset ($form_get_long) && $form_get_long != “”){
foreach ($forms as $key => $form_name){
if ($form_get_long == $form_name){
$f = $key;
}
}
}else if (isset ($form_server_path) && $form_server_path != “”){
foreach ($forms as $key => $form_name){
if ($form_server_path == $form_name){
$f = $key;
}
}
}else{
$f = $default_form;
}

if (!isset($forms[$f]) || $forms[$f] == ”){
$f = $default_form;
}

if ($f == 1) {
$admin_email = $contact_email_address;
}else if ($f == 11) {
$admin_email = $contact_sub_email_address;
}else if ($f == 12) {
$admin_email = $subscribe_manual_email_address;
}

//$f is used in the templates, it must be ‘f’

$form_to_use = “$path_to_form/$forms[$f]”;

if (isset($_POST[‘required_fields’])){
$required_fields = preg_split(“/\,\s*/”,trim($_POST[‘required_fields’]));
//$required_fields[] = “Security_Code”;
}

$action = $_SERVER[‘PHP_SELF’];

if ($_SERVER[‘REQUEST_METHOD’] == ‘POST’) {

if (isset ($required_fields)){
// otherwise do not check

foreach ($required_fields as $key=>$value){

if ($value == ‘Security_Code’ && ($security_level != “highest” || $security_level != “medium”)){
// do not look for security code if security setting is ‘lowest’
continue;
}

if (isset ($_POST[“$value”]) && is_array ($_POST[“$value”]) && $_POST[“$value”][0] != “”){
// OK
}else if (isset ($_POST[“$value”]) && is_array ($_POST[“$value”])){
$is_empty = 1;
foreach ($_POST[“$value”] as $k=>$v){
if (isset($_POST[“$v”]) && trim($_POST[“$v”]) != “”){
$is_empty = 0;
}
}

if ($is_empty == 1){

redisplay(null,$form_to_use,null,null,$is_iframe);
exit;
}

}else{
if (!isset($_POST[“$value”]) || trim($_POST[“$value”]) == “”){
redisplay(null,$form_to_use,null,null,$is_iframe);
exit;
}
}
}
}

if ($security_level == “highest”){
if (!isset ($_POST[‘Security_Code’]) || trim($_POST[‘Security_Code’]) == “”){
error(“Please enter the security code”);
exit;
}
}

// CHECK FOR EMPTY VALUES

if ($security_level == “highest” || $security_level == “medium”){

if (isset($_SESSION[‘turing_string’]) && isset($_POST[‘Security_Code’])){

if ( (strtolower($_SESSION[‘turing_string’]) == strtolower($_POST[‘Security_Code’])) && ($_SESSION[‘turing_guesses’] < $num_guesses)) { unset($_SESSION['turing_guesses']); $_SESSION['turing_pass'] = true; if (preg_match ("/^yes$/i",$send_emails)){ $Email_Address = stripslashes(trim($_POST['Email_Address'])); if(isset($_POST['Subject'])){ $subject = stripslashes(trim($_POST['Subject']))?stripslashes(trim($_POST['Subject'])):$default_subject; }else{ $subject = $default_subject; } $message = ""; foreach ($_POST as $key=>$value){

if ($key == ‘subject’ ||
$key == ‘required_fields’ ||
$key == ‘PHPSESSID’ ||
$key == ‘Security_Code’ ||
$key == ‘Send_To_Me’ ||
$key == ‘f’){
continue;
}

if (is_array ($_POST[“$key”])){

$str = “”;
foreach ($_POST[“$key”] as $k=>$v){
$str .= “$v,”;
}

$str = preg_replace (“/\,$/”,””,$str);

$key = preg_replace(“/_/”,” “,$key);
$message .= “$key: $str\n”;

}else{
$key = preg_replace(“/_/”,” “,$key);
$message .= “$key: $value\n”;
}
}

$message = stripslashes($message);
$headers = “From: $Email_Address”;

if (preg_match(‘ /[\r\n,;\'”]/ ‘, $Email_Address)){
// hacking attempt
}else{
if ($admin_email != ”){
send_mail($admin_email,$subject,$message,$headers);
//echo “

$admin_email
$subject
$message
$headers
";

						}else{

							error ("Form cannot be submitted. Admin email address has not been configured");

							exit;

						}
						if(isset($_POST['Send_To_Me']) && $_POST['Send_To_Me'] == "Yes"){
							//$message .= "Send to Yourself: Yes\n";

							//$message .= "Security Code: $_POST[Security_Code]\n";
							$website_name = $_SERVER['HTTP_REFERER'];
							$website_name = preg_replace ("/(http\:\/\/.+?)\/.+/","$1",$website_name);
							$user_message = <<$Email_Address
$subject
$user_message
$headers
";exit;

							send_mail($Email_Address,$subject,$user_message,$headers);
						}
						header("Location: $thank_you_url?t=".$_POST['Security_Code']."&f=".$f);

        					exit;

					}

				}
			}else{
				if (($security_level == "highest" || $security_level == "medium") && isset($_SESSION['turing_guesses'])){
					if (++$_SESSION['turing_guesses'] >= $num_guesses ) {
					$message = '
You made too many wrong guesses.  Sorry.';

					error($message);

	        			exit;

					}

				}
				if (($security_level == "highest" || $security_level == "medium") && isset($_SESSION['turing_guesses'])){
					$message = '
Sorry, the security code did not match.
You have ' .

			        	($num_guesses - $_SESSION['turing_guesses']) .

				        ' more attempt(s). 
Please note that the security code has changed now.
';
					$show_missing_fields_message = "no";

					redisplay($message,$form_to_use,null,$show_missing_fields_message,$is_iframe);

					exit;

				}else{
					$show_missing_fields_message = "no";

					redisplay(null,$form_to_use,null,$show_missing_fields_message,$is_iframe);

				exit;
				}

			}

		}
	}else{
		// don't check for CAPTCHA, security level is lowest
		if (preg_match ("/^yes$/i",$send_emails)){
			$Email_Address = stripslashes(trim($_POST['Email_Address']));
			if(isset($_POST['Subject'])){

				$subject = stripslashes(trim($_POST['Subject']))?stripslashes(trim($_POST['Subject'])):$default_subject;

			}else{

				$subject = $default_subject;

			}
			$message = "";
			foreach ($_POST as $key=>$value){
				if ($key == 'subject' ||

				$key == 'required_fields' ||

				$key == 'PHPSESSID' ||

				$key == 'Security_Code' ||

				$key == 'Send_To_Me' ||

				$key == 'f'){

					continue;

				}

				if (is_array ($_POST["$key"])){
					$str = "";

					foreach ($_POST["$key"] as $k=>$v){

						$str .= "$v,";

					}
					$str = preg_replace ("/\,$/","",$str);
					$key = preg_replace("/_/"," ",$key);

					$message .= "$key: $str\n";
				}else{

					$key = preg_replace("/_/"," ",$key);

					$message .= "$key: $value\n";

				}

			}
			$message = stripslashes($message);

			$headers = "From: $Email_Address";
			if (preg_match(' /[\r\n,;\'"]/ ', $Email_Address)){

				// hacking attempt

			}else{

				if ($admin_email != ''){

					send_mail($admin_email,$subject,$message,$headers);

					//echo "
$admin_email
$subject
$message
$headers
";

				}else{

					error ("Form cannot be submitted. Admin email address has not been configured");

					exit;

				}
				if(isset($_POST['Send_To_Me']) && $_POST['Send_To_Me'] == "Yes"){

						//$message .= "Send to Yourself: Yes\n";

					//$message .= "Security Code: $_POST[Security_Code]\n";
					$website_name = $_SERVER['HTTP_REFERER'];
					$website_name = preg_replace ("/(http\:\/\/.+?)\/.+/","$1",$website_name);
					$user_message = <<$Email_Address
$subject
$user_message
$headers
";exit;

					send_mail($Email_Address,$subject,$user_message,$headers);
				}

			}

		}
		if (isset ($_POST['Security_Code'])){

			header("Location: $thank_you_url?t=".$_POST['Security_Code']."&f=".$f);

       			exit;

		}else{

			header("Location: $thank_you_url?t=&f=".$f);

       			exit;

		}
		if (($security_level == "highest" || $security_level == "medium") && isset($_SESSION['turing_guesses'])){

			if (++$_SESSION['turing_guesses'] >= $num_guesses ) {
				$message = '
You made too many wrong guesses.  Sorry.';

				error($message);

		        	exit;

			}

		}       	
		if (($security_level == "highest" || $security_level == "medium") && isset($_SESSION['turing_guesses'])){
			$message = '
Sorry, the security code did not match.
You have ' .

	        	($num_guesses - $_SESSION['turing_guesses']) .

		        ' more attempt(s). 
Please note that the security code has changed now.
';
			$show_missing_fields_message = "no";

			redisplay($message,$form_to_use,null,$show_missing_fields_message,$is_iframe);

			exit;

		}else{
			$show_missing_fields_message = "no";

			redisplay(null,$form_to_use,null,$show_missing_fields_message,$is_iframe);

			exit;
		}

	}
}else{
	$first_time = "Yes";

	redisplay(null,$form_to_use,$first_time,null,$is_iframe);

	exit;

}
/////////////////////////////////////////////////////////////////////////////////////////////////////

function redisplay ($security_code_error_message,$form_to_use,$first_time,$show_missing_fields_message,$is_iframe){

/////////////////////////////////////////////////////////////////////////////////////////////////////
global $_POST;

global $security_level;
global $turing_text_font;
if ($security_level == 'medium') {

	generate_turing_string ();

}
global $required_fields;

global $form_background_color;

global $form_border_color;

global $f;

global $missing_fields_message;

global $path_to_border_images;
global $missing_image_url;

global $required_image_url;
global $turing_image_url;
$header = "";

$footer = "";
$Security_Code_Required = "";

$security_code_HTML = "";
if (!isset ($is_iframe) || $is_iframe != 'yes'){

	$header = get_header();

	$footer = get_footer();

}
$image_to_display = "";
if ($first_time == "Yes"){

	$image_to_display = "";

}else{

	$image_to_display = "";

}
if ($required_fields[0] == ""){

	$required_fields = get_required_fields($form_to_use);

}
$fp = fopen($form_to_use,"r") or die("Cannot open form file $form_to_use");

while (!feof($fp)) {
	$line = fgets ($fp, 1024);

	$line = preg_replace("/%%header%%/i",$header,$line);

	$line = preg_replace("/%%footer%%/i",$footer,$line);
if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
	// form has been submitted
	foreach ($_POST as $posted_field_name=>$posted_value){
		if (isset($_POST['Email_Address']) && isset($_POST['Confirm_Email_Address'])){

			if (trim($_POST['Email_Address']) != "" && trim($_POST['Confirm_Email_Address']) != ""){

				if (trim($_POST['Email_Address']) != trim($_POST['Confirm_Email_Address'])){
					$pattern = "Email_Address_Mismatch";

					$line = preg_replace("/%%$pattern%%/i","Your email address and confirm email address are not the same",$line);

					$pattern = "";
				}

			}

		}
		if($posted_field_name == "State"){
			$posted_value = stripslashes($posted_value);
			$pattern = $posted_value."_selected";

			$line = preg_replace("/%%$pattern%%/i","selected",$line);

			$pattern = "";

			//state as text input field

			$line = preg_replace("/%%$posted_field_name%%/i",$posted_value,$line);
		}else if ($posted_field_name == "Birth_Month"

			|| $posted_field_name == "Birth_Day"

			|| $posted_field_name == "Birth_Year"

                        || $posted_field_name == "Bedrooms"

                        || $posted_field_name == "Bathrooms"

			){
			$posted_value = stripslashes($posted_value);
			$pattern = $posted_field_name."_".$posted_value."_selected";

			$line = preg_replace("/%%$pattern%%/i","selected",$line);

			$pattern = "";
		}else if($posted_field_name == "How_Did_You_Hear_About_Us"){
			$posted_value = stripslashes($posted_value);

			$posted_value = preg_replace("/ /i","_",$posted_value);
			//$posted_value = preg_replace("/\-/i","dash",$posted_value);
			$pattern = $posted_field_name."_".$posted_value."_selected";
			$line = preg_replace("/%%$pattern%%/i","selected",$line);

			$pattern = "";
		}else if($posted_field_name == "Gender"){

			//radio button
			$posted_value = stripslashes($posted_value);

			$pattern = $posted_value."_selected";

			$line = preg_replace("/%%$pattern%%/i","checked",$line);

			$pattern = "";
		}else if($posted_field_name == "Suitable_For" || $posted_field_name == "Activities"){
			foreach ($posted_value as $fname=>$value){
				$value = preg_replace("/ /i","_",$value);

				$pattern = $posted_field_name."_".$value."_selected";

				$line = preg_replace("/%%$pattern%%/i","checked",$line);

				$pattern = "";

			}
		}else{

			$posted_value = stripslashes($posted_value);

			$line = preg_replace("/%%$posted_field_name%%/i",$posted_value,$line);
			if (isset($posted_value)){
				// check if we have any more radio buttons left

				$posted_value = stripslashes($posted_value);

				if (!preg_match("/\//",$posted_value)){

					$pattern = "$posted_field_name"."_$posted_value"."_selected";

					$line = preg_replace("/%%$pattern%%/i","checked",$line);

				}

				$pattern = "";

				//echo "$pattern

";
			}

		}

	}
	foreach ($required_fields as $key=>$req_field_name){
		if (($req_field_name == 'Birth_Month' || $req_field_name == 'Birth_Day' || $req_field_name == 'Birth_Year') &&

			(isset ($_POST[$req_field_name]) && $_POST[$req_field_name] == "")){
			$missing = $image_to_display;

			//$missing = 'required';
			$pattern = "Birth_Date_Required";
			$line = preg_replace("/%%$pattern%%/i",$missing,$line);
		}else{
			$pattern = $req_field_name."_Required";

			$temp =	$req_field_name;

			$temp = preg_replace("/_/"," ",$temp);
			// check radio buttons and input fields
			if (isset ($_POST["$req_field_name"]) && is_array ($_POST["$req_field_name"]) && $_POST["$req_field_name"][0] != ""){
//OK
			}else{

				if (!isset($_POST[$req_field_name]) || (isset($_POST[$req_field_name]) && (trim($_POST[$req_field_name]) == "" || count ($_POST[$req_field_name]) <= 0))){
					
					$missing = $image_to_display;
				}
			}
//
//			if (!isset($_POST[$req_field_name]) || (isset($_POST[$req_field_name]) && (trim($_POST[$req_field_name]) == "" || count ($_POST[$req_field_name]) <= 0))){
				
//				$missing = $image_to_display;

//				//$missing = 'required';

//			}

//

			if (isset($missing)){

				$line = preg_replace("/%%$pattern%%/i",$missing,$line);

				if ($pattern == "Security_Code_Required"){

					$Security_Code_Required = $image_to_display;

				}

			}

		}
		$pattern = "";

		$missing = "";
	}
	$line = preg_replace("/%%background_color%%/","bgcolor=\"$form_background_color\"",$line);

	$line = preg_replace("/%%border_color%%/","bgcolor=\"$form_border_color\"",$line);

	$line = preg_replace("/%%form_to_use%%/",$f,$line);
	if ($security_level == 'highest'){
		$security_code_HTML = <<

 $security_code_error_message 





 


Please type in the security code you see above.


 


Security Code:

		 $Security_Code_Required



End;
	}else if ($security_level == 'medium'){
		$turing_text = "
".$_SESSION['turing_string']."
";
		$security_code_HTML = <<

 $security_code_error_message 


$turing_text


 


Please type in the security code you see above.


 


Security Code:

		 $Security_Code_Required



End;
	}else if ($security_level == 'lowest'){
	}
	$line = preg_replace("/%%Security_Code_HTML%%/",$security_code_HTML,$line);
	if ($show_missing_fields_message != "no"){

		$line = preg_replace("/%%missing_fields_message%%/",$missing_fields_message,$line);

	}
//	$line = preg_replace("/%%required_image_url%%/","",$line);
	$line = preg_replace("/%%path_to_border_images%%/",$path_to_border_images,$line);
	$line = preg_replace("/%%.+?%%/","",$line); // remove anything still left
}else{

	// displaying the form for the first time
	if ($security_level == 'highest'){
		$security_code_HTML = <<

 $security_code_error_message 





 


Please type in the security code you see above.


 


Security Code:

		 $Security_Code_Required



End;
	}else if ($security_level == 'medium'){
		$turing_text = "
".$_SESSION['turing_string']."
";
		$security_code_HTML = <<

 $security_code_error_message 


$turing_text


 


Please type in the security code you see above.


 


Security Code:

		 $Security_Code_Required



End;
	}else if ($security_level == 'lowest'){
	}
	$line = preg_replace("/%%Security_Code_HTML%%/",$security_code_HTML,$line);
	$line = preg_replace("/%%background_color%%/","bgcolor=\"$form_background_color\"",$line);

	$line = preg_replace("/%%border_color%%/","bgcolor=\"$form_border_color\"",$line);

	$line = preg_replace("/%%form_to_use%%/",$f,$line);
	foreach ($required_fields as $key=>$req_field_name){
		if (isset($_POST["$req_field_name"])){
			if (($req_field_name == 'Birth_Month' || $req_field_name == 'Birth_Day' || $req_field_name == 'Birth_Year') &&
				$_POST[$req_field_name] == ""){
				$missing = $image_to_display;

				//$missing = 'required';
				$pattern = "Birth_Date_Required";
				$line = preg_replace("/%%$pattern%%/i",$missing,$line);
			}else{
				$pattern = $req_field_name."_Required";

				$temp =	$req_field_name;

				$temp = preg_replace("/_/"," ",$temp);
				if (isset($_POST[$req_field_name]) && trim($_POST[$req_field_name]) == ""){

					$missing = $image_to_display;

					//$missing = 'required';

				}
				if (isset($missing)){

					$line = preg_replace("/%%$pattern%%/i",$missing,$line);

				}

			}

		}
		$pattern = "";

		$missing = "";
	}
//	$line = preg_replace("/%%\w+Required%%/",$image_to_display,$line);
	$line = preg_replace("/%%required_image_msg%%/","( indicates a required field)",$line);
//	foreach ($required_fields as $key=>$req_field_name){

//		if ($)

		$line = preg_replace("/%%required_image_star%%/","",$line);

//	}
	$line = preg_replace("/%%path_to_border_images%%/",$path_to_border_images,$line);
	$line = preg_replace("/%%.+?%%/","",$line); // remove anything still left
}
	echo "$line";
}
fclose ($fp);
}
/////////////////////////////////////////////////////////////////////////////////////////////////////

function error ($message){

/////////////////////////////////////////////////////////////////////////////////////////////////////
echo <<



Error





End;
echo ("$message");

echo ("
");

echo ("<< back");
echo <<




End;
}
/////////////////////////////////////////////////////////////////////////////////////////////////////

function get_required_fields ($form_to_use) {

/////////////////////////////////////////////////////////////////////////////////////////////////////
$required_fields = array();
$fp = fopen($form_to_use,"r") or die("Cannot open form file $form_to_use");

$contents = fread ($fp, filesize ($form_to_use));

fclose ($fp);
if (preg_match("/required_fields.+?\"(.+?)\"/si",$contents,$matches)){

	$required_fields = preg_split("/\s*,\s*/si",$matches[1]);

}
return ($required_fields);
}
/////////////////////////////////////////////////////////////////////////////////////////////////////

function generate_turing_string () {

/////////////////////////////////////////////////////////////////////////////////////////////////////
global $length;
$src = 'ABCDEFGHJKLMNPQRSTUVWXYZ';        /* no I, O */

$src .= '23456789';                        /* no 1, 0 */
if (mt_rand(0,1)==0) {

    $src = strtoupper($src);

}
$srclen = strlen($src)-1;
$_SESSION['turing_string'] = '';
$data = array();
for($i=0; $i<$length; $i++) {

    $char = substr($src, mt_rand(0,$srclen), 1);
    $_SESSION['turing_string'] .= $char;

}

//return ($_SESSION['turing_string']);

}

/////////////////////////////////////////////////////////////////////////////////////////////////////
function send_mail ($send_to,$subject,$message,$headers) {
/////////////////////////////////////////////////////////////////////////////////////////////////////

//echo "

";print_r ($_FILES); exit;
$destination_file = '';

$data = '';

$filename = '';
if ($_GET['f'] == 13){

	post_to_dawnwatch_subscribe ();

	exit;

}
if (isset ($_FILES['File']['tmp_name']) && is_uploaded_file ($_FILES['File']['tmp_name'])){
	//echo $_FILES['File']['name'];

	$upload_path = substr ($_SERVER['SCRIPT_FILENAME'],0,strrpos ($_SERVER['SCRIPT_FILENAME'],'/'));
	//echo $upload_path;
	$filename = $_FILES['File']['name'];
	$destination_file = $upload_path."/temp/$filename";
	move_uploaded_file ($_FILES['File']['tmp_name'],$destination_file) or die ("Cannot move uploaded file");
	$file = fopen($destination_file,'rb') or die ("Cannot open uploaded file");

	$data = fread($file,filesize($destination_file));

	fclose($file);
}
// Generate a boundary string

$semi_rand = md5(time());

$mime_boundary = "==Multipart_Boundary_x{$semi_rand}x"; 
$headers .= "\nMIME-Version: 1.0\n" .

            "Content-Type: multipart/mixed;\n" .

            " boundary=\"{$mime_boundary}\"";
$message = "This is a multi-part message in MIME format.\n\n" .

           "--{$mime_boundary}\n" .

           "Content-Type: text/plain; charset=\"iso-8859-1\"\n" .

           "Content-Transfer-Encoding: 7bit\n\n" .

           $message . "\n\n";
if ($data != ''){

	$data = chunk_split(base64_encode($data));
	$attachment_file_type = "application/octet-stream";
	$message .= "--{$mime_boundary}\n" .

             "Content-Type: {$attachment_file_type};\n" .

             " name=\"{$filename}\"\n" .

             "Content-Disposition: attachment;\n" .

             " filename=\"{$filename}\"\n" .

             "Content-Transfer-Encoding: base64\n\n" .

             $data . "\n\n" .

             "--{$mime_boundary}--\n"; 
}
//echo ("
$send_to $subject $message $headers "); exit;
mail($send_to,$subject,$message,$headers); 
@unlink ($destination_file);
}
/////////////////////////////////////////////////////////////////////////////////////////////////////

function post_to_dawnwatch_subscribe () {

/////////////////////////////////////////////////////////////////////////////////////////////////////
?>





$value){

?>

PAST PROJECTS!

Our Portfolio
The Manifesto! Project
Non-Profit Case Studies

Recent Posts

Social Action Films That Matter

5 Gyres PSA

WeTap

5 Gyres Case Study

Identify Case Study

Archives

November 2015

July 2015

May 2015

April 2015

August 2010

January 2010

Categories

NGOs

Non- tech icons

Press

Tech icons

Video

Meta

Log in

Entries feed

Comments feed

WordPress.org

Recent Comments

Test Dawnwatch Email form

".$_SESSION['turing_string']."

".$_SESSION['turing_string']."

Ring Us