Contact Form
");
function clean($data) {
$data = trim(stripslashes(strip_tags($data)));
return $data;
}
// lets check a few things - not enough to trigger an error on their own, but worth assigning a spam score..
// score quickly adds up therefore allowing genuine users with 'accidental' score through but cutting out real spam :)
$points = (int)0;
$badwords = array("adult", "beastial", "bestial", "blowjob", "clit", "cum", "cunilingus", "cunillingus", "cunnilingus", "cunt", "ejaculate", "fag", "felatio", "fellatio", "fuck", "fuk", "fuks", "gangbang", "gangbanged", "gangbangs", "hotsex", "hardcode", "jism", "jiz", "orgasim", "orgasims", "orgasm", "orgasms", "phonesex", "phuk", "phuq", "porn", "pussies", "pussy", "spunk", "xxx", "viagra", "phentermine", "tramadol", "adipex", "advai", "alprazolam", "ambien", "ambian", "amoxicillin", "antivert", "blackjack", "backgammon", "texas", "holdem", "poker", "carisoprodol", "ciara", "ciprofloxacin", "debt", "dating", "porn", "link=", "voyeur");
$exploits = array("content-type", "bcc:", "cc:", "document.cookie", "onclick", "onload", "javascript");
foreach ($badwords as $word)
if (strpos($_POST['comments'], $word) !== false)
$points += 2;
foreach ($exploits as $exploit)
if (strpos($_POST['comments'], $exploit) !== false)
$points += 2;
if (strpos($_POST['comments'], "http://") === true || strpos($_POST['comments'], "www.") === true)
$points += 2;
elseif (isset($_POST['nojs']))
$points += 1;
elseif (preg_match("/(<.*>)/i", $_POST['comments']))
$points += 2;
elseif (strlen($_POST['name']) < 3)
$points += 1;
elseif (strlen($_POST['comments']) < 15 || strlen($_POST['comments'] > 1500))
$points += 2;
// end score assignments
if (empty($_POST['name']) || empty($_POST['email']) || empty($_POST['comments'])) {
$error_msg .= "Name, E-mail and Message are required fields. \n";
} elseif (strlen($_POST['name']) > 15) {
$error_msg .= "The name field is limited at 15 characters. Your first name or nickname will do! \n";
} elseif (!ereg("^[A-Za-z' -]*$", $_POST['name'])) {
$error_msg .= "The name field must not contain special characters. \n";
} elseif (!ereg("^[0-9' -]*$", $_POST['phone'])) {
$error_msg .= "The phone field must contain only digits. \n";
} elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($_POST['email']))) {
$error_msg .= "That is not a valid e-mail address. \n";
};
if ($error_msg == NULL && $points <= $maxPoints) {
$subject = "Automatic Form Email";
$message = "You received this e-mail message through your website: \n\n";
foreach ($_POST as $key => $val) {
$message .= ucwords($key) . ": $val \r\n";
}
$message .= 'IP: '.$_SERVER['REMOTE_ADDR']."\r\n";
$message .= 'Browser: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
$message .= 'Points: '.$points;
if (strstr($_SERVER['SERVER_SOFTWARE'], "Win")) {
$headers = "From: $yourEmail \r\n";
$headers .= "Reply-To: {$_POST['email']}";
} else {
$headers = "From: $yourWebsite <$yourEmail> \r\n";
$headers .= "Reply-To: {$_POST['email']}";
}
if (mail($yourEmail,$subject,$message,$headers)) {
echo '
Congratulations! Your email was successfully sent.';
} else {
echo '
Your mail could not be sent this time.';
}
}
}
function get_data($var) {
if (isset($_POST[$var]))
echo htmlspecialchars($_POST[$var]);
}
if ($error_msg != NULL) {
echo '
Error! ';
echo nl2br($error_msg);
}
?>
