if ($_REQUEST['send']) {
$recipient = 'don@djwoodcarver.com';
if ($_REQUEST['message']) {
$usr_msg = htmlspecialchars(preg_replace("/[^\w-\r\n\:\'\"\,\.\!\? ]+/","",strip_tags($_REQUEST['message'])));
}
// check for submitting too fast
for($i=0; $i<7; $i++) {
$comp = md5(time() - $i);
if ($comp == $_REQUEST['hash']) {
$err .= "Sending too fast. Please Try Again. ";
}
}
// check for JS
if ($_REQUEST['checks'] != 'yes') {
$err .= "You must enable JavaScript in your browser. ";
}
// check for stale timestamp
if ($_REQUEST['seq'] - time() < 0) {
$err .= "Form data timed out. Please Try Again. ";
}
// check for referer from actual form
if(!preg_match("/contact\.shtml/",$_SERVER['HTTP_REFERER'])) {
$err .= 'You must enable a referring url in your browser ';
}
if (strlen($usr_msg) > 2048) {
$err .= 'Please enter a shorter message. ';
}
if (preg_match("/http:\/\//", $_REQUEST['usr_msg'])) {
$err .= 'Linking Not Allowed. ';
}
$email = $_REQUEST['email'];
if (!preg_match("/^[\w\.\-]+@[\w\.\-]+\.[\w]+$/", $email)) $err .= 'You must enter a valid email address ';
//if (!$_REQUEST['name']) $err .= "Please enter your name ";
//if (!$_REQUEST['pphone']) $err .= "Please enter your phone number. ";
if ($_REQUEST['req_number']) $err .= 'Please Leave the Number Field Blank. ';
if (!$_REQUEST['hash'] || !$_REQUEST['seq']) $err .= 'Form Scraping not allowed. ';
$plaintext_message = "This message is from: " . strip_tags($_REQUEST['name']) . ' (' . strip_tags($_REQUEST['email']) . ")
Address: " . strip_tags($_REQUEST['address']) . "
Town: " . strip_tags($_REQUEST['town']) . "
State: " . strip_tags($_REQUEST['state']) . "
ZIP: " . strip_tags($_REQUEST['zip']) . "
Phone: " . strip_tags($_REQUEST['pphone']) . "
------------------------------------------
" . htmlspecialchars_decode($usr_msg) . "
";
if (!$err) {
$headers = "From: $recipient\n";
$headers .= "Reply-to: $email\n";
$sent = mail($recipient, "DJ Woodcarver: Contact from website", $plaintext_message, $headers);
if (!$sent) {
$err = 'Something went wrong sending the email. Please call us for assistance.';
}
}
}
if (!$sent) {
?>
I look forward to hearing from you.
} else {
?>
THANKS for your message.
It has been received. I will be in touch soon.
}
?>
All content and photos are copyright 2018 Donald R Johnson Jr. ~ DJ Woodcarver
|
|