-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcontact.php
88 lines (63 loc) · 2.15 KB
/
contact.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?php
define("TITLE", "Contact Us | Franklin's Fine Dining");
include('includes/header.php');
?>
<div id="contact">
<hr>
<h1 class="text-center">Want to contact us? You can!</h1>
<?php
function has_header_injection($str)
{
return preg_match("/[\r\n]/", $str);
}
if (isset($_POST['contact_submit'])) {
$name = trim($_POST['name']);
$email = trim($_POST['email']);
$msg = $_POST['message'];
if (has_header_injection($name) || has_header_injection($email)) {
die();
}
if (!$name || !$email || !$msg) {
echo '<h4 class="error">All fields required.</h4><a href="contact.php" class="button block">Go back and try again</a>';
exit;
}
$to = "davis.louie@yahoo.com";
$subject = "$name sent a message via your contact form";
$message .= "Name: $name\r\n";
$message .= "Email: $email\r\n\r\n";
$message .= "Message:\r\n$msg";
if (isset($_POST['subscribe']) && $_POST['subscribe'] == 'Subscribe') {
$message .= "\r\n\r\nPlease add $email to the mailing list.\r\n";
}
$message = wordwrap($message, 72);
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/plain; charset=iso-8859-1\r\n";
$headers .= "From: " . $name . " <" . $email . ">\r\n";
$headers .= "X-Priority: 1\r\n";
$headers .= "X-MSMail-Priority: High\r\n\r\n";
mail($to, $subject, $message, $headers);
?>
<h5>Thanks for contacting Franklin's!</h5>
<p>Please allow 24 hours for a response.</p>
<p><a href="/final" class="button block">« Go to Home Page</a></p>
<?php
} else {
?>
<form method="post" action="" id="contact-form">
<label for="name">Your name</label>
<input type="text" id="name" name="name">
<label for="email">Your email</label>
<input type="email" id="email" name="email">
<label for="message">and your message</label>
<textarea id="message" name="message"></textarea>
<br>
<input type="checkbox" id="subscribe" value="Subscribe" name="subscribe"> <label for="subscribe">Subscribe to newsletter</label>
<br>
<input type="submit" class="btn btn-primary mt-3" name="contact_submit" value="Send Message">
</form>
<?php
}
?>
<hr>
</div>
<?php include('includes/footer.php'); ?>