This repository has been archived by the owner on Nov 9, 2017. It is now read-only.
/
contact.php
125 lines (110 loc) · 5.14 KB
/
contact.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<?php
/*
##########################################################################
# #
# Version 4 / / / #
# -----------__---/__---__------__----__---/---/- #
# | /| / /___) / ) (_ ` / ) /___) / / #
# _|/_|/__(___ _(___/_(__)___/___/_(___ _/___/___ #
# Free Content / Management System #
# / #
# #
# #
# Copyright 2005-2011 by webspell.org #
# #
# visit webSPELL.org, webspell.info to get webSPELL for free #
# - Script runs under the GNU GENERAL PUBLIC LICENSE #
# - It's NOT allowed to remove this copyright-tag #
# -- http://www.fsf.org/licensing/licenses/gpl.html #
# #
# Code based on WebSPELL Clanpackage (Michael Gruber - webspell.at), #
# Far Development by Development Team - webspell.org #
# #
# visit webspell.org #
# #
##########################################################################
*/
if(isset($site)) $_language->read_module('contact');
eval ("\$title_contact = \"".gettemplate("title_contact")."\";");
echo $title_contact;
if(isset($_POST["action"])) $action=$_POST["action"];
else $action='';
if($action == "send") {
$getemail = $_POST['getemail'];
$subject = $_POST['subject'];
$text = $_POST['text'];
$text=str_replace('\r\n', "\n", $text);
$name = $_POST['name'];
$from = $_POST['from'];
$run=0;
$fehler = array();
if(!(mb_strlen(trim($name)))) $fehler[] = $_language->module['enter_name'];
if(!validate_email($from)) $fehler[] = $_language->module['enter_mail'];
if(!(mb_strlen(trim($subject)))) $fehler[] = $_language->module['enter_subject'];
if(!(mb_strlen(trim($text)))) $fehler[] = $_language->module['enter_message'];
$ergebnis=safe_query("SELECT * FROM ".PREFIX."contact WHERE email='".$getemail."'");
if(mysql_num_rows($ergebnis) == 0){
$fehler[] = $_language->module['unknown_receiver'];
}
if($userID) {
$run=1;
}
else {
$CAPCLASS = new Captcha;
if(!$CAPCLASS->check_captcha($_POST['captcha'], $_POST['captcha_hash'])) $fehler[] = $_language->module['wrong_securitycode'];
else $run=1;
}
if(!count($fehler) and $run) {
$header="From:$from\n";
$header .= "Reply-To: $from\n";
$header.="Content-Type: text/html; charset=utf-8\n";
mail($getemail, stripslashes($subject), stripslashes('This mail was send over your webSPELL - Website (IP '.$GLOBALS['ip'].'): '.$hp_url.'<br /><br /><b>'.getinput($name).' writes:</b><br />'.clearfromtags($text)), $header);
redirect('index.php?site=contact',$_language->module['send_successfull'],3);
unset($_POST['name']);
unset($_POST['from']);
unset($_POST['text']);
unset($_POST['subject']);
}
else {
$errors=implode('<br />• ',$fehler);
$showerror = '<div class="errorbox">
<b>'.$_language->module['errors_there'].':</b><br /><br />
• '.$errors.'
</div>';
}
}
$getemail = '';
$ergebnis=safe_query("SELECT * FROM ".PREFIX."contact ORDER BY sort");
while($ds=mysql_fetch_array($ergebnis)) {
if($getemail==$ds['email']) $getemail.='<option value="'.$ds['email'].'" selected="selected">'.$ds['name'].'</option>';
else $getemail.='<option value="'.$ds['email'].'">'.$ds['name'].'</option>';
}
$bg1 = BG_1;
if($loggedin) {
if(!isset($showerror)) $showerror='';
$name=getinput(stripslashes(getnickname($userID)));
$from=getinput(getemail($userID));
if(isset($_POST['subject'])) $subject = getforminput($_POST['subject']);
else $subject='';
if(isset($_POST['text'])) $text = getforminput($_POST['text']);
else $text='';
eval ("\$contact_loggedin = \"".gettemplate("contact_loggedin")."\";");
echo $contact_loggedin;
} else {
$CAPCLASS = new Captcha;
$captcha = $CAPCLASS->create_captcha();
$hash = $CAPCLASS->get_hash();
$CAPCLASS->clear_oldcaptcha();
if(!isset($showerror)) $showerror='';
if(isset($_POST['name'])) $name = getforminput($_POST['name']);
else $name='';
if(isset($_POST['from'])) $from = getforminput($_POST['from']);
else $from='';
if(isset($_POST['subject'])) $subject = getforminput($_POST['subject']);
else $subject='';
if(isset($_POST['text'])) $text = getforminput($_POST['text']);
else $text='';
eval ("\$contact_notloggedin = \"".gettemplate("contact_notloggedin")."\";");
echo $contact_notloggedin;
}
?>