You can only access this script 5 times per session to prevent spam attacks and email is only sent to the preset address

Return to Home

W3C Button to test XHTML validation
_ERROR_HTML_; exit; } print <<<_START_HTML_ Contact Page _START_HTML_; /* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */ /** * Examples of Using Pear's Mail package * * Long description for file (if any)... * * PHP versions 4 and 5 * * @category Basic PHP Examples * @author Phillip Waclawski * @copyright 2009 Phillip Waclawski * @license http://www.php.net/license/3_0.txt PHP License 3.0 */ if ( $_POST['submit'] ){ //Load Pear Mail package require ('Mail.php'); require_once('Mail/mime.php'); // WARNING THIS IS VERY DANGEROUS WITHOUT FILTERING SO FILTER!!!! $from_email_tainted = $_POST['whofrom']; $subject_tainted = $_POST['subject']; $body_tainted = $_POST['msgbody']; $fullname_tainted = $_POST['fullname']; //CLEAN UP $name_pattern ='/^(?:\w+[.\' ]?){1,7}$/'; if ( preg_match($name_pattern, $fullname_tainted, $namematch)){ $fullname_safe = $namematch[0]; } else { echo "Invalid Name"; exit; } $email_pattern='/^(?:\w+[.+-_]?){1,3}(?:\w+)@(?:\w+\.){1,5}\w{2,5}$/'; if( preg_match($email_pattern, $from_email_tainted,$emailmatch)){ $from_email_safe=$emailmatch[0]; } else { echo "Invalid 'From' Email address"; exit; } $subject_pattern = '/(\w[.!?\'\" ]?){5,80}/'; if (preg_match($subject_pattern, $subject_tainted, $subjectmatch)){ $subject_safe = $subjectmatch[0]; } else { echo "subject must be from 5-80 characters long and only contain a-z, A-Z, 0-9, !?\"_-' "; exit; } $body_safe = strip_tags($body_tainted); $body_safe = str_replace('%','', $body_safe); $headers['From'] = "\"$fullname_safe\" <$from_email_safe>"; /*************************************************************** * Replace the name and email adress in the next two lines * * with your own information * ***************************************************************/ $headers['To'] = '"Phil Waclawski: Webmaster" '; $recipients = 'waclawski@mesacc.edu'; $headers['Subject'] = $subject_safe; $crlf = "\n"; $mime = new Mail_mime($crlf); $mime->encodeRecipients($recipients); $mime->setTXTBody($body_safe); //$mime->setHTMLBody($body_tainted); $body = $mime->get(); $headers = $mime->headers($headers); /*************************************************************** * Replace the domain name on the next line * * with your own information, for students use * * lampbusters.com * ***************************************************************/ $params['host'] = "felitaur.com"; if (! $mail_object = Mail::factory('smtp', $params)){ print "Mail Factory failed!"; } if (! $mail_object->send($recipients, $headers, $body)){ print "Mail Send Erorr!"; } else { /* ****************************************** * Put your own success status message here * *********************************************/ print "Your email to Phil Waclawski: Webmaster was sent"; } } else { print<<<_FORM_
Your Name:
Your Email:
To: Phil Waclawski: Felitaur Enterprises
Subject:
Please keep your messages relatively short, avoid using HTML and % characters.
Restrictions are in place to prevent spammers from abusing this page.
_FORM_; print<<<_END_HTML_ _END_HTML_; } ?>