www.gusucode.com > weenCompany闻名企业网站系统 4.0.0 繁体中英文 UTF8源码程序 > modules/m6_contactform/contactform.php
<?php
// +---------------------------------------------+
// | Copyright@2003-2005 weenCompany |
// | http://www.weentech.com |
// | This file may not be redistributed. |
// +---------------------------------------------+
if(!defined('IN_WEENCOMPANY'))
die('File not found!');
// ################################ SEND EMAIL #################################
function m6_SendEmail($language, $allowattachments)
{
global $DB, $userinfo, $sdlanguage, $mainsettings, $rootpath;
// Strip \r\n to prevent injection attacks
$_POST['m6_useremail'] = preg_replace("/\r/", "", $_POST['m6_useremail']);
$_POST['m6_useremail'] = preg_replace("/\n/", "", $_POST['m6_useremail']);
$_POST['m6_fullname'] = preg_replace("/\r/", "", $_POST['m6_fullname']);
$_POST['m6_fullname'] = preg_replace("/\n/", "", $_POST['m6_fullname']);
if(empty($_POST['m6_fullname']) OR empty($_POST['m6_useremail']) OR empty($_POST['m6_subject']) OR empty($_POST['m6_message']))
{
$errors[] = $language['empty_fields'];
}
if(!ereg("^([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9]+@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$", $_POST['m6_useremail']))
{
$errors[] = $language['invalid_email'];
}
// Check Visual Verify Code if set
$vvc = $DB->query_first("SELECT value FROM " . TABLE_PREFIX . "modulesettings WHERE moduleid = 6 AND title = '驗證碼'");
if($vvc[0] == 1)
{
$vvcid = $_POST['m6_vvcid'];
$code = $_POST['m6_verifycode'];
if(!ValidVisualVerifyCode($vvcid, $code))
{
$errors[] = $sdlanguage['incorrect_vvc_code'];
}
}
if(!empty($_FILES['m6_file']['tmp_name']) AND $allowattachments)
{
$attachment = true;
$boundary = uniqid("");
// figure our the MIME type of the file, defaulting to 'unknown'
$MIMEType = $_FILES['m6_file']['type'] ? $_FILES['m6_file']['type'] : 'application/unknown';
if(filesize($_FILES['m6_file']['tmp_name']) == 0)
{
$errors[] = $language['email_not_sent'];
}
else
{
// Open the uploaded file
$fp = @fopen($_FILES['m6_file']['tmp_name'], "r");
// Read the entire file into a variable
$read = @fread($fp, filesize($_FILES['m6_file']['tmp_name']));
// Base64 encode the file so it can be read by mail programs
$read = base64_encode($read);
// Split the long Base64 string to lots of small chunks
$read = chunk_split($read);
}
$filename = $_FILES['m6_file']['name'];
$message = stripslashes($_POST['m6_message']);
// Create the mail body
$msgbody = "--$boundary" . EMAIL_CRLF;
$msgbody .= "Content-type: text/plain; charset=utf-8" . EMAIL_CRLF;
$msgbody .= "Content-transfer-encoding: 8bit" . EMAIL_CRLF;
$msgbody .= EMAIL_CRLF;
$msgbody .= "$message" . EMAIL_CRLF;
$msgbody .= "--$boundary" . EMAIL_CRLF;
$msgbody .= "Content-type: $MIMEType; name=$filename" . EMAIL_CRLF;
$msgbody .= "Content-disposition: attachment; filename=$filename" . EMAIL_CRLF;
$msgbody .= "Content-transfer-encoding: base64" . EMAIL_CRLF;
$msgbody .= EMAIL_CRLF;
$msgbody .= "$read" . EMAIL_CRLF;
$msgbody .= EMAIL_CRLF;
$msgbody .= "--$boundary--" . EMAIL_CRLF;
}
if(!isset($errors))
{
// get emails
$settings = $DB->query_first("SELECT value FROM " . TABLE_PREFIX . "modulesettings WHERE moduleid = 6 AND title = '收件箱'");
$email = $settings['value'];
$fullname = unhtmlspecialchars($_POST['m6_fullname']);
$useremail = unhtmlspecialchars($_POST['m6_useremail']);
$fullname = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $fullname))).'?=';
if(!empty($_FILES['m6_file']['tmp_name']) && $attachment)
{
// Send the attachment form of the email rather than the normal text form
$headers = "MIME-Version: 1.0" . EMAIL_CRLF;
$headers .= "From: \"$fullname\" <$useremail>" . EMAIL_CRLF;
$headers .= "Reply-To: \"$fullname\" <$useremail>" . EMAIL_CRLF;
$headers .= "Content-type: multipart/mixed; boundary=\"$boundary\"" . EMAIL_CRLF;
}
else
{
// No file to send, so just send a normal text email
$headers = "MIME-Version: 1.0" . EMAIL_CRLF;
$headers .= "From: \"$fullname\" <$useremail>" . EMAIL_CRLF;
$headers .= "Reply-To: \"$fullname\" <$useremail>" . EMAIL_CRLF;
$headers .= "Content-type: text/plain; charset=utf-8" . EMAIL_CRLF;
$msgbody = $_POST['m6_message'];
}
// obtain emails
$getemails = str_replace(',', ' ', $email); // get rid of commas
$getemails = eregi_replace("[[:space:]]+", " ", $getemails); // get rid of extra spaces
$getemails = trim($getemails); // then trim
$emails = explode(" ", $getemails);
$emailsent = 0;
$email_subject = '=?utf-8?B?'.base64_encode(str_replace("\r", '', str_replace("\n", '', $_POST['m6_subject']))).'?=';
if( $mainsettings['email_use_smtp'] == "1" ) {
require_once $rootpath . "/includes/mail/class.phpmailer.php";
for($i = 0; $i < count($emails); $i++)
{
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->Host = $mainsettings['email_smtp_host'];
$mail->Port = $mainsettings['email_smtp_port'];
$mail->CharSet = "utf8";
$mail->Encoding = "base64";
if( $mainsettings['email_smtp_require_auth'] == "1" ) {
$mail->SMTPAuth = true;
$mail->Username = $mainsettings['email_smtp_user'];
$mail->Password = $mainsettings['email_smtp_pass'];
}
$mail->From = $useremail;
$mail->FromName = $fullname;
$mail->AddAddress($emails[$i]);
$mail->Subject = unhtmlspecialchars($_POST['m6_subject']);
$mail->Body = unhtmlspecialchars($_POST['m6_message']);
if($mail->Send()){$emailsent = 1;}
}
}else{
for($i = 0; $i < count($emails); $i++)
{
if(@mail($emails[$i], $email_subject, unhtmlspecialchars($msgbody), $headers))
{
$emailsent = 1;
}
}
}
if($emailsent == 1)
{
echo $language['email_sent'];
}
else
{
echo $language['email_not_sent'];
}
}
else
{
foreach($errors as $key=>$value)
{
echo $value . '<br /><br />';
}
m6_DisplayEmailForm($language, $allowattachments, 1); // 1 = errors exist
}
}
// ############################ DISPLAY EMAIL FORM #############################
function m6_DisplayEmailForm($language, $allowattachments, $errors = 0)
{
global $DB, $categoryid, $userinfo, $inputsize, $sdlanguage;
$vvc = $DB->query_first("SELECT value FROM " . TABLE_PREFIX . "modulesettings WHERE moduleid = 6 AND title = '驗證碼'");
if($errors)
{
$email = array('fullname' => $_POST['m6_fullname'],
'useremail' => $_POST['m6_useremail'],
'subject' => $_POST['m6_subject'],
'message' => $_POST['m6_message']);
}
else
{
$email = array('fullname' => '',
'useremail' => '',
'subject' => '',
'message' => '');
}
echo '<form action="' . RewriteLink('index.php?categoryid=' . $categoryid . '&m6_action=sendemail') . '" method="post" enctype="multipart/form-data">
<table width="100%" border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td style="padding-bottom: 5px;" valign="top" width="100">' . $language['full_name'] . '</td>
<td style="padding-bottom: 5px;"><input ' . CheckForEmptyField($email['fullname'], $errors) . ' type="text" name="m6_fullname" value="' . $email['fullname'] . '" size="' . $inputsize . '" /></td>
</tr>
<tr>
<td style="padding-bottom: 5px;" valign="top" width="100">' . $language['your_email'] . '</td>
<td style="padding-bottom: 5px;"><input ' . CheckForEmptyField($email['useremail'], $errors) . ' type="text" name="m6_useremail" value="' . $email['useremail'] . '" size="' . $inputsize . '" /></td>
</tr>
<tr>
<td style="padding-bottom: 5px;" valign="top" width="100">' . $language['subject'] . '</td>
<td style="padding-bottom: 5px;"><input ' . CheckForEmptyField($email['subject'], $errors) . ' type="text" name="m6_subject" value="' . $email['subject'] . '" size="' . $inputsize . '" /></td>
</tr>
<tr>
<td style="padding-bottom: 5px;" valign="top" width="100">' . $language['message'] . '</td>
<td style="padding-bottom: 5px;"><textarea ' . CheckForEmptyField($email['message'], $errors) . ' name="m6_message" rows="10" cols="' . $inputsize . '">' . $email['message'] . '</textarea></td>
</tr>';
if($allowattachments)
{
echo '<tr>
<td style="padding-bottom: 5px;" valign="top" width="100">' . $language['attachment'] . '</td>
<td style="padding-bottom: 5px;"><input name="m6_file" type="file" size="'.$inputsize.'" /></td>
</tr>';
}
if($vvc[0])
{
$vvcid = CreateVisualVerifyCode();
echo '<tr>
<td style="padding-bottom: 5px;" valign="top" width="100"></td>
<td style="padding-bottom: 5px;"><input type="hidden" name="m6_vvcid" value="' . $vvcid . '"/>
<img src="includes/vvc.php?vvcid=' . $vvcid . '"/></td>
</tr>
<tr>
<td style="padding-bottom: 5px;" valign="top" colspan="2">' . $sdlanguage['enter_verify_code'] . '</td>
</tr>
<tr>
<td style="padding-bottom: 5px;" valign="top" width="100"></td>
<td style="padding-bottom: 5px;"><input type="text" size="'.$inputsize.'" name="m6_verifycode"/></td>
</tr>';
}
echo '<tr>
<td> </td>
<td><input type="submit" name="m6_Submit" value="' . strip_tags($language['send_message']) . '" /> <input type="reset" value="' . strip_tags($language['reset']) . '" /></td>
</tr>
</table>
</form>';
}
// ########################### GET COMMON VARIABLES ############################
// basically both functions use a few common variables, and there's a chance that
// both functions will be displayed if there are errors
$m6_language = GetLanguage(6);
$m6_allowattachments = $DB->query_first("SELECT value FROM " . TABLE_PREFIX . "modulesettings WHERE moduleid = 6 AND title = '允許附件'");
// ############################## SELECT FUNCTION ##############################
$m6_action = isset($_GET['m6_action']) ? $_GET['m6_action'] : 'displayemailform';
// display submit field
if(@in_array(6, $userinfo['modulesubmitids']))
{
if($m6_action == 'sendemail')
{
m6_SendEmail($m6_language, $m6_allowattachments['value']);
}
else
{
m6_DisplayEmailForm($m6_language, $m6_allowattachments['value']);
}
}
else
{
echo $m6_language['no_post_access'];
}
unset($m6_language, $m6_allowattachments, $m6_action);
?>