<?php
$email_to = "siv.hansen@gmail.com"; // <--Your email here
$params = array_merge($_POST, $_GET, $_FILES);
if(isset($params['submit'])){
new main($params, $email_to);
}else{
print_form();
}
function print_form(){
// The page is requested for the first time, display html form
print <<<HTML
<form method="post" action="" enctype="multipart/form-data">
<table width="30%">
<tr>
<td>Name:</td><td><input type="text" name="name"></td>
</tr>
<tr>
<td>Email:</td><td><input type="text" name="email"> </td>
</tr>
<tr>
<td>Subject:</td><td><input type="text" name="subject"></td>
</tr>
<tr>
<td colspan="2">Attachment:</td>
</tr>
<tr>
<td colspan="2"><input type="file" name="file"></td>
</tr>
<tr>
<td colspan="2">Message: </td>
</tr>
<tr>
<td colspan="2">
<textarea name="msg" cols="30" rows="15"></textarea><br />
</td>
</tr>
<tr>
<td> </td><td><input type="submit" name="submit" value="Send epost med vedlegg"></td>
</tr>
</table>
</form>
HTML;
}
class main{
/*
* Limit of file size. Don't want enormous files
* or small files containing nothing
*/
var $limit = 200000; // 200 kb
// File types allowed to send as attachment
var $allowed_files = array('image/jpg', 'image/jpeg', 'image/gif', 'image/GIF', 'image/JPG', 'image/JPEG', 'image/png');
var $message;
function main($params, $to){
$back_link = "<a href=\"javascript:history.back();\">Fix It</a>";
$data_prep = new datachecker();
/*
* Fetching form data
*/
$fileatt = $params['file'];
// Filetype of attachment file
$type = $data_prep->prep_data($fileatt['type']);
// Filename of attachment file
$fileatt_name = $data_prep->prep_data($fileatt['name']);
// file size of attachmennt file
$size = $data_prep->prep_data($fileatt['size']);
// Sender's name
$sender = $data_prep->prep_data($params['name']);
// Sender email
$email_from = $data_prep->prep_data($params['email']);
// Email subject
$email_subject = $data_prep->prep_data($params['subject']);
// Message body
$email_txt = $data_prep->prep_data($params['msg']);
if($data_prep->is_empty($sender) || $data_prep->is_empty($email_from) || $data_prep->is_empty($email_subject) || $data_prep->is_empty($email_txt)){
$this->display("Please fill out the form completely<br />\n$back_link");
return;
}else if(!($data_prep->is_spam_safe($sender) || $data_prep->is_spam_safe($email_from) || $data_prep->is_spam_safe($email_subject) || $data_prep->is_spam_safe($email_txt))){
$this->display("nice try, Evil Hacker");
return;
}else if(!$data_prep->is_valid_email($email_from)){
$this->display("Illegal Email");
return;
}
// Check if attachment filetype is legal
if(in_array($type, $this->allowed_files)){
// Everything is okay with the attachment file, read it!
if($size < $this->limit && $size > 0){
$email = new Email($sender, $email_from, $email_subject,$email_txt, $fileatt);
$email->set_to_address($to);
/*
* Everything is okay - let's try to send an email with attachment
*/
if($email->send_email()) {
$this->display("<font face=verdana size=2>The file was successfully sent!</font>");
// Error message on failure
} else {
$this->display("Sorry but the email could not be sent. Please go back and try again!");
}
}else{
// File size was either above 200kb or 0kb
$this->display("Wrong file size of attached file");
}
}else{
// File type was not jpg, gif or png
$this->display("Illegal file type");
}
}
function display($message){
print $message;
}
}
class datachecker{
function prep_data($value){
$$value = trim(strip_tags($value));
if(strcmp($value, "") !=0){
return $value;
}
return "";
}
function is_valid_email($email){
return eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email);
}
function is_empty($data){
$data = trim($data);
return empty($data);
}
function is_spam_safe($string){
$unwanted = "/(%0A|%0D|\\n+|\\r+)(content-type:|mime-version:|cc:|bcc:)/i";
return !preg_match($unwanted, $string);
}
}
class Email{
var $headers;
var $mime_boundary, $attachment;
var $to, $from_name, $from_email, $subject, $message, $email_message;
function Email($from_name, $from_email, $subj, $message, $attachment){
$this->from_name = $from_name;
$this->from_email = $from_email;
$this->subject = $subj;
$this->message = $message;
$this->attachment = $attachment;
$this->set_mime_boundaries();
$this->headers();
}
function set_to_address($to){
$this->to = $to;
}
function send_email(){
return @mail($this->to, $this->subject, $this->email_message, $this->headers);
}
function set_mime_boundaries(){
$semi_rand = md5(time());
// Mime boundary is prepared
$this->mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
}
function headers(){
$fileatt_type = "application/octet-stream";
$fileatt_name = $this->attachment['name'];
$data = $this->read_data($this->attachment);
/*
* the primary content-type header (the first one) is multipart/mixed.
* This tells the client e-mail reader that there are multiple segments
* to this e-mail, and each has its own specific content-type.
* the value specified by the boundary parameter in the primary content-type
* header is used to separate each "chunk" of the e-mail (called a MIME boundary marker).
*/
$this->headers = "From: $this->from_name <$this->from_email>;\r\nMIME-Version: 1.0\r\n" .
"Content-Type: multipart/mixed;\r\n" .
" boundary=\"{$this->mime_boundary}\"";
$this->email_message .= "This is a multi-part message in MIME format.\n\n" .
"--{$this->mime_boundary}\n" .
"Content-Type:text/html; charset=\"iso-8859-1\"\n" .
"Content-Transfer-Encoding: 7bit\n\n" .
$this->message . "\n\n";
$data = chunk_split(base64_encode($data));
$this->email_message .= "--{$this->mime_boundary}\n" .
"Content-Type: {$fileatt_type};\n" .
" name=\"{$fileatt_name}\"\n" .
"Content-Disposition: attachment;\n" .
" filename=\"{$fileatt_name}\"\n" .
"Content-Transfer-Encoding: base64\n\n" .
$data . "\n\n" .
"--{$this->mime_boundary}--\n";
}
function read_data($att){
$att = $att['tmp_name'];
// Opens the file attachment for reading in binary mode
$file = fopen($att,'rb');
$data = fread($file,filesize($att));
fclose($file);
return $data;
}
}
show_source("email3.php");
?>