'white'; 'Sun is blue or yellow' => 'yellow'; 'Fire is hot or cold' => 'hot'; 'Icecream is hot or cold' => 'cold' ); /* Form header file */ $header_file = 'form-header.php'; /* Form footer file */ $footer_file = 'form-footer.php'; /* Form width in px or % value */ $form_width = '70%'; /* Form background color */ $form_background = '#F7F8F7'; /* Form border color */ $form_border_color = '#CCCCCC'; /* Form border width */ $form_border_width = '1px'; /* Form border style. Examples - dotted, dashed, solid, double */ $form_border_style = 'solid'; /* Form cell padding */ $cell_padding = '5px'; /* Form left column width */ $left_col_width = '25%'; /* Form font size */ $font_size = '12px'; /* Empty/Invalid fields will be highlighted in this color */ $field_error_color = '#FF0000'; /* Thank you message to be displayed after the form is submitted. Can include HTML tags. Write your message between and */ $thank_you_message = <<

We have received your message. If required, we'll get back to you as soon as possible.

EOD; /* URL to be redirected to after the form is submitted. If this is specified, then the above message will not be shown and user will be redirected to this page after the form is submitted */ /* Example: $thank_you_url = 'http://www.yourwebsite.com/thank_you.html'; */ $thank_you_url = ''; /******************************************************************************* * Do not change anything below, unless of course you know very well * what you are doing :) *******************************************************************************/ $name = array('Name','name',NULL,NULL); $email = array('Email','email',NULL,NULL,NULL); $subject = array('Subject','subject',NULL,NULL); $message = array('Message','message',NULL,NULL); $security = array('Security question','security',NULL,NULL,NULL); $error_message = ''; if (!isset($_POST['submit'])) { showForm(); } else { //form submitted $error = 0; if(!empty($_POST['check'])) die("Invalid form access"); if(!empty($_POST['name'])) { $name[2] = clean_var($_POST['name']); if (function_exists('htmlspecialchars')) $name[2] = htmlspecialchars($name[2], ENT_QUOTES); } else { $error = 1; $name[3] = 'color:#FF0000;'; } if(!empty($_POST['email'])) { $email[2] = clean_var($_POST['email']); if (!validEmail($email[2])) { $error = 1; $email[3] = 'color:#FF0000;'; $email[4] = 'Invalid email'; } } else { $error = 1; $email[3] = 'color:#FF0000;'; } if(!empty($_POST['subject'])) { $subject[2] = clean_var($_POST['subject']); if (function_exists('htmlspecialchars')) $subject[2] = htmlspecialchars($subject[2], ENT_QUOTES); } else { $error = 1; $subject[3] = 'color:#FF0000;'; } if(!empty($_POST['message'])) { $message[2] = clean_var($_POST['message']); if (function_exists('htmlspecialchars')) $message[2] = htmlspecialchars($message[2], ENT_QUOTES); } else { $error = 1; $message[3] = 'color:#FF0000;'; } if(empty($_POST['security'])) { $error = 1; $security[3] = 'color:#FF0000;'; } else { if($question_answers[$_POST['question']] != strtolower(clean_var($_POST['security']))) { $error = 1; $security[3] = 'color:#FF0000;'; $security[4] = 'Wrong answer'; } } if ($error == 1) { $error_message = 'Please correct/enter field(s) in red.'; showForm(); } else { if (function_exists('htmlspecialchars_decode')) $name[2] = htmlspecialchars_decode($name[2], ENT_QUOTES); if (function_exists('htmlspecialchars_decode')) $subject[2] = htmlspecialchars_decode($subject[2], ENT_QUOTES); if (function_exists('htmlspecialchars_decode')) $message[2] = htmlspecialchars_decode($message[2], ENT_QUOTES); $message = "$name[0]: $name[2]\r\n$email[0]: $email[2]\r\n\r\n$message[0]:\r\n$message[2]\r\n"; if (!$from) $from_value = $email[2]; else $from_value = $from; $headers = "From: $from_value" . "\r\n" . "Reply-To: $email[2]"; mail($to,"$subject_prefix - $subject[2]", $message, $headers); if (!$thank_you_url) { include $header_file; echo $GLOBALS['thank_you_message']; echo "\n"; include $footer_file; } else { header("Location: $thank_you_url"); } } } //else submitted function showForm() { global $name, $email, $subject, $message, $security, $question_answers, $header_file, $footer_file, $form_width, $form_background, $form_border_color, $form_border_width, $form_border_style, $cell_padding, $left_col_width, $font_size; include $header_file; $question = array_rand($question_answers); echo $GLOBALS['error_message']; echo <<

{$name[0]}
{$email[0]}	{$email[4]}
{$subject[0]}
{$message[0]}	{$message[2]}
{$question}?	{$security[4]} We are sorry but please answer the above question to prove you are a real visitor and not a spam bot.
All fields are required.

PHP Contact Form

EOD; include $footer_file; } function clean_var($variable) { $variable = strip_tags(stripslashes(trim(rtrim($variable)))); return $variable; } /** Email validation function. Thanks to http://www.linuxjournal.com/article/9585 */ function validEmail($email) { $isValid = true; $atIndex = strrpos($email, "@"); if (is_bool($atIndex) && !$atIndex) { $isValid = false; } else { $domain = substr($email, $atIndex+1); $local = substr($email, 0, $atIndex); $localLen = strlen($local); $domainLen = strlen($domain); if ($localLen < 1 || $localLen > 64) { // local part length exceeded $isValid = false; } else if ($domainLen < 1 || $domainLen > 255) { // domain part length exceeded $isValid = false; } else if ($local[0] == '.' || $local[$localLen-1] == '.') { // local part starts or ends with '.' $isValid = false; } else if (preg_match('/\\.\\./', $local)) { // local part has two consecutive dots $isValid = false; } else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)) { // character not valid in domain part $isValid = false; } else if (preg_match('/\\.\\./', $domain)) { // domain part has two consecutive dots $isValid = false; } else if (!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/', str_replace("\\\\","",$local))) { // character not valid in local part unless // local part is quoted if (!preg_match('/^"(\\\\"|[^"])+"$/', str_replace("\\\\","",$local))) { $isValid = false; } } if ($isValid && function_exists('checkdnsrr')) { if (!(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))) { // domain not found in DNS $isValid = false; } } } return $isValid; } ?>