if (isset($_GET['page'])) {
$page = $_GET['page'];
} else {
//if they don't passed a page parameter I am taking a default
$page = 'default';
}
//to protect the input, if user give somet 'path' in the request, I am taking only the base of this to avoid an attack
$page = basename($page);
if ($page != '' && substr($page, 0, 1) === '_') {
if (!IsLoggedIn()) {
$page = 'login';
}
}
//here I am creating a path as the $page is secured -> they cannot get outside the current directory
$file_path = 'pages/' . $page . '.php';
if (isDevMode()) {
echo 'you are in dev mode';
if (file_exists('pages/' . $page . '.php.tst')) {
$file_path = 'pages/' . $page . '.php.tst';
}
if (file_exists('template.php.tst')) {
$_template_ = file_get_contents('template.php.tst');
}
}
$overview = '';
$press = '';
$quikid = '';
$keyvault = '';
$container = '';
$smartid = '';
$blog = '';
function sendInternalEmail()
{
global $form, $fname, $email, $company, $phone, $interest, $interest_s, $message, $app, $version, $adv;
$email_from = $email;
$email_to = "";
switch ($form) {
case CONTACT_FORM:
$email_to = "pat.hennessy@fusionpipe.com, giulietta@fusionpipe.com, david.snell@fusionpipe.com";
$email_subject = "{$fname} has sent you a message";
$email_message = "Form details below:\r\n\r\n" . "Name: {$fname}\r\n" . "Email: {$email}\r\n" . "Company: {$company}\r\n" . "Phone: {$phone}\r\n" . "Area of Interest: {$interest_s}\r\n" . "Message: {$message}\r\n";
break;
case DISCOVERY_FORM:
$email_to = "pat.hennessy@fusionpipe.com , giulietta@fusionpipe.com";
$email_subject = "QuikID Discovery Session Request from Fusionpipe.com";
$email_message = "Form details below.\r\n\r\n";
$email_message .= "Name: " . clean_string($fname) . "\r\n";
$email_message .= "Company: " . clean_string($company) . "\r\n";
$email_message .= "Phone: " . clean_string($phone) . "\r\n";
$email_message .= "Email: " . clean_string($email_from) . "\r\n";
break;
case DOWNLOAD_FORM:
$email_to = "pat.hennessy@fusionpipe.com, giulietta@fusionpipe.com";
$email_subject = "QuikID Download";
$email_message = "Download information below.\r\n\r\n";
$email_message .= "Name: " . clean_string($fname) . "\r\n";
$email_message .= "Company: " . clean_string($company) . "\r\n";
$email_message .= "Phone: " . clean_string($phone) . "\r\n";
$email_message .= "Email: " . clean_string($email_from) . "\r\n";
switch ($app) {
case 1:
$email_message .= "App: QuikID-Windows, v.{$version}\r\n";
break;
case 2:
$email_message .= "App: QuikID-Android, v.{$version}\r\n";
break;
default:
break;
}
break;
case SUBSCRIBE_FORM:
$email_to = "*****@*****.**";
$email_subject = "Newsletter Subscription Request from Fusionpipe.com";
$email_message = "Form details below.\r\n\r\n";
$email_message .= "Name: " . clean_string($fname) . "\r\n";
$email_message .= "Company: " . clean_string($company) . "\r\n";
$email_message .= "Email: " . clean_string($email_from) . "\r\n";
break;
default:
trigger_error("Unexpected form type");
return;
}
if (isDevMode()) {
$email_to = DEV_INTERNAL_EMAIL;
//for testing
}
$headers = 'From: ' . $email_from . "\r\n" . 'Reply-To: ' . $email_from . "\r\n" . 'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
}
