function _CheckCaptcha() { global $SPECIAL_VALUES, $bReverseCaptchaCompleted, $ATTACK_DETECTION_REVERSE_CAPTCHA; global $reCaptchaProcessor; // // only check for CAPTCHA once // if (!$this->_iCaptchaType) { // // check for full CAPTCHA attempt // first, check for reCaptcha // if (isset($reCaptchaProcessor) && $SPECIAL_VALUES["arverify"] !== "") { $this->_iCaptchaType = $this->_iFull; if ($reCaptchaProcessor->Check($SPECIAL_VALUES["arverify"], $SPECIAL_VALUES, $s_error)) { $this->_bCaptchaOK = true; } else { $this->_bCaptchaOK = false; // // report the error // WriteARLog($this->_sTo, $this->_sSubject, GetMessage(MSG_LOG_RECAPTCHA, array("ERR" => $s_error), false)); UserError("recaptcha", GetMessage(MSG_RECAPTCHA_MATCH, array("ERR" => $s_error))); } } elseif ($SPECIAL_VALUES["arverify"] !== "") { // // allow spaces in the user's input, except for reCaptcha // $s_arverify = str_replace(" ", "", $SPECIAL_VALUES["arverify"]); $this->_iCaptchaType = $this->_iFull; // // full CAPTCHA has been attempted // VerifyImgString is from Tectite's simple verifyimg.php CAPTCHA. // turing_string is from Captcha Creator // if (IsSetSession("VerifyImgString") || IsSetSession("turing_string")) { $b_match = false; // // the user's entry must match the value in the session // if (IsSetSession("VerifyImgString")) { if (strtoupper($s_arverify) === strtoupper(GetSession("VerifyImgString"))) { $b_match = true; } } else { if (strtoupper($s_arverify) === strtoupper(GetSession("turing_string"))) { $b_match = true; } } if ($b_match) { $this->_bCaptchaOK = true; } else { WriteARLog($this->_sTo, $this->_sSubject, GetMessage(MSG_LOG_NO_MATCH, array(), false)); UserError("ar_verify", GetMessage(MSG_ARESP_NO_MATCH)); } } else { // // ...and it has failed because there's no session data // WriteARLog($this->_sTo, $this->_sSubject, GetMessage(MSG_LOG_NO_VERIMG, array(), false)); ErrorWithIgnore("verify_failed", GetMessage(MSG_ARESP_NO_AUTH), true); } } elseif (ENABLE_ATTACK_DETECTION && !empty($ATTACK_DETECTION_REVERSE_CAPTCHA)) { // // Reverse CAPTCHA has been configured // $this->_iCaptchaType = $this->_iRev; $this->_bCaptchaOK = $bReverseCaptchaCompleted; } } }
function SendToCRM($s_url, &$a_data) { if (!CheckValidURL($s_url)) { SendAlert("CRM URL '{$s_url}' is not valid (see TARGET_URLS in formmail.php)"); return false; } @($fp = fopen($s_url, "r")); if ($fp === false) { SendAlert("Failed to open CRM URL '{$s_url}'"); return false; } $s_mesg = ""; while (!feof($fp)) { $s_line = fgets($fp, 4096); $s_mesg .= $s_line; } fclose($fp); $s_mesg = StripHTML($s_mesg); $s_result = preg_match('/__OK__=(.*)/', $s_mesg, $a_matches); if (count($a_matches) < 2 || $a_matches[1] === "") { // // no agreed __OK__ value returned - assume system error // SendAlert("SendToCRM failed (url='{$s_url}'): '{$s_mesg}'"); return false; } // // look for fields to return // $a_data = FindCRMFields($s_mesg); // // check for success or user error // switch (strtolower($a_matches[1])) { case "true": break; case "false": // // user error // $s_error_code = "crm_error"; $s_error_mesg = "Your form submission was not accepted"; if (isset($a_data["USERERRORCODE"])) { $s_error_code .= $a_data["USERERRORCODE"]; } if (isset($a_data["USERERRORMESG"])) { $s_error_mesg = $a_data["USERERRORMESG"]; } UserError($s_error_code, $s_error_mesg, "", array()); // no return break; } return true; }
function SendToCRM($s_url, &$a_data) { global $php_errormsg; if (!CheckValidURL($s_url)) { SendAlert(GetMessage(MSG_URL_INVALID, array("URL" => $s_url))); return false; } @($fp = fopen($s_url, "r")); if ($fp === false) { SendAlert(GetMessage(MSG_URL_OPEN, array("URL" => $s_url, "ERROR" => CheckString($php_errormsg)))); return false; } $s_mesg = ""; while (!feof($fp)) { $s_line = fgets($fp, 4096); $s_mesg .= $s_line; } fclose($fp); $s_mesg = StripHTML($s_mesg); $s_result = preg_match('/__OK__=(.*)/', $s_mesg, $a_matches); if (count($a_matches) < 2 || $a_matches[1] === "") { // // no agreed __OK__ value returned - assume system error // SendAlert(GetMessage(MSG_CRM_FAILED, array("URL" => $s_url, "MSG" => $s_mesg))); return false; } // // look for fields to return // $a_data = FindCRMFields($s_mesg); // // check for success or user error // switch (strtolower($a_matches[1])) { case "true": break; case "false": // // user error // $s_error_code = "crm_error"; $s_error_mesg = GetMessage(MSG_CRM_FORM_ERROR); if (isset($a_data["USERERRORCODE"])) { $s_error_code .= $a_data["USERERRORCODE"]; } if (isset($a_data["USERERRORMESG"])) { $s_error_mesg = $a_data["USERERRORMESG"]; } UserError($s_error_code, $s_error_mesg); // no return break; } return true; }
function Compute(&$a_field_order, &$a_cleaned_values, &$a_raw_data_values, &$a_values) { global $FMCalc, $FM_UserErrors; $a_mesgs = array(); $FM_UserErrors = array(); if (($a_flds = $FMCalc->Execute($a_mesgs)) !== false) { SendComputeAlerts(); foreach ($a_flds as $s_name => $s_value) { $a_values[$s_name] = $s_value; ProcessField($s_name, $s_value, $a_field_order, $a_cleaned_values, $a_raw_data_values); } if (count($FM_UserErrors) > 0) { UserError("fmcompute_usererrors", GetMessage(MSG_USER_ERRORS), "", $FM_UserErrors); } } else { SendComputeAlerts(); Error("fmcompute_exec", GetMessage(MSG_COMP_EXEC, array("ERRORS" => implode("\n", $a_mesgs))), false, false); } }