function clean_contact_send($atts) { $to_email = $atts['email'] ? $atts['email'] : get_option('clean_contact_email'); $to_email = clean_contact_scrub($to_email); $bcc = $atts['bcc'] ? $atts['bcc'] : get_option('clean_contact_bcc'); $bcc = clean_contact_scrub($bbc); $cc = $atts['cc'] ? $atts['cc'] : get_option('clean_contact_cc'); $cc = clean_contact_scrub($cc); $body = clean_contact_scrub($_POST['clean_contact_body']); $from_name = clean_contact_scrub($_POST['clean_contact_from_name']); $from_email = clean_contact_scrub($_POST['clean_contact_from_email']); $from = $from_name ? "{$from_name} <{$from_email}>" : $from_email; if (!clean_contact_valid_email($from_email) or !clean_contact_valid_email($to_email)) { return false; } $headers = array(); if ($from_email_set = get_option('clean_contact_from_email')) { if (clean_contact_valid_email($from_email_set)) { $from_email = $from_email_set; $from = $from_email_set; $headers[] = "Reply-To: {$from}"; } } $headers[] = "From: {$from}"; $to = '"' . addslashes(get_bloginfo('name')) . '" ' . "<{$to_email}>"; if (clean_contact_valid_email($cc)) { $headers[] = "CC: {$cc}"; } if (clean_contact_valid_email($bcc)) { $headers[] = "BCC: {$bcc}"; } $headers[] = 'X-Originating-IP: ' . $_SERVER['REMOTE_ADDR']; $headers[] = 'X-Mailer: WP Clean-Contact (' . $_SERVER['SERVER_NAME'] . ')'; $headers[] = 'MIME-Version: 1.0'; $headers[] = 'Content-type: text/plain; charset=' . get_bloginfo('charset'); if (get_option('clean_contact_akismet') == 1 and clean_contact_akismet($body, $subject, $from_email, $from_name)) { return false; } else { $prefix = $atts['prefix'] ? $atts['prefix'] : get_option('clean_contact_prefix'); $subject = clean_contact_scrub($_POST['clean_contact_subject']); if ($prefix) { $subject = "[{$prefix}] {$subject}"; } ini_set('mail.add_x_header', 'Off'); mail($to, $subject, $body, implode("\n", $headers)); return true; } }
function clean_contact_send($atts) { $to_email = !empty($atts['email']) ? $atts['email'] : cc_get_option('clean_contact_email'); $to_email = sanitize_email($to_email); //alter to_email if $_POST['clean_contact_router'] is present and matches $route_options = cc_get_option('clean_contact_router'); if ($route_options) { $subject_options = array(); $rows = preg_split("/\r\n|\n|\r/", $route_options); foreach ($rows as $row) { list($subject, $email) = explode('|', $row, 2); $subject_options[$subject] = $email; } } if (isset($_POST['clean_contact_router']) && array_key_exists(stripslashes($_POST['clean_contact_router']), $subject_options)) { $to_email = sanitize_email($subject_options[stripslashes($_POST['clean_contact_router'])]); } $bcc = !empty($atts['bcc']) ? $atts['bcc'] : cc_get_option('clean_contact_bcc'); if (!empty($bcc)) { $bcc = implode(',', array_map('sanitize_email', explode(',', $bcc))); } else { $bcc = ''; } $cc = $atts['cc'] ? $atts['cc'] : cc_get_option('clean_contact_cc'); if (!empty($cc)) { $cc = implode(',', array_map('sanitize_email', explode(',', $cc))); } else { $cc = ''; } $subject = sanitize_text_field($_POST['clean_contact_subject']); $prefix = !empty($atts['prefix']) ? $atts['prefix'] : cc_get_option('clean_contact_prefix'); if ($prefix) { $subject = "[{$prefix}] {$subject}"; } $body = stripslashes(wp_filter_nohtml_kses($_POST['clean_contact_body'])); $from_name = sanitize_text_field($_POST['clean_contact_from_name']); $from_email = sanitize_email($_POST['clean_contact_from_email']); $from = !empty($from_name) ? "{$from_name} <{$from_email}>" : $from_email; if (!is_email($from_email) || !is_email($to_email)) { return false; } $headers = array(); if ($from_email_set = cc_get_option('clean_contact_from_email')) { if (is_email($from_email_set)) { $from_email = $from_email_set; $from = $from_email_set; $headers[] = "Reply-To: {$from}"; } } $headers[] = "From: {$from}"; $to = '"' . addslashes(get_bloginfo('name')) . '" ' . "<{$to_email}>"; if (!empty($cc)) { $headers[] = "CC: {$cc}"; } if (!empty($bcc)) { $headers[] = "BCC: {$bcc}"; } $headers[] = 'X-Originating-IP: ' . sanitize_text_field($_SERVER['REMOTE_ADDR']); $headers[] = 'X-Mailer: WP Clean-Contact (' . sanitize_text_field($_SERVER['SERVER_NAME']) . ')'; $headers[] = 'MIME-Version: 1.0'; $headers[] = 'Content-type: text/plain; charset=' . get_bloginfo('charset'); if (cc_get_option('clean_contact_akismet') == 1 && clean_contact_akismet($body, $subject, $from_email, $from_name)) { return false; } else { wp_mail($to, $subject, $body, $headers); return true; } }