/**
* Frontend::send_email()
*
* @return
*/
public function send_email($originPage)
{
$this->load->library('session');
$this->load->library('form_validation');
$this->load->helper('captcha');
$this->session->unset_userdata(array("form_name", "form_email", "form_message", "form_telefon", "form_redaktion", "form_telefon", 'form_validation_errors'));
if (!$this->_validate_form()) {
$this->_store_form();
if ($originPage == "presse") {
redirect('aktuelles/presse/validierung');
}
if ($originPage == "impressum") {
redirect('impressum/validierung');
}
if ($originPage == "kontakt") {
redirect('kontakt/validierung');
}
} else {
if (!validate_captcha($this->input->post('captcha'), 7200)) {
$this->_store_form();
if ($originPage == "presse") {
redirect('aktuelles/presse/captcha');
}
if ($originPage == "impressum") {
redirect('impressum/captcha');
}
if ($originPage == "kontakt") {
redirect('kontakt/captcha');
}
} else {
$this->load->library('email');
$this->email->from($this->input->post('email'), $this->input->post('name'));
$this->email->to(EMAIL_CONTACT_FORM_TO);
$this->email->subject($this->input->post('betreff'));
$message = 'Name: ' . $this->input->post('name') . '<br />';
$message .= 'Redaktion: ' . $this->input->post('redaktion') . '<br />';
$message .= 'Email-Adresse: ' . $this->input->post('email') . '<br />';
$message .= 'Telefon: ' . $this->input->post('telefon') . '<br />';
$message .= 'Nachricht: <br />' . $this->input->post('message') . '<br />';
$this->email->message($message);
$this->email->send();
if ($originPage == "presse") {
redirect('aktuelles/presse/gesendet');
}
if ($originPage == "impressum") {
redirect('impressum/gesendet');
}
if ($originPage == "kontakt") {
redirect('kontakt/gesendet');
}
}
}
}
function _validate($csrf = false)
{
$result = true;
if (!$this->security->is_valid_token() && $csrf) {
add_error(l('Cannot access resources, Contact Administrator'));
$result = false;
} else {
$this->load->library('form_validation');
if (!empty($this->_validation[$this->uri->rsegments[2]])) {
$this->form_validation->set_rules($this->_validation[$this->uri->rsegments[2]]);
$result = $this->form_validation->run();
if (!$result) {
add_error($this->form_validation->get_errors());
}
}
$uploader = null;
if (isset($this->ximage)) {
$uploader = $this->ximage;
} elseif (isset($this->upload)) {
$uploader = $this->upload;
}
if (!empty($uploader)) {
if ($_FILES[$uploader->field]['error'] !== 4) {
if (!$uploader->do_upload($uploader->field)) {
$result = false;
add_error($uploader->error_msg);
}
}
}
if (isset($_POST['captcha'])) {
if (!validate_captcha()) {
$result = false;
add_error(l('You must submit the word that appears in the image'));
}
} elseif (isset($_POST['recaptcha_response_field'])) {
$this->load->library('recaptcha');
$this->lang->load('recaptcha');
$captcha = trim($_POST['recaptcha_response_field']);
if (empty($captcha) || !$this->recaptcha->check_answer($this->input->ip_address(), $this->input->post('recaptcha_challenge_field'), $this->input->post('recaptcha_response_field'))) {
$result = false;
add_error(l('You must submit the word that appears in the image'));
}
}
}
return $result;
}
<?php
require '../../include/ctf.inc.php';
enforce_authentication(CONST_USER_CLASS_USER, true);
$time = time();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
validate_xsrf_token($_POST[CONST_XSRF_TOKEN_KEY]);
if (CONFIG_RECAPTCHA_ENABLE_PRIVATE) {
validate_captcha();
}
if ($_POST['action'] == 'submit_flag') {
validate_id($_POST['challenge']);
if (empty($_POST['flag'])) {
message_error('Did you really mean to submit an empty flag?');
}
$submissions = db_select_all('submissions', array('correct', 'added'), array('user_id' => $_SESSION['id'], 'challenge' => $_POST['challenge']));
// make sure user isn't "accidentally" submitting a correct flag twice
$latest_submission_attempt = 0;
$num_attempts = 0;
foreach ($submissions as $submission) {
$latest_submission_attempt = max($submission['added'], $latest_submission_attempt);
if ($submission['correct']) {
message_error('You may only submit a correct flag once.');
}
$num_attempts++;
}
// get challenge information
$challenge = db_select_one('challenges', array('flag', 'category', 'case_insensitive', 'automark', 'available_from', 'available_until', 'num_attempts_allowed', 'min_seconds_between_submissions'), array('id' => $_POST['challenge']));
$seconds_since_submission = $time - $latest_submission_attempt;
if ($seconds_since_submission < $challenge['min_seconds_between_submissions']) {
message_generic('Sorry', 'You may not submit another solution for this challenge for another ' . seconds_to_pretty_time($challenge['min_seconds_between_submissions'] - $seconds_since_submission));
$contact_back = isset($_POST["contact_back"]) ? true : false;
if ($contact_back === true) {
$contact_back = "It's OK to contact the customer back";
} else {
$contact_back = "The customer does not want a follow-up";
}
$cust_logged_in = "This customer was logged in when submitting this comment";
send_comment_email($email, $subject, $message, $sender_name, $sender_email, $contact_back, $cust_logged_in);
$location = "send_comment.php?action=sent";
redirect($location);
} else {
$alert = "Comment cannot be empty";
}
} else {
if (!empty($_POST['g-recaptcha-response'])) {
if (validate_captcha($_POST['g-recaptcha-response']) === true) {
if (!empty($_POST["comment"])) {
// Direct the email to the selected person
if ($_POST["directed_to"] === "department01") {
$email = "*****@*****.**";
} elseif ($_POST["directed_to"] === "department02") {
$email = "*****@*****.**";
}
// Set subject
if ($_POST["category"] === "category01") {
$subject = "Customer comment - Food & drinks";
} elseif ($_POST["category"] === "category02") {
$subject = "Customer comment - Service";
} elseif ($_POST["category"] === "category03") {
$subject = "Customer comment - Facility";
} elseif ($_POST["category"] === "category04") {
if ($validate_email) {
if (!valid_email($email)) {
redirect("register.php?e=2");
}
}
if ($pass != $confpass) {
redirect("register.php?e=3");
}
if (strlen($uname) < 4 || strlen($uname) > 14) {
redirect("register.php?e=4");
}
if (strlen($pass) < 4 || strlen($pass) > 14) {
redirect("register.php?e=5");
}
if ($require_captcha) {
if (!validate_captcha($captcha)) {
redirect("register.php?e=6");
}
}
switch ($locale) {
case "North America":
$location = 2;
break;
case "Oceanic":
$location = 3;
break;
case "Latin America":
$location = 4;
break;
case "Korea":
$location = 6;
/**
* add new client account to database
*
*/
function __createAccount()
{
//profiling
$this->data['controller_profiling'][] = __FUNCTION__;
//flow control
$next = true;
//prevent direct access
if (!isset($_POST['submit'])) {
//redirect to form instead
redirect('common/signup');
}
//prefill forms with post data
foreach ($_POST as $key => $value) {
$this->data['fields']['new_client'][$key] = $value;
}
//form validation
if (!$this->__flmFormValidation('client_signup')) {
//show error
$this->notices('error', $this->form_processor->error_message, 'html');
//halt
$next = false;
}
//validate optional fields
if ($next) {
$error = '';
for ($i = 1; $i <= 3; $i++) {
//the field names; values; required state
$field_name = "clients_optionalfield{$i}";
$wi_field_name = "wi_clients_optionalfield{$i}";
$field_required = "wi_clients_optionalfield{$i}" . "_required";
$field_title = $this->data['row'][$field_name];
//process each required field
if ($this->data['visible'][$field_required] == 1) {
//is there post data
if ($this->input->post($field_name) == '') {
//error
$error .= "{$field_title} - is required <br/>";
//halt
$next = false;
}
}
//add field to mysql array (for use in model) if its enabled
if ($this->data['visible'][$wi_field_name] == 1) {
$mysql_client_optional_fields[] = $field_name;
}
}
//show error
if (!$next) {
$this->notices('error', $error, 'html');
}
}
//validate captcha
if ($next) {
if (!validate_captcha($this->input->post('captcha_text'))) {
//show error
$this->notices('error', $this->data['lang']['lang_incorrect_security_text'], 'html');
//generate a new cptch image
$this->data['vars']['captcha_image'] = new_captcha();
//halt
$next = false;
}
}
//save information to database & get the id of this new client
if ($next) {
$client_id = $this->clients_model->addClients();
$this->data['debug'][] = $this->clients_model->debug_data;
if (!$client_id) {
//halt
$next = false;
}
}
//save user details & get the id of this new user
if ($next) {
//create a password (fake post)
$_POST['client_users_password'] = random_string('alnum', 8);
//add user to database
$client_users_id = $this->users_model->addUser($client_id);
$this->data['debug'][] = $this->users_model->debug_data;
if (!$client_users_id) {
//halt
$next = false;
}
}
//update primary contact & make this new user the primary contact
if ($next) {
$result = $this->users_model->updatePrimaryContact($client_id, $client_users_id);
$this->data['debug'][] = $this->users_model->debug_data;
if (!$result) {
//halt
$next = false;
}
}
//results
//all is ok
if ($next) {
//send email to client
$this->__emailer('new_client_welcome_client');
//send email to admin
$this->__emailer('new_client_admin');
//show login page
$this->data['template_file'] = PATHS_CLIENT_THEME . 'login.html';
$this->data['visible']['wi_login_form'] = 1;
//show success message
$this->notices('success', $this->data['lang']['lang_account_created_check_email'], 'html');
//delete captch session - to help avoid user refreshing post
$this->session->unset_userdata('captacha_word');
} else {
$this->notifications('wi_notification', $this->data['lang']['lang_an_error_has_occurred']);
}
}
$captcha = strtoupper($input->pc['captcha']);
$terms = $input->pc['terms'];
$referrer = $db->real_escape_string($_SESSION['ref']);
$gatewayid = $input->p['gatewayid'];
if (verifyToken("register", $input->p['token']) !== true) {
serveranswer(0, $lang['txt']['invalidtoken']);
}
if ($settings['captcha_register'] == "yes") {
if ($settings['captcha_type'] == "1") {
$resp = validate_captcha($captcha, "");
} else {
if ($settings['captcha_type'] == "2") {
$resp = validate_captcha($_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
} else {
if ($settings['captcha_type'] == "3") {
$resp = validate_captcha();
}
}
}
}
if ($terms != "on") {
serveranswer(0, $lang['txt']['acceptourtos']);
}
$pass = "******";
$inputs = array("username" => $username, "password" => $password, "fullname" => $fullname, "email" => $email, "email2" => $email2);
foreach ($inputs as $n => $value) {
if (empty($value)) {
$pass = "******";
serveranswer(0, $lang['txt']['fieldsempty']);
break;
}
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<?php
include "_includes/global_header_addon.php";
require_once "_includes/_functions/global_functions.php";
require_once "_includes/topBar.php";
require_once "_includes/_functions/send_mail_functions.php";
// evaluate post variables
if (isset($_POST["submit"])) {
if ($_POST["submit"] === "registrationSubmit") {
$submission_valid = 1;
//Here's where you check for conditions
//validate Google's ReCaptcha
$captcha_ok = validate_captcha($_POST['g-recaptcha-response']);
// Process first name
$name_first = clean_input($_POST["name_first"]);
$regex = "/^[a-zA-Z ]*\$/";
// Condition to check
if (preg_match($regex, $name_first) === 1 && strlen($name_first) >= 2) {
$name_first_ok = 1;
} else {
$name_first_ok = 0;
}
// Process last name
$name_last = clean_input($_POST["name_last"]);
$regex = "/^[a-zA-Z ]*\$/";
// Condition to check
if (preg_match($regex, $name_last) === 1 && strlen($name_last) >= 2) {
$name_last_ok = 1;
