$state = filter_input(INPUT_POST, "state");
$zip_code = filter_input(INPUT_POST, "zip_code");
//check injections
if (IsInjected($name)) {
$errors .= "\n Bad name value!";
}
if (IsInjected($email)) {
$errors .= "\n Bad email value!";
}
if (IsInjected($address)) {
$errors .= "\n Bad address value!";
}
if (IsInjected($city)) {
$errors .= "\n Bad city value!";
}
if (IsInjected($zip_code)) {
$errors .= "\n Bad zip code value!";
}
//do if no errors
if (empty($errors)) {
$sql = "INSERT INTO customer_info VALUES (NULL, '{$name}', '{$email}', '{$address}', '{$city}', '{$state}', '{$zip_code}')";
$result = $mysqli->query($sql);
print "<h1>Sucessfully signed up!</h1>";
}
}
function IsInjected($str)
{
$injections = array('(\\n+)', '(\\r+)', '(\\t+)', '(%0A+)', '(%0D+)', '(%08+)', '(%09+)');
$inject = join('|', $injections);
$inject = "/{$inject}/i";
if (preg_match($inject, $str)) {
if (!empty($post['recipient']) && ($list = explode(',', $post['recipient']))) {
array_walk($list, 'array_trim');
foreach ($list as $value) {
if (!eregi('^([a-zA-Z0-9\\.\\_\\-]+)\\@((([a-zA-Z0-9\\-]+)\\.)+([a-zA-Z]+))$', $value)) {
error_msg("The recipients email address is invalid.");
}
if (!pattern_grep($value, $auth)) {
error_msg("The recipients email address is unauthorized.");
}
}
} else {
error_msg("There was an unknown error while checking the recipients email address.");
}
# Check if the posted email Is Injected
#
if (IsInjected($_POST['email'])) {
error_msg("Bad email value!");
}
# Check if the posted phone number is a number
#
if (!Isnumber()) {
error_msg("the phone number you entered is not vaild");
}
# Sort the fields
#
if (!empty($post['sort']) && ($list = explode(',', $post['sort']))) {
array_walk($list, 'array_trim');
foreach ($list as $value) {
$form["{$value}"] = $_POST["{$value}"];
}
} else {
</td>
</tr>
</table>
</body></html>';
//Validate first
if (empty($name) || empty($visitor_email)) {
echo "Name and email are mandatory!";
exit;
}
if (IsInjected($visitor_email)) {
echo "Bad email value!";
exit;
}
$email_from = '*****@*****.**';
//<== update the email address
$to = $visitor_email;
//<== update the email address
$email_subject = 'Uber is Sponsoring our Party';
$headers = "From: {$email_from}" . strip_tags($_POST['req-email']) . "\r\n";
$headers .= "Reply-To: " . strip_tags($_POST['req-email']) . "\r\n";
$headers .= "MIME-Version: 1.0\r\n";
//$headers .= "CC: susan@example.com\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
//--------------------------------------------------
//Send the email!
$passport = $_POST['passport'];
$ni = $_POST['ni'];
$jobstatus = $_POST['jobstatus'];
$occupation = $_POST['occupation'];
$address1 = $_POST['address1'];
$address2 = $_POST['address2'];
$town = $_POST['town'];
$city = $_POST['city'];
$postcode = $_POST['postcode'];
$newsletter = $_POST['newsletter'];
//Validate first
if (empty($gender)) {
echo "Please Select Gender";
exit;
}
if (IsInjected($email)) {
echo "Bad email value!";
exit;
}
$email_from = '*****@*****.**';
//<== update the email address
$email_subject = " New Quick Application Form Submission";
$email_body = '
A new applicant has submitted their details:
NAME: $salutation $firstname $middlename $lastname
GENDER: $gender
DOB: $dateofbirth
if (!empty($shirt_design)) {
$materials .= "- {$shirt_design}\n";
}
if (!empty($other_artwork)) {
$materials .= "- {$other_artwork}\n";
}
$filename = $_FILES['file']['name'];
date_default_timezone_set('America/Los_Angeles');
//$date = date('m/d/Y h:i:s a', time());
$date = date('YmdHis');
//Validate first
if (empty($first_name) || empty($last_name) || empty($user_email)) {
echo "Name and email are mandatory!";
exit;
}
if (IsInjected($user_email)) {
debug_to_console("EMAIL INJECTED");
echo "Bad email value!";
exit;
}
//$email_from = '*****@*****.**';//<== update the email address
$email_subject = "Graphics Request Case {$date}";
$email_body = "Graphics Request Details:\n\n" . "Name: {$first_name} {$last_name}\n" . "Email: {$user_email}\n" . "Organization: {$organization}\n\n" . "Event Title: \n" . "{$event_title}\n" . "Event Time: \n" . "{$event_month} {$event_date} {$event_time}\n" . "Event Location: \n" . "{$event_location}\n\n" . "Required Materials:\n" . "{$materials}\n" . "Description\n" . "{$description}\n\n" . "Other Notes\n" . "{$other_notes}\n" . "Deadline: {$deadline}";
$to = "*****@*****.**";
//<== update the email address
// $boundary =md5(date('r', time()));
// $headers = "From: $user_email \r\n";
// $headers .= "Reply-To: $user_email \r\nMIME-Version: 1.0\r\nContent-Type: multipart/mixed; boundary=\"_1_$boundary\"";
// //$headers .= "\r\nMIME-Version: 1.0\r\nContent-Type: multipart/mixed; boundary=\"_1_$boundary\"";
// $message="This is a multi-part message in MIME format.
// --_1_$boundary
/*
* XXXTR: Document more here.
*/
include "credentials.inc";
include "functions.php";
if (!isset($_POST['host']) || !isset($_POST['format'])) {
print "You must submit a request type\n";
exit(1);
}
/*
* Prevent injection attacks.
*/
$_host = $_POST['host'];
$_format = $_POST['format'];
if (IsInjected($_host) || IsInjected($_format)) {
print "Bad characters found in the string\n";
exit(1);
}
/* Create the database class stuff */
$mysqli = new mysqli($hostname, $username, $password, $database);
if ($mysqli->connect_error) {
printf("Error connecting to database {$database}: %s\n", $mysqli->connect_error);
include "footer.inc";
exit(1);
}
if (!($result = $mysqli->query("SELECT * FROM nagios_hosts"))) {
printf("Error selecting data from database: %s\n", $result->error);
$mysqli->close();
include "footer.inc";
exit(1);
$errors = '';
$from_name = '';
$from_mail = '';
$user_message = '';
$errors = '';
if (isset($_POST['submit'])) {
$from_name = $_POST['name'];
$from_mail = $_POST['email'];
$contact_no = $_POST['contact_no'];
$abstract_title = $_POST['abstract_title'];
$user_message = $_POST['message'];
/*------------Do Validations-------------*/
if (empty($from_name) || empty($from_mail) || empty($user_message) || empty($abstract_title) || empty($contact_no)) {
$errors .= "\n Name , Email, Contact Number, Title of the abstract, Abstract are required fields. ";
}
if (IsInjected($from_mail)) {
$errors .= "\n Bad email value!";
}
if (empty($_SESSION['6_letters_code']) || strcmp($_SESSION['6_letters_code'], $_POST['6_letters_code']) != 0) {
$errors .= "\n The captcha code does not match!";
}
if (preg_match("/[^0-9]/", '', $contact_no) && strlen($contact_no) == 10) {
$errors .= "Invalid phone number!";
}
if (empty($errors)) {
//send the email
/**************************** message to team ***********************/
$replyto = $from_mail;
// mail from address
$subject = "[OpenFOAM Symposium - Test Mail] A user {$from_name} submitted the contact form\n";
$ccEmail = '';
/*if(empty($repourl)||empty($repoemail))
{
$errors .= "\n Valid repository name and email are required. ";
}*/
/* if(empty($reponame))
{
$errors .= "\n Valid repository name is required. ";
}
*/
if (empty($repourl)) {
//$errors .= "\n Valid repository URL is required. ";
}
if (empty($their_email)) {
$errors .= "\n Valid email is required. ";
}
if (IsInjected($repoemail)) {
$errors .= "\n Valid email is required. ";
}
if (empty($_SESSION['6_letters_code']) || strcasecmp($_SESSION['6_letters_code'], $_POST['6_letters_code']) != 0) {
//Note: the captcha code is compared case insensitively.
//if you want case sensitive match, update the check above to
// strcmp()
$errors .= "\n The captcha code does not match!";
}
if (empty($errors)) {
//send the email
$to = $admin_email;
$subject = "Cydia Search - Repo Submission";
$from = $their_email;
$ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
$body = "Repo URL: {$repourl} \n\n" . "From: {$their_email} \n\n" . "IP: {$ip}\n\n";