$subject

and you want to require the name and zip code you would do this: $required_fields = array('name','Zip_Code'); Please note, if you are using an array for an input name (e.g name="product[]") and you wish to make this a required field, enter the name below without the square brackets like so ('product'). The standard form has the three fields shown below. If you have not enabled checking for required fields you can leave the line below as it is, as it will be ignored. */ $required_fields = array('NAME','email','PHONE'); /* IP address display. If you enable this, the email sent to you will have the sender's IP address shown at the bottom. To enable it, change the value to 1, like so: $show_ip = 1; */ $show_ip = 1; /* Check for banned IPs. You can ban specific IP addresses or IP address classes from using your form. To enable checking for these, change the value below to 1, like so: $banned_ips_check = 1; */ $banned_ips_check = 0; /* Banned IPs. Make a list of the IP addresses (or classes) you would like to ban. You must enable checking for banned IPs above, for this to work. Enter the IP address in quotes. For more than one address, separate them with commas as in this example: $banned_ips = array('44.22.233.21','82.24.56.1','224.130.87.113'); To ban an IP address class, enter the class like so (remembering to put a period at the end): $banned_ips = array('44.','82.24.','224.130.87.'); So looking at the last class in this example, any IP address in the range 224.130.87.0 to 224.130.87.255 will be banned. In other words, any IP address beginning with 224.130.87. will be banned. Here's an example of individual IP addresses and an IP class (they all go in the same array): $banned_ips = array('44.22.233.21','224.130.87.113','82.24.'); Please note, the IP addresses and classes shown in the above examples are fictitious. There is virtually no limit to the number of IP addresses you can list here but the more you have the slower the script will run (as with any script) but you would need to have quite a large list to notice any difference. */ $banned_ips = array(); /* Banned IP message. If the form is submitted from a banned IP address, the (contents of the form) email will not be sent to you. The script will issue an error to the user. You can edit the error message by changing the message between the quotes below. If you don't want to reveal that the IP address is banned, you could have a message like "An error has occurred. The form was not sent.". */ $banned_ip_message = "Your IP address is banned. The form was not sent."; /* Cookie requirement. If you enable this the script will first check for the existence of a cookie. If the cookie does not exist, the script will exit, an error message will be issued and the email will not be sent. This is a very useful feature as it will block some spam bots. If this is enabled, the user (your website visitor) must have cookies enabled on their browser. To use this feature you must set a cookie on the page that the form is on. If it is on an HTML page you can set the cookie by putting this line in the section: If the form is on a PHP page, you can set the cookie by entering this code on the page (before any output - usually near the top): setcookie('formtoemailpro',1); To require a cookie, change the value to 1, like so: $require_cookie = 1; */ $require_cookie = 1; /* Referrer check. By default the script will check for a referrer (referer) header to establish that the form is being submitted from your site. To disable this, change the value to 0, like so: $check_referrer = 0; */ $check_referrer = 1; /* Word block. You can block any word (rude or otherwise) character, string or phrase from being submitted. If such an instance is detected the script will issue an error and the email will not be sent. The script performs this check by default and checks all fields for these words. To disable it, change the value below to 0, like so: $word_block = 0; */ $word_block = 1; /* Blocked words. This is a list of words or characters that will be checked for if word block is enabled above. You can add or remove words from the array below. You can enter a single character or a string of characters or words (it is not case-sensitive). Place each word (or phrase) in quotes and separate them with commas. By default the script will not allow web addresses (URLs beginning with http:// or https://) to be posted. If someone is trying to spam you, you can be fairly certain that they will include a web address in the comments or elsewhere. If you expect your visitors to enter web addresses, then you should remove 'http://','https://' from the array (or disable word block above). The line below is only used if word block is enabled, otherwise it is ignored. */ $blocked_words = array('http://','https://','viagra','cialis','[url]','[/url]','ttp:','bcc','make love','in bed','in the bed','valium','vicodin','levitra','tramidol','url=','meridia','.js','javascript','.vba','.vb','.vbs','.ocx','.exe','.bat','.dll','SQL','QUERY','.msi','.zip','.rar','.pdf','.xml','.css',' tags: Note that you have to enter your reCAPTCHA public key in the above code (same too if using the sample form code above). Your form page MUST be a PHP page for the reCAPTCHA code to work. i.e. your page must have a .php extension like "contact.php" for example. You will also need to download the PHP zip file from recaptcha.net and put the file "recaptchalib.php" in the same directory/folder as the form page and script. The zip file from recaptcha.net has several files in it but "recaptchalib.php" is the only one you need. You can get it here: http://code.google.com/p/recaptcha/downloads/list?q=label:phplib-Latest All the code you need is included in the script. You do not need to get any code from recaptcha.net. The only thing you need from them is your public and private keys and the zip file containing recaptchalib.php. By default this option is not enabled ($reCAPTCHA = 0;). To enable it, change the 0 below to 1, like so: $reCAPTCHA = 1; */ $reCAPTCHA = 0; /* Private key for the reCAPTCHA system. Enter your reCAPTCHA private key between the quotes below. You get this from recaptcha.net when you register with them, see above. The key is only valid for the domain it was registered to. This is only used if you have enabled the reCAPTCHA system above. Default is: $privatekey = ""; */ // CMI $privatekey = "6LfEvgIAAAAAAA6mrrMqGSdE9W2wgE-bf0go7cqk"; //WB $privatekey = "6LdhvwIAAAAAAFVdZgGAJg8z1GnOHhlexNYzmdVc"; /* HTML formatting. By default the script will send you an email in plain text but you can choose to have the output sent to you in HTML format. This presents the output in a table with different colors and bold fonts which makes it very neat and easy to read. You can customize it below. Enabling this option also means that the autoresponder email (if enabled) will also be in HTML format. To enable HTML formatting change the value below to 1, like so: $html_format = 1; */ $html_format = 1; /* HTML output customizing. Change the values below, as required, to customize the HTML output. These values are only used if HTML formatting is enabled above, otherwise they are ignored. You can use words (red, green) hexidecimal or RGB values for the colors. The table outputs two columns. The left one contains the keys (variables from your form fields) and the right one contains the values entered by your visitor. Try it with the default settings first so you can see what it looks like. The HTML format uses "old-fashioned" HTML (bgcolor, ) because some email readers have difficulty with CSS. You can also change the font settings for the autoresponder message below (if enabled). */ $table_cellpadding = "5"; $table_cellspacing = "1"; $table_background_color = "#000000"; $table_left_column_color = "#ececec"; $table_left_column_font = "arial"; $table_left_column_font_size = "2"; $table_left_column_font_color = "#000000"; $table_right_column_color = "#ffffff"; $table_right_column_font = "arial"; $table_right_column_font_size = "2"; $table_right_column_font_color = "#000000"; $autoresponder_font = "arial"; $autoresponder_font_size = "2"; $autoresponder_font_color = "#000000"; /* Character set. Specify a character set (encoding) to be used in the output email and the built-in "thank you" message. Only change this if you need to and you know the correct one to use. Enter the desired value between the quotes. Default: $character_set = "iso-8859-1"; Please also state the character set in the of your form page. So for example if you are using utf-8, the line in your form page would be: and the variable below would be: $character_set = "utf-8"; */ $character_set = "iso-8859-1"; /* Encode From: name and subject line. Apply encoding to the email From: name and the email subject line. Only do this if you need to. You will normally only need to do this if you are using exotic characters that are getting garbled in the From: name or subject line. It uses the $character_set variable value above. The default setting is disabled, thus: $encode_name_subject = 0; To enable it, change the 0 to 1, like so: $encode_name_subject = 1; */ $encode_name_subject = 0; /* CSV attachment. You can choose to have the form data included in a CSV (Comma Separated Value) file that is sent as an attachment to the email the script sends (you still get the form data in the email). The file contains the field names as the header row and the form data as the second row. The file only contains data from the submitted form and does not accumulate data from all form submissions (see below if you want a CSV file containing all form submissions). The CSV file can be opened in Excel, for example. You do not need to make any changes to your form. To enable this, change the value below to 1, like so: $csv_attachment = 1; */ $csv_attachment = 0; /* CSV file on server. If you enable this, all data from submitted forms will be accumulated in a CSV file on your server. You can then download the file and open it in Excel (for example) and search/sort/manipulate/print the data to suit. By default the CSV file is kept in the same directory/folder as the script and is named "form_data.csv". You can change the location of the file below. The first line of the file is a header row made up of the field names from your form. The subsequent rows show the data submitted from your form, one line of data for each form submitted. *** IMPORTANT *** For this to work, PHP must have permission to write to the directory where the CSV file will be created and kept (the script creates the file automatically if it does not already exist). For Unix/Linux type operating systems, set the permissions for the directory to CHMOD 770. This allows you (the owner) and PHP to write to the directory but does not allow the rest of the world to do so. You do not need to change permissions for the CSV file itself. To enable this option, change the value below to 1, like so: $csv_file_on_server = 1; */ $csv_file_on_server = 0; /* Path to CSV file on server. This is the path to the location on your server where the CSV file will be kept. By default it is in the same directory/folder as the script. The default setting is: $path_to_csv_file = dirname(__FILE__) . "/"; You can change the location by entering the full server path below. Like this for example: $path_to_csv_file = "/home/users/bob/files/"; Note that you must have a trailing slash at the end. Note also that you do not include the file name in the path. */ $path_to_csv_file = dirname(__FILE__) . "/"; /* CSV filename. Enter a filename below for the CSV file or keep the default name as it is. This name is used for the file that is sent as an attachment and/or the file that is kept on your server. If you enter a name, put it in quotes like this: $csv_filename = "sales_enquiry.csv"; */ $csv_filename = "form_data.csv"; /* Autoresponder. You can configure the script to send an automated email response to the enquirer. The message will contain a subject line, a header message, the data from the form submitted and a footer message (signature). You can also attach a file to it, see below. Configure the various options in the lines below. If HTML output is enabled above, then the autoresponse email will also be in HTML format. It is advisable not to enable HTML output as it can be unpredictable at times with different email applications/readers, and your visitor might not have their system configured to display HTML emails. By default the script will not issue an autoresponse. To enable the autoresponder, change the value below to 1, like so: $autoresponder = 1; */ $autoresponder = 0; /* By default the From: address shown in the autoresponse email will be the email address that is used to send the contents of the form to, and is configured in the $my_email variable above. You can enter a different From: email address below. Like this for example: $autoresponder_from = "support@example.com"; */ $autoresponder_from = ""; /* Enter a subject line for the autoresponse email below. Keep it between the quotes. */ $autoresponder_subject = "Your enquiry"; /* Enter a message below, between the quotes, that will be shown at the top of the autoresponse email. */ $autoresponder_header_message = "Thank you for your enquiry. We will get back to you shortly. The data you submitted is shown below."; /* Enter a message (or signature) below, between the quotes, that will be shown at the bottom of the autoresponse email. */ $autoresponder_footer_message = ""; /* Send an attachment with the autoresponder. You can attach a file to the autoresponse message. To do so, you need to enable it then enter the information about the file, its name, its location and the filetype in the configuration options below. To enable a file to be attached to the autoresponse email, change the 0 to 1 below, like this: $autoresponder_attachment = 1; */ $autoresponder_attachment = 0; /* Autoresponder attachment file name. Between the quotes below, enter the name of the file you are attaching, like this for example: $autoresponder_attachment_file = "brochure.doc"; */ $autoresponder_attachment_file = ""; /* Autoresponder attachment location. In the quotes below, enter the location (path) of the file you would like to attach. It must be the full server path to the file and must have a trailing slash, like this for example: $autoresponder_attachment_path = "/home/username/files/"; Do not enter the file name here, that is done above. */ $autoresponder_attachment_path = ""; /* Autoresponder attachment content (MIME) type. Between the quotes below, enter the file content type. PHP cannot tell what the content type is, so you must enter it yourself. These examples are for common content types: $autoresponder_attachment_content_type = "application/msword"; (Word document .doc) $autoresponder_attachment_content_type = "application/ms-excel"; (Excel spreadsheet .xls) $autoresponder_attachment_content_type = "application/pdf"; (Adobe PDF document .pdf) $autoresponder_attachment_content_type = "image/jpeg"; (JPEG image .jpg .jpeg) You can get a list of MIME content types here: http://www.utoronto.ca/webdocs/HTMLdocs/Book/Book-3ed/appb/mimetype.html */ $autoresponder_attachment_content_type = ""; /* Ignoring fields. You might have fields/inputs on your form that you want to ignore, i.e you do not want them sent in the email you receive from the script. Typically this might be a "submit" input. If you wish to ignore certain fields, you must enable this option. To enable it, change the 0 below to 1, like so: $ignore_fields = 1; */ $ignore_fields = 1; /* In the array below, list the field names that you want to be ignored. Enter the names EXACTLY as they appear on your form. An example is shown below. You can edit it as required but remember to put the values in quotes and separate them with commas. The array below is ignored if you have not enabled $ignore_fields above. */ $fields_to_ignore = array('Submit','submit','recaptcha_challenge_field','recaptcha_response_field','reset','Reset','security_code'); /* Sort fields. You can specify the order that your form fields are displayed in the email sent from the script. To use this option you must enable it then enter the form fields order in the next section below. To enable it, change the 0 below to 1, like so: $sort_fields = 1; */ $sort_fields = 0; /* Form fields order. In the array below ($field_order_keys) you can set the order of your form fields so that they will show in the email in the order that they appear in the array. You must enable $sort_fields above for this to take effect, otherwise it is ignored. The array shown below is an example. Enter your form field names in the array. Put them in quotes and separate them with commas as in the example below. You must name the fields EXACTLY as they are named in your form. ONLY the fields in the array will be shown in the email sent from the script and in the order entered in the array. If you have an array input field on your form, like fruit[], then enter the name without the square brackets, like so: 'fruit'. */ $field_order_keys = array('email','comments','name'); /* Line spacing. If you receive your email in plain text, the form data will be shown on separate lines with a space in between them. This is to make it easy to read. This is default. You can change the output so that the data is shown on new lines but without spaces. To do so, change the value below to 0, like so: $line_spacing = 0; */ $line_spacing = 1; /* Show blank fields. By default the script will only return form fields where a value has been entered. If you would like the script to return all form fields including blanks, then enable $show_blank_fields below. To enable it, change the 0 to 1 like so: $show_blank_fields = 1; */ $show_blank_fields = 0; /* Block file types. If you are uploading files from your form, you can block certain file types. To do so, enable this feature then enter the blocked file types in the next option. To enable this feature, change the 0 below to 1, like so: $block_file_types = 1; Alternatively you can specifically state which file types you will allow, see below. Blocking file types will allow ALL file types to be uploaded EXCEPT those that you choose to block. */ $block_file_types = 1; /* File types to block. List in the array below, the file extensions that you want to block. If the script detects a file with one of these extensions, it will issue an error and stop processing the form. Enter file types in lower case, in quotes and separated by commas, like this default setting: $file_types_to_block = array('.com','.bat','.exe'); Note that you must include the dot (period). You can add or remove file extensions to suit. This array is ignored if you have not enabled $block_file_types above so it is safe to leave it as it is. Enter the file type extensions in lower case, ".exe" will block "file.EXE" and "file.exe" for example. */ $file_types_to_block = array('.com','.bat','.exe','.zip','.rar','.pdf','.msi'.'.dll'); /* Allow file types. If you are uploading files from your form, as an alternative to blocking certain file types (above) you can choose to only ALLOW certain file types. To do so, enable this feature then enter the allowed file types in the next option. To enable this feature, change the 0 below to 1, like so: $allow_file_types = 1; Stating file types to allow will only allow those that you state below to be uploaded, ALL others will not be allowed. By default, ALL file types are allowed. */ $allow_file_types = 0; /* File types to allow. List in the array below, the file extensions that you want to allow. If the script detects a file type that is not allowed, it will issue an error and stop processing the form. Enter file types in lower case, in quotes and separated by commas, like this default setting: $file_types_to_allow = array('.doc','.pdf','.jpg'); Note that you must include the dot (period). You can add or remove file extensions to suit. This array is ignored if you have not enabled $allow_file_types above so it is safe to leave it as it is. */ $file_types_to_allow = array('.doc','.pdf','.jpg'); /* Set a maximum file upload size. You can check the size of uploaded files and reject those that exceed a maximum file size set below. This feature is Independent of $block_file_types above. It only requires a value to be set for it to be enabled, otherwise the check is not carried out. By default the value is empty and the check is not carried out, this is the default setting: $max_file_size = ""; To enable this feature, enter a value between the quotes. The value is the maximum permitted file size in bytes. 1 Megabyte (MB) = 1048576 Bytes. Do not enter punctuation in the value. Here is an example: $max_file_size = "1048576"; This check is independent of the check that PHP makes on your server for the size of uploaded files (in php.ini). Please note. If an uploaded file exceeds the limit set in php.ini then PHP will reject the file and it will not get passed to the script. This means that the script will not issue an error because it knows nothing about the file. If you want the script to issue an error in this case, increase the limit in php.ini to a value that is greater than the value you set here. */ $max_file_size = ""; /* Upload files to the server. By default, any files uploaded from your form will be sent as attachments to the email the script sends you. Alternatively you can upload these files to your server. Uploaded files will overwrite any existing files of the same name in the same location. See the section in the description at the top of this script for information about handling file uploads. To enable uploads to your server, change the 0 to 1 in the line below, like so: $upload_files_to_server = 1; */ $upload_files_to_server = 0; /* Upload files directory. By default the uploaded files will go in the same directory/folder that the script is in. You can instead name a directory on your server where you would like the files to go. PHP must have permission to write to the directory. Permissions are down to your server setup but CHMOD 777 will work in every case. If the directory is above the web root, you will get the file-names-only shown in the email from the script. If the directory is web-accessable you will get a link to the uploaded file(s) in the email from the script which you can click on to download them. If using the latter option it is better to enable the HTML output option in the script as it makes displaying the links more predictable (it handles spaces in the file names better). If you specify a directory below, put it in quotes and include a trailing slash (you must use the full server path), as in this example: $path_to_uploaded_file = "/home/username/uploads/"; */ $path_to_uploaded_file = dirname(__FILE__) . "/"; /* Prefix for uploaded file names. You can specify a prefix for the uploaded files, this is optional. This will only be applied to files uploaded to your server, not to files sent as attachments. You can hard-code a prefix or you can use a value from your form. To hard-code a prefix, put it in quotes like so: $uploaded_file_prefix = "user_file_"; This prefix name will be applied to EVERY file uploaded. You might find it useful to prefix the file name with the user's name. You can do so like this: $uploaded_file_prefix = $_REQUEST['name']; This assumes that the name input on your form is "name", otherwise change it to suit. You can prefix it with any value from your form, just change 'name' in this example with the name of the field from your form. To make the file name more readable, you can put an underscore after the prefix like so: $uploaded_file_prefix = $_REQUEST['name'] . "_"; You can use more than one form value and separate them with underscores like so: $uploaded_file_prefix = $_REQUEST['firstname'] . "_" . $_REQUEST['lastname']; (The example assumes you have the inputs "firstname" and "lastname" on your form). */ $uploaded_file_prefix = ""; /* End of configuration options. */ $errors = array(); $attachment_array = array(); // Remove $_COOKIE elements from $_REQUEST. if(count($_COOKIE)){foreach(array_keys($_COOKIE) as $value){unset($_REQUEST[$value]);}} // Check reCAPTCHA if($reCAPTCHA) { require_once('recaptchalib.php'); $resp = recaptcha_check_answer($privatekey,$_SERVER["REMOTE_ADDR"],$_REQUEST["recaptcha_challenge_field"],$_REQUEST["recaptcha_response_field"]); if(!$resp->is_valid) { $errors[] = "The reCAPTCHA wasn't entered correctly. Go back and try it again (reCAPTCHA said: " . $resp->error . ")"; } } // Remove ignored fields from $_REQUEST. if($ignore_fields) { foreach($fields_to_ignore as $value){if(isset($_REQUEST[$value])){unset($_REQUEST[$value]);}} } // Validate email field. if(isset($_REQUEST['email']) && !empty($_REQUEST['email'])) { $_REQUEST['email'] = trim($_REQUEST['email']); if(substr_count($_REQUEST['email'],"@") != 1 || stristr($_REQUEST['email']," ")){$errors[] = "Email address is invalid";}else{$exploded_email = explode("@",$_REQUEST['email']);if(empty($exploded_email[0]) || strlen($exploded_email[0]) > 64 || empty($exploded_email[1])){$errors[] = "Email address is invalid";}else{if(substr_count($exploded_email[1],".") == 0){$errors[] = "Email address is invalid";}else{$exploded_domain = explode(".",$exploded_email[1]);if(in_array("",$exploded_domain)){$errors[] = "Email address is invalid";}else{foreach($exploded_domain as $value){if(strlen($value) > 63 || !preg_match('/^[a-z0-9-]+$/i',$value)){$errors[] = "Email address is invalid"; break;}}}}}} } // Test for cookie. if($require_cookie) { if(!isset($_COOKIE['cminewsletter'])){$errors[] = "You must enable cookies to use the form";} } // Check referrer. if($check_referrer) { if(!(isset($_SERVER['HTTP_REFERER']) && !empty($_SERVER['HTTP_REFERER']) && stristr($_SERVER['HTTP_REFERER'],$_SERVER['HTTP_HOST']))){$errors[] = "You must enable referrer logging to use the form";} } // Check for required fields. If none, don't allow blank form to be sent. if($required_fields_check) { foreach($required_fields as $value){if((!isset($_REQUEST[$value]) || empty($_REQUEST[$value])) && (!isset($_FILES[$value]['name']) || empty($_FILES[$value]['name']))){$errors[] = "Please go back and complete the $value field";}} }else{ // Check for a blank form. function recursive_array_check_blank($element_value) { global $set; if(!is_array($element_value)){if(!empty($element_value)){$set = 1;}} else { foreach($element_value as $value){if($set){break;} recursive_array_check_blank($value);} } } recursive_array_check_blank($_REQUEST); if(!$set){$errors[] = "You cannot send a blank form";} unset($set); } // Check for banned IPs. if($banned_ips_check) { foreach($banned_ips as $value) { if($value == substr($_SERVER[REMOTE_ADDR], 0, strlen($value))){$errors[] = $banned_ip_message; break;} } } // Check for gibberish. if($gibberish_check) { $vowels = array('a','e','i','o','u'); $consonants = array('b','c','d','f','g','h','j','k','l','m','n','p','q','r','s','t','v','w','x','y','z'); function recursive_array_gibberish_check($element_value) { global $set; global $vowels; global $consonants; global $return_value; global $gibberish_threshold; $consecutive_consonant_count = 0; $consecutive_vowel_count = 0; if(!is_array($element_value)) { $exploded_value = explode(" ",$element_value); if((strlen($exploded_value[0]) >= $gibberish_threshold) && (!is_numeric($exploded_value[0]))) { // in_array() is case sensitive. Convert input to lower case. $exploded_value[0] = strtolower($exploded_value[0]); for($i = 0; $i < strlen($exploded_value[0]); $i++) { if(in_array($exploded_value[0][$i],$vowels)){$consecutive_consonant_count = 0; $consecutive_vowel_count++; if($consecutive_vowel_count == $gibberish_threshold){$set = 1; $return_value = $exploded_value[0]; break;}}elseif(in_array($exploded_value[0][$i],$consonants)){$consecutive_vowel_count = 0; $consecutive_consonant_count++; if($consecutive_consonant_count == $gibberish_threshold){$set = 1; $return_value = $exploded_value[0]; break;}}else{if($exploded_value[0][$i] == "@" || $exploded_value[0][$i] == "-"){$consecutive_consonant_count = 0; $consecutive_vowel_count = 0;}} } } } else { foreach($element_value as $value){if($set){break;} recursive_array_gibberish_check($value);} } } recursive_array_gibberish_check($_REQUEST); if($set){$errors[] = "You have submitted a gibberish word: \"{$return_value}\"";} unset($set); unset($return_value); } // Check all fields for gobbledegook. if($gobbledegook_check) { $gobbledegook_alphabet = array('¡','¢','¤','¦','§','¨','ª','«','¬','®','¯','°','±','²','³','µ','¶','·','¸','¹','º','»','¼','½','¾','¿','À','Á','Â','Ã','Ä','Å','Æ','Ç','È','É','Ê','Ë','Ì','Í','Î','Ï','Ð','Ñ','Ò','Ó','Ô','Õ','Ö','×','Ø','Ù','Ú','Û','Ü','Ý','Þ','ß','à','á','â','ã','ä','å','æ','ç','è','é','ê','ë','ì','í','î','ï','ð','ñ','ó','õ','ö','÷','ø','ú','û','ü','ý','þ'); function recursive_array_check_gobbledegook($element_value,$inkey = "") { global $set; global $gobbledegook_alphabet; global $return_value; global $return_key; if(!is_array($element_value)) { foreach($gobbledegook_alphabet as $value){if(stristr($element_value,$value)){$set = 1; $return_value = $value; $return_key = $inkey; break;}} }else{ foreach($element_value as $key => $value){if($set){break;} recursive_array_check_gobbledegook($value,$key);} } } recursive_array_check_gobbledegook($_REQUEST); if($set){if(is_numeric($return_key)){$errors[] = "You have entered an invalid character ($return_value)";}else{$errors[] = "You have entered an invalid character ($return_value) in the \"$return_key\" field";}} unset($set); unset($return_value); unset($return_key); } // Check for blocked words/web addresses. if($word_block) { function recursive_array_check_word_block($element_value,$inkey = "") { global $set; global $blocked_words; global $return_value; global $return_key; if(!is_array($element_value)) { foreach($blocked_words as $value){if(stristr($element_value,$value)){$set = 1; $return_value = $value; $return_key = $inkey; break;}} }else{ foreach($element_value as $key => $value){if($set){break;} recursive_array_check_word_block($value,$key);} } } recursive_array_check_word_block($_REQUEST); if($set){if(is_numeric($return_key)){$errors[] = "You have entered an invalid string ($return_value)";}else{$errors[] = "You have entered an invalid string ($return_value) in the \"$return_key\" field";}} unset($set); unset($return_value); unset($return_key); } // Check for blocked/allowed file types and check file size. if(count($_FILES)) { if($block_file_types) { foreach(array_keys($_FILES) as $value) { if(!empty($_FILES[$value]['name'])) { if(in_array(strtolower(strrchr($_FILES[$value]['name'],".")),$file_types_to_block)) { $disallowed_filetype = strrchr($_FILES[$value]['name'],"."); $errors[] = "{$disallowed_filetype} file types are not permitted. The file \"{$_FILES[$value]['name']}\" cannot be uploaded."; } } } } if($allow_file_types) { foreach(array_keys($_FILES) as $value) { if(!empty($_FILES[$value]['name'])) { if(!in_array(strtolower(strrchr($_FILES[$value]['name'],".")),$file_types_to_allow)) { $disallowed_filetype = strrchr($_FILES[$value]['name'],"."); $errors[] = "{$disallowed_filetype} file types are not permitted. The file \"{$_FILES[$value]['name']}\" cannot be uploaded."; } } } } if($max_file_size) { foreach(array_keys($_FILES) as $value) { if(!empty($_FILES[$value]['size'])){if($_FILES[$value]['size'] > $max_file_size){$errors[] = "File \"{$_FILES[$value]['name']}\" exceeds the maximum file size of {$max_file_size} bytes.";}} } } } // Display any errors and exit if errors exist. if(count($errors)) { $_SESSION = array(); unset($_SESSION['security_code']); $session_name = session_name(); if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time()-42000, '/'); } session_destroy(); include('cmi-error-top.php'); echo " "; foreach($errors as $value) {print "$value
";} echo "

"; include('cmi-error-bottom.php'); exit;} /*{ $_SESSION = array(); unset($_SESSION['security_code']); $session_name = session_name(); if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time()-42000, '/'); } session_destroy(); header("location: $errorpage"); exit; } */ if(!defined("PHP_EOL")){define("PHP_EOL", strtoupper(substr(PHP_OS,0,3) == "WIN") ? "\r\n" : "\n");} if($line_spacing){$line_space = PHP_EOL.PHP_EOL;}else{$line_space = PHP_EOL;} // HTML format the output. if($html_format) { // Allow posted HTML code to be displayed (and not executed). Convenient time to do nl2br. function recursive_array_check_HTML(&$element_value) { if(!is_array($element_value)){$element_value = nl2br(htmlspecialchars($element_value));} else { foreach($element_value as $key => $value){$element_value[$key] = recursive_array_check_HTML($value);} } return $element_value; } recursive_array_check_HTML($_REQUEST); $html_open = "$subject"; $html_close = "
"; $content_type = "html";}else{$html_open = ""; $colon_sep = ": "; $html_close = ""; $content_type = "plain";} function build_message($request_input) { global $colon_sep; global $html_format; global $table_left_column_color; global $table_left_column_font; global $table_left_column_font_size; global $table_left_column_font_color; global $table_right_column_color; global $table_right_column_font; global $table_right_column_font_size; global $table_right_column_font_color; global $line_space; global $show_blank_fields; if(!isset($message_output)){$message_output = "";}if(!is_array($request_input)){$message_output = $request_input;}else{foreach($request_input as $key => $value){if(!empty($value) || $show_blank_fields){if($html_format){if(!is_numeric($key)){$message_output .= "".str_replace("_"," ",ucfirst($key))."".build_message($value)."".PHP_EOL;}else{$message_output .= "
".build_message($value)."
";}}else{if(!is_numeric($key)){$message_output .= str_replace("_"," ",ucfirst($key)).$colon_sep.build_message($value).$line_space;}else{$message_output .= build_message($value).", ";}}}}}return rtrim($message_output,", "); } if($sort_fields) { $ordered_request = array(); foreach($field_order_keys as $value){$ordered_request[$value] = $_REQUEST[$value];} $_REQUEST = $ordered_request; } // Show uploaded files. if(count($_FILES) && $upload_files_to_server) { if(substr_count($path_to_uploaded_file,$_SERVER['DOCUMENT_ROOT'])) { $web_location = str_replace($_SERVER['DOCUMENT_ROOT'],"",$path_to_uploaded_file); if($html_format) { foreach(array_keys($_FILES) as $value){if(!empty($_FILES[$value]['tmp_name'])){$_REQUEST[$value] = "{$uploaded_file_prefix}{$_FILES[$value]['name']}";}} } else { foreach(array_keys($_FILES) as $value){if(!empty($_FILES[$value]['tmp_name'])){$_REQUEST[$value] = "http://".$_SERVER['HTTP_HOST'].$web_location.$uploaded_file_prefix.$_FILES[$value]['name'];}} } } else { foreach(array_keys($_FILES) as $value){if(!empty($_FILES[$value]['tmp_name'])){$_REQUEST[$value] = $uploaded_file_prefix.$_FILES[$value]['name'];}} } } // Show sender's IP address. if($show_ip){$_REQUEST["Sender's IP address"] = $_SERVER[REMOTE_ADDR];} $message = $html_open; $message .= build_message($_REQUEST); $message .= $html_close; // Strip slashes. $message = stripslashes($message); $from_name = ""; if(isset($_REQUEST['name']) && !empty($_REQUEST['name'])){$from_name = stripslashes($_REQUEST['name']); if($encode_name_subject){$from_name = "=?{$character_set}?B?".base64_encode($_REQUEST['name'])."?=";}} $headers = "From: {$from_name} <{$_REQUEST['email']}>"; $headers .= PHP_EOL; $headers .= "MIME-Version: 1.0"; if($csv_attachment || $csv_file_on_server) { function build_file_data($data_input) { if(!isset($file_data)){$file_data = "";}if(!is_array($data_input)){if(stristr($data_input,'"')){$data_input = str_replace('"','""',$data_input);} if(stristr($data_input,'"') || stristr($data_input,",") || stristr($data_input,"\n") || stristr($data_input,"\r\n")){$file_data = "\"$data_input\"";}else{$file_data = $data_input;}}else{foreach($data_input as $key => $value){if(!is_numeric($key)){$file_data .= build_file_data($value).",";}else{$file_data .= build_file_data($value)." :: ";}}}return rtrim(rtrim($file_data,",")," :: "); } } if(count($_FILES) || $csv_attachment) { if(count($_FILES)) { if($upload_files_to_server) { foreach(array_keys($_FILES) as $value){if(!empty($_FILES[$value]['tmp_name'])){move_uploaded_file($_FILES[$value]['tmp_name'], $path_to_uploaded_file.$uploaded_file_prefix.$_FILES[$value]['name']);}} } else { foreach(array_keys($_FILES) as $value) { if(is_uploaded_file($_FILES[$value]['tmp_name'])) { $file = fopen($_FILES[$value]['tmp_name'],'rb'); $data = fread($file,filesize($_FILES[$value]['tmp_name'])); fclose($file); $data = chunk_split(base64_encode($data)); $attachment_array[] = "--boundary_sdfsfsdfs345345sfsgs".PHP_EOL."Content-Type: ".$_FILES[$value]['type'].";".PHP_EOL." name=\"".$_FILES[$value]['name']."\"".PHP_EOL."Content-Disposition: attachment;".PHP_EOL." filename=\"".$_FILES[$value]['name']."\"".PHP_EOL."Content-Transfer-Encoding: base64".PHP_EOL.PHP_EOL.$data.PHP_EOL.PHP_EOL; } } } } if(count($attachment_array) || $csv_attachment) { $headers .= PHP_EOL; $headers .= "Content-Type: multipart/mixed;".PHP_EOL; $headers .= " boundary=\"boundary_sdfsfsdfs345345sfsgs\""; $body = ""; $body .= "--boundary_sdfsfsdfs345345sfsgs".PHP_EOL; $body .= "Content-Type: text/".$content_type."; charset=\"{$character_set}\"".PHP_EOL.PHP_EOL; $body .= $message.PHP_EOL.PHP_EOL; if(count($attachment_array)){foreach($attachment_array as $value){$body .= $value;}} if($csv_attachment) { // Comma separate the keys (doesn't need to be recursive). $data = ""; foreach(array_keys($_REQUEST) as $value){$data .= "$value,";} // Remove trailing comma. $data = rtrim($data,","); $data .= PHP_EOL; $data .= stripslashes(build_file_data($_REQUEST)); $body .= "--boundary_sdfsfsdfs345345sfsgs".PHP_EOL."Content-Type: text/plain; charset=\"{$character_set}\"".PHP_EOL." name=\"$csv_filename\"".PHP_EOL."Content-Disposition: attachment;".PHP_EOL." filename=\"$csv_filename\"".PHP_EOL.PHP_EOL.$data.PHP_EOL.PHP_EOL; } $body .= "--boundary_sdfsfsdfs345345sfsgs--"; $message = $body; } } if(!count($attachment_array) && !$csv_attachment) { $headers .= PHP_EOL; $headers .= "Content-Type: text/{$content_type}; charset=\"{$character_set}\""; } if($bcc) { $headers .= PHP_EOL; $headers .= "Bcc: " . $bcc; } $subject = stripslashes($subject); if($encode_name_subject){$subject = "=?{$character_set}?B?".base64_encode($subject)."?=";} // Send email. mail($my_email,$subject,$message,$headers); // Send autoresponse. if($autoresponder && isset($_REQUEST['email']) && !empty($_REQUEST['email'])) { // Remove visitor's IP address if present. if(isset($_REQUEST["Sender's IP address"])){unset($_REQUEST["Sender's IP address"]);} if($autoresponder_from){$my_email = $autoresponder_from;} $headers = "From: " . $my_email; $headers .= PHP_EOL; $headers .= "MIME-Version: 1.0".PHP_EOL; $headers .= "Content-Type: text/{$content_type}; charset=\"{$character_set}\""; if($html_format) { $html_open = "$autoresponder_subject

$autoresponder_header_message

"; $html_close = "

$autoresponder_footer_message

"; $message = $html_open; $message .= build_message($_REQUEST); $message .= $html_close; }else{$message = $autoresponder_header_message . PHP_EOL.PHP_EOL . build_message($_REQUEST) . $autoresponder_footer_message;} $message = stripslashes($message); if($autoresponder_attachment) { $file = fopen($autoresponder_attachment_path.$autoresponder_attachment_file,'rb'); $data = fread($file,filesize($autoresponder_attachment_path.$autoresponder_attachment_file)); fclose($file); $data = chunk_split(base64_encode($data)); $headers = "From: " . $my_email; $headers .= PHP_EOL; $headers .= "MIME-Version: 1.0".PHP_EOL; $headers .= "Content-Type: multipart/mixed;".PHP_EOL; $headers .= " boundary=\"boundary_sdfsfsdfs345345sfsgs\""; $body = ""; $body .= "--boundary_sdfsfsdfs345345sfsgs".PHP_EOL; $body .= "Content-Type: text/".$content_type."; charset=\"{$character_set}\"".PHP_EOL.PHP_EOL; $body .= $message.PHP_EOL.PHP_EOL; $body .= "--boundary_sdfsfsdfs345345sfsgs".PHP_EOL."Content-Type: ".$autoresponder_attachment_content_type.";".PHP_EOL." name=\"".$autoresponder_attachment_file."\"".PHP_EOL."Content-Disposition: attachment;".PHP_EOL." filename=\"".$autoresponder_attachment_file."\"".PHP_EOL."Content-Transfer-Encoding: base64".PHP_EOL.PHP_EOL.$data.PHP_EOL.PHP_EOL; $body .= "--boundary_sdfsfsdfs345345sfsgs--"; $message = $body; } // Use the fifth parameter for those services that need it, like AOL for example. Only allow one email address in the fifth parameter. Check for commas and explode on them if they exist. if(substr_count($my_email,",") > 0){$my_email = explode(",",$my_email); $my_email = $my_email[0];} $autoresponder_subject = stripslashes($autoresponder_subject); mail($_REQUEST['email'],$autoresponder_subject,$message,$headers,"-f{$my_email}"); } // Redirect or display "thank you" message. unset($_SESSION['security_code']); if($auto_redirect){ header("location: $redirect_url"); exit; } } else { // Insert your code for showing an error message here include('cmi-error-top.php'); echo " There was an error with the security code. Please try again. "; echo "

"; include('cmi-error-bottom.php'); } } else { setcookie("cminewsletter=1"); ?> Upholstery Fabrics | Vinyl Supplier | CMI Enterprises Newsletter

Your Next Generation Vinyl Supplier

NAME

ADDRESS

CITY

STATE

ZIP

PHONE

EMAIL

SIGN ME UP FOR CMI'S® NEWSLETTER

ELECTRONIC PAPER

ENTER THE CODE IN
THE BOX captcha