index.php 7.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193
  1. <?php
  2. require_once './vendor/autoload.php';
  3. $helperLoader = new SplClassLoader('Helpers', './vendor');
  4. $mailLoader = new SplClassLoader('SimpleMail', './vendor');
  5. $helperLoader->register();
  6. $mailLoader->register();
  7. use Helpers\Config;
  8. use SimpleMail\SimpleMail;
  9. $config = new Config;
  10. $config->load('./config/config.php');
  11. //check secu code
  12. $number_1 = rand(1, 9);
  13. $number_2 = rand(1, 9);
  14. $answer = substr(md5($number_1+$number_2),5,10);
  15. //--
  16. if ($_SERVER['REQUEST_METHOD'] === 'POST') {
  17. $name = stripslashes(trim($_POST['form-name']));
  18. $email = stripslashes(trim($_POST['form-email']));
  19. //--
  20. $user_answer = htmlspecialchars(trim($_POST['user_answer']));
  21. $answer = htmlspecialchars(trim($_POST['answer']));
  22. //--
  23. $subject = stripslashes(trim($_POST['form-subject']));
  24. $message = stripslashes(trim($_POST['form-message']));
  25. $pattern = '/[\r\n]|Content-Type:|Bcc:|Cc:/i';
  26. if (preg_match($pattern, $name) || preg_match($pattern, $email) || preg_match($pattern, $subject)) {
  27. die("Header injection detected");
  28. }
  29. $emailIsValid = filter_var($email, FILTER_VALIDATE_EMAIL);
  30. if ($name && $email && $emailIsValid && $subject && $message && substr(md5($user_answer),5,10) === $answer) {
  31. $mail = new SimpleMail();
  32. // $headers = "From: contact@echosystem.fr";
  33. $mailpage = file_get_contents("mail.txt.html");
  34. // $mail->setHtml($);
  35. // $mailpage2 = "<html>". $mailpage. "</html>";
  36. // $subject = "confirmation: message enregistrer";
  37. // mail($email,$subject,$mailpage2,$headers);
  38. $mail->setTo($email);
  39. $mail->setFrom("contact@echosystem.fr");
  40. $mail->setSender($name);
  41. $mail->setSubject("confirmation: message enregistrer");
  42. $mail->setHtml($mailpage);
  43. $mail->send();
  44. $mail = new SimpleMail();
  45. $mail->setTo($config->get('emails.to'));
  46. $mail->setFrom($config->get('emails.from'));
  47. $mail->setSender($name);
  48. $mail->setSubject($config->get('subject.prefix') . ' ' . $subject);
  49. $body = "
  50. <!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">
  51. <html>
  52. <head>
  53. <meta charset=\"utf-8\">
  54. </head>
  55. <body>
  56. <h1>{$subject}</h1>
  57. <h1> Contact Form</h1>
  58. <p> Echosystem.fr.</p>
  59. <p><strong>{$config->get('fields.name')}:</strong> {$name}</p>
  60. <p><strong>{$config->get('fields.email')}:</strong> {$email}</p>
  61. <p><strong>{$config->get('fields.message')}:</strong> {$message}</p>
  62. </body>
  63. </html>";
  64. $mail->setHtml($body);
  65. $mail->send();
  66. $emailSent = true;
  67. } else {
  68. $hasError = true;
  69. }
  70. }
  71. ?><!DOCTYPE html>
  72. <html>
  73. <head>
  74. <title>Echosystem.fr Contact Form</title>
  75. <meta name="viewport" content="width=device-width, initial-scale=1.0">
  76. <meta charset="utf-8">
  77. <link href="//netdna.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" rel="stylesheet" media="screen">
  78. <link rel="shortcut icon" type="image/x-icon" href="https://echosystem.fr/favicon.png" />
  79. </head>
  80. <body>
  81. <div class="jumbotron">
  82. <table>
  83. <tr>
  84. <thead>
  85. <th><a target="_blank" style="text-decoration: none;" href="/"><img border="0" vspace="0" hspace="0" src="https://echosystem.fr/i/echosystem.png" alt="Please enable images to view this content" title="echosystem Image" width="540" style="max-width: 540px; color: #FFFFFF; font-size: 13px; margin: 50px; padding: 0; outline: none; text-decoration: none; -ms-interpolation-mode:bicubic; border: none; display: block;"/></a></th>
  86. <th><h1> Contact Form</h1><br><img border="0" vspace="0" hspace="0" src="images/contact.png" /><h2> Echosystem.fr</h2></th>
  87. <thead>
  88. </tr>
  89. <tr>
  90. <td> </td>
  91. <td> </td>
  92. </tr>
  93. </table>
  94. </div>
  95. <?php if(!empty($emailSent)): ?>
  96. <div class="col-md-6 col-md-offset-3">
  97. <div class="alert alert-success text-center"><?php echo $config->get('messages.success'); ?></div>
  98. </div>
  99. <?php else: ?>
  100. <?php if(!empty($hasError)): ?>
  101. <div class="col-md-5 col-md-offset-4">
  102. <div class="alert alert-danger text-center"><?php echo $config->get('messages.error'); ?></div>
  103. </div>
  104. <?php endif; ?>
  105. <div class="col-md-6 col-md-offset-3">
  106. <form action="<?php echo $_SERVER['REQUEST_URI']; ?>" enctype="application/x-www-form-urlencoded" id="contact-form" class="form-horizontal" method="post">
  107. <div class="form-group">
  108. <label for="form-name" class="col-lg-2 control-label"><?php echo $config->get('fields.name'); ?></label>
  109. <div class="col-lg-10">
  110. <input type="text" class="form-control" id="form-name" name="form-name" placeholder="<?php echo $config->get('fields.name'); ?>" required>
  111. </div>
  112. </div>
  113. <div class="form-group">
  114. <label for="form-email" class="col-lg-2 control-label"><?php echo $config->get('fields.email'); ?></label>
  115. <div class="col-lg-10">
  116. <input type="email" class="form-control" id="form-email" name="form-email" placeholder="<?php echo $config->get('fields.email'); ?>" required>
  117. </div>
  118. </div>
  119. <div class="form-group">
  120. <label for="answer" class="col-lg-2 control-label"><?php echo $number_1; ?> + <?php echo $number_2; ?> = </label>
  121. <div class="col-lg-10">
  122. <input type="tel" class="form-control" id="form-phone" name="user_answer" required placeholder="? (To help prevent spam, please enter the answer to this question)" />
  123. <input type="hidden" name="answer" value="<?php echo $answer; ?>">
  124. </div>
  125. </div>
  126. <div class="form-group">
  127. <label for="form-subject" class="col-lg-2 control-label"><?php echo $config->get('fields.subject'); ?></label>
  128. <div class="col-lg-10">
  129. <input type="text" class="form-control" id="form-subject" name="form-subject" placeholder="<?php echo $config->get('fields.subject'); ?>" required>
  130. </div>
  131. </div>
  132. <div class="form-group">
  133. <label for="form-message" class="col-lg-2 control-label"><?php echo $config->get('fields.message'); ?></label>
  134. <div class="col-lg-10">
  135. <textarea class="form-control" rows="3" id="form-message" name="form-message" placeholder="<?php echo $config->get('fields.message'); ?>" required></textarea>
  136. </div>
  137. </div>
  138. <div class="form-group">
  139. <div class="col-lg-offset-2 col-lg-10">
  140. <button type="submit" class="btn btn-default"><?php echo $config->get('fields.btn-send'); ?></button>
  141. </div>
  142. </div>
  143. </form>
  144. <footer>
  145. <br>
  146. <font size="3px"> Your IP :
  147. <b>
  148. <?php
  149. echo $_SERVER['REMOTE_ADDR']; // Show IP
  150. ?></b> is registered.</font>
  151. <br>
  152. <p><font size="1px"> Last Modif:<?php setlocale(LC_ALL,'french'); echo " ".date("m/d/y H:i", getlastmod()); ?></font></p>
  153. </footer>
  154. </div>
  155. <?php endif; ?>
  156. <!--[if lt IE 9]>
  157. <script src="//ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
  158. <![endif]-->
  159. <!--[if gte IE 9]><!-->
  160. <script src="//ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
  161. <!--<![endif]-->
  162. <script type="text/javascript" src="public/js/contact-form.js"></script>
  163. </body>
  164. </html>