# you have to do the same with checkboxes /***************************************************************** Web4Future Easiest Form2Mail (GPL). Copyright (C) 1998-2006 Web4Future.com All Rights Reserved. http://www.Web4Future.com/ This script was written by George L. & Calin S. from Web4Future.com This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. *****************************************************************/ # DO NOT EDIT BELOW THIS LINE UNLESS YOU KNOW WHAT YOU ARE DOING =================================================== $w4fver = "2.2"; $ip = ($_SERVER['HTTP_X_FORWARDED_FOR'] == "" ? $_SERVER['REMOTE_ADDR'] : $_SERVER['HTTP_X_FORWARDED_FOR']); //function blockIP function blockip($ip) { $handle = @fopen("blockip.txt", 'a'); @fwrite($handle, $ip."\n"); @fclose($handle); } $w4fx = stristr(file_get_contents('blockip.txt'),getenv('REMOTE_ADDR')); if ($serverCheck) { if (preg_match ("/".str_replace("www.", "", $_SERVER["SERVER_NAME"])."/i", $_SERVER["HTTP_REFERER"])) { $w4fy = TRUE; } else { $w4fy = FALSE; } } else { $w4fy = TRUE; } if (($w4fy === TRUE) && ($w4fx === FALSE)) { $w4fMessage = "\n"; if (count($_GET) >0) { reset($_GET); while(list($key, $val) = each($_GET)) { $GLOBALS[$key] = $val; if (is_array($val)) { $w4fMessage .= "$key: "; foreach ($val as $vala) { $vala =stripslashes($vala); $vala = htmlspecialchars($vala); if (trim($vala)) { if (stristr($vala,"Content-Type:") || stristr($vala,"MIME-Version") || stristr($vala,"Content-Transfer-Encoding") || stristr($vala,"bcc:")) { blockip($ip); die("ILLEGAL EXECUTION DETECTED!"); } } $w4fMessage .= "$vala, "; } $w4fMessage .= "
\n"; } else { $val = stripslashes($val); if (trim($val)) { if (stristr($val,"Content-Type:") || stristr($val,"MIME-Version") || stristr($val,"Content-Transfer-Encoding") || stristr($val,"bcc:")) { blockip($ip); die("ILLEGAL EXECUTION DETECTED!"); } } if (($key == "Submit") || ($key == "submit")) { } else { if ($val == "") { $w4fMessage .= "$key: -
\n"; } else { $w4fMessage .= "$key: $val
\n"; } } } } // end while }//end if else { reset($_POST); while(list($key, $val) = each($_POST)) { $GLOBALS[$key] = $val; if (is_array($val)) { $w4fMessage .= "$key: "; foreach ($val as $vala) { $vala =stripslashes($vala); $vala = htmlspecialchars($vala); if (trim($vala)) { if (stristr($vala,"Content-Type:") || stristr($vala,"MIME-Version") || stristr($vala,"Content-Transfer-Encoding") || stristr($vala,"bcc:")) {blockip($ip); die("ILLEGAL EXECUTION DETECTED!"); } } $w4fMessage .= "$vala, "; } $w4fMessage .= "
\n"; } else { $val = stripslashes($val); if (trim($val)) { if (stristr($val,"Content-Type:") || stristr($val,"MIME-Version") || stristr($val,"Content-Transfer-Encoding") || stristr($val,"bcc:")) {blockip($ip); die("ILLEGAL EXECUTION DETECTED!"); } } if (($key == "Submit") || ($key == "submit")) { } else { if ($val == "") { $w4fMessage .= "$key: -
\n"; } else { $w4fMessage .= "$key: $val
\n"; } } } } // end while }//end else $w4fMessage .= "

\n Sender IP: ".$ip.""; $w4f_what = array("/To:/i", "/Cc:/i", "/Bcc:/i","/Content-Type:/i","/\n/"); $name = preg_replace($w4f_what, "", $name); $email = preg_replace($w4f_what, "", $email); if (!$email) {$email = $MailToAddress;} $mailHeader = "From: $name <$email>\r\n"; $mailHeader .= "Reply-To: $name <$email>\r\n"; $mailHeader .= "Message-ID: <". md5(rand()."".time()) ."@". ereg_replace("www.","",$_SERVER["SERVER_NAME"]) .">\r\n"; $mailHeader .= "MIME-Version: 1.0\r\n"; if ($sendHTML) { $mailHeader .= "Content-Type: multipart/alternative;"; $mailHeader .= " boundary=\"----=_NextPart_000_000E_01C5256B.0AEFE730\"\r\n"; } $mailHeader .= "X-Priority: 3\r\n"; $mailHeader .= "X-Mailer: PHP/" . phpversion()."\r\n"; $mailHeader .= "X-MimeOLE: Produced By Web4Future Easiest Form2Mail $w4fver\r\n"; if ($sendHTML) { $mailMessage = "This is a multi-part message in MIME format.\r\n\r\n"; $mailMessage .= "------=_NextPart_000_000E_01C5256B.0AEFE730\r\n"; $mailMessage .= "Content-Type: text/plain; charset=\"ISO-8859-1\"\r\nContent-Transfer-Encoding: quoted-printable\r\n\r\n"; $mailMessage .= trim(strip_tags($w4fMessage))."\r\n\r\n"; $mailMessage .= "------=_NextPart_000_000E_01C5256B.0AEFE730\r\n"; $mailMessage .= "Content-Type: text/html; charset=\"ISO-8859-1\"\r\nContent-Transfer-Encoding: quoted-printable\r\n\r\n"; $mailMessage .= "$w4fMessage\r\n\r\n"; $mailMessage .= "------=_NextPart_000_000E_01C5256B.0AEFE730--\r\n"; } if ($sendHTML === FALSE) { $mailHeader .= "Content-Type: text/plain; charset=\"ISO-8859-1\"\r\nContent-Transfer-Encoding: quoted-printable\r\n\r\n"; $mailMessage .= trim(strip_tags($w4fMessage))."\r\n\r\n"; } if (!mail($MailToAddress, $MailSubject, $mailMessage,$mailHeader)) { echo "Error sending e-mail!";} else { header("Location: ".$redirectURL); } } else { echo "ILLEGAL EXECUTION DETECTED!";} ?>