'
(required)
', 'email' => '
(required)
', 'subject' => '
(required)
', 'msg' => '
', 'carbon_copy' => '
', 'error' => ''); /* This shows the quicktag on the write pages Based off Buttonsnap Template http://redalt.com/downloads */ if(get_option('wpcf_show_quicktag') == true) { include('buttonsnap.php'); add_action('init', 'wpcf_button_init'); add_action('marker_css', 'wpcf_marker_css'); function wpcf_button_init() { $wpcf_button_url = buttonsnap_dirname(__FILE__) . '/wpcf_button.png'; buttonsnap_textbutton($wpcf_button_url, 'Insert Contact Form', '[CONTACT-FORM]'); buttonsnap_register_marker('CONTACT-FORM', 'wpcf_marker'); } function wpcf_marker_css() { $wpcf_marker_url = buttonsnap_dirname(__FILE__) . '/wpcf_marker.gif'; echo " .wpcf_marker { display: block; height: 15px; width: 155px margin-top: 5px; background-image: url({$wpcf_marker_url}); background-repeat: no-repeat; background-position: center; } "; } } function wpcf_is_malicious($input) { $is_malicious = false; $bad_inputs = array("<", ">", "<", ">", "mime-version", "content-type", "cc:", "bcc:", "to:", "", "http://", "[/URL]", "[URL="); foreach($bad_inputs as $bad_input) { if(strpos(strtolower($input), strtolower($bad_input)) !== false) { $is_malicious = true; break; } } return $is_malicious; } /* This function checks for errors on input and changes $wpcf_strings if there are any errors. Shortcircuits if there has not been a submission */ function wpcf_check_input() { if(!(isset($_POST['wpcf_stage']))) {return false;} // Shortcircuit. $_POST['wpcf_your_name'] = stripslashes(trim($_POST['wpcf_your_name'])); $_POST['wpcf_email'] = stripslashes(trim($_POST['wpcf_email'])); $_POST['wpcf_carbon_copy'] = stripslashes(trim($_POST['wpcf_email'])); $_POST['wpcf_subject'] = stripslashes(trim($_POST['wpcf_subject'])); $_POST['wpcf_msg'] = stripslashes(trim($_POST['wpcf_msg'])); global $wpcf_strings; $ok = true; if(empty($_POST['wpcf_your_name'])) { $ok = false; $reason = 'empty'; $wpcf_strings['name'] = '
(required)
'; } if(!is_email($_POST['wpcf_email'])) { $ok = false; $reason = 'empty'; $wpcf_strings['email'] = '
(required)
'; } if(empty($_POST['wpcf_subject'])) { $ok = false; $reason = 'empty'; $wpcf_strings['subject'] = '
(required)
'; } if(empty($_POST['wpcf_msg'])) { $ok = false; $reason = 'empty'; $wpcf_strings['msg'] = '
'; } // check for spam crap if(wpcf_is_malicious($_POST['wpcf_your_name'])) { $ok = false; $reason = 'malicious'; } if(wpcf_is_malicious($_POST['wpcf_email'])) { $ok = false; $reason = 'malicious'; } if(wpcf_is_malicious($_POST['wpcf_subject'])) { $ok = false; $reason = 'malicious'; } if (get_option('wpcf_allow_URIs') != TRUE) { if(wpcf_is_malicious($_POST['wpcf_msg'])) { $ok = false; $reason = 'malicious'; } } if(stristr($_POST['wpcf_your_name'], "\r")) { $ok = false; $reason = 'malicious'; } if(stristr($_POST['wpcf_your_name'], "\n")) { $ok = false; $reason = 'malicious'; } if(stristr($_POST['wpcf_email'], "\r")) { $ok = false; $reason = 'malicious'; } if(stristr($_POST['wpcf_email'], "\n")) { $ok = false; $reason = 'malicious'; } if(stristr($_POST['wpcf_subject'], "\r")) { $ok = false; $reason = 'malicious'; } if(stristr($_POST['wpcf_subject'], "\n")) { $ok = false; $reason = 'malicious'; } if($ok == true) { return true; } else { if($reason == 'malicious') { $wpcf_strings['error'] = stripslashes(get_option('wpcf_mal_msg')); } elseif($reason == 'empty') { $wpcf_strings['error'] = stripslashes(get_option('wpcf_error_msg')); } return false; } } /*Wrapper function which calls the form.*/ function wpcf_callback( $content ) { global $wpcf_strings; /* Run the input check. */ if(! preg_match('|\[CONTACT-FORM\]|', $content)) { return $content; } if(wpcf_check_input()) // If the input check returns true (ie. there has been a submission & input is ok) { $recipient = get_option('wpcf_email'); $subj_suffix = stripslashes(get_option('wpcf_subject_suffix')); $subject = stripslashes('wpcf_subject'); $success_msg = get_option('wpcf_success_msg'); $success_msg = stripslashes($success_msg); $name = $_POST['wpcf_your_name']; $email = $_POST['wpcf_email']; $carbon_copy = $_POST['wpcf_carbon_copy']; $subject = $_POST['wpcf_subject']; $msg = $_POST['wpcf_msg']; $browser = $_SERVER['HTTP_USER_AGENT']; if ($_POST['carbon_copy'] == 'true') { $headers = "MIME-Version: 1.0\n"; $headers .= "From: =?" . get_settings('blog_charset') . "?B?" . base64_encode($name) . "?= <$email>\n"; $headers .= "Content-Type: text/plain; charset=\"" . get_settings('blog_charset') . "\"\n"; $headers .= "Bcc: $recipient\n"; $fullmsg .= wordwrap($msg, 76, "\n") . "\n\n"; $fullmsg .= "\n----------------------------------------------------------------------------\n"; $fullmsg .= "Sender info:\n\n"; $fullmsg .= "IP: " . getip(). " \n"; $fullmsg .= "Browser/OS: " . wordwrap($browser, 76, "\n\t ") . "\n"; $fullmsg .= "----------------------------------------------------------------------------\n"; mail($email, "=?" . get_settings('blog_charset') . "?B?" . base64_encode($subject ." ". $subj_suffix) . "?=", $fullmsg, $headers); } else { $headers = "MIME-Version: 1.0\n"; $headers .= "From: =?" . get_settings('blog_charset') . "?B?" . base64_encode($name) . "?= <$email>\n"; $headers .= "Content-Type: text/plain; charset=\"" . get_settings('blog_charset') . "\"\n"; $fullmsg .= wordwrap($msg, 76, "\n") . "\n\n"; $fullmsg .= "\n----------------------------------------------------------------------------\n"; $fullmsg .= "Sender info:\n\n"; $fullmsg .= "IP: " . getip(). " \n"; $fullmsg .= "Browser/OS: " . wordwrap($browser, 76, "\n\t ") . "\n"; $fullmsg .= "----------------------------------------------------------------------------\n"; mail($recipient, "=?" . get_settings('blog_charset') . "?B?" . base64_encode($subject ." ". $subj_suffix) . "?=", $fullmsg, $headers); } $results = $success_msg; echo $results; } else // Else show the form. If there are errors the strings will have updated during running the inputcheck. { if(get_option('wpcf_CC_permitted') == TRUE) { if(get_option('wpcf_anchor') == TRUE) { $form = '
' . $wpcf_strings['error']. '
' . $wpcf_strings['name'] . '
' . $wpcf_strings['email'] . '
' . $wpcf_strings['subject'] . '
'. $wpcf_strings['carbon_copy'] . '
' . $wpcf_strings['msg'] . '
 
'; return str_replace('[CONTACT-FORM]', $form, $content); } else { $form = '
' . $wpcf_strings['error']. '
' . $wpcf_strings['name'] . '
' . $wpcf_strings['email'] . '
' . $wpcf_strings['subject'] . '
'. $wpcf_strings['carbon_copy'] . '
' . $wpcf_strings['msg'] . '
 
'; return str_replace('[CONTACT-FORM]', $form, $content); } } else { if(get_option('wpcf_anchor') == TRUE) { $form = '
' . $wpcf_strings['error']. '
' . $wpcf_strings['name'] . '
' . $wpcf_strings['email'] . '
' . $wpcf_strings['subject'] . '
' . $wpcf_strings['msg'] . '
 
'; return str_replace('[CONTACT-FORM]', $form, $content); } else { $form = '
' . $wpcf_strings['error']. '
' . $wpcf_strings['name'] . '
' . $wpcf_strings['email'] . '
' . $wpcf_strings['subject'] . '
' . $wpcf_strings['msg'] . '
 
'; return str_replace('[CONTACT-FORM]', $form, $content); } } } } /*Can't use WP's function here, so lets use our own*/ function getip() { if (isset($_SERVER)) { $ip_addr = $_SERVER["REMOTE_ADDR"]; } else { $ip_addr = getenv('REMOTE_ADDR'); } return $ip_addr; } /*CSS Styling*/ function wpcf_css() { ?>