Replace PHP mail() functions with PHPMailer script

This commit is contained in:
Helen Chong 2024-06-26 18:32:28 +08:00
parent 3b47088207
commit 8905de70ba
5 changed files with 193 additions and 143 deletions

130
admin.php
View File

@ -1,5 +1,21 @@
<?php <?php
require_once('prefs.php'); require_once('prefs.php');
require_once __DIR__.'/contactform/vendor/autoload.php';
require_once __DIR__.'/contactform/config.php';
$mail = new \PHPMailer\PHPMailer\PHPMailer(true);
$mail->setLanguage(CONTACTFORM_LANGUAGE);
$mail->SMTPDebug = CONTACTFORM_PHPMAILER_DEBUG_LEVEL;
$mail->isSMTP();
$mail->Host = CONTACTFORM_SMTP_HOSTNAME;
$mail->SMTPAuth = true;
$mail->Username = CONTACTFORM_SMTP_USERNAME;
$mail->Password = CONTACTFORM_SMTP_PASSWORD;
$mail->SMTPSecure = CONTACTFORM_SMTP_ENCRYPTION;
$mail->Port = CONTACTFORM_SMTP_PORT;
$mail->CharSet = CONTACTFORM_MAIL_CHARSET;
$mail->Encoding = CONTACTFORM_MAIL_ENCODING;
if (isset($_COOKIE['bellabuffs'])) { if (isset($_COOKIE['bellabuffs'])) {
if ($_COOKIE['bellabuffs'] == md5($admin_name.$admin_pass.$secret)) { if ($_COOKIE['bellabuffs'] == md5($admin_name.$admin_pass.$secret)) {
if (isset($_GET['ap'])) { $page = $_GET['ap']; } else { $page = ""; } if (isset($_GET['ap'])) { $page = $_GET['ap']; } else { $page = ""; }
@ -17,9 +33,9 @@ if (isset($_COOKIE['bellabuffs'])) {
$pageurl = "admin.php?ap=manage_members"; $pageurl = "admin.php?ap=manage_members";
$fileurl = "members.txt"; $fileurl = "members.txt";
} }
echo "<p style='color: red;'><strong>Warning:</strong> Do not try to edit multiple members at once, do not try to approve and delete the same member.</p>"; echo "<p style='color: red;'><strong>Warning:</strong> Do not try to edit multiple members at once, do not try to approve and delete the same member.</p>";
$count = count($file); $count = count($file);
if ($count == 0) { echo '<p>No '.$wording.' members at this time.</p> <p><a href="admin.php">Back to admin panel?</a></p>'; exit(include('footer.php')); } if ($count == 0) { echo '<p>No '.$wording.' members at this time.</p> <p><a href="admin.php">Back to admin panel?</a></p>'; exit(include('footer.php')); }
@ -37,12 +53,12 @@ if (isset($_COOKIE['bellabuffs'])) {
echo "</a> "; echo "</a> ";
} }
echo "</p> \n\n "; echo "</p> \n\n ";
if (isset($_GET['page']) && is_numeric($_GET['page'])) $i = $perpage * ($_GET['page'] - 1); if (isset($_GET['page']) && is_numeric($_GET['page'])) $i = $perpage * ($_GET['page'] - 1);
else $i = 0; else $i = 0;
$end = $i + $perpage; $end = $i + $perpage;
if ($end > $count) $end=$count; if ($end > $count) $end=$count;
?> ?>
<form action="admin.php?ap=do_action" method="post"> <form action="admin.php?ap=do_action" method="post">
@ -52,7 +68,7 @@ if (isset($_COOKIE['bellabuffs'])) {
<table> <table>
<tr> <th>Name</th> <th>E-mail</th> <th>Website</th> <th>Country</th> <?php if (isset($favefield) && $favefield == "yes") { echo "<th>Fave</th>"; } ?> <?php if (isset($_GET['s']) && $_GET['s'] == "newbies") echo '<th>Add</th>'; ?> <th>Edit</th> <th>Delete</th> <tr> <th>Name</th> <th>E-mail</th> <th>Website</th> <th>Country</th> <?php if (isset($favefield) && $favefield == "yes") { echo "<th>Fave</th>"; } ?> <?php if (isset($_GET['s']) && $_GET['s'] == "newbies") echo '<th>Add</th>'; ?> <th>Edit</th> <th>Delete</th>
</tr> </tr>
<?php <?php
while ($i<$end){ while ($i<$end){
$rowClass = ($i % 2) ? $classA : $classB; $rowClass = ($i % 2) ? $classA : $classB;
list($name,$email,$dispemail,$url,$country,$fave) = preg_split("/,(?! )/",$file[$i]); list($name,$email,$dispemail,$url,$country,$fave) = preg_split("/,(?! )/",$file[$i]);
@ -64,10 +80,10 @@ if (isset($_COOKIE['bellabuffs'])) {
echo "<td>$name</td> <td>$email</td> <td>$url</td> <td>$country</td> "; echo "<td>$name</td> <td>$email</td> <td>$url</td> <td>$country</td> ";
if (isset($favefield) && $favefield == "yes") echo "<td>" . str_replace('|', ',', $fave) . "</td>"; if (isset($favefield) && $favefield == "yes") echo "<td>" . str_replace('|', ',', $fave) . "</td>";
if (isset($_GET['s']) && $_GET['s'] == "newbies") if (isset($_GET['s']) && $_GET['s'] == "newbies")
echo '<td><input type="checkbox" name="appr['.$i.']" value="'.$i.'" /></td>'; echo '<td><input type="checkbox" name="appr['.$i.']" value="'.$i.'" /></td>';
echo '<td><a href="admin.php?ap=edit_member&amp;file='.$fileurl.'&amp;mem='.$i.'"><img src="admin-icons/edit.png" title="edit" alt="edit" /></a></td>'; echo '<td><a href="admin.php?ap=edit_member&amp;file='.$fileurl.'&amp;mem='.$i.'"><img src="admin-icons/edit.png" title="edit" alt="edit" /></a></td>';
echo '<td><input type="checkbox" name="del['.$i.']" value="'.$i.'" /></td>'; echo '<td><input type="checkbox" name="del['.$i.']" value="'.$i.'" /></td>';
echo "</tr>\r\n"; echo "</tr>\r\n";
@ -87,7 +103,7 @@ if (isset($_COOKIE['bellabuffs'])) {
if (isset($_POST['appr']) && is_array($_POST['appr'])) { if (isset($_POST['appr']) && is_array($_POST['appr'])) {
$newbies = file(NEWBIES); $newbies = file(NEWBIES);
$approved = array(); $approved = array();
foreach ($_POST['appr'] as $member => $value) { foreach ($_POST['appr'] as $member => $value) {
if (is_numeric($member) && array_key_exists($member, $newbies)) { if (is_numeric($member) && array_key_exists($member, $newbies)) {
$approved[] = $newbies[$member]; $approved[] = $newbies[$member];
@ -106,19 +122,21 @@ if (isset($_COOKIE['bellabuffs'])) {
while ($i < $apprAmount) { while ($i < $apprAmount) {
list($name,$email,$dispemail,$url,$country,$fave) = preg_split("/,(?! )/",$approved[$i]); list($name,$email,$dispemail,$url,$country,$fave) = preg_split("/,(?! )/",$approved[$i]);
$subject = "You have been approved at $title"; // Recipients
$mail->setFrom($admin_email, $title);
$mail->addAddress(fixEmail($email), $name);
$mail->addReplyTo($admin_email);
$message = $approvalMsg; $mail->Subject = "You have been approved at $title";
$message .= "Name: {$name} \r\n";
$message .= "Email: " . fixEmail($email) . " \r\n";
$message .= "URL: {$url} \r\n";
$message .= "Country: {$country} \r\n";
if (isset($favefield) && $favefield == "yes") $message .= strip_tags($favetext) . ": {$fave} \r\n";
if (strstr($_SERVER['SERVER_SOFTWARE'], "Win")) $headers = "From: $admin_email \n"; $mail->Body = $approvalMsg;
else $headers = "From: $title <$admin_email> \n"; $mail->Body .= "Name: {$name} \r\n";
$mail->Body .= "Email: " . fixEmail($email) . " \r\n";
$mail->Body .= "URL: {$url} \r\n";
$mail->Body .= "Country: {$country} \r\n";
if (isset($favefield) && $favefield == "yes") $mail->Body .= strip_tags($favetext) . ": {$fave} \r\n";
mail(fixEmail($email),$subject,$message,$headers); $mail->send();
$i++; $i++;
} }
@ -128,17 +146,17 @@ if (isset($_COOKIE['bellabuffs'])) {
if ($defaultSort == "newest") { if ($defaultSort == "newest") {
$newmembers = implode("", $approved) . "\r\n"; $newmembers = implode("", $approved) . "\r\n";
$olddata = file_get_contents(MEMBERS); $olddata = file_get_contents(MEMBERS);
$fp = fopen(MEMBERS, "w"); $fp = fopen(MEMBERS, "w");
fwrite($fp, $newmembers); fwrite($fp, $newmembers);
fclose($fp); fclose($fp);
$fp = fopen(MEMBERS, "a") or die ("Couldn't open members.txt"); $fp = fopen(MEMBERS, "a") or die ("Couldn't open members.txt");
fwrite($fp, $olddata); fwrite($fp, $olddata);
fclose($fp); fclose($fp);
} elseif ($defaultSort == "oldest") { } elseif ($defaultSort == "oldest") {
$newmembers = "\r\n" . implode("", $approved); $newmembers = "\r\n" . implode("", $approved);
$fp = fopen(MEMBERS, "a") or die ("Couldn't open members.txt"); $fp = fopen(MEMBERS, "a") or die ("Couldn't open members.txt");
fwrite($fp, $newmembers); fwrite($fp, $newmembers);
fclose($fp); fclose($fp);
@ -156,7 +174,7 @@ if (isset($_COOKIE['bellabuffs'])) {
fwrite($fp, $update); fwrite($fp, $update);
fclose($fp); fclose($fp);
} }
blanklinefix(NEWBIES); blanklinefix(NEWBIES);
blanklinefix(MEMBERS); blanklinefix(MEMBERS);
@ -164,12 +182,12 @@ if (isset($_COOKIE['bellabuffs'])) {
} }
if (isset($_POST['del']) && is_array($_POST['del'])) { if (isset($_POST['del']) && is_array($_POST['del'])) {
if (isset($_POST['fileloc'])) if (isset($_POST['fileloc']))
$fileloc = basename($_POST['fileloc']); $fileloc = basename($_POST['fileloc']);
else exit; else exit;
$members = file(MEMBERS); $members = file(MEMBERS);
$newbies = file(NEWBIES); $newbies = file(NEWBIES);
foreach ($_POST['del'] as $member => $file) { foreach ($_POST['del'] as $member => $file) {
if (is_numeric($member)) { if (is_numeric($member)) {
if ($fileloc == "newbies.txt" && array_key_exists($member, $newbies)) unset($newbies[$member]); if ($fileloc == "newbies.txt" && array_key_exists($member, $newbies)) unset($newbies[$member]);
@ -177,18 +195,18 @@ if (isset($_COOKIE['bellabuffs'])) {
} }
} }
if ($fileloc == "newbies.txt") $backlink = '<a href="admin.php?ap=manage_members&amp;s=newbies">Delete other pending members?</a>'; else $backlink = '<a href="admin.php?ap=manage_members">Delete other approved members?</a>'; if ($fileloc == "newbies.txt") $backlink = '<a href="admin.php?ap=manage_members&amp;s=newbies">Delete other pending members?</a>'; else $backlink = '<a href="admin.php?ap=manage_members">Delete other approved members?</a>';
$members = implode("", $members); $members = implode("", $members);
$newbies = implode("", $newbies); $newbies = implode("", $newbies);
$fh = fopen(MEMBERS, "w"); $fh = fopen(MEMBERS, "w");
fwrite($fh, $members); fwrite($fh, $members);
fclose($fh); fclose($fh);
$fb = fopen(NEWBIES, "w"); $fb = fopen(NEWBIES, "w");
fwrite($fb, $newbies); fwrite($fb, $newbies);
fclose($fb); fclose($fb);
echo '<p>Member(s) deleted.</p>'; echo '<p>Member(s) deleted.</p>';
} }
echo '<p><b>Jump to:</b> <a href="admin.php?ap=manage_members">members</a> / <a href="admin.php?ap=manage_members&amp;s=newbies">pending members</a></p>'; echo '<p><b>Jump to:</b> <a href="admin.php?ap=manage_members">members</a> / <a href="admin.php?ap=manage_members&amp;s=newbies">pending members</a></p>';
@ -204,11 +222,11 @@ if (isset($_COOKIE['bellabuffs'])) {
} elseif (!isset($_GET['file']) || $_GET['file'] == "" || !file_exists($_GET['file'])) { } elseif (!isset($_GET['file']) || $_GET['file'] == "" || !file_exists($_GET['file'])) {
echo "<p>You didn't select a valid file.</p>"; echo "<p>You didn't select a valid file.</p>";
include('footer.php'); include('footer.php');
exit; exit;
} else { } else {
if (is_numeric($_GET['mem'])) $mem = $_GET['mem']; else exit("Oops, not a valid member number."); if (is_numeric($_GET['mem'])) $mem = $_GET['mem']; else exit("Oops, not a valid member number.");
if (file_exists($_GET['file'])) $file = $_GET['file']; else exit("Oops, the important .txt files don't exist!"); if (file_exists($_GET['file'])) $file = $_GET['file']; else exit("Oops, the important .txt files don't exist!");
$fh = fopen($file, "r"); $fh = fopen($file, "r");
while(!feof($fh)) { while(!feof($fh)) {
$content[] = fgets($fh, 4096); $content[] = fgets($fh, 4096);
@ -244,7 +262,7 @@ if (isset($_COOKIE['bellabuffs'])) {
<?php <?php
} }
?> ?>
<input type="submit" name="submit" id="submit" value="continue" /> <input type="submit" name="submit" id="submit" value="continue" />
</p></form> </p></form>
<?php <?php
@ -265,7 +283,7 @@ if (isset($_COOKIE['bellabuffs'])) {
$editedMember = $clean['name'] . "," . breakEmail($clean['email']) . "," . $clean['dispemail'] . "," . $clean['url'] . "," . $clean['country'] . "," . $clean['fave'] . "\n"; $editedMember = $clean['name'] . "," . breakEmail($clean['email']) . "," . $clean['dispemail'] . "," . $clean['url'] . "," . $clean['country'] . "," . $clean['fave'] . "\n";
$mem = $clean['member']; $mem = $clean['member'];
$file = $clean['file']; $file = $clean['file'];
$fh = fopen($file, "r"); $fh = fopen($file, "r");
@ -318,7 +336,7 @@ if (isset($_COOKIE['bellabuffs'])) {
include('footer.php'); include('footer.php');
exit; exit;
} }
$_POST['spamword'] = cleanUp(str_replace(',','',$_POST['spamword'])); $_POST['spamword'] = cleanUp(str_replace(',','',$_POST['spamword']));
echo "<p>The following word is now blacklisted:</p>\n\n<p>{$_POST['spamword']}</p>\n\n"; echo "<p>The following word is now blacklisted:</p>\n\n<p>{$_POST['spamword']}</p>\n\n";
@ -439,7 +457,7 @@ if (isset($_COOKIE['bellabuffs'])) {
<form method="post" action="?ap=add_button_process" enctype="multipart/form-data"><p> <form method="post" action="?ap=add_button_process" enctype="multipart/form-data"><p>
<label><input type="file" name="file" id="file" /> Upload Button</label><br /> <label><input type="file" name="file" id="file" /> Upload Button</label><br />
<label>Donated?</label><br /> <label>Donated?</label><br />
<input type="radio" id="donatedyes" name="donated" value="yes" /> Yes <input type="radio" id="donatedyes" name="donated" value="yes" /> Yes
<input type="radio" id="donatedno" name="donated" value="no" checked="checked" /> No<br /> <input type="radio" id="donatedno" name="donated" value="no" checked="checked" /> No<br />
<label><input type="text" id="donatorname" name="donatorname" /> Donator Name</label><br /> <label><input type="text" id="donatorname" name="donatorname" /> Donator Name</label><br />
@ -454,12 +472,12 @@ if (isset($_COOKIE['bellabuffs'])) {
echo "<p>The \"buttons\" directory does not exist and therefore the button could not be uploaded.</p>"; echo "<p>The \"buttons\" directory does not exist and therefore the button could not be uploaded.</p>";
include('footer.php'); include('footer.php');
exit; exit;
} }
if (empty($_FILES['file'])) { if (empty($_FILES['file'])) {
echo "<p>You did not choose an image to upload.</p>"; echo "<p>You did not choose an image to upload.</p>";
include('footer.php'); include('footer.php');
exit; exit;
} }
if (getimagesize($_FILES['file']['tmp_name']) === FALSE) { if (getimagesize($_FILES['file']['tmp_name']) === FALSE) {
echo "<p>That is not a valid image file.</p>"; echo "<p>That is not a valid image file.</p>";
include('footer.php'); include('footer.php');
@ -658,10 +676,10 @@ if (isset($_COOKIE['bellabuffs'])) {
} else { } else {
$filename = $clean['filename']; $filename = $clean['filename'];
} }
$editedButton = $filename . "," . $clean['width'] . "," . $clean['height'] . "," . $clean['donated'] . "," . $clean['donatorname'] . "," . $clean['donatorurl'] . "\n"; $editedButton = $filename . "," . $clean['width'] . "," . $clean['height'] . "," . $clean['donated'] . "," . $clean['donatorname'] . "," . $clean['donatorurl'] . "\n";
$button = $clean['buttonnum']; $button = $clean['buttonnum'];
$fh = fopen(BUTTONS, "r"); $fh = fopen(BUTTONS, "r");
while(!feof($fh)) { while(!feof($fh)) {
@ -685,7 +703,7 @@ if (isset($_COOKIE['bellabuffs'])) {
?> ?>
<h4>Add New Update</h4> <h4>Add New Update</h4>
<p>If updates details is left blank, only a date will be shown.</p> <p>If updates details is left blank, only a date will be shown.</p>
<form action="admin.php?ap=update_process" method="post"><p> <form action="admin.php?ap=update_process" method="post"><p>
<label><input type="text" name="date" id="date" value="<?php echo date($timestamp); ?>" readonly="readonly" /> Date</label><br /> <label><input type="text" name="date" id="date" value="<?php echo date($timestamp); ?>" readonly="readonly" /> Date</label><br />
<label><textarea id="updatedetails" name="updatedetails"></textarea> Details</label><br /> <label><textarea id="updatedetails" name="updatedetails"></textarea> Details</label><br />
@ -839,7 +857,7 @@ if (isset($_COOKIE['bellabuffs'])) {
include('footer.php'); include('footer.php');
exit; exit;
} }
?> ?>
<table> <table>
<tr> <th>Button</th> <th>Name</th> <th>Email</th> <th>URL</th> <th>Site Name</th> <th>Admin</th></tr> <tr> <th>Button</th> <th>Name</th> <th>Email</th> <th>URL</th> <th>Site Name</th> <th>Admin</th></tr>
@ -894,7 +912,7 @@ if (isset($_COOKIE['bellabuffs'])) {
$filename = $clean['filename']; $filename = $clean['filename'];
} }
$editedAff = $filename . "," . $clean['affName'] . "," . breakEmail($clean['affEmail']) . "," . $clean['affURL'] . "," . $clean['affSitename'] . "\n"; $editedAff = $filename . "," . $clean['affName'] . "," . breakEmail($clean['affEmail']) . "," . $clean['affURL'] . "," . $clean['affSitename'] . "\n";
$aff = $clean['affnum']; $aff = $clean['affnum'];
$fh = fopen(AFFILIATES, "r"); $fh = fopen(AFFILIATES, "r");
while(!feof($fh)) { while(!feof($fh)) {
@ -918,22 +936,16 @@ if (isset($_COOKIE['bellabuffs'])) {
if (isset($_GET['p']) && $_GET['p'] == "process") { if (isset($_GET['p']) && $_GET['p'] == "process") {
foreach ($_POST as $key => $val) { foreach ($_POST as $key => $val) {
$clean[$key] = stripslashes(trim($val)); $clean[$key] = stripslashes(trim($val));
}
$subject = "E-mail from the $FLsubject fanlisting";
if (strstr($_SERVER['SERVER_SOFTWARE'], "Win")) {
$clean['to'] = str_replace('>', '', $clean['to']);
$clean['to'] = str_replace('<', '', $clean['to']);
$headers = "From: $admin_email \n";
$headers .= "Reply-To: $admin_email";
} else {
$headers = "From: $title <$admin_email> \n";
$headers .= "Reply-To: <$admin_email>";
} }
if (mail($clean['to'],$subject,$clean['message'],$headers)) { // Recipients
$mail->setFrom($admin_email, $title);
$mail->addAddress($clean['to']);
$mail->addReplyTo($admin_email);
$mail->Subject = "E-mail from the $FLsubject fanlisting";
if ($mail->send()) {
echo "<p>E-mail sent!</p>"; echo "<p>E-mail sent!</p>";
echo "<p><a href='admin.php'>Back to admin panel?</a></p>"; echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
} else { } else {
@ -1005,7 +1017,7 @@ if (isset($_COOKIE['bellabuffs'])) {
<table> <table>
<tr> <th>Name</th> <th>E-mail</th> <th>Website</th> <th>Country</th> <?php if (isset($favefield) && $favefield == "yes") { echo "<th>Fave</th>"; } ?> <th>Admin</th></tr> <tr> <th>Name</th> <th>E-mail</th> <th>Website</th> <th>Country</th> <?php if (isset($favefield) && $favefield == "yes") { echo "<th>Fave</th>"; } ?> <th>Admin</th></tr>
<tr> <td><?php echo $name; ?></td> <tr> <td><?php echo $name; ?></td>
<td><?php echo "<a href='mailto:".fixEmail($email)."'>email</a>"; ?></td> <td><?php echo "<a href='mailto:".fixEmail($email)."'>email</a>"; ?></td>
<td><?php echo $url; ?></td> <td><?php echo $url; ?></td>
<td><?php echo $country; ?></td> <td><?php echo $country; ?></td>

View File

@ -1,5 +1,7 @@
<?php <?php
require_once('prefs.php'); require_once('prefs.php');
require_once __DIR__.'/contactform/vendor/autoload.php';
require_once __DIR__.'/contactform/config.php';
$error_msg = null; $error_msg = null;
$result = null; $result = null;
@ -49,26 +51,38 @@ if ($_SERVER['REQUEST_METHOD'] == "POST") {
$error_msg .= "Invalid website url.\r\n"; $error_msg .= "Invalid website url.\r\n";
if ($error_msg == NULL && $points <= $maxPoints) { if ($error_msg == NULL && $points <= $maxPoints) {
$subject = "Contact form submission from ". $title; $mail = new \PHPMailer\PHPMailer\PHPMailer(true);
$message = "You received this e-mail message through your fanlisting: \n\n"; // Server settings
$mail->setLanguage(CONTACTFORM_LANGUAGE);
$mail->SMTPDebug = CONTACTFORM_PHPMAILER_DEBUG_LEVEL;
$mail->isSMTP();
$mail->Host = CONTACTFORM_SMTP_HOSTNAME;
$mail->SMTPAuth = true;
$mail->Username = CONTACTFORM_SMTP_USERNAME;
$mail->Password = CONTACTFORM_SMTP_PASSWORD;
$mail->SMTPSecure = CONTACTFORM_SMTP_ENCRYPTION;
$mail->Port = CONTACTFORM_SMTP_PORT;
$mail->CharSet = CONTACTFORM_MAIL_CHARSET;
$mail->Encoding = CONTACTFORM_MAIL_ENCODING;
// Recipients
$mail->setFrom($admin_email, $title.' Contact Form');
$mail->addAddress($admin_email, $admin_name);
$mail->addReplyTo($_POST['email'], $_POST['name']);
$mail->Subject = "Contact form submission from ". $title;
$mail->Body = "You received this e-mail message through your fanlisting: \n\n";
foreach ($_POST as $key => $val) { foreach ($_POST as $key => $val) {
$message .= ucwords($key) . ": " . cleanUp($val) . "\r\n"; $mail->Body .= ucwords($key) . ": " . cleanUp($val) . "\r\n";
} }
$message .= "\r\n"; $mail->Body .= "\r\n";
$message .= 'IP: '.$_SERVER['REMOTE_ADDR']."\r\n"; $mail->Body .= 'IP: '.$_SERVER['REMOTE_ADDR']."\r\n";
$message .= 'Browser: '.$_SERVER['HTTP_USER_AGENT']."\r\n"; $mail->Body .= 'Browser: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
$message .= 'Points: '.$points; $mail->Body .= 'Points: '.$points;
if (strstr($_SERVER['SERVER_SOFTWARE'], "Win")) { if ($mail->send()) {
$headers = "From: {$admin_email}\n";
$headers .= "Reply-To: {$_POST['email']}";
} else {
$headers = "From: {$title} <{$admin_email}>\n";
$headers .= "Reply-To: {$_POST['email']}";
}
if (mail($admin_email,$subject,$message,$headers)) {
$result = 'Your mail was successfully sent.'; $result = 'Your mail was successfully sent.';
$disable = true; $disable = true;
} else { } else {

View File

@ -1,6 +1,8 @@
<?php <?php
$show_form = true; $show_form = true;
$error_msg = NULL; $error_msg = NULL;
require_once __DIR__.'/contactform/vendor/autoload.php';
require_once __DIR__.'/contactform/config.php';
if (isset($_POST['submit'])) { if (isset($_POST['submit'])) {
require_once('prefs.php'); require_once('prefs.php');
@ -31,10 +33,10 @@ if (isset($_POST['submit'])) {
if (isBot() !== false) if (isBot() !== false)
$error_msg .= "No bots please! UA reported as: ".$_SERVER['HTTP_USER_AGENT'] . "\r\n"; $error_msg .= "No bots please! UA reported as: ".$_SERVER['HTTP_USER_AGENT'] . "\r\n";
if (substr_count($_POST['comments'], 'http://') > 1) if (substr_count($_POST['comments'], 'http://') > 1)
$error_msg .= "Too many URLs; we've assumed you're spam and 'lost' your application. Please try again without any extra URLs if you're a geniune person :)\r\n"; $error_msg .= "Too many URLs; we've assumed you're spam and 'lost' your application. Please try again without any extra URLs if you're a geniune person :)\r\n";
$exploits = "/(content-type|bcc:|cc:|document.cookie|onclick|onload|javascript|alert)/i"; $exploits = "/(content-type|bcc:|cc:|document.cookie|onclick|onload|javascript|alert)/i";
if (filesize(SPAMWDS) > 0) $spamlist = file(SPAMWDS); if (filesize(SPAMWDS) > 0) $spamlist = file(SPAMWDS);
@ -53,7 +55,7 @@ if (isset($_POST['submit'])) {
$error_msg .= "No HTML, please.\r\n"; $error_msg .= "No HTML, please.\r\n";
$clean[$key] = cleanUp($val); $clean[$key] = cleanUp($val);
} }
// set default values for empty/unset fields // set default values for empty/unset fields
if (empty($clean['dispemail'])) if (empty($clean['dispemail']))
@ -77,11 +79,11 @@ if (isset($_POST['submit'])) {
$error_msg .= "The website url you provided is not valid. Please remove and try again or fix the URL.\r\n"; $error_msg .= "The website url you provided is not valid. Please remove and try again or fix the URL.\r\n";
if ($clean['country'] == "null" || (filesize(COUNTRIES) > 0 && checkTXTfile(COUNTRIES, $clean['country'], "country") === false)) if ($clean['country'] == "null" || (filesize(COUNTRIES) > 0 && checkTXTfile(COUNTRIES, $clean['country'], "country") === false))
$error_msg .= "Please select a valid country. \r\n"; $error_msg .= "Please select a valid country. \r\n";
if (filesize(IPBLOCKLST) > 0 && checkTXTfile(IPBLOCKLST, $_SERVER['REMOTE_ADDR'], "ip") === true) { if (filesize(IPBLOCKLST) > 0 && checkTXTfile(IPBLOCKLST, $_SERVER['REMOTE_ADDR'], "ip") === true) {
echo "<p>Your IP is in the block list, that means you're not allowed to join at this time. \r\n</p>"; echo "<p>Your IP is in the block list, that means you're not allowed to join at this time. \r\n</p>";
exit(include('footer.php')); exit(include('footer.php'));
} }
if (filesize(NEWBIES) > 0 && checkTXTfile(NEWBIES, breakEmail($clean['email']), "email") === true) { if (filesize(NEWBIES) > 0 && checkTXTfile(NEWBIES, breakEmail($clean['email']), "email") === true) {
echo "<p>You're already in the pending queue, you can't join twice!</p> \n"; echo "<p>You're already in the pending queue, you can't join twice!</p> \n";
exit(include('footer.php')); exit(include('footer.php'));
@ -98,55 +100,66 @@ if (isset($_POST['submit'])) {
$clean['email'] = breakEmail(strtolower($clean['email'])); $clean['email'] = breakEmail(strtolower($clean['email']));
// send off some emails // send off some emails
$mail = new \PHPMailer\PHPMailer\PHPMailer(true);
// Server settings
$mail->setLanguage(CONTACTFORM_LANGUAGE);
$mail->SMTPDebug = CONTACTFORM_PHPMAILER_DEBUG_LEVEL;
$mail->isSMTP();
$mail->Host = CONTACTFORM_SMTP_HOSTNAME;
$mail->SMTPAuth = true;
$mail->Username = CONTACTFORM_SMTP_USERNAME;
$mail->Password = CONTACTFORM_SMTP_PASSWORD;
$mail->SMTPSecure = CONTACTFORM_SMTP_ENCRYPTION;
$mail->Port = CONTACTFORM_SMTP_PORT;
$mail->CharSet = CONTACTFORM_MAIL_CHARSET;
$mail->Encoding = CONTACTFORM_MAIL_ENCODING;
if ($emailnewbies == "yes") { if ($emailnewbies == "yes") {
$subject = "Thank you for joining $title"; // Recipients
$mail->setFrom($admin_email, $title);
$mail->addAddress(fixEmail($clean['email']), $clean['name']);
$mail->addReplyTo($admin_email);
$message = $thanksjoinMsg; // Content
$message .= "Name: {$clean['name']} \n"; $mail->Subject = "Thank you for joining $title";
$message .= "Email: " . fixEmail($clean['email']) . " \n"; $mail->Body = $thanksjoinMsg . "\n\n";
$message .= "URL: {$clean['url']} \n"; $mail->Body .= "== Your Details == \n";
$message .= "Country: {$clean['country']} \n"; $mail->Body .= "Name: {$clean['name']} \n";
$mail->Body .= "Email: " . fixEmail($clean['email']) . " \n";
$mail->Body .= "URL: {$clean['url']} \n";
$mail->Body .= "Country: {$clean['country']} \n";
if (isset($favefield) && $favefield == "yes") { if (isset($favefield) && $favefield == "yes") {
$message .= "$favetext: {$clean['fave']} \n"; $mail->Body .= "$favetext: {$clean['fave']} \n";
} }
$message .= "Comments: {$clean['comments']} \n\n"; $mail->Body .= "Comments: {$clean['comments']} \n\n";
if (strstr($_SERVER['SERVER_SOFTWARE'], "Win")) { $mail->send();
$headers = "From: $admin_email \n";
$headers .= "Reply-To: $admin_email";
} else {
$headers = "From: $title <$admin_email> \n";
$headers .= "Reply-To: <$admin_email>";
}
mail(fixEmail($clean['email']),$subject,$message,$headers);
} }
if ($emailadmin == "yes") { if ($emailadmin == "yes") {
$subject = "New member at $title"; // Remove previous recipients
$mail->ClearAllRecipients();
$message = "There's a new member at your $FLsubject fanlisting with the following details: \n\n"; $mail->setFrom($admin_email, $title);
$mail->addAddress($admin_email, $admin_name);
$message .= "Name: {$clean['name']} \n"; $mail->Subject = "New member at $title";
$message .= "Email: " . fixEmail($clean['email']) . " \n";
$message .= "URL: {$clean['url']} \n"; $mail->Body = "There's a new member at your $FLsubject fanlisting with the following details: \n\n";
$message .= "Country: {$clean['country']} \n";
$mail->Body .= "Name: {$clean['name']} \n";
$mail->Body .= "Email: " . fixEmail($clean['email']) . " \n";
$mail->Body .= "URL: {$clean['url']} \n";
$mail->Body .= "Country: {$clean['country']} \n";
if (isset($favefield) && $favefield == "yes") { if (isset($favefield) && $favefield == "yes") {
$message .= "$favetext: {$clean['fave']} \n"; $mail->Body .= "$favetext: {$clean['fave']} \n";
} }
$message .= "Comments: {$clean['comments']} \n"; $mail->Body .= "Comments: {$clean['comments']} \n";
$message .= "IP: {$_SERVER['REMOTE_ADDR']} \n\n"; $mail->Body .= "IP: {$_SERVER['REMOTE_ADDR']} \n\n";
$message .= "Manage members: {$FLurl}/admin.php?ap=manage_members&s=newbies"; $mail->Body .= "Manage members: {$FLurl}/admin.php?ap=manage_members&s=newbies";
if (!strstr($_SERVER['SERVER_SOFTWARE'], "Win")) { $mail->send();
$headers = "From: $admin_email \n";
$headers .= "Reply-To: " . fixEmail($clean['email']) . "";
} else {
$headers = "From: $title <$admin_email> \n";
$headers .= "Reply-To: <" . fixEmail($clean['email']) . ">";
}
mail($admin_email,$subject,$message,$headers);
} }
// add the member to the newbies txt file // add the member to the newbies txt file
@ -197,7 +210,7 @@ if (!isset($_POST['submit']) || $show_form == true) {
} }
?> ?>
<label>Comments</label><br /> <textarea id="comments" name="comments" rows="3" cols="25"><?php get_data("comments"); ?></textarea><br /> <label>Comments</label><br /> <textarea id="comments" name="comments" rows="3" cols="25"><?php get_data("comments"); ?></textarea><br />
<input type="submit" name="submit" id="submit" value="Join" /> <input type="submit" name="submit" id="submit" value="Join" />
</p></form> </p></form>
<?php <?php

View File

@ -1,6 +1,8 @@
<?php <?php
$show_form = true; $show_form = true;
$error_msg = NULL; $error_msg = NULL;
require_once __DIR__.'/contactform/vendor/autoload.php';
require_once __DIR__.'/contactform/config.php';
if (isset($_POST['submit'])) { if (isset($_POST['submit'])) {
require_once('prefs.php'); require_once('prefs.php');
@ -34,10 +36,10 @@ if (isset($_POST['submit'])) {
include('footer.php'); include('footer.php');
exit; exit;
} }
if (isBot() !== false) if (isBot() !== false)
$error_msg .= "No bots please! UA reported as: ".$_SERVER['HTTP_USER_AGENT'] . "\r\n"; $error_msg .= "No bots please! UA reported as: ".$_SERVER['HTTP_USER_AGENT'] . "\r\n";
if (substr_count($_POST['comments'], 'http://') > 1) if (substr_count($_POST['comments'], 'http://') > 1)
$error_msg .= "Too many URLs; we've assumed you're spam and 'lost' your application. Please try again without any extra URLs if you're a geniune person :)\r\n"; $error_msg .= "Too many URLs; we've assumed you're spam and 'lost' your application. Please try again without any extra URLs if you're a geniune person :)\r\n";
@ -88,33 +90,42 @@ if (isset($_POST['submit'])) {
if ($error_msg == NULL) { if ($error_msg == NULL) {
$show_form = false; $show_form = false;
$subject = "Update member at $title";
$message = "A member at your $FLsubject fanlisting wants updating with following details: \n\n"; $mail = new \PHPMailer\PHPMailer\PHPMailer(true);
// Server settings
$mail->setLanguage(CONTACTFORM_LANGUAGE);
$mail->SMTPDebug = CONTACTFORM_PHPMAILER_DEBUG_LEVEL;
$mail->isSMTP();
$mail->Host = CONTACTFORM_SMTP_HOSTNAME;
$mail->SMTPAuth = true;
$mail->Username = CONTACTFORM_SMTP_USERNAME;
$mail->Password = CONTACTFORM_SMTP_PASSWORD;
$mail->SMTPSecure = CONTACTFORM_SMTP_ENCRYPTION;
$mail->Port = CONTACTFORM_SMTP_PORT;
$mail->CharSet = CONTACTFORM_MAIL_CHARSET;
$mail->Encoding = CONTACTFORM_MAIL_ENCODING;
$message .= "Name: {$clean['name']} \n"; // Recipients
$message .= "Email: ".strtolower($clean['email'])." \n"; $mail->setFrom($admin_email, $title);
$message .= "New Email: {$clean['newemail']} \n"; $mail->addAddress($admin_email, $admin_name);
$message .= "New URL: {$clean['newurl']} \n";
$message .= "Country: {$clean['country']} \n";
$message .= "Comments: {$clean['comments']} \n";
$message .= "IP: {$_SERVER['REMOTE_ADDR']} \n\n";
$message .= "Manage members: {$FLurl}/admin.php"; $mail->Subject = "Update member at $title";
if (!strstr($_SERVER['SERVER_SOFTWARE'], "Win")) { $mail->Body = "A member at your $FLsubject fanlisting wants updating with following details: \n\n";
$headers = "From: $admin_email \n"; $mail->Body .= "Name: {$clean['name']} \n";
$headers .= "Reply-To: $clean[email]"; $mail->Body .= "Email: ".strtolower($clean['email'])." \n";
$mail->Body .= "New Email: {$clean['newemail']} \n";
$mail->Body .= "New URL: {$clean['newurl']} \n";
$mail->Body .= "Country: {$clean['country']} \n";
$mail->Body .= "Comments: {$clean['comments']} \n";
$mail->Body .= "IP: {$_SERVER['REMOTE_ADDR']} \n\n";
$mail->Body .= "Manage members: {$FLurl}/admin.php";
if ($mail->send()) {
echo "<h1>Update Sent!</h1><p>Your updated information has been sent to the fanlisting owner.</p>";
} else { } else {
$headers = "From: $title <$admin_email> \n"; echo "<h1>Oops!</h1><p>Your updated information could not be sent this time, please contact the fanlisting owner.</p>";
$headers .= "Reply-To: <$clean[email]>";
}
if (mail($admin_email,$subject,$message,$headers)) {
echo "<h1>Update Sent!</h1> \n <p>Your updated information has been sent.</p>";
} else {
echo "<h1>Oops!</h1> \n <p>Your updated information could not be sent this time, please contact the fanlisting owner.</p>";
} }
} }
} else { } else {
@ -157,9 +168,9 @@ if (!isset($_POST['submit']) || $show_form == true) {
<?php <?php
} }
?> ?>
<label>Comments</label><br /> <label>Comments</label><br />
<textarea name="comments" id="comments" rows="3" cols="25"></textarea><br /> <textarea name="comments" id="comments" rows="3" cols="25"></textarea><br />
<input type="submit" name="submit" id="submit" value="Update" /> <input type="submit" name="submit" id="submit" value="Update" />
</p></form> </p></form>
<?php <?php