<?php
// OPTIONS - PLEASE CONFIGURE THESE BEFORE USE!
$yourEmail = "yourEmailAddress@someSite.com"; // the email address you wish to receive these mails through
$yourWebsite = "MySite"; // the name of your website
$maxPoints = 4; // max points a person can hit before it refuses to submit - recommend 4
function isBot() {
$bots = array("Indy", "Blaiz", "Java", "libwww-perl", "Python", "OutfoxBot", "User-Agent", "PycURL", "AlphaServer", "T8Abot", "Syntryx", "WinHttp", "WebBandit", "nicebot", "autoemailspider","Atomic_Email_Hunter/4.0","ContactBot/0.2","ContentSmartz");
$isBot = false;
foreach ($bots as $bot)
if (strpos($_SERVER['HTTP_USER_AGENT'], $bot) !== false)
$isBot = true;
if (empty($_SERVER['HTTP_USER_AGENT']) || $_SERVER['HTTP_USER_AGENT'] == " ")
$isBot = true;
return $isBot;
}
if ($_SERVER['REQUEST_METHOD'] == "POST") {
$error_msg = NULL;
if (isBot())
exit("bots not allowed.</p>");
function clean($data) {
$data = trim(stripslashes(strip_tags($data)));
return $data;
}
// lets check a few things - not enough to trigger an error on their own, but worth assigning a spam score..
// score quickly adds up therefore allowing genuine users with 'accidental' score through but cutting out real spam :)
$points = (int)0;
$badwords = array("adult", "beastial", "bestial", "blowjob", "clit", "cum", "cunilingus", "cunillingus", "cunnilingus", "cunt", "ejaculate", "fag", "felatio", "fellatio", "****", "fuk", "fuks", "gangbang", "gangbanged", "gangbangs", "hotsex", "hardcode", "jism", "jiz", "orgasim", "orgasims", "orgasm", "orgasms", "phonesex", "phuk", "phuq", "porn", "pussies", "pussy", "spunk", "xxx", "viagra", "phentermine", "tramadol", "adipex", "advai", "alprazolam", "ambien", "ambian", "amoxicillin", "antivert", "blackjack", "backgammon", "texas", "holdem", "poker", "carisoprodol", "ciara", "ciprofloxacin", "debt", "dating", "porn", "link=", "voyeur");
$exploits = array("content-type", "bcc:", "cc:", "document.cookie", "onclick", "onload", "javascript");
foreach ($badwords as $word)
if (strpos($_POST['comments'], $word) !== false)
$points += 2;
foreach ($exploits as $exploit)
if (strpos($_POST['comments'], $exploit) !== false)
$points += 2;
if (strpos($_POST['comments'], "http://") === true || strpos($_POST['comments'], "www.") === true)
$points += 2;
if (isset($_POST['nojs']))
$points += 1;
if (preg_match("/(<.*>)/i", $_POST['comments']))
$points += 2;
if (strlen($_POST['name']) < 3)
$points += 1;
if (strlen($_POST['comments']) < 15 || strlen($_POST['comments'] > 1500))
$points += 2;
// end score assignments
if (empty($_POST['name']) || empty($_POST['email']) || empty($_POST['comments'])) {
$error_msg .= "Name, e-mail and comments are required fields. \n";
} elseif (strlen($_POST['name']) > 35) {
$error_msg .= "The name field is limited at 35 characters. Your first name or nickname will do! \n";
} elseif (!ereg("^[A-Za-z' -]*$", $_POST['name'])) {
$error_msg .= "The name field must not contain special characters. \n";
} elseif (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$",strtolower($_POST['email']))) {
$error_msg .= "That is not a valid e-mail address. \n";
} elseif (!empty($_POST['url']) && !preg_match('/^(http|https):\/\/(([A-Z0-9][A-Z0-9_-]*)(\.[A-Z0-9][A-Z0-9_-]*)+)(:(\d+))?\/?/i', $_POST['url']))
$error_msg .= "Invalid website url.";
if ($error_msg == NULL && $points <= $maxPoints) {
$subject = "Email from your website";
$message = "You received this e-mail message through your website: \n\n";
foreach ($_POST as $key => $val) {
$message .= ucwords($key) . ": $val \r\n";
}
$message .= 'IP: '.$_SERVER['REMOTE_ADDR']."\r\n";
$message .= 'Browser: '.$_SERVER['HTTP_USER_AGENT']."\r\n";
$message .= 'Points: '.$points;
if (strstr($_SERVER['SERVER_SOFTWARE'], "Win")) {
$headers = "From: $yourEmail \r\n";
$headers .= "Reply-To: {$_POST['email']}";
} else {
$headers = "From: $yourWebsite <$yourEmail> \r\n";
$headers .= "Reply-To: {$_POST['email']}";
}
if (mail($yourEmail,$subject,$message,$headers)) {
echo ' <p style="font-size:36px"align="center">Your mail was successfully sent</p>';
} else {
echo '<p style="font-size:36px; color:#FF0000" align="center"> ERROR: Mail NOT Sent </p>';
}
}
}
function get_data($var) {
if (isset($_POST[$var]))
echo htmlspecialchars($_POST[$var]);
}
if ($error_msg != NULL) {
echo '<p><strong style="color: red;font-size:36px; ">ERROR: spam filter tripped</strong><br />';
echo nl2br($error_msg) . "</p>";
}
?>
<form action="a_contact.php" method="post">
<noscript><p><input type="hidden" name="nojs" id="nojs" /> </p></noscript>
<table width="85%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td class="sidebar_box"><label for="name">Name:</label> </td>
<td class="sidebar_box" colspan="2">
<input name="name" type="text" id="name" value="<?php get_data("name"); ?> name" size="50" /></td>
</tr>
<tr>
<td> </td>
<td colspan="2"> </td>
</tr>
<tr>
<td class="sidebar_box" ><label for="email">E-mail:</label> </td>
<td class="sidebar_box" colspan="2"><input name="email" type="text" id="email" value="<?php get_data("email"); ?> email address" size="50" /></td>
</tr>
<tr>
<td> </td>
<td colspan="2"> </td>
</tr>
<tr>
<td> </td>
<td colspan="2"> </td>
</tr>
<tr>
<td class="sidebar_box"><label for="location">Location*:</label></td>
<td class="sidebar_box" colspan="2"><input name="location" type="text" id="location" value="<?php get_data("location"); ?> Location (optional)" size="50" /></td>
</tr>
<tr>
<td> </td>
<td colspan="2"> </td>
</tr>
<tr>
<td class="sidebar_box"><label for="comments">Message:</label></td>
<td class="sidebar_box"colspan="2"><textarea name="comments" cols="45" rows="5" id="comments"><?php get_data("comments"); ?> Add your message in here.
</textarea></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td class="sidebar_box">* optional </td>
<td class="sidebar_box" ><div align="center">
<input type="submit" name="submit" id="submit" value="Send Message" />
</div></td>
<td class="sidebar_box">
<div align="left">
<input type="reset" name="Reset" value="Clear Form" onclick="a_contact.php"/>
</div></td>
</tr>
</table>
</form>