Doug Karr. Original script by Ryan Duff Author: Kristin K. Wangen Author URI: http://kzkw.net/ Version: 1.4 */ /* Copyleft 2007 Kristin K. Wangen This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ if(function_exists('load_betterlang_textdomain')) { load_betterlang_textdomain('cfiii'); } else { load_plugin_textdomain('cfiii', $path = 'wp-content/plugins/wp-contact-form/languages'); } /* Declare strings that change depending on input. This also resets them so errors clear on resubmission. */ $wpcf_strings = array('name' => '','email' => '','subject' => '','response' => '','msg' => '','error' => '',); /* This shows the quicktag on the write pages Based off Buttonsnap Template http://redalt.com/downloads */ if(get_option('wpcf_show_quicktag') == true) { include('buttonsnap.php'); add_action('init', 'wpcf_button_init'); add_action('marker_css', 'wpcf_marker_css'); function wpcf_button_init() { $wpcf_button_url = buttonsnap_dirname(__FILE__) . '/wpcf_button.png'; buttonsnap_textbutton($wpcf_button_url, __('Contact Form', 'cfiii'), '[contactform]'); buttonsnap_register_marker('contact form', 'wpcf_marker'); } function wpcf_marker_css() { $wpcf_marker_url = buttonsnap_dirname(__FILE__) . '/wpcf_marker.gif'; echo " .wpcf_marker { display: block; height: 15px; width: 155px margin-top: 5px; background-image: url({$wpcf_marker_url}); background-repeat: no-repeat; background-position: center; } "; } } function wpcf_is_malicious($input) { $is_malicious = false; $bad_inputs = array("\r", "\n", "mime-version", "content-type", "bcc:", "cc:", "to:"); foreach($bad_inputs as $bad_input) { if(strpos(strtolower($input), strtolower($bad_input)) !== false) { $is_malicious = true; break; } } return $is_malicious; } function wpcf_is_challenge($input) { $is_challenge = false; $answer = get_option('wpcf_answer'); $answer = stripslashes(trim($answer)); if($input == $answer) { $is_challenge = true; } return $is_challenge; } /* This function checks for errors on input and changes $wpcf_strings if there are any errors. Shortcircuits if there has not been a submission */ function wpcf_check_input() { if(!(isset($_POST['wpcf_stage']))) {return false;} // Shortcircuit. $_POST['wpcf_your_name'] = stripslashes(trim($_POST['wpcf_your_name'])); $_POST['wpcf_email'] = stripslashes(trim($_POST['wpcf_email'])); $_POST['wpcf_response'] = stripslashes(trim($_POST['wpcf_response'])); $_POST['wpcf_website'] = stripslashes(trim($_POST['wpcf_website'])); $_POST['wpcf_subject'] = stripslashes(trim($_POST['wpcf_subject'])); $_POST['wpcf_msg'] = stripslashes(trim($_POST['wpcf_msg'])); global $wpcf_strings; $ok = true; if(empty($_POST['wpcf_your_name'])) { $ok = false; $reason = 'empty'; $wpcf_strings['name'] = '' ; } if(!is_email($_POST['wpcf_email'])) { $ok = false; $reason = 'empty'; $wpcf_strings['email'] = ''; } if(empty($_POST['wpcf_response'])) { $ok = false; $reason = 'empty'; $wpcf_strings['response'] = ''; } if (!wpcf_is_challenge($_POST['wpcf_response'])) { $ok = false; $reason = 'wrong'; $wpcf_strings['response'] = ''; } if(empty($_POST['wpcf_subject'])) { $ok = false; $reason = 'empty'; $wpcf_strings['subject'] = ''; } if(empty($_POST['wpcf_msg'])) { $ok = false; $reason = 'empty'; $wpcf_strings['msg'] = ''; } if(wpcf_is_malicious($_POST['wpcf_your_name']) || wpcf_is_malicious($_POST['wpcf_email'])) { $ok = false; $reason = 'malicious'; } if($ok == true) { return true; } else { if($reason == 'malicious') { $wpcf_strings['error'] = "".__('You can not use any of the following in the Name or Email fields: a linebreak, or the phrases \'mime-version\', \'content-type\', \'cc:\' \'bcc:\'or \'to:\'.','cfiii').""; } elseif($reason == 'empty') { $wpcf_strings['error'] = '' . stripslashes(get_option('wpcf_error_msg')) . ''; } elseif($reason == 'wrong') { $wpcf_strings['error'] = "".__('You answered the challenge question incorrectly.', 'cfiii').""; } return false; } } /*Wrapper function which calls the form.*/ function wpcf_callback( $content ) { global $wpcf_strings; wpautop($content, 0); /* Run the input check. */ if(! preg_match('|[contactform]|', $content)) { return $content; } if(wpcf_check_input()) // If the input check returns true (ie. there has been a submission & input is ok) { $recipient = get_option('wpcf_email'); $subject = $_POST['wpcf_subject']; $success_msg = get_option('wpcf_success_msg'); $success_msg = stripslashes($success_msg); $name = $_POST['wpcf_your_name']; $email = $_POST['wpcf_email']; $website = $_POST['wpcf_website']; $msg = $_POST['wpcf_msg']; $headers = "MIME-Version: 1.0\n"; $headers .= "From: $name <$email>\n"; $headers .= "Content-Type: text/plain; charset=\"" . get_settings('blog_charset') . "\"\n"; $fullmsg = "$name ".__('wrote:','cfiii')."\n"; $fullmsg .= wordwrap($msg, 80, "\n") . "\n\n"; $fullmsg .= "".__('Website:','cfiii')." " . $website . "\n"; $fullmsg .= "".__('IP:','cfiii')."" . getip(); mail($recipient, $subject, $fullmsg, $headers); $results = '' . $success_msg . ''; echo $results; } else // Else show the form. If there are errors the strings will have updated during running the inputcheck. { $question = stripslashes(get_option('wpcf_question')); $form = trim('
'.__('Contact Form','cfiii').'
* '.__('Required fields','cfiii').'' . $wpcf_strings['error'] . '
' . $wpcf_strings['name'] . ' ' . $wpcf_strings['email'] . ' ' . $wpcf_strings['subject'] . ' ' . $wpcf_strings['msg'] . ' ' . $wpcf_strings['response'] . '
'); return str_replace('[contactform]', $form, $content); } } /*Can't use WP's function here, so lets use our own*/ function getip() { if (isset($_SERVER)) { if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) { $ip_addr = $_SERVER["HTTP_X_FORWARDED_FOR"]; } elseif (isset($_SERVER["HTTP_CLIENT_IP"])) { $ip_addr = $_SERVER["HTTP_CLIENT_IP"]; } else { $ip_addr = $_SERVER["REMOTE_ADDR"]; } } else { if ( getenv( 'HTTP_X_FORWARDED_FOR' ) ) { $ip_addr = getenv( 'HTTP_X_FORWARDED_FOR' ); } elseif ( getenv( 'HTTP_CLIENT_IP' ) ) { $ip_addr = getenv( 'HTTP_CLIENT_IP' ); } else { $ip_addr = getenv( 'REMOTE_ADDR' ); } } return $ip_addr; } /*CSS Styling*/ function wpcf_css() { ?>