tag * CONTACT_BCC -- where a bcc of the contact email is sent * DB_EMAIL_LOGGING -- are we storing the emails in a database? This is a great thing to do both from an analytics perspective and a security * perspective (in case emails are not getting off the server for some reason), but is not mandatory. All you need to do is set up a table called * "contact" in the database, enter name/username/password info, and it does all the rest. * 2. Change the "$form" array. This defines the form, how it is processed, * the way it displays, and the email that is sent. More details are in * the comments preceeding the sample "$form" array. * * There are other areas you may want to modify. * 1. After the "$form" array, there are various defines for the layout of * the directory structure and how the site behaves. You may need to * change these to reflect your specific website. * 2. The code for displaying the form may need adjusting for your website. * This includes the css definistions in the in-line stylesheet. * * Other common modifications: * If you would like to add a dropdown to select who will receive the email, * see the form definition for "contact" and use the switch statement * starting with "switch($contact_name)" below. * If you would like to use one form that is linked for different users, * see the setup on Synotac contact or Sonitrol board * */ // Constants for this customer. define('COMPANY_NAME', 'C3 Publications'); // name used in titles define('CONTACT_EMAIL', 'georgec3pub@comcast.net'); // address where contact is sent define('ERROR_EMAIL', 'synotac@gmail.com'); // address where errors are sent /* this needs to be a single string. If you want multiple emails, separate them with commas like this: $email->SetBlindCopy('email1@synotac.com,email2@synotac.com,email3@synotac.com'); */ define('CONTACT_BCC', 'synotac@gmail.com'); // address where errors are sent define('PAGE_TITLE', 'Contact'); // Title of the page define('SUBMISSION_SUCCESS_TEXT', '

Submission successfully received! Thank you for your input - I will respond to your inquiry promptly.

'); // Text on the success page define('DB_EMAIL_LOGGING', false); // are we logging the contact in the database? define('DB_NAME', 'synotac1_contact'); // database name define('DB_USERNAME', 'synotac1_joomla'); // database username define('DB_PASSWORD', 't4c2n2c43'); // database password define('DB_TABLE_NAME', 'contact'); // name of table where contacts are stored // This array has one entry for each form control on the form *except* for // the submit button. The one below is an example only and should be // modified for each website. // // Each entry (form control) is an associative array ("form control // definition") with the control name as the array key. The name cannot // contain any spaces. // // A form control definition must contain the "type" and "label" elements. // Certain types have additional required elements. // // "type" is the type of the generated form control and is one of "text", // "textarea", "select", "radio", "checkbox", or "hidden". // // "label" is displayed to the left of the control on the displayed form. // // If the "type" is "text", you can optionally specify a "size" and "maxsize" // element. // // If the "type" is "select", or "radio", the "option" element is // required. It is an associative array of values and descriptions. The // value will be returned if the control is successful. "value" should be // set to the name of the initially selected option. If it is missing, // it is set to the the first option. // // If the "type" is "textarea", the "cols" and "rows" elements are // required. For a 40 column by 6 row textarea, include // "'cols' => 40, 'rows' => 6,". // // If you want an initial value set for "text" or "textarea" types, include // the "value" element and set it equal to the desired value. // // If the "type" is "checkbox" and you want it to be checked, set "value" // to a non-blank string. // // If the control is required, include "'required' => TRUE" in the // form control definition. If the "type" is "select" or "radio", "required" // is assumed. // // If you have control-specific parameters, such as "class" or "id", set // it with the optional "'parm' => 'class="whatever"'". If the control is // a select or radio type, parm must be an associative array with the // option (radio) names as the keys. // // If you want content displayed above an entry, use a "text" element. For // example "'text' => 'Display me above this form entry'". $form = array( 'newsletter' => array('type' => 'checkbox', 'label' => 'YES, I would like to receive notice of books and news of George Byron Wright.', 'value' => 'checked', ), 'fullname' => array('type' => 'text', 'label' => 'Name', 'required' => TRUE, ), 'email' => array('type' => 'text', 'label' => 'Email', 'required' => TRUE, ), 'address' => array('type' => 'text', 'label' => 'Address', 'size' => 30, 'required' => FALSE, ), 'city' => array('type' => 'text', 'label' => 'City', 'size' => 30, 'required' => FALSE, ), 'state' => array('type' => 'text', 'label' => 'State', 'size' => 10, 'required' => FALSE, ), 'zip' => array('type' => 'text', 'label' => 'Zip', 'size' => 10, 'required' => FALSE, ), 'phone' => array('type' => 'text', 'label' => 'Phone', 'size' => 15, 'maxlength' => 15, 'required' => FALSE, ), 'comment' => array('type' => 'textarea', 'label' => 'Comment', 'cols' => 40, 'rows' => 6, 'required' => TRUE, ) ); // If using a basic site, you need the following defines in order to call // the mail class. More complex sites usually define these in app_top, // in which case you need to include that file. // Use enough dirname() in the following statement to get to the docuemnt // root. If this file is in document root, the following statement is // correct. define('DOC_ROOT', str_replace('\\', '/', dirname(__FILE__)) . '/'); // These reflect the assumed directory layout. Change it to reflect the // particulars of your website. define('INCLUDES', DOC_ROOT . 'includes/'); define('CLASSES', INCLUDES . 'classes/'); define('PEAR', CLASSES . 'PEAR/'); // All sites must have the following define and then include the email class. define('_VALID_INCLUDE', 1); define('PAGE_NAME', basename($_SERVER['PHP_SELF'])); // this page // MAKE SURE THIS IS SET TO "FALSE" FOR PRODUCTION. define('DISPLAY_ERRORS', true); // Formbot fighting constants. define('TIME_HUMAN', 5); // minimum time in seconds for humans to fill out form // Some sites may set this in .htaccess, but if not, include the line below. ini_set('include_path', '.' . PATH_SEPARATOR . PEAR); // Set error reporting and display. error_reporting(E_ALL); ini_set('display_errors', DISPLAY_ERRORS); // Require the email class. require_once(CLASSES . 'email.php'); // Initialize the form control definitions. Validate required array // elements and initialize ones such as "error" and "ctl_value". foreach ($form as $fc_name => $fc_def) { $form[$fc_name]['error'] = false; if (empty($fc_def['required'])) $form[$fc_name]['required'] = false; if (empty($fc_def['label'])) $form[$fc_name]['label'] = ''; switch ($fc_def['type']) { case 'text': $form[$fc_name]['ctl_value'] = !empty($fc_def['value']) ? $fc_def['value'] : ''; break; case 'textarea': $form[$fc_name]['ctl_value'] = !empty($fc_def['value']) ? $fc_def['value'] : ''; if (empty($fc_def['cols']) || empty($fc_def['rows'])) { error_log('Missing "cols" or "rows" on "' . $fc_name . '" textarea control in ' . COMPANY_NAME . ' contact form ' . print_r($form, true), 1, ERROR_EMAIL); exit('Missing "cols" or "rows" on "' . $fc_name . '" textarea control. FATAL ERROR--form processing terminated.'); } break; case 'hidden': $form[$fc_name]['ctl_value'] = !empty($fc_def['value']) ? $fc_def['value'] : ''; break; case 'select': if (empty($fc_def['options'])) { error_log('Missing "options" on "' . $fc_name . '" select control in ' . COMPANY_NAME . ' contact form ' . print_r($form, true), 1, ERROR_EMAIL); exit('Missing "options" on "' . $fc_name . '" select control. FATAL ERROR--form processing terminated.'); } if (!empty($fc_def['parm']) && !is_array($fc_def['parm'])) { error_log('"parm" on ' . $fc_name . '" select control not an array in ' . COMPANY_NAME . ' contact form ' . print_r($form, true), 1, ERROR_EMAIL); exit('"parm" on ' . $fc_name . '" select control not an array. FATAL ERROR--form processing terminated.'); } $fc_value = !empty($fc_def['value']) ? $fc_def['value'] : ''; if (!array_key_exists($fc_value, $fc_def['options'])) { $option_keys = array_keys($fc_def['options']); $fc_value = $option_keys[0]; } $form[$fc_name]['ctl_value'] = $fc_value; break; case 'radio': if (empty($fc_def['options'])) { error_log('Missing "options" on "' . $fc_name . '" radio control in ' . COMPANY_NAME . ' contact form ' . print_r($form, true), 1, ERROR_EMAIL); exit('Missing "options" on "' . $fc_name . '" radio control. FATAL ERROR--form processing terminated.'); } if (!empty($fc_def['parm']) && !is_array($fc_def['parm'])) { error_log('"parm" on ' . $fc_name . '" radio control not an array in ' . COMPANY_NAME . ' contact form ' . print_r($form, true), 1, ERROR_EMAIL); exit('"parm" on ' . $fc_name . '" radio control not an array. FATAL ERROR--form processing terminated.'); } $fc_value = !empty($fc_def['value']) ? $fc_def['value'] : ''; if (!array_key_exists($fc_value, $fc_def['options'])) { $option_keys = array_keys($fc_def['options']); $fc_value = $option_keys[0]; } $form[$fc_name]['ctl_value'] = $fc_value; break; case 'checkbox': $form[$fc_name]['ctl_value'] = !empty($fc_def['value']) ? 'on' : ''; break; default: error_log('Unknown form control type on "' . $fc_name . '" in contact form for ' . COMPANY_NAME . print_r($form, true), 1, ERROR_EMAIL); exit('Unknown form entry type on "' . $fc_name . '". FATAL ERROR--form processing terminated.'); } } // end foreach $form // Get the email address of who you are trying to contact. If you use this, // be sure the set the email recipient in $email->SetRecipient() below. $contact = isset($_GET['contact']) ? $_GET['contact'] : CONTACT_EMAIL; $contact = isset($_POST['contact']) ? $_POST['contact'] : $contact; // Change these to reflect the specifics of your website. switch($contact) { case 'cat': $subject_line = 'Catriona'; $contact_email = 'catriona@synotac.com'; break; case 'cam': $subject_line = 'Cameron'; $contact_email = 'cameron@synotac.com'; break; case 'bill': $subject_line = 'Bill'; $contact_email = 'bill@synotac.com'; break; default: $subject_line = 'Synotac'; $contact_email = CONTACT_EMAIL; break; } $error = ''; $action = !empty($_POST['action']) ? $_POST['action'] : 'show'; // check for formbot attacks if ($action == 'process') { $start_time = !empty($_POST['time']) ? (int)$_POST['time'] : 0; $elapsed_time = time() - $start_time; if (!$start_time || ($elapsed_time < TIME_HUMAN)) { $attack_reason = 'time'; } elseif (!array_key_exists('country', $_POST) || $_POST['country']) { $attack_reason = 'country'; } else { $attack_reason = ''; } if ($attack_reason) { error_log('Formbot attack (' . $attack_reason . ') on ' . COMPANY_NAME . print_r($_POST, true), 1, ERROR_EMAIL); $error = 'An error occurred processing your entry. Please try again.'; $_POST = array(); $action = 'show'; } } // end checking for attack // probably human generated form so process if ($action == 'process') { unset($_POST['action']); unset($_POST['time']); unset($_POST['country']); unset($_POST['submit']); $error = ''; // Clean each post variable $post_vars = array(); foreach ($_POST as $post_name => $post_value) { // get rid of slashes if magic quotes on if (get_magic_quotes_gpc()) $post_value = stripslashes($post_value); $post_value = trim($post_value); $post_vars[$post_name] = $post_value; } // end processing POSTed values $attack_reason = ''; // Process POSTed values in form foreach ($form as $fc_name => $fc_def) { // use isset() in following rather than !empty() because empty values // are valid and include things like '0' (string with zero in it) $post_value = isset($post_vars[$fc_name]) ? $post_vars[$fc_name] : ''; if ($fc_def['required'] && (empty($post_value) || !preg_match('/\S/', $post_value))) { $error .= $fc_def['label'] . ' is blank; please fill in and resubmit
'; $form[$fc_name]['error'] = true; $action = 'show'; } // end checking required data // take only characters ahead of first \n in non-textarea fields if ($form[$fc_name]['type'] != 'textarea') { $tmp = explode("\n", $post_value); $post_value = $tmp[0]; } switch ($fc_def['type']) { case 'text': case 'textarea': if (!empty($post_value)) $form[$fc_name]['ctl_value'] = $post_value; break; case 'hidden': if ($post_value != $fc_def['ctl_value']) { $attack_reason = 'hidden control'; } break; case 'radio': case 'select': if (!array_key_exists($post_value, $fc_def['options'])) { $attack_reason = 'select control'; } else { $form[$fc_name]['ctl_value'] = $post_value; } break; case 'checkbox': $form[$fc_name]['ctl_value'] = $post_value ? 'on' : ''; } // end processing form control type } // end foreach $form if ($attack_reason) { exit($attack_reason); error_log('Formbot attack (' . $attack_reason . ') on ' . COMPANY_NAME . print_r($_POST, true), 1, ERROR_EMAIL); $error = 'An error occurred processing your entry. Please try again.'; $_POST = array(); $action = 'show'; } } // end validating form data // Valid form data. Format and send email. if ($action == 'process') { // Build email content $html = << HTML_HEAD; $html .= COMPANY_NAME . ' website information request

' . "\n"; $text = COMPANY_NAME . ' website information request' . "\n" . "\n"; $html .= '' . "\n"; //$html .= '' . "\n"; foreach ($form as $fc_def) { $html .= ''; $text .= $fc_def['label'] . ': '; $value = $fc_def['ctl_value']; switch ($fc_def['type']) { case 'text': case 'hidden': $value = htmlspecialchars($value); $html .= '' . "\n"; $text .= $value . "\n"; break; case 'textarea': // indent textarea type fields $value = htmlspecialchars($value); $html .= '' . "\n"; $text .= $value . "\n"; break; case 'radio': case 'select': $value = htmlspecialchars($value); $html .= '' . "\n"; $text .= $fc_def['options'][$value] . "\n"; break; case 'checkbox': $value = $value == 'on' ? 'Yes' : 'No'; $html .= '' . "\n"; $text .= $value . "\n"; break; } // end processing form control type } // end generating form control responses $html .= '
Elapsed time: ' . $elapsed_time . '
' . $fc_def['label'] . ': ' . $value . '
' . nl2br($value) . '
' . $fc_def['options'][$value] . '
' . $value . '

' . "\n"; $html .= 'Submitted: ' . date('m-d-y, g:i a', time()) . ' Pacific'; $text .= 'Submitted: ' . date('m-d-y, g:i a', time()) . ' Pacific'; $html .= ''; $html .= ''; $email =& new Email; $email->SetMailer(COMPANY_NAME . ' mail program'); // this is optional but helpful $email->SetRecipient(CONTACT_EMAIL); $email->SetBlindCopy(CONTACT_BCC); // Set this to be a valid email address if cannot be set from form $from = '"' . $form['email']['ctl_value'] . '" <' . $form['email']['ctl_value'] . '>'; $email->SetFrom($from); // Set this to be a valid subject if cannot be set from form $email->SetSubject(COMPANY_NAME . ' contact mail from ' . $form['email']['ctl_value']); $email->SetHtml($html); $email->SetText($text); // mail form contents if ($email->SendMail()) { $action = 'thanks'; } else { $error = 'failed trying to send to us'; $action = 'show'; } // LOG THIS CONTACT IN THE DATABASE if (DB_EMAIL_LOGGING) { $link = mysql_connect('localhost', DB_USERNAME, DB_PASSWORD); if ($link) { mysql_select_db(DB_NAME); $table_name = DB_TABLE_NAME; // the name of the table we are entering the contacts into // Add the table if it does not exist $add_table_sql = 'CREATE TABLE IF NOT EXISTS ' . $table_name . ' ( `' . $table_name . '_id` int(11) NOT NULL auto_increment, `date` datetime NOT NULL default "0000-00-00 00:00:00", PRIMARY KEY (`contact_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=6 ;'; $query = mysql_query($add_table_sql); $columns = array(); $show_sql = 'SHOW columns FROM ' . $table_name; $query = mysql_query($show_sql); while ($result = mysql_fetch_array($query)) { $columns[$result[0]] = 'true'; } $insert_sql = 'INSERT INTO ' . $table_name . ' SET date = NOW()'; // reset the post array so that we can add this to the database reset($_POST); //print_r($form); while (list($field_name, $field_value) = each($_POST)) { if (empty($columns[$field_name])) { // add the field if it is not already in the database $row_type = ($form[$field_name]['type'] == 'textarea') ? ' TEXT' : ' VARCHAR(255)'; $add_sql = 'ALTER TABLE ' . $table_name . ' ADD ' . $field_name . $row_type . ' NOT NULL'; $query = mysql_query($add_sql); } $insert_sql .= ', ' . $field_name . ' = "' . $field_value . '"'; } $query = mysql_query($insert_sql); } } // END LOGGING CONTACT IN THE DATABASE } // end sending email // Display either form page or "thanks" page (action is "show" or "thanks") ?> ' . PAGE_TITLE . '' . "\n"; // Display contact form if ($action == 'show') { // Display any errors or the required fields message if ($error) { echo '

' . $error . '

' . "\n"; } echo '

Required fields are marked with *

' . "\n"; // The form is formatted to be two columns in a table. If you want a different layout, you will need to format the PHP below ?>
$fc_def) { // Show required mark if required field $req_mark = !empty($fc_def['required']) ? ' *' : ''; $parm = !empty($fc_def['parm']) ? ' ' . $fc_def['parm'] : ''; // This is the special text to describe the form section. Please format as you see fit. if (!empty($fc_def['text'])) echo ''; echo '' . "\n"; echo ' ' . "\n"; if ($tabindex_cnt) { $tabindex_cnt++; $tabindex = ' tabindex="' . $tabindex_cnt . '"'; } else { if (!empty($fc_def['error'])) { $tabindex_cnt = 1; $tabindex = ' tabindex="' . $tabindex_cnt . '"'; } } $value = $fc_def['ctl_value']; // build form controls switch ($fc_def['type']) { case 'hidden': $parm = !empty($fc_def['parm']) ? ' ' . $parm : ''; $value = htmlspecialchars($value); echo ' ' . "\n"; break; case 'text': $parm = !empty($fc_def['parm']) ? ' ' . $parm : ''; $value = htmlspecialchars($value); $size = !empty($fc_def['size']) ? ' size="' . $fc_def['size'] . '"' : ''; $maxlength = !empty($fc_def['maxlength']) ? ' maxlength="' . $fc_def['maxlength'] . '"' : ''; echo ' ' . "\n"; break; case 'textarea': $parm = !empty($fc_def['parm']) ? ' ' . $parm : ''; $value = htmlspecialchars($value); echo ' ' . "\n"; break; case 'select': echo ' ' . "\n"; break; case 'radio': echo ' ' . "\n"; break; case 'checkbox': $parm = !empty($fc_def['parm']) ? ' ' . $parm : ''; $checked = $value == 'on' ? ' checked="checked"' : ''; echo ' ' . "\n"; break; } // end switch echo '' . "\n"; } // end generating form controls ?>
' . $fc_def['text'] . '
' . htmlspecialchars($fc_def['label']) . $req_mark . '' . "\n"; echo ' ' . "\n"; foreach ($fc_def['options'] as $opt_name => $opt_label) { $opt_parm = !empty($parm) && !empty($parm[$opt_name]) ? ' ' . $parm[$opt_name] : ''; $checked = ($value == $opt_name) ? ' checked="checked"' : ''; echo ' ' . $opt_label . "\n"; } echo '
 

Return to page