[ create a new paste ] login | about

Link: http://codepad.org/M5WDvkAo    [ raw code | fork ]

PHP, pasted on Aug 17: 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115

<?php
    ini_set('display_errors', 1);
    error_reporting(E_ALL);
?>
<?php
    session_start();

    function generateFormToken($form)
    {
 
        $token = md5(uniqid(microtime(), true)); 
        $_SESSION[$form.'_token'] = $token;
        return $token;
    }
 
    function verifyFormToken($form)
    {
 
        if (!isset($_SESSION[$form.'_token']))
        {
            return false;
        }
 
        if (!isset($_POST['token']))
        {
            return false;
        }
 
        if ($_SESSION[$form.'_token'] !== $_POST['token'])
        {
            return false;
        }
 
        return true;
    }
 
    function checkWhitelist ($list)
    {
        foreach ($_POST as $key => $item)
        {
            if (!in_array($key, $list))
            {
                return false;
            }
        }
 
        return true;
    }
     
    $whitelist = array('name', 'email', 'message', 'send', 'control', 'token');
     
    if(isset($_POST['name']) && verifyFormToken('contact_form') && checkWhitelist($whitelist) && $_POST['control'] == 997 && !isset($_POST['check']))
    {
        $mail_entete = "MIME-Version: 1.0\r\n";
        $mail_entete .= "From: {$_POST['name']}"."<{$_POST['email']}>\r\n";
        $mail_entete .= 'Reply-To: '.$_POST['email']."\r\n";
        $mail_entete .= 'Content-Type: text/plain; charset="iso-8859-1"';
        $mail_entete .= "\r\nContent-Transfer-Encoding: 8bit\r\n";
        $mail_entete .= 'X-Mailer:PHP/' . phpversion()."\r\n";
        $to      = 'you@domain.com';            //CHANGE THIS !!
        $subject = 'Contact form';
        $textmessage = $_POST['message']."\n";

        mail($to, $subject, $textmessage, $mail_entete);
    }    
         
    $token = generateFormToken('contact_form');
?>


<!DOCTYPE html>
<html lang="en">

<head>
	<script src="js/jquery-1.11.1.min.js"></script>
	<script type="text/javascript">
            $(function(){
                $('#email').bind('focus', function(){
                    $("#control").val('997');
                });
            });
    </script>
</head>

<body>
	<div class="modal fade" id="modal1" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
		<div class="modal-dialog">
			<div class="modal-content modal-popup">
				<a href="#" class="close-link"><i class="icon_close_alt2"></i></a>
				<h3 class="white">Contact Form</h3>
				<form action="" method="post" name="contact_form" class="popup-form">
					<input type="text" id="name" name="name" class="form-control form-white" placeholder="Name">
					<input type="email" id="email" name="email" class="form-control form-white" placeholder="Email">
					<textarea id="message" name="message" class="form-control form-white" rows="4" placeholder="Message"></textarea>
					<div class="checkbox-holder text-left">
						<div class="checkbox">
							<input type="checkbox" value="None" id="squaredOne" name="check" />
							<label for="squaredOne"><span>I'm a robot</strong></span></label>
						</div>
					</div>
					<input type="hidden" name="control" id="control" value="0" />
                    <input type="hidden" name="token" value="<?php echo $token; ?>" />
					<button type="submit" id="send" name="send" class="btn btn-submit">Send</button>
				</form>
			</div>
		</div>
	</div>
	<script src="js/owl.carousel.min.js"></script>
	<script src="js/bootstrap.min.js"></script>
	<script src="js/wow.min.js"></script>
	<script src="js/typewriter.js"></script>
	<script src="js/jquery.onepagenav.js"></script>
	<script src="js/main.js"></script>
</body>
</html>


Create a new paste based on this one


Comments: