PageRenderTime 68ms CodeModel.GetById 21ms RepoModel.GetById 0ms app.codeStats 3ms

/formprocessor.php

https://bitbucket.org/dmptool/dmp2brochure
PHP | 13406 lines | 9591 code | 698 blank | 3117 comment | 673 complexity | 617c934ab1b7e9aacfa1aee055a0dfbb MD5 | raw file

Large files files are truncated, but you can click here to view the full file

  1. <?php
  2. $FM_VERS = "8.36"; // script version
  3. /* ex:set ts=4 sw=4 et:
  4. * FormMail PHP script from Tectite.com. This script requires PHP 4 or later.
  5. * Copyright (c) 2001-2012 Root Software and Open Concepts (Vic) Pty Ltd
  6. * (ABN 12 130 429 248), Melbourne, Australia.
  7. * This script is free for all use as described in the "Copying and Use" and
  8. * "Warranty and Disclaimer" sections below.
  9. *
  10. * Visit us at http://www.tectite.com/ for updates and more information.
  11. *
  12. *** If you use Tectite FormMail, please support its development and other
  13. *** freeware products by putting the following link on your website:
  14. *** Visit www.tectite.com for free <a href="http://www.tectite.com/">FormMail</a>.
  15. *
  16. * Author: Russell Robinson, 2nd October 2001
  17. *
  18. * Read This First
  19. * ~~~~~~~~~~~~~~~
  20. * This script is very well documented and quite large! It looks daunting,
  21. * but really isn't.
  22. * If you have experience with PHP or other scripting languages,
  23. * here's what you *need* to read:
  24. * - Configuration (TARGET_EMAIL & DEF_ALERT)
  25. * - Creating Forms
  26. * That's it! (Alternatively, just read the Quick Start and/or
  27. * Quicker Start section below).
  28. * Full configuration documentation is here:
  29. * http://www.tectite.com/fmdoc/index.php
  30. *
  31. * NOTE: do not read or modify this script or any PHP script
  32. * with DreamWeaver or FrontPage!
  33. * Many versions of those programs silently corrupt PHP scripts.
  34. *
  35. * Purpose:
  36. * ~~~~~~~~
  37. * To accept information from an HTML form via HTTP and mail it to recipients.
  38. *
  39. * What does this PHP script do?
  40. * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  41. * On your web site, you may have one or more HTML forms that accept
  42. * information from people visiting your website. Your aim is for your
  43. * website to email that information to you and/or add it to a database.
  44. * FormMail performs those functions.
  45. *
  46. * Quick Start
  47. * ~~~~~~~~~~~
  48. * 1. Edit this file and set TARGET_EMAIL for your requirements (near
  49. * line 256 in this file - replace "yourhost\.com" with your mail server's
  50. * name). We also strongly recommend you set DEF_ALERT (the next
  51. * configuration below TARGET_EMAIL).
  52. * 2. Install this file as formmail.php (or other name ending in .php)
  53. * on your web server.
  54. * Test alerts by using your browser to open a URL to the script:
  55. * http://www.yourhost.com/formmail.php?testalert=1
  56. * Alerts are the only way FormMail can tell you the details of
  57. * errors or faults.
  58. * 3. Create an HTML form and:
  59. * - specify a hidden field called "recipients" with the email address
  60. * of the person to receive the form's results.
  61. * - in the your form tag set the action attribute to
  62. * the formmail.php you uploaded to your web server
  63. *
  64. * Once you have FormMail working, you may be interested in some advanced
  65. * usage and features. We have HOW-TO guides at www.tectite.com which
  66. * describe many of the advanced processing you can do with FormMail.
  67. * http://www.tectite.com/fmhowto/guides.php
  68. *
  69. * Quicker Start
  70. * ~~~~~~~~~~~~~
  71. * Use the FormMail Configuration Wizard here:
  72. * http://www.tectite.com/wizards/fmconf.php
  73. * By answering a few questions you'll get a configured FormMail and
  74. * a sample HTML form ready to upload and use on your server.
  75. *
  76. * Features
  77. * ~~~~~~~~
  78. * For a list of features go to: http://www.tectite.com/formmailpage.php
  79. *
  80. * Security
  81. * ~~~~~~~~
  82. * Security is the primary concern in accepting data from your website
  83. * visitors.
  84. * Tectite FormMail has several security features designed into it. Note,
  85. * however, it requires configuration for your particular web site.
  86. *
  87. * Configuration
  88. * ~~~~~~~~~~~~~
  89. * To configure this script, go to the section titled "CONFIGURATION"
  90. * (after reading the legal stuff below).
  91. *
  92. * There is only one mandatory setting: TARGET_EMAIL
  93. * and one strongly recommended setting: DEF_ALERT
  94. *
  95. * Full configuration information is available here:
  96. * http://www.tectite.com/fmdoc/index.php
  97. *
  98. * Creating Forms
  99. * ~~~~~~~~~~~~~~
  100. * Go to this URL to learn how to write HTML forms for use with
  101. * Tectite FormMail: http://www.tectite.com/fmdoc/creating_forms.php
  102. *
  103. * Copying and Use (Software License)
  104. * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  105. * Tectite FormMail is provided free of charge and may be freely distributed
  106. * and used provided that you:
  107. * 1. keep this header, including copyright and comments,
  108. * in place and unmodified; and,
  109. * 2. do not charge a fee for distributing it, without an agreement
  110. * in writing with Root Software allowing you to do so; and,
  111. * 3. if you modify FormMail before distributing it, you clearly
  112. * identify:
  113. * a) who you are
  114. * b) how to contact you
  115. * c) what changes you have made
  116. * d) why you have made those changes.
  117. *
  118. * By using any of our products, including this script, you are
  119. * agreeing to our standard Terms and Conditions, available here:
  120. * http://www.tectite.com/TermsAndConditions.pdf
  121. *
  122. * This is free software and the Software License shown above
  123. * is to be read in conjunction with our standard Terms and Conditions.
  124. *
  125. * Warranty and Disclaimer
  126. * ~~~~~~~~~~~~~~~~~~~~~~~
  127. * Tectite FormMail is provided free-of-charge and with ABSOLUTELY NO WARRANTY.
  128. * It has not been verified for use in critical applications, including,
  129. * but not limited to, medicine, defense, aircraft, space exploration,
  130. * or any other potentially dangerous activity.
  131. *
  132. * By using Tectite FormMail you agree to indemnify Root Software and
  133. * Open Concepts (Vic) Pty Ltd, their agents, employees, directors and
  134. * associated companies and businesses from any liability whatsoever.
  135. *
  136. * We still care
  137. * ~~~~~~~~~~~~~
  138. * If you find a bug or fault in FormMail, please report it to us.
  139. * We will respond to your report and make endeavours to rectify any
  140. * faults you've detected as soon as possible.
  141. *
  142. * To contact us please register on our forums at:
  143. * http://www.tectite.com/vbforums/
  144. * or view our contact information:
  145. * http://www.tectite.com/contacts.php
  146. *
  147. * Version History
  148. * ~~~~~~~~~~~~~~~
  149. * Near the top of this file, you'll find its version. The version
  150. * line looks like this:
  151. * $FM_VERS = "N.MM"; /* script version ...
  152. *
  153. * The version history used to be located within this file. However,
  154. * starting with Version 8.00 we've moved it...
  155. *
  156. * You can read the complete version history of FormMail on our
  157. * main website here:
  158. * http://www.tectite.com/fmdoc/version_history.php
  159. */
  160. FMDebug('Submission to: '.(isset($_SERVER['PHP_SELF']) ? $_SERVER['PHP_SELF'] : '').' from: '.(isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''));
  161. if (isset($_SERVER['REQUEST_METHOD']) && strtoupper($_SERVER['REQUEST_METHOD']) === 'OPTIONS')
  162. {
  163. FMDebug('CORS OPTIONS request');
  164. CORS_Response();
  165. exit;
  166. }
  167. //
  168. // Capture the current date and time, for various purposes.
  169. //
  170. $lNow = time();
  171. ini_set('track_errors',1); // enable $php_errormsg
  172. $aAlertInfo = array();
  173. $aPHPVERSION = array();
  174. $sLangID = ""; // the language ID
  175. $aMessages = array(); // all FormMail messages in the appropriate
  176. // language
  177. $bUseOldVars = IsOldVersion($aPHPVERSION);
  178. if (!IsPHPAtLeast("5.3.0"))
  179. //
  180. // disable this silly setting (usually not enabled)
  181. // it's also deprecated from PHP version 5.3.0
  182. //
  183. set_magic_quotes_runtime(0);
  184. //
  185. // seed the random number generate if not version 4.2.0 or later
  186. //
  187. if (!IsPHPAtLeast("4.2.0"))
  188. mt_srand(time());
  189. //
  190. // we set references to the appropriate arrays to handle PHP version differences
  191. // Session vars are selected after we start the session.
  192. //
  193. if ($bUseOldVars)
  194. {
  195. $aServerVars = &$HTTP_SERVER_VARS;
  196. $aGetVars = &$HTTP_GET_VARS;
  197. $aFormVars = &$HTTP_POST_VARS;
  198. $aFileVars = &$HTTP_POST_FILES;
  199. $aEnvVars = &$HTTP_ENV_VARS;
  200. }
  201. else
  202. {
  203. $aServerVars = &$_SERVER;
  204. $aGetVars = &$_GET;
  205. $aFormVars = &$_POST;
  206. $aFileVars = &$_FILES;
  207. $aEnvVars = &$_ENV;
  208. }
  209. $bIsGetMethod = false;
  210. $bHasGetData = false;
  211. if (!isset($REAL_DOCUMENT_ROOT))
  212. SetRealDocumentRoot();
  213. if (isset($aServerVars['SERVER_PORT']))
  214. $SCHEME = ($aServerVars['SERVER_PORT'] == 80) ? "http://" : "https://";
  215. else
  216. $SCHEME = "";
  217. if (isset($aServerVars['SERVER_NAME']) && $aServerVars['SERVER_NAME'] !== "")
  218. $SERVER = $aServerVars['SERVER_NAME'];
  219. elseif (isset($aServerVars['SERVER_ADDR']) && $aServerVars['SERVER_ADDR'] !== "")
  220. $SERVER = $aServerVars['SERVER_ADDR'];
  221. else
  222. $SERVER = "";
  223. /*
  224. * Load an optional include file before the configuration.
  225. * You can use this to set variables that can be used in the
  226. * configuration section.
  227. */
  228. @include("formmail-preconfig.inc.php");
  229. /*****************************************************************************/
  230. /* CONFIGURATION (do not alter this line in any way!!!) */
  231. /*****************************************************************************
  232. * This is the *only* place where you need to modify things to use formmail.php
  233. * on your particular system. This section finishes at "END OF CONFIGURATION".
  234. * Help for all settings can be found on our website:
  235. * http://www.tectite.com/fmdoc/index.php
  236. *
  237. * Also, above each setting is a direct URL to the help information for the
  238. * setting.
  239. *****************************************************************************/
  240. /* Help: http://www.tectite.com/fmdoc/email_name.php */
  241. define("EMAIL_NAME","^[-a-z0-9.]+"); // the '^' is an important security feature!
  242. /* Help: http://www.tectite.com/fmdoc/target_email.php */
  243. $TARGET_EMAIL = array("^uc3@ucop\.edu$");
  244. // $TARGET_EMAIL = array("^joel\.hagedorn@ucop\.edu$");
  245. /* Help: http://www.tectite.com/fmdoc/def_alert.php */
  246. define("DEF_ALERT","joel.hagedorn@ucop.edu");
  247. /* Help: http://www.tectite.com/fmdoc/site_domain.php */
  248. $SITE_DOMAIN = ""; // your website domain name
  249. /* Help: http://www.tectite.com/fmdoc/set_real_document_root.php */
  250. $SET_REAL_DOCUMENT_ROOT = ""; // overrides the value set by SetRealDocumentRoot function
  251. //
  252. // override $REAL_DOCUMENT_ROOT from the $SET_REAL_DOCUMENT_ROOT value (if any)
  253. // Do not alter the following code (next 3 lines)!
  254. //
  255. if (isset($SET_REAL_DOCUMENT_ROOT) && $SET_REAL_DOCUMENT_ROOT !== "")
  256. $REAL_DOCUMENT_ROOT = $SET_REAL_DOCUMENT_ROOT;
  257. /* Help: http://www.tectite.com/fmdoc/config_check.php */
  258. $CONFIG_CHECK = array("TARGET_EMAIL");
  259. /* Help: http://www.tectite.com/fmdoc/at_mangle.php */
  260. define("AT_MANGLE","ATT");
  261. /* Help: http://www.tectite.com/fmdoc/target_urls.php */
  262. $TARGET_URLS = array(); // default; no URLs allowed
  263. /* Help: http://www.tectite.com/fmdoc/head_crlf.php */
  264. define("HEAD_CRLF","\r\n");
  265. /* Help: http://www.tectite.com/fmdoc/body_lf.php */
  266. define("BODY_LF","\r\n"); // the new default: use this for CR+LF
  267. //define("BODY_LF","\n"); // the old default: just LF
  268. /* Help: http://www.tectite.com/fmdoc/from_user.php */
  269. $FROM_USER = ""; // the default - setting not used
  270. /* Help: http://www.tectite.com/fmdoc/sendmail_f_option.php */
  271. define("SENDMAIL_F_OPTION",false);
  272. define("SENDMAIL_F_OPTION_LINE",__LINE__-1); // don't modify this line!
  273. /* Help: http://www.tectite.com/fmdoc/fixed_sender.php */
  274. $FIXED_SENDER = "";
  275. /* Help: http://www.tectite.com/fmdoc/set_sender_from_email.php */
  276. define("SET_SENDER_FROM_EMAIL",false);
  277. /* Help: http://www.tectite.com/fmdoc/ini_set_from.php */
  278. define("INI_SET_FROM",false);
  279. /* Help: http://www.tectite.com/fmdoc/logdir.php */
  280. $LOGDIR = ""; // directory for log files; empty string to
  281. // disallow log files
  282. /* Help: http://www.tectite.com/fmdoc/autorespondlog.php */
  283. $AUTORESPONDLOG = ""; // file name in $LOGDIR for the auto responder
  284. // log; empty string for no auto responder log
  285. /* Help: http://www.tectite.com/fmdoc/csv_file_settings.php */
  286. $CSVDIR = ""; // directory for csv files; empty string to
  287. // disallow csv files
  288. $CSVSEP = ","; // comma separator between fields (columns)
  289. $CSVINTSEP = ";"; // semicolon is the separator for fields (columns)
  290. // with multiple values (checkboxes, etc.)
  291. $CSVQUOTE = '"'; // all fields in the CSV are quoted with this character;
  292. // default is double quote. You can change it to
  293. // single quote or leave it empty for no quotes.
  294. //$CSVQUOTE = "'"; // use this if you want single quotes
  295. $CSVOPEN = ""; // set to "b" to force line terminations to be
  296. // kept as $CSVLINE setting below, regardless of
  297. // operating system. Keep as empty string and
  298. // leave $CSVLINE unchanged, to get text file
  299. // terminations for your server's operating system.
  300. // (Line feed on UNIX, carriage-return line feed on Windows).
  301. $CSVLINE = "\n"; // line termination for CSV files. The default is
  302. // a single line feed, which may be modified for your
  303. // server's operating system. If you want to change
  304. // this value, you *must* set $CSVOPEN = "b".
  305. /* Help: http://www.tectite.com/fmdoc/templatedir.php */
  306. $TEMPLATEDIR = ""; // directory for template files; empty string
  307. // if you don't have any templates
  308. /* Help: http://www.tectite.com/fmdoc/templateurl.php */
  309. $TEMPLATEURL = ""; // default; no template URL
  310. /* Help: http://www.tectite.com/fmdoc/multiformdir.php */
  311. $MULTIFORMDIR = ""; // directory for multi-form template files; empty string
  312. // if you're not using multi-forms
  313. /* Help: http://www.tectite.com/fmdoc/multiformurl.php */
  314. $MULTIFORMURL = ""; // default; no multi-forms templates URL
  315. /* Help: http://www.tectite.com/fmdoc/text_subs.php */
  316. $TEXT_SUBS = array(
  317. array("srch"=>"/\\\\r\\\\n/","repl"=>"\r\n",),
  318. array("srch"=>"/\\\\n/","repl"=>"\n",),
  319. array("srch"=>"/\\\\t/","repl"=>"\t",),
  320. array("srch"=>"/\\[NL\\]/","repl"=>"\n",),
  321. array("srch"=>"/\\[TAB\\]/","repl"=>"\t",),
  322. array("srch"=>"/\\[NBSP\\]/","repl"=>"&nbsp;",),
  323. array("srch"=>"/\\[DQUOT\\]/","repl"=>'"',),
  324. array("srch"=>"/\\[SQUOT\\]/","repl"=>"'",),
  325. array("srch"=>"/\\[COLON\\]/","repl"=>":",),
  326. array("srch"=>"/\\[SLOSH\\]/","repl"=>"\\",),
  327. array("srch"=>"/\\[OPCURL\\]/","repl"=>"{",),
  328. array("srch"=>"/\\[CLCURL\\]/","repl"=>"}",),
  329. array("srch"=>"/(on[a-z]*|href|src)\\s*=\\s*/i","repl"=>""),/* strip html attributes that could be unsafe */
  330. array("srch"=>"/<\\s*(table|tr|td|th|p|ul|ol|li|b|i|u|strong|pre|h[1-6]|em|dl|dd|dt|hr|span|br)(\\b[^>]*?)>/i","repl"=>"<\$1\$2>",),
  331. array("srch"=>"#<\\s*/\\s*(table|tr|td|th|p|ul|ol|li|b|i|u|strong|pre|h[1-6]|em|dl|dd|dt|hr|span|br)\\s*>#i","repl"=>"</\$1>",),
  332. );
  333. /* Help: http://www.tectite.com/fmdoc/authentication_settings.php */
  334. $AUTHENTICATE = "";
  335. //$AUTHENTICATE = "Basic cnVzc2VsbHI6dGVzdA=="; // example
  336. $AUTH_USER = "";
  337. $AUTH_PW = "";
  338. /* Help: http://www.tectite.com/fmdoc/form_ini_file.php */
  339. $FORM_INI_FILE = "";
  340. /* Help: http://www.tectite.com/fmdoc/moduledir.php */
  341. $MODULEDIR = ".";
  342. /* Help: http://www.tectite.com/fmdoc/fmcompute.php */
  343. $FMCOMPUTE = "fmcompute.php";
  344. /* Help: http://www.tectite.com/fmdoc/fmgeoip.php */
  345. $FMGEOIP = "fmgeoip.php";
  346. /* Help: http://www.tectite.com/fmdoc/advanced_templates.php */
  347. define("ADVANCED_TEMPLATES",false); // set to true for advanced templates
  348. /* Help: http://www.tectite.com/fmdoc/limited_import.php */
  349. define("LIMITED_IMPORT",true); // set to true if your database cannot
  350. // handle escaped quotes or newlines within
  351. // imported data. Microsoft Access is one
  352. // example.
  353. /* Help: http://www.tectite.com/fmdoc/valid_env.php */
  354. $VALID_ENV = array('HTTP_REFERER','REMOTE_HOST','REMOTE_ADDR','REMOTE_USER',
  355. 'HTTP_USER_AGENT');
  356. /* Help: http://www.tectite.com/fmdoc/fileuploads.php */
  357. define("FILEUPLOADS",false); // set to true to allow file attachments
  358. /* Help: http://www.tectite.com/fmdoc/max_file_upload_size.php */
  359. define("MAX_FILE_UPLOAD_SIZE",0); // default of 0 means that other software
  360. // controls the maximum file upload size
  361. // (FormMail doesn't test the file size)
  362. /* Help: http://www.tectite.com/fmdoc/file_repository.php */
  363. $FILE_REPOSITORY = "";
  364. /* Help: http://www.tectite.com/fmdoc/file_mode.php */
  365. define("FILE_MODE",0664); // always precede with 0 to specify octal!
  366. /* Help: http://www.tectite.com/fmdoc/file_overwrite.php */
  367. define("FILE_OVERWRITE",true);
  368. /* Help: http://www.tectite.com/fmdoc/next_num_file.php */
  369. $NEXT_NUM_FILE = "";
  370. /* Help: http://www.tectite.com/fmdoc/put_data_in_url.php */
  371. define("PUT_DATA_IN_URL",true); // set to true to place data in the URL
  372. // for bad_url redirects
  373. /* Help: http://www.tectite.com/fmdoc/allow_get_method.php */
  374. $ALLOW_GET_METHOD = false;
  375. /* Help: http://www.tectite.com/fmdoc/db_see_input.php */
  376. define("DB_SEE_INPUT",false); // set to true to just see the input values
  377. /* Help: http://www.tectite.com/fmdoc/db_see_ini.php */
  378. define("DB_SEE_INI",false); // set to true to just see the ini file
  379. /* Help: http://www.tectite.com/fmdoc/maxstring.php */
  380. define("MAXSTRING",1024); // maximum string length for a value
  381. /* Help: http://www.tectite.com/fmdoc/require_captcha.php */
  382. $REQUIRE_CAPTCHA = ""; // set to a message string if your forms
  383. // must provide a CAPTCHA string
  384. /* Help: http://www.tectite.com/fmdoc/recaptcha_private_key.php */
  385. $RECAPTCHA_PRIVATE_KEY = "";
  386. /* Help: http://www.tectite.com/fmdoc/bshowmesgnumbers.php */
  387. $bShowMesgNumbers = false;
  388. /* Help: http://www.tectite.com/fmdoc/filters.php */
  389. /* Note for Tectite personnel: the upgrade Wizard will merge new values
  390. * but be careful of $var usage and quoting in new entries.
  391. */
  392. $FILTERS = array("encode"=>"$REAL_DOCUMENT_ROOT/cgi-bin/fmencoder -kpubkey.txt",
  393. "null"=>"null",
  394. "csv"=>"csv");
  395. /* Help: http://www.tectite.com/fmdoc/socket_filters.php */
  396. $SOCKET_FILTERS = array(
  397. "httpencode"=>array("site"=>"YourSiteHere",
  398. "port"=>80,
  399. "path"=>"/cgi-bin/fmencoder",
  400. "params"=>array(array("name"=>"key",
  401. "file"=>"$REAL_DOCUMENT_ROOT/cgi-bin/pubkey.txt"))),
  402. "sslencode"=>array("site"=>"ssl://YourSecureSiteHere",
  403. "port"=>443,
  404. "path"=>"/cgi-bin/fmencoder",
  405. "params"=>array(array("name"=>"key",
  406. "file"=>"$REAL_DOCUMENT_ROOT/cgi-bin/pubkey.txt"))),
  407. );
  408. /* Help: http://www.tectite.com/fmdoc/filter_attribs.php */
  409. $FILTER_ATTRIBS = array("encode"=>"Strips,MIME=application/vnd.fmencoded,Encrypts",
  410. "httpencode"=>"Strips,MIME=application/vnd.fmencoded,Encrypts",
  411. "sslencode"=>"Strips,MIME=application/vnd.fmencoded,Encrypts",
  412. "csv"=>"Strips,MIME=text/csv",);
  413. /* Help: http://www.tectite.com/fmdoc/check_for_new_version.php */
  414. define("CHECK_FOR_NEW_VERSION",true);
  415. define("CHECK_DAYS",30);
  416. /* Help: http://www.tectite.com/fmdoc/scratch_pad.php */
  417. $SCRATCH_PAD = "";
  418. /* Help: http://www.tectite.com/fmdoc/cleanup_time.php */
  419. $CLEANUP_TIME = 60; // cleanup time in minutes
  420. /* Help: http://www.tectite.com/fmdoc/cleanup_chance.php */
  421. $CLEANUP_CHANCE = 20; // percentage probability that cleanup will be performed
  422. /* Help: http://www.tectite.com/fmdoc/pear_settings.php */
  423. $PEAR_SMTP_HOST = "";
  424. $PEAR_SMTP_PORT = 25;
  425. $PEAR_SMTP_USER = "";
  426. $PEAR_SMTP_PWD = "";
  427. /* Help: http://www.tectite.com/fmdoc/alert_on_user_error.php */
  428. define("ALERT_ON_USER_ERROR",true);
  429. /* Help: http://www.tectite.com/fmdoc/enable_attack_detection.php */
  430. define("ENABLE_ATTACK_DETECTION",true);
  431. /* Help: http://www.tectite.com/fmdoc/attack_detection_url.php */
  432. define("ATTACK_DETECTION_URL","");
  433. /* Help: http://www.tectite.com/fmdoc/alert_on_attack_detection.php */
  434. define("ALERT_ON_ATTACK_DETECTION",false);
  435. /* Help: http://www.tectite.com/fmdoc/attack_detection_mime.php */
  436. define("ATTACK_DETECTION_MIME",true);
  437. /* Help: http://www.tectite.com/fmdoc/attack_detection_junk.php */
  438. define("ATTACK_DETECTION_JUNK",false);
  439. define("ATTACK_DETECTION_JUNK_CONSONANTS","bcdfghjklmnpqrstvwxz");
  440. define("ATTACK_DETECTION_JUNK_VOWELS","aeiouy");
  441. define("ATTACK_DETECTION_JUNK_CONSEC_CONSONANTS",5);
  442. define("ATTACK_DETECTION_JUNK_CONSEC_VOWELS",4);
  443. define("ATTACK_DETECTION_JUNK_TRIGGER",2);
  444. $ATTACK_DETECTION_JUNK_LANG_STRIP = array(
  445. "aiia", /* Hawaiian */
  446. "aeoa", /* palaeoanthropic */
  447. "aeoe", /* palaeoethnic */
  448. "ooee", /* cooee */
  449. "oeia", /* pharmacopoeia */
  450. "ioau", /* radioautograph */
  451. "uaia", /* guaiac */
  452. "ueou", /* aqueous */
  453. "uiou", /* obsequious */
  454. "queue", /* queue, queueing */
  455. "earth", /* earthquake, earthslide */
  456. "cks", /* jockstrap, backscratcher */
  457. "ngth", /* strengths, length */
  458. "ndths", /* thousandths */
  459. "ght", /* nightclub, knightsbridge */
  460. "phth", /* ophthalmology */
  461. "sch", /* rothschild */
  462. "shch", /* borshch */
  463. "scr", /* corkscrew */
  464. "spr", /* wingspread, offspring */
  465. "str", /* armstrong, songstress */
  466. "sts", /* bursts, postscript */
  467. "tch", /* catchphrase, scratchproof */
  468. "thst", /* northstar, birthstone */
  469. "http", /* https, http */
  470. "html", /* HTML, XHTML */
  471. );
  472. $ATTACK_DETECTION_JUNK_IGNORE_FIELDS = array();
  473. /* Help: http://www.tectite.com/fmdoc/attack_detection_dups.php */
  474. $ATTACK_DETECTION_DUPS = array("realname","address1","address2","country","zip",
  475. "phone","postcode","state","email");
  476. /* Help: http://www.tectite.com/fmdoc/attack_detection_specials.php */
  477. define("ATTACK_DETECTION_SPECIALS",true);
  478. /* Help: http://www.tectite.com/fmdoc/attack_detection_specials.php */
  479. $ATTACK_DETECTION_SPECIALS_ONLY_EMAIL = array("derive_fields","required",
  480. "mail_options","good_url","bad_url","good_template",
  481. "bad_template");
  482. /* Help: http://www.tectite.com/fmdoc/attack_detection_specials.php */
  483. $ATTACK_DETECTION_SPECIALS_ANY_EMAIL = array("subject");
  484. /* Help: http://www.tectite.com/fmdoc/attack_detection_many_urls.php */
  485. define("ATTACK_DETECTION_MANY_URLS",0);
  486. /* Help: http://www.tectite.com/fmdoc/attack_detection_many_url_fields.php */
  487. define("ATTACK_DETECTION_MANY_URL_FIELDS",0);
  488. /* Help: http://www.tectite.com/fmdoc/attack_detection_url_patterns.php */
  489. $ATTACK_DETECTION_URL_PATTERNS = array(
  490. '(^|[^-a-z_.0-9]+)(?<!@)([-a-z0-9]+\.)+(com|org|net|biz|info|name|pro|tel|asia|cat)\b',
  491. '(^|[^-a-z_.0-9]+)(?<!@)([-a-z0-9]+\.)+(com{0,1}|org|net)\.[a-z][a-z]\b');
  492. /* Help: http://www.tectite.com/fmdoc/attack_detection_ignore_errors.php */
  493. define("ATTACK_DETECTION_IGNORE_ERRORS",false);
  494. /* Help: http://www.tectite.com/fmdoc/attack_detection_reverse_captcha.php */
  495. $ATTACK_DETECTION_REVERSE_CAPTCHA = array();
  496. /* Help: http://www.tectite.com/fmdoc/geoip_lic.php */
  497. $GEOIP_LIC = ""; // default - no GeoIP
  498. /* Help: http://www.tectite.com/fmdoc/zero_is_empty.php */
  499. define("ZERO_IS_EMPTY",false);
  500. /* Help: http://www.tectite.com/fmdoc/session_name.php */
  501. $SESSION_NAME = "";
  502. /* Help: http://www.tectite.com/fmdoc/session_access.php */
  503. $SESSION_ACCESS = array();
  504. /* Help: http://www.tectite.com/fmdoc/destroy_session.php */
  505. define("DESTROY_SESSION",true);
  506. /* Help: http://www.tectite.com/fmdoc/hook_dir.php */
  507. $HOOK_DIR = "";
  508. /* UPGRADE CONTROL
  509. **
  510. ** FILTERS:lt:8.04:merge:The FILTERS configuration has
  511. ** been modified to include some new standard filters.:
  512. **
  513. ** FILTER_ATTRIBS:lt:8.04:no_keep:The FILTER_ATTRIBS configuration has
  514. ** been modified to include new information about the standard filters.:
  515. **
  516. ** ATTACK_DETECTION_URL_PATTERNS:eq:8.02:no_keep:The ATTACK_DETECTION_URL_PATTERNS
  517. ** configuration has been modified to fix a bug.:
  518. **
  519. ** FILTER_ATTRIBS:lt:4.00:no_keep:The FILTER_ATTRIBS configuration has
  520. ** been modified to include new information about the standard filters.:
  521. **
  522. ** SET_REAL_DOCUMENT_ROOT:gt:4.07:copy_from=REAL_DOCUMENT_ROOT:The
  523. ** REAL_DOCUMENT_ROOT configuration has been renamed to SET_REAL_DOCUMENT_ROOT.:
  524. **
  525. ** EMAIL_NAME:lt:6.01:no_keep:The EMAIL_NAME configuration has
  526. ** been modified to match hyphens ('-') in email addresses.:
  527. **
  528. ** ZERO_IS_EMPTY:le:6.01:set_to=true:ZERO_IS_EMPTY has been
  529. ** set to a value that duplicates previous behaviour.:
  530. **
  531. ** TEXT_SUBS:lt:8.30:no_keep:The TEXT_SUBS configuration has
  532. ** been modified to be secure with new features released in this version.:
  533. **
  534. ** END OF CONTROL
  535. */
  536. /*****************************************************************************/
  537. /* END OF CONFIGURATION (do not alter this line in any way!!!) */
  538. /*****************************************************************************/
  539. //
  540. // for Ajax allow GET method for cross site JSONP
  541. //
  542. if (IsAjax())
  543. $ALLOW_GET_METHOD = true;
  544. /*
  545. * Load an optional include file after the configuration.
  546. * You can use this to set variables or make adjustments
  547. * based on the results of the configuration section.
  548. */
  549. @include("formmail-postconfig.inc.php");
  550. //
  551. // the following constants define all FormMail messages
  552. //
  553. define('MSG_SCRIPT_VERSION',0); // This script requires at least PHP version...
  554. define('MSG_END_VERS_CHK',1); // If you're happy...
  555. define('MSG_VERS_CHK',2); // A later version of FormMail is available...
  556. define('MSG_CHK_FILE_ERROR',3); // Unable to create check file...
  557. define('MSG_UNK_VALUE_SPEC',4); // derive_fields: unknown value specification...
  558. define('MSG_INV_VALUE_SPEC',5); // derive_fields: invalid value specification...
  559. define('MSG_DERIVED_INVALID',6); // Some derive_fields specifications...
  560. define('MSG_INT_FORM_ERROR',7); // Internal form error...
  561. define('MSG_OPTIONS_INVALID',8); // Some mail_options settings...
  562. define('MSG_PLSWAIT_REDIR',9); // Please wait while you are redirected...
  563. define('MSG_IFNOT_REDIR',10); // If you are not redirected...
  564. define('MSG_PEAR_OBJ',11); // Failed to create PEAR Mail object...
  565. define('MSG_PEAR_ERROR',12); // PEAR Mail error...
  566. define('MSG_NO_FOPT_ADDR',13); // You have specified "SendMailFOption"...
  567. define('MSG_MORE_INFO',14); // More information...
  568. define('MSG_INFO_STOPPED',15); // Extra alert information suppressed...
  569. define('MSG_FM_ALERT',16); // FormMail alert
  570. define('MSG_FM_ERROR',17); // FormMail script error
  571. define('MSG_FM_ERROR_LINE',18); // The following error occurred...
  572. define('MSG_USERDATA_STOPPED',19); // User data suppressed...
  573. define('MSG_FILTERED',20); // This alert has been filtered...
  574. define('MSG_TEMPLATES',21); // You must set either TEMPLATEDIR or TEMPLATEURL...
  575. define('MSG_OPEN_TEMPLATE',22); // Failed to open template...
  576. define('MSG_ERROR_PROC',23); // An error occurred while processing...
  577. define('MSG_ALERT_DONE',24); // Our staff have been alerted...
  578. define('MSG_PLS_CONTACT',25); // Please contact us directly...
  579. define('MSG_APOLOGY',26); // We apologize for any inconvenience...
  580. define('MSG_ABOUT_FORMMAIL',27); // Your form submission was processed by...
  581. define('MSG_PREG_FAILED',28); // preg_match_all failed in FindCRMFields...
  582. define('MSG_URL_INVALID',29); // CRM URL "$URL" is not valid...
  583. define('MSG_URL_OPEN',30); // Failed to open Customer Relationship...
  584. define('MSG_CRM_FAILED',31); // Failure report from CRM...
  585. define('MSG_CRM_FORM_ERROR',32); // Your form submission was not...
  586. define('MSG_OR',33); // "$ITEM1" or "$ITEM2"
  587. define('MSG_NOT_BOTH',34); // not both "$ITEM1" and "$ITEM2"
  588. define('MSG_XOR',35); // "$ITEM1" or "$ITEM2" (but not both)
  589. define('MSG_IS_SAME_AS',36); // "$ITEM1" is the same as "$ITEM2"
  590. define('MSG_IS_NOT_SAME_AS',37); // "$ITEM1" is not the same as "$ITEM2"
  591. define('MSG_REQD_OPER',38); // Operator "$OPER" is not valid for "required"
  592. define('MSG_PAT_FAILED',39); // Pattern operator "$OPER" failed: pattern...
  593. define('MSG_COND_OPER',40); // Operator "$OPER" is not valid...
  594. define('MSG_INV_COND',41); // Invalid "conditions" field...
  595. define('MSG_COND_CHARS',42); // The conditions field "$FLD" is not valid...
  596. define('MSG_COND_INVALID',43); // The conditions field "$FLD" is not valid...
  597. define('MSG_COND_TEST_LONG',44); // Field "$FLD" has too many components...
  598. define('MSG_COND_IF_SHORT',45); // Field "$FLD" has too few components for...
  599. define('MSG_COND_IF_LONG',46); // Field "$FLD" has too many components for...
  600. define('MSG_COND_UNK',47); // Field "$FLD" has an unknown command word...
  601. define('MSG_MISSING',48); // Missing "$ITEM"...
  602. define('MSG_NEED_ARRAY',49); // "$ITEM" must be an array...
  603. define('MSG_SUBM_FAILED',50); // Your form submission has failed...
  604. define('MSG_FILTER_WRONG',51); // Filter "$FILTER" is not properly...
  605. define('MSG_FILTER_CONNECT',52); // Could not connect to site "$SITE"...
  606. define('MSG_FILTER_PARAM',53); // Filter "$FILTER" has invalid parameter...
  607. define('MSG_FILTER_OPEN_FILE',54); // Filter "$FILTER" cannot open file...
  608. define('MSG_FILTER_FILE_ERROR',55); // Filter "$FILTER": read error on file...
  609. define('MSG_FILTER_READ_ERROR',56); // Filter '$filter' failed: read error...
  610. define('MSG_FILTER_NOT_OK',57); // Filter 'FILTER' failed...
  611. define('MSG_FILTER_UNK',58); // Unknown filter...
  612. define('MSG_FILTER_CHDIR',59); // Cannot chdir...
  613. define('MSG_FILTER_NOTFOUND',60); // Cannot execute...
  614. define('MSG_FILTER_ERROR',61); // Filter "$FILTER" failed...
  615. define('MSG_SPARE',62); // this value is now spare
  616. define('MSG_TEMPLATE_ERRORS',63); // Template "$NAME" caused the...
  617. define('MSG_TEMPLATE_FAILED',64); // Failed to process template "$NAME"...
  618. define('MSG_MIME_PREAMBLE',65); // (Your mail reader should not show this...
  619. define('MSG_MIME_HTML',66); // This message has been generated by FormMail...
  620. define('MSG_FILE_OPEN_ERROR',67); // Failed to open file "$NAME"...
  621. define('MSG_ATTACH_DATA',68); // Internal error: AttachFile requires...
  622. define('MSG_PHP_HTML_TEMPLATES',69); // HTMLTemplate option is only ...
  623. define('MSG_PHP_FILE_UPLOADS',70); // For security reasons, file upload...
  624. define('MSG_FILE_UPLOAD',71); // File upload attempt ignored...
  625. define('MSG_FILE_UPLOAD_ATTACK',72);// Possible file upload attack...
  626. define('MSG_PHP_PLAIN_TEMPLATES',73);// PlainTemplate option is only...
  627. define('MSG_ATTACH_NAME',74); // filter_options: Attach must contain a name...
  628. define('MSG_PHP_BCC',75); // Warning: BCC is probably not supported...
  629. define('MSG_CSVCOLUMNS',76); // The "csvcolumns" setting is not...
  630. define('MSG_CSVFILE',77); // The "csvfile" setting is not...
  631. define('MSG_TARG_EMAIL_PAT_START',78); // Warning: Your TARGET_EMAIL pattern...
  632. define('MSG_TARG_EMAIL_PAT_END',79); // Warning: Your TARGET_EMAIL pattern...
  633. define('MSG_CONFIG_WARN',80); // The following potential problems...
  634. define('MSG_PHP_AUTORESP',81); // Autorespond is only supported...
  635. define('MSG_ALERT',82); // This is a test alert message...
  636. define('MSG_NO_DEF_ALERT',83); // No DEF_ALERT value has been set....
  637. define('MSG_TEST_SENT',84); // Test message sent. Check your email.....
  638. define('MSG_TEST_FAILED',85); // FAILED to send alert message...
  639. define('MSG_NO_DATA_PAGE',86); // This URL is a Form submission program...
  640. define('MSG_REQD_ERROR',87); // The form required some values that you...
  641. define('MSG_COND_ERROR',88); // Some of the values you provided...
  642. define('MSG_CRM_FAILURE',89); // The form submission did not succeed...
  643. define('MSG_FOPTION_WARN',90); // Warning: You've used SendMailFOption in...
  644. define('MSG_NO_ACTIONS',91); // The form has an internal error...
  645. define('MSG_NO_RECIP',92); // The form has an internal error...
  646. define('MSG_INV_EMAIL',93); // Invalid email addresses...
  647. define('MSG_FAILED_SEND',94); // Failed to send email...
  648. define('MSG_ARESP_EMAIL',96); // No "email" field was found. Autorespond...
  649. define('MSG_ARESP_SUBJ',97); // Your form submission...
  650. define('MSG_LOG_NO_VERIMG',98); // No VerifyImgString in session...
  651. define('MSG_ARESP_NO_AUTH',99); // Failed to obtain authorization...
  652. define('MSG_LOG_NO_MATCH',100); // User did not match image...
  653. define('MSG_ARESP_NO_MATCH',101); // Your entry did not match...
  654. define('MSG_LOG_FAILED',102); // Failed
  655. define('MSG_ARESP_FAILED',103); // Autoresponder failed
  656. define('MSG_LOG_OK',104); // OK
  657. define('MSG_THANKS_PAGE',105); // Thanks! We've received your....
  658. define('MSG_LOAD_MODULE',106); // Cannot load module....
  659. define('MSG_LOAD_FMCOMPUTE',107); // Cannot load FMCompute....
  660. define('MSG_REGISTER_MODULE',108); // Cannot register module....
  661. define('MSG_COMP_PARSE',109); // These parse errors occurred....
  662. define('MSG_COMP_REG_DATA',110); // Failed to register data field....
  663. define('MSG_COMP_ALERT',111); // The following alert messages....
  664. define('MSG_COMP_DEBUG',112); // The following debug messages...
  665. define('MSG_COMP_EXEC',113); // The following errors occurred....
  666. define('MSG_REG_FMCOMPUTE',114); // Cannot register function...
  667. define('MSG_USER_ERRORS',115); // A number of errors occurred...
  668. define('MSG_CALL_PARAM_COUNT',116); // Invalid parameter count...
  669. define('MSG_CALL_UNK_FUNC',117); // Unknown function...
  670. define('MSG_SAVE_FILE',118); // Failed to save file....
  671. define('MSG_CHMOD',119); // Failed to chmod file....
  672. define('MSG_VERIFY_MISSING',120); // Image verification string missing...
  673. define('MSG_VERIFY_MATCH',121); // Your entry did not match...
  674. define('MSG_FILE_NAMES_INVALID',122);// Some file_names specifications...
  675. define('MSG_FILE_NAMES_NOT_FILE',123);// Your file_names specification...
  676. define('MSG_TEMPL_ALERT',124); // The following alert messages....
  677. define('MSG_TEMPL_DEBUG',125); // The following debug messages...
  678. define('MSG_TEMPL_PROC',126); // The following errors occurred....
  679. define('MSG_SAVE_FILE_EXISTS',127); // Cannot save file....
  680. define('MSG_EMPTY_ADDRESSES',128); // $COUNT empty addresses
  681. define('MSG_CALL_INVALID_PARAM',129); // Invalid parameter....
  682. define('MSG_INI_PARSE_WARN',130); // Warning: your INI
  683. define('MSG_INI_PARSE_ERROR',131); // The FormMail INI...
  684. define('MSG_RECAPTCHA_MATCH',132); // reCaptcha verification failed...
  685. define('MSG_AND',133); // "$ITEM1" and "$ITEM2"
  686. define('MSG_NEXT_PLUS_GOOD',134); // The form specifies both next_form and....
  687. define('MSG_MULTIFORM',135); // You must set either MULTIFORMDIR or MULTIFORMURL...
  688. define('MSG_MULTIFORM_FAILED',136); // Failed to process multi-page form template "$NAME"...
  689. define('MSG_NEED_THIS_FORM',137); // Multi-page forms require "this_form" field...
  690. define('MSG_NO_PHP_SELF',138); // PHP on the server is not providing "PHP_SELF"
  691. define('MSG_RETURN_URL_INVALID',139); // Return "$URL" is not valid...
  692. define('MSG_GO_BACK',140); // Cannot 'go back' if not a multi-page form...
  693. define('MSG_OPEN_URL',141); // Cannot open URL...
  694. define('MSG_CANNOT_RETURN',142); // Cannot return to page....
  695. define('MSG_ATTACK_DETECTED',143); // Server attack detected....
  696. define('MSG_ATTACK_PAGE',144); // Your form submission....
  697. define('MSG_ATTACK_MIME_INFO',145); // The field "$FLD" contained...
  698. define('MSG_ATTACK_DUP_INFO',146); // The fields "$FLD1" and...
  699. define('MSG_ATTACK_SPEC_INFO',147); // Special field "$FLD"...
  700. define('MSG_NEED_SCRATCH_PAD',148); // You need to set SCRATCH_PAD...
  701. define('MSG_MULTI_UPLOAD',149); // File upload processing failed during multi-page form processing.
  702. define('MSG_OPEN_SCRATCH_PAD',150); // Cannot open directory...
  703. define('MSG_NO_NEXT_NUM_FILE',151); // You cannot use the %nextnum% feature...
  704. define('MSG_NEXT_NUM_FILE',152); // Cannot process next number...
  705. define('MSG_ATTACK_MANYURL_INFO',153); // Field "$FLD"...
  706. define('MSG_ATTACK_MANYFIELDS_INFO',154); // $NUM fields have URLs....
  707. define('MSG_REV_CAP',155); // ATTACK_DETECTION_REVERSE_CAPTCHA setting....
  708. define('MSG_ATTACK_REV_CAP_INFO',156); // The field "$FLD" contained...
  709. define('MSG_ATTACK_JUNK_INFO',157); // The field "$FLD" contained...
  710. define('MSG_ARESP_EMPTY',158); // The autoresponse...
  711. define('MSG_LOG_RECAPTCHA',159); // reCaptcha process failed...
  712. define('MSG_URL_PARSE',160); // URL parse failed
  713. define('MSG_URL_SCHEME',161); // Unsupported URL scheme...
  714. define('MSG_SOCKET',162); // Socket error ...
  715. define('MSG_GETURL_OPEN',163); // Open URL failed: ...
  716. define('MSG_RESOLVE',164); // Cannot resolve...
  717. define('MSG_FORM_OK',170); // Form Submission Succeeded
  718. define('MSG_FORM_ERROR',171); // Form Submission Error
  719. define('MSG_GET_DISALLOWED',172); // GET method has...
  720. //
  721. // The following are PHP's file upload error messages
  722. //
  723. define('MSG_FILE_UPLOAD_ERR_UNK',180); // Unknown error code.
  724. define('MSG_FILE_UPLOAD_ERR1',181); // The uploaded file exceeds the upload_max_filesize directive in php.ini.
  725. define('MSG_FILE_UPLOAD_ERR2',182); // The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the html form.
  726. define('MSG_FILE_UPLOAD_ERR3',183); // The uploaded file was only partially uploaded.
  727. define('MSG_FILE_UPLOAD_ERR4',184); // No file was uploaded.
  728. define('MSG_FILE_UPLOAD_ERR6',186); // Missing a temporary folder.
  729. define('MSG_FILE_UPLOAD_ERR7',187); // Failed to write file to disk.
  730. define('MSG_FILE_UPLOAD_ERR8',188); // File upload stopped by extension.
  731. define('MSG_FILE_UPLOAD_SIZE',189); // Uploaded file "$NAME" is too big...
  732. // (not a PHP error code - internal maximum file size error)
  733. //
  734. // following are for derive_fields functions
  735. //
  736. define('MSG_DER_FUNC_ERROR',200); // derive_fields: invalid function....
  737. define('MSG_DER_FUNC_SIZE_FMT',201); // function 'size' requires....
  738. define('MSG_DER_FUNC_IF_FMT',202); // function 'if' requires....
  739. define('MSG_DER_FUNC_NEXTNUM_FMT',203); // function 'nextnum' requires....
  740. define('MSG_DER_FUNC_EXT_FMT',204); // function 'ext' requires....
  741. define('MSG_DER_FUNC1_FMT',205); // function 'FUNC' requires....
  742. define('MSG_USER_ATTACK_JUNK',220); // The following input ...
  743. define('MSG_USER_ATTACK_REV_CAP',221); // Your input ...
  744. define('MSG_USER_ATTACK_DUP',222); // You have ...
  745. define('MSG_USER_ATTACK_MANY_URLS',223);// Your input ...
  746. define('MSG_USER_ATTACK_MANY_URL_FIELDS',224);// Your input ...
  747. // <A NAME="MessageNumbers"> Jump to: <A HREF="#BuiltinMessages">
  748. //
  749. // Return true if using the built-in language
  750. //
  751. function IsBuiltInLanguage()
  752. {
  753. global $sLangID;
  754. return (strpos($sLangID,"builtin") !== false);
  755. }
  756. $sSavePath = "";
  757. $bPathSaved = false;
  758. //
  759. // Set include path to include the given directory.
  760. //
  761. function AddIncludePath($s_dir = ".")
  762. {
  763. global $sSavePath,$bPathSaved;
  764. $s_path = ini_get('include_path');
  765. $i_path_len = strlen($s_path);
  766. $s_sep = IsServerWindows() ? ";" : ":"; // get path separator
  767. //
  768. // look for it in the include_path
  769. //
  770. $b_found = false;
  771. $i_pos = 0;
  772. $i_len = strlen($s_dir);
  773. while (!$b_found && ($i_pos = strpos($s_path,$s_dir,$i_pos)) !== false)
  774. {
  775. if ($i_pos == 0)
  776. {
  777. if ($i_len == $i_path_len)
  778. $b_found = true; // the path only has $s_dir
  779. elseif ($s_path[$i_len] == $s_sep)
  780. $b_found = true;
  781. }
  782. elseif ($s_path[$i_pos-1] == $s_sep &&
  783. ($i_pos + $i_len == $i_path_len ||
  784. $s_path[$i_pos + $i_len] == $s_sep))
  785. $b_found = true;
  786. if (!$b_found)
  787. $i_pos++;
  788. }
  789. if (!$b_found)
  790. {
  791. //
  792. // allow multiple calls, but only store the original path once
  793. //
  794. if (!$bPathSaved)
  795. $sSavePath = $s_path;
  796. if (empty($s_path))
  797. $s_path = $s_dir;
  798. else
  799. //
  800. // prepend the directory
  801. //
  802. $s_path = $s_dir.$s_sep.$s_path;
  803. ini_set('include_path',$s_path);
  804. $bPathSaved = true;
  805. }
  806. }
  807. //
  808. // Reset the include path after a call to AddIncludePath.
  809. //
  810. function ResetIncludePath()
  811. {
  812. global $sSavePath,$bPathSaved;
  813. if ($bPathSaved)
  814. {
  815. ini_set('include_path',$sSavePath);
  816. $bPathSaved = false;
  817. }
  818. }
  819. //
  820. // Load a language file
  821. //
  822. function LoadLanguageFile()
  823. {
  824. global $aMessages,$sLangID,$sHTMLCharSet;
  825. AddIncludePath();
  826. if (!@include("language.inc.php"))
  827. @include("language.inc");
  828. ResetIncludePath();
  829. if (isset($sHTMLCharSet) && $sHTMLCharSet !== "")
  830. header("Content-Type: text/html; charset=$sHTMLCharSet");
  831. }
  832. //
  833. // Load the messages array from the default language, and then
  834. // override with an optional language file.
  835. // Note: all messages get the MNUM parameter sent which they can use.
  836. // If they don't use it, the message number is appended.
  837. //
  838. function LoadBuiltinLanguage()
  839. {
  840. global $aMessages,$sLangID;
  841. $sLangID = "English (builtin)";
  842. // MSG_SCRIPT_VERSION is shown if the PHP version is too old to run
  843. // FormMail
  844. // Parameters:
  845. // $PHPREQ is the minimum required PHP version
  846. // $PHPVERS is the version the server currently has installed.
  847. $aMessages[MSG_SCRIPT_VERSION] = 'This script requires at least PHP version '.
  848. '$PHPREQ. You have PHP version $PHPVERS.';
  849. // MSG_END_VERS_CHK is sent at the end of an Alert message when
  850. // FormMail detects that there's a newer version available
  851. // Parameters: none
  852. $aMessages[MSG_END_VERS_CHK] = '***************************************************\n'.
  853. 'If you are happy with your current version and want\n'.
  854. 'to stop these reminders, edit formmail.php and\n'.
  855. 'set CHECK_FOR_NEW_VERSION to false.\n'.
  856. '***************************************************\n';
  857. // MSG_VERS_CHK is sent in an Alert message when
  858. // FormMail detects that there's a newer version available
  859. // Parameters:
  860. // $TECTITE the website to go to
  861. // $FM_VERS the current FormMail version
  862. // $NEWVERS the new FormMail version that's available
  863. $aMessages[MSG_VERS_CHK] = 'A later version of FormMail is available from $TECTITE.\n'.
  864. 'You are currently using version $FM_VERS.\n'.
  865. 'The new version available is $NEWVERS.\n';
  866. // MSG_CHK_FILE_ERROR is sent in an Alert message when
  867. // FormMail cannot create a file to record the time of version check.
  868. // Parameters:
  869. // $FILE the file name that could not be created
  870. // $ERROR the actual error message
  871. $aMessages[MSG_CHK_FILE_ERROR] = 'Unable to create check file "$FILE": $ERROR';
  872. // MSG_UNK_VALUE_SPEC is sent in an Alert message when
  873. // a form uses an unknown value specification in derive_fields.
  874. // Parameters:
  875. // $SPEC the unknown value specification
  876. // $MSG additional message
  877. $aMessages[MSG_UNK_VALUE_SPEC] = 'derive_fields: unknown value specification '.
  878. '"$SPEC"$MSG';
  879. // MSG_INV_VALUE_SPEC is sent in an Alert message when
  880. // a form uses a value specification in derive_fields that's
  881. // formatted incorrectly (missing terminating '%')
  882. // Parameters:
  883. // $SPEC the invalid value specification
  884. $aMessages[MSG_INV_VALUE_SPEC] = 'derive_fields: invalid value specification '.
  885. '"$SPEC" (possibly missing a "%")';
  886. // MSG_DERIVED_INVALID is sent in an Alert message when
  887. // a form's derive_fields setting has errors
  888. // Parameters: none
  889. // A list of errors is appended on separate lines
  890. $aMessages[MSG_DERIVED_INVALID] = 'Some derive_fields specifications are invalid $MNUM:\n';
  891. // MSG_INT_FORM_ERROR is sent in an Alert message and displayed
  892. // to the form user
  893. // Parameters: none
  894. $aMessages[MSG_INT_FORM_ERROR] = 'Internal form error';
  895. // MSG_OPTIONS_INVALID is sent in an Alert message when
  896. // a form's options settings are invalid. This applies to
  897. // mail_options, filter_options, crm_options, and autorespond
  898. // Parameters:
  899. // $OPT the name of the options field
  900. // A list of errors is appended on separate lines
  901. $aMessages[MSG_OPTIONS_INVALID] = 'Some $OPT settings are undefined $MNUM:\n';
  902. // MSG_PLSWAIT_REDIR is shown to the user for a redirect
  903. // with JavaScript
  904. // Parameters: none
  905. $aMessages[MSG_PLSWAIT_REDIR] = 'Please wait while you are redirected...';
  906. // MSG_IFNOT_REDIR is shown to the user for a redirect
  907. // with JavaScript
  908. // Parameters:
  909. // $URL the URL to redirect to
  910. $aMessages[MSG_IFNOT_REDIR] = 'If you are not automatically redirected, '.
  911. 'please <a href="$URL">click here</a>.';
  912. // MSG_PEAR_OBJ is shown to the user if the PEAR Mail object
  913. // cannot be created
  914. // Parameters: none
  915. $aMessages[MSG_PEAR_OBJ] = 'Failed to create PEAR Mail object';
  916. // MSG_PEAR_ERROR is sent in an Alert message if the PEAR Mail processing
  917. // reports an error
  918. // Parameters:
  919. // $MSG the error message from PEAR
  920. $aMessages[MSG_PEAR_ERROR] = 'PEAR Mail error: $MSG';
  921. // MSG_NO_FOPT_ADDR is sent in an Alert message SendMailFOption is
  922. // specified in the form and no email address has been provided
  923. // Parameters: none
  924. $aMessages[MSG_NO_FOPT_ADDR] = 'You have specified "SendMailFOption" in your '.
  925. 'form, but there is no email address to use';
  926. // MSG_MORE_INFO is sent in an Alert message on a line by itself, just
  927. // before extra information about the FormMail processing that may have
  928. // led to the alert message
  929. // Parameters: none
  930. $aMessages[MSG_MORE_INFO] = 'More information:';
  931. // MSG_INFO_STOPPED is sent in an Alert message to say that extra
  932. // alert information has been suppressed because of potential security
  933. // problems with showing it.
  934. // Parameters: none
  935. $aMessages[MSG_INFO_STOPPED] = '(Extra alert information suppressed for '.
  936. 'security purposes. $MNUM)';
  937. // MSG_FM_ALERT is sent as the subject li…

Large files files are truncated, but you can click here to view the full file