%[if !edit]%
%id=fscontactplus_successtext%'; //<-- Yay!
$messageOnFailure = '%id=fscontactplus_failuretext%'; //<-- System error
$messageOnError = '%id=fscontactplus_errortext%'; //<-- User error
//--DO NOT EDIT PHP CODE BELOW THIS LINE--
//Helper methods
function getFromPost($name, $default = false) {
if ( isset($_POST[$name]) && trim($_POST[$name]) !== '' ) {
return $_POST[$name];
}
return $default;
}
function getUUID() {
return sprintf( '%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
// 32 bits for "time_low"
mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ),
// 16 bits for "time_mid"
mt_rand( 0, 0xffff ),
// 16 bits for "time_hi_and_version",
// four most significant bits holds version number 4
mt_rand( 0, 0x0fff ) | 0x4000,
// 16 bits, 8 bits for "clk_seq_hi_res",
// 8 bits for "clk_seq_low",
// two most significant bits holds zero and one for variant DCE1.1
mt_rand( 0, 0x3fff ) | 0x8000,
// 48 bits for "node"
mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff )
);
}
//Process POST request
$errors = array();
$message = $messageOnLoad;
if ( $_SERVER['REQUEST_METHOD'] === 'POST' ) {
//Check csrf token
$token = getFromPost('token');
$tokenHash = getFromPost('token_hash');
if ( !$token || !$tokenHash ) {
die('Invalid form submission token params');
}
$tokenVerifyHash = hash_hmac('md5', $token, $secretKey);
if ( $tokenHash !== $tokenVerifyHash ) {
die('Invalid form submission hash');
}
//Validate presence of fields
$fields = array(
'form_element0' => '%id=fscontactplus_formfield01%',
'form_element1' => '%id=fscontactplus_formfield02%',
'form_element2' => '%id=fscontactplus_formfield03%',
'form_element3' => '%id=fscontactplus_formfield04%'
);
foreach ( $fields as $name => $label ) {
if ( getFromPost($name) === false ) {
$errors[] = sprintf('%s is required', $label);
}
}
//Validate email address
if ( filter_input(INPUT_POST, 'form_element1', FILTER_VALIDATE_EMAIL) === false ) {
$errors[] = 'Invalid email address';
}
//Ensure honeypot is empty, otherwise die immediately
$honeypot = getFromPost('username');
if ( $honeypot !== false ) {
die('Invalid form submission');
}
//If no errors, send email
if ( !$errors ) {
//Get filtered users input
$name = filter_input(INPUT_POST, 'form_element0', FILTER_SANITIZE_STRING);
$email = filter_input(INPUT_POST, 'form_element1', FILTER_SANITIZE_EMAIL);
$subject = filter_input(INPUT_POST, 'form_element2', FILTER_SANITIZE_STRING);
$message = filter_input(INPUT_POST, 'form_element3', FILTER_SANITIZE_STRING);
//Build email
$m = new PHPMailer();
$m->SetFrom($email, $name);
$m->AddReplyTo($email, $name);
$m->AddAddress($deliverTo);
$m->Subject = $subject;
$m->MsgHTML($message);
//Send email
if ( $m->Send() ) {
$message = $messageOnSuccess;
} else {
$message = $messageOnFailure;
}
} else {
$message = $messageOnError;
}
}
//Generate new csrf token
$token = getUUID();
$tokenHash = hash_hmac('md5', $token, $secretKey);
?>
%[endif]%
%id=fscontactplus_formtitle%