ILIAS  release_4-3 Revision
 All Data Structures Namespaces Files Functions Variables Groups Pages
example_form.php
Go to the documentation of this file.
1 <?php
2 session_start(); // this MUST be called prior to any output including whitespaces and line breaks!
3 
4 $GLOBALS['DEBUG_MODE'] = 1;
5 // CHANGE TO 0 TO TURN OFF DEBUG MODE
6 // IN DEBUG MODE, ONLY THE CAPTCHA CODE IS VALIDATED, AND NO EMAIL IS SENT
7 
8 ?>
9 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
10 <html>
11 <head>
12  <title>Securimage Example Form</title>
13  <style type="text/css">
14  <!--
15  .error { color: #f00; font-weight: bold; font-size: 1.2em; }
16  .success { color: #00f; font-weight; bold; font-size: 1.2em; }
17  fieldset { width: 90%; }
18  legend { font-size: 24px; }
19  .note { font-size: 18px;
20  -->
21  </style>
22 </head>
23 <body>
24 
25 <fieldset>
26 <legend>Example Form</legend>
27 
28 <p class="note">
29  This is an example PHP form that processes user information, checks for errors, and validates the captcha code.<br />
30  This example form also demonstrates how to submit a form to itself to display error messages.
31 </p>
32 
33 <?php
34 
35 $GLOBALS['ct_recipient'] = 'YOU@EXAMPLE.COm'; // Change to your email address!
36 $GLOBALS['ct_msg_subject'] = 'Securimage Test Contact Form';
37 
38 process_si_contact_form(); // Process the form, if it was submitted
39 
40 if (isset($_SESSION['ctform']['error']) && $_SESSION['ctform']['error'] == true): /* The last form submission had 1 or more errors */ ?>
41 <span class="error">There was a problem with your submission. Errors are displayed below in red.</span><br /><br />
42 <?php elseif (isset($_SESSION['ctform']['success']) && $_SESSION['ctform']['success'] == true): /* form was processed successfully */ ?>
43 <span class="success">The captcha was correct and the message has been sent!</span><br /><br />
44 <?php endif; ?>
45 
46 <form method="post" action="<?php echo $_SERVER['REQUEST_URI'] . $_SERVER['QUERY_STRING'] ?>" id="contact_form">
47  <input type="hidden" name="do" value="contact" />
48 
49  <p>
50  <strong>Name*:</strong>&nbsp; &nbsp;<?php echo @$_SESSION['ctform']['name_error'] ?><br />
51  <input type="text" name="ct_name" size="35" value="<?php echo htmlspecialchars(@$_SESSION['ctform']['ct_name']) ?>" />
52  </p>
53 
54  <p>
55  <strong>Email*:</strong>&nbsp; &nbsp;<?php echo @$_SESSION['ctform']['email_error'] ?><br />
56  <input type="text" name="ct_email" size="35" value="<?php echo htmlspecialchars(@$_SESSION['ctform']['ct_email']) ?>" />
57  </p>
58 
59  <p>
60  <strong>URL:</strong>&nbsp; &nbsp;<?php echo @$_SESSION['ctform']['URL_error'] ?><br />
61  <input type="text" name="ct_URL" size="35" value="<?php echo htmlspecialchars(@$_SESSION['ctform']['ct_URL']) ?>" />
62  </p>
63 
64  <p>
65  <strong>Message*:</strong>&nbsp; &nbsp;<?php echo @$_SESSION['ctform']['message_error'] ?><br />
66  <textarea name="ct_message" style="width: 450px; height: 200px"><?php echo htmlspecialchars(@$_SESSION['ctform']['ct_message']) ?></textarea>
67  </p>
68 
69  <p>
70  <img id="siimage" style="border: 1px solid #000; margin-right: 15px" src="./securimage_show.php?sid=<?php echo md5(uniqid()) ?>" alt="CAPTCHA Image" align="left">
71  <object type="application/x-shockwave-flash" data="./securimage_play.swf?audio_file=./securimage_play.php&amp;bgColor1=#fff&amp;bgColor2=#fff&amp;iconColor=#777&amp;borderWidth=1&amp;borderColor=#000" height="32" width="32">
72  <param name="movie" value="./securimage_play.swf?audio_file=./securimage_play.php&amp;bgColor1=#fff&amp;bgColor2=#fff&amp;iconColor=#777&amp;borderWidth=1&amp;borderColor=#000">
73  </object>
74  &nbsp;
75  <a tabindex="-1" style="border-style: none;" href="#" title="Refresh Image" onclick="document.getElementById('siimage').src = './securimage_show.php?sid=' + Math.random(); this.blur(); return false"><img src="./images/refresh.png" alt="Reload Image" onclick="this.blur()" align="bottom" border="0"></a><br />
76  <strong>Enter Code*:</strong><br />
77  <?php echo @$_SESSION['ctform']['captcha_error'] ?>
78  <input type="text" name="ct_captcha" size="12" maxlength="8" />
79  </p>
80 
81  <p>
82  <br />
83  <input type="submit" value="Submit Message">
84  </p>
85 
86 </form>
87 </fieldset>
88 
89 </body>
90 </html>
91 
92 <?php
93 
94 // The form processor PHP code
95 function process_si_contact_form()
96 {
97  $_SESSION['ctform'] = array(); // re-initialize the form session data
98 
99  if ($_SERVER['REQUEST_METHOD'] == 'POST' && @$_POST['do'] == 'contact') {
100  // if the form has been submitted
101 
102  foreach($_POST as $key => $value) {
103  if (!is_array($key)) {
104  // sanitize the input data
105  if ($key != 'ct_message') $value = strip_tags($value);
106  $_POST[$key] = htmlspecialchars(stripslashes(trim($value)));
107  }
108  }
109 
110  $name = @$_POST['ct_name']; // name from the form
111  $email = @$_POST['ct_email']; // email from the form
112  $URL = @$_POST['ct_URL']; // url from the form
113  $message = @$_POST['ct_message']; // the message from the form
114  $captcha = @$_POST['ct_captcha']; // the user's entry for the captcha code
115  $name = substr($name, 0, 64); // limit name to 64 characters
116 
117  $errors = array(); // initialize empty error array
118 
119  if (isset($GLOBALS['DEBUG_MODE']) && $GLOBALS['DEBUG_MODE'] == false) {
120  // only check for errors if the form is not in debug mode
121 
122  if (strlen($name) < 3) {
123  // name too short, add error
124  $errors['name_error'] = 'Your name is required';
125  }
126 
127  if (strlen($email) == 0) {
128  // no email address given
129  $errors['email_error'] = 'Email address is required';
130  } else if ( !preg_match('/^(?:[\w\d]+\.?)+@(?:(?:[\w\d]\-?)+\.)+\w{2,4}$/i', $email)) {
131  // invalid email format
132  $errors['email_error'] = 'Email address entered is invalid';
133  }
134 
135  if (strlen($message) < 20) {
136  // message length too short
137  $errors['message_error'] = 'Please enter a message';
138  }
139  }
140 
141  // Only try to validate the captcha if the form has no errors
142  // This is especially important for ajax calls
143  if (sizeof($errors) == 0) {
144  require_once dirname(__FILE__) . '/securimage.php';
145  $securimage = new Securimage();
146 
147  if ($securimage->check($captcha) == false) {
148  $errors['captcha_error'] = 'Incorrect security code entered<br />';
149  }
150  }
151 
152  if (sizeof($errors) == 0) {
153  // no errors, send the form
154  $time = date('r');
155  $message = "A message was submitted from the contact form. The following information was provided.<br /><br />"
156  . "Name: $name<br />"
157  . "Email: $email<br />"
158  . "URL: $URL<br />"
159  . "Message:<br />"
160  . "<pre>$message</pre>"
161  . "<br /><br />IP Address: {$_SERVER['REMOTE_ADDR']}<br />"
162  . "Time: $time<br />"
163  . "Browser: {$_SERVER['HTTP_USER_AGENT']}<br />";
164 
165  $message = wordwrap($message, 70);
166 
167  if (isset($GLOBALS['DEBUG_MODE']) && $GLOBALS['DEBUG_MODE'] == false) {
168  // send the message with mail()
169  mail($GLOBALS['ct_recipient'], $GLOBALS['ct_msg_subject'], $message, "From: {$GLOBALS['ct_recipient']}\r\nReply-To: {$email}\r\nContent-type: text/html; charset=ISO-8859-1\r\nMIME-Version: 1.0");
170  }
171 
172  $_SESSION['ctform']['error'] = false; // no error with form
173  $_SESSION['ctform']['success'] = true; // message sent
174  } else {
175  // save the entries, this is to re-populate the form
176  $_SESSION['ctform']['ct_name'] = $name; // save name from the form submission
177  $_SESSION['ctform']['ct_email'] = $email; // save email
178  $_SESSION['ctform']['ct_URL'] = $URL; // save URL
179  $_SESSION['ctform']['ct_message'] = $message; // save message
180 
181  foreach($errors as $key => $error) {
182  // set up error messages to display with each field
183  $_SESSION['ctform'][$key] = "<span style=\"font-weight: bold; color: #f00\">$error</span>";
184  }
185 
186  $_SESSION['ctform']['error'] = true; // set error floag
187  }
188  } // POST
189 }
190 
191 $_SESSION['ctform']['success'] = false; // clear success value after running