vasek2
Полезный
- Регистрация
- 8 Июн 2008
- Сообщения
- 187
- Реакции
- 17
кто-то спрашивал про формы обратной связи......
вот код рабочий, только если кто знает про уязвимости-скажите.
все работает,незнаю,актуально ли? или есть что посовременнее?
вот код рабочий, только если кто знает про уязвимости-скажите.
PHP:
// --------- Email Form (Etomite 0.6) ------------
// Version 0.6.4 - September 12, 2004 - Tony Summerville
// CSS classes used:
// emailform - used in the actual form.
// emailformMessage - messages to the user.
// error -- used when there is a problem with some part of the validation
// message -- general feedback that is not an error... e.g. the message was sent
// Config is down a bit....
///////////////////////////////////
// DO NOT MESS WITH THESE TWO LINES
$subject_array = array();
$recipient_array = array();
///////////////////////////////////
// <----- BEGIN CONFIG ----->
// Edit only what's between the quotation marks in the below lines.
// These will be the subjects that your users can choose from
// You can have as many as you want.
// Each one must be set up like so:
// $subject_array[] = "What You Want This Choice To Be";
// Make sure to remove empty ones that you aren't using. Just delete the entire line.
$subject_array[] = "Выберите тему сообщения";
$subject_array[] = "тема1";
$subject_array[] = "тема2";
$subject_array[] = "тема3";
$subject_array[] = "тема итд";
//$subject_array[] = "Subject Choice 4";
// Insert as many as you'd like
// Edit only what's between the quotation marks in the below lines.
// These lines contain the various people that can be contacted via your form.
// You can have as many as you want.
// Each one must be set up like so:
// $recipient_array["UNIQUE Short Name"] = "email@email.com";
// The "UNIQUE Short Name" will be shown in the select box.
// This allows the actual email address to be hidden from the user.
// Make sure to remove empty ones that you aren't using. Just delete the entire line.
$recipient_array["выбрать получателя..."] = "\"\"";
$recipient_array["получатель1"] = "\"your@mail.ru\"";
$recipient_array["получатель2"] = "\"She@mail.ru\"";
$recipient_array["получатель итд"] = "\"hi@mail.ru\"";
// again, insert as many as you'd like
// <----- END CONFIG ----->
if ($_POST['send'] == 'true') {
$to = $_POST['to'];
$name = $_POST['name'];
$email = $_POST['email'];
$the_subject = $_POST['subject'];
$message = $_POST['message'];
if (($name == '') OR ($email == '') OR ($message == '')) {
$SendMail .= "<div class='error'>";
$SendMail .= "Все поля обязательны для заполнения.";
$SendMail .= "</div>";
}
elseif (ereg('([[:alnum:]\.\-]+)(\@[[:alnum:]\.\-]+\.+)', $email)) {
$recipient = $to;
$subject = $the_subject;
$additional_headers = "From: $email\n";
$body = "Name: $name\nEmail: $email\n\nMessage:\n\n" . $message;
if (mail($recipient, $subject, $body, $additional_headers)) {
$SendMail .= "<div class='message'>";
$SendMail .= "Сообщение отправлено! В ближайшее время Вы получите ответ.";
$SendMail .= "</div>";
$name="";
$email="";
$message="";
} else {
$SendMail .= "<div class='error'>";
$SendMail .= "Ошибка.Попробуйте еще раз.<br>";
$SendMail .= "</div>";
$send = "false";
}
} else {
$SendMail .= "<div class='error'>";
$SendMail .= "Электронный адрес,который Вы указали(".$email.") недействителен. Попробуйте еще раз.";
$SendMail .= "</div>";
$send = "false";
}
} else {
$SendMail .= "<p>Вы можете связаться с нашими специалистами,заполнив данную форму</p>";
}
$SendMail .= "<div class='emailform'>";
$SendMail .= "<form method='post' action=''>\n<div>\n";
$SendMail .= "<table border='0'>\n";
$SendMail .= "<tr>\n<td>\n";
$SendMail .= "<input type='hidden' name='send' value='true' />\n";
$SendMail .= "Кому:\n";
$SendMail .= "</td>\n<td>\n";
$SendMail .= "<select name='to'>\n";
foreach ($recipient_array as $key => $value) {
$SendMail .= "<option value=" . $value . ">" . $key . "</option>\n";
}
$SendMail .= "</select>\n";
$SendMail .= "</td>\n</tr>\n";
$SendMail .= "<tr>\n<td>\n";
$SendMail .= "Ваше имя:\n";
$SendMail .= "</td>\n<td>\n";
$SendMail .= "<input type='text' name='name' value=\"".$name."\" /><br/>\n";
$SendMail .= "</td>\n</tr>\n";
$SendMail .= "<tr>\n<td>\n";
$SendMail .= "Ваш Email :\n";
$SendMail .= "</td>\n<td>\n";
$SendMail .= "<input type='text' name='email' size='35' value=\"".$email."\" /><br/>\n";
$SendMail .= "</td>\n</tr>\n";
$SendMail .= "<tr>\n<td>\n";
$SendMail .= "Тема сообщения:\n";
$SendMail .= "</td>\n<td>\n";
$SendMail .= "<select name='subject'>\n";
foreach ($subject_array as $value2) {
$SendMail .= "<option value=" . '"'. $value2 .'"' . ">" . $value2 . "</option>\n";
}
$SendMail .= "</select><br />\n";
$SendMail .= "</td>\n</tr>\n";
$SendMail .= "</table>\n";
$SendMail .= "Сообщение:<br />\n";
$SendMail .= "<textarea cols='41' rows='5' name='message'>".$message."</textarea><br />\n";
$SendMail .= "<input type='submit' value='Отправить' /> \n";
$SendMail .= "<input type='reset' value='Сброс' />\n</div>\n";
$SendMail .= "</form>\n";
$SendMail .= "</div>\n";
return $SendMail;
Причём на разных серверах (на локале) с разными вариантами кодировки базы. Большего,чего добился,это нормальная русская админка,но при добавлении сниппетов,после сохранения,описание превращается в те-же кракозябры.. 
