Files @ f5b8a6f32c9a
Branch filter:

Location: SlatePermutate/feedback-submit.php

f5b8a6f32c9a 1.7 KiB text/x-php Show Annotation Show as Raw Download as Raw
binki
Actually reject bad input for the feedback form instead of detecting it but still allowing it through.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
<?php
        include_once 'inc/class.page.php';
        $feedbackpage = new page('Feedback');

	$subject = '[SlatePermutate] - Feedback';
?>

<h3>Thanks!</h3>


<?php
Page::session_start();

$ip = $_POST['ip'];
$httpagent = $_POST['httpagent'];
$fromdom = $_POST['fromdom'];
$nameis = $_POST['nameis'];
$visitormail = $_POST['visitormail'];
$school = $_POST['school'];
$school_id = isset($_SESSION['school']) ? $_SESSION['school'] : '';
$feedback = $_POST['feedback'];
$rating = $_POST['rating'];

$reject = FALSE;

if (eregi('http:', $feedback)) { 
  echo 'Please do not include URLs in your submission! Please click "back" and try again.';
  $reject = TRUE;
}
if (empty($visitormail) || !preg_match('/^[^@]+@[^@]+\.[^@]+$/', $visitormail)) {
  echo '<p>Please click "back" and enter valid e-mail address.</p>';
  $reject = TRUE;
}
if(empty($nameis) || empty($feedback) || empty($visitormail)) {
  echo '<p>Please click "back" and fill in all fields.</p>';
  $reject = TRUE;
}

if (!$reject)
  {
    $feedback = stripcslashes($feedback);

    $message = date('l, F j, Y, g:i a') ."
From: $nameis ($visitormail)
School: $school ($school_id)\n
Rating: $rating 
Feedback: $feedback 
\n
IP = $ip 
Browser = $httpagent 
Deployment = $fromdom
";

    $from = "From: $visitormail\r\n";

    /* $feedback_emails has its default set in inc/class.page.inc, can be set in config.inc */
    foreach($feedback_emails as $toaddr)
      {
	mail($toaddr, $subject, $message, $from);
      }

?>

<p>Thanks for helping make SlatePermutate better. Your feedback is greatly appreciated.</p>
<p>We will attempt to respond via email if your feedback lends itself to a response.</p>


<?php
  }

  $feedbackpage->foot();
Server instance: zserverv-307515 This site is powered by Kallithea, which is © 2010–2021 by various authors & licensed under GPLv3. – Support