I’m not skilled php yet, working on it, though. I could use another set of eyes on this to let me know if what I have is junk or viable. Here the page: http://www.woodfordem.com/website/contact-us.php.
I’ve been working on this for days and I now have another guy looking at it, but thought I could get some answers here faster maybe. This site uses SSIs so I decided to use a static (is that the word?) php page with header and footer included.
Here’s the contact-us.php page:
[php]
Contact us
<table width="100%" border="0" cellpadding="3">
<tr>
<td width="14%"><label>First Name:</label></td>
<td width="30%"><input type="text" name="FirstName" id="FirstName" class="texta" /></td>
<td><label>Last Name:</label></td>
<td><input type="text" name="LastName" id="LastName" class="texta" /></td>
</tr>
<tr>
<td><label>Address:</label></td>
<td><input name="Address" type="text" id="Address" class="texta" /></td>
<td width="21%">City:</td>
<td width="35%"><label>
<input name="City" type="text" id="City" class="texta" />
</label></td>
</tr>
<tr>
<td><label>Email:</label></td>
<td><input type="text" name="Email" id="Email" class="texta" /></td>
<td><label>State:</label></td>
<td><select name="State" size="1">
<option value="" selected="selected">Select State </option>
<option value="AL">Alabama </option>
<option value="AK">Alaska </option>
<option value="AZ">Arizona </option>
<option value="AR">Arkansas </option>
<option value="CA">California </option>
<option value="CO">Colorado </option>
<option value="CT">Connecticut </option>
<option value="DE">Delaware </option>
<option value="FL">Florida </option>
<option value="GA">Georgia </option>
<option value="HI">Hawaii </option>
<option value="ID">Idaho </option>
<option value="IL">Illinois </option>
<option value="IN">Indiana </option>
<option value="IA">Iowa </option>
<option value="KS">Kansas </option>
<option value="KY">Kentucky </option>
<option value="LA">Louisiana </option>
<option value="ME">Maine </option>
<option value="MD">Maryland </option>
<option value="MA">Massachusetts </option>
<option value="MI">Michigan </option>
<option value="MN">Minnesota </option>
<option value="MS">Mississippi </option>
<option value="MO">Missouri </option>
<option value="MT">Montana </option>
<option value="NE">Nebraska </option>
<option value="NV">Nevada </option>
<option value="NH">New Hampshire </option>
<option value="NJ">New Jersey </option>
<option value="NM">New Mexico </option>
<option value="NY">New York </option>
<option value="NC">North Carolina </option>
<option value="ND">North Dakota </option>
<option value="OH">Ohio </option>
<option value="OK">Oklahoma </option>
<option value="OR">Oregon </option>
<option value="PA">Pennsylvania </option>
<option value="RI">Rhode Island </option>
<option value="SC">South Carolina </option>
<option value="SD">South Dakota </option>
<option value="TN">Tennessee </option>
<option value="TX">Texas </option>
<option value="UT">Utah </option>
<option value="VT">Vermont </option>
<option value="VA">Virginia </option>
<option value="WA">Washington </option>
<option value="DC">Washington D.C. </option>
<option value="WV">West Virginia </option>
<option value="WI">Wisconsin </option>
<option value="WY">Wyoming </option>
</select></td>
</tr>
<tr>
<td><label>Telephone:</label></td>
<td colspan="3"><input type="text" name="Telephone" id="Telephone" class="texta" /></td>
</tr>
<tr>
<td><label>Subject:</label></td>
<td colspan="3"><select name="Subject" id="subject" size="1">
<option selected="selected">Select Subject</option>
<option>Preparedness</option>
<option>Volunteers</option>
<option>Emergency Management</option>
</select></td>
</tr>
<tr>
<td colspan="4" valign="top"><label>Comments:<br />
<textarea name="Comments" cols="74" rows="10" id="Comments" class="texta"></textarea>
</label></td>
</tr>
</table>
<div>
<?php
require_once('recaptchalib.php');
// Get a key from http://recaptcha.net/api/getkey
$publickey = "xxxxxxxxxxxxxxxxxxxxxx;
$privatekey = "xxxxxxxxxxxxxxxxxxxxxxxxx";
# the response from reCAPTCHA
$resp = null;
# the error code from reCAPTCHA, if any
$error = null;
# was there a reCAPTCHA response?
if ($_POST["recaptcha_response_field"]) {
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if ($resp->is_valid) {
echo "You got it!";
} else {
# set the error code so that we can display it
$error = $resp->error;
}
}
echo recaptcha_get_html($publickey, $error);
?>
</div>
<input type="submit" name="submit" value="Submit" class="formbutton" />
</form>
[/php]
…and here’s the contactengine.php:
[php]<?php
require_once(‘recaptchalib.php’);
$publickey = “xxxxxxxxxxxxxxxxxxxxxxxxxxxx”;
$privatekey = “xxxxxxxxxxxxxxxxxxxxxxx”;
$resp = recaptcha_check_answer($privatekey,
$_SERVER[“REMOTE_ADDR”],
$_POST[“recaptcha_challenge_field”],
$_POST[“recaptcha_response_field”]);
$validationOK = true;
if (!$resp->is_valid) {
/die (“The reCAPTCHA wasn’t entered correctly. Please go back and try it again.” .
"(reCAPTCHA said: " . $resp->error . “)”);/
/*die('Please type the correct words displayed in the image ’ . “\n\n” .
‘Click Here Go Back and try again.’); */
echo 'Please type the correct words displayed in the image ’ . “\n\n” .
‘Click Here Go Back and try again.’;
//echo ‘Not Valid’;
$validationOK = false;
}
$EmailFrom = "[email protected]";
$EmailTo = "[email protected]";
$FirstName = Trim(stripslashes($_POST[‘First Name’]));
$LastName = Trim(stripslashes($_POST[‘Last Name’]));
$Address = Trim(stripslashes($_POST[‘Address’]));
$City = Trim(stripslashes($_POST[‘City’]));
$State = Trim(stripslashes($_POST[‘State’]));
$Telephone = Trim(stripslashes($_POST[‘Telephone’]));
$Email = Trim(stripslashes($_POST[‘Email’]));
$Subject = Trim(stripslashes($_POST[‘Subject’]));
$Comments = Trim(stripslashes($_POST[‘Comments’]));
// validation
if (!$validationOK) {
print “<meta http-equiv=“refresh” content=“0;URL=error.shtml”>”;
exit;
}
// prepare email body text
$Body = “”;
$Body .= “First Name: $FirstName”;
$Body .= $FirstName;
$Body .= “\n”;
$Body .= “Last Name: $LastName”;
$Body .= $LastName;
$Body .= “\n”;
$Body .= “Address: $Address”;
$Body .= $Address;
$Body .= “\n”;
$Body .= “City: $City”;
$Body .= $City;
$Body .= “\n”;
$Body .= “State: $State”;
$Body .= $State;
$Body .= “\n”;
$Body .= “Telephone: $Telephone”;
$Body .= $Telephone;
$Body .= “\n”;
$Body .= “Email: $Email”;
$Body .= $Email;
$Body .= “\n”;
$Body .= “Subject: $Subject”;
$Body .= $Subject;
$Body .= “\n”;
$Body .= “Comments: $Comments”;
$Body .= $Comments;
$Body .= “\n”;
// send email
$success = mail($EmailTo, $FirstName, $LastName, $Address, $City, $State, $Telephone, $Email, $Subject, $Comments, $Body, “From: <$EmailFrom>”);
// redirect to success page
if ($success){
print “<meta http-equiv=“refresh” content=“0;URL=contactthanks.shtml”>”;
}
else{
print “<meta http-equiv=“refresh” content=“0;URL=error.shtml”>”;
}
?> [/php]
…and here’s the recaptchalib.php, not sure about the remote IP part. I’m using the remote IP of the website, which I think is right:
[php]<?php
define(“RECAPTCHA_API_SERVER”, “http://api.recaptcha.net”);
define(“RECAPTCHA_API_SECURE_SERVER”, “https://api-secure.recaptcha.net”);
define(“RECAPTCHA_VERIFY_SERVER”, “api-verify.recaptcha.net”);
/**
-
Encodes the given data into a query string format
-
@param $data - array of string elements to be encoded
-
@return string - encoded request
*/
function _recaptcha_qsencode ($data) {
$req = “”;
foreach ( $data as $key => $value )
$req .= $key . ‘=’ . urlencode( stripslashes($value) ) . ‘&’;// Cut the last '&' $req=substr($req,0,strlen($req)-1); return $req;
}
/**
-
Submits an HTTP POST to a reCAPTCHA server
-
@param string $host
-
@param string $path
-
@param array $data
-
@param int port
-
@return array response
*/
function _recaptcha_http_post($host, $path, $data, $port = 80) {$req = _recaptcha_qsencode ($data); $http_request = "POST $path HTTP/1.0\r\n"; $http_request .= "Host: $host\r\n"; $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n"; $http_request .= "Content-Length: " . strlen($req) . "\r\n"; $http_request .= "User-Agent: reCAPTCHA/PHP\r\n"; $http_request .= "\r\n"; $http_request .= $req; $response = ''; if( false == ( $fs = @fsockopen($host, $port, $errno, $errstr, 10) ) ) { die ('Could not open socket'); } fwrite($fs, $http_request); while ( !feof($fs) ) $response .= fgets($fs, 1160); // One TCP-IP packet fclose($fs); $response = explode("\r\n\r\n", $response, 2); return $response;
}
/**
-
Gets the challenge HTML (javascript and non-javascript version).
-
This is called from the browser, and the resulting reCAPTCHA HTML widget
-
is embedded within the HTML form it was called from.
-
@param string $pubkey A public key for reCAPTCHA
-
@param string $error The error given by reCAPTCHA (optional, default is null)
-
@param boolean $use_ssl Should the request be made over ssl? (optional, default is false)
-
@return string - The HTML to be embedded in the user’s form.
*/
function recaptcha_get_html ($pubkey, $error = null, $use_ssl = false)
{
if ($pubkey == null || $pubkey == ‘’) {
die (“To use reCAPTCHA you must get an API key from http://recaptcha.net/api/getkey”);
}if ($use_ssl) {
$server = RECAPTCHA_API_SECURE_SERVER;
} else {
$server = RECAPTCHA_API_SERVER;
}$errorpart = ""; if ($error) { $errorpart = "&error=" . $error; } return '<script type="text/javascript" src="'. $server . '/challenge?k=' . $pubkey . $errorpart . '"></script>
';
}
/**
- A ReCaptchaResponse is returned from recaptcha_check_answer()
*/
class ReCaptchaResponse {
var $is_valid;
var $error;
}
/**
-
Calls an HTTP POST function to verify if the user’s guess was correct
-
@param string $privkey
-
@param string $remoteip
-
@param string $challenge
-
@param string $response
-
@return ReCaptchaResponse
*/
function recaptcha_check_answer ($privkey, $remoteip, $challenge, $response)
{
if ($privkey == null || $privkey == ‘’) {
die (“To use reCAPTCHA you must get an API key from http://recaptcha.net/api/getkey”);
}if ($remoteip == null || $remoteip == ‘using_remote-ip_of_website_here’) {
die (“For security reasons, you must pass the remote ip to reCAPTCHA”);
}//discard spam submissions if ($challenge == null || strlen($challenge) == 0 || $response == null || strlen($response) == 0) { $recaptcha_response = new ReCaptchaResponse(); $recaptcha_response->is_valid = false; $recaptcha_response->error = 'incorrect-captcha-sol'; return $recaptcha_response; } $response = _recaptcha_http_post (RECAPTCHA_VERIFY_SERVER, "/verify", array ( 'privatekey' => $privkey, 'remoteip' => $remoteip, 'challenge' => $challenge, 'response' => $response ) ); $answers = explode ("\n", $response [1]); $recaptcha_response = new ReCaptchaResponse(); if (trim ($answers [0]) == 'true') { $recaptcha_response->is_valid = true; } else { $recaptcha_response->is_valid = false; $recaptcha_response->error = $answers [1]; } return $recaptcha_response;
}
/**
- gets a URL where the user can sign up for reCAPTCHA. If your application
- has a configuration page where you enter a key, you should provide a link
- using this function.
- @param string $domain The domain where the page is hosted
-
@param string $appname The name of your application
*/
function recaptcha_get_signup_url ($domain = null, $appname = null) {
return "http://recaptcha.net/api/getkey?" . _recaptcha_qsencode (array (‘domain’ => $domain, ‘app’ => $appname));
}
function _recaptcha_aes_pad($val) {
$block_size = 16;
$numpad = $block_size - (strlen ($val) % $block_size);
return str_pad($val, strlen ($val) + $numpad, chr($numpad));
}
/* Mailhide related code */
function _recaptcha_aes_encrypt($val,$ky) {
if (! function_exists (“mcrypt_encrypt”)) {
die (“To use reCAPTCHA Mailhide, you need to have the mcrypt php module installed.”);
}
$mode=MCRYPT_MODE_CBC;
$enc=MCRYPT_RIJNDAEL_128;
$val=_recaptcha_aes_pad($val);
return mcrypt_encrypt($enc, $ky, $val, $mode, “\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0”);
}
function recaptcha_mailhide_urlbase64 ($x) {
return strtr(base64_encode ($x), ‘+/’, '-’);
}
/* gets the reCAPTCHA Mailhide url for a given email, public key and private key */
function recaptcha_mailhide_url($pubkey, $privkey, $email) {
if ($pubkey == ‘’ || $pubkey == null || $privkey == “” || $privkey == null) {
die ("To use reCAPTCHA Mailhide, you have to sign up for a public and private key, " .
“you can do so at http://mailhide.recaptcha.net/apikey”);
}
$ky = pack('H*', $privkey);
$cryptmail = _recaptcha_aes_encrypt ($email, $ky);
return "http://mailhide.recaptcha.net/d?k=" . $pubkey . "&c=" . _recaptcha_mailhide_urlbase64 ($cryptmail);
}
/**
-
gets the parts of the email to expose to the user.
-
eg, given johndoe@example,com return [“john”, “example.com”].
-
the email is then displayed as [email protected]
*/
function _recaptcha_mailhide_email_parts ($email) {
$arr = preg_split("/@/", $email );if (strlen ($arr[0]) <= 4) {
$arr[0] = substr ($arr[0], 0, 1);
} else if (strlen ($arr[0]) <= 6) {
$arr[0] = substr ($arr[0], 0, 3);
} else {
$arr[0] = substr ($arr[0], 0, 4);
}
return $arr;
}
/**
-
Gets html to display an email address given a public an private key.
-
to get a key, go to:
-
http://mailhide.recaptcha.net/apikey
*/
function recaptcha_mailhide_html($pubkey, $privkey, $email) {
$emailparts = _recaptcha_mailhide_email_parts ($email);
$url = recaptcha_mailhide_url ($pubkey, $privkey, $email);return htmlentities($emailparts[0]) . “<a href=’” . htmlentities ($url) .
“’ onclick=“window.open(’” . htmlentities ($url) . “’, ‘’, ‘toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=500,height=300’); return false;” title=“Reveal this e-mail address”>…@” . htmlentities ($emailparts [1]);
}
?>[/php]
I am using a form I got from the web, not sure how valid it is. Any input would be greatly appreciated.
Thanks!