Pur prelevando la mail salvata in un file a parte, incontro lo stesso problema...
Qui tutto il codice...
codice:
<?php
session_start();
//prelevo mail
$fp = fopen("../../../dataForm.txt", "r");
$data = fread($fp, 16);
$my_email =$data;
$errors = '';
$name = '';
$visitor_email = '';
$user_message = '';
fclose($fp);
if(isset($_POST['submit'])) {
$name = $_POST['name'];
$visitor_email = $_POST['email'];
$user_message = $_POST['message'];
///------------Do Validations-------------
if(empty($name)) {
$errors .= "<span style=\"color:red\"> Completa il campo Nome!!! </span>";
}
if(empty($visitor_email)) {
$errors .= "<span style=\"color:red\">\n Completa il campo Mail!!! </span>";
}
if(empty($user_message)) {
$errors .= "<span style=\"color:red\">\n Completa il campo Messaggio!!! </span>";
}
if(IsInjected($visitor_email)) {
$errors .= "<span style=\"color:red\">\n Mail NON valida!!! </span>";
}
if(empty($_SESSION['6_letters_code'] ) || strcasecmp($_SESSION['6_letters_code'], $_POST['6_letters_code']) != 0) {
$errors .= "<span style=\"color:red\">\n Codice captcha incorretto o non inserito!!! </span>";
}
if(empty($errors)) {
//send the email
$to = $my_email;
$subject="Mail da $name";
$from = $visitor_email;
$ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
$body ="$user_message\n".
"\nIP: $ip\n";
$headers = "From: $from \r\n";
$headers .= "Reply-To: $visitor_email \r\n";
$sent= mail($to, $subject, $body,$headers);
if($sent) {
echo '<script type="text/javascript">document.location.href="thanks.html";</script>';
} else echo "Invio non riuscito";
}
}
// Function to validate against any email injection attempts
function IsInjected($str){
$injections = array('(\n+)',
'(\r+)',
'(\t+)',
'(%0A+)',
'(%0D+)',
'(%08+)',
'(%09+)'
);
$inject = join('|', $injections);
$inject = "/$inject/i";
if(preg_match($inject,$str)) {
return true;
} else {
return false;
}
}
?>
Codice del form:
codice:
<?php
if(!empty($errors)){
echo "<p class='err'> ".nl2br($errors)."</p>";
}
?>
<div id='contact_form_errorloc' class='err'></div>
<form class="formMail" method="POST" name="contact_form" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>">
<p>
<label for='name'>Nome: </label><br>
<input type="text" placeholder="John Doe" name="name" value='<?php echo htmlentities($name) ?>'>
</p>
<p>
<label for='email'>Email: </label><br>
<input type="text" placeholder="mail@example.com" name="email" value='<?php echo htmlentities($visitor_email) ?>'>
</p>
<p>
<label for='message'>Messaggio:</label> <br>
<textarea name="message" placeholder="Write something to us" rows=8 cols=30><?php echo htmlentities($user_message) ?></textarea>
</p>
<p>
<img src="../../captcha_code_file.php?rand=<?php echo rand(); ?>" id='captchaimg' ><br>
<label for='message'>Inserisci il codice captcha:</label><br>
<input id="6_letters_code" name="6_letters_code" type="text"><br>
<small>Impossibile leggere l'immagine? Clicca <a href='javascript: refreshCaptcha();'>QUI</a> per aggiornare</small>
</p>
<input type="submit" value="Submit" name='submit'>
</form>
Ulteriori controlli:
codice:
<script language="JavaScript">
var frmvalidator = new Validator("contact_form");
frmvalidator.addValidation("name","req","Inserisci il tuo Nome");
frmvalidator.addValidation("email","req","Inserisci la tua Mail");
frmvalidator.addValidation("email","email","Inserisci una Mail Valida");
</script>
<script language='JavaScript' type='text/javascript'>
function refreshCaptcha(){
var img = document.images['captchaimg'];
img.src = img.src.substring(0,img.src.lastIndexOf("?"))+"?rand="+Math.random()*1000;
}
</script>